2007-09-19 16:45:35 +04:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2000-12-13 15:52:21 +03:00
RPC pipe client
2001-05-07 05:55:08 +04:00
Copyright ( C ) Tim Potter 2000 - 2001 ,
2000-12-13 15:52:21 +03:00
Copyright ( C ) Andrew Tridgell 1992 - 1997 , 2000 ,
2002-05-17 17:49:01 +04:00
Copyright ( C ) Rafal Szczesniak 2002
2005-09-30 21:13:37 +04:00
Copyright ( C ) Jeremy Allison 2005.
2007-09-19 16:45:35 +04:00
2000-12-13 15:52:21 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2000-12-13 15:52:21 +03:00
( at your option ) any later version .
2007-09-19 16:45:35 +04:00
2000-12-13 15:52:21 +03:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2007-09-19 16:45:35 +04:00
2000-12-13 15:52:21 +03:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2000-12-13 15:52:21 +03:00
*/
# include "includes.h"
2002-01-06 06:48:41 +03:00
/** @defgroup lsa LSA - Local Security Architecture
2001-11-23 08:50:05 +03:00
* @ ingroup rpc_client
2001-11-15 09:03:22 +03:00
*
* @ {
* */
/**
* @ file cli_lsarpc . c
*
* RPC client routines for the LSA RPC pipe . LSA means " local
* security authority " , which is half of a password database.
* */
2001-11-23 08:50:05 +03:00
/** Open a LSA policy handle
*
* @ param cli Handle on an initialised SMB connection */
2000-12-13 15:52:21 +03:00
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_open_policy ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
BOOL sec_qos , uint32 des_access ,
POLICY_HND * pol )
2000-12-13 15:52:21 +03:00
{
prs_struct qbuf , rbuf ;
LSA_Q_OPEN_POL q ;
LSA_R_OPEN_POL r ;
LSA_SEC_QOS qos ;
2001-08-28 01:32:54 +04:00
NTSTATUS result ;
2000-12-13 15:52:21 +03:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
if ( sec_qos ) {
2001-12-18 02:03:23 +03:00
init_lsa_sec_qos ( & qos , 2 , 1 , 0 ) ;
2000-12-13 15:52:21 +03:00
init_q_open_pol ( & q , ' \\ ' , 0 , des_access , & qos ) ;
} else {
init_q_open_pol ( & q , ' \\ ' , 0 , des_access , NULL ) ;
}
/* Marshall data and send request */
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_OPENPOLICY ,
q , r ,
qbuf , rbuf ,
lsa_io_q_open_pol ,
lsa_io_r_open_pol ,
NT_STATUS_UNSUCCESSFUL ) ;
2000-12-13 15:52:21 +03:00
/* Return output parameters */
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
2001-01-10 21:44:39 +03:00
* pol = r . pol ;
2000-12-13 15:52:21 +03:00
}
return result ;
}
2002-02-21 01:34:35 +03:00
/** Open a LSA policy handle
*
2007-09-19 16:45:35 +04:00
* @ param cli Handle on an initialised SMB connection
2002-02-21 01:34:35 +03:00
*/
2001-08-21 07:05:27 +04:00
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_open_policy2 ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx , BOOL sec_qos ,
uint32 des_access , POLICY_HND * pol )
2001-08-21 07:05:27 +04:00
{
prs_struct qbuf , rbuf ;
LSA_Q_OPEN_POL2 q ;
LSA_R_OPEN_POL2 r ;
LSA_SEC_QOS qos ;
2001-08-28 01:32:54 +04:00
NTSTATUS result ;
2005-09-30 21:13:37 +04:00
char * srv_name_slash = talloc_asprintf ( mem_ctx , " \\ \\ %s " , cli - > cli - > desthost ) ;
2001-08-21 07:05:27 +04:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
if ( sec_qos ) {
2001-12-18 02:03:23 +03:00
init_lsa_sec_qos ( & qos , 2 , 1 , 0 ) ;
2005-09-30 21:13:37 +04:00
init_q_open_pol2 ( & q , srv_name_slash , 0 , des_access , & qos ) ;
2001-08-21 07:05:27 +04:00
} else {
2005-09-30 21:13:37 +04:00
init_q_open_pol2 ( & q , srv_name_slash , 0 , des_access , NULL ) ;
2001-08-21 07:05:27 +04:00
}
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_OPENPOLICY2 ,
q , r ,
qbuf , rbuf ,
lsa_io_q_open_pol2 ,
lsa_io_r_open_pol2 ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-08-21 07:05:27 +04:00
/* Return output parameters */
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
2001-08-21 07:05:27 +04:00
* pol = r . pol ;
}
return result ;
}
2007-05-22 15:30:35 +04:00
/* Lookup a list of sids
*
2007-05-22 17:40:01 +04:00
* internal version withOUT memory allocation of the target arrays .
