sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code

r23733: Limit LDAP lookup in lookup_usergroups_member() to security groups.

Browse Source 
Credits to Ralf Haferkamp for the discussion and help on this.
This commit is contained in:
Lars Müller 2007-07-06 18:49:49 +00:00 committed by Gerald (Jerry) Carter
parent 4c04059f7d
commit 5be96d09a7
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source/nsswitch/winbindd_ads.c
View File

@ -570,7 +570,12 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
goto done;
}
if (!(ldap_exp = talloc_asprintf(mem_ctx, "(&(member=%s)(objectCategory=group))", escaped_dn))) {
ldap_exp = talloc_asprintf(mem_ctx,
"(&(member=%s)(objectCategory=group)(groupType:dn:%s:=%d))",
escaped_dn,
ADS_LDAP_MATCHING_RULE_BIT_AND,
GROUP_TYPE_SECURITY_ENABLED);
if (!ldap_exp) {
DEBUG(1,("lookup_usergroups(dn=%s) asprintf failed!\n", user_dn));
SAFE_FREE(escaped_dn);
status = NT_STATUS_NO_MEMORY;