s3-auth: Add passwd_to_SamInfo3().

[samba.git] / source3 / auth / server_info.c

diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 46d817880a05b4ee7e219a386294dd185d30738b..43711d5bc0eef9e6f16b92f4a4262dc09ed99663 100644 (file)
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -489,10 +489,28 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
                }
        } else {
                /*
-                * Winbind is not running, create the group_sid from the
-                * group id.
+                * Winbind is not running, try to create the group_sid from the
+                * passwd group id.
+                */
+
+               /*
+                * This can lead to a primary group of S-1-22-2-XX which
+                * will be rejected by other Samba code.
                 */
                gid_to_sid(&group_sid, pwd->pw_gid);
+
+               ZERO_STRUCT(domain_sid);
+
+               /*
+                * If we are a unix group, set the group_sid to the
+                * 'Domain Users' RID of 513 which will always resolve to a
+                * name.
+                */
+               if (sid_check_is_in_unix_groups(&group_sid)) {
+                       sid_compose(&group_sid,
+                                   get_global_sam_sid(),
+                                   DOMAIN_RID_USERS);
+               }
        }
 
        /* Make sure we have a valid group sid */