From 5ebcdbae9b0eb05570613bd939af9fc827920a29 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 25 Nov 1998 23:54:30 +0000 Subject: yeehaah got users to be included in S-1-5-xxx-yyy-zzz's local groups. now need search capability on S-1-5-20, which will need argh, a "group database API" on S-1-5-20, and the ability to add BUILTIN\Admins etc to "local group map" argh. (This used to be commit a24f6eb00ba7486479cbcf7fadf5456521c56179) --- source3/groupdb/aliasunix.c | 45 ++++++++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 13 deletions(-) (limited to 'source3/groupdb') diff --git a/source3/groupdb/aliasunix.c b/source3/groupdb/aliasunix.c index 5c9a305780..b9d9dc6856 100644 --- a/source3/groupdb/aliasunix.c +++ b/source3/groupdb/aliasunix.c @@ -66,30 +66,51 @@ static BOOL setalsunixpwpos(void *vp, SMB_BIG_UINT tok) } /************************************************************************* - maps a unix group to a rid, domain sid and an nt alias name. + maps a unix group to a domain sid and an nt alias name. *************************************************************************/ -static void map_unix_als_to_nt_als(struct group *unix_als, char *nt_name, DOM_SID *sid, uint32 *rid) +static void map_unix_grp_to_nt_als(char *unix_name, + struct group *unix_grp, char *nt_name, DOM_SID *sid) { - if (map_alias_gid(unix_als->gr_gid, sid, nt_name, NULL)) + BOOL found = False; + uint32 rid; + fstring ntname; + fstring ntdomain; + + if (isdigit(unix_name[0])) + { + unix_grp->gr_gid = get_number(unix_name); + unix_grp->gr_name = unix_name; + found = map_alias_gid(unix_grp->gr_gid, sid, ntname, ntdomain); + } + else + { + unix_grp->gr_name = unix_name; + found = map_unix_alias_name(unix_grp->gr_name, sid, ntname, ntdomain); + } + + if (found) { /* * find the NT name represented by this UNIX gid. - * then, only accept NT aliases that are in our domain + * then, only accept NT aliass that are in our domain */ - sid_split_rid(sid, rid); + sid_split_rid(sid, &rid); } else { /* - * assume that the UNIX alias is an NT alias with + * assume that the UNIX group is an NT alias with * the same name. convert gid to a alias rid. */ - fstrcpy(nt_name, unix_als->gr_name); + fstrcpy(ntdomain, global_sam_name); + fstrcpy(ntname, unix_grp->gr_name); sid_copy(sid, &global_sam_sid); - (*rid) = pwdb_gid_to_alias_rid(unix_als->gr_gid); } + + slprintf(nt_name, sizeof(fstring)-1, "\\%s\\%s", + ntdomain, ntname); } /************************************************************************* @@ -113,13 +134,11 @@ BOOL get_unixalias_members(struct group *als, for (i = 0; (unix_name = als->gr_mem[i]) != NULL; i++) { DOM_SID sid; - BOOL found = False; - - found = map_unix_alias_name(unix_name, &sid, nt_name, NULL); + struct group unix_grp; - found = found ? sid_equal(&sid, &global_sam_sid) : False; + map_unix_grp_to_nt_als(unix_name, &unix_grp, nt_name, &sid); - if (!found) + if (!sid_equal(&sid, &global_sam_sid)) { DEBUG(0,("alias database: could not resolve name %s in domain %s\n", unix_name, global_sam_name)); -- cgit