diff options
author | Volker Lendecke <vlendec@samba.org> | 2006-07-13 16:28:38 +0000 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2006-07-13 16:28:38 +0000 |
commit | 89d086948eb02ad62542296fe15bac6e1a501b45 (patch) | |
tree | b89d9951b8b1989ff4d414da64bc70bce166e386 | |
parent | 3207952580505a063e262a243d6c54eb7072c88b (diff) | |
download | samba-89d086948eb02ad62542296fe15bac6e1a501b45.tar.gz samba-89d086948eb02ad62542296fe15bac6e1a501b45.tar.xz samba-89d086948eb02ad62542296fe15bac6e1a501b45.zip |
r17016: Different and smaller fix for the valid users = username problem.
If no winbind is around, the best we can do to get the user's token correct is
to ask unix via create_token_from_username. More investigation is needed if
this also fixes the +groupname for unmapped groups problems more cleanly.
Volker
-rw-r--r-- | source/auth/auth_util.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 823bf8c3228..9fcaffa3d65 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -950,7 +950,13 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info) return NT_STATUS_NO_MEMORY; } - if (server_info->was_mapped) { + /* + * If winbind is not around, we can not make much use of the SIDs the + * domain controller provided us with. Likewise if the user name was + * mapped to some local unix user. + */ + + if ((!winbind_ping()) || (server_info->was_mapped)) { status = create_token_from_username(server_info, server_info->unix_name, server_info->guest, |