summaryrefslogtreecommitdiff
path: root/source3/nsswitch
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2007-05-21 21:33:51 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:22:17 -0500
commitf96242d9331a5fcdc65445d0d0ea7177c7ddc6e0 (patch)
tree0780ac0c2d2170b4ee41be926f08377704d5411c /source3/nsswitch
parent9826a0074a6494141f669cc2cc9c5973089e6e64 (diff)
downloadsamba-f96242d9331a5fcdc65445d0d0ea7177c7ddc6e0.tar.gz
samba-f96242d9331a5fcdc65445d0d0ea7177c7ddc6e0.tar.bz2
samba-f96242d9331a5fcdc65445d0d0ea7177c7ddc6e0.zip
r23054: Move the check for the lookup_domain of S-1-22-{1,2} before the
check for IS_DC. Otherwise we will for example fail to lookup a sid of S-1-22-1-780 because it has no valid struct winbindd_domain* in the list. Thanks to Simo for the catch. (This used to be commit f53aa56998411b90de238e12e9c3de7f2ff0d2b6)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r--source3/nsswitch/winbindd_util.c35
1 files changed, 17 insertions, 18 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index e05f698ee8..13971be8b7 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -902,6 +902,16 @@ struct winbindd_domain *find_builtin_domain(void)
struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
{
+ /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
+
+ if ( sid_check_is_in_unix_groups(sid) ||
+ sid_check_is_unix_groups(sid) ||
+ sid_check_is_in_unix_users(sid) ||
+ sid_check_is_unix_users(sid) )
+ {
+ return find_domain_from_sid(get_global_sam_sid());
+ }
+
/* A DC can't ask the local smbd for remote SIDs, here winbindd is the
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
@@ -912,18 +922,7 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
- }
-
- /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
-
- if ( sid_check_is_in_unix_groups(sid) ||
- sid_check_is_unix_groups(sid) ||
- sid_check_is_in_unix_users(sid) ||
- sid_check_is_unix_users(sid) )
- {
- return find_domain_from_sid(get_global_sam_sid());
- }
-
+ }
/* On a member server a query for SID or name can always go to our
* primary DC. */
@@ -934,18 +933,18 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
{
- if (IS_DC || strequal(domain_name, "BUILTIN") ||
- strequal(domain_name, get_global_sam_name()))
- return find_domain_from_name_noinit(domain_name);
-
- /* The "Unix User" and "Unix Group" domain our handled by passdb */
-
if ( strequal(domain_name, unix_users_domain_name() ) ||
strequal(domain_name, unix_groups_domain_name() ) )
{
return find_domain_from_name_noinit( get_global_sam_name() );
}
+ if (IS_DC || strequal(domain_name, "BUILTIN") ||
+ strequal(domain_name, get_global_sam_name()))
+ return find_domain_from_name_noinit(domain_name);
+
+ /* The "Unix User" and "Unix Group" domain our handled by passdb */
+
return find_our_domain();
}