if (!sid_to_gid(sid, &gid)) {
DEBUG(10, ("Could not convert SID %s to gid, "
- "ignoring it\n", sid_string_static(sid)));
+ "ignoring it\n", sid_string_dbg(sid)));
continue;
}
add_gid_to_array_unique(server_info, gid, &server_info->groups,
if (!sid_to_uid(&user_sid, uid)) {
DEBUG(1, ("sid_to_uid for %s (%s) failed\n",
- username, sid_string_static(&user_sid)));
+ username, sid_string_dbg(&user_sid)));
goto done;
}
if (!ret) {
DEBUG(1, ("pdb_getsampwsid(%s) for user %s failed\n",
- sid_string_static(&user_sid), username));
+ sid_string_dbg(&user_sid), username));
DEBUGADD(1, ("Fall back to unix user %s\n", username));
goto unix_user;
}
if (!sid_to_gid(&group_sids[0], gid)) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
- sid_string_static(&group_sids[0])));
+ sid_string_dbg(&group_sids[0])));
goto done;
}
NTSTATUS status;
gid_t gid;
- DEBUG(10, ("Create local NT token for %s\n", sid_string_static(user_sid)));
+ DEBUG(10, ("Create local NT token for %s\n",
+ sid_string_dbg(user_sid)));
if (!(result = TALLOC_ZERO_P(mem_ctx, NT_USER_TOKEN))) {
DEBUG(0, ("talloc failed\n"));
DEBUGC(dbg_class, dbg_lev,
("NT user token of user %s\n",
- sid_string_static(&token->user_sids[0]) ));
+ sid_string_dbg(&token->user_sids[0]) ));
DEBUGADDC(dbg_class, dbg_lev,
("contains %lu SIDs\n", (unsigned long)token->num_sids));
for (i = 0; i < token->num_sids; i++)
DEBUGADDC(dbg_class, dbg_lev,
("SID[%3lu]: %s\n", (unsigned long)i,
- sid_string_static(&token->user_sids[i])));
+ sid_string_dbg(&token->user_sids[i])));
dump_se_priv( dbg_class, dbg_lev, &token->privileges );
}
if ((map.sid_name_use != SID_NAME_ALIAS) &&
(map.sid_name_use != SID_NAME_WKN_GRP)) {
DEBUG(2, ("%s is a %s, expected an alias\n",
- sid_string_static(sid),
+ sid_string_dbg(sid),
sid_type_lookup(map.sid_name_use)));
return NT_STATUS_NO_SUCH_ALIAS;
}
/* Only check the domain if we were given one */
if ( domsid && !sid_equal( domsid, &grpsid ) ) {
- DEBUG(11,("enum_group_mapping: group %s is not in domain %s\n",
- string_sid, sid_string_static(domsid)));
+ DEBUG(11,("enum_group_mapping: group %s is not in "
+ "domain %s\n", string_sid,
+ sid_string_dbg(domsid)));
continue;
}
afs_username = talloc_string_sub(talloc_tos(),
afs_username,
"%s",
- sid_string_static(user_sid));
+ sid_string_tos(user_sid));
if (!afs_username) {
return false;
}
data = tdb_fetch_bystring( tdb, keystr );
if ( !data.dptr ) {
- DEBUG(3,("get_privileges: No privileges assigned to SID [%s]\n",
- sid_string_static(sid)));
+ DEBUG(3, ("get_privileges: No privileges assigned to SID "
+ "[%s]\n", sid_string_dbg(sid)));
return False;
}
if ( !get_privileges( &slist[i], &mask ) )
continue;
- DEBUG(5,("get_privileges_for_sids: sid = %s\nPrivilege set:\n",
- sid_string_static(&slist[i])));
+ DEBUG(5,("get_privileges_for_sids: sid = %s\nPrivilege "
+ "set:\n", sid_string_dbg(&slist[i])));
dump_se_priv( DBGC_ALL, 5, &mask );
se_priv_add( privileges, &mask );
se_priv_add( &new_mask, priv_mask );
- DEBUG(10,("grant_privilege: %s\n", sid_string_static(sid)));
+ DEBUG(10,("grant_privilege: %s\n", sid_string_dbg(sid)));
DEBUGADD( 10, ("original privilege mask:\n"));
dump_se_priv( DBGC_ALL, 10, &old_mask );
if ( !get_privileges( sid, &mask ) )
return True;
- DEBUG(10,("revoke_privilege: %s\n", sid_string_static(sid)));
+ DEBUG(10,("revoke_privilege: %s\n", sid_string_dbg(sid)));
DEBUGADD( 10, ("original privilege mask:\n"));
dump_se_priv( DBGC_ALL, 10, &mask );
/* Check owner and group */
if (!sid_equal(s1->owner_sid, s2->owner_sid)) {
- fstring str1, str2;
-
- sid_to_string(str1, s1->owner_sid);
- sid_to_string(str2, s2->owner_sid);
-
DEBUG(10, ("sec_desc_equal(): owner differs (%s != %s)\n",
- str1, str2));
+ sid_string_dbg(s1->owner_sid),
+ sid_string_dbg(s2->owner_sid)));
return False;
}
if (!sid_equal(s1->group_sid, s2->group_sid)) {
- fstring str1, str2;
-
- sid_to_string(str1, s1->group_sid);
- sid_to_string(str2, s2->group_sid);
-
DEBUG(10, ("sec_desc_equal(): group differs (%s != %s)\n",
- str1, str2));
+ sid_string_dbg(s1->group_sid),
+ sid_string_dbg(s2->group_sid)));
return False;
}
SEC_ACE *new_ace = &new_ace_list[new_ace_list_ndx];
uint8 new_flags = 0;
bool inherit = False;
- fstring sid_str;
/* The OBJECT_INHERIT_ACE flag causes the ACE to be
inherited by non-container children objects. Container
init_sec_ace(new_ace, &ace->trustee, ace->type,
new_ace->access_mask, new_flags);
- sid_to_string(sid_str, &ace->trustee);
-
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
- " inherited as %s:%d/0x%02x/0x%08x\n", sid_str,
+ " inherited as %s:%d/0x%02x/0x%08x\n",
+ sid_string_dbg(&ace->trustee),
ace->type, ace->flags, ace->access_mask,
- sid_str, new_ace->type, new_ace->flags,
+ sid_string_dbg(&ace->trustee),
+ new_ace->type, new_ace->flags,
new_ace->access_mask));
new_ace_list_ndx++;
{
size_t i;
SEC_ACL *the_acl;
- fstring sid_str;
uint32 tmp_acc_desired = acc_desired;
if (!status || !acc_granted)
*status = NT_STATUS_OK;
*acc_granted = 0;
- DEBUG(10,("se_access_check: requested access 0x%08x, for NT token with %u entries and first sid %s.\n",
- (unsigned int)acc_desired, (unsigned int)token->num_sids,
- sid_to_string(sid_str, &token->user_sids[0])));
+ DEBUG(10,("se_access_check: requested access 0x%08x, for NT token "
+ "with %u entries and first sid %s.\n",
+ (unsigned int)acc_desired, (unsigned int)token->num_sids,
+ sid_string_dbg(&token->user_sids[0])));
/*
* No security descriptor or security descriptor with no DACL
/* The user sid is the first in the token */
if (DEBUGLVL(3)) {
- DEBUG(3, ("se_access_check: user sid is %s\n", sid_to_string(sid_str, &token->user_sids[PRIMARY_USER_SID_INDEX]) ));
+ DEBUG(3, ("se_access_check: user sid is %s\n",
+ sid_string_dbg(
+ &token->user_sids[PRIMARY_USER_SID_INDEX])));
for (i = 1; i < token->num_sids; i++) {
DEBUGADD(3, ("se_access_check: also %s\n",
- sid_to_string(sid_str, &token->user_sids[i])));
+ sid_string_dbg(&token->user_sids[i])));
}
}
for ( i = 0 ; i < the_acl->num_aces && tmp_acc_desired != 0; i++) {
SEC_ACE *ace = &the_acl->aces[i];
- DEBUGADD(10,("se_access_check: ACE %u: type %d, flags = 0x%02x, SID = %s mask = %x, current desired = %x\n",
- (unsigned int)i, ace->type, ace->flags,
- sid_to_string(sid_str, &ace->trustee),
- (unsigned int) ace->access_mask,
- (unsigned int)tmp_acc_desired ));
+ DEBUGADD(10,("se_access_check: ACE %u: type %d, flags = "
+ "0x%02x, SID = %s mask = %x, current desired "
+ "= %x\n", (unsigned int)i, ace->type, ace->flags,
+ sid_string_dbg(&ace->trustee),
+ (unsigned int) ace->access_mask,
+ (unsigned int)tmp_acc_desired ));
tmp_acc_desired = check_ace( ace, token, tmp_acc_desired, status);
if (NT_STATUS_V(*status)) {
if (!add_sid_to_array(mem_ctx, &info3->other_sids[i].sid,
&sid_array, &num_sids)) {
DEBUG(3, ("could not add SID to array: %s\n",
- sid_string_static(&info3->other_sids[i].sid)));
+ sid_string_dbg(&info3->other_sids[i].sid)));
return NT_STATUS_NO_MEMORY;
}
}
DEBUGADD(lvl,("\tUser Flags: LOGON_EXTRA_SIDS 0x%x (%d)\n", LOGON_EXTRA_SIDS, LOGON_EXTRA_SIDS));
if (user_flgs & LOGON_RESOURCE_GROUPS)
DEBUGADD(lvl,("\tUser Flags: LOGON_RESOURCE_GROUPS 0x%x (%d)\n", LOGON_RESOURCE_GROUPS, LOGON_RESOURCE_GROUPS));
- DEBUGADD(lvl,("\tUser SID: %s-%d\n", sid_string_static(&dom_sid), logon_info->info3.user_rid));
- DEBUGADD(lvl,("\tGroup SID: %s-%d\n", sid_string_static(&dom_sid), logon_info->info3.group_rid));
+ DEBUGADD(lvl,("\tUser SID: %s-%d\n", sid_string_dbg(&dom_sid),
+ logon_info->info3.user_rid));
+ DEBUGADD(lvl,("\tGroup SID: %s-%d\n", sid_string_dbg(&dom_sid),
+ logon_info->info3.group_rid));
DEBUGADD(lvl,("\tGroup Membership (Global and Universal Groups of own domain):\n"));
for (i = 0; i < logon_info->info3.num_groups; i++) {
attr_string = pac_group_attr_string(logon_info->info3.gids[i].attr);
DEBUGADD(lvl,("\t\t%d: sid: %s-%d\n\t\t attr: 0x%x == %s\n",
