From ced5c1f9aa525addf4c0a4649fdbeb36128157e7 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 20 Dec 2006 17:56:26 +0000 Subject: r20289: IDMAP is part of winbind but not the main process. Make sure we route all request to remote DCs via the main process so that IDMAP can correctly reuse DC connections and use the async interface. This fixes also idmap_nss so that it is able to resolve local group names (requires patch on the samba dc earlier committed to SAMBA_3_0 to make it resolve both the mapped and the unmapped name). Simo. (This used to be commit 4297510f22c3fd60afd062e3c5eb142be2122b16) --- source3/nsswitch/idmap.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'source3/nsswitch/idmap.c') diff --git a/source3/nsswitch/idmap.c b/source3/nsswitch/idmap.c index e2d2712f48..bd81d1e83f 100644 --- a/source3/nsswitch/idmap.c +++ b/source3/nsswitch/idmap.c @@ -707,16 +707,23 @@ static NTSTATUS idmap_new_mapping(TALLOC_CTX *ctx, struct id_map *map) { NTSTATUS ret; struct idmap_domain *dom; - char *domname, *name; + const char *domname, *name; enum lsa_SidType sid_type; + BOOL wbret; ret = idmap_can_map(map, &dom); if ( ! NT_STATUS_IS_OK(ret)) { return NT_STATUS_NONE_MAPPED; } + /* by default calls to winbindd are disabled + the following call will not recurse so this is safe */ + winbind_on(); + wbret =winbind_lookup_sid(ctx, map->sid, &domname, &name, &sid_type); + winbind_off(); + /* check if this is a valid SID and then map it */ - if (winbindd_lookup_name_by_sid(ctx, map->sid, &domname, &name, &sid_type)) { + if (wbret) { switch (sid_type) { case SID_NAME_USER: ret = idmap_allocate_uid(&map->xid); -- cgit