sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-03 13:47:25 +03:00
Code

- adding builtin[alias]db.

Browse Source 
- lib/sids.c:

	generate_sam_sid() modified to take a domain name: it now
	generates "DOMAIN_NAME.SID".  reasons:

	1) if you run multiple samba servers on the same machine
	under different netbios names as members of a domain,
	they won't all use the same SID, which is a _big_ mistake
	but it would happen _by default_.

	2) we have (had) a problem with sid_to_string() and string_to_sid()
	which cause SIDs to be incorrectly read.  one of the major
	reasons for *NOT* making this change was so as not to disrupt
	existing users.  but as they will be anyway by this bug,
	we might as well go ahead.

- passdb/smbpass.c:

	wanted to change the meaning of the name in the smbpasswd
	file to an "nt" name not a "unix" name.  this is probably
	not a good idea: reverted this.

- output formatting / bug-fixing in rpcclient query_useraliases code.
(This used to be commit e4930f5f48f8246ceec8add8bf769954a963190c)
This commit is contained in:
Luke Leighton 1998-11-30 15:08:58 +00:00
parent 868b22f5a1
commit 31044dd8e6
14 changed files with 145 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source3/Makefile.in
View File

@ -150,9 +150,9 @@ RPC_CLIENT_OBJ = \
LOCKING_OBJ = locking/locking.o locking/locking_shm.o locking/locking_slow.o \
locking/shmem.o locking/shmem_sysv.o
GROUPDB_OBJ = groupdb/groupdb.o groupdb/groupfile.o \
groupdb/aliasdb.o groupdb/aliasfile.o \
groupdb/groupunix.o groupdb/aliasunix.o \
GROUPDB_OBJ = groupdb/groupdb.o groupdb/aliasdb.o groupdb/builtindb.o \
groupdb/groupfile.o groupdb/aliasfile.o \
groupdb/groupunix.o groupdb/aliasunix.o groupdb/builtinunix.o \
passdb/passgrp.o passdb/smbpassgroup.o \
passdb/smbpassgroupunix.o

31
source3/include/proto.h
View File

@ -50,6 +50,35 @@ BOOL get_unixalias_members(struct group *grp,
int *num_mem, LOCAL_GRP_MEMBER **members);
struct aliasdb_ops *unix_initialise_alias_db(void);
/*The following definitions come from groupdb/builtindb.c */
BOOL initialise_builtin_db(void);
LOCAL_GRP *iterate_getbuiltingid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
LOCAL_GRP *iterate_getbuiltinrid(uint32 rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
LOCAL_GRP *iterate_getbuiltinntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
BOOL add_domain_builtin(LOCAL_GRP **blts, int *num_blts, LOCAL_GRP *blt);
BOOL iterate_getuserbuiltinntnam(const char *user_name, LOCAL_GRP **blts, int *num_blts);
BOOL enumdombuiltins(LOCAL_GRP **blts, int *num_blts);
void *startbuiltinent(BOOL update);
void endbuiltinent(void *vp);
LOCAL_GRP *getbuiltinent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem);
BOOL add_builtin_entry(LOCAL_GRP *newblt);
BOOL mod_builtin_entry(LOCAL_GRP* blt);
LOCAL_GRP *getbuiltinntnam(const char *name, LOCAL_GRP_MEMBER **mem, int *num_mem);
LOCAL_GRP *getbuiltinrid(uint32 builtin_rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
LOCAL_GRP *getbuiltingid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
BOOL getuserbuiltinntnam(const char *user_name, LOCAL_GRP **blt, int *num_blts);
void bidb_init_blt(LOCAL_GRP *blt);
BOOL make_builtin_line(char *p, int max_len,
LOCAL_GRP *blt,
LOCAL_GRP_MEMBER **mem, int *num_mem);
/*The following definitions come from groupdb/builtinunix.c */
BOOL get_unixbuiltin_members(struct group *grp,
int *num_mem, LOCAL_GRP_MEMBER **members);
struct aliasdb_ops *unix_initialise_builtin_db(void);
/*The following definitions come from groupdb/groupdb.c */
BOOL initialise_group_db(void);
@ -232,7 +261,7 @@ char *rep_inet_ntoa(struct in_addr ip);
void get_sam_domain_name(void);
BOOL get_member_domain_sid(void);
void generate_wellknown_sids(void);
BOOL generate_sam_sid(void);
BOOL generate_sam_sid(char *domain_name);
BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain);
BOOL map_domain_sid_to_name(DOM_SID *sid, char *nt_domain);
BOOL split_domain_name(char *fullname, char *domain, char *name);

