From 7b7c26cfce842f499ccda7fbcdc98dfbd219d86c Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 14 Dec 2004 04:45:00 +0000
Subject: r4192: added server side implementation of lsa_EnumAccountRights

the "privilege" command in smbclient now works against Samba4
(This used to be commit 8a3f2650500e11d1d38d76421f8373e5088d2dc5)
---
 source4/rpc_server/lsa/dcesrv_lsa.c | 50 ++++++++++++++++++++++++++++++++++---
 1 file changed, 47 insertions(+), 3 deletions(-)

(limited to 'source4')

diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index a10f6b1821..66eb0b7234 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -838,10 +838,54 @@ static NTSTATUS lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *dce_call
 /* 
   lsa_EnumAccountRights 
 */
-static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
-		       struct lsa_EnumAccountRights *r)
+static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call, 
+				      TALLOC_CTX *mem_ctx,
+				      struct lsa_EnumAccountRights *r)
 {
-	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+	struct dcesrv_handle *h;
+	struct lsa_policy_state *state;
+	int ret, i;
+	struct ldb_message **res;
+	const char * const attrs[] = { "privilege", NULL};
+	const char *sidstr;
+	struct ldb_message_element *el;
+
+	DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
+
+	state = h->data;
+
+	sidstr = dom_sid_string(mem_ctx, r->in.sid);
+	if (sidstr == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	ret = samdb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, 
+			   "objectSid=%s", sidstr);
+	if (ret != 1) {
+		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+	}
+
+	el = ldb_msg_find_element(res[0], "privilege");
+	if (el == NULL || el->num_values == 0) {
+		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+	}
+
+	r->out.rights = talloc_p(mem_ctx, struct lsa_RightSet);
+	if (r->out.rights == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	r->out.rights->count = el->num_values;
+	r->out.rights->names = talloc_array_p(r->out.rights, 
+					      struct lsa_String, r->out.rights->count);
+	if (r->out.rights->names == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	for (i=0;i<el->num_values;i++) {
+		r->out.rights->names[i].string = el->values[i].data;
+	}
+
+	return NT_STATUS_OK;
 }
 
 
-- 
cgit