2 files changed, 34 insertions, 0 deletions

diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 6c3225e267d..e22ebc9abca 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -74,6 +74,7 @@ NTSTATUS dom_sid_lookup_predefined_sid(const struct dom_sid *sid,
 				       enum lsa_SidType *type,
 				       const struct dom_sid **authority_sid,
 				       const char **authority_name);
+bool dom_sid_lookup_is_predefined_domain(const char *domain);
 
 int dom_sid_compare_auth(const struct dom_sid *sid1,
 			 const struct dom_sid *sid2);
diff --git a/libcli/security/util_sid.c b/libcli/security/util_sid.c
index 4e4a8fa0d3e..c616d2459e0 100644
--- a/libcli/security/util_sid.c
+++ b/libcli/security/util_sid.c
@@ -879,6 +879,39 @@ NTSTATUS dom_sid_lookup_predefined_name(const char *name,
 	return NT_STATUS_NONE_MAPPED;
 }
 
+bool dom_sid_lookup_is_predefined_domain(const char *domain)
+{
+	size_t di;
+	bool match;
+
+	if (domain == NULL) {
+		domain = "";
+	}
+
+	match = strequal(domain, "");
+	if (match) {
+		/*
+		 * Strange, but that's what W2012R2 does.
+		 */
+		domain = "BUILTIN";
+	}
+
+	for (di = 0; di < ARRAY_SIZE(predefined_domains); di++) {
+		const struct predefined_domain_mapping *d =
+			&predefined_domains[di];
+		int cmp;
+
+		cmp = strcasecmp(d->domain, domain);
+		if (cmp != 0) {
+			continue;
+		}
+
+		return true;
+	}
+
+	return false;
+}
+
 NTSTATUS dom_sid_lookup_predefined_sid(const struct dom_sid *sid,
 				       const char **name,
 				       enum lsa_SidType *type,