diff options
author | Jeremy Allison <jra@samba.org> | 2001-04-21 23:06:59 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2001-04-21 23:06:59 +0000 |
commit | a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa (patch) | |
tree | 424bb2d6e94b88d6ddb304480109ef7b149ee834 | |
parent | 9319a9484c15d8453c96f17c450e75a9e70bb690 (diff) | |
download | samba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.tar.gz samba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.tar.bz2 samba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.zip |
JF pointed out we were returning the wrong info for Domain member with info
levels 3 and 5. I *hate* LSAQueryInfoPolicy() :-).
Jeremy.
(This used to be commit 37581bdf1e1f24dabe67befdc27f54f516d3f08e)
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 26 |
1 files changed, 9 insertions, 17 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index f273c7bb4c..f4407f5d36 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -355,24 +355,25 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO break; } case 0x03: - switch (lp_server_role()) - { + /* Request PolicyPrimaryDomainInformation. */ + switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: name = global_myworkgroup; sid = &global_sam_sid; break; case ROLE_DOMAIN_MEMBER: - name = global_myname; + name = global_myworkgroup; + /* We need to return the Domain SID here. */ if (secrets_fetch_domain_sid(global_myworkgroup, &domain_sid)) sid = &domain_sid; else - sid = &global_sam_sid; + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; break; case ROLE_STANDALONE: name = global_myname; - sid = &global_sam_sid; + sid = NULL; /* Tell it we're not in a domain. */ break; default: return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; @@ -380,22 +381,14 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO init_dom_query(&r_u->dom.id3, name, sid); break; case 0x05: - /* AS/U shows this needs to be the same as level 3. JRA. */ - switch (lp_server_role()) - { + /* Request PolicyAccountDomainInformation. */ + switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: name = global_myworkgroup; sid = &global_sam_sid; break; case ROLE_DOMAIN_MEMBER: - name = global_myname; - if (secrets_fetch_domain_sid(global_myworkgroup, - &domain_sid)) - sid = &domain_sid; - else - sid = &global_sam_sid; - break; case ROLE_STANDALONE: name = global_myname; sid = &global_sam_sid; @@ -406,8 +399,7 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO init_dom_query(&r_u->dom.id5, name, sid); break; case 0x06: - switch (lp_server_role()) - { + switch (lp_server_role()) { case ROLE_DOMAIN_BDC: /* * only a BDC is a backup controller |