diff options
| author | Jeremy Allison <jra@samba.org> | 2009-04-15 15:40:00 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2009-04-15 15:40:00 -0700 |
| commit | d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca (patch) | |
| tree | 618057dc77d62fec5fff32263dd90a5011cad793 /source3/lib | |
| parent | e6aa3f2d09bd004341dde28b15ef769a09401f26 (diff) | |
| download | samba-d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca.tar.gz samba-d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca.tar.bz2 samba-d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca.zip | |
Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/netapi/group.c | 18 | ||||
| -rw-r--r-- | source3/lib/netapi/localgroup.c | 25 | ||||
| -rw-r--r-- | source3/lib/netapi/user.c | 30 |
3 files changed, 36 insertions, 37 deletions
diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index c09632a857..004fd3aff6 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -79,7 +79,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_CREATE_GROUP | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -250,7 +250,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -415,7 +415,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -650,7 +650,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -766,7 +766,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -887,7 +887,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -1165,7 +1165,7 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, @@ -1296,7 +1296,7 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -1448,7 +1448,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c index 13405b553e..d389c1f4a2 100644 --- a/source3/lib/netapi/localgroup.c +++ b/source3/lib/netapi/localgroup.c @@ -157,7 +157,7 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -182,7 +182,7 @@ WERROR NetLocalGroupAdd_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_CREATE_ALIAS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -277,7 +277,7 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -302,7 +302,7 @@ WERROR NetLocalGroupDel_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_CREATE_ALIAS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -449,7 +449,7 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -474,7 +474,7 @@ WERROR NetLocalGroupGetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_CREATE_ALIAS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -620,7 +620,7 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -647,7 +647,7 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -762,7 +762,7 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | @@ -774,7 +774,7 @@ WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | @@ -1068,7 +1068,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, } werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_ENUM_DOMAINS, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -1098,7 +1098,7 @@ static WERROR NetLocalGroupModifyMembers_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -1318,4 +1318,3 @@ WERROR NetLocalGroupSetMembers_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetLocalGroupSetMembers); } - diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 1cbb883169..849ba9cc92 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -395,7 +395,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | SAMR_DOMAIN_ACCESS_CREATE_USER | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, @@ -517,7 +517,7 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -1223,7 +1223,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, &connect_handle, @@ -1234,7 +1234,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, @@ -1522,7 +1522,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, @@ -1648,7 +1648,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -1659,7 +1659,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, &connect_handle, @@ -1800,7 +1800,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, @@ -1812,7 +1812,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, &connect_handle, @@ -2220,7 +2220,7 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, access_mask, &connect_handle, &domain_handle, @@ -2698,7 +2698,7 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, access_mask, &connect_handle, &domain_handle, @@ -2831,7 +2831,7 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -2982,7 +2982,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, &connect_handle, &domain_handle, @@ -3264,7 +3264,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, &connect_handle, @@ -3276,7 +3276,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, &connect_handle, |