[PATCH] store SID's in SAM_ACCOUNT
Stefan (metze) Metzmacher
metze at metzemix.de
Tue May 28 04:54:01 GMT 2002
Hi Andrew,
(we talk about this on irc yesterday...)
This patch changes the SAM_ACCOUNT struct.
It now stores the (user/group) SID not RID.
I think it's much better to make it possible to store the full sid in the
pdb backend,(SID -> uid) as it is done inthe group mapping ( SID -> gid).
the functions pdb_(s/g)et_user_rid() should move to pdb_(s/g)et_user_sid()...
there are:
pdb_set_user_sid_from_rid() - to append the rid to the global_sam_sid
witch is now use by the passdb backends
But for now there are wrappers to provide the old functions:
pdb_(s/g)et_user_rid()
TEST:
- I have tested this and works for me:-)
- With smbd there no problems:-)
- the only problem was that the pdbedit command didn't have the
global_sam_sid so you got S-0-0-1000 a SID for root in the debug message
that's not a problem till we change from the pdb_get_user_rid() function to
pdb_get_user_sid().:-( (we need to fix this...)
metze
Patch:
--------------------------------------------------------------------------------------
--- HEAD/source/include/smb.h Tue May 21 14:07:13 2002
+++ HEAD-fix/source/include/smb.h Mon May 27 11:28:59 2002
@@ -624,8 +624,8 @@
uid_t uid; /* this is a unix uid_t */
gid_t gid; /* this is a unix gid_t */
- uint32 user_rid; /* Primary User ID */
- uint32 group_rid; /* Primary Group ID */
+ DOM_SID user_sid; /* Primary User SID */
+ DOM_SID group_sid; /* Primary Group SID */
DATA_BLOB lm_pw; /* .data is Null if no password */
DATA_BLOB nt_pw; /* .data is Null if no password */
diff -Nur HEAD/source/passdb/passdb.c HEAD-fix/source/passdb/passdb.c
--- HEAD/source/passdb/passdb.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/passdb.c Mon May 27 13:03:58 2002
@@ -185,7 +185,7 @@
-- abartlet 11-May-02
*/
- pdb_set_user_rid(sam_account,
+ pdb_set_user_sid_from_rid(sam_account,
fallback_pdb_uid_to_user_rid(pwd->pw_uid));
/* call the mapping code here */
@@ -196,7 +196,7 @@
rid=pdb_gid_to_group_rid(pwd->pw_gid);
}
- pdb_set_group_rid(sam_account, rid);
+ pdb_set_group_sid_from_rid(sam_account, rid);
/* check if this is a user account or a machine account */
if (pwd->pw_name[strlen(pwd->pw_name)-1] != '$')
@@ -1002,9 +1002,9 @@
pdb_set_munged_dial(to ,
pdb_unistr2_convert(&from->uni_munged_dial ));
if (from->user_rid)
- pdb_set_user_rid(to, from->user_rid);
+ pdb_set_user_sid_from_rid(to, from->user_rid);
if (from->group_rid)
- pdb_set_group_rid(to, from->group_rid);
+ pdb_set_group_sid_from_rid(to, from->group_rid);
pdb_set_acct_ctrl(to, from->acb_info);
pdb_set_unknown_3(to, from->unknown_3);
@@ -1057,9 +1057,9 @@
pdb_set_munged_dial(to ,
pdb_unistr2_convert(&from->uni_munged_dial ));
if (from->user_rid)
- pdb_set_user_rid(to, from->user_rid);
+ pdb_set_user_sid_from_rid(to, from->user_rid);
if (from->group_rid)
- pdb_set_group_rid(to, from->group_rid);
+ pdb_set_group_sid_from_rid(to, from->group_rid);
/* FIXME!! Do we need to copy the passwords here as well?
