[LSASRV] LsapLogonUser creates an impersonation token for a network logon
authorEric Kohl <eric.kohl@reactos.org>
Sun, 26 Aug 2018 22:19:10 +0000 (00:19 +0200)
committerEric Kohl <eric.kohl@reactos.org>
Sun, 26 Aug 2018 22:19:10 +0000 (00:19 +0200)
dll/win32/lsasrv/authpackage.c

index 7405e09..8eef860 100644 (file)
@@ -1570,7 +1570,7 @@ LsapLogonUser(PLSA_API_MSG RequestMsg,
         Status = NtCreateToken(&TokenHandle,
                                TOKEN_ALL_ACCESS,
                                &ObjectAttributes,
-                               TokenPrimary,
+                               (RequestMsg->LogonUser.Request.LogonType == Network) ? TokenImpersonation : TokenPrimary,
                                &RequestMsg->LogonUser.Reply.LogonId,
                                &TokenInfo1->ExpirationTime,
                                &TokenInfo1->User,