Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+

What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.

3 files changed, 5 insertions, 5 deletions

diff --git a/librpc/gen_ndr/ndr_samr.c b/librpc/gen_ndr/ndr_samr.c
index 33c70ce1ff..d2d345a66a 100644
--- a/librpc/gen_ndr/ndr_samr.c
+++ b/librpc/gen_ndr/ndr_samr.c
@@ -122,7 +122,7 @@ _PUBLIC_ void ndr_print_samr_ConnectAccessMask(struct ndr_print *ndr, const char
 	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_INITIALIZE_SERVER", SAMR_ACCESS_INITIALIZE_SERVER, r);
 	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_CREATE_DOMAIN", SAMR_ACCESS_CREATE_DOMAIN, r);
 	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_ENUM_DOMAINS", SAMR_ACCESS_ENUM_DOMAINS, r);
-	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_OPEN_DOMAIN", SAMR_ACCESS_OPEN_DOMAIN, r);
+	ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_LOOKUP_DOMAIN", SAMR_ACCESS_LOOKUP_DOMAIN, r);
 	ndr->depth--;
 }
 
diff --git a/librpc/gen_ndr/samr.h b/librpc/gen_ndr/samr.h
index 044756469e..16c6605789 100644
--- a/librpc/gen_ndr/samr.h
+++ b/librpc/gen_ndr/samr.h
@@ -14,7 +14,7 @@
 #define GENERIC_RIGHTS_SAM_ALL_ACCESS	( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_ACCESS_ALL_ACCESS) )
 #define GENERIC_RIGHTS_SAM_READ	( (STANDARD_RIGHTS_READ_ACCESS|SAMR_ACCESS_ENUM_DOMAINS) )
 #define GENERIC_RIGHTS_SAM_WRITE	( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_ACCESS_CREATE_DOMAIN|SAMR_ACCESS_INITIALIZE_SERVER|SAMR_ACCESS_SHUTDOWN_SERVER) )
-#define GENERIC_RIGHTS_SAM_EXECUTE	( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ACCESS_OPEN_DOMAIN|SAMR_ACCESS_CONNECT_TO_SERVER) )
+#define GENERIC_RIGHTS_SAM_EXECUTE	( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ACCESS_LOOKUP_DOMAIN|SAMR_ACCESS_CONNECT_TO_SERVER) )
 #define SAMR_USER_ACCESS_ALL_ACCESS	( 0x000007FF )
 #define GENERIC_RIGHTS_USER_ALL_ACCESS	( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_USER_ACCESS_ALL_ACCESS) )
 #define GENERIC_RIGHTS_USER_READ	( (STANDARD_RIGHTS_READ_ACCESS|SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP|SAMR_USER_ACCESS_GET_GROUPS|SAMR_USER_ACCESS_GET_ATTRIBUTES|SAMR_USER_ACCESS_GET_LOGONINFO|SAMR_USER_ACCESS_GET_LOCALE) )
@@ -97,7 +97,7 @@ enum samr_RejectReason
 #define SAMR_ACCESS_INITIALIZE_SERVER ( 0x00000004 )
 #define SAMR_ACCESS_CREATE_DOMAIN ( 0x00000008 )
 #define SAMR_ACCESS_ENUM_DOMAINS ( 0x00000010 )
-#define SAMR_ACCESS_OPEN_DOMAIN ( 0x00000020 )
+#define SAMR_ACCESS_LOOKUP_DOMAIN ( 0x00000020 )
 
 /* bitmap samr_UserAccessMask */
 #define SAMR_USER_ACCESS_GET_NAME_ETC ( 0x00000001 )
diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl
index 7d5d877bb1..bcd8ca066c 100644
--- a/librpc/idl/samr.idl
+++ b/librpc/idl/samr.idl
@@ -64,7 +64,7 @@ import "misc.idl", "lsa.idl", "security.idl";
 		SAMR_ACCESS_INITIALIZE_SERVER   = 0x00000004,
 		SAMR_ACCESS_CREATE_DOMAIN       = 0x00000008,
 		SAMR_ACCESS_ENUM_DOMAINS        = 0x00000010,
-		SAMR_ACCESS_OPEN_DOMAIN         = 0x00000020
+		SAMR_ACCESS_LOOKUP_DOMAIN         = 0x00000020
 	} samr_ConnectAccessMask;
 
 	const int SAMR_ACCESS_ALL_ACCESS = 0x0000003F;
@@ -85,7 +85,7 @@ import "misc.idl", "lsa.idl", "security.idl";
 
 	const int GENERIC_RIGHTS_SAM_EXECUTE =
 		(STANDARD_RIGHTS_EXECUTE_ACCESS		|
-		 SAMR_ACCESS_OPEN_DOMAIN		|
+		 SAMR_ACCESS_LOOKUP_DOMAIN		|
 		 SAMR_ACCESS_CONNECT_TO_SERVER);
 
 	/* User Object specific access rights */