static NTSTATUS enum_privileges_for_user(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *ctx, struct policy_handle *pol, DOM_SID *sid ) { NTSTATUS result; struct lsa_RightSet rights; int i; result = rpccli_lsa_EnumAccountRights(pipe_hnd, ctx, pol, sid, &rights); if (!NT_STATUS_IS_OK(result)) return result; if (rights.count == 0) { d_printf(_("No privileges assigned\n")); } for (i = 0; i < rights.count; i++) { printf("%s\n", rights.names[i].string); } return NT_STATUS_OK; }
static NTSTATUS check_privilege_for_user(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *ctx, struct policy_handle *pol, DOM_SID *sid, const char *right) { NTSTATUS result; struct lsa_RightSet rights; int i; result = rpccli_lsa_EnumAccountRights(pipe_hnd, ctx, pol, sid, &rights); if (!NT_STATUS_IS_OK(result)) { return result; } if (rights.count == 0) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; } for (i = 0; i < rights.count; i++) { if (StrCaseCmp(rights.names[i].string, right) == 0) { return NT_STATUS_OK; } } return NT_STATUS_OBJECT_NAME_NOT_FOUND; }
static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { struct policy_handle dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID sid; struct lsa_RightSet rights; int i; if (argc != 2 ) { printf("Usage: %s SID\n", argv[0]); return NT_STATUS_OK; } result = name_to_sid(cli, mem_ctx, &sid, argv[1]); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_lsa_EnumAccountRights(cli, mem_ctx, &dom_pol, &sid, &rights); if (!NT_STATUS_IS_OK(result)) goto done; printf("found %d privileges for SID %s\n", rights.count, sid_string_tos(&sid)); for (i = 0; i < rights.count; i++) { printf("\t%s\n", rights.names[i].string); } rpccli_lsa_Close(cli, mem_ctx, &dom_pol); done: return result; }