summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth_sam.c14
-rw-r--r--source4/auth/auth_util.c14
2 files changed, 17 insertions, 11 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 3c35031643..1c33b26528 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -183,14 +183,13 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
uint_t ret_domain;
const char *domain_dn;
+ const char *domain_sid;
NTSTATUS nt_status;
DATA_BLOB user_sess_key = data_blob(NULL, 0);
DATA_BLOB lm_sess_key = data_blob(NULL, 0);
uint8 *lm_pwd, *nt_pwd;
- struct dom_sid *domain_sid;
-
const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash",
"userAccountControl",
"pwdLastSet",
@@ -228,28 +227,27 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- domain_sid = dom_sid_parse_talloc(mem_ctx, samdb_result_string(msgs[0], "objectSid", NULL));
+ domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
if (!domain_sid) {
samdb_close(sam_ctx);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- sid_split_rid(domain_sid, NULL);
-
/* find the domain's DN */
ret_domain = samdb_search(sam_ctx, mem_ctx, NULL, &msgs_domain, domain_attrs,
"(&(objectSid=%s)(objectclass=domain))",
- dom_sid_string(mem_ctx, domain_sid));
+ domain_sid);
if (ret_domain == 0) {
DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
- dom_sid_string(mem_ctx, domain_sid)));
+ domain_sid));
samdb_close(sam_ctx);
return NT_STATUS_NO_SUCH_USER;
}
if (ret_domain > 1) {
- DEBUG(1,("Found %d records matching domain [%s]\n", ret_domain, dom_sid_string(mem_ctx, domain_sid)));
+ DEBUG(1,("Found %d records matching domain [%s]\n",
+ ret_domain, domain_sid));
samdb_close(sam_ctx);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index e72368132a..17d864b718 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -390,7 +390,8 @@ BOOL make_user_info_guest(auth_usersupplied_info **user_info)
void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
{
- fstring sid_str;
+ TALLOC_CTX *mem_ctx;
+
size_t i;
if (!token) {
@@ -398,12 +399,19 @@ void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
return;
}
+ mem_ctx = talloc_init("debug_nt_user_token()");
+ if (!mem_ctx) {
+ return;
+ }
+
DEBUGC(dbg_class, dbg_lev, ("NT user token of user %s\n",
- sid_to_string(sid_str, token->user_sids[0]) ));
+ dom_sid_string(mem_ctx, token->user_sids[0]) ));
DEBUGADDC(dbg_class, dbg_lev, ("contains %lu SIDs\n", (unsigned long)token->num_sids));
for (i = 0; i < token->num_sids; i++)
DEBUGADDC(dbg_class, dbg_lev, ("SID[%3lu]: %s\n", (unsigned long)i,
- sid_to_string(sid_str, token->user_sids[i])));
+ dom_sid_string(mem_ctx, token->user_sids[i])));
+
+ talloc_destroy(mem_ctx);
}
/****************************************************************************
generated by cgit (git 2.34.1) at 2025-02-27 12:06:15 +0000