From 9d09b66f41cb4ab58bd4a6d83ecebb91805a4b5b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 19 Jul 2011 10:51:08 +1000 Subject: auth: Set NETLOGON_GUEST and use it to determine guest status These additional measures should help ensure we do not accidentily upgrade a guest to an authenticated user in the future. Andrew Bartlett Signed-off-by: Andrew Tridgell --- auth/auth_sam_reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'auth/auth_sam_reply.c') diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c index ee27e966f6..59fcf7ad5d 100644 --- a/auth/auth_sam_reply.c +++ b/auth/auth_sam_reply.c @@ -237,7 +237,8 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx, info->bad_password_count = base->bad_password_count; info->acct_flags = base->acct_flags; - info->authenticated = authenticated; + /* Only set authenticated if both NETLOGON_GUEST is not set, and authenticated is set */ + info->authenticated = (authenticated && (!(base->user_flags & NETLOGON_GUEST))); *_user_info = info; return NT_STATUS_OK; -- cgit