diff options
author | Stefan Metzmacher <metze@samba.org> | 2019-03-21 16:54:31 +0100 |
---|---|---|
committer | Jule Anger <janger@samba.org> | 2023-04-05 10:40:13 +0000 |
commit | 750865aca3ae44c8b949babb4c77175d8917543c (patch) | |
tree | c32f1e9a88f88524b5f61c82513f4b28799ab93c | |
parent | eb4129d3cc75833554f26f31ef91b164d9a3b2e8 (diff) | |
download | samba-750865aca3ae44c8b949babb4c77175d8917543c.tar.gz |
idmap_hash: don't return ID_REQUIRE_TYPE if the domain is known in the netsamlogon cache
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15319
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit ee820553fd2c6ada966a0160cbb0240049f9d9f7)
-rw-r--r-- | source3/winbindd/idmap_hash/idmap_hash.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/winbindd/idmap_hash/idmap_hash.c b/source3/winbindd/idmap_hash/idmap_hash.c index fb900617ec3..a3430350625 100644 --- a/source3/winbindd/idmap_hash/idmap_hash.c +++ b/source3/winbindd/idmap_hash/idmap_hash.c @@ -25,6 +25,7 @@ #include "ads.h" #include "nss_info.h" #include "../libcli/security/dom_sid.h" +#include "libsmb/samlogon_cache.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_IDMAP @@ -287,6 +288,21 @@ static NTSTATUS idmap_hash_sid_to_id(struct sid_hash_table *hashed_domains, goto return_mapping; } + /* + * Check of last resort: A domain is valid if a user from that + * domain has recently logged in. The samlogon_cache these + * days also stores the domain sid. + */ + if (netsamlogon_cache_have(&sid)) { + /* + * We keep the legacy behavior and + * just return the mapping, but + * the reverse mapping would not + * still not work. + */ + goto return_mapping; + } + if (id->xid.type == ID_TYPE_NOT_SPECIFIED) { /* * idmap_hash used to bounce back the requested type, |