svn commit: samba r8787 - branches/SAMBA_3_0/source/passdb trunk/source/passdb

gd at samba.org gd at samba.org
Tue Jul 26 21:57:50 GMT 2005 

Author: gd
Date: 2005-07-26 21:57:49 +0000 (Tue, 26 Jul 2005)
New Revision: 8787

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8787

Log:
Make enumeration of builtin-aliases work again.

Guenther

Modified:
   branches/SAMBA_3_0/source/passdb/pdb_ldap.c
   trunk/source/passdb/pdb_ldap.c


Changeset:
Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c
===================================================================
--- branches/SAMBA_3_0/source/passdb/pdb_ldap.c	2005-07-26 20:11:37 UTC (rev 8786)
+++ branches/SAMBA_3_0/source/passdb/pdb_ldap.c	2005-07-26 21:57:49 UTC (rev 8787)
@@ -3370,6 +3370,7 @@
 	struct smbldap_state *connection;
 
 	uint16 acct_flags;
+	uint16 group_type;
 
 	const char *base;
 	int scope;
@@ -3671,11 +3672,26 @@
 {
 	char **vals;
 	DOM_SID sid;
+	uint16 group_type;
 
 	result->account_name = "";
 	result->fullname = "";
 	result->description = "";
 
+
+	vals = ldap_get_values(ld, entry, "sambaGroupType");
+	if ((vals == NULL) || (vals[0] == NULL)) {
+		DEBUG(5, ("\"sambaGroupType\" not found\n"));
+		return False;
+	}
+
+	group_type = atoi(vals[0]);
+
+	if ((state->group_type != 0) &&
+	    ((state->group_type != group_type))) {
+		return False;
+	}
+
 	vals = ldap_get_values(ld, entry, "cn");
 	if ((vals == NULL) || (vals[0] == NULL)) {
 		DEBUG(5, ("\"cn\" not found\n"));
@@ -3722,12 +3738,31 @@
 		return False;
 	}
 
-	if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) {
-		DEBUG(0, ("%s is not our domain\n", vals[0]));
-		return False;
-	}
 	ldap_value_free(vals);
 
+	switch (group_type) {
+		case SID_NAME_DOM_GRP:
+		case SID_NAME_ALIAS:
+
+			if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) {
+				DEBUG(0, ("%s is not in our domain\n", sid_string_static(&sid)));
+				return False;
+			}
+			break;
+	
+		case SID_NAME_WKN_GRP:
+
+			if (!sid_check_is_in_builtin(&sid)) {
+				DEBUG(0, ("%s is not in builtin sid\n", sid_string_static(&sid)));
+				return False;
+			}
+			break;
+
+		default:
+			DEBUG(0,("unkown group type: %d\n", group_type));
+			return False;
+	}
+	
 	return True;
 }
 
@@ -3753,10 +3788,11 @@
 					"(&(objectclass=sambaGroupMapping)"
 					"(sambaGroupType=%d))", type);
 	state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid",
-				    "displayName", "description", NULL);
+				    "displayName", "description", "sambaGroupType", NULL);
 	state->attrsonly = 0;
 	state->pagedresults_cookie = NULL;
 	state->entries = NULL;
+	state->group_type = type;
 	state->ldap2displayentry = ldapgroup2displayentry;
 
 	if ((state->filter == NULL) || (state->attrs == NULL)) {

Modified: trunk/source/passdb/pdb_ldap.c
===================================================================
--- trunk/source/passdb/pdb_ldap.c	2005-07-26 20:11:37 UTC (rev 8786)
+++ trunk/source/passdb/pdb_ldap.c	2005-07-26 21:57:49 UTC (rev 8787)
@@ -3758,6 +3758,7 @@
 	struct smbldap_state *connection;
 
 	uint16 acct_flags;
+	uint16 group_type;
 
 	const char *base;
 	int scope;
@@ -4059,11 +4060,26 @@
 {
 	char **vals;
 	DOM_SID sid;
+	uint16 group_type;
 
 	result->account_name = "";
 	result->fullname = "";
 	result->description = "";
 
+
+	vals = ldap_get_values(ld, entry, "sambaGroupType");
+	if ((vals == NULL) || (vals[0] == NULL)) {
+		DEBUG(5, ("\"sambaGroupType\" not found\n"));
+		return False;
+	}
+
+	group_type = atoi(vals[0]);
+
+	if ((state->group_type != 0) &&
+	    ((state->group_type != group_type))) {
+		return False;
+	}
+
 	vals = ldap_get_values(ld, entry, "cn");
 	if ((vals == NULL) || (vals[0] == NULL)) {
 		DEBUG(5, ("\"cn\" not found\n"));
@@ -4110,12 +4126,31 @@
 		return False;
 	}
 
-	if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) {
-		DEBUG(0, ("%s is not our domain\n", vals[0]));
-		return False;
-	}
 	ldap_value_free(vals);
 
+	switch (group_type) {
+		case SID_NAME_DOM_GRP:
+		case SID_NAME_ALIAS:
+
+			if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) {
+				DEBUG(0, ("%s is not in our domain\n", sid_string_static(&sid)));
+				return False;
+			}
+			break;
+	
+		case SID_NAME_WKN_GRP:
+
+			if (!sid_check_is_in_builtin(&sid)) {
+				DEBUG(0, ("%s is not in builtin sid\n", sid_string_static(&sid)));
+				return False;
+			}
+			break;
+
+		default:
+			DEBUG(0,("unkown group type: %d\n", group_type));
+			return False;
+	}
+	
 	return True;
 }
 
@@ -4141,10 +4176,11 @@
 					"(&(objectclass=sambaGroupMapping)"
 					"(sambaGroupType=%d))", type);
 	state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid",
-				    "displayName", "description", NULL);
+				    "displayName", "description", "sambaGroupType", NULL);
 	state->attrsonly = 0;
 	state->pagedresults_cookie = NULL;
 	state->entries = NULL;
+	state->group_type = type;
 	state->ldap2displayentry = ldapgroup2displayentry;
 
 	if ((state->filter == NULL) || (state->attrs == NULL)) {

More information about the samba-cvs mailing list