2025-08-04 08:22:08 +03:00 · 1998-11-23 21:51:05 +00:00
parent 735926877b
commit 4cee58780c
26 changed files with 1100 additions and 1296 deletions
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@ -100,7 +100,8 @@ LIB_OBJ = lib/charcnv.o lib/charset.o lib/debug.o lib/fault.o \
          lib/getsmbpass.o lib/interface.o lib/kanji.o lib/md4.o \
          lib/membuffer.o lib/netmask.o lib/pidfile.o lib/replace.o \
          lib/signal.o lib/slprintf.o lib/system.o lib/time.o lib/ufc.o \
-          lib/util.o lib/genrand.o lib/username.o lib/access.o lib/smbrun.o \
+          lib/util.o lib/genrand.o lib/username.o \
 		lib/access.o lib/smbrun.o \
 	  lib/bitmap.o lib/crc32.o lib/util_sid.o lib/snprintf.o \
 		lib/util_str.o lib/util_unistr.o \
 		lib/util_file.o mem_man/mem_man.o \
@ -150,21 +151,22 @@ LOCKING_OBJ = locking/locking.o locking/locking_shm.o locking/locking_slow.o \
              locking/shmem.o locking/shmem_sysv.o
 GROUPDB_OBJ = groupdb/groupdb.o groupdb/groupfile.o \
-		groupdb/aliasdb.o groupdb/aliasfile.o
+		groupdb/aliasdb.o groupdb/aliasfile.o \
 		groupdb/groupunix.o groupdb/aliasunix.o \
 		passdb/passgrp.o passdb/smbpassgroup.o \
 		passdb/smbpassgroupunix.o
 PASSDB_OBJ = passdb/passdb.o passdb/smbpassfile.o passdb/smbpass.o \
             passdb/pass_check.o passdb/ldap.o passdb/nispass.o \
 		passdb/passgrp.o passdb/smbpassgroup.o \
 		passdb/smbpasschange.o 
 SMBD_OBJ1 = smbd/server.o smbd/files.o smbd/chgpasswd.o smbd/connection.o \
            smbd/dfree.o smbd/dir.o smbd/password.o smbd/conn.o smbd/fileio.o \
-            smbd/ipc.o smbd/mangle.o smbd/negprot.o \
+            smbd/ipc.o smbd/mangle.o smbd/negprot.o smbd/groupname.o \
            smbd/message.o smbd/nttrans.o smbd/pipes.o smbd/predict.o \
            smbd/$(QUOTAOBJS) smbd/reply.o smbd/ssl.o smbd/trans2.o smbd/uid.o \
 	    smbd/dosmode.o smbd/filename.o smbd/open.o smbd/close.o smbd/blocking.o \
 	    smbd/process.o smbd/oplock.o smbd/service.o smbd/error.o \
 		smbd/groupname.o 
 PRINTING_OBJ = printing/pcap.o printing/print_svid.o printing/printing.o
--- a/source3/configure
+++ b/source3/configure
--- a/source3/configure.in
+++ b/source3/configure.in
@ -52,8 +52,9 @@ AC_HEADER_DIRENT
 AC_HEADER_TIME
 AC_HEADER_SYS_WAIT
 AC_CHECK_HEADERS(sys/fcntl.h sys/select.h fcntl.h sys/time.h sys/unistd.h)
 AC_CHECK_HEADERS(sys/param.h ctype.h )
 AC_CHECK_HEADERS(unistd.h utime.h grp.h sys/id.h limits.h memory.h net/route.h net/if.h)
-AC_CHECK_HEADERS(compat.h rpc/rpc.h rpcsvc/yp_prot.h rpcsvc/ypclnt.h sys/param.h ctype.h )
+AC_CHECK_HEADERS(compat.h rpc/rpc.h sys/param.h ctype.h )
 AC_CHECK_HEADERS(sys/wait.h sys/resource.h sys/ioctl.h sys/mode.h)
 AC_CHECK_HEADERS(sys/filio.h string.h strings.h stdlib.h sys/socket.h)
 AC_CHECK_HEADERS(sys/mount.h sys/vfs.h sys/fs/s5param.h sys/filsys.h termios.h)
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@ -621,6 +621,7 @@ union semun {
 #if (!defined(WITH_NISPLUS) && !defined(WITH_LDAP))
 #define USE_SMBPASS_DB 1
 #define USE_SMBUNIX_DB 1
 #endif
 #if defined(HAVE_PUTPRPWNAM) && defined(AUTH_CLEARTEXT_SEG_CHARS)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@ -36,11 +36,20 @@ LOCAL_GRP *getaliasrid(uint32 alias_rid, LOCAL_GRP_MEMBER **mem, int *num_mem);
 LOCAL_GRP *getaliasgid(gid_t gid, LOCAL_GRP_MEMBER **mem, int *num_mem);
 BOOL getuseraliasnam(char *user_name, LOCAL_GRP **als, int *num_alss);
 void aldb_init_als(LOCAL_GRP *als);
 BOOL make_alias_line(char *p, int max_len,
 				LOCAL_GRP *als,
 				LOCAL_GRP_MEMBER **mem, int *num_mem);
 /*The following definitions come from  groupdb/aliasfile.c  */
 struct aliasdb_ops *file_initialise_alias_db(void);
 /*The following definitions come from  groupdb/aliasunix.c  */
 BOOL get_unixalias_members(struct group *als,
 				int *num_mem, LOCAL_GRP_MEMBER **members);
 struct aliasdb_ops *unix_initialise_alias_db(void);
 /*The following definitions come from  groupdb/groupdb.c  */
 BOOL initialise_group_db(void);
@ -60,11 +69,20 @@ DOMAIN_GRP *getgrouprid(uint32 group_rid, DOMAIN_GRP_MEMBER **mem, int *num_mem)
 DOMAIN_GRP *getgroupgid(gid_t gid, DOMAIN_GRP_MEMBER **mem, int *num_mem);
 BOOL getusergroupsnam(char *user_name, DOMAIN_GRP **grp, int *num_grps);
 void gpdb_init_grp(DOMAIN_GRP *grp);
 BOOL make_group_line(char *p, int max_len,
 				DOMAIN_GRP *grp,
 				DOMAIN_GRP_MEMBER **mem, int *num_mem);
 /*The following definitions come from  groupdb/groupfile.c  */
 struct groupdb_ops *file_initialise_group_db(void);
 /*The following definitions come from  groupdb/groupunix.c  */
 BOOL get_unixgroup_members(struct group *grp,
 				int *num_mem, DOMAIN_GRP_MEMBER **members);
 struct groupdb_ops *unix_initialise_group_db(void);
 /*The following definitions come from  lib/access.c  */
 BOOL allow_access(char *deny_list,char *allow_list,
@ -263,6 +281,7 @@ char *tmpdir(void);
 BOOL in_group(gid_t group, gid_t current_gid, int ngroups, gid_t *groups);
 int get_number(char *tmp);
 char *Atoic(char *p, int *n, char *c);
 int* add_num_to_list(uint32 **num, int *count, int val);
 char *get_numlist(char *p, uint32 **num, int *count);
 void putip(void *dest,void *src);
 char *dns_to_netbios_name(char *dns_name);
@ -1223,6 +1242,7 @@ int lp_minor_announce_version(void);
 void lp_set_name_resolve_order(char *new_order);
 void lp_set_kernel_oplocks(BOOL val);
 BOOL lp_kernel_oplocks(void);
 int lp_server_role(void);
 /*The following definitions come from  param/params.c  */
@ -1318,6 +1338,11 @@ struct smb_passwd *getsmbgrpuid(uid_t smb_userid,
 /*The following definitions come from  passdb/smbpass.c  */
 void *startsmbfilepwent(BOOL update);
 void endsmbfilepwent(void *vp);
 SMB_BIG_UINT getsmbfilepwpos(void *vp);
 BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok);
 struct smb_passwd *getsmbfilepwent(void *vp);
 struct passdb_ops *file_initialise_password_db(void);
 /*The following definitions come from  passdb/smbpasschange.c  */
@ -1341,6 +1366,10 @@ BOOL trust_get_passwd( unsigned char trust_passwd[16], char *domain, char *mynam
 struct passgrp_ops *file_initialise_password_grp(void);
 /*The following definitions come from  passdb/smbpassgroupunix.c  */
 struct passgrp_ops *unix_initialise_password_grp(void);
 /*The following definitions come from  printing/pcap.c  */
 BOOL pcap_printername_ok(char *pszPrintername, char *pszPrintcapname);
@ -1951,7 +1980,7 @@ void make_samr_r_lookup_names(SAMR_R_LOOKUP_NAMES *r_u,
 void samr_io_r_lookup_names(char *desc,  SAMR_R_LOOKUP_NAMES *r_u, prs_struct *ps, int depth);
 void samr_io_q_unknown_12(char *desc,  SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, int depth);
 void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
-		uint32 num_aliases, fstring *als_name, uint32 *num_als_usrs,
+		uint32 num_aliases, fstring *als_name, uint8 *num_als_usrs,
 		uint32 status);
 void samr_io_r_unknown_12(char *desc,  SAMR_R_UNKNOWN_12 *r_u, prs_struct *ps, int depth);
 void make_samr_q_open_user(SAMR_Q_OPEN_USER *q_u,
@ -2157,31 +2186,28 @@ void wks_io_r_query_info(char *desc,  WKS_R_QUERY_INFO *r_u, prs_struct *ps, int
 int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids);
 int get_domain_user_groups(DOMAIN_GRP_MEMBER **grp_members, uint32 group_rid);
-uint32 lookup_builtin_names(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_builtin_sid(DOM_SID *sid, char *name, uint8 *type);
-uint32 lookup_added_name(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_added_sid(DOM_SID *sid, char *name, uint8 *type);
-uint32 lookup_name(DOM_SID *sid, char *name, uint8 *type);
+uint32 lookup_sid(DOM_SID *sid, char *name, uint8 *type);
-uint32 lookup_wk_group_name(DOM_SID *sid, char *group_name, uint8 *type);
+uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type);
-uint32 lookup_group_name(DOM_SID *sid, char *group_name, uint8 *type);
+uint32 lookup_group_sid(DOM_SID *sid, char *group_name, uint8 *type);
-uint32 lookup_wk_alias_name(DOM_SID *sid, char *alias_name, uint8 *type);
+uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type);
-uint32 lookup_alias_name(DOM_SID *sid, char *alias_name, uint8 *type);
+uint32 lookup_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type);
-uint32 lookup_wk_user_name(DOM_SID *sid, char *user_name, uint8 *type);
+uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type);
-uint32 lookup_user_name(DOM_SID *sid, char *user_name, uint8 *type);
+uint32 lookup_user_sid(DOM_SID *sid, char *user_name, uint8 *type);
-uint32 lookup_group_rid(char *group_name, uint32 *rid, uint8 *type);
+uint32 lookup_group_name(char *grp_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_wk_group_rid(char *group_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_group_name(char *group_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type);
+uint32 lookup_alias_name(char *als_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_alias_rid(char *alias_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_alias_name(char *alias_name, DOM_SID *sid, uint8 *type);
 uint32 lookup_wk_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type);
 uint32 lookup_wk_alias_rid(char *alias_name, uint32 *rid, uint8 *type);
 uint32 lookup_sid(char *name, DOM_SID *sid, uint8 *type);
 uint32 lookup_added_user_rids(char *user_name,
 		uint32 *usr_rid, uint32 *grp_rid);
-uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type);
+uint32 lookup_added_user_name(char *user_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_wk_user_rid(char *user_name, uint32 *rid, uint8 *type);
+uint32 lookup_wk_user_name(char *user_name, DOM_SID *sid, uint8 *type);
