source3/rpc_server/srv_lookup.c

   1
   2 /*
   3  *  Unix SMB/Netbios implementation.
   4  *  Version 1.9.
   5  *  RPC Pipe client / server routines
   6  *  Copyright (C) Andrew Tridgell              1992-1998
   7  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
   8  *  Copyright (C) Paul Ashton                  1997-1998.
   9  *
  10  *  This program is free software; you can redistribute it and/or modify
  11  *  it under the terms of the GNU General Public License as published by
  12  *  the Free Software Foundation; either version 2 of the License, or
  13  *  (at your option) any later version.
  14  *
  15  *  This program is distributed in the hope that it will be useful,
  16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  *  GNU General Public License for more details.
  19  *
  20  *  You should have received a copy of the GNU General Public License
  21  *  along with this program; if not, write to the Free Software
  22  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  23  */
  24
  25 /*
  26  *
  27  *
  28
  29  this module provides nt user / nt rid lookup functions.
  30  users, local groups, domain groups.
  31
  32  no unix / samba functions should be called in this module:
  33  it should purely provide a gateway to the password database API,
  34  the local group database API or the domain group database API,
  35  but first checking built-in rids.
  36
  37  did i say rids?  oops, what about "S-1-1" the "Everyone" group
  38  and other such well-known sids...
  39
  40  speed is not of the essence: no particular optimisation is in place.
  41
  42  *
  43  *
  44  */
  45
  46 #include "includes.h"
  47 #include "nterr.h"
  48
  49 extern int DEBUGLEVEL;
  50
  51 extern fstring global_sam_name;
  52 extern DOM_SID global_sam_sid;
  53 extern DOM_SID global_sid_S_1_5_20;
  54
  55 /*
  56  * A list of the rids of well known BUILTIN and Domain users
  57  * and groups.
  58  */
  59
  60 rid_name builtin_alias_rids[] =
  61 {
  62     { BUILTIN_ALIAS_RID_ADMINS       , "Administrators" },
  63     { BUILTIN_ALIAS_RID_USERS        , "Users" },
  64     { BUILTIN_ALIAS_RID_GUESTS       , "Guests" },
  65     { BUILTIN_ALIAS_RID_POWER_USERS  , "Power Users" },
  66
  67     { BUILTIN_ALIAS_RID_ACCOUNT_OPS  , "Account Operators" },
  68     { BUILTIN_ALIAS_RID_SYSTEM_OPS   , "System Operators" },
  69     { BUILTIN_ALIAS_RID_PRINT_OPS    , "Print Operators" },
  70     { BUILTIN_ALIAS_RID_BACKUP_OPS   , "Backup Operators" },
  71     { BUILTIN_ALIAS_RID_REPLICATOR   , "Replicator" },
  72     { 0                             , NULL }
  73 };
  74
  75 /* array lookup of well-known Domain RID users. */
  76 rid_name domain_user_rids[] =
  77 {
  78     { DOMAIN_USER_RID_ADMIN         , "Administrator" },
  79     { DOMAIN_USER_RID_GUEST         , "Guest" },
  80     { 0                             , NULL }
  81 };
  82
  83 /* array lookup of well-known Domain RID groups. */
  84 rid_name domain_group_rids[] =
  85 {
  86     { DOMAIN_GROUP_RID_ADMINS       , "Domain Admins" },
  87     { DOMAIN_GROUP_RID_USERS        , "Domain Users" },
  88     { DOMAIN_GROUP_RID_GUESTS       , "Domain Guests" },
  89     { 0                             , NULL }
  90 };
  91
  92
  93 int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids)
  94 {
  95         int count;
  96         int i;
  97         DOM_GID *gids = NULL;
  98
  99         *ppgids = NULL;
 100
 101         DEBUG(4,("make_dom_gids: %d\n", num_members));
 102
 103         if (mem == NULL || num_members == 0)
 104         {
 105                 return 0;
 106         }
 107
 108         for (i = 0, count = 0; i < num_members && count < LSA_MAX_GROUPS; i++)
 109         {
 110                 uint32 status;
 111
 112                 uint32 rid;
 113                 uint8  type;
 114
 115                 uint8  attr  = mem[count].attr;
 116                 char   *name = mem[count].name;
 117
 118                 become_root(True);
 119                 status = lookup_grp_rid(name, &rid, &type);
 120                 unbecome_root(True);
 121
 122                 if (status == 0x0)
 123                 {
