From d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 15 Apr 2009 15:40:00 -0700
Subject: Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba
 3.2.6+ What a difference a name makes... :-). Just because something is
 missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be
 SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in
 _samr_OpenDomain(). Jeremy.

---
 source3/lib/netapi/user.c | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

(limited to 'source3/lib/netapi/user.c')

diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c
index 1cbb883169..849ba9cc92 100644
--- a/source3/lib/netapi/user.c
+++ b/source3/lib/netapi/user.c
@@ -395,7 +395,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
 					  SAMR_DOMAIN_ACCESS_CREATE_USER |
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
@@ -517,7 +517,7 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					  &connect_handle,
 					  &domain_handle,
@@ -1223,7 +1223,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
 						  SAMR_ACCESS_ENUM_DOMAINS |
-						  SAMR_ACCESS_OPEN_DOMAIN,
+						  SAMR_ACCESS_LOOKUP_DOMAIN,
 						  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
 						  SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
 						  &connect_handle,
@@ -1234,7 +1234,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
 					  SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
@@ -1522,7 +1522,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
 					  SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
@@ -1648,7 +1648,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					  &connect_handle,
 					  &domain_handle,
@@ -1659,7 +1659,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
 						  SAMR_ACCESS_ENUM_DOMAINS |
-						  SAMR_ACCESS_OPEN_DOMAIN,
+						  SAMR_ACCESS_LOOKUP_DOMAIN,
 						  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
 						  SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
 						  &connect_handle,
@@ -1800,7 +1800,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					  &connect_handle,
@@ -1812,7 +1812,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
 						  SAMR_ACCESS_ENUM_DOMAINS |
-						  SAMR_ACCESS_OPEN_DOMAIN,
+						  SAMR_ACCESS_LOOKUP_DOMAIN,
 						  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
 						  SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
 						  &connect_handle,
@@ -2220,7 +2220,7 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  access_mask,
 					  &connect_handle,
 					  &domain_handle,
@@ -2698,7 +2698,7 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  access_mask,
 					  &connect_handle,
 					  &domain_handle,
@@ -2831,7 +2831,7 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					  &connect_handle,
 					  &domain_handle,
@@ -2982,7 +2982,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					  &connect_handle,
 					  &domain_handle,
@@ -3264,7 +3264,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
 					  SAMR_ACCESS_ENUM_DOMAINS |
-					  SAMR_ACCESS_OPEN_DOMAIN,
+					  SAMR_ACCESS_LOOKUP_DOMAIN,
 					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
 					  SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
 					  &connect_handle,
@@ -3276,7 +3276,7 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
 
 	werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
 						  SAMR_ACCESS_ENUM_DOMAINS |
-						  SAMR_ACCESS_OPEN_DOMAIN,
+						  SAMR_ACCESS_LOOKUP_DOMAIN,
 						  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
 						  SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
 						  &connect_handle,
-- 
cgit