* this assumes suffciently sized arrays to store domains , names and types . */
2007-05-22 15:30:35 +04:00
static NTSTATUS rpccli_lsa_lookup_sids_noalloc ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
POLICY_HND * pol ,
int num_sids ,
const DOM_SID * sids ,
char * * domains ,
char * * names ,
enum lsa_SidType * types )
{
prs_struct qbuf , rbuf ;
LSA_Q_LOOKUP_SIDS q ;
LSA_R_LOOKUP_SIDS r ;
DOM_R_REF ref ;
NTSTATUS result = NT_STATUS_OK ;
2007-05-22 17:40:01 +04:00
TALLOC_CTX * tmp_ctx = NULL ;
2007-05-22 15:30:35 +04:00
int i ;
2007-05-22 17:40:01 +04:00
tmp_ctx = talloc_new ( mem_ctx ) ;
if ( ! tmp_ctx ) {
DEBUG ( 0 , ( " rpccli_lsa_lookup_sids_noalloc: out of memory! \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2007-05-22 15:30:35 +04:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
2007-05-22 17:40:01 +04:00
init_q_lookup_sids ( tmp_ctx , & q , pol , num_sids , sids , 1 ) ;
2007-05-22 15:30:35 +04:00
ZERO_STRUCT ( ref ) ;
r . dom_ref = & ref ;
2007-05-22 17:40:01 +04:00
CLI_DO_RPC ( cli , tmp_ctx , PI_LSARPC , LSA_LOOKUPSIDS ,
2007-05-22 15:30:35 +04:00
q , r ,
qbuf , rbuf ,
lsa_io_q_lookup_sids ,
lsa_io_r_lookup_sids ,
NT_STATUS_UNSUCCESSFUL ) ;
2007-09-19 16:05:47 +04:00
DEBUG ( 10 , ( " LSA_LOOKUPSIDS returned '%s', mapped count = %d' \n " ,
nt_errstr ( r . status ) , r . mapped_count ) ) ;
2007-05-22 15:30:35 +04:00
if ( ! NT_STATUS_IS_OK ( r . status ) & &
2007-09-19 16:03:02 +04:00
! NT_STATUS_EQUAL ( r . status , NT_STATUS_NONE_MAPPED ) & &
2007-09-19 16:45:35 +04:00
! NT_STATUS_EQUAL ( r . status , STATUS_SOME_UNMAPPED ) )
2007-05-22 15:30:35 +04:00
{
/* An actual error occured */
result = r . status ;
goto done ;
}
/* Return output parameters */
2007-09-19 16:03:02 +04:00
if ( NT_STATUS_EQUAL ( r . status , NT_STATUS_NONE_MAPPED ) | |
( r . mapped_count = = 0 ) )
{
2007-08-29 18:34:15 +04:00
for ( i = 0 ; i < num_sids ; i + + ) {
( names ) [ i ] = NULL ;
( domains ) [ i ] = NULL ;
( types ) [ i ] = SID_NAME_UNKNOWN ;
}
2007-05-22 15:30:35 +04:00
result = NT_STATUS_NONE_MAPPED ;
goto done ;
}
for ( i = 0 ; i < num_sids ; i + + ) {
fstring name , dom_name ;
2007-06-09 04:13:07 +04:00
uint32 dom_idx = r . names . name [ i ] . domain_idx ;
2007-05-22 15:30:35 +04:00
/* Translate optimised name through domain index array */
if ( dom_idx ! = 0xffffffff ) {
rpcstr_pull_unistr2_fstring (
dom_name , & ref . ref_dom [ dom_idx ] . uni_dom_name ) ;
rpcstr_pull_unistr2_fstring (
2007-06-09 04:13:07 +04:00
name , & r . names . uni_name [ i ] ) ;
2007-05-22 15:30:35 +04:00
( names ) [ i ] = talloc_strdup ( mem_ctx , name ) ;
( domains ) [ i ] = talloc_strdup ( mem_ctx , dom_name ) ;
2007-06-09 04:13:07 +04:00
( types ) [ i ] = ( enum lsa_SidType ) r . names . name [ i ] . sid_name_use ;
2007-09-19 16:45:35 +04:00
