diff options
Diffstat (limited to 'source3/nsswitch/winbindd_glue.c')
| -rw-r--r-- | source3/nsswitch/winbindd_glue.c | 364 |
1 files changed, 364 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_glue.c b/source3/nsswitch/winbindd_glue.c new file mode 100644 index 0000000000..ac8c60d26c --- /dev/null +++ b/source3/nsswitch/winbindd_glue.c @@ -0,0 +1,364 @@ +/* + Unix SMB/Netbios implementation. + Version 2.0 + + Winbind daemon glue functions to connect new cli interface + to older style lsa_ and samr_ functions + + Copyright (C) tridge@samba.org 2001 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "winbindd.h" + +/**************************************************************************** +do a LSA Open Policy +****************************************************************************/ +BOOL lsa_open_policy(char *server, BOOL sec_qos, uint32 des_access, + CLI_POLICY_HND *pol) +{ + struct nmb_name calling, called; + struct ntuser_creds creds; + struct in_addr dest_ip; + fstring dest_host; + uint32 result = NT_STATUS_UNSUCCESSFUL; + extern pstring global_myname; + + ZERO_STRUCTP(pol); + + pol->cli = (struct cli_state *)malloc(sizeof(struct cli_state)); + pol->mem_ctx = talloc_init(); + + if (!pol->cli || !pol->mem_ctx) + return False; + + /* Initialise RPC connection */ + + ZERO_STRUCT(creds); + creds.pwd.null_pwd = 1; + + cli_init_creds(pol->cli, &creds); + + /* Establish a SMB connection */ + + if (!resolve_srv_name(server, dest_host, &dest_ip)) { + goto done; + } + + make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20); + make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0); + + if (!cli_establish_connection(pol->cli, dest_host, &dest_ip, &calling, + &called, "IPC$", "IPC", False, True)) { + goto done; + } + + if (!cli_nt_session_open (pol->cli, PIPE_LSARPC)) { + goto done; + } + + result = cli_lsa_open_policy(pol->cli, pol->mem_ctx, sec_qos, + des_access, &pol->handle); + + done: + if (result != NT_STATUS_NOPROBLEMO && pol->cli) { + if (pol->cli->initialised) + cli_shutdown(pol->cli); + free(pol->cli); + } + + return (result == NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +do a LSA Enumerate Trusted Domain +****************************************************************************/ +BOOL lsa_enum_trust_dom(CLI_POLICY_HND *hnd, uint32 *enum_ctx, + uint32 * num_doms, char ***names, DOM_SID **sids) +{ + uint32 ret; + + ret = cli_lsa_enum_trust_dom(hnd->cli, hnd->mem_ctx, &hnd->handle, + enum_ctx, num_doms, names, sids); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +do a LSA Query Info Policy +****************************************************************************/ +BOOL lsa_query_info_pol(CLI_POLICY_HND *hnd, uint16 info_class, + fstring domain_name, DOM_SID *domain_sid) +{ + uint32 ret; + + ret = cli_lsa_query_info_policy(hnd->cli, hnd->mem_ctx, &hnd->handle, + info_class, domain_name, domain_sid); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +do a LSA Lookup Names +****************************************************************************/ +BOOL lsa_lookup_names(CLI_POLICY_HND *hnd, int num_names, char **names, + DOM_SID **sids, uint32 **types, int *num_sids) +{ + uint32 ret; + + ret = cli_lsa_lookup_names(hnd->cli, hnd->mem_ctx, &hnd->handle, + num_names, names, sids, types, num_sids); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +do a LSA Lookup SIDS +****************************************************************************/ +BOOL lsa_lookup_sids(CLI_POLICY_HND *hnd, int num_sids, DOM_SID *sids, + char ***names, uint32 **types, int *num_names) +{ + uint32 ret; + + ret = cli_lsa_lookup_sids(hnd->cli, hnd->mem_ctx, &hnd->handle, + num_sids, sids, names, types, num_names); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +lsa_close glue +****************************************************************************/ +BOOL lsa_close(CLI_POLICY_HND *hnd) +{ + uint32 ret; + + ret = cli_lsa_close(hnd->cli, hnd->mem_ctx, &hnd->handle); + + return (ret == NT_STATUS_NOPROBLEMO); +} + + +/**************************************************************************** +samr_close glue +****************************************************************************/ +BOOL samr_close(CLI_POLICY_HND *hnd) +{ + uint32 ret; + + ret = cli_samr_close(hnd->cli, hnd->mem_ctx, &hnd->handle); + + return (ret == NT_STATUS_NOPROBLEMO); +} + + +/**************************************************************************** +samr_connect glue +****************************************************************************/ +BOOL samr_connect(char *srv_name, uint32 access_mask, + CLI_POLICY_HND *connect_pol) +{ + uint32 ret; + + ret = cli_samr_connect(connect_pol->cli, connect_pol->mem_ctx, + srv_name, access_mask, + &connect_pol->handle); + + return (ret == NT_STATUS_NOPROBLEMO); +} + + +/**************************************************************************** +samr_open_domain glue +****************************************************************************/ +BOOL samr_open_domain(CLI_POLICY_HND *connect_pol, + uint32 ace_perms, + DOM_SID *sid, + CLI_POLICY_HND *domain_pol) +{ + uint32 ret; + + ret = cli_samr_open_domain(connect_pol->cli, + connect_pol->mem_ctx, + &connect_pol->handle, + ace_perms, + sid, + &domain_pol->handle); + + if (ret == NT_STATUS_NOPROBLEMO) { + domain_pol->cli = connect_pol->cli; + return True; + } + + return False; +} + +/******************************************************************* +frees a structure. +********************************************************************/ +void free_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr) +{ + if (ctr == NULL) + return; + safe_free(ctr->info.id); + ctr->info.id = NULL; +} + +/**************************************************************************** +do a SAMR enumerate groups +****************************************************************************/ +uint32 samr_enum_dom_groups(CLI_POLICY_HND *pol, + uint32 *start_idx, uint32 size, + struct acct_info **sam, + uint32 *num_sam_groups) +{ + DEBUG(0,("unimplemented samr_enum_dom_groups\n")); + return -1; +} + +/**************************************************************************** +do a SAMR enumerate groups +****************************************************************************/ +BOOL get_samr_query_userinfo(CLI_POLICY_HND *pol, uint32 info_level, + uint32 user_rid, SAM_USERINFO_CTR *ctr) +{ + POLICY_HND user_pol; + BOOL got_user_pol = False; + uint32 result; + + if ((result = cli_samr_open_user(pol->cli, pol->mem_ctx, + &pol->handle, MAXIMUM_ALLOWED_ACCESS, + user_rid, &user_pol)) + != NT_STATUS_NOPROBLEMO) + goto done; + + got_user_pol = True; + + if ((result = cli_samr_query_userinfo(pol->cli, pol->mem_ctx, + &user_pol, info_level, ctr)) + != NT_STATUS_NOPROBLEMO) + goto done; + + done: + if (got_user_pol) cli_samr_close(pol->cli, pol->mem_ctx, &user_pol); + + return (result != NT_STATUS_NOPROBLEMO); +} + +/**************************************************************************** +do a SAMR enumerate groups +****************************************************************************/ +BOOL samr_open_user(CLI_POLICY_HND *pol, uint32 access_mask, uint32 rid, + POLICY_HND *user_pol) +{ + uint32 ret; + + ret = cli_samr_open_user(pol->cli, pol->mem_ctx, &pol->handle, + access_mask, rid, user_pol); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +BOOL samr_query_usergroups(CLI_POLICY_HND *pol, uint32 *num_groups, + DOM_GID **gid) +{ + uint32 ret; + + ret = cli_samr_query_usergroups(pol->cli, pol->mem_ctx, &pol->handle, + num_groups, gid); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +BOOL get_samr_query_groupinfo(CLI_POLICY_HND *pol, uint32 info_level, + uint32 group_rid, GROUP_INFO_CTR *ctr) +{ + POLICY_HND group_pol; + BOOL got_group_pol = False; + uint32 result; + + if ((result = cli_samr_open_group(pol->cli, pol->mem_ctx, + &pol->handle, MAXIMUM_ALLOWED_ACCESS, + group_rid, &group_pol)) + != NT_STATUS_NOPROBLEMO) + goto done; + + got_group_pol = True; + + if ((result = cli_samr_query_groupinfo(pol->cli, pol->mem_ctx, + &group_pol, info_level, + ctr)) != NT_STATUS_NOPROBLEMO) + goto done; + + done: + if (got_group_pol) cli_samr_close(pol->cli, pol->mem_ctx, &group_pol); + + return (result == NT_STATUS_NOPROBLEMO); +} + +BOOL sam_query_groupmem(CLI_POLICY_HND *pol, uint32 group_rid, + uint32 *num_names, uint32 **rid_mem, char ***names, + uint32 **name_types) +{ + BOOL got_group_pol = False; + POLICY_HND group_pol; + uint32 result; + + if ((result = cli_samr_open_group(pol->cli, pol->mem_ctx, + &pol->handle, MAXIMUM_ALLOWED_ACCESS, + group_rid, &group_pol)) + != NT_STATUS_NOPROBLEMO) + goto done; + + got_group_pol = True; + + if ((result = cli_samr_query_groupmem(pol->cli, pol->mem_ctx, + &group_pol, num_names, rid_mem, + name_types)) + != NT_STATUS_NOPROBLEMO) + goto done; + + /* do a samr_query_lookup_rids() */ + + done: + if (got_group_pol) cli_samr_close(pol->cli, pol->mem_ctx, &group_pol); + + return (result == NT_STATUS_NOPROBLEMO); +} + +BOOL samr_query_dom_info(CLI_POLICY_HND *pol, uint16 switch_value, + SAM_UNK_CTR *ctr) +{ + uint32 ret; + + ret = cli_samr_query_dom_info(pol->cli, pol->mem_ctx, + &pol->handle, switch_value, ctr); + + return (ret == NT_STATUS_NOPROBLEMO); +} + +BOOL samr_query_dispinfo(CLI_POLICY_HND *pol, uint32 *start_ndx, + uint16 info_level, uint32 *num_entries, + SAM_DISPINFO_CTR *ctr) +{ + uint32 ret; + + ret = cli_samr_query_dispinfo(pol->cli, pol->mem_ctx, + &pol->handle, start_ndx, info_level, + num_entries, 0xffff, ctr); + + return (ret == NT_STATUS_NOPROBLEMO); +} |