diff options
Diffstat (limited to 'source3/nsswitch')
| -rw-r--r-- | source3/nsswitch/winbindd.h | 6 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_ads.c | 8 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_proto.h | 5 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 34 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_util.c | 34 |
5 files changed, 57 insertions, 30 deletions
diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index 1256736763..610b4503f7 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -103,6 +103,12 @@ struct winbindd_methods { const char *name, DOM_SID *sid, enum SID_NAME_USE *type); + + NTSTATUS (*sid_to_name)(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + DOM_SID *sid, + char **name, + enum SID_NAME_USE *type); }; /* Structures to hold per domain information */ diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index d54f1d9391..5ff5c90b78 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -271,11 +271,15 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, return NT_STATUS_OK; } -/* the rpc backend methods are exposed via this structure */ +/* the ADS backend methods are exposed via this structure */ struct winbindd_methods ads_methods = { query_dispinfo, enum_dom_groups, - name_to_sid + name_to_sid, + /* I can't see a good way to do a sid to name mapping with ldap, + and MS servers always allow RPC for this (even in native mode) so + just use RPC. Maybe that's why they allow it? */ + winbindd_rpc_sid_to_name }; #endif diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h index 923ee2450e..260985ec58 100644 --- a/source3/nsswitch/winbindd_proto.h +++ b/source3/nsswitch/winbindd_proto.h @@ -109,6 +109,11 @@ enum winbindd_result winbindd_pam_chauthtok(struct winbindd_cli_state *state); /* The following definitions come from nsswitch/winbindd_rpc.c */ +NTSTATUS winbindd_rpc_sid_to_name(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + DOM_SID *sid, + char **name, + enum SID_NAME_USE *type); /* The following definitions come from nsswitch/winbindd_sid.c */ diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index fe2540f33d..bf2cc5d9d3 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -153,11 +153,43 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain, return status; } +/* + convert a domain SID to a user or group name +*/ +NTSTATUS winbindd_rpc_sid_to_name(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + DOM_SID *sid, + char **name, + enum SID_NAME_USE *type) +{ + CLI_POLICY_HND *hnd; + char **names; + uint32 *types; + int num_names; + NTSTATUS status; + + if (!(hnd = cm_get_lsa_handle(domain->name))) + return NT_STATUS_UNSUCCESSFUL; + + status = cli_lsa_lookup_sids(hnd->cli, mem_ctx, &hnd->pol, + 1, sid, &names, &types, + &num_names); + + if (NT_STATUS_IS_OK(status)) { + *type = types[0]; + *name = names[0]; + DEBUG(5,("Mapped sid to %s\n", *name)); + } + + return status; +} + /* the rpc backend methods are exposed via this structure */ struct winbindd_methods msrpc_methods = { query_dispinfo, enum_dom_groups, - name_to_sid + name_to_sid, + winbindd_rpc_sid_to_name }; diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index c18e0deda3..900fc900bf 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -64,7 +64,7 @@ struct winbindd_domain *find_domain_from_name(char *domain_name) return NULL; } -/* Given a domain name, return the struct winbindd domain info for it */ +/* Given a domain sid, return the struct winbindd domain info for it */ struct winbindd_domain *find_domain_from_sid(DOM_SID *sid) { @@ -74,9 +74,8 @@ struct winbindd_domain *find_domain_from_sid(DOM_SID *sid) get_domain_info(); /* Search through list */ - for (tmp = domain_list; tmp != NULL; tmp = tmp->next) { - if (sid_equal(sid, &tmp->sid)) + if (sid_compare_domain(sid, &tmp->sid) == 0) return tmp; } @@ -429,10 +428,7 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, fstring name, enum SID_NAME_USE *type) { - int num_sids = 1, num_names = 0; - uint32 *types = NULL; - char **names; - CLI_POLICY_HND *hnd; + char *names; NTSTATUS result; TALLOC_CTX *mem_ctx; BOOL rv = False; @@ -459,29 +455,15 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, if (!(mem_ctx = talloc_init())) return False; - if (!(hnd = cm_get_lsa_handle(lp_workgroup()))) - goto done; - - result = cli_lsa_lookup_sids(hnd->cli, mem_ctx, &hnd->pol, - num_sids, sid, &names, &types, - &num_names); + result = domain->methods->sid_to_name(domain, mem_ctx, sid, &names, type); /* Return name and type if successful */ if ((rv = NT_STATUS_IS_OK(result))) { - - /* Return name */ - - if ((names != NULL) && (name != NULL)) - fstrcpy(name, names[0]); - - /* Return name type */ - - if ((type != NULL) && (types != NULL)) - *type = types[0]; + fstrcpy(name, names); - store_sid_by_name_in_cache(domain, names[0], sid, types[0]); - store_name_by_sid_in_cache(domain, sid, names[0], types[0]); + store_sid_by_name_in_cache(domain, names, sid, *type); + store_name_by_sid_in_cache(domain, sid, names, *type); } else { /* OK, so we tried to look up a name in this sid, and * didn't find it. Therefore add a negative cache @@ -490,9 +472,7 @@ BOOL winbindd_lookup_name_by_sid(DOM_SID *sid, *type = SID_NAME_UNKNOWN; fstrcpy(name, name_deadbeef); } - - done: talloc_destroy(mem_ctx); return rv; |