summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2006-07-04 10:25:04 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:09:46 -0500
commiteda5759e4566c69f03e13137473980a10dfedde4 (patch)
treeee45c0c1da4a72e4f31955d7a693f0090812278e /source4
parent9da5d4fd69d1e3a0c3129a41d185abcb1744d8be (diff)
downloadsamba-eda5759e4566c69f03e13137473980a10dfedde4.tar.gz
samba-eda5759e4566c69f03e13137473980a10dfedde4.tar.bz2
samba-eda5759e4566c69f03e13137473980a10dfedde4.zip
r16796: Fill in dsr_GetMemberships() / dsr_GetMemberships2().
This intersting call is apparently used to construct the user token, collect memberships from other DSAs and to retrieve (nested) memberships of a given group. Torture test to follow (once I cleaned it up). Guenther (This used to be commit ca5e133e8c6fca188fcaa834cdcd4cb2cd801d79)
Diffstat (limited to 'source4')
-rw-r--r--source4/librpc/idl/drsuapi.idl77
-rw-r--r--source4/rpc_server/drsuapi/dcesrv_drsuapi.c14
2 files changed, 80 insertions, 11 deletions
diff --git a/source4/librpc/idl/drsuapi.idl b/source4/librpc/idl/drsuapi.idl
index f106c4ce3a..cba0103b8e 100644
--- a/source4/librpc/idl/drsuapi.idl
+++ b/source4/librpc/idl/drsuapi.idl
@@ -7,11 +7,13 @@
authservice("ldap"),
helpstring("Active Directory Replication"),
pointer_default(unique),
- depends(security,misc),
+ depends(security,misc,samr),
keepref
]
interface drsuapi
{
+ declare bitmap samr_GroupAttrs;
+
/*****************/
/* Function 0x00 */
typedef [bitmap32bit] bitmap {
@@ -767,7 +769,51 @@ interface drsuapi
/*****************/
/* Function 0x09 */
- WERROR DRSUAPI_GET_MEMBERSHIPS();
+
+ /* how are type 4 and 7 different from 2 and 3 ? */
+ typedef [v1_enum] enum {
+ DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6,
+ DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7
+ } drsuapi_DsMembershipType;
+
+ typedef struct {
+ NTSTATUS status;
+ [range(0,10000)] uint32 num_memberships;
+ [range(0,10000)] uint32 num_sids;
+ [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array;
+ [size_is(num_memberships)] samr_GroupAttrs *group_attrs;
+ [size_is(num_sids)] dom_sid28 **sids;
+ } drsuapi_DsGetMembershipsCtr1;
+
+ typedef [switch_type(int32)] union {
+ [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1;
+ } drsuapi_DsGetMembershipsCtr;
+
+ const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1;
+
+ typedef struct {
+ [range(1,10000)] uint32 count;
+ [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array;
+ uint32 flags;
+ drsuapi_DsMembershipType type;
+ drsuapi_DsReplicaObjectIdentifier *domain;
+ } drsuapi_DsGetMembershipsRequest1;
+
+ typedef [switch_type(int32)] union {
+ [case(1)] drsuapi_DsGetMembershipsRequest1 req1;
+ } drsuapi_DsGetMembershipsRequest;
+
+ WERROR drsuapi_DsGetMemberships(
+ [in] policy_handle *bind_handle,
+ [in,out] int32 level,
+ [in] [switch_is(level)] drsuapi_DsGetMembershipsRequest req,
+ [out] [switch_is(level)] drsuapi_DsGetMembershipsCtr ctr
+ );
/*****************/
/* Function 0x0a */
@@ -1370,7 +1416,32 @@ interface drsuapi
/*****************/
/* Function 0x15 */
- WERROR DRSUAPI_GET_MEMBERSHIPS2();
+
+ typedef struct {
+ [range(0,10000)] uint32 num_entries;
+ [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array;
+ } drsuapi_DsGetMemberships2Ctr1;
+
+ typedef [switch_type(int32)] union {
+ [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1;
+ } drsuapi_DsGetMemberships2Ctr;
+
+ typedef struct {
+ [range(1,10000)] uint32 num_req;
+ [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array;
+ } drsuapi_DsGetMemberships2Request1;
+
+ typedef [switch_type(int32)] union {
+ [case(1)] drsuapi_DsGetMemberships2Request1 req1;
+ } drsuapi_DsGetMemberships2Request;
+
+ WERROR drsuapi_DsGetMemberships2(
+ [in] policy_handle *bind_handle,
+ [in,out] int32 level,
+ [in] [switch_is(level)] drsuapi_DsGetMemberships2Request req,
+ [out] [switch_is(level)] drsuapi_DsGetMemberships2Ctr ctr
+ );
+
/*****************/
/* Function 0x16 */
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index 11ad149044..4028e4c4f9 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -171,10 +171,10 @@ static WERROR DRSUAPI_VERIFY_NAMES(struct dcesrv_call_state *dce_call, TALLOC_CT
/*
- DRSUAPI_GET_MEMBERSHIPS
+ drsuapi_DsGetMemberships
*/
-static WERROR DRSUAPI_GET_MEMBERSHIPS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct DRSUAPI_GET_MEMBERSHIPS *r)
+static WERROR drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct drsuapi_DsGetMemberships *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
@@ -332,17 +332,15 @@ static WERROR DRSUAPI_ADD_SID_HISTORY(struct dcesrv_call_state *dce_call, TALLOC
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
-
/*
- DRSUAPI_GET_MEMBERSHIPS2
+ drsuapi_DsGetMemberships2
*/
-static WERROR DRSUAPI_GET_MEMBERSHIPS2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct DRSUAPI_GET_MEMBERSHIPS2 *r)
+static WERROR drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct drsuapi_DsGetMemberships2 *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
-
/*
DRSUAPI_REPLICA_VERIFY_OBJECTS
*/