From 5d2dfd12cf779c410e041a1815e5e3edf0ea38d8 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 15 Sep 2009 19:26:33 -0700
Subject: s4-drs: lock down key DRS calls

The key DRS calls should only be allowed by administrators or domain
controllers
---
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'source4/rpc_server/drsuapi/dcesrv_drsuapi.c')

diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index a5418a1a93..c01711d2d9 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -30,6 +30,7 @@
 #include "librpc/gen_ndr/ndr_drsblobs.h"
 #include "messaging/irpc.h"
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
+#include "libcli/security/security.h"
 
 /* 
   drsuapi_DsBind 
@@ -234,8 +235,10 @@ static WERROR dcesrv_drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, T
 	struct server_id *repld;
 	struct irpc_request *ireq;
 
-	if (DEBUGLVL(4)) {
-		NDR_PRINT_IN_DEBUG(drsuapi_DsReplicaSync, r);
+	if (security_session_user_level(dce_call->conn->auth_state.session_info) <
+	    SECURITY_DOMAIN_CONTROLLER) {
+		DEBUG(0,("DsReplicaSync refused for security token\n"));
+		return WERR_DS_DRA_ACCESS_DENIED;
 	}
 
 	repld = irpc_servers_byname(dce_call->msg_ctx, mem_ctx, "dreplsrv");
@@ -474,6 +477,12 @@ static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call
 	ZERO_STRUCT(r->out.res);
 	*r->out.level_out = 1;
 
+	if (security_session_user_level(dce_call->conn->auth_state.session_info) <
+	    SECURITY_DOMAIN_CONTROLLER) {
+		DEBUG(0,("DsRemoveDSServer refused for security token\n"));
+		return WERR_DS_DRA_ACCESS_DENIED;
+	}
+
 	DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
 	b_state = h->data;
 
-- 
cgit