summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_user.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nsswitch/winbindd_user.c')
-rw-r--r--source3/nsswitch/winbindd_user.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index ccfddc83ba..518f335f27 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -115,6 +115,17 @@ enum winbindd_result winbindd_getpwnam(struct winbindd_cli_state *state)
name_user))
return WINBINDD_ERROR;
+ /* don't handle our own domain if we are a DC. This code handles cases where
+ the account doesn't exist anywhere and gets passed on down the NSS layer */
+
+ if ( ((lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role()==ROLE_DOMAIN_BDC)) &&
+ strequal(name_domain, lp_workgroup()) )
+ {
+ DEBUG(7,("winbindd_getpwnam: rejecting getpwnam() for %s\\%s since I am on the PDC for this domain\n",
+ name_domain, name_user));
+ return WINBINDD_ERROR;
+ }
+
if ((domain = find_domain_from_name(name_domain)) == NULL) {
DEBUG(5, ("no such domain: %s\n", name_domain));
return WINBINDD_ERROR;
generated by cgit (git 2.34.1) at 2025-02-03 12:01:21 +0000