static NTSTATUS name_to_sid(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
DOM_SID *sid, const char *name)
{
POLICY_HND pol;
uint32 *sid_types;
NTSTATUS result;
DOM_SID *sids;
/* maybe its a raw SID */
if ( strncmp(name, "S-", 2) == 0 && string_to_sid(sid, name) )
{
return NT_STATUS_OK;
}
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED, &pol);
if ( !NT_STATUS_IS_OK(result) )
return result;
result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
if ( NT_STATUS_IS_OK(result) )
sid_copy( sid, &sids[0] );
cli_lsa_close(cli, mem_ctx, &pol);
return result;
}
/* convert a single name to a sid in a domain */
NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
const char *domain_name,
const char *name,
DOM_SID *sid,
enum SID_NAME_USE *type)
{
CLI_POLICY_HND *hnd;
NTSTATUS result;
DOM_SID *sids = NULL;
uint32 *types = NULL;
const char *full_name;
int retry;
DEBUG(3,("rpc: name_to_sid name=%s\n", name));
full_name = talloc_asprintf(mem_ctx, "%s\\%s", domain_name, name);
if (!full_name) {
DEBUG(0, ("talloc_asprintf failed!\n"));
return NT_STATUS_NO_MEMORY;
}
DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", name, domain_name ));
retry = 0;
do {
if (!NT_STATUS_IS_OK(result = cm_get_lsa_handle(domain, &hnd))) {
return result;
}
result = cli_lsa_lookup_names(hnd->cli, mem_ctx, &hnd->pol, 1,
&full_name, &sids, &types);
} while (!NT_STATUS_IS_OK(result) && (retry++ < 1) &&
hnd && hnd->cli && hnd->cli->fd == -1);
/* Return rid and type if lookup successful */
if (NT_STATUS_IS_OK(result)) {
sid_copy(sid, &sids[0]);
*type = (enum SID_NAME_USE)types[0];
}
return result;
}
static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
POLICY_HND pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID *sids;
uint32 *types;
int i;
if (argc == 1) {
printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
return NT_STATUS_OK;
}
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
(const char**)(argv + 1), &sids, &types);
if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
NT_STATUS_V(STATUS_SOME_UNMAPPED))
goto done;
result = NT_STATUS_OK;
/* Print results */
for (i = 0; i < (argc - 1); i++) {
fstring sid_str;
sid_to_string(sid_str, &sids[i]);
printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
sid_type_lookup(types[i]), types[i]);
}
cli_lsa_close(cli, mem_ctx, &pol);
done:
return result;
}
/* convert a string to a SID, either numeric or username/group */
static BOOL StringToSid(DOM_SID *sid, const char *str)
{
uint32 *types = NULL;
DOM_SID *sids = NULL;
BOOL result = True;
if (strncmp(str, "S-", 2) == 0) {
return string_to_sid(sid, str);
}
if (!cli_open_policy_hnd() ||
!NT_STATUS_IS_OK(cli_lsa_lookup_names(cli_ipc, cli_ipc->mem_ctx,
&pol, 1, &str, &sids,
&types))) {
result = False;
goto done;
}
sid_copy(sid, &sids[0]);
done:
return result;
}
