summaryrefslogtreecommitdiff
path: root/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/rpc_server/drsuapi/dcesrv_drsuapi.c')
-rw-r--r--source4/rpc_server/drsuapi/dcesrv_drsuapi.c18
1 files changed, 10 insertions, 8 deletions
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index f96c4c03da..9903f08746 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -228,15 +228,17 @@ static WERROR dcesrv_drsuapi_DsUnbind(struct dcesrv_call_state *dce_call, TALLOC
static WERROR dcesrv_drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct drsuapi_DsReplicaSync *r)
{
- if (security_session_user_level(dce_call->conn->auth_state.session_info) <
- SECURITY_DOMAIN_CONTROLLER) {
- DEBUG(0,("DsReplicaSync refused for security token\n"));
- return WERR_DS_DRA_ACCESS_DENIED;
+ WERROR status;
+
+ status = drs_security_level_check(dce_call, "DsReplicaSync");
+ if (!W_ERROR_IS_OK(status)) {
+ return status;
}
dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx, r, NDR_DRSUAPI_DSREPLICASYNC,
&ndr_table_drsuapi,
"dreplsrv", "DsReplicaSync");
+
return WERR_OK;
}
@@ -453,14 +455,14 @@ static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call
struct ldb_dn *ntds_dn;
int ret;
bool ok;
+ WERROR status;
ZERO_STRUCT(r->out.res);
*r->out.level_out = 1;
- if (security_session_user_level(dce_call->conn->auth_state.session_info) <
- SECURITY_DOMAIN_CONTROLLER) {
- DEBUG(0,("DsRemoveDSServer refused for security token\n"));
- return WERR_DS_DRA_ACCESS_DENIED;
+ status = drs_security_level_check(dce_call, "DsRemoveDSServer");
+ if (!W_ERROR_IS_OK(status)) {
+ return status;
}
DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
generated by cgit (git 2.34.1) at 2024-07-12 20:22:01 +0000