thr3ads.net - samba - No subject [Dec 2003]

If this information is useful, please help other people find it:
Share via:
bogus@does.not.exist.com
2003-Dec-01 12:27 UTC
No subject

winbind primary group = 213478
winbind force primary = no		// this is the default, but I just
wanted to be explicit


Stephen A Jazdzewski
Steve@Jazd.com

 <<samba-2.2.4-forceprimarygrouprid.patch>> 


------_=_NextPart_000_01C1FC4A.A7164AC0
Content-Type: application/octet-stream;
	name="samba-2.2.4-forceprimarygrouprid.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="samba-2.2.4-forceprimarygrouprid.patch"

--- samba-2.2.4/source/include/proto.h	Wed May 15 12:08:38 2002=0A+++
samba-2.2.4/source/include/proto.h.forceprimarygrouprid	Wed May 15 12:07:45
2002=0A@@ -2140,6 +2140,8 @@=0A int lp_write_cache_size(int );=0A char
lp_magicchar(int );=0A int lp_winbind_cache_time(void);=0A+int
lp_winbind_primary_group(void);=0A+BOOL lp_winbind_force_primary(void);=0A BOOL
lp_hide_local_users(void);=0A BOOL lp_add_home(char *pszHomename, int
iDefaultService, char *pszHomedir);=0A int lp_add_service(char *pszService, int
iDefaultService);=0A--- samba-2.2.4/source/nsswitch/winbindd_rpc.c	Wed May 15
12:08:51 2002=0A+++
samba-2.2.4/source/nsswitch/winbindd_rpc.c.forceprimarygrouprid	Wed May 15
12:08:04 2002=0A@@ -37,6 +37,9 @@=0A 	BOOL got_dom_pol =3D False;=0A 	uint32
des_access =3D SEC_RIGHTS_MAXIMUM_ALLOWED;=0A 	int i;=0A+	uint32 num_groups,
k;=0A+	uint32 *user_gids;=0A+	NTSTATUS status;=0A =0A 	*num_entries =3D 0;=0A 
*info =3D NULL;=0A@@ -95,14 +98,35 @@=0A 			(*info)[i].acct_name =3D
unistr2_tdup(mem_ctx, &info1.str[j].uni_acct_name);=0A 		
(*info)[i].full_name =3D unistr2_tdup(mem_ctx,
&info1.str[j].uni_full_name);=0A 			(*info)[i].user_rid =3D
info1.sam[j].rid_user;=0A-			/* For the moment we set the primary group for=0A-	
every user to be the Domain Users group.=0A-			   There are serious problems
with determining=0A+			/* There are serious problems with determining=0A 			  
the actual primary group for large domains.=0A-			   This should really be made
into a 'winbind=0A-			   force group' smb.conf parameter or=0A-			  
something like that. */=0A+			   'winbind primary group' smb.conf
parameter=0A+			   defaults to 0. */=0A 			(*info)[i].group_rid =3D
DOMAIN_GROUP_RID_USERS;=0A+=0A+			/* Check for primary group rid */=0A+			if
(lp_winbind_primary_group()) {=0A+=0A+				/* Check for forced primary group
*/=0A+				if (!lp_winbind_force_primary()) {=0A+			    =0A+					/* only set
primary group to primary_group if member */=0A+					status =3D
domain->methods->lookup_usergroups(domain, mem_ctx, (*info)[i].user_rid,
&num_groups, &user_gids);=0A+					if (NT_STATUS_IS_OK(status)) {=0A+=0A+
/* loop through group list */=0A+						for (k =3D 0; k < num_groups; k++)
{=0A+							DEBUG(3,("%d is member of %d\n", (*info)[i].user_rid,
user_gids[k]));=0A+							if (user_gids[k] =3D=3D lp_winbind_primary_group())
{=0A+								(*info)[i].group_rid =3D lp_winbind_primary_group();=0A+							
break;=0A+							}=0A+						}=0A+					} else=0A+						DEBUG(1,("failed to
lookup_usergroups for %d\n",(*info)[i].user_rid));=0A+				} else /* force
primary group */=0A+					(*info)[i].group_rid =3D
lp_winbind_primary_group();=0A+			}=0A 		}=0A =0A 		talloc_destroy(ctx2);=0A@@
-263,10 +287,12 @@=0A 			   WINBIND_USERINFO *user_info)=0A {=0A 	CLI_POLICY_HND
*hnd;=0A-	NTSTATUS result;=0A+	NTSTATUS result, status;=0A 	POLICY_HND dom_pol,
