Index: chrome/browser/chromeos/login/existing_user_controller.cc |
diff --git a/chrome/browser/chromeos/login/existing_user_controller.cc b/chrome/browser/chromeos/login/existing_user_controller.cc |
index 40e3b8386c317a89d954657e3b7776fa520f8e10..de4d355a9c82c2b9d93ead6b273e86868bcb380e 100644 |
--- a/chrome/browser/chromeos/login/existing_user_controller.cc |
+++ b/chrome/browser/chromeos/login/existing_user_controller.cc |
@@ -445,6 +445,15 @@ void ExistingUserController::PerformLogin( |
login_performer_.reset(nullptr); |
login_performer_.reset(new ChromeLoginPerformer(this)); |
} |
+ policy::BrowserPolicyConnectorChromeOS* connector = |
+ g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
+ if (connector->IsActiveDirectoryManaged() && |
+ user_context.GetAuthFlow() != UserContext::AUTH_FLOW_ACTIVE_DIRECTORY) { |
+ PerformLoginFinishedActions(false /* don't start auto login timer */); |
+ ShowError(IDS_LOGIN_ERROR_GOOGLE_ACCOUNT_NOT_ALLOWED, |
+ "Google accounts are not allowed on this device"); |
+ return; |
+ } |
if (gaia::ExtractDomainName(user_context.GetAccountId().GetUserEmail()) == |
user_manager::kSupervisedUserDomain) { |