diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-09-25 19:14:42 -0700 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-09-26 07:09:08 +0000 |
commit | 7dbfeb0dc040889244a1110940af2d070f823374 (patch) | |
tree | 3138243ba4e9b84159a416dd4e2e7e39d27bd7eb /source4/auth/sam.c | |
parent | 65fc066ef43786faae9d4adf8f0941d86315f398 (diff) | |
download | samba-7dbfeb0dc040889244a1110940af2d070f823374.tar.gz samba-7dbfeb0dc040889244a1110940af2d070f823374.tar.bz2 samba-7dbfeb0dc040889244a1110940af2d070f823374.zip |
s4-auth: fixed the SID list for DCs in the PAC
the S-1-5-9 SID is added in the PAC by the KDC, not on the server that
receives the PAC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Sun Sep 26 07:09:08 UTC 2010 on sn-devel-104
Diffstat (limited to 'source4/auth/sam.c')
-rw-r--r-- | source4/auth/sam.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 6bf1d5f9e3..bdbf6906a3 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -558,6 +558,22 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, server_info); } + if (server_info->acct_flags & ACB_SVRTRUST) { + /* the SID_NT_ENTERPRISE_DCS SID gets added into the + PAC */ + server_info->domain_groups = talloc_realloc(server_info, + server_info->domain_groups, + struct dom_sid *, + server_info->n_domain_groups+1); + NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->domain_groups, server_info); + server_info->domain_groups[server_info->n_domain_groups] = + dom_sid_parse_talloc(server_info->domain_groups, + SID_NT_ENTERPRISE_DCS); + NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->domain_groups[server_info->n_domain_groups], + server_info); + server_info->n_domain_groups++; + } + server_info->authenticated = true; talloc_free(tmp_ctx); |