diff options
Diffstat (limited to 'source3/auth/auth_util.c')
| -rw-r--r-- | source3/auth/auth_util.c | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index ddb833a0e5..d0f1fc1e34 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -219,18 +219,35 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, where it doens't supply a domain for logon script 'net use' commands. - Finally, we do this by looking up a cache of trusted domains! + The way I do it here is by checking if the fully + qualified username exists. This is rather reliant + on winbind, but until we have a better method this + will have to do */ domain = client_domain; - if (is_trusted_domain(domain)) { - return make_user_info(user_info, smb_name, internal_username, - client_domain, domain, wksta_name, - lm_pwd, nt_pwd, plaintext, ntlmssp_flags, - encrypted); - } + if ((smb_name) && (*smb_name)) { /* Don't do this for guests */ + char *user = NULL; + if (asprintf(&user, "%s%s%s", + client_domain, lp_winbind_separator(), + smb_name) < 0) { + DEBUG(0, ("make_user_info_map: asprintf() failed!\n")); + return NT_STATUS_NO_MEMORY; + } + DEBUG(5, ("make_user_info_map: testing for user %s\n", user)); + + if (Get_Pwnam(user) == NULL) { + DEBUG(5, ("make_user_info_map: test for user %s failed\n", user)); + domain = lp_workgroup(); + DEBUG(5, ("make_user_info_map: trusted domain %s doesn't appear to exist, using %s\n", + client_domain, domain)); + } else { + DEBUG(5, ("make_user_info_map: using trusted domain %s\n", domain)); + } + SAFE_FREE(user); + } } else { domain = lp_workgroup(); } @@ -869,8 +886,8 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, struct passwd *passwd; - unid_t u_id, g_id; - int u_type, g_type; + uid_t uid; + gid_t gid; int n_lgroupSIDs; DOM_SID *lgroupSIDs = NULL; @@ -907,11 +924,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, domain = domain; } - u_type = ID_USERID; - g_type = ID_GROUPID; - if (NT_STATUS_IS_OK(idmap_get_id_from_sid(&u_id, &u_type, &user_sid)) - && NT_STATUS_IS_OK(idmap_get_id_from_sid(&g_id, &g_type, &group_sid)) - && ((passwd = getpwuid_alloc(u_id.uid)))) { + if (winbind_sid_to_uid(&uid, &user_sid) + && winbind_sid_to_gid(&gid, &group_sid) + && ((passwd = getpwuid_alloc(uid)))) { nt_status = pdb_init_sam_pw(&sam_account, passwd); passwd_free(&passwd); } else { |