summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
authorKarolin Seeger <kseeger@samba.org>2008-02-29 10:44:38 +0100
committerKarolin Seeger <kseeger@samba.org>2008-02-29 10:44:38 +0100
commitc4fbe2846231a6b322c1094c6a1dbf93b7305768 (patch)
tree09eb77a294f4acda131b41fe4c9bec4ed175eb16 /source3/rpc_client
parent1a6415fc77c708b87c8e2ce6e7828f486ffc87ac (diff)
parent695b6662abe64a40061bfa05ede12173fc4b1945 (diff)
downloadsamba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.tar.gz
samba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.tar.bz2
samba-c4fbe2846231a6b322c1094c6a1dbf93b7305768.zip
Merge commit 'origin/v3-2-test' into v3-2-stable
Conflicts: WHATSNEW.txt (This used to be commit a390bcf9403df4cf4d5eef42b35ebccbe253882e)
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_ds.c138
-rw-r--r--source3/rpc_client/cli_lsarpc.c1099
-rw-r--r--source3/rpc_client/cli_netlogon.c1175
-rw-r--r--source3/rpc_client/cli_pipe.c7
-rw-r--r--source3/rpc_client/cli_samr.c2071
-rw-r--r--source3/rpc_client/cli_svcctl.c211
-rw-r--r--source3/rpc_client/init_lsa.c126
-rw-r--r--source3/rpc_client/init_netlogon.c220
-rw-r--r--source3/rpc_client/init_samr.c461
9 files changed, 1327 insertions, 4181 deletions
diff --git a/source3/rpc_client/cli_ds.c b/source3/rpc_client/cli_ds.c
deleted file mode 100644
index 71516b89f2..0000000000
--- a/source3/rpc_client/cli_ds.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- RPC pipe client
- Copyright (C) Gerald Carter 2002,
- Copyright (C) Jeremy Allison 2005.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-
-/* implementations of client side DsXXX() functions */
-
-/********************************************************************
- Get information about the server and directory services
-********************************************************************/
-
-NTSTATUS rpccli_ds_getprimarydominfo(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- uint16 level, DS_DOMINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- DS_Q_GETPRIMDOMINFO q;
- DS_R_GETPRIMDOMINFO r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- q.level = level;
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC_DS, DS_GETPRIMDOMINFO,
- q, r,
- qbuf, rbuf,
- ds_io_q_getprimdominfo,
- ds_io_r_getprimdominfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return basic info - if we are requesting at info != 1 then
- there could be trouble. */
-
- result = r.status;
-
- if ( r.ptr && ctr ) {
- ctr->basic = TALLOC_P(mem_ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC);
- if (!ctr->basic)
- goto done;
- memcpy(ctr->basic, r.info.basic, sizeof(DSROLE_PRIMARY_DOMAIN_INFO_BASIC));
- }
-
-done:
-
- return result;
-}
-
-/********************************************************************
- Enumerate trusted domains in an AD forest
-********************************************************************/
-
-NTSTATUS rpccli_ds_enum_domain_trusts(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server, uint32 flags,
- struct ds_domain_trust **trusts,
- uint32 *num_domains)
-{
- prs_struct qbuf, rbuf;
- DS_Q_ENUM_DOM_TRUSTS q;
- DS_R_ENUM_DOM_TRUSTS r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_ds_enum_domain_trusts( &q, server, flags );
-
- CLI_DO_RPC( cli, mem_ctx, PI_NETLOGON, DS_ENUM_DOM_TRUSTS,
- q, r,
- qbuf, rbuf,
- ds_io_q_enum_domain_trusts,
- ds_io_r_enum_domain_trusts,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if ( NT_STATUS_IS_OK(result) ) {
- int i;
-
- *num_domains = r.num_domains;
- if (r.num_domains) {
- *trusts = TALLOC_ARRAY(mem_ctx, struct ds_domain_trust, r.num_domains);
-
- if (*trusts == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- } else {
- *trusts = NULL;
- }
-
- for ( i=0; i< *num_domains; i++ ) {
- (*trusts)[i].flags = r.domains.trusts[i].flags;
- (*trusts)[i].parent_index = r.domains.trusts[i].parent_index;
- (*trusts)[i].trust_type = r.domains.trusts[i].trust_type;
- (*trusts)[i].trust_attributes = r.domains.trusts[i].trust_attributes;
- (*trusts)[i].guid = r.domains.trusts[i].guid;
-
- if (r.domains.trusts[i].sid_ptr) {
- sid_copy(&(*trusts)[i].sid, &r.domains.trusts[i].sid.sid);
- } else {
- ZERO_STRUCT((*trusts)[i].sid);
- }
-
- if (r.domains.trusts[i].netbios_ptr) {
- (*trusts)[i].netbios_domain = unistr2_to_ascii_talloc( mem_ctx, &r.domains.trusts[i].netbios_domain );
- } else {
- (*trusts)[i].netbios_domain = NULL;
- }
-
- if (r.domains.trusts[i].dns_ptr) {
- (*trusts)[i].dns_domain = unistr2_to_ascii_talloc( mem_ctx, &r.domains.trusts[i].dns_domain );
- } else {
- (*trusts)[i].dns_domain = NULL;
- }
- }
- }
-
- return result;
-}
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 286cc210e2..2759881dd3 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -6,6 +6,7 @@
Copyright (C) Rafal Szczesniak 2002
Copyright (C) Jeremy Allison 2005.
Copyright (C) Michael Adam 2007.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -45,42 +46,34 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
bool sec_qos, uint32 des_access,
POLICY_HND *pol)
{
- prs_struct qbuf, rbuf;
- LSA_Q_OPEN_POL q;
- LSA_R_OPEN_POL r;
- LSA_SEC_QOS qos;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
+ struct lsa_ObjectAttribute attr;
+ struct lsa_QosInfo qos;
+ uint16_t system_name = '\\';
if (sec_qos) {
- init_lsa_sec_qos(&qos, 2, 1, 0);
- init_q_open_pol(&q, '\\', 0, des_access, &qos);
+ init_lsa_sec_qos(&qos, 0xc, 2, 1, 0);
+ init_lsa_obj_attr(&attr,
+ 0x18,
+ NULL,
+ NULL,
+ 0,
+ NULL,
+ &qos);
} else {
- init_q_open_pol(&q, '\\', 0, des_access, NULL);
- }
-
- /* Marshall data and send request */
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY,
- q, r,
- qbuf, rbuf,
- lsa_io_q_open_pol,
- lsa_io_r_open_pol,
- NT_STATUS_UNSUCCESSFUL );
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *pol = r.pol;
- }
-
- return result;
+ init_lsa_obj_attr(&attr,
+ 0x18,
+ NULL,
+ NULL,
+ 0,
+ NULL,
+ NULL);
+ }
+
+ return rpccli_lsa_OpenPolicy(cli, mem_ctx,
+ &system_name,
+ &attr,
+ des_access,
+ pol);
}
/** Open a LSA policy handle
@@ -92,39 +85,34 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, bool sec_qos,
uint32 des_access, POLICY_HND *pol)
{
- prs_struct qbuf, rbuf;
- LSA_Q_OPEN_POL2 q;
- LSA_R_OPEN_POL2 r;
- LSA_SEC_QOS qos;
- NTSTATUS result;
+ struct lsa_ObjectAttribute attr;
+ struct lsa_QosInfo qos;
char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
if (sec_qos) {
- init_lsa_sec_qos(&qos, 2, 1, 0);
- init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos);
+ init_lsa_sec_qos(&qos, 0xc, 2, 1, 0);
+ init_lsa_obj_attr(&attr,
+ 0x18,
+ NULL,
+ NULL,
+ 0,
+ NULL,
+ &qos);
} else {
- init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL);
- }
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2,
- q, r,
- qbuf, rbuf,
- lsa_io_q_open_pol2,
- lsa_io_r_open_pol2,
- NT_STATUS_UNSUCCESSFUL );
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *pol = r.pol;
- }
-
- return result;
+ init_lsa_obj_attr(&attr,
+ 0x18,
+ NULL,
+ NULL,
+ 0,
+ NULL,
+ NULL);
+ }
+
+ return rpccli_lsa_OpenPolicy2(cli, mem_ctx,
+ srv_name_slash,
+ &attr,
+ des_access,
+ pol);
}
/* Lookup a list of sids
@@ -141,13 +129,16 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
char **names,
enum lsa_SidType *types)
{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_SIDS q;
- LSA_R_LOOKUP_SIDS r;
- DOM_R_REF ref;
NTSTATUS result = NT_STATUS_OK;
TALLOC_CTX *tmp_ctx = NULL;
int i;
+ struct lsa_SidArray sid_array;
+ struct lsa_RefDomainList *ref_domains = NULL;
+ struct lsa_TransNameArray lsa_names;
+ uint32_t count = 0;
+ uint16_t level = 1;
+
+ ZERO_STRUCT(lsa_names);
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
@@ -156,38 +147,42 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
goto done;
}
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_lookup_sids(tmp_ctx, &q, pol, num_sids, sids, 1);
-
- ZERO_STRUCT(ref);
+ sid_array.num_sids = num_sids;
+ sid_array.sids = TALLOC_ARRAY(mem_ctx, struct lsa_SidPtr, num_sids);
+ if (!sid_array.sids) {
+ return NT_STATUS_NO_MEMORY;
+ }
- r.dom_ref = &ref;
+ for (i = 0; i<num_sids; i++) {
+ sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
+ if (!sid_array.sids[i].sid) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ }
- CLI_DO_RPC( cli, tmp_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_sids,
- lsa_io_r_lookup_sids,
- NT_STATUS_UNSUCCESSFUL );
+ result = rpccli_lsa_LookupSids(cli, mem_ctx,
+ pol,
+ &sid_array,
+ &ref_domains,
+ &lsa_names,
+ level,
+ &count);
DEBUG(10, ("LSA_LOOKUPSIDS returned '%s', mapped count = %d'\n",
- nt_errstr(r.status), r.mapped_count));
+ nt_errstr(result), count));
- if (!NT_STATUS_IS_OK(r.status) &&
- !NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) &&
- !NT_STATUS_EQUAL(r.status, STATUS_SOME_UNMAPPED))
+ if (!NT_STATUS_IS_OK(result) &&
+ !NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) &&
+ !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
{
/* An actual error occured */
- result = r.status;
goto done;
}
/* Return output parameters */
- if (NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) ||
- (r.mapped_count == 0))
+ if (NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) ||
+ (count == 0))
{
for (i = 0; i < num_sids; i++) {
(names)[i] = NULL;
@@ -199,21 +194,19 @@ static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
}
for (i = 0; i < num_sids; i++) {
- fstring name, dom_name;
- uint32 dom_idx = r.names.name[i].domain_idx;
+ const char *name, *dom_name;
+ uint32_t dom_idx = lsa_names.names[i].sid_index;
/* Translate optimised name through domain index array */
if (dom_idx != 0xffffffff) {
- rpcstr_pull_unistr2_fstring(
- dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
- rpcstr_pull_unistr2_fstring(
- name, &r.names.uni_name[i]);
+ dom_name = ref_domains->domains[dom_idx].name.string;
+ name = lsa_names.names[i].name.string;
(names)[i] = talloc_strdup(mem_ctx, name);
(domains)[i] = talloc_strdup(mem_ctx, dom_name);
- (types)[i] = r.names.name[i].sid_name_use;
+ (types)[i] = lsa_names.names[i].sid_type;
if (((names)[i] == NULL) || ((domains)[i] == NULL)) {
DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
@@ -361,29 +354,32 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
DOM_SID **sids,
enum lsa_SidType **types)
{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_NAMES q;
- LSA_R_LOOKUP_NAMES r;
- DOM_R_REF ref;
NTSTATUS result;
int i;
+ struct lsa_String *lsa_names = NULL;
+ struct lsa_RefDomainList *domains = NULL;
+ struct lsa_TransSidArray sid_array;
+ uint32_t count = 0;
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- ZERO_STRUCT(ref);
- r.dom_ref = &ref;
+ ZERO_STRUCT(sid_array);
- init_q_lookup_names(mem_ctx, &q, pol, num_names, names, level);
+ lsa_names = TALLOC_ARRAY(mem_ctx, struct lsa_String, num_names);
+ if (!lsa_names) {
+ return NT_STATUS_NO_MEMORY;
+ }
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_names,
- lsa_io_r_lookup_names,
- NT_STATUS_UNSUCCESSFUL);
+ for (i=0; i<num_names; i++) {
+ init_lsa_String(&lsa_names[i], names[i]);
+ }
- result = r.status;
+ result = rpccli_lsa_LookupNames(cli, mem_ctx,
+ pol,
+ num_names,
+ lsa_names,
+ &domains,
+ &sid_array,
+ level,
+ &count);
if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
@@ -395,7 +391,7 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
/* Return output parameters */
- if (r.mapped_count == 0) {
+ if (count == 0) {
result = NT_STATUS_NONE_MAPPED;
goto done;
}
@@ -430,9 +426,8 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
}
for (i = 0; i < num_names; i++) {
- DOM_RID *t_rids = r.dom_rid;
- uint32 dom_idx = t_rids[i].rid_idx;
- uint32 dom_rid = t_rids[i].rid;
+ uint32_t dom_idx = sid_array.sids[i].sid_index;
+ uint32_t dom_rid = sid_array.sids[i].rid;
DOM_SID *sid = &(*sids)[i];
/* Translate optimised sid through domain index array */
@@ -444,896 +439,26 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
continue;
}
- sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
+ sid_copy(sid, domains->domains[dom_idx].sid);
if (dom_rid != 0xffffffff) {
sid_append_rid(sid, dom_rid);
}
- (*types)[i] = t_rids[i].type;
+ (*types)[i] = sid_array.sids[i].sid_type;
if (dom_names == NULL) {
continue;
}
- (*dom_names)[i] = rpcstr_pull_unistr2_talloc(
- *dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
- }
-
- done:
-
- return result;
-}
-
-NTSTATUS rpccli_lsa_query_info_policy_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- LSA_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO q;
- LSA_R_QUERY_INFO r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query(&q, pol, info_class);
-
- CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query,
- lsa_io_r_query,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- done:
-
- *ctr = r.ctr;
-
- return result;
-}
-
-NTSTATUS rpccli_lsa_query_info_policy2_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- LSA_INFO_CTR2 *ctr)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO2 q;
- LSA_R_QUERY_INFO2 r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query2(&q, pol, info_class);
-
- CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query_info2,
- lsa_io_r_query_info2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- done:
-
- *ctr = r.ctr;
-
- return result;
-}
-
-
-
-/** Query info policy
- *
- * @param domain_sid - returned remote server's domain sid */
-
-NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- const char **domain_name,
- DOM_SID **domain_sid)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO q;
- LSA_R_QUERY_INFO r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query(&q, pol, info_class);
-
- CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query,
- lsa_io_r_query,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- switch (info_class) {
-
- case 3:
- if (domain_name && (r.ctr.info.id3.buffer_dom_name != 0)) {
- *domain_name = unistr2_to_ascii_talloc(mem_ctx,
- &r.ctr.info.id3.
