static NTSTATUS cmd_samr_query_usergroups(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 num_groups, user_rid; DOM_GID *user_gids; int i; fstring server; if (argc != 2) { printf("Usage: %s rid\n", argv[0]); return NT_STATUS_OK; } sscanf(argv[1], "%i", &user_rid); slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost); strupper (server); result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = cli_samr_open_user(cli, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rid, &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = cli_samr_query_usergroups(cli, mem_ctx, &user_pol, &num_groups, &user_gids); if (!NT_STATUS_IS_OK(result)) { goto done; } for (i = 0; i < num_groups; i++) { printf("\tgroup rid:[0x%x] attr:[0x%x]\n", user_gids[i].g_rid, user_gids[i].attr); } done: return result; }
/* Lookup groups a user is a member of. I wish Unix had a call like this! */ static NTSTATUS lookup_usergroups(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, const DOM_SID *user_sid, uint32 *num_groups, DOM_SID ***user_grpsids) { CLI_POLICY_HND *hnd; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND dom_pol, user_pol; uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL got_dom_pol = False, got_user_pol = False; DOM_GID *user_groups; unsigned int i; unsigned int retry; fstring sid_string; uint32 user_rid; NET_USER_INFO_3 *user; DEBUG(3,("rpc: lookup_usergroups sid=%s\n", sid_to_string(sid_string, user_sid))); *num_groups = 0; *user_grpsids = NULL; /* so lets see if we have a cached user_info_3 */ if ( (user = netsamlogon_cache_get( mem_ctx, user_sid )) != NULL ) { DEBUG(5,("query_user: Cache lookup succeeded for %s\n", sid_string_static(user_sid))); *num_groups = user->num_groups; (*user_grpsids) = talloc(mem_ctx, sizeof(DOM_SID*) * (*num_groups)); for (i=0;i<(*num_groups);i++) { (*user_grpsids)[i] = rid_to_talloced_sid(domain, mem_ctx, user->gids[i].g_rid); } SAFE_FREE(user); return NT_STATUS_OK; } /* no cache; hit the wire */ retry = 0; do { /* Get sam handle; if we fail here there is no hope */ if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain, &hnd))) goto done; /* Get domain handle */ result = cli_samr_open_domain(hnd->cli, mem_ctx, &hnd->pol, des_access, &domain->sid, &dom_pol); } while (!NT_STATUS_IS_OK(result) && (retry++ < 1) && hnd && hnd->cli && hnd->cli->fd == -1); if (!NT_STATUS_IS_OK(result)) goto done; got_dom_pol = True; if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) { goto done; } /* Get user handle */ result = cli_samr_open_user(hnd->cli, mem_ctx, &dom_pol, des_access, user_rid, &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; got_user_pol = True; /* Query user rids */ result = cli_samr_query_usergroups(hnd->cli, mem_ctx, &user_pol, num_groups, &user_groups); if (!NT_STATUS_IS_OK(result) || (*num_groups) == 0) goto done; (*user_grpsids) = talloc(mem_ctx, sizeof(DOM_SID*) * (*num_groups)); if (!(*user_grpsids)) { result = NT_STATUS_NO_MEMORY; goto done; } for (i=0;i<(*num_groups);i++) { (*user_grpsids)[i] = rid_to_talloced_sid(domain, mem_ctx, user_groups[i].g_rid); } done: /* Clean up policy handles */ if (got_user_pol) cli_samr_close(hnd->cli, mem_ctx, &user_pol); if (got_dom_pol) cli_samr_close(hnd->cli, mem_ctx, &dom_pol); return result; }