[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-7-163-gf39371e

Karolin Seeger kseeger at samba.org
Tue Feb 3 16:10:33 GMT 2009


The branch, v3-2-stable has been updated
       via  f39371e3acc476397898a30f3bf3dac9d34fbb53 (commit)
       via  565bbfc5446c73de3f08ced5be07442f2732d6ce (commit)
      from  3fbd714a688abc21a088ebbe0dd1716a6eb1b522 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable


- Log -----------------------------------------------------------------
commit f39371e3acc476397898a30f3bf3dac9d34fbb53
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Feb 3 14:41:49 2009 +0100

    s3: Fix 'net rpc join' for users with the SeMachineAccountPrivilege.
    
    This used to be commit fda8abac in master.
    (cherry picked from commit 8ddb30ca90d31624ba86cd731f573aedad43face)

commit 565bbfc5446c73de3f08ced5be07442f2732d6ce
Author: Karolin Seeger <kseeger at samba.org>
Date:   Tue Feb 3 14:49:08 2009 +0100

    WHATSNEW: Update changes since 3.2.7.
    
    Karolin
    (cherry picked from commit 11c966b7bc30b17de1bb360f405f6cb956dd5c83)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt                |    1 +
 source/libnet/libnet_join.c |    7 +++++--
 source/utils/net_rpc_join.c |    7 +++++--
 3 files changed, 11 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index a492967..47fd5b0 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -104,6 +104,7 @@ o   Volker Lendecke <vl at sernet.de>
     * Fix an ancient uninitialized variable read.
     * Fix a bad memleak in vfs_full_audit.
     * Fix several valgrind errors.
+    * Fix 'net rpc join' for users with the SeMachineAccountPrivilege.
 
 
 o   Herb Lewis <hlewis at chomps.localdomain>
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index e7302b4..c13ac9b 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -761,7 +761,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 
 	status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
 				      pipe_hnd->cli->desthost,
-				      SEC_RIGHTS_MAXIMUM_ALLOWED,
+				      SAMR_ACCESS_ENUM_DOMAINS
+				      | SAMR_ACCESS_OPEN_DOMAIN,
 				      &sam_pol);
 	if (!NT_STATUS_IS_OK(status)) {
 		goto done;
@@ -769,7 +770,9 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
 
 	status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
 					&sam_pol,
-					SEC_RIGHTS_MAXIMUM_ALLOWED,
+					SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+					| SAMR_DOMAIN_ACCESS_CREATE_USER
+					| SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					r->out.domain_sid,
 					&domain_pol);
 	if (!NT_STATUS_IS_OK(status)) {
diff --git a/source/utils/net_rpc_join.c b/source/utils/net_rpc_join.c
index b9d7d59..0e8f47b 100644
--- a/source/utils/net_rpc_join.c
+++ b/source/utils/net_rpc_join.c
@@ -239,14 +239,17 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 
 	CHECK_RPC_ERR(rpccli_samr_Connect2(pipe_hnd, mem_ctx,
 					   pipe_hnd->cli->desthost,
-					   SEC_RIGHTS_MAXIMUM_ALLOWED,
+					   SAMR_ACCESS_ENUM_DOMAINS
+					   | SAMR_ACCESS_OPEN_DOMAIN,
 					   &sam_pol),
 		      "could not connect to SAM database");
 
 
 	CHECK_RPC_ERR(rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
 					     &sam_pol,
-					     SEC_RIGHTS_MAXIMUM_ALLOWED,
+					     SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+					     | SAMR_DOMAIN_ACCESS_CREATE_USER
+					     | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
 					     domain_sid,
 					     &domain_pol),
 		      "could not open domain");


-- 
Samba Shared Repository


More information about the samba-cvs mailing list