From ee671b19826ebf57d03ec7f3ee8f653d22d9ce3e Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 27 May 2008 12:11:28 +0200 Subject: libnetapi: add dummy implementation for NetGroupAdd() and NetGroupDel(). Guenther (This used to be commit d690f9e9f8b8a0aeda311913589ae48805f7e3b8) --- source3/lib/netapi/group.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 source3/lib/netapi/group.c (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c new file mode 100644 index 0000000000..3515d28c69 --- /dev/null +++ b/source3/lib/netapi/group.c @@ -0,0 +1,54 @@ +/* + * Unix SMB/CIFS implementation. + * NetApi Group Support + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "includes.h" + +#include "librpc/gen_ndr/libnetapi.h" +#include "lib/netapi/netapi.h" +#include "lib/netapi/netapi_private.h" +#include "lib/netapi/libnetapi.h" + +/**************************************************************** +****************************************************************/ + + +WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, + struct NetGroupAdd *r) +{ + return WERR_NOT_SUPPORTED; +} + +WERROR NetGroupAdd_l(struct libnetapi_ctx *ctx, + struct NetGroupAdd *r) +{ + return WERR_NOT_SUPPORTED; +} + +WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, + struct NetGroupDel *r) +{ + return WERR_NOT_SUPPORTED; +} + +WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, + struct NetGroupDel *r) +{ + return WERR_NOT_SUPPORTED; +} + -- cgit From c36b5dc227285e622370b0bc11d34bac1d2884b1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 28 May 2008 14:48:30 +0200 Subject: netapi: implement NetGroupAdd_r(). Guenther (This used to be commit b00bff961ea786b0cbd8ec7faf554efae72169ea) --- source3/lib/netapi/group.c | 239 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 237 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 3515d28c69..4e4530a005 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -27,13 +27,248 @@ /**************************************************************** ****************************************************************/ - WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, struct NetGroupAdd *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name; + struct dom_sid2 *domain_sid = NULL; + uint32_t rid = 0; + bool domain_found = true; + int i; + struct GROUP_INFO_0 *info0; + struct GROUP_INFO_1 *info1; + struct GROUP_INFO_2 *info2; + struct GROUP_INFO_3 *info3; + union samr_GroupInfo info; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.buf) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + info0 = (struct GROUP_INFO_0 *)r->in.buf; + break; + case 1: + info1 = (struct GROUP_INFO_1 *)r->in.buf; + break; + case 2: + info2 = (struct GROUP_INFO_2 *)r->in.buf; + break; + case 3: + info3 = (struct GROUP_INFO_3 *)r->in.buf; + break; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_CREATE_GROUP | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + switch (r->in.level) { + case 0: + init_lsa_String(&lsa_group_name, info0->grpi0_name); + break; + case 1: + init_lsa_String(&lsa_group_name, info1->grpi1_name); + break; + case 2: + init_lsa_String(&lsa_group_name, info2->grpi2_name); + break; + case 3: + init_lsa_String(&lsa_group_name, info3->grpi3_name); + break; + } + + status = rpccli_samr_CreateDomainGroup(pipe_cli, ctx, + &domain_handle, + &lsa_group_name, + SEC_STD_DELETE | + SAMR_GROUP_ACCESS_SET_INFO, + &group_handle, + &rid); + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + switch (r->in.level) { + case 1: + if (info1->grpi1_comment) { + init_lsa_String(&info.description, + info1->grpi1_comment); + + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + } + break; + case 2: + if (info2->grpi2_comment) { + init_lsa_String(&info.description, + info2->grpi2_comment); + + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto failed; + } + } + + if (info2->grpi2_attributes != 0) { + info.attributes.attributes = info2->grpi2_attributes; + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + + } + break; + case 3: + if (info3->grpi3_comment) { + init_lsa_String(&info.description, + info3->grpi3_comment); + + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto failed; + } + } + + if (info3->grpi3_attributes != 0) { + info.attributes.attributes = info3->grpi3_attributes; + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + } + break; + default: + break; + } + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto failed; + } + + werr = WERR_OK; + goto done; + + failed: + rpccli_samr_DeleteDomainGroup(pipe_cli, ctx, + &group_handle); + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } +/**************************************************************** +****************************************************************/ + WERROR NetGroupAdd_l(struct libnetapi_ctx *ctx, struct NetGroupAdd *r) { -- cgit From e310fac54f77b473cd3109f227f0e6efd1e21c05 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 29 May 2008 01:43:06 +0200 Subject: netapi: implement NetGroupDel_r(). Guenther (This used to be commit bcf3df6ca96845755eee6c762f57548de8aba610) --- source3/lib/netapi/group.c | 211 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 209 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 4e4530a005..fe75880d1a 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -275,15 +275,222 @@ WERROR NetGroupAdd_l(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } +/**************************************************************** +****************************************************************/ + WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, struct NetGroupDel *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name; + struct dom_sid2 *domain_sid = NULL; + bool domain_found = true; + int i; + + struct samr_Ids rids; + struct samr_Ids types; + union samr_GroupInfo *info = NULL; + struct samr_RidTypeArray *rid_array = NULL; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_group_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_group_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (types.ids[0] != SID_NAME_DOM_GRP) { + werr = WERR_INVALID_DATATYPE; + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SEC_STD_DELETE | + SAMR_GROUP_ACCESS_GET_MEMBERS | + SAMR_GROUP_ACCESS_REMOVE_MEMBER | + SAMR_GROUP_ACCESS_ADD_MEMBER | + SAMR_GROUP_ACCESS_LOOKUP_INFO, + rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (!(info->attributes.attributes & SE_GROUP_ENABLED)) { + werr = WERR_ACCESS_DENIED; + goto done; + } + + status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + &group_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + { + struct lsa_Strings names; + struct samr_Ids member_types; + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &domain_handle, + rid_array->count, + rid_array->rids, + &names, + &member_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + for (i=0; i < rid_array->count; i++) { + + status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + &group_handle, + rid_array->rids[i]); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + status = rpccli_samr_DeleteDomainGroup(pipe_cli, ctx, + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + ZERO_STRUCT(group_handle); + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } +/**************************************************************** +****************************************************************/ + WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, struct NetGroupDel *r) { return WERR_NOT_SUPPORTED; } - -- cgit From 903c418b5aac90bc2c2375895e8191ecf51bc0d7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 29 May 2008 01:44:21 +0200 Subject: netapi: let NetGroupAdd_l and NetGroupDel_l call the remote functions. Guenther (This used to be commit d62eae5705e001ed7e39832b52ae139c19549ab8) --- source3/lib/netapi/group.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index fe75880d1a..b47e099ce6 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -272,7 +272,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, WERROR NetGroupAdd_l(struct libnetapi_ctx *ctx, struct NetGroupAdd *r) { - return WERR_NOT_SUPPORTED; + return NetGroupAdd_r(ctx, r); } /**************************************************************** @@ -492,5 +492,5 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, struct NetGroupDel *r) { - return WERR_NOT_SUPPORTED; + return NetGroupDel_r(ctx, r); } -- cgit From b01a0a16a6dc167bf25fb2f90cb7d7a4471194c2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 12:54:17 +0200 Subject: netapi: Add dummy implementation of NetGroupSetInfo(). Guenther (This used to be commit 7e47bdc0829d7ac856028a99389310f721a265ce) --- source3/lib/netapi/group.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index b47e099ce6..7eb6d7c840 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -494,3 +494,21 @@ WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, { return NetGroupDel_r(ctx, r); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, + struct NetGroupSetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupSetInfo_l(struct libnetapi_ctx *ctx, + struct NetGroupSetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From a6f057c0ab0a4a135491e797ab6361a999ce9684 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 12:58:02 +0200 Subject: netapi: implement NetGroupSetInfo_r(). Guenther (This used to be commit 4d11c32874f4cbc64c7bcb2092970fa5c07b1d0e) --- source3/lib/netapi/group.c | 227 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 225 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 7eb6d7c840..e1cd4e6692 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -501,7 +501,230 @@ WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, struct NetGroupSetInfo *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name; + struct dom_sid2 *domain_sid = NULL; + bool domain_found = true; + int i; + + struct samr_Ids rids; + struct samr_Ids types; + union samr_GroupInfo info; + struct GROUP_INFO_0 *g0; + struct GROUP_INFO_1 *g1; + struct GROUP_INFO_2 *g2; + struct GROUP_INFO_3 *g3; + struct GROUP_INFO_1002 *g1002; + struct GROUP_INFO_1005 *g1005; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_group_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_group_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (types.ids[0] != SID_NAME_DOM_GRP) { + werr = WERR_INVALID_DATATYPE; + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_SET_INFO | + SAMR_GROUP_ACCESS_LOOKUP_INFO, + rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + switch (r->in.level) { + case 0: + g0 = (struct GROUP_INFO_0 *)r->in.buf; + init_lsa_String(&info.name, g0->grpi0_name); + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFONAME, + &info); + break; + case 1: + g1 = (struct GROUP_INFO_1 *)r->in.buf; + init_lsa_String(&info.description, g1->grpi1_comment); + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + break; + case 2: + g2 = (struct GROUP_INFO_2 *)r->in.buf; + init_lsa_String(&info.description, g2->grpi2_comment); + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + info.attributes.attributes = g2->grpi2_attributes; + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + break; + case 3: + g3 = (struct GROUP_INFO_3 *)r->in.buf; + init_lsa_String(&info.description, g3->grpi3_comment); + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + info.attributes.attributes = g3->grpi3_attributes; + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + break; + case 1002: + g1002 = (struct GROUP_INFO_1002 *)r->in.buf; + init_lsa_String(&info.description, g1002->grpi1002_comment); + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFODESCRIPTION, + &info); + break; + case 1005: + g1005 = (struct GROUP_INFO_1005 *)r->in.buf; + info.attributes.attributes = g1005->grpi1005_attributes; + status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &info); + break; + default: + status = NT_STATUS_INVALID_LEVEL; + break; + } + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -510,5 +733,5 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, WERROR NetGroupSetInfo_l(struct libnetapi_ctx *ctx, struct NetGroupSetInfo *r) { - return WERR_NOT_SUPPORTED; + return NetGroupSetInfo_r(ctx, r); } -- cgit From 5b111cc4d59db5573e8d488f49ac87a72cc44ae7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 13:04:15 +0200 Subject: netapi: add dummy implementation of NetGroupGetInfo(). Guenther (This used to be commit 88d03b1645d78334eb6f1fee52838a08539a6aba) --- source3/lib/netapi/group.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index e1cd4e6692..8f1b96f74f 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -735,3 +735,21 @@ WERROR NetGroupSetInfo_l(struct libnetapi_ctx *ctx, { return NetGroupSetInfo_r(ctx, r); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, + struct NetGroupGetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupGetInfo_l(struct libnetapi_ctx *ctx, + struct NetGroupGetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 457649fb026ca7710b0ca83bca01131bb94ff094 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 13:04:58 +0200 Subject: netapi: Implement NetGroupGetInfo_r(). Guenther (This used to be commit a8baa45aecc22763a9f86e722ca1c6b7bc88b150) --- source3/lib/netapi/group.c | 215 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 213 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 8f1b96f74f..1c6015bf74 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -739,10 +739,221 @@ WERROR NetGroupSetInfo_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + struct samr_GroupInfoAll *info, + struct dom_sid2 *domain_sid, + uint32_t rid, + uint8_t **buffer) +{ + struct GROUP_INFO_0 info0; + struct GROUP_INFO_1 info1; + struct GROUP_INFO_2 info2; + struct GROUP_INFO_3 info3; + + switch (level) { + case 0: + info0.grpi0_name = info->name.string; + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0, sizeof(info0)); + + break; + case 1: + info1.grpi1_name = info->name.string; + info1.grpi1_comment = info->description.string; + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1, sizeof(info1)); + + break; + case 2: + info2.grpi2_name = info->name.string; + info2.grpi2_comment = info->description.string; + info2.grpi2_group_id = rid; + info2.grpi2_attributes = info->attributes; + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2, sizeof(info2)); + + break; + case 3: + info3.grpi3_name = info->name.string; + info3.grpi3_comment = info->description.string; + info3.grpi3_attributes = info->attributes; + + if (!sid_compose((struct dom_sid *)&info3.grpi3_group_sid, domain_sid, rid)) { + return WERR_NOMEM; + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, sizeof(info3)); + + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + W_ERROR_HAVE_NO_MEMORY(*buffer); + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, struct NetGroupGetInfo *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name; + struct dom_sid2 *domain_sid = NULL; + bool domain_found = true; + int i; + + struct samr_Ids rids; + struct samr_Ids types; + union samr_GroupInfo *info = NULL; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_group_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_group_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (types.ids[0] != SID_NAME_DOM_GRP) { + werr = WERR_INVALID_DATATYPE; + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_LOOKUP_INFO, + rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOALL2, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = map_group_info_to_buffer(ctx, r->in.level, + &info->all2, domain_sid, rids.ids[0], + r->out.buf); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -751,5 +962,5 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, WERROR NetGroupGetInfo_l(struct libnetapi_ctx *ctx, struct NetGroupGetInfo *r) { - return WERR_NOT_SUPPORTED; + return NetGroupGetInfo_r(ctx, r); } -- cgit From c30b8c4eafc945f8641e39157e4bb70f17815eee Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 13:43:21 +0200 Subject: netapi: add dummy implementation for NetGroupAddUser() and NetGroupDelUser(). Guenther (This used to be commit 6eba84edc60829f0cdf3508520625e66fe88afde) --- source3/lib/netapi/group.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 1c6015bf74..415110b3d3 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -964,3 +964,39 @@ WERROR NetGroupGetInfo_l(struct libnetapi_ctx *ctx, { return NetGroupGetInfo_r(ctx, r); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, + struct NetGroupAddUser *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupAddUser_l(struct libnetapi_ctx *ctx, + struct NetGroupAddUser *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, + struct NetGroupDelUser *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupDelUser_l(struct libnetapi_ctx *ctx, + struct NetGroupDelUser *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 749e5a80c24f5f6d0c4b91c5e5ae30606acad3a5 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 14:46:56 +0200 Subject: netapi: implement NetGroupAddUser(). Guenther (This used to be commit c727a49519b2da6c5eb9ccc5025ab844fe8330ad) --- source3/lib/netapi/group.c | 169 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 167 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 415110b3d3..24335016b2 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -971,7 +971,172 @@ WERROR NetGroupGetInfo_l(struct libnetapi_ctx *ctx, WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, struct NetGroupAddUser *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name, lsa_user_name; + struct dom_sid2 *domain_sid = NULL; + bool domain_found = true; + int i; + + struct samr_Ids rids; + struct samr_Ids types; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_group_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_group_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = WERR_GROUP_NOT_FOUND; + goto done; + } + + if (types.ids[0] != SID_NAME_DOM_GRP) { + werr = WERR_GROUP_NOT_FOUND; + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_ADD_MEMBER, + rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_user_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_user_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = WERR_USER_NOT_FOUND; + goto done; + } + + if (types.ids[0] != SID_NAME_USER) { + werr = WERR_USER_NOT_FOUND; + goto done; + } + + status = rpccli_samr_AddGroupMember(pipe_cli, ctx, + &group_handle, + rids.ids[0], + 7); /* why ? */ + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -980,7 +1145,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, WERROR NetGroupAddUser_l(struct libnetapi_ctx *ctx, struct NetGroupAddUser *r) { - return WERR_NOT_SUPPORTED; + return NetGroupAddUser_r(ctx, r); } /**************************************************************** -- cgit From 4dcfa15b0bde75d15f8831ef572fb9ce9aad18a8 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 14:58:01 +0200 Subject: netapi: Implement NetGroupDelUser(). Guenther (This used to be commit 10f69b3ce58be06d95e4dfd5782d9481f4af76bf) --- source3/lib/netapi/group.c | 168 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 166 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 24335016b2..d46d2e6135 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1154,7 +1154,171 @@ WERROR NetGroupAddUser_l(struct libnetapi_ctx *ctx, WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, struct NetGroupDelUser *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, group_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_group_name, lsa_user_name; + struct dom_sid2 *domain_sid = NULL; + bool domain_found = true; + int i; + + struct samr_Ids rids; + struct samr_Ids types; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(group_handle); + + if (!r->in.group_name) { + return WERR_INVALID_PARAM; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_group_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_group_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = WERR_GROUP_NOT_FOUND; + goto done; + } + + if (types.ids[0] != SID_NAME_DOM_GRP) { + werr = WERR_GROUP_NOT_FOUND; + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_REMOVE_MEMBER, + rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_user_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_user_name, + &rids, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = WERR_USER_NOT_FOUND; + goto done; + } + + if (types.ids[0] != SID_NAME_USER) { + werr = WERR_USER_NOT_FOUND; + goto done; + } + + status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + &group_handle, + rids.ids[0]); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -1163,5 +1327,5 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, WERROR NetGroupDelUser_l(struct