static int net_getdomainsid(int argc, const char **argv) { DOM_SID domain_sid; fstring sid_str; if(!initialize_password_db(False)) { DEBUG(0, ("WARNING: Could not open passdb - domain sid may not reflect passdb\n" "backend knowlege (such as the sid stored in LDAP)\n")); } /* Generate one, if it doesn't exist */ get_global_sam_sid(); if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) { d_fprintf(stderr, "Could not fetch local SID\n"); return 1; } sid_to_string(sid_str, &domain_sid); d_printf("SID for domain %s is: %s\n", global_myname(), sid_str); if (!secrets_fetch_domain_sid(opt_workgroup, &domain_sid)) { d_fprintf(stderr, "Could not fetch domain SID\n"); return 1; } sid_to_string(sid_str, &domain_sid); d_printf("SID for domain %s is: %s\n", opt_workgroup, sid_str); return 0; }
DOM_SID *gid_to_sid(DOM_SID *psid, gid_t gid) { gid_t low, high; enum SID_NAME_USE sidtype; fstring sid; if (fetch_sid_from_gid_cache(psid, &sidtype, gid)) return psid; if (lp_winbind_gid(&low, &high) && gid >= low && gid <= high) { if (winbind_gid_to_sid(psid, gid)) { DEBUG(10,("gid_to_sid: winbindd %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid))); if (psid) store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid); return psid; } } local_gid_to_sid(psid, gid); DEBUG(10,("gid_to_sid: local %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid))); if (psid) store_gid_sid_cache(psid, SID_NAME_DOM_GRP, gid); return psid; }
BOOL map_domain_sid_to_name(DOM_SID *sid, fstring nt_domain) { fstring sid_str; int i = 0; sid_to_string(sid_str, sid); if (!sid_name_map_initialized) init_sid_name_map(); DEBUG(5,("map_domain_sid_to_name: %s\n", sid_str)); if (nt_domain == NULL) return False; while (sid_name_map[i].sid != NULL) { sid_to_string(sid_str, sid_name_map[i].sid); DEBUG(5,("map_domain_sid_to_name: compare: %s\n", sid_str)); if (sid_equal(sid_name_map[i].sid, sid)) { fstrcpy(nt_domain, sid_name_map[i].name); DEBUG(5,("map_domain_sid_to_name: found '%s'\n", nt_domain)); return True; } i++; } DEBUG(5,("map_domain_sid_to_name: mapping for %s not found\n", sid_str)); return False; }
BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) { fstring dom_name, name, sid_str; enum SID_NAME_USE name_type; BOOL ret; *sidtype = SID_NAME_UNKNOWN; if (fetch_gid_from_cache(pgid, psid, *sidtype)) return True; /* * First we must look up the name and decide if this is a group sid. */ if (!winbind_lookup_sid(psid, dom_name, name, &name_type)) { DEBUG(10,("sid_to_gid: winbind lookup for sid %s failed - trying local.\n", sid_to_string(sid_str, psid) )); ret = local_sid_to_gid(pgid, psid, sidtype); if (ret) store_gid_sid_cache(psid, *sidtype, *pgid); return ret; } /* * Ensure this is a group sid. */ if ((name_type != SID_NAME_DOM_GRP) && (name_type != SID_NAME_ALIAS) && (name_type != SID_NAME_WKN_GRP)) { DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a known group (%u)\n", (unsigned int)name_type )); ret = local_sid_to_gid(pgid, psid, sidtype); if (ret) store_gid_sid_cache(psid, *sidtype, *pgid); return ret; } *sidtype = name_type; /* * Get the gid for this SID. */ if (!winbind_sid_to_gid(pgid, psid)) { DEBUG(10,("sid_to_gid: winbind lookup for sid %s failed.\n", sid_to_string(sid_str, psid) )); return False; } DEBUG(10,("sid_to_gid: winbindd %s -> %u\n", sid_to_string(sid_str, psid), (unsigned int)*pgid )); store_gid_sid_cache(psid, *sidtype, *pgid); return True; }
