summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_util.c26
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/param/loadparm.c11
3 files changed, 4 insertions, 35 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 0dab05b97c..1f00e22a3c 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -710,8 +710,6 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
NTSTATUS status;
size_t i;
struct dom_sid tmp_sid;
- const char *name_to_use;
- bool force_nss;
/*
* If winbind is not around, we can not make much use of the SIDs the
@@ -719,22 +717,11 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
* mapped to some local unix user.
*/
- DEBUG(10, ("creating token for %s (SAM: %s)\n", server_info->unix_name,
- server_info->sam_account->username));
-
- force_nss = lp_force_username_map() && !server_info->nss_token;
if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) ||
- server_info->nss_token || force_nss) {
- if (force_nss)
- name_to_use =
- pdb_get_username(server_info->sam_account);
- else
- name_to_use = server_info->unix_name;
-
+ (server_info->nss_token)) {
status = create_token_from_username(server_info,
- name_to_use,
+ server_info->unix_name,
server_info->guest,
- force_nss,
&server_info->utok.uid,
&server_info->utok.gid,
&server_info->unix_name,
@@ -839,7 +826,6 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
bool is_guest,
- bool force_nss,
uid_t *uid, gid_t *gid,
char **found_username,
struct nt_user_token **token)
@@ -855,9 +841,6 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
size_t num_gids;
size_t i;
- DEBUG(10, ("creating token for %s,%s guest,%s forcing NSS lookup\n",
- username, is_guest ? "" : " not", force_nss ? "" : " not"));
-
tmp_ctx = talloc_new(NULL);
if (tmp_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));
@@ -882,7 +865,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
goto done;
}
- if (sid_check_is_in_our_domain(&user_sid) && !force_nss) {
+ if (sid_check_is_in_our_domain(&user_sid)) {
bool ret;
/* This is a passdb user, so ask passdb */
@@ -924,7 +907,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
*found_username = talloc_strdup(mem_ctx,
pdb_get_username(sam_acct));
- } else if (force_nss || sid_check_is_in_unix_users(&user_sid)) {
+ } else if (sid_check_is_in_unix_users(&user_sid)) {
/* This is a unix user not in passdb. We need to ask nss
* directly, without consulting passdb */
@@ -1080,7 +1063,6 @@ bool user_in_group_sid(const char *username, const DOM_SID *group_sid)
}
status = create_token_from_username(mem_ctx, username, False,
- lp_force_username_map(),
&uid, &gid, &found_username,
&token);
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 587bb29042..9dc9719e48 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -110,7 +110,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
NTSTATUS create_local_token(auth_serversupplied_info *server_info);
NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
bool is_guest,
- bool force_nss,
uid_t *uid, gid_t *gid,
char **found_username,
struct nt_user_token **token);
@@ -3971,7 +3970,6 @@ const char *lp_afs_username_map(void);
int lp_afs_token_lifetime(void);
char *lp_log_nt_token_command(void);
char *lp_username_map(void);
-bool lp_force_username_map(void);
const char *lp_logon_script(void);
const char *lp_logon_path(void);
const char *lp_logon_drive(void);
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 3d29f3afd9..e50ab929ad 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -144,7 +144,6 @@ struct global {
int iAfsTokenLifetime;
char *szLogNtTokenCommand;
char *szUsernameMap;
- bool bForceUsernameMap;
char *szLogonScript;
char *szLogonPath;
char *szLogonDrive;
@@ -1283,15 +1282,6 @@ static struct parm_struct parm_table[] = {
.flags = FLAG_ADVANCED,
},
{
- .label = "force username map",
- .type = P_BOOL,
- .p_class = P_GLOBAL,
- .ptr = &Globals.bForceUsernameMap,
- .special = NULL,
- .enum_list = NULL,
- .flags = FLAG_ADVANCED,
- },
- {
.label = "password level",
.type = P_INTEGER,
.p_class = P_GLOBAL,
@@ -5246,7 +5236,6 @@ FN_GLOBAL_CONST_STRING(lp_afs_username_map, &Globals.szAfsUsernameMap)
FN_GLOBAL_INTEGER(lp_afs_token_lifetime, &Globals.iAfsTokenLifetime)
FN_GLOBAL_STRING(lp_log_nt_token_command, &Globals.szLogNtTokenCommand)
FN_GLOBAL_STRING(lp_username_map, &Globals.szUsernameMap)
-FN_GLOBAL_BOOL(lp_force_username_map, &Globals.bForceUsernameMap)
FN_GLOBAL_CONST_STRING(lp_logon_script, &Globals.szLogonScript)
FN_GLOBAL_CONST_STRING(lp_logon_path, &Globals.szLogonPath)
FN_GLOBAL_CONST_STRING(lp_logon_drive, &Globals.szLogonDrive)