s4:security Remove use of user_sid and group_sid from struct security_token

This makes the structure more like Samba3's NT_USER_TOKEN

4 files changed, 7 insertions, 7 deletions

diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index ba47b9b040..0beb99d758 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -774,7 +774,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
 	    (req8->replica_flags & DRSUAPI_DRS_WRIT_REP)) {
 		DEBUG(3,(__location__ ": Removing WRIT_REP flag for replication by RODC %s\n",
 			 dom_sid_string(mem_ctx,
-					dce_call->conn->auth_state.session_info->security_token->user_sid)));
+					dce_call->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX])));
 		req8->replica_flags &= ~DRSUAPI_DRS_WRIT_REP;
 	}
 
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c
index daf057d6d6..08d49baf2b 100644
--- a/source4/rpc_server/drsuapi/updaterefs.c
+++ b/source4/rpc_server/drsuapi/updaterefs.c
@@ -215,11 +215,11 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA
 		/* check that they are using an DSA objectGUID that they own */
 		ret = dsdb_validate_dsa_guid(b_state->sam_ctx,
 		                             &req->dest_dsa_guid,
-		                             dce_call->conn->auth_state.session_info->security_token->user_sid);
+		                             dce_call->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX]);
 		if (ret != LDB_SUCCESS) {
 			DEBUG(0,(__location__ ": Refusing DsReplicaUpdateRefs for sid %s with GUID %s\n",
 				 dom_sid_string(mem_ctx,
-						dce_call->conn->auth_state.session_info->security_token->user_sid),
+						dce_call->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX]),
 				 GUID_string(mem_ctx, &req->dest_dsa_guid)));
 			return WERR_DS_DRA_ACCESS_DENIED;
 		}
diff --git a/source4/rpc_server/handles.c b/source4/rpc_server/handles.c
index 085703b3d4..495d42ab4a 100644
--- a/source4/rpc_server/handles.c
+++ b/source4/rpc_server/handles.c
@@ -22,7 +22,7 @@
 #include "includes.h"
 #include "../lib/util/dlinklist.h"
 #include "rpc_server/dcerpc_server.h"
-#include "libcli/security/dom_sid.h"
+#include "libcli/security/security.h"
 #include "auth/session.h"
 
 /*
@@ -44,7 +44,7 @@ _PUBLIC_ struct dcesrv_handle *dcesrv_handle_new(struct dcesrv_connection_contex
 	struct dcesrv_handle *h;
 	struct dom_sid *sid;
 
-	sid = context->conn->auth_state.session_info->security_token->user_sid;
+	sid = context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
 
 	h = talloc(context->assoc_group, struct dcesrv_handle);
 	if (!h) {
@@ -80,7 +80,7 @@ _PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch(
 	struct dcesrv_handle *h;
 	struct dom_sid *sid;
 
-	sid = context->conn->auth_state.session_info->security_token->user_sid;
+	sid = context->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
 
 	if (policy_handle_empty(p)) {
 		/* TODO: we should probably return a NULL handle here */
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 0a347e07dd..371419fa70 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -338,7 +338,7 @@ static NTSTATUS dcesrv_lsa_QuerySecurity(struct dcesrv_call_state *dce_call, TAL
 
 	DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
 
-	sid = dce_call->conn->auth_state.session_info->security_token->user_sid;
+	sid = dce_call->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
 
 	if (h->wire_handle.handle_type == LSA_HANDLE_POLICY) {
 		status = dcesrv_build_lsa_sd(mem_ctx, &sd, sid, 0);