diff options
| -rw-r--r-- | source3/winbindd/idmap_autorid.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index d3b38bd398..08dcc6595f 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -46,6 +46,7 @@ struct autorid_global_config { uint32_t minvalue; uint32_t rangesize; uint32_t maxranges; + bool ignore_builtin; }; struct autorid_domain_config { @@ -492,6 +493,8 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, ZERO_STRUCT(domaincfg); + DEBUG(10, ("Trying to map %s\n", sid_string_dbg(ids[i]->sid))); + sid_copy(&domainsid, ids[i]->sid); if (!sid_split_rid(&domainsid, &rid)) { DEBUG(4, ("Could not determine domain SID from %s, " @@ -525,6 +528,13 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, continue; } + /* BUILTIN is passdb's job */ + if (dom_sid_equal(&domainsid, &global_sid_Builtin) && + global->ignore_builtin) { + DEBUG(10, ("Ignoring request for BUILTIN domain\n")); + continue; + } + /* * Check if the domain is around */ @@ -869,6 +879,9 @@ static NTSTATUS idmap_autorid_initialize(struct idmap_domain *dom) DEBUG(5, ("%d domain ranges with a size of %d are available\n", config->maxranges, config->rangesize)); + config->ignore_builtin = lp_parm_bool(-1, "idmap config *", + "ignore builtin", false); + /* fill the TDB common configuration */ commonconfig->private_data = config; |