static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
char **argv)
{
POLICY_HND pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 enum_context=0;
uint32 pref_max_length=0x1000;
DOM_SID *sids;
uint32 count=0;
int i;
if (argc > 3) {
printf("Usage: %s [enum context] [max length]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc>=2)
enum_context=atoi(argv[1]);
if (argc==3)
pref_max_length=atoi(argv[2]);
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
&count, &sids);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Print results */
printf("found %d SIDs\n\n", count);
for (i = 0; i < count; i++) {
fstring sid_str;
sid_to_string(sid_str, &sids[i]);
printf("%s\n", sid_str);
}
done:
return result;
}
static NTSTATUS enum_privileges_for_accounts( TALLOC_CTX *ctx, struct cli_state *cli,
POLICY_HND *pol )
{
NTSTATUS result;
uint32 enum_context=0;
uint32 pref_max_length=0x1000;
DOM_SID *sids;
uint32 count=0;
int i;
fstring name;
result = cli_lsa_enum_sids(cli, ctx, pol, &enum_context,
pref_max_length, &count, &sids);
if (!NT_STATUS_IS_OK(result))
return result;
for ( i=0; i<count; i++ ) {
/* try to convert the SID to a name. Fall back to
printing the raw SID if necessary */
result = sid_to_name( cli, ctx, &sids[i], name );
if ( !NT_STATUS_IS_OK (result) )
fstrcpy( name, sid_string_static(&sids[i]) );
d_printf("%s\n", name);
result = enum_privileges_for_user( ctx, cli, pol, &sids[i] );
if ( !NT_STATUS_IS_OK(result) )
return result;
d_printf("\n");
}
return NT_STATUS_OK;
}
