From f3494484cfc657a905e7b6b0e7d841e817667e97 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 13 Jul 2000 04:33:25 +0000 Subject: Don't return winbind groups or users when responding to samr_enum_dom_users and samr_enum_dom_aliases commands. Unfortunately the algorithm for determining winbind groups from normal groups is simply to check for the presence of the lp_winbind_separator() character. )-: (This used to be commit 363a9c45bf0a7d3266ccdf4eeb0b9f5e3d38389f) --- source3/rpc_server/srv_samr.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'source3/rpc_server/srv_samr.c') diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 50fe613e49..12b0d95abf 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -200,6 +200,7 @@ static BOOL get_passwd_entries(SAM_USER_INFO_21 *pw_buf, static BOOL orig_done = False; static int current_idx = 0; static int mapped_idx = 0; + char *sep; DEBUG(5, ("get_passwd_entries: retrieving a list of UNIX users\n")); @@ -267,6 +268,8 @@ static BOOL get_passwd_entries(SAM_USER_INFO_21 *pw_buf, } } + sep = lp_winbind_separator(); + /* now current_idx == start_idx */ while ((*num_entries) < max_num_entries) { int user_name_len; @@ -275,6 +278,13 @@ static BOOL get_passwd_entries(SAM_USER_INFO_21 *pw_buf, /* This does the original UNIX user itself */ if(!orig_done) { if ((pwd = getpwent()) == NULL) break; + + /* Don't enumerate winbind users as they are not local */ + + if (strchr(pwd->pw_name, *sep) != NULL) { + continue; + } + user_name_len = strlen(pwd->pw_name); pw_rid = pdb_uid_to_user_rid(pwd->pw_uid); ZERO_STRUCTP(&pw_buf[(*num_entries)]); @@ -753,6 +763,10 @@ static BOOL samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u, else if (strequal(sid_str, sam_sid_str)) { char *name; + char *sep; + + sep = lp_winbind_separator(); + /* local aliases */ /* we return the UNIX groups here. This seems to be the right */ /* thing to do, since NT member servers return their local */ @@ -762,6 +776,13 @@ static BOOL samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u, while (num_entries < MAX_SAM_ENTRIES && ((grp = getgrent()) != NULL)) { name = grp->gr_name; + + /* Don't return winbind groups as they are not local! */ + + if (strchr(name, *sep) != NULL) { + continue; + } + init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)); pass[num_entries].user_rid = pdb_gid_to_group_rid(grp->gr_gid); num_entries++; -- cgit