This is a nice rewrite:

SAM_ACCOUNT does not have anymore uid and gid fields
all the code that used them has been fixed to use the proper idmap calls

fix to idmap_tdb for first time idmap.tdb initialization.

auth_serversupplied_info structure has now an uid and gid field

few other fixes to make the system behave correctly with idmap

tested only with tdbsam, but smbpasswd and nisplus should be ok

have not tested ldap !
(This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)

1 files changed, 14 insertions, 7 deletions

diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index 9e75efccf4..8fbef1fbf7 100644
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -295,14 +295,21 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 
         retval = smb_update_db(pamh, ctrl, user, pass_new);
         if (retval == PAM_SUCCESS) {
+	    uid_t uid;
+	    
             /* password updated */
-            _log_err( LOG_NOTICE, "password for (%s/%d) changed by (%s/%d)"
-                      , user, pdb_get_uid(sampass), uidtoname( getuid() )
-                      , getuid() );
-        } else {
-            _log_err( LOG_ERR, "password change failed for user %s"
-                      , user );
-        }
+		if (!sid_to_uid(sampass, &uid)) {
+			_log_err( LOG_NOTICE "Unable to get uid for user %s",
+				pdb_get_username(sampass));
+			_log_err( LOG_NOTICE, "password for (%s) changed by (%s/%d)",
+				user, uidtoname(getuid()), getuid());
+		} else {
+			_log_err( LOG_NOTICE, "password for (%s/%d) changed by (%s/%d)",
+				user, uid, uidtoname(getuid()), getuid());
+		}
+	} else {
+		_log_err( LOG_ERR, "password change failed for user %s", user);
+	}
 
         pass_old = pass_new = NULL;
 	if (sampass) {