- i, sid_string_static(&dom_sid),
+ i, sid_string_dbg(&dom_sid),
logon_info->info3.gids[i].g_rid,
logon_info->info3.gids[i].attr,
attr_string));
for (i = 0; i < logon_info->info3.num_other_sids; i++) {
attr_string = pac_group_attr_string(logon_info->info3.other_sids_attrib[i]);
DEBUGADD(lvl,("\t\t%d: sid: %s\n\t\t attr: 0x%x == %s\n",
- i, sid_string_static(&logon_info->info3.other_sids[i].sid),
+ i, sid_string_dbg(
+ &logon_info->info3.other_sids[i].sid),
logon_info->info3.other_sids_attrib[i],
attr_string));
SAFE_FREE(attr_string);
for (i = 0; i < logon_info->info3.res_group_count; i++) {
attr_string = pac_group_attr_string(logon_info->res_groups.group_membership[i].attrs);
DEBUGADD(lvl,("\t\t%d: sid: %s-%d\n\t\t attr: 0x%x == %s\n",
- i, sid_string_static(&res_group_dom_sid),
+ i, sid_string_dbg(&res_group_dom_sid),
logon_info->res_groups.group_membership[i].rid,
logon_info->res_groups.group_membership[i].attrs,
attr_string));
for (i=0; values[i]; i++) {
ret = sid_parse(values[i]->bv_val, values[i]->bv_len, &(*sids)[count]);
if (ret) {
- fstring sid;
- DEBUG(10, ("pulling SID: %s\n", sid_to_string(sid, &(*sids)[count])));
+ DEBUG(10, ("pulling SID: %s\n",
+ sid_string_dbg(&(*sids)[count])));
count++;
}
}
nt_token_check_sid(&ace->trustee, token)) {
DEBUG(10,("gpo_sd_check_ace_denied_object: "
"Access denied as of ace for %s\n",
- sid_string_static(&ace->trustee)));
+ sid_string_dbg(&ace->trustee)));
return NT_STATUS_ACCESS_DENIED;
}
nt_token_check_sid(&ace->trustee, token)) {
DEBUG(10,("gpo_sd_check_ace_allowed_object: "
"Access granted as of ace for %s\n",
- sid_string_static(&ace->trustee)));
+ sid_string_dbg(&ace->trustee)));
return NT_STATUS_OK;
}
return False;
DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n",
- sid_string_static(sid), name));
+ sid_string_dbg(sid), name));
key = trustdom_cache_key(name);
alt_key = alt_name ? trustdom_cache_key(alt_name) : NULL;
}
}
DEBUG(10, ("mapped %d to %s\n", ace->who.id,
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
init_sec_access(&mask, ace->aceMask);
init_sec_ace(&nt_ace_list[good_aces++], &sid,
uid_t uid;
gid_t gid;
- DEBUG(10, ("got ace for %s\n",
- sid_string_static(&ace_nt->trustee)));
+ DEBUG(10, ("got ace for %s\n", sid_string_dbg(&ace_nt->trustee)));
memset(ace_v4, 0, sizeof(SMB_ACE4PROP_T));
ace_v4->aceType = ace_nt->type; /* only ACCESS|DENY supported right now */
} else {
if (!lookup_sid(mem_ctx, &ace_nt->trustee, &dom, &name, &type)) {
DEBUG(8, ("Could not find %s' type\n",
- sid_string_static(&ace_nt->trustee)));
+ sid_string_dbg(&ace_nt->trustee)));
errno = EINVAL;
return -1;
}
if (type == SID_NAME_USER) {
if (!sid_to_uid(&ace_nt->trustee, &uid)) {
DEBUG(2, ("Could not convert %s to uid\n",
- sid_string_static(&ace_nt->trustee)));
+ sid_string_dbg(&ace_nt->trustee)));
return -1;
}
} else { /* else group? - TODO check it... */
if (!sid_to_gid(&ace_nt->trustee, &gid)) {
DEBUG(2, ("Could not convert %s to gid\n",
- sid_string_static(&ace_nt->trustee)));
+ sid_string_dbg(&ace_nt->trustee)));
return -1;
}
ace_v4->aceFlags |= SMB_ACE4_IDENTIFIER_GROUP;
if (!mappable_sid(&ace->trustee)) {
DEBUG(10, ("Ignoring unmappable SID %s\n",
- sid_string_static(&ace->trustee)));
+ sid_string_dbg(&ace->trustee)));
continue;
}
if (!lookup_sid(talloc_tos(), &ace->trustee,
&dom_name, &name, &name_type)) {
DEBUG(1, ("AFSACL: Could not lookup SID %s on file %s\n",
- sid_string_static(&ace->trustee), filename));
+ sid_string_dbg(&ace->trustee),
+ filename));
continue;
}
/* Expect all users/groups in pts as SIDs */
name = talloc_strdup(
talloc_tos(),
- sid_string_static(&ace->trustee));
+ sid_string_tos(&ace->trustee));
if (name == NULL) {
return False;
}
*name_type = (enum lsa_SidType)response.data.name.type;
DEBUG(10, ("winbind_lookup_sid: SUCCESS: SID %s -> %s %s\n",
- sid_string_static(sid), response.data.name.dom_name,
+ sid_string_dbg(sid), response.data.name.dom_name,
response.data.name.name));
return True;
}
DEBUG(10, ("%s SID %s in level %d\n",
ret ? "Accepting" : "Rejecting",
- sid_string_static(sid), level));
+ sid_string_dbg(sid), level));
return ret;
}
done:
if (ret) {
- DEBUG(10, ("Sid %s -> %s\\%s(%d)\n",
- sid_string_static(sid), domain->name,
- name->name, name->type));
+ DEBUG(10, ("Sid %s -> %s\\%s(%d)\n", sid_string_dbg(sid),
+ domain->name, name->name, name->type));
} else {
- DEBUG(10, ("failed to lookup sid %s\n",
- sid_string_static(sid)));
+ DEBUG(10, ("failed to lookup sid %s\n", sid_string_dbg(sid)));
}
TALLOC_FREE(tmp_ctx);
return ret;
if (pc->uid == uid) {
*psid = pc->sid;
DEBUG(3,("fetch sid from uid cache %u -> %s\n",
- (unsigned int)uid, sid_string_static(psid)));
+ (unsigned int)uid, sid_string_dbg(psid)));
DLIST_PROMOTE(uid_sid_cache_head, pc);
return true;
}
if (sid_compare(&pc->sid, psid) == 0) {
*puid = pc->uid;
DEBUG(3,("fetch uid from cache %u -> %s\n",
- (unsigned int)*puid, sid_string_static(psid)));
+ (unsigned int)*puid, sid_string_dbg(psid)));
DLIST_PROMOTE(uid_sid_cache_head, pc);
return true;
}
if (pc->gid == gid) {
*psid = pc->sid;
DEBUG(3,("fetch sid from gid cache %u -> %s\n",
- (unsigned int)gid, sid_string_static(psid)));
+ (unsigned int)gid, sid_string_dbg(psid)));
DLIST_PROMOTE(gid_sid_cache_head, pc);
return true;
}
if (sid_compare(&pc->sid, psid) == 0) {
*pgid = pc->gid;
DEBUG(3,("fetch gid from cache %u -> %s\n",
- (unsigned int)*pgid, sid_string_static(psid)));
+ (unsigned int)*pgid, sid_string_dbg(psid)));
DLIST_PROMOTE(gid_sid_cache_head, pc);
return true;
}
sid_copy(&pc->sid, psid);
DLIST_ADD(gid_sid_cache_head, pc);
- DEBUG(3,("store_gid_sid_cache: gid %u in cache -> %s\n", (unsigned int)gid,
- sid_string_static(psid)));
+ DEBUG(3,("store_gid_sid_cache: gid %u in cache -> %s\n",
+ (unsigned int)gid, sid_string_dbg(psid)));
n_gid_sid_cache++;
}
done:
DEBUG(10,("LEGACY: uid %u -> sid %s\n", (unsigned int)uid,
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
store_uid_sid_cache(psid, uid);
return;
done:
DEBUG(10,("LEGACY: gid %u -> sid %s\n", (unsigned int)gid,
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
store_gid_sid_cache(psid, gid);
return;
if (ret) {
if (type != SID_NAME_USER) {
DEBUG(5, ("sid %s is a %s, expected a user\n",
- sid_string_static(psid),
+ sid_string_dbg(psid),
sid_type_lookup(type)));
return false;
}
/* This was ours, but it was not mapped. Fail */
}
- DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
+ DEBUG(10,("LEGACY: mapping failed for sid %s\n",
+ sid_string_dbg(psid)));
return false;
done:
- DEBUG(10,("LEGACY: sid %s -> uid %u\n", sid_string_static(psid),
- (unsigned int)*puid ));
+ DEBUG(10,("LEGACY: sid %s -> uid %u\n", sid_string_dbg(psid),
+ (unsigned int)*puid ));
store_uid_sid_cache(psid, *puid);
return true;
*pgid = map.gid;
goto done;
}
- DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
+ DEBUG(10,("LEGACY: mapping failed for sid %s\n",
+ sid_string_dbg(psid)));
return false;
}
if (ret) {
if ((type != SID_NAME_DOM_GRP) &&
(type != SID_NAME_ALIAS)) {
- DEBUG(5, ("LEGACY: sid %s is a %s, expected a group\n",
- sid_string_static(psid),
+ DEBUG(5, ("LEGACY: sid %s is a %s, expected "
+ "a group\n", sid_string_dbg(psid),
sid_type_lookup(type)));
return false;
}
/* This was ours, but it was not mapped. Fail */
}
- DEBUG(10,("LEGACY: mapping failed for sid %s\n", sid_string_static(psid)));
+ DEBUG(10,("LEGACY: mapping failed for sid %s\n",
+ sid_string_dbg(psid)));
return false;
done:
- DEBUG(10,("LEGACY: sid %s -> gid %u\n", sid_string_static(psid),
+ DEBUG(10,("LEGACY: sid %s -> gid %u\n", sid_string_dbg(psid),
(unsigned int)*pgid ));
store_gid_sid_cache(psid, *pgid);
return;
}
- DEBUG(10,("uid %u -> sid %s\n",
- (unsigned int)uid, sid_string_static(psid)));
+ DEBUG(10,("uid %u -> sid %s\n", (unsigned int)uid,
+ sid_string_dbg(psid)));
store_uid_sid_cache(psid, uid);
return;
return;
}
- DEBUG(10,("gid %u -> sid %s\n",
- (unsigned int)gid, sid_string_static(psid)));
+ DEBUG(10,("gid %u -> sid %s\n", (unsigned int)gid,
+ sid_string_dbg(psid)));
store_gid_sid_cache(psid, gid);
return;
*puid = uid;
/* return here, don't cache */
- DEBUG(10,("sid %s -> uid %u\n", sid_string_static(psid),
+ DEBUG(10,("sid %s -> uid %u\n", sid_string_dbg(psid),
(unsigned int)*puid ));
return true;
}
}
DEBUG(5, ("winbind failed to find a uid for sid %s\n",
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
return false;
}
/* TODO: Here would be the place to allocate both a gid and a uid for
* the SID in question */
- DEBUG(10,("sid %s -> uid %u\n", sid_string_static(psid),
+ DEBUG(10,("sid %s -> uid %u\n", sid_string_dbg(psid),
(unsigned int)*puid ));
store_uid_sid_cache(psid, *puid);
*pgid = gid;
/* return here, don't cache */
- DEBUG(10,("sid %s -> gid %u\n", sid_string_static(psid),
+ DEBUG(10,("sid %s -> gid %u\n", sid_string_dbg(psid),
(unsigned int)*pgid ));
return true;
}
}
DEBUG(10,("winbind failed to find a gid for sid %s\n",
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
return false;
}
- DEBUG(10,("sid %s -> gid %u\n", sid_string_static(psid),
+ DEBUG(10,("sid %s -> gid %u\n", sid_string_dbg(psid),
(unsigned int)*pgid ));
store_gid_sid_cache(psid, *pgid);
if (ret) {
if (!sid_check_is_in_our_domain(&user_sid)) {
DEBUG(0, ("User %s with invalid SID %s in passdb\n",
- name, sid_string_static(&user_sid)));
+ name, sid_string_dbg(&user_sid)));
return False;
}
/* BUILTIN groups are looked up elsewhere */
if (!sid_check_is_in_our_domain(&map.sid)) {
DEBUG(10, ("Found group %s (%s) not in our domain -- "
- "ignoring.", name,
- sid_string_static(&map.sid)));
+ "ignoring.", name, sid_string_dbg(&map.sid)));
return False;
}
return False;
DEBUG(10, ("pdb_set_user_sid_from_rid:\n\tsetting user sid %s from rid %d\n",
- sid_string_static(&u_sid),rid));
+ sid_string_dbg(&u_sid),rid));
return True;
}
return False;
DEBUG(10, ("pdb_set_group_sid_from_rid:\n\tsetting group sid %s from rid %d\n",
- sid_string_static(&g_sid), grid));
+ sid_string_dbg(&g_sid), grid));
return True;
}
sid_copy(&sampass->user_sid, u_sid);
DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n",
- sid_string_static(&sampass->user_sid)));
+ sid_string_dbg(&sampass->user_sid)));
return pdb_set_init_flags(sampass, PDB_USERSID, flag);
}
}
DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n",
- sid_string_static(sampass->group_sid)));
+ sid_string_dbg(sampass->group_sid)));
return pdb_set_init_flags(sampass, PDB_GROUPSID, flag);
}
if (!ret) {
DEBUG(1, ("Could not peek rid out of sid %s\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
}
return ret;
GROUP_MAP map;
if (!NT_STATUS_IS_OK(methods->getgrsid(methods, &map, *sid))) {
DEBUG(10, ("Could not find map for sid %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
if ((map.sid_name_use != SID_NAME_ALIAS) &&
(map.sid_name_use != SID_NAME_WKN_GRP)) {
DEBUG(10, ("Map for sid %s is a %s, expected an "
- "alias\n", sid_string_static(sid),
+ "alias\n", sid_string_dbg(sid),
sid_type_lookup(map.sid_name_use)));
goto done;
}
}
DEBUG(5, ("Sid %s is neither ours, a Unix SID, nor builtin\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
done:
case SCHEMAVER_SAMBAACCOUNT:
if (!sid_peek_check_rid(&ldap_state->domain_sid, user_sid, &rid)) {
DEBUG(1, ("init_ldap_from_sam: User's SID (%s) is not for this domain (%s), cannot add to LDAP!\n",
- sid_string_static(user_sid),
- sid_string_static(&ldap_state->domain_sid)));
+ sid_string_dbg(user_sid),
+ sid_string_dbg(
+ &ldap_state->domain_sid)));
return False;
}
if (asprintf(&temp, "%i", rid) < 0) {
case SCHEMAVER_SAMBAACCOUNT:
if (!sid_peek_check_rid(&ldap_state->domain_sid, group_sid, &rid)) {
DEBUG(1, ("init_ldap_from_sam: User's Primary Group SID (%s) is not for this domain (%s), cannot add to LDAP!\n",
- sid_string_static(group_sid),
- sid_string_static(&ldap_state->domain_sid)));
+ sid_string_dbg(group_sid),
+ sid_string_dbg(
+ &ldap_state->domain_sid)));
return False;
}
LDAPMessage *entry = NULL;
int count;
int rc;
- fstring sid_string;
rc = ldapsam_get_ldap_user_by_sid(ldap_state,
sid, &result);
count = ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result);
if (count < 1) {
- DEBUG(4, ("ldapsam_getsampwsid: Unable to locate SID [%s] count=%d\n", sid_to_string(sid_string, sid),
- count));
+ DEBUG(4, ("ldapsam_getsampwsid: Unable to locate SID [%s] "
+ "count=%d\n", sid_string_dbg(sid), count));
ldap_msgfree(result);
return NT_STATUS_NO_SUCH_USER;
} else if (count > 1) {
- DEBUG(1, ("ldapsam_getsampwsid: More than one user with SID [%s]. Failing. count=%d\n", sid_to_string(sid_string, sid),
- count));
+ DEBUG(1, ("ldapsam_getsampwsid: More than one user with SID "
+ "[%s]. Failing. count=%d\n", sid_string_dbg(sid),
+ count));
ldap_msgfree(result);
return NT_STATUS_NO_SUCH_USER;
}
const DOM_SID *sid = pdb_get_user_sid(newpwd);
char *filter = NULL;
char *dn = NULL;
- fstring sid_string;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
TALLOC_CTX *ctx = talloc_init("ldapsam_add_sam_account");
sid, &result);
if (rc == LDAP_SUCCESS) {
if (ldap_count_entries(ldap_state->smbldap_state->ldap_struct, result) != 0) {
- DEBUG(0,("ldapsam_add_sam_account: SID '%s' already in the base, with samba attributes\n",
- sid_to_string(sid_string, sid)));
+ DEBUG(0,("ldapsam_add_sam_account: SID '%s' "
+ "already in the base, with samba "
+ "attributes\n", sid_string_dbg(sid)));
goto fn_exit;
}
ldap_msgfree(result);
if (sid_compare_domain(&sid, domain_sid) != 0) {
DEBUG(10, ("SID %s is not in expected domain %s\n",
- str, sid_string_static(domain_sid)));
+ str, sid_string_dbg(domain_sid)));
return False;
}
if (count > 1) {
DEBUG(1, ("Found more than one groupmap entry for %s\n",
- sid_string_static(group)));
+ sid_string_dbg(group)));
ret = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}
(ldap_count_entries(ldap_state->smbldap_state->ldap_struct, msg) > 0)) {
DEBUG(3, ("SID %s already present in LDAP, refusing to add "
- "group mapping entry\n",
- sid_string_static(&map->sid)));
+ "group mapping entry\n", sid_string_dbg(&map->sid)));
result = NT_STATUS_GROUP_EXISTS;
goto done;
}
&& !sid_check_is_in_builtin(&map->sid) )
{
DEBUG(3, ("Refusing to map sid %s as an alias, not in our domain\n",
- sid_string_static(&map->sid)));
+ sid_string_dbg(&map->sid)));
result = NT_STATUS_INVALID_PARAMETER;
goto done;
}
if (pdb_gid_to_sid(map->gid, &sid)) {
DEBUG(3, ("Gid %d is already mapped to SID %s, refusing to "
- "add\n", map->gid, sid_string_static(&sid)));
+ "add\n", map->gid, sid_string_dbg(&sid)));
result = NT_STATUS_GROUP_EXISTS;
goto done;
}
if (type == SID_NAME_USE_NONE) {
DEBUG(5, ("SID %s is neither in builtin nor in our domain!\n",
- sid_string_static(alias)));
+ sid_string_dbg(alias)));
return NT_STATUS_NO_SUCH_ALIAS;
}
if (type == SID_NAME_USE_NONE) {
DEBUG(5, ("SID %s is neither in builtin nor in our domain!\n",
- sid_string_static(alias)));
+ sid_string_dbg(alias)));
return NT_STATUS_NO_SUCH_ALIAS;
}
if (type == SID_NAME_USE_NONE) {
DEBUG(5, ("SID %s is neither builtin nor domain!\n",
- sid_string_static(domain_sid)));
+ sid_string_dbg(domain_sid)));
return NT_STATUS_UNSUCCESSFUL;
}
if (!sid_peek_check_rid(get_global_sam_sid(), &sid, &result->rid)) {
DEBUG(0, ("sid %s does not belong to our domain\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return False;
}
&& !sid_peek_check_rid(&global_sid_Builtin, &sid, &result->rid))
{
DEBUG(0, ("%s is not in our domain\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return False;
}
break;
&secrets_domain_sid);
if (!found_sid || !sid_equal(&secrets_domain_sid,
&ldap_domain_sid)) {
- fstring new_sid_str, old_sid_str;
DEBUG(1, ("pdb_init_ldapsam: Resetting SID for domain "
"%s based on pdb_ldap results %s -> %s\n",
ldap_state->domain_name,
- sid_to_string(old_sid_str,