libnetapi_ctx *ctx, struct NetGroupDelUser *r) { - return WERR_NOT_SUPPORTED; + return NetGroupDelUser_r(ctx, r); } -- cgit From 2997e2868cbff93e6ff3b1f59a8997871c946ca1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 17:31:00 +0200 Subject: netapi: use libnetapi_samr_open_domain(). Guenther (This used to be commit b07445e86f43d6e9e45b7c502ab7998bca4db14f) --- source3/lib/netapi/group.c | 412 ++++++--------------------------------------- 1 file changed, 51 insertions(+), 361 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index d46d2e6135..7f905f0185 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -34,16 +34,11 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name; + struct lsa_String lsa_group_name; struct dom_sid2 *domain_sid = NULL; uint32_t rid = 0; - bool domain_found = true; - int i; + struct GROUP_INFO_0 *info0; struct GROUP_INFO_1 *info1; struct GROUP_INFO_2 *info2; @@ -86,60 +81,14 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_CREATE_GROUP | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_CREATE_GROUP | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -285,15 +234,10 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name; + struct lsa_String lsa_group_name; struct dom_sid2 *domain_sid = NULL; - bool domain_found = true; - int i; + int i = 0; struct samr_Ids rids; struct samr_Ids types; @@ -318,59 +262,13 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -505,15 +403,9 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name; + struct lsa_String lsa_group_name; struct dom_sid2 *domain_sid = NULL; - bool domain_found = true; - int i; struct samr_Ids rids; struct samr_Ids types; @@ -543,59 +435,13 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -805,15 +651,9 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name; + struct lsa_String lsa_group_name; struct dom_sid2 *domain_sid = NULL; - bool domain_found = true; - int i; struct samr_Ids rids; struct samr_Ids types; @@ -837,59 +677,13 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -975,15 +769,9 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name, lsa_user_name; + struct lsa_String lsa_group_name, lsa_user_name; struct dom_sid2 *domain_sid = NULL; - bool domain_found = true; - int i; struct samr_Ids rids; struct samr_Ids types; @@ -1006,59 +794,13 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -1158,15 +900,9 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, group_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_group_name, lsa_user_name; + struct lsa_String lsa_group_name, lsa_user_name; struct dom_sid2 *domain_sid = NULL; - bool domain_found = true; - int i; struct samr_Ids rids; struct samr_Ids types; @@ -1189,59 +925,13 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; -- cgit From b652e5b4753afd8916d347d5c8ef6f54ca140097 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 23:55:45 +0200 Subject: netapi: let libnetapi_samr_open_domain return WERROR. Guenther (This used to be commit 3d037a07e015a3af75dde054cef4c0bb7795fbb5) --- source3/lib/netapi/group.c | 104 +++++++++++++++++++++------------------------ 1 file changed, 49 insertions(+), 55 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 7f905f0185..f56c92175b 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -81,16 +81,15 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_CREATE_GROUP | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_CREATE_GROUP | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -262,15 +261,14 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -435,15 +433,14 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -677,15 +674,14 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -794,15 +790,14 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -925,15 +920,14 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From 34413e47070e789c1b547647a409fac9929938d4 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 3 Jun 2008 01:37:55 +0200 Subject: netapi: fix some build warnings. Guenther (This used to be commit 45cd78030f18a792d0761160bb96116d19801109) --- source3/lib/netapi/group.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index f56c92175b..00e995dc83 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -39,10 +39,10 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; uint32_t rid = 0; - struct GROUP_INFO_0 *info0; - struct GROUP_INFO_1 *info1; - struct GROUP_INFO_2 *info2; - struct GROUP_INFO_3 *info3; + struct GROUP_INFO_0 *info0 = NULL; + struct GROUP_INFO_1 *info1 = NULL; + struct GROUP_INFO_2 *info2 = NULL; + struct GROUP_INFO_3 *info3 = NULL; union samr_GroupInfo info; ZERO_STRUCT(connect_handle); -- cgit From c343190344f60cb92c9ad8c5ba71becd5f6329e9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 1 Jul 2008 20:11:02 +0200 Subject: netapi: add skeleton for NetGroupEnum(). Guenther (This used to be commit 21a0d9d254d5c21c4bc9fe305e9df2126476f3f4) --- source3/lib/netapi/group.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 00e995dc83..5807ad83c1 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1013,3 +1013,21 @@ WERROR NetGroupDelUser_l(struct libnetapi_ctx *ctx, { return NetGroupDelUser_r(ctx, r); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, + struct NetGroupEnum *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupEnum_l(struct libnetapi_ctx *ctx, + struct NetGroupEnum *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 89f4e869b657b6c92f84741bc1cdebbabe4dd72d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 16 Jul 2008 16:14:47 +0200 Subject: netapi: fix map_group_info_to_buffer for GROUP_INFO_3 change. Guenther (This used to be commit f2875677194f440ffebf18e6f5171be948114353) --- source3/lib/netapi/group.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 5807ad83c1..ebaf3660ec 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -593,6 +593,7 @@ static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx, struct GROUP_INFO_1 info1; struct GROUP_INFO_2 info2; struct GROUP_INFO_3 info3; + struct dom_sid sid; switch (level) { case 0: @@ -618,13 +619,14 @@ static WERROR map_group_info_to_buffer(TALLOC_CTX *mem_ctx, break; case 3: + if (!sid_compose(&sid, domain_sid, rid)) { + return WERR_NOMEM; + } + info3.grpi3_name = info->name.string; info3.grpi3_comment = info->description.string; info3.grpi3_attributes = info->attributes; - - if (!sid_compose((struct dom_sid *)&info3.grpi3_group_sid, domain_sid, rid)) { - return WERR_NOMEM; - } + info3.grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, sizeof(info3)); -- cgit From bf0eaf64cec97308d8cd4d4e4c958b01bc4f39e2 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Jul 2008 01:06:29 +0200 Subject: netapi: fill in NetGroupEnum_r(). Guenther (This used to be commit 64700e09ce9417c0b0128cc016abd34ab92f3695) --- source3/lib/netapi/group.c | 261 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 259 