successful pam auth (e.g. from ssh) will cache group sids (but not any
resource group sids)) The subsequent cached entry used for groups lookups
can be missing those resource groups
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
struct PAC_DATA_CTR *pac_data_ctr = NULL;
const char *local_service;
int i;
+ struct netr_SamInfo3 *info3_copy = NULL;
*info3 = NULL;
break;
}
- *info3 = &logon_info->info3;
DEBUG(10,("winbindd_raw_kerberos_login: winbindd validated ticket of %s\n",
principal_s));
+ result = create_info3_from_pac_logon_info(mem_ctx, logon_info, &info3_copy);
+ if (!NT_STATUS_IS_OK(result)) {
+ goto failed;
+ }
+
/* if we had a user's ccache then return that string for the pam
* environment */
}
}
-
+ *info3 = info3_copy;
return NT_STATUS_OK;
failed: