summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_util.c2
-rw-r--r--source3/auth/token_util.c8
-rw-r--r--source3/groupdb/mapping.c2
-rw-r--r--source3/include/rpc_misc.h20
-rw-r--r--source3/passdb/passdb.c10
-rw-r--r--source3/passdb/pdb_get_set.c4
-rw-r--r--source3/passdb/pdb_interface.c6
-rw-r--r--source3/passdb/pdb_ldap.c2
-rw-r--r--source3/passdb/pdb_smbpasswd.c4
-rw-r--r--source3/printing/nt_printing.c10
-rw-r--r--source3/rpc_server/srv_lsa_nt.c2
-rw-r--r--source3/rpc_server/srv_samr_nt.c10
-rw-r--r--source3/rpc_server/srv_spoolss_util.c2
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c2
-rw-r--r--source3/rpc_server/srv_wkssvc_nt.c4
-rw-r--r--source3/utils/net_groupmap.c4
-rw-r--r--source3/utils/net_sam.c10
-rw-r--r--source3/winbindd/winbindd_ads.c2
-rw-r--r--source3/winbindd/winbindd_pam.c2
-rw-r--r--source3/winbindd/winbindd_passdb.c2
-rw-r--r--source3/winbindd/winbindd_rpc.c2
21 files changed, 45 insertions, 65 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 5e39dca60a..1f83381606 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -697,7 +697,7 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser
return NT_STATUS_NO_MEMORY;
}
- sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_USER_RID_GUEST);
+ sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_RID_GUEST);
become_root();
ret = pdb_getsampwsid(sampass, &guest_sid);
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index cf4a54143d..d60d929482 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -189,7 +189,7 @@ static NTSTATUS add_builtin_administrators(struct nt_user_token *token,
} else {
sid_copy(&domadm, dom_sid);
}
- sid_append_rid( &domadm, DOMAIN_GROUP_RID_ADMINS );
+ sid_append_rid( &domadm, DOMAIN_RID_ADMINS );
/* Add Administrators if the user beloongs to Domain Admins */
@@ -280,7 +280,7 @@ NTSTATUS create_builtin_users(const DOM_SID *dom_sid)
/* add domain users */
if ((IS_DC || (lp_server_role() == ROLE_DOMAIN_MEMBER))
- && sid_compose(&dom_users, dom_sid, DOMAIN_GROUP_RID_USERS))
+ && sid_compose(&dom_users, dom_sid, DOMAIN_RID_USERS))
{
status = add_sid_to_builtin(&global_sid_Builtin_Users,
&dom_users);
@@ -309,7 +309,7 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid)
/* add domain admins */
if ((IS_DC || (lp_server_role() == ROLE_DOMAIN_MEMBER))
- && sid_compose(&dom_admins, dom_sid, DOMAIN_GROUP_RID_ADMINS))
+ && sid_compose(&dom_admins, dom_sid, DOMAIN_RID_ADMINS))
{
status = add_sid_to_builtin(&global_sid_Builtin_Administrators,
&dom_admins);
@@ -765,7 +765,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
sid_copy(&group_sids[0], &user_sid);
sid_split_rid(&group_sids[0], &dummy);
- sid_append_rid(&group_sids[0], DOMAIN_GROUP_RID_USERS);
+ sid_append_rid(&group_sids[0], DOMAIN_RID_USERS);
if (!sid_to_gid(&group_sids[0], gid)) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 7add05e84c..da5a866619 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -126,7 +126,7 @@ bool get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
sid_peek_rid( &sid, &rid );
- if ( rid == DOMAIN_GROUP_RID_USERS ) {
+ if ( rid == DOMAIN_RID_USERS ) {
fstrcpy( map->nt_name, "None" );
fstrcpy( map->comment, "Ordinary Users" );
sid_copy( &map->sid, &sid );
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index ccf7d6a785..d8814e3bc1 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -30,26 +30,6 @@
* well-known RIDs - Relative IDs
**********************************************************************/
-/* RIDs - Well-known users ... */
-#define DOMAIN_USER_RID_ADMIN (0x000001F4L)
-#define DOMAIN_USER_RID_GUEST (0x000001F5L)
-#define DOMAIN_USER_RID_KRBTGT (0x000001F6L)
-
-/* RIDs - well-known groups ... */
