summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-09-28 23:19:26 -0700
committerAndrew Tridgell <tridge@samba.org>2010-09-29 09:49:16 -0700
commit44c891a35acae620566901bb6e038df45f411e02 (patch)
treec050fa87a05870383128042c7ca08104488b3522 /source4/auth
parent9a58cd12b4fd1956a1472072b294309b55de01fa (diff)
downloadsamba-44c891a35acae620566901bb6e038df45f411e02.tar.gz
samba-44c891a35acae620566901bb6e038df45f411e02.tar.bz2
samba-44c891a35acae620566901bb6e038df45f411e02.zip
s4-sam: added DOMAIN_RID_ENTERPRISE_READONLY_DCS for RODCs in the PAC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/sam.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index ad7fe0a733..de794cc090 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -575,6 +575,22 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx,
server_info->n_domain_groups++;
}
+ if ((server_info->acct_flags & (ACB_PARTIAL_SECRETS_ACCOUNT | ACB_WSTRUST)) ==
+ (ACB_PARTIAL_SECRETS_ACCOUNT | ACB_WSTRUST)) {
+ /* the DOMAIN_RID_ENTERPRISE_READONLY_DCS PAC */
+ server_info->domain_groups = talloc_realloc(server_info,
+ server_info->domain_groups,
+ struct dom_sid *,
+ server_info->n_domain_groups+1);
+ NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->domain_groups, server_info);
+ server_info->domain_groups[server_info->n_domain_groups] =
+ dom_sid_add_rid(server_info->domain_groups, domain_sid,
+ DOMAIN_RID_ENTERPRISE_READONLY_DCS);
+ NT_STATUS_HAVE_NO_MEMORY_AND_FREE(server_info->domain_groups[server_info->n_domain_groups],
+ server_info);
+ server_info->n_domain_groups++;
+ }
+
server_info->authenticated = true;
talloc_free(tmp_ctx);