fixing domain join and domain login problems
[samba.git] / source3 / rpc_server / srv_sid.c
index b80902dbaa87ae774b3fdfa1240eaeac802f7550..216fab657f92b5f42f50c93d2ff22508b71c1453 100644 (file)
@@ -93,6 +93,7 @@ sid_name_map[] =
 static BOOL read_sid_from_file(int fd, char *sid_file)
 {   
   fstring fline;
+       fstring sid_str;
     
   memset(fline, '\0', sizeof(fline));
 
@@ -112,12 +113,43 @@ static BOOL read_sid_from_file(int fd, char *sid_file)
     return False;
   }
 
+       sid_to_string(sid_str, &global_sam_sid);
+       DEBUG(5,("read_sid_from_file: sid %s\n", sid_str));
+
   return True;
 }
 
 /****************************************************************************
- Generate the global machine sid. Look for the MACHINE.SID file first, if
- not found then look in smb.conf and use it to create the MACHINE.SID file.
+ sets up the name associated with the SAM database for which we are responsible
+****************************************************************************/
+void get_sam_domain_name(void)
+{
+       switch (lp_server_role())
+       {
+               case ROLE_DOMAIN_PDC:
+               case ROLE_DOMAIN_BDC:
+               {
+                       /* we are PDC (or BDC) for a Domain */
+                       fstrcpy(global_sam_name, lp_workgroup());
+                       break;
+               }
+               case ROLE_DOMAIN_MEMBER:
+               {
+                       /* we are a "PDC", but FOR LOCAL SAM DATABASE ONLY */
+                       fstrcpy(global_sam_name, global_myname);
+                       break;
+               }
+               default:
+               {
+                       /* no domain role, probably due to "security = share" */
+                       memset(global_sam_name, 0, sizeof(global_sam_name));
+                       break;
+               }
+       }
+}
+
+/****************************************************************************
+ obtain the sid from the PDC.  do some verification along the way...
 ****************************************************************************/
 BOOL get_member_domain_sid(void)
 {
@@ -130,9 +162,28 @@ BOOL get_member_domain_sid(void)
        fstring dom3;
        fstring dom5;
 
+       switch (lp_server_role())
+       {
+               case ROLE_DOMAIN_NONE:
+               {
+                       ZERO_STRUCT(global_member_sid);
+                       return True;
+               }
+               case ROLE_DOMAIN_PDC:
+               {
+                       sid_copy(&global_member_sid, &global_sam_sid);
+                       return True;
+               }
+               default:
+               {
+                       /* member or BDC, we're going for connection to PDC */
+                       break;
+               }
+       }
+
        if (!cli_connect_serverlist(&cli, lp_passwordserver()))
        {
-               DEBUG(0,("get_member_domain_sid: unable to initialize client connection.\n"));
+               DEBUG(0,("get_member_domain_sid: unable to initialise client connection.\n"));
                return False;
        }
 
@@ -173,11 +224,11 @@ BOOL get_member_domain_sid(void)
        if (res)
        {
                pstring sid;
-               DEBUG(5,("LSA Query Info Policy\n"));
+               DEBUG(2,("LSA Query Info Policy\n"));
                sid_to_string(sid, &sid3);
-               DEBUG(5,("Domain Member     - Domain: %s SID: %s\n", dom3, sid));
+               DEBUG(2,("Domain Member     - Domain: %s SID: %s\n", dom3, sid));
                sid_to_string(sid, &sid5);
-               DEBUG(5,("Domain Controller - Domain: %s SID: %s\n", dom5, sid));
+               DEBUG(2,("Domain Controller - Domain: %s SID: %s\n", dom5, sid));
 
                if (!strequal(dom3, global_myworkgroup) ||
                    !strequal(dom5, global_myworkgroup))
@@ -189,7 +240,7 @@ BOOL get_member_domain_sid(void)
        }
        else
        {
-               DEBUG(5,("lsa query info failed\n"));
+               DEBUG(1,("lsa query info failed\n"));
        }
        if (!res)
        {
@@ -245,7 +296,7 @@ BOOL generate_sam_sid(void)
 
        pstrcat(sid_file, "MACHINE.SID");
     
-       if ((fd = open(sid_file, O_RDWR | O_CREAT, 0644)) == -1) {
+       if ((fd = sys_open(sid_file, O_RDWR | O_CREAT, 0644)) == -1) {
                DEBUG(0,("unable to open or create file %s. Error was %s\n",
                         sid_file, strerror(errno) ));
                return False;
@@ -467,7 +518,7 @@ BOOL split_domain_name(char *fullname, char *domain, char *name)
        fstrcpy(full_name, fullname);
        p = strchr(full_name+1, '\\');
 
-       if (p == NULL)
+       if (p != NULL)
        {
                *p = 0;
                fstrcpy(domain, full_name);