3 files changed, 35 insertions, 42 deletions

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 502d06fad3..f942b2e50a 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -186,13 +186,15 @@ static NTSTATUS make_user_info(auth_usersupplied_info **user_info,
  Create an auth_usersupplied_data structure after appropriate mapping.
 ****************************************************************************/
 
-NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, 
-			    const char *smb_name, 
-			    const char *client_domain, 
-			    const char *wksta_name, 
- 			    DATA_BLOB *lm_pwd, DATA_BLOB *nt_pwd,
- 			    DATA_BLOB *lm_interactive_pwd, DATA_BLOB *nt_interactive_pwd,
-			    DATA_BLOB *plaintext, 
+NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
+			    const char *smb_name,
+			    const char *client_domain,
+			    const char *wksta_name,
+			    DATA_BLOB *lm_pwd,
+			    DATA_BLOB *nt_pwd,
+			    DATA_BLOB *lm_interactive_pwd,
+			    DATA_BLOB *nt_interactive_pwd,
+			    DATA_BLOB *plaintext,
 			    bool encrypted)
 {
 	const char *domain;
@@ -200,12 +202,12 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
 	bool was_mapped;
 	fstring internal_username;
 	fstrcpy(internal_username, smb_name);
-	was_mapped = map_username(internal_username); 
-	
-	DEBUG(5, ("make_user_info_map: Mapping user [%s]\\[%s] from workstation [%s]\n",
-	      client_domain, smb_name, wksta_name));
-	
-	/* don't allow "" as a domain, fixes a Win9X bug 
+	was_mapped = map_username(internal_username);
+
+	DEBUG(5, ("Mapping user [%s]\\[%s] from workstation [%s]\n",
+		 client_domain, smb_name, wksta_name));
+
+	/* don't allow "" as a domain, fixes a Win9X bug
 	   where it doens't supply a domain for logon script
 	   'net use' commands.                                 */
 
@@ -214,16 +216,27 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
 	else
 		domain = lp_workgroup();
 
-	/* do what win2k does.  Always map unknown domains to our own
-	   and let the "passdb backend" handle unknown users. */
+	/* If you connect to a Windows domain member using a bogus domain name,
+	 * the Windows box will map the BOGUS\user to SAMNAME\user.  Thus, if
+	 * the Windows box is a DC the name will become DOMAIN\user and be
+	 * authenticated against AD, if the Windows box is a member server but
+	 * not a DC the name will become WORKSTATION\user.  A standalone
+	 * non-domain member box will also map to WORKSTATION\user. */
 
-	if ( !is_trusted_domain(domain) && !strequal(domain, get_global_sam_name()) ) 
-		domain = my_sam_name();
-	
-	/* we know that it is a trusted domain (and we are allowing them) or it is our domain */
-	
-	result = make_user_info(user_info, smb_name, internal_username, 
-			      client_domain, domain, wksta_name, 
+	if (!is_trusted_domain(domain) &&
+	    !strequal(domain, get_global_sam_name()) )
+	{
+		domain = get_global_sam_name();
+		DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] on "
+			  "workstation [%s]\n",
+			  client_domain, domain, smb_name, wksta_name));
+	}
+
+	/* we know that it is a trusted domain (and we are allowing them) or it
+	 * is our domain */
+
+	result = make_user_info(user_info, smb_name, internal_username,
+			      client_domain, domain, wksta_name,
 			      lm_pwd, nt_pwd,
 			      lm_interactive_pwd, nt_interactive_pwd,
 			      plaintext, encrypted);
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 6246be6b1c..3478ea4f85 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -4420,7 +4420,6 @@ bool sid_check_is_in_our_domain(const DOM_SID *sid);
 
 /* The following definitions come from passdb/passdb.c  */
 
-const char *my_sam_name(void);
 struct samu *samu_new( TALLOC_CTX *ctx );
 NTSTATUS samu_set_unix(struct samu *user, const struct passwd *pwd);
 NTSTATUS samu_alloc_rid_unix(struct samu *user, const struct passwd *pwd);
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index d26a667f44..c526a175f2 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -27,25 +27,6 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
-/******************************************************************
- get the default domain/netbios name to be used when 
- testing authentication.  For example, if you connect
- to a Windows member server using a bogus domain name, the
- Windows box will map the BOGUS\user to DOMAIN\user.  A 
- standalone box will map to WKS\user.
-******************************************************************/
-
-const char *my_sam_name(void)
-{
-	/* standalone servers can only use the local netbios name */
-	if ( lp_server_role() == ROLE_STANDALONE )
-		return global_myname();
-
-	/* Windows domain members default to the DOMAIN
-	   name when not specified */
-	return lp_workgroup();
-}
-
 /**********************************************************************
 ***********************************************************************/