summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/include/proto.h17
-rw-r--r--source3/include/rpc_lsa.h43
-rw-r--r--source3/include/rpc_misc.h21
-rw-r--r--source3/lsarpcd/srv_lsa.c24
-rw-r--r--source3/passdb/passdb.c52
-rw-r--r--source3/rpc_client/cli_lsarpc.c133
-rw-r--r--source3/rpc_parse/parse_lsa.c66
-rw-r--r--source3/rpc_parse/parse_misc.c11
-rw-r--r--source3/rpc_server/srv_lsa.c24
-rw-r--r--source3/rpc_server/srv_sid.c14
-rw-r--r--source3/rpcclient/cmd_lsarpc.c92
-rw-r--r--source3/rpcclient/rpcclient.c1
-rw-r--r--source3/smbd/groupname.c13
13 files changed, 380 insertions, 131 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 33c734a210..6fbc2d3192 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1252,11 +1252,11 @@ BOOL pm_process( char *FileName,
/*The following definitions come from passdb/ldap.c */
-struct passdb_ops *ldap_initialize_password_db(void);
+struct passdb_ops *ldap_initialise_password_db(void);
/*The following definitions come from passdb/nispass.c */
-struct passdb_ops *nisplus_initialize_password_db(void);
+struct passdb_ops *nisplus_initialise_password_db(void);
/*The following definitions come from passdb/pass_check.c */
@@ -1412,6 +1412,12 @@ BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr);
BOOL do_lsa_open_policy(struct cli_state *cli,
char *server_name, POLICY_HND *hnd,
BOOL sec_qos);
+BOOL do_lsa_lookup_names(struct cli_state *cli,
+ POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID **sids,
+ int *num_sids);
BOOL do_lsa_lookup_sids(struct cli_state *cli,
POLICY_HND *hnd,
int num_sids,
@@ -1591,8 +1597,10 @@ void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
uint16 level);
void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth);
void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth);
-void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth);
-void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, int depth);
+void make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
+ int num_names, char **names);
+void lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth);
+void lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth);
void make_lsa_q_close(LSA_Q_CLOSE *q_c, POLICY_HND *hnd);
void lsa_io_q_close(char *desc, LSA_Q_CLOSE *q_c, prs_struct *ps, int depth);
void lsa_io_r_close(char *desc, LSA_R_CLOSE *r_c, prs_struct *ps, int depth);
@@ -2283,6 +2291,7 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data);
/*The following definitions come from rpcclient/cmd_lsarpc.c */
void cmd_lsa_query_info(struct client_info *info);
+void cmd_lsa_lookup_names(struct client_info *info);
void cmd_lsa_lookup_sids(struct client_info *info);
/*The following definitions come from rpcclient/cmd_netlogon.c */
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h
index b8aaa562f0..1df18a7674 100644
--- a/source3/include/rpc_lsa.h
+++ b/source3/include/rpc_lsa.h
@@ -48,9 +48,6 @@ enum SID_NAME_USE
#define LSA_OPENPOLICY2 0x2c
#define LSA_OPENSECRET 0x1C
-/* XXXX these are here to get a compile! */
-#define LSA_LOOKUPRIDS 0xFD
-
#define LSA_MAX_GROUPS 32
#define LSA_MAX_SIDS 32
@@ -290,37 +287,37 @@ typedef struct lsa_r_lookup_sids
} LSA_R_LOOKUP_SIDS;
-#define UNKNOWN_LEN 1
-
-/* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */
-typedef struct lsa_q_lookup_rids
+/* LSA_Q_LOOKUP_NAMES - LSA Lookup NAMEs */
+typedef struct lsa_q_lookup_names
{
POLICY_HND pol; /* policy handle */
uint32 num_entries;
uint32 num_entries2;
- uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */
- uint32 buffer_dom_name; /* undocumented domain name buffer pointer */
- UNISTR3 lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */
- uint8 undoc[UNKNOWN_LEN]; /* completely undocumented bytes of unknown length */
+ UNIHDR hdr_name[MAX_LOOKUP_SIDS]; /* name buffer pointers */
