From e0066d2dd4d9a657d1fbcb474e66a304a64e2a31 Mon Sep 17 00:00:00 2001
From: Jean-François Micouleau <jfm@samba.org>
Date: Thu, 6 Dec 2001 13:09:15 +0000
Subject: again an intrusive patch:

- removed the ugly as hell sam_logon_in_ssb variable, I changed a bit the
definition of standard_sub_basic() to cope with that.

- removed the smb.conf: 'domain admin group' and 'domain guest group'
parameters ! We're not playing anymore with the user's group RIDs !

- in get_domain_user_groups(), if the user's gid is a group, put it first
in the group RID list.

I just have to write an HOWTO now ;-)

        J.F.
(This used to be commit fef52c4b96c987115fb1818c00c2352c67790e50)
---
 source3/auth/auth_domain.c         |   3 +-
 source3/auth/auth_server.c         |   3 +-
 source3/lib/substitute.c           |  20 ++--
 source3/param/loadparm.c           |  24 ++---
 source3/passdb/nispass.c           |  11 +-
 source3/passdb/passdb.c            |  16 +--
 source3/passdb/pdb_nisplus.c       |   6 --
 source3/passdb/pdb_smbpasswd.c     |  20 +---
 source3/passdb/pdb_tdb.c           |   2 -
 source3/rpc_parse/parse_net.c      |  46 ++++----
 source3/rpc_server/srv_netlog_nt.c |  22 +---
 source3/rpc_server/srv_samr_nt.c   |   7 +-
 source3/rpc_server/srv_util.c      | 208 +++++++++++--------------------------
 source3/smbd/message.c             |   4 +-
 14 files changed, 122 insertions(+), 270 deletions(-)

diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 125b3aa029..6b048e5021 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -25,6 +25,7 @@
 BOOL global_machine_password_needs_changing = False;
 
 extern pstring global_myname;
+extern userdom_struct current_user_info;
 
 /***********************************************************************
  Connect to a remote machine for domain security authentication
@@ -62,7 +63,7 @@ static BOOL connect_to_domain_password_server(struct cli_state *pcli,
 		fstrcpy(remote_machine, server);
 	}
 
-	standard_sub_basic(remote_machine);
+	standard_sub_basic(current_user_info.smb_name, remote_machine);
 	strupper(remote_machine);
 
 	if(!resolve_name( remote_machine, &dest_ip, 0x20)) {
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 4608c639eb..8d9b9f9819 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -23,6 +23,7 @@
 #include "includes.h"
 
 extern pstring global_myname;
+extern userdom_struct current_user_info;
 
 /****************************************************************************
  Support for server level security.
@@ -46,7 +47,7 @@ static struct cli_state *server_cryptkey(void)
 	p = pserver;
 
         while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) {
-		standard_sub_basic(desthost);
+		standard_sub_basic(current_user_info.smb_name, desthost);
 		strupper(desthost);
 
 		if(!resolve_name( desthost, &dest_ip, 0x20)) {
diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c
index 033be16062..2669929920 100644
--- a/source3/lib/substitute.c
+++ b/source3/lib/substitute.c
@@ -25,8 +25,6 @@
 fstring local_machine="";
 fstring remote_arch="UNKNOWN";
 userdom_struct current_user_info;
-pstring samlogon_user="";
-BOOL sam_logon_in_ssb = False;
 fstring remote_proto="UNKNOWN";
 fstring remote_machine="";
 extern pstring global_myname;
@@ -168,7 +166,7 @@ static char *automount_server(char *user_name)
 /****************************************************************************
  Do some standard substitutions in a string.
 ****************************************************************************/
-void standard_sub_basic(char *str)
+void standard_sub_basic(char *smb_name, char *str)
 {
 	char *p, *s;
 	fstring pidstr;
@@ -181,12 +179,12 @@ void standard_sub_basic(char *str)
 		
 		switch (*(p+1)) {
 		case 'U' : 
-			fstrcpy(tmp_str, sam_logon_in_ssb?samlogon_user:current_user_info.smb_name);
+			fstrcpy(tmp_str, smb_name);
 			strlower(tmp_str);
 			string_sub(p,"%U",tmp_str,l);
 			break;
 		case 'G' :
-			fstrcpy(tmp_str, sam_logon_in_ssb?samlogon_user:current_user_info.smb_name);
+			fstrcpy(tmp_str, smb_name);
 			if ((pass = Get_Pwnam(tmp_str))!=NULL) {
 				string_sub(p,"%G",gidtoname(pass->pw_gid),l);
 			} else {
@@ -232,7 +230,7 @@ void standard_sub_basic(char *str)
 /****************************************************************************
  Do some standard substitutions in a string.
 ****************************************************************************/
-void standard_sub_advanced(int snum, char *user, char *connectpath, gid_t gid, char *str)
+void standard_sub_advanced(int snum, char *user, char *connectpath, gid_t gid, char *smb_name, char *str)
 {
 	char *p, *s, *home;
 
@@ -282,7 +280,7 @@ void standard_sub_advanced(int snum, char *user, char *connectpath, gid_t gid, c
 		}
 	}
 
-	standard_sub_basic(str);
+	standard_sub_basic(smb_name, str);
 }
 
 /****************************************************************************
@@ -290,7 +288,7 @@ void standard_sub_advanced(int snum, char *user, char *connectpath, gid_t gid, c
 ****************************************************************************/
 void standard_sub_conn(connection_struct *conn, char *str)
 {
-	standard_sub_advanced(SNUM(conn), conn->user, conn->connectpath, conn->gid, str);
+	standard_sub_advanced(SNUM(conn), conn->user, conn->connectpath, conn->gid, current_user_info.smb_name, str);
 }
 
 /****************************************************************************
@@ -309,7 +307,7 @@ void standard_sub_snum(int snum, char *str)
 		cached_uid = current_user.uid;
 	}
 
-	standard_sub_advanced(snum, cached_user, "", -1, str);
+	standard_sub_advanced(snum, cached_user, "", -1, current_user_info.smb_name, str);
 }
 
 /*******************************************************************
@@ -317,7 +315,7 @@ void standard_sub_snum(int snum, char *str)
 ********************************************************************/
 void standard_sub_vuser(char *str, user_struct *vuser)
 {
-	standard_sub_advanced(-1, vuser->user.unix_name, "", -1, str);
+	standard_sub_advanced(-1, vuser->user.unix_name, "", -1, current_user_info.smb_name, str);
 }
 
 /*******************************************************************
@@ -325,5 +323,5 @@ void standard_sub_vuser(char *str, user_struct *vuser)
 ********************************************************************/
 void standard_sub_vsnum(char *str, user_struct *vuser, int snum)
 {
-	standard_sub_advanced(snum, vuser->user.unix_name, "", -1, str);
+	standard_sub_advanced(snum, vuser->user.unix_name, "", -1, current_user_info.smb_name, str);
 }
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index dd7cb49ac9..038ccea782 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -54,6 +54,7 @@
 BOOL in_client = False;		/* Not in the client by default */
 BOOL bLoaded = False;
 
+extern userdom_struct current_user_info;
 extern int DEBUGLEVEL_CLASS[DBGC_LAST];
 extern pstring user_socket_options;
 extern pstring global_myname;
@@ -115,8 +116,6 @@ typedef struct
 	char *szWorkGroup;
 	char *szRealm;
 	char *szADSserver;
-	char **szDomainAdminGroup;
-	char **szDomainGuestGroup;
 	char *szUsernameMap;
 	char *szLogonScript;
 	char *szLogonPath;
@@ -881,13 +880,10 @@ static struct parm_struct parm_table[] = {
 
 	{"Domain Options", P_SEP, P_SEPARATOR},
 	
-	{"domain admin group", P_LIST, P_GLOBAL, &Globals.szDomainAdminGroup, NULL, NULL, 0},
-	{"domain guest group", P_LIST, P_GLOBAL, &Globals.szDomainGuestGroup, NULL, NULL, 0},
-	
 	{"machine password timeout", P_INTEGER, P_GLOBAL, &Globals.machine_password_timeout, NULL, NULL, 0},
 
 	{"Logon Options", P_SEP, P_SEPARATOR},
-	
+
 	{"add user script", P_STRING, P_GLOBAL, &Globals.szAddUserScript, NULL, NULL, 0},
 	{"delete user script", P_STRING, P_GLOBAL, &Globals.szDelUserScript, NULL, NULL, 0},
 	{"add group script", P_STRING, P_GLOBAL, &Globals.szAddGroupScript, NULL, NULL, 0},
@@ -1391,7 +1387,7 @@ static char *lp_string(const char *s)
 
 	trim_string(ret, "\"", "\"");
 
-	standard_sub_basic(ret);
+	standard_sub_basic(current_user_info.smb_name,ret);
 	return (ret);
 }
 
@@ -1486,8 +1482,6 @@ FN_GLOBAL_STRING(lp_shutdown_script, &Globals.szShutdownScript)
 FN_GLOBAL_STRING(lp_abort_shutdown_script, &Globals.szAbortShutdownScript)
 
 FN_GLOBAL_STRING(lp_wins_hook, &Globals.szWINSHook)
-FN_GLOBAL_LIST(lp_domain_admin_group, &Globals.szDomainAdminGroup)
-FN_GLOBAL_LIST(lp_domain_guest_group, &Globals.szDomainGuestGroup)
 FN_GLOBAL_STRING(lp_template_homedir, &Globals.szTemplateHomedir)
 FN_GLOBAL_STRING(lp_template_shell, &Globals.szTemplateShell)
 FN_GLOBAL_STRING(lp_winbind_separator, &Globals.szWinbindSeparator)
@@ -2189,7 +2183,7 @@ BOOL lp_file_list_changed(void)
 		time_t mod_time;
 
 		pstrcpy(n2, f->name);
-		standard_sub_basic(n2);
+		standard_sub_basic(current_user_info.smb_name, n2);
 
 		DEBUGADD(6, ("file %s -> %s  last mod_time: %s\n",
 			     f->name, n2, ctime(&f->modtime)));
@@ -2223,7 +2217,7 @@ static BOOL handle_netbios_name(char *pszParmValue, char **ptr)
 
 	pstrcpy(netbios_name, pszParmValue);
 
-	standard_sub_basic(netbios_name);
+	standard_sub_basic(current_user_info.smb_name, netbios_name);
 	strupper(netbios_name);
 
 	pstrcpy(global_myname, netbios_name);
@@ -2305,7 +2299,7 @@ static BOOL handle_source_env(char *pszParmValue, char **ptr)
 
 	pstrcpy(fname, pszParmValue);
 
-	standard_sub_basic(fname);
+	standard_sub_basic(current_user_info.smb_name, fname);
 
 	string_set(ptr, pszParmValue);
 
@@ -2363,7 +2357,7 @@ static BOOL handle_include(char *pszParmValue, char **ptr)
 	pstring fname;
 	pstrcpy(fname, pszParmValue);
 
-	standard_sub_basic(fname);
+	standard_sub_basic(current_user_info.smb_name, fname);
 
 	add_to_file_list(pszParmValue, fname);
 