- uni_domain_name);
- if (!*domain_name) {
- return NT_STATUS_NO_MEMORY;
- }
- }
-
- if (domain_sid && (r.ctr.info.id3.buffer_dom_sid != 0)) {
- *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
- if (!*domain_sid) {
- return NT_STATUS_NO_MEMORY;
- }
- sid_copy(*domain_sid, &r.ctr.info.id3.dom_sid.sid);
- }
-
- break;
-
- case 5:
-
- if (domain_name && (r.ctr.info.id5.buffer_dom_name != 0)) {
- *domain_name = unistr2_to_ascii_talloc(mem_ctx,
- &r.ctr.info.id5.
- uni_domain_name);
- if (!*domain_name) {
- return NT_STATUS_NO_MEMORY;
- }
- }
-
- if (domain_sid && (r.ctr.info.id5.buffer_dom_sid != 0)) {
- *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
- if (!*domain_sid) {
- return NT_STATUS_NO_MEMORY;
- }
- sid_copy(*domain_sid, &r.ctr.info.id5.dom_sid.sid);
- }
- break;
-
- default:
- DEBUG(3, ("unknown info class %d\n", info_class));
- break;
- }
-
- done:
-
- return result;
-}
-
-/** Query info policy2
- *
- * @param domain_name - returned remote server's domain name
- * @param dns_name - returned remote server's dns domain name
- * @param forest_name - returned remote server's forest name
- * @param domain_guid - returned remote server's domain guid
- * @param domain_sid - returned remote server's domain sid */
-
-NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- const char **domain_name,
- const char **dns_name,
- const char **forest_name,
- struct GUID **domain_guid,
- DOM_SID **domain_sid)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO2 q;
- LSA_R_QUERY_INFO2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- if (info_class != 12)
- goto done;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query2(&q, pol, info_class);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query_info2,
- lsa_io_r_query_info2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- ZERO_STRUCTP(domain_guid);
-
- if (domain_name && r.ctr.info.id12.hdr_nb_dom_name.buffer) {
- *domain_name = unistr2_to_ascii_talloc(mem_ctx,
- &r.ctr.info.id12
- .uni_nb_dom_name);
- if (!*domain_name) {
- return NT_STATUS_NO_MEMORY;
- }
- }
- if (dns_name && r.ctr.info.id12.hdr_dns_dom_name.buffer) {
- *dns_name = unistr2_to_ascii_talloc(mem_ctx,
- &r.ctr.info.id12
- .uni_dns_dom_name);
- if (!*dns_name) {
- return NT_STATUS_NO_MEMORY;
- }
- }
- if (forest_name && r.ctr.info.id12.hdr_forest_name.buffer) {
- *forest_name = unistr2_to_ascii_talloc(mem_ctx,
- &r.ctr.info.id12
- .uni_forest_name);
- if (!*forest_name) {
- return NT_STATUS_NO_MEMORY;
- }
- }
-
- if (domain_guid) {
- *domain_guid = TALLOC_P(mem_ctx, struct GUID);
- if (!*domain_guid) {
- return NT_STATUS_NO_MEMORY;
- }
- memcpy(*domain_guid,
- &r.ctr.info.id12.dom_guid,
- sizeof(struct GUID));
- }
-
- if (domain_sid && r.ctr.info.id12.ptr_dom_sid != 0) {
- *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
- if (!*domain_sid) {
- return NT_STATUS_NO_MEMORY;
- }
- sid_copy(*domain_sid,
- &r.ctr.info.id12.dom_sid.sid);
- }
-
- done:
-
- return result;
-}
-
-/**
- * Enumerate list of trusted domains
- *
- * @param cli client state (cli_state) structure of the connection
- * @param mem_ctx memory context
- * @param pol opened lsa policy handle
- * @param enum_ctx enumeration context ie. index of first returned domain entry
- * @param pref_num_domains preferred max number of entries returned in one response
- * @param num_domains total number of trusted domains returned by response
- * @param domain_names returned trusted domain names
- * @param domain_sids returned trusted domain sids
- *
- * @return nt status code of response
- **/
-
-NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *enum_ctx,
- uint32 *num_domains,
- char ***domain_names, DOM_SID **domain_sids)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_TRUST_DOM in;
- LSA_R_ENUM_TRUST_DOM out;
- int i;
- fstring tmp;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- /* 64k is enough for about 2000 trusted domains */
-
- init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM,
- in, out,
- qbuf, rbuf,
- lsa_io_q_enum_trust_dom,
- lsa_io_r_enum_trust_dom,
- NT_STATUS_UNSUCCESSFUL );
-
-
- /* check for an actual error */
-
- if ( !NT_STATUS_IS_OK(out.status)
- && !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES)
- && !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) )
- {
- return out.status;
- }
-
- /* Return output parameters */
-
- *num_domains = out.count;
- *enum_ctx = out.enum_context;
-
- if ( out.count ) {
-
- /* Allocate memory for trusted domain names and sids */
-
- if ( !(*domain_names = TALLOC_ARRAY(mem_ctx, char *, out.count)) ) {
- DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) {
- DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* Copy across names and sids */
-
- for (i = 0; i < out.count; i++) {
-
- rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer,
- sizeof(tmp), out.domlist->domains[i].name.length, 0);
- (*domain_names)[i] = talloc_strdup(mem_ctx, tmp);
-
- sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid );
- }
- }
-
- return out.status;
-}
-
-/** Enumerate privileges*/
-
-NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length,
- uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_PRIVS q;
- LSA_R_ENUM_PRIVS r;
- NTSTATUS result;
- int i;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_privs,
- lsa_io_r_enum_privs,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- *enum_context = r.enum_context;
- *count = r.count;
-
- if (r.count) {
- if (!((*privs_name = TALLOC_ARRAY(mem_ctx, char *, r.count)))) {
- DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- if (!((*privs_high = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
- DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- if (!((*privs_low = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
- DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
- } else {
- *privs_name = NULL;
- *privs_high = NULL;
- *privs_low = NULL;
- }
-
- for (i = 0; i < r.count; i++) {
- fstring name;
-
- rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
-
- (*privs_name)[i] = talloc_strdup(mem_ctx, name);
-
- (*privs_high)[i] = r.privs[i].luid_high;
- (*privs_low)[i] = r.privs[i].luid_low;
- }
-
- done:
-
- return result;
-}
-
-/** Get privilege name */
-
-NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, const char *name,
- uint16 lang_id, uint16 lang_id_sys,
- fstring description, uint16 *lang_id_desc)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_PRIV_GET_DISPNAME q;
- LSA_R_PRIV_GET_DISPNAME r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME,
- q, r,
- qbuf, rbuf,
- lsa_io_q_priv_get_dispname,
- lsa_io_r_priv_get_dispname,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- rpcstr_pull_unistr2_fstring(description , &r.desc);
- *lang_id_desc = r.lang_id;
-
- done:
-
- return result;
-}
-
-/** Enumerate list of SIDs */
-
-NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length,
- uint32 *num_sids, DOM_SID **sids)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_ACCOUNTS q;
- LSA_R_ENUM_ACCOUNTS r;
- NTSTATUS result;
- int i;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_accounts,
- lsa_io_r_enum_accounts,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- if (r.sids.num_entries==0)
- goto done;
-
- /* Return output parameters */
-
- *sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
- if (!*sids) {
- DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- /* Copy across names and sids */
-
- for (i = 0; i < r.sids.num_entries; i++) {
- sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
- }
-
- *num_sids= r.sids.num_entries;
- *enum_ctx = r.enum_context;
-
- done:
-
- return result;
-}
-
-/** Create a LSA user handle
- *
- * @param cli Handle on an initialised SMB connection
- *
- * FIXME: The code is actually identical to open account
- * TODO: Check and code what the function should exactly do
- *
- * */
-
-NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *dom_pol, DOM_SID *sid, uint32 desired_access,
- POLICY_HND *user_pol)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_CREATEACCOUNT q;
- LSA_R_CREATEACCOUNT r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- init_lsa_q_create_account(&q, dom_pol, sid, desired_access);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT,
- q, r,
- qbuf, rbuf,
- lsa_io_q_create_account,
- lsa_io_r_create_account,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *user_pol = r.pol;
- }
-
- return result;
-}
-
-/** Open a LSA user handle
- *
- * @param cli Handle on an initialised SMB connection */
-
-NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *dom_pol, DOM_SID *sid, uint32 des_access,
- POLICY_HND *user_pol)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_OPENACCOUNT q;
- LSA_R_OPENACCOUNT r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- init_lsa_q_open_account(&q, dom_pol, sid, des_access);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT,
- q, r,
- qbuf, rbuf,
- lsa_io_q_open_account,
- lsa_io_r_open_account,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *user_pol = r.pol;
- }
-
- return result;
-}
-
-/** Enumerate user privileges
- *
- * @param cli Handle on an initialised SMB connection */
-
-NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *count, LUID_ATTR **set)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUMPRIVSACCOUNT q;
- LSA_R_ENUMPRIVSACCOUNT r;
- NTSTATUS result;
- int i;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- init_lsa_q_enum_privsaccount(&q, pol);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_privsaccount,
- lsa_io_r_enum_privsaccount,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- if (r.count == 0)
- goto done;
-
- if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
- DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- for (i=0; i<r.count; i++) {
- (*set)[i].luid.low = r.set.set[i].luid.low;
- (*set)[i].luid.high = r.set.set[i].luid.high;
- (*set)[i].attr = r.set.set[i].attr;
+ (*dom_names)[i] = domains->domains[dom_idx].name.string;
}
- *count=r.count;
done:
return result;
}
-/** Get a privilege value given its name */
-
-NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, const char *name, LUID *luid)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_LOOKUP_PRIV_VALUE q;
- LSA_R_LOOKUP_PRIV_VALUE r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_lsa_q_lookup_priv_value(&q, pol, name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE,
- q, r,
- qbuf, rbuf,
- lsa_io_q_lookup_priv_value,
- lsa_io_r_lookup_priv_value,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- (*luid).low=r.luid.low;
- (*luid).high=r.luid.high;
-
- done:
-
- return result;
-}
-
-/** Query LSA security object */
-
-NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 sec_info,
- SEC_DESC_BUF **psdb)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_SEC_OBJ q;
- LSA_R_QUERY_SEC_OBJ r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_q_query_sec_obj(&q, pol, sec_info);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query_sec_obj,
- lsa_io_r_query_sec_obj,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Return output parameters */
-
- if (psdb)
- *psdb = r.buf;
-
- done:
-
- return result;
-}
-
-
-/* Enumerate account rights This is similar to enum_privileges but
- takes a SID directly, avoiding the open_account call.
-*/
-
-NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID *sid,
- uint32 *count, char ***priv_names)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ENUM_ACCT_RIGHTS q;
- LSA_R_ENUM_ACCT_RIGHTS r;
- NTSTATUS result;
- int i;
- fstring *privileges;
- char **names;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_enum_acct_rights(&q, pol, 2, sid);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_enum_acct_rights,
- lsa_io_r_enum_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- *count = r.count;
- if (! *count) {
- goto done;
- }
-
-
- privileges = TALLOC_ARRAY( mem_ctx, fstring, *count );
- names = TALLOC_ARRAY( mem_ctx, char *, *count );
-
- if ((privileges == NULL) || (names == NULL)) {
- TALLOC_FREE(privileges);
- TALLOC_FREE(names);
- return NT_STATUS_NO_MEMORY;
- }
-
- for ( i=0; i<*count; i++ ) {
- UNISTR4 *uni_string = &r.rights->strings[i];
-
- if ( !uni_string->string )
- continue;
-
- rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
-
- /* now copy to the return array */
- names[i] = talloc_strdup( mem_ctx, privileges[i] );
- }
-
- *priv_names = names;
-
-done:
-
- return result;
-}
-
-
-
-/* add account rights to an account. */
-
-NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID sid,
- uint32 count, const char **privs_name)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_ADD_ACCT_RIGHTS q;
- LSA_R_ADD_ACCT_RIGHTS r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_add_acct_rights,
- lsa_io_r_add_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-done:
-
- return result;
-}
-
-
-/* remove account rights for an account. */
-
-NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, DOM_SID sid, bool removeall,
- uint32 count, const char **privs_name)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_REMOVE_ACCT_RIGHTS q;
- LSA_R_REMOVE_ACCT_RIGHTS r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
- init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
-
- CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
- q, r,
- qbuf, rbuf,
- lsa_io_q_remove_acct_rights,
- lsa_io_r_remove_acct_rights,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-done:
-
- return result;
-}
-
-
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index e192e4ca26..2af514320e 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -1,20 +1,21 @@
-/*
+/*
Unix SMB/CIFS implementation.
NT Domain Authentication SMB / MSRPC client
Copyright (C) Andrew Tridgell 1992-2000
Copyright (C) Jeremy Allison 1998.
Largely re-written by Jeremy Allison (C) 2005.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -27,57 +28,19 @@
private data. Only call this via rpccli_netlogon_setup_creds(). JRA.