2007-05-22 15:30:35 +04:00
if ( ( ( names ) [ i ] = = NULL ) | | ( ( domains ) [ i ] = = NULL ) ) {
2007-06-09 04:13:07 +04:00
DEBUG ( 0 , ( " cli_lsa_lookup_sids_noalloc(): out of memory \n " ) ) ;
2007-05-22 15:30:35 +04:00
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
} else {
2007-05-23 01:17:31 +04:00
( names ) [ i ] = NULL ;
( domains ) [ i ] = NULL ;
2007-05-22 15:30:35 +04:00
( types ) [ i ] = SID_NAME_UNKNOWN ;
}
}
2007-05-22 17:40:01 +04:00
done :
TALLOC_FREE ( tmp_ctx ) ;
2007-05-22 15:30:35 +04:00
return result ;
}
2007-09-19 16:45:35 +04:00
/* Lookup a list of sids
2007-05-22 15:30:35 +04:00
*
* do it the right way : there is a limit ( of 20480 for w2k3 ) entries
* returned by this call . when the sids list contains more entries ,
* empty lists are returned . This version of lsa_lookup_sids passes
* the list of sids in hunks of LOOKUP_SIDS_HUNK_SIZE to the lsa call . */
/* This constant defines the limit of how many sids to look up
* in one call ( maximum ) . the limit from the server side is
* at 20480 for win2k3 , but we keep it at a save 1000 for now . */
# define LOOKUP_SIDS_HUNK_SIZE 1000
2007-09-20 02:11:09 +04:00
NTSTATUS rpccli_lsa_lookup_sids ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
POLICY_HND * pol ,
int num_sids ,
const DOM_SID * sids ,
char * * * domains ,
char * * * names ,
enum lsa_SidType * * types )
2007-05-22 15:30:35 +04:00
{
NTSTATUS result = NT_STATUS_OK ;
int sids_left = 0 ;
int sids_processed = 0 ;
const DOM_SID * hunk_sids = sids ;
char * * hunk_domains = NULL ;
char * * hunk_names = NULL ;
enum lsa_SidType * hunk_types = NULL ;
if ( num_sids ) {
if ( ! ( ( * domains ) = TALLOC_ARRAY ( mem_ctx , char * , num_sids ) ) ) {
2007-09-20 02:11:09 +04:00
DEBUG ( 0 , ( " rpccli_lsa_lookup_sids(): out of memory \n " ) ) ;
2007-05-22 15:30:35 +04:00
result = NT_STATUS_NO_MEMORY ;
2007-09-19 15:01:44 +04:00
goto fail ;
2007-05-22 15:30:35 +04:00
}
if ( ! ( ( * names ) = TALLOC_ARRAY ( mem_ctx , char * , num_sids ) ) ) {
2007-09-20 02:11:09 +04:00
DEBUG ( 0 , ( " rpccli_lsa_lookup_sids(): out of memory \n " ) ) ;
2007-05-22 15:30:35 +04:00
result = NT_STATUS_NO_MEMORY ;
2007-09-19 15:01:44 +04:00
goto fail ;
2007-05-22 15:30:35 +04:00
}
if ( ! ( ( * types ) = TALLOC_ARRAY ( mem_ctx , enum lsa_SidType , num_sids ) ) ) {
2007-09-20 02:11:09 +04:00
DEBUG ( 0 , ( " rpccli_lsa_lookup_sids(): out of memory \n " ) ) ;
2007-05-22 15:30:35 +04:00
result = NT_STATUS_NO_MEMORY ;
2007-09-19 15:01:44 +04:00
goto fail ;
2007-05-22 15:30:35 +04:00
}
} else {
( * domains ) = NULL ;
( * names ) = NULL ;
( * types ) = NULL ;
}
2007-09-19 16:45:35 +04:00
2007-05-22 15:30:35 +04:00
sids_left = num_sids ;
hunk_domains = * domains ;
hunk_names = * names ;
hunk_types = * types ;
