diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 10:10:25 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 10:10:25 +0000 |
commit | 151dd7bc6c61e19a993017e5e0b50314801e26de (patch) | |
tree | fa48e8b232a8c3136fbecaf06889c3e36845d6b8 /source/lib/username.c | |
parent | c84fa7f5fd62940e397d3353fb688f283349393e (diff) | |
download | samba-151dd7bc6c61e19a993017e5e0b50314801e26de.tar.gz samba-151dd7bc6c61e19a993017e5e0b50314801e26de.tar.xz samba-151dd7bc6c61e19a993017e5e0b50314801e26de.zip |
Bring this code into line with new winbind_lookup_name() interface. I think
this might need a bit more work - or at least documentation.
This is certainly a worthwile little hack, as it avoids the need to invert the
group database. I don't think we should allow unqualified domains here - as
that allows us to distinguish between (at least some) usernames and these
'special' groups.
Diffstat (limited to 'source/lib/username.c')
-rw-r--r-- | source/lib/username.c | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/source/lib/username.c b/source/lib/username.c index 7c8c9c740da..f256b1d6f85 100644 --- a/source/lib/username.c +++ b/source/lib/username.c @@ -33,7 +33,7 @@ static struct passwd *uname_string_combinations2(char *s, int offset, struct pas BOOL name_is_local(const char *name) { - return !(strchr_m(name, *lp_winbind_separator()) || lp_winbind_use_default_domain()); + return !(strchr_m(name, *lp_winbind_separator())); } /**************************************************************************** @@ -535,16 +535,29 @@ BOOL user_in_list(const char *user,char **list) enum SID_NAME_USE name_type; BOOL winbind_answered = False; BOOL ret; - - /* Check to see if name is a Windows group */ - if (winbind_lookup_name(*list, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { - + fstring groupname, domain; + + /* Parse a string of the form DOMAIN/user into a domain and a user */ + + char *p = strchr(*list,*lp_winbind_separator()); + + DEBUG(10,("user_in_list: checking if user |%s| is in winbind group |%s|\n", user, *list)); + + if (p) { + fstrcpy(groupname, p+1); + fstrcpy(domain, *list); + domain[PTR_DIFF(p, *list)] = 0; + + /* Check to see if name is a Windows group */ + if (winbind_lookup_name(groupname, domain, &g_sid, &name_type) && name_type == SID_NAME_DOM_GRP) { + /* Check if user name is in the Windows group */ - ret = user_in_winbind_group_list(user, *list, &winbind_answered); - - if (winbind_answered && ret == True) { - DEBUG(10,("user_in_list: user |%s| is in group |%s|\n", user, *list)); - return ret; + ret = user_in_winbind_group_list(user, *list, &winbind_answered); + + if (winbind_answered && ret == True) { + DEBUG(10,("user_in_list: user |%s| is in winbind group |%s|\n", user, *list)); + return ret; + } } } } |