+ UNISTR2 uni_name[MAX_LOOKUP_SIDS]; /* names to be looked up */
-} LSA_Q_LOOKUP_RIDS;
+ uint32 num_trans_entries;
+ uint32 ptr_trans_sids; /* undocumented domain SID buffer pointer */
+ uint32 lookup_level;
+ uint32 mapped_count;
-/* LSA_R_LOOKUP_RIDS - response to LSA Lookup RIDs by name */
-typedef struct lsa_r_lookup_rids
-{
- DOM_R_REF dom_ref; /* domain reference info */
+} LSA_Q_LOOKUP_NAMES;
- uint32 num_entries;
- uint32 undoc_buffer; /* undocumented buffer pointer */
+/* LSA_R_LOOKUP_NAMES - response to LSA Lookup NAMEs by name */
+typedef struct lsa_r_lookup_names
+{
+ DOM_R_REF *dom_ref; /* domain reference info */
- uint32 num_entries2;
- DOM_RID2 dom_rid[MAX_LOOKUP_SIDS]; /* domain RIDs being looked up */
+ uint32 num_entries;
+ uint32 undoc_buffer; /* undocumented buffer pointer */
+ uint32 num_entries2;
+ DOM_RID2 *dom_rid; /* domain RIDs being looked up */
- uint32 num_entries3;
+ uint32 mapped_count;
- uint32 status; /* return code */
+ uint32 status; /* return code */
-} LSA_R_LOOKUP_RIDS;
+} LSA_R_LOOKUP_NAMES;
#endif /* _RPC_LSA_H */
diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h
index aa1f100dfb..786aad32d2 100644
--- a/source3/include/rpc_misc.h
+++ b/source3/include/rpc_misc.h
@@ -188,29 +188,28 @@ typedef struct unistr3_info
/* DOM_RID2 - domain RID structure for ntlsa pipe */
typedef struct domrid2_info
{
- uint32 type; /* value is 5 */
- uint32 undoc; /* value is non-zero */
- uint32 rid;
- uint32 rid_idx; /* don't know what this is */
+ uint8 type; /* value is SID_NAME_USE enum */
+ uint32 rid;
+ uint32 rid_idx; /* referenced domain index */
} DOM_RID2;
/* DOM_RID3 - domain RID structure for samr pipe */
typedef struct domrid3_info
{
- uint32 rid; /* domain-relative (to a SID) id */
- uint32 type1; /* value is 0x1 */
- uint32 ptr_type; /* undocumented pointer */
- uint32 type2; /* value is 0x1 */
+ uint32 rid; /* domain-relative (to a SID) id */
+ uint32 type1; /* value is 0x1 */
+ uint32 ptr_type; /* undocumented pointer */
+ uint32 type2; /* value is 0x1 */
} DOM_RID3;
/* DOM_RID4 - rid + user attributes */
typedef struct domrid4_info
{
- uint32 unknown;
- uint16 attr;
- uint32 rid; /* user RID */
+ uint32 unknown;
+ uint16 attr;
+ uint32 rid; /* user RID */
} DOM_RID4;
diff --git a/source3/lsarpcd/srv_lsa.c b/source3/lsarpcd/srv_lsa.c
index 8c9db172d2..abbe4ccd93 100644
--- a/source3/lsarpcd/srv_lsa.c
+++ b/source3/lsarpcd/srv_lsa.c
@@ -195,9 +195,9 @@ static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
}
/***************************************************************************
-make_reply_lookup_rids
+make_reply_lookup_names
***************************************************************************/
-static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
+static void make_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
int num_entries,
DOM_SID dom_sids [MAX_LOOKUP_SIDS],
uint8 dom_types[MAX_LOOKUP_SIDS])
@@ -338,24 +338,24 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
}
/***************************************************************************
-lsa_reply_lookup_rids
+lsa_reply_lookup_names
***************************************************************************/
-static void lsa_reply_lookup_rids(prs_struct *rdata,
+static void lsa_reply_lookup_names(prs_struct *rdata,
int num_entries,
DOM_SID dom_sids [MAX_LOOKUP_SIDS],
uint8 dom_types[MAX_LOOKUP_SIDS])
{
- LSA_R_LOOKUP_RIDS r_l;
+ LSA_R_LOOKUP_NAMES r_l;
ZERO_STRUCT(r_l);
/* set up the LSA Lookup RIDs response */
- make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types);
+ make_reply_lookup_names(&r_l, num_entries, dom_sids, dom_types);
r_l.status = 0x0;
/* store the response in the SMB stream */
- lsa_io_r_lookup_rids("", &r_l, rdata, 0);
+ lsa_io_r_lookup_names("", &r_l, rdata, 0);
}
/***************************************************************************