@@ -3294,7 +3288,7 @@ BOOL lp_load(char *pszFname, BOOL global_only, BOOL save_defaults,
 	BOOL bRetval;
 
 	pstrcpy(n2, pszFname);
-	standard_sub_basic(n2);
+	standard_sub_basic(current_user_info.smb_name, n2);
 
 	add_to_file_list(pszFname, n2);
 
@@ -3416,7 +3410,7 @@ int lp_servicenumber(const char *pszServiceName)
 			 * service names
 			 */
 			fstrcpy(serviceName, ServicePtrs[iService]->szService);
-			standard_sub_basic(serviceName);
+			standard_sub_basic(current_user_info.smb_name, serviceName);
 			if (strequal(serviceName, pszServiceName))
 				break;
 		}
diff --git a/source3/passdb/nispass.c b/source3/passdb/nispass.c
index 3b7b90307d..2b1f6b5492 100644
--- a/source3/passdb/nispass.c
+++ b/source3/passdb/nispass.c
@@ -46,8 +46,6 @@
 #include <rpcsvc/nis.h>
 
 extern int      DEBUGLEVEL;
-extern pstring samlogon_user;
-extern BOOL sam_logon_in_ssb;
 
 static VOLATILE sig_atomic_t gotalarm;
 
@@ -295,12 +293,7 @@ static BOOL make_sam_from_nisp_object(struct sam_passwd *pw_buf, nis_object *obj
 	  strtol(temp, NULL, 16) : pdb_uid_to_user_rid (pw_buf->smb_userid);
 
 	if (pw_buf->smb_name[strlen(pw_buf->smb_name)-1] != '$') {
-	  
-	  /* XXXX hack to get standard_sub_basic() to use sam logon username */
-	  /* possibly a better way would be to do a change_to_user() call */
-	  pstrcpy(samlogon_user, pw_buf->smb_name);
-	  sam_logon_in_ssb = True;
-	  
+	  	  
 	  get_single_attribute(obj, NPF_GROUP_RID, temp, sizeof(pstring));
 	  
 	  if (strlen(temp) > 0)
@@ -332,8 +325,6 @@ static BOOL make_sam_from_nisp_object(struct sam_passwd *pw_buf, nis_object *obj
 #endif
 	  get_single_attribute(obj, NPF_ACCT_DESC, acct_desc, sizeof(pstring));
 	  get_single_attribute(obj, NPF_WORKSTATIONS, workstations, sizeof(pstring));
-	  
-	  sam_logon_in_ssb = False;
 
 	} else {
 	  
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index f54121cf63..fa4946b093 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -121,8 +121,6 @@ BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, const struct passwd *pwd)
 	pstring str;
 	GROUP_MAP map;
 	uint32 rid;
-	extern BOOL sam_logon_in_ssb;
-	extern pstring samlogon_user;
 
 	if (!pwd) {
 		new_sam_acct = NULL;
@@ -149,28 +147,22 @@ BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, const struct passwd *pwd)
 		rid=pdb_gid_to_group_rid(pwd->pw_gid);
 	pdb_set_group_rid(*new_sam_acct, rid);
 
-	/* UGLY, UGLY HACK!!! */
-	pstrcpy(samlogon_user, pwd->pw_name);
-	
-	sam_logon_in_ssb = True;
-	
 	pstrcpy(str, lp_logon_path());
-	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, str);
+	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, pwd->pw_name, str);
 	pdb_set_profile_path(*new_sam_acct, str);
 	
 	pstrcpy(str, lp_logon_home());
-	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, str);
+	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, pwd->pw_name, str);
 	pdb_set_homedir(*new_sam_acct, str);
 	
 	pstrcpy(str, lp_logon_drive());
-	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, str);
+	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, pwd->pw_name, str);
 	pdb_set_dir_drive(*new_sam_acct, str);
 
 	pstrcpy(str, lp_logon_script());
-	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, str);
+	standard_sub_advanced(-1, pwd->pw_name, "", pwd->pw_gid, pwd->pw_name, str);
 	pdb_set_logon_script(*new_sam_acct, str);
 	
-	sam_logon_in_ssb = False;
 	return True;
 }
 
diff --git a/source3/passdb/pdb_nisplus.c b/source3/passdb/pdb_nisplus.c
index 9fc4a0a65a..2820fa1414 100644
--- a/source3/passdb/pdb_nisplus.c
+++ b/source3/passdb/pdb_nisplus.c
@@ -47,8 +47,6 @@
 #include <rpcsvc/nis.h>
 
 extern int      DEBUGLEVEL;
-extern pstring	samlogon_user;
-extern BOOL	sam_logon_in_ssb;
 
 struct nisp_enum_info
 {
@@ -322,10 +320,6 @@ static BOOL make_sam_from_nisp_object(SAM_ACCOUNT *pw_buf, const nis_object *obj
 
   /* values, must exist for user */
   if( !(pdb_get_acct_ctrl(pw_buf) & ACB_WSTRUST) ) {
-    /* FIXME!!  This doesn't belong here. 
-       Should be set in net_sam_logon() 
-       --jerry */
-    pstrcpy(samlogon_user, pdb_get_username(pw_buf));
     
     get_single_attribute(obj, NPF_HOME_DIR, home_dir, sizeof(pstring));
     if( !(home_dir && *home_dir) )
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index e5b1ec97f7..9cfad2540c 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -44,8 +44,6 @@ struct smb_passwd
 };
 
 
-extern pstring samlogon_user;
-extern BOOL sam_logon_in_ssb;
 extern struct passdb_ops pdb_ops;
 
