summaryrefslogtreecommitdiff
path: root/source4/auth/auth_sam.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-10-03 06:40:40 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:59:34 -0500
commit6b481af7f2860157dd0fa12e2cc6dbbc7c22a20e (patch)
treefd3b5e90ede6325a02adfa91df65d014d72eb091 /source4/auth/auth_sam.c
parent1429ed54f14055a1a9399452cb6cfc94f9451cf5 (diff)
downloadsamba-6b481af7f2860157dd0fa12e2cc6dbbc7c22a20e.tar.gz
samba-6b481af7f2860157dd0fa12e2cc6dbbc7c22a20e.tar.bz2
samba-6b481af7f2860157dd0fa12e2cc6dbbc7c22a20e.zip
r2793: fixed the handling of primaryGroupID in auth_sam. There were two bugs,
the first was it didn't pass primaryGroupID as an attributed it wanted, the second was it didn't cope with primaryGroupID not being present. (This used to be commit 8373bfcdeca13dcdce3081af420d8bb7d842ad18)
Diffstat (limited to 'source4/auth/auth_sam.c')
-rw-r--r--source4/auth/auth_sam.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 6ddddafee3..4e797acd36 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -222,6 +222,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
"accountExpires",
"badPwdCount",
"logonCount",
+ "primaryGroupID",
NULL,
};
@@ -333,6 +334,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
struct dom_sid *primary_group_sid;
const char *sidstr;
int i;
+ uint_t rid;
group_ret = samdb_search(sam_ctx,
mem_ctx, NULL, &group_msgs, group_attrs,
@@ -357,8 +359,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
sidstr = ldb_msg_find_string(msgs[0], "objectSid", NULL);
user_sid = dom_sid_parse_talloc(*server_info, sidstr);
primary_group_sid = dom_sid_parse_talloc(*server_info, sidstr);
- primary_group_sid->sub_auths[primary_group_sid->num_auths-1]
- = samdb_result_uint(msgs[0], "primaryGroupID", 0);
+ rid = samdb_result_uint(msgs[0], "primaryGroupID", ~0);
+ if (rid == ~0) {
+ if (group_ret > 0) {
+ primary_group_sid = groupSIDs[0];
+ } else {
+ primary_group_sid = NULL;
+ }
+ } else {
+ primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid;
+ }
(*server_info)->user_sid = user_sid;
(*server_info)->primary_group_sid = primary_group_sid;