static NTSTATUS enum_privileges_for_user(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *ctx,
struct policy_handle *pol,
DOM_SID *sid )
{
NTSTATUS result;
struct lsa_RightSet rights;
int i;
result = rpccli_lsa_EnumAccountRights(pipe_hnd, ctx,
pol,
sid,
&rights);
if (!NT_STATUS_IS_OK(result))
return result;
if (rights.count == 0) {
d_printf(_("No privileges assigned\n"));
}
for (i = 0; i < rights.count; i++) {
printf("%s\n", rights.names[i].string);
}
return NT_STATUS_OK;
}
static NTSTATUS check_privilege_for_user(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *ctx,
struct policy_handle *pol,
DOM_SID *sid,
const char *right)
{
NTSTATUS result;
struct lsa_RightSet rights;
int i;
result = rpccli_lsa_EnumAccountRights(pipe_hnd, ctx,
pol,
sid,
&rights);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
if (rights.count == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
for (i = 0; i < rights.count; i++) {
if (StrCaseCmp(rights.names[i].string, right) == 0) {
return NT_STATUS_OK;
}
}
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
struct policy_handle dom_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID sid;
struct lsa_RightSet rights;
int i;
if (argc != 2 ) {
printf("Usage: %s SID\n", argv[0]);
return NT_STATUS_OK;
}
result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
if (!NT_STATUS_IS_OK(result))
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = rpccli_lsa_EnumAccountRights(cli, mem_ctx,
&dom_pol,
&sid,
&rights);
if (!NT_STATUS_IS_OK(result))
goto done;
printf("found %d privileges for SID %s\n", rights.count,
sid_string_tos(&sid));
for (i = 0; i < rights.count; i++) {
printf("\t%s\n", rights.names[i].string);
}
rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
done:
return result;
}