@@ -478,7 +478,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
int i;
- LSA_Q_LOOKUP_RIDS q_l;
+ LSA_Q_LOOKUP_NAMES q_l;
DOM_SID dom_sids [MAX_LOOKUP_SIDS];
uint8 dom_types[MAX_LOOKUP_SIDS];
@@ -486,15 +486,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
ZERO_ARRAY(dom_sids);
/* grab the info class and policy handle */
- lsa_io_q_lookup_rids("", &q_l, data, 0);
+ lsa_io_q_lookup_names("", &q_l, data, 0);
- SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
+ SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries);
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
{
fstring name;
- fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
+ fstrcpy(name, unistr2_to_str(&q_l.uni_name[i]));
if (!lookup_name(name, &dom_sids[i], &dom_types[i]))
{
@@ -503,7 +503,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
}
/* construct reply. return status is always 0x0 */
- lsa_reply_lookup_rids(rdata,
+ lsa_reply_lookup_names(rdata,
q_l.num_entries,
dom_sids, /* text-converted SIDs */
dom_types); /* SID_NAME_USE types */
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index a7635308b7..ca5dd8b585 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -111,7 +111,8 @@ struct smb_passwd *iterate_getsmbpwuid(uid_t smb_userid)
}
while ((pwd = getsmbpwent(fp)) != NULL && pwd->smb_userid != smb_userid)
- ;
+ {
+ }
if (pwd != NULL)
{
@@ -144,7 +145,8 @@ struct smb_passwd *iterate_getsmbpwnam(char *name)
}
while ((pwd = getsmbpwent(fp)) != NULL && !strequal(pwd->smb_name, name))
- ;
+ {
+ }
if (pwd != NULL)
{
@@ -349,7 +351,8 @@ struct sam_passwd *iterate_getsam21pwuid(uid_t uid)
}
while ((pwd = getsam21pwent(fp)) != NULL && pwd->smb_userid != uid)
- ;
+ {
+ }
if (pwd != NULL)
{
@@ -514,30 +517,33 @@ struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user)
char *pwdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
{
- static fstring acct_str;
- size_t i = 0;
+ static fstring acct_str;
+ size_t i = 0;
- acct_str[i++] = '[';
+ acct_str[i++] = '[';
- if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
- if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
- if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
- if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
- if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
- if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
- if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
- if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
- if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
- if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
- if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
+ if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
+ if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
+ if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
+ if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
+ if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
+ if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
+ if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
+ if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
+ if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
+ if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
+ if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
- for ( ; i < length - 2 ; i++ ) { acct_str[i] = ' '; }
+ for ( ; i < length - 2 ; i++ )
+ {
+ acct_str[i] = ' ';
+ }
- i = length - 2;
- acct_str[i++] = ']';
- acct_str[i++] = '\0';
+ i = length - 2;
+ acct_str[i++] = ']';
+ acct_str[i++] = '\0';
- return acct_str;
+ return acct_str;
}
/**********************************************************
@@ -575,7 +581,7 @@ uint16 pwdb_decode_acct_ctrl(const char *p)
case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
- case ' ': { break; }
+ case ' ': { break; }
case ':':
case '\n':
case '\0':
