diff options
Diffstat (limited to 'source3/auth/auth_util.c')
-rw-r--r-- | source3/auth/auth_util.c | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index a3ca0b226f..d0f1fc1e34 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -219,18 +219,35 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, where it doens't supply a domain for logon script 'net use' commands. - Finally, we do this by looking up a cache of trusted domains! + The way I do it here is by checking if the fully + qualified username exists. This is rather reliant + on winbind, but until we have a better method this + will have to do */ domain = client_domain; - if (is_trusted_domain(domain)) { - return make_user_info(user_info, smb_name, internal_username, - client_domain, domain, wksta_name, - lm_pwd, nt_pwd, plaintext, ntlmssp_flags, - encrypted); - } + if ((smb_name) && (*smb_name)) { /* Don't do this for guests */ + char *user = NULL; + if (asprintf(&user, "%s%s%s", + client_domain, lp_winbind_separator(), + smb_name) < 0) { + DEBUG(0, ("make_user_info_map: asprintf() failed!\n")); + return NT_STATUS_NO_MEMORY; + } + DEBUG(5, ("make_user_info_map: testing for user %s\n", user)); + + if (Get_Pwnam(user) == NULL) { + DEBUG(5, ("make_user_info_map: test for user %s failed\n", user)); + domain = lp_workgroup(); + DEBUG(5, ("make_user_info_map: trusted domain %s doesn't appear to exist, using %s\n", + client_domain, domain)); + } else { + DEBUG(5, ("make_user_info_map: using trusted domain %s\n", domain)); + } + SAFE_FREE(user); + } } else { domain = lp_workgroup(); } |