diff options
author | Gerald Carter <jerry@samba.org> | 2004-06-03 18:00:22 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:51:53 -0500 |
commit | 9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad (patch) | |
tree | 7b126d923a8a0ee8b02ab43bf54a43ce3344f051 /source3/include | |
parent | 4e1b26db3490c6063bf0ea05b8ae7e34a96ca8a9 (diff) | |
download | samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.gz samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.bz2 samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.zip |
r991: Allow winbindd to use the domain trust account password
for setting up an schannel connection. This solves the problem
of a Samba DC running winbind, trusting a native mode AD domain,
and needing to enumerate AD users via wbinfo -u.
(This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
Diffstat (limited to 'source3/include')
-rw-r--r-- | source3/include/rpc_dce.h | 3 | ||||
-rw-r--r-- | source3/include/rpc_netlogon.h | 42 |
2 files changed, 37 insertions, 8 deletions
diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h index 0df903109d..57b1184bd9 100644 --- a/source3/include/rpc_dce.h +++ b/source3/include/rpc_dce.h @@ -71,7 +71,8 @@ enum RPC_PKT_TYPE to NT4. Actually, anything other than 1ff would seem to do... */ #define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff -#define NETLOGON_NEG_SCHANNEL 0x40000000 +#define NETLOGON_NEG_SCHANNEL 0x40000000 +#define NETLOGON_NEG_DOMAIN_TRUST_ACCOUNT 0x2010b000 enum netsec_direction { diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index a5b93b0238..ad30cfbafb 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -68,6 +68,11 @@ #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */ #define SAM_DATABASE_PRIVS 0x02 /* Privileges */ +#define NETLOGON_CONTROL_REDISCOVER 0x5 +#define NETLOGON_CONTROL_TC_QUERY 0x6 +#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 0x7 +#define NETLOGON_CONTROL_SET_DBFLAG 0xfffe + #if 0 /* I think this is correct - it's what gets parsed on the wire. JRA. */ /* NET_USER_INFO_2 */ @@ -204,7 +209,7 @@ typedef struct netlogon_2_info uint32 flags; /* 0x0 - undocumented */ uint32 pdc_status; /* 0x0 - undocumented */ uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */ - uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */ + uint32 tc_status; UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */ } NETLOGON_INFO_2; @@ -255,6 +260,26 @@ typedef struct net_r_logon_ctrl_info NTSTATUS status; } NET_R_LOGON_CTRL; + +typedef struct ctrl_data_info_5 +{ + uint32 function_code; + + uint32 ptr_domain; + UNISTR2 domain; + +} CTRL_DATA_INFO_5; + +typedef struct ctrl_data_info_6 +{ + uint32 function_code; + + uint32 ptr_domain; + UNISTR2 domain; + +} CTRL_DATA_INFO_6; + + /******************************************************** Logon Control2 Query @@ -266,13 +291,16 @@ typedef struct net_r_logon_ctrl_info /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */ typedef struct net_q_logon_ctrl2_info { - uint32 ptr; /* undocumented buffer pointer */ - UNISTR2 uni_server_name; /* server name, starting with two '\'s */ + uint32 ptr; /* undocumented buffer pointer */ + UNISTR2 uni_server_name; /* server name, starting with two '\'s */ + + uint32 function_code; + uint32 query_level; + union { + CTRL_DATA_INFO_5 info5; + CTRL_DATA_INFO_6 info6;; + } info; - uint32 function_code; /* 0x1 */ - uint32 query_level; /* 0x1, 0x3 */ - uint32 switch_value; /* 0x1 */ - } NET_Q_LOGON_CTRL2; /******************************************************* |