diff options
author | Jeremy Allison <jra@samba.org> | 2009-10-17 10:36:33 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2009-10-17 10:36:33 -0700 |
commit | 7c51fa6d699a653cafa90df8e44911b576118ebd (patch) | |
tree | 543bf9ca698e03eff81104898b33e77f1abed319 /source4/rpc_server/drsuapi/dcesrv_drsuapi.c | |
parent | cc3a6770c77ec8fe1cd63bf4c682853c56201f0c (diff) | |
parent | 3e3214fd91471bca5b6c4d3782e922d252d588fb (diff) | |
download | samba-7c51fa6d699a653cafa90df8e44911b576118ebd.tar.gz samba-7c51fa6d699a653cafa90df8e44911b576118ebd.tar.bz2 samba-7c51fa6d699a653cafa90df8e44911b576118ebd.zip |
Merge branch 'master' of ssh://jra@git.samba.org/data/git/samba
Diffstat (limited to 'source4/rpc_server/drsuapi/dcesrv_drsuapi.c')
-rw-r--r-- | source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index 9903f08746..9f903716dc 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -27,6 +27,7 @@ #include "dsdb/samdb/samdb.h" #include "rpc_server/drsuapi/dcesrv_drsuapi.h" #include "libcli/security/security.h" +#include "auth/auth.h" /* drsuapi_DsBind @@ -47,6 +48,8 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C uint32_t pid; uint32_t repl_epoch; int ret; + struct auth_session_info *auth_info; + WERROR werr; r->out.bind_info = NULL; ZERO_STRUCTP(r->out.bind_handle); @@ -54,10 +57,20 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C b_state = talloc_zero(mem_ctx, struct drsuapi_bind_state); W_ERROR_HAVE_NO_MEMORY(b_state); + /* if this is a DC connecting, give them system level access */ + werr = drs_security_level_check(dce_call, NULL); + if (W_ERROR_IS_OK(werr)) { + DEBUG(2,(__location__ ": doing DsBind with system_session\n")); + auth_info = system_session(b_state, dce_call->conn->dce_ctx->lp_ctx); + } else { + auth_info = dce_call->conn->auth_state.session_info; + } + /* * connect to the samdb */ - b_state->sam_ctx = samdb_connect(b_state, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info); + b_state->sam_ctx = samdb_connect(b_state, dce_call->event_ctx, + dce_call->conn->dce_ctx->lp_ctx, auth_info); if (!b_state->sam_ctx) { return WERR_FOOBAR; } |