- &secrets_domain_sid),
- sid_to_string(new_sid_str,
- &ldap_domain_sid)));
+ sid_string_dbg(&secrets_domain_sid),
+ sid_string_dbg(&ldap_domain_sid)));
/* reset secrets.tdb sid */
secrets_store_domain_sid(ldap_state->domain_name,
&ldap_domain_sid);
DEBUG(1, ("New global sam SID: %s\n",
- sid_to_string(new_sid_str,
- get_global_sam_sid())));
+ sid_string_dbg(get_global_sam_sid())));
}
sid_copy(&ldap_state->domain_sid, &ldap_domain_sid);
TALLOC_FREE(domain_sid_string);
struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
struct smb_passwd *smb_pw;
FILE *fp = NULL;
- fstring sid_str;
uint32 rid;
- DEBUG(10, ("smbpasswd_getsampwrid: search by sid: %s\n", sid_to_string(sid_str, sid)));
+ DEBUG(10, ("smbpasswd_getsampwrid: search by sid: %s\n",
+ sid_string_dbg(sid)));
if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid))
return NT_STATUS_UNSUCCESSFUL;
/* build_sam_account might change the SID on us, if the name was for the guest account */
if (NT_STATUS_IS_OK(nt_status) && !sid_equal(pdb_get_user_sid(sam_acct), sid)) {
- fstring sid_string1, sid_string2;
- DEBUG(1, ("looking for user with sid %s instead returned %s for account %s!?!\n",
- sid_to_string(sid_string1, sid), sid_to_string(sid_string2, pdb_get_user_sid(sam_acct)), pdb_get_username(sam_acct)));
+ DEBUG(1, ("looking for user with sid %s instead returned %s "
+ "for account %s!?!\n", sid_string_dbg(sid),
+ sid_string_dbg(pdb_get_user_sid(sam_acct)),
+ pdb_get_username(sam_acct)));
return NT_STATUS_NO_SUCH_USER;
}
if (pass.domain_sid.num_auths != 4) {
DEBUG(0, ("SID %s is not a domain sid, has %d "
"auths instead of 4\n",
- sid_string_static(&pass.domain_sid),
+ sid_string_dbg(&pass.domain_sid),
pass.domain_sid.num_auths));
continue;
}
}
if (users == NULL) {
- DEBUG(10, ("SID %s is no special sid\n",
- sid_string_static(sid)));
+ DEBUG(10, ("SID %s is no special sid\n", sid_string_dbg(sid)));
return False;
}
}
}
- DEBUG(10, ("RID of special SID %s not found\n",
- sid_string_static(sid)));
+ DEBUG(10, ("RID of special SID %s not found\n", sid_string_dbg(sid)));
return False;
}
sharename, the_acl->num_aces));
for (i = 0; i < the_acl->num_aces; i++) {
- fstring sid_str;
-
- sid_to_string(sid_str, &the_acl->aces[i].trustee);
-
- DEBUG(10, ("%s %d %d 0x%08x\n", sid_str,
+ DEBUG(10, ("%s %d %d 0x%08x\n",
+ sid_string_dbg(&the_acl->aces[i].trustee),
the_acl->aces[i].type, the_acl->aces[i].flags,
the_acl->aces[i].access_mask));
}
SAMR_R_OPEN_DOMAIN r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid) ));
+ DEBUG(10,("cli_samr_open_domain with sid %s\n",
+ sid_string_dbg(domain_sid) ));
ZERO_STRUCT(q);
ZERO_STRUCT(r);
user_sid = pdb_get_user_sid(pw);
if (!sid_peek_check_rid(domain_sid, user_sid, &user_rid)) {
- fstring user_sid_string;
- fstring domain_sid_string;
DEBUG(0, ("init_sam_user_info_21A: User %s has SID %s, \nwhich conflicts with "
"the domain sid %s. Failing operation.\n",
- user_name,
- sid_to_string(user_sid_string, user_sid),
- sid_to_string(domain_sid_string, domain_sid)));
+ user_name, sid_string_dbg(user_sid),
+ sid_string_dbg(domain_sid)));
data_blob_free(&munged_dial_blob);
return NT_STATUS_UNSUCCESSFUL;
}
unbecome_root();
if (!sid_peek_check_rid(domain_sid, group_sid, &group_rid)) {
- fstring group_sid_string;
- fstring domain_sid_string;
DEBUG(0, ("init_sam_user_info_21A: User %s has Primary Group SID %s, \n"
"which conflicts with the domain sid %s. Failing operation.\n",
- user_name,
- sid_to_string(group_sid_string, group_sid),
- sid_to_string(domain_sid_string, domain_sid)));
+ user_name, sid_string_dbg(group_sid),
+ sid_string_dbg(domain_sid)));
data_blob_free(&munged_dial_blob);
return NT_STATUS_UNSUCCESSFUL;
}
if ( se_priv_to_privilege_set( &privileges, &mask ) ) {
- DEBUG(10,("_lsa_enum_privsaccount: %s has %d privileges\n",
- sid_string_static(&info->sid), privileges.count));
+ DEBUG(10,("_lsa_enum_privsaccount: %s has %d privileges\n",
+ sid_string_dbg(&info->sid),
+ privileges.count));
r_u->status = init_lsa_r_enum_privsaccount(ps->mem_ctx, r_u, privileges.set, privileges.count, 0);
}
if ( !grant_privilege( &info->sid, &mask ) ) {
DEBUG(3,("_lsa_addprivs: grant_privilege(%s) failed!\n",
- sid_string_static(&info->sid) ));
+ sid_string_dbg(&info->sid) ));
DEBUG(3,("Privilege mask:\n"));
dump_se_priv( DBGC_ALL, 3, &mask );
return NT_STATUS_NO_SUCH_PRIVILEGE;
if ( !revoke_privilege( &info->sid, &mask ) ) {
DEBUG(3,("_lsa_removeprivs: revoke_privilege(%s) failed!\n",
- sid_string_static(&info->sid) ));
+ sid_string_dbg(&info->sid) ));
DEBUG(3,("Privilege mask:\n"));
dump_se_priv( DBGC_ALL, 3, &mask );
return NT_STATUS_NO_SUCH_PRIVILEGE;
if ( se_priv_to_privilege_set( &privileges, &mask ) ) {
- DEBUG(10,("_lsa_enum_acct_rights: %s has %d privileges\n",
- sid_string_static(&sid), privileges.count));
+ DEBUG(10,("_lsa_enum_acct_rights: %s has %d privileges\n",
+ sid_string_dbg(&sid), privileges.count));
r_u->status = init_r_enum_acct_rights( r_u, &privileges );
}
int num_gids = 0;
const char *my_name;
- fstring user_sid_string;
- fstring group_sid_string;
unsigned char user_session_key[16];
unsigned char lm_session_key[16];
unsigned char pipe_session_key[16];
"supported for NETLOGON calls\n",
pdb_get_domain(sampw),
pdb_get_username(sampw),
- sid_to_string(user_sid_string, user_sid),
- sid_to_string(group_sid_string, group_sid)));
+ sid_string_dbg(user_sid),
+ sid_string_dbg(group_sid)));
return NT_STATUS_UNSUCCESSFUL;
}
static void free_samr_cache(DISP_INFO *disp_info)
{
DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
- sid_string_static(&disp_info->sid)));
+ sid_string_dbg(&disp_info->sid)));
/* We need to become root here because the paged search might have to
* tell the LDAP server we're not interested in the rest anymore. */
TALLOC_FREE(disp_info->cache_timeout_event);
DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
- "SID %s for %u seconds\n",
- sid_string_static(&disp_info->sid),
+ "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
(unsigned int)secs_fromnow ));
disp_info->cache_timeout_event = event_add_timed(
unbecome_root();
if (!ret) {
- DEBUG(4, ("User %s not found\n", sid_string_static(&pol_sid)));
+ DEBUG(4, ("User %s not found\n", sid_string_dbg(&pol_sid)));
TALLOC_FREE(sampass);
return NT_STATUS_INVALID_HANDLE;
}
unbecome_root();
if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
TALLOC_FREE(sampass);
return False;
}
NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QUERY_SEC_OBJ *r_u)
{
DOM_SID pol_sid;
- fstring str_sid;
SEC_DESC * psd = NULL;
uint32 acc_granted;
size_t sd_size;
if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL))
return NT_STATUS_INVALID_HANDLE;
- DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n", sid_to_string(str_sid, &pol_sid)));
+ DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n",
+ sid_string_dbg(&pol_sid)));
/* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
} else if (sid_equal(&pol_sid,get_global_sam_sid())) {
/* check if it is our domain SID */
- DEBUG(5,("_samr_query_sec_obj: querying security on Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
+ DEBUG(5,("_samr_query_sec_obj: querying security on Domain "
+ "with SID: %s\n", sid_string_dbg(&pol_sid)));
r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
} else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
/* check if it is the Builtin Domain */
/* TODO: Builtin probably needs a different SD with restricted write access*/
- DEBUG(5,("_samr_query_sec_obj: querying security on Builtin Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
+ DEBUG(5,("_samr_query_sec_obj: querying security on Builtin "
+ "Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
} else if (sid_check_is_in_our_domain(&pol_sid) ||
sid_check_is_in_builtin(&pol_sid)) {
/* TODO: different SDs have to be generated for aliases groups and users.
Currently all three get a default user SD */
- DEBUG(10,("_samr_query_sec_obj: querying security on Object with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
+ DEBUG(10,("_samr_query_sec_obj: querying security on Object "
+ "with SID: %s\n", sid_string_dbg(&pol_sid)));
if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
&pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
return r_u->status;
DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n",
- sid_string_static(&info->sid)));
+ sid_string_dbg(&info->sid)));
become_root();
int i;
int num_rids = q_u->num_names2;
DOM_SID pol_sid;
- fstring sid_str;
uint32 acc_granted;
r_u->status = NT_STATUS_OK;
DEBUG(5,("_samr_lookup_names: truncating entries to %d\n", num_rids));
}
- DEBUG(5,("_samr_lookup_names: looking name on SID %s\n", sid_to_string(sid_str, &pol_sid)));
+ DEBUG(5,("_samr_lookup_names: looking name on SID %s\n",
+ sid_string_dbg(&pol_sid)));
for (i = 0; i < num_rids; i++) {
fstring name;
unbecome_root();
if ( !ret ) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
return NT_STATUS_NO_SUCH_USER;
}
unbecome_root();
if (ret==False) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
return NT_STATUS_NO_SUCH_USER;
}
unbecome_root();
if (ret==False) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
return NT_STATUS_NO_SUCH_USER;
}
ret = pdb_getsampwsid(smbpass, user_sid);
if (ret == False) {
- DEBUG(4, ("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
TALLOC_FREE(smbpass);
return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
unbecome_root();
if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
return NT_STATUS_NO_SUCH_USER;
}
unbecome_root();
if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
+ DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
return NT_STATUS_NO_SUCH_USER;
}
if (!sid_check_is_in_our_domain(&info->sid))
return NT_STATUS_OBJECT_TYPE_MISMATCH;
- DEBUG(5,("_samr_query_userinfo: sid:%s\n", sid_string_static(&info->sid)));
+ DEBUG(5,("_samr_query_userinfo: sid:%s\n",
+ sid_string_dbg(&info->sid)));
ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_USERINFO_CTR);
if (!ctr)
if (!ret) {
DEBUG(10, ("pdb_getsampwsid failed for %s\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return NT_STATUS_NO_SUCH_USER;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return result;
}
if ( !success ) {
DEBUG(5, ("Group sid %s for user %s not in our domain\n",
- sid_string_static(pdb_get_group_sid(sam_pass)),
+ sid_string_dbg(pdb_get_group_sid(sam_pass)),
pdb_get_username(sam_pass)));
TALLOC_FREE(sam_pass);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
if (!sid_peek_check_rid(get_global_sam_sid(),
&(sids[i]), &dom_gid.g_rid)) {
DEBUG(10, ("Found sid %s not in our domain\n",
- sid_string_static(&sids[i])));
+ sid_string_dbg(&sids[i])));
continue;
}
}
}
- DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name, sid_string_static(&sid)));
+ DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name,
+ sid_string_dbg(&sid)));
init_samr_r_lookup_domain(r_u, &sid, r_u->status);
return r_u->status;
}
- DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n", sid_string_static(&sid), switch_value));
+ DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n",
+ sid_string_dbg(&sid), switch_value));
if (ctr == NULL) {
DEBUG(5, ("_samr_set_userinfo: NULL info level\n"));
return r_u->status;
}
- DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n", sid_string_static(&sid)));
+ DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n",
+ sid_string_dbg(&sid)));
if (ctr == NULL) {
DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
return r_u->status;
}
- DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid)));
become_root();
status = pdb_enum_aliasmem(&alias_sid, &sids, &num_sids);
NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_R_QUERY_GROUPMEM *r_u)
{
DOM_SID group_sid;
- fstring group_sid_str;
size_t i, num_members;
uint32 *rid=NULL;
return r_u->status;
}
- sid_to_string(group_sid_str, &group_sid);
- DEBUG(10, ("sid is %s\n", group_sid_str));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid)));
if (!sid_check_is_in_our_domain(&group_sid)) {
- DEBUG(3, ("sid %s is not in our domain\n", group_sid_str));
+ DEBUG(3, ("sid %s is not in our domain\n",
+ sid_string_dbg(&group_sid)));
return NT_STATUS_NO_SUCH_GROUP;
}
return r_u->status;
}
- DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid)));
se_priv_copy( &se_rights, &se_add_users );
can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
}
DEBUG(10, ("_samr_del_aliasmem:sid is %s\n",
- sid_string_static(&alias_sid)));
+ sid_string_dbg(&alias_sid)));
se_priv_copy( &se_rights, &se_add_users );
can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
return r_u->status;
}
- DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid)));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid)));
if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid,
&group_rid)) {
if( !ret ) {
DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n",
- sid_string_static(&user_sid)));
+ sid_string_dbg(&user_sid)));
TALLOC_FREE(sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
return r_u->status;
}
- DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid)));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&group_sid)));
if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid,
&group_rid)) {
if ( !NT_STATUS_IS_OK(r_u->status) ) {
DEBUG(5,("_samr_delete_dom_group: Failed to delete mapping "
"entry for group %s: %s\n",
- sid_string_static(&group_sid),
+ sid_string_dbg(&group_sid),
nt_errstr(r_u->status)));
return r_u->status;
}
return r_u->status;
}
- DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
+ DEBUG(10, ("sid is %s\n", sid_string_dbg(&alias_sid)));
/* Don't let Windows delete builtin groups */
DISP_INFO *disp_info = NULL;
sid_copy( &delete_sid, &q_u->sid.sid );
-
+
DEBUG(5,("_samr_remove_sid_foreign_domain: removing SID [%s]\n",
- sid_string_static(&delete_sid)));
-
+ sid_string_dbg(&delete_sid)));
+
/* Find the policy handle. Open a policy on it. */
-
+
if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &domain_sid,
&acc_granted, &disp_info))
return NT_STATUS_INVALID_HANDLE;
if (!NT_STATUS_IS_OK(result))
return result;
- DEBUG(8, ("_samr_remove_sid_foreign_domain:sid is %s\n",
- sid_string_static(&domain_sid)));
+ DEBUG(8, ("_samr_remove_sid_foreign_domain:sid is %s\n",
+ sid_string_dbg(&domain_sid)));
/* we can only delete a user from a group since we don't have
nested groups anyways. So in the latter case, just say OK */
if (!sid_check_is_builtin(&domain_sid)) {
DEBUG(1,("_samr_remove_sid_foreign_domain: domain_sid = %s, "
"global_sam_sid() = %s\n",
- sid_string_static(&domain_sid),
- sid_string_static(get_global_sam_sid())));
+ sid_string_dbg(&domain_sid),
+ sid_string_dbg(get_global_sam_sid())));
DEBUGADD(1,("please report to samba-technical@samba.org!\n"));
return NT_STATUS_OK;
}
PRINTERNAME(snum), the_acl->num_aces));
for (i = 0; i < the_acl->num_aces; i++) {
- fstring sid_str;
-
- sid_to_string(sid_str, &the_acl->aces[i].trustee);
-
- DEBUG(10, ("%s 0x%08x\n", sid_str,
+ DEBUG(10, ("%s 0x%08x\n", sid_string_dbg(
+ &the_acl->aces[i].trustee),
the_acl->aces[i].access_mask));
}
PRINTERNAME(snum), the_acl->num_aces));
for (i = 0; i < the_acl->num_aces; i++) {
- fstring sid_str;
-
