s3-passdb: Allow pdb_sid_to_id to work on any SID

This is needed so that pdb_samba4 can map any SID during a provision.

At runtime, winbindd will be asked first, but this shortcut direct to the
ldb file makes it possible to set the permissions on the sysvol share at
provision time.

Andrew Bartlett

diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index a2d793feb32157eb4939a76ac337b134cca78e66..26ce41cc09e21958f4b2706250a781a17164f37d 100644 (file)
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1084,20 +1084,16 @@ static void legacy_gid_to_sid(struct dom_sid *psid, gid_t gid)
 static bool legacy_sid_to_unixid(const struct dom_sid *psid, struct unixid *id)
 {
        GROUP_MAP *map;
-       if (sid_check_is_in_our_sam(psid)) {
-               bool ret;
-
-               become_root();
-               ret = pdb_sid_to_id(psid, id);
-               unbecome_root();
-
-               if (ret) {
-                       goto done;
-               }
-
-               /* This was ours, but it was not mapped.  Fail */
+       bool ret;
+       
+       become_root();
+       ret = pdb_sid_to_id(psid, id);
+       unbecome_root();
+       
+       if (ret) {
+               goto done;
        }
-
+       
        if ((sid_check_is_in_builtin(psid) ||
             sid_check_is_in_wellknown_domain(psid))) {
                bool ret;

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index cdbb378e947970e4e9b0b69c24720ef20d0cc6cd..d24301ab97c9013086c54390d020279467e6cb4b 100644 (file)
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1429,6 +1429,11 @@ static bool pdb_default_sid_to_id(struct pdb_methods *methods,
        uint32_t rid;
        id->id = -1;
 
+       if (!sid_check_is_in_our_sam(sid)) {
+               /* Not our SID */
+               return False;
+       }
+
        mem_ctx = talloc_new(NULL);
 
        if (mem_ctx == NULL) {

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 9b4d8a6a4dd8d977361bb1a8c153dd72aeefe889..ffd57431cec39d95c74077355198142a6cb01687 100644 (file)
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -4938,6 +4938,11 @@ static bool ldapsam_sid_to_id(struct pdb_methods *methods,
 
        TALLOC_CTX *mem_ctx;
 
+       if (!sid_check_is_in_our_sam(sid)) {
+               /* Not our SID */
+               return False;
+       }
+
        mem_ctx = talloc_new(NULL);
        if (mem_ctx == NULL) {
                DEBUG(0, ("talloc_new failed\n"));