summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_netlogon.h93
-rw-r--r--source3/rpc_parse/parse_net.c136
-rw-r--r--source3/utils/net_rpc_samsync.c4
3 files changed, 104 insertions, 129 deletions
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 500f5fef8a..fb849f8238 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -719,45 +719,31 @@ typedef struct sam_alias_mem_info_info
/* SAM_DELTA_POLICY (0x0D) */
typedef struct
{
- uint32 unknown1; /* 0x5000 */
- uint32 unknown2; /* 0 */
- uint32 unknown3; /* 0 */
- uint32 unknown4; /* 0 */
- uint32 count1;
- uint32 ptr1;
- uint16 count2;
- uint16 count3;
- uint32 ptr2;
- uint32 ptr3;
-
- uint32 unknown4b; /* 0x02000000 */
- uint32 unknown5; /* 0x00100000 */
- uint32 unknown6; /* 0x00010000 */
- uint32 unknown7; /* 0x0f000000 */
- uint32 unknown8; /* 0 */
- uint32 unknown9; /* 0 */
- uint32 unknown10; /* 0 */
- uint32 unknown11; /* 0x3c*/
- uint32 unknown12; /* 0*/
-
- uint32 unknown13; /* a7080110 */
- uint32 unknown14; /* 01bfb0dd */
- uint32 unknown15; /* 0f */
- uint32 unknown16; /* 68 */
- uint32 unknown17; /* 00169000 */
-
- uint32 count4;
- uint32 unknown18; /* 0 times count4 */
-
- uint32 unknown19; /* 8 */
-
- uint32 unknown20; /* 0x04 times count1 */
-
- uint32 ptr4;
-
- UNISTR2 domain_name;
+ uint32 max_log_size; /* 0x5000 */
+ UINT64_S audit_retention_period; /* 0 */
+ uint32 auditing_mode; /* 0 */
+ uint32 num_events;
+ uint32 ptr_events;
+ UNIHDR hdr_dom_name;
+ uint32 sid_ptr;
+
+ uint32 paged_pool_limit; /* 0x02000000 */
+ uint32 non_paged_pool_limit; /* 0x00100000 */
+ uint32 min_workset_size; /* 0x00010000 */
+ uint32 max_workset_size; /* 0x0f000000 */
+ uint32 page_file_limit; /* 0 */
+ UINT64_S time_limit; /* 0 */
+ NTTIME modify_time; /* 0x3c*/
+ NTTIME create_time; /* a7080110 */
+ BUFHDR2 hdr_sec_desc;
+
+ uint32 num_event_audit_options;
+ uint32 event_audit_option;
+
+ UNISTR2 domain_name;
DOM_SID2 domain_sid;
+ BUFFER4 buf_sec_desc;
} SAM_DELTA_POLICY;
/* SAM_DELTA_TRUST_DOMS */
@@ -783,29 +769,24 @@ typedef struct
/* SAM_DELTA_PRIVS (0x10) */
typedef struct
{
- uint32 buf_size;
- SEC_DESC *sec_desc;
DOM_SID2 sid;
uint32 priv_count;
- uint32 reserved1; /* 0x0 */
-
- uint32 ptr1;
- uint32 ptr2;
-
- uint32 unknown1;
- uint32 unknown2;
- uint32 unknown3;
- uint32 unknown4;
- uint32 unknown5;
- uint32 unknown6;
- uint32 unknown7;
- uint32 unknown8;
- uint32 unknown9;
+ uint32 priv_control;
+
+ uint32 priv_attr_ptr;
+ uint32 priv_name_ptr;
+
+ uint32 paged_pool_limit; /* 0x02000000 */
+ uint32 non_paged_pool_limit; /* 0x00100000 */
+ uint32 min_workset_size; /* 0x00010000 */
+ uint32 max_workset_size; /* 0x0f000000 */
+ uint32 page_file_limit; /* 0 */
+ UINT64_S time_limit; /* 0 */
+ uint32 system_flags; /* 1 */
+ BUFHDR2 hdr_sec_desc;
uint32 buf_size2;
- uint32 ptr3;
- uint32 unknown10; /* 48 bytes 0x0*/
uint32 attribute_count;
uint32 *attributes;
@@ -814,7 +795,7 @@ typedef struct
UNIHDR *hdr_privslist;
UNISTR2 *uni_privslist;
-
+ BUFFER4 buf_sec_desc;
} SAM_DELTA_PRIVS;
/* SAM_DELTA_SECRET */
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index f1d813c3f0..e0f710b2d7 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -2357,79 +2357,70 @@ static BOOL net_io_sam_policy_info(char *desc, SAM_DELTA_POLICY *info,
prs_struct *ps, int depth)
{
int i;
-
prs_debug(ps, depth, desc, "net_io_sam_policy_info");
depth++;
if(!prs_align(ps))
return False;
- if (!prs_uint32("unknown1", ps, depth, &info->unknown1))
- return False;
- if (!prs_uint32("unknown2", ps, depth, &info->unknown2))
+ if (!prs_uint32("max_log_size", ps, depth, &info->max_log_size))
return False;
- if (!prs_uint32("unknown3", ps, depth, &info->unknown3))
