diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2012-05-01 17:13:34 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2012-05-02 01:00:12 +0200 |
| commit | 221c0e479d99b81f8becd51d641a5979e420efdc (patch) | |
| tree | 6fa88184a447ef8d14c0e693807389469087909a | |
| parent | d7f3c00b853761d929c3a21a6d64feff334944ce (diff) | |
| download | samba-221c0e479d99b81f8becd51d641a5979e420efdc.tar.gz samba-221c0e479d99b81f8becd51d641a5979e420efdc.tar.bz2 samba-221c0e479d99b81f8becd51d641a5979e420efdc.zip | |
s3-smbd: Use security_session_user_level() rather than nt_token_check_sid()
This allows the unix.whoami test to pass when configured as part of the AD DC.
The struct auth_session_info is slightly different in the AD DC configuration
when using auth_samba4. In particular, there is a distinction between Guest
and Anonymous logins.
Andrew Bartlett
| -rw-r--r-- | source3/smbd/trans2.c | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 63ee76bce9..5cfbc3128b 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -3426,22 +3426,10 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned return NT_STATUS_BUFFER_TOO_SMALL; } - /* We ARE guest if global_sid_Builtin_Guests is - * in our list of SIDs. - */ - if (nt_token_check_sid(&global_sid_Builtin_Guests, - conn->session_info->security_token)) { + if (security_session_user_level(conn->session_info, NULL) < SECURITY_USER) { flags |= SMB_WHOAMI_GUEST; } - /* We are NOT guest if global_sid_Authenticated_Users - * is in our list of SIDs. - */ - if (nt_token_check_sid(&global_sid_Authenticated_Users, - conn->session_info->security_token)) { - flags &= ~SMB_WHOAMI_GUEST; - } - /* NOTE: 8 bytes for UID/GID, irrespective of native * platform size. This matches * SMB_QUERY_FILE_UNIX_BASIC and friends. |