diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/Makefile.in | 10 | ||||
-rw-r--r-- | source3/configure.in | 4 | ||||
-rw-r--r-- | source3/include/rpc_client.h | 1 | ||||
-rw-r--r-- | source3/include/rpc_ds.h | 66 | ||||
-rw-r--r-- | source3/include/smb.h | 3 | ||||
-rw-r--r-- | source3/rpc_client/cli_ds.c | 42 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 2 | ||||
-rw-r--r-- | source3/rpc_parse/parse_ds.c | 111 | ||||
-rw-r--r-- | source3/rpc_server/srv_dssetup_nt.c | 220 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_ds.c | 85 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_ds_nt.c | 130 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 4 | ||||
-rw-r--r-- | source3/rpcclient/cmd_ds.c | 51 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cm.c | 31 |
14 files changed, 281 insertions, 479 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index e30d13e4f5..08a0c14311 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -276,6 +276,7 @@ LIBNDR_GEN_OBJ = librpc/gen_ndr/ndr_wkssvc.o \ librpc/gen_ndr/ndr_eventlog.o \ librpc/gen_ndr/ndr_netlogon.o \ librpc/gen_ndr/ndr_samr.o \ + librpc/gen_ndr/ndr_dssetup.o \ librpc/gen_ndr/ndr_notify.o \ librpc/gen_ndr/ndr_xattr.o \ librpc/gen_ndr/ndr_libnet_join.o @@ -409,6 +410,7 @@ LIBMSRPC_GEN_OBJ = librpc/gen_ndr/cli_lsa.o \ librpc/gen_ndr/cli_wkssvc.o \ librpc/gen_ndr/cli_netlogon.o \ librpc/gen_ndr/cli_samr.o \ + librpc/gen_ndr/cli_dssetup.o \ $(LIBNDR_GEN_OBJ) \ $(RPCCLIENT_NDR_OBJ) @@ -474,7 +476,7 @@ RPC_REG_OBJ = rpc_server/srv_winreg_nt.o \ librpc/gen_ndr/srv_winreg.o \ $(REGFIO_OBJ) -RPC_LSA_DS_OBJ = rpc_server/srv_lsa_ds.o rpc_server/srv_lsa_ds_nt.o +RPC_DSSETUP_OBJ = rpc_server/srv_dssetup_nt.o librpc/gen_ndr/srv_dssetup.o RPC_SVC_OBJ = rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \ librpc/gen_ndr/srv_srvsvc.o @@ -900,7 +902,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) $(LIBNDR_OBJ) $(LIBNDR_GEN_OBJ) \ $(PASSDB_OBJ) $(GROUPDB_OBJ) \ $(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \ $(AUTH_SAM_OBJ) $(REGISTRY_OBJ) $(POPT_LIB_OBJ) \ - $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) $(RPC_LSA_DS_OBJ) \ + $(RPC_LSA_OBJ) $(RPC_NETLOG_OBJ) $(RPC_SAMR_OBJ) $(RPC_REG_OBJ) $(RPC_DSSETUP_OBJ) \ $(RPC_SVC_OBJ) $(RPC_WKS_OBJ) $(RPC_DFS_OBJ) $(RPC_SPOOLSS_OBJ) \ $(RPC_ECHO_OBJ) $(RPC_SVCCTL_OBJ) $(RPC_EVENTLOG_OBJ) $(SMBLDAP_OBJ) \ $(IDMAP_OBJ) libsmb/spnego.o $(PASSCHANGE_OBJ) $(RPC_UNIXINFO_OBJ) \ @@ -1543,9 +1545,9 @@ bin/librpc_initshutdown.@SHLIBEXT@: $(BINARY_PREREQS) $(RPC_INITSHUTDOWN_OBJ) @echo "Linking $@" @$(SHLD_MODULE) $(RPC_INITSHUTDOWN_OBJ) -bin/librpc_lsa_ds.@SHLIBEXT@: $(BINARY_PREREQS) $(RPC_LSA_DS_OBJ) +bin/librpc_dssetup.@SHLIBEXT@: $(BINARY_PREREQS) $(RPC_DSSETUP_OBJ) @echo "Linking $@" - @$(SHLD_MODULE) $(RPC_LSA_DS_OBJ) + @$(SHLD_MODULE) $(RPC_DSSETUP_OBJ) bin/librpc_spoolss.@SHLIBEXT@: $(BINARY_PREREQS) $(RPC_SPOOLSS_OBJ) @echo "Linking $@" diff --git a/source3/configure.in b/source3/configure.in index fcbe56f268..7878cd96da 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -704,7 +704,7 @@ AC_SUBST(DYNEXP) dnl Add modules that have to be built by default here dnl These have to be built static: -default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_winreg rpc_initshutdown rpc_lsa_ds rpc_wkssvc rpc_svcctl2 rpc_ntsvcs rpc_net rpc_netdfs rpc_srvsvc2 rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" +default_static_modules="pdb_smbpasswd pdb_tdbsam rpc_lsa rpc_samr rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs rpc_net rpc_netdfs