summaryrefslogtreecommitdiff
path: root/source3/nsswitch/winbindd_util.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nsswitch/winbindd_util.c')
-rw-r--r--source3/nsswitch/winbindd_util.c16
1 files changed, 15 insertions, 1 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index d934bc2927..efae956884 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -90,6 +90,14 @@ static BOOL is_internal_domain(const DOM_SID *sid)
return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
}
+static BOOL is_in_internal_domain(const DOM_SID *sid)
+{
+ if (sid == NULL)
+ return False;
+
+ return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid));
+}
+
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
@@ -648,12 +656,18 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
- if (IS_DC || is_internal_domain(sid))
+ DEBUG(10, ("find_lookup_domain_from_sid(%s)\n",
+ sid_string_static(sid)));
+
+ if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
+ DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
+ }
/* On a member server a query for SID or name can always go to our
* primary DC. */
+ DEBUG(10, ("calling find_our_domain\n"));
return find_our_domain();
}