summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/groupdb/mapping.c18
-rw-r--r--source3/passdb/passdb.c12
-rw-r--r--source3/passdb/pdb_interface.c22
3 files changed, 49 insertions, 3 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 04471f9d43..830584979b 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -814,8 +814,24 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
ret = pdb_getgrsid(map, sid);
unbecome_root();
- if ( !ret )
+ /* special case check for rid 513 */
+
+ if ( !ret ) {
+ uint32 rid;
+
+ sid_peek_rid( &sid, &rid );
+
+ if ( rid == DOMAIN_GROUP_RID_USERS ) {
+ fstrcpy( map->nt_name, "None" );
+ fstrcpy( map->comment, "Ordinary Users" );
+ sid_copy( &map->sid, &sid );
+ map->sid_name_use = SID_NAME_DOM_GRP;
+
+ return True;
+ }
+
return False;
+ }
DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index d795888180..876f04bdfe 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -548,6 +548,18 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
{
GROUP_MAP map;
BOOL ret;
+
+ /* Windows treats "MACHINE\None" as a special name for
+ rid 513 on non-DCs. You cannot create a user or group
+ name "None" on Windows. You will get an error that
+ the group already exists. */
+
+ if ( strequal( user, "None" ) ) {
+ *rid = DOMAIN_GROUP_RID_USERS;
+ *type = SID_NAME_DOM_GRP;
+
+ return True;
+ }
/* LOOKUP_NAME_GROUP is a hack to allow valid users = @foo to work
* correctly in the case where foo also exists as a user. If the flag
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4061e7b5db..82890fee2d 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -734,13 +734,31 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
size_t *p_num_members)
{
struct pdb_methods *pdb = pdb_get_methods();
+ NTSTATUS result;
if ( !pdb ) {
return NT_STATUS_UNSUCCESSFUL;
}
- return pdb->enum_group_members(pdb, mem_ctx, sid,
- pp_member_rids, p_num_members);
+ result = pdb->enum_group_members(pdb, mem_ctx,
+ sid, pp_member_rids, p_num_members);
+
+ /* special check for rid 513 */
+
+ if ( !NT_STATUS_IS_OK( result ) ) {
+ uint32 rid;
+
+ sid_peek_rid( sid, &rid );
+
+ if ( rid == DOMAIN_GROUP_RID_USERS ) {
+ *p_num_members = 0;
+ *pp_member_rids = NULL;
+
+ return NT_STATUS_OK;
+ }
+ }
+
+ return result;
}
NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,