diff options
| author | Luke Leighton <lkcl@samba.org> | 1998-11-30 15:08:58 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1998-11-30 15:08:58 +0000 |
| commit | 31044dd8e6419b305779408a4b3b0fbd8eab11b5 (patch) | |
| tree | 1ed17e61bd4e31ab70454e989a5736f48fbf8262 /source3/passdb/smbpassgroupunix.c | |
| parent | 868b22f5a1b5c9fec82d8c07f93ec0e7d05f23ac (diff) | |
| download | samba-31044dd8e6419b305779408a4b3b0fbd8eab11b5.tar.gz samba-31044dd8e6419b305779408a4b3b0fbd8eab11b5.tar.bz2 samba-31044dd8e6419b305779408a4b3b0fbd8eab11b5.zip | |
- adding builtin[alias]db.
- lib/sids.c:
generate_sam_sid() modified to take a domain name: it now
generates "DOMAIN_NAME.SID". reasons:
1) if you run multiple samba servers on the same machine
under different netbios names as members of a domain,
they won't all use the same SID, which is a _big_ mistake
but it would happen _by default_.
2) we have (had) a problem with sid_to_string() and string_to_sid()
which cause SIDs to be incorrectly read. one of the major
reasons for *NOT* making this change was so as not to disrupt
existing users. but as they will be anyway by this bug,
we might as well go ahead.
- passdb/smbpass.c:
wanted to change the meaning of the name in the smbpasswd
file to an "nt" name not a "unix" name. this is probably
not a good idea: reverted this.
- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
Diffstat (limited to 'source3/passdb/smbpassgroupunix.c')
| -rw-r--r-- | source3/passdb/smbpassgroupunix.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/source3/passdb/smbpassgroupunix.c b/source3/passdb/smbpassgroupunix.c index 26c6d6ff13..38f9cdf2e4 100644 --- a/source3/passdb/smbpassgroupunix.c +++ b/source3/passdb/smbpassgroupunix.c @@ -107,6 +107,7 @@ static struct smb_passwd *getsmbunixgrpent(void *vp, if (als_rids == NULL && grp_rids == NULL) { + /* they didn't want to know the members. */ return pwdb_sam_to_smb(pw_buf); } @@ -131,6 +132,17 @@ static struct smb_passwd *getsmbunixgrpent(void *vp, * find the unix name for each user's group. * assume the unix group is an nt name (alias? group? user?) * (user or not our own domain will be an error). + * + * oh, oh, can anyone spot what's missing heeere? + * you guessed it: built-in aliases. those are in + * Domain S-1-5-20, and NT Domain Users can only + * have lists of RIDs as groups. + * + * doesn't stop you making NT Domain Users a member + * of a BUILTIN Alias (e.g "Administrators" or "Power Users") + * it's just that there's no way to tell that from this + * API call: wrong domain, sorry. + * */ DOM_NAME_MAP gmep; |