From 5557ada6943b817d28a5471c613c7291febe2ad5 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Fri, 28 Apr 2006 14:44:43 +0000
Subject: r15305: Let winbind search by sid directly (or in windows terms:
 "bind to a sid"); works in all AD versions I tested. Also add "net ads sid"
 search tool.

Guenther
---
 source/libads/ldap_utils.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'source/libads/ldap_utils.c')

diff --git a/source/libads/ldap_utils.c b/source/libads/ldap_utils.c
index 18caa2c63ae..105fd2e5b9d 100644
--- a/source/libads/ldap_utils.c
+++ b/source/libads/ldap_utils.c
@@ -105,4 +105,29 @@ ADS_STATUS ads_search_retry_dn(ADS_STRUCT *ads, void **res,
 	return ads_do_search_retry(ads, dn, LDAP_SCOPE_BASE,
 				   "(objectclass=*)", attrs, res);
 }
+
+ADS_STATUS ads_search_retry_sid(ADS_STRUCT *ads, void **res, 
+				const DOM_SID *sid,
+				const char **attrs)
+{
+	char *dn, *sid_string;
+	ADS_STATUS status;
+	
+	sid_string = sid_binstring_hex(sid);
+	if (sid_string == NULL) {
+		return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+	}
+
+	if (!asprintf(&dn, "<SID=%s>", sid_string)) {
+		SAFE_FREE(sid_string);
+		return ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+	}
+
+	status = ads_do_search_retry(ads, dn, LDAP_SCOPE_BASE,
+				   "(objectclass=*)", attrs, res);
+	SAFE_FREE(dn);
+	SAFE_FREE(sid_string);
+	return status;
+}
+
 #endif
-- 
cgit