From 670f46fd4c6ef8eb338284c820f8560bcece095a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 26 Jan 2002 10:10:25 +0000 Subject: Bring this code into line with new winbind_lookup_name() interface. I think this might need a bit more work - or at least documentation. This is certainly a worthwile little hack, as it avoids the need to invert the group database. I don't think we should allow unqualified domains here - as that allows us to distinguish between (at least some) usernames and these 'special' groups. (This used to be commit 151dd7bc6c61e19a993017e5e0b50314801e26de) --- source3/lib/username.c | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) (limited to 'source3') diff --git a/source3/lib/username.c b/source3/lib/username.c index 7c8c9c740d..f256b1d6f8 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -33,7 +33,7 @@ static struct passwd *uname_string_combinations2(char *s, int offset, struct pas BOOL name_is_local(const char *name) { - return !(strchr_m(name, *lp_winbind_separator()) || lp_winbind_use_default_domain()); + return !(strchr_m(name, *lp_winbind_separator())); } /**************************************************************************** @@ -535,16 +535,29 @@ BOOL user_in_list(const char *user,char **list) enum SID_NAME_USE name_type; BOOL winbind_answered = False; BOOL ret; - - /* Check to see if name is a Windows group */ - if (winbind_lookup_name(*list, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { - + fstring groupname, domain; + + /* Parse a string of the form DOMAIN/user into a domain and a user */ + + char *p = strchr(*list,*lp_winbind_separator()); + + DEBUG(10,("user_in_list: checking if user |%s| is in winbind group |%s|\n", user, *list)); + + if (p) { + fstrcpy(groupname, p+1); + fstrcpy(domain, *list); + domain[PTR_DIFF(p, *list)] = 0; + + /* Check to see if name is a Windows group */ + if (winbind_lookup_name(groupname, domain, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { + /* Check if user name is in the Windows group */ - ret = user_in_winbind_group_list(user, *list, &winbind_answered); - - if (winbind_answered && ret == True) { - DEBUG(10,("user_in_list: user |%s| is in group |%s|\n", user, *list)); - return ret; + ret = user_in_winbind_group_list(user, *list, &winbind_answered); + + if (winbind_answered && ret == True) { + DEBUG(10,("user_in_list: user |%s| is in winbind group |%s|\n", user, *list)); + return ret; + } } } } -- cgit