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index a43b65ad64..48dd90ffa9 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -99,6 +99,119 @@ BOOL do_lsa_open_policy(struct cli_state *cli,
}
/****************************************************************************
+do a LSA Lookup Names
+****************************************************************************/
+BOOL do_lsa_lookup_names(struct cli_state *cli,
+ POLICY_HND *hnd,
+ int num_names,
+ char **names,
+ DOM_SID **sids,
+ int *num_sids)
+{
+ prs_struct rbuf;
+ prs_struct buf;
+ LSA_Q_LOOKUP_NAMES q_l;
+ BOOL valid_response = False;
+
+ if (hnd == NULL || num_sids == 0 || sids == NULL) return False;
+
+ prs_init(&buf , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True );
+
+ /* create and send a MSRPC command with api LSA_LOOKUP_NAMES */
+
+ DEBUG(4,("LSA Lookup NAMEs\n"));
+
+ /* store the parameters */
+ make_q_lookup_names(&q_l, hnd, num_names, names);
+
+ /* turn parameters into data stream */
+ lsa_io_q_lookup_names("", &q_l, &buf, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, LSA_LOOKUPNAMES, &buf, &rbuf))
+ {
+ LSA_R_LOOKUP_NAMES r_l;
+ DOM_R_REF ref;
+ DOM_RID2 t_rids[MAX_LOOKUP_SIDS];
+ BOOL p;
+
+ ZERO_STRUCT(ref);
+ ZERO_STRUCT(t_rids);
+
+ r_l.dom_ref = &ref;
+ r_l.dom_rid = t_rids;
+
+ lsa_io_r_lookup_names("", &r_l, &rbuf, 0);
+ p = rbuf.offset != 0;
+
+ if (p && r_l.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("LSA_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_l.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ if (r_l.undoc_buffer != 0 && ref.undoc_buffer != 0)
+ {
+ valid_response = True;
+ }
+ }
+
+ if (num_sids != NULL && valid_response)
+ {
+ (*num_sids) = r_l.num_entries;
+ }
+ if (valid_response)
+ {
+ int i;
+ for (i = 0; i < r_l.num_entries; i++)
+ {
+ if (t_rids[i].rid_idx >= ref.num_ref_doms_1 &&
+ t_rids[i].rid_idx != 0xffffffff)
+ {
+ DEBUG(0,("LSA_LOOKUP_NAMES: domain index %d out of bounds\n",
+ t_rids[i].rid_idx));
+ valid_response = False;
+ break;
+ }
+ }
+ }
+
+ if (sids != NULL && valid_response && r_l.num_entries != 0)
+ {
+ (*sids) = (DOM_SID*)malloc((*num_sids) * sizeof(DOM_SID));
+ }
+
+ if (sids != NULL && (*sids) != NULL)
+ {
+ int i;
+ /* take each name, construct a SID */
+ for (i = 0; i < (*num_sids); i++)
+ {
+ uint32 dom_idx = t_rids[i].rid_idx;
+ DOM_SID *sid = &(*sids)[i];
+ if (dom_idx != 0xffffffff)
+ {
+ sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
+ }
+ else
+ {
+ ZERO_STRUCTP(sid);
+ }
+ }
+ }
+ }
+
+ prs_mem_free(&rbuf);
+ prs_mem_free(&buf );
+
+ return valid_response;
+}
+
+/****************************************************************************
do a LSA Lookup SIDs
****************************************************************************/
BOOL do_lsa_lookup_sids(struct cli_state *cli,
@@ -190,13 +303,21 @@ BOOL do_lsa_lookup_sids(struct cli_state *cli,
fstring dom_name;
fstring full_name;
uint32 dom_idx = t_names.name[i].domain_idx;
- fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer));
- fstrcpy(name , unistr2(t_names.uni_name[i].buffer));
-
- slprintf(full_name, sizeof(full_name), "\\%s\\%s",
- dom_name, name);
- (*names)[i] = strdup(full_name);
+ if (dom_idx != 0xffffffff)
+ {
+ fstrcpy(dom_name, unistr2(ref.ref_dom[dom_idx].uni_dom_name.buffer));
+ fstrcpy(name , unistr2(t_names.uni_name[i].buffer));
+
+ slprintf(full_name, sizeof(full_name), "\\%s\\%s",
+ dom_name, name);
+
+ (*names)[i] = strdup(full_name);
+ }
+ else
+ {
+ (*names)[i] = NULL;
+ }
}
}
}
diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index 818e7a0baf..5adff5256d 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -563,7 +563,7 @@ static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
}
/*******************************************************************
-makes an LSA_R_ENUM_TRUST_DOM structure.
