lp_workgroup(), for all other server this is global_myname().
This is the name of the domain for accounts on *this* system, and getting
this wrong caused interesting bugs with 'take ownership' on member servers
and standalone servers at Snap.
(They lookup the username that they got, then convert that to a SID - but
becouse the domain out of the smbpasswd entry was wrong, we would fail the
lookup).
Andrew Bartlett
(This used to be commit
5fc78eba20411f3f5a8ccadfcba5c4ab73180dba)
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
-/*
- * This is set on startup - it defines the SID for this
- * machine, and therefore the SAM database for which it is
- * responsible.
- */
+const char *get_global_sam_name()
+{
+ if ((lp_server_role() == ROLE_DOMAIN_PDC) || (lp_server_role() == ROLE_DOMAIN_BDC)) {
+ return lp_workgroup();
+ }
+ return global_myname();
+}
/************************************************************
Fill the SAM_ACCOUNT with default values.
pdb_set_unix_homedir(sam_account, pwd->pw_dir, PDB_SET);
- pdb_set_domain (sam_account, lp_workgroup(), PDB_DEFAULT);
+ pdb_set_domain (sam_account, get_global_sam_name(), PDB_DEFAULT);
pdb_set_uid(sam_account, pwd->pw_uid, PDB_SET);
pdb_set_gid(sam_account, pwd->pw_gid, PDB_SET);
ldap_state->uri = "ldap://localhost";
}
- ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, lp_workgroup());
+ ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, get_global_sam_name());
if (!ldap_state->domain_name) {
return NT_STATUS_NO_MEMORY;
}
*/
pdb_set_group_sid_from_rid (sam_pass, DOMAIN_GROUP_RID_USERS, PDB_SET);
pdb_set_username (sam_pass, pw_buf->smb_name, PDB_SET);
- pdb_set_domain (sam_pass, lp_workgroup(), PDB_DEFAULT);
+ pdb_set_domain (sam_pass, get_global_sam_name(), PDB_DEFAULT);
} else {
DEBUG(0,("build_sam_account: smbpasswd database is corrupt! username %s with uid %u is not in unix passwd database!\n", pw_buf->smb_name, pw_buf->smb_userid));
switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
- name = lp_workgroup();
+ name = get_global_sam_name();
sid = get_global_sam_sid();
break;
case ROLE_DOMAIN_MEMBER:
return NT_STATUS_ACCESS_DENIED;
/* Request PolicyAccountDomainInformation. */
- switch (lp_server_role()) {
- case ROLE_DOMAIN_PDC:
- case ROLE_DOMAIN_BDC:
- name = lp_workgroup();
- sid = get_global_sam_sid();
- break;
- case ROLE_DOMAIN_MEMBER:
- name = global_myname();
- sid = get_global_sam_sid();
- break;
- case ROLE_STANDALONE:
- name = global_myname();
- sid = get_global_sam_sid();
- break;
- default:
- return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
- }
+ name = get_global_sam_name();
+ sid = get_global_sam_sid();
init_dom_query(&r_u->dom.id5, name, sid);
break;
case 0x06:
switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
- nb_name = lp_workgroup();
+ nb_name = get_global_sam_name();
/* ugly temp hack for these next two */
/* This should be a 'netbios domain -> DNS domain' mapping */
return r_u->status;
}
- switch (lp_server_role()) {
- case ROLE_DOMAIN_PDC:
- case ROLE_DOMAIN_BDC:
- name = lp_workgroup();
- break;
- default:
- name = global_myname();
- }
+ name = get_global_sam_name();
fstrcpy(dom[0],name);
strupper(dom[0]);