 /* used for maintain locks on the smbpasswd file */
@@ -1210,12 +1208,6 @@ static BOOL build_sam_account(SAM_ACCOUNT *sam_pass, const struct smb_passwd *pw
 
 	pdb_set_uid (sam_pass, &pwfile->pw_uid);
 	pdb_set_gid (sam_pass, &pwfile->pw_gid);
-
-	/* FIXME!!  This doesn't belong here.  Should be set in net_sam_logon() 
-	   --jerry */
-
-	pstrcpy(samlogon_user, pw_buf->smb_name);
-	sam_logon_in_ssb = True;
 		
 	pdb_set_fullname(sam_pass, pwfile->pw_gecos);		
 	
@@ -1251,32 +1243,30 @@ static BOOL build_sam_account(SAM_ACCOUNT *sam_pass, const struct smb_passwd *pw
 	pdb_set_pass_must_change_time (sam_pass, pw_buf->pass_last_set_time + MAX_PASSWORD_AGE);
 
 	/* check if this is a user account or a machine account */
-	if (samlogon_user[strlen(samlogon_user)-1] != '$')
+	if (pw_buf->smb_name[strlen(pw_buf->smb_name)-1] != '$')
 	{
 		pstring 	str;
 		
 		pstrcpy(str, lp_logon_path());
-		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, str);
+		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, pw_buf->smb_name, str);
 		pdb_set_profile_path(sam_pass, str);
 		
 		pstrcpy(str, lp_logon_home());
-		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, str);
+		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, pw_buf->smb_name, str);
 		pdb_set_homedir(sam_pass, str);
 		
 		pstrcpy(str, lp_logon_drive());
-		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, str);
+		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, pw_buf->smb_name, str);
 		pdb_set_dir_drive(sam_pass, str);
 		
 		pstrcpy(str, lp_logon_script());
-		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, str);
+		standard_sub_advanced(-1, pwfile->pw_name, "", pwfile->pw_gid, pw_buf->smb_name, str);
 		pdb_set_logon_script(sam_pass, str);
 		
 	} else {
 		/* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
 		/*pdb_set_group_rid (sam_pass, DOMAIN_GROUP_RID_USERS); */
 	}
-
-	sam_logon_in_ssb = False;
 	
 	return True;
 }
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 332118425b..1f1d1ab455 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -31,8 +31,6 @@
 #define RIDPREFIX		"RID_"
 
 extern int 		DEBUGLEVEL;
-extern pstring 		samlogon_user;
-extern BOOL 		sam_logon_in_ssb;
 
 struct tdb_enum_info {
 	TDB_CONTEXT 	*passwd_tdb;
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 5c8da80c01..926c73f016 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1264,7 +1264,7 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr, SAM_ACCOUNT *sam
 
 	usr->user_rid = pdb_get_user_rid(sampw);
 	usr->group_rid = pdb_get_group_rid(sampw);
-	usr->num_groups = num_groups+1;
+	usr->num_groups = num_groups;
 
 	usr->buffer_groups = 1; /* indicates fill in groups, below, even if there are none */
 	usr->user_flgs = user_flgs;
@@ -1293,20 +1293,14 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr, SAM_ACCOUNT *sam
 	init_unistr2(&usr->uni_home_dir, home_dir, len_home_dir);
 	init_unistr2(&usr->uni_dir_drive, dir_drive, len_dir_drive);
 
-	/* always have at least one group == the user's primary group */
-	usr->num_groups2 = num_groups+1;
+	usr->num_groups2 = num_groups;
 
-	usr->gids = (DOM_GID *)talloc_zero(ctx,sizeof(DOM_GID) * (num_groups+1));
+	usr->gids = (DOM_GID *)talloc_zero(ctx,sizeof(DOM_GID) * (num_groups));
 	if (usr->gids == NULL)
 		return;
 
-	/* primary group **MUST** go first.  NT4's winmsd.exe will give
-	   "The Network statistics are currently not available.  9-5"
-	   What the heck is this?     -- jerry  */
-	usr->gids[0].g_rid = usr->group_rid;
-	usr->gids[0].attr  = 0x07;
 	for (i = 0; i < num_groups; i++) 
-		usr->gids[i+1] = gids[i];	
+		usr->gids[i] = gids[i];	
 		
 	init_unistr2(&usr->uni_logon_srv, logon_srv, len_logon_srv);
 	init_unistr2(&usr->uni_logon_dom, logon_dom, len_logon_dom);
@@ -1358,17 +1352,17 @@ static BOOL net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 	if(!smb_io_time("must change time", &usr->pass_must_change_time, ps, depth)) /* password must change time */
 		return False;
 
-	if(!smb_io_unihdr("unihdr", &usr->hdr_user_name, ps, depth)) /* username unicode string header */
+	if(!smb_io_unihdr("hdr_user_name", &usr->hdr_user_name, ps, depth)) /* username unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_full_name, ps, depth)) /* user's full name unicode string header */
+	if(!smb_io_unihdr("hdr_full_name", &usr->hdr_full_name, ps, depth)) /* user's full name unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_logon_script, ps, depth)) /* logon script unicode string header */
+	if(!smb_io_unihdr("hdr_logon_script", &usr->hdr_logon_script, ps, depth)) /* logon script unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_profile_path, ps, depth)) /* profile path unicode string header */
+	if(!smb_io_unihdr("hdr_profile_path", &usr->hdr_profile_path, ps, depth)) /* profile path unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_home_dir, ps, depth)) /* home directory unicode string header */
+	if(!smb_io_unihdr("hdr_home_dir", &usr->hdr_home_dir, ps, depth)) /* home directory unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_dir_drive, ps, depth)) /* home directory drive unicode string header */
+	if(!smb_io_unihdr("hdr_dir_drive", &usr->hdr_dir_drive, ps, depth)) /* home directory drive unicode string header */
 		return False;
 
 	if(!prs_uint16("logon_count   ", ps, depth, &usr->logon_count))  /* logon count */
@@ -1390,9 +1384,9 @@ static BOOL net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 	if(!prs_uint8s(False, "user_sess_key", ps, depth, usr->user_sess_key, 16)) /* unused user session key */
 		return False;
 
-	if(!smb_io_unihdr("unihdr", &usr->hdr_logon_srv, ps, depth)) /* logon server unicode string header */
+	if(!smb_io_unihdr("hdr_logon_srv", &usr->hdr_logon_srv, ps, depth)) /* logon server unicode string header */
 		return False;
-	if(!smb_io_unihdr("unihdr", &usr->hdr_logon_dom, ps, depth)) /* logon domain unicode string header */
+	if(!smb_io_unihdr("hdr_logon_dom", &usr->hdr_logon_dom, ps, depth)) /* logon domain unicode string header */
 		return False;
 
 	if(!prs_uint32("buffer_dom_id ", ps, depth, &usr->buffer_dom_id)) /* undocumented logon domain id pointer */
@@ -1412,17 +1406,17 @@ static BOOL net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 		}
 	}
 		
-	if(!smb_io_unistr2("unistr2", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */
+	if(!smb_io_unistr2("uni_user_name", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */
+	if(!smb_io_unistr2("uni_full_name", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */
+	if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */
+	if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */
+	if(!smb_io_unistr2("uni_home_dir", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */
+	if(!smb_io_unistr2("uni_dir_drive", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */
 		return False;
 
 	if(!prs_align(ps))
@@ -1441,9 +1435,9 @@ static BOOL net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
 			return False;
 	}
 
-	if(!smb_io_unistr2("unistr2", &usr->uni_logon_srv, usr->hdr_logon_srv.buffer, ps, depth)) /* logon server unicode string */
+	if(!smb_io_unistr2("uni_logon_srv", &usr->uni_logon_srv, usr->hdr_logon_srv.buffer, ps, depth)) /* logon server unicode string */
 		return False;
-	if(!smb_io_unistr2("unistr2", &usr->uni_logon_dom, usr->hdr_logon_srv.buffer, ps, depth)) /* logon domain unicode string */
+	if(!smb_io_unistr2("uni_logon_dom", &usr->uni_logon_dom, usr->hdr_logon_srv.buffer, ps, depth)) /* logon domain unicode string */
 		return False;
 
 	if(!smb_io_dom_sid2("", &usr->dom_sid, ps, depth))           /* domain SID */
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 5f85d4db9c..d15175d4ae 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -27,8 +27,6 @@
 
 #include "includes.h"
 
-extern BOOL sam_logon_in_ssb;
-extern pstring samlogon_user;
 extern pstring global_myname;
 extern DOM_SID global_sam_sid;
 
@@ -642,16 +640,10 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 		int num_gids = 0;
 		pstring my_name;
 		pstring my_workgroup;
-		pstring domain_groups;
 	
 		/* set up pointer indicating user/password failed to be found */
 		usr_info->ptr_user_info = 0;
         
-		/* XXXX hack to get standard_sub_basic() to use sam logon username */
-		/* possibly a better way would be to do a change_to_user() call */
-		sam_logon_in_ssb = True;
-		pstrcpy(samlogon_user, nt_username);
-
 		pstrcpy(my_workgroup, lp_workgroup());
 		pstrcpy(my_name, global_myname);
 		strupper(my_name);
@@ -664,17 +656,8 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
 		 * JRA.
 		 */
 
-		*domain_groups = 0;
-  
-		get_domain_user_groups(domain_groups, nt_username);
-        
-		/*
-		 * make_dom_gids allocates the gids array. JRA.
-		 */
-		gids = NULL;
-		num_gids = make_dom_gids(p->mem_ctx, domain_groups, &gids);
-        
-		sam_logon_in_ssb = False;
+  		gids = NULL;
+		get_domain_user_groups(p->mem_ctx, &num_gids, &gids, server_info->sam_account);
         
 		init_net_user_info3(p->mem_ctx, usr_info, server_info->sam_account,
                             0, /* logon_count */
@@ -687,6 +670,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
                             my_workgroup, /* char *logon_dom */
                             &global_sam_sid,     /* DOM_SID *dom_sid */
                             NULL); /* char *other_sids */
+
 	}
 	free_server_info(&server_info);
 	return status;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 5e19fd1e7c..853a130859 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1854,11 +1854,13 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
 
 	if (ret == False) {
 		samr_clear_sam_passwd(sam_pass);
+		pdb_free_sam(&sam_pass);
 		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	if(!new_get_domain_user_groups(p->mem_ctx, &num_groups, &gids, sam_pass)) {
+	if(!get_domain_user_groups(p->mem_ctx, &num_groups, &gids, sam_pass)) {
 		samr_clear_sam_passwd(sam_pass);
+		pdb_free_sam(&sam_pass);
 		return NT_STATUS_NO_SUCH_GROUP;
 	}
 
@@ -1868,6 +1870,7 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
 	DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
 	
 	samr_clear_sam_passwd(sam_pass);
+	pdb_free_sam(&sam_pass);
 
 	return r_u->status;
 }
@@ -2745,7 +2748,7 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u,
 
 	for (i=0; i<q_u->num_sids1; i++) {
 
-		r_u->status=new_get_alias_user_groups(p->mem_ctx, &info->sid, &tmp_num_groups, &tmp_rids, &(q_u->sid[i].sid));
+		r_u->status=get_alias_user_groups(p->mem_ctx, &info->sid, &tmp_num_groups, &tmp_rids, &(q_u->sid[i].sid));
 