while ( sids_left > 0 ) {
int hunk_num_sids ;
NTSTATUS hunk_result = NT_STATUS_OK ;
2007-09-19 16:45:35 +04:00
hunk_num_sids = ( ( sids_left > LOOKUP_SIDS_HUNK_SIZE )
? LOOKUP_SIDS_HUNK_SIZE
2007-05-22 15:30:35 +04:00
: sids_left ) ;
2007-09-20 02:11:09 +04:00
DEBUG ( 10 , ( " rpccli_lsa_lookup_sids: processing items "
2007-09-19 16:45:35 +04:00
" %d -- %d of %d. \n " ,
sids_processed ,
2007-05-22 15:30:35 +04:00
sids_processed + hunk_num_sids - 1 ,
num_sids ) ) ;
2007-05-22 17:40:01 +04:00
hunk_result = rpccli_lsa_lookup_sids_noalloc ( cli ,
mem_ctx ,
2007-05-22 15:30:35 +04:00
pol ,
2007-09-19 16:45:35 +04:00
hunk_num_sids ,
2007-05-22 15:30:35 +04:00
hunk_sids ,
hunk_domains ,
hunk_names ,
hunk_types ) ;
if ( ! NT_STATUS_IS_OK ( hunk_result ) & &
! NT_STATUS_EQUAL ( hunk_result , STATUS_SOME_UNMAPPED ) & &
2007-09-19 16:45:35 +04:00
! NT_STATUS_EQUAL ( hunk_result , NT_STATUS_NONE_MAPPED ) )
2007-05-22 15:30:35 +04:00
{
/* An actual error occured */
2007-09-19 15:01:44 +04:00
result = hunk_result ;
goto fail ;
2007-05-22 15:30:35 +04:00
}
/* adapt overall result */
2007-09-19 16:45:35 +04:00
if ( ( NT_STATUS_IS_OK ( result ) & &
! NT_STATUS_IS_OK ( hunk_result ) )
2007-05-22 15:30:35 +04:00
| |
( NT_STATUS_EQUAL ( result , NT_STATUS_NONE_MAPPED ) & &
! NT_STATUS_EQUAL ( hunk_result , NT_STATUS_NONE_MAPPED ) ) )
{
result = STATUS_SOME_UNMAPPED ;
}
sids_left - = hunk_num_sids ;
sids_processed + = hunk_num_sids ; /* only used in DEBUG */
hunk_sids + = hunk_num_sids ;
hunk_domains + = hunk_num_sids ;
hunk_names + = hunk_num_sids ;
hunk_types + = hunk_num_sids ;
}
2007-09-19 15:01:44 +04:00
return result ;
fail :
TALLOC_FREE ( * domains ) ;
TALLOC_FREE ( * names ) ;
TALLOC_FREE ( * types ) ;
2007-05-22 15:30:35 +04:00
return result ;
}
2001-11-15 09:03:22 +03:00
/** Lookup a list of names */
2000-12-13 15:52:21 +03:00
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_lookup_names ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , int num_names ,
2006-02-04 01:19:41 +03:00
const char * * names ,
const char * * * dom_names ,
2007-06-27 15:42:17 +04:00
int level ,
2006-02-04 01:19:41 +03:00
DOM_SID * * sids ,
2006-09-08 18:28:06 +04:00
enum lsa_SidType * * types )
2000-12-13 15:52:21 +03:00
{
prs_struct qbuf , rbuf ;
LSA_Q_LOOKUP_NAMES q ;
LSA_R_LOOKUP_NAMES r ;
DOM_R_REF ref ;
2001-08-28 01:32:54 +04:00
NTSTATUS result ;
2000-12-13 15:52:21 +03:00
int i ;
2007-09-19 16:45:35 +04:00
2000-12-13 15:52:21 +03:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
ZERO_STRUCT ( ref ) ;
r . dom_ref = & ref ;
2007-06-27 15:42:17 +04:00
init_q_lookup_names ( mem_ctx , & q , pol , num_names , names , level ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_LOOKUPNAMES ,
q , r ,
qbuf , rbuf ,
lsa_io_q_lookup_names ,
lsa_io_r_lookup_names ,