+ if (!prs_uint64("audit_retention_period", ps, depth,
+ &info->audit_retention_period))
return False;
- if (!prs_uint32("unknown4", ps, depth, &info->unknown4))
+ if (!prs_uint32("auditing_mode", ps, depth, &info->auditing_mode))
return False;
- if (!prs_uint32("count1", ps, depth, &info->count1))
+ if (!prs_uint32("num_events", ps, depth, &info->num_events))
return False;
- if (!prs_uint32("ptr1", ps, depth, &info->ptr1))
+ if (!prs_uint32("ptr_events", ps, depth, &info->ptr_events))
return False;
- if (!prs_uint16("count2", ps, depth, &info->count2))
- return False;
- if (!prs_uint16("count3", ps, depth, &info->count3))
- return False;
+ if (!smb_io_unihdr("hdr_dom_name", &info->hdr_dom_name, ps, depth))
+ return False;
- if (!prs_uint32("ptr2", ps, depth, &info->ptr2))
- return False;
- if (!prs_uint32("ptr3", ps, depth, &info->ptr3))
+ if (!prs_uint32("sid_ptr", ps, depth, &info->sid_ptr))
return False;
- if (!prs_uint32("unknown4b", ps, depth, &info->unknown4b))
+ if (!prs_uint32("paged_pool_limit", ps, depth, &info->paged_pool_limit))
return False;
- if (!prs_uint32("unknown5", ps, depth, &info->unknown5))
+ if (!prs_uint32("non_paged_pool_limit", ps, depth,
+ &info->non_paged_pool_limit))
return False;
- if (!prs_uint32("unknown6", ps, depth, &info->unknown6))
+ if (!prs_uint32("min_workset_size", ps, depth, &info->min_workset_size))
return False;
- if (!prs_uint32("unknown7", ps, depth, &info->unknown7))
+ if (!prs_uint32("max_workset_size", ps, depth, &info->max_workset_size))
return False;
- if (!prs_uint32("unknown8", ps, depth, &info->unknown8))
+ if (!prs_uint32("page_file_limit", ps, depth, &info->page_file_limit))
return False;
- if (!prs_uint32("unknown9", ps, depth, &info->unknown9))
+ if (!prs_uint64("time_limit", ps, depth, &info->time_limit))
return False;
- if (!prs_uint32("unknown10", ps, depth, &info->unknown10))
+ if (!smb_io_time("modify_time", &info->modify_time, ps, depth))
return False;
- if (!prs_uint32("unknown11", ps, depth, &info->unknown11))
+ if (!smb_io_time("create_time", &info->create_time, ps, depth))
return False;
- if (!prs_uint32("unknown12", ps, depth, &info->unknown12))
+ if (!smb_io_bufhdr2("hdr_sec_desc", &info->hdr_sec_desc, ps, depth))
return False;
- if (!prs_uint32("unknown13", ps, depth, &info->unknown13))
- return False;
- if (!prs_uint32("unknown14", ps, depth, &info->unknown14))
- return False;
- if (!prs_uint32("unknown15", ps, depth, &info->unknown15))
- return False;
- if (!prs_uint32("unknown16", ps, depth, &info->unknown16))
- return False;
- if (!prs_uint32("unknown17", ps, depth, &info->unknown17))
- return False;
+ for (i=0; i<4; i++) {
+ UNIHDR dummy;
+ if (!smb_io_unihdr("dummy", &dummy, ps, depth))
+ return False;
+ }
- for (i=0; i<info->count2; i++)
- if (!prs_uint32("unknown18", ps, depth, &info->unknown18))
- return False;
+ for (i=0; i<4; i++) {
+ uint32 reserved;
+ if (!prs_uint32("reserved", ps, depth, &reserved))
+ return False;
+ }
- if (!prs_uint32("unknown19", ps, depth, &info->unknown19))
+ if (!prs_uint32("num_event_audit_options", ps, depth,
+ &info->num_event_audit_options))
return False;
- for (i=0; i<info->count1; i++)
- if (!prs_uint32("unknown20", ps, depth, &info->unknown20))
- return False;
-
- if (!prs_uint32("ptr4", ps, depth, &info->ptr4))
- return False;
+ for (i=0; i<info->num_event_audit_options; i++)
+ if (!prs_uint32("event_audit_option", ps, depth,
+ &info->event_audit_option))
+ return False;
if (!smb_io_unistr2("domain_name", &info->domain_name, True, ps, depth))
return False;
@@ -2437,6 +2428,11 @@ static BOOL net_io_sam_policy_info(char *desc, SAM_DELTA_POLICY *info,