user_pol;=0A 	BOOL got_dom_pol =3D False, got_user_pol =3D False;=0A 
SAM_USERINFO_CTR *ctr;=0A+	uint32 num_groups, i;=0A+	uint32 *user_gids;=0A =0A 
/* Get sam handle */=0A 	if (!(hnd =3D cm_get_sam_handle(domain->name)))=0A@@
-300,6 +326,34 @@=0A 	got_user_pol =3D False;=0A =0A 	user_info->group_rid
=3D ctr->info.id21->group_rid;=0A+=0A+	/* Check for primary group rid
*/=0A+	if (lp_winbind_primary_group()) {=0A+=0A+		/* Check for forced primary
group */=0A+		if (!lp_winbind_force_primary()) {=0A+=0A+			/* only set primary
group to primary_group if member */=0A+			status =3D
domain->methods->lookup_usergroups(domain, mem_ctx, user_rid,
&num_groups, &user_gids);=0A+			if (NT_STATUS_IS_OK(status)) {=0A+=0A+		
/* loop through group list */=0A+				for (i =3D 0; i < num_groups; i++) {=0A+
DEBUG(3,("%d is member of %d\n", user_rid, user_gids[i]));=0A+=0A+				
if (user_gids[i] =3D=3D lp_winbind_primary_group()) {=0A+					
user_info->group_rid =3D lp_winbind_primary_group();=0A+						break;=0A+				
}=0A+				}=0A+			} else=0A+				DEBUG(1,("failed to lookup_usergroups for
%d\n",user_rid));=0A+		} else /* force primary group */=0A+		
user_info->group_rid =3D lp_winbind_primary_group();=0A+	}=0A+=0A+
DEBUG(1,("set user %d primary group to %d\n", user_rid,
user_info->group_rid));=0A+=0A 	user_info->acct_name =3D
unistr2_tdup(mem_ctx, =0A 					    &ctr->info.id21->uni_user_name);=0A
user_info->full_name =3D unistr2_tdup(mem_ctx, =0A---
samba-2.2.4/source/param/loadparm.c	Wed May 15 12:09:02 2002=0A+++
samba-2.2.4/source/param/loadparm.c.forceprimarygrouprid	Wed May 15 12:08:14
2002=0A@@ -210,6 +210,8 @@=0A 	int min_passwd_length;=0A 	int
oplock_break_wait_time;=0A 	int winbind_cache_time;=0A+	int
winbind_primary_group;=0A+	BOOL bWinbindForcePrimary;=0A 	int iLockSpinCount;=0A
int iLockSpinTime;=0A #ifdef WITH_LDAP_SAM=0A@@ -1098,6 +1100,8 @@=0A 
{"winbind enum users", P_BOOL, P_GLOBAL,
&Globals.bWinbindEnumUsers, NULL, NULL, 0},=0A 	{"winbind enum
groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL,
0},=0A 	{"winbind use default domain", P_BOOL, P_GLOBAL,
&Globals.bWinbindUseDefaultDomain, NULL, NULL, 0},=0A+	{"winbind
primary group", P_INTEGER, P_GLOBAL, &Globals.winbind_primary_group,
NULL, NULL, 0},=0A+	{"winbind force primary", P_BOOL, P_GLOBAL,
&Globals.bWinbindForcePrimary, NULL, NULL, 0},=0A =0A 	{NULL, P_BOOL,
P_NONE, NULL, NULL, NULL, 0}=0A };=0A@@ -1427,6 +1431,8 @@=0A 
string_set(&Globals.szTemplateHomedir, "/home/%D/%U");=0A 
string_set(&Globals.szWinbindSeparator, "\\");=0A 
Globals.winbind_cache_time =3D 15;=0A+	Globals.winbind_primary_group =3D 0;  /*
use primary group from domain */=0A+	Globals.bWinbindForcePrimary =3D False; /*
True to force membership to primary_group */=0A =0A 	Globals.bWinbindEnumUsers
=3D True;=0A 	Globals.bWinbindEnumGroups =3D True;=0A@@ -1787,6 +1793,8 @@=0A
FN_LOCAL_INTEGER(lp_write_cache_size, iWriteCacheSize)=0A
FN_LOCAL_CHAR(lp_magicchar, magic_char)=0A
FN_GLOBAL_INTEGER(lp_winbind_cache_time,
&Globals.winbind_cache_time)=0A+FN_GLOBAL_INTEGER(lp_winbind_primary_group,
&Globals.winbind_primary_group)=0A+FN_GLOBAL_BOOL(lp_winbind_force_primary,
&Globals.bWinbindForcePrimary)=0A FN_GLOBAL_BOOL(lp_hide_local_users,
&Globals.bHideLocalUsers)=0A =0A /* local prototypes */=0A
------_=_NextPart_000_01C1FC4A.A7164AC0--
Seemingly Similar Threads

Search for more apparently analagous threads
samba - Dec 2003 - No subject

No subject

Seemingly Similar Threads

Wisdom of the Ancients
