Author: gd Date: 2005-07-26 21:57:49 +0000 (Tue, 26 Jul 2005) New Revision: 8787
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8787 Log: Make enumeration of builtin-aliases work again. Guenther Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c trunk/source/passdb/pdb_ldap.c Changeset: Modified: branches/SAMBA_3_0/source/passdb/pdb_ldap.c =================================================================== --- branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-07-26 20:11:37 UTC (rev 8786) +++ branches/SAMBA_3_0/source/passdb/pdb_ldap.c 2005-07-26 21:57:49 UTC (rev 8787) @@ -3370,6 +3370,7 @@ struct smbldap_state *connection; uint16 acct_flags; + uint16 group_type; const char *base; int scope; @@ -3671,11 +3672,26 @@ { char **vals; DOM_SID sid; + uint16 group_type; result->account_name = ""; result->fullname = ""; result->description = ""; + + vals = ldap_get_values(ld, entry, "sambaGroupType"); + if ((vals == NULL) || (vals[0] == NULL)) { + DEBUG(5, ("\"sambaGroupType\" not found\n")); + return False; + } + + group_type = atoi(vals[0]); + + if ((state->group_type != 0) && + ((state->group_type != group_type))) { + return False; + } + vals = ldap_get_values(ld, entry, "cn"); if ((vals == NULL) || (vals[0] == NULL)) { DEBUG(5, ("\"cn\" not found\n")); @@ -3722,12 +3738,31 @@ return False; } - if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { - DEBUG(0, ("%s is not our domain\n", vals[0])); - return False; - } ldap_value_free(vals); + switch (group_type) { + case SID_NAME_DOM_GRP: + case SID_NAME_ALIAS: + + if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { + DEBUG(0, ("%s is not in our domain\n", sid_string_static(&sid))); + return False; + } + break; + + case SID_NAME_WKN_GRP: + + if (!sid_check_is_in_builtin(&sid)) { + DEBUG(0, ("%s is not in builtin sid\n", sid_string_static(&sid))); + return False; + } + break; + + default: + DEBUG(0,("unkown group type: %d\n", group_type)); + return False; + } + return True; } @@ -3753,10 +3788,11 @@ "(&(objectclass=sambaGroupMapping)" "(sambaGroupType=%d))", type); state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid", - "displayName", "description", NULL); + "displayName", "description", "sambaGroupType", NULL); state->attrsonly = 0; state->pagedresults_cookie = NULL; state->entries = NULL; + state->group_type = type; state->ldap2displayentry = ldapgroup2displayentry; if ((state->filter == NULL) || (state->attrs == NULL)) { Modified: trunk/source/passdb/pdb_ldap.c =================================================================== --- trunk/source/passdb/pdb_ldap.c 2005-07-26 20:11:37 UTC (rev 8786) +++ trunk/source/passdb/pdb_ldap.c 2005-07-26 21:57:49 UTC (rev 8787) @@ -3758,6 +3758,7 @@ struct smbldap_state *connection; uint16 acct_flags; + uint16 group_type; const char *base; int scope; @@ -4059,11 +4060,26 @@ { char **vals; DOM_SID sid; + uint16 group_type; result->account_name = ""; result->fullname = ""; result->description = ""; + + vals = ldap_get_values(ld, entry, "sambaGroupType"); + if ((vals == NULL) || (vals[0] == NULL)) { + DEBUG(5, ("\"sambaGroupType\" not found\n")); + return False; + } + + group_type = atoi(vals[0]); + + if ((state->group_type != 0) && + ((state->group_type != group_type))) { + return False; + } + vals = ldap_get_values(ld, entry, "cn"); if ((vals == NULL) || (vals[0] == NULL)) { DEBUG(5, ("\"cn\" not found\n")); @@ -4110,12 +4126,31 @@ return False; } - if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { - DEBUG(0, ("%s is not our domain\n", vals[0])); - return False; - } ldap_value_free(vals); + switch (group_type) { + case SID_NAME_DOM_GRP: + case SID_NAME_ALIAS: + + if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) { + DEBUG(0, ("%s is not in our domain\n", sid_string_static(&sid))); + return False; + } + break; + + case SID_NAME_WKN_GRP: + + if (!sid_check_is_in_builtin(&sid)) { + DEBUG(0, ("%s is not in builtin sid\n", sid_string_static(&sid))); + return False; + } + break; + + default: + DEBUG(0,("unkown group type: %d\n", group_type)); + return False; + } + return True; } @@ -4141,10 +4176,11 @@ "(&(objectclass=sambaGroupMapping)" "(sambaGroupType=%d))", type); state->attrs = talloc_attrs(search->mem_ctx, "cn", "sambaSid", - "displayName", "description", NULL); + "displayName", "description", "sambaGroupType", NULL); state->attrsonly = 0; state->pagedresults_cookie = NULL; state->entries = NULL; + state->group_type = type; state->ldap2displayentry = ldapgroup2displayentry; if ((state->filter == NULL) || (state->attrs == NULL)) {