+makes a structure.
********************************************************************/
void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
int num_sids, DOM_SID **sids,
@@ -571,7 +571,7 @@ void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
{
if (q_l == NULL) return;
- DEBUG(5,("make_r_enum_trust_dom\n"));
+ DEBUG(5,("make_q_lookup_sids\n"));
memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
make_lsa_sid_enum(&(q_l->sids), num_sids, sids);
@@ -668,15 +668,46 @@ void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, i
}
/*******************************************************************
+makes a structure.
+********************************************************************/
+void make_q_lookup_names(LSA_Q_LOOKUP_NAMES *q_l, POLICY_HND *hnd,
+ int num_names, char **names)
+{
+ int i;
+ if (q_l == NULL) return;
+
+ DEBUG(5,("make_q_lookup_names\n"));
+
+ memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
+
+ SMB_ASSERT_ARRAY(q_l->uni_name, q_l->num_entries);
+
+ q_l->num_entries = num_names;
+ q_l->num_entries2 = num_names;
+
+ for (i = 0; i < num_names; i++)
+ {
+ int len = strlen(names[i]);
+ make_uni_hdr(&q_l->hdr_name[i], len, len, len != 0);
+ make_unistr2(&q_l->uni_name[i], names[i], len);
+ }
+
+ q_l->num_trans_entries = 0;
+ q_l->ptr_trans_sids = 0;
+ q_l->lookup_level = 1;
+ q_l->mapped_count = 0;
+}
+
+/*******************************************************************
reads or writes a structure.
********************************************************************/
-void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth)
+void lsa_io_q_lookup_names(char *desc, LSA_Q_LOOKUP_NAMES *q_r, prs_struct *ps, int depth)
{
int i;
if (q_r == NULL) return;
- prs_debug(ps, depth, desc, "lsa_io_q_lookup_rids");
+ prs_debug(ps, depth, desc, "lsa_io_q_lookup_names");
depth++;
prs_align(ps);
@@ -685,47 +716,52 @@ void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i
prs_uint32("num_entries ", ps, depth, &(q_r->num_entries));
prs_uint32("num_entries2 ", ps, depth, &(q_r->num_entries2));
- prs_uint32("buffer_dom_sid ", ps, depth, &(q_r->buffer_dom_sid)); /* undocumented domain SID buffer pointer */
- prs_uint32("buffer_dom_name", ps, depth, &(q_r->buffer_dom_name)); /* undocumented domain name buffer pointer */
- SMB_ASSERT_ARRAY(q_r->lookup_name, q_r->num_entries);
+ SMB_ASSERT_ARRAY(q_r->uni_name, q_r->num_entries);
for (i = 0; i < q_r->num_entries; i++)
{
- smb_io_unistr3("dom_name", &(q_r->lookup_name[i]), ps, depth); /* names to be looked up */
+ smb_io_unihdr("hdr_name", &(q_r->hdr_name[i]), ps, depth); /* pointer names */
}
- prs_uint8s (False, "undoc ", ps, depth, q_r->undoc, UNKNOWN_LEN);
+ for (i = 0; i < q_r->num_entries; i++)
+ {
+ smb_io_unistr2("dom_name", &(q_r->uni_name[i]), q_r->hdr_name[i].buffer, ps, depth); /* names to be looked up */
+ prs_align(ps);
+ }
+
+ prs_uint32("num_trans_entries ", ps, depth, &(q_r->num_trans_entries));
+ prs_uint32("ptr_trans_sids ", ps, depth, &(q_r->ptr_trans_sids));
+ prs_uint32("lookup_level ", ps, depth, &(q_r->lookup_level ));
+ prs_uint32("mapped_count ", ps, depth, &(q_r->mapped_count ));
}
/*******************************************************************
reads or writes a structure.
