diff options
author | Andreas Schneider <asn@samba.org> | 2010-06-18 18:19:16 +0200 |
---|---|---|
committer | Andreas Schneider <asn@samba.org> | 2010-07-05 15:59:12 +0200 |
commit | 473d1f10868e8fd33641657daa5b4f07e39770ad (patch) | |
tree | 0cc620df157b404f4569151f402a32436077543a /source3/winbindd/winbindd_rpc.c | |
parent | a3f8bbf3daf916878d0b1374f7fae4b65540be28 (diff) | |
download | samba-473d1f10868e8fd33641657daa5b4f07e39770ad.tar.gz samba-473d1f10868e8fd33641657daa5b4f07e39770ad.tar.xz samba-473d1f10868e8fd33641657daa5b4f07e39770ad.zip |
s3-winbind: Added a common rpc_lookup_usergroups function.
Diffstat (limited to 'source3/winbindd/winbindd_rpc.c')
-rw-r--r-- | source3/winbindd/winbindd_rpc.c | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index 0da5f6923c6..201eedd0957 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -509,3 +509,65 @@ NTSTATUS rpc_query_user(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } + +/* Lookup groups a user is a member of. */ +NTSTATUS rpc_lookup_usergroups(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *samr_pipe, + struct policy_handle *samr_policy, + const struct dom_sid *domain_sid, + const struct dom_sid *user_sid, + uint32_t *pnum_groups, + struct dom_sid **puser_grpsids) +{ + struct policy_handle user_policy; + struct samr_RidWithAttributeArray *rid_array = NULL; + struct dom_sid *user_grpsids = NULL; + uint32_t num_groups = 0, i; + uint32_t user_rid; + NTSTATUS status; + + if (!sid_peek_check_rid(domain_sid, user_sid, &user_rid)) { + return NT_STATUS_UNSUCCESSFUL; + } + + /* Get user handle */ + status = rpccli_samr_OpenUser(samr_pipe, + mem_ctx, + samr_policy, + SEC_FLAG_MAXIMUM_ALLOWED, + user_rid, + &user_policy); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + /* Query user rids */ + status = rpccli_samr_GetGroupsForUser(samr_pipe, + mem_ctx, + &user_policy, + &rid_array); + num_groups = rid_array->count; + + rpccli_samr_Close(samr_pipe, mem_ctx, &user_policy); + + if (!NT_STATUS_IS_OK(status) || num_groups == 0) { + return status; + } + + user_grpsids = TALLOC_ARRAY(mem_ctx, struct dom_sid, num_groups); + if (user_grpsids == NULL) { + status = NT_STATUS_NO_MEMORY; + return status; + } + + for (i = 0; i < num_groups; i++) { + sid_compose(&(user_grpsids[i]), domain_sid, + rid_array->rids[i].rid); + } + + *pnum_groups = num_groups; + + *puser_grpsids = user_grpsids; + + return NT_STATUS_OK; +} |