 		/*
 		 * if there is an error, we just continue as
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 80090cf6e0..5c781c20ae 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -76,84 +76,10 @@ rid_name domain_group_rids[] =
     { 0                             , NULL }
 };
 
-int make_dom_gids(TALLOC_CTX *ctx, char *gids_str, DOM_GID **ppgids)
-{
-  char *ptr;
-  pstring s2;
-  int count;
-  DOM_GID *gids;
-
-  *ppgids = NULL;
-
-  DEBUG(4,("make_dom_gids: %s\n", gids_str));
-
-  if (gids_str == NULL || *gids_str == 0)
-    return 0;
-
-  for (count = 0, ptr = gids_str; 
-       next_token(&ptr, s2, NULL, sizeof(s2)); 
-       count++)
-    ;
-
-  gids = (DOM_GID *)talloc(ctx, sizeof(DOM_GID) * count );
-  if(!gids)
-  {
-    DEBUG(0,("make_dom_gids: talloc fail !\n"));
-    return 0;
-  }
-
-  for (count = 0, ptr = gids_str; 
-       next_token(&ptr, s2, NULL, sizeof(s2)) && 
-	       count < LSA_MAX_GROUPS; 
-       count++) 
-  {
-    /* the entries are of the form GID/ATTR, ATTR being optional.*/
-    char *attr;
-    uint32 rid = 0;
-    int i;
-
-    attr = strchr_m(s2,'/');
-    if (attr)
-      *attr++ = 0;
-
-    if (!attr || !*attr)
-      attr = "7"; /* default value for attribute is 7 */
-
-    /* look up the RID string and see if we can turn it into a rid number */
-    for (i = 0; builtin_alias_rids[i].name != NULL; i++)
-    {
-      if (strequal(builtin_alias_rids[i].name, s2))
-      {
-        rid = builtin_alias_rids[i].rid;
-        break;
-      }
-    }
-
-    if (rid == 0)
-      rid = atoi(s2);
-
-    if (rid == 0)
-    {
-      DEBUG(1,("make_dom_gids: unknown well-known alias RID %s/%s\n", s2, attr));
-      count--;
-    }
-    else
-    {
-      gids[count].g_rid = rid;
-      gids[count].attr  = atoi(attr);
-
-      DEBUG(5,("group id: %d attr: %d\n", gids[count].g_rid, gids[count].attr));
-    }
-  }
-
-  *ppgids = gids;
-  return count;
-}
-
 /*******************************************************************
  gets a domain user's groups
  ********************************************************************/
-NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, uint32 **prids, DOM_SID *q_sid)
+NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, uint32 **prids, DOM_SID *q_sid)
 {
 	SAM_ACCOUNT *sam_pass=NULL;
 	char *sep;
@@ -186,7 +112,7 @@ NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups
 	sep = lp_winbind_separator();
 
 
-	DEBUG(10,("new_get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n", 
+	DEBUG(10,("get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n", 
 	          sid_to_string(str_qsid, q_sid), sid_to_string(str_domsid, sid)));
 
 	sid_peek_rid(q_sid, &rid);
@@ -195,27 +121,30 @@ NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups
 	become_root();
 	ret = pdb_getsampwrid(sam_pass, rid);
 	unbecome_root();
-	if (ret == False)
+	if (ret == False) {
+		pdb_free_sam(&sam_pass);
 		return NT_STATUS_NO_SUCH_USER;
+	}
 
 	fstrcpy(user_name, pdb_get_username(sam_pass));
 	grid=pdb_get_group_rid(sam_pass);
 	gid=pdb_get_gid(sam_pass);
 	
 	grp = glist = getgrent_list();
-	if (grp == NULL)
+	if (grp == NULL) {
+		pdb_free_sam(&sam_pass);
 		return NT_STATUS_NO_MEMORY;
-
+	}
 	
 	for (; grp != NULL; grp = grp->next) {
 		if(!get_group_from_gid(grp->gr_gid, &map, MAPPING_WITHOUT_PRIV)) {
-			DEBUG(10,("new_get_alias_user_groups: gid %d. not found\n", (int)grp->gr_gid));
+			DEBUG(10,("get_alias_user_groups: gid %d. not found\n", (int)grp->gr_gid));
 			continue;
 		}
 		
 		/* if it's not an alias, continue */
 		if (map.sid_name_use!=SID_NAME_ALIAS) {
-			DEBUG(10,("new_get_alias_user_groups: not returing %s, not an ALIAS group.\n", map.nt_name));
+			DEBUG(10,("get_alias_user_groups: not returing %s, not an ALIAS group.\n", map.nt_name));
 			continue;
 		}
 
@@ -224,24 +153,24 @@ NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups
 		
 		/* if the sid is not in the correct domain, continue */
 		if (!sid_equal(&tmp_sid, sid)) {
-			DEBUG(10,("new_get_alias_user_groups: not returing %s, not in the domain SID.\n", map.nt_name));
+			DEBUG(10,("get_alias_user_groups: not returing %s, not in the domain SID.\n", map.nt_name));
 			continue;
 		}
 
 		/* Don't return winbind groups as they are not local! */
 		if (strchr_m(map.nt_name, *sep) != NULL) {
-			DEBUG(10,("new_get_alias_user_groups: not returing %s, not local.\n", map.nt_name));
+			DEBUG(10,("get_alias_user_groups: not returing %s, not local.\n", map.nt_name));
 			continue;
 		}
 
 		/* Don't return user private groups... */
 		if (Get_Pwnam(map.nt_name) != 0) {
-			DEBUG(10,("new_get_alias_user_groups: not returing %s, clashes with user.\n", map.nt_name));
+			DEBUG(10,("get_alias_user_groups: not returing %s, clashes with user.\n", map.nt_name));
 			continue;			
 		}
 		
