diff options
Diffstat (limited to 'source3/lib/netapi')
-rw-r--r-- | source3/lib/netapi/user.c | 507 |
1 files changed, 377 insertions, 130 deletions
diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 428f2493c0..3f8d6f5b2d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -23,7 +23,7 @@ #include "lib/netapi/netapi.h" #include "lib/netapi/netapi_private.h" #include "lib/netapi/libnetapi.h" -#include "../librpc/gen_ndr/cli_samr.h" +#include "../librpc/gen_ndr/ndr_samr_c.h" #include "rpc_client/init_samr.h" #include "../libds/common/flags.h" #include "rpc_client/init_lsa.h" @@ -296,7 +296,8 @@ static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, { union samr_UserInfo user_info; struct samr_UserInfo21 info21; - NTSTATUS status; + NTSTATUS status, result; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; if (!uX) { return NT_STATUS_INVALID_PARAMETER; @@ -314,11 +315,11 @@ static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, session_key, &user_info.info25.password); - status = rpccli_samr_SetUserInfo2(pipe_cli, talloc_tos(), + status = dcerpc_samr_SetUserInfo2(b, talloc_tos(), user_handle, 25, - &user_info); - + &user_info, + &result); if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { user_info.info23.info = info21; @@ -327,22 +328,34 @@ static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, session_key, &user_info.info23.password); - status = rpccli_samr_SetUserInfo2(pipe_cli, talloc_tos(), + status = dcerpc_samr_SetUserInfo2(b, talloc_tos(), user_handle, 23, - &user_info); + &user_info, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + } + + if (!NT_STATUS_IS_OK(status)) { + return status; } } else { user_info.info21 = info21; - status = rpccli_samr_SetUserInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_SetUserInfo(b, talloc_tos(), user_handle, 21, - &user_info); + &user_info, + &result); + if (!NT_STATUS_IS_OK(status)) { + return status; + } } - return status; + return result; } /**************************************************************** @@ -352,7 +365,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, struct NetUserAdd *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; @@ -362,6 +375,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, uint32_t access_granted = 0; uint32_t rid = 0; struct USER_INFO_X uX; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -389,6 +403,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); @@ -410,7 +426,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, uX.usriX_name); - status = rpccli_samr_CreateUser2(pipe_cli, talloc_tos(), + status = dcerpc_samr_CreateUser2(b, talloc_tos(), &domain_handle, &lsa_account_name, ACB_NORMAL, @@ -421,33 +437,48 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, SAMR_USER_ACCESS_GET_ATTRIBUTES, &user_handle, &access_granted, - &rid); + &rid, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_QueryUserInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_QueryUserInfo(b, talloc_tos(), &user_handle, 16, - &user_info); + &user_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (!(user_info->info16.acct_flags & ACB_NORMAL)) { werr = WERR_INVALID_PARAM; goto done; } - status = rpccli_samr_GetUserPwInfo(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetUserPwInfo(b, talloc_tos(), &user_handle, - &pw_info); + &pw_info, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } uX.usriX_flags |= ACB_NORMAL; @@ -464,12 +495,13 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; failed: - rpccli_samr_DeleteUser(pipe_cli, talloc_tos(), - &user_handle); + dcerpc_samr_DeleteUser(b, talloc_tos(), + &user_handle, + &result); done: - if (is_valid_policy_hnd(&user_handle) && pipe_cli) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &user_handle); + if (is_valid_policy_hnd(&user_handle) && b) { + dcerpc_samr_Close(b, talloc_tos(), &user_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -496,13 +528,14 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, struct NetUserDel *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, builtin_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; struct samr_Ids user_rids, name_types; struct dom_sid2 *domain_sid = NULL; struct dom_sid2 user_sid; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(builtin_handle); @@ -517,6 +550,8 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -528,61 +563,86 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_OpenDomain(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenDomain(b, talloc_tos(), &connect_handle, SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, CONST_DISCARD(struct dom_sid *, &global_sid_Builtin), - &builtin_handle); + &builtin_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_OpenUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenUser(b, talloc_tos(), &domain_handle, SEC_STD_DELETE, user_rids.ids[0], - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } sid_compose(&user_sid, domain_sid, user_rids.ids[0]); - status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, talloc_tos(), + status = dcerpc_samr_RemoveMemberFromForeignDomain(b, talloc_tos(), &builtin_handle, - &user_sid); + &user_sid, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_DeleteUser(pipe_cli, talloc_tos(), - &user_handle); + status = dcerpc_samr_DeleteUser(b, talloc_tos(), + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } werr = WERR_OK; done: if (is_valid_policy_hnd(&user_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &user_handle); + dcerpc_samr_Close(b, talloc_tos(), &user_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -618,7 +678,7 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, struct sec_desc_buf **sec_desc, uint32_t *auth_flag_p) { - NTSTATUS status; + NTSTATUS status, result; struct policy_handle user_handle; union samr_UserInfo *user_info = NULL; @@ -626,6 +686,7 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, uint32_t access_mask = SEC_STD_READ_CONTROL | SAMR_USER_ACCESS_GET_ATTRIBUTES | SAMR_USER_ACCESS_GET_NAME_ETC; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; ZERO_STRUCT(user_handle); @@ -656,30 +717,45 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - status = rpccli_samr_OpenUser(pipe_cli, mem_ctx, + status = dcerpc_samr_OpenUser(b, mem_ctx, domain_handle, access_mask, rid, - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } - status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryUserInfo(b, mem_ctx, &user_handle, 21, - &user_info); + &user_info, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } - status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx, + status = dcerpc_samr_QuerySecurity(b, mem_ctx, &user_handle, SECINFO_DACL, - sec_desc); + sec_desc, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) { @@ -689,12 +765,17 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, uint32_t auth_flag = 0; struct dom_sid sid; - status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx, + status = dcerpc_samr_GetGroupsForUser(b, mem_ctx, &user_handle, - &rid_array); + &rid_array, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } sid_array.num_sids = rid_array->count + 1; sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr, @@ -711,13 +792,18 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sid); NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); - status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx, + status = dcerpc_samr_GetAliasMembership(b, mem_ctx, builtin_handle, &sid_array, - &alias_rids); + &alias_rids, + &result); if (!NT_STATUS_IS_OK(status)) { goto done; } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } for (i=0; i<alias_rids.count; i++) { switch (alias_rids.ids[i]) { @@ -744,7 +830,7 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, done: if (is_valid_policy_hnd(&user_handle)) { - rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle); + dcerpc_samr_Close(b, mem_ctx, &user_handle, &result); } return status; @@ -1188,7 +1274,9 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, uint32_t entries_read = 0; NTSTATUS status = NT_STATUS_OK; + NTSTATUS result = NT_STATUS_OK; WERROR werr; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -1223,6 +1311,8 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -1267,16 +1357,21 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, break; } - status = rpccli_samr_EnumDomainUsers(pipe_cli, + status = dcerpc_samr_EnumDomainUsers(b, ctx, &domain_handle, r->in.resume_handle, filter, &sam, r->in.prefmaxlen, - &entries_read); - werr = ntstatus_to_werror(status); - if (NT_STATUS_IS_ERR(status)) { + &entries_read, + &result); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + werr = ntstatus_to_werror(result); + if (NT_STATUS_IS_ERR(result)) { goto done; } @@ -1299,8 +1394,8 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, done: /* if last query */ - if (NT_STATUS_IS_OK(status) || - NT_STATUS_IS_ERR(status)) { + if (NT_STATUS_IS_OK(result) || + NT_STATUS_IS_ERR(result)) { if (ctx->disable_policy_handle_cache) { libnetapi_samr_close_domain_handle(ctx, &domain_handle); @@ -1493,11 +1588,13 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; struct policy_handle domain_handle; union samr_DispInfo info; + struct dcerpc_binding_handle *b = NULL; uint32_t total_size = 0; uint32_t returned_size = 0; NTSTATUS status = NT_STATUS_OK; + NTSTATUS result = NT_STATUS_OK; WERROR werr; WERROR werr_tmp; @@ -1522,6 +1619,8 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -1535,7 +1634,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_samr_QueryDisplayInfo2(pipe_cli, + status = dcerpc_samr_QueryDisplayInfo2(b, ctx, &domain_handle, r->in.level, @@ -1544,9 +1643,14 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, r->in.prefmaxlen, &total_size, &returned_size, - &info); - werr = ntstatus_to_werror(status); - if (NT_STATUS_IS_ERR(status)) { + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + werr = ntstatus_to_werror(result); + if (NT_STATUS_IS_ERR(result)) { goto done; } @@ -1559,8 +1663,8 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, } done: /* if last query */ - if (NT_STATUS_IS_OK(status) || - NT_STATUS_IS_ERR(status)) { + if (NT_STATUS_IS_OK(result) || + NT_STATUS_IS_ERR(result)) { if (ctx->disable_policy_handle_cache) { libnetapi_samr_close_domain_handle(ctx, &domain_handle); @@ -1607,7 +1711,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, struct NetUserGetInfo *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle; @@ -1615,6 +1719,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; struct samr_Ids user_rids, name_types; uint32_t num_entries = 0; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -1648,6 +1753,8 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -1672,16 +1779,21 