This is needed so that pdb_samba4 can map any SID during a provision.
At runtime, winbindd will be asked first, but this shortcut direct to the
ldb file makes it possible to set the permissions on the sysvol share at
provision time.
Andrew Bartlett
static bool legacy_sid_to_unixid(const struct dom_sid *psid, struct unixid *id)
{
GROUP_MAP *map;
- if (sid_check_is_in_our_sam(psid)) {
- bool ret;
-
- become_root();
- ret = pdb_sid_to_id(psid, id);
- unbecome_root();
-
- if (ret) {
- goto done;
- }
-
- /* This was ours, but it was not mapped. Fail */
+ bool ret;
+
+ become_root();
+ ret = pdb_sid_to_id(psid, id);
+ unbecome_root();
+
+ if (ret) {
+ goto done;
}
-
+
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
bool ret;
uint32_t rid;
id->id = -1;
+ if (!sid_check_is_in_our_sam(sid)) {
+ /* Not our SID */
+ return False;
+ }
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
TALLOC_CTX *mem_ctx;
+ if (!sid_check_is_in_our_sam(sid)) {
+ /* Not our SID */
+ return False;
+ }
+
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
DEBUG(0, ("talloc_new failed\n"));