summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>1998-10-21 22:36:26 +0000
committerLuke Leighton <lkcl@samba.org>1998-10-21 22:36:26 +0000
commiteadc5b8c6ecdd6892647d391e1976b2c708d1ea0 (patch)
tree8aa495516461fd94ddbafcb6a52e0a4825de1ae6 /source3/rpc_server
parent21e107fd42eb953affac28239588458c6c0ee323 (diff)
downloadsamba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.tar.gz
samba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.tar.bz2
samba-eadc5b8c6ecdd6892647d391e1976b2c708d1ea0.zip
domain aliases added a bit better: does local aliases if you query
for sid S-1-5-20 and does (nothing at the moment) if you query for your own sid. (This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_lsa.c8
-rw-r--r--source3/rpc_server/srv_lsa_hnd.c23
-rw-r--r--source3/rpc_server/srv_netlog.c4
-rw-r--r--source3/rpc_server/srv_samr.c68
-rw-r--r--source3/rpc_server/srv_util.c1
5 files changed, 70 insertions, 34 deletions
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index 93584b5acf..a355f0b311 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -28,7 +28,7 @@
#include "nterr.h"
extern int DEBUGLEVEL;
-extern DOM_SID global_machine_sid;
+extern DOM_SID global_sam_sid;
/***************************************************************************
lsa_reply_open_policy2
@@ -373,7 +373,7 @@ static void api_lsa_query_info( uint16 vuid, prs_struct *data,
pstrcpy(dom_name, lp_workgroup());
/* construct reply. return status is always 0x0 */
- lsa_reply_query_info(&q_i, rdata, dom_name, &global_machine_sid);
+ lsa_reply_query_info(&q_i, rdata, dom_name, &global_sam_sid);
}
/***************************************************************************
@@ -406,7 +406,7 @@ static void api_lsa_lookup_sids( uint16 vuid, prs_struct *data,
string_to_sid(&sid_S_1_5, "S-1-5");
dom_names[0] = dom_name;
- sid_array[0] = &global_machine_sid;
+ sid_array[0] = &global_sam_sid;
dom_names[1] = "Everyone";
sid_array[1] = &sid_S_1_1;
@@ -458,7 +458,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
string_to_sid(&sid_S_1_5, "S-1-5");
dom_names[0] = dom_name;
- sid_array[0] = &global_machine_sid;
+ sid_array[0] = &global_sam_sid;
dom_names[1] = "Everyone";
sid_array[1] = &sid_S_1_1;
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index b1e695360f..b807c40604 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -225,7 +225,28 @@ BOOL set_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
}
/****************************************************************************
- set samr rid
+ get samr sid
+****************************************************************************/
+BOOL get_lsa_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid)
+{
+ struct policy *p = find_lsa_policy(hnd);
+
+ if (p != NULL && p->open)
+ {
+ pstring sidstr;
+ memcpy(sid, &p->dev.samr.sid, sizeof(*sid));
+ DEBUG(3,("Getting policy sid=%s pnum=%x\n",
+ sid_to_string(sidstr, sid), p->pnum));
+
+ return True;
+ }
+
+ DEBUG(3,("Error getting policy\n"));
+ return False;
+}
+
+/****************************************************************************
+ get samr rid
****************************************************************************/
uint32 get_lsa_policy_samr_rid(POLICY_HND *hnd)
{
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 79a659faf8..4228eab3e0 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -32,7 +32,7 @@ extern int DEBUGLEVEL;
extern BOOL sam_logon_in_ssb;
extern pstring samlogon_user;
extern pstring global_myname;
-extern DOM_SID global_machine_sid;
+extern DOM_SID global_sam_sid;
/*************************************************************************
make_net_r_req_chal:
@@ -790,7 +790,7 @@ static void api_net_sam_logon( uint16 vuid,
my_name , /* char *logon_srv */
my_workgroup, /* char *logon_dom */
- &global_machine_sid, /* DOM_SID *dom_sid */
+ &global_sam_sid, /* DOM_SID *dom_sid */
NULL); /* char *other_sids */
}
else
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index 06ed6603b3..9a37f76121 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -32,10 +32,11 @@ extern BOOL sam_logon_in_ssb;
extern pstring samlogon_user;
extern pstring global_myworkgroup;
extern pstring global_myname;
-extern DOM_SID global_machine_sid;
+extern DOM_SID global_sam_sid;
extern rid_name domain_group_rids[];
extern rid_name domain_alias_rids[];
+extern rid_name builtin_alias_rids[];
/*******************************************************************
This next function should be replaced with something that
@@ -295,7 +296,7 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
DOM_SID user_sid;
DOM_SID everyone_sid;
- user_sid = global_machine_sid;
+ user_sid = global_sam_sid;
SMB_ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1);
