summaryrefslogtreecommitdiff
path: root/source3/passdb
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-03-02 18:33:43 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:10:54 -0500
commit30675b36f5e6072fbc4f93270c846e0c5d764254 (patch)
tree93d061bcb93a2e50313d0774fb724bff736fc934 /source3/passdb
parent1b456f2894fc663a9b6edbc51fe1b107ede196d8 (diff)
downloadsamba-30675b36f5e6072fbc4f93270c846e0c5d764254.tar.gz
samba-30675b36f5e6072fbc4f93270c846e0c5d764254.tar.bz2
samba-30675b36f5e6072fbc4f93270c846e0c5d764254.zip
r13791: Having S-1-1-0 show up in winbind lookupsid does not really make sense.
Volker (This used to be commit ae9614ce019e25fb29dad8429d93f3140c2f84ad)
Diffstat (limited to 'source3/passdb')
-rw-r--r--source3/passdb/lookup_sid.c10
-rw-r--r--source3/passdb/util_wellknown.c11
2 files changed, 18 insertions, 3 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 3d1805525a..942d277178 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1191,9 +1191,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
goto done;
}
- if (sid_check_is_in_builtin(psid) && pdb_getgrsid(&map, *psid)) {
- *pgid = map.gid;
- goto done;
+ if ((sid_check_is_in_builtin(psid) ||
+ sid_check_is_in_wellknown_domain(psid))) {
+ if (pdb_getgrsid(&map, *psid)) {
+ *pgid = map.gid;
+ goto done;
+ }
+ return False;
}
if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c
index be3cf37446..9a6fa7def5 100644
--- a/source3/passdb/util_wellknown.c
+++ b/source3/passdb/util_wellknown.c
@@ -85,6 +85,17 @@ BOOL sid_check_is_wellknown_domain(const DOM_SID *sid, const char **name)
return False;
}
+BOOL sid_check_is_in_wellknown_domain(const DOM_SID *sid)
+{
+ DOM_SID dom_sid;
+ uint32 rid;
+
+ sid_copy(&dom_sid, sid);
+ sid_split_rid(&dom_sid, &rid);
+
+ return sid_check_is_wellknown_domain(&dom_sid, NULL);
+}
+
/**************************************************************************
Looks up a known username from one of the known domains.
***************************************************************************/