 124                         gids = (DOM_GID *)Realloc( gids, sizeof(DOM_GID) * (count+1) );
 125
 126                         if (gids == NULL)
 127                         {
 128                                 DEBUG(0,("make_dom_gids: Realloc fail !\n"));
 129                                 return 0;
 130                         }
 131
 132                         gids[count].g_rid = rid;
 133                         gids[count].attr  = attr;
 134
 135                         DEBUG(5,("group name: %s rid: %d attr: %d\n",
 136                                   name, rid, attr));
 137                         count++;
 138                 }
 139                 else
 140                 {
 141                         DEBUG(1,("make_dom_gids: unknown group name %s\n", name));
 142                 }
 143         }
 144
 145         *ppgids = gids;
 146         return count;
 147 }
 148
 149 /*******************************************************************
 150  gets a domain user's groups
 151  ********************************************************************/
 152 int get_domain_user_groups(DOMAIN_GRP_MEMBER **grp_members, uint32 group_rid)
 153 {
 154         DOMAIN_GRP *grp;
 155         int num_mem;
 156
 157         if (grp_members == NULL) return 0;
 158
 159         grp = getgrouprid(group_rid, grp_members, &num_mem);
 160
 161         if (grp == NULL)
 162         {
 163                 return 0;
 164         }
 165
 166         return num_mem;
 167 }
 168
 169
 170 /*******************************************************************
 171  lookup_builtin_names
 172  ********************************************************************/
 173 uint32 lookup_builtin_names(uint32 rid, char *name, uint8 *type)
 174 {
 175         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 176
 177         status = (status != 0x0) ? lookup_wk_user_name (rid, name, type) : status;
 178         status = (status != 0x0) ? lookup_wk_group_name(rid, name, type) : status;
 179         status = (status != 0x0) ? lookup_wk_alias_name(rid, name, type) : status;
 180
 181         return status;
 182 }
 183
 184
 185 /*******************************************************************
 186  lookup_added_name - names that have been added to the SAM database by admins.
 187  ********************************************************************/
 188 uint32 lookup_added_name(uint32 rid, char *name, uint8 *type)
 189 {
 190         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 191
 192         status = (status != 0x0) ? lookup_user_name (rid, name, type) : status;
 193         status = (status != 0x0) ? lookup_group_name(rid, name, type) : status;
 194         status = (status != 0x0) ? lookup_alias_name(rid, name, type) : status;
 195
 196         return status;
 197 }
 198
 199
 200 /*******************************************************************
 201  lookup_name
 202  ********************************************************************/
 203 uint32 lookup_name(uint32 rid, char *name, uint8 *type)
 204 {
 205         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 206
 207         status = (status != 0x0) ? lookup_builtin_names(rid, name, type) : status;
 208         status = (status != 0x0) ? lookup_added_name   (rid, name, type) : status;
 209
 210         return status;
 211 }
 212
 213
 214 /*******************************************************************
 215  lookup_wk_group_name
 216  ********************************************************************/
 217 uint32 lookup_wk_group_name(uint32 rid, char *group_name, uint8 *type)
 218 {
 219         int i = 0;
 220         (*type) = SID_NAME_WKN_GRP;
 221
 222         DEBUG(5,("lookup_wk_group_name: rid: %d", rid));
 223
 224         while (domain_group_rids[i].rid != rid && domain_group_rids[i].rid != 0)
 225         {
 226                 i++;
 227         }
 228
 229         if (domain_group_rids[i].rid != 0)
 230         {
 231                 fstrcpy(group_name, domain_group_rids[i].name);
 232                 DEBUG(5,(" = %s\n", group_name));
 233                 return 0x0;
 234         }
 235
 236         DEBUG(5,(" none mapped\n"));
 237         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 238 }
 239
 240 /*******************************************************************
 241  lookup_group_name
 242  ********************************************************************/
 243 uint32 lookup_group_name(uint32 rid, char *group_name, uint8 *type)
 244 {
 245         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 246         DOM_SID sid;
 247
 248         DEBUG(5,("lookup_group_name: rid: 0x%x", rid));
 249
 250         sid_copy      (&sid, &global_sam_sid);
 251         sid_append_rid(&sid, rid);
 252
 253         (*type) = SID_NAME_DOM_GRP;
 254
 255         if (map_group_sid_to_name(&sid, group_name, NULL))
 256         {
 257                 status = 0x0;
 258         }
 259
 260         if (status == 0x0)
 261         {
 262                 DEBUG(5,(" = %s\n", group_name));
 263         }
 264         else
 265         {
 266                 DEBUG(5,(" none mapped\n"));
 267         }
 268
 269         return status;
 270 }
 271
 272 /*******************************************************************
 273  lookup_wk_alias_name
 274  ********************************************************************/
 275 uint32 lookup_wk_alias_name(uint32 rid, char *alias_name, uint8 *type)
 276 {
 277         int i = 0;
 278         (*type) = SID_NAME_ALIAS;
 279
 280         DEBUG(5,("lookup_wk_alias_name: rid: %d", rid));
 281
 282         while (builtin_alias_rids[i].rid != rid && builtin_alias_rids[i].rid != 0)
 283         {
 284                 i++;
 285         }
 286
 287         if (builtin_alias_rids[i].rid != 0)
 288         {
 289                 fstrcpy(alias_name, builtin_alias_rids[i].name);
 290                 DEBUG(5,(" = %s\n", alias_name));
 291                 return 0x0;
 292         }
 293
 294         DEBUG(5,(" none mapped\n"));
 295         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 296 }
 297
 298 /*******************************************************************
 299  lookup_alias_name
 300  ********************************************************************/
 301 uint32 lookup_alias_name(uint32 rid, char *alias_name, uint8 *type)
 302 {
 303         (*type) = SID_NAME_ALIAS;
 304
 305         DEBUG(2,("lookup_alias_name: rid: %d\n", rid));
 306         DEBUG(2,(" NOT IMPLEMENTED\n"));
 307
 308         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 309 }
 310
 311 /*******************************************************************
 312  lookup well-known user name
 313  ********************************************************************/
 314 uint32 lookup_wk_user_name(uint32 rid, char *user_name, uint8 *type)
 315 {
 316         int i = 0;
 317         (*type) = SID_NAME_USER;
 318
 319         DEBUG(5,("lookup_wk_user_name: rid: %d", rid));
 320
 321         /* look up the well-known domain user rids first */
 322         while (domain_user_rids[i].rid != rid && domain_user_rids[i].rid != 0)
 323         {
 324                 i++;
 325         }
 326
 327         if (domain_user_rids[i].rid != 0)
 328         {
 329                 fstrcpy(user_name, domain_user_rids[i].name);
 330                 DEBUG(5,(" = %s\n", user_name));
 331                 return 0x0;
 332         }
 333
 334         DEBUG(5,(" none mapped\n"));
 335         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 336 }
 337
 338 /*******************************************************************
 339  lookup user name
 340  ********************************************************************/
 341 uint32 lookup_user_name(uint32 rid, char *user_name, uint8 *type)
 342 {
 343         struct sam_disp_info *disp_info;
 344         (*type) = SID_NAME_USER;
 345
 346         DEBUG(5,("lookup_user_name: rid: %d", rid));
 347
 348         /* find the user account */
 349         become_root(True);
 350         disp_info = getsamdisprid(rid);
 351         unbecome_root(True);
 352
 353         if (disp_info != NULL)
 354         {
 355                 fstrcpy(user_name, disp_info->smb_name);
 356                 DEBUG(5,(" = %s\n", user_name));
 357                 return 0x0;
 358         }
 359
 360         DEBUG(5,(" none mapped\n"));
 361         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 362 }
 363
 364 /*******************************************************************
 365  lookup_group_rid
 366  ********************************************************************/
 367 uint32 lookup_group_rid(char *group_name, uint32 *rid, uint8 *type)
 368 {
 369         DOM_SID sid;
 370
 371         (*rid) = 0;
 372         (*type) = SID_NAME_DOM_GRP;
 373
 374         DEBUG(5,("lookup_group_rid: name: %s", group_name));
 375
 376         if (map_group_name_to_sid(group_name, &sid) &&
 377             sid_split_rid(&sid, rid) &&
 378             sid_equal(&sid, &global_sam_sid))
 379         {
 380                 DEBUG(5,(" = 0x%x\n", (*rid)));
 381                 return 0x0;
 382         }
 383
 384         DEBUG(5,(" none mapped\n"));
 385         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 386 }
 387
 388 /*******************************************************************
 389  lookup_wk_group_rid
 390  ********************************************************************/
 391 uint32 lookup_wk_group_rid(char *group_name, uint32 *rid, uint8 *type)
 392 {
 393         char *grp_name;
 394         int i = -1; /* start do loop at -1 */
 395         (*rid) = 0;
 396         (*type) = SID_NAME_WKN_GRP;
 397
 398         do /* find, if it exists, a group rid for the group name */
 399         {
 400                 i++;
 401                 (*rid) = domain_group_rids[i].rid;
 402                 grp_name = domain_group_rids[i].name;
 403
 404         } while (grp_name != NULL && !strequal(grp_name, group_name));
 405
 406         return (grp_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
 407 }
 408
 409 /*******************************************************************
 410  lookup_alias_sid
 411  ********************************************************************/
 412 uint32 lookup_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
 413 {
 414         (*type) = SID_NAME_ALIAS;
 415
 416         DEBUG(5,("lookup_alias_rid: name: %s", alias_name));
 417
 418         if (map_alias_name_to_sid(alias_name, sid))
 419         {
 420                 fstring sid_str;
 421                 sid_to_string(sid_str, sid);
 422                 DEBUG(5,(" = %s\n", sid_str));
 423                 return 0x0;
 424         }
 425
 426         DEBUG(5,(" none mapped\n"));
 427         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 428 }
 429
 430 /*******************************************************************
 431  lookup_alias_rid
 432  ********************************************************************/
 433 uint32 lookup_alias_rid(char *alias_name, uint32 *rid, uint8 *type)
 434 {
 435         DOM_SID sid;
 436
 437         (*rid) = 0;
 438         (*type) = SID_NAME_ALIAS;
 439
 440         DEBUG(5,("lookup_alias_rid: name: %s", alias_name));
 441
 442         if (map_alias_name_to_sid(alias_name, &sid) &&
 443             sid_split_rid(&sid, rid) &&
 444             sid_equal(&sid, &global_sam_sid))
 445         {
 446                 DEBUG(5,(" = 0x%x\n", (*rid)));
 447                 return 0x0;
 448         }
 449
 450         DEBUG(5,(" none mapped\n"));
 451         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 452 }
 453
 454 /*******************************************************************
 455  lookup_wk_alias_sid
 456  ********************************************************************/
 457 uint32 lookup_wk_alias_sid(char *alias_name, DOM_SID *sid, uint8 *type)
 458 {
 459         char *als_name;
 460         int i = 0;
 461         uint32 rid;
 462         (*type) = SID_NAME_ALIAS;
 463
 464         do /* find, if it exists, a alias rid for the alias name*/
 465         {
 466                 rid      = builtin_alias_rids[i].rid;
 467                 als_name = builtin_alias_rids[i].name;
 468
 469                 i++;
 470
 471                 if (strequal(als_name, alias_name))
 472                 {
 473                         sid_copy(sid, &global_sid_S_1_5_20);
 474                         sid_append_rid(sid, rid);
 475
 476                         return 0x0;
 477                 }
 478
 479         } while (als_name != NULL);
 480
 481         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 482 }
