From 1fb9ccc4e2a91bf7124fba076ffa5458a1cbf404 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 18 Jan 2002 02:37:55 +0000 Subject: This is the 'winbind default domain' patch from Alexander Bokovoy . The idea is the domain\username is rather harsh for unix systems - people don't expect to have to FTP, SSH and (in particular) e-mail with a username like that. This 'corrects' that - but is not without its own problems. As you can see from the changes to files like username.c and wb_client.c (smbd's winbind client code) a lot of assumptions are made in a lot of places about lp_winbind_seperator determining a users's status as a domain or local user. The main change I will shortly be making is to investigate and kill off winbind_initgroups() - as far as I know it was a workaround for an old bug in winbind itself (and a bug in RH 5.2) and should no longer be relevent. I am also going to move to using the 'winbind uid' and 'winbind gid' paramaters to determine a user/groups's 'local' status, rather than the presence of the seperator. As such, this functionality is recommended for servers providing unix services, but is currently less than optimal for windows clients. (TODO: remove all references to lp_winbind_seperator() and lp_winbind_use_default_domain() from smbd) Andrew Bartlett (This used to be commit 07a21fcd2311d2d9b430b99303e3532a8c1159e4) --- source3/nsswitch/winbindd_util.c | 56 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 52 insertions(+), 4 deletions(-) (limited to 'source3/nsswitch/winbindd_util.c') diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index f90e89c23f..640b581ce3 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -348,17 +348,65 @@ BOOL check_domain_env(char *domain_env, char *domain) } /* Parse a string of the form DOMAIN/user into a domain and a user */ +extern fstring global_myworkgroup; BOOL parse_domain_user(const char *domuser, fstring domain, fstring user) { char *p = strchr(domuser,*lp_winbind_separator()); - if (!p) + if (!(p || lp_winbind_use_default_domain())) return False; - fstrcpy(user, p+1); - fstrcpy(domain, domuser); - domain[PTR_DIFF(p, domuser)] = 0; + if(!p && lp_winbind_use_default_domain()) { + fstrcpy(user, domuser); + fstrcpy(domain, global_myworkgroup); + } else { + fstrcpy(user, p+1); + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + } strupper(domain); return True; } + +/* + Strip domain name if it is same as default domain name and + winbind use default domain = true + + it assumes that name is actually fstring so that memory management + isn't needed. +*/ +void strip_domain_name_if_needed(fstring *name) +{ + if(lp_winbind_use_default_domain()) { + char *sep = lp_winbind_separator(); + char *new_name = strchr(*name, *sep); + if(new_name) { + *new_name = 0; + if (!strcmp(global_myworkgroup, *name)) { + new_name++; + safe_strcpy(*name, new_name, sizeof(fstring)); + } else *new_name = *sep; + } + } +} + +/* + Fill DOMAIN\\USERNAME entry accounting 'winbind use default domain' and + 'winbind separator' options. + This means: + - omit DOMAIN when 'winbind use default domain = true' and DOMAIN is + global_myworkgroup + +*/ +void fill_domain_username(fstring name, const char *domain, const char *user) +{ + if(lp_winbind_use_default_domain() && + !strcmp(global_myworkgroup, domain)) { + strlcpy(name, user, sizeof(fstring)); + } else { + slprintf(name, sizeof(fstring) - 1, "%s%s%s", + domain, lp_winbind_separator(), + user); + } +} -- cgit