diff options
-rw-r--r-- | source3/lib/netapi/localgroup.c | 199 |
1 files changed, 195 insertions, 4 deletions
diff --git a/source3/lib/netapi/localgroup.c b/source3/lib/netapi/localgroup.c index 7f7aa9a2b1..24b1c0cbbf 100644 --- a/source3/lib/netapi/localgroup.c +++ b/source3/lib/netapi/localgroup.c @@ -555,10 +555,203 @@ WERROR NetLocalGroupGetInfo_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static WERROR map_buffer_to_alias_info(TALLOC_CTX *mem_ctx, + uint32_t level, + uint8_t *buffer, + enum samr_AliasInfoEnum *alias_level, + union samr_AliasInfo **alias_info) +{ + struct LOCALGROUP_INFO_0 *info0; + struct LOCALGROUP_INFO_1 *info1; + struct LOCALGROUP_INFO_1002 *info1002; + union samr_AliasInfo *info = NULL; + + info = TALLOC_ZERO_P(mem_ctx, union samr_AliasInfo); + W_ERROR_HAVE_NO_MEMORY(info); + + switch (level) { + case 0: + info0 = (struct LOCALGROUP_INFO_0 *)buffer; + init_lsa_String(&info->name, info0->lgrpi0_name); + *alias_level = ALIASINFONAME; + break; + case 1: + info1 = (struct LOCALGROUP_INFO_1 *)buffer; + /* group name will be ignored */ + init_lsa_String(&info->description, info1->lgrpi1_comment); + *alias_level = ALIASINFODESCRIPTION; + break; + case 1002: + info1002 = (struct LOCALGROUP_INFO_1002 *)buffer; + init_lsa_String(&info->description, info1002->lgrpi1002_comment); + *alias_level = ALIASINFODESCRIPTION; + break; + } + + *alias_info = info; + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, struct NetLocalGroupSetInfo *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + struct lsa_String lsa_account_name; + struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle; + struct samr_Ids user_rids, name_types; + struct dom_sid2 *domain_sid = NULL; + enum samr_AliasInfoEnum alias_level; + union samr_AliasInfo *alias_info = NULL; + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + case 1: + case 1002: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(builtin_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(alias_handle); + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_ENUM_DOMAINS, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + CONST_DISCARD(DOM_SID *, &global_sid_Builtin), + &builtin_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &builtin_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (NT_STATUS_IS_OK(status)) { + status = rpccli_samr_OpenAlias(pipe_cli, ctx, + &builtin_handle, + SAMR_ALIAS_ACCESS_SET_INFO, + user_rids.ids[0], + &alias_handle); + if (NT_STATUS_IS_OK(status)) { + rpccli_samr_Close(pipe_cli, ctx, &builtin_handle); + goto set_alias; + } + } + + rpccli_samr_Close(pipe_cli, ctx, &builtin_handle); + + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenAlias(pipe_cli, ctx, + &domain_handle, + SAMR_ALIAS_ACCESS_SET_INFO, + user_rids.ids[0], + &alias_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + + set_alias: + + werr = map_buffer_to_alias_info(ctx, r->in.level, r->in.buf, + &alias_level, &alias_info); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_samr_SetAliasInfo(pipe_cli, ctx, + &alias_handle, + alias_level, + alias_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&alias_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &alias_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&builtin_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &builtin_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -567,7 +760,5 @@ WERROR NetLocalGroupSetInfo_r(struct libnetapi_ctx *ctx, WERROR NetLocalGroupSetInfo_l(struct libnetapi_ctx *ctx, struct NetLocalGroupSetInfo *r) { - return WERR_NOT_SUPPORTED; + return NetLocalGroupSetInfo_r(ctx, r); } - - |