svn commit: samba r23054 - in branches: SAMBA_3_0/source/nsswitch
SAMBA_3_0_26/source/nsswitch
jerry at samba.org
jerry at samba.org
Mon May 21 21:33:53 GMT 2007
Author: jerry
Date: 2007-05-21 21:33:51 +0000 (Mon, 21 May 2007)
New Revision: 23054
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23054
Log:
Move the check for the lookup_domain of S-1-22-{1,2} before the
check for IS_DC. Otherwise we will for example fail to lookup a
sid of S-1-22-1-780 because it has no valid struct winbindd_domain*
in the list. Thanks to Simo for the catch.
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_util.c
branches/SAMBA_3_0_26/source/nsswitch/winbindd_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_util.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2007-05-21 21:18:23 UTC (rev 23053)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_util.c 2007-05-21 21:33:51 UTC (rev 23054)
@@ -902,6 +902,16 @@
struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
{
+ /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
+
+ if ( sid_check_is_in_unix_groups(sid) ||
+ sid_check_is_unix_groups(sid) ||
+ sid_check_is_in_unix_users(sid) ||
+ sid_check_is_unix_users(sid) )
+ {
+ return find_domain_from_sid(get_global_sam_sid());
+ }
+
/* A DC can't ask the local smbd for remote SIDs, here winbindd is the
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
@@ -912,19 +922,8 @@
if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
- }
+ }
- /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
-
- if ( sid_check_is_in_unix_groups(sid) ||
- sid_check_is_unix_groups(sid) ||
- sid_check_is_in_unix_users(sid) ||
- sid_check_is_unix_users(sid) )
- {
- return find_domain_from_sid(get_global_sam_sid());
- }
-
-
/* On a member server a query for SID or name can always go to our
* primary DC. */
@@ -934,18 +933,18 @@
struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
{
- if (IS_DC || strequal(domain_name, "BUILTIN") ||
- strequal(domain_name, get_global_sam_name()))
- return find_domain_from_name_noinit(domain_name);
-
- /* The "Unix User" and "Unix Group" domain our handled by passdb */
-
if ( strequal(domain_name, unix_users_domain_name() ) ||
strequal(domain_name, unix_groups_domain_name() ) )
{
return find_domain_from_name_noinit( get_global_sam_name() );
}
+ if (IS_DC || strequal(domain_name, "BUILTIN") ||
+ strequal(domain_name, get_global_sam_name()))
+ return find_domain_from_name_noinit(domain_name);
+
+ /* The "Unix User" and "Unix Group" domain our handled by passdb */
+
return find_our_domain();
}
Modified: branches/SAMBA_3_0_26/source/nsswitch/winbindd_util.c
===================================================================
--- branches/SAMBA_3_0_26/source/nsswitch/winbindd_util.c 2007-05-21 21:18:23 UTC (rev 23053)
+++ branches/SAMBA_3_0_26/source/nsswitch/winbindd_util.c 2007-05-21 21:33:51 UTC (rev 23054)
@@ -911,6 +911,16 @@
struct winbindd_domain *find_lookup_domain_from_sid(const DOM_SID *sid)
{
+ /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
+
+ if ( sid_check_is_in_unix_groups(sid) ||
+ sid_check_is_unix_groups(sid) ||
+ sid_check_is_in_unix_users(sid) ||
+ sid_check_is_unix_users(sid) )
+ {
+ return find_domain_from_sid(get_global_sam_sid());
+ }
+
/* A DC can't ask the local smbd for remote SIDs, here winbindd is the
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
@@ -921,19 +931,8 @@
if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
DEBUG(10, ("calling find_domain_from_sid\n"));
return find_domain_from_sid(sid);
- }
+ }
- /* SIDs in the S-1-22-{1,2} domain should be handled by our passdb */
-
- if ( sid_check_is_in_unix_groups(sid) ||
- sid_check_is_unix_groups(sid) ||
- sid_check_is_in_unix_users(sid) ||
- sid_check_is_unix_users(sid) )
- {
- return find_domain_from_sid(get_global_sam_sid());
- }
-
-
/* On a member server a query for SID or name can always go to our
* primary DC. */
@@ -943,18 +942,18 @@
struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
{
- if (IS_DC || strequal(domain_name, "BUILTIN") ||
- strequal(domain_name, get_global_sam_name()))
- return find_domain_from_name_noinit(domain_name);
-
- /* The "Unix User" and "Unix Group" domain our handled by passdb */
-
if ( strequal(domain_name, unix_users_domain_name() ) ||
strequal(domain_name, unix_groups_domain_name() ) )
{
return find_domain_from_name_noinit( get_global_sam_name() );
}
+ if (IS_DC || strequal(domain_name, "BUILTIN") ||
+ strequal(domain_name, get_global_sam_name()))
+ return find_domain_from_name_noinit(domain_name);
+
+ /* The "Unix User" and "Unix Group" domain our handled by passdb */
+
return find_our_domain();
}
More information about the samba-cvs
mailing list