The Samba-Bugzilla – Attachment 13143 Details for
Bug 12729
Trigger passdb_dsdb initialisation
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for 4.5 and 4.6 cherry-picked from master
bug12729-v45,v46.patch (text/plain), 3.11 KB, created by
Ralph Böhme
on 2017-04-07 09:09:12 UTC
(
hide
)
Description:
Patch for 4.5 and 4.6 cherry-picked from master
Filename:
MIME Type:
Creator:
Ralph Böhme
Created:
2017-04-07 09:09:12 UTC
Size:
3.11 KB
patch
obsolete
>From c9367871ce61e3b5e04872c00ca62860d7d59567 Mon Sep 17 00:00:00 2001 >From: Ralph Boehme <slow@samba.org> >Date: Wed, 29 Mar 2017 11:13:46 +0200 >Subject: [PATCH] winbindd: trigger possible passdb_dsdb initialisation > >If the passdb backend is passdb_dsdb the domain SID comes from dsdb, not >from secrets.tdb. As we use the domain SID in various places, we must >ensure the domain SID is migrated from dsdb to secrets.tdb before >get_global_sam_sid() is called the first time. > >The migration is done as part of the passdb_dsdb initialisation, calling >pdb_get_domain_info() triggers it. > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=12729 > >Signed-off-by: Ralph Boehme <slow@samba.org> >Reviewed-by: Jeremy Allison <jra@samba.org> > >Autobuild-User(master): Jeremy Allison <jra@samba.org> >Autobuild-Date(master): Sat Apr 1 21:18:59 CEST 2017 on sn-devel-144 > >(cherry picked from commit 8b32fc4006ae338ddee7c0e5991958ec3463da0d) >--- > selftest/knownfail | 4 ---- > source3/winbindd/winbindd_util.c | 14 ++++++++++++-- > 2 files changed, 12 insertions(+), 6 deletions(-) > >diff --git a/selftest/knownfail b/selftest/knownfail >index d96e238..6ca0244 100644 >--- a/selftest/knownfail >+++ b/selftest/knownfail >@@ -222,10 +222,6 @@ > # > ^samba4.winbind.struct.domain_info\(s4member:local\) > ^samba4.winbind.struct.getdcname\(s4member:local\) >-^samba.blackbox.wbinfo\(s4member:local\).wbinfo -r against s4member\(s4member:local\) >-^samba.blackbox.wbinfo\(s4member:local\).wbinfo --user-sids against s4member\(s4member:local\) >-^samba.wbinfo_simple.\(s4member:local\).--user-groups >-^samba.nss.test using winbind\(s4member:local\) > # > # These fail since ad_dc_ntvfs assigns the local user's uid to SAMBADOMAIN/Administrator > # hence we have a duplicate UID in nsswitch. >diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c >index ab6862d..d9a0d51 100644 >--- a/source3/winbindd/winbindd_util.c >+++ b/source3/winbindd/winbindd_util.c >@@ -795,6 +795,7 @@ static bool migrate_secrets_tdb_to_ldb(struct winbindd_domain *domain) > bool init_domain_list(void) > { > int role = lp_server_role(); >+ struct pdb_domain_info *pdb_domain_info = NULL; > NTSTATUS status; > > /* Free existing list */ >@@ -806,15 +807,24 @@ bool init_domain_list(void) > > /* Local SAM */ > >+ /* >+ * In case the passdb backend is passdb_dsdb the domain SID comes from >+ * dsdb, not from secrets.tdb. As we use the domain SID in various >+ * places, we must ensure the domain SID is migrated from dsdb to >+ * secrets.tdb before get_global_sam_sid() is called the first time. >+ * >+ * The migration is done as part of the passdb_dsdb initialisation, >+ * calling pdb_get_domain_info() triggers it. >+ */ >+ pdb_domain_info = pdb_get_domain_info(talloc_tos()); >+ > if ( role == ROLE_ACTIVE_DIRECTORY_DC ) { > struct winbindd_domain *domain; > enum netr_SchannelType sec_chan_type; > const char *account_name; > struct samr_Password current_nt_hash; >- struct pdb_domain_info *pdb_domain_info; > bool ok; > >- pdb_domain_info = pdb_get_domain_info(talloc_tos()); > if (pdb_domain_info == NULL) { > DEBUG(0, ("Failed to fetch our own, local AD " > "domain info from sam.ldb\n")); >-- >2.9.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=13143">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
slow
:
review?
(
jra
)
metze
:
review+
Actions:
View
Attachments on
bug 12729
: 13143