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index ebaf3660ec..d28e7578be 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1019,10 +1019,267 @@ WERROR NetGroupDelUser_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static WERROR convert_samr_disp_groups_to_GROUP_INFO_0_buffer(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFullGroups *groups, + uint8_t **buffer) +{ + struct GROUP_INFO_0 *g0; + int i; + + g0 = TALLOC_ZERO_ARRAY(mem_ctx, struct GROUP_INFO_0, groups->count); + W_ERROR_HAVE_NO_MEMORY(g0); + + for (i=0; icount; i++) { + g0[i].grpi0_name = talloc_strdup(mem_ctx, + groups->entries[i].account_name.string); + W_ERROR_HAVE_NO_MEMORY(g0[i].grpi0_name); + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, g0, + sizeof(struct GROUP_INFO_0) * groups->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_disp_groups_to_GROUP_INFO_1_buffer(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFullGroups *groups, + uint8_t **buffer) +{ + struct GROUP_INFO_1 *g1; + int i; + + g1 = TALLOC_ZERO_ARRAY(mem_ctx, struct GROUP_INFO_1, groups->count); + W_ERROR_HAVE_NO_MEMORY(g1); + + for (i=0; icount; i++) { + g1[i].grpi1_name = talloc_strdup(mem_ctx, + groups->entries[i].account_name.string); + g1[i].grpi1_comment = talloc_strdup(mem_ctx, + groups->entries[i].description.string); + W_ERROR_HAVE_NO_MEMORY(g1[i].grpi1_name); + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, g1, + sizeof(struct GROUP_INFO_1) * groups->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_disp_groups_to_GROUP_INFO_2_buffer(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFullGroups *groups, + uint8_t **buffer) +{ + struct GROUP_INFO_2 *g2; + int i; + + g2 = TALLOC_ZERO_ARRAY(mem_ctx, struct GROUP_INFO_2, groups->count); + W_ERROR_HAVE_NO_MEMORY(g2); + + for (i=0; icount; i++) { + g2[i].grpi2_name = talloc_strdup(mem_ctx, + groups->entries[i].account_name.string); + g2[i].grpi2_comment = talloc_strdup(mem_ctx, + groups->entries[i].description.string); + g2[i].grpi2_group_id = groups->entries[i].rid; + g2[i].grpi2_attributes = groups->entries[i].acct_flags; + W_ERROR_HAVE_NO_MEMORY(g2[i].grpi2_name); + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, g2, + sizeof(struct GROUP_INFO_2) * groups->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_disp_groups_to_GROUP_INFO_3_buffer(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFullGroups *groups, + const struct dom_sid *domain_sid, + uint8_t **buffer) +{ + struct GROUP_INFO_3 *g3; + int i; + + g3 = TALLOC_ZERO_ARRAY(mem_ctx, struct GROUP_INFO_3, groups->count); + W_ERROR_HAVE_NO_MEMORY(g3); + + for (i=0; icount; i++) { + + struct dom_sid sid; + + if (!sid_compose(&sid, domain_sid, groups->entries[i].rid)) { + return WERR_NOMEM; + } + + g3[i].grpi3_name = talloc_strdup(mem_ctx, + groups->entries[i].account_name.string); + g3[i].grpi3_comment = talloc_strdup(mem_ctx, + groups->entries[i].description.string); + g3[i].grpi3_group_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + g3[i].grpi3_attributes = groups->entries[i].acct_flags; + W_ERROR_HAVE_NO_MEMORY(g3[i].grpi3_name); + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, g3, + sizeof(struct GROUP_INFO_3) * groups->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_disp_groups_to_GROUP_INFO_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + struct samr_DispInfoFullGroups *groups, + const struct dom_sid *domain_sid, + uint32_t *entries_read, + uint8_t **buffer) +{ + if (entries_read) { + *entries_read = groups->count; + } + + switch (level) { + case 0: + return convert_samr_disp_groups_to_GROUP_INFO_0_buffer(mem_ctx, groups, buffer); + case 1: + return convert_samr_disp_groups_to_GROUP_INFO_1_buffer(mem_ctx, groups, buffer); + case 2: + return convert_samr_disp_groups_to_GROUP_INFO_2_buffer(mem_ctx, groups, buffer); + case 3: + return convert_samr_disp_groups_to_GROUP_INFO_3_buffer(mem_ctx, groups, domain_sid, buffer); + default: + return WERR_UNKNOWN_LEVEL; + } +} + +/**************************************************************** +****************************************************************/ + WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, struct NetGroupEnum *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle; + struct dom_sid2 *domain_sid = NULL; + struct policy_handle domain_handle; + union samr_DispInfo info; + union samr_DomainInfo *domain_info = NULL; + + uint32_t total_size = 0; + uint32_t returned_size = 0; + + NTSTATUS status; + WERROR werr, tmp_werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + switch (r->in.level) { + case 0: + case 1: + case 2: + case 3: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_samr_QueryDomainInfo(pipe_cli, ctx, + &domain_handle, + 2, + &domain_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (r->out.total_entries) { + *r->out.total_entries = domain_info->info2.num_groups; + } + + status = rpccli_samr_QueryDisplayInfo2(pipe_cli, + ctx, + &domain_handle, + 3, + r->in.resume_handle ? + *r->in.resume_handle : 0, + (uint32_t)-1, + r->in.prefmaxlen, + &total_size, + &returned_size, + &info); + werr = ntstatus_to_werror(status); + if (NT_STATUS_IS_ERR(status)) { + goto done; + } + + if (r->out.resume_handle) { + *r->out.resume_handle = + info.info3.entries[info.info3.count-1].idx; + } + + tmp_werr = convert_samr_disp_groups_to_GROUP_INFO_buffer(ctx, + r->in.level, + &info.info3, + domain_sid, + r->out.entries_read, + r->out.buffer); + if (!W_ERROR_IS_OK(tmp_werr)) { + werr = tmp_werr; + goto done; + } + + done: + if (!cli) { + return werr; + } +#if 0 + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } +#endif + return werr; } /**************************************************************** @@ -1031,5 +1288,5 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, WERROR NetGroupEnum_l(struct libnetapi_ctx *ctx, struct NetGroupEnum *r) { - return WERR_NOT_SUPPORTED; + return NetGroupEnum_r(ctx, r); } -- cgit From 0f966cfd8a123dcc6fcbd95c209b004b2b260ba6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 01:11:08 +0200 Subject: netapi: fix NetGroupDel() against NT4. Guenther (This used to be commit 55035d7240bd163abb155239029a03f399c8f41f) --- source3/lib/netapi/group.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index d28e7578be..6d9ed18b68 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -313,11 +313,13 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } +#if 0 + /* breaks against NT4 */ if (!(info->attributes.attributes & SE_GROUP_ENABLED)) { werr = WERR_ACCESS_DENIED; goto done; } - +#endif status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, &group_handle, &rid_array); -- cgit From f09df9b1869b7d95d7399b13b79ecf1f14b02f07 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 01:11:32 +0200 Subject: netapi: fix NetGroupGetInfo() against NT4. Guenther (This used to be commit c0fea9c4d0d3d297972c052c17b9be6d0530e098) --- source3/lib/netapi/group.