diff options
author | Stefan Metzmacher <metze@samba.org> | 2023-02-17 16:51:42 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-04-05 10:40:13 +0000 |
commit | fd7e0aaa196c83f28d76a0309d09c27e5eedae59 (patch) | |
tree | 04bcc4748374932edb70ee01f7304ae731d3b8e0 | |
parent | 5c68985b2788330026df687d5439f4e86f90a77c (diff) | |
download | samba-fd7e0aaa196c83f28d76a0309d09c27e5eedae59.tar.gz |
idmap_autorid: fix ID_REQUIRE_TYPE for more than one SID for an unknown domain
When we see a trusted domain SID for the first time,
idmap_autorid returns ID_REQUIRE_TYPE only for the first sid
and leaves the others with ID_TYPE_NOT_SPECIFIED.
It means the winbindd parent only retries the first sid.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15318
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit a9583b5f96fe3fbf9c1ee545fa868fd705aef3e0)
-rw-r--r-- | source3/winbindd/idmap_autorid.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index c7d56a37684..bf5947a9b43 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -697,9 +697,10 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, { struct idmap_tdb_common_context *commoncfg; NTSTATUS ret; - int i; - int num_tomap = 0; - int num_mapped = 0; + size_t i; + size_t num_tomap = 0; + size_t num_mapped = 0; + size_t num_required = 0; /* initialize the status to avoid surprise */ for (i = 0; ids[i]; i++) { @@ -713,6 +714,12 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, for (i = 0; ids[i]; i++) { ret = idmap_autorid_sid_to_id(commoncfg, dom, ids[i]); + if (NT_STATUS_EQUAL(ret, NT_STATUS_SOME_NOT_MAPPED) && + ids[i]->status == ID_REQUIRE_TYPE) + { + num_required++; + continue; + } if ((!NT_STATUS_IS_OK(ret)) && (!NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) { struct dom_sid_buf buf; @@ -729,6 +736,8 @@ static NTSTATUS idmap_autorid_sids_to_unixids(struct idmap_domain *dom, if (num_tomap == num_mapped) { return NT_STATUS_OK; + } else if (num_required > 0) { + return STATUS_SOME_UNMAPPED; } else if (num_mapped == 0) { return NT_STATUS_NONE_MAPPED; } |