Hi Andrew, (we talk about this on irc yesterday...) This patch changes the SAM_ACCOUNT struct. It now stores the (user/group) SID not RID. I think it's much better to make it possible to store the full sid in the pdb backend,(SID -> uid) as it is done inthe group mapping ( SID -> gid).
the functions pdb_(s/g)et_user_rid() should move to pdb_(s/g)et_user_sid()... there are: pdb_set_user_sid_from_rid() - to append the rid to the global_sam_sid witch is now use by the passdb backends But for now there are wrappers to provide the old functions: pdb_(s/g)et_user_rid() TEST: - I have tested this and works for me:-) - With smbd there no problems:-) - the only problem was that the pdbedit command didn't have the global_sam_sid so you got S-0-0-1000 a SID for root in the debug message that's not a problem till we change from the pdb_get_user_rid() function to pdb_get_user_sid().:-( (we need to fix this...) metze Patch: -------------------------------------------------------------------------------------- --- HEAD/source/include/smb.h Tue May 21 14:07:13 2002 +++ HEAD-fix/source/include/smb.h Mon May 27 11:28:59 2002 @@ -624,8 +624,8 @@ uid_t uid; /* this is a unix uid_t */ gid_t gid; /* this is a unix gid_t */ - uint32 user_rid; /* Primary User ID */ - uint32 group_rid; /* Primary Group ID */ + DOM_SID user_sid; /* Primary User SID */ + DOM_SID group_sid; /* Primary Group SID */ DATA_BLOB lm_pw; /* .data is Null if no password */ DATA_BLOB nt_pw; /* .data is Null if no password */ diff -Nur HEAD/source/passdb/passdb.c HEAD-fix/source/passdb/passdb.c --- HEAD/source/passdb/passdb.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/passdb.c Mon May 27 13:03:58 2002 @@ -185,7 +185,7 @@ -- abartlet 11-May-02 */ - pdb_set_user_rid(sam_account, + pdb_set_user_sid_from_rid(sam_account, fallback_pdb_uid_to_user_rid(pwd->pw_uid)); /* call the mapping code here */ @@ -196,7 +196,7 @@ rid=pdb_gid_to_group_rid(pwd->pw_gid); } - pdb_set_group_rid(sam_account, rid); + pdb_set_group_sid_from_rid(sam_account, rid); /* check if this is a user account or a machine account */ if (pwd->pw_name[strlen(pwd->pw_name)-1] != '$') @@ -1002,9 +1002,9 @@ pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); if (from->user_rid) - pdb_set_user_rid(to, from->user_rid); + pdb_set_user_sid_from_rid(to, from->user_rid); if (from->group_rid) - pdb_set_group_rid(to, from->group_rid); + pdb_set_group_sid_from_rid(to, from->group_rid); pdb_set_acct_ctrl(to, from->acb_info); pdb_set_unknown_3(to, from->unknown_3); @@ -1057,9 +1057,9 @@ pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); if (from->user_rid) - pdb_set_user_rid(to, from->user_rid); + pdb_set_user_sid_from_rid(to, from->user_rid); if (from->group_rid) - pdb_set_group_rid(to, from->group_rid); + pdb_set_group_sid_from_rid(to, from->group_rid); /* FIXME!! Do we need to copy the passwords here as well? I don't know. Need to figure this out --jerry */ diff -Nur HEAD/source/passdb/pdb_get_set.c HEAD-fix/source/passdb/pdb_get_set.c --- HEAD/source/passdb/pdb_get_set.c Tue May 21 14:07:17 2002 +++ HEAD-fix/source/passdb/pdb_get_set.c Tue May 28 13:33:19 2002 @@ -5,6 +5,7 @@ Copyright (C) Luke Kenneth Casson Leighton 1996-1998 Copyright (C) Gerald (Jerry) Carter 2000-2001 Copyright (C) Andrew Bartlett 2001-2002 + Copyright (C) Stefan (metze) Metzmacher 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -155,21 +156,35 @@ else return (NULL); } +const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass) +{ + return &sampass->private.user_sid; +} + +const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass) +{ + return &sampass->private.group_sid; +} uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass) { + uint32 u_rid; + if (sampass) - return (sampass->private.user_rid); - else - return (-1); + if(sid_peek_rid((DOM_SID *)&sampass->private.user_sid,&u_rid)) + return u_rid; + + return (-1); } uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass) { + uint32 g_rid; + if (sampass) - return (sampass->private.group_rid); - else - return (-1); + if(sid_peek_rid((DOM_SID *)&sampass->private.group_sid,&g_rid)) + return g_rid; + return (-1); } /** @@ -487,28 +502,85 @@ } -BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid) +BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid) { + fstring string; + + if(!sampass||!u_sid) + return False; + + sid_copy(&sampass->private.user_sid,u_sid); + + DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n", + sid_to_string(string,u_sid))); + + return True; +} + +BOOL pdb_set_group_sid(SAM_ACCOUNT *sampass, DOM_SID *g_sid) +{ + fstring string; + + if (!sampass||!g_sid) + return False; + + sid_copy(&sampass->private.group_sid,g_sid); + + DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", + sid_to_string(string,g_sid))); + + return True; +} + +BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid) +{ + DOM_SID u_sid; + fstring string; + if (!sampass) return False; - DEBUG(10, ("pdb_set_rid: setting user rid %d, was %d\n", - rid, sampass->private.user_rid)); + sid_copy(&u_sid,&global_sam_sid); + + if(!sid_append_rid(&u_sid,rid)) + return False; + + DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from rid %d\n", + sid_to_string(string,&u_sid),rid)); - sampass->private.user_rid = rid; + sid_copy(&sampass->private.user_sid,&u_sid); + return True; } -BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid) +BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid) { + DOM_SID g_sid; + fstring string; + if (!sampass) return False; + + sid_copy(&g_sid,&global_sam_sid); + if(!sid_append_rid(&g_sid,grid)) + return False; + + sid_copy(&sampass->private.group_sid,&g_sid); + + DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s from rid %d\n", + sid_to_string(string,&g_sid),grid)); - DEBUG(10, ("pdb_set_group_rid: setting group rid %d, was %d\n", - grid, sampass->private.group_rid)); - - sampass->private.group_rid = grid; return True; +} + +BOOL pdb_set_user_rid(SAM_ACCOUNT *sampass, uint32 rid) +{ + return pdb_set_user_sid_from_rid(sampass,rid); +} + +BOOL pdb_set_group_rid(SAM_ACCOUNT *sampass, uint32 grid) +{ + return pdb_set_group_sid_from_rid(sampass,grid); } /********************************************************************* diff -Nur HEAD/source/passdb/pdb_ldap.c HEAD-fix/source/passdb/pdb_ldap.c --- HEAD/source/passdb/pdb_ldap.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/pdb_ldap.c Mon May 27 12:54:00 2002 @@ -780,8 +780,8 @@ pdb_set_hours_len(sampass, hours_len); pdb_set_logon_divs(sampass, logon_divs); - pdb_set_user_rid(sampass, user_rid); - pdb_set_group_rid(sampass, group_rid); + pdb_set_user_sid_from_rid(sampass, user_rid); + pdb_set_group_sid_from_rid(sampass, group_rid); pdb_set_username(sampass, username); diff -Nur HEAD/source/passdb/pdb_nisplus.c HEAD-fix/source/passdb/pdb_nisplus.c --- HEAD/source/passdb/pdb_nisplus.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/pdb_nisplus.c Mon May 27 12:59:29 2002 @@ -339,8 +339,8 @@ pdb_set_uid(pw_buf, atoi(ENTRY_VAL(obj, NPF_UID))); pdb_set_gid(pw_buf, atoi(ENTRY_VAL(obj, NPF_SMB_GRPID))); - pdb_set_user_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID))); - pdb_set_group_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID))); + pdb_set_user_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID))); + pdb_set_group_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID))); /* values, must exist for user */ if( !