-#define DOMAIN_GROUP_RID_ADMINS (0x00000200L)
-#define DOMAIN_GROUP_RID_USERS (0x00000201L)
-#define DOMAIN_GROUP_RID_GUESTS (0x00000202L)
-#define DOMAIN_GROUP_RID_COMPUTERS (0x00000203L)
-
-#define DOMAIN_GROUP_RID_CONTROLLERS (0x00000204L)
-#define DOMAIN_GROUP_RID_CERT_ADMINS (0x00000205L)
-#define DOMAIN_GROUP_RID_SCHEMA_ADMINS (0x00000206L)
-#define DOMAIN_GROUP_RID_ENTERPRISE_ADMINS (0x00000207L)
-
-/* is the following the right number? I bet it is --simo
-#define DOMAIN_GROUP_RID_POLICY_ADMINS (0x00000208L)
-*/
-
/* RIDs - well-known aliases ... */
#define BUILTIN_ALIAS_RID_ADMINS (0x00000220L)
#define BUILTIN_ALIAS_RID_USERS (0x00000221L)
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 0adefd5c6d..9514e05254 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -193,7 +193,7 @@ static NTSTATUS samu_set_unix_internal(struct samu *user, const struct passwd *p
/* Special case for the guest account which must have a RID of 501 */
if ( strequal( pwd->pw_name, guest_account ) ) {
- if ( !pdb_set_user_sid_from_rid(user, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) {
+ if ( !pdb_set_user_sid_from_rid(user, DOMAIN_RID_GUEST, PDB_DEFAULT)) {
return NT_STATUS_NO_SUCH_USER;
}
return NT_STATUS_OK;
@@ -565,10 +565,10 @@ bool algorithmic_pdb_rid_is_user(uint32 rid)
{
if ( rid_is_well_known(rid) ) {
/*
- * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
- * and DOMAIN_USER_RID_GUEST.
+ * The only well known user RIDs are DOMAIN_RID_ADMINISTRATOR
+ * and DOMAIN_RID_GUEST.
*/
- if(rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
+ if(rid == DOMAIN_RID_ADMINISTRATOR || rid == DOMAIN_RID_GUEST)
return True;
} else if((rid & RID_TYPE_MASK) == USER_RID_TYPE) {
return True;
@@ -592,7 +592,7 @@ bool lookup_global_sam_name(const char *name, int flags, uint32_t *rid,
the group already exists. */
if ( strequal( name, "None" ) ) {
- *rid = DOMAIN_GROUP_RID_USERS;
+ *rid = DOMAIN_RID_USERS;
*type = SID_NAME_DOM_GRP;
return True;
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 4725e8e2f1..1416e287ac 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -274,7 +274,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
/* Just set it to the 'Domain Users' RID of 513 which will
always resolve to a name */
- sid_compose(gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
+ sid_compose(gsid, get_global_sam_sid(), DOMAIN_RID_USERS);
sampass->group_sid = gsid;
@@ -584,7 +584,7 @@ bool pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_valu
/* if we cannot resolve the SID to gid, then just ignore it and
store DOMAIN_USERS as the primary groupSID */
- sid_compose(&dug_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
+ sid_compose(&dug_sid, get_global_sam_sid(), DOMAIN_RID_USERS);
if (sid_equal(&dug_sid, g_sid)) {
sid_copy(sampass->group_sid, &dug_sid);
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 130909e7fe..abc023081e 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -281,7 +281,7 @@ bool pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
if ( !sid_peek_check_rid( get_global_sam_sid(), sid, &rid ) )
return False;
- if ( rid == DOMAIN_USER_RID_GUEST ) {
+ if ( rid == DOMAIN_RID_GUEST ) {
DEBUG(6,("pdb_getsampwsid: Building guest account\n"));
return guest_user_info( sam_acct );
}
@@ -702,7 +702,7 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
sid_peek_rid( sid, &rid );
- if ( rid == DOMAIN_GROUP_RID_USERS ) {
+ if ( rid == DOMAIN_RID_USERS ) {
*p_num_members = 0;
*pp_member_rids = NULL;
@@ -1536,7 +1536,7 @@ static bool lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
return False;
}
- if ( rid == DOMAIN_GROUP_RID_USERS ) {
+ if ( rid == DOMAIN_RID_USERS ) {
*name = talloc_strdup(mem_ctx, "None" );