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 6d9ed18b68..f856ec0a13 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -659,6 +659,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, struct samr_Ids rids; struct samr_Ids types; union samr_GroupInfo *info = NULL; + bool group_info_all = false; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -721,13 +722,22 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, &group_handle, GROUPINFOALL2, &info); + if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_INFO_CLASS)) { + status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOALL, + &info); + group_info_all = true; + } + if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } werr = map_group_info_to_buffer(ctx, r->in.level, - &info->all2, domain_sid, rids.ids[0], + group_info_all ? &info->all : &info->all2, + domain_sid, rids.ids[0], r->out.buf); if (!W_ERROR_IS_OK(werr)) { goto done; -- cgit From c703304f557021c78ba0ad24e9b2e7b42147b8fd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Jul 2008 22:44:24 +0200 Subject: netapi: add caching of samr policy handles. Guenther (This used to be commit bf8453da9af1be788955204cc581c5143a854072) --- source3/lib/netapi/group.c | 73 ++++++++++++++++++++++------------------------ 1 file changed, 35 insertions(+), 38 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index f856ec0a13..15580b3c22 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -204,11 +204,10 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -374,11 +373,10 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -562,11 +560,10 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -750,11 +747,10 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -880,11 +876,10 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -1009,11 +1004,10 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&group_handle)) { rpccli_samr_Close(pipe_cli, ctx, &group_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -1195,7 +1189,7 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, uint32_t total_size = 0; uint32_t returned_size = 0; - NTSTATUS status; + NTSTATUS status = NT_STATUS_OK; WERROR werr, tmp_werr; ZERO_STRUCT(connect_handle); @@ -1283,14 +1277,17 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, if (!cli) { return werr; } -#if 0 - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + /* if last query */ + if (NT_STATUS_IS_OK(status) || + NT_STATUS_IS_ERR(status)) { + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } } -#endif + return werr; } -- cgit From 798b56edaec88206b0d61d2852af41777d53aef2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jul 2008 17:59:30 +0200 Subject: Refactoring: libnetapi_open_pipe takes an interface instead of pipe_idx (This used to be commit 726e56c72fdb685ab5eddefd2fd8b043dc38d6ad) --- source3/lib/netapi/group.c | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 15580b3c22..04ffb7c807 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -76,7 +76,8 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -255,7 +256,8 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -428,7 +430,8 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -671,7 +674,8 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -795,7 +799,8 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -924,7 +929,8 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -1210,7 +1216,8 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From 44465215ff86452bf4136727c99854a835032505 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 23:33:08 +0200 Subject: netapi: use "buffer" in libnetapi. Guenther (This used to be commit 80957bc1bc1462a2478b3eea64f5cb7a84d08677) --- source3/lib/netapi/group.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 04ffb7c807..c1c55c8a31 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -49,22 +49,22 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(domain_handle); ZERO_STRUCT(group_handle); - if (!r->in.buf) { + if (!r->in.buffer) { return WERR_INVALID_PARAM; } switch (r->in.level) { case 0: - info0 = (struct GROUP_INFO_0 *)r->in.buf; + info0 = (struct GROUP_INFO_0 *)r->in.buffer; break; case 1: - info1 = (struct GROUP_INFO_1 *)r->in.buf; + info1 = (struct GROUP_INFO_1 *)r->in.buffer; break; case 2: - info2 = (struct GROUP_INFO_2 *)r->in.buf; + info2 = (struct GROUP_INFO_2 *)r->in.buffer; break; case 3: - info3 = (struct GROUP_INFO_3 *)r->in.buf; + info3 = (struct GROUP_INFO_3 *)r->in.buffer; break; default: werr = WERR_UNKNOWN_LEVEL; @@ -478,7 +478,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: - g0 = (struct GROUP_INFO_0 *)r->in.buf; + g0 = (struct GROUP_INFO_0 *)r->in.buffer; init_lsa_String(&info.name, g0->grpi0_name); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -486,7 +486,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, &info); break; case 1: - g1 = (struct GROUP_INFO_1 *)r->in.buf; + g1 = (struct GROUP_INFO_1 *)r->in.buffer; init_lsa_String(&info.description, g1->grpi1_comment); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -494,7 +494,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, &info); break; case 2: - g2 = (struct GROUP_INFO_2 *)r->in.buf; + g2 = (struct GROUP_INFO_2 *)r->in.buffer; init_lsa_String(&info.description, g2->grpi2_comment); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -511,7 +511,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, &info); break; case 3: - g3 = (struct GROUP_INFO_3 *)r->in.buf; + g3 = (struct GROUP_INFO_3 *)r->in.buffer; init_lsa_String(&info.description, g3->grpi3_comment); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -528,7 +528,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, &info); break; case 1002: - g1002 = (struct GROUP_INFO_1002 *)r->in.buf; + g1002 = (struct GROUP_INFO_1002 *)r->in.buffer; init_lsa_String(&info.description, g1002->grpi1002_comment); status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -536,7 +536,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, &info); break; case 1005: - g1005 = (struct GROUP_INFO_1005 *)r->in.buf; + g1005 = (struct GROUP_INFO_1005 *)r->in.buffer; info.attributes.attributes = g1005->grpi1005_attributes; status = rpccli_samr_SetGroupInfo(pipe_cli, ctx, &group_handle, @@ -739,7 +739,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, werr = map_group_info_to_buffer(ctx, r->in.level, group_info_all ? &info->all : &info->all2, domain_sid, rids.ids[0], - r->out.buf); + r->out.buffer); if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From cf2ac8f8db3b62afb2c9a6ff56de5d9691af5a0f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 23:40:33 +0200 Subject: netapi: add NetGroupGetUsers skeleton. GUenther (This used to be commit 0b4e2687ae8fb48faacceb4078d61f9fd2acea9d) --- source3/lib/netapi/group.