summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-03-26 06:52:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:56:20 -0500
commit0aa89db9471330fd02db395c2eb387ac2dfef54f (patch)
treec4cf899e4aeb15bc926c2e4e470ee32f14b2bba4 /source3/utils
parent404fa5636ddae8caa0a46bb68b796d23ec3f5a0e (diff)
downloadsamba-0aa89db9471330fd02db395c2eb387ac2dfef54f.tar.gz
samba-0aa89db9471330fd02db395c2eb387ac2dfef54f.tar.bz2
samba-0aa89db9471330fd02db395c2eb387ac2dfef54f.zip
r6071: * clean up UNISTR2_ARRAY ( really just an array of UNISTR4 + count )
* add some backwards compatibility to 'net rpc rights list' * verify privilege name in 'net rpc rights privileges <name>' in order to give back better error messages. (This used to be commit 0e29dc8aa384dfa6d2495beb8a9ffb5371e60a13)
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_rpc_rights.c50
1 files changed, 37 insertions, 13 deletions
diff --git a/source3/utils/net_rpc_rights.c b/source3/utils/net_rpc_rights.c
index ce95226951..3a986ed251 100644
--- a/source3/utils/net_rpc_rights.c
+++ b/source3/utils/net_rpc_rights.c
@@ -284,16 +284,23 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char
POLICY_HND pol;
NTSTATUS result;
DOM_SID sid;
+ fstring privname;
+ fstring description;
+ uint16 lang_id = 0;
+ uint16 lang_id_sys = 0;
+ uint16 lang_id_desc;
+
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED, &pol);
if ( !NT_STATUS_IS_OK(result) )
return result;
-
+
+ /* backwards compatibility; just list available privileges if no arguement */
+
if (argc == 0) {
- d_printf("Usage: net rpc rights list [accounts|privileges] [name|SID]\n");
- result = NT_STATUS_OK;
+ result = enum_privileges( mem_ctx, cli, &pol );
goto done;
}
@@ -305,18 +312,35 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char
goto done;
}
- while (argv[i] != NULL) {
- result = enum_accounts_for_privilege(mem_ctx, cli, &pol, argv[i]);
+ while ( argv[i] != NULL )
+ {
+ fstrcpy( privname, argv[i] );
+ i++;
+
+ /* verify that this is a valid privilege for error reporting */
+
+ result = cli_lsa_get_dispname(cli, mem_ctx, &pol, privname, lang_id,
+ lang_id_sys, description, &lang_id_desc);
+
+ if ( !NT_STATUS_IS_OK(result) ) {
+ if ( NT_STATUS_EQUAL( result, NT_STATUS_NO_SUCH_PRIVILEGE ) )
+ d_printf("No such privilege exists: %s.\n", privname);
+ else
+ d_printf("Error resolving privilege display name [%s].\n", nt_errstr(result));
+ continue;
+ }
+
+ result = enum_accounts_for_privilege(mem_ctx, cli, &pol, privname);
if (!NT_STATUS_IS_OK(result)) {
- goto done;
+ d_printf("Error enumerating accounts for privilege %s [%s].\n",
+ privname, nt_errstr(result));
+ continue;
}
- i++;
}
goto done;
}
- /* special case to enuemrate all privileged SIDs
- with associated rights */
+ /* special case to enumerate all privileged SIDs with associated rights */
if (strequal( argv[0], "accounts")) {
int i = 1;
@@ -343,7 +367,7 @@ static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char
/* backward comaptibility: if no keyword provided, treat the key
as an account name */
if (argc > 1) {
- d_printf("Usage: net rpc rights list [accounts|privileges] [name|SID]\n");
+ d_printf("Usage: net rpc rights list [[accounts|privileges] [name|SID]]\n");
result = NT_STATUS_OK;
goto done;
}
@@ -487,9 +511,9 @@ static int rpc_rights_revoke( int argc, const char **argv )
static int net_help_rights( int argc, const char **argv )
{
- d_printf("net rpc rights list [accounts|username] View available or assigned privileges\n");
- d_printf("net rpc rights grant <name|SID> <right> Assign privilege[s]\n");
- d_printf("net rpc rights revoke <name|SID> <right> Revoke privilege[s]\n");
+ d_printf("net rpc rights list [{accounts|privileges} [name|SID]] View available or assigned privileges\n");
+ d_printf("net rpc rights grant <name|SID> <right> Assign privilege[s]\n");
+ d_printf("net rpc rights revoke <name|SID> <right> Revoke privilege[s]\n");
d_printf("\nBoth 'grant' and 'revoke' require a SID and a list of privilege names.\n");
d_printf("For example\n");