diff options
-rw-r--r-- | source3/param/loadparm.c | 4 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 16 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 16 | ||||
-rw-r--r-- | source3/utils/testparm.c | 5 |
4 files changed, 35 insertions, 6 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 86a5353dca..cdef034061 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -168,6 +168,7 @@ typedef struct char *szIdmapUID; char *szIdmapGID; BOOL bEnableRidAlgorithm; + BOOL bPassdbExpandExplicit; int AlgorithmicRidBase; char *szTemplateHomedir; char *szTemplateShell; @@ -1240,6 +1241,7 @@ static struct parm_struct parm_table[] = { {N_("Winbind options"), P_SEP, P_SEPARATOR}, {"enable rid algorithm", P_BOOL, P_GLOBAL, &Globals.bEnableRidAlgorithm, NULL, NULL, FLAG_DEPRECATED}, + {"passdb expand explicit", P_BOOL, P_GLOBAL, &Globals.bPassdbExpandExplicit, NULL, NULL, FLAG_ADVANCED}, {"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED}, {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED}, {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE}, @@ -1603,6 +1605,7 @@ static void init_globals(void) Globals.szWinbindNssInfo = str_list_make("template", NULL); Globals.bEnableRidAlgorithm = True; + Globals.bPassdbExpandExplicit = True; Globals.name_cache_timeout = 660; /* In seconds */ @@ -1792,6 +1795,7 @@ FN_GLOBAL_BOOL(lp_winbind_nested_groups, &Globals.bWinbindNestedGroups) FN_GLOBAL_LIST(lp_idmap_backend, &Globals.szIdmapBackend) FN_GLOBAL_BOOL(lp_enable_rid_algorithm, &Globals.bEnableRidAlgorithm) +FN_GLOBAL_BOOL(lp_passdb_expand_explicit, &Globals.bPassdbExpandExplicit) #ifdef WITH_LDAP_SAMCONFIG FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index c893ebcd42..e073db3499 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1751,6 +1751,7 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) uint32 pwHistLen = 0; BOOL ret = True; fstring tmpstring; + BOOL expand_explicit = lp_passdb_expand_explicit(); if(sampass == NULL || buf == NULL) { DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n")); @@ -1815,7 +1816,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) if (homedir) { fstrcpy( tmpstring, homedir ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_homedir(sampass, tmpstring, PDB_SET); } else { @@ -1831,7 +1835,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) if (logon_script) { fstrcpy( tmpstring, logon_script ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_logon_script(sampass, tmpstring, PDB_SET); } else { @@ -1842,7 +1849,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) if (profile_path) { fstrcpy( tmpstring, profile_path ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_profile_path(sampass, tmpstring, PDB_SET); } else { diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 66efe5a8ae..fac95e3786 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -604,6 +604,7 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, LOGIN_CACHE *cache_entry = NULL; uint32 pwHistLen; pstring tmpstring; + BOOL expand_explicit = lp_passdb_expand_explicit(); /* * do a little initialization @@ -776,7 +777,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, PDB_DEFAULT ); } else { pstrcpy( tmpstring, homedir ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_homedir(sampass, tmpstring, PDB_SET); } @@ -788,7 +792,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, PDB_DEFAULT ); } else { pstrcpy( tmpstring, logon_script ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_logon_script(sampass, tmpstring, PDB_SET); } @@ -800,7 +807,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, PDB_DEFAULT ); } else { pstrcpy( tmpstring, profile_path ); - standard_sub_basic( username, tmpstring, sizeof(tmpstring) ); + if (expand_explicit) { + standard_sub_basic( username, tmpstring, + sizeof(tmpstring) ); + } pdb_set_profile_path(sampass, tmpstring, PDB_SET); } diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index b4561b58de..0ce838e5c7 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -73,6 +73,11 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); ret = 1; } + if (lp_passdb_expand_explicit()) { + fprintf(stderr, "WARNING: passdb expand explicit = yes is " + "deprecated\n"); + } + /* * Password server sanity checks. */ |