Fix bug #9039 'map untrusted to domain' treats WORKSTATION as bogus domain.

s3: never try to map global SAM name

Do not treat the global SAM name as a BOGUS domain, and exempt
local users from mapping, instead. This change reinstates the
exact mapping behaviour of Samba 3.2 if parameter 'map untrusted
to domain' is set.

Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1367186a55e3f04031183fc90bf4c00028036a90..ceaa7064d5908d19347f696ee013c0b9a34a5d77 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -125,7 +125,8 @@ NTSTATUS make_user_info_map(struct auth_usersupplied_info **user_info,
         * This also deals with the client passing in a "" domain */
 
        if (!is_trusted_domain(domain) &&
-           !strequal(domain, my_sam_name()))
+           !strequal(domain, my_sam_name()) &&
+           !strequal(domain, get_global_sam_name()))
        {
                if (lp_map_untrusted_to_domain())
                        domain = my_sam_name();