static void free_samr_cache(DISP_INFO *disp_info)
{
+ struct dom_sid_buf buf;
+
DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
- sid_string_dbg(&disp_info->sid)));
+ dom_sid_str_buf(&disp_info->sid, &buf)));
/* We need to become root here because the paged search might have to
* tell the LDAP server we're not interested in the rest anymore. */
static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
{
+ struct dom_sid_buf buf;
+
/* Remove any pending timeout and update. */
TALLOC_FREE(disp_info->cache_timeout_event);
DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
- "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
+ "SID %s for %u seconds\n",
+ dom_sid_str_buf(&disp_info->sid, &buf),
(unsigned int)secs_fromnow ));
disp_info->cache_timeout_event = tevent_add_timer(
unbecome_root();
if (!ret) {
+ struct dom_sid_buf buf;
DEBUG(4, ("User %s not found\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
TALLOC_FREE(sampass);
return NT_STATUS_INVALID_HANDLE;
}
unbecome_root();
if (ret == False) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
+ struct dom_sid_buf buf;
+ DEBUG(4,("User %s not found\n",
+ dom_sid_str_buf(user_sid, &buf)));
TALLOC_FREE(sampass);
return False;
}
NTSTATUS status;
struct security_descriptor * psd = NULL;
size_t sd_size = 0;
+ struct dom_sid_buf buf;
(void)policy_handle_find(p, r->in.handle,
SEC_STD_READ_CONTROL, NULL,
struct samr_domain_info, &status);
if (NT_STATUS_IS_OK(status)) {
DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
- "with SID: %s\n", sid_string_dbg(&dinfo->sid)));
+ "with SID: %s\n",
+ dom_sid_str_buf(&dinfo->sid, &buf)));
/*
* TODO: Builtin probably needs a different SD with restricted
* write access
if (NT_STATUS_IS_OK(status)) {
DEBUG(10,("_samr_QuerySecurity: querying security on user "
"Object with SID: %s\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
if (check_change_pw_access(p->mem_ctx, &uinfo->sid)) {
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
*/
DEBUG(10,("_samr_QuerySecurity: querying security on group "
"Object with SID: %s\n",
- sid_string_dbg(&ginfo->sid)));
+ dom_sid_str_buf(&ginfo->sid, &buf)));
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_nopwchange_generic_mapping,
*/
DEBUG(10,("_samr_QuerySecurity: querying security on alias "
"Object with SID: %s\n",
- sid_string_dbg(&ainfo->sid)));
+ dom_sid_str_buf(&ainfo->sid, &buf)));
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_nopwchange_generic_mapping,
uint32_t num_aliases = 0;
struct samr_SamArray *samr_array = NULL;
struct samr_SamEntry *samr_entries = NULL;
+ struct dom_sid_buf buf;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
}
DEBUG(5,("_samr_EnumDomainAliases: sid %s\n",
- sid_string_dbg(&dinfo->sid)));
+ dom_sid_str_buf(&dinfo->sid, &buf)));
samr_array = talloc_zero(p->mem_ctx, struct samr_SamArray);
if (!samr_array) {
int num_rids = r->in.num_names;
struct samr_Ids rids, types;
uint32_t num_mapped = 0;
+ struct dom_sid_buf buf;
DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
NT_STATUS_HAVE_NO_MEMORY(type);
DEBUG(5,("_samr_LookupNames: looking name on SID %s\n",
- sid_string_dbg(&dinfo->sid)));
+ dom_sid_str_buf(&dinfo->sid, &buf)));
for (i = 0; i < num_rids; i++) {
unbecome_root();
if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
+ struct dom_sid_buf buf1, buf2;
+
DEBUG(0, ("get_user_info_1: User %s has Primary Group SID %s, \n"
"which conflicts with the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_group),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_group, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
{
const struct dom_sid *sid_user, *sid_group;
uint32_t rid, primary_gid;
+ struct dom_sid_buf buf1, buf2;
sid_user = pdb_get_user_sid(pw);
if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
DEBUG(0, ("get_user_info_3: User %s has SID %s, \nwhich conflicts with "