I don't know. Need to figure this out --jerry */
diff -Nur HEAD/source/passdb/pdb_get_set.c HEAD-fix/source/passdb/pdb_get_set.c
--- HEAD/source/passdb/pdb_get_set.c Tue May 21 14:07:17 2002
+++ HEAD-fix/source/passdb/pdb_get_set.c Tue May 28 13:33:19 2002
@@ -5,6 +5,7 @@
Copyright (C) Luke Kenneth Casson Leighton 1996-1998
Copyright (C) Gerald (Jerry) Carter 2000-2001
Copyright (C) Andrew Bartlett 2001-2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -155,21 +156,35 @@
else
return (NULL);
}
+const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass)
+{
+ return &sampass->private.user_sid;
+}
+
+const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass)
+{
+ return &sampass->private.group_sid;
+}
uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass)
{
+ uint32 u_rid;
+
if (sampass)
- return (sampass->private.user_rid);
- else
- return (-1);
+ if(sid_peek_rid((DOM_SID *)&sampass->private.user_sid,&u_rid))
+ return u_rid;
+
+ return (-1);
}
uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass)
{
+ uint32 g_rid;
+
if (sampass)
- return (sampass->private.group_rid);
- else
- return (-1);
+ if(sid_peek_rid((DOM_SID *)&sampass->private.group_sid,&g_rid))
+ return g_rid;
+ return (-1);
}
/**
@@ -487,28 +502,85 @@
}
-BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
+BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid)
{
+ fstring string;
+
+ if(!sampass||!u_sid)
+ return False;
+
+ sid_copy(&sampass->private.user_sid,u_sid);
+
+ DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n",
+ sid_to_string(string,u_sid)));
+
+ return True;
+}
+
+BOOL pdb_set_group_sid(SAM_ACCOUNT *sampass, DOM_SID *g_sid)
+{
+ fstring string;
+
+ if (!sampass||!g_sid)
+ return False;
+
+ sid_copy(&sampass->private.group_sid,g_sid);
+
+ DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n",
+ sid_to_string(string,g_sid)));
+
+ return True;
+}
+
+BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid)
+{
+ DOM_SID u_sid;
+ fstring string;
+
if (!sampass)
return False;
- DEBUG(10, ("pdb_set_rid: setting user rid %d, was %d\n",
- rid, sampass->private.user_rid));
+ sid_copy(&u_sid,&global_sam_sid);
+
+ if(!sid_append_rid(&u_sid,rid))
+ return False;
+
+ DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from
rid %d\n",
+ sid_to_string(string,&u_sid),rid));
- sampass->private.user_rid = rid;
+ sid_copy(&sampass->private.user_sid,&u_sid);
+
return True;
}
-BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
+BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid)
{
+ DOM_SID g_sid;
+ fstring string;
+
if (!sampass)
return False;
+
+ sid_copy(&g_sid,&global_sam_sid);
+ if(!sid_append_rid(&g_sid,grid))
+ return False;
+
+ sid_copy(&sampass->private.group_sid,&g_sid);
+
+ DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s
from rid %d\n",
+ sid_to_string(string,&g_sid),grid));
- DEBUG(10, ("pdb_set_group_rid: setting group rid %d, was %d\n",
- grid, sampass->private.group_rid));
-
- sampass->private.group_rid = grid;
return True;
+}
+
+BOOL pdb_set_user_rid(SAM_ACCOUNT *sampass, uint32 rid)
+{
+ return pdb_set_user_sid_from_rid(sampass,rid);
+}
+
+BOOL pdb_set_group_rid(SAM_ACCOUNT *sampass, uint32 grid)
+{
+ return pdb_set_group_sid_from_rid(sampass,grid);
}
/*********************************************************************
diff -Nur HEAD/source/passdb/pdb_ldap.c HEAD-fix/source/passdb/pdb_ldap.c
--- HEAD/source/passdb/pdb_ldap.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/pdb_ldap.c Mon May 27 12:54:00 2002
@@ -780,8 +780,8 @@
pdb_set_hours_len(sampass, hours_len);
pdb_set_logon_divs(sampass, logon_divs);
- pdb_set_user_rid(sampass, user_rid);
- pdb_set_group_rid(sampass, group_rid);
+ pdb_set_user_sid_from_rid(sampass, user_rid);
+ pdb_set_group_sid_from_rid(sampass, group_rid);
pdb_set_username(sampass, username);
diff -Nur HEAD/source/passdb/pdb_nisplus.c HEAD-fix/source/passdb/pdb_nisplus.c
--- HEAD/source/passdb/pdb_nisplus.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/pdb_nisplus.c Mon May 27 12:59:29 2002
@@ -339,8 +339,8 @@
pdb_set_uid(pw_buf, atoi(ENTRY_VAL(obj, NPF_UID)));
pdb_set_gid(pw_buf, atoi(ENTRY_VAL(obj, NPF_SMB_GRPID)));
- pdb_set_user_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID)));
- pdb_set_group_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID)));
+ pdb_set_user_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID)));
+ pdb_set_group_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID)));
/* values, must exist for user */
if( !(pdb_get_acct_ctrl(pw_buf) & ACB_WSTRUST) ) {
@@ -381,7 +381,7 @@
else
{
/* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
- pdb_set_group_rid (pw_buf, DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS);
}
/* Check the lanman password column. */
diff -Nur HEAD/source/passdb/pdb_smbpasswd.c
HEAD-fix/source/passdb/pdb_smbpasswd.c
--- HEAD/source/passdb/pdb_smbpasswd.c Mon May 27 13:11:02 2002
+++ HEAD-fix/source/passdb/pdb_smbpasswd.c Mon May 27 12:57:37 2002
@@ -1242,14 +1242,14 @@
&& (pw_buf->smb_userid >= smbpasswd_state->low_nua_userid)
&& (pw_buf->smb_userid <= smbpasswd_state->high_nua_userid)) {
- pdb_set_user_rid(sam_pass, fallback_pdb_uid_to_user_rid
(pw_buf->smb_userid));
+ pdb_set_user_sid_from_rid(sam_pass,
fallback_pdb_uid_to_user_rid (pw_buf->smb_userid));
/* lkclXXXX this is OBSERVED behaviour by NT PDCs,
enforced here.