BOOL lookup_name(const char *name, DOM_SID *psid, enum SID_NAME_USE *name_type) { extern pstring global_myname; extern fstring global_myworkgroup; fstring sid; char *sep = lp_winbind_separator(); *name_type = SID_NAME_UNKNOWN; if (!winbind_lookup_name(NULL, name, psid, name_type) || (*name_type != SID_NAME_USER) ) { BOOL ret = False; DEBUG(10, ("lookup_name: winbind lookup for %s failed - trying local\n", name)); /* If we are looking up a domain user, make sure it is for the local machine only */ if (strchr(name, sep[0]) || strchr(name, '\\')) { fstring domain, username; split_domain_name(name, domain, username); switch (lp_server_role()) { case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: if (strequal(domain, global_myworkgroup)) { fstrcpy(domain, global_myname); ret = local_lookup_name(domain, username, psid, name_type); } /* No break is deliberate here. JRA. */ default: if (strcasecmp(global_myname, domain) != 0) { DEBUG(5, ("lookup_name: domain %s is not local\n", domain)); ret = local_lookup_name(global_myname, username, psid, name_type); } } } else { ret = local_lookup_name(global_myname, name, psid, name_type); } if (ret) { DEBUG(10, ("lookup_name: (local) %s -> SID %s (type %u)\n", name, sid_to_string(sid,psid), (unsigned int)*name_type )); } else { DEBUG(10,("lookup name: (local) %s failed.\n", name)); } return ret; } DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n", name, sid_to_string(sid, psid), (unsigned int)*name_type)); return True; }
int route_to_user(struct hub_info* hub, struct hub_user* user, struct adc_message* msg) { #ifdef DEBUG_SENDQ char* data = strndup(msg->cache, msg->length-1); LOG_PROTO("send %s: \"%s\"", sid_to_string(user->id.sid), data); free(data); #endif if (!user->connection) return 0; uhub_assert(msg->cache && *msg->cache); if (ioq_send_is_empty(user->send_queue) && !user_flag_get(user, flag_pipeline)) { /* Perform oportunistic write */ ioq_send_add(user->send_queue, msg); handle_net_write(user); } else { if (check_send_queue(hub, user, msg) >= 0) { ioq_send_add(user->send_queue, msg); if (!user_flag_get(user, flag_pipeline)) user_net_io_want_write(user); } } return 1; }
/* set what accounts have a given right - this is an internal interface */ static NTSTATUS privilege_set_accounts_with_right(const char *right, uint32 count, DOM_SID *sids) { TDB_DATA data; char *p; int i; if (!tdb) { return NT_STATUS_INTERNAL_ERROR; } /* allocate the maximum size that we might use */ data.dptr = malloc(count * ((MAXSUBAUTHS*11) + 30)); if (!data.dptr) { return NT_STATUS_NO_MEMORY; } p = data.dptr; for (i=0;i<count;i++) { sid_to_string(p, &sids[i]); p += strlen(p) + 1; } data.dsize = PTR_DIFF(p, data.dptr); if (tdb_store_bystring(tdb, right, data, TDB_REPLACE) != 0) { free(data.dptr); return NT_STATUS_INTERNAL_ERROR; } free(data.dptr); return NT_STATUS_OK; }
static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID *sids; char **domains; char **names; uint32 *types; int i; if (argc == 1) { printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]); return NT_STATUS_OK; } result = cli_lsa_open_policy(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Convert arguments to sids */ sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (argc - 1)); if (!sids) { printf("could not allocate memory for %d sids\n", argc - 1); goto done; } for (i = 0; i < argc - 1; i++) string_to_sid(&sids[i], argv[i + 1]); /* Lookup the SIDs */ result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids, &domains, &names, &types); if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != NT_STATUS_V(STATUS_SOME_UNMAPPED)) goto done; result = NT_STATUS_OK; /* Print results */ for (i = 0; i < (argc - 1); i++) { fstring sid_str; sid_to_string(sid_str, &sids[i]); printf("%s %s\\%s (%d)\n", sid_str, domains[i] ? domains[i] : "*unknown*", names[i] ? names[i] : "*unknown*", types[i]); } done: return result; }
