summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/util_sid.c89
1 files changed, 76 insertions, 13 deletions
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index e888c1cbcb..de86b956c3 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -86,22 +86,16 @@ static known_sid_users builtin_groups[] = {
{ BUILTIN_ALIAS_RID_BACKUP_OPS, SID_NAME_ALIAS, "Backup Operators" },
{ 0, (enum SID_NAME_USE)0, NULL}};
+#define MAX_SID_NAMES 7
+
static struct sid_name_map_info
{
DOM_SID *sid;
char *name;
known_sid_users *known_users;
-}
-sid_name_map[] =
-{
- { &global_sam_sid, global_myname, NULL},
- { &global_sam_sid, global_myworkgroup, NULL},
- { &global_sid_Builtin, "BUILTIN", &builtin_groups[0]},
- { &global_sid_World_Domain, "", &everyone_users[0] },
- { &global_sid_Creator_Owner_Domain, "", &creator_owner_users[0] },
- { &global_sid_NT_Authority, "NT Authority", &nt_authority_users[0] },
- { NULL, NULL, NULL}
-};
+} sid_name_map[MAX_SID_NAMES];
+
+static BOOL sid_name_map_initialized = False;
/*
* An NT compatible anonymous token.
@@ -114,6 +108,65 @@ NT_USER_TOKEN anonymous_token = {
anon_sid_array
};
+/**************************************************************************
+ quick init function
+ *************************************************************************/
+static void init_sid_name_map (void)
+{
+ int i = 0;
+
+ if (sid_name_map_initialized) return;
+
+
+ if ((lp_security() == SEC_USER) && lp_domain_logons()) {
+ sid_name_map[i].sid = &global_sam_sid;
+ sid_name_map[i].name = global_myworkgroup;
+ sid_name_map[i].known_users = NULL;
+ i++;
+ sid_name_map[i].sid = &global_sam_sid;
+ sid_name_map[i].name = global_myname;
+ sid_name_map[i].known_users = NULL;
+ i++;
+ }
+ else {
+ sid_name_map[i].sid = &global_sam_sid;
+ sid_name_map[i].name = global_myname;
+ sid_name_map[i].known_users = NULL;
+ i++;
+ }
+
+ sid_name_map[i].sid = &global_sid_Builtin;
+ sid_name_map[i].name = "BUILTIN";
+ sid_name_map[i].known_users = &builtin_groups[0];
+ i++;
+
+ sid_name_map[i].sid = &global_sid_World_Domain;
+ sid_name_map[i].name = "";
+ sid_name_map[i].known_users = &everyone_users[0];
+ i++;
+
+ sid_name_map[i].sid = &global_sid_Creator_Owner_Domain;
+ sid_name_map[i].name = "";
+ sid_name_map[i].known_users = &creator_owner_users[0];
+ i++;
+
+ sid_name_map[i].sid = &global_sid_NT_Authority;
+ sid_name_map[i].name = "NT Authority";
+ sid_name_map[i].known_users = &nt_authority_users[0];
+ i++;
+
+
+ /* end of array */
+ sid_name_map[i].sid = NULL;
+ sid_name_map[i].name = NULL;
+ sid_name_map[i].known_users = NULL;
+
+ sid_name_map_initialized = True;
+
+ return;
+
+}
+
/****************************************************************************
Creates some useful well known sids
****************************************************************************/
@@ -146,8 +199,12 @@ BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain)
{
fstring sid_str;
int i = 0;
+
sid_to_string(sid_str, sid);
+ if (!sid_name_map_initialized)
+ init_sid_name_map();
+
DEBUG(5,("map_domain_sid_to_name: %s\n", sid_str));
if (nt_domain == NULL)
@@ -156,7 +213,7 @@ BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain)
while (sid_name_map[i].sid != NULL) {
sid_to_string(sid_str, sid_name_map[i].sid);
DEBUG(5,("map_domain_sid_to_name: compare: %s\n", sid_str));
- if (sid_equal(sid_name_map[i].sid, sid)) {
+ if (sid_equal(sid_name_map[i].sid, sid)) {
fstrcpy(nt_domain, sid_name_map[i].name);
DEBUG(5,("map_domain_sid_to_name: found '%s'\n", nt_domain));
return True;
@@ -178,6 +235,9 @@ BOOL lookup_known_rid(DOM_SID *sid, uint32 rid, char *name, enum SID_NAME_USE *p
int i = 0;
struct sid_name_map_info *psnm;
+ if (!sid_name_map_initialized)
+ init_sid_name_map();
+
for(i = 0; sid_name_map[i].sid != NULL; i++) {
psnm = &sid_name_map[i];
if(sid_equal(psnm->sid, sid)) {
@@ -217,10 +277,13 @@ BOOL map_domain_name_to_sid(DOM_SID *sid, char *nt_domain)
DEBUG(5,("map_domain_name_to_sid: overriding blank name to %s\n", nt_domain));
sid_copy(sid, &global_sam_sid);
return True;
- }
+ }
DEBUG(5,("map_domain_name_to_sid: %s\n", nt_domain));
+ if (!sid_name_map_initialized)
+ init_sid_name_map();
+
while (sid_name_map[i].name != NULL) {
DEBUG(5,("map_domain_name_to_sid: compare: %s\n", sid_name_map[i].name));
if (strequal(sid_name_map[i].name, nt_domain)) {