diff options
author | Andrew Tridgell <tridge@samba.org> | 2001-12-03 08:17:46 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2001-12-03 08:17:46 +0000 |
commit | c868fe502bb9ea2b5c5452a49f89ec19ab58f2ba (patch) | |
tree | 86edb9b1c7ecf32553539a22e1bd232c99358845 /source3/nsswitch | |
parent | b6b84cf7099c3b2cee777cf9514b3e6665a4025f (diff) | |
download | samba-c868fe502bb9ea2b5c5452a49f89ec19ab58f2ba.tar.gz samba-c868fe502bb9ea2b5c5452a49f89ec19ab58f2ba.tar.bz2 samba-c868fe502bb9ea2b5c5452a49f89ec19ab58f2ba.zip |
added name_to_sid to the backend
(This used to be commit 816e40a51af80a7f703c0451304de406deab3dd8)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r-- | source3/nsswitch/wb_client.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd.h | 5 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_ads.c | 78 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cache.c | 20 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_proto.h | 30 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 35 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_sid.c | 11 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_user.c | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 110 |
10 files changed, 186 insertions, 111 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c index 92fdd62b15..cfb90e2497 100644 --- a/source3/nsswitch/wb_client.c +++ b/source3/nsswitch/wb_client.c @@ -32,7 +32,7 @@ NSS_STATUS winbindd_request(int req_type, /* Copy of parse_domain_user from winbindd_util.c. Parse a string of the form DOMAIN/user into a domain and a user */ -static void parse_domain_user(char *domuser, fstring domain, fstring user) +static void parse_domain_user(const char *domuser, fstring domain, fstring user) { char *p = strchr(domuser,*lp_winbind_separator()); diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index 9de23b986d..1256736763 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -98,6 +98,11 @@ struct winbindd_methods { TALLOC_CTX *mem_ctx, uint32 *start_ndx, uint32 *num_entries, struct acct_info **info); + + NTSTATUS (*name_to_sid)(struct winbindd_domain *domain, + const char *name, + DOM_SID *sid, + enum SID_NAME_USE *type); }; /* Structures to hold per domain information */ diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index c728f9659c..d54f1d9391 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -170,7 +170,7 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, if (!ads_pull_uint32(ads, msg, "sAMAccountType", &account_type) || - !(account_type & ATYPE_NORMAL_GROUP)) continue; + !(account_type & ATYPE_GROUP)) continue; name = ads_pull_string(ads, mem_ctx, msg, "sAMAccountName"); gecos = ads_pull_string(ads, mem_ctx, msg, "name"); @@ -198,10 +198,84 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, } +/* convert a single name to a sid in a domain */ +static NTSTATUS name_to_sid(struct winbindd_domain *domain, + const char *name, + DOM_SID *sid, + enum SID_NAME_USE *type) +{ + ADS_STRUCT *ads; + const char *attrs[] = {"objectSid", "sAMAccountType", NULL}; + int rc, count; + void *res; + char *exp; + uint32 t; + fstring name2, dom2; + + /* sigh. Need to fix interface to give us a raw name */ + parse_domain_user(name, dom2, name2); + + DEBUG(3,("ads: name_to_sid\n")); + + ads = ads_init(NULL, NULL, NULL); + if (!ads) { + DEBUG(1,("ads_init failed\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + rc = ads_connect(ads); + if (rc) { + DEBUG(1,("name_to_sid ads_connect: %s\n", ads_errstr(rc))); + return NT_STATUS_UNSUCCESSFUL; + } + + asprintf(&exp, "(sAMAccountName=%s)", name2); + rc = ads_search(ads, &res, exp, attrs); + free(exp); + if (rc) { + DEBUG(1,("name_to_sid ads_search: %s\n", ads_errstr(rc))); + return NT_STATUS_UNSUCCESSFUL; + } + + count = ads_count_replies(ads, res); + if (count != 1) { + DEBUG(1,("name_to_sid: %s not found\n", name)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!ads_pull_sid(ads, res, "objectSid", sid)) { + DEBUG(1,("No sid for %s !?