diff options
| author | Luke Leighton <lkcl@samba.org> | 1997-10-21 18:25:14 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1997-10-21 18:25:14 +0000 |
| commit | f2554f231d1f59f30224adcc02b2b3ca4c24e0dd (patch) | |
| tree | 93e9a390e9366d83d75f2c14e228a339802e9ec7 /source/pipenetlog.c | |
| parent | 267b56de10a20c25faee69cf4b6b6c02887ebe9c (diff) | |
| download | samba-f2554f231d1f59f30224adcc02b2b3ca4c24e0dd.tar.gz samba-f2554f231d1f59f30224adcc02b2b3ca4c24e0dd.tar.xz samba-f2554f231d1f59f30224adcc02b2b3ca4c24e0dd.zip | |
loadparm.c :
added "domain admin users" parameter
added "domain guest users" parameter
these two complement the "domain groups" parameter. the "domain groups"
parameter should be for your own groups, and well-known aliases.
util.c :
added ability to do "domain groups = power_users admin_users backup_ops"
which are well-known RID aliases, not well-known RID groups.
pipenetlog.c :
combine the "domain admin users"; "domain guest users" and "domain groups"
parameters to give an array of RID groups to include in the SAM Logon
response.
ipc.c smb.h :
moved REALLOC() into smb.h
added RID #defines.
proto.h:
usual.
Diffstat (limited to 'source/pipenetlog.c')
| -rw-r--r-- | source/pipenetlog.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/source/pipenetlog.c b/source/pipenetlog.c index 0563a615913..ad4ad633698 100644 --- a/source/pipenetlog.c +++ b/source/pipenetlog.c @@ -508,6 +508,7 @@ static void api_lsa_sam_logon( user_struct *vuser, pstring home_drive; pstring my_name; pstring my_workgroup; + pstring domain_groups; pstring dom_sid; extern pstring myname; @@ -518,6 +519,9 @@ static void api_lsa_sam_logon( user_struct *vuser, pstrcpy(samlogon_user, unistr2(q_l.sam_id.auth.id1.uni_user_name.buffer)); + DEBUG(3,("SAM Logon. Domain:[%s]. User [%s]\n", + lp_workgroup(), samlogon_user)); + /* hack to get standard_sub_basic() to use the sam logon username */ sam_logon_in_ssb = True; @@ -529,7 +533,28 @@ static void api_lsa_sam_logon( user_struct *vuser, pstrcpy(home_drive , lp_logon_drive ()); pstrcpy(home_dir , lp_logon_home ()); - num_gids = make_domain_gids(lp_domain_groups(), gids); + /* any additional groups this user is in. e.g power users */ + pstrcpy(domain_groups, lp_domain_groups()); + + /* one RID group always added: 512 (Admin); 513 (Users); 514 (Guests) */ + + if (user_in_list(samlogon_user, lp_domain_guest_users())) + { + DEBUG(3,("domain guest access granted\n")); + strcat(domain_groups, " 514/7 "); + } + else if (user_in_list(samlogon_user, lp_domain_admin_users())) + { + DEBUG(3,("domain admin access granted\n")); + strcat(domain_groups, " 512/7 "); + } + else + { + DEBUG(3,("domain user access granted\n")); + strcat(domain_groups, " 513/7 "); + } + + num_gids = make_domain_gids(domain_groups, gids); sam_logon_in_ssb = False; |