Bug 7542 - winbind returns AD group members in camel case while users are coverted to lower case - AD group memebership check fails
winbind returns AD group members in camel case while users are coverted to lo...
Status: NEW
Product: Samba 3.2
Classification: Unclassified
Component: Winbind
3.2.5
All Linux
: P3 normal
: ---
Assigned To: Michael Adam
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-01 05:55 UTC by Vladimir Soloviev
Modified: 2010-07-01 05:55 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Soloviev 2010-07-01 05:55:12 UTC
getent passwd | grep isaev
return
isaev_ef:*:10250:10000: bla-bla-bla
getent group | grep project
return
project-ias:x:10132:Isaev_EF,   bla-bla-bla

Windind conver logins returned as passwd database memebers to lower case,
while keep case for logins returned as group memebers. This behaivor prevent AD group memebersip checking.

patch:
file
source/winbindd/winbindd_group.c
function
static NTSTATUS expand_groups
.......
.......
		/* Separate users and groups into two lists */

		for ( j=0; j<num_names; j++ ) {

			/* Users */
			if ( name_types[j] == SID_NAME_USER ||
			     name_types[j] == SID_NAME_COMPUTER )
			{
				/* vsplus ++ */
                                fstring tmp_user;
                                char *ptmp_user = &tmp_user;
                                fstrcpy(tmp_user, names[j]);
                                strlower_m(tmp_user);
                                /* vsplus -- */
                                status = add_names_to_list( ctx, members, 
							    n_members,
							    &ptmp_user, 1 );
							    /* names+j, 1 ); */
				if ( !NT_STATUS_IS_OK(status) )
					goto out;

				continue;				
			} 
.......