*/
-static NTSTATUS rpccli_net_req_chal(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *clnt_name,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_REQ_CHAL q;
- NET_R_REQ_CHAL r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_REQCHAL */
-
- DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s\n",
- clnt_name, server_name));
-
- /* store the parameters */
- init_q_req_chal(&q, server_name, clnt_name, clnt_chal_in);
-
- /* Marshall data and send request */
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_REQCHAL,
- q, r,
- qbuf, rbuf,
- net_io_q_req_chal,
- net_io_r_req_chal,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- /* Return result */
-
- if (NT_STATUS_IS_OK(result)) {
- /* Store the returned server challenge. */
- *srv_chal_out = r.srv_chal;
- }
-
- return result;
-}
+/* instead of rpccli_net_req_chal() we use rpccli_netr_ServerReqChallenge() now - gd */
#if 0
/****************************************************************************
LSA Authenticate 2
Send the client credential, receive back a server credential.
-Ensure that the server credential returned matches the session key
+Ensure that the server credential returned matches the session key
encrypt of the server challenge originally received. JRA.
****************************************************************************/
- NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
- uint16 sec_chan,
+ NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
+ uint16 sec_chan,
uint32 *neg_flags, DOM_CHAL *srv_chal)
{
prs_struct qbuf, rbuf;
@@ -90,7 +53,7 @@ encrypt of the server challenge originally received. JRA.
fstr_sprintf( machine_acct, "%s$", lp_workgroup() );
else
fstrcpy( machine_acct, cli->mach_acct );
-
+
/* create and send a MSRPC command with api NET_AUTH2 */
DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n",
@@ -99,8 +62,8 @@ encrypt of the server challenge originally received. JRA.
/* store the parameters */
- init_q_auth_2(&q, cli->srv_name_slash, machine_acct,
- sec_chan, global_myname(), &cli->clnt_cred.challenge,
+ init_q_auth_2(&q, cli->srv_name_slash, machine_acct,
+ sec_chan, global_myname(), &cli->clnt_cred.challenge,
*neg_flags);
/* turn parameters into data stream */
@@ -116,7 +79,7 @@ encrypt of the server challenge originally received. JRA.
if (NT_STATUS_IS_OK(result)) {
UTIME zerotime;
-
+
/*
* Check the returned value using the initial
* server received challenge.
@@ -143,106 +106,12 @@ password ?).\n", cli->cli->desthost ));
LSA Authenticate 2
Send the client credential, receive back a server credential.
- The caller *must* ensure that the server credential returned matches the session key
- encrypt of the server challenge originally received. JRA.
-****************************************************************************/
-
-static NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *account_name,
- uint16 sec_chan_type,
- const char *computer_name,
- uint32 *neg_flags_inout,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_AUTH_2 q;
- NET_R_AUTH_2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_AUTH2 */
-
- DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s neg: %x\n",
- server_name, account_name, sec_chan_type, computer_name,
- *neg_flags_inout));
-
- /* store the parameters */
-
- init_q_auth_2(&q, server_name, account_name, sec_chan_type,
- computer_name, clnt_chal_in, *neg_flags_inout);
-
- /* turn parameters into data stream */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH2,
- q, r,
- qbuf, rbuf,
- net_io_q_auth_2,
- net_io_r_auth_2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- *srv_chal_out = r.srv_chal;
- *neg_flags_inout = r.srv_flgs.neg_flags;
- }
-
- return result;
-}
-
-#if 0 /* not currebntly used */
-/****************************************************************************
- LSA Authenticate 3
-
- Send the client credential, receive back a server credential.
- The caller *must* ensure that the server credential returned matches the session key
+ The caller *must* ensure that the server credential returned matches the session key
encrypt of the server challenge originally received. JRA.
****************************************************************************/
-static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *account_name,
- uint16 sec_chan_type,
- const char *computer_name,
- uint32 *neg_flags_inout,
- const DOM_CHAL *clnt_chal_in,
- DOM_CHAL *srv_chal_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_AUTH_3 q;
- NET_R_AUTH_3 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- /* create and send a MSRPC command with api NET_AUTH2 */
-
- DEBUG(4,("cli_net_auth3: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n",
- server_name, account_name, sec_chan_type, computer_name,
- credstr(clnt_chal_in->data), *neg_flags_inout));
-
- /* store the parameters */
- init_q_auth_3(&q, server_name, account_name, sec_chan_type,
- computer_name, clnt_chal_in, *neg_flags_inout);
-
- /* turn parameters into data stream */
+/* instead of rpccli_net_auth2() we use rpccli_netr_ServerAuthenticate2() now - gd */
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH3,
- q, r,
- qbuf, rbuf,
- net_io_q_auth_3,
- net_io_r_auth_3,
- NT_STATUS_UNSUCCESSFUL);
-
- if (NT_STATUS_IS_OK(result)) {
- *srv_chal_out = r.srv_chal;
- *neg_flags_inout = r.srv_flgs.neg_flags;
- }
-
- return result;
-}
-#endif /* not currebntly used */
/****************************************************************************
Wrapper function that uses the auth and auth2 calls to set up a NETLOGON
@@ -251,17 +120,17 @@ static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
****************************************************************************/
NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
- const char *server_name,
- const char *domain,
- const char *clnt_name,
- const char *machine_account,
- const unsigned char machine_pwd[16],
- uint32 sec_chan_type,
- uint32 *neg_flags_inout)
+ const char *server_name,
+ const char *domain,
+ const char *clnt_name,
+ const char *machine_account,
+ const unsigned char machine_pwd[16],
+ enum netr_SchannelType sec_chan_type,
+ uint32_t *neg_flags_inout)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CHAL clnt_chal_send;
- DOM_CHAL srv_chal_recv;
+ struct netr_Credential clnt_chal_send;
+ struct netr_Credential srv_chal_recv;
struct dcinfo *dc;
SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
@@ -288,13 +157,11 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
generate_random_buffer(clnt_chal_send.data, 8);
/* Get the server challenge. */
- result = rpccli_net_req_chal(cli,
- cli->mem_ctx,
- dc->remote_machine,
- clnt_name,
- &clnt_chal_send,
- &srv_chal_recv);
-
+ result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+ dc->remote_machine,
+ clnt_name,
+ &clnt_chal_send,
+ &srv_chal_recv);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -307,20 +174,18 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
machine_pwd,
&clnt_chal_send);
- /*
- * Send client auth-2 challenge and receive server repy.
- */
-
- result = rpccli_net_auth2(cli,
- cli->mem_ctx,
- dc->remote_machine,
- dc->mach_acct,
- sec_chan_type,
- clnt_name,
- neg_flags_inout,
- &clnt_chal_send, /* input. */
- &srv_chal_recv); /* output */
+ /*
+ * Send client auth-2 challenge and receive server repy.
+ */
+ result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+ dc->remote_machine,
+ dc->mach_acct,
+ sec_chan_type,
+ clnt_name,
+ &clnt_chal_send, /* input. */
+ &srv_chal_recv, /* output. */
+ neg_flags_inout);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@@ -330,7 +195,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
* server received challenge.
*/
- if (!creds_client_check(dc, &srv_chal_recv)) {
+ if (!netlogon_creds_client_check(dc, &srv_chal_recv)) {
/*
* Server replied with bad credential. Fail.
*/
@@ -347,502 +212,6 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
return NT_STATUS_OK;
}
-/* Logon Control 2 */
-
-NTSTATUS rpccli_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 query_level)
-{
- prs_struct qbuf, rbuf;
- NET_Q_LOGON_CTRL2 q;
- NET_R_LOGON_CTRL2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- fstring server;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
- init_net_q_logon_ctrl2(&q, server, query_level);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_LOGON_CTRL2,
- q, r,
- qbuf, rbuf,
- net_io_q_logon_ctrl2,
- net_io_r_logon_ctrl2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
- return result;
-}
-
-/* GetAnyDCName */
-
-WERROR rpccli_netlogon_getanydcname(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx, const char *mydcname,
- const char *domainname, char **newdcname)
-{
- prs_struct qbuf, rbuf;
- NET_Q_GETANYDCNAME q;
- NET_R_GETANYDCNAME r;
- WERROR result;
- fstring mydcname_slash;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(mydcname_slash, sizeof(fstring)-1, "\\\\%s", mydcname);
- init_net_q_getanydcname(&q, mydcname_slash, domainname);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_GETANYDCNAME,
- q, r,
- qbuf, rbuf,
- net_io_q_getanydcname,
- net_io_r_getanydcname,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
-
- if (W_ERROR_IS_OK(result) && newdcname) {
- *newdcname = rpcstr_pull_unistr2_talloc(mem_ctx, &r.uni_dcname);
- W_ERROR_HAVE_NO_MEMORY(*newdcname);
- }
-
- return result;
-}
-
-/* GetDCName */
-
-WERROR rpccli_netlogon_getdcname(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx, const char *mydcname,
- const char *domainname, char **newdcname)
-{
- prs_struct qbuf, rbuf;
- NET_Q_GETDCNAME q;
- NET_R_GETDCNAME r;
- WERROR result;
- fstring mydcname_slash;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- slprintf(mydcname_slash, sizeof(fstring)-1, "\\\\%s", mydcname);
- init_net_q_getdcname(&q, mydcname_slash, domainname);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_GETDCNAME,
- q, r,
- qbuf, rbuf,
- net_io_q_getdcname,
- net_io_r_getdcname,
- WERR_GENERAL_FAILURE);
-
- result = r.status;
-
- if (W_ERROR_IS_OK(result) && newdcname) {
- *newdcname = rpcstr_pull_unistr2_talloc(mem_ctx, &r.uni_dcname);
- W_ERROR_HAVE_NO_MEMORY(*newdcname);
- }
-
- return result;
-}
-
-static WERROR pull_domain_controller_info_from_getdcname_reply(TALLOC_CTX *mem_ctx,
- struct DS_DOMAIN_CONTROLLER_INFO **info_out,
- NET_R_DSR_GETDCNAME *r)
-{
- struct DS_DOMAIN_CONTROLLER_INFO *info;
-
- info = TALLOC_ZERO_P(mem_ctx, struct DS_DOMAIN_CONTROLLER_INFO);
- if (!info) {
- return WERR_NOMEM;
- }
-
- if (&r->uni_dc_unc) {
-
- char *tmp;
- tmp = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_dc_unc);
- if (tmp == NULL) {
- return WERR_GENERAL_FAILURE;
- }
- if (*tmp == '\\') tmp += 1;
- if (*tmp == '\\') tmp += 1;
-
- info->domain_controller_name = talloc_strdup(mem_ctx, tmp);
- if (info->domain_controller_name == NULL) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- if (&r->uni_dc_address) {
-
- char *tmp;
- tmp = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_dc_address);
- if (tmp == NULL) {
- return WERR_GENERAL_FAILURE;
- }
- if (*tmp == '\\') tmp += 1;
- if (*tmp == '\\') tmp += 1;
-
- info->domain_controller_address = talloc_strdup(mem_ctx, tmp);
- if (info->domain_controller_address == NULL) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- info->domain_controller_address_type = r->dc_address_type;
-
- info->domain_guid = (struct GUID *)talloc_memdup(
- mem_ctx, &r->domain_guid, sizeof(struct GUID));
- if (!info->domain_guid) {
- return WERR_GENERAL_FAILURE;
- }
-
- if (&r->uni_domain_name) {
- info->domain_name = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_domain_name);
- if (!info->domain_name) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- if (&r->uni_forest_name) {
- info->dns_forest_name = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_forest_name);
- if (!info->dns_forest_name) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- info->flags = r->dc_flags;
-
- if (&r->uni_dc_site_name) {
- info->dc_site_name = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_dc_site_name);
- if (!info->dc_site_name) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- if (&r->uni_client_site_name) {
- info->client_site_name = rpcstr_pull_unistr2_talloc(mem_ctx, &r->uni_client_site_name);
- if (!info->client_site_name) {
- return WERR_GENERAL_FAILURE;
- }
- }
-
- *info_out = info;
-
- return WERR_OK;
-}
-
-/* Dsr_GetDCName */
-
-WERROR rpccli_netlogon_dsr_getdcname(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *domain_name,
- struct GUID *domain_guid,
- struct GUID *site_guid,
- uint32_t flags,
- struct DS_DOMAIN_CONTROLLER_INFO **info_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_DSR_GETDCNAME q;
- NET_R_DSR_GETDCNAME r;
- char *tmp_str;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialize input parameters */
-
- tmp_str = talloc_asprintf(mem_ctx, "\\\\%s", server_name);
- if (tmp_str == NULL) {
- return WERR_NOMEM;
- }
-
- init_net_q_dsr_getdcname(&q, tmp_str, domain_name, domain_guid,
- site_guid, flags);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_DSR_GETDCNAME,
- q, r,
- qbuf, rbuf,
- net_io_q_dsr_getdcname,
- net_io_r_dsr_getdcname,
- WERR_GENERAL_FAILURE);
-
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- r.result = pull_domain_controller_info_from_getdcname_reply(mem_ctx, info_out, &r);
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- return WERR_OK;
-}
-
-/* Dsr_GetDCNameEx */
-
-WERROR rpccli_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *domain_name,
- struct GUID *domain_guid,
- const char *site_name,
- uint32_t flags,
- struct DS_DOMAIN_CONTROLLER_INFO **info_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_DSR_GETDCNAMEEX q;
- NET_R_DSR_GETDCNAME r;
- char *tmp_str;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialize input parameters */
-
- tmp_str = talloc_asprintf(mem_ctx, "\\\\%s", server_name);
- if (tmp_str == NULL) {
- return WERR_NOMEM;
- }
-
- init_net_q_dsr_getdcnameex(&q, server_name, domain_name, domain_guid,
- site_name, flags);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_DSR_GETDCNAMEEX,
- q, r,
- qbuf, rbuf,
- net_io_q_dsr_getdcnameex,
- net_io_r_dsr_getdcname,
- WERR_GENERAL_FAILURE);
-
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- r.result = pull_domain_controller_info_from_getdcname_reply(mem_ctx, info_out, &r);
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- return WERR_OK;
-}
-
-/* Dsr_GetDCNameEx */
-
-WERROR rpccli_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *server_name,
- const char *client_account,
- uint32 mask,
- const char *domain_name,
- struct GUID *domain_guid,
- const char *site_name,
- uint32_t flags,
- struct DS_DOMAIN_CONTROLLER_INFO **info_out)
-{
- prs_struct qbuf, rbuf;
- NET_Q_DSR_GETDCNAMEEX2 q;
- NET_R_DSR_GETDCNAME r;
- char *tmp_str;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialize input parameters */
-
- tmp_str = talloc_asprintf(mem_ctx, "\\\\%s", server_name);
- if (tmp_str == NULL) {
- return WERR_NOMEM;
- }
-
- init_net_q_dsr_getdcnameex2(&q, server_name, domain_name, client_account,
- mask, domain_guid, site_name, flags);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_DSR_GETDCNAMEEX2,
- q, r,
- qbuf, rbuf,
- net_io_q_dsr_getdcnameex2,
- net_io_r_dsr_getdcname,
- WERR_GENERAL_FAILURE);
-
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- r.result = pull_domain_controller_info_from_getdcname_reply(mem_ctx, info_out, &r);
