diff options
-rw-r--r-- | source3/passdb/passdb.c | 29 | ||||
-rw-r--r-- | source3/utils/testparm.c | 8 |
2 files changed, 33 insertions, 4 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 04786b59e5..adc5eb8478 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -500,9 +500,30 @@ BOOL pdb_gethexpwd(const char *p, unsigned char *pwd) Converts NT user RID to a UNIX uid. ********************************************************************/ +static int algorithmic_rid_base(void) +{ + static int rid_offset = 0; + + if (rid_offset != 0) + return rid_offset; + + rid_offset = lp_algorithmic_rid_base(); + + if (rid_offset < 1000) { + DEBUG(0, ("algorithmic rid base must be above 1000\n")); + rid_offset = 1000; + } + if (rid_offset & 1) { + DEBUG(0, ("algorithmic rid base must be even\n")); + rid_offset += 1; + } + return rid_offset; +} + + uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid) { - int rid_offset = lp_algorithmic_rid_base(); + int rid_offset = algorithmic_rid_base(); return (uid_t)(((user_rid & (~USER_RID_TYPE))- rid_offset)/RID_MULTIPLIER); } @@ -513,7 +534,7 @@ uid_t fallback_pdb_user_rid_to_uid(uint32 user_rid) uint32 fallback_pdb_uid_to_user_rid(uid_t uid) { - int rid_offset = lp_algorithmic_rid_base(); + int rid_offset = algorithmic_rid_base(); return (((((uint32)uid)*RID_MULTIPLIER) + rid_offset) | USER_RID_TYPE); } @@ -523,7 +544,7 @@ uint32 fallback_pdb_uid_to_user_rid(uid_t uid) gid_t pdb_group_rid_to_gid(uint32 group_rid) { - int rid_offset = lp_algorithmic_rid_base(); + int rid_offset = algorithmic_rid_base(); return (gid_t)(((group_rid & (~GROUP_RID_TYPE))- rid_offset)/RID_MULTIPLIER); } @@ -537,7 +558,7 @@ gid_t pdb_group_rid_to_gid(uint32 group_rid) uint32 pdb_gid_to_group_rid(gid_t gid) { - int rid_offset = lp_algorithmic_rid_base(); + int rid_offset = algorithmic_rid_base(); return (((((uint32)gid)*RID_MULTIPLIER) + rid_offset) | GROUP_RID_TYPE); } diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index c81d6e72e4..f2636fdafb 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -168,6 +168,14 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ printf("'winbind separator = +' might cause problems with group membership.\n"); } + if (lp_algorithmic_rid_base() < 1000) { + printf("'algorithmic rid base' must be equal or above 1000.\n"); + } + + if (lp_algorithmic_rid_base() & 1) { + printf("'algorithmic rid base' must be even.\n"); + } + return ret; } |