4 files changed, 64 insertions, 47 deletions

diff --git a/source4/rpc_server/dcerpc_server.c b/source4/rpc_server/dcerpc_server.c
index d8dafd61f6..ac36825acd 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -270,11 +270,20 @@ NTSTATUS dcesrv_generic_session_key(struct dcesrv_connection *p,
 
 /*
   fetch the user session key - may be default (above) or the SMB session key
+
+  The key is always truncated to 16 bytes 
 */
 _PUBLIC_ NTSTATUS dcesrv_fetch_session_key(struct dcesrv_connection *p,
 				  DATA_BLOB *session_key)
 {
-	return p->auth_state.session_key(p, session_key);
+	NTSTATUS status = p->auth_state.session_key(p, session_key);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	session_key->length = MIN(session_key->length, 16);
+
+	return NT_STATUS_OK;
 }
 
 
@@ -534,7 +543,18 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 	uint32_t context_id;
 	const struct dcesrv_interface *iface;
 
-	if (call->pkt.u.bind.assoc_group_id != 0) {
+	/*
+	 * Association groups allow policy handles to be shared across
+	 * multiple client connections.  We don't implement this yet.
+	 *
+	 * So we just allow 0 if the client wants to create a new
+	 * association group.
+	 *
+	 * And we allow the 0x12345678 value, we give away as
+	 * assoc_group_id back to the clients
+	 */
+	if (call->pkt.u.bind.assoc_group_id != 0 &&
+	    call->pkt.u.bind.assoc_group_id != 0x12345678) {
 		return dcesrv_bind_nak(call, 0);	
 	}
 
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index e0a222e767..bbb78cb778 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -45,7 +45,7 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C
 	struct ldb_result *ntds_res;
 	struct ldb_dn *ntds_dn;
 	static const char *ntds_attrs[] = { "ms-DS-ReplicationEpoch", NULL };
-	uint32_t u1;
+	uint32_t pid;
 	uint32_t repl_epoch;
 	int ret;
 
@@ -98,9 +98,12 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C
 	repl_epoch = samdb_result_uint(ntds_res->msgs[0], "ms-DS-ReplicationEpoch", 0);
 
 	/*
-	 * TODO: find out what this is...
+	 * The "process identifier" of the client.
+	 * According to the WSPP docs, sectin 5.35, this is
+	 * for informational and debugging purposes only.
+	 * The assignment is implementation specific.
 	 */
-	u1 = 0;
+	pid = 0;
 
 	/*
 	 * store the clients bind_guid
@@ -119,7 +122,7 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C
 			info24 = &r->in.bind_info->info.info24;
 			b_state->remote_info28.supported_extensions	= info24->supported_extensions;
 			b_state->remote_info28.site_guid		= info24->site_guid;
-			b_state->remote_info28.u1			= info24->u1;
+			b_state->remote_info28.pid			= info24->pid;
 			b_state->remote_info28.repl_epoch		= 0;
 			break;
 		}
@@ -171,8 +174,8 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C
 	b_state->local_info28.supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 #endif
 	b_state->local_info28.site_guid			= site_guid;
-	b_state->local_info28.u1				= u1;
-	b_state->local_info28.repl_epoch			= repl_epoch;
+	b_state->local_info28.pid			= pid;
+	b_state->local_info28.repl_epoch		= repl_epoch;
 
 	/*
 	 * allocate the return bind_info
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index eb60f426d8..f02e2325a0 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1130,9 +1130,6 @@ static NTSTATUS dcesrv_lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALL
 	if (count == -1) {
 		return NT_STATUS_INTERNAL_DB_CORRUPTION;
 	}
-	if (count == 0 || r->in.max_size == 0) {
-		return NT_STATUS_OK;
-	}
 
 	/* convert to lsa_TrustInformation format */
 	entries = talloc_array(mem_ctx, struct lsa_DomainInfo, count);
@@ -1218,9 +1215,6 @@ static NTSTATUS dcesrv_lsa_EnumTrustedDomainsEx(struct dcesrv_call_state *dce_ca
 	if (count == -1) {
 		return NT_STATUS_INTERNAL_DB_CORRUPTION;
 	}
-	if (count == 0 || r->in.max_size == 0) {
-		return NT_STATUS_OK;
-	}
 
 	/* convert to lsa_DomainInformation format */
 	entries = talloc_array(mem_ctx, struct lsa_TrustDomainInfoInfoEx, count);
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 8ee77a6a30..e54d518f76 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -521,10 +521,10 @@ static NTSTATUS dcesrv_samr_info_DomInfo1(struct samr_domain_state *state,
 /*
   return DomInfo2
 */
-static NTSTATUS dcesrv_samr_info_DomInfo2(struct samr_domain_state *state, 
-					  TALLOC_CTX *mem_ctx,
-					  struct ldb_message **dom_msgs,
-					  struct samr_DomInfo2 *info)
+static NTSTATUS dcesrv_samr_info_DomGeneralInformation(struct samr_domain_state *state, 
+						       TALLOC_CTX *mem_ctx,
+						       struct ldb_message **dom_msgs,
+						       struct samr_DomGeneralInformation *info)
 {
 	/* This pulls the NetBIOS name from the 
 	   cn=NTDS Settings,cn=<NETBIOS name of PDC>,....
@@ -538,7 +538,7 @@ static NTSTATUS dcesrv_samr_info_DomInfo2(struct samr_domain_state *state,
 	info->force_logoff_time = ldb_msg_find_attr_as_uint64(dom_msgs[0], "forceLogoff", 
 							    0x8000000000000000LL);
 