-uint32 lookup_added_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_added_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_builtin_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_builtin_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_grp_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_grp_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_user_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_user_name(char *name, DOM_SID *sid, uint8 *type);
-uint32 lookup_rid(char *name, uint32 *rid, uint8 *type);
+uint32 lookup_name(char *name, DOM_SID *sid, uint8 *type);
 uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid);
 /*The following definitions come from  rpc_server/srv_lsa.c  */
@ -2238,6 +2264,7 @@ BOOL api_samr_rpc(pipes_struct *p, prs_struct *data);
 /*The following definitions come from  rpc_server/srv_sid.c  */
 void get_sam_domain_name(void);
 BOOL get_member_domain_sid(void);
 void generate_wellknown_sids(void);
 BOOL generate_sam_sid(void);
@ -2488,14 +2515,14 @@ void file_chain_restore(void);
 /*The following definitions come from  smbd/groupname.c  */
-BOOL map_group_sid_to_name(DOM_SID *psid, char *group_name, char *nt_domain);
+BOOL map_group_sid(DOM_SID *psid, gid_t *gid, char *group_name, char *nt_domain);
-BOOL map_alias_sid_to_name(DOM_SID *psid, char *alias_name, char *nt_domain);
+BOOL map_alias_sid(DOM_SID *psid, gid_t *gid, char *alias_name, char *nt_domain);
-BOOL map_group_name_to_sid(char *group_name, DOM_SID *psid);
+BOOL map_unix_group_name(char *group_name, DOM_SID *psid, char *ntgroup_name, char *nt_domain);
-BOOL map_alias_name_to_sid(char *alias_name, DOM_SID *psid);
+BOOL map_unix_alias_name(char *alias_name, DOM_SID *psid, char *ntalias_name, char *nt_domain);
-BOOL map_gid_to_alias_sid(gid_t gid, DOM_SID *psid);
+BOOL map_nt_group_name(char *ntgroup_name, char *nt_domain, DOM_SID *psid, char *group_name, gid_t *gid);
-BOOL map_gid_to_group_sid( gid_t gid, DOM_SID *psid);
+BOOL map_nt_alias_name(char *ntalias_name, char *nt_domain, DOM_SID *psid, char *alias_name, gid_t *gid);
-BOOL map_group_sid_to_gid( DOM_SID *psid, gid_t *gid);
+BOOL map_alias_gid(gid_t gid, DOM_SID *psid, char *nt_als_name, char *nt_domain);
-BOOL map_alias_sid_to_gid( DOM_SID *psid, gid_t *gid);
+BOOL map_group_gid( gid_t gid, DOM_SID *psid, char *nt_grp_name, char *nt_domain);
 /*The following definitions come from  smbd/ipc.c  */
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@ -1560,6 +1560,15 @@ enum protocol_types {PROTOCOL_NONE,PROTOCOL_CORE,PROTOCOL_COREPLUS,PROTOCOL_LANM
 /* security levels */
 enum security_types {SEC_SHARE,SEC_USER,SEC_SERVER,SEC_DOMAIN};
 /* server roles */
 enum server_types
 {
 	ROLE_DOMAIN_NONE,
 	ROLE_DOMAIN_MEMBER,
 	ROLE_DOMAIN_BDC,
 	ROLE_DOMAIN_PDC
 };
 /* printing types */
 enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
 		     PRINT_QNX,PRINT_PLP,PRINT_LPRNG,PRINT_SOFTQ};
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@ -189,6 +189,18 @@ char *Atoic(char *p, int *n, char *c)
 	return p;
 }
 int* add_num_to_list(uint32 **num, int *count, int val)
 {
 	(*num) = Realloc((*num), ((*count)+1) * sizeof(uint32));
 	if ((*num) == NULL)
 	{
 		return NULL;
 	}
 	(*num)[(*count)] = val;
 	(*count)++;
 	return (*num);
 }
 /*************************************************************************
 reads a list of numbers
 *************************************************************************/
@ -206,13 +218,10 @@ char *get_numlist(char *p, uint32 **num, int *count)
 	while ((p = Atoic(p, &val, ":,")) != NULL && (*p) != ':')
 	{
-		(*num) = Realloc((*num), ((*count)+1) * sizeof(uint32));
+		if (add_num_to_list(num, count, val) == NULL)
 		if ((*num) == NULL)
 		{
 			return NULL;
 		}
 		(*num)[(*count)] = val;
 		(*count)++;
 		p++;
 	}
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@ -43,7 +43,7 @@ char *sid_to_string(pstring sidstr_out, DOM_SID *sid)
  for (i = 0; i < sid->num_auths; i++)
  {
-    slprintf(subauth, sizeof(subauth)-1, "-%d", sid->sub_auths[i]);
+    slprintf(subauth, sizeof(subauth)-1, "-%u", sid->sub_auths[i]);
    pstrcat(sidstr_out, subauth);
  }
@ -103,7 +103,9 @@ BOOL string_to_sid(DOM_SID *sidout, char *sidstr)
     * NOTE - the subauths are in native machine-endian format. They
     * are converted to little-endian when linearized onto the wire.
     */
-	sid_append_rid(sidout, atoi(tok));
+	uint32 rid = (uint32)strtoul(tok, NULL, 10);
 	DEBUG(50,("string_to_sid: tok: %s rid 0x%x\n", tok, rid));
 	sid_append_rid(sidout, rid);
  }
  DEBUG(7,("string_to_sid: converted SID %s ok\n", sidstr));
@ -145,6 +147,11 @@ void sid_copy(DOM_SID *sid1, DOM_SID *sid2)
 {
 	int i;
 	for (i = 0; i < 6; i++)
 	{
 		sid1->id_auth[i] = sid2->id_auth[i];
 	}
 	for (i = 0; i < sid2->num_auths; i++)
 	{
 		sid1->sub_auths[i] = sid2->sub_auths[i];
--- a/source3/lsarpcd/srv_lsa.c
+++ b/source3/lsarpcd/srv_lsa.c
@ -85,6 +85,7 @@ make_dom_query
 ***************************************************************************/
 static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
 {
 	fstring sid_str;
 	int domlen = strlen(dom_name);
 	d_q->uni_dom_max_len = domlen * 2;
@ -96,6 +97,7 @@ static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
 	/* this string is supposed to be character short */
 	make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
 	sid_to_string(sid_str, dom_sid);
 	make_dom_sid2(&(d_q->dom_sid), dom_sid);
 }
@ -197,7 +199,7 @@ make_reply_lookup_rids
 ***************************************************************************/
 static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
 				int num_entries,
-				uint32 dom_rids[MAX_LOOKUP_SIDS],
+				DOM_SID dom_sids [MAX_LOOKUP_SIDS],
 				uint8   dom_types[MAX_LOOKUP_SIDS])
 {
 	int i;
@ -215,8 +217,11 @@ static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
 	for (i = 0; i < num_entries; i++)
 	{
 		DOM_SID sid = dom_sids[i];
 		uint32 rid;
 		sid_split_rid(&sid, &rid);
 		make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid);
-		make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], dom_types[i]);
+		make_dom_rid2(&(r_l->dom_rid[i]), rid, dom_types[i]);
 	}
 	r_l->num_entries3 = num_entries;
@ -241,7 +246,7 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
 	{
 		uint32 status = 0x0;
 		DOM_SID find_sid = sid[i].sid;
-		DOM_SID tmp      = sid[i].sid;
+		DOM_SID tmp_sid  = sid[i].sid;
 		uint32 rid = 0xffffffff;
 		int dom_idx = -1;
 		fstring name;
@ -261,7 +266,7 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
 		{
 			if (sid_equal(&find_sid, &global_sam_sid))
 			{
-				status = lookup_name(&tmp, name, &sid_name_use);
+				status = lookup_sid(&tmp_sid, name, &sid_name_use);
 			}
 			else
 			{
@ -337,7 +342,7 @@ lsa_reply_lookup_rids
 ***************************************************************************/
 static void lsa_reply_lookup_rids(prs_struct *rdata,
 				int num_entries,
-				uint32 dom_rids[MAX_LOOKUP_SIDS],
+				DOM_SID dom_sids [MAX_LOOKUP_SIDS],
 				uint8   dom_types[MAX_LOOKUP_SIDS])
 {
 	LSA_R_LOOKUP_RIDS r_l;
@ -345,7 +350,7 @@ static void lsa_reply_lookup_rids(prs_struct *rdata,
 	ZERO_STRUCT(r_l);
 	/* set up the LSA Lookup RIDs response */
-	make_reply_lookup_rids(&r_l, num_entries, dom_rids, dom_types);
+	make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types);
 	r_l.status = 0x0;
@ -474,11 +479,11 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
 {
 	int i;
 	LSA_Q_LOOKUP_RIDS q_l;
-	uint32 dom_rids[MAX_LOOKUP_SIDS];
+	DOM_SID dom_sids [MAX_LOOKUP_SIDS];
 	uint8   dom_types[MAX_LOOKUP_SIDS];
 	ZERO_STRUCT(q_l);
-	ZERO_ARRAY(dom_rids);	
+	ZERO_ARRAY(dom_sids);	
 	/* grab the info class and policy handle */
 	lsa_io_q_lookup_rids("", &q_l, data, 0);
@ -491,17 +496,16 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
 		fstring name;
 		fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
-		if (lookup_rid(name, &dom_rids[i], &dom_types[i]))
+		if (!lookup_name(name, &dom_sids[i], &dom_types[i]))
 		{
-			/* WHOOPS!  we should really do something about this... */
+			dom_types[i] = SID_NAME_UNKNOWN;
 			dom_rids[i] = 0;
 		}
 	}
 	/* construct reply.  return status is always 0x0 */
 	lsa_reply_lookup_rids(rdata,
                              q_l.num_entries,
-	                      dom_rids, /* text-converted SIDs */
+	                      dom_sids, /* text-converted SIDs */
 	                      dom_types); /* SID_NAME_USE types */
 }
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@ -2727,3 +2727,43 @@ BOOL lp_kernel_oplocks(void)
 {
  return kernel_oplocks_available;
 }
 /***********************************************************
 returns role of Samba server
 ************************************************************/
 int lp_server_role(void)
 {
 	switch (lp_security())
 	{
 		case SEC_SHARE:
 		{
 			if (lp_domain_logons())
 			{
 				DEBUG(0,("Server's Role (logon server) conflicts with share-level security\n"));
 			}
 			return ROLE_DOMAIN_NONE;
 		}
 		case SEC_SERVER:
 		case SEC_DOMAIN:
 		{
 			if (lp_domain_logons())
 			{
 				return ROLE_DOMAIN_BDC;
 			}
 			return ROLE_DOMAIN_MEMBER;
 		}
 		case SEC_USER:
 		{
 			if (lp_domain_logons())
 			{
 				return ROLE_DOMAIN_BDC;
 			}
 			return ROLE_DOMAIN_PDC;
 		}
 		default:
 		{
 			DEBUG(0,("Server's Role undefined due to unknown security mode\n"));
 			return ROLE_DOMAIN_NONE;
 		}
 	}
 }
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@ -69,7 +69,7 @@ BOOL initialise_password_db(void)
  pwdb_ops =  nisplus_initialise_password_db();
 #elif defined(WITH_LDAP)
  pwdb_ops = ldap_initialise_password_db();
-#else 
+#elif defined(USE_SMBPASS_DB)
  pwdb_ops = file_initialise_password_db();
 #endif 
--- a/source3/passdb/passgrp.c
+++ b/source3/passdb/passgrp.c
@ -34,7 +34,7 @@ extern int DEBUGLEVEL;
 *
 */
-static struct passgrp_ops *pwgrp_ops;
+static struct passgrp_ops *pwgrp_ops = NULL;
 /***************************************************************
 Initialise the passgrp operations.