\n", name)); + return NT_STATUS_UNSUCCESSFUL; + } + + if (!ads_pull_uint32(ads, res, "sAMAccountType", &t)) { + DEBUG(1,("No sAMAccountType for %s !?\n", name)); + return NT_STATUS_UNSUCCESSFUL; + } + + switch (t & 0xF0000000) { + case ATYPE_GROUP: + *type = SID_NAME_DOM_GRP; + break; + case ATYPE_USER: + *type = SID_NAME_USER; + break; + default: + DEBUG(1,("hmm, need to map account type 0x%x\n", t)); + *type = SID_NAME_UNKNOWN; + break; + } + + ads_destroy(&ads); + + return NT_STATUS_OK; +} + /* the rpc backend methods are exposed via this structure */ struct winbindd_methods ads_methods = { query_dispinfo, - enum_dom_groups + enum_dom_groups, + name_to_sid }; #endif diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 8ad5bc2e7d..24a2118fb1 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -150,7 +150,7 @@ static BOOL cache_domain_expired(struct winbindd_domain *domain, } static void set_cache_sequence_number(struct winbindd_domain *domain, - char *cache_type, char *subkey) + const char *cache_type, const char *subkey) { fstring keystr; @@ -161,7 +161,7 @@ static void set_cache_sequence_number(struct winbindd_domain *domain, } static uint32 get_cache_sequence_number(struct winbindd_domain *domain, - char *cache_type, char *subkey) + const char *cache_type, const char *subkey) { fstring keystr; uint32 seq_num; @@ -178,7 +178,7 @@ static uint32 get_cache_sequence_number(struct winbindd_domain *domain, /* Fill the user or group cache with supplied data */ -static void store_cache(struct winbindd_domain *domain, char *cache_type, +static void store_cache(struct winbindd_domain *domain, const char *cache_type, void *sam_entries, int buflen) { fstring keystr; @@ -229,8 +229,8 @@ void winbindd_store_group_cache(struct winbindd_domain *domain, num_sam_entries * sizeof(struct acct_info)); } -static void store_cache_entry(struct winbindd_domain *domain, char *cache_type, - char *name, void *buf, int len) +static void store_cache_entry(struct winbindd_domain *domain, const char *cache_type, + const char *name, void *buf, int len) { fstring keystr; @@ -261,13 +261,13 @@ void winbindd_store_name_cache_entry(struct winbindd_domain *domain, /* Fill a SID cache entry */ void winbindd_store_sid_cache_entry(struct winbindd_domain *domain, - char *name, struct winbindd_sid *sid) + const char *name, struct winbindd_sid *sid) { if (lp_winbind_cache_time() == 0) return; store_cache_entry(domain, CACHE_TYPE_SID, name, sid, - sizeof(struct winbindd_sid)); + sizeof(struct winbindd_sid)); set_cache_sequence_number(domain, CACHE_TYPE_SID, name); } @@ -451,7 +451,8 @@ BOOL winbindd_fetch_group_cache(struct winbindd_domain *domain, } static BOOL fetch_cache_entry(struct winbindd_domain *domain, - char *cache_type, char *name, void *buf, int len) + const char *cache_type, + const char *name, void *buf, int len) { TDB_DATA data; fstring keystr; @@ -476,9 +477,8 @@ static BOOL fetch_cache_entry(struct winbindd_domain *domain, } /* Fetch an individual SID cache entry */ - BOOL winbindd_fetch_sid_cache_entry(struct winbindd_domain *domain, - char *name, struct winbindd_sid *sid) + const char *name, struct