diff options
| author | Gerald Carter <jerry@samba.org> | 2005-01-06 23:27:28 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:48 -0500 |
| commit | be606e8eeb0a419189bd8f44975c80e182474993 (patch) | |
| tree | 6e4f4405673f1457d495cf4e49fe56b99e87374f /source3/auth | |
| parent | 23c143dc4190ea2e15d340cebd1a5ecc12ebeedd (diff) | |
| download | samba-be606e8eeb0a419189bd8f44975c80e182474993.tar.gz samba-be606e8eeb0a419189bd8f44975c80e182474993.tar.bz2 samba-be606e8eeb0a419189bd8f44975c80e182474993.zip | |
r4579: small changes to allow the members og the Domain Admins group on the Samba DC to join clients to the domain -- needs more testing and security review but does work with initial testing
(This used to be commit 9ade9bf49c7125fb29658f943e9ebb6be9496180)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_util.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 2eacc2b0d1..98ecd00d1c 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1444,6 +1444,35 @@ NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken) return token; } +/**************************************************************************** + Check for a SID in an NT_USER_TOKEN +****************************************************************************/ + +BOOL nt_token_check_sid ( DOM_SID *sid, NT_USER_TOKEN *token ) +{ + int i; + + if ( !sid || !token ) + return False; + + for ( i=0; i<token->num_sids; i++ ) { + if ( sid_equal( sid, &token->user_sids[i] ) ) + return True; + } + + return False; +} + +BOOL nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid ) +{ + DOM_SID domain_sid; + + sid_copy( &domain_sid, get_global_sam_sid() ); + sid_append_rid( &domain_sid, rid ); + + return nt_token_check_sid( &domain_sid, token );\ +} + /** * Verify whether or not given domain is trusted. * |