summaryrefslogtreecommitdiff
path: root/source3/passdb
diff options
context:
space:
mode:
authorJean-François Micouleau <jfm@samba.org>2001-11-29 16:05:05 +0000
committerJean-François Micouleau <jfm@samba.org>2001-11-29 16:05:05 +0000
commitfac01bda8bb4f52b930496c362f55aca5b112240 (patch)
tree14657fee45b97fc453596e62bb9f64e26c26de94 /source3/passdb
parent3a921f37b737cab0729cc904e514647406e6f01c (diff)
downloadsamba-fac01bda8bb4f52b930496c362f55aca5b112240.tar.gz
samba-fac01bda8bb4f52b930496c362f55aca5b112240.tar.bz2
samba-fac01bda8bb4f52b930496c362f55aca5b112240.zip
Changed again how the privilege list is handled in the group mapping code.
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
Diffstat (limited to 'source3/passdb')
-rw-r--r--source3/passdb/passdb.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 873e569f68..b07dec7c0d 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -551,6 +551,7 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
/* check if it's a mapped group */
if (get_group_map_from_sid(local_sid, &map)) {
+ free_privilege(&map.priv_set);
if (map.gid!=-1) {
DEBUG(5,("local_local_rid: mapped group %s to gid %u\n", map.nt_name, (unsigned int)map.gid));
fstrcpy(name, map.nt_name);
@@ -636,6 +637,7 @@ BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid,
/* check if it's a mapped group */
if (get_group_map_from_ntname(user, &map)) {
+ free_privilege(&map.priv_set);
if (map.gid!=-1) {
/* yes it's a mapped group to a valid unix group */
sid_copy(&local_sid, &map.sid);