diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-01-18 02:37:55 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-18 02:37:55 +0000 |
| commit | 1fb9ccc4e2a91bf7124fba076ffa5458a1cbf404 (patch) | |
| tree | e62b44816d89c4b8ad6ce5ccaf3050afc148ce20 /source3/nsswitch/winbindd_util.c | |
| parent | 9d05373a767cef2e841640f192e74da37fbb099f (diff) | |
| download | samba-1fb9ccc4e2a91bf7124fba076ffa5458a1cbf404.tar.gz samba-1fb9ccc4e2a91bf7124fba076ffa5458a1cbf404.tar.bz2 samba-1fb9ccc4e2a91bf7124fba076ffa5458a1cbf404.zip | |
This is the 'winbind default domain' patch from Alexander Bokovoy
<a.bokovoy@sam-solutions.net>.
The idea is the domain\username is rather harsh for unix systems - people don't
expect to have to FTP, SSH and (in particular) e-mail with a username like
that.
This 'corrects' that - but is not without its own problems.
As you can see from the changes to files like username.c and wb_client.c (smbd's
winbind client code) a lot of assumptions are made in a lot of places about
lp_winbind_seperator determining a users's status as a domain or local user.
The main change I will shortly be making is to investigate and kill off
winbind_initgroups() - as far as I know it was a workaround for an old bug in
winbind itself (and a bug in RH 5.2) and should no longer be relevent.
I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters
to determine a user/groups's 'local' status, rather than the presence of the
seperator.
As such, this functionality is recommended for servers providing unix services,
but is currently less than optimal for windows clients.
(TODO: remove all references to lp_winbind_seperator() and
lp_winbind_use_default_domain() from smbd)
Andrew Bartlett
(This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4)
Diffstat (limited to 'source3/nsswitch/winbindd_util.c')
| -rw-r--r-- | source3/nsswitch/winbindd_util.c | 56 |
1 files changed, 52 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index f90e89c23f..640b581ce3 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -348,17 +348,65 @@ BOOL check_domain_env(char *domain_env, char *domain) } /* Parse a string of the form DOMAIN/user into a domain and a user */ +extern fstring global_myworkgroup; BOOL parse_domain_user(const char *domuser, fstring domain, fstring user) { char *p = strchr(domuser,*lp_winbind_separator()); - if (!p) + if (!(p || lp_winbind_use_default_domain())) return False; - fstrcpy(user, p+1); - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; + if(!p && lp_winbind_use_default_domain()) { + fstrcpy(user, domuser); + fstrcpy(domain, global_myworkgroup); + } else { + fstrcpy(user, p+1); + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + } strupper(domain); return True; } + +/* + Strip domain name if it is same as default domain name and + winbind use default domain = true + + it assumes that name is actually fstring so that memory management + isn't needed. +*/ +void strip_domain_name_if_needed(fstring *name) +{ + if(lp_winbind_use_default_domain()) { + char *sep = lp_winbind_separator(); + char *new_name = strchr(*name, *sep); + if(new_name) { + *new_name = 0; + if (!strcmp(global_myworkgroup, *name)) { + new_name++; + safe_strcpy(*name, new_name, sizeof(fstring)); + } else *new_name = *sep; + } + } +} + +/* + Fill DOMAIN\\USERNAME entry accounting 'winbind use default domain' and + 'winbind separator' options. + This means: + - omit DOMAIN when 'winbind use default domain = true' and DOMAIN is + global_myworkgroup + +*/ +void fill_domain_username(fstring name, const char *domain, const char *user) +{ + if(lp_winbind_use_default_domain() && + !strcmp(global_myworkgroup, domain)) { + strlcpy(name, user, sizeof(fstring)); + } else { + slprintf(name, sizeof(fstring) - 1, "%s%s%s", + domain, lp_winbind_separator(), + user); + } +} |