if(!smb_io_dom_sid2("domain_sid", &info->domain_sid, ps, depth))
return False;
+ if (!smb_io_buffer4("buf_sec_desc", &info->buf_sec_desc,
+ info->hdr_sec_desc.buffer, ps, depth))
+
+ return False;
+
return True;
}
@@ -2589,52 +2585,48 @@ static BOOL net_io_sam_privs_info(char *desc, SAM_DELTA_PRIVS *info,
if(!prs_align(ps))
return False;
- if(!prs_uint32("buf_size", ps, depth, &info->buf_size))
- return False;
-
- if(!sec_io_desc("sec_desc", &info->sec_desc, ps, depth))
- return False;
-
if(!smb_io_dom_sid2("sid", &info->sid, ps, depth))
return False;
if(!prs_uint32("priv_count", ps, depth, &info->priv_count))
return False;
- if(!prs_uint32("reserved1", ps, depth, &info->reserved1))
+ if(!prs_uint32("priv_control", ps, depth, &info->priv_control))
return False;
- if(!prs_uint32("ptr1", ps, depth, &info->ptr1))
+ if(!prs_uint32("priv_attr_ptr", ps, depth, &info->priv_attr_ptr))
return False;
- if(!prs_uint32("ptr2", ps, depth, &info->ptr2))
+ if(!prs_uint32("priv_name_ptr", ps, depth, &info->priv_name_ptr))
return False;
- if(!prs_uint32("unknown1", ps, depth, &info->unknown1))
+ if (!prs_uint32("paged_pool_limit", ps, depth, &info->paged_pool_limit))
return False;
- if(!prs_uint32("unknown2", ps, depth, &info->unknown2))
+ if (!prs_uint32("non_paged_pool_limit", ps, depth,
+ &info->non_paged_pool_limit))
return False;
- if(!prs_uint32("unknown3", ps, depth, &info->unknown3))
+ if (!prs_uint32("min_workset_size", ps, depth, &info->min_workset_size))
return False;
- if(!prs_uint32("unknown4", ps, depth, &info->unknown4))
+ if (!prs_uint32("max_workset_size", ps, depth, &info->max_workset_size))
return False;
- if(!prs_uint32("unknown5", ps, depth, &info->unknown5))
+ if (!prs_uint32("page_file_limit", ps, depth, &info->page_file_limit))
return False;
- if(!prs_uint32("unknown6", ps, depth, &info->unknown6))
+ if (!prs_uint64("time_limit", ps, depth, &info->time_limit))
return False;
- if(!prs_uint32("unknown7", ps, depth, &info->unknown7))
+ if (!prs_uint32("system_flags", ps, depth, &info->system_flags))
return False;
- if(!prs_uint32("unknown8", ps, depth, &info->unknown8))
- return False;
- if(!prs_uint32("unknown9", ps, depth, &info->unknown9))
+ if (!smb_io_bufhdr2("hdr_sec_desc", &info->hdr_sec_desc, ps, depth))
return False;
- if(!prs_uint32("buf_size2", ps, depth, &info->buf_size2))
- return False;
- if(!prs_uint32("ptr3", ps, depth, &info->ptr3))
- return False;
+ for (i=0; i<4; i++) {
+ UNIHDR dummy;
+ if (!smb_io_unihdr("dummy", &dummy, ps, depth))
+ return False;
+ }
- for (i=0; i<12; i++)
- if(!prs_uint32("unknown10", ps, depth, &info->unknown10))
- return False;
+ for (i=0; i<4; i++) {
+ uint32 reserved;
+ if (!prs_uint32("reserved", ps, depth, &reserved))
+ return False;
+ }
if(!prs_uint32("attribute_count", ps, depth, &info->attribute_count))
return False;
@@ -2659,6 +2651,10 @@ static BOOL net_io_sam_privs_info(char *desc, SAM_DELTA_PRIVS *info,
if (!smb_io_unistr2("uni_privslist", &info->uni_privslist[i], True, ps, depth))
return False;
+ if (!smb_io_buffer4("buf_sec_desc", &info->buf_sec_desc,
+ info->hdr_sec_desc.buffer, ps, depth))
+ return False;
+
return True;
}
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index 6d8b7c672f..9d54a771fc 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -171,9 +171,7 @@ int rpc_samdump(int argc, const char **argv)
dump_database(cli, SAM_DATABASE_DOMAIN, &ret_creds);
dump_database(cli, SAM_DATABASE_BUILTIN, &ret_creds);
-
- /* Currently we crash on PRIVS somewhere in unmarshalling */
- /* Dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); */
+ dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds);
cli_nt_session_close(cli);