summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/param/loadparm.c4
-rw-r--r--source3/passdb/passdb.c16
-rw-r--r--source3/passdb/pdb_ldap.c16
-rw-r--r--source3/utils/testparm.c5
4 files changed, 35 insertions, 6 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 86a5353dca..cdef034061 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -168,6 +168,7 @@ typedef struct
char *szIdmapUID;
char *szIdmapGID;
BOOL bEnableRidAlgorithm;
+ BOOL bPassdbExpandExplicit;
int AlgorithmicRidBase;
char *szTemplateHomedir;
char *szTemplateShell;
@@ -1240,6 +1241,7 @@ static struct parm_struct parm_table[] = {
{N_("Winbind options"), P_SEP, P_SEPARATOR},
{"enable rid algorithm", P_BOOL, P_GLOBAL, &Globals.bEnableRidAlgorithm, NULL, NULL, FLAG_DEPRECATED},
+ {"passdb expand explicit", P_BOOL, P_GLOBAL, &Globals.bPassdbExpandExplicit, NULL, NULL, FLAG_ADVANCED},
{"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED},
{"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED},
{"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE},
@@ -1603,6 +1605,7 @@ static void init_globals(void)
Globals.szWinbindNssInfo = str_list_make("template", NULL);
Globals.bEnableRidAlgorithm = True;
+ Globals.bPassdbExpandExplicit = True;
Globals.name_cache_timeout = 660; /* In seconds */
@@ -1792,6 +1795,7 @@ FN_GLOBAL_BOOL(lp_winbind_nested_groups, &Globals.bWinbindNestedGroups)
FN_GLOBAL_LIST(lp_idmap_backend, &Globals.szIdmapBackend)
FN_GLOBAL_BOOL(lp_enable_rid_algorithm, &Globals.bEnableRidAlgorithm)
+FN_GLOBAL_BOOL(lp_passdb_expand_explicit, &Globals.bPassdbExpandExplicit)
#ifdef WITH_LDAP_SAMCONFIG
FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index c893ebcd42..e073db3499 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1751,6 +1751,7 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
uint32 pwHistLen = 0;
BOOL ret = True;
fstring tmpstring;
+ BOOL expand_explicit = lp_passdb_expand_explicit();
if(sampass == NULL || buf == NULL) {
DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
@@ -1815,7 +1816,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
if (homedir) {
fstrcpy( tmpstring, homedir );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_homedir(sampass, tmpstring, PDB_SET);
}
else {
@@ -1831,7 +1835,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
if (logon_script) {
fstrcpy( tmpstring, logon_script );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_logon_script(sampass, tmpstring, PDB_SET);
}
else {
@@ -1842,7 +1849,10 @@ BOOL init_sam_from_buffer_v2(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen)
if (profile_path) {
fstrcpy( tmpstring, profile_path );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_profile_path(sampass, tmpstring, PDB_SET);
}
else {
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 66efe5a8ae..fac95e3786 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -604,6 +604,7 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
LOGIN_CACHE *cache_entry = NULL;
uint32 pwHistLen;
pstring tmpstring;
+ BOOL expand_explicit = lp_passdb_expand_explicit();
/*
* do a little initialization
@@ -776,7 +777,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
PDB_DEFAULT );
} else {
pstrcpy( tmpstring, homedir );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_homedir(sampass, tmpstring, PDB_SET);
}
@@ -788,7 +792,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
PDB_DEFAULT );
} else {
pstrcpy( tmpstring, logon_script );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_logon_script(sampass, tmpstring, PDB_SET);
}
@@ -800,7 +807,10 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
PDB_DEFAULT );
} else {
pstrcpy( tmpstring, profile_path );
- standard_sub_basic( username, tmpstring, sizeof(tmpstring) );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
pdb_set_profile_path(sampass, tmpstring, PDB_SET);
}
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index b4561b58de..0ce838e5c7 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -73,6 +73,11 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n");
ret = 1;
}
+ if (lp_passdb_expand_explicit()) {
+ fprintf(stderr, "WARNING: passdb expand explicit = yes is "
+ "deprecated\n");
+ }
+
/*
* Password server sanity checks.
*/