-	info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL);
+	info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL);
 	info->domain_name.string  = state->domain_name;
 
 	info->sequence_num = ldb_msg_find_attr_as_uint64(dom_msgs[0], "modifiedCount", 
@@ -592,12 +592,12 @@ static NTSTATUS dcesrv_samr_info_DomInfo3(struct samr_domain_state *state,
 /*
   return DomInfo4
 */
-static NTSTATUS dcesrv_samr_info_DomInfo4(struct samr_domain_state *state,
+static NTSTATUS dcesrv_samr_info_DomOEMInformation(struct samr_domain_state *state,
 				   TALLOC_CTX *mem_ctx,
 				    struct ldb_message **dom_msgs,
-				   struct samr_DomInfo4 *info)
+				   struct samr_DomOEMInformation *info)
 {
-	info->comment.string = samdb_result_string(dom_msgs[0], "comment", NULL);
+	info->oem_information.string = samdb_result_string(dom_msgs[0], "oEMInformation", NULL);
 
 	return NT_STATUS_OK;
 }
@@ -700,13 +700,13 @@ static NTSTATUS dcesrv_samr_info_DomInfo9(struct samr_domain_state *state,
 /*
   return DomInfo11
 */
-static NTSTATUS dcesrv_samr_info_DomInfo11(struct samr_domain_state *state,
+static NTSTATUS dcesrv_samr_info_DomGeneralInformation2(struct samr_domain_state *state,
 				    TALLOC_CTX *mem_ctx,
 				    struct ldb_message **dom_msgs,
-				    struct samr_DomInfo11 *info)
+				    struct samr_DomGeneralInformation2 *info)
 {
 	NTSTATUS status;
-	status = dcesrv_samr_info_DomInfo2(state, mem_ctx, dom_msgs, &info->info2);
+	status = dcesrv_samr_info_DomGeneralInformation(state, mem_ctx, dom_msgs, &info->general);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -792,7 +792,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call,
 	case 2:
 	{
 		static const char * const attrs2[] = {"forceLogoff",
-						      "comment", 
+						      "oEMInformation", 
 						      "modifiedCount", 
 						      "fSMORoleOwner",
 						      NULL};
@@ -808,7 +808,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call,
 	}
 	case 4:
 	{
-		static const char * const attrs2[] = {"comment", 
+		static const char * const attrs2[] = {"oEMInformation", 
 						      NULL};
 		attrs = attrs2;
 		break;
@@ -843,7 +843,7 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call,
 		break;		
 	case 11:
 	{
-		static const char * const attrs2[] = { "comment", "forceLogoff", 
+		static const char * const attrs2[] = { "oEMInformation", "forceLogoff", 
 						       "modifiedCount", 
 						       "lockoutDuration", 
 						       "lockOutObservationWindow", 
@@ -886,42 +886,42 @@ static NTSTATUS dcesrv_samr_QueryDomainInfo(struct dcesrv_call_state *dce_call,
 	switch (r->in.level) {
 	case 1:
 		return dcesrv_samr_info_DomInfo1(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info1);
+						 &r->out.info->info1);
 	case 2:
-		return dcesrv_samr_info_DomInfo2(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info2);
+		return dcesrv_samr_info_DomGeneralInformation(d_state, mem_ctx, dom_msgs, 
+							      &r->out.info->general);
 	case 3:
 		return dcesrv_samr_info_DomInfo3(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info3);
+						 &r->out.info->info3);
 	case 4:
-		return dcesrv_samr_info_DomInfo4(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info4);
+		return dcesrv_samr_info_DomOEMInformation(d_state, mem_ctx, dom_msgs, 
+							  &r->out.info->oem);
 	case 5:
 		return dcesrv_samr_info_DomInfo5(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info5);
+						 &r->out.info->info5);
 	case 6:
 		return dcesrv_samr_info_DomInfo6(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info6);
+						 &r->out.info->info6);
 	case 7:
 		return dcesrv_samr_info_DomInfo7(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info7);
+						 &r->out.info->info7);
 	case 8:
 		return dcesrv_samr_info_DomInfo8(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info8);
+						 &r->out.info->info8);
 	case 9:
 		return dcesrv_samr_info_DomInfo9(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info9);
+						 &r->out.info->info9);
 	case 11:
-		return dcesrv_samr_info_DomInfo11(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info11);
+		return dcesrv_samr_info_DomGeneralInformation2(d_state, mem_ctx, dom_msgs, 
+							       &r->out.info->general2);
 	case 12:
 		return dcesrv_samr_info_DomInfo12(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info12);
+						  &r->out.info->info12);
 	case 13:
 		return dcesrv_samr_info_DomInfo13(d_state, mem_ctx, dom_msgs, 
-					  &r->out.info->info13);
+						  &r->out.info->info13);
 	}
-
+	
 	return NT_STATUS_INVALID_INFO_CLASS;
 }
 
@@ -962,10 +962,10 @@ static NTSTATUS dcesrv_samr_SetDomainInfo(struct dcesrv_call_state *dce_call, TA
 		SET_INT64  (msg, info1.min_password_age,       "minPwdAge");
 		break;
 	case 3:
-		SET_UINT64  (msg, info3.force_logoff_time,      "forceLogoff");
+		SET_UINT64  (msg, info3.force_logoff_time,     "forceLogoff");
 		break;
 	case 4:
-		SET_STRING(msg, info4.comment,          "comment");
+		SET_STRING(msg, oem.oem_information,           "oEMInformation");
 		break;
 
 	case 6:
@@ -2997,7 +2997,7 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
 	case 1:
 	{
 		static const char * const attrs2[] = {"sAMAccountName", "displayName",
-						      "primaryGroupID", "description",
+						      "primaryroupID", "description",
 						      "comment", NULL};
 		attrs = attrs2;
 		break;