}
status = sid_array_from_info3(talloc_tos(), info3,
- &token->user_sids,
+ &token->sids,
&token->num_sids,
true, false);
if (!NT_STATUS_IS_OK(status)) {
struct netr_SamInfo3 **pinfo3)
{
struct auth_usersupplied_info *user_info = NULL;
- struct auth_serversupplied_info *server_info = NULL;
- struct netr_SamInfo3 *info3;
NTSTATUS status;
status = make_user_info(&user_info, user, user, domain, domain,
return status;
}
- status = check_sam_security(challenge, talloc_tos(), user_info,
- &server_info);
- free_user_info(&user_info);
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("check_ntlm_password failed: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- info3 = TALLOC_ZERO_P(mem_ctx, struct netr_SamInfo3);
- if (info3 == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- status = serverinfo_to_SamInfo3(server_info, NULL, 0, info3);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("serverinfo_to_SamInfo3 failed: %s\n",
- nt_errstr(status)));
- return status;
- }
+ /* We don't want any more mapping of the username */
+ user_info->mapped_state = True;
+ status = check_sam_security_info3(challenge, talloc_tos(), user_info,
+ pinfo3);
+ free_user_info(&user_info);
DEBUG(10, ("Authenticated user %s\\%s successfully\n", domain, user));
- *pinfo3 = info3;
return NT_STATUS_OK;
}
DEBUG(3, ("[%5lu]: dual pam auth %s\n", (unsigned long)state->pid,
state->request->data.auth.user));
- if (!check_request_flags(state->request->flags)) {
- result = NT_STATUS_INVALID_PARAMETER_MIX;
- goto done;
- }
-
/* Parse domain and username */
name_map_status = normalize_name_unmap(state->mem_ctx,
sizeof(state->request->data.auth.user)-1 );
}
- if (domain->online == false) {
+ if (!domain->online) {
result = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
if (domain->startup) {
/* Logons are very important to users. If we're offline and
state->mem_ctx,
state->request->data.auth.user,
state->request->data.auth.pass,
- info3, NULL);
+ info3);
}
}
state->request->data.auth_crap.user[sizeof(state->request->data.auth_crap.user)-1]=0;
state->request->data.auth_crap.domain[sizeof(state->request->data.auth_crap.domain)-1]=0;
- if (!check_request_flags(state->request->flags)) {
- result = NT_STATUS_INVALID_PARAMETER_MIX;
- goto done;
- }
-
name_user = state->request->data.auth_crap.user;
if (*state->request->data.auth_crap.domain) {