#include "includes.h"
#include "utils/net.h"
#include "../librpc/gen_ndr/samr.h"
+#include "smbldap.h"
+#include "../libcli/security/security.h"
/*
* Set a user's data
static int net_sam_rights_list(struct net_context *c, int argc,
const char **argv)
{
- uint64_t mask;
+ enum sec_privilege privilege;
if (argc > 1 || c->display_usage) {
d_fprintf(stderr, "%s\n%s",
return 0;
}
- if (se_priv_from_name(argv[0], &mask)) {
+ privilege = sec_privilege_id(argv[0]);
+
+ if (privilege != SEC_PRIV_INVALID) {
struct dom_sid *sids;
int i, num_sids;
NTSTATUS status;
- status = privilege_enum_sids(&mask, talloc_tos(),
+ status = privilege_enum_sids(privilege, talloc_tos(),
&sids, &num_sids);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not list rights: %s\n"),
struct dom_sid sid;
enum lsa_SidType type;
const char *dom, *name;
- uint64_t mask;
int i;
if (argc < 2 || c->display_usage) {
}
for (i=1; i < argc; i++) {
- if (!se_priv_from_name(argv[i], &mask)) {
+ enum sec_privilege privilege = sec_privilege_id(argv[i]);
+ if (privilege == SEC_PRIV_INVALID) {
d_fprintf(stderr, _("%s unknown\n"), argv[i]);
return -1;
}
- if (!grant_privilege(&sid, &mask)) {
+ if (!grant_privilege_by_name(&sid, argv[i])) {
d_fprintf(stderr, _("Could not grant privilege\n"));
return -1;
}
struct dom_sid sid;
enum lsa_SidType type;
const char *dom, *name;
- uint64_t mask;
int i;
if (argc < 2 || c->display_usage) {
}
for (i=1; i < argc; i++) {
-
- if (!se_priv_from_name(argv[i], &mask)) {
+ enum sec_privilege privilege = sec_privilege_id(argv[i]);
+ if (privilege == SEC_PRIV_INVALID) {
d_fprintf(stderr, _("%s unknown\n"), argv[i]);
return -1;
}
- if (!revoke_privilege(&sid, mask)) {
+ if (!revoke_privilege_by_name(&sid, argv[i])) {
d_fprintf(stderr, _("Could not revoke privilege\n"));
return -1;
}
"Admins group not available!\n"));
goto done;
}
+ if (!winbind_allocate_uid(&uid)) {
+ d_fprintf(stderr,
+ _("Unable to allocate a new uid to create "
+ "the Administrator user!\n"));
+ goto done;
+ }
+
name = talloc_strdup(tc, "Administrator");
dn = talloc_asprintf(tc, "uid=Administrator,%s", lp_ldap_user_suffix());
uidstr = talloc_asprintf(tc, "%u", (unsigned int)uid);
sid_compose(&sid, get_global_sam_sid(), DOMAIN_RID_ADMINISTRATOR);
- if (!winbind_allocate_uid(&uid)) {
- d_fprintf(stderr,
- _("Unable to allocate a new uid to create "
- "the Administrator user!\n"));
- goto done;
- }
-
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_ACCOUNT);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_POSIXACCOUNT);
smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectClass", LDAP_OBJ_SAMBASAMACCOUNT);
sid_compose(&sid, get_global_sam_sid(), DOMAIN_RID_GUEST);
- pwd = getpwnam_alloc(tc, lp_guestaccount());
+ pwd = Get_Pwnam_alloc(tc, lp_guestaccount());
if (!pwd) {
if (domusers_gid == -1) {
d_printf(_("Checking Guest's group.\n"));
- pwd = getpwnam_alloc(talloc_autofree_context(), lp_guestaccount());
+ pwd = Get_Pwnam_alloc(tc, lp_guestaccount());
if (!pwd) {
d_fprintf(stderr,
_("Failed to find just created Guest account!\n"