diff options
author | Gerald Carter <jerry@samba.org> | 2005-01-06 23:27:28 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:48 -0500 |
commit | 9ade9bf49c7125fb29658f943e9ebb6be9496180 (patch) | |
tree | 92d53668c0b130671245558563e365b14d3efd68 /source/auth | |
parent | 80e7c6c312eb0bdb93fe381e7ce3a24a21dd9cf0 (diff) | |
download | samba-9ade9bf49c7125fb29658f943e9ebb6be9496180.tar.gz samba-9ade9bf49c7125fb29658f943e9ebb6be9496180.tar.xz samba-9ade9bf49c7125fb29658f943e9ebb6be9496180.zip |
r4579: small changes to allow the members og the Domain Admins group on the Samba DC to join clients to the domain -- needs more testing and security review but does work with initial testing
Diffstat (limited to 'source/auth')
-rw-r--r-- | source/auth/auth_util.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 2eacc2b0d10..98ecd00d1c5 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -1444,6 +1444,35 @@ NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken) return token; } +/**************************************************************************** + Check for a SID in an NT_USER_TOKEN +****************************************************************************/ + +BOOL nt_token_check_sid ( DOM_SID *sid, NT_USER_TOKEN *token ) +{ + int i; + + if ( !sid || !token ) + return False; + + for ( i=0; i<token->num_sids; i++ ) { + if ( sid_equal( sid, &token->user_sids[i] ) ) + return True; + } + + return False; +} + +BOOL nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid ) +{ + DOM_SID domain_sid; + + sid_copy( &domain_sid, get_global_sam_sid() ); + sid_append_rid( &domain_sid, rid ); + + return nt_token_check_sid( &domain_sid, token );\ +} + /** * Verify whether or not given domain is trusted. * |