From: Gerald Carter Date: Wed, 15 Mar 2006 17:40:28 +0000 (+0000) Subject: r14457: Add a few more special cases for RID 513 in the samr code. X-Git-Tag: samba-4.0.0alpha6~801^2~8758 X-Git-Url: http://git.samba.org/samba.git/?a=commitdiff_plain;h=41a0da4cfc3e0bb37b81ea22fc2eb15aa89298e1;p=gd%2Fsamba-autobuild%2F.git r14457: Add a few more special cases for RID 513 in the samr code. Now that I know what all the requirements for this group are I can generalize the code some more and make it cleaner. But at least this is working with lusrmgr.msc on XP and 2k now. (This used to be commit d2c1842978cd50485849bfc4fb6d94767d96cab0) --- diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 04471f9d433..830584979b5 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -814,8 +814,24 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) ret = pdb_getgrsid(map, sid); unbecome_root(); - if ( !ret ) + /* special case check for rid 513 */ + + if ( !ret ) { + uint32 rid; + + sid_peek_rid( &sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + fstrcpy( map->nt_name, "None" ); + fstrcpy( map->comment, "Ordinary Users" ); + sid_copy( &map->sid, &sid ); + map->sid_name_use = SID_NAME_DOM_GRP; + + return True; + } + return False; + } DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n")); diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index d795888180f..876f04bdfe7 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -548,6 +548,18 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid, { GROUP_MAP map; BOOL ret; + + /* Windows treats "MACHINE\None" as a special name for + rid 513 on non-DCs. You cannot create a user or group + name "None" on Windows. You will get an error that + the group already exists. */ + + if ( strequal( user, "None" ) ) { + *rid = DOMAIN_GROUP_RID_USERS; + *type = SID_NAME_DOM_GRP; + + return True; + } /* LOOKUP_NAME_GROUP is a hack to allow valid users = @foo to work * correctly in the case where foo also exists as a user. If the flag diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 4061e7b5db9..82890fee2dc 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -734,13 +734,31 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx, size_t *p_num_members) { struct pdb_methods *pdb = pdb_get_methods(); + NTSTATUS result; if ( !pdb ) { return NT_STATUS_UNSUCCESSFUL; } - return pdb->enum_group_members(pdb, mem_ctx, sid, - pp_member_rids, p_num_members); + result = pdb->enum_group_members(pdb, mem_ctx, + sid, pp_member_rids, p_num_members); + + /* special check for rid 513 */ + + if ( !NT_STATUS_IS_OK( result ) ) { + uint32 rid; + + sid_peek_rid( sid, &rid ); + + if ( rid == DOMAIN_GROUP_RID_USERS ) { + *p_num_members = 0; + *pp_member_rids = NULL; + + return NT_STATUS_OK; + } + } + + return result; } NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,