how to get list of user groups from NT?
Ben Johnson
ben at blarg.net
Wed Mar 28 04:11:18 GMT 2001
Hey! yeah. that helps a little. I'm not sure what the usernames' rids
are, but I have a guess that it's the last part of the sid.
rpcclient $> lookupnames tuser34
tuser34 S-1-5-21-893268329-1528378036-1167487308-1038 (1)
rpcclient $> queryusergroups 1038
group rid:[0x201] attr:[0x7]
rpcclient $> lookupnames tuser35
tuser35 S-1-5-21-893268329-1528378036-1167487308-1039 (1)
rpcclient $> queryusergroups 1039
group rid:[0x201] attr:[0x7]
I know these user's are in more than one local group though. Does this
mean my guess about the sid is wrong, or are only the global groups
showing up, or something else?
yes, querygroup doesn't work and neither does queryuser.
- Ben
On Wed, Mar 28, 2001 at 01:46:33PM +1000, Tim Potter wrote:
> Tim Potter writes:
>
> > > running the rpcclient from both 2.0.7 and the cvs version and have had
> > > little success with them so far. The 2.0.7 barely runs and the cvs HEAD
> > > queryusergroups always complains that the filehandle is invalid.
> >
> > Hmm. Sounds like a bug. (-: I think the HEAD branch rpcclient
> > code is much nicer than the 2.0 stuff, although it isn't as well
> > tested as I would like.
>
> OK - it looks like the advertised username->rid mapping for the
> queryusergroups function isn't working. If you know the rid of
> the user you can do:
>
> rpcclient $> queryusergroups 500
> group rid:[0x201] attr:[0x7]
> group rid:[0x200] attr:[0x7]
> group rid:[0x3f8] attr:[0x7]
>
> Eek - it looks like the querygroup command doesn't work quite as
> it should either. )-:
>
>
> Tim.
More information about the samba-technical
mailing list