From 38ac78c3df67d8f187f83abb8fd1bcaeafe4e316 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 25 Jan 2002 22:44:21 +0000 Subject: Change this code so that we don't do a lookup_name() on root. This matches the lookup failure case in 2.2, and seems to make more sense than giving the printer to 'world'. (Avoiding this lookup makes some of my other changes - including winbind default domains - a little easier). In any case, tpot has promised to look at this and test it when he gets back to work. :-) Andrew Bartlett (This used to be commit f0137ac126f782e83ed15d8e905def708cdb6c64) --- source3/printing/nt_printing.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) (limited to 'source3/printing') diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 93bb4b1a0b..ac13d09f74 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -3544,20 +3544,12 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) if (winbind_lookup_name(lp_workgroup(), &owner_sid, &name_type)) { sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN); } else { - uint32 owner_rid; - - /* Backup plan - make printer owned by admins or root. + /* Backup plan - make printer owned by admins. This should emulate a lanman printer as security settings can't be changed. */ - sid_peek_rid(&owner_sid, &owner_rid); - - if (owner_rid != BUILTIN_ALIAS_RID_PRINT_OPS && - owner_rid != BUILTIN_ALIAS_RID_ADMINS && - owner_rid != DOMAIN_USER_RID_ADMIN && - !lookup_name("root", &owner_sid, &name_type)) { - sid_copy(&owner_sid, &global_sid_World); - } + sid_copy(&owner_sid, &global_sam_sid); + sid_append_rid(&owner_sid, DOMAIN_USER_RID_ADMIN); } init_sec_access(&sa, PRINTER_ACE_FULL_CONTROL); -- cgit