DATA_BLOB *linear_sd;
struct auth_session_info *session_info
= ldb_get_opaque(module->ldb, "sessionInfo");
- struct security_descriptor *sd
- = sddl_decode(mem_ctx,
- objectclass->defaultSecurityDescriptor,
- samdb_domain_sid(module->ldb));
+ struct security_descriptor *sd;
- if (!session_info || !session_info->security_token) {
+ if (!objectclass->defaultSecurityDescriptor) {
+ return NULL;
+ }
+
+ sd = sddl_decode(mem_ctx,
+ objectclass->defaultSecurityDescriptor,
+ samdb_domain_sid(module->ldb));
+
+ if (!sd || !session_info || !session_info->security_token) {
return NULL;
}
}
if (!ldb_msg_find_element(msg, "nTSecurityDescriptor")) {
DATA_BLOB *sd = get_sd(ac->module, mem_ctx, current->objectclass);
- ldb_msg_add_steal_value(msg, "nTSecurityDescriptor", sd);
+ if (sd) {
+ ldb_msg_add_steal_value(msg, "nTSecurityDescriptor", sd);
+ }
}
}
}