If no winbind is around, the best we can do to get the user's token correct is
to ask unix via create_token_from_username. More investigation is needed if
this also fixes the +groupname for unmapped groups problems more cleanly.
Volker
return NT_STATUS_NO_MEMORY;
}
- if (server_info->was_mapped) {
+ /*
+ * If winbind is not around, we can not make much use of the SIDs the
+ * domain controller provided us with. Likewise if the user name was
+ * mapped to some local unix user.
+ */
+
+ if ((!winbind_ping()) || (server_info->was_mapped)) {
status = create_token_from_username(server_info,
server_info->unix_name,
server_info->guest,