rpc_srvsvc2 rpc_spoolss rpc_eventlog2 auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default nss_info_template" dnl These are preferably build shared, and static if dlopen() is not available default_shared_modules="vfs_recycle vfs_audit vfs_extd_audit vfs_full_audit vfs_netatalk vfs_fake_perms vfs_default_quota vfs_readonly vfs_cap vfs_expand_msdfs vfs_shadow_copy vfs_shadow_copy2 charset_CP850 charset_CP437 auth_script vfs_readahead vfs_syncops vfs_xattr_tdb vfs_streams_xattr" @@ -6434,7 +6434,7 @@ SMB_SUBSYSTEM(PDB,passdb/pdb_interface.o) SMB_MODULE(rpc_lsa, \$(RPC_LSA_OBJ), "bin/librpc_lsarpc.$SHLIBEXT", RPC) SMB_MODULE(rpc_winreg, \$(RPC_REG_OBJ), "bin/librpc_winreg.$SHLIBEXT", RPC) SMB_MODULE(rpc_initshutdown, \$(RPC_INITSHUTDOWN_OBJ), "bin/librpc_initshutdown.$SHLIBEXT", RPC) -SMB_MODULE(rpc_lsa_ds, \$(RPC_LSA_DS_OBJ), "bin/librpc_lsa_ds.$SHLIBEXT", RPC) +SMB_MODULE(rpc_dssetup, \$(RPC_DSSETUP_OBJ), "bin/librpc_dssetup.$SHLIBEXT", RPC) SMB_MODULE(rpc_wkssvc, \$(RPC_WKS_OBJ), "bin/librpc_wkssvc.$SHLIBEXT", RPC) SMB_MODULE(rpc_svcctl2, \$(RPC_SVCCTL_OBJ), "bin/librpc_svcctl2.$SHLIBEXT", RPC) SMB_MODULE(rpc_ntsvcs, \$(RPC_NTSVCS_OBJ), "bin/librpc_ntsvcs.$SHLIBEXT", RPC) diff --git a/source3/include/rpc_client.h b/source3/include/rpc_client.h index 01e2a8421b..c560fd0909 100644 --- a/source3/include/rpc_client.h +++ b/source3/include/rpc_client.h @@ -33,6 +33,7 @@ #include "librpc/gen_ndr/cli_srvsvc.h" #include "librpc/gen_ndr/cli_samr.h" #include "librpc/gen_ndr/cli_netlogon.h" +#include "librpc/gen_ndr/cli_dssetup.h" /* macro to expand cookie-cutter code in cli_xxx() using rpc_api_pipe_req() */ diff --git a/source3/include/rpc_ds.h b/source3/include/rpc_ds.h index 1ba02aede0..0278b61d89 100644 --- a/source3/include/rpc_ds.h +++ b/source3/include/rpc_ds.h @@ -20,82 +20,16 @@ #ifndef _RPC_DS_H /* _RPC_LSA_H */ #define _RPC_DS_H -/* Opcodes available on PIPE_LSARPC_DS */ - -#define DS_GETPRIMDOMINFO 0x00 -#define DS_NOP 0xFF /* no op -- placeholder */ - /* Opcodes available on PIPE_NETLOGON */ #define DS_ENUM_DOM_TRUSTS 0x28 -/* macros for RPC's */ - -/* DSROLE_PRIMARY_DOMAIN_INFO_BASIC */ - -/* flags */ - -#define DSROLE_PRIMARY_DS_RUNNING 0x00000001 -#define DSROLE_PRIMARY_DS_MIXED_MODE 0x00000002 -#define DSROLE_UPGRADE_IN_PROGRESS 0x00000004 -#define DSROLE_PRIMARY_DOMAIN_GUID_PRESENT 0x01000000 - -/* machine role */ - -#define DSROLE_DOMAIN_MEMBER_WKS 1 -#define DSROLE_STANDALONE_SRV 2 -#define DSROLE_DOMAIN_MEMBER_SRV 3 -#define DSROLE_BDC 4 -#define DSROLE_PDC 5 - /* Settings for the domainFunctionality attribute in the rootDSE */ #define DS_DOMAIN_FUNCTION_2000 0 #define DS_DOMAIN_FUCNTION_2003_MIXED 1 #define DS_DOMAIN_FUNCTION_2003 2 -typedef struct -{ - uint16 machine_role; - uint32 flags; - uint32 netbios_ptr; - uint32 dnsname_ptr; - uint32 forestname_ptr; - - struct GUID domain_guid; - UNISTR2 netbios_domain; - UNISTR2 dns_domain; /* our dns domain */ - UNISTR2 forest_domain; /* root domain of the forest to which we belong */ -} DSROLE_PRIMARY_DOMAIN_INFO_BASIC; - -typedef struct -{ - DSROLE_PRIMARY_DOMAIN_INFO_BASIC *basic; -} DS_DOMINFO_CTR; - -/* info levels for ds_getprimdominfo() */ - -#define DsRolePrimaryDomainInfoBasic 1 - -/* DS_Q_GETPRIMDOMINFO - DsGetPrimaryDomainInformation() request */ -typedef struct -{ - uint16 level; -} DS_Q_GETPRIMDOMINFO; - -/* DS_R_GETPRIMDOMINFO - DsGetPrimaryDomainInformation() response */ -typedef struct -{ - uint32 ptr; - - uint16 level; - uint16 unknown0; /* 0x455c -- maybe just alignment? */ - - DS_DOMINFO_CTR info; - - NTSTATUS