2 Unix SMB/CIFS implementation.
6 Copyright (C) Jeremy Allison 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "utils/net.h"
26 /********************************************************
27 Connection cachine struct. Goes away when ctx destroyed.
28 ********************************************************/
33 struct cli_state *cli;
34 struct rpc_pipe_client *lsapipe;
38 static struct con_struct *cs;
40 /********************************************************
41 Close connection on context destruction.
42 ********************************************************/
44 static int cs_destructor(struct con_struct *p)
47 cli_shutdown(cs->cli);
53 /********************************************************
54 Create the connection to localhost.
55 ********************************************************/
57 static struct con_struct *create_cs(TALLOC_CTX *ctx, NTSTATUS *perr)
60 struct in_addr loopback_ip = *interpret_addr2("127.0.0.1");
65 if (cs->failed_connect) {
72 cs = TALLOC_P(ctx, struct con_struct);
74 *perr = NT_STATUS_NO_MEMORY;
79 talloc_set_destructor(cs, cs_destructor);
81 /* Connect to localhost with given username/password. */
82 /* JRA. Pretty sure we can just do this anonymously.... */
84 if (!opt_password && !opt_machine_pass) {
85 char *pass = getpass("Password:");
87 opt_password = SMB_STRDUP(pass);
92 nt_status = cli_full_connection(&cs->cli, global_myname(), global_myname(),
108 if (!NT_STATUS_IS_OK(nt_status)) {
109 DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status)));
110 cs->failed_connect = True;
116 cs->lsapipe = cli_rpc_pipe_open_noauth(cs->cli,
120 if (cs->lsapipe == NULL) {
121 DEBUG(2,("create_cs: open LSA pipe failed. Error was %s\n", nt_errstr(nt_status)));
122 cs->failed_connect = True;
128 nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, True,
129 SEC_RIGHTS_MAXIMUM_ALLOWED,
132 if (!NT_STATUS_IS_OK(nt_status)) {
133 DEBUG(2,("create_cs: rpccli_lsa_open_policy failed. Error was %s\n", nt_errstr(nt_status)));
134 cs->failed_connect = True;
143 /********************************************************
144 Do a lookup_sids call to localhost.
145 Check if the local machine is authoritative for this sid. We can't
146 check if this is our SID as that's stored in the root-read-only
148 The local smbd will also ask winbindd for us, so we don't have to.
149 ********************************************************/
151 NTSTATUS net_lookup_name_from_sid(TALLOC_CTX *ctx,
153 const char **ppdomain,
157 struct con_struct *csp = NULL;
160 enum lsa_SidType *types;
165 csp = create_cs(ctx, &nt_status);
170 nt_status = rpccli_lsa_lookup_sids(csp->lsapipe, ctx,
177 if (!NT_STATUS_IS_OK(nt_status)) {
181 *ppdomain = domains[0];
183 /* Don't care about type here. */
189 /********************************************************
190 Do a lookup_names call to localhost.
191 ********************************************************/
193 NTSTATUS net_lookup_sid_from_name(TALLOC_CTX *ctx, const char *full_name, DOM_SID *pret_sid)
196 struct con_struct *csp = NULL;
197 DOM_SID *sids = NULL;
198 enum lsa_SidType *types = NULL;
200 csp = create_cs(ctx, &nt_status);
205 nt_status = rpccli_lsa_lookup_names(csp->lsapipe, ctx,
212 if (!NT_STATUS_IS_OK(nt_status)) {