mirror of
https://github.com/samba-team/samba.git
synced 2025-02-01 05:47:28 +03:00
auth: Shorten long SID flags combinations
The combination MANDATORY | ENABLED_BY_DEFAULT | ENABLED is very commonly used, and introducing a shorter alias for it makes the code clearer. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton
Andrew Bartlett
parent
e3fdb2d001
commit
5147f011d9
@ -677,8 +677,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
|
||||
if (!sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX].sid, base->rid)) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
user_info_dc->sids[PRIMARY_USER_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[PRIMARY_USER_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].sid = *base->domain_sid;
|
||||
if (!sid_append_rid(&user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].sid, base->primary_gid)) {
|
||||
@ -690,8 +689,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
|
||||
* group in the first place, and besides, these attributes will never
|
||||
* make their way into a PAC.
|
||||
*/
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
for (i = 0; i < base->groups.count; i++) {
|
||||
/* Skip primary group, already added above */
|
||||
|
||||
@ -50,9 +50,7 @@ static NTSTATUS wbcsids_to_samr_RidWithAttributeArray(
|
||||
&groups->rids[j].rid);
|
||||
if (!ok) continue;
|
||||
|
||||
groups->rids[j].attributes = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
groups->rids[j].attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
j++;
|
||||
}
|
||||
|
||||
@ -91,9 +89,7 @@ static NTSTATUS wbcsids_to_netr_SidAttrArray(
|
||||
talloc_free(info3_sids);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
info3_sids[j].attributes = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
info3_sids[j].attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
j++;
|
||||
}
|
||||
|
||||
|
||||
@ -665,6 +665,11 @@ interface security
|
||||
SE_GROUP_LOGON_ID = 0xC0000000
|
||||
} security_GroupAttrs;
|
||||
|
||||
const uint32 SE_GROUP_DEFAULT_FLAGS =
|
||||
SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
|
||||
/* This is not yet sent over the network, but is simply defined in IDL */
|
||||
typedef [public] struct {
|
||||
uint32 num_sids;
|
||||
|
||||
@ -75,9 +75,7 @@ class GroupTests(KDCBaseTest):
|
||||
trust_user = object()
|
||||
|
||||
# Constants for group SID attributes.
|
||||
default_attrs = (security.SE_GROUP_MANDATORY |
|
||||
security.SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
security.SE_GROUP_ENABLED)
|
||||
default_attrs = security.SE_GROUP_DEFAULT_FLAGS
|
||||
resource_attrs = default_attrs | security.SE_GROUP_RESOURCE
|
||||
|
||||
asserted_identity = security.SID_AUTHENTICATION_AUTHORITY_ASSERTED_IDENTITY
|
||||
|
||||
@ -61,9 +61,7 @@ global_hexdump = False
|
||||
|
||||
class S4UKerberosTests(KDCBaseTest):
|
||||
|
||||
default_attrs = (security.SE_GROUP_MANDATORY |
|
||||
security.SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
security.SE_GROUP_ENABLED)
|
||||
default_attrs = security.SE_GROUP_DEFAULT_FLAGS
|
||||
|
||||
def setUp(self):
|
||||
super(S4UKerberosTests, self).setUp()
|
||||
|
||||
@ -723,7 +723,7 @@ NTSTATUS auth3_user_info_dc_add_hints(struct auth_user_info_dc *user_info_dc,
|
||||
(uint32_t)uid);
|
||||
status = add_sid_to_array_attrs_unique(user_info_dc->sids,
|
||||
&tmp_sid,
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED,
|
||||
SE_GROUP_DEFAULT_FLAGS,
|
||||
&user_info_dc->sids,
|
||||
&user_info_dc->num_sids);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -741,7 +741,7 @@ NTSTATUS auth3_user_info_dc_add_hints(struct auth_user_info_dc *user_info_dc,
|
||||
(uint32_t)gid);
|
||||
status = add_sid_to_array_attrs_unique(user_info_dc->sids,
|
||||
&tmp_sid,
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED,
|
||||
SE_GROUP_DEFAULT_FLAGS,
|
||||
&user_info_dc->sids,
|
||||
&user_info_dc->num_sids);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
@ -759,7 +759,7 @@ NTSTATUS auth3_user_info_dc_add_hints(struct auth_user_info_dc *user_info_dc,
|
||||
flags);
|
||||
status = add_sid_to_array_attrs_unique(user_info_dc->sids,
|
||||
&tmp_sid,
