if (ids[i].type != ID_TYPE_GID &&
ids[i].type != ID_TYPE_BOTH) {
+ struct dom_sid_buf buf;
DEBUG(10, ("Could not convert SID %s to gid, "
"ignoring it\n",
- sid_string_dbg(&t->sids[i])));
+ dom_sid_str_buf(&t->sids[i], &buf)));
continue;
}
if (!add_gid_to_array_unique(session_info->unix_token,
ids[i].type != ID_TYPE_BOTH) {
struct security_token *nt_token =
session_info->security_token;
+ struct dom_sid_buf buf;
DEBUG(10, ("Could not convert SID %s to gid, "
"ignoring it\n",
- sid_string_dbg(&nt_token->sids[i])));
+ dom_sid_str_buf(&nt_token->sids[i], &buf)));
continue;
}
NTSTATUS status;
struct dom_sid new_sid;
uint32_t attributes = rg->groups.rids[i].attributes;
+ struct dom_sid_buf buf;
sid_compose(&new_sid,
rg->domain_sid,
rg->groups.rids[i].rid);
DEBUG(10, ("Adding SID %s to extra SIDS\n",
- sid_string_dbg(&new_sid)));
+ dom_sid_str_buf(&new_sid, &buf)));
status = append_netr_SidAttr(info3, &info3->sids,
&info3->sidcount,
attributes);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("failed to append SID %s to extra SIDS: %s\n",
- sid_string_dbg(&new_sid),
+ dom_sid_str_buf(&new_sid, &buf),
nt_errstr(status)));
return status;
}
struct dom_sid *domain_sid,
struct extra_auth_info *extra)
{
+ struct dom_sid_buf buf;
+
if (sid_check_is_in_unix_users(user_sid)) {
/* in info3 you can only set rids for the user and the
* primary group, and the domain sid must be that of
DEBUG(10, ("Unix User found. Rid marked as "
"special and sid (%s) saved as extra sid\n",
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf)));
} else {
sid_copy(domain_sid, user_sid);
sid_split_rid(domain_sid, &info3->base.rid);
DEBUG(10, ("Unix Group found. Rid marked as "
"special and sid (%s) saved as extra sid\n",
- sid_string_dbg(group_sid)));
+ dom_sid_str_buf(group_sid, &buf)));
} else {
bool ok = sid_peek_check_rid(domain_sid, group_sid,
&info3->base.primary_gid);
if (!ok) {
+ struct dom_sid_buf buf2, buf3;
DEBUG(1, ("The primary group domain sid(%s) does not "
"match the domain sid(%s) for %s(%s)\n",
- sid_string_dbg(group_sid),
- sid_string_dbg(domain_sid),
+ dom_sid_str_buf(group_sid, &buf),
+ dom_sid_str_buf(domain_sid, &buf2),
username,
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf3)));
return NT_STATUS_INVALID_SID;
}
}
ok = sid_peek_check_rid(&domain_sid, &group_sid,
&info3->base.primary_gid);
if (!ok) {
+ struct dom_sid_buf buf1, buf2, buf3;
+
DEBUG(1, ("The primary group domain sid(%s) does not "
"match the domain sid(%s) for %s(%s)\n",
- sid_string_dbg(&group_sid),
- sid_string_dbg(&domain_sid),
+ dom_sid_str_buf(&group_sid, &buf1),
+ dom_sid_str_buf(&domain_sid, &buf2),
unix_username,
- sid_string_dbg(&user_sid)));
+ dom_sid_str_buf(&user_sid, &buf3)));
status = NT_STATUS_INVALID_SID;
goto done;
}
int i;
NTSTATUS status;
uint32_t session_info_flags = 0;
+ struct dom_sid_buf buf;
DEBUG(10, ("Create local NT token for %s\n",
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf)));
if (!(result = talloc_zero(mem_ctx, struct security_token))) {
DEBUG(0, ("talloc failed\n"));
pass = getpwuid_alloc(tmp_ctx, uid);
if (pass == NULL) {
+ struct dom_sid_buf buf;
DEBUG(1, ("SID %s -> getpwuid(%u) failed\n",
- sid_string_dbg(&result->sids[0]),
+ dom_sid_str_buf(&result->sids[0], &buf),
(unsigned int)uid));
}
}
uint32_t i;
uint32_t high, low;
bool range_ok;
+ struct dom_sid_buf buf;
if (sid_check_is_in_our_sam(user_sid)) {
bool ret;
if (!ret) {
DEBUG(1, ("pdb_getsampwsid(%s) failed\n",
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf)));
DEBUGADD(1, ("Fall back to unix user\n"));
goto unix_user;
}
&pdb_num_group_sids);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(1, ("enum_group_memberships failed for %s: "
- "%s\n", sid_string_dbg(user_sid),
+ "%s\n",
+ dom_sid_str_buf(user_sid, &buf),
nt_errstr(result)));
DEBUGADD(1, ("Fall back to unix uid lookup\n"));
goto unix_user;
if (!sid_to_uid(user_sid, uid)) {
DEBUG(1, ("unix_user case, sid_to_uid for %s failed\n",
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf)));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
/* We must always assign the *uid. */
if (!sid_to_uid(user_sid, uid)) {
DEBUG(1, ("winbindd case, sid_to_uid for %s failed\n",
- sid_string_dbg(user_sid)));
+ dom_sid_str_buf(user_sid, &buf)));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
if (!sid_to_gid(&group_sids[0], &gids[0])) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
- sid_string_dbg(&group_sids[0])));
+ dom_sid_str_buf(&group_sids[0], &buf)));
goto done;
}