winbindd_sid *sid) { uint32 seq_num; diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index a183f25926..f71cdb7ece 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -247,7 +247,7 @@ enum winbindd_result winbindd_getgrnam_from_group(struct winbindd_cli_state *sta /* Get rid and name type from name */ - if (!winbindd_lookup_sid_by_name(name, &group_sid, &name_type)) { + if (!winbindd_lookup_sid_by_name(domain, name, &group_sid, &name_type)) { DEBUG(1, ("group %s in domain %s does not exist\n", name_group, name_domain)); @@ -955,7 +955,7 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) /* Get rid and name type from name. The following costs 1 packet */ - if (!winbindd_lookup_sid_by_name(name, &user_sid, &name_type)) { + if (!winbindd_lookup_sid_by_name(domain, name, &user_sid, &name_type)) { DEBUG(1, ("user '%s' does not exist\n", name_user)); goto done; } diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h index 8c71e70dc2..923ee2450e 100644 --- a/source3/nsswitch/winbindd_proto.h +++ b/source3/nsswitch/winbindd_proto.h @@ -7,6 +7,9 @@ int main(int argc, char **argv); +/* The following definitions come from nsswitch/winbindd_ads.c */ + + /* The following definitions come from nsswitch/winbindd_cache.c */ void winbindd_cache_init(void); @@ -19,7 +22,7 @@ void winbindd_store_group_cache(struct winbindd_domain *domain, void winbindd_store_name_cache_entry(struct winbindd_domain *domain, char *sid, struct winbindd_name *name); void winbindd_store_sid_cache_entry(struct winbindd_domain *domain, - char *name, struct winbindd_sid *sid); + const char *name, struct winbindd_sid *sid); void winbindd_store_user_cache_entry(struct winbindd_domain *domain, char *user_name, struct winbindd_pw *pw); void winbindd_store_uid_cache_entry(struct winbindd_domain *domain, uid_t uid, @@ -37,7 +40,7 @@ BOOL winbindd_fetch_group_cache(struct winbindd_domain *domain, struct acct_info **sam_entries, int *num_entries); BOOL winbindd_fetch_sid_cache_entry(struct winbindd_domain *domain, - char *name, struct winbindd_sid *sid); + const char *name, struct winbindd_sid *sid); BOOL winbindd_fetch_name_cache_entry(struct winbindd_domain *domain, char *sid, struct winbindd_name *name); BOOL winbindd_fetch_user_cache_entry(struct winbindd_domain *domain, @@ -59,17 +62,16 @@ CLI_POLICY_HND *cm_get_lsa_handle(char *domain); CLI_POLICY_HND *cm_get_sam_handle(char *domain); CLI_POLICY_HND *cm_get_sam_dom_handle(char *domain, DOM_SID *domain_sid); CLI_POLICY_HND *cm_get_sam_user_handle(char *domain, DOM_SID *domain_sid, - uint32 user_rid); + uint32 user_rid); CLI_POLICY_HND *cm_get_sam_group_handle(char *domain, DOM_SID *domain_sid, - uint32 group_rid); + uint32 group_rid); NTSTATUS cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd, - struct cli_state **cli); + struct cli_state **cli); void winbindd_cm_status(void); /* The following definitions come from nsswitch/winbindd_group.c */ -enum winbindd_result winbindd_getgrnam_from_group(struct winbindd_cli_state - *state); +enum winbindd_result winbindd_getgrnam_from_group(struct winbindd_cli_state *state); enum winbindd_result winbindd_getgrnam_from_gid(struct winbindd_cli_state *state); enum winbindd_result winbindd_setgrent(struct winbindd_cli_state *state); @@ -105,6 +107,9 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) ; enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) ; enum winbindd_result winbindd_pam_chauthtok(struct winbindd_cli_state *state); +/* The following definitions come from nsswitch/winbindd_rpc.c */ + + /* The following definitions come from