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- return WERR_OK;
-}
-
-
-/* Dsr_GetSiteName */
-
-WERROR rpccli_netlogon_dsr_getsitename(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *computer_name,
- char **site_name)
-{
- prs_struct qbuf, rbuf;
- NET_Q_DSR_GETSITENAME q;
- NET_R_DSR_GETSITENAME r;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialize input parameters */
-
- init_net_q_dsr_getsitename(&q, computer_name);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_WERR(cli, mem_ctx, PI_NETLOGON, NET_DSR_GETSITENAME,
- q, r,
- qbuf, rbuf,
- net_io_q_dsr_getsitename,
- net_io_r_dsr_getsitename,
- WERR_GENERAL_FAILURE);
-
- if (!W_ERROR_IS_OK(r.result)) {
- return r.result;
- }
-
- if ((site_name != NULL) &&
- ((*site_name = rpcstr_pull_unistr2_talloc(
- mem_ctx, &r.uni_site_name)) == NULL)) {
- return WERR_GENERAL_FAILURE;
- }
-
- return WERR_OK;
-}
-
-
-
-/* Sam synchronisation */
-
-NTSTATUS rpccli_netlogon_sam_sync(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 database_id, uint32 next_rid, uint32 *num_deltas,
- SAM_DELTA_HDR **hdr_deltas,
- SAM_DELTA_CTR **deltas)
-{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_SYNC q;
- NET_R_SAM_SYNC r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- ZERO_STRUCT(ret_creds);
-
- /* Initialise input parameters */
-
- creds_client_step(cli->dc, &clnt_creds);
-
- init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(),
- &clnt_creds, &ret_creds, database_id, next_rid);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC_COPY_SESS_KEY(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_sync,
- net_io_r_sam_sync,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return results */
-
- result = r.status;
- *num_deltas = r.num_deltas2;
- *hdr_deltas = r.hdr_deltas;
- *deltas = r.deltas;
-
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
- DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
- return result;
-}
-
-/* Sam synchronisation */
-
-NTSTATUS rpccli_netlogon_sam_deltas(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 database_id, uint64 seqnum,
- uint32 *num_deltas,
- SAM_DELTA_HDR **hdr_deltas,
- SAM_DELTA_CTR **deltas)
-{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_DELTAS q;
- NET_R_SAM_DELTAS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Initialise input parameters */
-
- creds_client_step(cli->dc, &clnt_creds);
-
- init_net_q_sam_deltas(&q, cli->dc->remote_machine,
- global_myname(), &clnt_creds,
- database_id, seqnum);
-
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_DELTAS,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_deltas,
- net_io_r_sam_deltas,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return results */
-
- result = r.status;
- *num_deltas = r.num_deltas2;
- *hdr_deltas = r.hdr_deltas;
- *deltas = r.deltas;
-
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
- DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- }
-
- return result;
-}
-
/* Logon domain user */
NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
@@ -854,20 +223,23 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
const char *workstation,
int logon_type)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON q;
- NET_R_SAM_LOGON r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
- NET_ID_INFO_CTR ctr;
- NET_USER_INFO_3 user;
- int validation_level = 3;
+ struct netr_Authenticator clnt_creds;
+ struct netr_Authenticator ret_creds;
+ union netr_LogonLevel *logon;
+ union netr_Validation validation;
+ uint8_t authoritative;
+ int validation_level = 3;
fstring clnt_name_slash;
+ uint8 zeros[16];
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
ZERO_STRUCT(ret_creds);
+ ZERO_STRUCT(zeros);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (workstation) {
fstr_sprintf( clnt_name_slash, "\\\\%s", workstation );
@@ -875,85 +247,143 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
fstr_sprintf( clnt_name_slash, "\\\\%s", global_myname() );
}
- /* Initialise input parameters */
+ /* Initialise input parameters */
- creds_client_step(cli->dc, &clnt_creds);
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
- q.validation_level = validation_level;
+ switch (logon_type) {
+ case INTERACTIVE_LOGON_TYPE: {
- ctr.switch_value = logon_type;
+ struct netr_PasswordInfo *password_info;
- switch (logon_type) {
- case INTERACTIVE_LOGON_TYPE: {
- unsigned char lm_owf_user_pwd[16], nt_owf_user_pwd[16];
+ struct samr_Password lmpassword;
+ struct samr_Password ntpassword;
- nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd);
+ unsigned char lm_owf_user_pwd[16], nt_owf_user_pwd[16];
- init_id_info1(&ctr.auth.id1, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, clnt_name_slash,
- (const char *)cli->dc->sess_key, lm_owf_user_pwd,
- nt_owf_user_pwd);
+ unsigned char lm_owf[16];
+ unsigned char nt_owf[16];
+ unsigned char key[16];
- break;
- }
- case NET_LOGON_TYPE: {
- uint8 chal[8];
- unsigned char local_lm_response[24];
- unsigned char local_nt_response[24];
-
- generate_random_buffer(chal, 8);
-
- SMBencrypt(password, chal, local_lm_response);
- SMBNTencrypt(password, chal, local_nt_response);
-
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, clnt_name_slash, chal,
- local_lm_response, 24, local_nt_response, 24);
- break;
- }
- default:
- DEBUG(0, ("switch value %d not supported\n",
- ctr.switch_value));
- return NT_STATUS_INVALID_INFO_CLASS;
- }
+ password_info = TALLOC_ZERO_P(mem_ctx, struct netr_PasswordInfo);
+ if (!password_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
- r.user = &user;
+ nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd);
- init_sam_info(&q.sam_id, cli->dc->remote_machine, global_myname(),
- &clnt_creds, &ret_creds, logon_type,
- &ctr);
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("lm cypher:"));
+ dump_data(100, lm_owf_user_pwd, 16);
- /* Marshall data and send request */
+ DEBUG(100,("nt cypher:"));
+ dump_data(100, nt_owf_user_pwd, 16);
+#endif
+ memset(key, 0, 16);
+ memcpy(key, cli->dc->sess_key, 8);
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_logon,
- net_io_r_sam_logon,
- NT_STATUS_UNSUCCESSFUL);
+ memcpy(lm_owf, lm_owf_user_pwd, 16);
+ SamOEMhash(lm_owf, key, 16);
+ memcpy(nt_owf, nt_owf_user_pwd, 16);
+ SamOEMhash(nt_owf, key, 16);
- /* Return results */
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("encrypt of lm owf password:"));
+ dump_data(100, lm_owf, 16);
- result = r.status;
+ DEBUG(100,("encrypt of nt owf password:"));
+ dump_data(100, nt_owf, 16);
+#endif
+ memcpy(lmpassword.hash, lm_owf, 16);
+ memcpy(ntpassword.hash, nt_owf, 16);
+
+ init_netr_PasswordInfo(password_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ clnt_name_slash,
+ lmpassword,
+ ntpassword);
+
+ logon->password = password_info;
+
+ break;
+ }
+ case NET_LOGON_TYPE: {
+ struct netr_NetworkInfo *network_info;
+ uint8 chal[8];
+ unsigned char local_lm_response[24];
+ unsigned char local_nt_response[24];
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
- if (r.buffer_creds) {
+ generate_random_buffer(chal, 8);
+
+ SMBencrypt(password, chal, local_lm_response);
+ SMBNTencrypt(password, chal, local_nt_response);
+
+ lm.length = 24;
+ lm.data = local_lm_response;
+
+ nt.length = 24;
+ nt.data = local_nt_response;
+
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ clnt_name_slash,
+ chal,
+ nt,
+ lm);
+
+ logon->network = network_info;
+
+ break;
+ }
+ default:
+ DEBUG(0, ("switch value %d not supported\n",
+ logon_type));
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ result = rpccli_netr_LogonSamLogon(cli, mem_ctx,
+ cli->dc->remote_machine,
+ global_myname(),
+ &clnt_creds,
+ &ret_creds,
+ logon_type,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative);
+
+ if (memcmp(zeros, &ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) {
/* Check returned credentials if present. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
+ if (!netlogon_creds_client_check(cli->dc, &ret_creds.cred)) {
DEBUG(0,("rpccli_netlogon_sam_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
}
- return result;
+ return result;
}
-/**
- * Logon domain user with an 'network' SAM logon
+/**
+ * Logon domain user with an 'network' SAM logon
*
* @param info3 Pointer to a NET_USER_INFO_3 already allocated by the caller.
**/
@@ -964,31 +394,47 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
const char *server,
const char *username,
const char *domain,
- const char *workstation,
- const uint8 chal[8],
+ const char *workstation,
+ const uint8 chal[8],
DATA_BLOB lm_response,
DATA_BLOB nt_response,
- NET_USER_INFO_3 *info3)
+ struct netr_SamInfo3 **info3)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON q;
- NET_R_SAM_LOGON r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- NET_ID_INFO_CTR ctr;
int validation_level = 3;
const char *workstation_name_slash;
const char *server_name_slash;
uint8 zeros[16];
- DOM_CRED clnt_creds;
- DOM_CRED ret_creds;
- int i;
+ struct netr_Authenticator clnt_creds;
+ struct netr_Authenticator ret_creds;
+ union netr_LogonLevel *logon = NULL;
+ struct netr_NetworkInfo *network_info;
+ uint8_t authoritative;
+ union netr_Validation validation;
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lmsesskey;
+
+ *info3 = NULL;
ZERO_STRUCT(zeros);
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
ZERO_STRUCT(ret_creds);
- creds_client_step(cli->dc, &clnt_creds);
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
if (server[0] != '\\' && server[1] != '\\') {
server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
@@ -1009,60 +455,62 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
/* Initialise input parameters */
- q.validation_level = validation_level;
-
- ctr.switch_value = NET_LOGON_TYPE;
+ lm.data = lm_response.data;
+ lm.length = lm_response.length;
+ nt.data = nt_response.data;
+ nt.length = nt_response.length;
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, workstation_name_slash, (const uchar*)chal,
- lm_response.data, lm_response.length, nt_response.data, nt_response.length);
-
- init_sam_info(&q.sam_id, server_name_slash, global_myname(),
- &clnt_creds, &ret_creds, NET_LOGON_TYPE,
- &ctr);
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ workstation_name_slash,
+ (uint8_t *) chal,
+ nt,
+ lm);
- r.user = info3;
+ logon->network = network_info;
- /* Marshall data and send request */
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON,
- q, r,
- qbuf, rbuf,
- net_io_q_sam_logon,
- net_io_r_sam_logon,
- NT_STATUS_UNSUCCESSFUL);
+ /* Marshall data and send request */
- if (memcmp(zeros, info3->user_sess_key, 16) != 0) {
- SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16);
- } else {
- memset(info3->user_sess_key, '\0', 16);
+ result = rpccli_netr_LogonSamLogon(cli, mem_ctx,
+ server_name_slash,
+ global_myname(),
+ &clnt_creds,
+ &ret_creds,
+ NET_LOGON_TYPE,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
- if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
- SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8);
- } else {
- memset(info3->lm_sess_key, '\0', 8);
- }
+ user_session_key = validation.sam3->base.key;
+ lmsesskey = validation.sam3->base.LMSessKey;
- for (i=0; i < 7; i++) {
- memset(&info3->unknown[i], '\0', 4);
+ if (memcmp(zeros, user_session_key.key, 16) != 0) {
+ SamOEMhash(user_session_key.key, cli->dc->sess_key, 16);
}
- /* Return results */
-
- result = r.status;
+ if (memcmp(zeros, lmsesskey.key, 8) != 0) {
+ SamOEMhash(lmsesskey.key, cli->dc->sess_key, 8);
+ }
- if (r.buffer_creds) {
+ if (memcmp(zeros, ret_creds.cred.data, sizeof(ret_creds.cred.data)) != 0) {
/* Check returned credentials if present. */
- if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
+ if (!netlogon_creds_client_check(cli->dc, &ret_creds.cred)) {
DEBUG(0,("rpccli_netlogon_sam_network_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
}
- return result;
+ *info3 = validation.sam3;
+
+ return result;
}
NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
@@ -1071,26 +519,43 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
const char *server,
const char *username,
const char *domain,
- const char *workstation,
- const uint8 chal[8],
+ const char *workstation,
+ const uint8 chal[8],
DATA_BLOB lm_response,
DATA_BLOB nt_response,
- NET_USER_INFO_3 *info3)
+ struct netr_SamInfo3 **info3)
{
- prs_struct qbuf, rbuf;
- NET_Q_SAM_LOGON_EX q;
- NET_R_SAM_LOGON_EX r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- NET_ID_INFO_CTR ctr;
int validation_level = 3;
const char *workstation_name_slash;
const char *server_name_slash;
uint8 zeros[16];
- int i;
+ union netr_LogonLevel *logon = NULL;
+ struct netr_NetworkInfo *network_info;
+ uint8_t authoritative;
+ union netr_Validation validation;
+ struct netr_ChallengeResponse lm;
+ struct netr_ChallengeResponse nt;
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lmsesskey;
+ uint32_t flags = 0;
+
+ *info3 = NULL;
ZERO_STRUCT(zeros);
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+
+ ZERO_STRUCT(lm);
+ ZERO_STRUCT(nt);
+
+ logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+ if (!logon) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ network_info = TALLOC_ZERO_P(mem_ctx, struct netr_NetworkInfo);
+ if (!network_info) {
+ return NT_STATUS_NO_MEMORY;
+ }
if (server[0] != '\\' && server[1] != '\\') {
server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server);
@@ -1111,97 +576,53 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
/* Initialise input parameters */
- q.validation_level = validation_level;
-
- ctr.switch_value = NET_LOGON_TYPE;
+ lm.data = lm_response.data;
+ lm.length = lm_response.length;
+ nt.data = nt_response.data;
+ nt.length = nt_response.length;
- init_id_info2(&ctr.auth.id2, domain,
- logon_parameters, /* param_ctrl */
- 0xdead, 0xbeef, /* LUID? */
- username, workstation_name_slash, (const uchar*)chal,
- lm_response.data, lm_response.length, nt_response.data,
- nt_response.length);
-
- init_sam_info_ex(&q.sam_id, server_name_slash, global_myname(),
- NET_LOGON_TYPE, &ctr);
+ init_netr_NetworkInfo(network_info,
+ domain,
+ logon_parameters,
+ 0xdead,
+ 0xbeef,
+ username,
+ workstation_name_slash,
+ (uint8_t *) chal,
+ nt,
+ lm);
- r.user = info3;
+ logon->network = network_info;
/* Marshall data and send request */
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON_EX,
- q, r, qbuf, rbuf,
- net_io_q_sam_logon_ex,
- net_io_r_sam_logon_ex,
- NT_STATUS_UNSUCCESSFUL);
-
- if (memcmp(zeros, info3->user_sess_key, 16) != 0) {
- SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16);
- } else {
- memset(info3->user_sess_key, '\0', 16);
+ result = rpccli_netr_LogonSamLogonEx(cli, mem_ctx,
+ server_name_slash,
+ global_myname(),
+ NET_LOGON_TYPE,
+ logon,
+ validation_level,
+ &validation,
+ &authoritative,
+ &flags);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
- if (memcmp(zeros, info3->lm_sess_key, 8) != 0) {
- SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8);
- } else {
- memset(info3->lm_sess_key, '\0', 8);
- }
+ user_session_key = validation.sam3->base.key;
+ lmsesskey = validation.sam3->base.LMSessKey;
- for (i=0; i < 7; i++) {
- memset(&info3->unknown[i], '\0', 4);
+ if (memcmp(zeros, user_session_key.key, 16) != 0) {
+ SamOEMhash(user_session_key.key, cli->dc->sess_key, 16);
}
- /* Return results */
-
- result = r.status;
-
- return result;
-}
-
-/***************************************************************************
-LSA Server Password Set.
