summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2003-01-16 04:14:59 +0000
committerAndrew Tridgell <tridge@samba.org>2003-01-16 04:14:59 +0000
commit70bf249cfb83ee1836bf8d16b0f74e60b873b9ba (patch)
tree99abc399d68c17fc77cf68160c2db8a18b8ff511
parent5b076fe30b7dcb783c9a2405ba1b642ffb5514ec (diff)
downloadsamba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.tar.gz
samba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.tar.bz2
samba-70bf249cfb83ee1836bf8d16b0f74e60b873b9ba.zip
allow a couple of LSA functions to take a username instead of a SID,
They still accept a SID, it just can be tedious to have to type SIDs instead of names all the time. (This used to be commit 665cc9b1aceb454074e9de9c6e8636b39be29493)
-rw-r--r--source3/rpcclient/cmd_lsarpc.c47
1 files changed, 44 insertions, 3 deletions
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index decbc8e161..46e85e7c15 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -23,6 +23,43 @@
#include "includes.h"
#include "rpcclient.h"
+
+/* useful function to allow entering a name instead of a SID and
+ * looking it up automatically */
+static NTSTATUS name_to_sid(struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ DOM_SID *sid, const char *name)
+{
+ POLICY_HND pol;
+ uint32 *sid_types;
+ NTSTATUS result;
+ DOM_SID *sids;
+
+ /* maybe its a raw SID */
+ if (strncmp(name, "S-", 2) == 0 &&
+ string_to_sid(sid, name)) {
+ return NT_STATUS_OK;
+ }
+
+ result = cli_lsa_open_policy(cli, mem_ctx, True,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ &pol);
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
+
+ cli_lsa_close(cli, mem_ctx, &pol);
+
+ *sid = sids[0];
+
+done:
+ return result;
+}
+
+
/* Look up domain related information on a remote host */
static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli,
@@ -422,7 +459,9 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
return NT_STATUS_OK;
}
- string_to_sid(&sid, argv[1]);
+ result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
result = cli_lsa_open_policy2(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
@@ -474,7 +513,9 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
return NT_STATUS_OK;
}
- string_to_sid(&sid, argv[1]);
+ result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
+ if (!NT_STATUS_IS_OK(result))
+ goto done;
result = cli_lsa_open_policy2(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
@@ -488,7 +529,7 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
if (!NT_STATUS_IS_OK(result))
goto done;
- printf("found %d privileges for SID %s\n", count, argv[1]);
+ printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
for (i = 0; i < count; i++) {
printf("\t%s\n", rights[i]);