From fbc4e1daba427643466c39fc992ae4403856bb56 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 5 Nov 2001 23:00:46 +0000 Subject: Fixed looking up domain (winbind) users ahead of local users in domain_client_validate() (This used to be commit df0db8edb12dc8b8d290e5ac599fa7b517e9d263) --- source3/libsmb/domain_client_validate.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/domain_client_validate.c b/source3/libsmb/domain_client_validate.c index 7a8fa66841..a8c3ff2f6b 100644 --- a/source3/libsmb/domain_client_validate.c +++ b/source3/libsmb/domain_client_validate.c @@ -325,9 +325,14 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info, ZERO_STRUCT(info3); + /* + * If this call succeeds, we now have lots of info about the user + * in the info3 structure. + */ + status = cli_nt_login_network(&cli, user_info, smb_uid_low, &ctr, &info3); - + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("domain_client_validate: unable to validate password " "for user %s in domain %s to Domain controller %s. " @@ -335,13 +340,20 @@ NTSTATUS domain_client_validate(const auth_usersupplied_info *user_info, user_info->domain.str, cli.srv_name_slash, get_nt_error_msg(status))); } else { + char *dom_user; - /* - * Here, if we really want it, we have lots of info about the user - * in info3. - */ + /* Check DOMAIN\username first to catch winbind users, then + just the username for local users. */ + + asprintf(&dom_user, "%s%s%s", user_info->domain.str, + lp_winbind_separator(), + user_info->internal_username.str); + + if (!(pass = Get_Pwnam(dom_user))) + pass = Get_Pwnam(user_info->internal_username.str); + + free(dom_user); - pass = Get_Pwnam(user_info->internal_username.str); if (pass) { make_server_info_pw(server_info, pass); if (!server_info) { -- cgit