Commit 03a91bf0 authored by Christof Schmitt's avatar Christof Schmitt Committed by Karolin Seeger

winbind: Use domain name from lsa query for sid_to_name cache entry

When winbindd is asked to map a name like realm.com\name to a SID ,that
is sucessfully resolved through the lsa lookup name call. The same call
also returns the short domain name (netbios name of the domain). Use
that short domain name for the sid_to_name cache entry, so that
subsequent sid_to_name queries return the expected netbiosname\name
result and not realm.com\name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831Signed-off-by: 's avatarChristof Schmitt <cs@samba.org>
Reviewed-by: 's avatarVolker Lendecke <vl@samba.org>
(cherry picked from commit aec9bda25f10ca2710d91fb680cca7904e92f9de)

Autobuild-User(v4-9-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-9-test): Wed May 15 14:18:45 UTC 2019 on sn-devel-144
parent b3876c30
...@@ -346,4 +346,3 @@ ...@@ -346,4 +346,3 @@
# Disabling NTLM means you can't use samr to change the password # Disabling NTLM means you can't use samr to change the password
^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\) ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\) ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
^samba3.wbinfo_name_lookup.Verify DOMAIN/USER output\(ad_member\)
...@@ -1792,6 +1792,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain, ...@@ -1792,6 +1792,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
{ {
NTSTATUS status; NTSTATUS status;
bool old_status; bool old_status;
const char *dom_name;
old_status = domain->online; old_status = domain->online;
...@@ -1818,7 +1819,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain, ...@@ -1818,7 +1819,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
winbindd_domain_init_backend(domain); winbindd_domain_init_backend(domain);
status = domain->backend->name_to_sid(domain, mem_ctx, domain_name, status = domain->backend->name_to_sid(domain, mem_ctx, domain_name,
name, flags, NULL, sid, type); name, flags, &dom_name, sid, type);
if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT) || if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT) ||
NT_STATUS_EQUAL(status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) { NT_STATUS_EQUAL(status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
...@@ -1853,7 +1854,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain, ...@@ -1853,7 +1854,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
} }
(void)strlower_m(discard_const_p(char, name)); (void)strlower_m(discard_const_p(char, name));
wcache_save_sid_to_name(domain, status, sid, wcache_save_sid_to_name(domain, status, sid,
domain_name, name, save_type); dom_name, name, save_type);
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment