Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : Translate BUILTIN names to SIDs and vice versa
4 : Copyright (C) Volker Lendecke 2005
5 :
6 : This program is free software; you can redistribute it and/or modify
7 : it under the terms of the GNU General Public License as published by
8 : the Free Software Foundation; either version 3 of the License, or
9 : (at your option) any later version.
10 :
11 : This program is distributed in the hope that it will be useful,
12 : but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 : GNU General Public License for more details.
15 :
16 : You should have received a copy of the GNU General Public License
17 : along with this program. If not, see <http://www.gnu.org/licenses/>.
18 : */
19 :
20 : #include "includes.h"
21 : #include "../libcli/security/security.h"
22 :
23 : struct rid_name_map {
24 : uint32_t rid;
25 : const char *name;
26 : };
27 :
28 : static const struct rid_name_map builtin_aliases[] = {
29 : { BUILTIN_RID_ADMINISTRATORS, "Administrators" },
30 : { BUILTIN_RID_USERS, "Users" },
31 : { BUILTIN_RID_GUESTS, "Guests" },
32 : { BUILTIN_RID_POWER_USERS, "Power Users" },
33 : { BUILTIN_RID_ACCOUNT_OPERATORS, "Account Operators" },
34 : { BUILTIN_RID_SERVER_OPERATORS, "Server Operators" },
35 : { BUILTIN_RID_PRINT_OPERATORS, "Print Operators" },
36 : { BUILTIN_RID_BACKUP_OPERATORS, "Backup Operators" },
37 : { BUILTIN_RID_REPLICATOR, "Replicator" },
38 : { BUILTIN_RID_RAS_SERVERS, "RAS Servers" },
39 : { BUILTIN_RID_PRE_2K_ACCESS,
40 : "Pre-Windows 2000 Compatible Access" },
41 : { BUILTIN_RID_REMOTE_DESKTOP_USERS,
42 : "Remote Desktop Users" },
43 : { BUILTIN_RID_NETWORK_CONF_OPERATORS,
44 : "Network Configuration Operators" },
45 : { BUILTIN_RID_INCOMING_FOREST_TRUST,
46 : "Incoming Forest Trust Builders" },
47 : { BUILTIN_RID_PERFMON_USERS,
48 : "Performance Monitor Users" },
49 : { BUILTIN_RID_PERFLOG_USERS,
50 : "Performance Log Users" },
51 : { BUILTIN_RID_AUTH_ACCESS,
52 : "Windows Authorization Access Group" },
53 : { BUILTIN_RID_TS_LICENSE_SERVERS,
54 : "Terminal Server License Servers" },
55 : { BUILTIN_RID_DISTRIBUTED_COM_USERS,
56 : "Distributed COM Users" },
57 : { BUILTIN_RID_CRYPTO_OPERATORS,
58 : "Cryptographic Operators" },
59 : { BUILTIN_RID_EVENT_LOG_READERS,
60 : "Event Log Readers" },
61 : { BUILTIN_RID_CERT_SERV_DCOM_ACCESS,
62 : "Certificate Service DCOM Access" },
63 : { 0, NULL}};
64 :
65 : /*******************************************************************
66 : Look up a rid in the BUILTIN domain
67 : ********************************************************************/
68 1848 : bool lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32_t rid, const char **name)
69 : {
70 1848 : const struct rid_name_map *aliases = builtin_aliases;
71 :
72 2829 : while (aliases->name != NULL) {
73 2829 : if (rid == aliases->rid) {
74 1848 : *name = talloc_strdup(mem_ctx, aliases->name);
75 1848 : return True;
76 : }
77 981 : aliases++;
78 : }
79 :
80 0 : return False;
81 : }
82 :
83 : /*******************************************************************
84 : Look up a name in the BUILTIN domain
85 : ********************************************************************/
86 1929 : bool lookup_builtin_name(const char *name, uint32_t *rid)
87 : {
88 1929 : const struct rid_name_map *aliases = builtin_aliases;
89 :
90 27294 : while (aliases->name != NULL) {
91 26178 : if (strequal(name, aliases->name)) {
92 813 : *rid = aliases->rid;
93 813 : return True;
94 : }
95 25365 : aliases++;
96 : }
97 :
98 1116 : return False;
99 : }
100 :
101 : /*****************************************************************
102 : Return the name of the BUILTIN domain
103 : *****************************************************************/
104 :
105 6799 : const char *builtin_domain_name(void)
106 : {
107 6799 : return "BUILTIN";
108 : }
109 :
110 : /*****************************************************************
111 : Check if the SID is the builtin SID (S-1-5-32).
112 : *****************************************************************/
113 :
114 189058 : bool sid_check_is_builtin(const struct dom_sid *sid)
115 : {
116 189058 : return dom_sid_equal(sid, &global_sid_Builtin);
117 : }
118 :
119 : /*****************************************************************
120 : Check if the SID is one of the builtin SIDs (S-1-5-32-a).
121 : *****************************************************************/
122 :
123 152192 : bool sid_check_is_in_builtin(const struct dom_sid *sid)
124 : {
125 36 : struct dom_sid dom_sid;
126 :
127 152192 : sid_copy(&dom_sid, sid);
128 152192 : sid_split_rid(&dom_sid, NULL);
129 :
130 152192 : return sid_check_is_builtin(&dom_sid);
131 : }
132 :
133 : /********************************************************************
134 : Check if the SID is one of the well-known builtin SIDs (S-1-5-32-x)
135 : *********************************************************************/
136 :
137 0 : bool sid_check_is_wellknown_builtin(const struct dom_sid *sid)
138 : {
139 0 : struct dom_sid dom_sid;
140 0 : const struct rid_name_map *aliases = builtin_aliases;
141 0 : uint32_t rid;
142 :
143 0 : sid_copy(&dom_sid, sid);
144 0 : sid_split_rid(&dom_sid, &rid);
145 :
146 0 : if (!sid_check_is_builtin(&dom_sid)) {
147 0 : return false;
148 : }
149 :
150 0 : while (aliases->name != NULL) {
151 0 : if (aliases->rid == rid) {
152 0 : return True;
153 : }
154 0 : aliases++;
155 : }
156 :
157 0 : return False;
158 : }
|