The Samba-Bugzilla – Attachment 9469 Details for
Bug 8598
force user fails for active directory users
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for master
0001-s3-auth-Fix-force-user-with-ADS-member.patch (text/plain), 2.18 KB, created by
Andreas Schneider
on 2013-11-22 17:33:58 UTC
(
hide
)
Description:
Patch for master
Filename:
MIME Type:
Creator:
Andreas Schneider
Created:
2013-11-22 17:33:58 UTC
Size:
2.18 KB
patch
obsolete
>From dbda3ad9e0c95511e601a1079f48b8737aa00d53 Mon Sep 17 00:00:00 2001 >From: David Disseldorp <ddiss@suse.de> >Date: Thu, 10 Nov 2011 18:34:23 +0100 >Subject: [PATCH] s3-auth: Fix force user with ADS member. > >Correctly lookup users which come from smb.conf. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=8598 > >Signed-off-by: Andreas Schneider <asn@samba.org> >--- > source3/auth/auth_util.c | 31 +++++++++++++++++++------------ > 1 file changed, 19 insertions(+), 12 deletions(-) > >diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c >index ceaa706..0d19c6e 100644 >--- a/source3/auth/auth_util.c >+++ b/source3/auth/auth_util.c >@@ -645,11 +645,12 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, > { > NTSTATUS status; > struct samu *sampass = NULL; >- char *qualified_name = NULL; > TALLOC_CTX *mem_ctx = NULL; > struct dom_sid u_sid; >+ struct dom_sid g_sid; > enum lsa_SidType type; > struct auth_serversupplied_info *result; >+ bool ok; > > /* > * The SID returned in server_info->sam_account is based >@@ -669,17 +670,14 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, > return NT_STATUS_NO_MEMORY; > } > >- qualified_name = talloc_asprintf(mem_ctx, "%s\\%s", >- unix_users_domain_name(), >- unix_username ); >- if (!qualified_name) { >- TALLOC_FREE(mem_ctx); >- return NT_STATUS_NO_MEMORY; >- } >- >- if (!lookup_name(mem_ctx, qualified_name, LOOKUP_NAME_ALL, >- NULL, NULL, >- &u_sid, &type)) { >+ ok = lookup_name_smbconf(mem_ctx, >+ unix_username, >+ LOOKUP_NAME_ALL, >+ NULL, >+ NULL, >+ &u_sid, >+ &type); >+ if (!ok) { > TALLOC_FREE(mem_ctx); > return NT_STATUS_NO_SUCH_USER; > } >@@ -707,6 +705,15 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, > /* set the user sid to be the calculated u_sid */ > pdb_set_user_sid(sampass, &u_sid, PDB_SET); > >+ /* >+ * samu_to_SamInfo3() calls get_primary_group_sid() which fails >+ * if the domain_sid is not equal to the global sam sid >+ */ >+ gid_to_sid(&g_sid, pwd->pw_gid); >+ if (!is_null_sid(&g_sid)) { >+ pdb_set_group_sid(sampass, &g_sid, PDB_SET); >+ } >+ > result = make_server_info(NULL); > if (result == NULL) { > TALLOC_FREE(sampass); >-- >1.8.4.3 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9469">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
asn
:
review?
(
abartlet
)
Actions:
View
Attachments on
bug 8598
:
7078
|
7090
|
7542
|
7543
|
7548
| 9469 |
9642
|
9643
|
9644
|
9696
|
9697
|
9699
|
9700
|
9869
|
9870