2 files changed, 11 insertions, 41 deletions

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 972a3bf3b9..bc27f3db20 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -313,7 +313,7 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx,
 	status = sid_array_from_info3(mem_ctx, info3, 
 				      &token->user_sids, 
 				      &token->num_sids,
-				      True);
+				      true, false);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 641fd5a9f5..ec97b49428 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1274,14 +1274,11 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 {
 	struct netr_SamInfo3 *info3 = NULL;
 	NTSTATUS status = NT_STATUS_NO_MEMORY;
-	int i;
 	size_t num_groups = 0;
-	DOM_SID group_sid, primary_group;
-	
+
 	DEBUG(3,(": lookup_usergroups_cached\n"));
-	
+
 	*user_sids = NULL;
-	num_groups = 0;
 	*p_num_groups = 0;
 
 	info3 = netsamlogon_cache_get(mem_ctx, user_sid);
@@ -1294,46 +1291,19 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 		TALLOC_FREE(info3);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
-	
-	/* always add the primary group to the sid array */
-	sid_compose(&primary_group, info3->base.domain_sid, info3->base.rid);
-	
-	status = add_sid_to_array(mem_ctx, &primary_group, user_sids,
-				  &num_groups);
+
+	/* Skip Domain local groups outside our domain.
+	   We'll get these from the getsidaliases() RPC call. */
+	status = sid_array_from_info3(mem_ctx, info3,
+				      user_sids,
+				      &num_groups,
+				      true, true);
+
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(info3);
 		return status;
 	}
 
-	for (i=0; i < info3->base.groups.count; i++) {
-		sid_copy(&group_sid, info3->base.domain_sid);
-		sid_append_rid(&group_sid, info3->base.groups.rids[i].rid);
-
-		status = add_sid_to_array(mem_ctx, &group_sid, user_sids,
-					  &num_groups);
-		if (!NT_STATUS_IS_OK(status)) {
-			TALLOC_FREE(info3);
-			return status;
-		}
-	}
-
-	/* Add any Universal groups in the other_sids list */
-
-	for (i=0; i < info3->sidcount; i++) {
-		/* Skip Domain local groups outside our domain.
-		   We'll get these from the getsidaliases() RPC call. */
-		if (info3->sids[i].attributes & SE_GROUP_RESOURCE)
-			continue;
-
-		status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
-					  user_sids, &num_groups);
-		if (!NT_STATUS_IS_OK(status)) {
-			TALLOC_FREE(info3);
-			return status;
-		}
-	}
-	
-
 	TALLOC_FREE(info3);
 	*p_num_groups = num_groups;
 	status = (user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;