diff options
author | Stefan Metzmacher <metze@samba.org> | 2009-02-11 11:47:41 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2009-02-16 09:57:03 +0100 |
commit | 249738a5c45a970477358761983e20f2d1a8e794 (patch) | |
tree | d0007e1ba08573df6f0003538d2a9fab0dee2b67 /source | |
parent | 7c0bfe55146bdded09db837fa37766edba4ae7d9 (diff) | |
download | samba-249738a5c45a970477358761983e20f2d1a8e794.tar.gz |
s3:auth: only create_local_token() should add S-1-22-X-Y sids
metze
(cherry picked from commit e7f7ed8bf6281ef01aca53ea44acdd4af4c51aa7)
(cherry picked from commit cc1c764effd07bb124b5b5cf03fb5a4565c8ed36)
Diffstat (limited to 'source')
-rw-r--r-- | source/auth/auth_util.c | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 7fc23c869fc..b84c1688d83 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -555,9 +555,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, struct passwd *pwd; gid_t *gids; auth_serversupplied_info *result; - int i; - size_t num_gids; - DOM_SID unix_group_sid; const char *username = pdb_get_username(sampass); NTSTATUS status; @@ -629,30 +626,6 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info, } } - /* Add the "Unix Group" SID for each gid to catch mapped groups - and their Unix equivalent. This is to solve the backwards - compatibility problem of 'valid users = +ntadmin' where - ntadmin has been paired with "Domain Admins" in the group - mapping table. Otherwise smb.conf would need to be changed - to 'valid user = "Domain Admins"'. --jerry */ - - num_gids = result->num_sids; - for ( i=0; i<num_gids; i++ ) { - if ( !gid_to_unix_groups_sid( gids[i], &unix_group_sid ) ) { - DEBUG(1,("make_server_info_sam: Failed to create SID " - "for gid %d!\n", gids[i])); - continue; - } - status = add_sid_to_array_unique(result, &unix_group_sid, - &result->sids, - &result->num_sids); - if (!NT_STATUS_IS_OK(status)) { - result->sam_account = NULL; /* Don't free on error exit. */ - TALLOC_FREE(result); - return status; - } - } - /* For now we throw away the gids and convert via sid_to_gid * later. This needs fixing, but I'd like to get the code straight and * simple first. */ |