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED,
|
||||
SE_GROUP_DEFAULT_FLAGS,
|
||||
&user_info_dc->sids,
|
||||
&user_info_dc->num_sids);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
|
||||
@ -221,9 +221,7 @@ static NTSTATUS group_sids_to_info3(struct netr_SamInfo3 *info3,
|
||||
const struct dom_sid *sids,
|
||||
size_t num_sids)
|
||||
{
|
||||
uint32_t attributes = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
uint32_t attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
struct samr_RidWithAttributeArray *groups;
|
||||
struct dom_sid *domain_sid;
|
||||
unsigned int i;
|
||||
|
||||
@ -3360,8 +3360,7 @@ NTSTATUS _samr_GetGroupsForUser(struct pipes_struct *p,
|
||||
gids = NULL;
|
||||
num_gids = 0;
|
||||
|
||||
dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
|
||||
SE_GROUP_ENABLED);
|
||||
dom_gid.attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
dom_gid.rid = primary_group_rid;
|
||||
ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
|
||||
|
||||
@ -6074,9 +6073,7 @@ NTSTATUS _samr_QueryGroupMember(struct pipes_struct *p,
|
||||
}
|
||||
|
||||
for (i=0; i<num_members; i++) {
|
||||
attr[i] = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
attr[i] = SE_GROUP_DEFAULT_FLAGS;
|
||||
}
|
||||
|
||||
rids->count = num_members;
|
||||
@ -6597,9 +6594,7 @@ NTSTATUS _samr_QueryGroupInfo(struct pipes_struct *p,
|
||||
GROUP_MAP *map;
|
||||
union samr_GroupInfo *info = NULL;
|
||||
bool ret;
|
||||
uint32_t attributes = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
uint32_t attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
const char *group_name = NULL;
|
||||
const char *group_description = NULL;
|
||||
|
||||
|
||||
@ -86,7 +86,7 @@ static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx,
|
||||
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
|
||||
|
||||
user_info_dc->sids->sid = global_sid_Anonymous;
|
||||
user_info_dc->sids->attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids->attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
/* annoying, but the Anonymous really does have a session key,
|
||||
and it is all zeros! */
|
||||
|
||||
@ -389,12 +389,10 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
sids[PRIMARY_USER_SID_INDEX].sid = *account_sid;
|
||||
sids[PRIMARY_USER_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[PRIMARY_USER_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
sids[PRIMARY_GROUP_SID_INDEX].sid = *domain_sid;
|
||||
sid_append_rid(&sids[PRIMARY_GROUP_SID_INDEX].sid, ldb_msg_find_attr_as_uint(msg, "primaryGroupID", ~0));
|
||||
sids[PRIMARY_GROUP_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[PRIMARY_GROUP_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
/*
|
||||
* Filter out builtin groups from this token. We will search
|
||||
@ -581,8 +579,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
user_info_dc->sids[user_info_dc->num_sids].sid = global_sid_Enterprise_DCs;
|
||||
user_info_dc->sids[user_info_dc->num_sids].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[user_info_dc->num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
user_info_dc->num_sids++;
|
||||
}
|
||||
|
||||
@ -600,8 +597,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx,
|
||||
user_info_dc->sids[user_info_dc->num_sids].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[user_info_dc->num_sids].sid,
|
||||
DOMAIN_RID_ENTERPRISE_READONLY_DCS);
|
||||
user_info_dc->sids[user_info_dc->num_sids].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[user_info_dc->num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
user_info_dc->num_sids++;
|
||||
}
|
||||
|
||||
|
||||
@ -136,11 +136,11 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
sid_copy(&sids[num_sids].sid, &global_sid_World);
|
||||
sids[num_sids].attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
num_sids++;
|
||||
|
||||
sid_copy(&sids[num_sids].sid, &global_sid_Network);
|
||||
sids[num_sids].attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
num_sids++;
|
||||
}
|
||||
|
||||
@ -152,7 +152,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
sid_copy(&sids[num_sids].sid, &global_sid_Authenticated_Users);
