2002-03-15 Corinna Vinschen <corinna@vinschen.de>

* mkgroup.c (main): When generating group 513, check for computer's primary domain instead of current user's domain. 2002-03-14 Corinna Vinschen <corinna@vinschen.de> * mkgroup.c (main): When generating group 513, check for domain SID if computer name isn't mapped to a SID.
2002-03-15 14:53:55 +00:00 · 2002-03-15 14:53:55 +00:00 · eeec2a4835
parent 2f26318784
commit eeec2a4835
2 changed files with 54 additions and 16 deletions
--- a/winsup/utils/ChangeLog
+++ b/winsup/utils/ChangeLog
@ -1,3 +1,13 @@
+2002-03-15  Corinna Vinschen  <corinna@vinschen.de>
+
+	* mkgroup.c (main): When generating group 513, check for computer's
+	primary domain instead of current user's domain.
+
+2002-03-14  Corinna Vinschen  <corinna@vinschen.de>
+
+	* mkgroup.c (main): When generating group 513, check for domain SID
+	if computer name isn't mapped to a SID.
+
 2001-03-11 Joshua Daniel Franklin <joshuadfranklin@yahoo.com>

 	* kill.cc (usage): Move to top of file.
--- a/winsup/utils/mkgroup.c
+++ b/winsup/utils/mkgroup.c
@ -17,6 +17,8 @@
 #include <getopt.h>
 #include <lmaccess.h>
 #include <lmapibuf.h>
+#include <ntsecapi.h>
+#include <ntdef.h>

 SID_IDENTIFIER_AUTHORITY sid_world_auth = {SECURITY_WORLD_SID_AUTHORITY};
 SID_IDENTIFIER_AUTHORITY sid_nt_auth = {SECURITY_NT_AUTHORITY};
@ -447,9 +449,15 @@ main (int argc, char **argv)

  char name[256], dom[256];
  DWORD len, len2;
-  PSID csid;
+  char buf[1024];
+  PSID psid = NULL;
  SID_NAME_USE use;

+  LSA_OBJECT_ATTRIBUTES oa = { 0, 0, 0, 0, 0, 0 };
+  LSA_HANDLE lsa = INVALID_HANDLE_VALUE;
+  NTSTATUS ret;
+  PPOLICY_PRIMARY_DOMAIN_INFO pdi;
+
  if (GetVersion () < 0x80000000)
    {
      if (argc == 1)
@ -530,23 +538,43 @@ main (int argc, char **argv)
      */
      len = 256;
      GetComputerName (name, &len);
-      csid = (PSID) malloc (1024);
      len = 1024;
      len2 = 256;
-      LookupAccountName (NULL, name,
-			 csid, &len,
-			 dom, &len,
-			 &use);
-      print_special (print_sids, GetSidIdentifierAuthority (csid), 5,
-				 *GetSidSubAuthority (csid, 0),
-				 *GetSidSubAuthority (csid, 1),
-				 *GetSidSubAuthority (csid, 2),
-				 *GetSidSubAuthority (csid, 3),
-				 513,
-				 0,
-				 0,
-				 0);
-      free (csid);
+      if (LookupAccountName (NULL, name, (PSID) buf, &len, dom, &len, &use))
+	psid = (PSID) buf;
+      else
+        {
+	  ret = LsaOpenPolicy(NULL, &oa, POLICY_VIEW_LOCAL_INFORMATION, &lsa);
+	  if (ret == STATUS_SUCCESS && lsa != INVALID_HANDLE_VALUE)
+	    {
+	      ret = LsaQueryInformationPolicy (lsa,
+					       PolicyPrimaryDomainInformation,
+					       (PVOID *) &pdi);
+	      if (ret == STATUS_SUCCESS)
+	        {
+		  if (pdi->Sid)
+		    {
+		      CopySid (1024, (PSID) buf, pdi->Sid);
+		      psid = (PSID) buf;
+		    }
+		  LsaFreeMemory (pdi);
+		}
+	      LsaClose (lsa);
+	    }
+	}
+      if (!psid)
+        fprintf (stderr,
+	        "WARNING: Group 513 couldn't get retrieved.  Try mkgroup -d\n");
+      else
+	print_special (print_sids, GetSidIdentifierAuthority (psid), 5,
+				   *GetSidSubAuthority (psid, 0),
+				   *GetSidSubAuthority (psid, 1),
+				   *GetSidSubAuthority (psid, 2),
+				   *GetSidSubAuthority (psid, 3),
+				   513,
+				   0,
+				   0,
+				   0);
    }

  if (print_domain)