s3: Fix bug 8455 -- Samba PDC is looking up only primary user group

group_sids_to_info3 does a sid_peek_check_rid on the domain sid before adding
the rids to the array. If the domain sid is 0x0, then the check will always
fail.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Sep 17 00:51:27 CEST 2011 on sn-devel-104
(cherry picked from commit 3dcec44f3edbc9c4f1946ead3480f6d01cd53e7a)

diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 3190b756c4634e96563b316cf8423e8f8947a3e6..c6d68c24d7dc4831e0947d84b6c6ee9954968cf8 100644 (file)
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -438,6 +438,13 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
        info3->base.logon_count = pdb_get_logon_count(samu);
        info3->base.bad_password_count = pdb_get_bad_password_count(samu);
 
+       info3->base.domain.string = talloc_strdup(info3,
+                                                 pdb_get_domain(samu));
+       RET_NOMEM(info3->base.domain.string);
+
+       info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
+       RET_NOMEM(info3->base.domain_sid);
+
        status = pdb_enum_group_memberships(mem_ctx, samu,
                                            &group_sids, &gids,
                                            &num_group_sids);
@@ -468,13 +475,6 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
                RET_NOMEM(info3->base.logon_server.string);
        }
 
-       info3->base.domain.string = talloc_strdup(info3,
-                                                 pdb_get_domain(samu));
-       RET_NOMEM(info3->base.domain.string);
-
-       info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
-       RET_NOMEM(info3->base.domain_sid);
-
        info3->base.acct_flags = pdb_get_acct_ctrl(samu);
 
        *_info3 = info3;