5 files changed, 47 insertions, 66 deletions

diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 951361f4d4..3d2af5d0ba 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -714,8 +714,10 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
 int smb_create_group(char *unix_group, gid_t *new_gid)
 {
 	pstring add_script;
-	int ret;
-	int fd = 0;
+	int 	ret = -1;
+	int 	fd = 0;
+	
+	*new_gid = 0;
 
 	/* defer to scripts */
 	
@@ -734,22 +736,9 @@ int smb_create_group(char *unix_group, gid_t *new_gid)
 			if (read(fd, output, sizeof(output)) > 0) {
 				*new_gid = (gid_t)strtoul(output, NULL, 10);
 			}
+			
 			close(fd);
-
-			if (*new_gid == 0) {
-				/* The output was garbage. We assume nobody
-	       	                    will create group 0 via smbd. Now we try to
-	                           get the group via getgrnam. */
-
-				struct group *grp = getgrnam(unix_group);
-				if (grp != NULL)
-					*new_gid = grp->gr_gid;
-				else
-					return 1;
-			}
 		}
-		
-		return 0;
 	}
 
 	/* Try winbindd */
@@ -757,10 +746,17 @@ int smb_create_group(char *unix_group, gid_t *new_gid)
 	if ( winbind_create_group( unix_group, NULL ) ) {
 		DEBUG(3,("smb_create_group: winbindd created the group (%s)\n",
 			unix_group));
-		return 0;
+		ret = 0;
+	}
+	
+	if (*new_gid == 0) {
+		struct group *grp = getgrnam(unix_group);
+
+		if (grp != NULL)
+			*new_gid = grp->gr_gid;
 	}
 			
-	return -1;	
+	return ret;	
 }
 
 /****************************************************************************
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index 49a48074fa..7c5a8dd054 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -315,6 +315,9 @@ BOOL winbind_create_user( const char *name, uint32 *rid )
 		
 	DEBUG(10,("winbind_create_user: %s\n", name));
 	
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	/* see if the caller wants a new RID returned */
 	
 	if ( rid ) 
@@ -323,8 +326,6 @@ BOOL winbind_create_user( const char *name, uint32 *rid )
 	fstrcpy( request.data.acct_mgt.username, name );
 	fstrcpy( request.data.acct_mgt.groupname, "" );
 	
-	ZERO_STRUCT(response);
-	
 	result = winbindd_request( WINBINDD_CREATE_USER, &request, &response);
 	
 	if ( rid )
@@ -351,6 +352,9 @@ BOOL winbind_create_group( const char *name, uint32 *rid )
 		
 	DEBUG(10,("winbind_create_group: %s\n", name));
 
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	/* see if the caller wants a new RID returned */
 	
 	if ( rid ) 
@@ -358,7 +362,6 @@ BOOL winbind_create_group( const char *name, uint32 *rid )
 		
 	fstrcpy( request.data.acct_mgt.groupname, name );
 	
-	ZERO_STRUCT(response);
 	
 	result = winbindd_request( WINBINDD_CREATE_GROUP, &request, &response);
 	
@@ -384,14 +387,15 @@ BOOL winbind_add_user_to_group( const char *user, const char *group )
 	if ( !user || !group )
 		return False;
 		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	DEBUG(10,("winbind_add_user_to_group: user(%s), group(%s) \n", 
 		user, group));
 		
 	fstrcpy( request.data.acct_mgt.username, user );
 	fstrcpy( request.data.acct_mgt.groupname, group );
 	
-	ZERO_STRUCT(response);
-	
 	result = winbindd_request( WINBINDD_ADD_USER_TO_GROUP, &request, &response);
 	
 	return result == NSS_STATUS_SUCCESS;
@@ -413,12 +417,12 @@ BOOL winbind_remove_user_from_group( const char *user, const char *group )
 	if ( !user || !group )
 		return False;
 		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	DEBUG(10,("winbind_remove_user_from_group: user(%s), group(%s) \n", 
 		user, group));
 		
-	fstrcpy( request.data.acct_mgt.username, user );
-	fstrcpy( request.data.acct_mgt.groupname, group );
-	
 	ZERO_STRUCT(response);
 	
 	result = winbindd_request( WINBINDD_REMOVE_USER_FROM_GROUP, &request, &response);
@@ -442,14 +446,15 @@ BOOL winbind_set_user_primary_group( const char *user, const char *group )
 	if ( !user || !group )
 		return False;
 		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	DEBUG(10,("winbind_set_user_primary_group: user(%s), group(%s) \n", 
 		user, group));
 
 	fstrcpy( request.data.acct_mgt.username, user );
 	fstrcpy( request.data.acct_mgt.groupname, group );
 	
-	ZERO_STRUCT(response);
-	
 	result = winbindd_request( WINBINDD_SET_USER_PRIMARY_GROUP, &request, &response);
 	
 	return result == NSS_STATUS_SUCCESS;
@@ -472,12 +477,13 @@ BOOL winbind_delete_user( const char *user )
 	if ( !user )
 		return False;
 		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	DEBUG(10,("winbind_delete_user: user (%s)\n", user));
 
 	fstrcpy( request.data.acct_mgt.username, user );
 	
-	ZERO_STRUCT(response);
-	
 	result = winbindd_request( WINBINDD_DELETE_USER, &request, &response);
 	
 	return result == NSS_STATUS_SUCCESS;
@@ -499,12 +505,13 @@ BOOL winbind_delete_group( const char *group )
 	if ( !group )
 		return False;
 		
