summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2001-04-21 23:06:59 +0000
committerJeremy Allison <jra@samba.org>2001-04-21 23:06:59 +0000
commita626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa (patch)
tree424bb2d6e94b88d6ddb304480109ef7b149ee834 /source3
parent9319a9484c15d8453c96f17c450e75a9e70bb690 (diff)
downloadsamba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.tar.gz
samba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.tar.bz2
samba-a626bb3a239e80ad0ea55a00f721b2c0a5dfc8fa.zip
JF pointed out we were returning the wrong info for Domain member with info
levels 3 and 5. I *hate* LSAQueryInfoPolicy() :-). Jeremy. (This used to be commit 37581bdf1e1f24dabe67befdc27f54f516d3f08e)
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_server/srv_lsa_nt.c26
1 files changed, 9 insertions, 17 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index f273c7bb4c..f4407f5d36 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -355,24 +355,25 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
break;
}
case 0x03:
- switch (lp_server_role())
- {
+ /* Request PolicyPrimaryDomainInformation. */
+ switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
name = global_myworkgroup;
sid = &global_sam_sid;
break;
case ROLE_DOMAIN_MEMBER:
- name = global_myname;
+ name = global_myworkgroup;
+ /* We need to return the Domain SID here. */
if (secrets_fetch_domain_sid(global_myworkgroup,
&domain_sid))
sid = &domain_sid;
else
- sid = &global_sam_sid;
+ return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
break;
case ROLE_STANDALONE:
name = global_myname;
- sid = &global_sam_sid;
+ sid = NULL; /* Tell it we're not in a domain. */
break;
default:
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
@@ -380,22 +381,14 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
init_dom_query(&r_u->dom.id3, name, sid);
break;
case 0x05:
- /* AS/U shows this needs to be the same as level 3. JRA. */
- switch (lp_server_role())
- {
+ /* Request PolicyAccountDomainInformation. */
+ switch (lp_server_role()) {
case ROLE_DOMAIN_PDC:
case ROLE_DOMAIN_BDC:
name = global_myworkgroup;
sid = &global_sam_sid;
break;
case ROLE_DOMAIN_MEMBER:
- name = global_myname;
- if (secrets_fetch_domain_sid(global_myworkgroup,
- &domain_sid))
- sid = &domain_sid;
- else
- sid = &global_sam_sid;
- break;
case ROLE_STANDALONE:
name = global_myname;
sid = &global_sam_sid;
@@ -406,8 +399,7 @@ uint32 _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO
init_dom_query(&r_u->dom.id5, name, sid);
break;
case 0x06:
- switch (lp_server_role())
- {
+ switch (lp_server_role()) {
case ROLE_DOMAIN_BDC:
/*
* only a BDC is a backup controller