s3:winbindd: don't remove the DOMAIN\ prefix for principals of our own domain as...

author Stefan Metzmacher <metze@samba.org>

Sat, 28 Mar 2015 08:31:05 +0000 (08:31 +0000)

committer Andrew Bartlett <abartlet@samba.org>

Tue, 5 May 2015 23:22:14 +0000 (01:22 +0200)
author Stefan Metzmacher <metze@samba.org>
Sat, 28 Mar 2015 08:31:05 +0000 (08:31 +0000)
committer Andrew Bartlett <abartlet@samba.org>
Tue, 5 May 2015 23:22:14 +0000 (01:22 +0200)
diff --git a/selftest/knownfail b/selftest/knownfail

index ab77e0f08bb161ac9a25c73daf2f6fbbba59ee12..3e78002402eb782635b8c49854edef635ce98bcf 100644 (file)
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -265,7 +265,6 @@
  #
  ^samba4.winbind.struct.domain_info\(s4member:local\)
  ^samba4.winbind.struct.getdcname\(s4member:local\)
-^samba4.winbind.struct.lookup_name_sid\(s4member:local\)
  ^samba.blackbox.wbinfo\(s4member:local\).wbinfo -r against s4member\(s4member:local\)
  ^samba.blackbox.wbinfo\(s4member:local\).wbinfo --user-sids against s4member\(s4member:local\)
  ^samba4.winbind.struct.getpwent\(ad_dc:local\)
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c

index d4a1cf36547bd34d19dd2a669cd172a95c1dd333..88c7568bf4b72ef092a3d693fc4cc6c33a17dad7 100644 (file)
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1052,12 +1052,18 @@ bool canonicalize_username(fstring username_inout, fstring domain, fstring user)
      Also, if omit DOMAIN if 'winbind trusted domains only = true', as the
      username is then unqualified in unix
  
+    On an AD DC we always fill DOMAIN\\USERNAME.
+
      We always canonicalize as UPPERCASE DOMAIN, lowercase username.
  */
  void fill_domain_username(fstring name, const char *domain, const char *user, bool can_assume)
  {
         fstring tmp_user;
  
+       if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
+               can_assume = false;
+       }
+
         fstrcpy(tmp_user, user);
         (void)strlower_m(tmp_user);
  
@@ -1081,6 +1087,10 @@ char *fill_domain_username_talloc(TALLOC_CTX *mem_ctx,
  {
         char *tmp_user, *name;
  
+       if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
+               can_assume = false;
+       }
+
         tmp_user = talloc_strdup(mem_ctx, user);
         if (!strlower_m(tmp_user)) {
                 TALLOC_FREE(tmp_user);
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py

index ad6e1d1038441152d6d2a5b4a2525de8127123d2..4855c6bb45d7c0aed857b8cb1ec6ac0ad02024cc 100755 (executable)
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -374,7 +374,8 @@ winbind_ad_client_tests = smbtorture4_testsuites("winbind.struct") + smbtorture4
  winbind_wbclient_tests = smbtorture4_testsuites("winbind.wbclient")
  for env in ["ad_dc", "s4member", "ad_member"]:
      wb_opts = wb_opts_default[:]
-    wb_opts += ["--option=\"torture:winbindd_domain_without_prefix=$DOMAIN\""]
+    if env in ["ad_member"]:
+        wb_opts += ["--option=\"torture:winbindd_domain_without_prefix=$DOMAIN\""]
      for t in winbind_ad_client_tests:
          plansmbtorture4testsuite(t, "%s:local" % env, wb_opts + ['//$SERVER/tmp', '--realm=$REALM', '--machine-pass', '--option=torture:addc=$DC_SERVER'])
author	Stefan Metzmacher <metze@samba.org>
	Sat, 28 Mar 2015 08:31:05 +0000 (08:31 +0000)
committer	Andrew Bartlett <abartlet@samba.org>
	Tue, 5 May 2015 23:22:14 +0000 (01:22 +0200)
selftest/knownfail		patch \| blob \| history
source3/winbindd/winbindd_util.c		patch \| blob \| history
source4/selftest/tests.py		patch \| blob \| history