From bb1ba4ff76eb90d0d62dd3edbe288f45cf7a0a1e Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Thu, 22 Apr 2010 16:48:01 +1000
Subject: s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level

This is used for allowing operations by RODCs, and denying them
operations that should only be allowed for a full DC

This required a new domain_sid argument to
security_session_user_level()

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-With: Rusty Russell <rusty@samba.org>
---
 source4/dsdb/samdb/ldb_modules/rootdse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/dsdb/samdb/ldb_modules/rootdse.c')

diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index f10a125eb6..5fffef7c86 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -884,7 +884,7 @@ static int rootdse_enableoptionalfeature(struct ldb_module *module, struct ldb_r
 	int ret;
 	const char *guid_string;
 
-	if (security_session_user_level(session_info) != SECURITY_SYSTEM) {
+	if (security_session_user_level(session_info, NULL) != SECURITY_SYSTEM) {
 		ldb_asprintf_errstring(ldb, "rootdse: Insufficient rights for enableoptionalfeature");
 		return LDB_ERR_UNWILLING_TO_PERFORM;
 	}
-- 
cgit