/*******************************************************************
*******************************************************************/
-static NTSTATUS create_builtin_users(const DOM_SID *dom_sid)
+NTSTATUS create_builtin_users(const DOM_SID *dom_sid)
{
NTSTATUS status;
DOM_SID dom_users;
/*******************************************************************
*******************************************************************/
-static NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid)
+NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid)
{
NTSTATUS status;
DOM_SID dom_admins, root_sid;
NT_USER_TOKEN *get_root_nt_token( void );
NTSTATUS add_aliases(const DOM_SID *domain_sid,
struct nt_user_token *token);
+NTSTATUS create_builtin_users(const DOM_SID *sid);
+NTSTATUS create_builtin_administrators(const DOM_SID *sid);
struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
const DOM_SID *user_sid,
bool is_guest,
/****************************************************************
****************************************************************/
+static void libnet_join_add_dom_rids_to_builtins(struct dom_sid *domain_sid)
+{
+ NTSTATUS status;
+
+ /* Try adding dom admins to builtin\admins. Only log failures. */
+ status = create_builtin_administrators(domain_sid);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_PROTOCOL_UNREACHABLE)) {
+ DEBUG(10,("Unable to auto-add domain administrators to "
+ "BUILTIN\\Administrators during join because "
+ "winbindd must be running."));
+ } else if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(5, ("Failed to auto-add domain administrators to "
+ "BUILTIN\\Administrators during join: %s\n",
+ nt_errstr(status)));
+ }
+
+ /* Try adding dom users to builtin\users. Only log failures. */
+ status = create_builtin_users(domain_sid);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_PROTOCOL_UNREACHABLE)) {
+ DEBUG(10,("Unable to auto-add domain users to BUILTIN\\users "
+ "during join because winbindd must be running."));
+ } else if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(5, ("Failed to auto-add domain administrators to "
+ "BUILTIN\\Administrators during join: %s\n",
+ nt_errstr(status)));
+ }
+}
+
+/****************************************************************
+****************************************************************/
+
static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx,
struct libnet_JoinCtx *r)
{
saf_store(r->in.domain_name, r->in.dc_name);
}
+ libnet_join_add_dom_rids_to_builtins(r->out.domain_sid);
+
return WERR_OK;
}
git.samba.org / metze / samba / wip.git / commitdiff