diff options
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/security/security.h | 1 | ||||
-rw-r--r-- | source4/libcli/security/security_token.c | 9 |
2 files changed, 10 insertions, 0 deletions
diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h index 6dbbe014e7..3cfa484816 100644 --- a/source4/libcli/security/security.h +++ b/source4/libcli/security/security.h @@ -22,6 +22,7 @@ enum security_user_level { SECURITY_ANONYMOUS, SECURITY_USER, + SECURITY_DOMAIN_CONTROLLER, SECURITY_ADMINISTRATOR, SECURITY_SYSTEM }; diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c index 0764dfeb8f..d3eff93ddb 100644 --- a/source4/libcli/security/security_token.c +++ b/source4/libcli/security/security_token.c @@ -142,6 +142,11 @@ bool security_token_has_nt_authenticated_users(const struct security_token *toke return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS); } +bool security_token_has_enterprise_dcs(const struct security_token *token) +{ + return security_token_has_sid_string(token, SID_NT_ENTERPRISE_DCS); +} + enum security_user_level security_session_user_level(struct auth_session_info *session_info) { if (!session_info) { @@ -160,6 +165,10 @@ enum security_user_level security_session_user_level(struct auth_session_info *s return SECURITY_ADMINISTRATOR; } + if (security_token_has_enterprise_dcs(session_info->security_token)) { + return SECURITY_DOMAIN_CONTROLLER; + } + if (security_token_has_nt_authenticated_users(session_info->security_token)) { return SECURITY_USER; } |