@ -51,7 +51,9 @@ BOOL initialise_passgrp_db(void)
  pwgrp_ops =  nisplus_initialise_password_grp();
 #elif defined(WITH_LDAP)
  pwgrp_ops = ldap_initialise_password_grp();
-#else 
+#elif defined(USE_SMBUNIX_DB)
  pwgrp_ops = unix_initialise_password_grp();
 #elif defined(USE_SMBPASS_DB)
  pwgrp_ops = file_initialise_password_grp();
 #endif 
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@ -33,7 +33,7 @@ static char s_readbuf[1024];
 to ensure no modification outside this module.
 ****************************************************************/
-static void *startsmbfilepwent(BOOL update)
+void *startsmbfilepwent(BOOL update)
 {
 	return startfilepwent(lp_smb_passwd_file(), s_readbuf, sizeof(s_readbuf),
 	                      &pw_file_lock_depth, update);
@ -43,7 +43,7 @@ static void *startsmbfilepwent(BOOL update)
 End enumeration of the smbpasswd list.
 ****************************************************************/
-static void endsmbfilepwent(void *vp)
+void endsmbfilepwent(void *vp)
 {
 	endfilepwent(vp, &pw_file_lock_depth);
 }
@ -53,7 +53,7 @@ static void endsmbfilepwent(void *vp)
 This must be treated as an opaque token.
 *************************************************************************/
-static SMB_BIG_UINT getsmbfilepwpos(void *vp)
+SMB_BIG_UINT getsmbfilepwpos(void *vp)
 {
 	return getfilepwpos(vp);
 }
@ -63,7 +63,7 @@ static SMB_BIG_UINT getsmbfilepwpos(void *vp)
 This must be treated as an opaque token.
 *************************************************************************/
-static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
+BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
 {
 	return setfilepwpos(vp, tok);
 }
@ -71,7 +71,7 @@ static BOOL setsmbfilepwpos(void *vp, SMB_BIG_UINT tok)
 /*************************************************************************
 Routine to return the next entry in the smbpasswd list.
 *************************************************************************/
-static struct smb_passwd *getsmbfilepwent(void *vp)
+struct smb_passwd *getsmbfilepwent(void *vp)
 {
 	/* Static buffers we will return. */
 	static struct smb_passwd pw_buf;
@ -80,7 +80,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
 	static unsigned char smbntpwd[16];
 	struct passwd *pwfile;
 	char            linebuf[256];
-	unsigned char  *p;
+	char  *p;
 	int            uidval;
 	size_t            linebuf_len;
@ -118,14 +118,14 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
 		 * As 256 is shorter than a pstring we don't need to check
 		 * length here - if this ever changes....
 		 */
-		p = (unsigned char *)strncpyn(user_name, linebuf, sizeof(user_name), ':');
+		p = strncpyn(user_name, linebuf, sizeof(user_name), ':');
 		/* Go past ':' */
 		p++;
 		/* Get smb uid. */
-		p = (unsigned char *)Atoic((char *) p, &uidval, ":");
+		p = Atoic( p, &uidval, ":");
 		pw_buf.smb_name = user_name;
 		pw_buf.smb_userid = uidval;
@ -161,14 +161,14 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
 			continue;
 		}
-		if (!strncasecmp((char *) p, "NO PASSWORD", 11))
+		if (!strncasecmp( p, "NO PASSWORD", 11))
 		{
 			pw_buf.smb_passwd = NULL;
 			pw_buf.acct_ctrl |= ACB_PWNOTREQ;
 		}
 		else
 		{
-			if (!pwdb_gethexpwd((char *)p, (char *)smbpwd))
+			if (!pwdb_gethexpwd(p, (char *)smbpwd))
 			{
 				DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
 				continue;
@ -188,7 +188,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
 		{
 			if (*p != '*' && *p != 'X')
 			{
-				if(pwdb_gethexpwd((char *)p,(char *)smbntpwd))
+				if(pwdb_gethexpwd(p,(char *)smbntpwd))
 				{
 					pw_buf.smb_nt_passwd = smbntpwd;
 				}
@ -218,7 +218,7 @@ static struct smb_passwd *getsmbfilepwent(void *vp)
 			if (*p == ':')
 			{
 				p++;
-				pw_buf.pass_last_set_time = pwdb_get_last_set_time((char *)p);
+				pw_buf.pass_last_set_time = pwdb_get_last_set_time(p);
 			}
 		}
 		else
--- a/source3/passdb/smbpassgroup.c
+++ b/source3/passdb/smbpassgroup.c
@ -19,7 +19,7 @@
 #include "includes.h"
-#ifdef USE_SMBPASS_DB
+#ifdef USE_SMBGROUP_DB
 static int grp_file_lock_depth = 0;
 extern int DEBUGLEVEL;
@ -96,7 +96,7 @@ static struct smb_passwd *getsmbfilegrpent(void *vp,
 		/*
 		 * The line we have should be of the form :-
 		 * 
-		 * username:uid:domainrid1,domainrid2..:aliassid1,aliassid2..:
+		 * username:uid:aliassid1,aliassid2..:domainrid1,domainrid2..:
 		 */
 		/*
@ -116,9 +116,7 @@ static struct smb_passwd *getsmbfilegrpent(void *vp,
 		pw_buf.smb_userid = uidval;
 		/*
-		 * Now get the password value - this should be 32 hex digits
+		 * Now get a list of alias RIDs
 		 * which are the ascii representations of a 16 byte string.
 		 * Get two at a time and put them into the password.
 		 */
 		/* Skip the ':' */
@ -139,6 +137,10 @@ static struct smb_passwd *getsmbfilegrpent(void *vp,
 			}
 		}
 		/*
 		 * Now get a list of group RIDs
 		 */
 		/* Skip the ':' */
 		p++;
--- a/source3/passdb/smbpassgroupunix.c
+++ b/source3/passdb/smbpassgroupunix.c
@ -0,0 +1,239 @@
 /*
 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
 * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
 * 
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 * 
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 * more details.
 * 
 * You should have received a copy of the GNU General Public License along with
 * this program; if not, write to the Free Software Foundation, Inc., 675
 * Mass Ave, Cambridge, MA 02139, USA.
 */
 #include "includes.h"
 #ifdef USE_SMBUNIX_DB
 extern int DEBUGLEVEL;
 extern DOM_SID global_member_sid;
 /***************************************************************
 Start to enumerate the smbpasswd list. Returns a void pointer
 to ensure no modification outside this module.
 ****************************************************************/
 static void *startsmbfilegrpent(BOOL update)
 {
 	return startsmbfilepwent(False);
 }
 /***************************************************************
 End enumeration of the smbpasswd list.
 ****************************************************************/
 static void endsmbfilegrpent(void *vp)
 {
 	endsmbfilepwent(vp);
 }
 /*************************************************************************
 Return the current position in the smbpasswd list as an SMB_BIG_UINT.
 This must be treated as an opaque token.
 *************************************************************************/
 static SMB_BIG_UINT getsmbfilegrppos(void *vp)
 {
 	return getsmbfilepwpos(vp);
 }
 /*************************************************************************
 Set the current position in the smbpasswd list from an SMB_BIG_UINT.
 This must be treated as an opaque token.
 *************************************************************************/
 static BOOL setsmbfilegrppos(void *vp, SMB_BIG_UINT tok)
 {
 	return setsmbfilepwpos(vp, tok);
 }
 /*************************************************************************
 Routine to return the next smbpassgroup entry
 *************************************************************************/
 static struct smb_passwd *getsmbfilegrpent(void *vp,
 		uint32 **grp_rids, int *num_grps,
 		uint32 **als_rids, int *num_alss)
 {
 	/* Static buffers we will return. */
 	struct smb_passwd *pw_buf;
 	struct passwd *pw;
 	int i;
 	int unixgrps;
 	gid_t *grps;
 	if (vp == NULL)
 	{
 		DEBUG(0,("getsmbfilegrpent: Bad password file pointer.\n"));
 		return NULL;
 	}
 	pw_buf = getsmbfilepwent(vp);
 	if (grp_rids != NULL)
 	{
 		(*grp_rids) = NULL;
 		(*num_grps) = 0;
 	}
 	if (als_rids != NULL)
 	{
 		(*als_rids) = NULL;
 		(*num_alss) = 0;
 	}
 	if (als_rids == NULL && grp_rids == NULL)
 	{
 		return pw_buf;
 	}
 	/*
 	 * find all unix groups
 	 */
 	pw = Get_Pwnam(pw_buf->smb_name, False);
 	if (pw == NULL)
 	{
 		return NULL;
 	}
 	if (get_unixgroups(pw_buf->smb_name, pw->pw_uid, pw->pw_gid, &unixgrps, &grps))
 	{
 		return NULL;
 	}
 	/*
 	 * check each unix group for a mapping as an nt alias or an nt group
 	 */
 	for (i = 0; i < unixgrps; i++)
 	{
 		DOM_SID sid;
 		uint8 type;
 		char *unix_grpname;
 		uint32 status;
 		uint32 rid;
 		/*
 		 * find the unix name for each user's group.
 		 * assume the unix group is an nt name (alias? group? user?)
 		 * (user or not our own domain will be an error).
 		 */
 		unix_grpname = gidtoname(grps[i]);
 		if (map_unix_alias_name(unix_grpname, &sid, NULL, NULL))
 		{
 			/*
 			 * ok, the unix groupname is mapped to an alias.
 			 * check that it is in our domain.
 			 */
 			sid_split_rid(&sid, &rid);
 			if (!sid_equal(&sid, &global_member_sid))
 			{
 				pstring sid_str;
 				sid_to_string(sid_str, &sid);
 				DEBUG(0,("user %s is in a UNIX group %s that maps to an NT RID (0x%x) in another domain (%s)\n",
 				          pw_buf->smb_name, unix_grpname, rid, sid_str));
 				continue;
 			}
 			if (add_num_to_list(als_rids, num_alss, rid) == NULL)
 			{
 				return NULL;
 			}
 		}
 		else if (map_unix_group_name(unix_grpname, &sid, NULL, NULL))
 		{
 			/*
 			 * ok, the unix groupname is mapped to a domain group.
 			 * check that it is in our domain.
 			 */
 			sid_split_rid(&sid, &rid);
 			if (!sid_equal(&sid, &global_member_sid))
 			{
 				pstring sid_str;
 				sid_to_string(sid_str, &sid);
 				DEBUG(0,("user %s is in a UNIX group %s that maps to an NT RID (0x%x) in another domain (%s)\n",
 				          pw_buf->smb_name, unix_grpname, rid, sid_str));
 				continue;
 			}
 			if (add_num_to_list(grp_rids, num_grps, rid) == NULL)
 			{
 				return NULL;
 			}
 		}
 		else if (lp_server_role() == ROLE_DOMAIN_MEMBER)
 		{
 			/*
 			 * server is a member of a domain or stand-alone.
