diff options
author | Christian Ambach <ambi@samba.org> | 2012-05-07 19:14:56 +0200 |
---|---|---|
committer | Christian Ambach <ambi@samba.org> | 2012-05-08 09:26:07 +0200 |
commit | 0bedec7abea5f8dea5d6bd1fbb600f7beebabef9 (patch) | |
tree | b72266cca2e047bf8bae7a2510a28a19d92adbc1 /source3/winbindd | |
parent | da9723478321565fc552cced964d3e72c69f634b (diff) | |
download | samba-0bedec7abea5f8dea5d6bd1fbb600f7beebabef9.tar.gz samba-0bedec7abea5f8dea5d6bd1fbb600f7beebabef9.tar.bz2 samba-0bedec7abea5f8dea5d6bd1fbb600f7beebabef9.zip |
s3:winbindd/autorid add ignore builtin parameter
BUILTIN should be handled by passdb, however if passdb does not know
about a SID, autorid creates a range for BUILTIN and does deterministic mapping
make it possible to turn off this behavior
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/idmap_autorid.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index d3b38bd398..08dcc6595f 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -46,6 +46,7 @@ struct autorid_global_config { uint32_t minvalue; uint32_t rangesize; uint32_t maxranges; + bool ignore_builtin; }; struct autorid_domain_config { @@ -492,6 +493,8 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, ZERO_STRUCT(domaincfg); + DEBUG(10, ("Trying to map %s\n", sid_string_dbg(ids[i]->sid))); + sid_copy(&domainsid, ids[i]->sid); if (!sid_split_rid(&domainsid, &rid)) { DEBUG(4, ("Could not determine domain SID from %s, " @@ -525,6 +528,13 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, continue; } + /* BUILTIN is passdb's job */ + if (dom_sid_equal(&domainsid, &global_sid_Builtin) && + global->ignore_builtin) { + DEBUG(10, ("Ignoring request for BUILTIN domain\n")); + continue; + } + /* * Check if the domain is around */ @@ -869,6 +879,9 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) DEBUG(5, ("%d domain ranges with a size of %d are available\n", config->maxranges, config->rangesize)); + config->ignore_builtin = lp_parm_bool(-1, "idmap config *", + "ignore builtin", false); + /* fill the TDB common configuration */ commonconfig->private_data = config; |