2 Unix SMB/CIFS implementation.
4 session_info utility functions
6 Copyright (C) Andrew Bartlett 2008-2010
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "libcli/security/security.h"
24 #include "librpc/gen_ndr/auth.h"
26 enum security_user_level
security_session_user_level(struct auth_session_info
*session_info
,
27 const struct dom_sid
*domain_sid
)
29 struct security_token
*token
= NULL
;
30 bool authenticated
= false;
34 return SECURITY_ANONYMOUS
;
36 token
= session_info
->security_token
;
38 if (security_token_is_system(token
)) {
39 return SECURITY_SYSTEM
;
42 if (security_token_is_anonymous(token
)) {
43 return SECURITY_ANONYMOUS
;
46 authenticated
= security_token_has_nt_authenticated_users(token
);
47 guest
= security_token_has_builtin_guests(token
);
50 return SECURITY_GUEST
;
52 return SECURITY_ANONYMOUS
;
55 if (security_token_has_builtin_administrators(token
)) {
56 return SECURITY_ADMINISTRATOR
;
60 struct dom_sid rodc_dcs
= { .num_auths
= 0 };
61 sid_compose(&rodc_dcs
, domain_sid
, DOMAIN_RID_READONLY_DCS
);
63 if (security_token_has_sid(token
, &rodc_dcs
)) {
64 return SECURITY_RO_DOMAIN_CONTROLLER
;
68 if (security_token_has_enterprise_dcs(token
)) {
69 return SECURITY_DOMAIN_CONTROLLER
;