diff options
-rw-r--r-- | source4/auth/system_session.c | 8 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 6 |
2 files changed, 8 insertions, 6 deletions
diff --git a/source4/auth/system_session.c b/source4/auth/system_session.c index d588090d60..4712702e46 100644 --- a/source4/auth/system_session.c +++ b/source4/auth/system_session.c @@ -190,7 +190,7 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, } /* references the server_info into the session_info */ - nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info); + nt_status = auth_generate_session_info(parent_ctx, NULL, server_info, 0, &session_info); talloc_free(mem_ctx); NT_STATUS_NOT_OK_RETURN(nt_status); @@ -441,7 +441,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, } /* references the server_info into the session_info */ - nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info); + nt_status = auth_generate_session_info(parent_ctx, NULL, server_info, 0, &session_info); talloc_free(mem_ctx); NT_STATUS_NOT_OK_RETURN(nt_status); @@ -470,8 +470,8 @@ _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx, server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS); NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid); - /* is this correct? */ - server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS); + /* The anonymous user has only one SID in it's token, but we need to fill something in here */ + server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS); NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid); server_info->n_domain_groups = 0; diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index 2d64cc1b85..0a2d5c3c7c 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -168,8 +168,10 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); ptoken->sids[PRIMARY_USER_SID_INDEX] = talloc_reference(ptoken, user_sid); - ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid); - ptoken->num_sids++; + if (!dom_sid_equal(user_sid, group_sid)) { + ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid); + ptoken->num_sids++; + } /* * Finally add the "standard" SIDs. |