diff options
author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-12-15 14:07:06 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2023-02-08 00:03:40 +0000 |
commit | e5a6b001fd2844bfa5fa56047fb4cc09563966c4 (patch) | |
tree | 15a24855d8cca60afda25189438d704fe63f5d86 /auth | |
parent | 690748412ec05a60a598d86c83b84d61015a0669 (diff) | |
download | samba-e5a6b001fd2844bfa5fa56047fb4cc09563966c4.tar.gz |
auth: Discard non-base SIDs when creating SamInfo2
Our SamLogon tests are now all passing.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/auth_sam_reply.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c index fd94bdbc505..23579eb4035 100644 --- a/auth/auth_sam_reply.c +++ b/auth/auth_sam_reply.c @@ -453,6 +453,12 @@ NTSTATUS auth_convert_user_info_dc_saminfo2(TALLOC_CTX *mem_ctx, return status; } sam2->base = sam6->base; + /* + * We have nowhere to put sam6->sids, so we follow Windows here and drop + * it. Any resource groups it happened to be contain are lost. + */ + sam2->base.user_flags &= ~NETLOGON_EXTRA_SIDS; + TALLOC_FREE(sam6->sids); *_sam2 = sam2; return NT_STATUS_OK; |