diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 10:10:25 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 10:10:25 +0000 |
| commit | 670f46fd4c6ef8eb338284c820f8560bcece095a (patch) | |
| tree | 2cf14a5127ecd046cb0c02dfefd2100ff7b34545 /source3 | |
| parent | 84ce7ec0a4e84255bae7591c8b9214d59a75ab93 (diff) | |
| download | samba-670f46fd4c6ef8eb338284c820f8560bcece095a.tar.gz samba-670f46fd4c6ef8eb338284c820f8560bcece095a.tar.bz2 samba-670f46fd4c6ef8eb338284c820f8560bcece095a.zip | |
Bring this code into line with new winbind_lookup_name() interface. I think
this might need a bit more work - or at least documentation.
This is certainly a worthwile little hack, as it avoids the need to invert the
group database. I don't think we should allow unqualified domains here - as
that allows us to distinguish between (at least some) usernames and these
'special' groups.
(This used to be commit 151dd7bc6c61e19a993017e5e0b50314801e26de)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/lib/username.c | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/source3/lib/username.c b/source3/lib/username.c index 7c8c9c740d..f256b1d6f8 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -33,7 +33,7 @@ static struct passwd *uname_string_combinations2(char *s, int offset, struct pas BOOL name_is_local(const char *name) { - return !(strchr_m(name, *lp_winbind_separator()) || lp_winbind_use_default_domain()); + return !(strchr_m(name, *lp_winbind_separator())); } /**************************************************************************** @@ -535,16 +535,29 @@ BOOL user_in_list(const char *user,char **list) enum SID_NAME_USE name_type; BOOL winbind_answered = False; BOOL ret; - - /* Check to see if name is a Windows group */ - if (winbind_lookup_name(*list, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { - + fstring groupname, domain; + + /* Parse a string of the form DOMAIN/user into a domain and a user */ + + char *p = strchr(*list,*lp_winbind_separator()); + + DEBUG(10,("user_in_list: checking if user |%s| is in winbind group |%s|\n", user, *list)); + + if (p) { + fstrcpy(groupname, p+1); + fstrcpy(domain, *list); + domain[PTR_DIFF(p, *list)] = 0; + + /* Check to see if name is a Windows group */ + if (winbind_lookup_name(groupname, domain, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { + /* Check if user name is in the Windows group */ - ret = user_in_winbind_group_list(user, *list, &winbind_answered); - - if (winbind_answered && ret == True) { - DEBUG(10,("user_in_list: user |%s| is in group |%s|\n", user, *list)); - return ret; + ret = user_in_winbind_group_list(user, *list, &winbind_answered); + + if (winbind_answered && ret == True) { + DEBUG(10,("user_in_list: user |%s| is in winbind group |%s|\n", user, *list)); + return ret; + } } } } |