diff options
| author | Gerald Carter <jerry@samba.org> | 2006-03-15 17:40:28 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:15:31 -0500 |
| commit | d2c1842978cd50485849bfc4fb6d94767d96cab0 (patch) | |
| tree | cd50897c106a258887f3f2bbf2f15faa9255e419 | |
| parent | f3879dd6bbbb20524e138b9ba8a54f6464fee5eb (diff) | |
| download | samba-d2c1842978cd50485849bfc4fb6d94767d96cab0.tar.gz samba-d2c1842978cd50485849bfc4fb6d94767d96cab0.tar.xz samba-d2c1842978cd50485849bfc4fb6d94767d96cab0.zip | |
r14457: Add a few more special cases for RID 513 in the samr code.
Now that I know what all the requirements for this group are
I can generalize the code some more and make it cleaner.
But at least this is working with lusrmgr.msc on XP and 2k now.
| -rw-r--r-- | source/groupdb/mapping.c | 18 | ||||
| -rw-r--r-- | source/passdb/passdb.c | 12 | ||||
| -rw-r--r-- | source/passdb/pdb_interface.c | 22 |
3 files changed, 49 insertions, 3 deletions
diff --git a/source/groupdb/mapping.c b/source/groupdb/mapping.c index 04471f9d433..830584979b5 100644 --- a/source/groupdb/mapping.c +++ b/source/groupdb/mapping.c @@ -814,8 +814,24 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) ret = pdb_getgrsid(map, sid); unbecome_root(); - if ( !ret ) + /* special case check for rid 513 */ + + if ( !ret ) { + uint32 rid; + + sid_peek_rid( &sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + fstrcpy( map->nt_name, "None" ); + fstrcpy( map->comment, "Ordinary Users" ); + sid_copy( &map->sid, &sid ); + map->sid_name_use = SID_NAME_DOM_GRP; + + return True; + } + return False; + } DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n")); diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index d795888180f..876f04bdfe7 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -548,6 +548,18 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid, { GROUP_MAP map; BOOL ret; + + /* Windows treats "MACHINE\None" as a special name for + rid 513 on non-DCs. You cannot create a user or group + name "None" on Windows. You will get an error that + the group already exists. */ + + if ( strequal( user, "None" ) ) { + *rid = DOMAIN_GROUP_RID_USERS; + *type = SID_NAME_DOM_GRP; + + return True; + } /* LOOKUP_NAME_GROUP is a hack to allow valid users = @foo to work * correctly in the case where foo also exists as a user. If the flag diff --git a/source/passdb/pdb_interface.c b/source/passdb/pdb_interface.c index 4061e7b5db9..82890fee2dc 100644 --- a/source/passdb/pdb_interface.c +++ b/source/passdb/pdb_interface.c @@ -734,13 +734,31 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx, size_t *p_num_members) { struct pdb_methods *pdb = pdb_get_methods(); + NTSTATUS result; if ( !pdb ) { return NT_STATUS_UNSUCCESSFUL; } - return pdb->enum_group_members(pdb, mem_ctx, sid, - pp_member_rids, p_num_members); + result = pdb->enum_group_members(pdb, mem_ctx, + sid, pp_member_rids, p_num_members); + + /* special check for rid 513 */ + + if ( !NT_STATUS_IS_OK( result ) ) { + uint32 rid; + + sid_peek_rid( sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + *p_num_members = 0; + *pp_member_rids = NULL; + + return NT_STATUS_OK; + } + } + + return result; } NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user, |