1
source3/include/rpcclient.h
View File

@ -77,6 +77,7 @@ struct nt_client_info
POLICY_HND samr_pol_connect;
POLICY_HND samr_pol_open_domain;
POLICY_HND samr_pol_open_builtindom;
POLICY_HND samr_pol_open_user;
struct acct_info *sam;

13
source3/lib/domain_namemap.c
View File

@ -273,8 +273,6 @@ static void delete_map_list(ubi_slList *map_list)
***************************************************************************/
static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type)
{
DEBUG(10,("make_mydomain_sid\n"));
if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
{
DEBUG(0,("make_mydomain_sid: unknown domain %s\n",
@ -287,8 +285,10 @@ static BOOL make_mydomain_sid(DOM_NAME_MAP *grp, DOM_MAP_TYPE type)
/*
* only builtin aliases are recognised in S-1-5-20
*/
DEBUG(10,("make_mydomain_sid: group %s in builtin domain\n",
grp->nt_name));
if (!lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type))
if (lookup_builtin_alias_name(grp->nt_name, "BUILTIN", &grp->sid, &grp->type) != 0x0)
{
DEBUG(0,("unix group %s mapped to an unrecognised BUILTIN domain name %s\n",
grp->unix_name, grp->nt_name));
@ -584,9 +584,6 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type)
if (!*unixname)
continue;
DEBUG(5,("unixname = %s, ntname = %s.\n",
unixname, nt_name));
p = strchr(nt_name, '\\');
if (p == NULL)
@ -602,9 +599,11 @@ static ubi_slList *load_name_map(DOM_MAP_TYPE type)
fstrcpy(nt_group , p);
}
if (make_name_entry(&new_ep, nt_domain, nt_name, unixname, type))
if (make_name_entry(&new_ep, nt_domain, nt_group, unixname, type))
{
ubi_slAddTail(map_list, (ubi_slNode *)new_ep);
DEBUG(5,("unixname = %s, ntname = %s\\%s type = %d\n",
unixname, nt_domain, nt_group, new_ep->grp.type));
}
}

14
source3/lib/sids.c
View File

@ -268,22 +268,24 @@ void generate_wellknown_sids(void)
}
/****************************************************************************
Generate the global machine sid. Look for the MACHINE.SID file first, if
not found then look in smb.conf and use it to create the MACHINE.SID file.
Generate the global machine sid. Look for the DOMAINNAME.SID file first, if
not found then look in smb.conf and use it to create the DOMAINNAME.SID file.
****************************************************************************/
BOOL generate_sam_sid(void)
BOOL generate_sam_sid(char *domain_name)
{
int fd;
int i;
char *p;
pstring sid_file;
fstring sid_string;
fstring file_name;
SMB_STRUCT_STAT st;
uchar raw_sid_data[12];
pstrcpy(sid_file, lp_smb_passwd_file());
p = strrchr(sid_file, '/');
if (p != NULL) {
if (p != NULL)
{
*++p = '\0';
}
@ -295,7 +297,9 @@ BOOL generate_sam_sid(void)
}
}
pstrcat(sid_file, "MACHINE.SID");
slprintf(file_name, sizeof(file_name)-1, "%s.SID", domain_name);
strupper(file_name);
pstrcat(sid_file, file_name);
if ((fd = sys_open(sid_file, O_RDWR | O_CREAT, 0644)) == -1) {
DEBUG(0,("unable to open or create file %s. Error was %s\n",

9
source3/lib/util_pwdb.c
View File

@ -176,8 +176,6 @@ uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain,
rid = builtin_alias_rids[i].rid;
als_name = builtin_alias_rids[i].name;
i++;
if (strequal(als_name, alias_name))
{
if (sid != NULL)
@ -193,6 +191,8 @@ uint32 lookup_builtin_alias_name(const char *alias_name, const char *domain,
return 0x0;
}
i++;
} while (als_name != NULL);
return 0xC0000000 | NT_STATUS_NONE_MAPPED;
@ -431,9 +431,10 @@ BOOL pwdb_initialise(void)
generate_wellknown_sids();
if (!generate_sam_sid())
if (!generate_sam_sid(global_sam_name))
{
DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
DEBUG(0,("ERROR: Samba cannot create a SAM SID for its domain (%s).\n",
global_sam_name));
return False;
}

