sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

r13683: Fix the 'valid users = +users' problem I introduced.

Browse Source 
Volker
This commit is contained in:
Volker Lendecke 2006-02-24 22:26:53 +00:00 committed by Gerald (Jerry) Carter
parent 07d1037e17
commit dbdb8bdb99
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
source/passdb/lookup_sid.c
View File

@ -116,6 +116,25 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
goto failed;
}
/*
* Nasty hack necessary for too common scenarios:
*
* For 'valid users = +users' we know "users" is most probably not
* BUILTIN\users but the unix group users. This hack requires the
* admin to explicitly qualify BUILTIN if BUILTIN\users is meant.
*
* Please note that LOOKUP_NAME_GROUP can not be requested via for
* example lsa_lookupnames, it only comes into this routine via
* the expansion of group names coming in from smb.conf
*/
if ((flags & LOOKUP_NAME_GROUP) &&
(lookup_unix_group_name(name, &sid))) {
domain = talloc_strdup(tmp_ctx, unix_groups_domain_name());
type = SID_NAME_DOM_GRP;
goto ok;
}
/* Now the guesswork begins, we haven't been given an explicit
* domain. Try the sequence as documented on
* http://msdn.microsoft.com/library/en-us/secmgmt/security/lsalookupnames.asp