git.samba.org / amitay / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 118f343)
s3-privileges: add privilege_delete_account().
authorGünther Deschner <gd@samba.org>
Fri, 15 May 2009 23:22:28 +0000 (01:22 +0200)
committerGünther Deschner <gd@samba.org>
Fri, 15 May 2009 23:27:51 +0000 (01:27 +0200)
Guenther

source3/include/proto.h patch | blob | history
source3/lib/privileges.c patch | blob | history

diff --git a/source3/include/proto.h b/source3/include/proto.h
index fd49050c3827b07c92217dc8808cf8b90db19b74..f6b2b3ca2d01dcf46fef110b9d875436d3472595 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -597,6 +597,7 @@ bool revoke_privilege(const DOM_SID *sid, const SE_PRIV *priv_mask);
 bool revoke_all_privileges( DOM_SID *sid );
 bool revoke_privilege_by_name(DOM_SID *sid, const char *name);
 NTSTATUS privilege_create_account(const DOM_SID *sid );
+NTSTATUS privilege_delete_account(const struct dom_sid *sid);
 NTSTATUS privilege_set_init(PRIVILEGE_SET *priv_set);
 NTSTATUS privilege_set_init_by_ctx(TALLOC_CTX *mem_ctx, PRIVILEGE_SET *priv_set);
 void privilege_set_free(PRIVILEGE_SET *priv_set);
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index b3574da858deedb426b6395f37637c4b5b24f280..c8be360dc643c16ef6847bb48e7e428f3c1c83ae 100644 (file)
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -359,6 +359,34 @@ NTSTATUS privilege_create_account(const DOM_SID *sid )
        return ( grant_privilege(sid, &se_priv_none) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL);
 }
 
+/***************************************************************************
+ Delete a privileged account
+****************************************************************************/
+
+NTSTATUS privilege_delete_account(const struct dom_sid *sid)
+{
+       struct db_context *db = get_account_pol_db();
+       fstring tmp, keystr;
+
+       if (!lp_enable_privileges()) {
+               return NT_STATUS_OK;
+       }
+
+       if (!db) {
+               return NT_STATUS_INVALID_HANDLE;
+       }
+
+       if (!sid || (sid->num_auths == 0)) {
+               return NT_STATUS_INVALID_SID;
+       }
+
+       /* PRIV_<SID> (NULL terminated) as the key */
+
+       fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
+
+       return dbwrap_delete_bystring(db, keystr);
+}
+
 /****************************************************************************
  initialise a privilege list and set the talloc context
  ****************************************************************************/
Amitay's Samba development tree