From 81d8eefc0d7620d5835b991d28bafe3d4f30eee2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 23 Jun 2003 05:10:07 +0000 Subject: * set domain->last_status = NT_STATUS_SERVER_DISABLED on an ads_connect() failure * Fix code to use winbind_rpc methods for trusted mixed mode or NT4 domains ( does no one ever test this? ) * add in LDAP code to get the sequence number for rpc based seqnum update. ( this is needed if the DC is upgraded and samba is not reconfigured to use security = ads; it's not pretty but it works (from app_head) ) * fix bug that caused us to enumerate domain local groups in domains other than our own (This used to be commit 14f2cd139a22454571cea8475d3b7c5c2787d378) --- source3/lib/username.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'source3/lib') diff --git a/source3/lib/username.c b/source3/lib/username.c index 8130b93c3f..0005372a8f 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -589,13 +589,14 @@ BOOL user_in_list(const char *user,const char **list, gid_t *groups, size_t n_gr fstrcpy(domain, *list); domain[PTR_DIFF(p, *list)] = 0; - /* Check to see if name is a Windows group; Win2k native mode DCs - will return domain local groups; while NT4 or mixed mode 2k DCs - will not */ + /* Check to see if name is a Windows group; Win2k native mode DCs + will return domain local groups; while NT4 or mixed mode 2k DCs + will not */ - if ( winbind_lookup_name(NULL, *list, &g_sid, &name_type) - && ( name_type==SID_NAME_DOM_GRP || name_type==SID_NAME_ALIAS ) ) - { + if ( winbind_lookup_name(NULL, *list, &g_sid, &name_type) + && ( name_type==SID_NAME_DOM_GRP || + (strequal(lp_workgroup(), domain) && name_type==SID_NAME_ALIAS) ) ) + { /* Check if user name is in the Windows group */ ret = user_in_winbind_group_list(user, *list, &winbind_answered); -- cgit