- sid_to_string(sid_str, &the_acl->aces[i].trustee);
-
- DEBUG(10, ("%s 0x%08x\n", sid_str,
+ DEBUG(10, ("%s 0x%08x\n", sid_string_dbg(
+ &the_acl->aces[i].trustee),
the_acl->aces[i].access_mask));
}
} else {
if ( !pdb_getsampwsid(sampw, &user_sid) ) {
DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n",
- sid_string_static(&user_sid), UserName));
+ sid_string_dbg(&user_sid), UserName));
goto done;
}
if (psid && !sid_to_uid(psid, &id.uid)) {
DEBUG(0,("sid_to_uid: failed, SID[%s]\n",
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
}
ret = SMB_VFS_GET_QUOTA(fsp->conn, qtype, id, &D);
if (psid && !sid_to_uid(psid, &id.uid)) {
DEBUG(0,("sid_to_uid: failed, SID[%s]\n",
- sid_string_static(psid)));
+ sid_string_dbg(psid)));
}
ret = SMB_VFS_SET_QUOTA(fsp->conn, qtype, id, &D);
if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &tmp_qt)!=0) {
DEBUG(5,("no quota entry for sid[%s] path[%s]\n",
- sid_string_static(&sid),fsp->conn->connectpath));
+ sid_string_dbg(&sid),
+ fsp->conn->connectpath));
continue;
}
DEBUG(15,("quota entry for id[%s] path[%s]\n",
- sid_string_static(&sid),fsp->conn->connectpath));
+ sid_string_dbg(&sid), fsp->conn->connectpath));
if ((tmp_list_ent=TALLOC_ZERO_P(mem_ctx,SMB_NTQUOTA_LIST))==NULL) {
DEBUG(0,("TALLOC_ZERO() failed\n"));
/*unknown = IVAL(pdata,0);*/
sid_parse(pdata+4,sid_len,&sid);
- DEBUGADD(10,("for SID: %s\n",sid_string_static(&sid)));
+ DEBUGADD(10, ("for SID: %s\n", sid_string_dbg(&sid)));
if (!sid_to_uid(&sid, &uid)) {
DEBUG(0,("sid_to_uid: failed, sid[%s] sid_len[%lu]\n",
- sid_string_static(&sid),(unsigned long)sid_len));
+ sid_string_dbg(&sid),
+ (unsigned long)sid_len));
uid = (-1);
}
#endif /* LARGE_SMB_OFF_T */
sid_parse(pdata+40,sid_len,&sid);
- DEBUGADD(8,("SID: %s\n",sid_string_static(&sid)));
+ DEBUGADD(8,("SID: %s\n", sid_string_dbg(&sid)));
/* 44 unknown bytes left... */
static void print_canon_ace(canon_ace *pace, int num)
{
- fstring str;
-
dbgtext( "canon_ace index %d. Type = %s ", num, pace->attr == ALLOW_ACE ? "allow" : "deny" );
- dbgtext( "SID = %s ", sid_to_string( str, &pace->trustee));
+ dbgtext( "SID = %s ", sid_string_dbg(&pace->trustee));
if (pace->owner_type == UID_ACE) {
const char *u_name = uidtoname(pace->unix_ug.uid);
dbgtext( "uid %u (%s) ", (unsigned int)pace->unix_ug.uid, u_name );
} else {
DEBUG(3,("unpack_nt_owners: unable to validate"
" owner sid for %s\n",
- sid_string_static(&owner_sid)));
+ sid_string_dbg(&owner_sid)));
return NT_STATUS_INVALID_OWNER;
}
}
current_ace->owner_type = GID_ACE;
current_ace->type = SMB_ACL_GROUP;
} else {
- fstring str;
-
/*
* Silently ignore map failures in non-mappable SIDs (NT Authority, BUILTIN etc).
*/
if (non_mappable_sid(&psa->trustee)) {
- DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
- sid_to_string(str, &psa->trustee) ));
+ DEBUG(10, ("create_canon_ace_lists: ignoring "
+ "non-mappable SID %s\n",
+ sid_string_dbg(&psa->trustee)));
SAFE_FREE(current_ace);
continue;
}
free_canon_ace_list(file_ace);
free_canon_ace_list(dir_ace);
- DEBUG(0,("create_canon_ace_lists: unable to map SID %s to uid or gid.\n",
- sid_to_string(str, ¤t_ace->trustee) ));
+ DEBUG(0, ("create_canon_ace_lists: unable to map SID "
+ "%s to uid or gid.\n",
+ sid_string_dbg(¤t_ace->trustee)));
SAFE_FREE(current_ace);
return False;
}
if (!sid_to_gid(&group_sid, &gid)) {
DEBUG(10, ("sid_to_gid(%s) for %s failed\n",
- sid_string_static(&group_sid), groupname));
+ sid_string_dbg(&group_sid), groupname));
goto done;
}
if (!sid_to_gid(sid, &gid)) {
DEBUG(10, ("Could not convert SID %s to gid, "
"ignoring it\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
continue;
}
if (!add_gid_to_array_unique(conn->mem_ctx, gid, &conn->groups,
}
#ifdef DEBUG_PASSWORD
- DEBUG(100,("sucessfully vampired trusted domain [%s], sid: [%s], password: [%s]\n",
- trusted_dom_name, sid_string_static(&dom_sid), cleartextpwd));
+ DEBUG(100,("sucessfully vampired trusted domain [%s], sid: [%s], "
+ "password: [%s]\n", trusted_dom_name,
+ sid_string_dbg(&dom_sid), cleartextpwd));
#endif
done:
printing the raw SID if necessary */
result = sid_to_name( pipe_hnd, ctx, &sids[i], name );
if ( !NT_STATUS_IS_OK (result) )
- fstrcpy( name, sid_string_static(&sids[i]) );
-
+ sid_to_string(name, &sids[i]);
+
d_printf(" %s\n", name);
}
result = sid_to_name(pipe_hnd, ctx, &sids[i], name );
if ( !NT_STATUS_IS_OK (result) )
- fstrcpy( name, sid_string_static(&sids[i]) );
+ sid_to_string(name, &sids[i]);
d_printf("%s\n", name);
"our primary domain when <trusted domain "
"only> is True\n"));
DEBUGADD(10, ("Leave [%s] unmapped\n",
- sid_string_static(map->sid)));
+ sid_string_dbg(map->sid)));
return NT_STATUS_UNSUCCESSFUL;
}
}
/* huh, couldn't find a suitable domain,
* let's just leave it unmapped */
DEBUG(10, ("Could not find idmap backend for SID %s\n",
- sid_string_static(map->sid)));
+ sid_string_dbg(map->sid)));
return NT_STATUS_NO_SUCH_DOMAIN;
}
/* ouch the domain is read only,
* let's just leave it unmapped */
DEBUG(10, ("idmap backend for SID %s is READONLY!\n",
- sid_string_static(map->sid)));
+ sid_string_dbg(map->sid)));
return NT_STATUS_UNSUCCESSFUL;
}
map->status = ID_MAPPED;
DEBUG(10, ("Setting mapping: %s <-> %s %lu\n",
- sid_string_static(map->sid),
+ sid_string_dbg(map->sid),
(map->xid.type == ID_TYPE_UID) ? "UID" : "GID",
(unsigned long)map->xid.id));
ret = dom->methods->set_mapping(dom, map);
NTSTATUS ret;
DEBUG(10, ("Setting mapping %s <-> %s %lu\n",
- sid_string_static(map->sid),
+ sid_string_dbg(map->sid),
(map->xid.type == ID_TYPE_UID) ? "UID" : "GID",
(unsigned long)map->xid.id));
}
DEBUG(10,("SID %s is being handled by %s\n",
- sid_string_static(ids[i]->sid),
+ sid_string_dbg(ids[i]->sid),
dom ? dom->name : "none" ));
idx = find_idmap_domain_index( dom );
/* mapped */
map->status = ID_MAPPED;
- DEBUG(10, ("Mapped %s -> %lu (%d)\n",
- sid_string_static(map->sid),
+ DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_dbg(map->sid),
(unsigned long)map->xid.id,
map->xid.type));
}
map->xid.id = id;
map->status = ID_MAPPED;
- DEBUG(10, ("Mapped %s -> %lu (%d)\n",
- sid_string_static(map->sid),
+ DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_dbg(map->sid),
(unsigned long)map->xid.id,
map->xid.type));
}
/* mapped */
map->status = ID_MAPPED;
- DEBUG(10, ("Mapped %s -> %lu (%d)\n",
- sid_string_static(map->sid),
+ DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_dbg(map->sid),
(unsigned long)map->xid.id, map->xid.type));
}
map->xid.id = id;
map->status = ID_MAPPED;
- DEBUG(10, ("Mapped %s -> %lu (%d)\n",
- sid_string_static(map->sid),
+ DEBUG(10, ("Mapped %s -> %lu (%d)\n", sid_string_dbg(map->sid),
(unsigned long)map->xid.id, map->xid.type));
}
( ! NT_STATUS_EQUAL(ret, NT_STATUS_NONE_MAPPED))) {
/* some fatal error occurred, log it */
DEBUG(3, ("Unexpected error resolving a SID (%s)\n",
- sid_string_static(ids[i]->sid)));
+ sid_string_dbg(ids[i]->sid)));
}
}
struct id_map map;
struct id_map *maps[2];
- DEBUG(10,("idmap_sid_to_uid: sid = [%s]\n", sid_string_static(sid)));
+ DEBUG(10,("idmap_sid_to_uid: sid = [%s]\n", sid_string_dbg(sid)));
map.sid = sid;
map.xid.type = ID_TYPE_UID;
ret = idmap_sids_to_unixids(maps);
if ( ! NT_STATUS_IS_OK(ret)) {
DEBUG(10, ("error mapping sid [%s] to uid\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
return ret;
}
if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_UID)) {
