From 6b481af7f2860157dd0fa12e2cc6dbbc7c22a20e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 3 Oct 2004 06:40:40 +0000 Subject: r2793: fixed the handling of primaryGroupID in auth_sam. There were two bugs, the first was it didn't pass primaryGroupID as an attributed it wanted, the second was it didn't cope with primaryGroupID not being present. (This used to be commit 8373bfcdeca13dcdce3081af420d8bb7d842ad18) --- source4/auth/auth_sam.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 6ddddafee3..4e797acd36 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -222,6 +222,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, "accountExpires", "badPwdCount", "logonCount", + "primaryGroupID", NULL, }; @@ -333,6 +334,7 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, struct dom_sid *primary_group_sid; const char *sidstr; int i; + uint_t rid; group_ret = samdb_search(sam_ctx, mem_ctx, NULL, &group_msgs, group_attrs, @@ -357,8 +359,16 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context, sidstr = ldb_msg_find_string(msgs[0], "objectSid", NULL); user_sid = dom_sid_parse_talloc(*server_info, sidstr); primary_group_sid = dom_sid_parse_talloc(*server_info, sidstr); - primary_group_sid->sub_auths[primary_group_sid->num_auths-1] - = samdb_result_uint(msgs[0], "primaryGroupID", 0); + rid = samdb_result_uint(msgs[0], "primaryGroupID", ~0); + if (rid == ~0) { + if (group_ret > 0) { + primary_group_sid = groupSIDs[0]; + } else { + primary_group_sid = NULL; + } + } else { + primary_group_sid->sub_auths[primary_group_sid->num_auths-1] = rid; + } (*server_info)->user_sid = user_sid; (*server_info)->primary_group_sid = primary_group_sid; -- cgit