diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth_util.c | 26 | ||||
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/param/loadparm.c | 11 |
3 files changed, 4 insertions, 35 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 0dab05b97c..1f00e22a3c 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -710,8 +710,6 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) NTSTATUS status; size_t i; struct dom_sid tmp_sid; - const char *name_to_use; - bool force_nss; /* * If winbind is not around, we can not make much use of the SIDs the @@ -719,22 +717,11 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) * mapped to some local unix user. */ - DEBUG(10, ("creating token for %s (SAM: %s)\n", server_info->unix_name, - server_info->sam_account->username)); - - force_nss = lp_force_username_map() && !server_info->nss_token; if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) || - server_info->nss_token || force_nss) { - if (force_nss) - name_to_use = - pdb_get_username(server_info->sam_account); - else - name_to_use = server_info->unix_name; - + (server_info->nss_token)) { status = create_token_from_username(server_info, - name_to_use, + server_info->unix_name, server_info->guest, - force_nss, &server_info->utok.uid, &server_info->utok.gid, &server_info->unix_name, @@ -839,7 +826,6 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, bool is_guest, - bool force_nss, uid_t *uid, gid_t *gid, char **found_username, struct nt_user_token **token) @@ -855,9 +841,6 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, size_t num_gids; size_t i; - DEBUG(10, ("creating token for %s,%s guest,%s forcing NSS lookup\n", - username, is_guest ? "" : " not", force_nss ? "" : " not")); - tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { DEBUG(0, ("talloc_new failed\n")); @@ -882,7 +865,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, goto done; } - if (sid_check_is_in_our_domain(&user_sid) && !force_nss) { + if (sid_check_is_in_our_domain(&user_sid)) { bool ret; /* This is a passdb user, so ask passdb */ @@ -924,7 +907,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, *found_username = talloc_strdup(mem_ctx, pdb_get_username(sam_acct)); - } else if (force_nss || sid_check_is_in_unix_users(&user_sid)) { + } else if (sid_check_is_in_unix_users(&user_sid)) { /* This is a unix user not in passdb. We need to ask nss * directly, without consulting passdb */ @@ -1080,7 +1063,6 @@ bool user_in_group_sid(const char *username, const DOM_SID *group_sid) } status = create_token_from_username(mem_ctx, username, False, - lp_force_username_map(), &uid, &gid, &found_username, &token); diff --git a/source3/include/proto.h b/source3/include/proto.h index 587bb29042..9dc9719e48 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -110,7 +110,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, NTSTATUS create_local_token(auth_serversupplied_info *server_info); NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, bool is_guest, - bool force_nss, uid_t *uid, gid_t *gid, char **found_username, struct nt_user_token **token); @@ -3971,7 +3970,6 @@ const char *lp_afs_username_map(void); int lp_afs_token_lifetime(void); char *lp_log_nt_token_command(void); char *lp_username_map(void); -bool lp_force_username_map(void); const char *lp_logon_script(void); const char *lp_logon_path(void); const char *lp_logon_drive(void); diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 3d29f3afd9..e50ab929ad 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -144,7 +144,6 @@ struct global { int iAfsTokenLifetime; char *szLogNtTokenCommand; char *szUsernameMap; - bool bForceUsernameMap; char *szLogonScript; char *szLogonPath; char *szLogonDrive; @@ -1283,15 +1282,6 @@ static struct parm_struct parm_table[] = { .flags = FLAG_ADVANCED, }, { - .label = "force username map", - .type = P_BOOL, - .p_class = P_GLOBAL, - .ptr = &Globals.bForceUsernameMap, - .special = NULL, - .enum_list = NULL, - .flags = FLAG_ADVANCED, - }, - { .label = "password level", .type = P_INTEGER, .p_class = P_GLOBAL, @@ -5246,7 +5236,6 @@ FN_GLOBAL_CONST_STRING(lp_afs_username_map, &Globals.szAfsUsernameMap) FN_GLOBAL_INTEGER(lp_afs_token_lifetime, &Globals.iAfsTokenLifetime) FN_GLOBAL_STRING(lp_log_nt_token_command, &Globals.szLogNtTokenCommand) FN_GLOBAL_STRING(lp_username_map, &Globals.szUsernameMap) -FN_GLOBAL_BOOL(lp_force_username_map, &Globals.bForceUsernameMap) FN_GLOBAL_CONST_STRING(lp_logon_script, &Globals.szLogonScript) FN_GLOBAL_CONST_STRING(lp_logon_path, &Globals.szLogonPath) FN_GLOBAL_CONST_STRING(lp_logon_drive, &Globals.szLogonDrive) |