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, domain_sid, @@ -1698,8 +1810,8 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, } done: - if (is_valid_policy_hnd(&user_handle) && pipe_cli) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &user_handle); + if (is_valid_policy_hnd(&user_handle) && b) { + dcerpc_samr_Close(b, talloc_tos(), &user_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -1726,7 +1838,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r) { struct rpc_pipe_client *pipe_cli = NULL; - NTSTATUS status; + NTSTATUS status, result; WERROR werr; struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle; @@ -1736,6 +1848,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, uint32_t user_mask = 0; struct USER_INFO_X uX; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -1802,6 +1915,8 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -1827,26 +1942,36 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_OpenUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenUser(b, talloc_tos(), &domain_handle, user_mask, user_rids.ids[0], - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX); if (!NT_STATUS_IS_OK(status)) { @@ -1866,8 +1991,8 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, werr = WERR_OK; done: - if (is_valid_policy_hnd(&user_handle) && pipe_cli) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &user_handle); + if (is_valid_policy_hnd(&user_handle) && b) { + dcerpc_samr_Close(b, talloc_tos(), &user_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -1901,65 +2026,78 @@ static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, struct samr_DomInfo7 *info7, struct samr_DomInfo12 *info12) { - NTSTATUS status; + NTSTATUS status, result; union samr_DomainInfo *dom_info = NULL; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; if (info1) { - status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, domain_handle, 1, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info1 = dom_info->info1; } if (info3) { - status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, domain_handle, 3, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info3 = dom_info->info3; } if (info5) { - status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, domain_handle, 5, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info5 = dom_info->info5; } if (info6) { - status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, domain_handle, 6, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info6 = dom_info->info6; } if (info7) { - status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo(b, mem_ctx, domain_handle, 7, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info7 = dom_info->info7; } if (info12) { - status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx, + status = dcerpc_samr_QueryDomainInfo2(b, mem_ctx, domain_handle, 12, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); *info12 = dom_info->info12; } @@ -2277,8 +2415,9 @@ static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, struct samr_DomInfo3 *info3, struct samr_DomInfo12 *info12) { - NTSTATUS status; + NTSTATUS status, result; union samr_DomainInfo dom_info; + struct dcerpc_binding_handle *b = pipe_cli->binding_handle; if (info1) { @@ -2286,11 +2425,13 @@ static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, dom_info.info1 = *info1; - status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_SetDomainInfo(b, mem_ctx, domain_handle, 1, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); } if (info3) { @@ -2299,12 +2440,14 @@ static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, dom_info.info3 = *info3; - status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_SetDomainInfo(b, mem_ctx, domain_handle, 3, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); } if (info12) { @@ -2313,12 +2456,14 @@ static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, dom_info.info12 = *info12; - status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + status = dcerpc_samr_SetDomainInfo(b, mem_ctx, domain_handle, 12, - &dom_info); + &dom_info, + &result); NT_STATUS_NOT_OK_RETURN(status); + NT_STATUS_NOT_OK_RETURN(result); } return NT_STATUS_OK; @@ -2805,7 +2950,9 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, uint32_t entries_read = 0; NTSTATUS status = NT_STATUS_OK; + NTSTATUS result = NT_STATUS_OK; WERROR werr; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -2833,6 +2980,8 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -2846,34 +2995,49 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_OpenUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenUser(b, talloc_tos(), &domain_handle, SAMR_USER_ACCESS_GET_GROUPS, user_rids.ids[0], - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_GetGroupsForUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetGroupsForUser(b, talloc_tos(), &user_handle, - &rid_array); + &rid_array, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } rids = talloc_array(ctx, uint32_t, rid_array->count); if (!rids) { @@ -2885,17 +3049,22 @@ WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, rids[i] = rid_array->rids[i].rid; } - status = rpccli_samr_LookupRids(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupRids(b, talloc_tos(), &domain_handle, rid_array->count, rids, &names, - &types); - if (!NT_STATUS_IS_OK(status) && - !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) { + &types, + &result); + if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result) && + !