********************************************************************/
-void lsa_io_r_lookup_rids(char *desc, LSA_R_LOOKUP_RIDS *r_r, prs_struct *ps, int depth)
+void lsa_io_r_lookup_names(char *desc, LSA_R_LOOKUP_NAMES *r_r, prs_struct *ps, int depth)
{
int i;
if (r_r == NULL) return;
- prs_debug(ps, depth, desc, "lsa_io_r_lookup_rids");
+ prs_debug(ps, depth, desc, "lsa_io_r_lookup_names");
depth++;
prs_align(ps);
- lsa_io_dom_r_ref("", &(r_r->dom_ref), ps, depth); /* domain reference info */
+ lsa_io_dom_r_ref("", r_r->dom_ref, ps, depth); /* domain reference info */
prs_uint32("num_entries ", ps, depth, &(r_r->num_entries));
prs_uint32("undoc_buffer", ps, depth, &(r_r->undoc_buffer));
prs_uint32("num_entries2", ps, depth, &(r_r->num_entries2));
- SMB_ASSERT_ARRAY(r_r->dom_rid, r_r->num_entries2);
-
for (i = 0; i < r_r->num_entries2; i++)
{
smb_io_dom_rid2("", &(r_r->dom_rid[i]), ps, depth); /* domain RIDs being looked up */
}
- prs_uint32("num_entries3", ps, depth, &(r_r->num_entries3));
+ prs_uint32("mapped_count", ps, depth, &(r_r->mapped_count));
prs_uint32("status ", ps, depth, &(r_r->status));
}
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index 97d4f3d563..ad268f60a4 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -674,7 +674,6 @@ creates a DOM_RID2 structure.
void make_dom_rid2(DOM_RID2 *rid2, uint32 rid, uint8 type)
{
rid2->type = type;
- rid2->undoc = 0x5;
rid2->rid = rid;
rid2->rid_idx = 0;
}
@@ -691,14 +690,8 @@ void smb_io_dom_rid2(char *desc, DOM_RID2 *rid2, prs_struct *ps, int depth)
prs_align(ps);
- /* should be value 5, so enforce it */
- rid2->type = 5;
-
- /* should be value 5, so enforce it */
- rid2->undoc = 5;
-
- prs_uint32("type ", ps, depth, &(rid2->type));
- prs_uint32("undoc ", ps, depth, &(rid2->undoc ));
+ prs_uint8("type ", ps, depth, &(rid2->type));
+ prs_align(ps);
prs_uint32("rid ", ps, depth, &(rid2->rid ));
prs_uint32("rid_idx", ps, depth, &(rid2->rid_idx ));
}
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index 8c9db172d2..abbe4ccd93 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -195,9 +195,9 @@ static int make_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
}
/***************************************************************************
-make_reply_lookup_rids
+make_reply_lookup_names
***************************************************************************/
-static void make_reply_lookup_rids(LSA_R_LOOKUP_RIDS *r_l,
+static void make_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
int num_entries,
DOM_SID dom_sids [MAX_LOOKUP_SIDS],
uint8 dom_types[MAX_LOOKUP_SIDS])
@@ -338,24 +338,24 @@ static void lsa_reply_lookup_sids(prs_struct *rdata,
}
/***************************************************************************
-lsa_reply_lookup_rids
+lsa_reply_lookup_names
***************************************************************************/
-static void lsa_reply_lookup_rids(prs_struct *rdata,
+static void lsa_reply_lookup_names(prs_struct *rdata,
int num_entries,
DOM_SID dom_sids [MAX_LOOKUP_SIDS],
uint8 dom_types[MAX_LOOKUP_SIDS])
{
- LSA_R_LOOKUP_RIDS r_l;
