summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_lsa_nt.c3
-rw-r--r--source3/rpc_server/srv_netlog_nt.c4
-rw-r--r--source3/rpc_server/srv_samr_nt.c17
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c21
4 files changed, 34 insertions, 11 deletions
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index e903f0e974..857040ec8b 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -335,8 +335,7 @@ static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
/* Add Full Access for Domain Admins */
- sid_copy(&adm_sid, get_global_sam_sid());
- sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS);
+ sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
map->generic_all, 0);
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 8f4381cde1..66f3bd3130 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -1057,8 +1057,8 @@ static NTSTATUS _netr_LogonSamLogon_base(pipes_struct *p,
NTSTATUS status = NT_STATUS_OK;
union netr_LogonLevel *logon = r->in.logon;
const char *nt_username, *nt_domain, *nt_workstation;
- auth_usersupplied_info *user_info = NULL;
- auth_serversupplied_info *server_info = NULL;
+ struct auth_usersupplied_info *user_info = NULL;
+ struct auth_serversupplied_info *server_info = NULL;
struct auth_context *auth_context = NULL;
uint8_t pipe_session_key[16];
bool process_creds = true;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 6b40385744..3626cbdf2a 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -145,8 +145,8 @@ static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd
/* Add Full Access for Domain Admins if we are a DC */
if ( IS_DC ) {
- sid_copy( &domadmin_sid, get_global_sam_sid() );
- sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
+ sid_compose(&domadmin_sid, get_global_sam_sid(),
+ DOMAIN_GROUP_RID_ADMINS);
init_sec_ace(&ace[i++], &domadmin_sid,
SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
}
@@ -266,8 +266,8 @@ void map_max_allowed_access(const NT_USER_TOKEN *nt_token,
/* Full access for DOMAIN\Domain Admins. */
if ( IS_DC ) {
DOM_SID domadmin_sid;
- sid_copy( &domadmin_sid, get_global_sam_sid() );
- sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
+ sid_compose(&domadmin_sid, get_global_sam_sid(),
+ DOMAIN_GROUP_RID_ADMINS);
if (is_sid_in_token(nt_token, &domadmin_sid)) {
*pacc_requested |= GENERIC_ALL_ACCESS;
return;
@@ -5837,8 +5837,9 @@ NTSTATUS _samr_CreateDomainGroup(pipes_struct *p,
return status;
}
- if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
+ if (!sid_check_is_domain(&dinfo->sid)) {
return NT_STATUS_ACCESS_DENIED;
+ }
name = r->in.name->string;
if (name == NULL) {
@@ -5898,8 +5899,9 @@ NTSTATUS _samr_CreateDomAlias(pipes_struct *p,
return result;
}
- if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
+ if (!sid_check_is_domain(&dinfo->sid)) {
return NT_STATUS_ACCESS_DENIED;
+ }
name = r->in.alias_name->string;
@@ -6277,8 +6279,9 @@ NTSTATUS _samr_OpenGroup(pipes_struct *p,
/* this should not be hard-coded like this */
- if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
+ if (!sid_check_is_domain(&dinfo->sid)) {
return NT_STATUS_ACCESS_DENIED;
+ }
sid_compose(&info_sid, &dinfo->sid, r->in.rid);
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index d35557e5bd..a2d1d0716d 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1033,6 +1033,13 @@ WERROR _srvsvc_NetFileEnum(pipes_struct *p,
return WERR_UNKNOWN_LEVEL;
}
+ if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
+ p->server_info->ptok)) {
+ DEBUG(1, ("Enumerating files only allowed for "
+ "administrators\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
ctx = talloc_tos();
ctr3 = r->in.info_ctr->ctr.ctr3;
if (!ctr3) {
@@ -1185,6 +1192,13 @@ WERROR _srvsvc_NetConnEnum(pipes_struct *p,
DEBUG(5,("_srvsvc_NetConnEnum: %d\n", __LINE__));
+ if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
+ p->server_info->ptok)) {
+ DEBUG(1, ("Enumerating connections only allowed for "
+ "administrators\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
switch (r->in.info_ctr->level) {
case 0:
werr = init_srv_conn_info_0(r->in.info_ctr->ctr.ctr0,
@@ -1216,6 +1230,13 @@ WERROR _srvsvc_NetSessEnum(pipes_struct *p,
DEBUG(5,("_srvsvc_NetSessEnum: %d\n", __LINE__));
+ if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
+ p->server_info->ptok)) {
+ DEBUG(1, ("Enumerating sessions only allowed for "
+ "administrators\n"));
+ return WERR_ACCESS_DENIED;
+ }
+
switch (r->in.info_ctr->level) {
case 0:
werr = init_srv_sess_info_0(p,
generated by cgit (git 2.34.1) at 2025-08-20 05:40:39 +0000