diff options
author | Andrew Tridgell <tridge@samba.org> | 2003-01-16 04:14:59 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2003-01-16 04:14:59 +0000 |
commit | 70bf249cfb83ee1836bf8d16b0f74e60b873b9ba (patch) | |
tree | 99abc399d68c17fc77cf68160c2db8a18b8ff511 | |
parent | 5b076fe30b7dcb783c9a2405ba1b642ffb5514ec (diff) | |
download | samba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.tar.gz samba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.tar.bz2 samba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.zip |
allow a couple of LSA functions to take a username instead of a SID,
They still accept a SID, it just can be tedious to have to type SIDs
instead of names all the time.
(This used to be commit 665cc9b1aceb454074e9de9c6e8636b39be29493)
-rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 47 |
1 files changed, 44 insertions, 3 deletions
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index decbc8e161..46e85e7c15 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -23,6 +23,43 @@ #include "includes.h" #include "rpcclient.h" + +/* useful function to allow entering a name instead of a SID and + * looking it up automatically */ +static NTSTATUS name_to_sid(struct cli_state *cli, + TALLOC_CTX *mem_ctx, + DOM_SID *sid, const char *name) +{ + POLICY_HND pol; + uint32 *sid_types; + NTSTATUS result; + DOM_SID *sids; + + /* maybe its a raw SID */ + if (strncmp(name, "S-", 2) == 0 && + string_to_sid(sid, name)) { + return NT_STATUS_OK; + } + + result = cli_lsa_open_policy(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &pol); + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types); + if (!NT_STATUS_IS_OK(result)) + goto done; + + cli_lsa_close(cli, mem_ctx, &pol); + + *sid = sids[0]; + +done: + return result; +} + + /* Look up domain related information on a remote host */ static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli, @@ -422,7 +459,9 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli, return NT_STATUS_OK; } - string_to_sid(&sid, argv[1]); + result = name_to_sid(cli, mem_ctx, &sid, argv[1]); + if (!NT_STATUS_IS_OK(result)) + goto done; result = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, @@ -474,7 +513,9 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli, return NT_STATUS_OK; } - string_to_sid(&sid, argv[1]); + result = name_to_sid(cli, mem_ctx, &sid, argv[1]); + if (!NT_STATUS_IS_OK(result)) + goto done; result = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, @@ -488,7 +529,7 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli, if (!NT_STATUS_IS_OK(result)) goto done; - printf("found %d privileges for SID %s\n", count, argv[1]); + printf("found %d privileges for SID %s\n", count, sid_string_static(&sid)); for (i = 0; i < count; i++) { printf("\t%s\n", rights[i]); |