This was down the bottom for machines, but it looks
pretty good as
a general default for non-unix users. --abartlet 2002-01-08
*/
- pdb_set_group_rid (sam_pass, DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS);
pdb_set_username (sam_pass, pw_buf->smb_name);
pdb_set_domain (sam_pass, lp_workgroup());
} else {
diff -Nur HEAD/source/passdb/pdb_tdb.c HEAD-fix/source/passdb/pdb_tdb.c
--- HEAD/source/passdb/pdb_tdb.c Mon May 27 13:11:02 2002
+++ HEAD-fix/source/passdb/pdb_tdb.c Mon May 27 12:58:02 2002
@@ -246,8 +246,8 @@
}
}
- pdb_set_user_rid(sampass, user_rid);
- pdb_set_group_rid(sampass, group_rid);
+ pdb_set_user_sid_from_rid(sampass, user_rid);
+ pdb_set_group_sid_from_rid(sampass, group_rid);
pdb_set_unknown_3(sampass, unknown_3);
pdb_set_hours_len(sampass, hours_len);
pdb_set_unknown_5(sampass, unknown_5);
@@ -775,7 +775,7 @@
goto done;
}
}
- pdb_set_user_rid(newpwd, user_rid);
+ pdb_set_user_sid_from_rid(newpwd, user_rid);
} else {
user_rid = tdb_state->low_nua_rid;
tdb_ret =
tdb_change_uint32_atomic(pwd_tdb, "NUA_RID_COUNTER", &user_rid,
RID_MULTIPLIER);
@@ -788,7 +788,7 @@
ret = False;
goto done;
}
- pdb_set_user_rid(newpwd, user_rid);
+ pdb_set_user_sid_from_rid(newpwd, user_rid);
}
} else {
DEBUG (0,("tdb_update_sam: Failing to store a
SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
@@ -805,7 +805,7 @@
goto done;
} else {
/* This seems like a good default choice
for non-unix users */
- pdb_set_group_rid(newpwd,
DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid(newpwd,
DOMAIN_GROUP_RID_USERS);
}
} else {
DEBUG (0,("tdb_update_sam: Failing to store a
SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));
-------------------------------------------------------------------------------------------------------------
metze
-----------------------------------------------------------------------------
Stefan "metze" Metzmacher <metze at metzemix.de>
-------------- next part --------------
--- HEAD/source/include/smb.h Tue May 21 14:07:13 2002
+++ HEAD-fix/source/include/smb.h Mon May 27 11:28:59 2002
@@ -624,8 +624,8 @@
uid_t uid; /* this is a unix uid_t */
gid_t gid; /* this is a unix gid_t */
- uint32 user_rid; /* Primary User ID */
- uint32 group_rid; /* Primary Group ID */
+ DOM_SID user_sid; /* Primary User SID */
+ DOM_SID group_sid; /* Primary Group SID */
DATA_BLOB lm_pw; /* .data is Null if no password */
DATA_BLOB nt_pw; /* .data is Null if no password */
diff -Nur HEAD/source/passdb/passdb.c HEAD-fix/source/passdb/passdb.c
--- HEAD/source/passdb/passdb.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/passdb.c Mon May 27 13:03:58 2002
@@ -185,7 +185,7 @@
-- abartlet 11-May-02
*/
- pdb_set_user_rid(sam_account,
+ pdb_set_user_sid_from_rid(sam_account,
fallback_pdb_uid_to_user_rid(pwd->pw_uid));
/* call the mapping code here */
@@ -196,7 +196,7 @@
rid=pdb_gid_to_group_rid(pwd->pw_gid);
}
- pdb_set_group_rid(sam_account, rid);
+ pdb_set_group_sid_from_rid(sam_account, rid);
/* check if this is a user account or a machine account */
if (pwd->pw_name[strlen(pwd->pw_name)-1] != '$')
@@ -1002,9 +1002,9 @@
pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial ));
if (from->user_rid)
- pdb_set_user_rid(to, from->user_rid);
+ pdb_set_user_sid_from_rid(to, from->user_rid);
if (from->group_rid)
- pdb_set_group_rid(to, from->group_rid);
+ pdb_set_group_sid_from_rid(to, from->group_rid);
pdb_set_acct_ctrl(to, from->acb_info);
pdb_set_unknown_3(to, from->unknown_3);
@@ -1057,9 +1057,9 @@
pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial ));
if (from->user_rid)
- pdb_set_user_rid(to, from->user_rid);
+ pdb_set_user_sid_from_rid(to, from->user_rid);
if (from->group_rid)
- pdb_set_group_rid(to, from->group_rid);
+ pdb_set_group_sid_from_rid(to, from->group_rid);
/* FIXME!! Do we need to copy the passwords here as well?
