From e4930f5f48f8246ceec8add8bf769954a963190c Mon Sep 17 00:00:00 2001
From: Luke Leighton <lkcl@samba.org>
Date: Mon, 30 Nov 1998 15:08:58 +0000
Subject: - adding builtin[alias]db.

- lib/sids.c:

	generate_sam_sid() modified to take a domain name: it now
	generates "DOMAIN_NAME.SID".  reasons:

	1) if you run multiple samba servers on the same machine
	under different netbios names as members of a domain,
	they won't all use the same SID, which is a _big_ mistake
	but it would happen _by default_.

	2) we have (had) a problem with sid_to_string() and string_to_sid()
	which cause SIDs to be incorrectly read.  one of the major
	reasons for *NOT* making this change was so as not to disrupt
	existing users.  but as they will be anyway by this bug,
	we might as well go ahead.

- passdb/smbpass.c:

	wanted to change the meaning of the name in the smbpasswd
	file to an "nt" name not a "unix" name.  this is probably
	not a good idea: reverted this.

- output formatting / bug-fixing in rpcclient query_useraliases code.
---
 source/rpc_server/srv_lsa.c  |  7 +++----
 source/rpc_server/srv_samr.c | 23 +++++++++++++++--------
 2 files changed, 18 insertions(+), 12 deletions(-)

(limited to 'source/rpc_server')

diff --git a/source/rpc_server/srv_lsa.c b/source/rpc_server/srv_lsa.c
index abbe4ccd936..62c8f8a0cd8 100644
--- a/source/rpc_server/srv_lsa.c
+++ b/source/rpc_server/srv_lsa.c
@@ -32,9 +32,7 @@ extern DOM_SID global_sam_sid;
 extern fstring global_sam_name;
 extern DOM_SID global_member_sid;
 extern fstring global_myworkgroup;
-extern DOM_SID global_sid_S_1_1;
-extern DOM_SID global_sid_S_1_3;
-extern DOM_SID global_sid_S_1_5;
+extern DOM_SID global_sid_S_1_5_20;
 
 /***************************************************************************
 lsa_reply_open_policy2
@@ -264,7 +262,8 @@ static void make_lsa_trans_names(DOM_R_REF *ref,
 		else if (sid_split_rid         (&find_sid, &rid) &&
 			 map_domain_sid_to_name(&find_sid, dom_name))
 		{
-			if (sid_equal(&find_sid, &global_sam_sid))
+			if (sid_equal(&find_sid, &global_sam_sid) ||
+			    sid_equal(&find_sid, &global_sid_S_1_5_20))
 			{
 				status = lookup_sid(&tmp_sid, name, &sid_name_use);
 			}
diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c
index fb613c3c51e..d0f139645ca 100644
--- a/source/rpc_server/srv_samr.c
+++ b/source/rpc_server/srv_samr.c
@@ -732,6 +732,7 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
 {
 	uint32 status = 0;
 
+	LOCAL_GRP *mem_grp = NULL;
 	uint32 *rid = NULL;
 	int num_rids = 0;
 	struct sam_passwd *sam_pass;
@@ -781,21 +782,32 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
 
 	if (status == 0x0)
 	{
+		DEBUG(10,("sid is %s\n", dom_sid_str));
+
 		if (sid_equal(&dom_sid, &global_sid_S_1_5_20))
 		{
 			DEBUG(10,("lookup on S-1-5-20\n"));
+
+			become_root(True);
+			getuserbuiltinntnam(sam_pass->nt_name, &mem_grp, &num_rids);
+			unbecome_root(True);
 		}
 		else if (sid_equal(&dom_sid, &usr_sid))
 		{
-			LOCAL_GRP *mem_grp = NULL;
-			num_rids = 0;
-
 			DEBUG(10,("lookup on Domain SID\n"));
 
 			become_root(True);
 			getuseraliasntnam(sam_pass->nt_name, &mem_grp, &num_rids);
 			unbecome_root(True);
+		}
+		else
+		{
+			status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+		}
+	}
 
+	if (status == 0x0 && num_rids > 0)
+	{
 			rid = malloc(num_rids * sizeof(uint32));
 			if (mem_grp != NULL && rid != NULL)
 			{
@@ -805,11 +817,6 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
 					rid[i] = mem_grp[i].rid;
 				}
 				free(mem_grp);
-			}
-		}
-		else
-		{
-			status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
 		}
 	}
 
-- 
cgit