diff options
author | Volker Lendecke <vlendec@samba.org> | 2006-08-04 21:07:32 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:38:32 -0500 |
commit | 255475901c13fde29b1b476560d969cc99712767 (patch) | |
tree | ac84021d9128f39bcb3e5eb324283c766d456fb6 | |
parent | 250b9f353118bee4c080655f57d09011679deaf7 (diff) | |
download | samba-255475901c13fde29b1b476560d969cc99712767.tar.gz samba-255475901c13fde29b1b476560d969cc99712767.tar.xz samba-255475901c13fde29b1b476560d969cc99712767.zip |
r17406: We need to do a translation of winbind separator -> '\\' in
lookup_name_smbconf, otherwise
force user = domain+administrator
can not work. Also attempt to fix the 'valid users = domain+group' bug at the
same time.
Volker
-rw-r--r-- | source/passdb/lookup_sid.c | 19 | ||||
-rw-r--r-- | source/smbd/share_access.c | 4 |
2 files changed, 20 insertions, 3 deletions
diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index 567ddac3db0..d4c1ff20595 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -395,8 +395,25 @@ BOOL lookup_name_smbconf(TALLOC_CTX *mem_ctx, char *qualified_name; /* NB. No winbindd_separator here as lookup_name needs \\' */ - if (strchr_m(full_name, '\\')) { + if (strchr_m(full_name, *lp_winbind_separator())) { + /* The name is already qualified with a domain. */ + + if (*lp_winbind_separator() != '\\') { + char *p, *tmp; + + /* lookup_name() needs '\\' as a separator */ + + tmp = talloc_strdup(mem_ctx, full_name); + if (!tmp) { + return False; + } + p = strchr_m(tmp, *lp_winbind_separator()); + SMB_ASSERT(p != NULL); + *p = '\\'; + full_name = tmp; + } + return lookup_name(mem_ctx, full_name, flags, ret_domain, ret_name, ret_sid, ret_type); diff --git a/source/smbd/share_access.c b/source/smbd/share_access.c index 5334976d8dc..09b56c3522b 100644 --- a/source/smbd/share_access.c +++ b/source/smbd/share_access.c @@ -97,7 +97,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx, } if (!do_group_checks(&name, &prefix)) { - if (!lookup_name(mem_ctx, name, LOOKUP_NAME_ALL, + if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL, NULL, NULL, &sid, &type)) { DEBUG(5, ("lookup_name %s failed\n", name)); return False; @@ -112,7 +112,7 @@ static BOOL token_contains_name(TALLOC_CTX *mem_ctx, for (/* initialized above */ ; *prefix != '\0'; prefix++) { if (*prefix == '+') { - if (!lookup_name(mem_ctx, name, + if (!lookup_name_smbconf(mem_ctx, name, LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP, NULL, NULL, &sid, &type)) { DEBUG(5, ("lookup_name %s failed\n", name)); |