WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct drsuapi_DsGetNCChanges *r)
{
+ struct auth_session_info *session_info =
+ dcesrv_call_session_info(dce_call);
struct drsuapi_DsReplicaObjectIdentifier *ncRoot;
int ret;
uint32_t i, k;
return WERR_DS_DRA_SOURCE_DISABLED;
}
- user_sid = &dce_call->conn->auth_state.session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
+ user_sid = &session_info->security_token->sids[PRIMARY_USER_SID_INDEX];
/* all clients must have GUID_DRS_GET_CHANGES */
werr = drs_security_access_check_nc_root(sam_ctx,
mem_ctx,
- dce_call->conn->auth_state.session_info->security_token,
+ session_info->security_token,
req10->naming_context,
GUID_DRS_GET_CHANGES);
if (!W_ERROR_IS_OK(werr)) {
if (is_gc_pas_request) {
werr = drs_security_access_check_nc_root(sam_ctx,
mem_ctx,
- dce_call->conn->auth_state.session_info->security_token,
+ session_info->security_token,
req10->naming_context,
GUID_DRS_GET_FILTERED_ATTRIBUTES);
if (W_ERROR_IS_OK(werr)) {
if (is_secret_request) {
werr = drs_security_access_check_nc_root(sam_ctx,
mem_ctx,
- dce_call->conn->auth_state.session_info->security_token,
+ session_info->security_token,
req10->naming_context,
GUID_DRS_GET_ALL_CHANGES);
if (!W_ERROR_IS_OK(werr)) {
allowed:
/* for non-administrator replications, check that they have
given the correct source_dsa_invocation_id */
- security_level = security_session_user_level(dce_call->conn->auth_state.session_info,
+ security_level = security_session_user_level(session_info,
samdb_domain_sid(sam_ctx));
if (security_level == SECURITY_RO_DOMAIN_CONTROLLER) {
if (req10->replica_flags & DRSUAPI_DRS_WRIT_REP) {