diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-08-17 14:12:21 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-08-17 21:21:50 +1000 |
commit | 45a2b408ba16ebabedc519a7235b05c104dede6b (patch) | |
tree | 2d19a5608d123252a2e21297ead88776f61fc611 /source4/rpc_server/drsuapi/drsutil.c | |
parent | 84bedf4028a5c841f08c079bfd20b9111fe52777 (diff) | |
download | samba-45a2b408ba16ebabedc519a7235b05c104dede6b.tar.gz samba-45a2b408ba16ebabedc519a7235b05c104dede6b.tar.bz2 samba-45a2b408ba16ebabedc519a7235b05c104dede6b.zip |
s4-drs: added domain_sid to DRS security checks
we need the domain_sid to determine if the account is a RODC for our
domain
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/rpc_server/drsuapi/drsutil.c')
-rw-r--r-- | source4/rpc_server/drsuapi/drsutil.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c index e29c14dbc1..f20082f6bb 100644 --- a/source4/rpc_server/drsuapi/drsutil.c +++ b/source4/rpc_server/drsuapi/drsutil.c @@ -103,7 +103,8 @@ int drsuapi_search_with_extended_dn(struct ldb_context *ldb, WERROR drs_security_level_check(struct dcesrv_call_state *dce_call, const char* call, - enum security_user_level minimum_level) + enum security_user_level minimum_level, + const struct dom_sid *domain_sid) { enum security_user_level level; @@ -112,7 +113,7 @@ WERROR drs_security_level_check(struct dcesrv_call_state *dce_call, return WERR_OK; } - level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL); + level = security_session_user_level(dce_call->conn->auth_state.session_info, domain_sid); if (level < minimum_level) { if (call) { DEBUG(0,("%s refused for security token (level=%u)\n", |