LSA_LOOKUPNAME on Samba-3.0.3rc1
Simo Sorce
idra at samba.org
Thu Apr 29 10:13:00 GMT 2004
On Thu, 2004-04-29 at 11:37, Jianliang Lu wrote:
> On Mon Apr 26 2004, Simo Sorce wrote:
> > Hey Jianliang,
> > we just fixed a bug in this function located deeper inside our calls.
> > See recent commits.
> >
> > The bug was in the function split_domain_name() in lib/util_sid.c
> >
> > Please look at revision 318 for details:
> >
> > http://websvn.samba.org/listing.php?
> rep=1&path=/trunk/source/lib/&rev=318&sc=1
>
> The fix in SVN is necessary, but not sufficient.
>
> See this case (a control-SA test from NT client):
>
> Lsa_OpenPolicy2 request: Server
> Lsa_lookupnames: account: Server\name
>
> This call will be failed, because we compare the Server name with the Domain
> Name. The correct action should check both domain name and server name. If
> one of this check is ok then the search will be locally.
Does a Windows DC answer to both?
I'll check asap and apply the patch once confirmed, thanks.
Simo.
> So, again my fix (add to that in SVN):
>
> FIXME:
> --- samba-3.0.3rc1/source/passdb/lookup_sid.c.orig Fri Apr 23 08:59:07 2004
> +++ samba-3.0.3rc1/source/passdb/lookup_sid.c Mon Apr 26 13:54:54 2004
> @@ -36,7 +36,8 @@
> /* If we are looking up a domain user, make sure it is
> for the local machine only */
>
> - if (strequal(domain, get_global_sam_name())) {
> + if (strequal(domain, global_myname()) || strequal(domain, get_global_sam_name())){
> + local_lookup = True;
> if (local_lookup_name(name, psid, name_type)) {
> DEBUG(10,
> ("lookup_name: (local) [%s]\\[%s] -> SID %s (type %s: %u)
> \n",
>
>
>
>
> Jianliang Lu
> TieSse s.p.a. Ivrea (To) - Italy
> j.lu at tiesse.com
> luj at libero.it
> http://www.tiesse.com
>
--
Simo Sorce - idra at samba.org
Samba Team - http://www.samba.org
Italian Site - http://samba.xsec.it
More information about the samba-technical
mailing list