diff options
| -rw-r--r-- | source3/winbindd/idmap_hash/idmap_hash.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/source3/winbindd/idmap_hash/idmap_hash.c b/source3/winbindd/idmap_hash/idmap_hash.c index a3430350625..e9d90e3d02b 100644 --- a/source3/winbindd/idmap_hash/idmap_hash.c +++ b/source3/winbindd/idmap_hash/idmap_hash.c @@ -295,12 +295,11 @@ static NTSTATUS idmap_hash_sid_to_id(struct sid_hash_table *hashed_domains, */ if (netsamlogon_cache_have(&sid)) { /* - * We keep the legacy behavior and - * just return the mapping, but - * the reverse mapping would not - * still not work. + * The domain is valid, so we'll + * remember it in order to + * allow reverse mappings to work. */ - goto return_mapping; + goto remember_domain; } if (id->xid.type == ID_TYPE_NOT_SPECIFIED) { @@ -323,6 +322,17 @@ static NTSTATUS idmap_hash_sid_to_id(struct sid_hash_table *hashed_domains, } /* + * Now we're sure the domain exist, remember + * the domain in order to return reverse mappings + * in future. + */ +remember_domain: + hashed_domains[h_domain].sid = dom_sid_dup(hashed_domains, &sid); + if (hashed_domains[h_domain].sid == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* * idmap_hash used to bounce back the requested type, * which was ID_TYPE_UID, ID_TYPE_GID or * ID_TYPE_NOT_SPECIFIED before as the winbindd parent |