diff options
-rwxr-xr-x | source3/libads/ldap.c | 1 | ||||
-rw-r--r-- | source3/libnet/libnet_join.c | 14 | ||||
-rw-r--r-- | source3/librpc/idl/libnet_join.idl | 3 |
3 files changed, 13 insertions, 5 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index f7f0ee43213..1bc271785e2 100755 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -1463,6 +1463,7 @@ char *ads_parent_dn(const char *dn) "msDS-AdditionalDnsHostName", "msDS-SupportedEncryptionTypes", "nTSecurityDescriptor", + "objectSid", NULL }; diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 822edc12a75..553ab05b32c 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -422,6 +422,7 @@ static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx, ADS_STATUS status; LDAPMessage *res = NULL; char *dn = NULL; + struct dom_sid sid; if (!r->in.machine_name) { return ADS_ERROR(LDAP_NO_MEMORY); @@ -456,6 +457,12 @@ static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx, r->out.set_encryption_types = 0; } + if (!ads_pull_sid(r->in.ads, res, "objectSid", &sid)) { + status = ADS_ERROR_LDAP(LDAP_NO_MEMORY); + goto done; + } + + dom_sid_split_rid(mem_ctx, &sid, NULL, &r->out.account_rid); done: ads_msgfree(r->in.ads, res); TALLOC_FREE(dn); @@ -1333,7 +1340,6 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, NTSTATUS status = NT_STATUS_UNSUCCESSFUL, result; char *acct_name; struct lsa_String lsa_acct_name; - uint32_t user_rid; uint32_t acct_flags = ACB_WSTRUST; struct samr_Ids user_rids; struct samr_Ids name_types; @@ -1447,7 +1453,7 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, access_desired, &user_pol, &access_granted, - &user_rid, + &r->out.account_rid, &result); if (!NT_STATUS_IS_OK(status)) { goto done; @@ -1517,14 +1523,14 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, goto done; } - user_rid = user_rids.ids[0]; + r->out.account_rid = user_rids.ids[0]; /* Open handle on user */ status = dcerpc_samr_OpenUser(b, mem_ctx, &domain_pol, SEC_FLAG_MAXIMUM_ALLOWED, - user_rid, + r->out.account_rid, &user_pol, &result); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/librpc/idl/libnet_join.idl b/source3/librpc/idl/libnet_join.idl index 018018b6dc2..2c49ec5b158 100644 --- a/source3/librpc/idl/libnet_join.idl +++ b/source3/librpc/idl/libnet_join.idl @@ -58,7 +58,8 @@ interface libnetjoin [out] boolean8 domain_is_ad, [out] uint32 set_encryption_types, [out] string krb5_salt, - [out,unique] netr_DsRGetDCNameInfo *dcinfo + [out,unique] netr_DsRGetDCNameInfo *dcinfo, + [out] uint32 account_rid ); [nopush,nopull,noopnum] WERROR libnet_UnjoinCtx( |