diff options
| -rw-r--r-- | source4/auth/auth_sam.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 6ddddafee3..4e797acd36 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -222,6 +222,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, "accountExpires", "badPwdCount", "logonCount", + "primaryGroupID", NULL, }; @@ -333,6 +334,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, struct dom_sid *primary_group_sid; const char *sidstr; int i; + uint_t rid; group_ret = samdb_search(sam_ctx, mem_ctx, NULL, &group_msgs, group_attrs, @@ -357,8 +359,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, sidstr = ldb_msg_find_string(msgs[0], "objectSid", NULL); user_sid = dom_sid_parse_talloc(*server_info, sidstr); primary_group_sid = dom_sid_parse_talloc(*server_info, sidstr); - primary_group_sid->sub_auths[primary_group_sid->num_auths-1] - = samdb_result_uint(msgs[0], "primaryGroupID", 0); + rid = samdb_result_uint(msgs[0], "primaryGroupID", ~0); + if (rid == ~0) { + if (group_ret > 0) { + primary_group_sid = groupSIDs[0]; + } else { + primary_group_sid = NULL; + } + } else { + primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid; + } (*server_info)->user_sid = user_sid; (*server_info)->primary_group_sid = primary_group_sid; |