 			 * name is not explicitly mapped
 			 * so we are responsible for it.
 			 * as a LOCAL group.
 			 */
 			rid = pwdb_gid_to_alias_rid(grps[i]);
 			if (add_num_to_list(als_rids, num_alss, rid) == NULL)
 			{
 				return NULL;
 			}
 		}
 		else if (lp_server_role() != ROLE_DOMAIN_NONE)
 		{
 			/*
 			 * server is a PDC or BDC.
 			 * name is explicitly mapped
 			 * so we are responsible for it.
 			 * as a DOMAIN group.
 			 */
 			rid = pwdb_gid_to_group_rid(grps[i]);
 			if (add_num_to_list(grp_rids, num_grps, rid) == NULL)
 			{
 				return NULL;
 			}
 		}
 	}
 	return pw_buf;
 }
 static struct passgrp_ops file_ops =
 {
 	startsmbfilegrpent,
 	endsmbfilegrpent,
 	getsmbfilegrppos,
 	setsmbfilegrppos,
 	iterate_getsmbgrpnam,          /* In passgrp.c */
 	iterate_getsmbgrpuid,          /* In passgrp.c */
 	iterate_getsmbgrprid,          /* In passgrp.c */
 	getsmbfilegrpent,
 };
 struct passgrp_ops *unix_initialise_password_grp(void)
 {    
  return &file_ops;
 }
 #else
 /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
 void smbpass_dummy_function(void) { } /* stop some compilers complaining */
 #endif /* USE_SMBPASS_DB */
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@ -204,7 +204,7 @@ creates a DOM_SID2 structure.
 ********************************************************************/
 void make_dom_sid2(DOM_SID2 *sid2, DOM_SID *sid)
 {
-        sid2->sid = *sid;
+        sid_copy(&sid2->sid, sid);
 	sid2->num_auths = sid2->sid.num_auths;
 }
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@ -1905,7 +1905,7 @@ void samr_io_q_unknown_12(char *desc,  SAMR_Q_UNKNOWN_12 *q_u, prs_struct *ps, i
 makes a SAMR_R_UNKNOWN_12 structure.
 ********************************************************************/
 void make_samr_r_unknown_12(SAMR_R_UNKNOWN_12 *r_u,
-		uint32 num_aliases, fstring *als_name, uint32 *num_als_usrs,
+		uint32 num_aliases, fstring *als_name, uint8 *num_als_usrs,
 		uint32 status)
 {
 	int i;
--- a/source3/rpc_server/srv_lookup.c
+++ b/source3/rpc_server/srv_lookup.c
@ -110,16 +110,19 @@ int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids)
 		uint32 status;
 		uint32 rid;
 		DOM_SID sid;
 		uint8  type;
 		uint8  attr  = mem[count].attr;
 		char   *name = mem[count].name;
 		become_root(True);
-		status = lookup_grp_rid(name, &rid, &type);
+		status = lookup_group_name(name, &sid, &type);
 		unbecome_root(True);
-		if (status == 0x0)
+		sid_split_rid(&sid, &rid);
 		if (status == 0x0 && sid_equal(&sid, &global_sam_sid))
 		{
 			gids = (DOM_GID *)Realloc( gids, sizeof(DOM_GID) * (count+1) );
@ -168,53 +171,53 @@ int get_domain_user_groups(DOMAIN_GRP_MEMBER **grp_members, uint32 group_rid)
 /*******************************************************************
- lookup_builtin_names
+ lookup_builtin_sid
 ********************************************************************/
-uint32 lookup_builtin_names(DOM_SID *sid, char *name, uint8 *type)
+uint32 lookup_builtin_sid(DOM_SID *sid, char *name, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_wk_user_name (sid, name, type) : status;
+	status = (status != 0x0) ? lookup_wk_user_sid (sid, name, type) : status;
-	status = (status != 0x0) ? lookup_wk_group_name(sid, name, type) : status;
+	status = (status != 0x0) ? lookup_wk_group_sid(sid, name, type) : status;
-	status = (status != 0x0) ? lookup_wk_alias_name(sid, name, type) : status;
+	status = (status != 0x0) ? lookup_wk_alias_sid(sid, name, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_added_name - names that have been added to the SAM database by admins.
+ lookup_added_sid - names that have been added to the SAM database by admins.
 ********************************************************************/
-uint32 lookup_added_name(DOM_SID *sid, char *name, uint8 *type)
+uint32 lookup_added_sid(DOM_SID *sid, char *name, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_user_name (sid, name, type) : status;
+	status = (status != 0x0) ? lookup_user_sid (sid, name, type) : status;
-	status = (status != 0x0) ? lookup_group_name(sid, name, type) : status;
+	status = (status != 0x0) ? lookup_group_sid(sid, name, type) : status;
-	status = (status != 0x0) ? lookup_alias_name(sid, name, type) : status;
+	status = (status != 0x0) ? lookup_alias_sid(sid, name, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_name
+ lookup_sid
 ********************************************************************/
-uint32 lookup_name(DOM_SID *sid, char *name, uint8 *type)
+uint32 lookup_sid(DOM_SID *sid, char *name, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_builtin_names(sid, name, type) : status;
+	status = (status != 0x0) ? lookup_builtin_sid(sid, name, type) : status;
-	status = (status != 0x0) ? lookup_added_name   (sid, name, type) : status;
+	status = (status != 0x0) ? lookup_added_sid   (sid, name, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_wk_group_name
+ lookup_wk_group_sid
 ********************************************************************/
-uint32 lookup_wk_group_name(DOM_SID *sid, char *group_name, uint8 *type)
+uint32 lookup_wk_group_sid(DOM_SID *sid, char *group_name, uint8 *type)
 {
 	int i = 0; 
 	uint32 rid;
@ -230,7 +233,7 @@ uint32 lookup_wk_group_name(DOM_SID *sid, char *group_name, uint8 *type)
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	}
-	DEBUG(5,("lookup_wk_group_name: rid: %d", rid));
+	DEBUG(5,("lookup_wk_group_sid: rid: %d", rid));
 	while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0)
 	{
@ -249,47 +252,47 @@ uint32 lookup_wk_group_name(DOM_SID *sid, char *group_name, uint8 *type)
 }
 /*******************************************************************
- lookup_group_name
+ lookup_group_sid
 ********************************************************************/
-uint32 lookup_group_name(DOM_SID *sid, char *group_name, uint8 *type)
+uint32 lookup_group_sid(DOM_SID *sid, char *group_name, uint8 *type)
 {
-	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
+	pstring sid_str;
 	uint32 rid;
 	DOM_SID tmp;
 	DOMAIN_GRP *grp = NULL;
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	(*type) = SID_NAME_DOM_GRP;
 	sid_to_string(sid_str, sid);
 	DEBUG(5,("lookup_group_sid: sid: %s", sid_str));
 	sid_copy(&tmp, sid);
 	sid_split_rid(&tmp, &rid);
-	if (!sid_equal(&global_sid_S_1_5_20, &tmp))
+	if (!sid_equal(&global_sam_sid, &tmp))
 	{
-		return status;
+		DEBUG(5,("not our SID\n"));
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	}
-	DEBUG(5,("lookup_group_name: rid: 0x%x", rid));
+	grp = getgrouprid(rid, NULL, NULL);
-	if (map_group_sid_to_name(sid, group_name, NULL))
+	if (grp != NULL)
 	{
 		status = 0x0;
 	}
 	if (status == 0x0)
 	{
 		fstrcpy(group_name, grp->name);
 		DEBUG(5,(" = %s\n", group_name));
-	}
+		return 0x0;
 	else
 	{
 		DEBUG(5,(" none mapped\n"));
 	}
 	DEBUG(5,(" none mapped\n"));
 	return status;
 }
 /*******************************************************************
- lookup_wk_alias_name
+ lookup_wk_alias_sid
 ********************************************************************/
-uint32 lookup_wk_alias_name(DOM_SID *sid, char *alias_name, uint8 *type)
+uint32 lookup_wk_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type)
 {
 	int i = 0; 
 	uint32 rid;
@ -305,7 +308,7 @@ uint32 lookup_wk_alias_name(DOM_SID *sid, char *alias_name, uint8 *type)
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	}
-	DEBUG(5,("lookup_wk_alias_name: rid: %d", rid));
+	DEBUG(5,("lookup_wk_alias_sid: rid: %d", rid));
 	while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0)
 	{
@ -324,25 +327,47 @@ uint32 lookup_wk_alias_name(DOM_SID *sid, char *alias_name, uint8 *type)
 }
 /*******************************************************************
- lookup_alias_name
+ lookup_alias_sid
 ********************************************************************/
-uint32 lookup_alias_name(DOM_SID *sid, char *alias_name, uint8 *type)
+uint32 lookup_alias_sid(DOM_SID *sid, char *alias_name, uint8 *type)
 {
-	fstring sid_str;
+	pstring sid_str;
 	uint32 rid;
 	DOM_SID tmp;
 	LOCAL_GRP *als = NULL;
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	(*type) = SID_NAME_ALIAS;
 	sid_to_string(sid_str, sid);
 	DEBUG(5,("lookup_alias_sid: sid: %s", sid_str));
-	DEBUG(2,("lookup_alias_name: sid: %s\n", sid_str));
+	sid_copy(&tmp, sid);
-	DEBUG(2,(" NOT IMPLEMENTED\n"));
+	sid_split_rid(&tmp, &rid);
 	if (!sid_equal(&global_sam_sid, &tmp))
 	{
 		DEBUG(5,("not our SID\n"));
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	}
 	als = getaliasrid(rid, NULL, NULL);
 	if (als != NULL)
 	{
 		fstrcpy(alias_name, als->name);
 		DEBUG(5,(" = %s\n", alias_name));
 		return 0x0;
 	}
 	DEBUG(5,(" none mapped\n"));
 	return status;
 }
 /*******************************************************************
 lookup well-known user name
 ********************************************************************/
-uint32 lookup_wk_user_name(DOM_SID *sid, char *user_name, uint8 *type)
+uint32 lookup_wk_user_sid(DOM_SID *sid, char *user_name, uint8 *type)
 {
 	int i = 0;
 	uint32 rid;
@ -358,7 +383,7 @@ uint32 lookup_wk_user_name(DOM_SID *sid, char *user_name, uint8 *type)
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	}
-	DEBUG(5,("lookup_wk_user_name: rid: %d", rid));
+	DEBUG(5,("lookup_wk_user_sid: rid: %d", rid));
 	/* look up the well-known domain user rids first */
 	while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0)
@ -380,7 +405,7 @@ uint32 lookup_wk_user_name(DOM_SID *sid, char *user_name, uint8 *type)
 /*******************************************************************
 lookup user name
 ********************************************************************/
-uint32 lookup_user_name(DOM_SID *sid, char *user_name, uint8 *type)
+uint32 lookup_user_sid(DOM_SID *sid, char *user_name, uint8 *type)
 {
 	struct sam_disp_info *disp_info;
 	uint32 rid;
@ -393,7 +418,7 @@ uint32 lookup_user_name(DOM_SID *sid, char *user_name, uint8 *type)
 	if (sid_equal(&global_sam_sid, &tmp))
 	{
-		DEBUG(5,("lookup_user_name in SAM %s: rid: %d",
+		DEBUG(5,("lookup_user_sid in SAM %s: rid: %d",
 		          global_sam_name, rid));
 		/* find the user account */
@ -417,20 +442,21 @@ uint32 lookup_user_name(DOM_SID *sid, char *user_name, uint8 *type)
 /*******************************************************************
 lookup_group_rid
 ********************************************************************/
-uint32 lookup_group_rid(char *group_name, uint32 *rid, uint8 *type)
+uint32 lookup_group_name(char *grp_name, DOM_SID *sid, uint8 *type)
 {
-	DOM_SID sid;