+ LSA_R_LOOKUP_NAMES r_l;
ZERO_STRUCT(r_l);
/* set up the LSA Lookup RIDs response */
- make_reply_lookup_rids(&r_l, num_entries, dom_sids, dom_types);
+ make_reply_lookup_names(&r_l, num_entries, dom_sids, dom_types);
r_l.status = 0x0;
/* store the response in the SMB stream */
- lsa_io_r_lookup_rids("", &r_l, rdata, 0);
+ lsa_io_r_lookup_names("", &r_l, rdata, 0);
}
/***************************************************************************
@@ -478,7 +478,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
prs_struct *rdata )
{
int i;
- LSA_Q_LOOKUP_RIDS q_l;
+ LSA_Q_LOOKUP_NAMES q_l;
DOM_SID dom_sids [MAX_LOOKUP_SIDS];
uint8 dom_types[MAX_LOOKUP_SIDS];
@@ -486,15 +486,15 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
ZERO_ARRAY(dom_sids);
/* grab the info class and policy handle */
- lsa_io_q_lookup_rids("", &q_l, data, 0);
+ lsa_io_q_lookup_names("", &q_l, data, 0);
- SMB_ASSERT_ARRAY(q_l.lookup_name, q_l.num_entries);
+ SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries);
/* convert received RIDs to strings, so we can do them. */
for (i = 0; i < q_l.num_entries; i++)
{
fstring name;
- fstrcpy(name, unistr2(q_l.lookup_name[i].str.buffer));
+ fstrcpy(name, unistr2_to_str(&q_l.uni_name[i]));
if (!lookup_name(name, &dom_sids[i], &dom_types[i]))
{
@@ -503,7 +503,7 @@ static void api_lsa_lookup_names( uint16 vuid, prs_struct *data,
}
/* construct reply. return status is always 0x0 */
- lsa_reply_lookup_rids(rdata,
+ lsa_reply_lookup_names(rdata,
q_l.num_entries,
dom_sids, /* text-converted SIDs */
dom_types); /* SID_NAME_USE types */
diff --git a/source3/rpc_server/srv_sid.c b/source3/rpc_server/srv_sid.c
index 216fab657f..0317bb32f5 100644
--- a/source3/rpc_server/srv_sid.c
+++ b/source3/rpc_server/srv_sid.c
@@ -432,10 +432,6 @@ Error was %s\n", sid_file, strerror(errno) ));
***************************************************************************/
BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain)
{
- fstring sid_str;
- sid_to_string(sid_str, sid);
- DEBUG(5,("map_domain_name_to_sid: %s\n", sid_str));
-
if (nt_domain == NULL)
{
*sid = global_sam_sid;
@@ -451,6 +447,16 @@ BOOL map_domain_name_to_sid(DOM_SID *sid, char **nt_domain)
return True;
}
+ if ((*nt_domain)[0] == 0)
+ {
+ DEBUG(5,("map_domain_name_to_sid: overriding blank name to %s\n",
+ global_sam_name));
+ free(*nt_domain);
+ (*nt_domain) = strdup(global_sam_name);
+ *sid = global_sam_sid;
+ return True;
+ }
+
if (strequal((*nt_domain), global_sam_name))
{
*sid = global_sam_sid;
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index a23e7a650b..4a907fa344 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -121,7 +121,97 @@ void cmd_lsa_query_info(struct client_info *info)
}
/****************************************************************************
-nt lsa query
+lookup names
+****************************************************************************/
+void cmd_lsa_lookup_names(struct client_info *info)
+{
+ fstring temp;
+ int i;
+ fstring srv_name;
+ int num_names = 0;
+ char *names[10];
+ DOM_SID *sids;
+ int num_sids = 0;
+#if 0
+ DOM_SID sid[10];
