r13511: Fix bug in the samr dispinfo enumeration code.

Make sure to associate the DOMAIN dispinfo cache
with a User/Group SAMR handle (not the SID of the user or group).
Ensure that enumeration after deleting a user works.
(This used to be commit 7967f89caa17ea93cb7e9d8695f1904ccb9a2864)

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 133178bd0dffb048fedeaab43b24d1b6e41c8e58..bc73c9ef875ccc3878073ed208b10652365c0ce7 100644 (file)
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -252,6 +252,17 @@ static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid, const char *sid_str)
        TALLOC_CTX *mem_ctx;
        DISP_INFO *dpi;
 
+       /* There are two cases to consider here:
+          1) The SID is a domain SID and we look for an equality match, or
+          2) This is an account SID and so we return the DISP_INFO* for our 
+             domain */
+
+       if ( psid && sid_check_is_in_our_domain( psid ) ) {
+               DEBUG(10,("get_samr_dispinfo_by_sid: Replacing %s with our domain SID\n",
+                       sid_str));
+               psid = get_global_sam_sid();
+       }
+
        for (dpi = disp_info_list; dpi; dpi = dpi->next) {
                if (sid_equal(psid, &dpi->sid)) {
                        return dpi;