return NT_STATUS_IS_OK(status);
}
+void cache_name2sid(struct winbindd_domain *domain,
+ const char *domain_name, const char *name,
+ enum SID_NAME_USE type, const DOM_SID *sid)
+{
+ wcache_save_name_to_sid(domain, NT_STATUS_OK, domain_name, name,
+ sid, type);
+}
+
/* delete all centries that don't have NT_STATUS_OK set */
static int traverse_fn_cleanup(TDB_CONTEXT *the_tdb, TDB_DATA kbuf,
TDB_DATA dbuf, void *state)
if (my_info3->acct_flags & ACB_DOMTRUST) {
return NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT;
}
-
+#if 0
+ /* The info3 acct_flags in NT4's samlogon reply don't have
+ * ACB_NORMAL set. Disable this paranoia check until we
+ * can research this more - Guenther */
+
if (!(my_info3->acct_flags & ACB_NORMAL)) {
DEBUG(10,("winbindd_dual_pam_auth_cached: whats wrong with that one?: 0x%08x\n",
my_info3->acct_flags));
return NT_STATUS_LOGON_FAILURE;
}
-
+#endif
kickoff_time = nt_time_to_unix(&my_info3->kickoff_time);
if (kickoff_time != 0 && time(NULL) > kickoff_time) {
return NT_STATUS_ACCOUNT_EXPIRED;
if (NT_STATUS_IS_OK(result)) {
+ DOM_SID user_sid;
+
netsamlogon_cache_store(name_user, info3);
wcache_invalidate_samlogon(find_domain_from_name(name_domain), info3);
+ /* save name_to_sid info as early as possible */
+ sid_compose(&user_sid, &info3->dom_sid.sid, info3->user_rid);
+ cache_name2sid(domain, name_domain, name_user, SID_NAME_USER, &user_sid);
+
/* Check if the user is in the right group */
if (!NT_STATUS_IS_OK(result = check_info3_in_group(state->mem_ctx, info3,
git.samba.org / kai / samba.git / commitdiff