summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--auth/auth_sam_reply.c8
-rw-r--r--selftest/knownfail.d/pac_primary_group1
2 files changed, 6 insertions, 3 deletions
diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c
index bd695151dc0..b5b6362dc93 100644
--- a/auth/auth_sam_reply.c
+++ b/auth/auth_sam_reply.c
@@ -89,7 +89,7 @@ static NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
sam->groups.count = 0;
sam->groups.rids = NULL;
- if (user_info_dc->num_sids > 2) {
+ if (user_info_dc->num_sids > PRIMARY_GROUP_SID_INDEX) {
size_t i;
sam->groups.rids = talloc_array(mem_ctx, struct samr_RidWithAttribute,
user_info_dc->num_sids);
@@ -97,7 +97,7 @@ static NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
if (sam->groups.rids == NULL)
return NT_STATUS_NO_MEMORY;
- for (i=2; i<user_info_dc->num_sids; i++) {
+ for (i=PRIMARY_GROUP_SID_INDEX; i<user_info_dc->num_sids; i++) {
struct dom_sid *group_sid = &user_info_dc->sids[i];
if (!dom_sid_in_domain(sam->domain_sid, group_sid)) {
/* We handle this elsewhere */
@@ -451,6 +451,10 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
}
for (i = 0; i < base->groups.count; i++) {
+ /* Skip primary group, already added above */
+ if (base->groups.rids[i].rid == base->primary_gid) {
+ continue;
+ }
user_info_dc->sids[user_info_dc->num_sids] = *base->domain_sid;
if (!sid_append_rid(&user_info_dc->sids[user_info_dc->num_sids], base->groups.rids[i].rid)) {
return NT_STATUS_INVALID_PARAMETER;
diff --git a/selftest/knownfail.d/pac_primary_group b/selftest/knownfail.d/pac_primary_group
deleted file mode 100644
index b0efd7d6385..00000000000
--- a/selftest/knownfail.d/pac_primary_group
+++ /dev/null
@@ -1 +0,0 @@
-^samba4.rpc.pac.*s4u2self
View Lorry Controller Status