diff options
author | Stefan Metzmacher <metze@samba.org> | 2023-02-17 16:51:42 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-03-30 15:10:10 +0000 |
commit | edc8659b5055e3b8adec83417846a76147ee1408 (patch) | |
tree | d6de4bcf6c5ba5028f5cad7e838329a489554731 | |
parent | 148d5ad7698d154731dfa092b0c6314c71f38086 (diff) | |
download | samba-edc8659b5055e3b8adec83417846a76147ee1408.tar.gz |
idmap_autorid: fix ID_REQUIRE_TYPE for more than one SID for an unknown domain
When we see a trusted domain SID for the first time,
idmap_autorid returns ID_REQUIRE_TYPE only for the first sid
and leaves the others with ID_TYPE_NOT_SPECIFIED.
It means the winbindd parent only retries the first sid.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15318
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit a9583b5f96fe3fbf9c1ee545fa868fd705aef3e0)
-rw-r--r-- | source3/winbindd/idmap_autorid.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index c7d56a37684..bf5947a9b43 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -697,9 +697,10 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, { struct idmap_tdb_common_context *commoncfg; NTSTATUS ret; - int i; - int num_tomap = 0; - int num_mapped = 0; + size_t i; + size_t num_tomap = 0; + size_t num_mapped = 0; + size_t num_required = 0; /* initialize the status to avoid surprise */ for (i = 0; ids[i]; i++) { @@ -713,6 +714,12 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, for (i = 0; ids[i]; i++) { ret = idmap_autorid_sid_to_id(commoncfg, dom, ids[i]); + if (NT_STATUS_EQUAL(ret, NT_STATUS_SOME_NOT_MAPPED) && + ids[i]->status == ID_REQUIRE_TYPE) + { + num_required++; + continue; + } if ((!NT_STATUS_IS_OK(ret)) && (!NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) { struct dom_sid_buf buf; @@ -729,6 +736,8 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, if (num_tomap == num_mapped) { return NT_STATUS_OK; + } else if (num_required > 0) { + return STATUS_SOME_UNMAPPED; } else if (num_mapped == 0) { return NT_STATUS_NONE_MAPPED; } |