]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a60fe9a)
r6421: use add machine script when creating a user (ACB_NORMAL)
authorGerald Carter <jerry@samba.org>
Thu, 21 Apr 2005 17:13:50 +0000 (17:13 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 15:56:41 +0000 (10:56 -0500)
who has a name ending in '$' (usrmgr.exe does this for
domain trusts (that's was jfm's original comment I think).

avoid an assert() call in libldap.

source/passdb/pdb_ldap.c patch | blob | blame | history
source/rpc_server/srv_samr_nt.c patch | blob | blame | history

diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c
index 04929314f0981845ae535c04c67427228ead59cb..7d66b0aaf046ccd7e07395b87e382ce8b6149052 100644 (file)
--- a/source/passdb/pdb_ldap.c
+++ b/source/passdb/pdb_ldap.c
@@ -3423,7 +3423,8 @@ static BOOL ldapsam_search_firstpage(struct pdb_search *search)
                state->connection->paged_results = False;
        }
 
-       state->current_entry = ldap_first_entry(ld, state->entries);
+       if ( ld )
+               state->current_entry = ldap_first_entry(ld, state->entries);
 
        if (state->current_entry == NULL) {
                ldap_msgfree(state->entries);
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index fe54476cc954447020d6d19ab0c0fb9045247ba5..89cb49c05cc15b9d89c694e2cde574bf1d36a594 100644 (file)
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -1985,13 +1985,15 @@ NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CREA
                se_priv_copy( &se_rights, &se_machine_account );
                can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
        } 
-       else if ( acb_info & ACB_NORMAL )
+       /* usrmgr.exe (and net rpc trustdom grant) creates a normal user 
+          account for domain trusts and changes the ACB flags later */
+       else if ( acb_info & ACB_NORMAL && (account[strlen(account)-1] != '$') )
        {
                pstrcpy(add_script, lp_adduser_script());
                se_priv_copy( &se_rights, &se_add_users );
                can_add_account = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
        } 
-       else if ( acb_info & (ACB_SVRTRUST|ACB_DOMTRUST) ) 
+       else    /* implicit assumption of a BDC or domain trust account here (we already check the flags earlier) */
        {
                pstrcpy(add_script, lp_addmachine_script());
                if ( lp_enable_privileges() ) {
Mirror of https://github.com/samba-team/samba.git