summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-05-01 17:13:34 +1000
committerAndrew Bartlett <abartlet@samba.org>2012-05-02 01:00:12 +0200
commit221c0e479d99b81f8becd51d641a5979e420efdc (patch)
tree6fa88184a447ef8d14c0e693807389469087909a /source3
parentd7f3c00b853761d929c3a21a6d64feff334944ce (diff)
downloadsamba-221c0e479d99b81f8becd51d641a5979e420efdc.tar.gz
samba-221c0e479d99b81f8becd51d641a5979e420efdc.tar.bz2
samba-221c0e479d99b81f8becd51d641a5979e420efdc.zip
s3-smbd: Use security_session_user_level() rather than nt_token_check_sid()
This allows the unix.whoami test to pass when configured as part of the AD DC. The struct auth_session_info is slightly different in the AD DC configuration when using auth_samba4. In particular, there is a distinction between Guest and Anonymous logins. Andrew Bartlett
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/trans2.c14
1 files changed, 1 insertions, 13 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 63ee76bce9..5cfbc3128b 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -3426,22 +3426,10 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
return NT_STATUS_BUFFER_TOO_SMALL;
}
- /* We ARE guest if global_sid_Builtin_Guests is
- * in our list of SIDs.
- */
- if (nt_token_check_sid(&global_sid_Builtin_Guests,
- conn->session_info->security_token)) {
+ if (security_session_user_level(conn->session_info, NULL) < SECURITY_USER) {
flags |= SMB_WHOAMI_GUEST;
}
- /* We are NOT guest if global_sid_Authenticated_Users
- * is in our list of SIDs.
- */
- if (nt_token_check_sid(&global_sid_Authenticated_Users,
- conn->session_info->security_token)) {
- flags &= ~SMB_WHOAMI_GUEST;
- }
-
/* NOTE: 8 bytes for UID/GID, irrespective of native
* platform size. This matches
* SMB_QUERY_FILE_UNIX_BASIC and friends.