summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_idmap.c65
1 files changed, 65 insertions, 0 deletions
diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c
index 2a060d2f49..7ac2a82f6e 100644
--- a/source3/utils/net_idmap.c
+++ b/source3/utils/net_idmap.c
@@ -284,6 +284,70 @@ int net_help_idmap(int argc, const char **argv)
return -1;
}
+static int net_idmap_aclmapset(int argc, const char **argv)
+{
+ TALLOC_CTX *mem_ctx;
+ int result = -1;
+ DOM_SID src_sid, dst_sid;
+ char *src, *dst;
+ struct db_context *db;
+ struct db_record *rec;
+ NTSTATUS status;
+
+ if (argc != 3) {
+ d_fprintf(stderr, "usage: net idmap aclmapset <tdb> "
+ "<src-sid> <dst-sid>\n");
+ return -1;
+ }
+
+ if (!(mem_ctx = talloc_init("net idmap aclmapset"))) {
+ d_fprintf(stderr, "talloc_init failed\n");
+ return -1;
+ }
+
+ if (!(db = db_open(mem_ctx, argv[0], 0, TDB_DEFAULT,
+ O_RDWR|O_CREAT, 0600))) {
+ d_fprintf(stderr, "db_open failed: %s\n", strerror(errno));
+ goto fail;
+ }
+
+ if (!string_to_sid(&src_sid, argv[1])) {
+ d_fprintf(stderr, "%s is not a valid sid\n", argv[1]);
+ goto fail;
+ }
+
+ if (!string_to_sid(&dst_sid, argv[2])) {
+ d_fprintf(stderr, "%s is not a valid sid\n", argv[2]);
+ goto fail;
+ }
+
+ if (!(src = sid_string_talloc(mem_ctx, &src_sid))
+ || !(dst = sid_string_talloc(mem_ctx, &dst_sid))) {
+ d_fprintf(stderr, "talloc_strdup failed\n");
+ goto fail;
+ }
+
+ if (!(rec = db->fetch_locked(
+ db, mem_ctx, string_term_tdb_data(src)))) {
+ d_fprintf(stderr, "could not fetch db record\n");
+ goto fail;
+ }
+
+ status = rec->store(rec, string_term_tdb_data(dst), 0);
+ TALLOC_FREE(rec);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "could not store record: %s\n",
+ nt_errstr(status));
+ goto fail;
+ }
+
+ result = 0;
+fail:
+ TALLOC_FREE(mem_ctx);
+ return result;
+}
+
/***********************************************************
Look at the current idmap
**********************************************************/
@@ -295,6 +359,7 @@ int net_idmap(int argc, const char **argv)
{"setmap", net_idmap_set },
{"delete", net_idmap_delete},
{"secret", net_idmap_secret},
+ {"aclmapset", net_idmap_aclmapset},
{"help", net_help_idmap},
{NULL, NULL}
};