+	DOMAIN_GRP *grp = NULL;
 	(*rid) = 0;
 	(*type) = SID_NAME_DOM_GRP;
-	DEBUG(5,("lookup_group_rid: name: %s", group_name));
+	DEBUG(5,("lookup_group_name: name: %s", grp_name));
-	if (map_group_name_to_sid(group_name, &sid) &&
+	grp = getgroupnam(grp_name, NULL, NULL);
-	    sid_split_rid(&sid, rid) &&
+
-	    sid_equal(&sid, &global_sam_sid))
+	if (grp != NULL)
 	{
-		DEBUG(5,(" = 0x%x\n", (*rid)));
+		sid_copy(sid, &global_sam_sid);
 		sid_append_rid(sid, grp->rid);
 		DEBUG(5,(" = 0x%x\n", grp->rid));
 		return 0x0;
 	}
@ -439,40 +465,52 @@ uint32 lookup_group_rid(char *group_name, uint32 *rid, uint8 *type)
 }
 /*******************************************************************
- lookup_wk_group_rid
+ lookup_wk_group_name
 ********************************************************************/
-uint32 lookup_wk_group_rid(char *group_name, uint32 *rid, uint8 *type)
+uint32 lookup_wk_group_name(char *group_name, DOM_SID *sid, uint8 *type)
 {
 	char *grp_name;
 	int i = -1; /* start do loop at -1 */
-	(*rid) = 0;
+	uint32 rid;
 	(*type) = SID_NAME_WKN_GRP;
 	do /* find, if it exists, a group rid for the group name */
 	{
 		i++;
-		(*rid) = domain_group_rids[i].rid;
+		rid      = domain_group_rids[i].rid;
 		grp_name = domain_group_rids[i].name;
-	} while (grp_name != NULL && !strequal(grp_name, group_name));
+		if (strequal(grp_name, group_name))
 		{
 			sid_copy(sid, &global_sam_sid);
 			sid_append_rid(sid, rid);
-	return (grp_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
+			return 0x0;
 		}
 	} while (grp_name != NULL);
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 /*******************************************************************
- lookup_alias_sid
+ lookup_alias_name
 ********************************************************************/
-uint32 lookup_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
+uint32 lookup_alias_name(char *als_name, DOM_SID *sid, uint8 *type)
 {
 	LOCAL_GRP *als = NULL;
 	(*type) = SID_NAME_ALIAS;
-	DEBUG(5,("lookup_alias_rid: name: %s", alias_name));
+	DEBUG(5,("lookup_alias_name: name: %s", als_name));
-	if (map_alias_name_to_sid(alias_name, sid))
+	als = getaliasnam(als_name, NULL, NULL);
 	if (als != NULL)
 	{
-		fstring sid_str;
+		sid_copy(sid, &global_sam_sid);
-		sid_to_string(sid_str, sid);
+		sid_append_rid(sid, als->rid);
-		DEBUG(5,(" = %s\n", sid_str));
+
 		DEBUG(5,(" = 0x%x\n", als->rid));
 		return 0x0;
 	}
@ -481,33 +519,9 @@ uint32 lookup_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
 }
 /*******************************************************************
- lookup_alias_rid
+ lookup_wk_alias_name
 ********************************************************************/
-uint32 lookup_alias_rid(char *alias_name, uint32 *rid, uint8 *type)
+uint32 lookup_wk_alias_name(char *alias_name, DOM_SID *sid, uint8 *type)
 {
 	DOM_SID sid;
 	(*rid) = 0;
 	(*type) = SID_NAME_ALIAS;
 	DEBUG(5,("lookup_alias_rid: name: %s", alias_name));
 	if (map_alias_name_to_sid(alias_name, &sid) &&
 	    sid_split_rid(&sid, rid) &&
 	    sid_equal(&sid, &global_sam_sid))
 	{
 		DEBUG(5,(" = 0x%x\n", (*rid)));
 		return 0x0;
 	}
 	DEBUG(5,(" none mapped\n"));
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 /*******************************************************************
 lookup_wk_alias_sid
 ********************************************************************/
 uint32 lookup_wk_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
 {
 	char *als_name;
 	int i = 0;
@ -534,53 +548,6 @@ uint32 lookup_wk_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 /*******************************************************************
 lookup_wk_alias_rid
 ********************************************************************/
 uint32 lookup_wk_alias_rid(char *alias_name, uint32 *rid, uint8 *type)
 {
 	char *als_name;
 	int i = -1; /* start do loop at -1 */
 	(*rid) = 0;
 	(*type) = SID_NAME_ALIAS;
 	do /* find, if it exists, a alias rid for the alias name*/
 	{
 		i++;
 		(*rid) = builtin_alias_rids[i].rid;
 		als_name = builtin_alias_rids[i].name;
 	} while (als_name != NULL && !strequal(als_name, alias_name));
 	return (als_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 /*******************************************************************
 lookup_sid
 ********************************************************************/
 uint32 lookup_sid(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	fstring domain;
 	fstring user;
 	split_domain_name(name, domain, user);
 	if (!strequal(domain, global_sam_name))
 	{
 		DEBUG(0,("lookup_sid: remote domain %s not supported\n", domain));
 		return status;
 	}
 	status = (status != 0x0) ? lookup_wk_alias_sid(user, sid, type) : status;
 	status = (status != 0x0) ? lookup_alias_sid   (user, sid, type) : status;
 #if 0
 	status = (status != 0x0) ? lookup_domain_sid  (user, sid, type) : status;
 #endif
 	return status;
 }
 /*******************************************************************
 lookup_added_user_rid
 ********************************************************************/
@ -607,12 +574,11 @@ uint32 lookup_added_user_rids(char *user_name,
 }
 /*******************************************************************
- lookup_added_user_rid
+ lookup_added_user_name
 ********************************************************************/
-uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type)
+uint32 lookup_added_user_name(char *user_name, DOM_SID *sid, uint8 *type)
 {
 	struct sam_passwd *sam_pass;
 	(*rid) = 0;
 	(*type) = SID_NAME_USER;
 	/* find the user account */
@ -622,7 +588,9 @@ uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type)
 	if (sam_pass != NULL)
 	{
-		(*rid) = sam_pass->user_rid;
+		sid_copy(sid, &global_sam_sid);
 		sid_append_rid(sid, sam_pass->user_rid);
 		return 0x0;
 	}
@ -630,87 +598,107 @@ uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type)
 }
 /*******************************************************************
- lookup_wk_user_rid
+ lookup_wk_user_name
 ********************************************************************/
-uint32 lookup_wk_user_rid(char *user_name, uint32 *rid, uint8 *type)
+uint32 lookup_wk_user_name(char *user_name, DOM_SID *sid, uint8 *type)
 {
 	char *usr_name;
 	int i = -1; /* start do loop at -1 */
 	(*rid) = 0;
 	(*type) = SID_NAME_USER;
 	do /* find, if it exists, a alias rid for the alias name*/
 	{
 		i++;
 		(*rid) = domain_user_rids[i].rid;
 		usr_name = domain_user_rids[i].name;
 	} while (usr_name != NULL && !strequal(usr_name, user_name));
-	return (usr_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
+	if (usr_name != NULL)
 	{
 		sid_copy(sid, &global_sid_S_1_5_20);
 		sid_append_rid(sid, domain_user_rids[i].rid);
 		return 0;
 	}
 	return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 }
 /*******************************************************************
- lookup_added_grp_rid
+ lookup_added_grp_name
 ********************************************************************/
-uint32 lookup_added_grp_rid(char *name, uint32 *rid, uint8 *type)
+uint32 lookup_added_grp_name(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_group_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_group_name(name, sid, type) : status;
-	status = (status != 0x0) ? lookup_alias_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_alias_name(name, sid, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_builtin_grp_rid
+ lookup_builtin_grp_name
 ********************************************************************/
-uint32 lookup_builtin_grp_rid(char *name, uint32 *rid, uint8 *type)
+uint32 lookup_builtin_grp_name(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_wk_group_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_wk_group_name(name, sid, type) : status;
-	status = (status != 0x0) ? lookup_wk_alias_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_wk_alias_name(name, sid, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_grp_rid
+ lookup_grp_name
 ********************************************************************/
-uint32 lookup_grp_rid(char *name, uint32 *rid, uint8 *type)
+uint32 lookup_grp_name(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_builtin_grp_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_builtin_grp_name(name, sid, type) : status;
-	status = (status != 0x0) ? lookup_added_grp_rid  (name, rid, type) : status;
+	status = (status != 0x0) ? lookup_added_grp_name  (name, sid, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_user_rid
+ lookup_user_name
 ********************************************************************/
-uint32 lookup_user_rid(char *name, uint32 *rid, uint8 *type)
+uint32 lookup_user_name(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-	status = (status != 0x0) ? lookup_wk_user_rid   (name, rid, type) : status;
+	status = (status != 0x0) ? lookup_wk_user_name   (name, sid, type) : status;
-	status = (status != 0x0) ? lookup_added_user_rid(name, rid, type) : status;
+	status = (status != 0x0) ? lookup_added_user_name(name, sid, type) : status;
 	return status;
 }
 /*******************************************************************
- lookup_rid
+ lookup_name
 ********************************************************************/
-uint32 lookup_rid(char *name, uint32 *rid, uint8 *type)
+uint32 lookup_name(char *name, DOM_SID *sid, uint8 *type)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	fstring domain;
 	fstring user;
-	status = (status != 0x0) ? lookup_user_rid(name, rid, type) : status;
+	split_domain_name(name, domain, user);
-	status = (status != 0x0) ? lookup_grp_rid (name, rid, type) : status;
+
 	if (!strequal(domain, global_sam_name))
 	{
 		DEBUG(0,("lookup_name: remote domain %s not supported\n", domain));
 		return status;
 	}
 	status = (status != 0x0) ? lookup_wk_alias_name(user, sid, type) : status;
 	status = (status != 0x0) ? lookup_alias_name   (user, sid, type) : status;
 	status = (status != 0x0) ? lookup_user_name    (name, sid, type) : status;
 	status = (status != 0x0) ? lookup_grp_name     (name, sid, type) : status;
 #if 0
 	status = (status != 0x0) ? lookup_domain_name  (user, sid, type) : status;
 #endif
 	return status;
 }
@ -722,6 +710,7 @@ uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid)
 {
 	uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 	uint8 type;
 	DOM_SID sid;
 	/*
 	 * try an ordinary user lookup
@ -737,11 +726,14 @@ uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid)
 	 * hm.  must be a well-known user, in a well-known group.