status; -} DS_R_GETPRIMDOMINFO; - typedef struct { /* static portion of structure */ uint32 netbios_ptr; diff --git a/source3/include/smb.h b/source3/include/smb.h index 3160365e17..3e0c997997 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -193,7 +193,7 @@ typedef uint32 codepoint_t; #define PIPE_NETLOGON_PLAIN "\\NETLOGON" #define PI_LSARPC 0 -#define PI_LSARPC_DS 1 +#define PI_DSSETUP 1 #define PI_SAMR 2 #define PI_NETLOGON 3 #define PI_SRVSVC 4 @@ -306,6 +306,7 @@ extern const DATA_BLOB data_blob_null; #include "librpc/gen_ndr/svcctl.h" #include "librpc/gen_ndr/netlogon.h" #include "librpc/gen_ndr/samr.h" +#include "librpc/gen_ndr/dssetup.h" #include "librpc/gen_ndr/libnet_join.h" struct lsa_dom_info { diff --git a/source3/rpc_client/cli_ds.c b/source3/rpc_client/cli_ds.c index 71516b89f2..c9724dec7b 100644 --- a/source3/rpc_client/cli_ds.c +++ b/source3/rpc_client/cli_ds.c @@ -23,48 +23,6 @@ /* implementations of client side DsXXX() functions */ /******************************************************************** - Get information about the server and directory services -********************************************************************/ - -NTSTATUS rpccli_ds_getprimarydominfo(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, - uint16 level, DS_DOMINFO_CTR *ctr) -{ - prs_struct qbuf, rbuf; - DS_Q_GETPRIMDOMINFO q; - DS_R_GETPRIMDOMINFO r; - NTSTATUS result; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - q.level = level; - - CLI_DO_RPC( cli, mem_ctx, PI_LSARPC_DS, DS_GETPRIMDOMINFO, - q, r, - qbuf, rbuf, - ds_io_q_getprimdominfo, - ds_io_r_getprimdominfo, - NT_STATUS_UNSUCCESSFUL); - - /* Return basic info - if we are requesting at info != 1 then - there could be trouble. */ - - result = r.status; - - if ( r.ptr && ctr ) { - ctr->basic = TALLOC_P(mem_ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC); - if (!ctr->basic) - goto done; - memcpy(ctr->basic, r.info.basic, sizeof(DSROLE_PRIMARY_DOMAIN_INFO_BASIC)); - } - -done: - - return result; -} - -/******************************************************************** Enumerate trusted domains in an AD forest ********************************************************************/ diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 81b2ea5d68..40d0ac5da9 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2263,7 +2263,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_noauth(struct cli_state *cli, int pipe *perr = rpc_pipe_bind(result, PIPE_AUTH_TYPE_NONE, PIPE_AUTH_LEVEL_NONE); if (!NT_STATUS_IS_OK(*perr)) { int lvl = 0; - if (pipe_idx == PI_LSARPC_DS) { + if (pipe_idx == PI_DSSETUP) { /* non AD domains just don't have this pipe, avoid * level 0 statement in that case - gd */ lvl = 3; diff --git a/source3/rpc_parse/parse_ds.c b/source3/rpc_parse/parse_ds.c index 8f3ce361e7..3cf4156278 100644 --- a/source3/rpc_parse/parse_ds.c +++ b/source3/rpc_parse/parse_ds.c @@ -21,117 +21,6 @@ #include "includes.h" /************************************************************************ -************************************************************************/ - -static bool ds_io_dominfobasic(const char *desc, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **basic, prs_struct *ps, int depth) -{ - DSROLE_PRIMARY_DOMAIN_INFO_BASIC *p = *basic; - - if ( UNMARSHALLING(ps) ) { - p = *basic = PRS_ALLOC_MEM(ps, DSROLE_PRIMARY_DOMAIN_INFO_BASIC, 1); - } - - if ( !p ) - return False; - - if ( !prs_uint16("machine_role", ps, depth, &p->machine_role) ) - return False; - if ( !prs_align(ps) ) - return False; - - if ( !prs_uint32("flags", ps, depth, &p->flags) ) - return False; - - if ( !prs_uint32("netbios_ptr", ps, depth, &p->netbios_ptr) ) - return False; - if ( !prs_uint32("dnsname_ptr", ps, depth, &p->dnsname_ptr) ) - return False; - if ( !prs_uint32("forestname_ptr", ps, depth, &p->forestname_ptr) ) - return False; - - if ( !smb_io_uuid("domain_guid", &p->domain_guid, ps, depth) ) - return False; - - if ( !smb_io_unistr2( "netbios_domain", &p->netbios_domain, p->netbios_ptr, ps, depth) ) - return False; - if ( !prs_align(ps) ) - return False; - - if ( !smb_io_unistr2( "dns_domain", &p->dns_domain, p->dnsname_ptr, ps, depth) ) - return False; - if ( !prs_align(ps) ) - return False; - - if ( !smb_io_unistr2( "forest_domain", &p->forest_domain, p->forestname_ptr, ps, depth) ) - return False; - if ( !prs_align(ps) ) - return False; - - - return True; - -} - -/************************************************************************ -************************************************************************/ - -bool ds_io_q_getprimdominfo( const char *desc, DS_Q_GETPRIMDOMINFO *q_u, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "ds_io_q_getprimdominfo"); - depth++; - - if(!prs_align(ps)) - return False; - - if ( !prs_uint16( "level", ps, depth, &q_u->level ) ) - return False; - - return True; -} - -/************************************************************************ -************************************************************************/ - -bool ds_io_r_getprimdominfo( const char *desc, DS_R_GETPRIMDOMINFO *r_u, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "ds_io_r_getprimdominfo"); - depth++; - - if(!prs_align(ps)) - return False; - - if ( !prs_uint32( "ptr", ps, depth, &r_u->ptr ) ) - return False; - - if ( r_u->ptr ) - { - if ( !prs_uint16( "level", ps, depth, &r_u->level ) ) - return False; - - if ( !prs_uint16( "unknown0", ps, depth, &r_u->unknown0 ) ) - return False; - - switch ( r_u->level ) - { - case DsRolePrimaryDomainInfoBasic: - if ( !ds_io_dominfobasic( "dominfobasic", &r_u->info.basic, ps, depth) ) - return False; - break; - default: - return False; - } - } - - if ( !prs_align(ps) ) - return False; - - if ( !prs_ntstatus("status", ps, depth, &r_u->status ) ) - return False; - - return True; -} - -/************************************************************************ initialize a DS_ENUM_DOM_TRUSTS structure ************************************************************************/ diff --git a/source3/rpc_server/srv_dssetup_nt.c b/source3/rpc_server/srv_dssetup_nt.c new file mode 100644 index 0000000000..ea535a3375 --- /dev/null +++ b/source3/rpc_server/srv_dssetup_nt.c @@ -0,0 +1,220 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1997. + * Copyright (C) Luke Kenneth Casson Leighton 1996-1997. + * Copyright (C) Paul Ashton 1997. + * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Gerald Carter 2002. + * Copyright (C) Guenther Deschner 2008. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + +/******************************************************************** + Fill in a dssetup_DsRolePrimaryDomInfoBasic structure + ********************************************************************/ + +static WERROR fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, + struct dssetup_DsRolePrimaryDomInfoBasic **info) +{ + struct dssetup_DsRolePrimaryDomInfoBasic *basic = NULL; + fstring dnsdomain; + + DEBUG(10,("fill_dsrole_dominfo_basic: enter\n")); + + basic = TALLOC_ZERO_P(ctx, struct dssetup_DsRolePrimaryDomInfoBasic); + if (!basic) { + DEBUG(0,("fill_dsrole_dominfo_basic: out of memory\n")); + return WERR_NOMEM; + } + + switch (lp_server_role()) { + case ROLE_STANDALONE: + basic->role = DS_ROLE_STANDALONE_SERVER; + basic->domain = get_global_sam_name(); + break; + case ROLE_DOMAIN_MEMBER: + basic->role = DS_ROLE_MEMBER_SERVER; + basic->domain = lp_workgroup(); + break; + case ROLE_DOMAIN_BDC: + basic->role = DS_ROLE_BACKUP_DC; + basic->domain = get_global_sam_name(); + break; + case ROLE_DOMAIN_PDC: + basic->role = DS_ROLE_PRIMARY_DC; + basic->domain = get_global_sam_name(); + break; + } + + if (secrets_fetch_domain_guid(lp_workgroup(), &basic->domain_guid)) { + basic->flags |= DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT; + } + + /* fill in some additional fields if we are a member of an AD domain */ + + if (lp_security() == SEC_ADS) { + fstrcpy(dnsdomain, lp_realm()); + strlower_m(dnsdomain); + basic->dns_domain = dnsdomain; + + /* FIXME!! We really should fill in the correct forest + name. Should get this information from winbindd. */ + basic->forest = dnsdomain; + } else { + /* security = domain should not fill in the dns or + forest name */ + basic->dns_domain = NULL; + basic->forest = NULL; + } + + *info = basic; + + return WERR_OK; +} + +/******************************************************************** + Implement the _dssetup_DsRoleGetPrimaryDomainInformation() call + ********************************************************************/ + +WERROR _dssetup_DsRoleGetPrimaryDomainInformation(pipes_struct *p, + struct dssetup_DsRoleGetPrimaryDomainInformation *r) +{ + WERROR werr = WERR_OK; + + switch (r->in.level) { + + case DS_ROLE_BASIC_INFORMATION: { + struct dssetup_DsRolePrimaryDomInfoBasic *basic = NULL; + werr = fill_dsrole_dominfo_basic(p->mem_ctx, &basic); + if (W_ERROR_IS_OK(werr)) { + r->out.info->basic = *basic; + } + break; + } + default: + DEBUG(0,("_dssetup_DsRoleGetPrimaryDomainInformation: " + "Unknown info level [%d]!\n", r->in.level)); + werr = WERR_UNKNOWN_LEVEL; + } + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDnsNameToFlatName(pipes_struct *p, + struct dssetup_DsRoleDnsNameToFlatName *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDcAsDc(pipes_struct *p, + struct dssetup_DsRoleDcAsDc *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDcAsReplica(pipes_struct *p, + struct dssetup_DsRoleDcAsReplica *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleDemoteDc(pipes_struct *p, + struct dssetup_DsRoleDemoteDc *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleGetDcOperationProgress(pipes_struct *p, + struct dssetup_DsRoleGetDcOperationProgress *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleGetDcOperationResults(pipes_struct *p, + struct dssetup_DsRoleGetDcOperationResults *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleCancel(pipes_struct *p, + struct dssetup_DsRoleCancel *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleServerSaveStateForUpgrade(pipes_struct *p, + struct dssetup_DsRoleServerSaveStateForUpgrade *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleUpgradeDownlevelServer(pipes_struct *p, + struct dssetup_DsRoleUpgradeDownlevelServer *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR _dssetup_DsRoleAbortDownlevelServerUpgrade(pipes_struct *p, + struct dssetup_DsRoleAbortDownlevelServerUpgrade *r) +{ + p->rng_fault_state = true; + return WERR_NOT_SUPPORTED; +} + diff --git a/source3/rpc_server/srv_lsa_ds.c b/source3/rpc_server/srv_lsa_ds.c deleted file mode 100644 index 55baa40261..0000000000 --- a/source3/rpc_server/srv_lsa_ds.