Fixed a domain functionality problem where NT clients would start
[samba.git] / source3 / passdb / sampassdb.c
index 95055ed29837126b9d07204187ec960a79fcc51b..25be7b9ec5bae1105e0b90e605825d2b12d49fcb 100644 (file)
@@ -126,12 +126,15 @@ struct sam_passwd *getsam21pwent(void *vp)
  does not have search facilities.
 *************************************************************************/
 
-struct sam_passwd *iterate_getsam21pwntnam(const char *name)
+struct sam_passwd *iterate_getsam21pwntnam(const char *ntname)
 {
+       fstring nt_name;
        struct sam_passwd *pwd = NULL;
        void *fp = NULL;
 
-       DEBUG(10, ("search by name: %s\n", name));
+       DEBUG(10, ("search by name: %s\n", ntname));
+
+       fstrcpy(nt_name, ntname);
 
        /* Open the smb password database - not for update. */
        fp = startsmbpwent(False);
@@ -142,14 +145,14 @@ struct sam_passwd *iterate_getsam21pwntnam(const char *name)
                return NULL;
        }
 
-       while ((pwd = getsam21pwent(fp)) != NULL && !strequal(pwd->nt_name, name))
+       while ((pwd = getsam21pwent(fp)) != NULL && !strequal(pwd->nt_name, nt_name))
        {
                DEBUG(10, ("iterate: %s 0x%x\n", pwd->nt_name, pwd->user_rid));
        }
 
        if (pwd != NULL)
        {
-               DEBUG(10, ("found by name: %s\n", name));
+               DEBUG(10, ("found by name: %s\n", nt_name));
        }
 
        endsmbpwent(fp);
@@ -287,12 +290,13 @@ void pwdb_init_sam(struct sam_passwd *user)
 {
        if (user == NULL) return;
        bzero(user, sizeof(*user));
-       unix_to_nt_time(&user->logon_time            , (time_t)-1);
-       unix_to_nt_time(&user->logoff_time           , (time_t)-1);
-       unix_to_nt_time(&user->kickoff_time          , (time_t)-1);
-       unix_to_nt_time(&user->pass_last_set_time    , (time_t)-1);
-       unix_to_nt_time(&user->pass_can_change_time  , (time_t)-1);
-       unix_to_nt_time(&user->pass_must_change_time , (time_t)-1);
+
+       init_nt_time(&user->logon_time);
+       init_nt_time(&user->logoff_time);
+       init_nt_time(&user->kickoff_time);
+       init_nt_time(&user->pass_last_set_time);
+       init_nt_time(&user->pass_can_change_time);
+       init_nt_time(&user->pass_must_change_time);
 
        user->unix_uid = (uid_t)-1;
        user->unix_gid = (gid_t)-1;
@@ -371,7 +375,12 @@ struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user)
        pw_buf.smb_passwd         = user->smb_passwd;
        pw_buf.smb_nt_passwd      = user->smb_nt_passwd;
        pw_buf.acct_ctrl          = user->acct_ctrl;
-       unix_to_nt_time(&pw_buf.pass_last_set_time, user->pass_last_set_time);
+
+        if ( user->pass_last_set_time != (time_t)-1 )
+        {
+               unix_to_nt_time(&pw_buf.pass_last_set_time, user->pass_last_set_time);
+               unix_to_nt_time(&pw_buf.pass_can_change_time, user->pass_last_set_time);
+       }
 
        return &pw_buf;
 }
@@ -436,6 +445,9 @@ struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam)
        if (sam->unix_uid  == (uid_t)-1 ) sam->unix_uid  = (uid_t)gmep.unix_id;
        if (sam->user_rid  == 0xffffffff) sid_split_rid(&gmep.sid, &sam->user_rid);
 
+       DEBUG(10,("pwdb_sam_map_name: found unix user %s nt %s uid %d rid 0x%x\n",
+                  sam->unix_name, sam->nt_name, sam->unix_uid, sam->user_rid));
+
        /*
         * group details
         */
@@ -505,11 +517,18 @@ you will get this warning only once (for all trust accounts)\n", unix_name));
 
        if (!sid_front_equal(&global_sam_sid, &gmep.sid))
        {
+               fstring sid_str;
+               sid_to_string(sid_str, &gmep.sid);
+               DEBUG(0,("UNIX User %s Primary Group is in the wrong domain! %s\n",
+                         sam->unix_name, sid_str));
                return NULL;
        }
 
        if (sam->unix_gid  == (gid_t)-1 ) sam->unix_gid  = (gid_t)gmep.unix_id;
        if (sam->group_rid == 0xffffffff) sid_split_rid(&gmep.sid, &sam->group_rid);
 
+       DEBUG(10,("pwdb_sam_map_name: found gid %d and group rid 0x%x for unix user %s\n",
+                  sam->unix_gid, sam->group_rid, sam->unix_name));
+
        return sam;
 }