From adc31b9235f70d06d2739b38867dc0fadb33d082 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 14 Dec 2007 07:47:07 +0100 Subject: Revert "Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames." As it breaks all tests which try to join a new machine account. So more testing is needed... metze This reverts commit dd320c0924ce393a89b1cab020fd5cffc5b80380. (This used to be commit cccb80b7b7980fbe1298ce266375e51bacb4a425) --- source3/passdb/lookup_sid.c | 45 +++++++++++++-------------------------------- 1 file changed, 13 insertions(+), 32 deletions(-) (limited to 'source3/passdb') diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 54db14fbfe..bb54959e96 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -59,19 +59,16 @@ bool lookup_name(TALLOC_CTX *mem_ctx, name = talloc_strdup(tmp_ctx, full_name); } + DEBUG(10,("lookup_name: %s => %s (domain), %s (name)\n", + full_name, domain, name)); + if ((domain == NULL) || (name == NULL)) { DEBUG(0, ("talloc failed\n")); TALLOC_FREE(tmp_ctx); return false; } - DEBUG(10,("lookup_name: %s => %s (domain), %s (name)\n", - full_name, domain, name)); - DEBUG(10, ("lookup_name: flags = 0x0%x\n", flags)); - - if ((flags & LOOKUP_NAME_DOMAIN) && - strequal(domain, get_global_sam_name())) - { + if (strequal(domain, get_global_sam_name())) { /* It's our own domain, lookup the name in passdb */ if (lookup_global_sam_name(name, flags, &rid, &type)) { @@ -83,9 +80,8 @@ bool lookup_name(TALLOC_CTX *mem_ctx, return false; } - if ((flags & LOOKUP_NAME_BUILTIN) && - strequal(domain, builtin_domain_name())) - { + if (strequal(domain, builtin_domain_name())) { + /* Explicit request for a name in BUILTIN */ if (lookup_builtin_name(name, &rid)) { sid_copy(&sid, &global_sid_Builtin); @@ -101,7 +97,6 @@ bool lookup_name(TALLOC_CTX *mem_ctx, * domain yet at this point yet. This comes later. */ if ((domain[0] != '\0') && - (flags & ~(LOOKUP_NAME_DOMAIN|LOOKUP_NAME_ISOLATED)) && (winbind_lookup_name(domain, name, &sid, &type))) { goto ok; } @@ -136,18 +131,14 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 1. well-known names */ - if ((flags & LOOKUP_NAME_WKN) && - lookup_wellknown_name(tmp_ctx, name, &sid, &domain)) - { + if (lookup_wellknown_name(tmp_ctx, name, &sid, &domain)) { type = SID_NAME_WKN_GRP; goto ok; } /* 2. Builtin domain as such */ - if ((flags & (LOOKUP_NAME_BUILTIN|LOOKUP_NAME_REMOTE)) && - strequal(name, builtin_domain_name())) - { + if (strequal(name, builtin_domain_name())) { /* Swap domain and name */ tmp = name; name = domain; domain = tmp; sid_copy(&sid, &global_sid_Builtin); @@ -157,9 +148,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 3. Account domain */ - if ((flags & LOOKUP_NAME_DOMAIN) && - strequal(name, get_global_sam_name())) - { + if (strequal(name, get_global_sam_name())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch my SID\n")); TALLOC_FREE(tmp_ctx); @@ -173,9 +162,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 4. Primary domain */ - if ((flags & LOOKUP_NAME_DOMAIN) && !IS_DC && - strequal(name, lp_workgroup())) - { + if (!IS_DC && strequal(name, lp_workgroup())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch the domain SID\n")); TALLOC_FREE(tmp_ctx); @@ -190,9 +177,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 5. Trusted domains as such, to me it looks as if members don't do this, tested an XP workstation in a NT domain -- vl */ - if ((flags & LOOKUP_NAME_REMOTE) && IS_DC && - (secrets_fetch_trusted_domain_password(name, NULL, &sid, NULL))) - { + if (IS_DC && (pdb_get_trusteddom_pw(name, NULL, &sid, NULL))) { /* Swap domain and name */ tmp = name; name = domain; domain = tmp; type = SID_NAME_DOMAIN; @@ -201,9 +186,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* 6. Builtin aliases */ - if ((flags & LOOKUP_NAME_BUILTIN) && - lookup_builtin_name(name, &rid)) - { + if (lookup_builtin_name(name, &rid)) { domain = talloc_strdup(tmp_ctx, builtin_domain_name()); sid_copy(&sid, &global_sid_Builtin); sid_append_rid(&sid, rid); @@ -216,9 +199,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx, /* Both cases are done by looking at our passdb */ - if ((flags & LOOKUP_NAME_DOMAIN) && - lookup_global_sam_name(name, flags, &rid, &type)) - { + if (lookup_global_sam_name(name, flags, &rid, &type)) { domain = talloc_strdup(tmp_ctx, get_global_sam_name()); sid_copy(&sid, get_global_sam_sid()); sid_append_rid(&sid, rid); -- cgit