7
source3/lsarpcd/srv_lsa.c
View File

@ -32,9 +32,7 @@ extern DOM_SID global_sam_sid;
extern fstring global_sam_name;
extern DOM_SID global_member_sid;
extern fstring global_myworkgroup;
extern DOM_SID global_sid_S_1_1;
extern DOM_SID global_sid_S_1_3;
extern DOM_SID global_sid_S_1_5;
extern DOM_SID global_sid_S_1_5_20;
/***************************************************************************
lsa_reply_open_policy2
@ -264,7 +262,8 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
else if (sid_split_rid (&find_sid, &rid) &&
map_domain_sid_to_name(&find_sid, dom_name))
{
if (sid_equal(&find_sid, &global_sam_sid))
if (sid_equal(&find_sid, &global_sam_sid) ||
sid_equal(&find_sid, &global_sid_S_1_5_20))
{
status = lookup_sid(&tmp_sid, name, &sid_name_use);
}

40
source3/passdb/smbpass.c
View File

@ -73,7 +73,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
{
/* Static buffers we will return. */
static struct smb_passwd pw_buf;
static pstring nt_name;
static pstring unix_name;
static unsigned char smbpwd[16];
static unsigned char smbntpwd[16];
char linebuf[256];
@ -115,7 +115,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
* As 256 is shorter than a pstring we don't need to check
* length here - if this ever changes....
*/
p = strncpyn(nt_name, linebuf, sizeof(nt_name), ':');
p = strncpyn(unix_name, linebuf, sizeof(unix_name), ':');
/* Go past ':' */
p++;
@ -124,7 +124,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
p = Atoic( p, &uidval, ":");
pw_buf.nt_name = nt_name;
pw_buf.unix_name = unix_name;
pw_buf.unix_uid = uidval;
/*
@ -139,7 +139,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
if (*p == '*' || *p == 'X')
{
/* Password deliberately invalid - end here. */
DEBUG(10, ("getsmbfilepwent: entry invalidated for nt user %s\n", nt_name));
DEBUG(10, ("getsmbfilepwent: entry invalidated for unix user %s\n", unix_name));
pw_buf.smb_nt_passwd = NULL;
pw_buf.smb_passwd = NULL;
pw_buf.acct_ctrl |= ACB_DISABLED;
@ -194,8 +194,8 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
p += 33;
}
DEBUG(5,("getsmbfilepwent: returning passwd entry for nt user %s, unix uid %d\n",
nt_name, uidval));
DEBUG(5,("getsmbfilepwent: returning passwd entry for unix user %s, unix uid %d\n",
unix_name, uidval));
if (*p == '[')
{
@ -226,7 +226,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
* password file as 'normal accounts'. If this changes
* we will have to fix this code. JRA.
*/
if (pw_buf.nt_name[strlen(pw_buf.nt_name) - 1] == '$')
if (pw_buf.unix_name[strlen(pw_buf.unix_name) - 1] == '$')
{
pw_buf.acct_ctrl &= ~ACB_NORMAL;
pw_buf.acct_ctrl |= ACB_WSTRUST;
@ -272,8 +272,8 @@ static BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd)
*/
while ((pwd = getsmbfilepwent(fp)) != NULL) {
if (strequal(newpwd->nt_name, pwd->nt_name)) {
DEBUG(0, ("add_smbfilepwd_entry: entry with nt name %s already exists\n", pwd->nt_name));
if (strequal(newpwd->unix_name, pwd->unix_name)) {
DEBUG(0, ("add_smbfilepwd_entry: entry with unix name %s already exists\n", pwd->unix_name));
endsmbfilepwent(fp);
return False;
}
@ -290,21 +290,21 @@ static BOOL add_smbfilepwd_entry(struct smb_passwd *newpwd)
if((offpos = sys_lseek(fd, 0, SEEK_END)) == -1) {
DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \
Error was %s\n", newpwd->nt_name, pfile, strerror(errno)));
Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
endsmbfilepwent(fp);
return False;
}
new_entry_length = strlen(newpwd->nt_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
new_entry_length = strlen(newpwd->unix_name) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN + 1 + 13 + 2;
if((new_entry = (char *)malloc( new_entry_length )) == NULL) {
DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
Error was %s\n", newpwd->nt_name, pfile, strerror(errno)));
Error was %s\n", newpwd->unix_name, pfile, strerror(errno)));
endsmbfilepwent(fp);
return False;
}
slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->nt_name, (unsigned)newpwd->unix_uid);
slprintf(new_entry, new_entry_length - 1, "%s:%u:", newpwd->unix_name, (unsigned)newpwd->unix_uid);
p = &new_entry[strlen(new_entry)];
if(newpwd->smb_passwd != NULL) {
@ -349,13 +349,13 @@ Error was %s\n", newpwd->nt_name, pfile, strerror(errno)));
if ((wr_len = write(fd, new_entry, strlen(new_entry))) != strlen(new_entry)) {
DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
Error was %s\n", wr_len, newpwd->nt_name, pfile, strerror(errno)));
Error was %s\n", wr_len, newpwd->unix_name, pfile, strerror(errno)));
/* Remove the entry we just wrote. */
if(sys_ftruncate(fd, offpos) == -1) {
DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
Error was %s. Password file may be corrupt ! Please examine by hand !\n",
newpwd->nt_name, strerror(errno)));
newpwd->unix_name, strerror(errno)));
}
endsmbfilepwent(fp);
@ -380,7 +380,7 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n",
static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
{
/* Static buffers we will return. */
static pstring nt_name;
static pstring unix_name;
char linebuf[256];
char readbuf[1024];
@ -498,9 +498,9 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
* As 256 is shorter than a pstring we don't need to check
* length here - if this ever changes....
*/
strncpy(nt_name, linebuf, PTR_DIFF(p, linebuf));
nt_name[PTR_DIFF(p, linebuf)] = '\0';
if (strequal(nt_name, pwd->nt_name)) {
strncpy(unix_name, linebuf, PTR_DIFF(p, linebuf));
unix_name[PTR_DIFF(p, linebuf)] = '\0';
if (strequal(unix_name, pwd->unix_name)) {
found_entry = True;
break;
}
@ -545,7 +545,7 @@ static BOOL mod_smbfilepwd_entry(struct smb_passwd* pwd, BOOL override)
if (!override && (*p == '*' || *p == 'X')) {
/* Password deliberately invalid - end here. */
DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for nt user %s\n", nt_name));
DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for unix user %s\n", unix_name));
file_unlock(lockfd, &pw_file_lock_depth);
fclose(fp);
return False;