BOOL winbind_sid_to_gid_query(gid_t *pgid, const DOM_SID *sid) { struct winbindd_request request; struct winbindd_response response; int result; fstring sid_str; if (!pgid) return False; /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); sid_to_string(sid_str, sid); fstrcpy(request.data.sid, sid_str); request.flags = WBFLAG_QUERY_ONLY; /* Make request */ result = winbindd_request(WINBINDD_SID_TO_GID, &request, &response); /* Copy out result */ if (result == NSS_STATUS_SUCCESS) { *pgid = response.data.gid; } return (result == NSS_STATUS_SUCCESS); }
/* convert a SID to a string, either numeric or username/group */ static void SidToString(fstring str, DOM_SID *sid, BOOL _numeric) { char **domains = NULL; char **names = NULL; uint32 *types = NULL; sid_to_string(str, sid); if (_numeric) return; /* Ask LSA to convert the sid to a name */ if (!cli_open_policy_hnd() || !NT_STATUS_IS_OK(cli_lsa_lookup_sids(cli_ipc, cli_ipc->mem_ctx, &pol, 1, sid, &domains, &names, &types)) || !domains || !domains[0] || !names || !names[0]) { return; } /* Converted OK */ slprintf(str, sizeof(fstring) - 1, "%s%s%s", domains[0], lp_winbind_separator(), names[0]); }
BOOL winbind_lookup_sid(const DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE *name_type) { struct winbindd_request request; struct winbindd_response response; NSS_STATUS result; fstring sid_str; /* Initialise request */ ZERO_STRUCT(request); ZERO_STRUCT(response); sid_to_string(sid_str, sid); fstrcpy(request.data.sid, sid_str); /* Make request */ result = winbindd_request(WINBINDD_LOOKUPSID, &request, &response); /* Copy out result */ if (result == NSS_STATUS_SUCCESS) { fstrcpy(dom_name, response.data.name.dom_name); fstrcpy(name, response.data.name.name); *name_type = (enum SID_NAME_USE)response.data.name.type; DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n", sid_str, dom_name, name)); } return (result == NSS_STATUS_SUCCESS); }
/**************************************************************************** display sec_ace structure ****************************************************************************/ void display_sec_ace(SEC_ACE *ace) { fstring sid_str; printf("\tACE\n\t\ttype: "); switch (ace->type) { case SEC_ACE_TYPE_ACCESS_ALLOWED: printf("ACCESS ALLOWED"); break; case SEC_ACE_TYPE_ACCESS_DENIED: printf("ACCESS DENIED"); break; case SEC_ACE_TYPE_SYSTEM_AUDIT: printf("SYSTEM AUDIT"); break; case SEC_ACE_TYPE_SYSTEM_ALARM: printf("SYSTEM ALARM"); break; default: printf("????"); break; } printf(" (%d) flags: %d\n", ace->type, ace->flags); display_sec_access(&ace->info); sid_to_string(sid_str, &ace->trustee); printf("\t\tSID: %s\n\n", sid_str); }
/* convert a SID to a string, either numeric or username/group */ static void SidToString(fstring str, DOM_SID *sid) { char **domains = NULL; char **names = NULL; uint32 *types = NULL; sid_to_string(str, sid); if (numeric) return; if (strcmp(str, "S-1-1-0") == 0) { fstrcpy(str, "everyone"); return; } /* Ask LSA to convert the sid to a name */ if (!cacls_open_policy_hnd() || !NT_STATUS_IS_OK(cli_lsa_lookup_sids(&lsa_cli, lsa_cli.mem_ctx, &pol, 1, sid, &domains, &names, &types)) || !domains || !domains[0] || !names || !names[0]) { return; } /* Converted OK */ slprintf(str, sizeof(fstring) - 1, "%s%s%s", domains[0], lp_winbind_separator(), names[0]); }
/**************************************************************************** set samr sid ****************************************************************************/ BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) { pstring sidstr; struct policy *p = find_lsa_policy(hnd); if (p && p->open) { DEBUG(3,("Setting policy sid=%s pnum=%x\n", sid_to_string(sidstr, sid), p->pnum)); memcpy(&p->dev.samr.sid, sid, sizeof(*sid)); return True; } DEBUG(3,("Error setting policy sid=%s\n", sid_to_string(sidstr, sid))); return False; }
