From 9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 3 Jun 2004 18:00:22 +0000 Subject: r991: Allow winbindd to use the domain trust account password for setting up an schannel connection. This solves the problem of a Samba DC running winbind, trusting a native mode AD domain, and needing to enumerate AD users via wbinfo -u. (This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea) --- source3/include/rpc_dce.h | 3 ++- source3/include/rpc_netlogon.h | 42 +++++++++++++++++++++++++++++++++++------- 2 files changed, 37 insertions(+), 8 deletions(-) (limited to 'source3/include') diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h index 0df903109d..57b1184bd9 100644 --- a/source3/include/rpc_dce.h +++ b/source3/include/rpc_dce.h @@ -71,7 +71,8 @@ enum RPC_PKT_TYPE to NT4. Actually, anything other than 1ff would seem to do... */ #define NETLOGON_NEG_AUTH2_FLAGS 0x000701ff -#define NETLOGON_NEG_SCHANNEL 0x40000000 +#define NETLOGON_NEG_SCHANNEL 0x40000000 +#define NETLOGON_NEG_DOMAIN_TRUST_ACCOUNT 0x2010b000 enum netsec_direction { diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h index a5b93b0238..ad30cfbafb 100644 --- a/source3/include/rpc_netlogon.h +++ b/source3/include/rpc_netlogon.h @@ -68,6 +68,11 @@ #define SAM_DATABASE_BUILTIN 0x01 /* BUILTIN users and groups */ #define SAM_DATABASE_PRIVS 0x02 /* Privileges */ +#define NETLOGON_CONTROL_REDISCOVER 0x5 +#define NETLOGON_CONTROL_TC_QUERY 0x6 +#define NETLOGON_CONTROL_TRANSPORT_NOTIFY 0x7 +#define NETLOGON_CONTROL_SET_DBFLAG 0xfffe + #if 0 /* I think this is correct - it's what gets parsed on the wire. JRA. */ /* NET_USER_INFO_2 */ @@ -204,7 +209,7 @@ typedef struct netlogon_2_info uint32 flags; /* 0x0 - undocumented */ uint32 pdc_status; /* 0x0 - undocumented */ uint32 ptr_trusted_dc_name; /* pointer to trusted domain controller name */ - uint32 tc_status; /* 0x051f - ERROR_NO_LOGON_SERVERS */ + uint32 tc_status; UNISTR2 uni_trusted_dc_name; /* unicode string - trusted dc name */ } NETLOGON_INFO_2; @@ -255,6 +260,26 @@ typedef struct net_r_logon_ctrl_info NTSTATUS status; } NET_R_LOGON_CTRL; + +typedef struct ctrl_data_info_5 +{ + uint32 function_code; + + uint32 ptr_domain; + UNISTR2 domain; + +} CTRL_DATA_INFO_5; + +typedef struct ctrl_data_info_6 +{ + uint32 function_code; + + uint32 ptr_domain; + UNISTR2 domain; + +} CTRL_DATA_INFO_6; + + /******************************************************** Logon Control2 Query @@ -266,13 +291,16 @@ typedef struct net_r_logon_ctrl_info /* NET_Q_LOGON_CTRL2 - LSA Netr Logon Control 2 */ typedef struct net_q_logon_ctrl2_info { - uint32 ptr; /* undocumented buffer pointer */ - UNISTR2 uni_server_name; /* server name, starting with two '\'s */ + uint32 ptr; /* undocumented buffer pointer */ + UNISTR2 uni_server_name; /* server name, starting with two '\'s */ + + uint32 function_code; + uint32 query_level; + union { + CTRL_DATA_INFO_5 info5; + CTRL_DATA_INFO_6 info6;; + } info; - uint32 function_code; /* 0x1 */ - uint32 query_level; /* 0x1, 0x3 */ - uint32 switch_value; /* 0x1 */ - } NET_Q_LOGON_CTRL2; /******************************************************* -- cgit