static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { struct policy_handle dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; struct lsa_RightSet rights; DOM_SID sid; int i; if (argc < 3 ) { printf("Usage: %s SID [rights...]\n", argv[0]); return NT_STATUS_OK; } result = name_to_sid(cli, mem_ctx, &sid, argv[1]); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_lsa_open_policy2(cli, mem_ctx, True, SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) goto done; rights.count = argc-2; rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge, rights.count); if (!rights.names) { return NT_STATUS_NO_MEMORY; } for (i=0; i<argc-2; i++) { init_lsa_StringLarge(&rights.names[i], argv[i+2]); } result = rpccli_lsa_RemoveAccountRights(cli, mem_ctx, &dom_pol, &sid, false, &rights); if (!NT_STATUS_IS_OK(result)) goto done; rpccli_lsa_Close(cli, mem_ctx, &dom_pol); done: return result; }
static NTSTATUS rpc_rights_revoke_internal(struct net_context *c, const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv ) { struct policy_handle dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; struct lsa_RightSet rights; DOM_SID sid; int i; if (argc < 2 ) { d_printf(_("Usage: net rpc rights revoke <name|SID> " "<rights...>\n")); return NT_STATUS_OK; } result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]); if (!NT_STATUS_IS_OK(result)) return result; result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) return result; rights.count = argc-1; rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge, rights.count); if (!rights.names) { return NT_STATUS_NO_MEMORY; } for (i=0; i<argc-1; i++) { init_lsa_StringLarge(&rights.names[i], argv[i+1]); } result = rpccli_lsa_RemoveAccountRights(pipe_hnd, mem_ctx, &dom_pol, &sid, false, &rights); if (!NT_STATUS_IS_OK(result)) goto done; d_printf(_("Successfully revoked rights.\n")); done: if ( !NT_STATUS_IS_OK(result) ) { d_fprintf(stderr,_("Failed to revoke privileges for %s (%s)\n"), argv[0], nt_errstr(result)); } rpccli_lsa_Close(pipe_hnd, mem_ctx, &dom_pol); return result; }