I don't know. Need to figure this out --jerry */
diff -Nur HEAD/source/passdb/pdb_get_set.c HEAD-fix/source/passdb/pdb_get_set.c
--- HEAD/source/passdb/pdb_get_set.c Tue May 21 14:07:17 2002
+++ HEAD-fix/source/passdb/pdb_get_set.c Tue May 28 13:33:19 2002
@@ -5,6 +5,7 @@
Copyright (C) Luke Kenneth Casson Leighton 1996-1998
Copyright (C) Gerald (Jerry) Carter 2000-2001
Copyright (C) Andrew Bartlett 2001-2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -155,21 +156,35 @@
else
return (NULL);
}
+const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass)
+{
+ return &sampass->private.user_sid;
+}
+
+const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass)
+{
+ return &sampass->private.group_sid;
+}
uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass)
{
+ uint32 u_rid;
+
if (sampass)
- return (sampass->private.user_rid);
- else
- return (-1);
+ if(sid_peek_rid((DOM_SID *)&sampass->private.user_sid,&u_rid))
+ return u_rid;
+
+ return (-1);
}
uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass)
{
+ uint32 g_rid;
+
if (sampass)
- return (sampass->private.group_rid);
- else
- return (-1);
+ if(sid_peek_rid((DOM_SID *)&sampass->private.group_sid,&g_rid))
+ return g_rid;
+ return (-1);
}
/**
@@ -487,28 +502,85 @@
}
-BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
+BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid)
{
+ fstring string;
+
+ if(!sampass||!u_sid)
+ return False;
+
+ sid_copy(&sampass->private.user_sid,u_sid);
+
+ DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n",
+ sid_to_string(string,u_sid)));
+
+ return True;
+}
+
+BOOL pdb_set_group_sid(SAM_ACCOUNT *sampass, DOM_SID *g_sid)
+{
+ fstring string;
+
+ if (!sampass||!g_sid)
+ return False;
+
+ sid_copy(&sampass->private.group_sid,g_sid);
+
+ DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n",
+ sid_to_string(string,g_sid)));
+
+ return True;
+}
+
+BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid)
+{
+ DOM_SID u_sid;
+ fstring string;
+
if (!sampass)
return False;
- DEBUG(10, ("pdb_set_rid: setting user rid %d, was %d\n",
- rid, sampass->private.user_rid));
+ sid_copy(&u_sid,&global_sam_sid);
+
+ if(!sid_append_rid(&u_sid,rid))
+ return False;
+
+ DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from rid %d\n",
+ sid_to_string(string,&u_sid),rid));
- sampass->private.user_rid = rid;
+ sid_copy(&sampass->private.user_sid,&u_sid);
+
return True;
}
-BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
+BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid)
{
+ DOM_SID g_sid;
+ fstring string;
+
if (!sampass)
return False;
+
+ sid_copy(&g_sid,&global_sam_sid);
+ if(!sid_append_rid(&g_sid,grid))
+ return False;
+
+ sid_copy(&sampass->private.group_sid,&g_sid);
+
+ DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s from rid %d\n",
+ sid_to_string(string,&g_sid),grid));
- DEBUG(10, ("pdb_set_group_rid: setting group rid %d, was %d\n",
- grid, sampass->private.group_rid));
-
- sampass->private.group_rid = grid;
return True;
+}
+
+BOOL pdb_set_user_rid(SAM_ACCOUNT *sampass, uint32 rid)
+{
+ return pdb_set_user_sid_from_rid(sampass,rid);
+}
+
+BOOL pdb_set_group_rid(SAM_ACCOUNT *sampass, uint32 grid)
+{
+ return pdb_set_group_sid_from_rid(sampass,grid);
}
/*********************************************************************
diff -Nur HEAD/source/passdb/pdb_ldap.c HEAD-fix/source/passdb/pdb_ldap.c
--- HEAD/source/passdb/pdb_ldap.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/pdb_ldap.c Mon May 27 12:54:00 2002
