s3-samr: Do not return users in _samr_QueryDisplayInfo() for builtin domain.

[ira/wip.git] / source3 / rpc_server / srv_samr_nt.c

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index c3d9dafc4b7882441e0015301760a3d0c5bbbb78..929d5df10f61d49aa904c44997b622f466c3ee6e 100644 (file)
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1397,6 +1397,11 @@ NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
                return status;
        }
 
+       if (sid_check_is_builtin(&dinfo->sid)) {
+               DEBUG(5,("_samr_QueryDisplayInfo: no users in BUILTIN\n"));
+               return NT_STATUS_OK;
+       }
+
        /*
         * calculate how many entries we will return.
         * based on
@@ -3877,24 +3882,18 @@ static NTSTATUS set_user_info_14(TALLOC_CTX *mem_ctx,
  set_user_info_16
  ********************************************************************/
 
-static bool set_user_info_16(struct samr_UserInfo16 *id16,
-                            struct samu *pwd)
+static NTSTATUS set_user_info_16(TALLOC_CTX *mem_ctx,
+                                struct samr_UserInfo16 *id16,
+                                struct samu *pwd)
 {
        if (id16 == NULL) {
-               DEBUG(5, ("set_user_info_16: NULL id16\n"));
-               return False;
-       }
-
-       /* FIX ME: check if the value is really changed --metze */
-       if (!pdb_set_acct_ctrl(pwd, id16->acct_flags, PDB_CHANGED)) {
-               return False;
+               DEBUG(5,("set_user_info_16: NULL id16\n"));
+               return NT_STATUS_ACCESS_DENIED;
        }
 
-       if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
-               return False;
-       }
+       copy_id16_to_sam_passwd(pwd, id16);
 
-       return True;
+       return pdb_update_sam_account(pwd);
 }
 
 /*******************************************************************
@@ -3976,22 +3975,18 @@ static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
  set_user_info_20
  ********************************************************************/
 
-static bool set_user_info_20(struct samr_UserInfo20 *id20,
-                            struct samu *pwd)
+static NTSTATUS set_user_info_20(TALLOC_CTX *mem_ctx,
+                                struct samr_UserInfo20 *id20,
+                                struct samu *pwd)
 {
        if (id20 == NULL) {
-               DEBUG(5, ("set_user_info_20: NULL id20\n"));
-               return False;
+               DEBUG(5,("set_user_info_20: NULL id20\n"));
+               return NT_STATUS_ACCESS_DENIED;
        }
 
        copy_id20_to_sam_passwd(pwd, id20);
 
-       /* write the change out */
-       if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
-               return False;
-       }
-
-       return True;
+       return pdb_update_sam_account(pwd);
 }
 
 /*******************************************************************
@@ -4542,9 +4537,8 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
                        break;
 
                case 16:
-                       if (!set_user_info_16(&info->info16, pwd)) {
-                               status = NT_STATUS_ACCESS_DENIED;
-                       }
+                       status = set_user_info_16(p->mem_ctx,
+                                                 &info->info16, pwd);
                        break;
 
                case 17:
@@ -4561,9 +4555,8 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
                        break;
 
                case 20:
-                       if (!set_user_info_20(&info->info20, pwd)) {
-                               status = NT_STATUS_ACCESS_DENIED;
-                       }
+                       status = set_user_info_20(p->mem_ctx,
+                                                 &info->info20, pwd);
                        break;
 
                case 21: