git.samba.org / kai / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
I think the problem with these functions is that lookup_usergroups
[kai/samba.git] / source3 / winbindd / winbindd_util.c
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 9008cf8122b5f1f4a4f4105cb100bc1a7214e6df..77b17787c999d7f6032fb71f53e96a18c324e71d 100644 (file)
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -27,7 +27,9 @@
 #define DBGC_CLASS DBGC_WINBIND
 
 extern struct winbindd_methods cache_methods;
-extern struct winbindd_methods passdb_methods;
+extern struct winbindd_methods builtin_passdb_methods;
+extern struct winbindd_methods sam_passdb_methods;
+
 
 /**
  * @file winbindd_util.c
@@ -107,6 +109,8 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
 {
        struct winbindd_domain *domain;
        const char *alternative_name = NULL;
+       char *idmap_config_option;
+       const char *param;
        
        /* ignore alt_name if we are not in an AD domain */
        
@@ -163,15 +167,9 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
         
        ZERO_STRUCTP(domain);
 
-       /* prioritise the short name */
-       if (strchr_m(domain_name, '.') && alternative_name && *alternative_name) {
-               fstrcpy(domain->name, alternative_name);
-               fstrcpy(domain->alt_name, domain_name);
-       } else {
-               fstrcpy(domain->name, domain_name);
-               if (alternative_name) {
-                       fstrcpy(domain->alt_name, alternative_name);
-               }
+       fstrcpy(domain->name, domain_name);
+       if (alternative_name) {
+               fstrcpy(domain->alt_name, alternative_name);
        }
 
        domain->methods = methods;
@@ -185,12 +183,44 @@ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const
        if (sid) {
                sid_copy(&domain->sid, sid);
        }
+
        
        /* Link to domain list */
        DLIST_ADD_END(_domain_list, domain, struct winbindd_domain *);
         
        wcache_tdc_add_domain( domain );
         
+       idmap_config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
+                                             domain->name);
+       if (idmap_config_option == NULL) {
+               DEBUG(0, ("talloc failed, not looking for idmap config\n"));
+               goto done;
+       }
+
+       param = lp_parm_const_string(-1, idmap_config_option, "range", NULL);
+
+       DEBUG(10, ("%s : range = %s\n", idmap_config_option,
+                  param ? param : "not defined"));
+
+       if (param != NULL) {
+               unsigned low_id, high_id;
+               if (sscanf(param, "%u - %u", &low_id, &high_id) != 2) {
+                       DEBUG(1, ("invalid range syntax in %s: %s\n",
+                                 idmap_config_option, param));
+                       goto done;
+               }
+               if (low_id > high_id) {
+                       DEBUG(1, ("invalid range in %s: %s\n",
+                                 idmap_config_option, param));
+                       goto done;
+               }
+               domain->have_idmap_config = true;
+               domain->id_range_low = low_id;
+               domain->id_range_high = high_id;
+       }
+
+done:
+
        DEBUG(2,("Added domain %s %s %s\n", 
                 domain->name, domain->alt_name,
                 &domain->sid?sid_string_dbg(&domain->sid):""));
@@ -695,7 +725,7 @@ bool init_domain_list(void)
 
        /* BUILTIN domain */
 
-       domain = add_trusted_domain("BUILTIN", NULL, &passdb_methods,
+       domain = add_trusted_domain("BUILTIN", NULL, &builtin_passdb_methods,
                                    &global_sid_Builtin);
        if (domain) {
                setup_domain_child(domain,
@@ -705,7 +735,7 @@ bool init_domain_list(void)
        /* Local SAM */
 
        domain = add_trusted_domain(get_global_sam_name(), NULL,
-                                   &passdb_methods, get_global_sam_sid());
+                                   &sam_passdb_methods, get_global_sam_sid());
        if (domain) {
                if ( role != ROLE_DOMAIN_MEMBER ) {
                        domain->primary = True;
@@ -1303,7 +1333,7 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
        status = sid_array_from_info3(mem_ctx, info3,
                                      user_sids,
                                      &num_groups,
-                                     true, true);
+                                     false, true);
 
        if (!NT_STATUS_IS_OK(status)) {
                TALLOC_FREE(info3);
Kai's WIP code