|
||||
sids[num_sids].attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
num_sids++;
|
||||
}
|
||||
|
||||
@ -167,7 +167,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
|
||||
TALLOC_FREE(tmp_ctx);
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
}
|
||||
sids[num_sids].attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sids[num_sids].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
num_sids++;
|
||||
}
|
||||
|
||||
|
||||
@ -129,7 +129,7 @@ NTSTATUS auth_system_user_info_dc(TALLOC_CTX *mem_ctx, const char *netbios_name,
|
||||
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
|
||||
|
||||
user_info_dc->sids->sid = global_sid_System;
|
||||
user_info_dc->sids->attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids->attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
/* annoying, but the Anonymous really does have a session key,
|
||||
and it is all zeros! */
|
||||
@ -206,34 +206,27 @@ static NTSTATUS auth_domain_admin_user_info_dc(TALLOC_CTX *mem_ctx,
|
||||
|
||||
user_info_dc->sids[PRIMARY_USER_SID_INDEX].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[PRIMARY_USER_SID_INDEX].sid, DOMAIN_RID_ADMINISTRATOR);
|
||||
user_info_dc->sids[PRIMARY_USER_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[PRIMARY_USER_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].sid, DOMAIN_RID_USERS);
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[PRIMARY_GROUP_SID_INDEX].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
user_info_dc->sids[2].sid = global_sid_Builtin_Administrators;
|
||||
user_info_dc->sids[2].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[2].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
user_info_dc->sids[3].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[3].sid, DOMAIN_RID_ADMINS);
|
||||
user_info_dc->sids[3].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[3].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
user_info_dc->sids[4].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[4].sid, DOMAIN_RID_ENTERPRISE_ADMINS);
|
||||
user_info_dc->sids[4].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[4].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
user_info_dc->sids[5].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[5].sid, DOMAIN_RID_POLICY_ADMINS);
|
||||
user_info_dc->sids[5].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[5].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
user_info_dc->sids[6].sid = *domain_sid;
|
||||
sid_append_rid(&user_info_dc->sids[6].sid, DOMAIN_RID_SCHEMA_ADMINS);
|
||||
user_info_dc->sids[6].attrs
|
||||
= SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids[6].attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
/* What should the session key be?*/
|
||||
user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
|
||||
@ -391,7 +384,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_user_info_dc(TALLOC_CTX *mem_ctx,
|
||||
NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
|
||||
|
||||
user_info_dc->sids->sid = global_sid_Anonymous;
|
||||
user_info_dc->sids->attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
user_info_dc->sids->attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
|
||||
/* annoying, but the Anonymous really does have a session key... */
|
||||
user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
|
||||
|
||||
@ -177,7 +177,7 @@ NTSTATUS dsdb_expand_nested_groups(struct ldb_context *sam_ctx,
|
||||
uint32_t sid_attrs;
|
||||
bool already_there;
|
||||
|
||||
sid_attrs = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
sid_attrs = SE_GROUP_DEFAULT_FLAGS;
|
||||
group_type = ldb_msg_find_attr_as_uint(res->msgs[0], "groupType", 0);
|
||||
if (group_type & GROUP_TYPE_RESOURCE_GROUP) {
|
||||
sid_attrs |= SE_GROUP_RESOURCE;
|
||||
|
||||
@ -1226,7 +1226,7 @@ static int get_pso_for_user(struct ldb_module *module,
|
||||
/* lookup the best PSO object, based on the user's SID */
|
||||
user_sid = samdb_result_dom_sid_attrs(
|
||||
tmp_ctx, user_msg, "objectSid",
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED);
|
||||
SE_GROUP_DEFAULT_FLAGS);
|
||||
|
||||