NT_STATUS_UNSUCCESSFUL ) ;
2000-12-13 15:52:21 +03:00
result = r . status ;
2002-04-14 15:21:25 +04:00
if ( ! NT_STATUS_IS_OK ( result ) & & NT_STATUS_V ( result ) ! =
NT_STATUS_V ( STATUS_SOME_UNMAPPED ) ) {
2000-12-13 15:52:21 +03:00
/* An actual error occured */
goto done ;
}
/* Return output parameters */
2001-11-22 11:31:50 +03:00
if ( r . mapped_count = = 0 ) {
result = NT_STATUS_NONE_MAPPED ;
goto done ;
}
2007-04-30 06:39:34 +04:00
if ( num_names ) {
if ( ! ( ( * sids = TALLOC_ARRAY ( mem_ctx , DOM_SID , num_names ) ) ) ) {
DEBUG ( 0 , ( " cli_lsa_lookup_sids(): out of memory \n " ) ) ;
result = NT_STATUS_NO_MEMORY ;
goto done ;
}
2000-12-13 15:52:21 +03:00
2007-04-30 06:39:34 +04:00
if ( ! ( ( * types = TALLOC_ARRAY ( mem_ctx , enum lsa_SidType , num_names ) ) ) ) {
2006-02-04 01:19:41 +03:00
DEBUG ( 0 , ( " cli_lsa_lookup_sids(): out of memory \n " ) ) ;
result = NT_STATUS_NO_MEMORY ;
goto done ;
}
2007-04-30 06:39:34 +04:00
if ( dom_names ! = NULL ) {
* dom_names = TALLOC_ARRAY ( mem_ctx , const char * , num_names ) ;
if ( * dom_names = = NULL ) {
DEBUG ( 0 , ( " cli_lsa_lookup_sids(): out of memory \n " ) ) ;
result = NT_STATUS_NO_MEMORY ;
goto done ;
}
}
} else {
* sids = NULL ;
* types = NULL ;
if ( dom_names ! = NULL ) {
* dom_names = NULL ;
}
2006-02-04 01:19:41 +03:00
}
2002-04-14 15:21:25 +04:00
for ( i = 0 ; i < num_names ; i + + ) {
2006-02-12 19:45:50 +03:00
DOM_RID * t_rids = r . dom_rid ;
2000-12-13 15:52:21 +03:00
uint32 dom_idx = t_rids [ i ] . rid_idx ;
uint32 dom_rid = t_rids [ i ] . rid ;
DOM_SID * sid = & ( * sids ) [ i ] ;
/* Translate optimised sid through domain index array */
2006-02-04 01:19:41 +03:00
if ( dom_idx = = 0xffffffff ) {
/* Nothing to do, this is unknown */
ZERO_STRUCTP ( sid ) ;
( * types ) [ i ] = SID_NAME_UNKNOWN ;
continue ;
}
2000-12-13 15:52:21 +03:00
2006-02-04 01:19:41 +03:00
sid_copy ( sid , & ref . ref_dom [ dom_idx ] . ref_dom . sid ) ;
2000-12-13 15:52:21 +03:00
2006-02-04 01:19:41 +03:00
if ( dom_rid ! = 0xffffffff ) {
sid_append_rid ( sid , dom_rid ) ;
}
2000-12-13 15:52:21 +03:00
2006-09-08 18:28:06 +04:00
( * types ) [ i ] = ( enum lsa_SidType ) t_rids [ i ] . type ;
2006-02-04 01:19:41 +03:00
if ( dom_names = = NULL ) {
continue ;
2000-12-13 15:52:21 +03:00
}
2006-02-04 01:19:41 +03:00
( * dom_names ) [ i ] = rpcstr_pull_unistr2_talloc (
* dom_names , & ref . ref_dom [ dom_idx ] . uni_dom_name ) ;
2000-12-13 15:52:21 +03:00
}
done :
2000-12-15 04:02:11 +03:00
2000-12-13 15:52:21 +03:00
return result ;
}
2000-12-18 09:09:40 +03:00
2006-04-11 19:47:24 +04:00
NTSTATUS rpccli_lsa_query_info_policy_new ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
POLICY_HND * pol , uint16 info_class ,
2007-09-19 16:45:35 +04:00
LSA_INFO_CTR * ctr )
2006-04-11 19:47:24 +04:00
