diff options
Diffstat (limited to 'source3/nsswitch')
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_pam.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 10 |
3 files changed, 14 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index 092651c9a7..e1e4443442 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -107,7 +107,9 @@ static BOOL fill_grent_mem(struct winbindd_domain *domain, DEBUG(10, ("fill_grent_mem(): processing name %s\n", the_name)); - /* Only add domain users */ + /* FIXME: need to cope with groups within groups. These + occur in Universal groups on a Windows 2000 native mode + server. */ if (name_types[i] != SID_NAME_USER) { DEBUG(3, ("fill_grent_mem(): name %s isn't a domain " diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 406b12c9f6..5cf819a19d 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -141,6 +141,8 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) auth_dc, trust_passwd, last_change_time); + free_serversupplied_info(&server_info); /* No info needed */ + return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; } @@ -218,6 +220,8 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) auth_dc, trust_passwd, last_change_time); + free_serversupplied_info(&server_info); /* No info needed */ + return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; } diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index 614198673b..6a0a5389ef 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -344,6 +344,9 @@ BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 i, total_names = 0; + /* Step #1: Get a list of user rids that are the members of the + group. */ + if (!(group_hnd = cm_get_sam_group_handle(domain->name, &domain->sid, group_rid))) goto done; @@ -357,9 +360,10 @@ BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain, if (!NT_STATUS_IS_OK(result)) goto done; - /* Convert list of rids into list of names. Do this in bunches of - ~1000 to avoid crashing NT4. It looks like there is a buffer - overflow or something like that lurking around somewhere. */ + /* Step #2: Convert list of rids into list of usernames. Do this + in bunches of ~1000 to avoid crashing NT4. It looks like there + is a buffer overflow or something like that lurking around + somewhere. */ if (!(dom_hnd = cm_get_sam_dom_handle(domain->name, &domain->sid))) goto done; |