"the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_user),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_user, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
DEBUG(0, ("get_user_info_3: User %s has Primary Group SID %s, \n"
"which conflicts with the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_group),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_group, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
{
const struct dom_sid *sid_user, *sid_group;
uint32_t rid, primary_gid;
+ struct dom_sid_buf buf1, buf2;
sid_user = pdb_get_user_sid(pw);
if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
DEBUG(0, ("get_user_info_5: User %s has SID %s, \nwhich conflicts with "
"the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_user),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_user, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
DEBUG(0, ("get_user_info_5: User %s has Primary Group SID %s, \n"
"which conflicts with the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_group),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_group, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
ret = pdb_getsampwsid(smbpass, user_sid);
if (ret == False) {
- DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
+ struct dom_sid_buf buf;
+ DEBUG(4, ("User %s not found\n",
+ dom_sid_str_buf(user_sid, &buf)));
TALLOC_FREE(smbpass);
return root_mode() ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
struct lsa_BinaryString *parameters = NULL;
const char *munged_dial = NULL;
DATA_BLOB blob;
+ struct dom_sid_buf buf1, buf2;
ZERO_STRUCTP(r);
if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
DEBUG(0, ("get_user_info_21: User %s has SID %s, \nwhich conflicts with "
"the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_user),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_user, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
DEBUG(0, ("get_user_info_21: User %s has Primary Group SID %s, \n"
"which conflicts with the domain sid %s. Failing operation.\n",
- pdb_get_username(pw), sid_string_dbg(sid_group),
- sid_string_dbg(domain_sid)));
+ pdb_get_username(pw),
+ dom_sid_str_buf(sid_group, &buf1),
+ dom_sid_str_buf(domain_sid, &buf2)));
return NT_STATUS_UNSUCCESSFUL;
}
bool ret = false;
struct samu *pwd = NULL;
uint32_t acc_required, acc_granted;
+ struct dom_sid_buf buf;
switch (r->in.level) {
case 1: /* UserGeneralInformation */
return NT_STATUS_OBJECT_TYPE_MISMATCH;
DEBUG(5,("_samr_QueryUserInfo: sid:%s\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
user_info = talloc_zero(p->mem_ctx, union samr_UserInfo);
if (!user_info) {
unbecome_root();
if (ret == false) {
- DEBUG(4,("User %s not found\n", sid_string_dbg(&uinfo->sid)));
+ DEBUG(4,("User %s not found\n",
+ dom_sid_str_buf(&uinfo->sid, &buf)));
TALLOC_FREE(pwd);
return NT_STATUS_NO_SUCH_USER;
}
bool ret;
NTSTATUS result;
bool success = False;
+ struct dom_sid_buf buf;
struct samr_RidWithAttributeArray *rids = NULL;
if (!ret) {
DEBUG(10, ("pdb_getsampwsid failed for %s\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
return NT_STATUS_NO_SUCH_USER;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
return result;
}
if ( !success ) {
DEBUG(5, ("Group sid %s for user %s not in our domain\n",
- sid_string_dbg(pdb_get_group_sid(sam_pass)),
+ dom_sid_str_buf(pdb_get_group_sid(sam_pass), &buf),
pdb_get_username(sam_pass)));
TALLOC_FREE(sam_pass);
return NT_STATUS_INTERNAL_DB_CORRUPTION;
if (!sid_peek_check_rid(get_global_sam_sid(),
&(sids[i]), &dom_gid.rid)) {
DEBUG(10, ("Found sid %s not in our domain\n",
- sid_string_dbg(&sids[i])));
+ dom_sid_str_buf(&sids[i], &buf)));
continue;
}
NTSTATUS status;
const char *domain_name;
struct dom_sid *sid = NULL;
+ struct dom_sid_buf buf;
/* win9x user manager likes to use SAMR_ACCESS_ENUM_DOMAINS here.
