auth3: call is_trusted_domain() as the last condition make_user_info_map()

We should avoid contacting winbind if we already know the domain is our local sam or our primary domain. BUG: https://bugzilla.samba.org/show_bug.cgi?id=8630 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Stefan Metzmacher <metze@samba.org> 2017-03-16 15:09:26 +0100
committer: Andrew Bartlett <abartlet@samba.org> 2017-06-16 03:21:29 +0200
commit: a4839defc2000d4d18e1f5d479e4e2048c4fab0a (patch)
tree: 8ed3ebeb1caf11d0201294c6e048e494a21c612f /source3/auth
parent: 2a92cc196285fa20878cce9dda6ebf9761582f1c (diff)
download: samba-a4839defc2000d4d18e1f5d479e4e2048c4fab0a.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index ffd60e0b467..ec597e8884f 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -134,9 +134,11 @@ NTSTATUS make_user_info_map(TALLOC_CTX *mem_ctx,
 	 * non-domain member box will also map to WORKSTATION\user.
 	 * This also deals with the client passing in a "" domain */
 
-	if (!upn_form && !is_trusted_domain(domain) &&
+	if (!upn_form &&
 	    !strequal(domain, my_sam_name()) &&
-	    !strequal(domain, get_global_sam_name())) {
+	    !strequal(domain, get_global_sam_name()) &&
+	    !is_trusted_domain(domain))
+	{
 		if (lp_map_untrusted_to_domain())
 			domain = my_sam_name();
 		else
author	Stefan Metzmacher <metze@samba.org>	2017-03-16 15:09:26 +0100
committer	Andrew Bartlett <abartlet@samba.org>	2017-06-16 03:21:29 +0200
commit	a4839defc2000d4d18e1f5d479e4e2048c4fab0a (patch)
tree	8ed3ebeb1caf11d0201294c6e048e494a21c612f /source3/auth
parent	2a92cc196285fa20878cce9dda6ebf9761582f1c (diff)
download	samba-a4839defc2000d4d18e1f5d479e4e2048c4fab0a.tar.gz