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Gerald Carter 2003 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* This is the interface for the registry functions. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -/******************************************************************* - ********************************************************************/ - -static bool api_dsrole_get_primary_dominfo(pipes_struct *p) -{ - DS_Q_GETPRIMDOMINFO q_u; - DS_R_GETPRIMDOMINFO r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* grab the request */ - if ( !ds_io_q_getprimdominfo("", &q_u, data, 0) ) - return False; - - /* construct reply. */ - r_u.status = _dsrole_get_primary_dominfo( p, &q_u, &r_u ); - - if ( !ds_io_r_getprimdominfo("", &r_u, rdata, 0) ) - return False; - - return True; -} - -/******************************************************************* - stub functions for unimplemented RPC -*******************************************************************/ - -static bool api_dsrole_stub( pipes_struct *p ) -{ - DEBUG(0,("api_dsrole_stub: Hmmm....didn't know this RPC existed...\n")); - - return False; -} - - -/******************************************************************* - array of \PIPE\lsass (new windows 2000 UUID) operations -********************************************************************/ -static struct api_struct api_lsa_ds_cmds[] = { - { "DS_NOP", DS_NOP, api_dsrole_stub }, - { "DS_GETPRIMDOMINFO", DS_GETPRIMDOMINFO, api_dsrole_get_primary_dominfo } - -}; - -void lsa_ds_get_pipe_fns( struct api_struct **fns, int *n_fns ) -{ - *fns = api_lsa_ds_cmds; - *n_fns = sizeof(api_lsa_ds_cmds) / sizeof(struct api_struct); -} - - -NTSTATUS rpc_lsa_ds_init(void) -{ - return rpc_pipe_register_commands(SMB_RPC_INTERFACE_VERSION, "lsa_ds", "lsa_ds", api_lsa_ds_cmds, - sizeof(api_lsa_ds_cmds) / sizeof(struct api_struct)); -} diff --git a/source3/rpc_server/srv_lsa_ds_nt.c b/source3/rpc_server/srv_lsa_ds_nt.c deleted file mode 100644 index 994b3cccca..0000000000 --- a/source3/rpc_server/srv_lsa_ds_nt.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1997. - * Copyright (C) Luke Kenneth Casson Leighton 1996-1997. - * Copyright (C) Paul Ashton 1997. - * Copyright (C) Jeremy Allison 2001. - * Copyright (C) Gerald Carter 2002. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -/* Implementation of registry functions. */ - -#include "includes.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_RPC_SRV - -/******************************************************************** - Fill in a DS_DOMINFO_CTR structure - ********************************************************************/ - -static NTSTATUS fill_dsrole_dominfo_basic(TALLOC_CTX *ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC **info) -{ - DSROLE_PRIMARY_DOMAIN_INFO_BASIC *basic; - const char *netbios_domain = ""; - fstring dnsdomain; - - DEBUG(10,("fill_dsrole_dominfo_basic: enter\n")); - - if ( !(basic = TALLOC_ZERO_P(ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC)) ) { - DEBUG(0,("fill_dsrole_dominfo_basic: FATAL error! talloc_xero() failed\n")); - return NT_STATUS_NO_MEMORY; - } - - switch ( lp_server_role() ) { - case ROLE_STANDALONE: - basic->machine_role = DSROLE_STANDALONE_SRV; - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - break; - case ROLE_DOMAIN_MEMBER: - basic->netbios_ptr = 1; - netbios_domain = lp_workgroup(); - basic->machine_role = DSROLE_DOMAIN_MEMBER_SRV; - break; - case ROLE_DOMAIN_BDC: - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - basic->machine_role = DSROLE_BDC; - break; - case ROLE_DOMAIN_PDC: - basic->netbios_ptr = 1; - netbios_domain = get_global_sam_name(); - basic->machine_role = DSROLE_PDC; - break; - } - - /* always set netbios name */ - - init_unistr2( &basic->netbios_domain, netbios_domain, UNI_STR_TERMINATE); - - if ( secrets_fetch_domain_guid( lp_workgroup(), &basic->domain_guid ) ) - basic->flags |= DSROLE_PRIMARY_DOMAIN_GUID_PRESENT; - - /* fill in some additional fields if we are a member of an AD domain */ - - if ( lp_security() == SEC_ADS ) { - fstrcpy( dnsdomain, lp_realm() ); - strlower_m( dnsdomain ); - - basic->dnsname_ptr = 1; - init_unistr2( &basic->dns_domain, dnsdomain, UNI_STR_TERMINATE); - - /* FIXME!! We really should fill in the correct forest - name. Should get this information from winbindd. */ - basic->forestname_ptr = 1; - init_unistr2( &basic->forest_domain, dnsdomain, UNI_STR_TERMINATE); - } else { - /* security = domain should not fill in the dns or - forest name */ - basic->dnsname_ptr = 0; - basic->forestname_ptr = 0; - } - - *info = basic; - - return NT_STATUS_OK; -} - -/******************************************************************** - Implement the DsroleGetPrimaryDomainInfo() call - ********************************************************************/ - -NTSTATUS _dsrole_get_primary_dominfo(pipes_struct *p, DS_Q_GETPRIMDOMINFO *q_u, DS_R_GETPRIMDOMINFO *r_u) -{ - NTSTATUS result = NT_STATUS_OK; - uint32 level = q_u->level; - - switch ( level ) { - - case DsRolePrimaryDomainInfoBasic: - r_u->level = DsRolePrimaryDomainInfoBasic; - r_u->ptr = 1; - result = fill_dsrole_dominfo_basic( p->mem_ctx, &r_u->info.basic ); - break; - - default: - DEBUG(0,("_dsrole_get_primary_dominfo: Unsupported info level [%d]!\n", - level)); - result = NT_STATUS_INVALID_LEVEL; - } - - return result; -} - - - diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 5ede0c93f4..06694a2701 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -2363,8 +2363,8 @@ void get_pipe_fns( int idx, struct api_struct **fns, int *n_fns ) case PI_LSARPC: lsa_get_pipe_fns( &cmds, &n_cmds ); break; - case PI_LSARPC_DS: - lsa_ds_get_pipe_fns( &cmds, &n_cmds ); + case PI_DSSETUP: + dssetup_get_pipe_fns( &cmds, &n_cmds ); break; case PI_SAMR: samr_get_pipe_fns( &cmds, &n_cmds ); diff --git a/source3/rpcclient/cmd_ds.c b/source3/rpcclient/cmd_ds.c index 1f36dc3b45..477ff863dd 100644 --- a/source3/rpcclient/cmd_ds.c +++ b/source3/rpcclient/cmd_ds.c @@ -3,6 +3,7 @@ RPC pipe client Copyright (C) Gerald Carter 2002 + Copyright (C) Guenther Deschner 2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,27 +24,37 @@ /* Look up domain related information on a remote host */ -static NTSTATUS cmd_ds_dsrole_getprimarydominfo(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) +static WERROR cmd_ds_dsrole_getprimarydominfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) { - NTSTATUS result; - DS_DOMINFO_CTR ctr; - - result = rpccli_ds_getprimarydominfo( cli, mem_ctx, DsRolePrimaryDomainInfoBasic, &ctr ); - if ( NT_STATUS_IS_OK(result) ) - { - printf ("Machine Role = [%d]\n", ctr.basic->machine_role); - - if ( ctr.basic->flags & DSROLE_PRIMARY_DS_RUNNING ) { - printf( "Directory Service is running.\n"); - printf( "Domain is in %s mode.