Reverted that change so we will work with RAS servers again */
}
DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name,
- sid_string_dbg(sid)));
+ dom_sid_str_buf(sid, &buf)));
*r->out.sid = sid;
bool ret;
char *rhost;
DATA_BLOB session_key;
+ struct dom_sid_buf buf;
DEBUG(5,("_samr_SetUserInfo: %d\n", __LINE__));
}
DEBUG(5, ("_samr_SetUserInfo: sid:%s, level:%d\n",
- sid_string_dbg(&uinfo->sid), r->in.level));
+ dom_sid_str_buf(&uinfo->sid, &buf),
+ r->in.level));
if (info == NULL) {
DEBUG(5, ("_samr_SetUserInfo: NULL info level\n"));
size_t num_sids = 0;
struct lsa_SidPtr *sids = NULL;
struct dom_sid *pdb_sids = NULL;
+ struct dom_sid_buf buf;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_ALIAS_ACCESS_GET_MEMBERS, NULL,
return status;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ainfo->sid, &buf)));
become_root();
status = pdb_enum_aliasmem(&ainfo->sid, talloc_tos(), &pdb_sids,
NTSTATUS status;
struct samr_RidAttrArray *rids = NULL;
+ struct dom_sid_buf buf;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_GROUP_ACCESS_GET_MEMBERS, NULL,
return NT_STATUS_NO_MEMORY;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ginfo->sid, &buf)));
if (!sid_check_is_in_our_sam(&ginfo->sid)) {
DEBUG(3, ("sid %s is not in our domain\n",
- sid_string_dbg(&ginfo->sid)));
+ dom_sid_str_buf(&ginfo->sid, &buf)));
return NT_STATUS_NO_SUCH_GROUP;
}
struct samr_AddAliasMember *r)
{
struct samr_alias_info *ainfo;
+ struct dom_sid_buf buf;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
return status;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ainfo->sid, &buf)));
/******** BEGIN SeAddUsers BLOCK *********/
struct samr_DeleteAliasMember *r)
{
struct samr_alias_info *ainfo;
+ struct dom_sid_buf buf;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
}
DEBUG(10, ("_samr_del_aliasmem:sid is %s\n",
- sid_string_dbg(&ainfo->sid)));
+ dom_sid_str_buf(&ainfo->sid, &buf)));
/******** BEGIN SeAddUsers BLOCK *********/
struct samr_AddGroupMember *r)
{
struct samr_group_info *ginfo;
+ struct dom_sid_buf buf;
NTSTATUS status;
uint32_t group_rid;
return status;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ginfo->sid, &buf)));
if (!sid_peek_check_rid(get_global_sam_sid(), &ginfo->sid,
&group_rid)) {
unbecome_root();
if(!ret) {
+ struct dom_sid_buf buf;
DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n",
- sid_string_dbg(&uinfo->sid)));
+ dom_sid_str_buf(&uinfo->sid, &buf)));
TALLOC_FREE(sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
struct samr_DeleteDomainGroup *r)
{
struct samr_group_info *ginfo;
+ struct dom_sid_buf buf;
NTSTATUS status;
uint32_t group_rid;
return status;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ginfo->sid, &buf)));
if (!sid_peek_check_rid(get_global_sam_sid(), &ginfo->sid,
&group_rid)) {
if ( !NT_STATUS_IS_OK(status) ) {
DEBUG(5,("_samr_DeleteDomainGroup: Failed to delete mapping "
"entry for group %s: %s\n",
- sid_string_dbg(&ginfo->sid),
+ dom_sid_str_buf(&ginfo->sid, &buf),
nt_errstr(status)));
return status;
}
struct samr_DeleteDomAlias *r)
{
struct samr_alias_info *ainfo;
+ struct dom_sid_buf buf;
NTSTATUS status;
DEBUG(5, ("_samr_DeleteDomAlias: %d\n", __LINE__));
return status;
}
- DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
+ DEBUG(10, ("sid is %s\n", dom_sid_str_buf(&ainfo->sid, &buf)));
/* Don't let Windows delete builtin groups */
{
struct dom_sid info_sid;
+ struct dom_sid_buf buf;
GROUP_MAP *map;
struct samr_domain_info *dinfo;
struct samr_group_info *ginfo;
sid_compose(&info_sid, &dinfo->sid, r->in.rid);
DEBUG(10, ("_samr_OpenGroup:Opening SID: %s\n",
- sid_string_dbg(&info_sid)));
+ dom_sid_str_buf(&info_sid, &buf)));
map = talloc_zero(p->mem_ctx, GROUP_MAP);
if (!map) {
struct samr_RemoveMemberFromForeignDomain *r)
{
struct samr_domain_info *dinfo;
+ struct dom_sid_buf buf;
NTSTATUS result;
DEBUG(5,("_samr_RemoveMemberFromForeignDomain: removing SID [%s]\n",
- sid_string_dbg(r->in.sid)));
+ dom_sid_str_buf(r->in.sid, &buf)));
/* Find the policy handle. Open a policy on it. */
}
DEBUG(8, ("_samr_RemoveMemberFromForeignDomain: sid is %s\n",
- sid_string_dbg(&dinfo->sid)));
+ dom_sid_str_buf(&dinfo->sid, &buf)));
/* we can only delete a user from a group since we don't have
nested groups anyways. So in the latter case, just say OK */
* other cases. */
if (!sid_check_is_builtin(&dinfo->sid)) {
+ struct dom_sid_buf buf2;
DEBUG(1,("_samr_RemoveMemberFromForeignDomain: domain_sid = %s, "
"global_sam_sid() = %s\n",
- sid_string_dbg(&dinfo->sid),
- sid_string_dbg(get_global_sam_sid())));
+ dom_sid_str_buf(&dinfo->sid, &buf),
+ dom_sid_str_buf(get_global_sam_sid(), &buf2)));
DEBUGADD(1,("please report to samba-technical@lists.samba.org!\n"));
return NT_STATUS_OK;
}