@@ -780,8 +780,8 @@
pdb_set_hours_len(sampass, hours_len);
pdb_set_logon_divs(sampass, logon_divs);
- pdb_set_user_rid(sampass, user_rid);
- pdb_set_group_rid(sampass, group_rid);
+ pdb_set_user_sid_from_rid(sampass, user_rid);
+ pdb_set_group_sid_from_rid(sampass, group_rid);
pdb_set_username(sampass, username);
diff -Nur HEAD/source/passdb/pdb_nisplus.c HEAD-fix/source/passdb/pdb_nisplus.c
--- HEAD/source/passdb/pdb_nisplus.c Mon May 27 13:11:01 2002
+++ HEAD-fix/source/passdb/pdb_nisplus.c Mon May 27 12:59:29 2002
@@ -339,8 +339,8 @@
pdb_set_uid(pw_buf, atoi(ENTRY_VAL(obj, NPF_UID)));
pdb_set_gid(pw_buf, atoi(ENTRY_VAL(obj, NPF_SMB_GRPID)));
- pdb_set_user_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID)));
- pdb_set_group_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID)));
+ pdb_set_user_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID)));
+ pdb_set_group_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID)));
/* values, must exist for user */
if( !(pdb_get_acct_ctrl(pw_buf) & ACB_WSTRUST) ) {
@@ -381,7 +381,7 @@
else
{
/* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
- pdb_set_group_rid (pw_buf, DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS);
}
/* Check the lanman password column. */
diff -Nur HEAD/source/passdb/pdb_smbpasswd.c HEAD-fix/source/passdb/pdb_smbpasswd.c
--- HEAD/source/passdb/pdb_smbpasswd.c Mon May 27 13:11:02 2002
+++ HEAD-fix/source/passdb/pdb_smbpasswd.c Mon May 27 12:57:37 2002
@@ -1242,14 +1242,14 @@
&& (pw_buf->smb_userid >= smbpasswd_state->low_nua_userid)
&& (pw_buf->smb_userid <= smbpasswd_state->high_nua_userid)) {
- pdb_set_user_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid));
+ pdb_set_user_sid_from_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid));
/* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here.
This was down the bottom for machines, but it looks pretty good as
a general default for non-unix users. --abartlet 2002-01-08
*/
- pdb_set_group_rid (sam_pass, DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS);
pdb_set_username (sam_pass, pw_buf->smb_name);
pdb_set_domain (sam_pass, lp_workgroup());
} else {
diff -Nur HEAD/source/passdb/pdb_tdb.c HEAD-fix/source/passdb/pdb_tdb.c
--- HEAD/source/passdb/pdb_tdb.c Mon May 27 13:11:02 2002
+++ HEAD-fix/source/passdb/pdb_tdb.c Mon May 27 12:58:02 2002
@@ -246,8 +246,8 @@
}
}
- pdb_set_user_rid(sampass, user_rid);
- pdb_set_group_rid(sampass, group_rid);
+ pdb_set_user_sid_from_rid(sampass, user_rid);
+ pdb_set_group_sid_from_rid(sampass, group_rid);
pdb_set_unknown_3(sampass, unknown_3);
pdb_set_hours_len(sampass, hours_len);
pdb_set_unknown_5(sampass, unknown_5);
@@ -775,7 +775,7 @@
goto done;
}
}
- pdb_set_user_rid(newpwd, user_rid);
+ pdb_set_user_sid_from_rid(newpwd, user_rid);
} else {
user_rid = tdb_state->low_nua_rid;
tdb_ret = tdb_change_uint32_atomic(pwd_tdb, "NUA_RID_COUNTER", &user_rid, RID_MULTIPLIER);
@@ -788,7 +788,7 @@
ret = False;
goto done;
}
- pdb_set_user_rid(newpwd, user_rid);
+ pdb_set_user_sid_from_rid(newpwd, user_rid);
}
} else {
DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd)));
@@ -805,7 +805,7 @@
goto done;
} else {
/* This seems like a good default choice for non-unix users */
- pdb_set_group_rid(newpwd, DOMAIN_GROUP_RID_USERS);
+ pdb_set_group_sid_from_rid(newpwd, DOMAIN_GROUP_RID_USERS);
}
} else {
DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));
More information about the samba-technical
mailing list