*psid_name_use = SID_NAME_DOM_GRP;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index a66ae9791a..e3bd72a629 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -5402,7 +5402,7 @@ static NTSTATUS ldapsam_create_user(struct pdb_methods *my_methods,
DEBUG(3,("ldapsam_create_user: Creating new posix user\n"));
/* retrieve the Domain Users group gid */
- if (!sid_compose(&group_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS) ||
+ if (!sid_compose(&group_sid, get_global_sam_sid(), DOMAIN_RID_USERS) ||
!sid_to_gid(&group_sid, &gid)) {
DEBUG (0, ("ldapsam_create_user: Unable to get the Domain Users gid: bailing out!\n"));
return NT_STATUS_INVALID_PRIMARY_GROUP;
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index a327da4cac..17c7f333d2 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1195,7 +1195,7 @@ static bool build_smb_pass (struct smb_passwd *smb_pw, const struct samu *sampas
rid = pdb_get_user_rid(sampass);
/* If the user specified a RID, make sure its able to be both stored and retreived */
- if (rid == DOMAIN_USER_RID_GUEST) {
+ if (rid == DOMAIN_RID_GUEST) {
struct passwd *passwd = getpwnam_alloc(NULL, lp_guestaccount());
if (!passwd) {
DEBUG(0, ("Could not find guest account via getpwnam()! (%s)\n", lp_guestaccount()));
@@ -1332,7 +1332,7 @@ static NTSTATUS smbpasswd_getsampwsid(struct pdb_methods *my_methods, struct sam
return NT_STATUS_UNSUCCESSFUL;
/* More special case 'guest account' hacks... */
- if (rid == DOMAIN_USER_RID_GUEST) {
+ if (rid == DOMAIN_RID_GUEST) {
const char *guest_account = lp_guestaccount();
if (!(guest_account && *guest_account)) {
DEBUG(1, ("Guest account not specfied!\n"));
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index a8bc577370..76f112f818 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -2653,7 +2653,7 @@ WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
DOM_SID domadmins_sid;
sid_compose(&domadmins_sid, get_global_sam_sid(),
- DOMAIN_GROUP_RID_ADMINS);
+ DOMAIN_RID_ADMINS);
sa = PRINTER_ACE_FULL_CONTROL;
init_sec_ace(&ace[i++], &domadmins_sid,
@@ -2663,7 +2663,7 @@ WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
}
else if (secrets_fetch_domain_sid(lp_workgroup(), &adm_sid)) {
- sid_append_rid(&adm_sid, DOMAIN_USER_RID_ADMIN);
+ sid_append_rid(&adm_sid, DOMAIN_RID_ADMINISTRATOR);
sa = PRINTER_ACE_FULL_CONTROL;
init_sec_ace(&ace[i++], &adm_sid,
@@ -5606,7 +5606,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx)
DOM_SID domadmins_sid;
sid_compose(&domadmins_sid, get_global_sam_sid(),
- DOMAIN_GROUP_RID_ADMINS);
+ DOMAIN_RID_ADMINS);
sa = PRINTER_ACE_FULL_CONTROL;
init_sec_ace(&ace[i++], &domadmins_sid,
@@ -5616,7 +5616,7 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx)
sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
}
else if (secrets_fetch_domain_sid(lp_workgroup(), &adm_sid)) {
- sid_append_rid(&adm_sid, DOMAIN_USER_RID_ADMIN);
+ sid_append_rid(&adm_sid, DOMAIN_RID_ADMINISTRATOR);
sa = PRINTER_ACE_FULL_CONTROL;
init_sec_ace(&ace[i++], &adm_sid,
@@ -5725,7 +5725,7 @@ bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **s
/* Create new sd */
- sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN);
+ sid_append_rid(&owner_sid, DOMAIN_RID_ADMINISTRATOR);
psd = make_sec_desc(ctx, (*secdesc_ctr)->sd->revision, (*secdesc_ctr)->sd->type,
&owner_sid,
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 297af4ea01..afb85baef2 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -335,7 +335,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
/* Add Full Access for Domain Admins */
- sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
+ sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_RID_ADMINS);
init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
