diff options
-rw-r--r-- | source3/nsswitch/winbindd_ads.c | 12 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 22 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 46 |
3 files changed, 60 insertions, 20 deletions
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 336f27e6a1..ede1765273 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -626,6 +626,12 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, DEBUG(3,("ads: lookup_usergroups\n")); *p_num_groups = 0; + status = lookup_usergroups_cached(domain, mem_ctx, sid, + p_num_groups, user_sids); + if (NT_STATUS_IS_OK(status)) { + return NT_STATUS_OK; + } + ads = ads_cached_connection(domain); if (!ads) { @@ -681,10 +687,12 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, /* there must always be at least one group in the token, unless we are talking to a buggy Win2k server */ + if (count == 0) { + status = lookup_usergroups_alt(domain, mem_ctx, user_dn, - &primary_group, - &num_groups, user_sids); + &primary_group, + &num_groups, user_sids); *p_num_groups = (uint32)num_groups; return status; } diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index 669b5b923b..22df8d4db9 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -412,7 +412,6 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, unsigned int i; fstring sid_string; uint32 user_rid; - NET_USER_INFO_3 *user; struct rpc_pipe_client *cli; DEBUG(3,("rpc: lookup_usergroups sid=%s\n", @@ -425,23 +424,10 @@ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, *user_grpsids = NULL; /* so lets see if we have a cached user_info_3 */ - - if ( (user = netsamlogon_cache_get( mem_ctx, user_sid )) != NULL ) - { - DEBUG(5,("lookup_usergroups: Cache lookup succeeded for %s\n", - sid_string_static(user_sid))); - - *num_groups = user->num_groups; - - (*user_grpsids) = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_groups); - for (i=0;i<(*num_groups);i++) { - sid_copy(&((*user_grpsids)[i]), &domain->sid); - sid_append_rid(&((*user_grpsids)[i]), - user->gids[i].g_rid); - } - - SAFE_FREE(user); - + result = lookup_usergroups_cached(domain, mem_ctx, user_sid, + num_groups, user_grpsids); + + if (NT_STATUS_IS_OK(result)) { return NT_STATUS_OK; } diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index d64345a36f..82fd1e128b 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -1232,3 +1232,49 @@ void winbindd_flush_nscd_cache(void) #endif } +NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + const DOM_SID *user_sid, + uint32 *p_num_groups, DOM_SID **user_sids) +{ + NET_USER_INFO_3 *info3 = NULL; + NTSTATUS status = NT_STATUS_NO_MEMORY; + int i; + size_t num_groups = 0; + DOM_SID group_sid, primary_group; + + DEBUG(3,(": lookup_usergroups_cached\n")); + + *user_sids = NULL; + num_groups = 0; + + info3 = netsamlogon_cache_get(mem_ctx, user_sid); + + if (info3 == NULL) { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + + if (info3->num_groups == 0) { + SAFE_FREE(info3); + return NT_STATUS_UNSUCCESSFUL; + } + + /* always add the primary group to the sid array */ + sid_compose(&primary_group, &info3->dom_sid.sid, info3->user_rid); + + add_sid_to_array(mem_ctx, &primary_group, user_sids, &num_groups); + + for (i=0; i<info3->num_groups; i++) { + sid_copy(&group_sid, &info3->dom_sid.sid); + sid_append_rid(&group_sid, info3->gids[i].g_rid); + + add_sid_to_array(mem_ctx, &group_sid, user_sids, + &num_groups); + } + + SAFE_FREE(info3); + *p_num_groups = num_groups; + status = (user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY; + + return status; +} |