summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/auth/system_session.c8
-rw-r--r--source4/dsdb/samdb/samdb.c6
2 files changed, 8 insertions, 6 deletions
diff --git a/source4/auth/system_session.c b/source4/auth/system_session.c
index d588090d60..4712702e46 100644
--- a/source4/auth/system_session.c
+++ b/source4/auth/system_session.c
@@ -190,7 +190,7 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
}
/* references the server_info into the session_info */
- nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(parent_ctx, NULL, server_info, 0, &session_info);
talloc_free(mem_ctx);
NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -441,7 +441,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
}
/* references the server_info into the session_info */
- nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(parent_ctx, NULL, server_info, 0, &session_info);
talloc_free(mem_ctx);
NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -470,8 +470,8 @@ _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
- /* is this correct? */
- server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
+ /* The anonymous user has only one SID in it's token, but we need to fill something in here */
+ server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
server_info->n_domain_groups = 0;
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index 2d64cc1b85..0a2d5c3c7c 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -168,8 +168,10 @@ NTSTATUS security_token_create(TALLOC_CTX *mem_ctx,
NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
ptoken->sids[PRIMARY_USER_SID_INDEX] = talloc_reference(ptoken, user_sid);
- ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid);
- ptoken->num_sids++;
+ if (!dom_sid_equal(user_sid, group_sid)) {
+ ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid);
+ ptoken->num_sids++;
+ }
/*
* Finally add the "standard" SIDs.