nsswitch/winbindd_sid.c */ enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state); @@ -116,10 +121,8 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state); /* The following definitions come from nsswitch/winbindd_user.c */ -enum winbindd_result winbindd_getpwnam_from_user(struct winbindd_cli_state - *state) ; -enum winbindd_result winbindd_getpwnam_from_uid(struct winbindd_cli_state - *state); +enum winbindd_result winbindd_getpwnam_from_user(struct winbindd_cli_state *state) ; +enum winbindd_result winbindd_getpwnam_from_uid(struct winbindd_cli_state *state); enum winbindd_result winbindd_setpwent(struct winbindd_cli_state *state); enum winbindd_result winbindd_endpwent(struct winbindd_cli_state *state); enum winbindd_result winbindd_getpwent(struct winbindd_cli_state *state); @@ -132,7 +135,8 @@ struct winbindd_domain *find_domain_from_sid(DOM_SID *sid); BOOL get_domain_info(void); void free_domain_info(void); BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain); -BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *type); +BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, + const char *name, DOM_SID *sid, enum SID_NAME_USE *type); BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name, enum SID_NAME_USE *type); @@ -151,5 +155,5 @@ BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain, void free_getent_state(struct getent_state *state); BOOL winbindd_param_init(void); BOOL check_domain_env(char *domain_env, char *domain); -void parse_domain_user(char *domuser, fstring domain, fstring user); +void parse_domain_user(const char *domuser, fstring domain, fstring user); #endif /* _PROTO_H_ */ diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index ba428c5aed..fe2540f33d 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -121,10 +121,43 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain, return status; } +/* convert a single name to a sid in a domain */ +static NTSTATUS name_to_sid(struct winbindd_domain *domain, + const char *name, + DOM_SID *sid, + enum SID_NAME_USE *type) +{ + TALLOC_CTX *mem_ctx; + CLI_POLICY_HND *hnd; + NTSTATUS status; + DOM_SID *sids = NULL; + uint32 *types = NULL; + int num_sids; + + if (!(mem_ctx = talloc_init())) + return NT_STATUS_NO_MEMORY; + + if (!(hnd = cm_get_lsa_handle(domain->name))) + return NT_STATUS_UNSUCCESSFUL; + + status = cli_lsa_lookup_names(hnd->cli, mem_ctx, &hnd->pol, 1, &name, + &sids, &types, &num_sids); + + /* Return rid and type if lookup successful */ + if (NT_STATUS_IS_OK(status)) { + sid_copy(sid, &sids[0]); + *type = types[0]; + } + + talloc_destroy(mem_ctx); + return status; +} + /* the rpc backend methods are exposed via this structure */ struct winbindd_methods msrpc_methods = { query_dispinfo, - enum_dom_groups + enum_dom_groups, + name_to_sid }; diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c index bc014f2691..07537b82fa 100644 --- a/source3/nsswitch/winbindd_sid.c +++ b/source3/nsswitch/winbindd_sid.c @@ -70,7 +70,7 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) enum SID_NAME_USE type; fstring sid_str, name_domain, name_user, name; DOM_SID sid; - + struct winbindd_domain *domain; DEBUG(3, ("[%5d]: lookupname %s\n", state->pid, state->request.data.name)); @@ -78,9 +78,14 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) snprintf(name, sizeof(name), "%s\\%s", name_domain, name_user); - /* Lookup name from PDC using lsa_lookup_names() */ + if ((domain = find_domain_from_name(name_domain)) == NULL) { + DEBUG(0, ("could not find domain entry for domain %s\n", + name_domain)); + return