From c1a6a24a76bacec4d678537716675e0c7f4fb5b4 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Fri, 18 Jun 2010 18:19:50 +0200 Subject: s3-winbind: Use rpc_lookup_usergroups in samr. --- source3/winbindd/winbindd_samr.c | 77 +++++++++++----------------------------- 1 file changed, 21 insertions(+), 56 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c index 6ca96eea04..0d4372eb52 100644 --- a/source3/winbindd/winbindd_samr.c +++ b/source3/winbindd/winbindd_samr.c @@ -938,37 +938,26 @@ error: return status; } -/* Lookup groups a user is a member of. I wish Unix had a call like this! */ -static NTSTATUS common_lookup_usergroups(struct winbindd_domain *domain, - TALLOC_CTX *mem_ctx, - const struct dom_sid *user_sid, - uint32_t *pnum_groups, - struct dom_sid **puser_grpsids) +/* Lookup groups a user is a member of. */ +static NTSTATUS sam_lookup_usergroups(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + const struct dom_sid *user_sid, + uint32_t *pnum_groups, + struct dom_sid **puser_grpsids) { struct rpc_pipe_client *samr_pipe; - struct policy_handle dom_pol, usr_pol; - uint32_t samr_access = SEC_FLAG_MAXIMUM_ALLOWED; - struct samr_RidWithAttributeArray *rid_array = NULL; + struct policy_handle dom_pol; struct dom_sid *user_grpsids = NULL; - uint32_t num_groups = 0, i; - uint32_t user_rid; + uint32_t num_groups = 0; TALLOC_CTX *tmp_ctx; NTSTATUS status; - DEBUG(3,("samr: lookup usergroups\n")); - - if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) { - return NT_STATUS_UNSUCCESSFUL; - } + DEBUG(3,("sam_lookup_usergroups\n")); if (pnum_groups) { *pnum_groups = 0; } - if (puser_grpsids) { - *puser_grpsids = NULL; - } - tmp_ctx = talloc_stackframe(); if (tmp_ctx == NULL) { return NT_STATUS_NO_MEMORY; @@ -976,42 +965,18 @@ static NTSTATUS common_lookup_usergroups(struct winbindd_domain *domain, status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol); if (!NT_STATUS_IS_OK(status)) { - goto error; + goto done; } - /* Get user handle */ - status = rpccli_samr_OpenUser(samr_pipe, - tmp_ctx, - &dom_pol, - samr_access, - user_rid, - &usr_pol); + status = rpc_lookup_usergroups(tmp_ctx, + samr_pipe, + &dom_pol, + &domain->sid, + user_sid, + &num_groups, + &user_grpsids); if (!NT_STATUS_IS_OK(status)) { - return status; - } - - /* Query user rids */ - status = rpccli_samr_GetGroupsForUser(samr_pipe, - tmp_ctx, - &usr_pol, - &rid_array); - num_groups = rid_array->count; - - rpccli_samr_Close(samr_pipe, tmp_ctx, &usr_pol); - - if (!NT_STATUS_IS_OK(status) || num_groups == 0) { - return status; - } - - user_grpsids = TALLOC_ARRAY(tmp_ctx, struct dom_sid, num_groups); - if (user_grpsids == NULL) { - status = NT_STATUS_NO_MEMORY; - goto error; - } - - for (i = 0; i < num_groups; i++) { - sid_compose(&(user_grpsids[i]), &domain->sid, - rid_array->rids[i].rid); + goto done; } if (pnum_groups) { @@ -1022,7 +987,7 @@ static NTSTATUS common_lookup_usergroups(struct winbindd_domain *domain, *puser_grpsids = talloc_move(mem_ctx, &user_grpsids); } -error: +done: TALLOC_FREE(tmp_ctx); return status; } @@ -1219,7 +1184,7 @@ struct winbindd_methods builtin_passdb_methods = { .sid_to_name = sam_sid_to_name, .rids_to_names = sam_rids_to_names, .query_user = builtin_query_user, - .lookup_usergroups = common_lookup_usergroups, + .lookup_usergroups = sam_lookup_usergroups, .lookup_useraliases = common_lookup_useraliases, .lookup_groupmem = sam_lookup_groupmem, .sequence_number = common_sequence_number, @@ -1239,7 +1204,7 @@ struct winbindd_methods sam_passdb_methods = { .sid_to_name = sam_sid_to_name, .rids_to_names = sam_rids_to_names, .query_user = sam_query_user, - .lookup_usergroups = common_lookup_usergroups, + .lookup_usergroups = sam_lookup_usergroups, .lookup_useraliases = common_lookup_useraliases, .lookup_groupmem = sam_lookup_groupmem, .sequence_number = common_sequence_number, -- cgit