From a9a9772b5dbea06c21125738058c0a629c9d077d Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Wed, 27 Aug 2008 13:47:04 +0200
Subject: net: use netapi for "net rpc user info" to enumerate user group
 membership.

Guenther
(This used to be commit 77ecfff216b24b0d4b1ce79bee13c18bffa7b533)
---
 source3/utils/net_rpc.c | 139 ++++++++++--------------------------------------
 1 file changed, 27 insertions(+), 112 deletions(-)

(limited to 'source3')

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 9e62dcd652..6db5bc753b 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -768,133 +768,50 @@ static int rpc_user_password(struct net_context *c, int argc, const char **argv)
 }
 
 /**
- * List user's groups on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
+ * List a user's groups from a remote RPC server.
  *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
  * @param argc  Standard main() style argc.
  * @param argv  Standard main() style argv. Initial components are already
  *              stripped.
  *
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success)
  **/
 
-static NTSTATUS rpc_user_info_internals(struct net_context *c,
-			const DOM_SID *domain_sid,
-			const char *domain_name,
-			struct cli_state *cli,
-			struct rpc_pipe_client *pipe_hnd,
-			TALLOC_CTX *mem_ctx,
-			int argc,
-			const char **argv)
+static int rpc_user_info(struct net_context *c, int argc, const char **argv)
+
 {
-	POLICY_HND connect_pol, domain_pol, user_pol;
-	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	NET_API_STATUS status;
+	struct GROUP_USERS_INFO_0 *u0 = NULL;
+	uint32_t entries_read = 0;
+	uint32_t total_entries = 0;
 	int i;
-	struct samr_RidWithAttributeArray *rid_array = NULL;
-	struct lsa_Strings names;
-	struct samr_Ids types;
-	uint32_t *lrids = NULL;
-	struct samr_Ids rids, name_types;
-	struct lsa_String lsa_acct_name;
 
 
 	if (argc < 1 || c->display_usage) {
 		rpc_user_usage(c, argc, argv);
-		return NT_STATUS_OK;
+		return 0;
 	}
-	/* Get sam policy handle */
-
-	result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
-				      pipe_hnd->desthost,
-				      MAXIMUM_ALLOWED_ACCESS,
-				      &connect_pol);
-	if (!NT_STATUS_IS_OK(result)) goto done;
-
-	/* Get domain policy handle */
-
-	result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
-					&connect_pol,
-					MAXIMUM_ALLOWED_ACCESS,
-					CONST_DISCARD(struct dom_sid2 *, domain_sid),
-					&domain_pol);
-	if (!NT_STATUS_IS_OK(result)) goto done;
-
-	/* Get handle on user */
-
-	init_lsa_String(&lsa_acct_name, argv[0]);
-
-	result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
-					 &domain_pol,
-					 1,
-					 &lsa_acct_name,
-					 &rids,
-					 &name_types);
-
-	if (!NT_STATUS_IS_OK(result)) goto done;
-
-	result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
-				      &domain_pol,
-				      MAXIMUM_ALLOWED_ACCESS,
-				      rids.ids[0],
-				      &user_pol);
-	if (!NT_STATUS_IS_OK(result)) goto done;
-
-	result = rpccli_samr_GetGroupsForUser(pipe_hnd, mem_ctx,
-					      &user_pol,
-					      &rid_array);
-
-	if (!NT_STATUS_IS_OK(result)) goto done;
-
-	/* Look up rids */
-
-	if (rid_array->count) {
-		if ((lrids = TALLOC_ARRAY(mem_ctx, uint32, rid_array->count)) == NULL) {
-			result = NT_STATUS_NO_MEMORY;
-			goto done;
-		}
-
-		for (i = 0; i < rid_array->count; i++)
-			lrids[i] = rid_array->rids[i].rid;
-
-		result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx,
-						&domain_pol,
-						rid_array->count,
-						lrids,
-						&names,
-						&types);
-
-		if (!NT_STATUS_IS_OK(result)) {
-			goto done;
-		}
-
-		/* Display results */
 
-		for (i = 0; i < names.count; i++)
-			printf("%s\n", names.names[i].string);
+	status = NetUserGetGroups(c->opt_host,
+				  argv[0],
+				  0,
+				  (uint8_t **)&u0,
+				  (uint32_t)-1,
+				  &entries_read,
+				  &total_entries);
+	if (status != 0) {
+		d_fprintf(stderr, "Failed to get groups for '%s' with: %s.\n",
+			argv[0], libnetapi_get_error_string(c->netapi_ctx,
+							    status));
+		return -1;
 	}
- done:
-	return result;
-}
 
-/**
- * List a user's groups from a remote RPC server.
- *
- * @param argc  Standard main() style argc.
- * @param argv  Standard main() style argv. Initial components are already
- *              stripped.
- *
- * @return A shell status integer (0 for success)
- **/
+	for (i=0; i < entries_read; i++) {
+		printf("%s\n", u0->grui0_name);
+		u0++;
+	}
 
-static int rpc_user_info(struct net_context *c, int argc, const char **argv)
-{
-	return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
-			       rpc_user_info_internals, argc, argv);
+	return 0;
 }
 
 /**
@@ -1058,9 +975,7 @@ static NTSTATUS rpc_sh_user_info(struct net_context *c,
 				 struct rpc_pipe_client *pipe_hnd,
 				 int argc, const char **argv)
 {
-	return rpc_user_info_internals(c, ctx->domain_sid, ctx->domain_name,
-				       ctx->cli, pipe_hnd, mem_ctx,
-				       argc, argv);
+	return werror_to_ntstatus(W_ERROR(rpc_user_info(c, argc, argv)));
 }
 
 static NTSTATUS rpc_sh_handle_user(struct net_context *c,
-- 
cgit