From 9126a40e2c33e0eb4cd57ab381634e08fa59e7a7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 19 Dec 2001 09:53:30 +0000 Subject: added trusted realm support to ADS authentication the method used for checking if a domain is a trusted domain is very crude, we should really call a backend fn of some sort. For now I'm using winbindd to do the dirty work. (This used to be commit adf44a9bd0d997ba4dcfadc564a29149531525af) --- source3/nsswitch/winbindd.h | 1 + source3/nsswitch/winbindd_ads.c | 2 ++ source3/nsswitch/winbindd_util.c | 6 +++++- 3 files changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index 2a6fa22961..74206da9ef 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -153,6 +153,7 @@ struct winbindd_methods { /* Structures to hold per domain information */ struct winbindd_domain { fstring name; /* Domain name */ + fstring full_name; /* full Domain name (realm) */ DOM_SID sid; /* SID for this domain */ struct winbindd_methods *methods; /* lookup methods for this domain (LDAP or diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c index 4ce0894ab3..c988e697ee 100644 --- a/source3/nsswitch/winbindd_ads.c +++ b/source3/nsswitch/winbindd_ads.c @@ -147,6 +147,8 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain) primary_realm = strdup(ads->realm); } + fstrcpy(domain->full_name, ads->server_realm); + domain->private = (void *)ads; return ads; } diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index f760b635d6..2f21f81ea8 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -55,7 +55,8 @@ struct winbindd_domain *find_domain_from_name(char *domain_name) /* Search through list */ for (tmp = domain_list; tmp != NULL; tmp = tmp->next) { - if (strcasecmp(domain_name, tmp->name) == 0) + if (strcasecmp(domain_name, tmp->name) == 0 || + strcasecmp(domain_name, tmp->full_name) == 0) return tmp; } @@ -164,6 +165,9 @@ BOOL get_domain_info(void) DEBUG(1,("Added domain %s (%s)\n", domain->name, sid_string_static(&domain->sid))); + + /* this primes the connection */ + cache_methods.domain_sid(domain, &domain->sid); } } -- cgit