diff options
author | Luke Leighton <lkcl@samba.org> | 1997-10-21 18:25:14 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1997-10-21 18:25:14 +0000 |
commit | efe9b26a7b08cc9ea02cad32a847f71773a6edc4 (patch) | |
tree | 5a3bc973513848a72ba722b0d8d3e67bd0a8c0fc /source3/pipenetlog.c | |
parent | 0083afc90e928f2fa55be3936d51474bb97daf2e (diff) | |
download | samba-efe9b26a7b08cc9ea02cad32a847f71773a6edc4.tar.gz samba-efe9b26a7b08cc9ea02cad32a847f71773a6edc4.tar.bz2 samba-efe9b26a7b08cc9ea02cad32a847f71773a6edc4.zip |
loadparm.c :
added "domain admin users" parameter
added "domain guest users" parameter
these two complement the "domain groups" parameter. the "domain groups"
parameter should be for your own groups, and well-known aliases.
util.c :
added ability to do "domain groups = power_users admin_users backup_ops"
which are well-known RID aliases, not well-known RID groups.
pipenetlog.c :
combine the "domain admin users"; "domain guest users" and "domain groups"
parameters to give an array of RID groups to include in the SAM Logon
response.
ipc.c smb.h :
moved REALLOC() into smb.h
added RID #defines.
proto.h:
usual.
(This used to be commit f2554f231d1f59f30224adcc02b2b3ca4c24e0dd)
Diffstat (limited to 'source3/pipenetlog.c')
-rw-r--r-- | source3/pipenetlog.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/source3/pipenetlog.c b/source3/pipenetlog.c index 0563a61591..ad4ad63369 100644 --- a/source3/pipenetlog.c +++ b/source3/pipenetlog.c @@ -508,6 +508,7 @@ static void api_lsa_sam_logon( user_struct *vuser, pstring home_drive; pstring my_name; pstring my_workgroup; + pstring domain_groups; pstring dom_sid; extern pstring myname; @@ -518,6 +519,9 @@ static void api_lsa_sam_logon( user_struct *vuser, pstrcpy(samlogon_user, unistr2(q_l.sam_id.auth.id1.uni_user_name.buffer)); + DEBUG(3,("SAM Logon. Domain:[%s]. User [%s]\n", + lp_workgroup(), samlogon_user)); + /* hack to get standard_sub_basic() to use the sam logon username */ sam_logon_in_ssb = True; @@ -529,7 +533,28 @@ static void api_lsa_sam_logon( user_struct *vuser, pstrcpy(home_drive , lp_logon_drive ()); pstrcpy(home_dir , lp_logon_home ()); - num_gids = make_domain_gids(lp_domain_groups(), gids); + /* any additional groups this user is in. e.g power users */ + pstrcpy(domain_groups, lp_domain_groups()); + + /* one RID group always added: 512 (Admin); 513 (Users); 514 (Guests) */ + + if (user_in_list(samlogon_user, lp_domain_guest_users())) + { + DEBUG(3,("domain guest access granted\n")); + strcat(domain_groups, " 514/7 "); + } + else if (user_in_list(samlogon_user, lp_domain_admin_users())) + { + DEBUG(3,("domain admin access granted\n")); + strcat(domain_groups, " 512/7 "); + } + else + { + DEBUG(3,("domain user access granted\n")); + strcat(domain_groups, " 513/7 "); + } + + num_gids = make_domain_gids(domain_groups, gids); sam_logon_in_ssb = False; |