diff options
| author | Andrew Tridgell <tridge@samba.org> | 2004-12-06 07:12:38 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:06:23 -0500 |
| commit | ad3ee0a81c4b2bf2ae67ba461e936f7777584345 (patch) | |
| tree | 5a28cbe677693b20cd429b1766012b76c7e6d728 /source4/client | |
| parent | 9defca2895fb94f48df00a4e388ba4f5de5d5ebc (diff) | |
| download | samba-ad3ee0a81c4b2bf2ae67ba461e936f7777584345.tar.gz samba-ad3ee0a81c4b2bf2ae67ba461e936f7777584345.tar.bz2 samba-ad3ee0a81c4b2bf2ae67ba461e936f7777584345.zip | |
r4073: - added a set of lsa helper routines to make lsa lookups that are
related to filesharing. For example, in order to manipulate ACLs
properly its important to be able to call LookupSids, and to be able
to lookup what privileges a SID has.
- added 3 new commands to smbclient "lookupname", "lookupsid" and
"privileges"
(This used to be commit 8780c40f0539da72652d17455e98fcaee6d197d1)
Diffstat (limited to 'source4/client')
| -rw-r--r-- | source4/client/client.c | 110 | ||||
| -rw-r--r-- | source4/client/config.mk | 3 |
2 files changed, 112 insertions, 1 deletions
diff --git a/source4/client/client.c b/source4/client/client.c index f17586f994..1bad697da7 100644 --- a/source4/client/client.c +++ b/source4/client/client.c @@ -26,6 +26,7 @@ #include "clilist.h" #include "lib/cmdline/popt_common.h" #include "librpc/gen_ndr/ndr_srvsvc.h" +#include "librpc/gen_ndr/ndr_lsa.h" #include "libcli/raw/libcliraw.h" #include "system/time.h" #include "system/dir.h" @@ -1835,6 +1836,112 @@ done: return ret; } +/**************************************************************************** +lookup a sid +****************************************************************************/ +static int cmd_lookupsid(const char **cmd_ptr) +{ + fstring buf; + TALLOC_CTX *mem_ctx = talloc(NULL, 0); + NTSTATUS status; + const char *name; + + if (!next_token(cmd_ptr,buf,NULL,sizeof(buf))) { + d_printf("lookupsid <sid>\n"); + talloc_free(mem_ctx); + return 1; + } + + status = smblsa_lookup_sid(cli, buf, mem_ctx, &name); + if (!NT_STATUS_IS_OK(status)) { + d_printf("lsa_LookupSids - %s\n", nt_errstr(status)); + talloc_free(mem_ctx); + return 1; + } + + d_printf("%s\n", name); + + talloc_free(mem_ctx); + + return 0; +} + +/**************************************************************************** +lookup a name, showing sid +****************************************************************************/ +static int cmd_lookupname(const char **cmd_ptr) +{ + fstring buf; + TALLOC_CTX *mem_ctx = talloc(NULL, 0); + NTSTATUS status; + const char *sid; + + if (!next_token(cmd_ptr,buf,NULL,sizeof(buf))) { + d_printf("lookupname <name>\n"); + talloc_free(mem_ctx); + return 1; + } + + status = smblsa_lookup_name(cli, buf, mem_ctx, &sid); + if (!NT_STATUS_IS_OK(status)) { + d_printf("lsa_LookupNames - %s\n", nt_errstr(status)); + talloc_free(mem_ctx); + return 1; + } + + d_printf("%s\n", sid); + + talloc_free(mem_ctx); + + return 0; +} + +/**************************************************************************** +show privileges for a user +****************************************************************************/ +static int cmd_privileges(const char **cmd_ptr) +{ + fstring buf; + TALLOC_CTX *mem_ctx = talloc(NULL, 0); + NTSTATUS status; + struct dom_sid *sid; + struct lsa_RightSet rights; + unsigned i; + + if (!next_token(cmd_ptr,buf,NULL,sizeof(buf))) { + d_printf("lookupsid <sid>\n"); + talloc_free(mem_ctx); + return 1; + } + + sid = dom_sid_parse_talloc(mem_ctx, buf); + if (sid == NULL) { + const char *sid_str; + status = smblsa_lookup_name(cli, buf, mem_ctx, &sid_str); + if (!NT_STATUS_IS_OK(status)) { + d_printf("lsa_LookupNames - %s\n", nt_errstr(status)); + talloc_free(mem_ctx); + return 1; + } + sid = dom_sid_parse_talloc(mem_ctx, sid_str); + } + + status = smblsa_sid_privileges(cli, sid, mem_ctx, &rights); + if (!NT_STATUS_IS_OK(status)) { + d_printf("lsa_EnumAccountRights - %s\n", nt_errstr(status)); + talloc_free(mem_ctx); + return 1; + } + + for (i=0;i<rights.count;i++) { + d_printf("\t%s\n", rights.names[i].string); + } + + talloc_free(mem_ctx); + + return 0; +} + /**************************************************************************** ****************************************************************************/ @@ -2403,6 +2510,8 @@ static struct {"history",cmd_history,"displays the command history",{COMPL_NONE,COMPL_NONE}}, {"lcd",cmd_lcd,"[directory] change/report the local current working directory",{COMPL_LOCAL,COMPL_NONE}}, {"link",cmd_link,"<src> <dest> create a UNIX hard link",{COMPL_REMOTE,COMPL_REMOTE}}, + {"lookupname",cmd_lookupname,"<name> show SID for name",{COMPL_NONE,COMPL_NONE}}, + {"lookupsid",cmd_lookupsid,"<sid> show name for SID",{COMPL_NONE,COMPL_NONE}}, {"lowercase",cmd_lowercase,"toggle lowercasing of filenames for get",{COMPL_NONE,COMPL_NONE}}, {"ls",cmd_dir,"<mask> list the contents of the current directory",{COMPL_REMOTE,COMPL_NONE}}, {"mask",cmd_select,"<mask> mask all filenames against this",{COMPL_REMOTE,COMPL_NONE}}, @@ -2413,6 +2522,7 @@ static struct {"mput",cmd_mput,"<mask> put all matching files",{COMPL_REMOTE,COMPL_NONE}}, {"newer",cmd_newer,"<file> only mget files newer than the specified local file",{COMPL_LOCAL,COMPL_NONE}}, {"open",cmd_open,"<mask> open a file",{COMPL_REMOTE,COMPL_NONE}}, + {"privileges",cmd_privileges,"<user> show privileges for a user",{COMPL_NONE,COMPL_NONE}}, {"print",cmd_print,"<file name> print a file",{COMPL_NONE,COMPL_NONE}}, {"printmode",cmd_printmode,"<graphics or text> set the print mode",{COMPL_NONE,COMPL_NONE}}, {"prompt",cmd_prompt,"toggle prompting for filenames for mget and mput",{COMPL_NONE,COMPL_NONE}}, diff --git a/source4/client/config.mk b/source4/client/config.mk index a04bb43f29..a4abdcbaa6 100644 --- a/source4/client/config.mk +++ b/source4/client/config.mk @@ -10,6 +10,7 @@ REQUIRED_SUBSYSTEMS = \ LIBCMDLINE \ LIBBASIC \ LIBSMB \ - RPC_NDR_SRVSVC + RPC_NDR_SRVSVC \ + LIBCLI_LSA # End BINARY smbclient ################################# |