2025-02-23 09:57:40 +03:00 · 2008-04-04 02:53:40 +02:00 · 2008-04-04 02:53:40 +02:00 · bea4541e11
commit bea4541e11
parent 69b23a39cd
4 changed files with 20 additions and 43 deletions
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@ -1620,7 +1620,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
 	nt_status = sid_array_from_info3(result, info3,
 					 &result->sids,
 					 &result->num_sids,
-					 False);
+					 false, false);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		TALLOC_FREE(result);
 		return nt_status;
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@ -668,7 +668,8 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
 			      const struct netr_SamInfo3 *info3,
 			      DOM_SID **user_sids,
 			      size_t *num_user_sids,
-			      bool include_user_group_rid)
+			      bool include_user_group_rid,
 			      bool skip_ressource_groups)
 {
 	NTSTATUS status;
 	DOM_SID sid;
@ -728,6 +729,12 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
         */
 	for (i = 0; i < info3->sidcount; i++) {
 		if (skip_ressource_groups &&
 		    (info3->sids[i].attributes & SE_GROUP_RESOURCE)) {
 			continue;
 		}
 		status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
 				      &sid_array, &num_sids);
 		if (!NT_STATUS_IS_OK(status)) {
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@ -313,7 +313,7 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx,
 	status = sid_array_from_info3(mem_ctx, info3, 
 				      &token->user_sids, 
 				      &token->num_sids,
-				      True);
+				      true, false);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@ -1274,14 +1274,11 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 {
 	struct netr_SamInfo3 *info3 = NULL;
 	NTSTATUS status = NT_STATUS_NO_MEMORY;
 	int i;
 	size_t num_groups = 0;
-	DOM_SID group_sid, primary_group;
+
 	DEBUG(3,(": lookup_usergroups_cached\n"));
-	
+
 	*user_sids = NULL;
 	num_groups = 0;
 	*p_num_groups = 0;
 	info3 = netsamlogon_cache_get(mem_ctx, user_sid);
@ -1294,46 +1291,19 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
 		TALLOC_FREE(info3);
 		return NT_STATUS_UNSUCCESSFUL;
 	}
-	
+
-	/* always add the primary group to the sid array */
+	/* Skip Domain local groups outside our domain.
-	sid_compose(&primary_group, info3->base.domain_sid, info3->base.rid);
+	   We'll get these from the getsidaliases() RPC call. */
-	
+	status = sid_array_from_info3(mem_ctx, info3,
-	status = add_sid_to_array(mem_ctx, &primary_group, user_sids,
+				      user_sids,
-				  &num_groups);
+				      &num_groups,
 				      true, true);
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(info3);
 		return status;
 	}
 	for (i=0; i < info3->base.groups.count; i++) {
 		sid_copy(&group_sid, info3->base.domain_sid);
 		sid_append_rid(&group_sid, info3->base.groups.rids[i].rid);
 		status = add_sid_to_array(mem_ctx, &group_sid, user_sids,
 					  &num_groups);
 		if (!NT_STATUS_IS_OK(status)) {
 			TALLOC_FREE(info3);
 			return status;
 		}
 	}
 	/* Add any Universal groups in the other_sids list */
 	for (i=0; i < info3->sidcount; i++) {
 		/* Skip Domain local groups outside our domain.
 		   We'll get these from the getsidaliases() RPC call. */
 		if (info3->sids[i].attributes & SE_GROUP_RESOURCE)
 			continue;
 		status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
 					  user_sids, &num_groups);
 		if (!NT_STATUS_IS_OK(status)) {
 			TALLOC_FREE(info3);
 			return status;
 		}
 	}
 	TALLOC_FREE(info3);
 	*p_num_groups = num_groups;
 	status = (user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;