mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
8f078cdf24
This change moves the addition of "Authenticated Users" from the very end of the token processing to the start. The reason is that we need to see if "Authenticated Users" is a member of other builtin groups, just as we would for any other SID. This picks up the "Pre-Windows 2000 Compatible Access" group, which is in turn often used in ACLs on LDAP objects. Without this change, the eventual token does not contain S-1-5-32-554 and users other than "Administrator" are unable to read uidNumber (in particular). Andrew Bartlett Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> |
||
---|---|---|
.. | ||
gensec | ||
kerberos | ||
ntlm | ||
auth.h | ||
pyauth.c | ||
pyauth.h | ||
sam.c | ||
samba_server_gensec.c | ||
session.c | ||
session.h | ||
system_session.c | ||
unix_token.c | ||
wscript_build | ||
wscript_configure |