summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/passdb/passdb.c29
-rw-r--r--source3/utils/testparm.c8
2 files changed, 33 insertions, 4 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 04786b59e5..adc5eb8478 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -500,9 +500,30 @@ BOOL pdb_gethexpwd(const char *p, unsigned char *pwd)
Converts NT user RID to a UNIX uid.
********************************************************************/
+static int algorithmic_rid_base(void)
+{
+ static int rid_offset = 0;
+
+ if (rid_offset != 0)
+ return rid_offset;
+
+ rid_offset = lp_algorithmic_rid_base();
+
+ if (rid_offset < 1000) {
+ DEBUG(0, ("algorithmic rid base must be above 1000\n"));
+ rid_offset = 1000;
+ }
+ if (rid_offset & 1) {
+ DEBUG(0, ("algorithmic rid base must be even\n"));
+ rid_offset += 1;
+ }
+ return rid_offset;
+}
+
+
uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid)
{
- int rid_offset = lp_algorithmic_rid_base();
+ int rid_offset = algorithmic_rid_base();
return (uid_t)(((user_rid & (~USER_RID_TYPE))- rid_offset)/RID_MULTIPLIER);
}
@@ -513,7 +534,7 @@ uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid)
uint32 fallback_pdb_uid_to_user_rid(uid_t uid)
{
- int rid_offset = lp_algorithmic_rid_base();
+ int rid_offset = algorithmic_rid_base();
return (((((uint32)uid)*RID_MULTIPLIER) + rid_offset) | USER_RID_TYPE);
}
@@ -523,7 +544,7 @@ uint32 fallback_pdb_uid_to_user_rid(uid_t uid)
gid_t pdb_group_rid_to_gid(uint32 group_rid)
{
- int rid_offset = lp_algorithmic_rid_base();
+ int rid_offset = algorithmic_rid_base();
return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- rid_offset)/RID_MULTIPLIER);
}
@@ -537,7 +558,7 @@ gid_t pdb_group_rid_to_gid(uint32 group_rid)
uint32 pdb_gid_to_group_rid(gid_t gid)
{
- int rid_offset = lp_algorithmic_rid_base();
+ int rid_offset = algorithmic_rid_base();
return (((((uint32)gid)*RID_MULTIPLIER) + rid_offset) | GROUP_RID_TYPE);
}
diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c
index c81d6e72e4..f2636fdafb 100644
--- a/source3/utils/testparm.c
+++ b/source3/utils/testparm.c
@@ -168,6 +168,14 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_
printf("'winbind separator = +' might cause problems with group membership.\n");
}
+ if (lp_algorithmic_rid_base() < 1000) {
+ printf("'algorithmic rid base' must be equal or above 1000.\n");
+ }
+
+ if (lp_algorithmic_rid_base() & 1) {
+ printf("'algorithmic rid base' must be even.\n");
+ }
+
return ret;
}