From b872787f01f0e72db3c03676e46432375fcce787 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 11 Dec 2001 02:17:26 +0000 Subject: Doing some research into ACLs on the LSA and SAM policy objects. - added lsaquerysecobj to rpcclient - renamed querysecobj to samquerysecobj - removed duplicated display_sec_acl() code from cmd_spoolss.c and cmd_samr.c and moved it into display_sec.c (This used to be commit 59b2e3f408a5ff22f2d81a927d010a7df5f19f7f) --- source3/libsmb/cli_lsarpc.c | 52 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'source3/libsmb/cli_lsarpc.c') diff --git a/source3/libsmb/cli_lsarpc.c b/source3/libsmb/cli_lsarpc.c index c528ff48a9..ff4c4dfe30 100644 --- a/source3/libsmb/cli_lsarpc.c +++ b/source3/libsmb/cli_lsarpc.c @@ -988,6 +988,58 @@ NTSTATUS cli_lsa_lookupprivvalue(struct cli_state *cli, TALLOC_CTX *mem_ctx, return result; } +/** Query LSA security object */ + +NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, + POLICY_HND *pol, uint32 sec_info, + SEC_DESC_BUF **psdb) +{ + prs_struct qbuf, rbuf; + LSA_Q_QUERY_SEC_OBJ q; + LSA_R_QUERY_SEC_OBJ r; + NTSTATUS result; + + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Initialise parse structures */ + + prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + + /* Marshall data and send request */ + + init_q_query_sec_obj(&q, pol, sec_info); + + if (!lsa_io_q_query_sec_obj("", &q, &qbuf, 0) || + !rpc_api_pipe_req(cli, LSA_QUERYSECOBJ, &qbuf, &rbuf)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + /* Unmarshall response */ + + if (!lsa_io_r_query_sec_obj("", &r, &rbuf, 0)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + if (!NT_STATUS_IS_OK(result = r.status)) { + goto done; + } + + /* Return output parameters */ + + if (psdb) + *psdb = r.buf; + + done: + prs_mem_free(&qbuf); + prs_mem_free(&rbuf); + + return result; +} + /** Fetch a DOMAIN sid. Does complete cli setup / teardown anonymously. */ BOOL fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid) -- cgit