summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source4/winbind/wb_dom_info.c5
-rw-r--r--source4/winbind/wb_init_domain.c38
-rw-r--r--source4/winbind/wb_sid2domain.c14
3 files changed, 37 insertions, 20 deletions
diff --git a/source4/winbind/wb_dom_info.c b/source4/winbind/wb_dom_info.c
index e2b5defa52..8c08c73a8f 100644
--- a/source4/winbind/wb_dom_info.c
+++ b/source4/winbind/wb_dom_info.c
@@ -67,9 +67,10 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
state->info->sid = dom_sid_dup(state->info, sid);
if (state->info->sid == NULL) goto failed;
- if ((lpcfg_server_role(service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
+ if (dom_sid_equal(sid, &global_sid_Builtin) ||
+ ((lpcfg_server_role(service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
dom_sid_equal(sid, service->primary_sid) &&
- service->sec_channel_type != SEC_CHAN_RODC) {
+ service->sec_channel_type != SEC_CHAN_RODC)) {
struct interface *ifaces = NULL;
load_interface_list(state, service->task->lp_ctx, &ifaces);
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index 70dbaa9ce8..db5eb1d3b6 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -369,24 +369,26 @@ static void init_domain_recv_queryinfo(struct tevent_req *subreq)
state->ctx->status = state->queryinfo.out.result;
if (!composite_is_ok(state->ctx)) return;
- dominfo = &(*state->queryinfo.out.info)->account_domain;
-
- if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) {
- DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
- state->domain->info->name,
- dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
- dominfo->name.string));
- composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
- return;
- }
-
- if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) {
- DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
- dom_sid_string(state, state->domain->info->sid),
- dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
- dom_sid_string(state, dominfo->sid)));
- composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
- return;
+ if (!dom_sid_equal(state->domain->info->sid, &global_sid_Builtin)) {
+ dominfo = &(*state->queryinfo.out.info)->account_domain;
+
+ if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) {
+ DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
+ state->domain->info->name,
+ dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
+ dominfo->name.string));
+ composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
+ return;
+ }
+
+ if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) {
+ DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
+ dom_sid_string(state, state->domain->info->sid),
+ dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
+ dom_sid_string(state, dominfo->sid)));
+ composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
+ return;
+ }
}
state->domain->samr_binding = init_domain_binding(state, &ndr_table_samr);
diff --git a/source4/winbind/wb_sid2domain.c b/source4/winbind/wb_sid2domain.c
index 637fe1d8af..172a6d0a09 100644
--- a/source4/winbind/wb_sid2domain.c
+++ b/source4/winbind/wb_sid2domain.c
@@ -98,6 +98,20 @@ static struct tevent_req *_wb_sid2domain_send(TALLOC_CTX *mem_ctx,
return req;
}
+ if (dom_sid_equal(&global_sid_Builtin, sid) ||
+ dom_sid_in_domain(&global_sid_Builtin, sid)) {
+ ctx = wb_get_dom_info_send(state, service,
+ "BUILTIN", NULL,
+ &global_sid_Builtin);
+ if (tevent_req_nomem(ctx, req)) {
+ return tevent_req_post(req, ev);
+ }
+ ctx->async.fn = wb_sid2domain_recv_dom_info;
+ ctx->async.private_data = req;
+
+ return req;
+ }
+
ctx = wb_cmd_lookupsid_send(state, service, &state->sid);
if (tevent_req_nomem(ctx, req)) {
return tevent_req_post(req, ev);
generated by cgit (git 2.34.1) at 2024-11-22 05:08:22 +0000