diff options
author | Luke Leighton <lkcl@samba.org> | 1998-10-21 22:36:26 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1998-10-21 22:36:26 +0000 |
commit | eadc5b8c6ecdd6892647d391e1976b2c708d1ea0 (patch) | |
tree | 8aa495516461fd94ddbafcb6a52e0a4825de1ae6 /source3/rpc_server/srv_samr.c | |
parent | 21e107fd42eb953affac28239588458c6c0ee323 (diff) | |
download | samba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.tar.gz samba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.tar.bz2 samba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.zip |
domain aliases added a bit better: does local aliases if you query
for sid S-1-5-20 and does (nothing at the moment) if you query for
your own sid.
(This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
Diffstat (limited to 'source3/rpc_server/srv_samr.c')
-rw-r--r-- | source3/rpc_server/srv_samr.c | 68 |
1 files changed, 42 insertions, 26 deletions
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 06ed6603b3..9a37f76121 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -32,10 +32,11 @@ extern BOOL sam_logon_in_ssb; extern pstring samlogon_user; extern pstring global_myworkgroup; extern pstring global_myname; -extern DOM_SID global_machine_sid; +extern DOM_SID global_sam_sid; extern rid_name domain_group_rids[]; extern rid_name domain_alias_rids[]; +extern rid_name builtin_alias_rids[]; /******************************************************************* This next function should be replaced with something that @@ -295,7 +296,7 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u, DOM_SID user_sid; DOM_SID everyone_sid; - user_sid = global_machine_sid; + user_sid = global_sam_sid; SMB_ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1); @@ -457,29 +458,44 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u, SAMR_R_ENUM_DOM_ALIASES r_e; SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES]; int num_entries; - BOOL got_aliases; - char *dummy_alias = "admins"; + DOM_SID sid; + fstring sid_str; + fstring sam_sid_str; r_e.status = 0x0; r_e.num_entries = 0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1)) + if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } - DEBUG(5,("samr_reply_enum_dom_aliases: %d\n", __LINE__)); + sid_to_string(sid_str, &sid); + sid_to_string(sam_sid_str, &global_sam_sid); - got_aliases = True; - num_entries = 1; - make_unistr2(&(pass[0].uni_user_name), dummy_alias, strlen(dummy_alias)); - pass[0].user_rid = BUILTIN_ALIAS_RID_ADMINS; + DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str)); - if (r_e.status == 0 && got_aliases) + /* well-known aliases */ + if (strequal(sid_str, "S-1-5-20")) { - make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status); + char *name; + while (num_entries < MAX_SAM_ENTRIES && ((name = builtin_alias_rids[num_entries].name) != NULL)) + { + make_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)); + pass[num_entries].user_rid = builtin_alias_rids[num_entries].rid; + num_entries++; + } } + else if (strequal(sid_str, sam_sid_str)) + { + /* local aliases */ + /* oops! there's no code to deal with this */ + DEBUG(3,("samr_reply_enum_dom_aliases: enum of aliases in our domain not supported yet\n")); + num_entries = 0; + } + + make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status); /* store the response in the SMB stream */ samr_io_r_enum_dom_aliases("", &r_e, rdata, 0); @@ -1276,12 +1292,12 @@ static void api_samr_query_usergroups( uint16 vuid, prs_struct *data, prs_struct /******************************************************************* - samr_reply_unknown_8 + samr_reply_query_dom_info ********************************************************************/ -static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u, +static void samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u, prs_struct *rdata) { - SAMR_R_UNKNOWN_8 r_u; + SAMR_R_QUERY_DOMAIN_INFO r_u; SAM_UNK_CTR ctr; uint16 switch_value = 0x0; uint32 status = 0x0; @@ -1291,13 +1307,13 @@ static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u, r_u.ctr = &ctr; - DEBUG(5,("samr_reply_unknown_8: %d\n", __LINE__)); + DEBUG(5,("samr_reply_query_dom_info: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; - DEBUG(5,("samr_reply_unknown_8: invalid handle\n")); + DEBUG(5,("samr_reply_query_dom_info: invalid handle\n")); } if (status == 0x0) @@ -1319,27 +1335,27 @@ static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u, } } - make_samr_r_unknown_8(&r_u, switch_value, &ctr, status); + make_samr_r_query_dom_info(&r_u, switch_value, &ctr, status); /* store the response in the SMB stream */ - samr_io_r_unknown_8("", &r_u, rdata, 0); + samr_io_r_query_dom_info("", &r_u, rdata, 0); - DEBUG(5,("samr_unknown_8: %d\n", __LINE__)); + DEBUG(5,("samr_query_dom_info: %d\n", __LINE__)); } /******************************************************************* - api_samr_unknown_8 + api_samr_query_dom_info ********************************************************************/ -static void api_samr_unknown_8( uint16 vuid, prs_struct *data, prs_struct *rdata) +static void api_samr_query_dom_info( uint16 vuid, prs_struct *data, prs_struct *rdata) { - SAMR_Q_UNKNOWN_8 q_e; + SAMR_Q_QUERY_DOMAIN_INFO q_e; /* grab the samr unknown 8 command */ - samr_io_q_unknown_8("", &q_e, data, 0); + samr_io_q_query_dom_info("", &q_e, data, 0); /* construct reply. */ - samr_reply_unknown_8(&q_e, rdata); + samr_reply_query_dom_info(&q_e, rdata); } @@ -1595,7 +1611,7 @@ static struct api_struct api_samr_cmds [] = { "SAMR_LOOKUP_NAMES" , SAMR_LOOKUP_NAMES , api_samr_lookup_names }, { "SAMR_OPEN_USER" , SAMR_OPEN_USER , api_samr_open_user }, { "SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo }, - { "SAMR_UNKNOWN_8" , SAMR_UNKNOWN_8 , api_samr_unknown_8 }, + { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info }, { "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups }, { "SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo }, { "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo }, |