\n", (ctr.basic->flags & DSROLE_PRIMARY_DS_MIXED_MODE) ? "mixed" : "native" ); - } - else - printf( "Directory Service not running on server\n"); + NTSTATUS status; + WERROR werr; + union dssetup_DsRoleInfo info; + + status = rpccli_dssetup_DsRoleGetPrimaryDomainInformation(cli, mem_ctx, + DS_ROLE_BASIC_INFORMATION, + &info, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); } - - return result; + + if (!W_ERROR_IS_OK(werr)) { + return werr; + } + + printf ("Machine Role = [%d]\n", info.basic.role); + + if (info.basic.flags & DS_ROLE_PRIMARY_DS_RUNNING) { + printf("Directory Service is running.\n"); + printf("Domain is in %s mode.\n", + (info.basic.flags & DS_ROLE_PRIMARY_DS_MIXED_MODE) ? "mixed" : "native" ); + } else { + printf("Directory Service not running on server\n"); + } + + return werr; } static NTSTATUS cmd_ds_enum_domain_trusts(struct rpc_pipe_client *cli, @@ -77,7 +88,7 @@ struct cmd_set ds_commands[] = { { "LSARPC-DS" }, - { "dsroledominfo", RPC_RTYPE_NTSTATUS, cmd_ds_dsrole_getprimarydominfo, NULL, PI_LSARPC_DS, NULL, "Get Primary Domain Information", "" }, + { "dsroledominfo", RPC_RTYPE_WERROR, NULL, cmd_ds_dsrole_getprimarydominfo, PI_DSSETUP, NULL, "Get Primary Domain Information", "" }, { "dsenumdomtrusts", RPC_RTYPE_NTSTATUS, cmd_ds_enum_domain_trusts, NULL, PI_NETLOGON, NULL, "Enumerate all trusted domains in an AD forest", "" }, { NULL } diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index dbc664da8c..0c5fa0e48e 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -1805,17 +1805,17 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) { NTSTATUS result; - DS_DOMINFO_CTR ctr; + WERROR werr; TALLOC_CTX *mem_ctx = NULL; struct rpc_pipe_client *cli; POLICY_HND pol; + union dssetup_DsRoleInfo info; const char *domain_name = NULL; const char *dns_name = NULL; const char *forest_name = NULL; DOM_SID *dom_sid = NULL; - ZERO_STRUCT( ctr ); if (!connection_ok(domain)) { return; @@ -1830,24 +1830,25 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) DEBUG(5, ("set_dc_type_and_flags_connect: domain %s\n", domain->name )); - cli = cli_rpc_pipe_open_noauth(domain->conn.cli, PI_LSARPC_DS, + cli = cli_rpc_pipe_open_noauth(domain->conn.cli, PI_DSSETUP, &result); if (cli == NULL) { DEBUG(5, ("set_dc_type_and_flags_connect: Could not bind to " - "PI_LSARPC_DS on domain %s: (%s)\n", + "PI_DSSETUP on domain %s: (%s)\n", domain->name, nt_errstr(result))); /* if this is just a non-AD domain we need to continue * identifying so that we can in the end return with * domain->initialized = True - gd */ - goto no_lsarpc_ds; + goto no_dssetup; } - result = rpccli_ds_getprimarydominfo(cli, mem_ctx, - DsRolePrimaryDomainInfoBasic, - &ctr); + result = rpccli_dssetup_DsRoleGetPrimaryDomainInformation(cli, mem_ctx, + DS_ROLE_BASIC_INFORMATION, + &info, + &werr); cli_rpc_pipe_close(cli); if (!NT_STATUS_IS_OK(result)) { @@ -1856,26 +1857,26 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) domain->name, nt_errstr(result))); /* older samba3 DCs will return DCERPC_FAULT_OP_RNG_ERROR for - * every opcode on the LSARPC_DS pipe, continue with - * no_lsarpc_ds mode here as well to get domain->initialized + * every opcode on the DSSETUP pipe, continue with + * no_dssetup mode here as well to get domain->initialized * set - gd */ if (NT_STATUS_V(result) == DCERPC_FAULT_OP_RNG_ERROR) { - goto no_lsarpc_ds; + goto no_dssetup; } TALLOC_FREE(mem_ctx); return; } - - if ((ctr.basic->flags & DSROLE_PRIMARY_DS_RUNNING) && - !(ctr.basic->flags & DSROLE_PRIMARY_DS_MIXED_MODE)) { + + if ((info.basic.flags & DS_ROLE_PRIMARY_DS_RUNNING) && + !(info.basic.flags & DS_ROLE_PRIMARY_DS_MIXED_MODE)) { domain->native_mode = True; } else { domain->native_mode = False; } -no_lsarpc_ds: +no_dssetup: cli = cli_rpc_pipe_open_noauth(domain->conn.cli, PI_LSARPC, &result); if (cli == NULL) { |