+ DOM_SID *sids[10];
+#endif
+ BOOL res = True;
+
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, info->myhostname);
+ strupper(srv_name);
+
+ DEBUG(4,("cmd_lsa_lookup_names: server: %s\n", srv_name));
+
+ while (num_names < 10 && next_token(NULL, temp, NULL, sizeof(temp)))
+ {
+ names[num_names] = strdup(temp);
+ num_names++;
+ }
+
+ if (num_names == 0)
+ {
+ fprintf(out_hnd, "lookupnames <name> [<name> ...]\n");
+ return;
+ }
+
+ /* open LSARPC session. */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_LSARPC) : False;
+
+ /* lookup domain controller; receive a policy handle */
+ res = res ? do_lsa_open_policy(smb_cli,
+ srv_name,
+ &info->dom.lsa_info_pol, True) : False;
+
+ /* send lsa lookup sids call */
+ res = res ? do_lsa_lookup_names(smb_cli,
+ &info->dom.lsa_info_pol,
+ num_names, names,
+ &sids, &num_sids) : False;
+
+ res = res ? do_lsa_close(smb_cli, &info->dom.lsa_info_pol) : False;
+
+ /* close the session */
+ cli_nt_session_close(smb_cli);
+
+ if (res)
+ {
+ DEBUG(5,("cmd_lsa_lookup_names: query succeeded\n"));
+ }
+ else
+ {
+ DEBUG(5,("cmd_lsa_lookup_names: query failed\n"));
+ }
+
+ if (sids != NULL)
+ {
+ fprintf(out_hnd,"Lookup Names:\n");
+ for (i = 0; i < num_sids; i++)
+ {
+ sid_to_string(temp, &sids[i]);
+ fprintf(out_hnd, "SID: %s -> %s\n", names[i], temp);
+#if 0
+ if (sids[i] != NULL)
+ {
+ free(sids[i]);
+ }
+#endif
+ }
+ free(sids);
+ }
+
+ for (i = 0; i < num_names; i++)
+ {
+ if (names[i] != NULL)
+ {
+ free(names[i]);
+ }
+ }
+}
+
+/****************************************************************************
+lookup sids
****************************************************************************/
void cmd_lsa_lookup_sids(struct client_info *info)
{
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 80d66a3af4..220c81d61e 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -122,6 +122,7 @@ struct
{"srvfiles", cmd_srv_enum_files, "List files on a server"},
{"lsaquery", cmd_lsa_query_info, "Query Info Policy (domain member or server)"},
{"lookupsids", cmd_lsa_lookup_sids, "Resolve names from SIDs"},
+ {"lookupnames",cmd_lsa_lookup_names, "Resolve SIDs from names"},
{"enumusers", cmd_sam_enum_users, "SAM User Database Query (experimental!)"},
{"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"},
{"samuser", cmd_sam_query_user, "<username> SAM User Query (experimental!)"},
diff --git a/source3/smbd/groupname.c b/source3/smbd/groupname.c
index 3c09c11830..95992cc84b 100644
--- a/source3/smbd/groupname.c
+++ b/source3/smbd/groupname.c
@@ -207,16 +207,9 @@ failed. Error was %s.\n", grp->unix_name, strerror(errno) ));
grp->nt_domain));
return False;
}
-
- DEBUG(0,("unix_name_to_group_info: cannot resolve domain %s\n",
- grp->nt_domain));
-
- return False;
- }
- else
- {
- return make_mydomain_sid(grp, type);
}
+
+ return make_mydomain_sid(grp, type);
}
static BOOL make_name_entry(name_map_entry **new_ep,
@@ -301,8 +294,6 @@ static void load_name_map(GROUP_TYPE type)
map_list = &aliasname_map_list;
}
- DEBUG(10,("load_name_map : %s\n", map_file));
-
if (!(*initialised))
{
ubi_slInitList(map_list);