W_ERROR_HAVE_NO_MEMORY(b_state);
/* if this is a DC connecting, give them system level access */
- werr = drs_security_level_check(dce_call, NULL);
+ werr = drs_security_level_check(dce_call, NULL, SECURITY_DOMAIN_CONTROLLER);
if (W_ERROR_IS_OK(werr)) {
DEBUG(3,(__location__ ": doing DsBind with system_session\n"));
auth_info = system_session(dce_call->conn->dce_ctx->lp_ctx);
{
WERROR status;
- status = drs_security_level_check(dce_call, "DsReplicaSync");
+ status = drs_security_level_check(dce_call, "DsReplicaSync", SECURITY_DOMAIN_CONTROLLER);
if (!W_ERROR_IS_OK(status)) {
return status;
}
case 1: {
struct drsuapi_DsNameCtr1 *ctr1;
struct drsuapi_DsNameInfo1 *names;
- int count;
- int i;
+ uint32_t i, count;
ctr1 = talloc(mem_ctx, struct drsuapi_DsNameCtr1);
W_ERROR_HAVE_NO_MEMORY(ctr1);
*r->out.level_out = 1;
- status = drs_security_level_check(dce_call, "DsRemoveDSServer");
+ status = drs_security_level_check(dce_call, "DsRemoveDSServer", SECURITY_DOMAIN_CONTROLLER);
if (!W_ERROR_IS_OK(status)) {
return status;
}
}
/* Obtain the site name from a server DN */
-static const char *result_site_name(struct ldb_dn *site_dn)
+static const char *result_site_name(struct ldb_dn *server_dn)
{
/* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
- const struct ldb_val *val = ldb_dn_get_component_val(site_dn, 2);
- const char *name = ldb_dn_get_component_name(site_dn, 2);
+ const struct ldb_val *val = ldb_dn_get_component_val(server_dn, 2);
+ const char *name = ldb_dn_get_component_name(server_dn, 2);
if (!name || (ldb_attr_cmp(name, "cn") != 0)) {
/* Ensure this matches the format. This gives us a
struct drsuapi_DsExecuteKCC *r)
{
WERROR status;
- status = drs_security_level_check(dce_call, "DsExecuteKCC");
+ status = drs_security_level_check(dce_call, "DsExecuteKCC", SECURITY_DOMAIN_CONTROLLER);
if (!W_ERROR_IS_OK(status)) {
return status;
if (!lp_parm_bool(dce_call->conn->dce_ctx->lp_ctx, NULL,
"drs", "disable_sec_check", false)) {
- level = security_session_user_level(dce_call->conn->auth_state.session_info);
+ level = security_session_user_level(dce_call->conn->auth_state.session_info, NULL);
if (level < SECURITY_ADMINISTRATOR) {
DEBUG(1,(__location__ ": Administrator access required for DsReplicaGetInfo\n"));
security_token_debug(2, dce_call->conn->auth_state.session_info->security_token);