/* convert a sid to a user or group name. The sid is guaranteed to be in the domain given */ static NTSTATUS sid_to_name(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **domain_name, char **name, enum SID_NAME_USE *type) { struct winbind_cache *cache = get_cache(domain); struct cache_entry *centry = NULL; NTSTATUS status; fstring sid_string; if (!cache->tdb) goto do_query; centry = wcache_fetch(cache, domain, "SN/%s", sid_to_string(sid_string, sid)); if (!centry) goto do_query; if (NT_STATUS_IS_OK(centry->status)) { *type = (enum SID_NAME_USE)centry_uint32(centry); *domain_name = centry_string(centry, mem_ctx); *name = centry_string(centry, mem_ctx); } status = centry->status; DEBUG(10,("sid_to_name: [Cached] - cached name for domain %s status %s\n", domain->name, get_friendly_nt_error_msg(status) )); centry_free(centry); return status; do_query: *name = NULL; *domain_name = NULL; /* If the seq number check indicated that there is a problem * with this DC, then return that status... except for * access_denied. This is special because the dc may be in * "restrict anonymous = 1" mode, in which case it will deny * most unauthenticated operations, but *will* allow the LSA * sid-to-name that we try as a fallback. */ if (!(NT_STATUS_IS_OK(domain->last_status) || NT_STATUS_EQUAL(domain->last_status, NT_STATUS_ACCESS_DENIED))) return domain->last_status; DEBUG(10,("sid_to_name: [Cached] - doing backend query for name for domain %s\n", domain->name )); status = domain->backend->sid_to_name(domain, mem_ctx, sid, domain_name, name, type); /* and save it */ refresh_sequence_number(domain, False); wcache_save_sid_to_name(domain, status, sid, *domain_name, *name, *type); wcache_save_name_to_sid(domain, status, *domain_name, *name, sid, *type); return status; }
static NTSTATUS cmd_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 alias_rid, num_members, i; DOM_SID *alias_sids; if (argc != 2) { printf("Usage: %s rid\n", argv[0]); return NT_STATUS_OK; } sscanf(argv[1], "%i", &alias_rid); /* Open SAMR handle */ result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Open handle on domain */ result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Open handle on alias */ result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = cli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, &num_members, &alias_sids); if (!NT_STATUS_IS_OK(result)) { goto done; } for (i = 0; i < num_members; i++) { fstring sid_str; sid_to_string(sid_str, &alias_sids[i]); printf("\tsid:[%s]\n", sid_str); } done: return result; }
static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID *domain_sids; char **domain_names; /* defaults, but may be changed using params */ uint32 enum_ctx = 0; uint32 num_domains = 0; int i; if (argc > 2) { printf("Usage: %s [enum context (0)]\n", argv[0]); return NT_STATUS_OK; } if (argc == 2 && argv[1]) { enum_ctx = atoi(argv[2]); } result = cli_lsa_open_policy(cli, mem_ctx, True, POLICY_VIEW_LOCAL_INFORMATION, &pol); if (!NT_STATUS_IS_OK(result)) goto done; result = STATUS_MORE_ENTRIES; while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { /* Lookup list of trusted domains */ result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx, &num_domains, &domain_names, &domain_sids); if (!NT_STATUS_IS_OK(result) && !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) && !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) goto done; /* Print results: list of names and sids returned in this * response. */ for (i = 0; i < num_domains; i++) { fstring sid_str; sid_to_string(sid_str, &domain_sids[i]); printf("%s %s\n", domain_names[i] ? domain_names[i] : "*unknown*", sid_str); } } done: return result; }