-****************************************************************************/
-
-NTSTATUS rpccli_net_srv_pwset(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const char *machine_name, const uint8 hashed_mach_pwd[16])
-{
- prs_struct rbuf;
- prs_struct qbuf;
- DOM_CRED clnt_creds;
- NET_Q_SRV_PWSET q;
- NET_R_SRV_PWSET r;
- uint16 sec_chan_type = 2;
- NTSTATUS result;
-
- creds_client_step(cli->dc, &clnt_creds);
-
- DEBUG(4,("cli_net_srv_pwset: srv:%s acct:%s sc: %d mc: %s\n",
- cli->dc->remote_machine, cli->dc->mach_acct, sec_chan_type, machine_name));
-
- /* store the parameters */
- init_q_srv_pwset(&q, cli->dc->remote_machine, (const char *)cli->dc->sess_key,
- cli->dc->mach_acct, sec_chan_type, machine_name,
- &clnt_creds, hashed_mach_pwd);
-
- CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SRVPWSET,
- q, r,
- qbuf, rbuf,
- net_io_q_srv_pwset,
- net_io_r_srv_pwset,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- /* report error code */
- DEBUG(0,("cli_net_srv_pwset: %s\n", nt_errstr(result)));
+ if (memcmp(zeros, lmsesskey.key, 8) != 0) {
+ SamOEMhash(lmsesskey.key, cli->dc->sess_key, 8);
}
- /* Always check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) {
- DEBUG(0,("rpccli_net_srv_pwset: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
+ *info3 = validation.sam3;
return result;
+
+ return result;
}
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f4cb424527..c89c5531d7 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1807,6 +1807,7 @@ static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli,
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("rpc_finish_auth3_bind: NTLMSSP update using server blob failed.\n"));
+ data_blob_free(&server_response);
return nt_status;
}
@@ -2263,7 +2264,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_noauth(struct cli_state *cli, int pipe
*perr = rpc_pipe_bind(result, PIPE_AUTH_TYPE_NONE, PIPE_AUTH_LEVEL_NONE);
if (!NT_STATUS_IS_OK(*perr)) {
int lvl = 0;
- if (pipe_idx == PI_LSARPC_DS) {
+ if (pipe_idx == PI_DSSETUP) {
/* non AD domains just don't have this pipe, avoid
* level 0 statement in that case - gd */
lvl = 3;
@@ -2596,7 +2597,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state
const char *password,
NTSTATUS *perr)
{
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
struct rpc_pipe_client *netlogon_pipe = NULL;
struct rpc_pipe_client *result = NULL;
@@ -2630,7 +2631,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli,
const char *domain,
NTSTATUS *perr)
{
- uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
+ uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL;
struct rpc_pipe_client *netlogon_pipe = NULL;
struct rpc_pipe_client *result = NULL;
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index bf8313816c..62a5c72d81 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-1997,2000,
Copyright (C) Rafal Szczesniak 2002.
Copyright (C) Jeremy Allison 2005.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -22,1272 +23,71 @@
#include "includes.h"
-/* Connect to SAMR database */
-
-NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 access_mask, POLICY_HND *connect_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CONNECT q;
- SAMR_R_CONNECT r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_connect to %s\n", cli->cli->desthost));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_connect(&q, cli->cli->desthost, access_mask);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT,
- q, r,
- qbuf, rbuf,
- samr_io_q_connect,
- samr_io_r_connect,
- NT_STATUS_UNSUCCESSFUL);
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *connect_pol = r.connect_pol;
-#ifdef __INSURE__
- connect_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-/* Connect to SAMR database */
-
-NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint32 access_mask, POLICY_HND *connect_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CONNECT4 q;
- SAMR_R_CONNECT4 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_connect4(&q, cli->cli->desthost, access_mask);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT4,
- q, r,
- qbuf, rbuf,
- samr_io_q_connect4,
- samr_io_r_connect4,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *connect_pol = r.connect_pol;
-#ifdef __INSURE__
- connect_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-/* Close SAMR handle */
-
-NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *connect_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CLOSE_HND q;
- SAMR_R_CLOSE_HND r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_close\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_close_hnd(&q, connect_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CLOSE_HND,
- q, r,
- qbuf, rbuf,
- samr_io_q_close_hnd,
- samr_io_r_close_hnd,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
-#ifdef __INSURE__
- SAFE_FREE(connect_pol->marker);
-#endif
- *connect_pol = r.pol;
- }
-
- return result;
-}
-
-/* Open handle on a domain */
-
-NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *connect_pol, uint32 access_mask,
- const DOM_SID *domain_sid,
- POLICY_HND *domain_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_OPEN_DOMAIN q;
- SAMR_R_OPEN_DOMAIN r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_open_domain with sid %s\n",
- sid_string_dbg(domain_sid) ));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_DOMAIN,
- q, r,
- qbuf, rbuf,
- samr_io_q_open_domain,
- samr_io_r_open_domain,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *domain_pol = r.domain_pol;
-#ifdef __INSURE__
- domain_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 access_mask,
- uint32 user_rid, POLICY_HND *user_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_OPEN_USER q;
- SAMR_R_OPEN_USER r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid ));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_open_user,
- samr_io_r_open_user,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *user_pol = r.user_pol;
-#ifdef __INSURE__
- user_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-/* Open handle on a group */
-
-NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 access_mask,
- uint32 group_rid, POLICY_HND *group_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_OPEN_GROUP q;
- SAMR_R_OPEN_GROUP r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid ));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_GROUP,
- q, r,
- qbuf, rbuf,
- samr_io_q_open_group,
- samr_io_r_open_group,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *group_pol = r.pol;
-#ifdef __INSURE__
- group_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-/* Create domain group */
-
-NTSTATUS rpccli_samr_create_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- const char *group_name,
- uint32 access_mask, POLICY_HND *group_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CREATE_DOM_GROUP q;
- SAMR_R_CREATE_DOM_GROUP r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_create_dom_group\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_GROUP,
- q, r,
- qbuf, rbuf,
- samr_io_q_create_dom_group,
- samr_io_r_create_dom_group,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result))
- *group_pol = r.pol;
-
- return result;
-}
-
-/* Add a domain group member */
-
-NTSTATUS rpccli_samr_add_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, uint32 rid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ADD_GROUPMEM q;
- SAMR_R_ADD_GROUPMEM r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_add_groupmem\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_add_groupmem(&q, group_pol, rid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_GROUPMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_add_groupmem,
- samr_io_r_add_groupmem,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Delete a domain group member */
-
-NTSTATUS rpccli_samr_del_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, uint32 rid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_DEL_GROUPMEM q;
- SAMR_R_DEL_GROUPMEM r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_del_groupmem\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_del_groupmem(&q, group_pol, rid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_GROUPMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_del_groupmem,
- samr_io_r_del_groupmem,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query user info */
-
-NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol,
- uint16 switch_value,
- SAM_USERINFO_CTR **ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_USERINFO q;
- SAMR_R_QUERY_USERINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_userinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_userinfo(&q, user_pol, switch_value);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_userinfo,
- samr_io_r_query_userinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
- *ctr = r.ctr;
-
- return result;
-}
-
-/* Set group info */
-
-NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_GROUPINFO q;
- SAMR_R_SET_GROUPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_groupinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_groupinfo(&q, group_pol, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_groupinfo,
- samr_io_r_set_groupinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query group info */
-
-NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, uint32 info_level,
- GROUP_INFO_CTR **ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_GROUPINFO q;
- SAMR_R_QUERY_GROUPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_groupinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_groupinfo(&q, group_pol, info_level);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_groupinfo,
- samr_io_r_query_groupinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- *ctr = r.ctr;
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query user groups */
-
-NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol,
- uint32 *num_groups,
- DOM_GID **gid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_USERGROUPS q;
- SAMR_R_QUERY_USERGROUPS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_usergroups\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_usergroups(&q, user_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_usergroups,
- samr_io_r_query_usergroups,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *num_groups = r.num_entries;
- *gid = r.gid;
- }
-
- return result;
-}
-
-/* Set alias info */
-
-NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_ALIASINFO q;
- SAMR_R_SET_ALIASINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_aliasinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_aliasinfo,
- samr_io_r_set_aliasinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query user aliases */
-
-NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *dom_pol, uint32 num_sids,
- DOM_SID2 *sid,
- uint32 *num_aliases, uint32 **als_rids)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_USERALIASES q;
- SAMR_R_QUERY_USERALIASES r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- int i;
- uint32 *sid_ptrs;
-
- DEBUG(10,("cli_samr_query_useraliases\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- if (num_sids) {
- sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids);
- if (sid_ptrs == NULL)
- return NT_STATUS_NO_MEMORY;
- } else {
- sid_ptrs = NULL;
- }
-
- for (i=0; i<num_sids; i++)
- sid_ptrs[i] = 1;
-
- /* Marshall data and send request */
-
- init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_useraliases,
- samr_io_r_query_useraliases,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *num_aliases = r.num_entries;
- *als_rids = r.rid;
- }
-
- return result;
-}
-
-/* Query user groups */
-
-NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, uint32 *num_mem,
- uint32 **rid, uint32 **attr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_GROUPMEM q;
- SAMR_R_QUERY_GROUPMEM r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_groupmem\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_groupmem(&q, group_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_groupmem,
- samr_io_r_query_groupmem,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *num_mem = r.num_entries;
- *rid = r.rid;
- *attr = r.attr;
- }
-
- return result;
-}
-
-/**
- * Enumerate domain users
- *
- * @param cli client state structure
- * @param mem_ctx talloc context
- * @param pol opened domain policy handle
- * @param start_idx starting index of enumeration, returns context for
- next enumeration
- * @param acb_mask account control bit mask (to enumerate some particular
- * kind of accounts)
- * @param size max acceptable size of response
- * @param dom_users returned array of domain user names
- * @param rids returned array of domain user RIDs
- * @param num_dom_users numer returned entries
- *
- * @return NTSTATUS returned in rpc response
- **/
-
-NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
- uint32 size, char ***dom_users, uint32 **rids,
- uint32 *num_dom_users)
-{
- prs_struct qbuf;
- prs_struct rbuf;
- SAMR_Q_ENUM_DOM_USERS q;
- SAMR_R_ENUM_DOM_USERS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- int i;
-
- DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* always init this */
- *num_dom_users = 0;
-
- /* Fill query structure with parameters */
-
- init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_users,
- samr_io_r_enum_dom_users,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
- goto done;
-
- *start_idx = r.next_idx;
- *num_dom_users = r.num_entries2;
-
- if (r.num_entries2) {
- /* allocate memory needed to return received data */
- *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
- if (!*rids) {
- DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
- if (!*dom_users) {
- DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* fill output buffers with rpc response */
- for (i = 0; i < r.num_entries2; i++) {
- fstring conv_buf;
-
- (*rids)[i] = r.sam[i].rid;
- unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf));
- (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
- }
- }
-
-done:
- return result;
-}
-
-/* Enumerate domain groups */
-
-NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx,
- uint32 size, struct acct_info **dom_groups,
- uint32 *num_dom_groups)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ENUM_DOM_GROUPS q;
- SAMR_R_ENUM_DOM_GROUPS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 name_idx, i;
-
- DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_groups,
- samr_io_r_enum_dom_groups,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
- goto done;
-
- *num_dom_groups = r.num_entries2;
-
- if (*num_dom_groups == 0)
- goto done;
-
- if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
-
- name_idx = 0;
-
- for (i = 0; i < *num_dom_groups; i++) {
-
- (*dom_groups)[i].rid = r.sam[i].rid;
-
- if (r.sam[i].hdr_name.buffer) {
- unistr2_to_ascii((*dom_groups)[i].acct_name,
- &r.uni_grp_name[name_idx],
- sizeof((*dom_groups)[i].acct_name));
- name_idx++;
- }
-
- *start_idx = r.next_idx;
- }
-
- done:
- return result;
-}
-
-/* Enumerate domain groups */
-
-NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx,
- uint32 size, struct acct_info **dom_aliases,
- uint32 *num_dom_aliases)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ENUM_DOM_ALIASES q;
- SAMR_R_ENUM_DOM_ALIASES r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 name_idx, i;
-
- DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_aliases,
- samr_io_r_enum_dom_aliases,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
- goto done;
- }
-
- *num_dom_aliases = r.num_entries2;
-
- if (*num_dom_aliases == 0)
- goto done;
-
- if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
-
- name_idx = 0;
-
- for (i = 0; i < *num_dom_aliases; i++) {
-
- (*dom_aliases)[i].rid = r.sam[i].rid;
-
- if (r.sam[i].hdr_name.buffer) {
- unistr2_to_ascii((*dom_aliases)[i].acct_name,
- &r.uni_grp_name[name_idx],
- sizeof((*dom_aliases)[i].acct_name));
- name_idx++;
- }
-
- *start_idx = r.next_idx;
- }
-
- done:
- return result;
-}
-
-/* Query alias members */
-
-NTSTATUS rpccli_samr_query_aliasmem(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, uint32 *num_mem,
- DOM_SID **sids)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_ALIASMEM q;
- SAMR_R_QUERY_ALIASMEM r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 i;
-
- DEBUG(10,("cli_samr_query_aliasmem\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_aliasmem(&q, alias_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_aliasmem,
- samr_io_r_query_aliasmem,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- *num_mem = r.num_sids;
-
- if (*num_mem == 0) {
- *sids = NULL;
- result = NT_STATUS_OK;
- goto done;
- }
-
- if (!(*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_mem))) {
- result = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- for (i = 0; i < *num_mem; i++) {
- (*sids)[i] = r.sid[i].sid;
- }
-
- done:
- return result;
-}
-
-/* Open handle on an alias */
-
-NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 access_mask,
- uint32 alias_rid, POLICY_HND *alias_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_OPEN_ALIAS q;
- SAMR_R_OPEN_ALIAS r;
- NTSTATUS result;
-
- DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_ALIAS,
- q, r,
- qbuf, rbuf,
- samr_io_q_open_alias,
- samr_io_r_open_alias,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *alias_pol = r.pol;
-#ifdef __INSURE__
- alias_pol->marker = malloc(1);
-#endif
- }
-
- return result;
-}
-
-/* Create an alias */
-
-NTSTATUS rpccli_samr_create_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, const char *name,
- POLICY_HND *alias_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CREATE_DOM_ALIAS q;
- SAMR_R_CREATE_DOM_ALIAS r;
- NTSTATUS result;
-
- DEBUG(10,("cli_samr_create_dom_alias named %s\n", name));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_create_dom_alias(&q, domain_pol, name);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_ALIAS,
- q, r,
- qbuf, rbuf,
- samr_io_q_create_dom_alias,
- samr_io_r_create_dom_alias,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *alias_pol = r.alias_pol;
- }
-
- return result;
-}
-
-/* Add an alias member */
-
-NTSTATUS rpccli_samr_add_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, DOM_SID *member)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ADD_ALIASMEM q;
- SAMR_R_ADD_ALIASMEM r;
- NTSTATUS result;
-
- DEBUG(10,("cli_samr_add_aliasmem"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_add_aliasmem(&q, alias_pol, member);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_ALIASMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_add_aliasmem,
- samr_io_r_add_aliasmem,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- return result;
-}
-
-/* Delete an alias member */
-
-NTSTATUS rpccli_samr_del_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, DOM_SID *member)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_DEL_ALIASMEM q;
- SAMR_R_DEL_ALIASMEM r;
- NTSTATUS result;
-
- DEBUG(10,("cli_samr_del_aliasmem"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_del_aliasmem(&q, alias_pol, member);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_ALIASMEM,
- q, r,
- qbuf, rbuf,
- samr_io_q_del_aliasmem,
- samr_io_r_del_aliasmem,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- return result;
-}
-
-/* Query alias info */
-
-NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, uint16 switch_value,
- ALIAS_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_ALIASINFO q;
- SAMR_R_QUERY_ALIASINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_alias_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_aliasinfo,
- samr_io_r_query_aliasinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- *ctr = *r.ctr;
-
- done:
-
- return result;
-}
-
-/* Query domain info */
-
-NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DOMAIN_INFO q;
- SAMR_R_QUERY_DOMAIN_INFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_dom_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_domain_info(&q, domain_pol, switch_value);
-
- r.ctr = ctr;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_domain_info,
- samr_io_r_query_domain_info,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
-/* Query domain info2 */
-
-NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DOMAIN_INFO2 q;
- SAMR_R_QUERY_DOMAIN_INFO2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_dom_info2\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_domain_info2(&q, domain_pol, switch_value);
-
- r.ctr = ctr;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_domain_info2,
- samr_io_r_query_domain_info2,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
-/* Set domain info */
-
-NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_DOMAIN_INFO q;
- SAMR_R_SET_DOMAIN_INFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_domain_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_domain_info,
- samr_io_r_set_domain_info,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
/* User change password */
NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- const char *newpassword,
- const char *oldpassword )
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ const char *newpassword,
+ const char *oldpassword)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER q;
- SAMR_R_CHGPASSWD_USER r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lanman_hash_enc;
- uchar new_nt_password[516];
- uchar new_lm_password[516];
uchar old_nt_hash[16];
uchar old_lanman_hash[16];
- uchar old_nt_hash_enc[16];
- uchar old_lanman_hash_enc[16];
-
uchar new_nt_hash[16];
uchar new_lanman_hash[16];
-
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ struct lsa_String server, account;
+ char *srv_name_slash = NULL;
DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+ init_lsa_String(&server, srv_name_slash);
+ init_lsa_String(&account, username);
+
+ srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ if (!srv_name_slash) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash(oldpassword, old_nt_hash);
E_md4hash(newpassword, new_nt_hash);
- if (lp_client_lanman_auth()
- && E_deshash(newpassword, new_lanman_hash)
- && E_deshash(oldpassword, old_lanman_hash)) {
+ if (lp_client_lanman_auth() &&
+ E_deshash(newpassword, new_lanman_hash) &&
+ E_deshash(oldpassword, old_lanman_hash)) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars). This allows us to match Win2k, which
does not store a LM hash for these passwords (which
would reduce the effective password length to 14) */
- encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
+ encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
- SamOEMhash( new_lm_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
+ SamOEMhash(new_lm_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
} else {
ZERO_STRUCT(new_lm_password);
ZERO_STRUCT(old_lanman_hash_enc);
}
- encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
-
- SamOEMhash( new_nt_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
-
- /* Marshall data and send request */
-
- init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
- new_nt_password,
- old_nt_hash_enc,
- new_lm_password,
- old_lanman_hash_enc);
+ encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user,
- samr_io_r_chgpasswd_user,
- NT_STATUS_UNSUCCESSFUL);
+ SamOEMhash(new_nt_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
+ result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lanman_hash_enc);
return result;
}
@@ -1295,48 +95,44 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
/* User change password given blobs */
NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- DATA_BLOB new_nt_password,
- DATA_BLOB old_nt_hash_enc,
- DATA_BLOB new_lm_password,
- DATA_BLOB old_lm_hash_enc)
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ DATA_BLOB new_nt_password_blob,
+ DATA_BLOB old_nt_hash_enc_blob,
+ DATA_BLOB new_lm_password_blob,
+ DATA_BLOB old_lm_hash_enc_blob)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER q;
- SAMR_R_CHGPASSWD_USER r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lm_hash_enc;
+ struct lsa_String server, account;
+ char *srv_name_slash = NULL;
DEBUG(10,("rpccli_samr_chng_pswd_auth_crap\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
- new_nt_password.data,
- old_nt_hash_enc.data,
- new_lm_password.data,
- old_lm_hash_enc.data);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user,
- samr_io_r_chgpasswd_user,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
+ srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ if (!srv_name_slash) {
+ return NT_STATUS_NO_MEMORY;
}
- done:
+ init_lsa_String(&server, srv_name_slash);
+ init_lsa_String(&account, username);
+
+ memcpy(&new_nt_password.data, new_nt_password_blob.data, 516);
+ memcpy(&new_lm_password.data, new_lm_password_blob.data, 516);
+ memcpy(&old_nt_hash_enc.hash, old_nt_hash_enc_blob.data, 16);
+ memcpy(&old_lm_hash_enc.hash, old_lm_hash_enc_blob.data, 16);
+ result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lm_hash_enc);
return result;
}
@@ -1344,80 +140,76 @@ NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
/* change password 3 */
NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- const char *newpassword,
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ const char *newpassword,
const char *oldpassword,
- SAM_UNK_INFO_1 *info,
- SAMR_CHANGE_REJECT *reject)
+ struct samr_DomInfo1 **dominfo1,
+ struct samr_ChangeReject **reject)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER3 q;
- SAMR_R_CHGPASSWD_USER3 r;
+ NTSTATUS status;
+
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lanman_hash_enc;
- uchar new_nt_password[516];
- uchar new_lm_password[516];
uchar old_nt_hash[16];
uchar old_lanman_hash[16];
- uchar old_nt_hash_enc[16];
- uchar old_lanman_hash_enc[16];
-
uchar new_nt_hash[16];
uchar new_lanman_hash[16];
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ struct lsa_String server, account;
+ char *srv_name_slash = NULL;
DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+ srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ if (!srv_name_slash) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ init_lsa_String(&server, srv_name_slash);
+ init_lsa_String(&account, username);
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash(oldpassword, old_nt_hash);
E_md4hash(newpassword, new_nt_hash);
- if (lp_client_lanman_auth()
- && E_deshash(newpassword, new_lanman_hash)
- && E_deshash(oldpassword, old_lanman_hash)) {
+ if (lp_client_lanman_auth() &&
+ E_deshash(newpassword, new_lanman_hash) &&
+ E_deshash(oldpassword, old_lanman_hash)) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars). This allows us to match Win2k, which
does not store a LM hash for these passwords (which
would reduce the effective password length to 14) */
- encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
+ encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
- SamOEMhash( new_lm_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
+ SamOEMhash(new_lm_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
} else {
ZERO_STRUCT(new_lm_password);
ZERO_STRUCT(old_lanman_hash_enc);
}
- encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
-
- SamOEMhash( new_nt_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
-
- /* Marshall data and send request */
+ encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
- init_samr_q_chgpasswd_user3(&q, srv_name_slash, username,
- new_nt_password,
- old_nt_hash_enc,
- new_lm_password,
- old_lanman_hash_enc);
- r.info = info;
- r.reject = reject;
+ SamOEMhash(new_nt_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER3,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user3,
- samr_io_r_chgpasswd_user3,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- return r.status;
+ status = rpccli_samr_ChangePasswordUser3(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lanman_hash_enc,
+ NULL,
+ dominfo1,
+ reject);
+ return status;
}
/* This function returns the bizzare set of (max_entries, max_size) required
@@ -1450,655 +242,4 @@ void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
*max_size = 131071;
break;
}
-}
-
-/* Query display info */
-
-NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 *start_idx,
- uint16 switch_value, uint32 *num_entries,
- uint32 max_entries, uint32 max_size,
- SAM_DISPINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DISPINFO q;
- SAMR_R_QUERY_DISPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- *num_entries = 0;
-
- /* Marshall data and send request */
-
- init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
- *start_idx, max_entries, max_size);
-
- r.ctr = ctr;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_dispinfo,
- samr_io_r_query_dispinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
- goto done;
- }
-
- *num_entries = r.num_entries;
- *start_idx += r.num_entries; /* No next_idx in this structure! */
-
- done:
- return result;
-}
-
-/* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
- looked up in one packet. */
-
-NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint32 num_rids, uint32 *rids,
- uint32 *num_names, char ***names,
- uint32 **name_types)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_LOOKUP_RIDS q;
- SAMR_R_LOOKUP_RIDS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 i;
-
- DEBUG(10,("cli_samr_lookup_rids\n"));
-
- if (num_rids > 1000) {
- DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
- "more than ~1000 rids are looked up at once.\n"));
- }
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
- q, r,
- qbuf, rbuf,
- samr_io_q_lookup_rids,
- samr_io_r_lookup_rids,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
- goto done;
-
- if (r.num_names1 == 0) {
- *num_names = 0;
- *names = NULL;
- goto done;
- }
-
- *num_names = r.num_names1;
- *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
- *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
-
- if ((*names == NULL) || (*name_types == NULL)) {
- TALLOC_FREE(*names);
- TALLOC_FREE(*name_types);
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i = 0; i < r.num_names1; i++) {
- fstring tmp;
-
- unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp));
- (*names)[i] = talloc_strdup(mem_ctx, tmp);
- (*name_types)[i] = r.type[i];
- }
-
- done:
-
- return result;
-}
-
-/* Lookup names */
-
-NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 flags,
- uint32 num_names, const char **names,
- uint32 *num_rids, uint32 **rids,
- uint32 **rid_types)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_LOOKUP_NAMES q;
- SAMR_R_LOOKUP_NAMES r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 i;
-
- DEBUG(10,("cli_samr_lookup_names\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
- num_names, names);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
- q, r,
- qbuf, rbuf,
- samr_io_q_lookup_names,
- samr_io_r_lookup_names,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- if (r.num_rids1 == 0) {
- *num_rids = 0;
- goto done;
- }
-
- *num_rids = r.num_rids1;
- *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
- *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
-
- if ((*rids == NULL) || (*rid_types == NULL)) {
- TALLOC_FREE(*rids);
- TALLOC_FREE(*rid_types);
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i = 0; i < r.num_rids1; i++) {
- (*rids)[i] = r.rids[i];
- (*rid_types)[i] = r.types[i];
- }
-
- done:
-
- return result;
-}
-
-/* Create a domain user */
-
-NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, const char *acct_name,
- uint32 acb_info, uint32 access_mask,
- POLICY_HND *user_pol, uint32 *rid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_CREATE_USER q;
- SAMR_R_CREATE_USER r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, access_mask);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_create_user,
- samr_io_r_create_user,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- if (user_pol)
- *user_pol = r.user_pol;
-
- if (rid)
- *rid = r.user_rid;
-
- done:
-
- return result;
-}
-
-/* Set userinfo */
-
-NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol, uint16 switch_value,
- DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_USERINFO q;
- SAMR_R_SET_USERINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_userinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- if (!sess_key->length) {
- DEBUG(1, ("No user session key\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
- }
-
- /* Initialise parse structures */
-
- prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
- prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
-
- /* Marshall data and send request */
-
- q.ctr = ctr;
-
- init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
- ctr->info.id);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_userinfo,
- samr_io_r_set_userinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
-/* Set userinfo2 */
-
-NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol, uint16 switch_value,
- DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_USERINFO2 q;
- SAMR_R_SET_USERINFO2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_userinfo2\n"));
-
- if (!sess_key->length) {
- DEBUG(1, ("No user session key\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
- }
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_userinfo2,
