diff options
| author | Joseph Sutton <josephsutton@catalyst.net.nz> | 2022-09-27 15:13:12 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2023-02-08 00:03:39 +0000 |
| commit | 7050e05742956bb75c4b27f39f97adc4d544e0f1 (patch) | |
| tree | 32cb1f3ecd162fb05726829be444442425b48ddd /librpc | |
| parent | 53d72c87e6362e24eb922a5a9040e5d631c7fce4 (diff) | |
| download | samba-7050e05742956bb75c4b27f39f97adc4d544e0f1.tar.gz | |
auth: Store group attributes in auth_user_info_dc
Group expansion, performed in dsdb_expand_nested_groups(), now
incorporates a check of the type of each group. Those that are resource
groups receive the SE_GROUP_RESOURCE bit in the attributes which are now
carried alongside each group SID.
Whereas before, in auth_convert_user_info_dc_sambaseinfo() and
auth_convert_user_info_dc_saminfo6(), we invariantly used the flag
combination SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT |
SE_GROUP_ENABLED to set attributes in the PAC, we now take the correct
attributes from user_info_dc.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'librpc')
| -rw-r--r-- | librpc/idl/auth.idl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl index 6d95fe84e93..5985d554606 100644 --- a/librpc/idl/auth.idl +++ b/librpc/idl/auth.idl @@ -59,7 +59,7 @@ interface auth typedef [public] struct { /* Number SIDs from the DC netlogon validation info */ uint32 num_dc_sids; - [size_is(num_dc_sids)] dom_sid dc_sids[*]; + [size_is(num_dc_sids)] auth_SidAttr dc_sids[*]; } auth_user_info_torture; typedef [public] struct { @@ -104,7 +104,7 @@ interface auth * privileges and local groups are handled */ typedef [public] struct { uint32 num_sids; - [size_is(num_sids)] dom_sid sids[*]; + [size_is(num_sids)] auth_SidAttr sids[*]; auth_user_info *info; [noprint] DATA_BLOB user_session_key; [noprint] DATA_BLOB lm_session_key; |