summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/srv_lsa_nt.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index e609eac950..04747406d4 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -544,7 +544,7 @@ NTSTATUS _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL
lsa_get_generic_sd(p->mem_ctx, &psd, &sd_size);
if(!se_access_check(psd, p->pipe_user.nt_user_token, des_access, &acc_granted, &status)) {
- if (geteuid() != 0) {
+ if (p->pipe_user.ut.uid != sec_initial_uid()) {
return status;
}
DEBUG(4,("ACCESS should be DENIED (granted: %#010x; required: %#010x)\n",
@@ -554,7 +554,7 @@ NTSTATUS _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL
/* This is needed for lsa_open_account and rpcclient .... :-) */
- if (geteuid() == 0)
+ if (p->pipe_user.ut.uid == sec_initial_uid())
acc_granted = POLICY_ALL_ACCESS;
/* associate the domain SID with the (unique) handle. */