summaryrefslogtreecommitdiff
path: root/source4/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source4/rpc_server')
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c207
1 files changed, 195 insertions, 12 deletions
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 770f1b2064..e68dfaab34 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -538,13 +538,111 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO
}
+/*
+ comparison function for sorting SamEntry array
+*/
+static int compare_SamEntry(struct samr_SamEntry *e1, struct samr_SamEntry *e2)
+{
+ return e1->idx - e2->idx;
+}
+
/*
samr_EnumDomainGroups
*/
static NTSTATUS samr_EnumDomainGroups(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct samr_EnumDomainGroups *r)
{
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct dcesrv_handle *h;
+ struct samr_domain_state *d_state;
+ struct ldb_message **res;
+ int ldb_cnt, count, i, first;
+ struct samr_SamEntry *entries;
+ const char * const attrs[3] = { "objectSid", "sAMAccountName", NULL };
+ struct dom_sid *domain_sid;
+
+ *r->out.resume_handle = 0;
+ r->out.sam = NULL;
+ r->out.num_entries = 0;
+
+ DCESRV_PULL_HANDLE(h, r->in.domain_handle, SAMR_HANDLE_DOMAIN);
+
+ d_state = h->data;
+
+ /* search for all domain groups in this domain. This could possibly be
+ cached and resumed based on resume_key */
+ ldb_cnt = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn,
+ &res, attrs,
+ "(&(grouptype=%s)(objectclass=group))",
+ ldb_hexstr(mem_ctx,
+ GTYPE_SECURITY_GLOBAL_GROUP));
+ if (ldb_cnt == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ if (ldb_cnt == 0 || r->in.max_size == 0) {
+ return NT_STATUS_OK;
+ }
+
+ /* convert to SamEntry format */
+ entries = talloc_array_p(mem_ctx, struct samr_SamEntry, ldb_cnt);
+ if (!entries) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ count = 0;
+ domain_sid = dom_sid_parse_talloc(mem_ctx, d_state->domain_sid);
+
+ for (i=0;i<ldb_cnt;i++) {
+ struct dom_sid *alias_sid;
+
+ alias_sid = samdb_result_dom_sid(mem_ctx, res[i],
+ "objectSid");
+
+ if (alias_sid == NULL)
+ continue;
+
+ if (!dom_sid_in_domain(domain_sid, alias_sid))
+ continue;
+
+ entries[count].idx =
+ alias_sid->sub_auths[alias_sid->num_auths-1];
+ entries[count].name.string =
+ samdb_result_string(res[i], "sAMAccountName", "");
+ count += 1;
+ }
+
+ /* sort the results by rid */
+ qsort(entries, count, sizeof(struct samr_SamEntry),
+ (comparison_fn_t)compare_SamEntry);
+
+ /* find the first entry to return */
+ for (first=0;
+ first<count && entries[first].idx <= *r->in.resume_handle;
+ first++) ;
+
+ if (first == count) {
+ return NT_STATUS_OK;
+ }
+
+ /* return the rest, limit by max_size. Note that we
+ use the w2k3 element size value of 54 */
+ r->out.num_entries = count - first;
+ r->out.num_entries = MIN(r->out.num_entries,
+ 1+(r->in.max_size/SAMR_ENUM_USERS_MULTIPLIER));
+
+ r->out.sam = talloc_p(mem_ctx, struct samr_SamArray);
+ if (!r->out.sam) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ r->out.sam->entries = entries+first;
+ r->out.sam->count = r->out.num_entries;
+
+ if (r->out.num_entries < count - first) {
+ *r->out.resume_handle = entries[first+r->out.num_entries-1].idx;
+ return STATUS_MORE_ENTRIES;
+ }
+
+ return NT_STATUS_OK;
}
@@ -746,14 +844,6 @@ static NTSTATUS samr_CreateUser(struct dcesrv_call_state *dce_call, TALLOC_CTX *
