diff options
-rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 18 | ||||
-rw-r--r-- | source3/rpc_server/srv_util.c | 30 |
2 files changed, 38 insertions, 10 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index dee0866b12..89e46402cf 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -688,16 +688,14 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * pstrcpy(my_name, global_myname()); - /* - * This is the point at which we get the group - * database - we should be getting the gid_t list - * from /etc/group and then turning the uids into - * rids and then into machine sids for this user. - * JRA. - */ - - gids = NULL; - get_domain_user_groups(p->mem_ctx, &num_gids, &gids, server_info->sam_account); + if (!NT_STATUS_IS_OK(status + = nt_token_to_group_list(p->mem_ctx, + &domain_sid, + server_info->ptok, + &num_gids, + &gids))) { + return status; + } init_net_user_info3(p->mem_ctx, usr_info, user_rid, diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 519daff1f6..72a057b91c 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -342,6 +342,7 @@ BOOL get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SA DEBUG(0,("get_domain_user_groups: primary gid of user [%s] is not a Domain group !\n", user_name)); DEBUGADD(0,("get_domain_user_groups: You should fix it, NT doesn't like that\n")); + done: *pgids=gids; *numgroups=cur_gid; @@ -351,6 +352,35 @@ BOOL get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SA } /******************************************************************* + gets a domain user's groups from their already-calculated NT_USER_TOKEN + ********************************************************************/ +NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, + const NT_USER_TOKEN *nt_token, + int *numgroups, DOM_GID **pgids) +{ + DOM_GID *gids; + int i; + + gids = (DOM_GID *)talloc(mem_ctx, sizeof(*gids) * nt_token->num_sids); + + if (!gids) { + return NT_STATUS_NO_MEMORY; + } + + *numgroups=0; + + for (i=PRIMARY_GROUP_SID_INDEX; i < nt_token->num_sids; i++) { + if (sid_compare_domain(domain_sid, &nt_token->user_sids[i])==0) { + sid_peek_rid(&nt_token->user_sids[i], &(gids[*numgroups].g_rid)); + gids[*numgroups].attr=7; + (*numgroups)++; + } + } + *pgids = gids; + return NT_STATUS_OK; +} + +/******************************************************************* Look up a local (domain) rid and return a name and type. ********************************************************************/ NTSTATUS local_lookup_group_name(uint32 rid, char *group_name, uint32 *type) |