[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-419-gfda8aba

[Karolin Seeger]

The branch, master has been updated
       via  fda8abac17892e51c2d5fcdc1f405477bef320ed (commit)
      from  e6bb55c3d5b491ab9e6d568e6ce7594695e53322 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit fda8abac17892e51c2d5fcdc1f405477bef320ed
Author: Volker Lendecke <v...@samba.org>
Date:   Tue Feb 3 14:41:49 2009 +0100

    s3: Fix 'net rpc join' for users with the SeMachineAccountPrivilege.

-----------------------------------------------------------------------

Summary of changes:
 source3/libnet/libnet_join.c |    7 +++++--
 source3/utils/net_rpc_join.c |    7 +++++--
 2 files changed, 10 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index b33800f..20f7b97 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -790,7 +790,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX 
*mem_ctx,
 
        status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
                                      pipe_hnd->desthost,
-                                     SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                     SAMR_ACCESS_ENUM_DOMAINS
+                                     | SAMR_ACCESS_OPEN_DOMAIN,
                                      &sam_pol);
        if (!NT_STATUS_IS_OK(status)) {
                goto done;
@@ -798,7 +799,9 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX 
*mem_ctx,
 
        status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
                                        &sam_pol,
-                                       SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                       SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+                                       | SAMR_DOMAIN_ACCESS_CREATE_USER
+                                       | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
                                        r->out.domain_sid,
                                        &domain_pol);
        if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index 5651676..0c363d3 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -243,14 +243,17 @@ int net_rpc_join_newstyle(struct net_context *c, int 
argc, const char **argv)
 
        CHECK_RPC_ERR(rpccli_samr_Connect2(pipe_hnd, mem_ctx,
                                           pipe_hnd->desthost,
-                                          SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                          SAMR_ACCESS_ENUM_DOMAINS
+                                          | SAMR_ACCESS_OPEN_DOMAIN,
                                           &sam_pol),
                      "could not connect to SAM database");
 
 
        CHECK_RPC_ERR(rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
                                             &sam_pol,
-                                            SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                            SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
+                                            | SAMR_DOMAIN_ACCESS_CREATE_USER
+                                            | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
                                             domain_sid,
                                             &domain_pol),
                      "could not open domain");


-- 
Samba Shared Repository