DEBUG(10, ("sid [%s] not mapped to an uid [%u,%u,%u]\n",
- sid_string_static(sid),
+ sid_string_dbg(sid),
map.status,
map.xid.type,
map.xid.id));
struct id_map map;
struct id_map *maps[2];
- DEBUG(10,("idmap_sid_to_gid: sid = [%s]\n", sid_string_static(sid)));
+ DEBUG(10,("idmap_sid_to_gid: sid = [%s]\n", sid_string_dbg(sid)));
map.sid = sid;
map.xid.type = ID_TYPE_GID;
ret = idmap_sids_to_unixids(maps);
if ( ! NT_STATUS_IS_OK(ret)) {
DEBUG(10, ("error mapping sid [%s] to gid\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
return ret;
}
if ((map.status != ID_MAPPED) || (map.xid.type != ID_TYPE_GID)) {
DEBUG(10, ("sid [%s] not mapped to a gid [%u,%u,%u]\n",
- sid_string_static(sid),
+ sid_string_dbg(sid),
map.status,
map.xid.type,
map.xid.id));
{
DEBUG(5,("query_user: Cache lookup succeeded for %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
sid_compose(&info->user_sid, &domain->sid, user->user_rid);
sid_compose(&info->group_sid, &domain->sid, user->group_rid);
free(sidstr);
if (!ADS_ERR_OK(rc) || !msg) {
DEBUG(1,("query_user(sid=%s) ads_search: %s\n",
- sid_string_static(sid), ads_errstr(rc)));
+ sid_string_dbg(sid), ads_errstr(rc)));
goto done;
}
count = ads_count_replies(ads, msg);
if (count != 1) {
DEBUG(1,("query_user(sid=%s): Not found\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
if (!ads_pull_uint32(ads, msg, "primaryGroupID", &group_rid)) {
DEBUG(1,("No primary group for %s !?\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
int i;
DOM_SID primary_group;
uint32 primary_group_rid;
- fstring sid_string;
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
size_t num_groups = 0;
if (!ADS_ERR_OK(rc)) {
status = ads_ntstatus(rc);
- DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: %s\n",
- sid_to_string(sid_string, sid), ads_errstr(rc)));
+ DEBUG(1, ("lookup_usergroups(sid=%s) ads_search tokenGroups: "
+ "%s\n", sid_string_dbg(sid), ads_errstr(rc)));
goto done;
}
status = NT_STATUS_UNSUCCESSFUL;
DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: "
"invalid number of results (count=%d)\n",
- sid_to_string(sid_string, sid), count));
+ sid_string_dbg(sid), count));
goto done;
}
if (!msg) {
DEBUG(1,("lookup_usergroups(sid=%s) ads_search tokenGroups: NULL msg\n",
- sid_to_string(sid_string, sid)));
+ sid_string_dbg(sid)));
status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!ads_pull_uint32(ads, msg, "primaryGroupID", &primary_group_rid)) {
DEBUG(1,("%s: No primary group for sid=%s !?\n",
- domain->name, sid_to_string(sid_string, sid)));
+ domain->name, sid_string_dbg(sid)));
goto done;
}
status = (*user_sids != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
DEBUG(3,("ads lookup_usergroups (tokenGroups) succeeded for sid=%s\n",
- sid_to_string(sid_string, sid)));
+ sid_string_dbg(sid)));
done:
ads_memfree(ads, user_dn);
ads_msgfree(ads, msg);
TALLOC_CTX *tmp_ctx = NULL;
DEBUG(10,("ads: lookup_groupmem %s sid=%s\n", domain->name,
- sid_string_static(group_sid)));
+ sid_string_dbg(group_sid)));
*num_names = 0;
goto done;
}
if (lookup_cached_sid(mem_ctx, &sid, &domain_name, &name, &name_type)) {
- DEBUG(10,("ads: lookup_groupmem: got sid %s from cache\n",
- sid_string_static(&sid)));
+ DEBUG(10,("ads: lookup_groupmem: got sid %s from "
+ "cache\n", sid_string_dbg(&sid)));
sid_copy(&(*sid_mem)[*num_names], &sid);
(*names)[*num_names] = talloc_asprintf(*names, "%s%c%s",
domain_name,
(*num_names)++;
}
else {
- DEBUG(10, ("ads: lookup_groupmem: sid %s not found in cache\n",
- sid_string_static(&sid)));
+ DEBUG(10, ("ads: lookup_groupmem: sid %s not found in "
+ "cache\n", sid_string_dbg(&sid)));
sid_copy(&(sid_mem_nocache)[num_nocache], &sid);
num_nocache++;
}
status = NT_STATUS_OK;
DEBUG(3,("ads lookup_groupmem for sid=%s succeeded\n",
- sid_string_static(group_sid)));
+ sid_string_dbg(group_sid)));
done:
domain = find_lookup_domain_from_sid(sid);
if (domain == NULL) {
DEBUG(5, ("Could not find domain for sid %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
cont(private_data, False, NULL, NULL, SID_NAME_UNKNOWN);
return;
}
domain = find_domain_from_sid_noinit(user_sid);
if (domain == NULL) {
DEBUG(5, ("Could not find domain from SID %s\n",
- sid_string_static(user_sid)));
+ sid_string_dbg(user_sid)));
cont(private_data, False, NULL, 0);
return;
}
fstrcpy(uname, name);
strupper_m(uname);
centry_end(centry, "NS/%s/%s", domain_name, uname);
- DEBUG(10,("wcache_save_name_to_sid: %s\\%s -> %s (%s)\n", domain_name, uname,
- sid_string_static(sid), nt_errstr(status)));
+ DEBUG(10,("wcache_save_name_to_sid: %s\\%s -> %s (%s)\n", domain_name,
+ uname, sid_string_dbg(sid), nt_errstr(status)));
centry_free(centry);
}
centry = wcache_fetch(cache, domain, "CRED/%s", sid_string_static(sid));
if (!centry) {
DEBUG(10,("wcache_get_creds: entry for [CRED/%s] not found\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
*cached_nt_pass = (const uint8 *)centry_hash16(centry, mem_ctx);
if (*cached_nt_pass == NULL) {
- const char *sidstr = sid_string_static(sid);
+ fstring sidstr;
+
+ sid_to_string(sidstr, sid);
/* Bad (old) cred cache. Delete and pretend we
don't have it. */
status = centry->status;
DEBUG(10,("wcache_get_creds: [Cached] - cached creds for user %s status: %s\n",
- sid_string_static(sid), nt_errstr(status) ));
+ sid_string_dbg(sid), nt_errstr(status) ));
centry_free(centry);
return status;
DEBUG(10,("wcache_tdc_add_domain: Adding domain %s (%s), SID %s, "
"flags = 0x%x, attributes = 0x%x, type = 0x%x\n",
domain->name, domain->alt_name,
- sid_string_static(&domain->sid),
+ sid_string_dbg(&domain->sid),
domain->domain_flags,
domain->domain_trust_attribs,
domain->domain_type));
centry_end(centry, "NSS/PWINFO/%s", sid_string_static(user_sid) );
- DEBUG(10,("wcache_save_user_pwinfo: %s\n", sid_string_static(user_sid) ));
+ DEBUG(10,("wcache_save_user_pwinfo: %s\n", sid_string_dbg(user_sid) ));
centry_free(centry);
}
centry_free(centry);
DEBUG(10,("nss_get_info_cached: [Cached] - user_sid %s\n",
- sid_string_static(user_sid)));
+ sid_string_dbg(user_sid)));
return NT_STATUS_OK;
if (domain == NULL) {
DEBUG(3, ("Could not find domain for sid %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(3, ("sid_to_name failed for sid %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
if (domain == NULL) {
DEBUG(3, ("Could not find domain from SID %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto done;
}
for (i=0; i<num_names; i++) {
DEBUG(10, ("Adding group member SID %s\n",
- sid_string_static(&sid_mem[i])));
+ sid_string_dbg(&sid_mem[i])));
if (types[i] != SID_NAME_USER) {
DEBUG(1, ("Hmmm. Member %s of group %s is no user. "
pquerying_user_sid = &querying_user_sid;
DEBUG(10,("fill_grent_mem_domain_users: querying uid %u -> %s\n",
(unsigned int)ret_uid,
- sid_string_static(pquerying_user_sid) ));
+ sid_string_dbg(pquerying_user_sid)));
}
}
}
(sid_compare_domain(pquerying_user_sid, &domain->sid) == 0)) {
DEBUG(10,("fill_grent_mem_domain_users: querying user = %s\n",
- sid_string_static(pquerying_user_sid) ));
+ sid_string_dbg(pquerying_user_sid) ));
status = domain->methods->lookup_usergroups(domain,
mem_ctx,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("fill_grent_mem_domain_users: lookup_usergroups failed "
"for sid %s in domain %s (error: %s)\n",
- sid_string_static(pquerying_user_sid),
+ sid_string_dbg(pquerying_user_sid),
domain->name,
nt_errstr(status)));
