diff options
| -rw-r--r-- | source3/nsswitch/winbindd_util.c | 8 | ||||
| -rw-r--r-- | source3/passdb/pdb_interface.c | 3 |
2 files changed, 9 insertions, 2 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 72c85a9c6a..b0529be4fb 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -599,12 +599,18 @@ struct winbindd_domain *find_domain_from_name(const char *domain_name) struct winbindd_domain *find_domain_from_sid_noinit(const DOM_SID *sid) { struct winbindd_domain *domain; + uint32 discard; /* Search through list */ for (domain = domain_list(); domain != NULL; domain = domain->next) { - if (sid_compare_domain(sid, &domain->sid) == 0) + /* We need to use sid_peek_check_rid, because we want + * to make sure that the SIDs we send to the backends are + * as specific as possible. + */ + if (sid_peek_check_rid(&domain->sid, sid, &discard) == 0) { return domain; + } } /* Not found */ diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 976dfc1d08..e0b9086f9c 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -1305,7 +1305,8 @@ static BOOL pdb_default_sid_to_id(struct pdb_methods *methods, goto done; } - if (sid_peek_check_rid(&global_sid_Builtin, sid, &rid)) { + if (sid_check_is_in_builtin(sid) || + sid_check_is_in_wellknown_domain(sid)) { /* Here we only have aliases */ GROUP_MAP map; if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) { |