sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-12 01:49:28 +03:00
Code Activity

r5726: merge LsaLookupPrivValue() code from trunk

Browse Source 
(This used to be commit 277203b535)
This commit is contained in:
Gerald Carter
2005-03-10 18:50:47 +00:00
committed by Gerald (Jerry) Carter
parent 3e4bc25f44
commit 66df8431ec
8 changed files with 187 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source3/include/privileges.h
View File

@ -6,7 +6,7 @@
Copyright (C) Luke Kenneth Casson Leighton 1996-1997
Copyright (C) Paul Ashton 1997
Copyright (C) Simo Sorce 2003
Copyright (C) Gerald (Jerry) Carter 2004
Copyright (C) Gerald (Jerry) Carter 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by

19
source3/include/rpc_lsa.h
View File

@ -698,20 +698,20 @@ typedef struct lsa_r_setsystemaccount
NTSTATUS status;
} LSA_R_SETSYSTEMACCOUNT;
typedef struct {
UNIHDR hdr;
UNISTR2 unistring;
} LSA_STRING;
typedef struct lsa_q_lookupprivvalue
{
typedef struct {
POLICY_HND pol; /* policy handle */
UNIHDR hdr_right;
UNISTR2 uni2_right;
} LSA_Q_LOOKUPPRIVVALUE;
LSA_STRING privname;
} LSA_Q_LOOKUP_PRIV_VALUE;
typedef struct lsa_r_lookupprivvalue
{
typedef struct {
LUID luid;
NTSTATUS status;
} LSA_R_LOOKUPPRIVVALUE;
} LSA_R_LOOKUP_PRIV_VALUE;
typedef struct lsa_q_addprivs
{
@ -740,5 +740,4 @@ typedef struct lsa_r_removeprivs
NTSTATUS status;
} LSA_R_REMOVEPRIVS;
#endif /* _RPC_LSA_H */

