fixed problem with special group SIDs

This commit is contained in:
Roland Gruber 2005-02-08 10:23:19 +00:00
parent da610f4d5e
commit 1e6c7bc8bd
1 changed files with 28 additions and 12 deletions

View File

@ -1545,6 +1545,11 @@ function modifyuser($values,$values_old,$uselamdaemon=true) { // Will modify the
if ($_SESSION['config']->is_samba3()) { if ($_SESSION['config']->is_samba3()) {
// We use samba 3 schema // We use samba 3 schema
// Change SID only if we don't use a well known SID // Change SID only if we don't use a well known SID
$found = false;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-512') $found=true;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-513') $found=true;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-514') $found=true;
if (!$found) {
ldapreload('group'); ldapreload('group');
foreach ($_SESSION['groupDN'] as $groupname) { foreach ($_SESSION['groupDN'] as $groupname) {
if ($groupname['cn'] == $values->general_group) { if ($groupname['cn'] == $values->general_group) {
@ -1557,9 +1562,11 @@ function modifyuser($values,$values_old,$uselamdaemon=true) { // Will modify the
} }
} }
} }
}
else { else {
// We use old samba 2.2 schema // We use old samba 2.2 schema
// Change SID only if we don't use a well known SID // Change SID only if we don't use a well known SID
$found = false;
if ($values->smb_mapgroup== '512') $found=true; if ($values->smb_mapgroup== '512') $found=true;
if ($values->smb_mapgroup== '513') $found=true; if ($values->smb_mapgroup== '513') $found=true;
if ($values->smb_mapgroup== '514') $found=true; if ($values->smb_mapgroup== '514') $found=true;
@ -1722,11 +1729,20 @@ function modifyuser($values,$values_old,$uselamdaemon=true) { // Will modify the
(2 * getgid($values->general_group) + $values->smb_domain->RIDbase+1); (2 * getgid($values->general_group) + $values->smb_domain->RIDbase+1);
} }
if (($values->smb_mapgroup!='') && ($values->smb_mapgroup!=$values_old->smb_mapgroup)) { if (($values->smb_mapgroup!='') && ($values->smb_mapgroup!=$values_old->smb_mapgroup)) {
$found = false;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-512') $found=true;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-513') $found=true;
if (substr($values->smb_mapgroup, sizeof($values->smb_mapgroup)-5, 4) == '-514') $found=true;
if (!$found) { // use group SID
ldapreload('group'); ldapreload('group');
foreach ($_SESSION['groupDN'] as $groupname) { foreach ($_SESSION['groupDN'] as $groupname) {
if ($groupname['cn'] == $values->general_group) $attr['sambaPrimaryGroupSID'] = $groupname['sambaSID']; if ($groupname['cn'] == $values->general_group) $attr['sambaPrimaryGroupSID'] = $groupname['sambaSID'];
} }
} }
else { // use special SID
$attr['sambaPrimaryGroupSID'] = $values->smb_mapgroup;
}
}
if ($values->smb_displayName != $values_old->smb_displayName) $attr['displayName'] = utf8_encode($values->smb_displayName); // sambaAccount_may if ($values->smb_displayName != $values_old->smb_displayName) $attr['displayName'] = utf8_encode($values->smb_displayName); // sambaAccount_may
} }
else { else {