 483
 484 /*******************************************************************
 485  lookup_wk_alias_rid
 486  ********************************************************************/
 487 uint32 lookup_wk_alias_rid(char *alias_name, uint32 *rid, uint8 *type)
 488 {
 489         char *als_name;
 490         int i = -1; /* start do loop at -1 */
 491         (*rid) = 0;
 492         (*type) = SID_NAME_ALIAS;
 493
 494         do /* find, if it exists, a alias rid for the alias name*/
 495         {
 496                 i++;
 497                 (*rid) = builtin_alias_rids[i].rid;
 498                 als_name = builtin_alias_rids[i].name;
 499
 500         } while (als_name != NULL && !strequal(als_name, alias_name));
 501
 502         return (als_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
 503 }
 504
 505 /*******************************************************************
 506  lookup_sid
 507  ********************************************************************/
 508 uint32 lookup_sid(char *name, DOM_SID *sid, uint8 *type)
 509 {
 510         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 511         fstring domain;
 512         fstring user;
 513
 514         split_domain_name(name, domain, user);
 515
 516         if (!strequal(domain, global_sam_name))
 517         {
 518                 DEBUG(0,("lookup_sid: remote domain %s not supported\n", domain));
 519                 return status;
 520         }
 521
 522         status = (status != 0x0) ? lookup_wk_alias_sid(user, sid, type) : status;
 523         status = (status != 0x0) ? lookup_alias_sid   (user, sid, type) : status;
 524 #if 0
 525         status = (status != 0x0) ? lookup_domain_sid  (user, sid, type) : status;
 526 #endif
 527
 528         return status;
 529 }
 530
 531 /*******************************************************************
 532  lookup_added_user_rid
 533  ********************************************************************/
 534 uint32 lookup_added_user_rids(char *user_name,
 535                 uint32 *usr_rid, uint32 *grp_rid)
 536 {
 537         struct sam_passwd *sam_pass;
 538         (*usr_rid) = 0;
 539         (*grp_rid) = 0;
 540
 541         /* find the user account */
 542         become_root(True);
 543         sam_pass = getsam21pwnam(user_name);
 544         unbecome_root(True);
 545
 546         if (sam_pass != NULL)
 547         {
 548                 (*usr_rid) = sam_pass->user_rid ;
 549                 (*grp_rid) = sam_pass->group_rid;
 550                 return 0x0;
 551         }
 552
 553         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 554 }
 555
 556 /*******************************************************************
 557  lookup_added_user_rid
 558  ********************************************************************/
 559 uint32 lookup_added_user_rid(char *user_name, uint32 *rid, uint8 *type)
 560 {
 561         struct sam_passwd *sam_pass;
 562         (*rid) = 0;
 563         (*type) = SID_NAME_USER;
 564
 565         /* find the user account */
 566         become_root(True);
 567         sam_pass = getsam21pwnam(user_name);
 568         unbecome_root(True);
 569
 570         if (sam_pass != NULL)
 571         {
 572                 (*rid) = sam_pass->user_rid;
 573                 return 0x0;
 574         }
 575
 576         return 0xC0000000 | NT_STATUS_NONE_MAPPED;
 577 }
 578
 579 /*******************************************************************
 580  lookup_wk_user_rid
 581  ********************************************************************/
 582 uint32 lookup_wk_user_rid(char *user_name, uint32 *rid, uint8 *type)
 583 {
 584         char *usr_name;
 585         int i = -1; /* start do loop at -1 */
 586         (*rid) = 0;
 587         (*type) = SID_NAME_USER;
 588
 589         do /* find, if it exists, a alias rid for the alias name*/
 590         {
 591                 i++;
 592                 (*rid) = domain_user_rids[i].rid;
 593                 usr_name = domain_user_rids[i].name;
 594
 595         } while (usr_name != NULL && !strequal(usr_name, user_name));
 596
 597         return (usr_name != NULL) ? 0 : 0xC0000000 | NT_STATUS_NONE_MAPPED;
 598 }
 599
 600 /*******************************************************************
 601  lookup_added_grp_rid
 602  ********************************************************************/
 603 uint32 lookup_added_grp_rid(char *name, uint32 *rid, uint8 *type)
 604 {
 605         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 606
 607         status = (status != 0x0) ? lookup_group_rid(name, rid, type) : status;
 608         status = (status != 0x0) ? lookup_alias_rid(name, rid, type) : status;
 609
 610         return status;
 611 }
 612
 613 /*******************************************************************
 614  lookup_builtin_grp_rid
 615  ********************************************************************/
 616 uint32 lookup_builtin_grp_rid(char *name, uint32 *rid, uint8 *type)
 617 {
 618         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 619
 620         status = (status != 0x0) ? lookup_wk_group_rid(name, rid, type) : status;
 621         status = (status != 0x0) ? lookup_wk_alias_rid(name, rid, type) : status;
 622
 623         return status;
 624 }
 625
 626 /*******************************************************************
 627  lookup_grp_rid
 628  ********************************************************************/
 629 uint32 lookup_grp_rid(char *name, uint32 *rid, uint8 *type)
 630 {
 631         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 632
 633         status = (status != 0x0) ? lookup_builtin_grp_rid(name, rid, type) : status;
 634         status = (status != 0x0) ? lookup_added_grp_rid  (name, rid, type) : status;
 635
 636         return status;
 637 }
 638
 639 /*******************************************************************
 640  lookup_user_rid
 641  ********************************************************************/
 642 uint32 lookup_user_rid(char *name, uint32 *rid, uint8 *type)
 643 {
 644         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 645
 646         status = (status != 0x0) ? lookup_wk_user_rid   (name, rid, type) : status;
 647         status = (status != 0x0) ? lookup_added_user_rid(name, rid, type) : status;
 648
 649         return status;
 650 }
 651
 652 /*******************************************************************
 653  lookup_rid
 654  ********************************************************************/
 655 uint32 lookup_rid(char *name, uint32 *rid, uint8 *type)
 656 {
 657         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 658
 659         status = (status != 0x0) ? lookup_user_rid(name, rid, type) : status;
 660         status = (status != 0x0) ? lookup_grp_rid (name, rid, type) : status;
 661
 662         return status;
 663 }
 664
 665 /*******************************************************************
 666  lookup_user_rids
 667  ********************************************************************/
 668 uint32 lookup_user_rids(char *name, uint32 *usr_rid, uint32 *grp_rid)
 669 {
 670         uint32 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 671         uint8 type;
 672
 673         /*
 674          * try an ordinary user lookup
 675          */
 676
 677         status = lookup_added_user_rids(name, usr_rid, grp_rid);
 678         if (status == 0)
 679         {
 680                 return status;
 681         }
 682
 683         /*
 684          * hm.  must be a well-known user, in a well-known group.
 685          */
 686
 687         status = lookup_wk_user_rid(name, usr_rid, &type);
 688         if (status != 0 || type != SID_NAME_USER)
 689         {
 690                 return status; /* ok, maybe not! */
 691         }
 692         if (type != SID_NAME_USER)
 693         {
 694                 return 0xC0000000 | NT_STATUS_NONE_MAPPED; /* users only... */
 695         }
 696
 697         /*
 698          * ok, got the user rid: now try the group rid
 699          */
 700
 701         status = lookup_builtin_grp_rid(name, grp_rid, &type);
 702         if (type == SID_NAME_DOM_GRP ||
 703             type == SID_NAME_ALIAS ||
 704             type == SID_NAME_WKN_GRP)
 705         {
 706                 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 707         }
 708
 709         return status;
 710 }