Author: jerry Date: 2005-06-14 18:38:15 +0000 (Tue, 14 Jun 2005) New Revision: 7578
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7578 Log: use global well known DOM_SID objects when possible Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c =================================================================== --- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-06-14 18:31:06 UTC (rev 7577) +++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c 2005-06-14 18:38:15 UTC (rev 7578) @@ -9,6 +9,7 @@ * Copyright (C) Jean François Micouleau 1998-2001, * Copyright (C) Jim McDonough <[EMAIL PROTECTED]> 2002, * Copyright (C) Gerald (Jerry) Carter 2003-2004, + * Copyright (C) Simo Sorce 2003. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -76,7 +77,7 @@ struct generic_mapping *map, DOM_SID *sid, uint32 sid_access ) { - DOM_SID adm_sid, act_sid, domadmin_sid; + DOM_SID domadmin_sid; SEC_ACE ace[5]; /* at most 5 entries */ SEC_ACCESS mask; size_t i = 0; @@ -90,16 +91,10 @@ /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */ - sid_copy(&adm_sid, &global_sid_Builtin); - sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); - - sid_copy(&act_sid, &global_sid_Builtin); - sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); - init_sec_access(&mask, map->generic_all); - init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_ace(&ace[i++], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); /* Add Full Access for Domain Admins if we are a DC */ @@ -768,6 +763,8 @@ make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name, num_aliases, aliases); + if (!NT_STATUS_IS_OK(status)) return status; + init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_aliases, num_aliases);