+	ZERO_STRUCT(request);
+	ZERO_STRUCT(response);
+	
 	DEBUG(10,("winbind_delete_group: group (%s)\n", group));
 
 	fstrcpy( request.data.acct_mgt.groupname, group );
 	
-	ZERO_STRUCT(response);
-	
 	result = winbindd_request( WINBINDD_DELETE_GROUP, &request, &response);
 	
 	return result == NSS_STATUS_SUCCESS;
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index 0336312e89..0860d701d8 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -883,9 +883,6 @@ int main(int argc, char **argv)
 	if (!idmap_init(lp_idmap_backend()))
 		return 1;
 
-	if (!idmap_init_wellknown_sids())
-		exit(1);
-
 	/* Unblock all signals we are interested in as they may have been
 	   blocked by the parent process. */
 
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 333ac8ace6..9a99e07d82 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1053,9 +1053,7 @@ DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid)
 	struct passwd *unix_pw;
 	BOOL ret;
 	
-	winbind_off();
 	unix_pw = sys_getpwuid( uid );
-	winbind_on();
 
 	if ( !unix_pw ) {
 		DEBUG(4,("local_uid_to_sid: host has know idea of uid %d\n", uid));
@@ -1114,8 +1112,6 @@ BOOL local_sid_to_uid(uid_t *puid, const DOM_SID *psid, enum SID_NAME_USE *name_
 		return False;
 	}
 
-
-
 	/* lookup the user account */
 	
 	if ( !NT_STATUS_IS_OK(pdb_init_sam(&sampw)) ) {
@@ -1134,9 +1130,7 @@ BOOL local_sid_to_uid(uid_t *puid, const DOM_SID *psid, enum SID_NAME_USE *name_
 	
 	user_name = pdb_get_username(sampw);
 
-	winbind_off();
 	unix_pw = sys_getpwnam( user_name );
-	winbind_on();
 
 	if ( !unix_pw ) {
 		DEBUG(0,("local_sid_to_uid: %s found in passdb but getpwnam() return NULL!\n",
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 31535f7945..e5e9a68b2e 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -412,8 +412,6 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
 	DOM_SID user_sid;
 	DOM_SID group_sid;
 	struct passwd *passwd;
-	unid_t id;
-	int u_type = ID_USERID | ID_QUERY_ONLY;
 	fstring sid_string;
 
 	fstrcpy(account, unistr2_static(&delta->uni_acct_name));
@@ -497,19 +495,9 @@ fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
 		}
 	}	
 
-	if (!passwd) {
-		DEBUG(1, ("No unix user for this account (%s), cannot adjust mappings\n", pdb_get_username(sam_account)));
-		/* if no unix user, changing the mapping won't help */
-	} else {
-		nt_ret = idmap_get_id_from_sid(&id, &u_type, pdb_get_user_sid(sam_account));
-		if (NT_STATUS_IS_OK(nt_ret) && (u_type == ID_USERID) && (id.uid == passwd->pw_uid)) {
-			
-		} else {
-			/* set mapping */
-			
-			id.uid = passwd->pw_uid;
-			nt_ret = idmap_set_mapping(pdb_get_user_sid(sam_account), id, ID_USERID);
-		}
+	if ( !passwd ) {
+		DEBUG(1, ("No unix user for this account (%s), cannot adjust mappings\n", 
+			pdb_get_username(sam_account)));
 	}
 
 	pdb_free_sam(&sam_account);
@@ -536,21 +524,25 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta)
 	sid_to_string(sid_string, &group_sid);
 
 	if (pdb_getgrsid(&map, group_sid)) {
-		grp = getgrgid(map.gid);
+		if ( map.gid != -1 )
+			grp = getgrgid(map.gid);
 		insert = False;
 	}
 
-	if (grp == NULL)
-	{
+	if (grp == NULL) {
 		gid_t gid;
 
 		/* No group found from mapping, find it from its name. */
 		if ((grp = getgrnam(name)) == NULL) {
+		
 			/* No appropriate group found, create one */
+			
 			d_printf("Creating unix group: '%s'\n", name);
+			
 			if (smb_create_group(name, &gid) != 0)
 				return NT_STATUS_ACCESS_DENIED;
-			if ((grp = getgrgid(gid)) == NULL)
+				
+			if ((grp = getgrnam(name)) == NULL)
 				return NT_STATUS_ACCESS_DENIED;
 		}
 	}
@@ -997,11 +989,6 @@ int rpc_vampire(int argc, const char **argv)
 
 	ZERO_STRUCT(ret_creds);
 
-	if (!idmap_init(lp_idmap_backend())) {
-		d_printf("Could not init idmap\n");
-		return -1;
-	}
-
 	/* Connect to remote machine */
 	if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS |
 					    NET_FLAGS_PDC))) {
@@ -1027,7 +1014,7 @@ int rpc_vampire(int argc, const char **argv)
 		goto fail;
 	}
 
-	dom_sid = *get_global_sam_sid();
+	sid_copy( &dom_sid, get_global_sam_sid() );
 	result = fetch_database(cli, SAM_DATABASE_DOMAIN, &ret_creds, dom_sid);
 
 	if (!NT_STATUS_IS_OK(result)) {