From 12d16af9d6a5a790f8d0849c9a3e1d01cbb2266d Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Thu, 16 Jul 2009 02:27:51 +0200
Subject: s3-lsa: implement _lsa_DeleteTrustedDomain().
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
---
 source3/rpc_server/lsa/srv_lsa_nt.c | 45 +++++++++++++++++++++++++++++++------
 1 file changed, 38 insertions(+), 7 deletions(-)

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index 8a70a987d6..4a8da2f092 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -1622,6 +1622,44 @@ NTSTATUS _lsa_CreateTrustedDomain(struct pipes_struct *p,
 	return _lsa_CreateTrustedDomainEx2(p, &c);
 }
 
+/***************************************************************************
+ _lsa_DeleteTrustedDomain
+ ***************************************************************************/
+
+NTSTATUS _lsa_DeleteTrustedDomain(struct pipes_struct *p,
+				  struct lsa_DeleteTrustedDomain *r)
+{
+	NTSTATUS status;
+	struct lsa_info *handle;
+	struct trustdom_info *info;
+
+	/* find the connection policy handle. */
+	if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
+		return NT_STATUS_INVALID_HANDLE;
+	}
+
+	if (handle->type != LSA_HANDLE_POLICY_TYPE) {
+		return NT_STATUS_INVALID_HANDLE;
+	}
+
+	if (!(handle->access & LSA_POLICY_TRUST_ADMIN)) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	status = lsa_lookup_trusted_domain_by_sid(p->mem_ctx,
+						  r->in.dom_sid,
+						  &info);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	if (!pdb_del_trusteddom_pw(info->name)) {
+		return NT_STATUS_NO_TRUST_LSA_SECRET;
+	}
+
+	return NT_STATUS_OK;
+}
+
 /***************************************************************************
  ***************************************************************************/
 
@@ -2753,13 +2791,6 @@ NTSTATUS _lsa_SetTrustedDomainInfo(struct pipes_struct *p,
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-NTSTATUS _lsa_DeleteTrustedDomain(struct pipes_struct *p,
-				  struct lsa_DeleteTrustedDomain *r)
-{
-	p->rng_fault_state = True;
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
 NTSTATUS _lsa_StorePrivateData(struct pipes_struct *p,
 			       struct lsa_StorePrivateData *r)
 {
-- 
cgit