map->generic_all, 0);
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 97ed381824..70c162be9d 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -146,7 +146,7 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
if ( IS_DC ) {
sid_compose(&domadmin_sid, get_global_sam_sid(),
- DOMAIN_GROUP_RID_ADMINS);
+ DOMAIN_RID_ADMINS);
init_sec_ace(&ace[i++], &domadmin_sid,
SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
}
@@ -267,7 +267,7 @@ void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
if ( IS_DC ) {
DOM_SID domadmin_sid;
sid_compose(&domadmin_sid, get_global_sam_sid(),
- DOMAIN_GROUP_RID_ADMINS);
+ DOMAIN_RID_ADMINS);
if (is_sid_in_token(nt_token, &domadmin_sid)) {
*pacc_requested |= GENERIC_ALL_ACCESS;
return;
@@ -2319,13 +2319,13 @@ NTSTATUS _samr_OpenUser(pipes_struct *p,
}
/*
* Cheat - allow GENERIC_RIGHTS_USER_WRITE if pipe user is
- * in DOMAIN_GROUP_RID_ADMINS. This is almost certainly not
+ * in DOMAIN_RID_ADMINS. This is almost certainly not
* what Windows does but is a hack for people who haven't
* set up privileges on groups in Samba.
*/
if (acb_info & (ACB_SVRTRUST|ACB_DOMTRUST)) {
if (lp_enable_privileges() && nt_token_check_domain_rid(p->server_info->ptok,
- DOMAIN_GROUP_RID_ADMINS)) {
+ DOMAIN_RID_ADMINS)) {
des_access &= ~GENERIC_RIGHTS_USER_WRITE;
extra_access = GENERIC_RIGHTS_USER_WRITE;
DEBUG(4,("_samr_OpenUser: Allowing "
@@ -3811,7 +3811,7 @@ NTSTATUS _samr_CreateUser2(pipes_struct *p,
se_priv_copy(&se_rights, &se_priv_none);
can_add_account = nt_token_check_domain_rid(
p->server_info->ptok,
- DOMAIN_GROUP_RID_ADMINS );
+ DOMAIN_RID_ADMINS );
}
DEBUG(5, ("_samr_CreateUser2: %s can add this account : %s\n",
diff --git a/source3/rpc_server/srv_spoolss_util.c b/source3/rpc_server/srv_spoolss_util.c
index 1752329e4c..d9df1a0a5f 100644
--- a/source3/rpc_server/srv_spoolss_util.c
+++ b/source3/rpc_server/srv_spoolss_util.c
@@ -2297,7 +2297,7 @@ create_default:
size_t size;
/* Create new sd */
- sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN);
+ sid_append_rid(&owner_sid, DOMAIN_RID_ADMINISTRATOR);
new_secdesc = make_sec_desc(tmp_ctx,
secdesc->revision,
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 6d86074a54..ef320d0ec6 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1292,7 +1292,7 @@ WERROR _srvsvc_NetSessDel(pipes_struct *p,
if ((p->server_info->utok.uid != sec_initial_uid()) &&
( ! nt_token_check_domain_rid(p->server_info->ptok,
- DOMAIN_GROUP_RID_ADMINS))) {
+ DOMAIN_RID_ADMINS))) {
goto done;
}
diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index a8cbfba368..4106bc10bc 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -800,7 +800,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p,
}
if (!user_has_privileges(token, &se_machine_account) &&
- !nt_token_check_domain_rid(token, DOMAIN_GROUP_RID_ADMINS) &&
+ !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) &&
!nt_token_check_sid(&global_sid_Builtin_Administrators, token)) {
DEBUG(5,("_wkssvc_NetrJoinDomain2: account doesn't have "
"sufficient privileges\n"));
@@ -871,7 +871,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p,
}
if (!user_has_privileges(token, &se_machine_account) &&
- !nt_token_check_domain_rid(token, DOMAIN_GROUP_RID_ADMINS) &&
+ !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) &&
!nt_token_check_sid(&global_sid_Builtin_Administrators, token)) {
DEBUG(5,("_wkssvc_NetrUnjoinDomain2: account doesn't have "
"sufficient privileges\n"));
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index b39a52ed02..9b46808b8b 100644
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -200,10 +200,10 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv)