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index c1c55c8a31..30ff6af2f0 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1306,3 +1306,21 @@ WERROR NetGroupEnum_l(struct libnetapi_ctx *ctx, { return NetGroupEnum_r(ctx, r); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, + struct NetGroupGetUsers *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupGetUsers_l(struct libnetapi_ctx *ctx, + struct NetGroupGetUsers *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 87b9c9ade21a68d4428ff4aadd32f02f86e78a40 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 12 Aug 2008 15:25:06 +0200 Subject: netapi: make non-implemented local calls default to remote "localhost" calls. Guenther (cherry picked from commit aa70e588803e3767796dc958b139f4ee464d8626) (This used to be commit 9927ac6eec9fe1fecfedb97b61c4f93379fc8722) --- source3/lib/netapi/group.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 30ff6af2f0..e057e6de02 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -220,7 +220,7 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, WERROR NetGroupAdd_l(struct libnetapi_ctx *ctx, struct NetGroupAdd *r) { - return NetGroupAdd_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupAdd); } /**************************************************************** @@ -390,7 +390,7 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, WERROR NetGroupDel_l(struct libnetapi_ctx *ctx, struct NetGroupDel *r) { - return NetGroupDel_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupDel); } /**************************************************************** @@ -578,7 +578,7 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, WERROR NetGroupSetInfo_l(struct libnetapi_ctx *ctx, struct NetGroupSetInfo *r) { - return NetGroupSetInfo_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupSetInfo); } /**************************************************************** @@ -766,7 +766,7 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, WERROR NetGroupGetInfo_l(struct libnetapi_ctx *ctx, struct NetGroupGetInfo *r) { - return NetGroupGetInfo_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupGetInfo); } /**************************************************************** @@ -896,7 +896,7 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, WERROR NetGroupAddUser_l(struct libnetapi_ctx *ctx, struct NetGroupAddUser *r) { - return NetGroupAddUser_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupAddUser); } /**************************************************************** @@ -1025,7 +1025,7 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, WERROR NetGroupDelUser_l(struct libnetapi_ctx *ctx, struct NetGroupDelUser *r) { - return NetGroupDelUser_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupDelUser); } /**************************************************************** @@ -1304,7 +1304,7 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, WERROR NetGroupEnum_l(struct libnetapi_ctx *ctx, struct NetGroupEnum *r) { - return NetGroupEnum_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupEnum); } /**************************************************************** @@ -1322,5 +1322,5 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, WERROR NetGroupGetUsers_l(struct libnetapi_ctx *ctx, struct NetGroupGetUsers *r) { - return WERR_NOT_SUPPORTED; + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupGetUsers); } -- cgit From fcd10d26a407bef323cb8beda39a21aeb1e5b144 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 12 Aug 2008 17:59:23 +0200 Subject: netapi: make libnetapi_open_ipc_connection static. Guenther (cherry picked from commit 0259914f8ff04514a8395d8e1af61aadd50c5efb) (This used to be commit 7edc671cc1007ae216e7efdbcdb9cfa1e547dca5) --- source3/lib/netapi/group.c | 63 ++++++++++++++++------------------------------ 1 file changed, 21 insertions(+), 42 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index e057e6de02..f7c9366820 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -71,12 +71,9 @@ WERROR NetGroupAdd_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -251,12 +248,9 @@ WERROR NetGroupDel_r(struct libnetapi_ctx *ctx, return WERR_INVALID_PARAM; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -425,12 +419,9 @@ WERROR NetGroupSetInfo_r(struct libnetapi_ctx *ctx, return WERR_INVALID_PARAM; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -669,12 +660,9 @@ WERROR NetGroupGetInfo_r(struct libnetapi_ctx *ctx, return WERR_INVALID_PARAM; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -794,12 +782,9 @@ WERROR NetGroupAddUser_r(struct libnetapi_ctx *ctx, return WERR_INVALID_PARAM; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -924,12 +909,9 @@ WERROR NetGroupDelUser_r(struct libnetapi_ctx *ctx, return WERR_INVALID_PARAM; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -1211,12 +1193,9 @@ WERROR NetGroupEnum_r(struct libnetapi_ctx *ctx, return WERR_UNKNOWN_LEVEL; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; -- cgit From ffdfe3e8b48bd74199f089176782ae3117106b71 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 8 Sep 2008 10:21:17 +0200 Subject: netapi: add skeleton for NetGroupSetUsers. Guenther (This used to be commit 4d92d000a1676d2da45e8113ade60250c6c7eebe) --- source3/lib/netapi/group.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index f7c9366820..44c4a74df1 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1303,3 +1303,21 @@ WERROR NetGroupGetUsers_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupGetUsers); } + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, + struct NetGroupSetUsers *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetGroupSetUsers_l(struct libnetapi_ctx *ctx, + struct NetGroupSetUsers *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetGroupSetUsers); +} -- cgit From 9e7a0a8ddba715e0c0f077cb3b05bc4ef3d42a6b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Sep 2008 13:17:22 +0200 Subject: netapi: implement NetGroupSetUsers_r. Guenther (This used to be commit 0ba0ffdb3023cd0bb6aa5c479309c871ff15ed0c) --- source3/lib/netapi/group.c | 228 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 227 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 44c4a74df1..02500983ea 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1310,7 +1310,233 @@ WERROR NetGroupGetUsers_l(struct libnetapi_ctx *ctx, WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, struct NetGroupSetUsers *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, group_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + union samr_GroupInfo *group_info = NULL; + struct samr_Ids user_rids, name_types; + struct samr_Ids group_rids, group_types; + struct samr_RidTypeArray *rid_array = NULL; + + uint32_t *add_rids = NULL; + uint32_t *del_rids = NULL; + size_t num_add_rids = 0; + size_t num_del_rids = 0; + + uint32_t *member_rids = NULL; + size_t num_member_rids = 0; + + struct GROUP_USERS_INFO_0 *i0 = NULL; + struct GROUP_USERS_INFO_1 *i1 = NULL; + + int