diff options
author | Jeremy Allison <jra@samba.org> | 2009-05-15 13:13:01 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2009-05-15 13:13:01 -0700 |
commit | 2b784738d7ce444fb63e2cac91ad2e220cc6e551 (patch) | |
tree | 3ba537d18b38c8c5b0d4fc34054c9d6ca634f46e | |
parent | 4027fde97c0f7fdc7b5c157c82d5563de6f47be2 (diff) | |
download | samba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.tar.gz samba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.tar.bz2 samba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.zip |
DeleteUser doesn't need the priv checks, this is done at OpenUser time.
Jeremy.
-rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 20 |
1 files changed, 0 insertions, 20 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 7e55282384..8b1a90af02 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -5499,8 +5499,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p, struct samr_user_info *uinfo; NTSTATUS status; struct samu *sam_pass=NULL; - bool can_del_accounts = false; - uint32 acb_info = 0; bool ret; DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__)); @@ -5524,24 +5522,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p, ret = pdb_getsampwsid(sam_pass, &uinfo->sid); unbecome_root(); - if (ret) { - acb_info = pdb_get_acct_ctrl(sam_pass); - } - - /* For machine accounts it's the SeMachineAccountPrivilege that counts. */ - if (geteuid() == sec_initial_uid()) { - can_del_accounts = true; - } else if (acb_info & ACB_WSTRUST) { - can_del_accounts = user_has_privileges( p->server_info->ptok, &se_machine_account ); - } else { - can_del_accounts = user_has_privileges( p->server_info->ptok, &se_add_users ); - } - - if (!can_del_accounts) { - TALLOC_FREE(sam_pass); - return NT_STATUS_ACCESS_DENIED; - } - if(!ret) { DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n", sid_string_dbg(&uinfo->sid))); |