s3-passdb: Fix 'force user' with winbind default domain

If we set 'winbind use default domain' and specify 'force user = user'
without a domain name we fail to log in. In this case we need to try a
lookup with the domain name.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11185

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit cd4442c7ac93e165862c9195a7c345472646aa59)

diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index e4d41c44dcb85d5e98d7459ec151ff1818d09fb2..f10ebb7fd22a19a8c86e05056244a13a65fe30e6 100644 (file)
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -395,6 +395,30 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
                                ret_sid, ret_type);
        }
 
+       /* Try with winbind default domain name. */
+       if (lp_winbind_use_default_domain()) {
+               bool ok;
+
+               qualified_name = talloc_asprintf(mem_ctx,
+                                                "%s\\%s",
+                                                lp_workgroup(),
+                                                full_name);
+               if (qualified_name == NULL) {
+                       return false;
+               }
+
+               ok = lookup_name(mem_ctx,
+                                qualified_name,
+                                flags,
+                                ret_domain,
+                                ret_name,
+                                ret_sid,
+                                ret_type);
+               if (ok) {
+                       return true;
+               }
+       }
+
        /* Try with our own SAM name. */
        qualified_name = talloc_asprintf(mem_ctx, "%s\\%s",
                                get_global_sam_name(),