summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/passdb/pdb_interface.c37
-rw-r--r--source3/rpc_server/srv_samr_nt.c8
-rw-r--r--source3/rpcclient/cmd_samr.c23
3 files changed, 41 insertions, 27 deletions
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 9605349781..875e264bf0 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1652,24 +1652,38 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
BOOL have_mapped = False;
BOOL have_unmapped = False;
- if (!sid_equal(domain_sid, get_global_sam_sid())) {
- /* TODO: Sooner or later we need to look up BUILTIN rids as
- * well. -- vl */
+ if (sid_check_is_builtin(domain_sid)) {
+
+ for (i=0; i<num_rids; i++) {
+ fstring name;
+
+ if (lookup_builtin_rid(rids[i], name)) {
+ attrs[i] = SID_NAME_ALIAS;
+ names[i] = talloc_strdup(names, name);
+ if (names[i] == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ DEBUG(5,("lookup_rids: %s:%d\n",
+ names[i], attrs[i]));
+ have_mapped = True;
+ } else {
+ have_unmapped = True;
+ attrs[i] = SID_NAME_UNKNOWN;
+ }
+ }
goto done;
}
+ /* Should not happen, but better check once too many */
+ if (!sid_check_is_domain(domain_sid)) {
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
for (i = 0; i < num_rids; i++) {
fstring tmpname;
- fstring domname;
- DOM_SID sid;
enum SID_NAME_USE type;
- attrs[i] = SID_NAME_UNKNOWN;
-
- sid_copy(&sid, domain_sid);
- sid_append_rid(&sid, rids[i]);
-
- if (lookup_sid(&sid, domname, tmpname, &type)) {
+ if (lookup_global_sam_rid(rids[i], tmpname, &type)) {
attrs[i] = (uint32)type;
names[i] = talloc_strdup(names, tmpname);
if (names[i] == NULL)
@@ -1678,6 +1692,7 @@ NTSTATUS pdb_default_lookup_rids(struct pdb_methods *methods,
have_mapped = True;
} else {
have_unmapped = True;
+ attrs[i] = SID_NAME_UNKNOWN;
}
}
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 65bb0ef1ab..b4d699188a 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1516,19 +1516,11 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK
if ((num_rids != 0) && ((names == NULL) || (attrs == NULL)))
return NT_STATUS_NO_MEMORY;
- if (!sid_equal(&pol_sid, get_global_sam_sid())) {
- /* TODO: Sooner or later we need to look up BUILTIN rids as
- * well. -- vl */
- goto done;
- }
-
become_root(); /* lookup_sid can require root privs */
r_u->status = pdb_lookup_rids(&pol_sid, num_rids, q_u->rid,
names, attrs);
unbecome_root();
- done:
-
if(!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
&hdr_name, &uni_name))
return NT_STATUS_NO_MEMORY;
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 7727330388..68ceead69d 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1457,8 +1457,8 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
char **names;
int i;
- if (argc < 2) {
- printf("Usage: %s rid1 [rid2 [rid3] [...]]\n", argv[0]);
+ if (argc < 3) {
+ printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
return NT_STATUS_OK;
}
@@ -1470,20 +1470,27 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
if (!NT_STATUS_IS_OK(result))
goto done;
- result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- &domain_sid, &domain_pol);
+ if (StrCaseCmp(argv[1], "domain")==0)
+ result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid, &domain_pol);
+ else if (StrCaseCmp(argv[1], "builtin")==0)
+ result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &global_sid_Builtin, &domain_pol);
+ else
+ return NT_STATUS_OK;
if (!NT_STATUS_IS_OK(result))
goto done;
/* Look up rids */
- num_rids = argc - 1;
+ num_rids = argc - 2;
rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
- for (i = 0; i < argc - 1; i++)
- sscanf(argv[i + 1], "%i", &rids[i]);
+ for (i = 0; i < argc - 2; i++)
+ sscanf(argv[i + 2], "%i", &rids[i]);
result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
&num_names, &names, &name_types);