Package jcifs

Interface SidResolver

  • All Known Implementing Classes:
    SIDCacheImpl
    public interface SidResolver
    This is an internal API for resolving SIDs to names and/or retrieving member SIDs
    Author:
    mbechler

    • Method Detail

      • resolveSids

        void resolveSids​(CIFSContext tc,
                 String authorityServerName,
                 SID[] sids)
          throws CIFSException
        Resolve an array of SIDs using a cache and at most one MSRPC request.

        This method will attempt to resolve SIDs using a cache and cache the results of any SIDs that required resolving with the authority. SID cache entries are currently not expired because under normal circumstances SID information never changes.

        Parameters:
        tc - context to use
        authorityServerName - The hostname of the server that should be queried. For maximum efficiency this should be the hostname of a domain controller however a member server will work as well and a domain controller may not return names for SIDs corresponding to local accounts for which the domain controller is not an authority.
        sids - The SIDs that should be resolved. After this function is called, the names associated with the SIDs may be queried with the toDisplayString, getDomainName, and getAccountName methods.
        Throws:
        CIFSException

      • resolveSids

        void resolveSids​(CIFSContext tc,
                 String authorityServerName,
                 SID[] sids,
                 int off,
                 int len)
          throws CIFSException
        Resolve part of an array of SIDs using a cache and at most one MSRPC request.
        Parameters:
        tc -
        authorityServerName -
        sids -
        off -
        len -
        Throws:
        CIFSException

      • getGroupMemberSids

        SID[] getGroupMemberSids​(CIFSContext tc,
                         String authorityServerName,
                         SID domsid,
                         int rid,
                         int flags)
                  throws CIFSException
        Parameters:
        tc -
        authorityServerName -
        domsid -
        rid -
        flags -
        Returns:
        the SIDs of the group members
        Throws:
        CIFSException

      • getLocalGroupsMap

        Map<SID,​List<SID>> getLocalGroupsMap​(CIFSContext tc,
                                           String authorityServerName,
                                           int flags)
                                    throws CIFSException
        This specialized method returns a Map of users and local groups for the target server where keys are SIDs representing an account and each value is an ArrayList of SIDs represents the local groups that the account is a member of.

        This method is designed to assist with computing access control for a given user when the target object's ACL has local groups. Local groups are not listed in a user's group membership (e.g. as represented by the tokenGroups constructed attribute retrieved via LDAP).

        Domain groups nested inside a local group are currently not expanded. In this case the key (SID) type will be SID_TYPE_DOM_GRP rather than SID_TYPE_USER.

        Parameters:
        tc - The context to use
        authorityServerName - The server from which the local groups will be queried.
        flags - Flags that control the behavior of the operation. When all name associated with SIDs will be required, the SID_FLAG_RESOLVE_SIDS flag should be used which causes all group member SIDs to be resolved together in a single more efficient operation.
        Returns:
        a map of group SID to member SIDs
        Throws:
        CIFSException