svn commit: samba r5528 - branches/SAMBA_3_0/source/auth
trunk/source/auth
gd at samba.org
gd at samba.org
Thu Feb 24 00:26:25 GMT 2005
Author: gd
Date: 2005-02-24 00:26:24 +0000 (Thu, 24 Feb 2005)
New Revision: 5528
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5528
Log:
Expand the invalid-workstation-scheme. Workstation-Names with leading
'@'-sign are expanded on-the-fly as posix-groups of workstations. This
allows optional, more flexible login-control in larger networks.
Guenther
Modified:
branches/SAMBA_3_0/source/auth/auth_sam.c
trunk/source/auth/auth_sam.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_sam.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_sam.c 2005-02-24 00:11:42 UTC (rev 5527)
+++ branches/SAMBA_3_0/source/auth/auth_sam.c 2005-02-24 00:26:24 UTC (rev 5528)
@@ -170,9 +170,13 @@
if (*workstation_list) {
BOOL invalid_ws = True;
+ fstring tok;
const char *s = workstation_list;
+
+ const char *machine_name = talloc_asprintf(mem_ctx, "%s$", user_info->wksta_name.str);
+ if (machine_name == NULL)
+ return NT_STATUS_NO_MEMORY;
- fstring tok;
while (next_token(&s, tok, ",", sizeof(tok))) {
DEBUG(10,("sam_account_ok: checking for workstation match %s and %s (len=%d)\n",
@@ -181,6 +185,14 @@
invalid_ws = False;
break;
}
+ if (tok[0] == '@') {
+ DEBUG(10,("sam_account_ok: checking for workstation %s in group: %s\n",
+ machine_name, tok + 1));
+ if (user_in_group_list(machine_name, tok + 1, NULL, 0)) {
+ invalid_ws = False;
+ break;
+ }
+ }
}
if (invalid_ws)
Modified: trunk/source/auth/auth_sam.c
===================================================================
--- trunk/source/auth/auth_sam.c 2005-02-24 00:11:42 UTC (rev 5527)
+++ trunk/source/auth/auth_sam.c 2005-02-24 00:26:24 UTC (rev 5528)
@@ -170,9 +170,13 @@
if (*workstation_list) {
BOOL invalid_ws = True;
+ fstring tok;
const char *s = workstation_list;
+
+ const char *machine_name = talloc_asprintf(mem_ctx, "%s$", user_info->wksta_name.str);
+ if (machine_name == NULL)
+ return NT_STATUS_NO_MEMORY;
- fstring tok;
while (next_token(&s, tok, ",", sizeof(tok))) {
DEBUG(10,("sam_account_ok: checking for workstation match %s and %s (len=%d)\n",
@@ -181,6 +185,14 @@
invalid_ws = False;
break;
}
+ if (tok[0] == '@') {
+ DEBUG(10,("sam_account_ok: checking for workstation %s in group: %s\n",
+ machine_name, tok + 1));
+ if (user_in_group_list(machine_name, tok + 1, NULL, 0)) {
+ invalid_ws = False;
+ break;
+ }
+ }
}
if (invalid_ws)
More information about the samba-cvs
mailing list