 		/* the group is fine, we can check if there is the user we're looking for */
-		DEBUG(10,("new_get_alias_user_groups: checking if the user is a member of %s.\n", map.nt_name));
+		DEBUG(10,("get_alias_user_groups: checking if the user is a member of %s.\n", map.nt_name));
 		
 		for(num=0; grp->gr_mem[num]!=NULL; num++) {
 			if(strcmp(grp->gr_mem[num], user_name)==0) {
@@ -249,69 +178,70 @@ NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups
 				
 				new_rids=(uint32 *)Realloc(rids, sizeof(uint32)*(cur_rid+1));
 				if (new_rids==NULL) {
-					DEBUG(10,("new_get_alias_user_groups: could not realloc memory\n"));
+					DEBUG(10,("get_alias_user_groups: could not realloc memory\n"));
+					pdb_free_sam(&sam_pass);
 					return NT_STATUS_NO_MEMORY;
 				}
 				rids=new_rids;
 				
 				sid_peek_rid(&map.sid, &(rids[cur_rid]));
-				DEBUG(10,("new_get_alias_user_groups: user found in group %s\n", map.nt_name));
+				DEBUG(10,("get_alias_user_groups: user found in group %s\n", map.nt_name));
 				cur_rid++;
 				break;
 			}
 		}
-		
 	}
-	
+
 	grent_free(glist);
-	
+
 	/* now check for the user's gid (the primary group rid) */
 	for (i=0; i<cur_rid && grid!=rids[i]; i++)
 		;
-	
+
 	/* the user's gid is already there */
 	if (i!=cur_rid) {
-		DEBUG(10,("new_get_alias_user_groups: user is already in the list. good.\n"));
+		DEBUG(10,("get_alias_user_groups: user is already in the list. good.\n"));
 		goto done;
 	}
-	
-	DEBUG(10,("new_get_alias_user_groups: looking for gid %d of user %s\n", (int)*gid, user_name));
-	
+
+	DEBUG(10,("get_alias_user_groups: looking for gid %d of user %s\n", (int)*gid, user_name));
+
 	if(!get_group_from_gid(*gid, &map, MAPPING_WITHOUT_PRIV)) {
-		DEBUG(0,("new_get_alias_user_groups: gid of user %s doesn't exist. Check your /etc/passwd and /etc/group files\n", user_name));
+		DEBUG(0,("get_alias_user_groups: gid of user %s doesn't exist. Check your /etc/passwd and /etc/group files\n", user_name));
 		goto done;
 	}	
-	
+
 	/* the primary group isn't an alias */
 	if (map.sid_name_use!=SID_NAME_ALIAS) {
-		DEBUG(10,("new_get_alias_user_groups: not returing %s, not an ALIAS group.\n", map.nt_name));
+		DEBUG(10,("get_alias_user_groups: not returing %s, not an ALIAS group.\n", map.nt_name));
 		goto done;
 	}
 
 	sid_copy(&tmp_sid, &map.sid);
 	sid_split_rid(&tmp_sid, &rid);
-		
+
 	/* if the sid is not in the correct domain, continue */
 	if (!sid_equal(&tmp_sid, sid)) {
-		DEBUG(10,("new_get_alias_user_groups: not returing %s, not in the domain SID.\n", map.nt_name));
+		DEBUG(10,("get_alias_user_groups: not returing %s, not in the domain SID.\n", map.nt_name));
 		goto done;
 	}
 
 	/* Don't return winbind groups as they are not local! */
 	if (strchr_m(map.nt_name, *sep) != NULL) {
-		DEBUG(10,("new_get_alias_user_groups: not returing %s, not local.\n", map.nt_name ));
+		DEBUG(10,("get_alias_user_groups: not returing %s, not local.\n", map.nt_name ));
 		goto done;
 	}
 
 	/* Don't return user private groups... */
 	if (Get_Pwnam(map.nt_name) != 0) {
-		DEBUG(10,("new_get_alias_user_groups: not returing %s, clashes with user.\n", map.nt_name ));
+		DEBUG(10,("get_alias_user_groups: not returing %s, clashes with user.\n", map.nt_name ));
 		goto done;			
 	}
 
 	new_rids=(uint32 *)Realloc(rids, sizeof(uint32)*(cur_rid+1));
 	if (new_rids==NULL) {
-		DEBUG(10,("new_get_alias_user_groups: could not realloc memory\n"));
+		DEBUG(10,("get_alias_user_groups: could not realloc memory\n"));
+		pdb_free_sam(&sam_pass);
 		return NT_STATUS_NO_MEMORY;
 	}
 	rids=new_rids;
@@ -322,7 +252,8 @@ NTSTATUS new_get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups
 done:
  	*prids=rids;
 	*numgroups=cur_rid;
-	
+	pdb_free_sam(&sam_pass);
+
 	return NT_STATUS_OK;
 }
 
@@ -330,7 +261,7 @@ done:
 /*******************************************************************
  gets a domain user's groups
  ********************************************************************/
-BOOL new_get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SAM_ACCOUNT *sam_pass)
+BOOL get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SAM_ACCOUNT *sam_pass)
 {
 	GROUP_MAP *map=NULL;
 	int i, num, num_entries, cur_gid=0;
@@ -345,13 +276,12 @@ BOOL new_get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids
 	fstrcpy(user_name, pdb_get_username(sam_pass));
 	grid=pdb_get_group_rid(sam_pass);
 