 	 */
-	status = lookup_wk_user_rid(name, usr_rid, &type);
+	status = lookup_wk_user_name(name, &sid, &type);
 	sid_split_rid(&sid, usr_rid);
 	if (status != 0 || type != SID_NAME_USER)
 	{
 		return status; /* ok, maybe not! */
 	}
 	if (type != SID_NAME_USER)
 	{
 		return 0xC0000000 | NT_STATUS_NONE_MAPPED; /* users only... */
@ -751,7 +743,9 @@ uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid)
 	 * ok, got the user rid: now try the group rid
 	 */
-	status = lookup_builtin_grp_rid(name, grp_rid, &type);
+	status = lookup_builtin_grp_name(name, &sid, &type);
 	sid_split_rid(&sid, usr_rid);
 	if (type == SID_NAME_DOM_GRP ||
 	    type == SID_NAME_ALIAS ||
 	    type == SID_NAME_WKN_GRP)
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@ -85,6 +85,7 @@ make_dom_query
 ***************************************************************************/
 static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
 {
 	fstring sid_str;
 	int domlen = strlen(dom_name);
 	d_q->uni_dom_max_len = domlen * 2;
@ -96,6 +97,7 @@ static void make_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
 	/* this string is supposed to be character short */
 	make_unistr2(&(d_q->uni_domain_name), dom_name, domlen);
 	sid_to_string(sid_str, dom_sid);
 	make_dom_sid2(&(d_q->dom_sid), dom_sid);
 }
@ -197,7 +199,7 @@ make_reply_lookup_rids
 ***************************************************************************/
 static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
 				int num_entries,
-				uint32 dom_rids[MAX_LOOKUP_SIDS],
+				DOM_SID dom_sids [MAX_LOOKUP_SIDS],
 				uint8   dom_types[MAX_LOOKUP_SIDS])
 {
 	int i;
@ -215,8 +217,11 @@ static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
 	for (i = 0; i < num_entries; i++)
 	{
 		DOM_SID sid = dom_sids[i];
 		uint32 rid;
 		sid_split_rid(&sid, &rid);
 		make_dom_ref(&(r_l->dom_ref), dom_name, dom_sid);
-		make_dom_rid2(&(r_l->dom_rid[i]), dom_rids[i], dom_types[i]);
+		make_dom_rid2(&(r_l->dom_rid[i]), rid, dom_types[i]);
 	}
 	r_l->num_entries3 = num_entries;
@ -241,7 +246,7 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
 	{
 		uint32 status = 0x0;
 		DOM_SID find_sid = sid[i].sid;
-		DOM_SID tmp      = sid[i].sid;
+		DOM_SID tmp_sid  = sid[i].sid;
 		uint32 rid = 0xffffffff;
 		int dom_idx = -1;
 		fstring name;
@ -261,7 +266,7 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
 		{
 			if (sid_equal(&find_sid, &global_sam_sid))
 			{
-				status = lookup_name(&tmp, name, &sid_name_use);
+				status = lookup_sid(&tmp_sid, name, &sid_name_use);
 			}
 			else
 			{
@ -337,7 +342,7 @@ lsa_reply_lookup_rids
 ***************************************************************************/
 static void lsa_reply_lookup_rids(prs_struct *rdata,
 				int num_entries,
-				uint32 dom_rids[MAX_LOOKUP_SIDS],
+				DOM_SID dom_sids [MAX_LOOKUP_SIDS],
 				uint8   dom_types[MAX_LOOKUP_SIDS])
 {
 	LSA_R_LOOKUP_RIDS r_l;
@ -345,7 +350,7 @@ static void lsa_reply_lookup_rids(prs_struct *rdata,
 	ZERO_STRUCT(r_l);
 	/* set up the LSA Lookup RIDs response */
-	make_reply_lookup_rids(&r_l, num_entries, dom_rids, dom_types);
+	make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types);
 	r_l.status = 0x0;
@ -474,11 +479,11 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
 {
 	int i;
 	LSA_Q_LOOKUP_RIDS q_l;
-	uint32 dom_rids[MAX_LOOKUP_SIDS];
+	DOM_SID dom_sids [MAX_LOOKUP_SIDS];
 	uint8   dom_types[MAX_LOOKUP_SIDS];
 	ZERO_STRUCT(q_l);
-	ZERO_ARRAY(dom_rids);	
+	ZERO_ARRAY(dom_sids);	
 	/* grab the info class and policy handle */
 	lsa_io_q_lookup_rids("", &q_l, data, 0);
@ -491,17 +496,16 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
 		fstring name;
 		fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
-		if (lookup_rid(name, &dom_rids[i], &dom_types[i]))
+		if (!lookup_name(name, &dom_sids[i], &dom_types[i]))
 		{
-			/* WHOOPS!  we should really do something about this... */
+			dom_types[i] = SID_NAME_UNKNOWN;
 			dom_rids[i] = 0;
 		}
 	}
 	/* construct reply.  return status is always 0x0 */
 	lsa_reply_lookup_rids(rdata,
                              q_l.num_entries,
-	                      dom_rids, /* text-converted SIDs */
+	                      dom_sids, /* text-converted SIDs */
 	                      dom_types); /* SID_NAME_USE types */
 }
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@ -444,15 +444,20 @@ static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
 	{
 		BOOL ret;
 		char *name;
 		int i;
 		got_grps = True;
-		while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
+		become_root(True);
 		ret = enumdomgroups(&grps, &num_entries);
 		unbecome_root(True);
 		while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[i].name) != NULL))
 		{
 			DOMAIN_GRP tmp_grp;
 			fstrcpy(tmp_grp.name   , name);
 			fstrcpy(tmp_grp.comment, "");
-			tmp_grp.rid = domain_group_rids[num_entries].rid;
+			tmp_grp.rid = domain_group_rids[i].rid;
 			tmp_grp.attr = 0x7;
 			if (!add_domain_group(&grps, &num_entries, &tmp_grp))
@ -460,11 +465,10 @@ static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
 				r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
 				break;
 			}
 			i++;
 		}
 		become_root(True);
 		ret = enumdomgroups(&grps, &num_entries);
 		unbecome_root(True);
 		if (!ret)
 		{
 			r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
@ -807,11 +811,12 @@ static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
 		else if (sid_equal(&dom_sid, &usr_sid))
 		{
 			DOMAIN_GRP *mem_grp = NULL;
 			BOOL ret;
 			DEBUG(5,("lookup on Domain SID\n"));
 			become_root(True);
-			getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_rids);
+			ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_rids);
 			unbecome_root(True);
 			num_rids = MIN(num_rids, MAX_SAM_ENTRIES);
@ -880,10 +885,19 @@ static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
 	for (i = 0; i < num_rids && status == 0; i++)
 	{
 		DOM_SID sid;
 		fstring name;
 		fstrcpy(name, unistrn2(q_u->uni_user_name[i].buffer, q_u->uni_user_name[i].uni_str_len));
-		status = lookup_rid(name, &(rid[i]), &(type[i]));
+		status = lookup_name(name, &sid, &(type[i]));
 		if (status == 0x0)
 		{
 			sid_split_rid(&sid, &rid[i]);
 		}
 		else
 		{
 			type[i] = SID_NAME_UNKNOWN;
 		}
 	}
 	make_samr_r_lookup_names(&r_u, num_rids, rid, type, status);
@ -995,9 +1009,10 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
 				prs_struct *rdata)
 {
 	fstring group_names[MAX_SAM_ENTRIES];
-	uint32  group_attrs[MAX_SAM_ENTRIES];
+	uint8   group_attrs[MAX_SAM_ENTRIES];
 	uint32 status     = 0;
 	int num_gids = q_u->num_gids1;
 	DOM_SID pol_sid;
 	SAMR_R_UNKNOWN_12 r_u;
@ -1009,6 +1024,11 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
 		status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
 	}
 	if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &pol_sid))
 	{
 		status = NT_STATUS_OBJECT_TYPE_MISMATCH;
 	}
 	if (status == 0x0)
 	{
 		int i;
@ -1020,7 +1040,10 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
 		for (i = 0; i < num_gids && status == 0; i++)
 		{
-			fstrcpy(group_names[i], "dummy group");
+			DOM_SID sid;
 			sid_copy(&sid, &pol_sid);
 			sid_append_rid(&sid, q_u->gid[i]);
 			lookup_sid(&sid, group_names[i], &group_attrs[i]);
 			group_attrs[i] = 0x2;
 		}
 	}
@ -1369,9 +1392,10 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
 	if (status == 0x0)
 	{
 		DOMAIN_GRP *mem_grp = NULL;
 		BOOL ret;
 		become_root(True);
-		getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_groups);
+		ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_groups);
 		unbecome_root(True);
                gids = NULL;
--- a/source3/rpc_server/srv_sid.c
+++ b/source3/rpc_server/srv_sid.c
@ -63,13 +63,10 @@ DOM_SID global_member_sid;
 DOM_SID global_sid_S_1_5_20; /* local well-known domain */
 DOM_SID global_sid_S_1_1;    /* everyone */
 DOM_SID global_sid_S_1_3;    /* */
 DOM_SID global_sid_S_1_5;    /* NT Authority */
 DOM_SID global_sid_S_1_3_0;    /* Creator owner */
 DOM_SID global_sid_S_1_3_1;    /* Creator group */
 DOM_SID global_sid_S_1_3_2;    /* Creator owner server */
 DOM_SID global_sid_S_1_3_3;    /* Creator group server */
-extern fstring global_myworkgroup;
+extern pstring global_myworkgroup;
 /* extern fstring global_member_dom_name; */
 static struct sid_name_map_info
@ -82,10 +79,7 @@ sid_name_map[] =
 {
 	{ &global_sid_S_1_5_20, "BUILTIN" },
 	{ &global_sid_S_1_1   , "Everyone" },
-	{ &global_sid_S_1_3_0 , "Creator Owner" },
+	{ &global_sid_S_1_3   , "don't know" },
 	{ &global_sid_S_1_3_1 , "Creator Group" },
 	{ &global_sid_S_1_3_2 , "Creator Owner Server" },
 	{ &global_sid_S_1_3_3 , "Creator Group Server" },
 	{ &global_sid_S_1_5   , "NT Authority" },
 	{ &global_sam_sid     , global_sam_name },
 	{ &global_member_sid  , global_myworkgroup },
@ -99,6 +93,7 @@ sid_name_map[] =
 static BOOL read_sid_from_file(int fd, char *sid_file)
 {   
  fstring fline;
 	fstring sid_str;
  memset(fline, '\0', sizeof(fline));
@ -118,12 +113,43 @@ static BOOL read_sid_from_file(int fd, char *sid_file)
    return False;
  }
 	sid_to_string(sid_str, &global_sam_sid);
 	DEBUG(5,("read_sid_from_file: sid %s\n", sid_str));
  return True;
 }
 /****************************************************************************
- Generate the global machine sid. Look for the MACHINE.SID file first, if
+ sets up the name associated with the SAM database for which we are responsible
- not found then look in smb.conf and use it to create the MACHINE.SID file.
+****************************************************************************/
 void get_sam_domain_name(void)
 {
 	switch (lp_server_role())
 	{
 		case ROLE_DOMAIN_PDC:
 		case ROLE_DOMAIN_BDC:
 		{
 			/* we are PDC (or BDC) for a Domain */
 			fstrcpy(global_sam_name, lp_workgroup());
 			break;
 		}
 		case ROLE_DOMAIN_MEMBER:
 		{
 			/* we are a "PDC", but FOR LOCAL SAM DATABASE ONLY */
 			fstrcpy(global_sam_name, global_myname);
 			break;
 		}
 		default:
 		{
 			/* no domain role, probably due to "security = share" */
 			memset(global_sam_name, 0, sizeof(global_sam_name));
 			break;
 		}
 	}
 }
 /****************************************************************************
 obtain the sid from the PDC.  do some verification along the way...