return False;
enum lsa_SidType type;
DEBUG(10,("fill_grent_mem_domain_users: sid %s in 'Domain Users' in domain %s\n",
- sid_string_static(pquerying_user_sid), domain->name ));
+ sid_string_dbg(pquerying_user_sid),
+ domain->name ));
status = domain->methods->sid_to_name(domain, mem_ctx,
pquerying_user_sid,
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("could not lookup username for user "
"sid %s in domain %s (error: %s)\n",
- sid_string_static(pquerying_user_sid),
+ sid_string_dbg(pquerying_user_sid),
domain->name,
nt_errstr(status)));
return False;
if (!(mem_ctx = talloc_init("fill_grent_mem(%s)", domain->name)))
return False;
- DEBUG(10, ("group SID %s\n", sid_string_static(group_sid)));
+ DEBUG(10, ("group SID %s\n", sid_string_dbg(group_sid)));
/* Initialize with no members */
((group_name_type==SID_NAME_ALIAS) && domain->primary)) )
{
DEBUG(1, ("SID %s in domain %s isn't a domain group (%d)\n",
- sid_string_static(group_sid), domain->name,
- group_name_type));
+ sid_string_dbg(group_sid),
+ domain->name, group_name_type));
goto done;
}
if ( (s->domain = find_domain_from_sid_noinit(&group_sid)) == NULL ) {
DEBUG(3, ("Could not find domain for sid %s\n",
- sid_string_static(&group_sid)));
+ sid_string_dbg(&group_sid)));
request_error(state);
return;
}
enum lsa_SidType type;
DEBUG(10, ("SID %s not in idmap\n",
- sid_string_static(&group_sid)));
+ sid_string_dbg(&group_sid)));
if (!pdb_sid_to_id(&group_sid, &id, &type)) {
DEBUG(1, ("could not look up gid for group "
/* Get info for the domain */
if ((domain = find_domain_from_sid_noinit(&user_sid)) == NULL) {
DEBUG(0,("could not find domain entry for sid %s\n",
- sid_string_static(&user_sid)));
+ sid_string_dbg(&user_sid)));
request_error(state);
return;
}
result = idmap_sid_to_gid(&sid, &state->response.data.gid);
- DEBUG(10, ("winbindd_dual_sid2gid: 0x%08x - %s - %u\n", NT_STATUS_V(result), sid_string_static(&sid), state->response.data.gid));
+ DEBUG(10, ("winbindd_dual_sid2gid: 0x%08x - %s - %u\n",
+ NT_STATUS_V(result), sid_string_dbg(&sid),
+ state->response.data.gid));
return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR;
}
debug_nt_user_token(DBGC_CLASS, 10, token);
for (i=0; i<num_require_membership_of_sid; i++) {
- DEBUG(10, ("Checking SID %s\n", sid_string_static(
+ DEBUG(10, ("Checking SID %s\n", sid_string_dbg(
&require_membership_of_sid[i])));
if (nt_token_check_sid(&require_membership_of_sid[i],
token)) {
{
const char *dom, *nam;
- DEBUG(10, ("Converting SID %s\n", sid_string_static(sid)));
+ DEBUG(10, ("Converting SID %s\n", sid_string_dbg(sid)));
/* Paranoia check */
if (!sid_check_is_in_builtin(sid) &&
!sid_check_is_in_wellknown_domain(sid))
{
DEBUG(0, ("Possible deadlock: Trying to lookup SID %s with "
- "passdb backend\n", sid_string_static(sid)));
+ "passdb backend\n", sid_string_dbg(sid)));
return NT_STATUS_NONE_MAPPED;
}
struct rpc_pipe_client *cli;
POLICY_HND lsa_policy;
- DEBUG(3,("sid_to_name [rpc] %s for domain %s\n", sid_string_static(sid),
- domain->name ));
+ DEBUG(3,("sid_to_name [rpc] %s for domain %s\n", sid_string_dbg(sid),
+ domain->name ));
result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
if (!NT_STATUS_IS_OK(result)) {
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND dom_pol, user_pol;
SAM_USERINFO_CTR *ctr;
- fstring sid_string;
uint32 user_rid;
NET_USER_INFO_3 *user;
struct rpc_pipe_client *cli;
- DEBUG(3,("rpc: query_user sid=%s\n",
- sid_to_string(sid_string, user_sid)));
+ DEBUG(3,("rpc: query_user sid=%s\n", sid_string_dbg(user_sid)));
if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid))
return NT_STATUS_UNSUCCESSFUL;
{
DEBUG(5,("query_user: Cache lookup succeeded for %s\n",
- sid_string_static(user_sid)));
+ sid_string_dbg(user_sid)));
sid_compose(&user_info->user_sid, &domain->sid, user->user_rid);
sid_compose(&user_info->group_sid, &domain->sid,
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
DOM_GID *user_groups;
unsigned int i;
- fstring sid_string;
uint32 user_rid;
struct rpc_pipe_client *cli;
- DEBUG(3,("rpc: lookup_usergroups sid=%s\n",
- sid_to_string(sid_string, user_sid)));
+ DEBUG(3,("rpc: lookup_usergroups sid=%s\n", sid_string_dbg(user_sid)));
if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid))
return NT_STATUS_UNSUCCESSFUL;
uint32 *rid_mem = NULL;
uint32 group_rid;
unsigned int j;
- fstring sid_string;
struct rpc_pipe_client *cli;
unsigned int orig_timeout;
DEBUG(10,("rpc: lookup_groupmem %s sid=%s\n", domain->name,
- sid_to_string(sid_string, group_sid)));
+ sid_string_dbg(group_sid)));
if ( !winbindd_can_contact_domain( domain ) ) {
DEBUG(10,("lookup_groupmem: No incoming trust for domain %s\n",
struct winbindd_pw *pw)
{
fstring output_username;
- fstring sid_string;
if (!pw || !dom_name || !user_name)
return False;
/* Resolve the uid number */
if (!NT_STATUS_IS_OK(idmap_sid_to_uid(user_sid, &pw->pw_uid))) {
- DEBUG(1, ("error getting user id for sid %s\n", sid_to_string(sid_string, user_sid)));
+ DEBUG(1, ("error getting user id for sid %s\n",
+ sid_string_dbg(user_sid)));
return False;
}
/* Resolve the gid number */
if (!NT_STATUS_IS_OK(idmap_sid_to_gid(group_sid, &pw->pw_gid))) {
- DEBUG(1, ("error getting group id for sid %s\n", sid_to_string(sid_string, group_sid)));
+ DEBUG(1, ("error getting group id for sid %s\n",
+ sid_string_dbg(group_sid)));
return False;
}
&sid, &user_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("error getting user info for sid %s\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return WINBINDD_ERROR;
}
if (!sid_peek_check_rid(&domain->sid, &user_info.group_sid,
&state->response.data.user_info.group_rid)) {
DEBUG(1, ("Could not extract group rid out of %s\n",
- sid_string_static(&sid)));
+ sid_string_dbg(&sid)));
return WINBINDD_ERROR;
}
s->domain = find_domain_from_sid_noinit(sid);
if (s->domain == NULL) {
DEBUG(3, ("Could not find domain for sid %s\n",
- sid_string_static(sid)));
+ sid_string_dbg(sid)));
goto error;
}
talloc_get_type_abort(private_data, struct getpwsid_state);
if (!success) {
- DEBUG(5, ("Could not query domain %s SID %s\n", s->domain->name,
- sid_string_static(&s->user_sid)));
+ DEBUG(5, ("Could not query domain %s SID %s\n",
+ s->domain->name, sid_string_dbg(&s->user_sid)));
request_error(s->state);
return;
}
domain = find_lookup_domain_from_sid(&s->user_sid);
if (domain == NULL) {
DEBUG(5, ("find_lookup_domain_from_sid(%s) failed\n",
- sid_string_static(&s->user_sid)));
+ sid_string_dbg(&s->user_sid)));
request_error(s->state);
return;
}
/* If this still fails we ar4e done. Just error out */
if ( !user_name ) {
DEBUG(5,("Could not obtain a name for SID %s\n",
- sid_string_static(&s->user_sid)));
+ sid_string_dbg(&s->user_sid)));
request_error(s->state);
return;
}
DEBUG(2,("Added domain %s %s %s\n",
domain->name, domain->alt_name,
- &domain->sid?sid_string_static(&domain->sid):""));
+ &domain->sid?sid_string_dbg(&domain->sid):""));
return domain;
}
* one to contact the external DC's. On member servers the internal
* domains are different: These are part of the local SAM. */
- DEBUG(10, ("find_lookup_domain_from_sid(%s)\n",
- sid_string_static(sid)));
+ DEBUG(10, ("find_lookup_domain_from_sid(%s)\n", sid_string_dbg(sid)));
if (IS_DC || is_internal_domain(sid) || is_in_internal_domain(sid)) {
DEBUG(10, ("calling find_domain_from_sid\n"));
git.samba.org / samba.git / commitdiff