r23291: Undo the somewhat naive change of r23279:

The clear text presentaion of the sid in the ldap expression
does work with w2k3 but not with w2k....

Thanks to Guenther for advising me of this issue.

Michael
(This used to be commit 7e6b0c19f816b52cca257c2837680e70f1af8594)

diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index 9b0b43479e1e4c8e1aee014dfe0cd666f6eeab33..d362f3173b2ec47ef610f001306783b41e27fcde 100644 (file)
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -901,6 +901,7 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
        ADS_STRUCT *ads = NULL;
        char *ldap_exp;
        NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+       char *sidbinstr;
        char **members = NULL;
        int i;
        size_t num_members = 0;
@@ -939,14 +940,21 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
                goto done;
        }
 
+       if ((sidbinstr = sid_binstring(group_sid)) == NULL) {
+               status = NT_STATUS_NO_MEMORY;
+               goto done;
+       }
+
        /* search for all members of the group */
-       if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)",
-                                        sid_string_static(group_sid)))) 
+       if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)", 
+                                        sidbinstr))) 
        {
+               SAFE_FREE(sidbinstr);
                DEBUG(1, ("ads: lookup_groupmem: talloc_asprintf for ldap_exp failed!\n"));
                status = NT_STATUS_NO_MEMORY;
                goto done;
        }
+       SAFE_FREE(sidbinstr);
 
        args.control = ADS_EXTENDED_DN_OID;
        args.val = ADS_EXTENDED_DN_HEX_STRING;