diff options
-rw-r--r-- | source3/winbindd/idmap_autorid.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 32d5860ae6..5ed0255bd0 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -260,8 +260,11 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, struct idmap_domain *dom, struct id_map *map) { - uint32_t range; + uint32_t range_number; uint32_t domain_range_index = 0; + uint32_t normalized_id; + uint32_t reduced_rid; + uint32_t rid; TDB_DATA data = tdb_null; char *keystr; struct dom_sid domsid; @@ -285,9 +288,11 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, } /* determine the range of this uid */ - range = ((map->xid.id - cfg->minvalue) / cfg->rangesize); - keystr = talloc_asprintf(talloc_tos(), "%u", range); + normalized_id = map->xid.id - cfg->minvalue; + range_number = normalized_id / cfg->rangesize; + + keystr = talloc_asprintf(talloc_tos(), "%u", range_number); if (!keystr) { return NT_STATUS_NO_MEMORY; } @@ -298,7 +303,7 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, if (!NT_STATUS_IS_OK(status)) { DEBUG(4, ("id %d belongs to range %d which does not have " "domain mapping, ignoring mapping request\n", - map->xid.id, range)); + map->xid.id, range_number)); TALLOC_FREE(data.dptr); map->status = ID_UNKNOWN; return NT_STATUS_OK; @@ -331,9 +336,10 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, return NT_STATUS_OK; } - sid_compose(map->sid, &domsid, - (map->xid.id - cfg->minvalue - - range * cfg->rangesize + (cfg->rangesize * domain_range_index))); + reduced_rid = normalized_id % cfg->rangesize; + rid = reduced_rid + domain_range_index * cfg->rangesize; + + sid_compose(map->sid, &domsid, rid); /* We **really** should have some way of validating the SID exists and is the correct type here. But |