for ( i=0; i<argc; i++ ) {
if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) {
rid = get_int_param(argv[i]);
- if ( rid < DOMAIN_GROUP_RID_ADMINS ) {
+ if ( rid < DOMAIN_RID_ADMINS ) {
d_fprintf(stderr,
_("RID must be greater than %d\n"),
- (uint32)DOMAIN_GROUP_RID_ADMINS-1);
+ (uint32)DOMAIN_RID_ADMINS-1);
return -1;
}
}
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index 5c3f4e5b96..9b842aedd3 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -1639,7 +1639,7 @@ static int net_sam_provision(struct net_context *c, int argc, const char **argv)
d_printf(_("Checking for Domain Users group.\n"));
- sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
+ sid_compose(&gsid, get_global_sam_sid(), DOMAIN_RID_USERS);
if (!pdb_getgrsid(&gmap, gsid)) {
LDAPMod **mods = NULL;
@@ -1696,7 +1696,7 @@ domu_done:
d_printf(_("Checking for Domain Admins group.\n"));
- sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
+ sid_compose(&gsid, get_global_sam_sid(), DOMAIN_RID_ADMINS);
if (!pdb_getgrsid(&gmap, gsid)) {
LDAPMod **mods = NULL;
@@ -1803,7 +1803,7 @@ doma_done:
goto failed;
}
- sid_compose(&sid, get_global_sam_sid(), DOMAIN_USER_RID_ADMIN);
+ sid_compose(&sid, get_global_sam_sid(), DOMAIN_RID_ADMINISTRATOR);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_ACCOUNT);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXACCOUNT);
@@ -1880,7 +1880,7 @@ doma_done:
}
}
- sid_compose(&sid, get_global_sam_sid(), DOMAIN_USER_RID_GUEST);
+ sid_compose(&sid, get_global_sam_sid(), DOMAIN_RID_GUEST);
dn = talloc_asprintf(tc, "uid=%s,%s", pwd->pw_name, lp_ldap_user_suffix ());
uidstr = talloc_asprintf(tc, "%u", (unsigned int)pwd->pw_uid);
@@ -1959,7 +1959,7 @@ doma_done:
goto failed;
}
- sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_GUESTS);
+ sid_compose(&gsid, get_global_sam_sid(), DOMAIN_RID_GUESTS);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXGROUP);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_GROUPMAP);
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index f647a3ffaf..50abcc30c3 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -506,7 +506,7 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
/* Assume "Domain Users" for the primary group */
- sid_compose(&info->group_sid, &domain->sid, DOMAIN_GROUP_RID_USERS );
+ sid_compose(&info->group_sid, &domain->sid, DOMAIN_RID_USERS );
/* Try to fill in what the nss_info backend can do */
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 9554339769..34f1fbc341 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -1039,7 +1039,7 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
DEBUG(10,("winbindd_dual_pam_auth_cached: failed to get password properties.\n"));
}
- if ((my_info3->base.rid != DOMAIN_USER_RID_ADMIN) ||
+ if ((my_info3->base.rid != DOMAIN_RID_ADMINISTRATOR) ||
(password_properties & DOMAIN_PASSWORD_LOCKOUT_ADMINS)) {
my_info3->base.acct_flags |= ACB_AUTOLOCK;
}
diff --git a/source3/winbindd/winbindd_passdb.c b/source3/winbindd/winbindd_passdb.c
index 34b5990a3f..023f68f1b3 100644
--- a/source3/winbindd/winbindd_passdb.c
+++ b/source3/winbindd/winbindd_passdb.c
@@ -467,7 +467,7 @@ static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
something like that. */
sid_compose(&(*info)[i].group_sid, &domain->sid,
- DOMAIN_GROUP_RID_USERS);
+ DOMAIN_RID_USERS);
}
TALLOC_FREE(ps);
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 87494db2bb..793cc430f0 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -124,7 +124,7 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
something like that. */
sid_compose(&dst->group_sid, &domain->sid,
- DOMAIN_GROUP_RID_USERS);
+ DOMAIN_RID_USERS);
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));