#define AUTH_SESSION_INFO_NTLM 0x10 /* The returned token must have authenticated-with-NTLM flag set */
#define AUTH_SESSION_INFO_FORCE_COMPOUNDED_AUTHENTICATION 0x20 /* The user authenticated with a device. */
#define AUTH_SESSION_INFO_DEVICE_DEFAULT_GROUPS 0x40 /* Add the device to the default world and network groups */
+#define AUTH_SESSION_INFO_DEVICE_AUTHENTICATED 0x80 /* Add the device to the 'authenticated users' group */
struct auth_usersupplied_info
{
.attrs = SE_GROUP_DEFAULT_FLAGS,
};
}
+
+ if (session_info_flags & AUTH_SESSION_INFO_DEVICE_AUTHENTICATED) {
+ device_sids = talloc_realloc(tmp_ctx,
+ device_sids,
+ struct auth_SidAttr,
+ num_device_sids + 1);
+ if (device_sids == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ device_sids[num_device_sids++] = (struct auth_SidAttr) {
+ .sid = global_sid_Authenticated_Users,
+ .attrs = SE_GROUP_DEFAULT_FLAGS,
+ };
+ }
}
nt_status = security_token_create(mem_ctx,