diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-12-21 14:08:34 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-12-21 05:56:22 +0100 |
commit | 446f8a163cfdcfb2c4bb2b8b8adc720bf96c05a5 (patch) | |
tree | b1a96b2df4c141311f84cb6a4dfe25f1cc8073ef /source4/auth | |
parent | 6f7423c7f1cc3a4596a955a90f315ffbf1025c3b (diff) | |
download | samba-446f8a163cfdcfb2c4bb2b8b8adc720bf96c05a5.tar.gz samba-446f8a163cfdcfb2c4bb2b8b8adc720bf96c05a5.tar.bz2 samba-446f8a163cfdcfb2c4bb2b8b8adc720bf96c05a5.zip |
s4-auth Ensure that we always copy across domain groups
Even if we can't calculate the local groups (because we don't have a
local SAM to do it with) we still need to include the domain groups in
the session_info token.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Dec 21 05:56:22 CET 2010 on sn-devel-104
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/session.c | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/source4/auth/session.c b/source4/auth/session.c index 1028aa8320..c9643788fe 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -80,24 +80,24 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, system_sid = dom_sid_parse_talloc(tmp_ctx, SID_NT_SYSTEM); NT_STATUS_HAVE_NO_MEMORY_AND_FREE(system_sid, tmp_ctx); + groupSIDs = talloc_array(tmp_ctx, struct dom_sid *, server_info->n_domain_groups); + NT_STATUS_HAVE_NO_MEMORY_AND_FREE(groupSIDs, tmp_ctx); + if (!groupSIDs) { + talloc_free(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + + num_groupSIDs = server_info->n_domain_groups; + + for (i=0; i < server_info->n_domain_groups; i++) { + groupSIDs[i] = server_info->domain_groups[i]; + } + if (dom_sid_equal(anonymous_sid, server_info->account_sid)) { /* Don't expand nested groups of system, anonymous etc*/ } else if (dom_sid_equal(system_sid, server_info->account_sid)) { /* Don't expand nested groups of system, anonymous etc*/ } else if (sam_ctx) { - groupSIDs = talloc_array(tmp_ctx, struct dom_sid *, server_info->n_domain_groups); - NT_STATUS_HAVE_NO_MEMORY_AND_FREE(groupSIDs, tmp_ctx); - if (!groupSIDs) { - talloc_free(tmp_ctx); - return NT_STATUS_NO_MEMORY; - } - - num_groupSIDs = server_info->n_domain_groups; - - for (i=0; i < server_info->n_domain_groups; i++) { - groupSIDs[i] = server_info->domain_groups[i]; - } - filter = talloc_asprintf(tmp_ctx, "(&(objectClass=group)(groupType:1.2.840.113556.1.4.803:=%u))", GROUP_TYPE_BUILTIN_LOCAL_GROUP); |