diff options
| author | Corinna Vinschen <corinna@vinschen.de> | 2015-01-21 23:40:33 +0300 |
|---|---|---|
| committer | Corinna Vinschen <corinna@vinschen.de> | 2015-01-21 23:40:33 +0300 |
| commit | 638dd243f28e693471630152345777c21d5a00c6 (patch) | |
| tree | 9cea4e77257df8c4108cc6084d81f12ede01ce92 /winsup/cygwin/uinfo.cc | |
| parent | bf8f43ae8adf162d9acedd9dd4d4f9d3d4f0a646 (diff) | |
* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,
home, shell and gecos info from NT4 domain.
Diffstat (limited to 'winsup/cygwin/uinfo.cc')
| -rw-r--r-- | winsup/cygwin/uinfo.cc | 72 |
1 files changed, 51 insertions, 21 deletions
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index ebc2991e9..f1fb99d01 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -2077,32 +2077,62 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) if (is_domain_account) { - /* Use LDAP to fetch domain account infos. */ - if (cldap->open (NULL) != NO_ERROR) - break; - if (cldap->fetch_ad_account (sid, is_group (), domain)) + /* On AD machines, use LDAP to fetch domain account infos. */ + if (cygheap->dom.primary_dns_name ()) { - if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID) - gid = posix_offset + id_val; - if (!is_group ()) + if (cldap->open (NULL) != NO_ERROR) + break; + if (cldap->fetch_ad_account (sid, is_group (), domain)) { - home = cygheap->pg.get_home (cldap, sid, dom, name, - fully_qualified_name); - shell = cygheap->pg.get_shell (cldap, sid, dom, name, - fully_qualified_name); - gecos = cygheap->pg.get_gecos (cldap, sid, dom, name, - fully_qualified_name); + if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID) + gid = posix_offset + id_val; + if (!is_group ()) + { + home = cygheap->pg.get_home (cldap, sid, dom, name, + fully_qualified_name); + shell = cygheap->pg.get_shell (cldap, sid, dom, name, + fully_qualified_name); + gecos = cygheap->pg.get_gecos (cldap, sid, dom, name, + fully_qualified_name); + } + /* Check and, if necessary, add unix<->windows id mapping + on the fly, unless we're called from getpwent. */ + if (!pldap) + { + id_val = cldap->get_unix_uid (); + if (id_val != ILLEGAL_UID + && cygheap->ugid_cache.get_uid (id_val) + == ILLEGAL_UID) + cygheap->ugid_cache.add_uid (id_val, uid); + } } - /* Check and, if necessary, add unix<->windows id mapping on - the fly, unless we're called from getpwent. */ - if (!pldap) + } + /* If primary_dns_name() is empty, we're likely running under an + NT4 domain, so we can't use LDAP. For user accounts fall back + to NetUserGetInfo. This isn't overly fast, but keep in mind + that NT4 domains are mostly replaced by AD these days. */ + else if (!is_group () && acc_type == SidTypeUser) + { + WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 3]; + NET_API_STATUS nas; + PUSER_INFO_3 ui; + + if (!get_logon_server (cygheap->dom.primary_flat_name (), + server, DS_IS_FLAT_NAME)) + break; + nas = NetUserGetInfo (server, name, 3, (PBYTE *) &ui); + if (nas != NERR_Success) { - id_val = cldap->get_unix_uid (); - if (id_val != ILLEGAL_UID - && cygheap->ugid_cache.get_uid (id_val) - == ILLEGAL_UID) - cygheap->ugid_cache.add_uid (id_val, uid); + debug_printf ("NetUserGetInfo(%W) %u", name, nas); + break; } + gid = posix_offset + ui->usri3_primary_group_id; + home = cygheap->pg.get_home (ui, sid, dom, name, + fully_qualified_name); + shell = cygheap->pg.get_shell (ui, sid, dom, name, + fully_qualified_name); + gecos = cygheap->pg.get_gecos (ui, sid, dom, name, + fully_qualified_name); } } /* Otherwise check account domain (local SAM).*/ |