From 7f3d4cc9805bbe2455d663544bbe01bb4b6da09a Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 27 May 2004 06:27:21 +0000 Subject: r919: - added lsa_QueryInfoPolicy2() to IDL, test suite and server - added lsa_OpenPolicy2() to server - added guid handling in samdb - added a couple more info policy levels in lsa server - added some DNS info in the provisioning template and script With the above changes WinXP professional can join a Samba4 domain (This used to be commit d6dca96352144d6061175c964069ed54d942b9c2) --- source4/rpc_server/lsa/dcesrv_lsa.c | 98 +++++++++++++++++++++++++++---------- source4/rpc_server/samr/samdb.c | 22 +++++++++ 2 files changed, 94 insertions(+), 26 deletions(-) (limited to 'source4/rpc_server') diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 6ea782a8f2..bff7a98b25 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -139,10 +139,10 @@ static NTSTATUS lsa_ChangePassword(struct dcesrv_call_state *dce_call, TALLOC_CT /* - lsa_OpenPolicy + lsa_OpenPolicy2 */ -static NTSTATUS lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_OpenPolicy *r) +static NTSTATUS lsa_OpenPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_OpenPolicy2 *r) { struct lsa_policy_state *state; struct dcesrv_handle *handle; @@ -198,6 +198,25 @@ static NTSTATUS lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *m return NT_STATUS_OK; } +/* + lsa_OpenPolicy + a wrapper around lsa_OpenPolicy2 +*/ +static NTSTATUS lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_OpenPolicy *r) +{ + struct lsa_OpenPolicy2 r2; + + r2.in.system_name = NULL; + r2.in.attr = r->in.attr; + r2.in.access_mask = r->in.access_mask; + r2.out.handle = r->out.handle; + + return lsa_OpenPolicy2(dce_call, mem_ctx, &r2); +} + + + /* fill in the AccountDomain info @@ -221,11 +240,36 @@ static NTSTATUS lsa_info_AccountDomain(struct lsa_policy_state *state, TALLOC_CT return NT_STATUS_OK; } +/* + fill in the DNS domain info +*/ +static NTSTATUS lsa_info_DNS(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx, + struct lsa_DnsDomainInfo *info) +{ + const char * const attrs[] = { "name", "dnsDomain", "objectGUID", "objectSid", NULL }; + int ret; + struct ldb_message **res; + + ret = samdb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs, + "dn=%s", state->domain_dn); + if (ret != 1) { + return NT_STATUS_INTERNAL_DB_CORRUPTION; + } + + info->name.name = samdb_result_string(res[0], "name", NULL); + info->dns_domain.name = samdb_result_string(res[0], "dnsDomain", NULL); + info->dns_forest.name = samdb_result_string(res[0], "dnsDomain", NULL); + info->domain_guid = samdb_result_guid(res[0], "objectGUID"); + info->sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid"); + + return NT_STATUS_OK; +} + /* - lsa_QueryInfoPolicy + lsa_QueryInfoPolicy2 */ -static NTSTATUS lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_QueryInfoPolicy *r) +static NTSTATUS lsa_QueryInfoPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryInfoPolicy2 *r) { struct lsa_policy_state *state; struct dcesrv_handle *h; @@ -244,13 +288,35 @@ static NTSTATUS lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_C ZERO_STRUCTP(r->out.info); switch (r->in.level) { + case LSA_POLICY_INFO_DOMAIN: case LSA_POLICY_INFO_ACCOUNT_DOMAIN: return lsa_info_AccountDomain(state, mem_ctx, &r->out.info->account_domain); + + case LSA_POLICY_INFO_DNS: + return lsa_info_DNS(state, mem_ctx, &r->out.info->dns); } return NT_STATUS_INVALID_INFO_CLASS; } +/* + lsa_QueryInfoPolicy +*/ +static NTSTATUS lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryInfoPolicy *r) +{ + struct lsa_QueryInfoPolicy2 r2; + NTSTATUS status; + + r2.in.handle = r->in.handle; + r2.in.level = r->in.level; + + status = lsa_QueryInfoPolicy2(dce_call, mem_ctx, &r2); + + r->out.info = r2.out.info; + + return status; +} /* lsa_SetInfoPolicy @@ -612,16 +678,6 @@ static NTSTATUS RETRPRIVDATA(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem } -/* - lsa_OpenPolicy2 -*/ -static NTSTATUS lsa_OpenPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_OpenPolicy2 *r) -{ - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); -} - - /* UNK_GET_CONNUSER */ @@ -632,15 +688,5 @@ static NTSTATUS UNK_GET_CONNUSER(struct dcesrv_call_state *dce_call, TALLOC_CTX } -/* - QUERYINFO2 -*/ -static NTSTATUS QUERYINFO2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct QUERYINFO2 *r) -{ - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); -} - - /* include the generated boilerplate */ #include "librpc/gen_ndr/ndr_lsa_s.c" diff --git a/source4/rpc_server/samr/samdb.c b/source4/rpc_server/samr/samdb.c index 12319cf84a..ed76a4fc60 100644 --- a/source4/rpc_server/samr/samdb.c +++ b/source4/rpc_server/samr/samdb.c @@ -379,6 +379,28 @@ struct dom_sid *samdb_result_dom_sid(TALLOC_CTX *mem_ctx, struct ldb_message *ms return dom_sid_parse_talloc(mem_ctx, sidstr); } +/* + pull a guid structure from a objectGUID in a result set. +*/ +struct GUID samdb_result_guid(struct ldb_message *msg, const char *attr) +{ + NTSTATUS status; + struct GUID guid; + const char *guidstr = ldb_msg_find_string(msg, attr, NULL); + + ZERO_STRUCT(guid); + + if (!guidstr) return guid; + + status = GUID_from_string(guidstr, &guid); + if (!NT_STATUS_IS_OK(status)) { + ZERO_STRUCT(guid); + return guid; + } + + return guid; +} + /* pull a sid prefix from a objectSid in a result set. this is used to find the domain sid for a user -- cgit