(pdb_get_acct_ctrl(pw_buf) & ACB_WSTRUST) ) { @@ -381,7 +381,7 @@ else { /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */ - pdb_set_group_rid (pw_buf, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS); } /* Check the lanman password column. */ diff -Nur HEAD/source/passdb/pdb_smbpasswd.c HEAD-fix/source/passdb/pdb_smbpasswd.c --- HEAD/source/passdb/pdb_smbpasswd.c Mon May 27 13:11:02 2002 +++ HEAD-fix/source/passdb/pdb_smbpasswd.c Mon May 27 12:57:37 2002 @@ -1242,14 +1242,14 @@ && (pw_buf->smb_userid >= smbpasswd_state->low_nua_userid) && (pw_buf->smb_userid <= smbpasswd_state->high_nua_userid)) { - pdb_set_user_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid)); + pdb_set_user_sid_from_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid)); /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. This was down the bottom for machines, but it looks pretty good as a general default for non-unix users. --abartlet 2002-01-08 */ - pdb_set_group_rid (sam_pass, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS); pdb_set_username (sam_pass, pw_buf->smb_name); pdb_set_domain (sam_pass, lp_workgroup()); } else { diff -Nur HEAD/source/passdb/pdb_tdb.c HEAD-fix/source/passdb/pdb_tdb.c --- HEAD/source/passdb/pdb_tdb.c Mon May 27 13:11:02 2002 +++ HEAD-fix/source/passdb/pdb_tdb.c Mon May 27 12:58:02 2002 @@ -246,8 +246,8 @@ } } - pdb_set_user_rid(sampass, user_rid); - pdb_set_group_rid(sampass, group_rid); + pdb_set_user_sid_from_rid(sampass, user_rid); + pdb_set_group_sid_from_rid(sampass, group_rid); pdb_set_unknown_3(sampass, unknown_3); pdb_set_hours_len(sampass, hours_len); pdb_set_unknown_5(sampass, unknown_5); @@ -775,7 +775,7 @@ goto done; } } - pdb_set_user_rid(newpwd, user_rid); + pdb_set_user_sid_from_rid(newpwd, user_rid); } else { user_rid = tdb_state->low_nua_rid; tdb_ret = tdb_change_uint32_atomic(pwd_tdb, "NUA_RID_COUNTER", &user_rid, RID_MULTIPLIER); @@ -788,7 +788,7 @@ ret = False; goto done; } - pdb_set_user_rid(newpwd, user_rid); + pdb_set_user_sid_from_rid(newpwd, user_rid); } } else { DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd))); @@ -805,7 +805,7 @@ goto done; } else { /* This seems like a good default choice for non-unix users */ - pdb_set_group_rid(newpwd, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid(newpwd, DOMAIN_GROUP_RID_USERS); } } else { DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd))); ------------------------------------------------------------------------------------------------------------- metze ----------------------------------------------------------------------------- Stefan "metze" Metzmacher <[EMAIL PROTECTED]>
--- HEAD/source/include/smb.h Tue May 21 14:07:13 2002 +++ HEAD-fix/source/include/smb.h Mon May 27 11:28:59 2002 @@ -624,8 +624,8 @@ uid_t uid; /* this is a unix uid_t */ gid_t gid; /* this is a unix gid_t */ - uint32 user_rid; /* Primary User ID */ - uint32 group_rid; /* Primary Group ID */ + DOM_SID user_sid; /* Primary User SID */ + DOM_SID group_sid; /* Primary Group SID */ DATA_BLOB lm_pw; /* .data is Null if no password */ DATA_BLOB nt_pw; /* .data is Null if no password */ diff -Nur HEAD/source/passdb/passdb.c HEAD-fix/source/passdb/passdb.c --- HEAD/source/passdb/passdb.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/passdb.c Mon May 27 13:03:58 2002 @@ -185,7 +185,7 @@ -- abartlet 11-May-02 */ - pdb_set_user_rid(sam_account, + pdb_set_user_sid_from_rid(sam_account, fallback_pdb_uid_to_user_rid(pwd->pw_uid)); /* call the mapping code here */ @@ -196,7 +196,7 @@ rid=pdb_gid_to_group_rid(pwd->pw_gid); } - pdb_set_group_rid(sam_account, rid); + pdb_set_group_sid_from_rid(sam_account, rid); /* check if this is a user account or a machine account */ if (pwd->pw_name[strlen(pwd->pw_name)-1] != '$') @@ -1002,9 +1002,9 @@ pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); if (from->user_rid) - pdb_set_user_rid(to, from->user_rid); + pdb_set_user_sid_from_rid(to, from->user_rid); if (from->group_rid) - pdb_set_group_rid(to, from->group_rid); + pdb_set_group_sid_from_rid(to, from->group_rid); pdb_set_acct_ctrl(to, from->acb_info); pdb_set_unknown_3(to, from->unknown_3); @@ -1057,9 +1057,9 @@ pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); if (from->user_rid) - pdb_set_user_rid(to, from->user_rid); + pdb_set_user_sid_from_rid(to, from->user_rid); if (from->group_rid) - pdb_set_group_rid(to, from->group_rid); + pdb_set_group_sid_from_rid(to, from->group_rid); /* FIXME!! Do we need to copy the passwords here as well? I don't know. Need to figure this out --jerry */ diff -Nur HEAD/source/passdb/pdb_get_set.c HEAD-fix/source/passdb/pdb_get_set.c --- HEAD/source/passdb/pdb_get_set.c Tue May 21 14:07:17 2002 +++ HEAD-fix/source/passdb/pdb_get_set.c Tue May 28 13:33:19 2002 @@ -5,6 +5,7 @@ Copyright (C) Luke Kenneth Casson Leighton 1996-1998 Copyright (C) Gerald (Jerry) Carter 2000-2001 Copyright (C) Andrew Bartlett 2001-2002 + Copyright (C) Stefan (metze) Metzmacher 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -155,21 +156,35 @@ else return (NULL); } +const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass) +{ + return &sampass->private.user_sid; +} + +const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass) +{ + return &sampass->private.group_sid; +} uint32 pdb_get_user_rid (const SAM_ACCOUNT *sampass) { + uint32 u_rid; + if (sampass) - return (sampass->private.user_rid); - else - return (-1); + if(sid_peek_rid((DOM_SID *)&sampass->private.user_sid,&u_rid)) + return u_rid; + + return (-1); } uint32 pdb_get_group_rid (const SAM_ACCOUNT *sampass) { + uint32 g_rid; + if (sampass) - return (sampass->private.group_rid); - else - return (-1); + if(sid_peek_rid((DOM_SID *)&sampass->private.group_sid,&g_rid)) + return g_rid; + return (-1); } /** @@ -487,28 +502,85 @@ } -BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid) +BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, DOM_SID *u_sid) { + fstring string; + + if(!sampass||!u_sid) + return False; + + sid_copy(&sampass->private.user_sid,u_sid); + + DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n", + sid_to_string(string,u_sid))); + + return True; +} + +BOOL pdb_set_group_sid(SAM_ACCOUNT *sampass, DOM_SID *g_sid) +{ + fstring string; + + if (!sampass||!g_sid) + return False; + + sid_copy(&sampass->private.group_sid,g_sid); + + DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", + sid_to_string(string,g_sid))); + + return True; +} + +BOOL pdb_set_user_sid_from_rid (SAM_ACCOUNT *sampass, uint32 rid) +{ + DOM_SID u_sid; + fstring string; + if (!sampass) return False; - DEBUG(10, ("pdb_set_rid: setting user rid %d, was %d\n", - rid, sampass->private.user_rid)); + sid_copy(&u_sid,&global_sam_sid); + + if(!sid_append_rid(&u_sid,rid)) + return False; + + DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from rid %d\n", + sid_to_string(string,&u_sid),rid)); - sampass->private.user_rid = rid; + sid_copy(&sampass->private.user_sid,&u_sid); + return True; } -BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid) +BOOL pdb_set_group_sid_from_rid (SAM_ACCOUNT *sampass, uint32 grid) { + DOM_SID g_sid; + fstring string; + if (!sampass) return False; + + sid_copy(&g_sid,&global_sam_sid); + if(!sid_append_rid(&g_sid,grid)) + return False; + + sid_copy(&sampass->private.group_sid,&g_sid); + + DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s from rid +%d\n", + sid_to_string(string,&g_sid),grid)); - DEBUG(10, ("pdb_set_group_rid: setting group rid %d, was %d\n", - grid, sampass->private.group_rid)); - - sampass->private.group_rid = grid; return True; +} + +BOOL pdb_set_user_rid(SAM_ACCOUNT *sampass, uint32 rid) +{ + return pdb_set_user_sid_from_rid(sampass,rid); +} + +BOOL pdb_set_group_rid(SAM_ACCOUNT *sampass, uint32 grid) +{ + return pdb_set_group_sid_from_rid(sampass,grid); } /********************************************************************* diff -Nur HEAD/source/passdb/pdb_ldap.c HEAD-fix/source/passdb/pdb_ldap.c --- HEAD/source/passdb/pdb_ldap.