return samr_CreateUser2(dce_call, mem_ctx, &r2);
}
-/*
- comparison function for sorting SamEntry array
-*/
-static int compare_SamEntry(struct samr_SamEntry *e1, struct samr_SamEntry *e2)
-{
- return e1->idx - e2->idx;
-}
-
/*
samr_EnumDomainUsers
*/
@@ -963,7 +1053,98 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C
static NTSTATUS samr_EnumDomainAliases(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct samr_EnumDomainAliases *r)
{
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct dcesrv_handle *h;
+ struct samr_domain_state *d_state;
+ struct ldb_message **res;
+ int ldb_cnt, count, i, first;
+ struct samr_SamEntry *entries;
+ const char * const attrs[3] = { "objectSid", "sAMAccountName", NULL };
+ struct dom_sid *domain_sid;
+
+ *r->out.resume_handle = 0;
+ r->out.sam = NULL;
+ r->out.num_entries = 0;
+
+ DCESRV_PULL_HANDLE(h, r->in.domain_handle, SAMR_HANDLE_DOMAIN);
+
+ d_state = h->data;
+
+ /* search for all domain groups in this domain. This could possibly be
+ cached and resumed based on resume_key */
+ ldb_cnt = samdb_search(d_state->sam_ctx, mem_ctx, d_state->domain_dn,
+ &res, attrs,
+ "(&(|(grouptype=%s)(grouptype=%s)))"
+ "(objectclass=group))",
+ ldb_hexstr(mem_ctx,
+ GTYPE_SECURITY_BUILTIN_LOCAL_GROUP),
+ ldb_hexstr(mem_ctx,
+ GTYPE_SECURITY_DOMAIN_LOCAL_GROUP));
+ if (ldb_cnt == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+ if (ldb_cnt == 0) {
+ return NT_STATUS_OK;
+ }
+
+ /* convert to SamEntry format */
+ entries = talloc_array_p(mem_ctx, struct samr_SamEntry, ldb_cnt);
+ if (!entries) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ count = 0;
+ domain_sid = dom_sid_parse_talloc(mem_ctx, d_state->domain_sid);
+
+ for (i=0;i<ldb_cnt;i++) {
+ struct dom_sid *alias_sid;
+
+ alias_sid = samdb_result_dom_sid(mem_ctx, res[i],
+ "objectSid");
+
+ if (alias_sid == NULL)
+ continue;
+
+ if (!dom_sid_in_domain(domain_sid, alias_sid))
+ continue;
+
+ entries[count].idx =
+ alias_sid->sub_auths[alias_sid->num_auths-1];
+ entries[count].name.string =
+ samdb_result_string(res[i], "sAMAccountName", "");
+ count += 1;
+ }
+
+ /* sort the results by rid */
+ qsort(entries, count, sizeof(struct samr_SamEntry),
+ (comparison_fn_t)compare_SamEntry);
+
+ /* find the first entry to return */
+ for (first=0;
+ first<count && entries[first].idx <= *r->in.resume_handle;
+ first++) ;
+
+ if (first == count) {
+ return NT_STATUS_OK;
+ }
+
+ r->out.num_entries = count - first;
+ r->out.num_entries = MIN(r->out.num_entries, 1000);
+
+ r->out.sam = talloc_p(mem_ctx, struct samr_SamArray);
+ if (!r->out.sam) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ r->out.sam->entries = entries+first;
+ r->out.sam->count = r->out.num_entries;
+
+ if (r->out.num_entries < count - first) {
+ *r->out.resume_handle =
+ entries[first+r->out.num_entries-1].idx;
+ return STATUS_MORE_ENTRIES;
+ }
+
+ return NT_STATUS_OK;
}
@@ -1626,8 +1807,10 @@ static NTSTATUS samr_OpenAlias(struct dcesrv_call_state *dce_call, TALLOC_CTX *m
"(&(objectSid=%s)(objectclass=group)"
"(|(grouptype=%s)(grouptype=%s)))",
sidstr,
- ldb_hexstr(mem_ctx, GTYPE_SECURITY_BUILTIN_LOCAL_GROUP),
- ldb_hexstr(mem_ctx, GTYPE_SECURITY_DOMAIN_LOCAL_GROUP));
+ ldb_hexstr(mem_ctx,
+ GTYPE_SECURITY_BUILTIN_LOCAL_GROUP),
+ ldb_hexstr(mem_ctx,
+ GTYPE_SECURITY_DOMAIN_LOCAL_GROUP));
if (ret == 0) {
return NT_STATUS_NO_SUCH_ALIAS;
}