summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/winbindd_ads.c12
-rw-r--r--source3/nsswitch/winbindd_rpc.c22
-rw-r--r--source3/nsswitch/winbindd_util.c46
3 files changed, 60 insertions, 20 deletions
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index 336f27e6a1..ede1765273 100644
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -626,6 +626,12 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
DEBUG(3,("ads: lookup_usergroups\n"));
*p_num_groups = 0;
+ status = lookup_usergroups_cached(domain, mem_ctx, sid,
+ p_num_groups, user_sids);
+ if (NT_STATUS_IS_OK(status)) {
+ return NT_STATUS_OK;
+ }
+
ads = ads_cached_connection(domain);
if (!ads) {
@@ -681,10 +687,12 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
/* there must always be at least one group in the token,
unless we are talking to a buggy Win2k server */
+
if (count == 0) {
+
status = lookup_usergroups_alt(domain, mem_ctx, user_dn,
- &primary_group,
- &num_groups, user_sids);
+ &primary_group,
+ &num_groups, user_sids);
*p_num_groups = (uint32)num_groups;
return status;
}
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 669b5b923b..22df8d4db9 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -412,7 +412,6 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
unsigned int i;
fstring sid_string;
uint32 user_rid;
- NET_USER_INFO_3 *user;
struct rpc_pipe_client *cli;
DEBUG(3,("rpc: lookup_usergroups sid=%s\n",
@@ -425,23 +424,10 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain,
*user_grpsids = NULL;
/* so lets see if we have a cached user_info_3 */
-
- if ( (user = netsamlogon_cache_get( mem_ctx, user_sid )) != NULL )
- {
- DEBUG(5,("lookup_usergroups: Cache lookup succeeded for %s\n",
- sid_string_static(user_sid)));
-
- *num_groups = user->num_groups;
-
- (*user_grpsids) = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_groups);
- for (i=0;i<(*num_groups);i++) {
- sid_copy(&((*user_grpsids)[i]), &domain->sid);
- sid_append_rid(&((*user_grpsids)[i]),
- user->gids[i].g_rid);
- }
-
- SAFE_FREE(user);
-
+ result = lookup_usergroups_cached(domain, mem_ctx, user_sid,
+ num_groups, user_grpsids);
+
+ if (NT_STATUS_IS_OK(result)) {
return NT_STATUS_OK;
}
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index d64345a36f..82fd1e128b 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -1232,3 +1232,49 @@ void winbindd_flush_nscd_cache(void)
#endif
}
+NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ const DOM_SID *user_sid,
+ uint32 *p_num_groups, DOM_SID **user_sids)
+{
+ NET_USER_INFO_3 *info3 = NULL;
+ NTSTATUS status = NT_STATUS_NO_MEMORY;
+ int i;
+ size_t num_groups = 0;
+ DOM_SID group_sid, primary_group;
+
+ DEBUG(3,(": lookup_usergroups_cached\n"));
+
+ *user_sids = NULL;
+ num_groups = 0;
+
+ info3 = netsamlogon_cache_get(mem_ctx, user_sid);
+
+ if (info3 == NULL) {
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ if (info3->num_groups == 0) {
+ SAFE_FREE(info3);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ /* always add the primary group to the sid array */
+ sid_compose(&primary_group, &info3->dom_sid.sid, info3->user_rid);
+
+ add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups);
+
+ for (i=0; i<info3->num_groups; i++) {
+ sid_copy(&group_sid, &info3->dom_sid.sid);
+ sid_append_rid(&group_sid, info3->gids[i].g_rid);
+
+ add_sid_to_array(mem_ctx, &group_sid, user_sids,
+ &num_groups);
+ }
+
+ SAFE_FREE(info3);
+ *p_num_groups = num_groups;
+ status = (user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
+
+ return status;
+}