-	DEBUG(10,("new_get_domain_user_groups: searching domain groups [%s] is a member of\n", user_name));
+	DEBUG(10,("get_domain_user_groups: searching domain groups [%s] is a member of\n", user_name));
 
 	/* first get the list of the domain groups */
 	if (!enum_group_mapping(SID_NAME_DOM_GRP, &map, &num_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV))
 		return False;
-	DEBUG(10,("new_get_domain_user_groups: there are %d mapped groups\n", num_entries));
-
+	DEBUG(10,("get_domain_user_groups: there are %d mapped groups\n", num_entries));
 
 	/* 
 	 * alloc memory. In the worse case, we alloc memory for nothing.
@@ -364,7 +294,7 @@ BOOL new_get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids
 	for(i=0; i<num_entries; i++) {
 		if ((grp=getgrgid(map[i].gid)) == NULL) {
 			/* very weird !!! */
-			DEBUG(5,("new_get_domain_user_groups: gid %d doesn't exist anymore !\n", (int)map[i].gid));
+			DEBUG(5,("get_domain_user_groups: gid %d doesn't exist anymore !\n", (int)map[i].gid));
 			continue;
 		}
 
@@ -372,8 +302,8 @@ BOOL new_get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids
 			if(strcmp(grp->gr_mem[num], user_name)==0) {
 				/* we found the user, add the group to the list */
 				sid_peek_rid(&map[i].sid, &(gids[cur_gid].g_rid));
-				gids[cur_gid].attr=map[i].sid_name_use;
-				DEBUG(10,("new_get_domain_user_groups: user found in group %s\n", map[i].nt_name));
+				gids[cur_gid].attr=7;
+				DEBUG(10,("get_domain_user_groups: user found in group %s\n", map[i].nt_name));
 				cur_gid++;
 				break;
 			}
@@ -387,62 +317,42 @@ BOOL new_get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids
 	
 	/* the user's gid is already there */
 	if (i!=cur_gid) {
+		/* 
+		 * the primary group of the user but be the first one in the list
+		 * don't ask ! JFM.
+		 */
+		gids[i].g_rid=gids[0].g_rid;
+		gids[0].g_rid=grid;
 		goto done;
 	}
 
 	for(i=0; i<num_entries; i++) {
 		sid_peek_rid(&map[i].sid, &tmp_rid);
 		if (tmp_rid==grid) {
-			gids[cur_gid].g_rid=tmp_rid;
-			gids[cur_gid].attr=map[i].sid_name_use;
-			DEBUG(10,("new_get_domain_user_groups: primary gid of user found in group %s\n", map[i].nt_name));
+			/* 
+			 * the primary group of the user but be the first one in the list
+			 * don't ask ! JFM.
+			 */
+			gids[cur_gid].g_rid=gids[0].g_rid;
+			gids[0].g_rid=tmp_rid;
+			gids[cur_gid].attr=7;
+			DEBUG(10,("get_domain_user_groups: primary gid of user found in group %s\n", map[i].nt_name));
 			cur_gid++;
 			goto done; /* leave the loop early */
 		}
 	}
 
+	DEBUG(0,("get_domain_user_groups: primary gid of user [%s] is not a Domain group !\n", user_name));
+	DEBUGADD(0,("get_domain_user_groups: You should fix it, NT doesn't like that\n"));
+
  done:
- 	*pgids=gids;
+	*pgids=gids;
 	*numgroups=cur_gid;
 	safe_free(map);
 
 	return True;
 }
 
-/*******************************************************************
- gets a domain user's groups
- ********************************************************************/
-void get_domain_user_groups(char *domain_groups, const char *user)
-{
-	pstring tmp;
-
-	if (domain_groups == NULL || user == NULL) return;
-
-	/* can only be a user or a guest.  cannot be guest _and_ admin */
-	if (user_in_list(user, lp_domain_guest_group()))
-	{
-		slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_GUESTS);
-		pstrcat(domain_groups, tmp);
-
-		DEBUG(3,("domain guest group access %s granted\n", tmp));
-	}
-	else
-	{
-		slprintf(tmp, sizeof(tmp) -1, " %ld/7 ", DOMAIN_GROUP_RID_USERS);
-		pstrcat(domain_groups, tmp);
-
-		DEBUG(3,("domain group access %s granted\n", tmp));
-
-		if (user_in_list(user, lp_domain_admin_group()))
-		{
-			slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", DOMAIN_GROUP_RID_ADMINS);
-			pstrcat(domain_groups, tmp);
-
-			DEBUG(3,("domain admin group access %s granted\n", tmp));
-		}
-	}
-}
-
 /*******************************************************************
  Look up a local (domain) rid and return a name and type.
  ********************************************************************/
diff --git a/source3/smbd/message.c b/source3/smbd/message.c
index 7cc53e082c..a3625e3716 100644
--- a/source3/smbd/message.c
+++ b/source3/smbd/message.c
@@ -26,6 +26,8 @@
 
 #include "includes.h"
 
+extern userdom_struct current_user_info;
+
 /* look in server.c for some explanation of these variables */
 static char msgbuf[1600];
 static int msgpos;
@@ -84,7 +86,7 @@ static void msg_deliver(void)
       pstrcpy(s,lp_msg_command());
       pstring_sub(s,"%f",alpha_strcpy(alpha_msgfrom,msgfrom,NULL,sizeof(alpha_msgfrom)));
       pstring_sub(s,"%t",alpha_strcpy(alpha_msgto,msgto,NULL,sizeof(alpha_msgto)));
-      standard_sub_basic(s);
+      standard_sub_basic(current_user_info.smb_name, s);
       pstring_sub(s,"%s",name);
       smbrun(s,NULL);
     }
-- 
cgit