From 3ee3bb46d70d21dce3308f03ba13ef2f79861658 Mon Sep 17 00:00:00 2001
From: Gabriel Gonzalez <gabriel.gonzalez@fortra.com>
Date: Mon, 4 Mar 2024 18:22:37 -0300
Subject: [PATCH] Change desiredAccess to MAXIMUM_ALLOWED when getting
 user_handle in net.py. We could receive ACCESS_DENIED if authenticated user
 was not admin with previous value (USER_ALL_ACCESS) (#1708)

---
 examples/net.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/net.py b/examples/net.py
index e2f5e50129..c1eec5b75b 100644
--- a/examples/net.py
+++ b/examples/net.py
@@ -102,7 +102,7 @@ def _get_object_rid(self, domain_handle, object_name):
 
     def _get_user_handle(self, domain_handle, username):
         user_rid = self._get_object_rid(domain_handle, username)
-        response = samr.hSamrOpenUser(self._dce, domain_handle, samr.USER_ALL_ACCESS, user_rid)
+        response = samr.hSamrOpenUser(self._dce, domain_handle, samr.MAXIMUM_ALLOWED, user_rid)
         return response['UserHandle']
 
     def _get_group_handle(self, domain_handle, alias_name):