 ****************************************************************************/
 BOOL get_member_domain_sid(void)
 {
@ -138,7 +164,7 @@ BOOL get_member_domain_sid(void)
 	if (!cli_connect_serverlist(&cli, lp_passwordserver()))
 	{
-		DEBUG(0,("get_member_domain_sid: unable to initialize client connection.\n"));
+		DEBUG(0,("get_member_domain_sid: unable to initialise client connection.\n"));
 		return False;
 	}
@ -179,11 +205,11 @@ BOOL get_member_domain_sid(void)
 	if (res)
 	{
 		pstring sid;
-		DEBUG(5,("LSA Query Info Policy\n"));
+		DEBUG(2,("LSA Query Info Policy\n"));
 		sid_to_string(sid, &sid3);
-		DEBUG(5,("Domain Member     - Domain: %s SID: %s\n", dom3, sid));
+		DEBUG(2,("Domain Member     - Domain: %s SID: %s\n", dom3, sid));
 		sid_to_string(sid, &sid5);
-		DEBUG(5,("Domain Controller - Domain: %s SID: %s\n", dom5, sid));
+		DEBUG(2,("Domain Controller - Domain: %s SID: %s\n", dom5, sid));
 		if (!strequal(dom3, global_myworkgroup) ||
 		    !strequal(dom5, global_myworkgroup))
@ -195,7 +221,7 @@ BOOL get_member_domain_sid(void)
 	}
 	else
 	{
-		DEBUG(5,("lsa query info failed\n"));
+		DEBUG(1,("lsa query info failed\n"));
 	}
 	if (!res)
 	{
@ -217,10 +243,7 @@ void generate_wellknown_sids(void)
 {
 	string_to_sid(&global_sid_S_1_5_20, "S-1-5-32");
 	string_to_sid(&global_sid_S_1_1   , "S-1-1"   );
-	string_to_sid(&global_sid_S_1_3_0 , "S-1-3-0" );
+	string_to_sid(&global_sid_S_1_3   , "S-1-3"   );
 	string_to_sid(&global_sid_S_1_3_1 , "S-1-3-1" );
 	string_to_sid(&global_sid_S_1_3_2 , "S-1-3-2" );
 	string_to_sid(&global_sid_S_1_3_3 , "S-1-3-3" );
 	string_to_sid(&global_sid_S_1_5   , "S-1-5"   );
 }
@ -476,7 +499,7 @@ BOOL split_domain_name(char *fullname, char *domain, char *name)
 	fstrcpy(full_name, fullname);
 	p = strchr(full_name+1, '\\');
-	if (p == NULL)
+	if (p != NULL)
 	{
 		*p = 0;
 		fstrcpy(domain, full_name);
--- a/source3/script/mkproto.awk
+++ b/source3/script/mkproto.awk
@ -90,7 +90,7 @@ END {
 {
  gotstart = 0;
-  if( $0 ~ /^connection_struct|^pipes_struct|^file_fd_struct|^files_struct|^connection_struct|^uid_t|^gid_t|^unsigned|^mode_t|^DIR|^user|^int|^pid_t|^ino_t|^off_t/ ) {
+  if( $0 ~ /^connection_struct|^LOCAL_GRP|^DOMAIN_GRP|^pipes_struct|^file_fd_struct|^files_struct|^connection_struct|^uid_t|^gid_t|^unsigned|^mode_t|^DIR|^user|^int|^pid_t|^ino_t|^off_t/ ) {
    gotstart = 1;
  }
--- a/source3/smbd/groupname.c
+++ b/source3/smbd/groupname.c
@ -1,606 +0,0 @@
 /* 
   Unix SMB/Netbios implementation.
   Version 1.9.
   Groupname handling
   Copyright (C) Jeremy Allison 1998.
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.
   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.
   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 /* 
 * UNIX gid and Local or Domain SID resolution.  This module resolves
 * only those entries in the map files, it is *NOT* responsible for
 * resolving UNIX groups not listed: that is an entirely different
 * matter, altogether...
 */
 /*
 *
 *
 format of the file is:
 unixname	NT Group name
 unixname	Domain Admins (well-known Domain Group)
 unixname	DOMAIN_NAME\NT Group name
 unixname	OTHER_DOMAIN_NAME\NT Group name
 unixname	DOMAIN_NAME\Domain Admins (well-known Domain Group)
 ....
 if the DOMAIN_NAME\ component is left off, then your own domain is assumed.
 *
 *
 */
 #include "includes.h"
 extern int DEBUGLEVEL;
 /* we can map either local aliases or domain groups */
 typedef enum 
 {
 	GROUP_LOCAL,
 	GROUP_DOMAIN
 } GROUP_TYPE;
 /**************************************************************************
 Groupname map functionality. The code loads a groupname map file and
 (currently) loads it into a linked list. This is slow and memory
 hungry, but can be changed into a more efficient storage format
 if the demands on it become excessive.
 ***************************************************************************/
 typedef struct group_name_info
 {
   char *nt_name;
   char *nt_domain;
   char *unix_name;
   DOM_SID sid;
   gid_t  unix_gid;
 } GROUP_NAME_INFO;
 typedef struct name_map
 {
 	ubi_slNode next;
 	GROUP_NAME_INFO grp;
 } name_map_entry;
 static ubi_slList groupname_map_list;
 static ubi_slList aliasname_map_list;
 static void delete_name_entry(name_map_entry *gmep)
 {
 	if (gmep->grp.nt_name)
 	{
 		free(gmep->grp.nt_name);
 	}
 	if (gmep->grp.nt_domain)
 	{
 		free(gmep->grp.nt_domain);
 	}
 	if (gmep->grp.unix_name)
 	{
 		free(gmep->grp.unix_name);
 	}
 	free((char*)gmep);
 }
 /**************************************************************************
 Delete all the entries in the name map list.
 ***************************************************************************/
 static void delete_map_list(ubi_slList *map_list)
 {
 	name_map_entry *gmep;
 	while ((gmep = (name_map_entry *)ubi_slRemHead(map_list )) != NULL)
 	{
 		delete_name_entry(gmep);
 	}
 }
 /**************************************************************************
 makes a group sid out of a domain sid and a _unix_ gid.
 ***************************************************************************/
 static BOOL make_mydomain_sid(GROUP_NAME_INFO *grp, GROUP_TYPE type)
 {
 	uint32 tmp_rid;
 	uint8  tmp_type;
 	DEBUG(10,("make_mydomain_sid\n"));
 	if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
 	{
 		DEBUG(0,("make_mydomain_sid: unknown domain %s\n",
 			  grp->nt_domain));
 		return False;
 	}
 	else if (lookup_wk_group_rid(grp->nt_name, &tmp_rid, &tmp_type))
 	{
 		return sid_append_rid(&grp->sid, tmp_rid);
 	}
 	else
 	{
 		if (type == GROUP_DOMAIN)
 		{
 			tmp_rid = pwdb_gid_to_group_rid(grp->unix_gid);
 		}
 		else
 		{
 			tmp_rid = pwdb_gid_to_alias_rid(grp->unix_gid);
 		}
 		return sid_append_rid(&(grp->sid), tmp_rid);
 	}
 }
 /**************************************************************************
 makes a group sid out of an nt domain, nt group name or a unix group name.
 ***************************************************************************/
 static BOOL unix_name_to_group_info(GROUP_NAME_INFO *grp, GROUP_TYPE type)
 {
 	extern fstring global_sam_name;
 	struct group *gptr = NULL;
 	/*
 	 * Attempt to get the unix gid_t for this name.
 	 */
 	DEBUG(5,("unix_name_to_group_info: unix_name:%s\n", grp->unix_name));
 	gptr = (struct group *)getgrnam(grp->unix_name);
 	if (gptr == NULL)
 	{
 		DEBUG(0,("unix_name_to_group_info: getgrnam for group %s\
 failed. Error was %s.\n", grp->unix_name, strerror(errno) ));
 		return False;
 	}
 	grp->unix_gid = (gid_t)gptr->gr_gid;
 	DEBUG(5,("unix_name_to_group_info: unix gid:%d\n", grp->unix_gid));
 	/*
 	 * Now map the name to an NT SID+RID.
 	 */
 	if (grp->nt_domain != NULL && !strequal(grp->nt_domain, global_sam_name))
 	{
 		/* Must add client-call lookup code here, to 
 		 * resolve remote domain's sid and the group's rid,
 		 * in that domain.
 		 *
 		 * NOTE: it is _incorrect_ to put code here that assumes
 		 * that we can call pwdb_gid_to_group_rid() or _alias_rid():
 		 * it is a totally different domain for which we are *NOT*
 		 * responsible.
 		 * for foriegn domains for which we are *NOT* the PDC, all
 		 * we can be responsible for is the unix * gid_t to which
 		 * the foriegn SID+rid maps to, on this _local_ machine.  
 		 */
 		if (!map_domain_name_to_sid(&grp->sid, &(grp->nt_domain)))
 		{
 			DEBUG(0,("unix_name_to_group_info: no known sid for %s\n",
 				  grp->nt_domain));
 			return False;
 		}
 		DEBUG(0,("unix_name_to_group_info: cannot resolve domain %s\n",
 			  grp->nt_domain));
 		return False;
 	}
 	else
 	{
 		return make_mydomain_sid(grp, type);
 	}
 }
 static BOOL make_name_entry(name_map_entry **new_ep,
 		char *nt_domain, char *nt_group, char *unix_group,
 		GROUP_TYPE type)
 {
 	/*
 	 * Create the list entry and add it onto the list.
 	 */
 	DEBUG(5,("make_name_entry:%s,%s,%s\n", nt_domain, nt_group, unix_group));
 	(*new_ep) = (name_map_entry *)malloc(sizeof(name_map_entry));
 	if ((*new_ep) == NULL)
 	{
 		DEBUG(0,("make_name_entry: malloc fail for name_map_entry.\n"));
 		return False;
 	} 
 	ZERO_STRUCTP(*new_ep);
 	(*new_ep)->grp.nt_name   = strdup(nt_group  );
 	(*new_ep)->grp.nt_domain = strdup(nt_domain );
 	(*new_ep)->grp.unix_name = strdup(unix_group);
 	if ((*new_ep)->grp.nt_name   == NULL ||
 	    (*new_ep)->grp.unix_name == NULL)
 	{
 		DEBUG(0,("make_name_entry: malloc fail for names in name_map_entry.\n"));
 		delete_name_entry((*new_ep));
 		return False;
 	}
 	/*
 	 * look up the group names, make the Group-SID and unix gid
 	 */
 	if (!unix_name_to_group_info(&(*new_ep)->grp, type))
 	{
 		delete_name_entry((*new_ep));
 		return False;
 	}
 	return True;
 }
 /**************************************************************************
 Load a name map file. Sets last accessed timestamp.