static NTSTATUS pgsqlsam_getsampwsid ( struct pdb_methods *methods, SAM_ACCOUNT *user, const DOM_SID *sid ) { struct pdb_pgsql_data *data; fstring sid_str; SET_DATA( data, methods ) ; sid_to_string( sid_str, sid ) ; return pgsqlsam_select_by_field( methods, user, SQL_SEARCH_USER_SID, sid_str ) ; }
void uman_send_quit_message(struct hub_info* hub, struct hub_user* leaving) { struct adc_message* command = adc_msg_construct(ADC_CMD_IQUI, 6); adc_msg_add_argument(command, (const char*) sid_to_string(leaving->id.sid)); if (leaving->quit_reason == quit_banned || leaving->quit_reason == quit_kicked) { adc_msg_add_argument(command, ADC_QUI_FLAG_DISCONNECT); } route_to_all(hub, command); adc_msg_free(command); }
static int net_getdomainsid(int argc, const char **argv) { DOM_SID domain_sid; fstring sid_str; if(!initialize_password_db(False)) { DEBUG(1, ("WARNING: Could not open passdb - domain sid may not reflect passdb\n" "backend knowlege (such as the sid stored in LDAP)\n")); } /* first check to see if we can even access secrets, so we don't panic when we can't. */ if (!secrets_init()) { d_fprintf(stderr, "Unable to open secrets.tdb. " "Can't fetch domainSID for name: %s\n", get_global_sam_name()); return 1; } /* Generate one, if it doesn't exist */ get_global_sam_sid(); if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) { d_fprintf(stderr, "Could not fetch local SID\n"); return 1; } sid_to_string(sid_str, &domain_sid); d_printf("SID for domain %s is: %s\n", global_myname(), sid_str); if (!secrets_fetch_domain_sid(opt_workgroup, &domain_sid)) { d_fprintf(stderr, "Could not fetch domain SID\n"); return 1; } sid_to_string(sid_str, &domain_sid); d_printf("SID for domain %s is: %s\n", opt_workgroup, sid_str); return 0; }
void hub_send_sid(struct hub_info* hub, struct hub_user* u) { sid_t sid; struct adc_message* command; if (user_is_connecting(u)) { command = adc_msg_construct(ADC_CMD_ISID, 10); sid = uman_get_free_sid(hub, u); adc_msg_add_argument(command, (const char*) sid_to_string(sid)); route_to_user(hub, u, command); adc_msg_free(command); } }
static const char* user_log_str(struct hub_user* user) { static char buf[128]; if (user) { snprintf(buf, 128, "user={ %p, \"%s\", %s/%s}", user, user->id.nick, sid_to_string(user->id.sid), user->id.cid); } else { snprintf(buf, 128, "user={ %p }", user); } return buf; }
char *ace_to_str(SEC_ACE *ace) { static pstring temp; fstring sidstr; sid_to_string(sidstr, &ace->sid); slprintf(temp, sizeof(temp) - 1, "%s %d %s %s", ace_type_to_str(ace->type), ace->flags, ace_mask_to_str(ace->info.mask), sidstr); return temp; }
static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 enum_context=0; uint32 pref_max_length=0x1000; DOM_SID *sids; uint32 count=0; int i; if (argc > 3) { printf("Usage: %s [enum context] [max length]\n", argv[0]); return NT_STATUS_OK; } if (argc>=2) enum_context=atoi(argv[1]); if (argc==3) pref_max_length=atoi(argv[2]); result = cli_lsa_open_policy(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length, &count, &sids); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ printf("found %d SIDs\n\n", count); for (i = 0; i < count; i++) { fstring sid_str; sid_to_string(sid_str, &sids[i]); printf("%s\n", sid_str); } done: return result; }
/**************************************************************************** display sec_desc structure ****************************************************************************/ void display_sec_desc(SEC_DESC *sec) { fstring sid_str; if (sec->sacl) { printf("SACL\n"); display_sec_acl(sec->sacl); } if (sec->dacl) { printf("DACL\n"); display_sec_acl(sec->dacl); } if (sec->owner_sid) { sid_to_string(sid_str, sec->owner_sid); printf("\tOwner SID:\t%s\n", sid_str); } if (sec->grp_sid) { sid_to_string(sid_str, sec->grp_sid); printf("\tParent SID:\t%s\n", sid_str); } }
static void wcache_save_user(struct winbindd_domain *domain, NTSTATUS status, WINBIND_USERINFO *info) { struct cache_entry *centry; fstring sid_string; centry = centry_start(domain, status); if (!centry) return; centry_put_string(centry, info->acct_name); centry_put_string(centry, info->full_name); centry_put_sid(centry, info->user_sid); centry_put_sid(centry, info->group_sid); centry_end(centry, "U/%s", sid_to_string(sid_string, info->user_sid)); DEBUG(10,("wcache_save_user: %s (acct_name %s)\n", sid_string, info->acct_name)); centry_free(centry); }
static BOOL fetch_gid_from_cache(gid_t *pgid, const DOM_SID *psid, enum SID_NAME_USE sidtype) { struct gid_sid_cache *pc; for (pc = gid_sid_cache_head; pc; pc = pc->next) { if (sid_compare(&pc->sid, psid) == 0) { fstring sid; *pgid = pc->gid; DEBUG(3,("fetch uid from cache %u -> %s\n", (unsigned int)*pgid, sid_to_string(sid, psid))); DLIST_PROMOTE(gid_sid_cache_head, pc); return True; } } return False; }
/** * Look up the SID for a qualified name. **/ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) { enum SID_NAME_USE type; fstring sid_str; char *name_domain, *name_user; DOM_SID sid; struct winbindd_domain *domain; char *p; /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.name.dom_name)-1]='\0'; /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.name.name)-1]='\0'; /* cope with the name being a fully qualified name */ p = strstr(state->request.data.name.name, lp_winbind_separator()); if (p) { *p = 0; name_domain = state->request.data.name.name; name_user = p+1; } else { name_domain = state->request.data.name.dom_name; name_user = state->request.data.name.name; } DEBUG(3, ("[%5lu]: lookupname %s%s%s\n", (unsigned long)state->pid, name_domain, lp_winbind_separator(), name_user)); if ((domain = find_domain_from_name(name_domain)) == NULL) { DEBUG(0, ("could not find domain entry for domain %s\n", name_domain)); return WINBINDD_ERROR; } /* Lookup name from PDC using lsa_lookup_names() */ if (!winbindd_lookup_sid_by_name(domain, name_user, &sid, &type)) { return WINBINDD_ERROR; } sid_to_string(sid_str, &sid); fstrcpy(state->response.data.sid.sid, sid_str); state->response.data.sid.type = type; return WINBINDD_OK; }
static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID *domain_sids; char **domain_names; uint32 enum_ctx = 0; uint32 num_domains; int i; if (argc != 1) { printf("Usage: %s\n", argv[0]); return NT_STATUS_OK; } result = cli_lsa_open_policy(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Lookup list of trusted domains */ result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx, &num_domains, &domain_names, &domain_sids); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ for (i = 0; i < num_domains; i++) { fstring sid_str; sid_to_string(sid_str, &domain_sids[i]); printf("%s %s\n", domain_names[i] ? domain_names[i] : "*unknown*", sid_str); } done: return result; }
static BOOL fetch_sid_from_gid_cache(DOM_SID *psid, enum SID_NAME_USE *psidtype, gid_t gid) { struct gid_sid_cache *pc; for (pc = gid_sid_cache_head; pc; pc = pc->next) { if (pc->gid == gid) { fstring sid; *psid = pc->sid; *psidtype = pc->sidtype; DEBUG(3,("fetch sid from gid cache %u -> %s\n", (unsigned int)gid, sid_to_string(sid, psid))); DLIST_PROMOTE(gid_sid_cache_head, pc); return True; } } return False; }