From 377f947930f3a3fe69c21d5b9386642cbf8b3df7 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 8 Jun 2005 14:23:49 +0000 Subject: r7395: * new feature 'map to guest = bad uid' (based on patch from aruna.prabakar@hp.com). This re-enables the Samba 2.2 behavior where a user that was successfully authenticated by a remote DC would be mapped to the guest account if there was not existing UNIX account for that user and we could not create one. (This used to be commit b7455fbf81f4e47c087c861f70d492a328730a9b) --- source3/auth/auth.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'source3/auth/auth.c') diff --git a/source3/auth/auth.c b/source3/auth/auth.c index b777e97cc9..61f638fcd0 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -279,6 +279,8 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, } } + /* successful authentication */ + if (NT_STATUS_IS_OK(nt_status)) { unix_username = (*server_info)->unix_name; if (!(*server_info)->guest) { @@ -304,14 +306,22 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, user_info->internal_username.str, unix_username)); } + + return nt_status; } - - if (!NT_STATUS_IS_OK(nt_status)) { + + /* failed authentication; check for guest lapping */ + + if ( lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID ) { + make_server_info_guest(server_info); + nt_status = NT_STATUS_OK; + } else { DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n", - user_info->smb_name.str, user_info->internal_username.str, - nt_errstr(nt_status))); - ZERO_STRUCTP(server_info); + user_info->smb_name.str, user_info->internal_username.str, + nt_errstr(nt_status))); + ZERO_STRUCTP(server_info); } + return nt_status; } -- cgit