s3:auth: support AUTH_SESSION_INFO_NTLM in finalize_local_nt_token()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 2b787ed3592fcc9164928020da90187d2814da5d..f5b0e69443356a8f5bc46358704336ac76f2d5bb 100644 (file)
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -808,6 +808,22 @@ NTSTATUS finalize_local_nt_token(struct security_token *result,
                unbecome_root();
        }
 
+       if (session_info_flags & AUTH_SESSION_INFO_NTLM) {
+               struct dom_sid tmp_sid = { 0, };
+
+               ok = dom_sid_parse(SID_NT_NTLM_AUTHENTICATION, &tmp_sid);
+               if (!ok) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+
+               status = add_sid_to_array(result,
+                                         &tmp_sid,
+                                         &result->sids,
+                                         &result->num_sids);
+               if (!NT_STATUS_IS_OK(status)) {
+                       return status;
+               }
+       }
 
        if (session_info_flags & AUTH_SESSION_INFO_SIMPLE_PRIVILEGES) {
                if (security_token_has_builtin_administrators(result)) {