 ***************************************************************************/
 static void load_name_map(GROUP_TYPE type)
 {
 	static time_t groupmap_file_last_modified = (time_t)0;
 	static time_t aliasmap_file_last_modified = (time_t)0;
 	static BOOL initialised_group = False;
 	static BOOL initialised_alias = False;
 	char *groupname_map_file = lp_groupname_map();
 	char *aliasname_map_file = lp_aliasname_map();
 	SMB_STRUCT_STAT st;
 	FILE *fp;
 	char *s;
 	pstring buf;
 	name_map_entry *new_ep;
 	time_t *file_last_modified;
 	int    *initialised;
 	char   *map_file;
 	ubi_slList *map_list;
 	if (type == GROUP_DOMAIN)
 	{
 		file_last_modified = &groupmap_file_last_modified;
 		initialised        = &initialised_group;
 		map_file           = groupname_map_file;
 		map_list           = &groupname_map_list;
 	}
 	else
 	{
 		file_last_modified = &aliasmap_file_last_modified;
 		initialised        = &initialised_alias;
 		map_file           = aliasname_map_file;
 		map_list           = &aliasname_map_list;
 	}
 	DEBUG(10,("load_name_map : %s\n", map_file));
 	if (!(*initialised))
 	{
 		ubi_slInitList(map_list);
 		(*initialised) = True;
 	}
 	if (!*map_file)
 	{
 		return;
 	}
 	if (sys_stat(map_file, &st) != 0)
 	{
 		DEBUG(0, ("load_name_map: Unable to stat file %s. Error was %s\n",
 		           map_file, strerror(errno) ));
 		return;
 	}
 	/*
 	 * Check if file has changed.
 	 */
 	if (st.st_mtime <= (*file_last_modified))
 	{
 		return;
 	}
 	(*file_last_modified) = st.st_mtime;
 	/*
 	 * Load the file.
 	 */
 	fp = sys_fopen(map_file,"r");
 	if (!fp)
 	{
 		DEBUG(0,("load_name_map: can't open name map %s. Error was %s\n",
 		          map_file, strerror(errno)));
 		return;
 	}
 	/*
 	 * Throw away any previous list.
 	 */
 	delete_map_list(map_list);
 	DEBUG(4,("load_name_map: Scanning name map %s\n",map_file));
 	while ((s = fgets_slash(buf, sizeof(buf), fp)) != NULL)
 	{
 		pstring unixname;
 		pstring nt_name;
 		fstring nt_domain;
 		fstring nt_group;
 		char *p;
 		DEBUG(10,("Read line |%s|\n", s));
 		memset(nt_name, 0, sizeof(nt_name));
 		if (!*s || strchr("#;",*s))
 			continue;
 		if (!next_token(&s,unixname, "\t\n\r=", sizeof(unixname)))
 			continue;
 		if (!next_token(&s,nt_name, "\t\n\r=", sizeof(nt_name)))
 			continue;
 		trim_string(unixname, " ", " ");
 		trim_string(nt_name, " ", " ");
 		if (!*nt_name)
 			continue;
 		if (!*unixname)
 			continue;
 		DEBUG(5,("unixname = %s, ntname = %s.\n",
 		          unixname, nt_name));
 		p = strchr(nt_name, '\\');
 		if (p == NULL)
 		{
 			memset(nt_domain, 0, sizeof(nt_domain));
 			fstrcpy(nt_group, nt_name);
 		}
 		else
 		{
 			*p = 0;
 			p++;
 			fstrcpy(nt_domain, nt_name);
 			fstrcpy(nt_group , p);
 		}
 		if (make_name_entry(&new_ep, nt_domain, nt_name, unixname, type))
 		{
 			ubi_slAddHead(map_list, (ubi_slNode *)new_ep);
 		}
 	}
 	DEBUG(10,("load_name_map: Added %ld entries to name map.\n",
 	ubi_slCount(map_list)));
 	fclose(fp);
 }
 /***********************************************************
 Lookup a gid_t by SID
 ************************************************************/
 static BOOL map_sid_to_gid(GROUP_TYPE type, ubi_slList *map_list,
 		DOM_SID *psid, gid_t *gid)
 {
 	name_map_entry *gmep;
 	/*
 	 * Initialize and load if not already loaded.
 	 */
 	load_name_map(type);
 	for (gmep = (name_map_entry *)ubi_slFirst(map_list);
 	     gmep != NULL;
 	     gmep = (name_map_entry *)ubi_slNext(gmep ))
 	{
 		if (sid_equal(&gmep->grp.sid, psid))
 		{
 			*gid = gmep->grp.unix_gid;
 			DEBUG(7,("map_sid_to_gid: Mapping unix group %s to nt group %s.\n",
 			       gmep->grp.unix_name, gmep->grp.nt_name ));
 			return True;
 		}
 	}
 	return False;
 }
 /***********************************************************
 Lookup a SID entry by nt name.
 ************************************************************/
 static BOOL map_sid_to_ntname(GROUP_TYPE type, ubi_slList *map_list,
 		DOM_SID *psid, char *ntname, char *ntdomain)
 {
 	name_map_entry *gmep;
 	/*
 	 * Initialize and load if not already loaded.
 	 */
 	load_name_map(type);
 	for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
 	     gmep != NULL;
 	     gmep = (name_map_entry *)ubi_slNext(gmep ))
 	{
 		if (sid_equal(&gmep->grp.sid, psid))
 		{
 			if (ntname != NULL)
 			{
 				fstrcpy(ntname, gmep->grp.nt_name);
 			}
 			if (ntdomain != NULL)
 			{
 				fstrcpy(ntname, gmep->grp.nt_domain);
 			}
 			DEBUG(7,("map_sid_to_ntname: Mapping unix group %s to nt group \\%s\\%s\n",
 			       gmep->grp.unix_name,
 			       gmep->grp.nt_domain, gmep->grp.nt_name ));
 			return True;
 		}
 	}
 	return False;
 }
 /***********************************************************
 Lookup a SID entry by nt name.
 ************************************************************/
 static BOOL map_ntname_to_sid(GROUP_TYPE type, ubi_slList *map_list,
 		char * ntname, DOM_SID *psid)
 {
 	name_map_entry *gmep;
 	/*
 	 * Initialize and load if not already loaded.
 	 */
 	load_name_map(type);
 	for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
 	     gmep != NULL;
 	     gmep = (name_map_entry *)ubi_slNext(gmep ))
 	{
 		if (strequal(gmep->grp.nt_name, ntname))
 		{
 			*psid = gmep->grp.sid;
 			DEBUG(7,("map_ntname_to_sid: Mapping unix group %s to nt group %s.\n",
 			       gmep->grp.unix_name, gmep->grp.nt_name ));
 			return True;
 		}
 	}
 	return False;
 }
 /***********************************************************
 Lookup a SID entry by gid_t.
 ************************************************************/
 static BOOL map_gid_to_sid(GROUP_TYPE type, ubi_slList *map_list,
 		gid_t gid, DOM_SID *psid)
 {
 	name_map_entry *gmep;
 	/*
 	 * Initialize and load if not already loaded.
 	 */
 	load_name_map(type);
 	for (gmep = (name_map_entry *)ubi_slFirst(&map_list);
 	     gmep != NULL;
 	     gmep = (name_map_entry *)ubi_slNext(gmep ))
 	{
 		if (gmep->grp.unix_gid == gid)
 		{
 			*psid = gmep->grp.sid;
 			DEBUG(7,("map_gid_to_sid: Mapping unix group %s to nt group %s.\n",
 			       gmep->grp.unix_name, gmep->grp.nt_name ));
 			return True;
 		}
 	}
 	return False;
 }
 /*
 * Call these four functions to resolve unix group ids and either
 * local group SIDs or domain group SIDs listed in the local group
 * or domain group map files.
 *
 * Note that it is *NOT* the responsibility of these functions to
 * resolve entries that are not in the map files.
 *
 * Any SID can be in the map files (i.e from any Domain).
 */
 /***********************************************************
 Lookup a Group entry by sid.
 ************************************************************/
 BOOL map_group_sid_to_name(DOM_SID *psid, char *group_name, char *nt_domain)
 {
 	return map_sid_to_ntname(GROUP_DOMAIN, &groupname_map_list, psid, group_name, nt_domain);
 }
 /***********************************************************
 Lookup an Alias SID entry by name.
 ************************************************************/
 BOOL map_alias_sid_to_name(DOM_SID *psid, char *alias_name, char *nt_domain)
 {
 	return map_sid_to_ntname(GROUP_LOCAL, &aliasname_map_list, psid, alias_name, nt_domain);
 }
 /***********************************************************
 Lookup a Group SID entry by name.
 ************************************************************/
 BOOL map_group_name_to_sid(char *group_name, DOM_SID *psid)
 {
 	return map_ntname_to_sid(GROUP_DOMAIN, &groupname_map_list, group_name, psid);
 }
 /***********************************************************
 Lookup an Alias SID entry by name.
 ************************************************************/
 BOOL map_alias_name_to_sid(char *alias_name, DOM_SID *psid)
 {
 	return map_ntname_to_sid(GROUP_LOCAL, &aliasname_map_list, alias_name, psid);
 }
 /***********************************************************
 Lookup an Alias SID entry by gid_t.
 ************************************************************/
 BOOL map_gid_to_alias_sid(gid_t gid, DOM_SID *psid)
 {
 	return map_gid_to_sid(GROUP_LOCAL, &aliasname_map_list, gid, psid);
 }
 /***********************************************************
 Lookup a Group SID entry by gid_t.
 ************************************************************/
 BOOL map_gid_to_group_sid( gid_t gid, DOM_SID *psid)
 {
 	return map_gid_to_sid(GROUP_DOMAIN, &groupname_map_list, gid, psid);
 }
 /***********************************************************
 Lookup a Group gid_t by SID
 ************************************************************/
 BOOL map_group_sid_to_gid( DOM_SID *psid, gid_t *gid)
 {
 	return map_sid_to_gid(GROUP_DOMAIN, &groupname_map_list, psid, gid);
 }
 /***********************************************************
 Lookup an Alias gid_t by SID
 ************************************************************/
 BOOL map_alias_sid_to_gid( DOM_SID *psid, gid_t *gid)
 {
 	return map_sid_to_gid(GROUP_LOCAL, &aliasname_map_list, psid, gid);
 }
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@ -615,8 +615,8 @@ int reply_ntcreate_and_X(connection_struct *conn,
 	/* If it's an IPC, use the pipe handler. */
-	if (IS_IPC(conn) && lp_nt_pipe_support()) {
+	if (IS_IPC(conn) && lp_nt_pipe_support() && lp_security() != SEC_SHARE)
-
+	{
 		int ret = nt_open_pipe(fname, conn, inbuf, outbuf, &pnum);
 		if(ret != 0)
 			return ret;
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@ -652,26 +652,8 @@ static void usage(char *pname)
 	codepage_initialise(lp_client_code_page());
 	fstrcpy(global_myworkgroup, lp_workgroup());
 	memset(global_sam_name, 0, sizeof(global_sam_name));
-	if (lp_domain_logons())
+	get_sam_domain_name();
 	{
 		if (lp_security() == SEC_USER)
 		{
 			/* we are PDC (or BDC) for a Domain */
 			fstrcpy(global_sam_name, lp_workgroup());
 		}
 		else if (lp_security() == SEC_DOMAIN)
 		{
 			/* we are a "PDC", but FOR LOCAL SAM DATABASE ONLY */
 			fstrcpy(global_sam_name, global_myname);
 		}
 		else if (lp_security() == SEC_SHARE)
 		{
 			DEBUG(0,("ERROR: no Domain functionality in security = share\n"));
 			exit(1);
 		}
 	}
 	generate_wellknown_sids();