summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-08-04 21:07:32 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:38:32 -0500
commit255475901c13fde29b1b476560d969cc99712767 (patch)
treeac84021d9128f39bcb3e5eb324283c766d456fb6
parent250b9f353118bee4c080655f57d09011679deaf7 (diff)
downloadsamba-255475901c13fde29b1b476560d969cc99712767.tar.gz
samba-255475901c13fde29b1b476560d969cc99712767.tar.xz
samba-255475901c13fde29b1b476560d969cc99712767.zip
r17406: We need to do a translation of winbind separator -> '\\' in
lookup_name_smbconf, otherwise force user = domain+administrator can not work. Also attempt to fix the 'valid users = domain+group' bug at the same time. Volker
-rw-r--r--source/passdb/lookup_sid.c19
-rw-r--r--source/smbd/share_access.c4
2 files changed, 20 insertions, 3 deletions
diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c
index 567ddac3db0..d4c1ff20595 100644
--- a/source/passdb/lookup_sid.c
+++ b/source/passdb/lookup_sid.c
@@ -395,8 +395,25 @@ BOOL lookup_name_smbconf(TALLOC_CTX *mem_ctx,
char *qualified_name;
/* NB. No winbindd_separator here as lookup_name needs \\' */
- if (strchr_m(full_name, '\\')) {
+ if (strchr_m(full_name, *lp_winbind_separator())) {
+
/* The name is already qualified with a domain. */
+
+ if (*lp_winbind_separator() != '\\') {
+ char *p, *tmp;
+
+ /* lookup_name() needs '\\' as a separator */
+
+ tmp = talloc_strdup(mem_ctx, full_name);
+ if (!tmp) {
+ return False;
+ }
+ p = strchr_m(tmp, *lp_winbind_separator());
+ SMB_ASSERT(p != NULL);
+ *p = '\\';
+ full_name = tmp;
+ }
+
return lookup_name(mem_ctx, full_name, flags,
ret_domain, ret_name,
ret_sid, ret_type);
diff --git a/source/smbd/share_access.c b/source/smbd/share_access.c
index 5334976d8dc..09b56c3522b 100644
--- a/source/smbd/share_access.c
+++ b/source/smbd/share_access.c
@@ -97,7 +97,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx,
}
if (!do_group_checks(&name, &prefix)) {
- if (!lookup_name(mem_ctx, name, LOOKUP_NAME_ALL,
+ if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL,
NULL, NULL, &sid, &type)) {
DEBUG(5, ("lookup_name %s failed\n", name));
return False;
@@ -112,7 +112,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx,
for (/* initialized above */ ; *prefix != '\0'; prefix++) {
if (*prefix == '+') {
- if (!lookup_name(mem_ctx, name,
+ if (!lookup_name_smbconf(mem_ctx, name,
LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
NULL, NULL, &sid, &type)) {
DEBUG(5, ("lookup_name %s failed\n", name));