From 5faf3ba9af1bc00db78f8743374acaff93879ff7 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 13 Aug 2003 00:08:28 +0000
Subject: 2 fixes

 * bug #280 (my fault) - initialize sambaNextUserRid and
   sambaNextGroupRid

 * Unix users shared vis LDAP or NIS between a samba domain member
   of a Samba domain are not seen as domain users on the member servers.
   not as local users.
(This used to be commit a030fa373aefde8628def54ca8152f237a0467dc)
---
 source3/nsswitch/winbindd_sid.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
index 98a6fce24b..ac1ee11555 100644
--- a/source3/nsswitch/winbindd_sid.c
+++ b/source3/nsswitch/winbindd_sid.c
@@ -185,12 +185,17 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state)
 {
 	DOM_SID sid;
 
-	/* Bug out if the uid isn't in the winbind range */
-
+#if 0	/* JERRY */
+	/* we cannot do this check this anymore since a domain member of 
+	   a Samba domain may share unix accounts via NIS or LDAP.  In this 
+	   case the uid/gid will be out of winbindd's range but still might
+	   be resolved to a SID via an ldap idmap backend */
+	   
 	if ((state->request.data.uid < server_state.uid_low ) ||
 	    (state->request.data.uid > server_state.uid_high)) {
 		return WINBINDD_ERROR;
 	}
+#endif
 
 	DEBUG(3, ("[%5lu]: uid to sid %lu\n", (unsigned long)state->pid, 
 		  (unsigned long)state->request.data.uid));
@@ -214,12 +219,17 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state)
 {
 	DOM_SID sid;
 
-	/* Bug out if the gid isn't in the winbind range */
-
+#if 0	/* JERRY */
+	/* we cannot do this check this anymore since a domain member of 
+	   a Samba domain may share unix accounts via NIS or LDAP.  In this 
+	   case the uid/gid will be out of winbindd's range but still might
+	   be resolved to a SID via an ldap idmap backend */
+	   
 	if ((state->request.data.gid < server_state.gid_low) ||
 	    (state->request.data.gid > server_state.gid_high)) {
 		return WINBINDD_ERROR;
 	}
+#endif
 
 	DEBUG(3, ("[%5lu]: gid to sid %lu\n", (unsigned long)state->pid,
 		  (unsigned long)state->request.data.gid));
-- 
cgit