[SCM] Samba Shared Repository - branch v3-2-stable updated -
release-3-2-7-163-gf39371e
Karolin Seeger
kseeger at samba.org
Tue Feb 3 16:10:33 GMT 2009
The branch, v3-2-stable has been updated
via f39371e3acc476397898a30f3bf3dac9d34fbb53 (commit)
via 565bbfc5446c73de3f08ced5be07442f2732d6ce (commit)
from 3fbd714a688abc21a088ebbe0dd1716a6eb1b522 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable
- Log -----------------------------------------------------------------
commit f39371e3acc476397898a30f3bf3dac9d34fbb53
Author: Volker Lendecke <vl at samba.org>
Date: Tue Feb 3 14:41:49 2009 +0100
s3: Fix 'net rpc join' for users with the SeMachineAccountPrivilege.
This used to be commit fda8abac in master.
(cherry picked from commit 8ddb30ca90d31624ba86cd731f573aedad43face)
commit 565bbfc5446c73de3f08ced5be07442f2732d6ce
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Feb 3 14:49:08 2009 +0100
WHATSNEW: Update changes since 3.2.7.
Karolin
(cherry picked from commit 11c966b7bc30b17de1bb360f405f6cb956dd5c83)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 1 +
source/libnet/libnet_join.c | 7 +++++--
source/utils/net_rpc_join.c | 7 +++++--
3 files changed, 11 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a492967..47fd5b0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -104,6 +104,7 @@ o Volker Lendecke <vl at sernet.de>
* Fix an ancient uninitialized variable read.
* Fix a bad memleak in vfs_full_audit.
* Fix several valgrind errors.
+ * Fix 'net rpc join' for users with the SeMachineAccountPrivilege.
o Herb Lewis <hlewis at chomps.localdomain>
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index e7302b4..c13ac9b 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -761,7 +761,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SAMR_ACCESS_ENUM_DOMAINS
+ | SAMR_ACCESS_OPEN_DOMAIN,
&sam_pol);
if (!NT_STATUS_IS_OK(status)) {
goto done;
@@ -769,7 +770,9 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&sam_pol,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+ | SAMR_DOMAIN_ACCESS_CREATE_USER
+ | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
r->out.domain_sid,
&domain_pol);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index b9d7d59..0e8f47b 100644
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -239,14 +239,17 @@ int net_rpc_join_newstyle(int argc, const char **argv)
CHECK_RPC_ERR(rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SAMR_ACCESS_ENUM_DOMAINS
+ | SAMR_ACCESS_OPEN_DOMAIN,
&sam_pol),
"could not connect to SAM database");
CHECK_RPC_ERR(rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&sam_pol,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+ | SAMR_DOMAIN_ACCESS_CREATE_USER
+ | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
domain_sid,
&domain_pol),
"could not open domain");
--
Samba Shared Repository
More information about the samba-cvs
mailing list