116
source3/lib/privileges.c
View File

@ -3,7 +3,7 @@
Privileges handling functions
Copyright (C) Jean François Micouleau 1998-2001
Copyright (C) Simo Sorce 2002-2003
Copyright (C) Gerald (Jerry) Carter 2004
Copyright (C) Gerald (Jerry) Carter 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -40,6 +40,43 @@ const SE_PRIV se_add_users = SE_ADD_USERS;
const SE_PRIV se_disk_operators = SE_DISK_OPERATOR;
const SE_PRIV se_remote_shutdown = SE_REMOTE_SHUTDOWN;
/********************************************************************
This is a list of privileges reported by a WIndows 2000 SP4 AD DC
just for reference purposes:
SeCreateTokenPrivilege Create a token object
SeAssignPrimaryTokenPrivilege Replace a process level token
SeLockMemoryPrivilege Lock pages in memory
SeIncreaseQuotaPrivilege Increase quotas
SeMachineAccountPrivilege Add workstations to domain
SeTcbPrivilege Act as part of the operating system
SeSecurityPrivilege Manage auditing and security log
SeTakeOwnershipPrivilege Take ownership of files or other objects
SeLoadDriverPrivilege Load and unload device drivers
SeSystemProfilePrivilege Profile system performance
SeSystemtimePrivilege Change the system time
SeProfileSingleProcessPrivilege Profile single process
SeIncreaseBasePriorityPrivilege Increase scheduling priority
SeCreatePagefilePrivilege Create a pagefile
SeCreatePermanentPrivilege Create permanent shared objects
SeBackupPrivilege Back up files and directories
SeRestorePrivilege Restore files and directories
SeShutdownPrivilege Shut down the system
SeDebugPrivilege Debug programs
SeAuditPrivilege Generate security audits
SeSystemEnvironmentPrivilege Modify firmware environment values
SeChangeNotifyPrivilege Bypass traverse checking
SeRemoteShutdownPrivilege Force shutdown from a remote system
SeUndockPrivilege Remove computer from docking station
SeSyncAgentPrivilege Synchronize directory service data
SeEnableDelegationPrivilege Enable computer and user accounts to be trusted for delegation
SeManageVolumePrivilege Perform volume maintenance tasks
SeImpersonatePrivilege Impersonate a client after authentication
SeCreateGlobalPrivilege Create global objects
********************************************************************/
PRIVS privs[] = {
#if 0 /* usrmgr will display these twice if you include them. We don't
use them but we'll keep the bitmasks reserved in privileges.h anyways */
@ -58,38 +95,6 @@ PRIVS privs[] = {
{SE_END, "", ""}
};
#if 0 /* not needed currently */
PRIVS privs[] = {
{SE_ASSIGN_PRIMARY_TOKEN, "SeAssignPrimaryTokenPrivilege", "Assign Primary Token"},
{SE_CREATE_TOKEN, "SeCreateTokenPrivilege", "Create Token"},
{SE_LOCK_MEMORY, "SeLockMemoryPrivilege", "Lock Memory"},
{SE_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota"},
{SE_UNSOLICITED_INPUT, "SeUnsolicitedInputPrivilege", "Unsolicited Input"},
{SE_TCB, "SeTcbPrivilege", "Act as part of the operating system"},
{SE_SECURITY, "SeSecurityPrivilege", "Security Privilege"},
{SE_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"},
{SE_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"},
{SE_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"},
{SE_SYSTEM_TIME, "SeSystemtimePrivilege", "System Time"},
{SE_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"},
{SE_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"},
{SE_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"},
{SE_CREATE_PERMANENT, "SeCreatePermanentPrivilege", "Create Permanent"},
{SE_BACKUP, "SeBackupPrivilege", "Backup Privilege"},
{SE_RESTORE, "SeRestorePrivilege", "Restore Privilege"},
{SE_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"},
{SE_DEBUG, "SeDebugPrivilege", "Debug Privilege"},
{SE_AUDIT, "SeAuditPrivilege", "Audit"},
{SE_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"},
{SE_CHANGE_NOTIFY, "SeChangeNotifyPrivilege", "Change Notify"},
{SE_UNDOCK, "SeUndockPrivilege", "Undock"},
{SE_SYNC_AGENT, "SeSynchronizationAgentPrivilege", "Synchronization Agent"},
{SE_ENABLE_DELEGATION, "SeEnableDelegationPrivilege", "Enable Delegation"},
{SE_ALL_PRIVS, "SeAllPrivileges", "All Privileges"}
{SE_END, "", ""}
};
#endif
typedef struct priv_sid_list {
SE_PRIV privilege;
SID_LIST sids;
@ -177,6 +182,24 @@ static BOOL se_priv_empty( const SE_PRIV *mask )
return se_priv_equal( &p1, &se_priv_none );
}
/*********************************************************************
Lookup the SE_PRIV value for a privilege name
*********************************************************************/
BOOL se_priv_from_name( const char *name, SE_PRIV *mask )
{
int i;
for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) {
if ( strequal( privs[i].name, name ) ) {
se_priv_copy( mask, &privs[i].se_priv );
return True;
}
}
return False;
}
/***************************************************************************
dump an SE_PRIV structure to the log files
****************************************************************************/
@ -369,11 +392,9 @@ LUID_ATTR get_privilege_luid( SE_PRIV *mask )
for ( i=0; !se_priv_equal(&privs[i].se_priv, &se_priv_end); i++ ) {
/* just use the index+1 (so its non-zero) into the
array as the lower portion of the LUID */
if ( se_priv_equal( &privs[i].se_priv, mask ) ) {
priv_luid.luid.low = GENERATE_LUID_LOW(i);
break;
}
}
@ -664,9 +685,6 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l
{
int i;
/* don't crash if the source pointer is NULL (since we don't
do priviledges now anyways) */
if ( !old_la )
return NT_STATUS_OK;
@ -731,26 +749,6 @@ char* luid_to_privilege_name(const LUID *set)
return name;
}
/****************************************************************************
Convert an LUID to a 32-bit mask
****************************************************************************/
SE_PRIV* luid_to_privilege_mask(const LUID *set)
{
static SE_PRIV mask;
int max = count_all_privileges();
if (set->high != 0)
return NULL;
if ( set->low > max )
return NULL;
se_priv_copy( &mask, &privs[set->low - 1].se_priv );
return &mask;
}
/*******************************************************************
return the number of elements in the privlege array
*******************************************************************/

12
source3/rpc_client/cli_lsarpc.c
View File

@ -1110,12 +1110,12 @@ NTSTATUS cli_lsa_enum_privsaccount(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/** Get a privilege value given its name */
NTSTATUS cli_lsa_lookupprivvalue(struct cli_state *cli, TALLOC_CTX *mem_ctx,
NTSTATUS cli_lsa_lookup_priv_value(struct cli_state *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *pol, const char *name, LUID *luid)
{
prs_struct qbuf, rbuf;
LSA_Q_LOOKUPPRIVVALUE q;
LSA_R_LOOKUPPRIVVALUE r;
LSA_Q_LOOKUP_PRIV_VALUE q;
LSA_R_LOOKUP_PRIV_VALUE r;
NTSTATUS result;
ZERO_STRUCT(q);
@ -1128,9 +1128,9 @@ NTSTATUS cli_lsa_lookupprivvalue(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Marshall data and send request */
init_lsa_q_lookupprivvalue(&q, pol, name);
init_lsa_q_lookup_priv_value(&q, pol, name);
if (!lsa_io_q_lookupprivvalue("", &q, &qbuf, 0) ||
if (!lsa_io_q_lookup_priv_value("", &q, &qbuf, 0) ||
!rpc_api_pipe_req(cli, PI_LSARPC, LSA_LOOKUPPRIVVALUE, &qbuf, &rbuf)) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;
@ -1138,7 +1138,7 @@ NTSTATUS cli_lsa_lookupprivvalue(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Unmarshall response */
if (!lsa_io_r_lookupprivvalue("", &r, &rbuf, 0)) {
if (!lsa_io_r_lookup_priv_value("", &r, &rbuf, 0)) {
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}

43
source3/rpc_parse/parse_lsa.c
View File

@ -1981,20 +1981,38 @@ BOOL lsa_io_r_setsystemaccount(const char *desc, LSA_R_SETSYSTEMACCOUNT *r_c, p
}
void init_lsa_q_lookupprivvalue(LSA_Q_LOOKUPPRIVVALUE *trn, POLICY_HND *hnd, const char *name)
static void init_lsa_string( LSA_STRING *uni, const char *string )
{
memcpy(&trn->pol, hnd, sizeof(trn->pol));
init_unistr2(&trn->uni2_right, name, UNI_FLAGS_NONE);
init_uni_hdr(&trn->hdr_right, &trn->uni2_right);
init_unistr2(&uni->unistring, string, UNI_FLAGS_NONE);
init_uni_hdr(&uni->hdr, &uni->unistring);
}
void init_lsa_q_lookup_priv_value(LSA_Q_LOOKUP_PRIV_VALUE *q_u, POLICY_HND *hnd, const char *name)
{
memcpy(&q_u->pol, hnd, sizeof(q_u->pol));
init_lsa_string( &q_u->privname, name );
}
BOOL smb_io_lsa_string( const char *desc, LSA_STRING *string, prs_struct *ps, int depth )
{
prs_debug(ps, depth, desc, "smb_io_lsa_string");
depth++;
if(!smb_io_unihdr ("hdr", &string->hdr, ps, depth))
return False;
if(!smb_io_unistr2("unistring", &string->unistring, string->hdr.buffer, ps, depth))
return False;
return True;
}
/*******************************************************************
Reads or writes an LSA_Q_LOOKUPPRIVVALUE structure.
Reads or writes an LSA_Q_LOOKUP_PRIV_VALUE structure.
********************************************************************/
BOOL lsa_io_q_lookupprivvalue(const char *desc, LSA_Q_LOOKUPPRIVVALUE *r_c, prs_struct *ps, int depth)
BOOL lsa_io_q_lookup_priv_value(const char *desc, LSA_Q_LOOKUP_PRIV_VALUE *r_c, prs_struct *ps, int depth)
{
prs_debug(ps, depth, desc, "lsa_io_q_lookupprivvalue");
prs_debug(ps, depth, desc, "lsa_io_q_lookup_priv_value");
depth++;
if(!prs_align(ps))
@ -2002,21 +2020,19 @@ BOOL lsa_io_q_lookupprivvalue(const char *desc, LSA_Q_LOOKUPPRIVVALUE *r_c, prs
if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth))
return False;
if(!smb_io_unihdr ("hdr_name", &r_c->hdr_right, ps, depth))
return False;
if(!smb_io_unistr2("uni2_right", &r_c->uni2_right, r_c->hdr_right.buffer, ps, depth))
if(!smb_io_lsa_string("privname", &r_c->privname, ps, depth))
return False;
return True;
}
/*******************************************************************
Reads or writes an LSA_R_LOOKUPPRIVVALUE structure.
Reads or writes an LSA_R_LOOKUP_PRIV_VALUE structure.
********************************************************************/
BOOL lsa_io_r_lookupprivvalue(const char *desc, LSA_R_LOOKUPPRIVVALUE *r_c, prs_struct *ps, int depth)
BOOL lsa_io_r_lookup_priv_value(const char *desc, LSA_R_LOOKUP_PRIV_VALUE *r_c, prs_struct *ps, int depth)
{
prs_debug(ps, depth, desc, "lsa_io_r_lookupprivvalue");
prs_debug(ps, depth, desc, "lsa_io_r_lookup_priv_value");
depth++;
if(!prs_align(ps))
@ -2271,7 +2287,6 @@ BOOL lsa_io_r_query_info2(const char *desc, LSA_R_QUERY_INFO2 *r_c,
return True;
}
/*******************************************************************
Inits an LSA_Q_ENUM_ACCT_RIGHTS structure.
********************************************************************/

40
source3/rpc_server/srv_lsa.c
View File

@ -734,6 +734,39 @@ static BOOL api_lsa_enum_acct_rights(pipes_struct *p)
return True;
}
/***************************************************************************
api_lsa_lookup_priv_value
***************************************************************************/
static BOOL api_lsa_lookup_priv_value(pipes_struct *p)
{
LSA_Q_LOOKUP_PRIV_VALUE q_u;
LSA_R_LOOKUP_PRIV_VALUE r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
if(!lsa_io_q_lookup_priv_value("", &q_u, data, 0)) {
DEBUG(0,("api_lsa_lookup_priv_value: failed to unmarshall LSA_Q_LOOKUP_PRIV_VALUE .\n"));
return False;
}
r_u.status = _lsa_lookup_priv_value(p, &q_u, &r_u);
/* store the response in the SMB stream */
if(!lsa_io_r_lookup_priv_value("", &r_u, rdata, 0)) {
DEBUG(0,("api_lsa_lookup_priv_value: Failed to marshall LSA_R_LOOKUP_PRIV_VALUE.\n"));
return False;
}
return True;
}
#if 0 /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
api_lsa_query_info2
***************************************************************************/
@ -763,7 +796,7 @@ static BOOL api_lsa_query_info2(pipes_struct *p)
return True;
}
#endif /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
\PIPE\ntlsa commands
@ -794,15 +827,19 @@ static struct api_struct api_lsa_cmds[] =
{ "LSA_REMOVEACCTRIGHTS", LSA_REMOVEACCTRIGHTS, api_lsa_remove_acct_rights },
{ "LSA_ENUMACCTRIGHTS" , LSA_ENUMACCTRIGHTS , api_lsa_enum_acct_rights },
{ "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj },
{ "LSA_LOOKUPPRIVVALUE" , LSA_LOOKUPPRIVVALUE , api_lsa_lookup_priv_value }
#if 0 /* AD DC work in ongoing in Samba 4 */
/* be careful of the adding of new RPC's. See commentrs below about
ADS DC capabilities */
{ "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 }
#endif /* AD DC work in ongoing in Samba 4 */
};
static int count_fns(void)
{
int funcs = sizeof(api_lsa_cmds) / sizeof(struct api_struct);
#if 0 /* AD DC work is on going in Samba 4 */
/*
* NOTE: Certain calls can not be enabled if we aren't an ADS DC. Make sure
* these calls are always last and that you decrement by the amount of calls
@ -811,6 +848,7 @@ static int count_fns(void)
if (!(SEC_ADS == lp_security() && ROLE_DOMAIN_PDC == lp_server_role())) {
funcs -= 1;
}
#endif /* AD DC work in ongoing in Samba 4 */
return funcs;
}

