From 0fbe25656ceb74c3d1982615d068bcad7944cd80 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 1 Jun 2007 12:24:57 +0000 Subject: r23291: Undo the somewhat naive change of r23279: The clear text presentaion of the sid in the ldap expression does work with w2k3 but not with w2k.... Thanks to Guenther for advising me of this issue. Michael (This used to be commit 7e6b0c19f816b52cca257c2837680e70f1af8594) --- source3/nsswitch/winbindd_ads.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'source3/nsswitch/winbindd_ads.c') diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 9b0b43479e..d362f3173b 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -901,6 +901,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, ADS_STRUCT *ads = NULL; char *ldap_exp; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + char *sidbinstr; char **members = NULL; int i; size_t num_members = 0; @@ -939,14 +940,21 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain, goto done; } + if ((sidbinstr = sid_binstring(group_sid)) == NULL) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + /* search for all members of the group */ - if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)", - sid_string_static(group_sid)))) + if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)", + sidbinstr))) { + SAFE_FREE(sidbinstr); DEBUG(1, ("ads: lookup_groupmem: talloc_asprintf for ldap_exp failed!\n")); status = NT_STATUS_NO_MEMORY; goto done; } + SAFE_FREE(sidbinstr); args.control = ADS_EXTENDED_DN_OID; args.val = ADS_EXTENDED_DN_HEX_STRING; -- cgit