* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,
home, shell and gecos info from NT4 domain.
This commit is contained in:
parent
bf8f43ae8a
commit
638dd243f2
|
@ -1,3 +1,8 @@
|
||||||
|
2015-01-21 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
|
* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,
|
||||||
|
home, shell and gecos info from NT4 domain.
|
||||||
|
|
||||||
2015-01-21 Corinna Vinschen <corinna@vinschen.de>
|
2015-01-21 Corinna Vinschen <corinna@vinschen.de>
|
||||||
|
|
||||||
* sec_auth.cc (get_logon_server): Constify domain parameter.
|
* sec_auth.cc (get_logon_server): Constify domain parameter.
|
||||||
|
|
|
@ -2077,32 +2077,62 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
|
||||||
|
|
||||||
if (is_domain_account)
|
if (is_domain_account)
|
||||||
{
|
{
|
||||||
/* Use LDAP to fetch domain account infos. */
|
/* On AD machines, use LDAP to fetch domain account infos. */
|
||||||
if (cldap->open (NULL) != NO_ERROR)
|
if (cygheap->dom.primary_dns_name ())
|
||||||
break;
|
|
||||||
if (cldap->fetch_ad_account (sid, is_group (), domain))
|
|
||||||
{
|
{
|
||||||
if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
|
if (cldap->open (NULL) != NO_ERROR)
|
||||||
gid = posix_offset + id_val;
|
break;
|
||||||
if (!is_group ())
|
if (cldap->fetch_ad_account (sid, is_group (), domain))
|
||||||
{
|
{
|
||||||
home = cygheap->pg.get_home (cldap, sid, dom, name,
|
if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
|
||||||
fully_qualified_name);
|
gid = posix_offset + id_val;
|
||||||
shell = cygheap->pg.get_shell (cldap, sid, dom, name,
|
if (!is_group ())
|
||||||
fully_qualified_name);
|
{
|
||||||
gecos = cygheap->pg.get_gecos (cldap, sid, dom, name,
|
home = cygheap->pg.get_home (cldap, sid, dom, name,
|
||||||
fully_qualified_name);
|
fully_qualified_name);
|
||||||
|
shell = cygheap->pg.get_shell (cldap, sid, dom, name,
|
||||||
|
fully_qualified_name);
|
||||||
|
gecos = cygheap->pg.get_gecos (cldap, sid, dom, name,
|
||||||
|
fully_qualified_name);
|
||||||
|
}
|
||||||
|
/* Check and, if necessary, add unix<->windows id mapping
|
||||||
|
on the fly, unless we're called from getpwent. */
|
||||||
|
if (!pldap)
|
||||||
|
{
|
||||||
|
id_val = cldap->get_unix_uid ();
|
||||||
|
if (id_val != ILLEGAL_UID
|
||||||
|
&& cygheap->ugid_cache.get_uid (id_val)
|
||||||
|
== ILLEGAL_UID)
|
||||||
|
cygheap->ugid_cache.add_uid (id_val, uid);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/* Check and, if necessary, add unix<->windows id mapping on
|
}
|
||||||
the fly, unless we're called from getpwent. */
|
/* If primary_dns_name() is empty, we're likely running under an
|
||||||
if (!pldap)
|
NT4 domain, so we can't use LDAP. For user accounts fall back
|
||||||
|
to NetUserGetInfo. This isn't overly fast, but keep in mind
|
||||||
|
that NT4 domains are mostly replaced by AD these days. */
|
||||||
|
else if (!is_group () && acc_type == SidTypeUser)
|
||||||
|
{
|
||||||
|
WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 3];
|
||||||
|
NET_API_STATUS nas;
|
||||||
|
PUSER_INFO_3 ui;
|
||||||
|
|
||||||
|
if (!get_logon_server (cygheap->dom.primary_flat_name (),
|
||||||
|
server, DS_IS_FLAT_NAME))
|
||||||
|
break;
|
||||||
|
nas = NetUserGetInfo (server, name, 3, (PBYTE *) &ui);
|
||||||
|
if (nas != NERR_Success)
|
||||||
{
|
{
|
||||||
id_val = cldap->get_unix_uid ();
|
debug_printf ("NetUserGetInfo(%W) %u", name, nas);
|
||||||
if (id_val != ILLEGAL_UID
|
break;
|
||||||
&& cygheap->ugid_cache.get_uid (id_val)
|
|
||||||
== ILLEGAL_UID)
|
|
||||||
cygheap->ugid_cache.add_uid (id_val, uid);
|
|
||||||
}
|
}
|
||||||
|
gid = posix_offset + ui->usri3_primary_group_id;
|
||||||
|
home = cygheap->pg.get_home (ui, sid, dom, name,
|
||||||
|
fully_qualified_name);
|
||||||
|
shell = cygheap->pg.get_shell (ui, sid, dom, name,
|
||||||
|
fully_qualified_name);
|
||||||
|
gecos = cygheap->pg.get_gecos (ui, sid, dom, name,
|
||||||
|
fully_qualified_name);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* Otherwise check account domain (local SAM).*/
|
/* Otherwise check account domain (local SAM).*/
|
||||||
|
|
Loading…
Reference in New Issue