diff options
author | Matthew Chapman <matty@samba.org> | 2000-05-29 01:23:48 +0000 |
---|---|---|
committer | Matthew Chapman <matty@samba.org> | 2000-05-29 01:23:48 +0000 |
commit | badb7fc0d21267110e39287c897c0f956f43bb16 (patch) | |
tree | afcd48a971495347de458b5e5a4f8b7de67c5d6b /source3/rpc_client | |
parent | 5b5f41d8e0e707bb4e1626f4406b2e46305a5183 (diff) | |
download | samba-badb7fc0d21267110e39287c897c0f956f43bb16.tar.gz samba-badb7fc0d21267110e39287c897c0f956f43bb16.tar.bz2 samba-badb7fc0d21267110e39287c897c0f956f43bb16.zip |
Fixed LsaQueryInformationPolicy level 3 to return primary domain info.
Domain SID is saved in secrets.tdb upon joining domain.
Added "Authenticated Users" and "SYSTEM" well-known SIDs (under
NT Authority).
(This used to be commit 7710b4f48d3e8532df5e37f99a779758f750efdb)
Diffstat (limited to 'source3/rpc_client')
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 23 | ||||
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 9 |
2 files changed, 31 insertions, 1 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 34201ebc16..8362c1d172 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -379,3 +379,26 @@ BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd) return True; } + +/**************************************************************************** +obtain a server's SAM SID and save it in the secrets database +****************************************************************************/ + +BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server) +{ + fstring domain, key; + POLICY_HND pol; + DOM_SID sid; + BOOL res, res2, res3; + + res = cli_nt_session_open(cli, PIPE_LSARPC); + res2 = res ? do_lsa_open_policy(cli, server, &pol, 0) : False; + res3 = res2 ? do_lsa_query_info_pol(cli, &pol, 5, domain, &sid) : False; + + res3 = res3 ? secrets_store_domain_sid(domain, &sid) : False; + + res2 = res2 ? do_lsa_close(cli, &pol) : False; + cli_nt_session_close(cli); + + return res3; +} diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index ce4468d112..0043a1894e 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -579,7 +579,14 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) )); * Ok - we have an anonymous connection to the IPC$ share. * Now start the NT Domain stuff :-). */ - + + if(cli_lsa_get_domain_sid(&cli, remote_machine) == False) { + DEBUG(0,("modify_trust_password: unable to obtain domain sid from %s. Error was : %s.\n", remote_machine, cli_errstr(&cli))); + cli_ulogoff(&cli); + cli_shutdown(&cli); + return False; + } + if(cli_nt_session_open(&cli, PIPE_NETLOGON) == False) { DEBUG(0,("modify_trust_password: unable to open the domain client session to \ machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli))); |