git.samba.org / amitay / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5f0ebf0) | patch
s4:kdc: Add device to default groups for RBCD conditions evaluation
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Wed, 25 Oct 2023 01:56:41 +0000 (14:56 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Wed, 25 Oct 2023 22:23:37 +0000 (22:23 +0000)
commitf48afb2ba71595d49c444a36453b1ef1f5bbb340
tree7225369de74ddfd3fe127bb3018c61cffa210947tree
parent5f0ebf08c778caecc0ae313f7a8703c392d81762commit | diff
s4:kdc: Add device to default groups for RBCD conditions evaluation

This means that expressions like ‘Device_Member_of(WD)’ will now work,
as they should.

It *also* means that expressions like ‘Device_Member_of(NU)’ will work,
even though they shouldn’t. This is because we consider SID_NT_NETWORK
to be a default group.

Our new behaviour may be wrong, but at least it’s now consistent with
the behaviour of user‐relative expressions like ‘Member_of(WD)’ and
‘Member_of(NU)’.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
selftest/knownfail_heimdal_kdc diff | blob | history
source4/kdc/db-glue.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.