summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/auth/auth_sam.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 6ddddafee3..4e797acd36 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -222,6 +222,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
"accountExpires",
"badPwdCount",
"logonCount",
+ "primaryGroupID",
NULL,
};
@@ -333,6 +334,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
struct dom_sid *primary_group_sid;
const char *sidstr;
int i;
+ uint_t rid;
group_ret = samdb_search(sam_ctx,
mem_ctx, NULL, &group_msgs, group_attrs,
@@ -357,8 +359,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
sidstr = ldb_msg_find_string(msgs[0], "objectSid", NULL);
user_sid = dom_sid_parse_talloc(*server_info, sidstr);
primary_group_sid = dom_sid_parse_talloc(*server_info, sidstr);
- primary_group_sid->sub_auths[primary_group_sid->num_auths-1]
- = samdb_result_uint(msgs[0], "primaryGroupID", 0);
+ rid = samdb_result_uint(msgs[0], "primaryGroupID", ~0);
+ if (rid == ~0) {
+ if (group_ret > 0) {
+ primary_group_sid = groupSIDs[0];
+ } else {
+ primary_group_sid = NULL;
+ }
+ } else {
+ primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid;
+ }
(*server_info)->user_sid = user_sid;
(*server_info)->primary_group_sid = primary_group_sid;