Author: jra Date: 2006-08-03 23:44:07 +0000 (Thu, 03 Aug 2006) New Revision: 17391
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17391 Log: Revert the second part of the valid users fix - the netlogon code uses pdb_get_group_sid() which could return a S-1-1-22 unix sid. Who knew.... :-(. I'm going to test Volker's fix instead. Once 3.0.23b is out we *have* to rip out the pdb_set_group_sid() code.... Jeremy. Modified: branches/SAMBA_3_0/source/auth/auth_util.c branches/SAMBA_3_0_23/source/auth/auth_util.c Changeset: Modified: branches/SAMBA_3_0/source/auth/auth_util.c =================================================================== --- branches/SAMBA_3_0/source/auth/auth_util.c 2006-08-03 23:22:07 UTC (rev 17390) +++ branches/SAMBA_3_0/source/auth/auth_util.c 2006-08-03 23:44:07 UTC (rev 17391) @@ -599,14 +599,6 @@ * simple first. */ TALLOC_FREE(gids); - /* For a local user the real primary group sid is the result->sids[0] */ - - if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) { - result->sam_account = NULL; /* Don't free on error exit. */ - TALLOC_FREE(result); - return NT_STATUS_UNSUCCESSFUL; - } - DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n", pdb_get_username(sampass), result->unix_name)); @@ -1097,7 +1089,7 @@ gr_sid = pdb_get_group_sid(sam_acct); if (!gr_sid) { - goto unix_group; + goto unix_user; } sid_copy(&primary_group_sid, gr_sid); @@ -1105,8 +1097,8 @@ if (!sid_to_gid(&primary_group_sid, gid)) { DEBUG(1, ("sid_to_gid(%s) failed\n", sid_string_static(&primary_group_sid))); - DEBUGADD(1, ("Fall back to unix group %s\n", username)); - goto unix_group; + DEBUGADD(1, ("Fall back to unix user %s\n", username)); + goto unix_user; } result = pdb_enum_group_memberships(tmp_ctx, sam_acct, @@ -1115,8 +1107,8 @@ if (!NT_STATUS_IS_OK(result)) { DEBUG(10, ("enum_group_memberships failed for %s\n", username)); - DEBUGADD(1, ("Fall back to unix group %s\n", username)); - goto unix_group; + DEBUGADD(1, ("Fall back to unix user %s\n", username)); + goto unix_user; } *found_username = talloc_strdup(mem_ctx, @@ -1140,8 +1132,6 @@ uid_to_unix_users_sid(*uid, &user_sid); - unix_group: - pass = getpwuid_alloc(tmp_ctx, *uid); if (pass == NULL) { DEBUG(1, ("getpwuid(%d) for user %s failed\n", @@ -1326,14 +1316,6 @@ * simple first. */ TALLOC_FREE(gids); - /* For a local user the real primary group sid is the result->sids[0] */ - - if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) { - result->sam_account = NULL; /* Don't free on error exit. */ - TALLOC_FREE(sampass); - return NT_STATUS_UNSUCCESSFUL; - } - *server_info = result; return NT_STATUS_OK; Modified: branches/SAMBA_3_0_23/source/auth/auth_util.c =================================================================== --- branches/SAMBA_3_0_23/source/auth/auth_util.c 2006-08-03 23:22:07 UTC (rev 17390) +++ branches/SAMBA_3_0_23/source/auth/auth_util.c 2006-08-03 23:44:07 UTC (rev 17391) @@ -599,14 +599,6 @@ * simple first. */ TALLOC_FREE(gids); - /* For a local user the real primary group sid is the result->sids[0] */ - - if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) { - result->sam_account = NULL; /* Don't free on error exit. */ - TALLOC_FREE(result); - return NT_STATUS_UNSUCCESSFUL; - } - DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n", pdb_get_username(sampass), result->unix_name)); @@ -1096,7 +1088,7 @@ gr_sid = pdb_get_group_sid(sam_acct); if (!gr_sid) { - goto unix_group; + goto unix_user; } sid_copy(&primary_group_sid, gr_sid); @@ -1104,8 +1096,8 @@ if (!sid_to_gid(&primary_group_sid, gid)) { DEBUG(1, ("sid_to_gid(%s) failed\n", sid_string_static(&primary_group_sid))); - DEBUGADD(1, ("Fall back to unix group %s\n", username)); - goto unix_group; + DEBUGADD(1, ("Fall back to unix user %s\n", username)); + goto unix_user; } result = pdb_enum_group_memberships(tmp_ctx, sam_acct, @@ -1114,8 +1106,8 @@ if (!NT_STATUS_IS_OK(result)) { DEBUG(10, ("enum_group_memberships failed for %s\n", username)); - DEBUGADD(1, ("Fall back to unix group %s\n", username)); - goto unix_group; + DEBUGADD(1, ("Fall back to unix user %s\n", username)); + goto unix_user; } *found_username = talloc_strdup(mem_ctx, @@ -1139,8 +1131,6 @@ uid_to_unix_users_sid(*uid, &user_sid); - unix_group: - pass = getpwuid_alloc(tmp_ctx, *uid); if (pass == NULL) { DEBUG(1, ("getpwuid(%d) for user %s failed\n", @@ -1325,14 +1315,6 @@ * simple first. */ TALLOC_FREE(gids); - /* For a local user the real primary group sid is the result->sids[0] */ - - if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) { - result->sam_account = NULL; /* Don't free on error exit. */ - TALLOC_FREE(sampass); - return NT_STATUS_UNSUCCESSFUL; - } - *server_info = result; return NT_STATUS_OK;