[PATCH] Fix for bug 12164

Ralph Böhme slow at samba.org
Wed Nov 28 11:51:01 UTC 2018 

Hi!

Attached is a fix for bug 12164.

Fixes lookupnames in winbindd for names in the "NT Authority" domain.

Please review&push if happy. Thanks!

-slow

-- 
Ralph Boehme, Samba Team                https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG-Fingerprint   FAE2C6088A24252051C559E4AA1E9B7126399E46
-------------- next part --------------
From 42536ec0fe7a61e9efaf772515cf28a6d2dcad99 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 27 Nov 2018 20:32:09 +0100
Subject: [PATCH 1/3] selftest: test wbinfo -n and --gid-info with "NT
 Authority"

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12164

Signed-off-by: Ralph Boehme <slow at samba.org>
---
 nsswitch/tests/test_wbinfo.sh              | 18 ++++++++++++++++++
 selftest/knownfail.d/samba.blackbox.wbinfo |  2 ++
 2 files changed, 20 insertions(+)
 create mode 100644 selftest/knownfail.d/samba.blackbox.wbinfo

diff --git a/nsswitch/tests/test_wbinfo.sh b/nsswitch/tests/test_wbinfo.sh
index 67660e50fc8..2ac83828a0e 100755
--- a/nsswitch/tests/test_wbinfo.sh
+++ b/nsswitch/tests/test_wbinfo.sh
@@ -125,6 +125,24 @@ else
 	echo "success: wbinfo -n check for sane mapping"
 fi
 
+echo "test: wbinfo -n NT Authority/Authenticated Users"
+$wbinfo -n "NT Authority/Authenticated Users"
+if [ $? -ne 0 ] ; then
+    echo "failure: wbinfo -n NT Authority/Authenticated Users"
+    failed=`expr $failed + 1`
+else
+    echo "success: wbinfo -n NT Authority/Authenticated Users"
+fi
+
+echo "test: wbinfo --group-info NT Authority/Authenticated Users"
+$wbinfo --group-info "NT Authority/Authenticated Users"
+if [ $? -ne 0 ] ; then
+    echo "failure: wbinfo --group-info NT Authority/Authenticated Users"
+    failed=`expr $failed + 1`
+else
+    echo "success: wbinfo --group-info NT Authority/Authenticated Users"
+fi
+
 testit "wbinfo -U against $TARGET" $wbinfo -U 30000 || failed=`expr $failed + 1`
 
 echo "test: wbinfo -U check for sane mapping"
diff --git a/selftest/knownfail.d/samba.blackbox.wbinfo b/selftest/knownfail.d/samba.blackbox.wbinfo
new file mode 100644
index 00000000000..e294c2d3c15
--- /dev/null
+++ b/selftest/knownfail.d/samba.blackbox.wbinfo
@@ -0,0 +1,2 @@
+^samba.blackbox.wbinfo\(.*\).wbinfo -n NT Authority/Authenticated Users\(.*\)
+^samba.blackbox.wbinfo\(.*\).wbinfo --group-info NT Authority/Authenticated Users\(.*\)
-- 
2.17.2


From 843bd6f354016a1d6f8c0eef2970082e696e7e52 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 27 Nov 2018 17:32:09 +0100
Subject: [PATCH 2/3] winbindd: add some braces

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12164

Signed-off-by: Ralph Boehme <slow at samba.org>
---
 source3/winbindd/winbindd_util.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 9bc25d98c4e..090a90574ce 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1527,7 +1527,9 @@ struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
 
 	if (strequal(domain_name, "BUILTIN") ||
 	    strequal(domain_name, get_global_sam_name()))
+	{
 		return find_domain_from_name_noinit(domain_name);
+	}
 
 	if (IS_DC) {
 		struct winbindd_domain *domain = NULL;
-- 
2.17.2


From db561150eb5e092a7ab28f1e7099bea8b2f8b803 Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow at samba.org>
Date: Tue, 27 Nov 2018 17:05:58 +0100
Subject: [PATCH 3/3] winbindd: handle "NT Authority"

Without this:

  $ bin/wbinfo -n "NT Authority/Authenticated Users"
  failed to call wbcLookupName: WBC_ERR_DOMAIN_NOT_FOUND
  Could not lookup name NT Authority/Authenticated Users

  $ bin/wbinfo --group-info="NT Authority/Authenticated Users"
  failed to call wbcGetgrnam: WBC_ERR_DOMAIN_NOT_FOUND
  Could not get info for group NT Authority/Authenticated Users

With the patch:

  $ bin/wbinfo -n "NT Authority/Authenticated Users"
  S-1-5-11 SID_WKN_GROUP (5)

  $ bin/wbinfo --group-info="NT Authority/Authenticated Users"
  NT AUTHORITY\authenticated users:x:10002:

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12164

Signed-off-by: Ralph Boehme <slow at samba.org>
---
 selftest/knownfail.d/samba.blackbox.wbinfo | 2 --
 source3/winbindd/winbindd_util.c           | 7 ++++---
 2 files changed, 4 insertions(+), 5 deletions(-)
 delete mode 100644 selftest/knownfail.d/samba.blackbox.wbinfo

diff --git a/selftest/knownfail.d/samba.blackbox.wbinfo b/selftest/knownfail.d/samba.blackbox.wbinfo
deleted file mode 100644
index e294c2d3c15..00000000000
--- a/selftest/knownfail.d/samba.blackbox.wbinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-^samba.blackbox.wbinfo\(.*\).wbinfo -n NT Authority/Authenticated Users\(.*\)
-^samba.blackbox.wbinfo\(.*\).wbinfo --group-info NT Authority/Authenticated Users\(.*\)
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 090a90574ce..82ec004436a 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1516,11 +1516,12 @@ struct winbindd_domain *find_lookup_domain_from_sid(const struct dom_sid *sid)
 struct winbindd_domain *find_lookup_domain_from_name(const char *domain_name)
 {
 	if ( strequal(domain_name, unix_users_domain_name() ) ||
-	     strequal(domain_name, unix_groups_domain_name() ) )
+	     strequal(domain_name, unix_groups_domain_name() ) ||
+	     strequal(domain_name, "NT Authority"))
 	{
 		/*
-		 * The "Unix User" and "Unix Group" domain our handled by
-		 * passdb
+		 * The "Unix User", "Unix Group" and "NT Authority" domains are
+		 * handled by passdb
 		 */
 		return find_domain_from_name_noinit( get_global_sam_name() );
 	}
-- 
2.17.2

More information about the samba-technical mailing list