svn commit: samba r12722 - in trunk/source/nsswitch: .

gd at samba.org gd at samba.org
Thu Jan 5 14:28:35 GMT 2006 

Author: gd
Date: 2006-01-05 14:28:34 +0000 (Thu, 05 Jan 2006)
New Revision: 12722

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12722

Log:
Handle NT_STATUS_ACCOUNT_DISABLED on logon as well.

Guenther

Modified:
   trunk/source/nsswitch/pam_winbind.c


Changeset:
Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c	2006-01-05 11:35:29 UTC (rev 12721)
+++ trunk/source/nsswitch/pam_winbind.c	2006-01-05 14:28:34 UTC (rev 12722)
@@ -125,6 +125,7 @@
 	{"NT_STATUS_INVALID_WORKSTATION", "You are not allowed to logon from this workstation"},
 	{"NT_STATUS_INVALID_LOGON_HOURS", "You are not allowed to logon at this time"},
 	{"NT_STATUS_ACCOUNT_EXPIRED", "Your account has expired. Please contact your System administrator"}, /* SCNR */
+	{"NT_STATUS_ACCOUNT_DISABLED", "Your account is disabled. Please contact your System administrator"}, /* SCNR */
 	{"NT_STATUS_ACCOUNT_LOCKED_OUT", "Your account has been locked. Please contact your System administrator"}, /* SCNR */
 	{"NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT", "Invalid Trust Account"},
 	{"NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT", "Invalid Trust Account"},
@@ -403,6 +404,7 @@
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_INVALID_WORKSTATION");
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_INVALID_LOGON_HOURS");
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_ACCOUNT_EXPIRED");
+		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_ACCOUNT_DISABLED");
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_ACCOUNT_LOCKED_OUT");
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT");
 		PAM_WB_REMARK_CHECK_RESPONSE(pamh, response, "NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT");
@@ -999,6 +1001,8 @@
 		struct winbindd_response response;
 		const char *user;
 		const char *ccname = NULL;
+		struct passwd *pwd = NULL;
+
 		int retval;
 
 		ZERO_STRUCT(request);
@@ -1027,7 +1031,11 @@
 		fstrcpy(request.data.logoff.user, user);
 		fstrcpy(request.data.logoff.krb5ccname, ccname);
 
-		request.data.logoff.uid = geteuid();
+		pwd = getpwnam(user);
+		if (pwd == NULL) {
+			return PAM_USER_UNKNOWN;
+		}
+		request.data.logoff.uid = pwd->pw_uid;
 
 		request.flags = WBFLAG_PAM_KRB5 | WBFLAG_PAM_CONTACT_TRUSTDOM;

More information about the samba-cvs mailing list