The branch, v3-6-test has been updated
via ce8dfb6 s3-winbind: Fix bug #9052 resolving our own "Domain Local"
groups.
from 7ea0c96 s3-printing: fix broken print_job_get_name() return
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit ce8dfb6be131edb94191a78bf28102415b5d8c4c
Author: Andreas Schneider <[email protected]>
Date: Fri Jul 20 17:12:09 2012 -0700
s3-winbind: Fix bug #9052 resolving our own "Domain Local" groups.
We don't resolve our own "Domain Local" groups since bug #7843 has been
fixed. So we need to add the add resource groups to the sid list too.
Before bug #7843 the "Domain Local" groups were added with a
lookupuseraliases call, but this isn't done anymore for our domain
so we need to resolve resource groups here.
When to use Resource Groups:
http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx
Signed-off-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 3 +--
source3/lib/util_sid.c | 9 +--------
source3/winbindd/winbindd_pam.c | 2 +-
source3/winbindd/winbindd_util.c | 12 +++++++++---
4 files changed, 12 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index e22fc9c..720f431 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -809,8 +809,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const struct netr_SamInfo3 *info3,
struct dom_sid **user_sids,
uint32_t *num_user_sids,
- bool include_user_group_rid,
- bool skip_ressource_groups);
+ bool include_user_group_rid);
/* The following definitions come from lib/util_sock.c */
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index f080d3d..f051b7a 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -130,8 +130,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
const struct netr_SamInfo3 *info3,
struct dom_sid **user_sids,
uint32_t *num_user_sids,
- bool include_user_group_rid,
- bool skip_ressource_groups)
+ bool include_user_group_rid)
{
NTSTATUS status;
struct dom_sid sid;
@@ -191,12 +190,6 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
*/
for (i = 0; i < info3->sidcount; i++) {
-
- if (skip_ressource_groups &&
- (info3->sids[i].attributes & SE_GROUP_RESOURCE)) {
- continue;
- }
-
status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
&sid_array, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 4c078df..55069f6 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -306,7 +306,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3
*info3,
status = sid_array_from_info3(talloc_tos(), info3,
&token->sids,
&token->num_sids,
- true, false);
+ true);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
return status;
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 63cb2d2..37b6578 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1033,12 +1033,18 @@ NTSTATUS lookup_usergroups_cached(struct
winbindd_domain *domain,
return NT_STATUS_UNSUCCESSFUL;
}
- /* Skip Domain local groups outside our domain.
- We'll get these from the getsidaliases() RPC call. */
+ /*
+ * Before bug #7843 the "Domain Local" groups were added with a
+ * lookupuseraliases call, but this isn't done anymore for our domain
+ * so we need to resolve resource groups here.
+ *
+ * When to use Resource Groups:
+ * http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx
+ */
status = sid_array_from_info3(mem_ctx, info3,
user_sids,
&num_groups,
- false, true);
+ false);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(info3);
--
Samba Shared Repository
