svn commit: samba r7578 - in branches/SAMBA_3_0/source/rpc_server: .

Tue, 14 Jun 2005 11:38:35 -0700 

Author: jerry
Date: 2005-06-14 18:38:15 +0000 (Tue, 14 Jun 2005)
New Revision: 7578

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7578

Log:
use global well known DOM_SID objects when possible
Modified:
   branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c


Changeset:
Modified: branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c  2005-06-14 18:31:06 UTC 
(rev 7577)
+++ branches/SAMBA_3_0/source/rpc_server/srv_samr_nt.c  2005-06-14 18:38:15 UTC 
(rev 7578)
@@ -9,6 +9,7 @@
  *  Copyright (C) Jean François Micouleau          1998-2001,
  *  Copyright (C) Jim McDonough <[EMAIL PROTECTED]>   2002,
  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
+ *  Copyright (C) Simo Sorce                        2003.
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -76,7 +77,7 @@
                                      struct generic_mapping *map,
                                     DOM_SID *sid, uint32 sid_access )
 {
-       DOM_SID adm_sid, act_sid, domadmin_sid;
+       DOM_SID domadmin_sid;
        SEC_ACE ace[5];         /* at most 5 entries */
        SEC_ACCESS mask;
        size_t i = 0;
@@ -90,16 +91,10 @@
        
        /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account 
Operators */
        
-       sid_copy(&adm_sid, &global_sid_Builtin);
-       sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS);
-
-       sid_copy(&act_sid, &global_sid_Builtin);
-       sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS);
-       
        init_sec_access(&mask, map->generic_all);
        
-       init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-       init_sec_ace(&ace[i++], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+       init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, 
SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
+       init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, 
SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
        
        /* Add Full Access for Domain Admins if we are a DC */
        
@@ -768,6 +763,8 @@
        make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name,
                                  num_aliases, aliases);
 
+       if (!NT_STATUS_IS_OK(status)) return status;
+
        init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_aliases,
                                     num_aliases);

Reply via email to