(this should have been part of the previous commit)

Add a function to display 'sid types' as strings - makes rpcclient outptut
and DEBUG() logs much eaiser to understand.

Move the enum for SID types to smb.h, becouse is really isn't LSA specific any
more.

Andrew Bartlett
(This used to be commit fc9739861104df4ddc93efab3275275307e4fbb9)

3 files changed, 51 insertions, 14 deletions

diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h
index ceb0e17d5c..8e42ac7d2c 100644
--- a/source3/include/rpc_lsa.h
+++ b/source3/include/rpc_lsa.h
@@ -25,19 +25,6 @@
 
 #include "rpc_misc.h"
 
-enum SID_NAME_USE
-{
-	SID_NAME_USE_NONE = 0,/* NOTUSED */
-	SID_NAME_USER    = 1, /* user */
-	SID_NAME_DOM_GRP = 2, /* domain group */
-	SID_NAME_DOMAIN  = 3, /* domain: don't know what this is */
-	SID_NAME_ALIAS   = 4, /* local group */
-	SID_NAME_WKN_GRP = 5, /* well-known group */
-	SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
-	SID_NAME_INVALID = 7, /* invalid account */
-	SID_NAME_UNKNOWN = 8  /* oops. */
-};
-
 /* Opcodes available on PIPE_LSARPC */
 
 #define LSA_CLOSE              0x00
diff --git a/source3/include/smb.h b/source3/include/smb.h
index b095c3d8fa..a67101ff09 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -248,6 +248,20 @@ typedef uint32 WERROR;
 #define MAXSUBAUTHS 15 /* max sub authorities in a SID */
 #endif
 
+/* SID Types */
+enum SID_NAME_USE
+{
+	SID_NAME_USE_NONE = 0,/* NOTUSED */
+	SID_NAME_USER    = 1, /* user */
+	SID_NAME_DOM_GRP = 2, /* domain group */
+	SID_NAME_DOMAIN  = 3, /* domain: don't know what this is */
+	SID_NAME_ALIAS   = 4, /* local group */
+	SID_NAME_WKN_GRP = 5, /* well-known group */
+	SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */
+	SID_NAME_INVALID = 7, /* invalid account */
+	SID_NAME_UNKNOWN = 8  /* oops. */
+};
+
 /**
  * @brief Security Identifier
  *
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 7d3bd848ef..3293026c7d 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -43,7 +43,6 @@ DOM_SID global_sid_Network;					/* Network rids */
 static DOM_SID global_sid_Creator_Owner;    		/* Creator Owner */
 static DOM_SID global_sid_Creator_Group;              /* Creator Group */
 static DOM_SID global_sid_Anonymous;				/* Anonymous login */
-static const DOM_SID *global_sid_everyone = &global_sid_World;
 
 /*
  * An NT compatible anonymous token.
@@ -57,6 +56,43 @@ NT_USER_TOKEN anonymous_token = {
 };
 
 /****************************************************************************
+ Lookup string names for SID types.
+****************************************************************************/
+
+const static struct {
+	enum SID_NAME_USE sid_type;
+	char *string;
+} sid_name_type[] = {
+	{SID_NAME_USER, "user"},
+	{SID_NAME_DOM_GRP, "domain group"},
+	{SID_NAME_DOMAIN, "domain"},
+	{SID_NAME_ALIAS, "local group"},
+	{SID_NAME_WKN_GRP, "well-known group"},
+	{SID_NAME_DELETED, "deleted account"},
+	{SID_NAME_INVALID, "invalid account"},
+	{SID_NAME_UNKNOWN, "UNKNOWN"},
+
+ 	{SID_NAME_USE_NONE, NULL}
+};
+
+const char *sid_type_lookup(uint32 sid_type) 
+{
+	int i = 0;
+
+	/* Look through list */
+	while(sid_name_type[i].sid_type != 0) {
+		if (sid_name_type[i].sid_type == sid_type)
+			return sid_name_type[i].string;
+		i++;
+	}
+
+	/* Default return */
+	return "SID *TYPE* is INVALID";
+	
+}
+
+
+/****************************************************************************
  Creates some useful well known sids
 ****************************************************************************/