r19809: remove winbind blacklist parameter

(This used to be commit 40cff1449886449b34b896e31fd43b7dff436a3f)

diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index c838db923c2b1e0cae60ca41cb9eba8804936c9d..7feaadbf979e74a24b8455fc734b3ac878d021a0 100644 (file)
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -1130,30 +1130,6 @@ void winbindd_getgroups(struct winbindd_cli_state *state)
        DEBUG(3, ("[%5lu]: getgroups %s\n", (unsigned long)state->pid,
                  state->request.data.username));
 
-       /* when using "winbind use default domain" we need to avoid that
-        * initgroups() requests from NSS hit our DC too badly for accounts
-        * that will never be on the remote DC */
-
-       if (lp_winbind_use_default_domain()) {
-               
-               const char **list = lp_winbind_initgroups_blacklist();
-               int i;
-
-               if (!list || !list[0]) {
-                       goto parse;
-               }
-
-               for (i=0; list[i] != NULL; i++) {
-       
-                       if (strequal(state->request.data.username, list[i])) {
-                               DEBUG(3,("ignoring blacklisted user [%s] for getgroups\n", 
-                                       state->request.data.username));
-                               request_ok(state);
-                               return;
-                       }
-               }
-       }
- parse:
        /* Parse domain and username */
 
        s = TALLOC_P(state->mem_ctx, struct getgroups_state);

diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index cb9f8306b04c519794dadd826f9494353cccb42a..5e39544420dad3ae5f8debc651d417a77a1dda29 100644 (file)
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -181,7 +181,6 @@ typedef struct {
        BOOL bWinbindRefreshTickets;
        BOOL bWinbindOfflineLogon;
        char **szIdmapBackend;
-       char **szWinbindInitgroupsBlacklist;
        char *szAddShareCommand;
        char *szChangeShareCommand;
        char *szDeleteShareCommand;
@@ -1279,7 +1278,6 @@ static struct parm_struct parm_table[] = {
        {"winbind nss info", P_LIST, P_GLOBAL, &Globals.szWinbindNssInfo, NULL, NULL, FLAG_ADVANCED}, 
        {"winbind refresh tickets", P_BOOL, P_GLOBAL, &Globals.bWinbindRefreshTickets, NULL, NULL, FLAG_ADVANCED}, 
        {"winbind offline logon", P_BOOL, P_GLOBAL, &Globals.bWinbindOfflineLogon, NULL, NULL, FLAG_ADVANCED},
-       {"winbind initgroups blacklist", P_LIST, P_GLOBAL, &Globals.szWinbindInitgroupsBlacklist, NULL, NULL, FLAG_ADVANCED},
 
        {NULL,  P_BOOL,  P_NONE,  NULL,  NULL,  NULL,  0}
 };
@@ -1626,7 +1624,6 @@ static void init_globals(BOOL first_time_only)
        Globals.szWinbindNssInfo = str_list_make("template", NULL);
        Globals.bWinbindRefreshTickets = False;
        Globals.bWinbindOfflineLogon = False;
-       Globals.szWinbindInitgroupsBlacklist = str_list_make("root nobody lp", NULL);
 
        Globals.bPassdbExpandExplicit = False;
 
@@ -1844,7 +1841,6 @@ FN_GLOBAL_BOOL(lp_winbind_refresh_tickets, &Globals.bWinbindRefreshTickets)
 FN_GLOBAL_BOOL(lp_winbind_offline_logon, &Globals.bWinbindOfflineLogon)
 
 FN_GLOBAL_LIST(lp_idmap_backend, &Globals.szIdmapBackend)
-FN_GLOBAL_LIST(lp_winbind_initgroups_blacklist, &Globals.szWinbindInitgroupsBlacklist)
 FN_GLOBAL_BOOL(lp_passdb_expand_explicit, &Globals.bPassdbExpandExplicit)
 
 FN_GLOBAL_STRING(lp_ldap_suffix, &Globals.szLdapSuffix)