WINBINDD_ERROR; + } - if (!winbindd_lookup_sid_by_name(name, &sid, &type)) { + /* Lookup name from PDC using lsa_lookup_names() */ + if (!winbindd_lookup_sid_by_name(domain, name, &sid, &type)) { return WINBINDD_ERROR; } diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index 2cc64cb565..5a4dd82d78 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -140,7 +140,7 @@ enum winbindd_result winbindd_getpwnam_from_user(struct winbindd_cli_state *stat /* Get rid and name type from name */ - if (!winbindd_lookup_sid_by_name(name, &user_sid, &name_type)) { + if (!winbindd_lookup_sid_by_name(domain, name, &user_sid, &name_type)) { DEBUG(1, ("user '%s' does not exist\n", name_user)); winbindd_store_user_cache_entry(domain, name_user, &negative_pw_cache_entry); return WINBINDD_ERROR; diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 50cc76f1e9..c18e0deda3 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -283,22 +283,12 @@ BOOL lookup_domain_sid(char *domain_name, struct winbindd_domain *domain) /* Store a SID in a domain indexed by name in the cache. */ -static void store_sid_by_name_in_cache(fstring name, DOM_SID *sid, enum SID_NAME_USE type) +static void store_sid_by_name_in_cache(struct winbindd_domain *domain, + const char *name, + DOM_SID *sid, enum SID_NAME_USE type) { - fstring domain_str; - char *p; struct winbindd_sid sid_val; - struct winbindd_domain *domain; - - /* Get name from domain. */ - fstrcpy( domain_str, name); - p = strchr(domain_str, '\\'); - if (p) - *p = '\0'; - - if ((domain = find_domain_from_name(domain_str)) == NULL) - return; - + sid_to_string(sid_val.sid, sid); sid_val.type = (int)type; @@ -310,21 +300,11 @@ static void store_sid_by_name_in_cache(fstring name, DOM_SID *sid, enum SID_NAME /* Lookup a SID in a domain indexed by name in the cache. */ -static BOOL winbindd_lookup_sid_by_name_in_cache(fstring name, DOM_SID *sid, enum SID_NAME_USE *type) +static BOOL winbindd_lookup_sid_by_name_in_cache(struct winbindd_domain *domain, + const char *name, + DOM_SID *sid, enum SID_NAME_USE *type) { - fstring domain_str; - char *p; struct winbindd_sid sid_ret; - struct winbindd_domain *domain; - - /* Get name from domain. */ - fstrcpy( domain_str, name); - p = strchr(domain_str, '\\'); - if (p) - *p = '\0'; - - if ((domain = find_domain_from_name(domain_str)) == NULL) - return False; if (!winbindd_fetch_sid_cache_entry(domain, name, &sid_ret)) return False; @@ -340,23 +320,21 @@ static BOOL winbindd_lookup_sid_by_name_in_cache(fstring name, DOM_SID *sid, enu /* Store a name in a domain indexed by SID in the cache. */ -static void store_name_by_sid_in_cache(DOM_SID *sid, fstring name, enum SID_NAME_USE type) +static void store_name_by_sid_in_cache(struct winbindd_domain *domain, + DOM_SID *sid, + const char *name, enum SID_NAME_USE type) { fstring sid_str; uint32 rid; DOM_SID domain_sid; struct winbindd_name name_val; - struct winbindd_domain *domain; /* Split sid into domain sid and user rid */ sid_copy(&domain_sid, sid); sid_split_rid(&domain_sid, &rid); - if ((domain = find_domain_from_sid(&domain_sid)) == NULL) - return; - sid_to_string(sid_str, sid); - fstrcpy( name_val.name, name ); + fstrcpy(name_val.name, name ); name_val.type = (int)type; DEBUG(10,("store_name_by_sid_in_cache: storing cache entry SID %s -> %s\n", @@ -398,15 +376,10 @@ static BOOL winbindd_lookup_name_by_sid_in_cache(DOM_SID *sid, fstring name, enu /* Lookup a sid in a domain from a name */ -BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *type) +BOOL winbindd_lookup_sid_by_name(struct