From e13dd2f3025a557bbd71765a684005562591843d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 18 Oct 2002 19:46:28 +0000 Subject: Start to merge the new ACL mapping code from Andreas Gruenbacher . Jeremy. (This used to be commit f6103f866a5e698ab55fdab1444a14e3d8da16bb) --- source3/passdb/util_sam_sid.c | 48 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 38 insertions(+), 10 deletions(-) (limited to 'source3/passdb') diff --git a/source3/passdb/util_sam_sid.c b/source3/passdb/util_sam_sid.c index 6ec1e48ab3..60998003f6 100644 --- a/source3/passdb/util_sam_sid.c +++ b/source3/passdb/util_sam_sid.c @@ -54,7 +54,8 @@ static known_sid_users everyone_users[] = { {0, (enum SID_NAME_USE)0, NULL}}; static known_sid_users creator_owner_users[] = { - { 0, SID_NAME_ALIAS, "Creator Owner" }, + { 0, SID_NAME_WKN_GRP, "Creator Owner" }, + { 1, SID_NAME_WKN_GRP, "Creator Group" }, {0, (enum SID_NAME_USE)0, NULL}}; static known_sid_users nt_authority_users[] = { @@ -80,11 +81,10 @@ static known_sid_users builtin_groups[] = { { BUILTIN_ALIAS_RID_BACKUP_OPS, SID_NAME_ALIAS, "Backup Operators" }, { 0, (enum SID_NAME_USE)0, NULL}}; - - /************************************************************************** - quick init function - *************************************************************************/ + Quick init function. +*************************************************************************/ + static void init_sid_name_map (void) { int i = 0; @@ -105,8 +105,7 @@ static void init_sid_name_map (void) sid_name_map[i].name = global_myname; sid_name_map[i].known_users = NULL; i++; - } - else { + } else { sid_name_map[i].sid = get_global_sam_sid(); sid_name_map[i].name = global_myname; sid_name_map[i].known_users = NULL; @@ -133,8 +132,7 @@ static void init_sid_name_map (void) sid_name_map[i].known_users = &nt_authority_users[0]; i++; - - /* end of array */ + /* End of array. */ sid_name_map[i].sid = NULL; sid_name_map[i].name = NULL; sid_name_map[i].known_users = NULL; @@ -142,7 +140,6 @@ static void init_sid_name_map (void) sid_name_map_initialized = True; return; - } /************************************************************************** @@ -257,6 +254,7 @@ BOOL map_domain_name_to_sid(DOM_SID *sid, char *nt_domain) /***************************************************************** Check if the SID is our domain SID (S-1-5-21-x-y-z). *****************************************************************/ + BOOL sid_check_is_domain(const DOM_SID *sid) { return sid_equal(sid, get_global_sam_sid()); @@ -265,6 +263,7 @@ BOOL sid_check_is_domain(const DOM_SID *sid) /***************************************************************** Check if the SID is our domain SID (S-1-5-21-x-y-z). *****************************************************************/ + BOOL sid_check_is_in_our_domain(const DOM_SID *sid) { DOM_SID dom_sid; @@ -276,3 +275,32 @@ BOOL sid_check_is_in_our_domain(const DOM_SID *sid) return sid_equal(&dom_sid, get_global_sam_sid()); } +/************************************************************************** + Try and map a name to one of the well known SIDs. +***************************************************************************/ + +BOOL map_name_to_wellknown_sid(DOM_SID *sid, enum SID_NAME_USE *use, const char *name) +{ + int i, j; + + if (!sid_name_map_initialized) + init_sid_name_map(); + + for (i=0; sid_name_map[i].sid != NULL; i++) { + known_sid_users *users = sid_name_map[i].known_users; + + if (users == NULL) + continue; + + for (j=0; users[j].known_user_name != NULL; j++) { + if (strequal(users[j].known_user_name, name) == 0) { + sid_copy(sid, sid_name_map[i].sid); + sid_append_rid(sid, users[j].rid); + *use = users[j].sid_name_use; + return True; + } + } + } + + return False; +} -- cgit