sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-23 20:23:50 +03:00
Code Activity

r9022: One more step in the game of whack-a-mole with the PAC.

Browse Source 
This makes the PAC we generate match (closely) the PAC generated by my
test win2k3 DC.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett
2005-08-03 23:14:38 +00:00
committed by Gerald (Jerry) Carter
parent e9837d49bc
commit 6172b18680
1 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
source/auth/auth_sam_reply.c
View File

@@ -117,6 +117,10 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
sam = &sam3->base;
sam->domain_sid = dom_sid_dup(mem_ctx, server_info->account_sid);
NT_STATUS_HAVE_NO_MEMORY(sam->domain_sid);
sam->domain_sid->num_auths--;
sam->last_logon = server_info->last_logon;
sam->last_logoff = server_info->last_logoff;
sam->acct_expiry = server_info->acct_expiry;
@@ -139,6 +143,26 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
sam->groups.count = 0;
sam->groups.rids = NULL;
if (server_info->n_domain_groups > 0) {
int i;
sam->groups.rids = talloc_array(sam, struct samr_RidWithAttribute,
server_info->n_domain_groups);
NT_STATUS_HAVE_NO_MEMORY(sam->groups.rids);
for (i=0; i<server_info->n_domain_groups; i++) {
struct dom_sid *group_sid = server_info->domain_groups[i];
if (!dom_sid_in_domain(sam->domain_sid, group_sid)) {
continue;
}
sam->groups.rids[sam->groups.count].rid = group_sid->sub_auths[group_sid->num_auths-1];
sam->groups.rids[sam->groups.count].attributes =
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
sam->groups.count += 1;
}
}
sam->user_flags = 0x20; /* TODO: w2k3 uses 0x120. We know 0x20
* as extra sids (PAC doc) but what is
* 0x100? */
@@ -146,10 +170,6 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
sam->logon_server.string = lp_netbios_name();
sam->domain.string = server_info->domain_name;
sam->domain_sid = dom_sid_dup(mem_ctx, server_info->account_sid);
NT_STATUS_HAVE_NO_MEMORY(sam->domain_sid);
sam->domain_sid->num_auths--;
ZERO_STRUCT(sam->unknown);
ZERO_STRUCT(sam->key);
@@ -165,7 +185,7 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
sam3->sidcount = 0;
sam3->sids = NULL;
#if 0
if (server_info->n_domain_groups > 0) {
int i;
sam3->sids = talloc_array(sam, struct netr_SidAttr,
@@ -173,7 +193,7 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
NT_STATUS_HAVE_NO_MEMORY(sam3->sids);
for (i=0; i<server_info->n_domain_groups; i++) {
if (!dom_sid_in_domain(sam->domain_sid, server_info->domain_groups[i])) {
if (dom_sid_in_domain(sam->domain_sid, server_info->domain_groups[i])) {
continue;
}
sam3->sids[sam3->sidcount].sid = talloc_reference(sam3->sids,server_info->domain_groups[i]);
@@ -182,7 +202,7 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
sam3->sidcount += 1;
}
}
#endif
*_sam3 = sam3;
return NT_STATUS_OK;