- samr_io_r_set_userinfo2,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
-/* Delete domain group */
-
-NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_DELETE_DOM_GROUP q;
- SAMR_R_DELETE_DOM_GROUP r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_delete_dom_group\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_delete_dom_group(&q, group_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP,
- q, r,
- qbuf, rbuf,
- samr_io_q_delete_dom_group,
- samr_io_r_delete_dom_group,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Delete domain alias */
-
-NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_DELETE_DOM_ALIAS q;
- SAMR_R_DELETE_DOM_ALIAS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_delete_dom_alias\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_delete_dom_alias(&q, alias_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS,
- q, r,
- qbuf, rbuf,
- samr_io_q_delete_dom_alias,
- samr_io_r_delete_dom_alias,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Delete domain user */
-
-NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_DELETE_DOM_USER q;
- SAMR_R_DELETE_DOM_USER r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_delete_dom_user\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_delete_dom_user(&q, user_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_delete_dom_user,
- samr_io_r_delete_dom_user,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Remove foreign SID */
-
-NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol,
- DOM_SID *sid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
- SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN,
- q, r,
- qbuf, rbuf,
- samr_io_q_remove_sid_foreign_domain,
- samr_io_r_remove_sid_foreign_domain,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query user security object */
-
-NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol, uint32 sec_info,
- TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_SEC_OBJ q;
- SAMR_R_QUERY_SEC_OBJ r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_sec_obj\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_sec_obj(&q, user_pol, sec_info);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_sec_obj,
- samr_io_r_query_sec_obj,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
- *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
-
- return result;
-}
-
-/* Set user security object */
-
-NTSTATUS rpccli_samr_set_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol, uint32 sec_info,
- SEC_DESC_BUF *sec_desc_buf)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_SEC_OBJ q;
- SAMR_R_SET_SEC_OBJ r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_sec_obj\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_sec_obj(&q, user_pol, sec_info, sec_desc_buf);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_SEC_OBJECT,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_sec_obj,
- samr_io_r_set_sec_obj,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-
-/* Get domain password info */
-
-NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint16 *min_pwd_length, uint32 *password_properties)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_GET_DOM_PWINFO q;
- SAMR_R_GET_DOM_PWINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_get_dom_pwinfo(&q, cli->cli->desthost);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DOM_PWINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_get_dom_pwinfo,
- samr_io_r_get_dom_pwinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- if (min_pwd_length)
- *min_pwd_length = r.min_pwd_length;
- if (password_properties)
- *password_properties = r.password_properties;
- }
-
- return result;
-}
-
-/* Get domain password info */
-
-NTSTATUS rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 *min_pwd_length,
- uint32 *password_properties, uint32 *unknown1)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_GET_USRDOM_PWINFO q;
- SAMR_R_GET_USRDOM_PWINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_get_usrdom_pwinfo(&q, pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_USRDOM_PWINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_get_usrdom_pwinfo,
- samr_io_r_get_usrdom_pwinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result)) {
- if (min_pwd_length)
- *min_pwd_length = r.min_pwd_length;
- if (password_properties)
- *password_properties = r.password_properties;
- if (unknown1)
- *unknown1 = r.unknown_1;
- }
-
- return result;
-}
-
-
-/* Lookup Domain Name */
-
-NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol, char *domain_name,
- DOM_SID *sid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_LOOKUP_DOMAIN q;
- SAMR_R_LOOKUP_DOMAIN r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_lookup_domain\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_lookup_domain(&q, user_pol, domain_name);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN,
- q, r,
- qbuf, rbuf,
- samr_io_q_lookup_domain,
- samr_io_r_lookup_domain,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (NT_STATUS_IS_OK(result))
- sid_copy(sid, &r.dom_sid.sid);
-
- return result;
}
diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c
index 95673c1565..b21909fd03 100644
--- a/source3/rpc_client/cli_svcctl.c
+++ b/source3/rpc_client/cli_svcctl.c
@@ -57,81 +57,6 @@ const char* svc_status_string( uint32 state )
return talloc_strdup(talloc_tos(), msg);
}
-/********************************************************************
-********************************************************************/
-
-WERROR rpccli_svcctl_open_scm(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hSCM, uint32 access_desired )
-{
- SVCCTL_Q_OPEN_SCMANAGER in;
- SVCCTL_R_OPEN_SCMANAGER out;
- prs_struct qbuf, rbuf;
- fstring server;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- /* leave the database name NULL to get the default service db */
-
- in.database = NULL;
-
- /* set the server name */
-
- if ( !(in.servername = TALLOC_P( mem_ctx, UNISTR2 )) )
- return WERR_NOMEM;
- fstr_sprintf( server, "\\\\%s", cli->cli->desthost );
- init_unistr2( in.servername, server, UNI_STR_TERMINATE );
-
- in.access = access_desired;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_open_scmanager,
- svcctl_io_r_open_scmanager,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( hSCM, &out.handle, sizeof(POLICY_HND) );
-
- return out.status;
-}
-
-/********************************************************************
-********************************************************************/
-
-WERROR rpccli_svcctl_open_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hSCM, POLICY_HND *hService,
- const char *servicename, uint32 access_desired )
-{
- SVCCTL_Q_OPEN_SERVICE in;
- SVCCTL_R_OPEN_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hSCM, sizeof(POLICY_HND) );
- init_unistr2( &in.servicename, servicename, UNI_STR_TERMINATE );
- in.access = access_desired;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SERVICE_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_open_service,
- svcctl_io_r_open_service,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( hService, &out.handle, sizeof(POLICY_HND) );
-
- return out.status;
-}
-
/*******************************************************************
*******************************************************************/
@@ -204,36 +129,6 @@ WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX
/*******************************************************************
*******************************************************************/
-WERROR rpccli_svcctl_query_status( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, SERVICE_STATUS *status )
-{
- SVCCTL_Q_QUERY_STATUS in;
- SVCCTL_R_QUERY_STATUS out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_STATUS,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_query_status,
- svcctl_io_r_query_status,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( status, &out.svc_status, sizeof(SERVICE_STATUS) );
-
- return out.status;
-}
-
-/*******************************************************************
-*******************************************************************/
-
WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *hService, SERVICE_CONFIG *config )
{
@@ -304,109 +199,3 @@ WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
return out.status;
}
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_start_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService,
- const char **parm_array, uint32 parmcount )
-{
- SVCCTL_Q_START_SERVICE in;
- SVCCTL_R_START_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
-
- in.parmcount = 0;
- in.parameters = NULL;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_START_SERVICE_W,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_start_service,
- svcctl_io_r_start_service,
- WERR_GENERAL_FAILURE );
-
- return out.status;
-}
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_control_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, uint32 control,
- SERVICE_STATUS *status )
-{
- SVCCTL_Q_CONTROL_SERVICE in;
- SVCCTL_R_CONTROL_SERVICE out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
- in.control = control;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_CONTROL_SERVICE,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_control_service,
- svcctl_io_r_control_service,
- WERR_GENERAL_FAILURE );
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- memcpy( status, &out.svc_status, sizeof(SERVICE_STATUS) );
-
- return out.status;
-}
-
-
-/*******************************************************************
-*******************************************************************/
-
-WERROR rpccli_svcctl_get_dispname( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *hService, fstring displayname )
-{
- SVCCTL_Q_GET_DISPLAY_NAME in;
- SVCCTL_R_GET_DISPLAY_NAME out;
- prs_struct qbuf, rbuf;
-
- ZERO_STRUCT(in);
- ZERO_STRUCT(out);
-
- memcpy( &in.handle, hService, sizeof(POLICY_HND) );
- in.display_name_len = 0;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_get_display_name,
- svcctl_io_r_get_display_name,
- WERR_GENERAL_FAILURE );
-
- /* second time with correct buffer size...should be ok */
-
- if ( W_ERROR_EQUAL( out.status, WERR_INSUFFICIENT_BUFFER ) ) {
- in.display_name_len = out.display_name_len;
-
- CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME,
- in, out,
- qbuf, rbuf,
- svcctl_io_q_get_display_name,
- svcctl_io_r_get_display_name,
- WERR_GENERAL_FAILURE );
- }
-
- if ( !W_ERROR_IS_OK( out.status ) )
- return out.status;
-
- rpcstr_pull( displayname, out.displayname.buffer, sizeof(displayname), -1, STR_TERMINATE );
-
- return out.status;
-}
diff --git a/source3/rpc_client/init_lsa.c b/source3/rpc_client/init_lsa.c
new file mode 100644
index 0000000000..2637158fd0
--- /dev/null
+++ b/source3/rpc_client/init_lsa.c
@@ -0,0 +1,126 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
+{
+ name->string = s;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_lsa_AsciiString(struct lsa_AsciiString *name, const char *s)
+{
+ name->string = s;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_lsa_AsciiStringLarge(struct lsa_AsciiStringLarge *name, const char *s)
+{
+ name->string = s;
+}
+
+/*******************************************************************
+ Inits an lsa_QosInfo structure.
+********************************************************************/
+
+void init_lsa_sec_qos(struct lsa_QosInfo *r,
+ uint32_t len,
+ uint16_t impersonation_level,
+ uint8_t context_mode,
+ uint8_t effective_only)
+{
+ DEBUG(5, ("init_lsa_sec_qos\n"));
+
+ r->len = len;
+ r->impersonation_level = impersonation_level;
+ r->context_mode = context_mode;
+ r->effective_only = effective_only;
+}
+
+/*******************************************************************
+ Inits an lsa_ObjectAttribute structure.
+********************************************************************/
+
+void init_lsa_obj_attr(struct lsa_ObjectAttribute *r,
+ uint32_t len,
+ uint8_t *root_dir,
+ const char *object_name,
+ uint32_t attributes,
+ struct security_descriptor *sec_desc,
+ struct lsa_QosInfo *sec_qos)
+{
+ DEBUG(5,("init_lsa_obj_attr\n"));
+
+ r->len = len;
+ r->root_dir = root_dir;
+ r->object_name = object_name;
+ r->attributes = attributes;
+ r->sec_desc = sec_desc;
+ r->sec_qos = sec_qos;
+}
+
+/*******************************************************************
+ Inits a lsa_TranslatedSid structure.
+********************************************************************/
+
+void init_lsa_translated_sid(struct lsa_TranslatedSid *r,
+ enum lsa_SidType sid_type,
+ uint32_t rid,
+ uint32_t sid_index)
+{
+ r->sid_type = sid_type;
+ r->rid = rid;
+ r->sid_index = sid_index;
+}
+
+/*******************************************************************
+ Inits a lsa_TranslatedName2 structure.
+********************************************************************/
+
+void init_lsa_translated_name2(struct lsa_TranslatedName2 *r,
+ enum lsa_SidType sid_type,
+ const char *name,
+ uint32_t sid_index,
+ uint32_t unknown)
+{
+ r->sid_type = sid_type;
+ init_lsa_String(&r->name, name);
+ r->sid_index = sid_index;
+ r->unknown = unknown;
+}
diff --git a/source3/rpc_client/init_netlogon.c b/source3/rpc_client/init_netlogon.c
new file mode 100644
index 0000000000..62f1fac626
--- /dev/null
+++ b/source3/rpc_client/init_netlogon.c
@@ -0,0 +1,220 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_SamBaseInfo(struct netr_SamBaseInfo *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME acct_expiry,
+ NTTIME last_password_change,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *logon_script,
+ const char *profile_path,
+ const char *home_directory,
+ const char *home_drive,
+ uint16_t logon_count,
+ uint16_t bad_password_count,
+ uint32_t rid,
+ uint32_t primary_gid,
+ struct samr_RidWithAttributeArray groups,
+ uint32_t user_flags,
+ struct netr_UserSessionKey key,
+ const char *logon_server,
+ const char *domain,
+ struct dom_sid2 *domain_sid,
+ struct netr_LMSessionKey LMSessKey,
+ uint32_t acct_flags)
+{
+ r->last_logon = last_logon;
+ r->last_logoff = last_logoff;
+ r->acct_expiry = acct_expiry;
+ r->last_password_change = last_password_change;
+ r->allow_password_change = allow_password_change;
+ r->force_password_change = force_password_change;
+ init_lsa_String(&r->account_name, account_name);
+ init_lsa_String(&r->full_name, full_name);
+ init_lsa_String(&r->logon_script, logon_script);
+ init_lsa_String(&r->profile_path, profile_path);
+ init_lsa_String(&r->home_directory, home_directory);
+ init_lsa_String(&r->home_drive, home_drive);
+ r->logon_count = logon_count;
+ r->bad_password_count = bad_password_count;
+ r->rid = rid;
+ r->primary_gid = primary_gid;
+ r->groups = groups;
+ r->user_flags = user_flags;
+ r->key = key;
+ init_lsa_StringLarge(&r->logon_server, logon_server);
+ init_lsa_StringLarge(&r->domain, domain);
+ r->domain_sid = domain_sid;
+ r->LMSessKey = LMSessKey;
+ r->acct_flags = acct_flags;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_SamInfo3(struct netr_SamInfo3 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME acct_expiry,
+ NTTIME last_password_change,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *logon_script,
+ const char *profile_path,
+ const char *home_directory,
+ const char *home_drive,
+ uint16_t logon_count,
+ uint16_t bad_password_count,
+ uint32_t rid,
+ uint32_t primary_gid,
+ struct samr_RidWithAttributeArray groups,
+ uint32_t user_flags,
+ struct netr_UserSessionKey key,
+ const char *logon_server,
+ const char *domain,
+ struct dom_sid2 *domain_sid,
+ struct netr_LMSessionKey LMSessKey,
+ uint32_t acct_flags,
+ uint32_t sidcount,
+ struct netr_SidAttr *sids)
+{
+ init_netr_SamBaseInfo(&r->base,
+ last_logon,
+ last_logoff,
+ acct_expiry,
+ last_password_change,
+ allow_password_change,
+ force_password_change,
+ account_name,
+ full_name,
+ logon_script,
+ profile_path,
+ home_directory,
+ home_drive,
+ logon_count,
+ bad_password_count,
+ rid,
+ primary_gid,
+ groups,
+ user_flags,
+ key,
+ logon_server,
+ domain,
+ domain_sid,
+ LMSessKey,
+ acct_flags);
+ r->sidcount = sidcount;
+ r->sids = sids;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_IdentityInfo(struct netr_IdentityInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation)
+{
+ init_lsa_String(&r->domain_name, domain_name);
+ r->parameter_control = parameter_control;
+ r->logon_id_low = logon_id_low;
+ r->logon_id_high = logon_id_high;
+ init_lsa_String(&r->account_name, account_name);
+ init_lsa_String(&r->workstation, workstation);
+}
+
+/*******************************************************************
+ inits a structure.
