1 files changed, 11 insertions, 11 deletions

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index fcfed834e5..4c9ebc01c8 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -520,7 +520,17 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 							      server_info->session_key.length);
 	}
 
-	if (session_info->security_token) {
+	/* We need to populate session_info->info with the information found in server_info->info3 */
+	status = make_user_info_SamBaseInfo(session_info, "", &server_info->info3->base,
+					    server_info->guest == false,
+					    &session_info->info);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("conversion of info3 into auth_user_info failed!\n"));
+		TALLOC_FREE(session_info);
+		return status;
+	}
+
+	if (server_info->security_token) {
 		/* Just copy the token, it has already been finalised
 		 * (nasty hack to support a cached guest session_info,
 		 * and a possible strategy for auth_samba4 to pass in
@@ -545,16 +555,6 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_OK;
 	}
 
-	/* We need to populate session_info->info with the information found in server_info->info3 */
-	status = make_user_info_SamBaseInfo(session_info, "", &server_info->info3->base,
-					    server_info->guest == false,
-					    &session_info->info);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(0, ("conversion of info3 into auth_user_info failed!\n"));
-		TALLOC_FREE(session_info);
-		return status;
-	}
-
 	/*
 	 * If winbind is not around, we can not make much use of the SIDs the
 	 * domain controller provided us with. Likewise if the user name was