diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/libgpo/gpo_ldap.c | 13 | ||||
-rw-r--r-- | source3/libgpo/gpo_sec.c | 30 |
3 files changed, 41 insertions, 4 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 93e3dd0e44..e7494d7031 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -299,7 +299,7 @@ LIBADDNS_OBJ0 = libaddns/dnsrecord.o libaddns/dnsutils.o libaddns/dnssock.o \ LIBADDNS_OBJ = $(LIBADDNS_OBJ0) $(TALLOC_OBJ) LIBGPO_OBJ0 = libgpo/gpo_ldap.o libgpo/gpo_parse.o libgpo/gpo_util.o \ - libgpo/gpo_fetch.o libgpo/gpo_filesync.o + libgpo/gpo_fetch.o libgpo/gpo_filesync.o libgpo/gpo_sec.o LIBGPO_OBJ = $(LIBGPO_OBJ0) LIBADS_OBJ = libads/ldap.o libads/ldap_printer.o libads/sasl.o \ diff --git a/source3/libgpo/gpo_ldap.c b/source3/libgpo/gpo_ldap.c index fbed60b11d..b595e531fe 100644 --- a/source3/libgpo/gpo_ldap.c +++ b/source3/libgpo/gpo_ldap.c @@ -549,16 +549,23 @@ ADS_STATUS add_gplink_to_gpo_list(ADS_STRUCT *ads, } } - new_gpo = TALLOC_P(mem_ctx, struct GROUP_POLICY_OBJECT); + new_gpo = TALLOC_ZERO_P(mem_ctx, struct GROUP_POLICY_OBJECT); ADS_ERROR_HAVE_NO_MEMORY(new_gpo); - ZERO_STRUCTP(new_gpo); - status = ads_get_gpo(ads, mem_ctx, gp_link->link_names[i], NULL, NULL, new_gpo); if (!ADS_ERR_OK(status)) { + DEBUG(10,("failed to get gpo: %s\n", gp_link->link_names[i])); return status; } + status = ADS_ERROR_NT(gpo_apply_security_filtering(new_gpo, token)); + if (!ADS_ERR_OK(status)) { + DEBUG(10,("skipping GPO \"%s\" as object has no access to it\n", + new_gpo->display_name)); + TALLOC_FREE(new_gpo); + continue; + } + new_gpo->link = link_dn; new_gpo->link_type = link_type; diff --git a/source3/libgpo/gpo_sec.c b/source3/libgpo/gpo_sec.c new file mode 100644 index 0000000000..20366a9d20 --- /dev/null +++ b/source3/libgpo/gpo_sec.c @@ -0,0 +1,30 @@ +/* + * Unix SMB/CIFS implementation. + * Group Policy Object Support + * Copyright (C) Guenther Deschner 2007 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" + +/**************************************************************** +****************************************************************/ + +NTSTATUS gpo_apply_security_filtering(const struct GROUP_POLICY_OBJECT *gpo, + const struct GPO_SID_TOKEN *token) +{ + return NT_STATUS_OK; +} |