ret = pso_find_best(module, tmp_ctx, parent, user_sid, 1,
|
||||
&best_pso);
|
||||
|
||||
@ -642,7 +642,7 @@ class DynamicTokenTest(samba.tests.TestCase):
|
||||
rids = samr_conn.GetGroupsForUser(user_handle)
|
||||
samr_dns = set()
|
||||
for rid in rids.rids:
|
||||
self.assertEqual(rid.attributes, security.SE_GROUP_MANDATORY | security.SE_GROUP_ENABLED_BY_DEFAULT | security.SE_GROUP_ENABLED)
|
||||
self.assertEqual(rid.attributes, security.SE_GROUP_DEFAULT_FLAGS)
|
||||
sid = "%s-%d" % (domain_sid, rid.rid)
|
||||
res = self.admin_ldb.search(base="<SID=%s>" % sid, scope=ldb.SCOPE_BASE,
|
||||
attrs=[])
|
||||
|
||||
@ -844,7 +844,7 @@ static NTSTATUS samba_add_asserted_identity(TALLOC_CTX *mem_ctx,
|
||||
return add_sid_to_array_attrs_unique(
|
||||
user_info_dc,
|
||||
&ai_sid,
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED,
|
||||
SE_GROUP_DEFAULT_FLAGS,
|
||||
&user_info_dc->sids,
|
||||
&user_info_dc->num_sids);
|
||||
}
|
||||
|
||||
@ -2356,7 +2356,7 @@ static NTSTATUS dcesrv_samr_QueryGroupInfo(struct dcesrv_call_state *dce_call, T
|
||||
switch (r->in.level) {
|
||||
case GROUPINFOALL:
|
||||
QUERY_STRING(msg, all.name, "sAMAccountName");
|
||||
info->all.attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED; /* Do like w2k3 */
|
||||
info->all.attributes = SE_GROUP_DEFAULT_FLAGS; /* Do like w2k3 */
|
||||
QUERY_UINT (msg, all.num_members, "numMembers")
|
||||
QUERY_STRING(msg, all.description, "description");
|
||||
break;
|
||||
@ -2364,14 +2364,14 @@ static NTSTATUS dcesrv_samr_QueryGroupInfo(struct dcesrv_call_state *dce_call, T
|
||||
QUERY_STRING(msg, name, "sAMAccountName");
|
||||
break;
|
||||
case GROUPINFOATTRIBUTES:
|
||||
info->attributes.attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED; /* Do like w2k3 */
|
||||
info->attributes.attributes = SE_GROUP_DEFAULT_FLAGS; /* Do like w2k3 */
|
||||
break;
|
||||
case GROUPINFODESCRIPTION:
|
||||
QUERY_STRING(msg, description, "description");
|
||||
break;
|
||||
case GROUPINFOALL2:
|
||||
QUERY_STRING(msg, all2.name, "sAMAccountName");
|
||||
info->all.attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED; /* Do like w2k3 */
|
||||
info->all.attributes = SE_GROUP_DEFAULT_FLAGS; /* Do like w2k3 */
|
||||
QUERY_UINT (msg, all2.num_members, "numMembers")
|
||||
QUERY_STRING(msg, all2.description, "description");
|
||||
break;
|
||||
@ -2676,9 +2676,7 @@ static NTSTATUS dcesrv_samr_QueryGroupMember(struct dcesrv_call_state *dce_call,
|
||||
return status;
|
||||
}
|
||||
|
||||
array->attributes[array->count] = SE_GROUP_MANDATORY |
|
||||
SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
array->attributes[array->count] = SE_GROUP_DEFAULT_FLAGS;
|
||||
array->count++;
|
||||
}
|
||||
|
||||
@ -4437,8 +4435,7 @@ static NTSTATUS dcesrv_samr_GetGroupsForUser(struct dcesrv_call_state *dce_call,
|
||||
/* Adds the primary group */
|
||||
|
||||
array->rids[0].rid = primary_group_id;
|
||||
array->rids[0].attributes = SE_GROUP_MANDATORY
|
||||
| SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
array->rids[0].attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
array->count += 1;
|
||||
|
||||
/* Adds the additional groups */
|
||||
@ -4454,8 +4451,7 @@ static NTSTATUS dcesrv_samr_GetGroupsForUser(struct dcesrv_call_state *dce_call,
|
||||
|
||||
array->rids[i + 1].rid =
|
||||
group_sid->sub_auths[group_sid->num_auths-1];
|
||||
array->rids[i + 1].attributes = SE_GROUP_MANDATORY
|
||||
| SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
|
||||
array->rids[i + 1].attributes = SE_GROUP_DEFAULT_FLAGS;
|
||||
array->count += 1;
|
||||
}
|
||||
|
||||
@ -4740,9 +4736,7 @@ static NTSTATUS dcesrv_samr_QueryDisplayInfo(struct dcesrv_call_state *dce_call,
|
||||
/*
|
||||
* We get a "7" here for groups
|
||||
*/
|
||||
entriesFullGroup[count].acct_flags =
|
||||
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT |
|
||||
SE_GROUP_ENABLED;
|
||||
entriesFullGroup[count].acct_flags = SE_GROUP_DEFAULT_FLAGS;
|
||||
entriesFullGroup[count].account_name.string =
|
||||
ldb_msg_find_attr_as_string(
|
||||
rec->msgs[0], "sAMAccountName", "");
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user