summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2000-12-13 12:53:42 +0000
committerTim Potter <tpot@samba.org>2000-12-13 12:53:42 +0000
commit56ee3e2e2f19164e7d0f873a43be2cfb5970d2f3 (patch)
treeb2b9a6fd82c62b5754620309560f88d5086e7afe /source3
parent16e05346e56edac2fc85243a36e7b9047c2d8b58 (diff)
downloadsamba-56ee3e2e2f19164e7d0f873a43be2cfb5970d2f3.tar.gz
samba-56ee3e2e2f19164e7d0f873a43be2cfb5970d2f3.tar.bz2
samba-56ee3e2e2f19164e7d0f873a43be2cfb5970d2f3.zip
Convert names to sids when modifying ACLs. Convert sids to names when
displaying ACLs. (This used to be commit 5001bbc64be62af1597eb334e5b530b415d62a6b)
Diffstat (limited to 'source3')
-rw-r--r--source3/utils/smbcacls.c78
1 files changed, 68 insertions, 10 deletions
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index ae852b3e3c..1ffd7495d0 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -24,6 +24,7 @@
static fstring password;
static fstring username;
+static fstring server;
static int got_pass;
static int test_args;
@@ -60,27 +61,85 @@ static struct perm_value standard_values[] = {
/* convert a SID to a string, either numeric or username/group */
static void SidToString(fstring str, DOM_SID *sid)
{
- if (numeric) {
+ struct cli_state cli;
+ POLICY_HND pol;
+ struct ntuser_creds creds;
+ char **names;
+ uint32 *types;
+ int num_names;
+
+ ZERO_STRUCT(creds);
+ ZERO_STRUCT(cli);
+ ZERO_STRUCT(pol);
+
+ creds.pwd.null_pwd = 1;
+
+ if (numeric || !cli_lsa_initialise(&cli, server, &creds) ||
+ cli_lsa_open_policy(&cli, True, SEC_RIGHTS_MAXIMUM_ALLOWED,
+ &pol) != NT_STATUS_NOPROBLEMO ||
+ cli_lsa_lookup_sids(&cli, &pol, 1, sid, &names, &types,
+ &num_names) != NT_STATUS_NOPROBLEMO) {
sid_to_string(str, sid);
- } else {
+ goto done;
+ }
- /* Need to add LSA lookups */
+ fstrcpy(str, names[0]);
- sid_to_string(str, sid);
+ safe_free(names[0]);
+ safe_free(names);
+ safe_free(types);
+
+ done:
+ if (cli.initialised) {
+ cli_lsa_close(&cli, &pol);
+ cli_lsa_shutdown(&cli);
}
}
/* convert a string to a SID, either numeric or username/group */
static BOOL StringToSid(DOM_SID *sid, fstring str)
{
- if (strncmp(str,"S-", 2) == 0) {
+ uint32 *types;
+ struct cli_state cli;
+ struct ntuser_creds creds;
+ POLICY_HND pol;
+ int num_sids;
+ BOOL result = True;
+ DOM_SID *sids;
+
+ /* Short cut */
+
+ if (strncmp(str, "S-", 2) == 0) {
return string_to_sid(sid, str);
- } else {
+ }
- /* Need to add LSA lookups */
+ ZERO_STRUCT(creds);
+ ZERO_STRUCT(cli);
+ ZERO_STRUCT(pol);
- return string_to_sid(sid, str);
+ creds.pwd.null_pwd = 1;
+
+ if (!cli_lsa_initialise(&cli, server, &creds) ||
+ cli_lsa_open_policy(&cli, True, SEC_RIGHTS_MAXIMUM_ALLOWED,
+ &pol) != NT_STATUS_NOPROBLEMO ||
+ cli_lsa_lookup_names(&cli, &pol, 1, &str, &sids, &types,
+ &num_sids) != NT_STATUS_NOPROBLEMO) {
+ result = string_to_sid(sid, str);
+ goto done;
+ }
+
+ sid_copy(sid, &sids[0]);
+
+ safe_free(sids);
+ safe_free(types);
+
+ done:
+ if (cli.initialised) {
+ cli_lsa_close(&cli, &pol);
+ cli_lsa_shutdown(&cli);
}
+
+ return result;
}
@@ -178,7 +237,7 @@ static BOOL parse_ace(SEC_ACE *ace, char *str)
/* Try to parse text form */
- if (!string_to_sid(&sid, str)) {
+ if (!StringToSid(&sid, str)) {
return False;
}
@@ -516,7 +575,6 @@ struct cli_state *connect_one(char *share)
struct cli_state *c;
struct nmb_name called, calling;
char *server_n;
- fstring server;
struct in_addr ip;
extern struct in_addr ipzero;
extern pstring global_myname;