sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code

r23054: Move the check for the lookup_domain of S-1-22-{1,2} before the

Browse Source 
check for IS_DC.  Otherwise we will for example fail to lookup a
sid of S-1-22-1-780 because it has no valid struct winbindd_domain*
in the list.   Thanks to Simo for the catch.
This commit is contained in:
Gerald Carter 2007-05-21 21:33:51 +00:00 committed by Gerald (Jerry) Carter
parent 2d636ad2a3
commit f53aa56998
1 changed files with 17 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
source/nsswitch/winbindd_util.c
View File

@ -902,6 +902,16 @@ struct winbindd_domain *find_builtin_domain(void)
struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
{
/* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
if ( sid_check_is_in_unix_groups(sid) ||
sid_check_is_unix_groups(sid) ||
sid_check_is_in_unix_users(sid) ||
sid_check_is_unix_users(sid) )
{
return find_domain_from_sid(get_global_sam_sid());
}
/* A DC can't ask the local smbd for remote SIDs, here winbindd is the
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
@ -914,17 +924,6 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
return find_domain_from_sid(sid);
}
/* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
if ( sid_check_is_in_unix_groups(sid) ||
sid_check_is_unix_groups(sid) ||
sid_check_is_in_unix_users(sid) ||
sid_check_is_unix_users(sid) )
{
return find_domain_from_sid(get_global_sam_sid());
}
/* On a member server a query for SID or name can always go to our
* primary DC. */
@ -934,18 +933,18 @@ struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
{
if (IS_DC || strequal(domain_name, "BUILTIN") ||
strequal(domain_name, get_global_sam_name()))
return find_domain_from_name_noinit(domain_name);
/* The "Unix User" and "Unix Group" domain our handled by passdb */
if ( strequal(domain_name, unix_users_domain_name() ) ||
strequal(domain_name, unix_groups_domain_name() ) )
{
return find_domain_from_name_noinit( get_global_sam_name() );
}
if (IS_DC || strequal(domain_name, "BUILTIN") ||
strequal(domain_name, get_global_sam_name()))
return find_domain_from_name_noinit(domain_name);
/* The "Unix User" and "Unix Group" domain our handled by passdb */
return find_our_domain();
}