diff options
author | Günther Deschner <gd@samba.org> | 2006-07-04 10:25:04 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:09:46 -0500 |
commit | eda5759e4566c69f03e13137473980a10dfedde4 (patch) | |
tree | ee45c0c1da4a72e4f31955d7a693f0090812278e | |
parent | 9da5d4fd69d1e3a0c3129a41d185abcb1744d8be (diff) | |
download | samba-eda5759e4566c69f03e13137473980a10dfedde4.tar.gz samba-eda5759e4566c69f03e13137473980a10dfedde4.tar.bz2 samba-eda5759e4566c69f03e13137473980a10dfedde4.zip |
r16796: Fill in dsr_GetMemberships() / dsr_GetMemberships2().
This intersting call is apparently used to construct the user token,
collect memberships from other DSAs and to retrieve (nested) memberships
of a given group.
Torture test to follow (once I cleaned it up).
Guenther
(This used to be commit ca5e133e8c6fca188fcaa834cdcd4cb2cd801d79)
-rw-r--r-- | source4/librpc/idl/drsuapi.idl | 77 | ||||
-rw-r--r-- | source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 14 |
2 files changed, 80 insertions, 11 deletions
diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl index f106c4ce3a..cba0103b8e 100644 --- a/source4/librpc/idl/drsuapi.idl +++ b/source4/librpc/idl/drsuapi.idl @@ -7,11 +7,13 @@ authservice("ldap"), helpstring("Active Directory Replication"), pointer_default(unique), - depends(security,misc), + depends(security,misc,samr), keepref ] interface drsuapi { + declare bitmap samr_GroupAttrs; + /*****************/ /* Function 0x00 */ typedef [bitmap32bit] bitmap { @@ -767,7 +769,51 @@ interface drsuapi /*****************/ /* Function 0x09 */ - WERROR DRSUAPI_GET_MEMBERSHIPS(); + + /* how are type 4 and 7 different from 2 and 3 ? */ + typedef [v1_enum] enum { + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4, + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5, + DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7 + } drsuapi_DsMembershipType; + + typedef struct { + NTSTATUS status; + [range(0,10000)] uint32 num_memberships; + [range(0,10000)] uint32 num_sids; + [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array; + [size_is(num_memberships)] samr_GroupAttrs *group_attrs; + [size_is(num_sids)] dom_sid28 **sids; + } drsuapi_DsGetMembershipsCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMembershipsCtr; + + const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1; + + typedef struct { + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array; + uint32 flags; + drsuapi_DsMembershipType type; + drsuapi_DsReplicaObjectIdentifier *domain; + } drsuapi_DsGetMembershipsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsRequest1 req1; + } drsuapi_DsGetMembershipsRequest; + + WERROR drsuapi_DsGetMemberships( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMembershipsRequest req, + [out] [switch_is(level)] drsuapi_DsGetMembershipsCtr ctr + ); /*****************/ /* Function 0x0a */ @@ -1370,7 +1416,32 @@ interface drsuapi /*****************/ /* Function 0x15 */ - WERROR DRSUAPI_GET_MEMBERSHIPS2(); + + typedef struct { + [range(0,10000)] uint32 num_entries; + [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array; + } drsuapi_DsGetMemberships2Ctr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMemberships2Ctr; + + typedef struct { + [range(1,10000)] uint32 num_req; + [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array; + } drsuapi_DsGetMemberships2Request1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMemberships2Request1 req1; + } drsuapi_DsGetMemberships2Request; + + WERROR drsuapi_DsGetMemberships2( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMemberships2Request req, + [out] [switch_is(level)] drsuapi_DsGetMemberships2Ctr ctr + ); + /*****************/ /* Function 0x16 */ diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index 11ad149044..4028e4c4f9 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -171,10 +171,10 @@ static WERROR DRSUAPI_VERIFY_NAMES(struct dcesrv_call_state *dce_call, TALLOC_CT /* - DRSUAPI_GET_MEMBERSHIPS + drsuapi_DsGetMemberships */ -static WERROR DRSUAPI_GET_MEMBERSHIPS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct DRSUAPI_GET_MEMBERSHIPS *r) +static WERROR drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsGetMemberships *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } @@ -332,17 +332,15 @@ static WERROR DRSUAPI_ADD_SID_HISTORY(struct dcesrv_call_state *dce_call, TALLOC DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } - /* - DRSUAPI_GET_MEMBERSHIPS2 + drsuapi_DsGetMemberships2 */ -static WERROR DRSUAPI_GET_MEMBERSHIPS2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct DRSUAPI_GET_MEMBERSHIPS2 *r) +static WERROR drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsGetMemberships2 *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } - /* DRSUAPI_REPLICA_VERIFY_OBJECTS */ |