i, k; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &group_rids, + &group_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_GET_MEMBERS | + SAMR_GROUP_ACCESS_ADD_MEMBER | + SAMR_GROUP_ACCESS_REMOVE_MEMBER | + SAMR_GROUP_ACCESS_LOOKUP_INFO, + group_rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryGroupInfo(pipe_cli, ctx, + &group_handle, + GROUPINFOATTRIBUTES, + &group_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + switch (r->in.level) { + case 0: + i0 = (struct GROUP_USERS_INFO_0 *)r->in.buffer; + break; + case 1: + i1 = (struct GROUP_USERS_INFO_1 *)r->in.buffer; + break; + } + + for (i=0; i < r->in.num_entries; i++) { + + switch (r->in.level) { + case 0: + init_lsa_String(&lsa_account_name, i0->grui0_name); + i0++; + break; + case 1: + init_lsa_String(&lsa_account_name, i1->grui1_name); + i1++; + break; + } + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (!add_rid_to_array_unique(ctx, + user_rids.ids[0], + &member_rids, + &num_member_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + + status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + &group_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + /* add list */ + + for (i=0; i < r->in.num_entries; i++) { + bool already_member = false; + for (k=0; k < rid_array->count; k++) { + if (member_rids[i] == rid_array->rids[k]) { + already_member = true; + break; + } + } + if (!already_member) { + if (!add_rid_to_array_unique(ctx, + member_rids[i], + &add_rids, &num_add_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + } + + /* del list */ + + for (k=0; k < rid_array->count; k++) { + bool keep_member = false; + for (i=0; i < r->in.num_entries; i++) { + if (member_rids[i] == rid_array->rids[k]) { + keep_member = true; + break; + } + } + if (!keep_member) { + if (!add_rid_to_array_unique(ctx, + rid_array->rids[k], + &del_rids, &num_del_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + } + + /* add list */ + + for (i=0; i < num_add_rids; i++) { + status = rpccli_samr_AddGroupMember(pipe_cli, ctx, + &group_handle, + add_rids[i], + 7 /* ? */); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + /* del list */ + + for (i=0; i < num_del_rids; i++) { + status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + &group_handle, + del_rids[i]); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From de1ec0f40ce8dbf9eb8a7f4f54a909a27a923245 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 8 Sep 2008 16:42:38 +0200 Subject: netapi: implement NetGroupGetUsers_r. Guenther (This used to be commit 7b77dacde5f667d36868a2a8474cf719d9cce331) --- source3/lib/netapi/group.c | 137 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 136 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 02500983ea..2e0c4dc48e 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1292,7 +1292,142 @@ WERROR NetGroupEnum_l(struct libnetapi_ctx *ctx, WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, struct NetGroupGetUsers *r) { - return WERR_NOT_SUPPORTED; + /* FIXME: this call needs to cope with large replies */ + + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, group_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids group_rids, name_types; + struct samr_RidTypeArray *rid_array = NULL; + struct lsa_Strings names; + struct samr_Ids member_types; + + int i; + uint32_t entries_read = 0; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.group_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &group_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_GET_MEMBERS, + group_rids.ids[0], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, + &group_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &domain_handle, + rid_array->count, + rid_array->rids, + &names, + &member_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < names.count; i++) { + status = add_GROUP_USERS_INFO_X_buffer(ctx, + r->in.level, + names.names[i].string, + member_types.ids[i], + r->out.buffer, + &entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + if (r->out.entries_read) { + *r->out.entries_read = entries_read; + } + + if (r->out.total_entries) { + *r->out.total_entries = entries_read; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From 00ba381e09988a2b8b531e5e42dfd5a31f822a90 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 12 Sep 2008 11:13:20 +0200 Subject: netapi: fix NetGroupSetUsers. Guenther (This used to be commit 735bc2e425ce629745495190cd1c721ccb583d24) --- source3/lib/netapi/group.c | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index 2e0c4dc48e..e2a4913824 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1454,6 +1454,7 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, struct samr_Ids user_rids, name_types; struct samr_Ids group_rids, group_types; struct samr_RidTypeArray *rid_array = NULL; + struct lsa_String *lsa_names = NULL; uint32_t *add_rids = NULL; uint32_t *del_rids = NULL; @@ -1549,39 +1550,40 @@ WERROR NetGroupSetUsers_r(struct libnetapi_ctx *ctx, break; } + lsa_names = talloc_array(ctx, struct lsa_String, r->in.num_entries); + if (!lsa_names) { + werr = WERR_NOMEM; + goto done; + } + for (i=0; i < r->in.num_entries; i++) { switch (r->in.level) { case 0: - init_lsa_String(&lsa_account_name, i0->grui0_name); + init_lsa_String(&lsa_names[i], i0->grui0_name); i0++; break; case 1: - init_lsa_String(&lsa_account_name, i1->grui1_name); + init_lsa_String(&lsa_names[i], i1->grui1_name); i1++; break; } + } - status = rpccli_samr_LookupNames(pipe_cli, ctx, - &domain_handle, - 1, - &lsa_account_name, - &user_rids, - &name_types); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - if (!add_rid_to_array_unique(ctx, - user_rids.ids[0], - &member_rids, - &num_member_rids)) { - werr = WERR_GENERAL_FAILURE; - goto done; - } + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + r->in.num_entries, + lsa_names, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; } + member_rids = user_rids.ids; + num_member_rids = user_rids.count; + status = rpccli_samr_QueryGroupMember(pipe_cli, ctx, &group_handle, &rid_array); -- cgit From f792f87094c4eda453d54b6b4f1d70d88412f451 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 12 Sep 2008 11:28:42 +0200 Subject: netapi: fix NetGroupGetUsers (only enumerates users). Guenther (This used to be commit a94318be4656a668be0295988ed0743105d830c9) --- source3/lib/netapi/group.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/group.c') diff --git a/source3/lib/netapi/group.c b/source3/lib/netapi/group.c index e2a4913824..c3fccb4840 100644 --- a/source3/lib/netapi/group.c +++ b/source3/lib/netapi/group.c @@ -1391,10 +1391,15 @@ WERROR NetGroupGetUsers_r(struct libnetapi_ctx *ctx, } for (i=0; i < names.count; i++) { + + if (member_types.ids[i] != SID_NAME_USER) { + continue; + } + status = add_GROUP_USERS_INFO_X_buffer(ctx, r->in.level, names.names[i].string, - member_types.ids[i], + 7, r->out.buffer, &entries_read); if (!NT_STATUS_IS_OK(status)) { -- cgit