summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi/drsutil.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-08-17 14:12:21 +1000
committerAndrew Tridgell <tridge@samba.org>2010-08-17 21:21:50 +1000
commit45a2b408ba16ebabedc519a7235b05c104dede6b (patch)
tree2d19a5608d123252a2e21297ead88776f61fc611 /source4/rpc_server/drsuapi/drsutil.c
parent84bedf4028a5c841f08c079bfd20b9111fe52777 (diff)
downloadsamba-45a2b408ba16ebabedc519a7235b05c104dede6b.tar.gz
samba-45a2b408ba16ebabedc519a7235b05c104dede6b.tar.bz2
samba-45a2b408ba16ebabedc519a7235b05c104dede6b.zip
s4-drs: added domain_sid to DRS security checks
we need the domain_sid to determine if the account is a RODC for our domain Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/rpc_server/drsuapi/drsutil.c')
-rw-r--r--source4/rpc_server/drsuapi/drsutil.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c
index e29c14dbc1..f20082f6bb 100644
--- a/source4/rpc_server/drsuapi/drsutil.c
+++ b/source4/rpc_server/drsuapi/drsutil.c
@@ -103,7 +103,8 @@ int drsuapi_search_with_extended_dn(struct ldb_context *ldb,
WERROR drs_security_level_check(struct dcesrv_call_state *dce_call,
const char* call,
- enum security_user_level minimum_level)
+ enum security_user_level minimum_level,
+ const struct dom_sid *domain_sid)
{
enum security_user_level level;
@@ -112,7 +113,7 @@ WERROR drs_security_level_check(struct dcesrv_call_state *dce_call,
return WERR_OK;
}
- level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL);
+ level = security_session_user_level(dce_call->conn->auth_state.session_info, domain_sid);
if (level < minimum_level) {
if (call) {
DEBUG(0,("%s refused for security token (level=%u)\n",
generated by cgit (git 2.34.1) at 2024-07-02 07:57:30 +0000