44
source3/rpc_server/srv_lsa_nt.c
View File

@ -8,6 +8,7 @@
* Copyright (C) Rafal Szczesniak 2002,
* Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2002,
* Copyright (C) Simo Sorce 2003.
* Copyright (C) Gerald (Jerry) Carter 2005.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -345,6 +346,8 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s
return NT_STATUS_OK;
}
#if 0 /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
Init_dns_dom_info.
***************************************************************************/
@ -384,6 +387,8 @@ static void init_dns_dom_info(LSA_DNS_DOM_INFO *r_l, const char *nb_name,
init_dom_sid2(&r_l->dom_sid, dom_sid);
}
}
#endif /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
_lsa_open_policy2.
@ -776,9 +781,6 @@ NTSTATUS _lsa_enum_privs(pipes_struct *p, LSA_Q_ENUM_PRIVS *q_u, LSA_R_ENUM_PRIV
DEBUG(10,("_lsa_enum_privs: enum_context:%d total entries:%d\n",
enum_context, num_privs));
if ( !(entries = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_PRIV_ENTRY, num_privs + 1)))
return NT_STATUS_NO_MEMORY;
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&handle))
return NT_STATUS_INVALID_HANDLE;
@ -791,7 +793,6 @@ NTSTATUS _lsa_enum_privs(pipes_struct *p, LSA_Q_ENUM_PRIVS *q_u, LSA_R_ENUM_PRIV
if ( !(entries = TALLOC_ZERO_ARRAY(p->mem_ctx, LSA_PRIV_ENTRY, num_privs )) )
return NT_STATUS_NO_MEMORY;
for (i = 0; i < num_privs; i++) {
if( i < enum_context) {
init_unistr2(&entries[i].name, NULL, UNI_FLAGS_NONE);
@ -1143,7 +1144,7 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u
/* check to see if the pipe_user is root or a Domain Admin since
account_pol.tdb was already opened as root, this is all we have */
get_current_user( &user, p );
if ( user.uid != sec_initial_uid()
&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
@ -1184,7 +1185,7 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP
/* check to see if the pipe_user is root or a Domain Admin since
account_pol.tdb was already opened as root, this is all we have */
get_current_user( &user, p );
if ( user.uid != sec_initial_uid()
&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
@ -1261,6 +1262,8 @@ NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUER
return r_u->status;
}
#if 0 /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
***************************************************************************/
@ -1323,6 +1326,7 @@ NTSTATUS _lsa_query_info2(pipes_struct *p, LSA_Q_QUERY_INFO2 *q_u, LSA_R_QUERY_I
return r_u->status;
}
#endif /* AD DC work in ongoing in Samba 4 */
/***************************************************************************
***************************************************************************/
@ -1474,3 +1478,31 @@ NTSTATUS _lsa_enum_acct_rights(pipes_struct *p, LSA_Q_ENUM_ACCT_RIGHTS *q_u, LSA
}
NTSTATUS _lsa_lookup_priv_value(pipes_struct *p, LSA_Q_LOOKUP_PRIV_VALUE *q_u, LSA_R_LOOKUP_PRIV_VALUE *r_u)
{
struct lsa_info *info = NULL;
fstring name;
LUID_ATTR priv_luid;
SE_PRIV mask;
/* find the connection policy handle. */
if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
unistr2_to_ascii(name, &q_u->privname.unistring, sizeof(name));
DEBUG(10,("_lsa_priv_get_dispname: name = %s\n", name));
if ( !se_priv_from_name( name, &mask ) )
return NT_STATUS_NO_SUCH_PRIVILEGE;
priv_luid = get_privilege_luid( &mask );
r_u->luid.low = priv_luid.luid.low;
r_u->luid.high = priv_luid.luid.high;
return NT_STATUS_OK;
}

12
source3/rpcclient/cmd_lsarpc.c
View File

@ -176,6 +176,8 @@ static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
sid_type_lookup(types[i]), types[i]);
}
cli_lsa_close(cli, mem_ctx, &pol);
done:
return result;
}
@ -233,7 +235,7 @@ static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
/* Print results */
for (i = 0; i < argc - 1; i++) {
for (i = 0; i < (argc - 1); i++) {
fstring sid_str;
sid_to_string(sid_str, &sids[i]);
@ -242,6 +244,8 @@ static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
names[i] ? names[i] : "*unknown*", types[i]);
}
cli_lsa_close(cli, mem_ctx, &pol);
done:
return result;
}
@ -673,7 +677,7 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct cli_state *cli,
/* Get a privilege value given its name */
static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
static NTSTATUS cmd_lsa_lookup_priv_value(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
@ -693,7 +697,7 @@ static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_lsa_lookupprivvalue(cli, mem_ctx, &pol, argv[1], &luid);
result = cli_lsa_lookup_priv_value(cli, mem_ctx, &pol, argv[1], &luid);
if (!NT_STATUS_IS_OK(result))
goto done;
@ -765,7 +769,7 @@ struct cmd_set lsarpc_commands[] = {
#endif
{ "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
{ "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
{ "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
{ "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
{ "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, PI_LSARPC, "Query LSA security object", "" },
{ NULL }