From fac01bda8bb4f52b930496c362f55aca5b112240 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Thu, 29 Nov 2001 16:05:05 +0000 Subject: Changed again how the privilege list is handled in the group mapping code. This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3) --- source3/passdb/passdb.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/passdb/passdb.c') diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 873e569f68..b07dec7c0d 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -551,6 +551,7 @@ BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use) /* check if it's a mapped group */ if (get_group_map_from_sid(local_sid, &map)) { + free_privilege(&map.priv_set); if (map.gid!=-1) { DEBUG(5,("local_local_rid: mapped group %s to gid %u\n", map.nt_name, (unsigned int)map.gid)); fstrcpy(name, map.nt_name); @@ -636,6 +637,7 @@ BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, /* check if it's a mapped group */ if (get_group_map_from_ntname(user, &map)) { + free_privilege(&map.priv_set); if (map.gid!=-1) { /* yes it's a mapped group to a valid unix group */ sid_copy(&local_sid, &map.sid); -- cgit