1 files changed, 61 insertions, 0 deletions

diff --git a/source3/lib/util_sd.c b/source3/lib/util_sd.c
index b653fe9745d..584d34aaf6f 100644
--- a/source3/lib/util_sd.c
+++ b/source3/lib/util_sd.c
@@ -111,3 +111,64 @@ void SidToString(struct cli_state *cli, fstring str, const struct dom_sid *sid,
 		fstrcpy(str, name);
 	}
 }
+
+static NTSTATUS cli_lsa_lookup_name(struct cli_state *cli,
+				    const char *name,
+				    enum lsa_SidType *type,
+				    struct dom_sid *sid)
+{
+	uint16 orig_cnum = cli_state_get_tid(cli);
+	struct rpc_pipe_client *p;
+	struct policy_handle handle;
+	NTSTATUS status;
+	TALLOC_CTX *frame = talloc_stackframe();
+	struct dom_sid *sids;
+	enum lsa_SidType *types;
+
+	status = cli_tree_connect(cli, "IPC$", "?????", "", 0);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto tcon_fail;
+	}
+
+	status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
+					  &p);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	status = rpccli_lsa_open_policy(p, talloc_tos(), True,
+					GENERIC_EXECUTE_ACCESS, &handle);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	status = rpccli_lsa_lookup_names(p, talloc_tos(), &handle, 1, &name,
+					 NULL, 1, &sids, &types);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto fail;
+	}
+
+	*type = types[0];
+	*sid = sids[0];
+
+	status = NT_STATUS_OK;
+ fail:
+	TALLOC_FREE(p);
+	cli_tdis(cli);
+ tcon_fail:
+	cli_state_set_tid(cli, orig_cnum);
+	TALLOC_FREE(frame);
+	return status;
+}
+
+/* convert a string to a SID, either numeric or username/group */
+bool StringToSid(struct cli_state *cli, struct dom_sid *sid, const char *str)
+{
+	enum lsa_SidType type;
+
+	if (string_to_sid(sid, str)) {
+		return true;
+	}
+
+	return NT_STATUS_IS_OK(cli_lsa_lookup_name(cli, str, &type, sid));
+}