diff options
author | Lutz Justen <ljusten@chromium.org> | 2017-06-13 15:36:53 +0200 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-06-22 17:03:49 -0700 |
commit | b77184f71734a555c14d0a4d7ff79f6c36a863bc (patch) | |
tree | c15d9d46fa3295540ddf3f5a65be644378f34a0a | |
parent | e79b0c771217d6b84b85c692ae5740df8e8a2b36 (diff) | |
download | system_api-b77184f71734a555c14d0a4d7ff79f6c36a863bc.tar.gz |
authpolicy: Add common_name to ActiveDirectoryAccountInfo
The field is needed to query the cn entry from Active Directory in
order to anonymize logs. Some Samba commands log the common name, for
instance net ads gpo list logs:
ads_get_gpo_list: getting GPO list for [CN=common_name,OU=Users,DC=example,DC=com]
In the dependend CL the common name is removed from the logs because
it might contain sensitive data.
CQ-DEPEND=CL:530828
BUG=chromium:732339
TEST=cros_run_unit_tests --board=amd64-generic --packages authpolicy
Change-Id: Ib0b8e0e1b90ec465b38c5f42c9d01ca41a350020
Reviewed-on: https://chromium-review.googlesource.com/533096
Commit-Ready: Lutz Justen <ljusten@chromium.org>
Tested-by: Lutz Justen <ljusten@chromium.org>
Reviewed-by: Lutz Justen <ljusten@chromium.org>
Reviewed-by: Dan Erat <derat@chromium.org>
-rw-r--r-- | dbus/authpolicy/active_directory_info.proto | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/dbus/authpolicy/active_directory_info.proto b/dbus/authpolicy/active_directory_info.proto index a07278b..def9b11 100644 --- a/dbus/authpolicy/active_directory_info.proto +++ b/dbus/authpolicy/active_directory_info.proto @@ -97,7 +97,10 @@ message ActiveDirectoryAccountInfo { // the userAccountControl property of the Active Directory user account // information. Used in authpolicyd only, unused in Chrome. optional uint32 user_account_control = 6; - // Next ID to use: 7 + // Common name of the user, e.g. "John Doe [jdoe]". Taken from the commonName + // property of the Active Directory user account information. + optional string common_name = 7; + // Next ID to use: 8 } // Message sent to Chromium by authpolicy service as a response to a successful |