@@ -457,29 +458,44 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
SAMR_R_ENUM_DOM_ALIASES r_e;
SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
int num_entries;
- BOOL got_aliases;
- char *dummy_alias = "admins";
+ DOM_SID sid;
+ fstring sid_str;
+ fstring sam_sid_str;
r_e.status = 0x0;
r_e.num_entries = 0;
/* find the policy handle. open a policy on it. */
- if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
+ if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid))
{
r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_enum_dom_aliases: %d\n", __LINE__));
+ sid_to_string(sid_str, &sid);
+ sid_to_string(sam_sid_str, &global_sam_sid);
- got_aliases = True;
- num_entries = 1;
- make_unistr2(&(pass[0].uni_user_name), dummy_alias, strlen(dummy_alias));
- pass[0].user_rid = BUILTIN_ALIAS_RID_ADMINS;
+ DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
- if (r_e.status == 0 && got_aliases)
+ /* well-known aliases */
+ if (strequal(sid_str, "S-1-5-20"))
{
- make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
+ char *name;
+ while (num_entries < MAX_SAM_ENTRIES && ((name = builtin_alias_rids[num_entries].name) != NULL))
+ {
+ make_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name));
+ pass[num_entries].user_rid = builtin_alias_rids[num_entries].rid;
+ num_entries++;
+ }
}
+ else if (strequal(sid_str, sam_sid_str))
+ {
+ /* local aliases */
+ /* oops! there's no code to deal with this */
+ DEBUG(3,("samr_reply_enum_dom_aliases: enum of aliases in our domain not supported yet\n"));
+ num_entries = 0;
+ }
+
+ make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
/* store the response in the SMB stream */
samr_io_r_enum_dom_aliases("", &r_e, rdata, 0);
@@ -1276,12 +1292,12 @@ static void api_samr_query_usergroups( uint16 vuid, prs_struct *data, prs_struct
/*******************************************************************
- samr_reply_unknown_8
+ samr_reply_query_dom_info
********************************************************************/
-static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
+static void samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u,
prs_struct *rdata)
{
- SAMR_R_UNKNOWN_8 r_u;
+ SAMR_R_QUERY_DOMAIN_INFO r_u;
SAM_UNK_CTR ctr;
uint16 switch_value = 0x0;
uint32 status = 0x0;
@@ -1291,13 +1307,13 @@ static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
r_u.ctr = &ctr;
- DEBUG(5,("samr_reply_unknown_8: %d\n", __LINE__));
+ DEBUG(5,("samr_reply_query_dom_info: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
{
r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
- DEBUG(5,("samr_reply_unknown_8: invalid handle\n"));
+ DEBUG(5,("samr_reply_query_dom_info: invalid handle\n"));
}
if (status == 0x0)
@@ -1319,27 +1335,27 @@ static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
}
}
- make_samr_r_unknown_8(&r_u, switch_value, &ctr, status);
+ make_samr_r_query_dom_info(&r_u, switch_value, &ctr, status);
/* store the response in the SMB stream */
- samr_io_r_unknown_8("", &r_u, rdata, 0);
+ samr_io_r_query_dom_info("", &r_u, rdata, 0);
- DEBUG(5,("samr_unknown_8: %d\n", __LINE__));
+ DEBUG(5,("samr_query_dom_info: %d\n", __LINE__));
}
/*******************************************************************
- api_samr_unknown_8
+ api_samr_query_dom_info
********************************************************************/
-static void api_samr_unknown_8( uint16 vuid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_dom_info( uint16 vuid, prs_struct *data, prs_struct *rdata)
{
- SAMR_Q_UNKNOWN_8 q_e;
+ SAMR_Q_QUERY_DOMAIN_INFO q_e;
/* grab the samr unknown 8 command */
- samr_io_q_unknown_8("", &q_e, data, 0);
+ samr_io_q_query_dom_info("", &q_e, data, 0);
/* construct reply. */
- samr_reply_unknown_8(&q_e, rdata);
+ samr_reply_query_dom_info(&q_e, rdata);
}
@@ -1595,7 +1611,7 @@ static struct api_struct api_samr_cmds [] =
{ "SAMR_LOOKUP_NAMES" , SAMR_LOOKUP_NAMES , api_samr_lookup_names },
{ "SAMR_OPEN_USER" , SAMR_OPEN_USER , api_samr_open_user },
{ "SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo },
- { "SAMR_UNKNOWN_8" , SAMR_UNKNOWN_8 , api_samr_unknown_8 },
+ { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info },
{ "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups },
{ "SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo },
{ "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo },
diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c
index 4756d2f338..b3557c7768 100644
--- a/source3/rpc_server/srv_util.c
+++ b/source3/rpc_server/srv_util.c
@@ -42,7 +42,6 @@
#include "nterr.h"
extern int DEBUGLEVEL;
-extern DOM_SID global_machine_sid;
/*
* A list of the rids of well known BUILTIN and Domain users