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; i < names.count; i++) { status = add_GROUP_USERS_INFO_X_buffer(ctx, @@ -2960,7 +3129,9 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, int i, k; NTSTATUS status = NT_STATUS_OK; + NTSTATUS result = NT_STATUS_OK; WERROR werr; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -2984,6 +3155,8 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -2997,26 +3170,36 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_OpenUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenUser(b, talloc_tos(), &domain_handle, SAMR_USER_ACCESS_GET_GROUPS, user_rids.ids[0], - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } switch (r->in.level) { case 0: @@ -3047,27 +3230,37 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, r->in.num_entries, lsa_names, &group_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } member_rids = group_rids.ids; num_member_rids = group_rids.count; - status = rpccli_samr_GetGroupsForUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetGroupsForUser(b, talloc_tos(), &user_handle, - &rid_array); + &rid_array, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } /* add list */ @@ -3112,53 +3305,73 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, /* add list */ for (i=0; i < num_add_rids; i++) { - status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenGroup(b, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_ADD_MEMBER, add_rids[i], - &group_handle); + &group_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_AddGroupMember(pipe_cli, talloc_tos(), + status = dcerpc_samr_AddGroupMember(b, talloc_tos(), &group_handle, user_rids.ids[0], - 7 /* ? */); + 7 /* ? */, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); + dcerpc_samr_Close(b, talloc_tos(), &group_handle, &result); } } /* del list */ for (i=0; i < num_del_rids; i++) { - status = rpccli_samr_OpenGroup(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenGroup(b, talloc_tos(), &domain_handle, SAMR_GROUP_ACCESS_REMOVE_MEMBER, del_rids[i], - &group_handle); + &group_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_DeleteGroupMember(pipe_cli, talloc_tos(), + status = dcerpc_samr_DeleteGroupMember(b, talloc_tos(), &group_handle, - user_rids.ids[0]); + user_rids.ids[0], + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); + dcerpc_samr_Close(b, talloc_tos(), &group_handle, &result); } } @@ -3166,7 +3379,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, done: if (is_valid_policy_hnd(&group_handle)) { - rpccli_samr_Close(pipe_cli, talloc_tos(), &group_handle); + dcerpc_samr_Close(b, talloc_tos(), &group_handle, &result); } if (ctx->disable_policy_handle_cache) { @@ -3238,7 +3451,9 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, uint32_t entries_read = 0; NTSTATUS status = NT_STATUS_OK; + NTSTATUS result = NT_STATUS_OK; WERROR werr; + struct dcerpc_binding_handle *b = NULL; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -3266,6 +3481,8 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, goto done; } + b = pipe_cli->binding_handle; + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_LOOKUP_DOMAIN, @@ -3291,34 +3508,49 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, init_lsa_String(&lsa_account_name, r->in.user_name); - status = rpccli_samr_LookupNames(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupNames(b, talloc_tos(), &domain_handle, 1, &lsa_account_name, &user_rids, - &name_types); + &name_types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_OpenUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_OpenUser(b, talloc_tos(), &domain_handle, SAMR_USER_ACCESS_GET_GROUPS, user_rids.ids[0], - &user_handle); + &user_handle, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } - status = rpccli_samr_GetGroupsForUser(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetGroupsForUser(b, talloc_tos(), &user_handle, - &rid_array); + &rid_array, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } if (!sid_compose(&user_sid, domain_sid, user_rids.ids[0])) { werr = WERR_NOMEM; @@ -3353,14 +3585,19 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_GetAliasMembership(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetAliasMembership(b, talloc_tos(), &domain_handle, &sid_array, - &domain_rids); + &domain_rids, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; i < domain_rids.count; i++) { if (!add_rid_to_array_unique(ctx, domain_rids.ids[i], @@ -3370,14 +3607,19 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_GetAliasMembership(pipe_cli, talloc_tos(), + status = dcerpc_samr_GetAliasMembership(b, talloc_tos(), &builtin_handle, &sid_array, - &builtin_rids); + &builtin_rids, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; i < builtin_rids.count; i++) { if (!add_rid_to_array_unique(ctx, builtin_rids.ids[i], @@ -3387,16 +3629,21 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, } } - status = rpccli_samr_LookupRids(pipe_cli, talloc_tos(), + status = dcerpc_samr_LookupRids(b, talloc_tos(), &builtin_handle, num_rids, rids, &names, - &types); + &types, + &result); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } + if (!NT_STATUS_IS_OK(result)) { + werr = ntstatus_to_werror(result); + goto done; + } for (i=0; i < names.count; i++) { status = add_LOCALGROUP_USERS_INFO_X_buffer(ctx, |