static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 enum_context=0; uint32 pref_max_length=0x1000; DOM_SID *sids; uint32 count=0; int i; if (argc > 3) { printf("Usage: %s [enum context] [max length]\n", argv[0]); return NT_STATUS_OK; } if (argc>=2) enum_context=atoi(argv[1]); if (argc==3) pref_max_length=atoi(argv[2]); result = cli_lsa_open_policy(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length, &count, &sids); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ printf("found %d SIDs\n\n", count); for (i = 0; i < count; i++) { fstring sid_str; sid_to_string(sid_str, &sids[i]); printf("%s\n", sid_str); } done: return result; }
static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state *cli, POLICY_HND *pol ) { NTSTATUS result; uint32 enum_context=0; uint32 pref_max_length=0x1000; DOM_SID *sids; uint32 count=0; int i; fstring name; result = cli_lsa_enum_sids(cli, ctx, pol, &enum_context, pref_max_length, &count, &sids); if (!NT_STATUS_IS_OK(result)) return result; for ( i=0; i<count; i++ ) { /* try to convert the SID to a name. Fall back to printing the raw SID if necessary */ result = sid_to_name( cli, ctx, &sids[i], name ); if ( !NT_STATUS_IS_OK (result) ) fstrcpy( name, sid_string_static(&sids[i]) ); d_printf("%s\n", name); result = enum_privileges_for_user( ctx, cli, pol, &sids[i] ); if ( !NT_STATUS_IS_OK(result) ) return result; d_printf("\n"); } return NT_STATUS_OK; }