summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2009-05-15 13:13:01 -0700
committerJeremy Allison <jra@samba.org>2009-05-15 13:13:01 -0700
commit2b784738d7ce444fb63e2cac91ad2e220cc6e551 (patch)
tree3ba537d18b38c8c5b0d4fc34054c9d6ca634f46e
parent4027fde97c0f7fdc7b5c157c82d5563de6f47be2 (diff)
downloadsamba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.tar.gz
samba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.tar.bz2
samba-2b784738d7ce444fb63e2cac91ad2e220cc6e551.zip
DeleteUser doesn't need the priv checks, this is done at OpenUser time.
Jeremy.
-rw-r--r--source3/rpc_server/srv_samr_nt.c20
1 files changed, 0 insertions, 20 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 7e55282384..8b1a90af02 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -5499,8 +5499,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p,
struct samr_user_info *uinfo;
NTSTATUS status;
struct samu *sam_pass=NULL;
- bool can_del_accounts = false;
- uint32 acb_info = 0;
bool ret;
DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__));
@@ -5524,24 +5522,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p,
ret = pdb_getsampwsid(sam_pass, &uinfo->sid);
unbecome_root();
- if (ret) {
- acb_info = pdb_get_acct_ctrl(sam_pass);
- }
-
- /* For machine accounts it's the SeMachineAccountPrivilege that counts. */
- if (geteuid() == sec_initial_uid()) {
- can_del_accounts = true;
- } else if (acb_info & ACB_WSTRUST) {
- can_del_accounts = user_has_privileges( p->server_info->ptok, &se_machine_account );
- } else {
- can_del_accounts = user_has_privileges( p->server_info->ptok, &se_add_users );
- }
-
- if (!can_del_accounts) {
- TALLOC_FREE(sam_pass);
- return NT_STATUS_ACCESS_DENIED;
- }
-
if(!ret) {
DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n",
sid_string_dbg(&uinfo->sid)));