12
source3/passdb/smbpassgroupunix.c
View File

@ -107,6 +107,7 @@ static struct smb_passwd *getsmbunixgrpent(void *vp,
if (als_rids == NULL && grp_rids == NULL)
{
/* they didn't want to know the members. */
return pwdb_sam_to_smb(pw_buf);
}
@ -131,6 +132,17 @@ static struct smb_passwd *getsmbunixgrpent(void *vp,
* find the unix name for each user's group.
* assume the unix group is an nt name (alias? group? user?)
* (user or not our own domain will be an error).
*
* oh, oh, can anyone spot what's missing heeere?
* you guessed it: built-in aliases. those are in
* Domain S-1-5-20, and NT Domain Users can only
* have lists of RIDs as groups.
*
* doesn't stop you making NT Domain Users a member
* of a BUILTIN Alias (e.g "Administrators" or "Power Users")
* it's just that there's no way to tell that from this
* API call: wrong domain, sorry.
*
*/
DOM_NAME_MAP gmep;

7
source3/rpc_client/cli_lsarpc.c
View File

@ -306,10 +306,11 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli,
if (dom_idx != 0xffffffff)
{
fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer));
fstrcpy(name , unistr2(t_names.uni_name[i].buffer));
fstrcpy(dom_name, unistr2_to_str(&ref.ref_dom[dom_idx].uni_dom_name));
fstrcpy(name , unistr2_to_str(&t_names.uni_name[i]));
slprintf(full_name, sizeof(full_name), "%s\\%s",
memset(full_name, 0, sizeof(full_name));
slprintf(full_name, sizeof(full_name)-1, "%s\\%s",
dom_name, name);
(*names)[i] = strdup(full_name);

7
source3/rpc_server/srv_lsa.c
View File

@ -32,9 +32,7 @@ extern DOM_SID global_sam_sid;
extern fstring global_sam_name;
extern DOM_SID global_member_sid;
extern fstring global_myworkgroup;
extern DOM_SID global_sid_S_1_1;
extern DOM_SID global_sid_S_1_3;
extern DOM_SID global_sid_S_1_5;
extern DOM_SID global_sid_S_1_5_20;
/***************************************************************************
lsa_reply_open_policy2
@ -264,7 +262,8 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
else if (sid_split_rid (&find_sid, &rid) &&
map_domain_sid_to_name(&find_sid, dom_name))
{
if (sid_equal(&find_sid, &global_sam_sid))
if (sid_equal(&find_sid, &global_sam_sid) ||
sid_equal(&find_sid, &global_sid_S_1_5_20))
{
status = lookup_sid(&tmp_sid, name, &sid_name_use);
}