+ This is a network logon packet. The log_id parameters
+ are what an NT server would generate for LUID once the
+ user is logged on. I don't think we care about them.
+
+ Note that this has no access to the NT and LM hashed passwords,
+ so it forwards the challenge, and the NT and LM responses (24
+ bytes each) over the secure channel to the Domain controller
+ for it to say yea or nay. This is the preferred method of
+ checking for a logon as it doesn't export the password
+ hashes to anyone who has compromised the secure channel. JRA.
+
+********************************************************************/
+
+void init_netr_NetworkInfo(struct netr_NetworkInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation,
+ uint8_t challenge[8],
+ struct netr_ChallengeResponse nt,
+ struct netr_ChallengeResponse lm)
+{
+ init_netr_IdentityInfo(&r->identity_info,
+ domain_name,
+ parameter_control,
+ logon_id_low,
+ logon_id_high,
+ account_name,
+ workstation);
+ memcpy(r->challenge, challenge, 8);
+ r->nt = nt;
+ r->lm = lm;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_netr_PasswordInfo(struct netr_PasswordInfo *r,
+ const char *domain_name,
+ uint32_t parameter_control,
+ uint32_t logon_id_low,
+ uint32_t logon_id_high,
+ const char *account_name,
+ const char *workstation,
+ struct samr_Password lmpassword,
+ struct samr_Password ntpassword)
+{
+ init_netr_IdentityInfo(&r->identity_info,
+ domain_name,
+ parameter_control,
+ logon_id_low,
+ logon_id_high,
+ account_name,
+ workstation);
+ r->lmpassword = lmpassword;
+ r->ntpassword = ntpassword;
+}
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
new file mode 100644
index 0000000000..1275fc834b
--- /dev/null
+++ b/source3/rpc_client/init_samr.c
@@ -0,0 +1,461 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (C) Guenther Deschner 2008.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo1(struct samr_DomInfo1 *r,
+ uint16_t min_password_length,
+ uint16_t password_history_length,
+ uint32_t password_properties,
+ int64_t max_password_age,
+ int64_t min_password_age)
+{
+ r->min_password_length = min_password_length;
+ r->password_history_length = password_history_length;
+ r->password_properties = password_properties;
+ r->max_password_age = max_password_age;
+ r->min_password_age = min_password_age;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo2(struct samr_DomInfo2 *r,
+ NTTIME force_logoff_time,
+ const char *comment,
+ const char *domain_name,
+ const char *primary,
+ uint64_t sequence_num,
+ uint32_t unknown2,
+ enum samr_Role role,
+ uint32_t unknown3,
+ uint32_t num_users,
+ uint32_t num_groups,
+ uint32_t num_aliases)
+{
+ r->force_logoff_time = force_logoff_time;
+ init_lsa_String(&r->comment, comment);
+ init_lsa_String(&r->domain_name, domain_name);
+ init_lsa_String(&r->primary, primary);
+ r->sequence_num = sequence_num;
+ r->unknown2 = unknown2;
+ r->role = role;
+ r->unknown3 = unknown3;
+ r->num_users = num_users;
+ r->num_groups = num_groups;
+ r->num_aliases = num_aliases;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo3(struct samr_DomInfo3 *r,
+ NTTIME force_logoff_time)
+{
+ r->force_logoff_time = force_logoff_time;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo4(struct samr_DomInfo4 *r,
+ const char *comment)
+{
+ init_lsa_String(&r->comment, comment);
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo5(struct samr_DomInfo5 *r,
+ const char *domain_name)
+{
+ init_lsa_String(&r->domain_name, domain_name);
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo6(struct samr_DomInfo6 *r,
+ const char *primary)
+{
+ init_lsa_String(&r->primary, primary);
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo7(struct samr_DomInfo7 *r,
+ enum samr_Role role)
+{
+ r->role = role;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo8(struct samr_DomInfo8 *r,
+ uint64_t sequence_num,
+ NTTIME domain_create_time)
+{
+ r->sequence_num = sequence_num;
+ r->domain_create_time = domain_create_time;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo9(struct samr_DomInfo9 *r,
+ uint32_t unknown)
+{
+ r->unknown = unknown;
+}
+
+/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+void init_samr_DomInfo12(struct samr_DomInfo12 *r,
+ uint64_t lockout_duration,
+ uint64_t lockout_window,
+ uint16_t lockout_threshold)
+{
+ r->lockout_duration = lockout_duration;
+ r->lockout_window = lockout_window;
+ r->lockout_threshold = lockout_threshold;
+}
+
+/*******************************************************************
+ inits a samr_GroupInfoAll structure.
+********************************************************************/
+
+void init_samr_group_info1(struct samr_GroupInfoAll *r,
+ const char *name,
+ uint32_t attributes,
+ uint32_t num_members,
+ const char *description)
+{
+ DEBUG(5, ("init_samr_group_info1\n"));
+
+ init_lsa_String(&r->name, name);
+ r->attributes = attributes;
+ r->num_members = num_members;
+ init_lsa_String(&r->description, description);
+}
+
+/*******************************************************************
+ inits a lsa_String structure
+********************************************************************/
+
+void init_samr_group_info2(struct lsa_String *r, const char *group_name)
+{
+ DEBUG(5, ("init_samr_group_info2\n"));
+
+ init_lsa_String(r, group_name);
+}
+
+/*******************************************************************
+ inits a samr_GroupInfoAttributes structure.
+********************************************************************/
+
+void init_samr_group_info3(struct samr_GroupInfoAttributes *r,
+ uint32_t attributes)
+{
+ DEBUG(5, ("init_samr_group_info3\n"));
+
+ r->attributes = attributes;
+}
+
+/*******************************************************************
+ inits a lsa_String structure
+********************************************************************/
+
+void init_samr_group_info4(struct lsa_String *r, const char *description)
+{
+ DEBUG(5, ("init_samr_group_info4\n"));
+
+ init_lsa_String(r, description);
+}
+
+/*******************************************************************
+ inits a samr_GroupInfoAll structure.
+********************************************************************/
+
+void init_samr_group_info5(struct samr_GroupInfoAll *r,
+ const char *name,
+ uint32_t attributes,
+ uint32_t num_members,
+ const char *description)
+{
+ DEBUG(5, ("init_samr_group_info5\n"));
+
+ init_lsa_String(&r->name, name);
+ r->attributes = attributes;
+ r->num_members = num_members;
+ init_lsa_String(&r->description, description);
+}
+
+/*******************************************************************
+ inits a samr_AliasInfoAll structure.
+********************************************************************/
+
+void init_samr_alias_info1(struct samr_AliasInfoAll *r,
+ const char *name,
+ uint32_t num_members,
+ const char *description)
+{
+ DEBUG(5, ("init_samr_alias_info1\n"));
+
+ init_lsa_String(&r->name, name);
+ r->num_members = num_members;
+ init_lsa_String(&r->description, description);
+}
+
+/*******************************************************************
+inits a lsa_String structure.
+********************************************************************/
+
+void init_samr_alias_info3(struct lsa_String *r,
+ const char *description)
+{
+ DEBUG(5, ("init_samr_alias_info3\n"));
+
+ init_lsa_String(r, description);
+}
+
+/*******************************************************************
+ inits a samr_UserInfo7 structure.
+********************************************************************/
+
+void init_samr_user_info7(struct samr_UserInfo7 *r,
+ const char *account_name)
+{
+ DEBUG(5, ("init_samr_user_info7\n"));
+
+ init_lsa_String(&r->account_name, account_name);
+}
+
+/*******************************************************************
+ inits a samr_UserInfo9 structure.
+********************************************************************/
+
+void init_samr_user_info9(struct samr_UserInfo9 *r,
+ uint32_t primary_gid)
+{
+ DEBUG(5, ("init_samr_user_info9\n"));
+
+ r->primary_gid = primary_gid;
+}
+
+/*******************************************************************
+ inits a SAM_USER_INFO_16 structure.
+********************************************************************/
+
+void init_samr_user_info16(struct samr_UserInfo16 *r,
+ uint32_t acct_flags)
+{
+ DEBUG(5, ("init_samr_user_info16\n"));
+
+ r->acct_flags = acct_flags;
+}
+
+/*******************************************************************
+ inits a samr_UserInfo18 structure.
+********************************************************************/
+
+void init_samr_user_info18(struct samr_UserInfo18 *r,
+ const uint8 lm_pwd[16],
+ const uint8 nt_pwd[16])
+{
+ DEBUG(5, ("init_samr_user_info18\n"));
+
+ r->lm_pwd_active =
+ memcpy(r->lm_pwd.hash, lm_pwd, sizeof(r->lm_pwd.hash)) ? true : false;
+ r->nt_pwd_active =
+ memcpy(r->nt_pwd.hash, nt_pwd, sizeof(r->nt_pwd.hash)) ? true : false;
+}
+
+/*******************************************************************
+ inits a samr_UserInfo20 structure.
+********************************************************************/
+
+void init_samr_user_info20(struct samr_UserInfo20 *r,
+ const char *munged_dial)
+{
+ init_lsa_String(&r->parameters, munged_dial);
+}
+
+/*************************************************************************
+ inits a samr_UserInfo21 structure
+ *************************************************************************/
+
+void init_samr_user_info21(struct samr_UserInfo21 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME last_password_change,
+ NTTIME acct_expiry,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *home_directory,
+ const char *home_drive,
+ const char *logon_script,
+ const char *profile_path,
+ const char *description,
+ const char *workstations,
+ const char *comment,
+ const char *parameters,
+ uint32_t rid,
+ uint32_t primary_gid,
+ uint32_t acct_flags,
+ uint32_t fields_present,
+ struct samr_LogonHours logon_hours,
+ uint16_t bad_password_count,
+ uint16_t logon_count,
+ uint16_t country_code,
+ uint16_t code_page,
+ uint8_t nt_password_set,
+ uint8_t lm_password_set,
+ uint8_t password_expired)
+{
+ r->last_logon = last_logon;
+ r->last_logoff = last_logoff;
+ r->last_password_change = last_password_change;
+ r->acct_expiry = acct_expiry;
+ r->allow_password_change = allow_password_change;
+ r->force_password_change = force_password_change;
+ init_lsa_String(&r->account_name, account_name);
+ init_lsa_String(&r->full_name, full_name);
+ init_lsa_String(&r->home_directory, home_directory);
+ init_lsa_String(&r->home_drive, home_drive);
+ init_lsa_String(&r->logon_script, logon_script);
+ init_lsa_String(&r->profile_path, profile_path);
+ init_lsa_String(&r->description, description);
+ init_lsa_String(&r->workstations, workstations);
+ init_lsa_String(&r->comment, comment);
+ init_lsa_String(&r->parameters, parameters);
+ r->rid = rid;
+ r->primary_gid = primary_gid;
+ r->acct_flags = acct_flags;
+ r->fields_present = fields_present;
+ r->logon_hours = logon_hours;
+ r->bad_password_count = bad_password_count;
+ r->logon_count = logon_count;
+ r->country_code = country_code;
+ r->code_page = code_page;
+ r->nt_password_set = nt_password_set;
+ r->lm_password_set = lm_password_set;
+ r->password_expired = password_expired;
+}
+
+/*************************************************************************
+ init_samr_user_info23
+ *************************************************************************/
+
+void init_samr_user_info23(struct samr_UserInfo23 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME last_password_change,
+ NTTIME acct_expiry,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *home_directory,
+ const char *home_drive,
+ const char *logon_script,
+ const char *profile_path,
+ const char *description,
+ const char *workstations,
+ const char *comment,
+ const char *parameters,
+ uint32_t rid,
+ uint32_t primary_gid,
+ uint32_t acct_flags,
+ uint32_t fields_present,
+ struct samr_LogonHours logon_hours,
+ uint16_t bad_password_count,
+ uint16_t logon_count,
+ uint16_t country_code,
+ uint16_t code_page,
+ uint8_t nt_password_set,
+ uint8_t lm_password_set,
+ uint8_t password_expired,
+ uint8_t data[516],
+ uint8_t pw_len)
+{
+ init_samr_user_info21(&r->info,
+ last_logon,
+ last_logoff,
+ last_password_change,
+ acct_expiry,
+ allow_password_change,
+ force_password_change,
+ account_name,
+ full_name,
+ home_directory,
+ home_drive,
+ logon_script,
+ profile_path,
+ description,
+ workstations,
+ comment,
+ parameters,
+ rid,
+ primary_gid,
+ acct_flags,
+ fields_present,
+ logon_hours,
+ bad_password_count,
+ logon_count,
+ country_code,
+ code_page,
+ nt_password_set,
+ lm_password_set,
+ password_expired);
+
+ memcpy(r->password.data, data, sizeof(r->password.data));
+}
+
+/*************************************************************************
+ init_samr_user_info24
+ *************************************************************************/
+
+void init_samr_user_info24(struct samr_UserInfo24 *r,
+ uint8_t data[516],
+ uint8_t pw_len)
+{
+ DEBUG(10, ("init_samr_user_info24:\n"));
+
+ memcpy(r->password.data, data, sizeof(r->password.data));
+ r->pw_len = pw_len;
+}