git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a09f9cf) | patch
s4:rpc_server/lsa: implement the policy security descriptor
authorStefan Metzmacher <metze@samba.org>
Wed, 25 Mar 2015 19:11:12 +0000 (19:11 +0000)
committerGünther Deschner <gd@samba.org>
Mon, 30 Mar 2015 11:41:25 +0000 (13:41 +0200)
commit654d63b94b8f5802a6efe1db6c1367dd8cf8cf04
treeca40ef5ae6976ab7db84938bf3fd5b9d5bf4e425tree
parenta09f9cfd2f95667dae96f34b81023360d40a1783commit | diff
s4:rpc_server/lsa: implement the policy security descriptor

We now check the requested access mask in OpenPolicy*()
and return NT_STATUS_ACCESS_DENIED if the request is not granted.

E.g. validating a domain trust via the Windows gui requires this
in order prompt the user for the credentials. Otherwise
we fail any other call with ACCESS_DENIED later and the
gui just displays a strange error message.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
source4/rpc_server/lsa/dcesrv_lsa.c diff | blob | history
source4/rpc_server/lsa/lsa.h diff | blob | history
source4/rpc_server/lsa/lsa_init.c diff | blob | history
source4/rpc_server/lsa/lsa_lookup.c diff | blob | history
Samba Shared Repository