From 6f0b8a38ec036a0027e9f938834e241b41db40c5 Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Wed, 31 Oct 2001 06:20:58 +0000
Subject: Added some extra fields to the auth_serversupplied_info structure. To
 obtain the full group membership of a user (i.e nested groups on a win2k
 native mode server) it is necessary to merge this list of groups with the
 groups returned by winbindd when creating an nt access token.

This breaks winbindd linking while AB and I sync up our changes to the
authentication subsystem.
(This used to be commit 4eeb7bcd783d7cfb3ac232f1faa035773007401d)
---
 source3/libsmb/domain_client_validate.c | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'source3/libsmb')

diff --git a/source3/libsmb/domain_client_validate.c b/source3/libsmb/domain_client_validate.c
index 26f53f0297..26a727b1f1 100644
--- a/source3/libsmb/domain_client_validate.c
+++ b/source3/libsmb/domain_client_validate.c
@@ -326,6 +326,7 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info,
 
 	status = cli_nt_login_network(&cli, user_info, smb_uid_low, 
 				      &ctr, &info3);
+
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("domain_client_validate: unable to validate password "
                          "for user %s in domain %s to Domain controller %s. "
@@ -335,8 +336,28 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info,
 	}
 
 	/*
-	 * Here, if we really want it, we have lots of info about the user in info3.
-	 */
+	 * Here, if we really want it, we have lots of info about the user
+	 * in info3.  
+         */
+
+        /* Store the user group information in the server_info returned to
+           the caller. */
+
+        if ((server_info->group_rids = malloc(info3.num_groups2 *
+                                        sizeof(uint32))) == NULL) {
+                DEBUG(1, ("out of memory allocating rid group membership\n"));
+                status = NT_STATUS_NO_MEMORY;
+        } else {
+                int i;
+
+                server_info->n_rids = info3.num_groups2;
+                
+                for (i = 0; i < server_info->n_rids; i++) {
+                        server_info->group_rids[i] = info3.gids[i].g_rid;
+                        DEBUG(5, ("** adding group rid 0x%x\n",
+                                  info3.gids[i].g_rid));
+                }
+        }
 
 #if 0
 	/* 
-- 
cgit