summaryrefslogtreecommitdiff
path: root/source3/nsswitch/wb_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nsswitch/wb_client.c')
-rw-r--r--source3/nsswitch/wb_client.c70
1 files changed, 51 insertions, 19 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index 7bfa65176c..04734c7f8e 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -32,21 +32,47 @@ NSS_STATUS winbindd_request(int req_type,
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
form DOMAIN/user into a domain and a user */
+extern fstring global_myworkgroup;
static BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
{
char *p = strchr(domuser,*lp_winbind_separator());
- if (!p)
+ if (!(p || lp_winbind_use_default_domain()))
return False;
-
- fstrcpy(user, p+1);
- fstrcpy(domain, domuser);
- domain[PTR_DIFF(p, domuser)] = 0;
+
+ if(!p && lp_winbind_use_default_domain()) {
+ fstrcpy(user, domuser);
+ fstrcpy(domain, global_myworkgroup);
+ } else {
+ fstrcpy(user, p+1);
+ fstrcpy(domain, domuser);
+ domain[PTR_DIFF(p, domuser)] = 0;
+ }
strupper(domain);
return True;
}
+/*
+ Fill DOMAIN\\USERNAME entry accounting 'winbind use default domain' and
+ 'winbind separator' options.
+ This means:
+ - omit DOMAIN when 'winbind use default domain = true' and DOMAIN is
+ global_myworkgroup
+
+*/
+static void fill_domain_username(fstring name, const char *domain, const char *user)
+{
+ if(lp_winbind_use_default_domain() &&
+ !strcmp(global_myworkgroup, domain)) {
+ strlcpy(name, user, sizeof(fstring));
+ } else {
+ slprintf(name, sizeof(fstring) - 1, "%s%s%s",
+ domain, lp_winbind_separator(),
+ user);
+ }
+}
+
/* Call winbindd to convert a name to a sid */
BOOL winbind_lookup_name(const char *name, DOM_SID *sid,
@@ -60,10 +86,11 @@ BOOL winbind_lookup_name(const char *name, DOM_SID *sid,
return False;
/*
- * Don't do the lookup if the name has no separator.
+ * Don't do the lookup if the name has no separator _and_ we are not in
+ * 'winbind use default domain' mode.
*/
- if (!strchr(name, *lp_winbind_separator()))
+ if (!(strchr(name, *lp_winbind_separator()) || lp_winbind_use_default_domain()))
return False;
/* Send off request */
@@ -291,7 +318,7 @@ int winbind_initgroups(char *user, gid_t gid)
/* Call normal initgroups if we are a local user */
- if (!strchr(user, *lp_winbind_separator())) {
+ if (!(strchr(user, *lp_winbind_separator()) || lp_winbind_use_default_domain())) {
return initgroups(user, gid);
}
@@ -337,11 +364,17 @@ int winbind_initgroups(char *user, gid_t gid)
}
} else {
-
- /* The call failed. Set errno to something so we don't get
- a bogus value from the last failed system call. */
-
- errno = EIO;
+ /* The call failed but if 'winbind use default domain' is 'true', we
+ should call normal initgroups. */
+
+ if (lp_winbind_use_default_domain()) {
+ return initgroups(user, gid);
+ } else {
+ /* The call failed. Set errno to something so we don't get
+ a bogus value from the last failed system call. */
+
+ errno = EIO;
+ }
}
/* Free response data if necessary */
@@ -363,10 +396,11 @@ int winbind_getgroups(const char *user, int size, gid_t *list)
int result, i;
/*
- * Don't do the lookup if the name has no separator.
+ * Don't do the lookup if the name has no separator _and_ we are not in
+ * 'winbind use default domain' mode.
*/
- if (!strchr(user, *lp_winbind_separator()))
+ if (!(strchr(user, *lp_winbind_separator()) || lp_winbind_use_default_domain()))
return -1;
/* Fetch list of groups */
@@ -410,8 +444,7 @@ BOOL winbind_uidtoname(fstring name, uid_t uid)
if (name_type != SID_NAME_USER)
return False;
- slprintf(name, sizeof(fstring)-1, "%s%s%s", dom_name,
- lp_winbind_separator(), user_name);
+ fill_domain_username(name, dom_name, user_name);
return True;
}
@@ -433,8 +466,7 @@ BOOL winbind_gidtoname(fstring name, gid_t gid)
if (name_type != SID_NAME_DOM_GRP)
return False;
- slprintf(name, sizeof(fstring)-1, "%s%s%s", dom_name,
- lp_winbind_separator(), group_name);
+ fill_domain_username(name, dom_name, group_name);
return True;
}
generated by cgit (git 2.34.1) at 2024-07-20 16:17:51 +0000