Copyright (C) Simo Sorce 2003
Copyright (C) Volker Lendecke 2004
Copyright (C) Jeremy Allison 2008
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/* convert a single name to a sid in a domain */
static NTSTATUS name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
- enum winbindd_cmd original_cmd,
const char *domain_name,
const char *name,
+ uint32_t flags,
DOM_SID *sid,
enum lsa_SidType *type)
{
const char *fullname;
- uint32 flags = LOOKUP_NAME_ALL;
-
- switch ( original_cmd ) {
- case WINBINDD_LOOKUPNAME:
- /* This call is ok */
- break;
- default:
- /* Avoid any NSS calls in the lookup_name by default */
- flags |= LOOKUP_NAME_EXPLICIT;
- DEBUG(10,("winbindd_passdb: limiting name_to_sid() to explicit mappings\n"));
- break;
- }
-
+
+ flags |= LOOKUP_NAME_ALL;
+
if (domain_name && domain_name[0] && strchr_m(name, '\\') == NULL) {
fullname = talloc_asprintf(mem_ctx, "%s\\%s",
domain_name, name);
fullname,
sid_string_dbg(sid),
sid_type_lookup((uint32)*type)));
-
+
return NT_STATUS_OK;
}
return NT_STATUS_NO_MEMORY;
}
- if (!pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
+ if (!pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_LEN,
&account_policy_temp)) {
return NT_STATUS_ACCESS_DENIED;
}
p->min_password_length = account_policy_temp;
- if (!pdb_get_account_policy(AP_PASSWORD_HISTORY,
+ if (!pdb_get_account_policy(PDB_POLICY_PASSWORD_HISTORY,
&account_policy_temp)) {
return NT_STATUS_ACCESS_DENIED;
}
p->password_history_length = account_policy_temp;
- if (!pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
+ if (!pdb_get_account_policy(PDB_POLICY_USER_MUST_LOGON_TO_CHG_PASS,
&p->password_properties)) {
return NT_STATUS_ACCESS_DENIED;
}
- if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp)) {
+ if (!pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &account_policy_temp)) {
return NT_STATUS_ACCESS_DENIED;
}
u_expire = account_policy_temp;
- if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp)) {
+ if (!pdb_get_account_policy(PDB_POLICY_MIN_PASSWORD_AGE, &account_policy_temp)) {
return NT_STATUS_ACCESS_DENIED;
}
u_min_age = account_policy_temp;
DOM_SID **sid_mem, char ***names,
uint32 **name_types)
{
+ DEBUG(10,("passdb: lookup_groupmem (builtin) %s sid=%s\n", domain->name,
+ sid_string_dbg(group_sid)));
+
*num_names = 0;
*sid_mem = NULL;
*names = NULL;
struct lsa_name_info *lsa_names;
TALLOC_CTX *tmp_ctx;
+ DEBUG(10,("passdb: lookup_groupmem (sam) %s sid=%s\n", domain->name,
+ sid_string_dbg(group_sid)));
+
if (!sid_check_is_in_our_domain(group_sid)) {
/* There's no groups, only aliases in BUILTIN */
return NT_STATUS_NO_SUCH_GROUP;