Ejemplo n.º 1
0
/*
 * smbadm_group_dump_members
 *
 * Dump group members details.
 */
static void
smbadm_group_dump_members(smb_gsid_t *members, int num)
{
	char		sidstr[SMB_SID_STRSZ];
	lsa_account_t	acct;
	int		i;

	if (num == 0) {
		(void) printf(gettext("\tNo members\n"));
		return;
	}

	(void) printf(gettext("\tMembers:\n"));
	for (i = 0; i < num; i++) {
		smb_sid_tostr(members[i].gs_sid, sidstr);

		if (smb_lookup_sid(sidstr, &acct) == 0) {
			if (acct.a_status == NT_STATUS_SUCCESS)
				smbadm_group_show_name(acct.a_domain,
				    acct.a_name);
			else
				(void) printf(gettext("\t\t%s [%s]\n"),
				    sidstr, xlate_nt_status(acct.a_status));
		} else {
			(void) printf(gettext("\t\t%s\n"), sidstr);
		}
	}
}
Ejemplo n.º 2
0
/* Given SID, look up name and type */
idmap_retcode
lookup_lsa_by_sid(
    const char *sidprefix,
    uint32_t rid,
    char **ret_name,
    char **ret_domain,
    idmap_id_type *ret_type)
{
	lsa_account_t acct;
	char sid[SMB_SID_STRSZ + 1];
	idmap_retcode ret;
	int rc;

	(void) memset(&acct, 0, sizeof (acct));
	*ret_name = NULL;
	*ret_domain = NULL;

	(void) snprintf(sid, sizeof (sid), "%s-%u", sidprefix, rid);

	rc = smb_lookup_sid(sid, &acct);
	if (rc != 0) {
		idmapdlog(LOG_ERR, "Error:  smb_lookup_sid failed.");
		idmapdlog(LOG_ERR,
		    "Check SMB service (svc:/network/smb/server).");
		idmapdlog(LOG_ERR,
		    "Check connectivity to Active Directory.");

		ret = IDMAP_ERR_OTHER;
		goto out;
	}
	if (acct.a_status == NT_STATUS_NONE_MAPPED) {
		ret = IDMAP_ERR_NOTFOUND;
		goto out;
	}
	if (acct.a_status != NT_STATUS_SUCCESS) {
		idmapdlog(LOG_WARNING,
		    "Warning:  smb_lookup_sid(%s) failed (0x%x)",
		    sid, acct.a_status);
		/* Fail soft */
		ret = IDMAP_ERR_NOTFOUND;
		goto out;
	}

	ret = idmap_lsa_xlate_sid_type(&acct, ret_type);
	if (ret != IDMAP_SUCCESS)
		goto out;

	*ret_name = strdup(acct.a_name);
	if (*ret_name == NULL) {
		ret = IDMAP_ERR_MEMORY;
		goto out;
	}

	*ret_domain = strdup(acct.a_domain);
	if (*ret_domain == NULL) {
		ret = IDMAP_ERR_MEMORY;
		goto out;
	}

	ret = IDMAP_SUCCESS;

out:
	if (ret != IDMAP_SUCCESS) {
		free(*ret_name);
		*ret_name = NULL;
		free(*ret_domain);
		*ret_domain = NULL;
	}
	return (ret);
}