23
source3/rpc_server/srv_samr.c
View File

@ -732,6 +732,7 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
{
uint32 status = 0;
LOCAL_GRP *mem_grp = NULL;
uint32 *rid = NULL;
int num_rids = 0;
struct sam_passwd *sam_pass;
@ -781,21 +782,32 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
if (status == 0x0)
{
DEBUG(10,("sid is %s\n", dom_sid_str));
if (sid_equal(&dom_sid, &global_sid_S_1_5_20))
{
DEBUG(10,("lookup on S-1-5-20\n"));
become_root(True);
getuserbuiltinntnam(sam_pass->nt_name, &mem_grp, &num_rids);
unbecome_root(True);
}
else if (sid_equal(&dom_sid, &usr_sid))
{
LOCAL_GRP *mem_grp = NULL;
num_rids = 0;
DEBUG(10,("lookup on Domain SID\n"));
become_root(True);
getuseraliasntnam(sam_pass->nt_name, &mem_grp, &num_rids);
unbecome_root(True);
}
else
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}
if (status == 0x0 && num_rids > 0)
{
rid = malloc(num_rids * sizeof(uint32));
if (mem_grp != NULL && rid != NULL)
{
@ -805,11 +817,6 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
rid[i] = mem_grp[i].rid;
}
free(mem_grp);
}
}
else
{
status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
}
}

39
source3/rpcclient/cmd_samr.c
View File

@ -181,8 +181,10 @@ void cmd_sam_enum_users(struct client_info *info)
fstring domain;
fstring sid;
DOM_SID sid1;
DOM_SID sid_1_5_20;
int user_idx;
BOOL res = True;
BOOL res1 = True;
BOOL request_user_info = False;
BOOL request_group_info = False;
BOOL request_alias_info = False;
@ -218,6 +220,10 @@ void cmd_sam_enum_users(struct client_info *info)
request_group_info |= strequal(tmp, "-g");
request_alias_info |= strequal(tmp, "-a");
}
else
{
break;
}
}
#ifdef DEBUG_TESTING
@ -242,6 +248,8 @@ void cmd_sam_enum_users(struct client_info *info)
}
#endif
string_to_sid(&sid_1_5_20, "S-1-5-32");
fprintf(out_hnd, "SAM Enumerate Users\n");
fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
info->myhostname, srv_name, domain, sid);
@ -264,6 +272,11 @@ void cmd_sam_enum_users(struct client_info *info)
&info->dom.samr_pol_connect, admin_rid, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* connect to the S-1-5-20 domain */
res1 = res ? do_samr_open_domain(smb_cli,
&info->dom.samr_pol_connect, admin_rid, &sid_1_5_20,
&info->dom.samr_pol_open_builtindom) : False;
/* read some users */
res = res ? do_samr_enum_dom_users(smb_cli,
&info->dom.samr_pol_open_domain,
@ -275,12 +288,8 @@ void cmd_sam_enum_users(struct client_info *info)
fprintf(out_hnd, "No users\n");
}
if (request_user_info || request_group_info || request_alias_info)
{
/* query all the users */
user_idx = 0;
while (res && user_idx < info->dom.num_sam_entries)
for (user_idx = 0; res && user_idx < info->dom.num_sam_entries; user_idx++)
{
uint32 user_rid = info->dom.sam[user_idx].user_rid;
SAM_USER_INFO_21 usr;
@ -332,16 +341,26 @@ void cmd_sam_enum_users(struct client_info *info)
&info->dom.samr_pol_open_domain,
&als_sid, &num_aliases, rid))
{
display_alias_rid_info(out_hnd, ACTION_HEADER , &als_sid, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &als_sid, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_FOOTER , &als_sid, num_aliases, rid);
}
display_alias_rid_info(out_hnd, ACTION_HEADER , &sid1, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid1, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_FOOTER , &sid1, num_aliases, rid);
}
user_idx++;
/* send user alias query */
if (res1 && do_samr_query_useraliases(smb_cli,
&info->dom.samr_pol_open_builtindom,
&als_sid, &num_aliases, rid))
{
display_alias_rid_info(out_hnd, ACTION_HEADER , &sid_1_5_20, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid_1_5_20, num_aliases, rid);
display_alias_rid_info(out_hnd, ACTION_FOOTER , &sid_1_5_20, num_aliases, rid);
}
}
}
res1 = res1 ? do_samr_close(smb_cli,
&info->dom.samr_pol_open_builtindom) : False;
res = res ? do_samr_close(smb_cli,
&info->dom.samr_pol_open_domain) : False;

5
source3/smbd/server.c
View File

@ -676,6 +676,11 @@ static void usage(char *pname)
exit(1);
}
if(!initialise_builtin_db())
{
exit(1);
}
if (!get_member_domain_sid())
{
DEBUG(0,("ERROR: Samba cannot obtain PDC SID from PDC(s) %s.\n",