}
}
- sam->user_flags = 0; /* w2k3 uses NETLOGON_EXTRA_SIDS | NETLOGON_NTLMV2_ENABLED */
- if (!user_info_dc->info->authenticated) {
- sam->user_flags |= NETLOGON_GUEST;
- }
+ sam->user_flags = info->user_flags; /* w2k3 uses NETLOGON_EXTRA_SIDS | NETLOGON_NTLMV2_ENABLED */
sam->acct_flags = user_info_dc->info->acct_flags;
sam->sub_auth_status = 0;
sam->last_successful_logon = 0;
info->bad_password_count = base->bad_password_count;
info->acct_flags = base->acct_flags;
- /* Only set authenticated if both NETLOGON_GUEST is not set, and authenticated is set */
- info->authenticated = (authenticated && (!(base->user_flags & NETLOGON_GUEST)));
+ info->user_flags = base->user_flags;
+ if (!authenticated) {
+ /*
+ * We only consider the user authenticated if NETLOGON_GUEST is
+ * not set, and authenticated is set
+ */
+ info->user_flags |= NETLOGON_GUEST;
+ }
*_user_info = info;
return NT_STATUS_OK;
uint32 acct_flags;
- uint8 authenticated;
+ /*
+ * The NETLOGON_GUEST flag being set indicates the user is not
+ * authenticated.
+ */
+ uint32 user_flags;
} auth_user_info;
/* This information is preserved only to assist torture tests */
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_domain_local_compression_as_req_to_service.ad_dc
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_group_removal_compression_tgs_req_to_service.ad_dc
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_nested_universal_compression_as_req_to_service.ad_dc
-^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_claimed_given_tgs_req_to_krbtgt.ad_dc
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_compression_tgs_req_to_service.ad_dc
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_no_compression_tgs_req_to_service.ad_dc
^samba.tests.krb5.group_tests.samba.tests.krb5.group_tests.GroupTests.test_group_resource_sids_given_tgs_req_to_krbtgt.ad_dc
}
}
- if (session_info->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
NTSTATUS status;
struct auth_user_info_dc *user_info_dc = talloc_get_type_abort(server_returned_info, struct auth_user_info_dc);
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
return status;
}
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
info->acct_flags = ACB_NORMAL;
- info->authenticated = true;
+ info->user_flags = 0;
*_user_info_dc = user_info_dc;
}
flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
user_info_dc->num_sids++;
}
- info->authenticated = true;
+ info->user_flags = 0;
talloc_free(tmp_ctx);
*_user_info_dc = user_info_dc;
info->acct_flags = ACB_NORMAL;
- info->authenticated = true;
+ info->user_flags = 0;
*_user_info_dc = user_info_dc;
info->acct_flags = ACB_NORMAL;
- info->authenticated = true;
+ info->user_flags = 0;
*_user_info_dc = user_info_dc;
info->acct_flags = ACB_NORMAL;
- info->authenticated = false;
+ /* The user is not authenticated. */
+ info->user_flags = NETLOGON_GUEST;
*_user_info_dc = user_info_dc;
return status;
}
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
goto out;
}
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
if (!NT_STATUS_IS_OK(status)) goto failed;
flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
/* This references user_info_dc into session_info */
if (!NT_STATUS_IS_OK(status)) goto failed;
flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
/* This references user_info_dc into session_info */
return nt_status;
}
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
talloc_steal(pac_data, pac_data->pac_srv_sig);
talloc_steal(pac_data, pac_data->pac_kdc_sig);
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
return nt_status;
}
- if (user_info_dc->info->authenticated) {
+ if (!(user_info_dc->info->user_flags & NETLOGON_GUEST)) {
session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}