winbindd_domain *domain, + const char *name, DOM_SID *sid, enum SID_NAME_USE *type) { - int num_sids = 0, num_names = 1; - DOM_SID *sids = NULL; - uint32 *types = NULL; - CLI_POLICY_HND *hnd; NTSTATUS result; - TALLOC_CTX *mem_ctx; - BOOL rv = False; /* Don't bother with machine accounts */ @@ -414,55 +387,29 @@ BOOL winbindd_lookup_sid_by_name(char *name, DOM_SID *sid, enum SID_NAME_USE *ty return False; /* First check cache. */ - if (winbindd_lookup_sid_by_name_in_cache(name, sid, type)) { + if (winbindd_lookup_sid_by_name_in_cache(domain, name, sid, type)) { if (*type == SID_NAME_USE_NONE) return False; /* Negative cache hit. */ return True; } /* Lookup name */ - - if (!(mem_ctx = talloc_init())) - return False; - - if (!(hnd = cm_get_lsa_handle(lp_workgroup()))) - goto done; - - result = cli_lsa_lookup_names(hnd->cli, mem_ctx, &hnd->pol, - num_names, (char **)&name, &sids, - &types, &num_sids); + result = domain->methods->name_to_sid(domain, name, sid, type); /* Return rid and type if lookup successful */ - if (NT_STATUS_IS_OK(result)) { - - /* Return sid */ - - if ((sid != NULL) && (sids != NULL)) - sid_copy(sid, &sids[0]); - - /* Return name type */ - - if ((type != NULL) && (types != NULL)) - *type = types[0]; - - /* Store the forward and reverse map of this lookup in the cache. */ - store_sid_by_name_in_cache(name, &sids[0], types[0]); - store_name_by_sid_in_cache(&sids[0], name, types[0]); + store_sid_by_name_in_cache(domain, name, sid, *type); + store_name_by_sid_in_cache(domain, sid, name, *type); } else { - /* JRA. Here's where we add the -ve cache store with a name type of SID_NAME_USE_NONE. */ + /* JRA. Here's where we add the -ve cache store with a + name type of SID_NAME_USE_NONE. */ DOM_SID nullsid; ZERO_STRUCT(nullsid); - store_sid_by_name_in_cache(name, &nullsid, SID_NAME_USE_NONE); + store_sid_by_name_in_cache(domain, name, &nullsid, SID_NAME_USE_NONE); *type = SID_NAME_UNKNOWN; } - rv = NT_STATUS_IS_OK(result); - - done: - talloc_destroy(mem_ctx); - - return rv; + return NT_STATUS_IS_OK(result); } /** @@ -489,6 +436,7 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, NTSTATUS result; TALLOC_CTX *mem_ctx; BOOL rv = False; + struct winbindd_domain *domain; /* First check cache. */ if (winbindd_lookup_name_by_sid_in_cache(sid, name, type)) { @@ -500,6 +448,12 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, return True; } + domain = find_domain_from_sid(sid); + if (!domain) { + DEBUG(1,("Can't find domain from sid\n")); + return False; + } + /* Lookup name */ if (!(mem_ctx = talloc_init())) @@ -526,13 +480,13 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, if ((type != NULL) && (types != NULL)) *type = types[0]; - store_sid_by_name_in_cache(names[0], sid, types[0]); - store_name_by_sid_in_cache(sid, names[0], types[0]); + store_sid_by_name_in_cache(domain, names[0], sid, types[0]); + store_name_by_sid_in_cache(domain, sid, names[0], types[0]); } else { /* OK, so we tried to look up a name in this sid, and * didn't find it. Therefore add a negative cache * entry. */ - store_name_by_sid_in_cache(sid, "", SID_NAME_USE_NONE); + store_name_by_sid_in_cache(domain, sid, "", SID_NAME_USE_NONE); *type = SID_NAME_UNKNOWN; fstrcpy(name, name_deadbeef); } @@ -817,7 +771,7 @@ BOOL check_domain_env(char *domain_env, char *domain) /* Parse a string of the form DOMAIN/user into a domain and a user */ -void parse_domain_user(char *domuser, fstring domain, fstring user) +void parse_domain_user(const char *domuser, fstring domain, fstring user) { char *p; char *sep = lp_winbind_separator(); |