r3228: Fix for bugzilla #1884 from Brett Funderburg. Use the value of

desired_access passed in to the lsa open policy routine.  Use a default
value that netapps and windows likes as well.

diff --git a/source/python/py_lsa.c b/source/python/py_lsa.c
index 07191be86822e47b1a75bf6ba85841970c95886d..aab526a4897fb5d85bfcf02c9161aea80b359a37 100644 (file)
--- a/source/python/py_lsa.c
+++ b/source/python/py_lsa.c
@@ -55,7 +55,7 @@ static PyObject *lsa_open_policy(PyObject *self, PyObject *args,
        static char *kwlist[] = { "servername", "creds", "access", NULL };
        char *server, *errstr;
        PyObject *creds = NULL, *result = NULL;
-       uint32 desired_access = MAXIMUM_ALLOWED_ACCESS;
+       uint32 desired_access = GENERIC_EXECUTE_ACCESS;
        struct cli_state *cli = NULL;
        NTSTATUS ntstatus;
        TALLOC_CTX *mem_ctx = NULL;
@@ -90,7 +90,7 @@ static PyObject *lsa_open_policy(PyObject *self, PyObject *args,
        }
 
        ntstatus = cli_lsa_open_policy(cli, mem_ctx, True,
-                                      SEC_RIGHTS_MAXIMUM_ALLOWED, &hnd);
+                                      desired_access, &hnd);
 
        if (!NT_STATUS_IS_OK(ntstatus)) {
                PyErr_SetObject(lsa_ntstatus, py_ntstatus_tuple(ntstatus));