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/pdb_ldap.c Mon May 27 12:54:00 2002 @@ -780,8 +780,8 @@ pdb_set_hours_len(sampass, hours_len); pdb_set_logon_divs(sampass, logon_divs); - pdb_set_user_rid(sampass, user_rid); - pdb_set_group_rid(sampass, group_rid); + pdb_set_user_sid_from_rid(sampass, user_rid); + pdb_set_group_sid_from_rid(sampass, group_rid); pdb_set_username(sampass, username); diff -Nur HEAD/source/passdb/pdb_nisplus.c HEAD-fix/source/passdb/pdb_nisplus.c --- HEAD/source/passdb/pdb_nisplus.c Mon May 27 13:11:01 2002 +++ HEAD-fix/source/passdb/pdb_nisplus.c Mon May 27 12:59:29 2002 @@ -339,8 +339,8 @@ pdb_set_uid(pw_buf, atoi(ENTRY_VAL(obj, NPF_UID))); pdb_set_gid(pw_buf, atoi(ENTRY_VAL(obj, NPF_SMB_GRPID))); - pdb_set_user_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID))); - pdb_set_group_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID))); + pdb_set_user_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_USER_RID))); + pdb_set_group_sid_from_rid(pw_buf, atoi(ENTRY_VAL(obj, NPF_GROUP_RID))); /* values, must exist for user */ if( !(pdb_get_acct_ctrl(pw_buf) & ACB_WSTRUST) ) { @@ -381,7 +381,7 @@ else { /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */ - pdb_set_group_rid (pw_buf, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid (pw_buf, DOMAIN_GROUP_RID_USERS); } /* Check the lanman password column. */ diff -Nur HEAD/source/passdb/pdb_smbpasswd.c HEAD-fix/source/passdb/pdb_smbpasswd.c --- HEAD/source/passdb/pdb_smbpasswd.c Mon May 27 13:11:02 2002 +++ HEAD-fix/source/passdb/pdb_smbpasswd.c Mon May 27 12:57:37 2002 @@ -1242,14 +1242,14 @@ && (pw_buf->smb_userid >= smbpasswd_state->low_nua_userid) && (pw_buf->smb_userid <= smbpasswd_state->high_nua_userid)) { - pdb_set_user_rid(sam_pass, fallback_pdb_uid_to_user_rid (pw_buf->smb_userid)); + pdb_set_user_sid_from_rid(sam_pass, fallback_pdb_uid_to_user_rid +(pw_buf->smb_userid)); /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. This was down the bottom for machines, but it looks pretty good as a general default for non-unix users. --abartlet 2002-01-08 */ - pdb_set_group_rid (sam_pass, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS); pdb_set_username (sam_pass, pw_buf->smb_name); pdb_set_domain (sam_pass, lp_workgroup()); } else { diff -Nur HEAD/source/passdb/pdb_tdb.c HEAD-fix/source/passdb/pdb_tdb.c --- HEAD/source/passdb/pdb_tdb.c Mon May 27 13:11:02 2002 +++ HEAD-fix/source/passdb/pdb_tdb.c Mon May 27 12:58:02 2002 @@ -246,8 +246,8 @@ } } - pdb_set_user_rid(sampass, user_rid); - pdb_set_group_rid(sampass, group_rid); + pdb_set_user_sid_from_rid(sampass, user_rid); + pdb_set_group_sid_from_rid(sampass, group_rid); pdb_set_unknown_3(sampass, unknown_3); pdb_set_hours_len(sampass, hours_len); pdb_set_unknown_5(sampass, unknown_5); @@ -775,7 +775,7 @@ goto done; } } - pdb_set_user_rid(newpwd, user_rid); + pdb_set_user_sid_from_rid(newpwd, user_rid); } else { user_rid = tdb_state->low_nua_rid; tdb_ret = tdb_change_uint32_atomic(pwd_tdb, "NUA_RID_COUNTER", &user_rid, RID_MULTIPLIER); @@ -788,7 +788,7 @@ ret = False; goto done; } - pdb_set_user_rid(newpwd, user_rid); + pdb_set_user_sid_from_rid(newpwd, user_rid); } } else { DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a RID\n",pdb_get_username(newpwd))); @@ -805,7 +805,7 @@ goto done; } else { /* This seems like a good default choice for non-unix users */ - pdb_set_group_rid(newpwd, DOMAIN_GROUP_RID_USERS); + pdb_set_group_sid_from_rid(newpwd, +DOMAIN_GROUP_RID_USERS); } } else { DEBUG (0,("tdb_update_sam: Failing to store a SAM_ACCOUNT for [%s] without a primary group RID\n",pdb_get_username(newpwd)));