* uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,

	home, shell and gecos info from NT4 domain.

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 9aa56f21dfedba9894f082c1e7115e83e1bd8de7..87d0ffe7c74b23ee44142b3b6074c2be558ff231 100644 (file)
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,8 @@
+2015-01-21  Corinna Vinschen  <corinna@vinschen.de>
+
+       * uinfo.cc (pwdgrp::fetch_account_from_windows): Allow fetching gid,
+       home, shell and gecos info from NT4 domain.
+
 2015-01-21  Corinna Vinschen  <corinna@vinschen.de>
 
        * sec_auth.cc (get_logon_server): Constify domain parameter.

diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index ebc2991e9fc72b4f8fb40eb6683044a4f2b355e7..f1fb99d016ca088b33b4f2af94e8da6b1485e2d7 100644 (file)
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -2077,32 +2077,62 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
 
          if (is_domain_account)
            {
-             /* Use LDAP to fetch domain account infos. */
-             if (cldap->open (NULL) != NO_ERROR)
-               break;
-             if (cldap->fetch_ad_account (sid, is_group (), domain))
+             /* On AD machines, use LDAP to fetch domain account infos. */
+             if (cygheap->dom.primary_dns_name ())
                {
-                 if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
-                   gid = posix_offset + id_val;
-                 if (!is_group ())
+                 if (cldap->open (NULL) != NO_ERROR)
+                   break;
+                 if (cldap->fetch_ad_account (sid, is_group (), domain))
                    {
-                     home = cygheap->pg.get_home (cldap, sid, dom, name,
-                                                  fully_qualified_name);
-                     shell = cygheap->pg.get_shell (cldap, sid, dom, name,
-                                                    fully_qualified_name);
-                     gecos = cygheap->pg.get_gecos (cldap, sid, dom, name,
-                                                    fully_qualified_name);
+                     if ((id_val = cldap->get_primary_gid ()) != ILLEGAL_GID)
+                       gid = posix_offset + id_val;
+                     if (!is_group ())
+                       {
+                         home = cygheap->pg.get_home (cldap, sid, dom, name,
+                                                      fully_qualified_name);
+                         shell = cygheap->pg.get_shell (cldap, sid, dom, name,
+                                                        fully_qualified_name);
+                         gecos = cygheap->pg.get_gecos (cldap, sid, dom, name,
+                                                        fully_qualified_name);
+                       }
+                     /* Check and, if necessary, add unix<->windows id mapping
+                        on the fly, unless we're called from getpwent. */
+                     if (!pldap)
+                       {
+                         id_val = cldap->get_unix_uid ();
+                         if (id_val != ILLEGAL_UID
+                             && cygheap->ugid_cache.get_uid (id_val)
+                                == ILLEGAL_UID)
+                           cygheap->ugid_cache.add_uid (id_val, uid);
+                       }
                    }
-                 /* Check and, if necessary, add unix<->windows id mapping on
-                    the fly, unless we're called from getpwent. */
-                 if (!pldap)
+               }
+             /* If primary_dns_name() is empty, we're likely running under an
+                NT4 domain, so we can't use LDAP.  For user accounts fall back
+                to NetUserGetInfo.  This isn't overly fast, but keep in mind
+                that NT4 domains are mostly replaced by AD these days. */
+             else if (!is_group () && acc_type == SidTypeUser)
+               {
+                 WCHAR server[INTERNET_MAX_HOST_NAME_LENGTH + 3];
+                 NET_API_STATUS nas;
+                 PUSER_INFO_3 ui;
+                 
+                 if (!get_logon_server (cygheap->dom.primary_flat_name (),
+                                        server, DS_IS_FLAT_NAME))
+                   break;
+                 nas = NetUserGetInfo (server, name, 3, (PBYTE *) &ui);
+                 if (nas != NERR_Success)
                    {
-                     id_val = cldap->get_unix_uid ();
-                     if (id_val != ILLEGAL_UID
-                         && cygheap->ugid_cache.get_uid (id_val)
-                            == ILLEGAL_UID)
-                       cygheap->ugid_cache.add_uid (id_val, uid);
+                     debug_printf ("NetUserGetInfo(%W) %u", name, nas);
+                     break;
                    }
+                 gid = posix_offset + ui->usri3_primary_group_id;
+                 home = cygheap->pg.get_home (ui, sid, dom, name,
+                                              fully_qualified_name);
+                 shell = cygheap->pg.get_shell (ui, sid, dom, name,
+                                                fully_qualified_name);
+                 gecos = cygheap->pg.get_gecos (ui, sid, dom, name,
+                                                fully_qualified_name);
                }
            }
          /* Otherwise check account domain (local SAM).*/