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_INFO q ;
LSA_R_QUERY_INFO r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_q_query ( & q , pol , info_class ) ;
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYINFOPOLICY ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query ,
lsa_io_r_query ,
NT_STATUS_UNSUCCESSFUL ) ;
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
goto done ;
}
done :
* ctr = r . ctr ;
2007-09-19 16:45:35 +04:00
2006-04-11 19:47:24 +04:00
return result ;
}
NTSTATUS rpccli_lsa_query_info_policy2_new ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
POLICY_HND * pol , uint16 info_class ,
2007-09-19 16:45:35 +04:00
LSA_INFO_CTR2 * ctr )
2006-04-11 19:47:24 +04:00
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_INFO2 q ;
LSA_R_QUERY_INFO2 r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_q_query2 ( & q , pol , info_class ) ;
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYINFO2 ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_info2 ,
lsa_io_r_query_info2 ,
NT_STATUS_UNSUCCESSFUL ) ;
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
goto done ;
}
done :
* ctr = r . ctr ;
2007-09-19 16:45:35 +04:00
2006-04-11 19:47:24 +04:00
return result ;
}
2002-02-21 01:34:35 +03:00
/** Query info policy
*
* @ param domain_sid - returned remote server ' s domain sid */
2000-12-18 09:09:40 +03:00
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_query_info_policy ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , uint16 info_class ,
2005-06-09 02:10:34 +04:00
char * * domain_name , DOM_SID * * domain_sid )
2000-12-18 09:09:40 +03:00
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_INFO q ;
LSA_R_QUERY_INFO r ;
2001-08-28 01:32:54 +04:00
NTSTATUS result ;
2000-12-18 09:09:40 +03:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
2001-01-10 21:44:39 +03:00
init_q_query ( & q , pol , info_class ) ;
2000-12-18 09:09:40 +03:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYINFOPOLICY ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query ,
lsa_io_r_query ,
NT_STATUS_UNSUCCESSFUL ) ;
2000-12-18 09:09:40 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2000-12-18 09:09:40 +03:00
goto done ;
}
/* Return output parameters */
switch ( info_class ) {
case 3 :
2006-04-11 19:47:24 +04:00
if ( domain_name & & ( r . ctr . info . id3 . buffer_dom_name ! = 0 ) ) {
2007-09-19 16:45:35 +04:00
* domain_name = unistr2_tdup ( mem_ctx ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id3 .
2004-01-08 11:19:18 +03:00
uni_domain_name ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_name ) {
return NT_STATUS_NO_MEMORY ;
}
2000-12-18 09:09:40 +03:00
}
2006-04-11 19:47:24 +04:00
if ( domain_sid & & ( r . ctr . info . id3 . buffer_dom_sid ! = 0 ) ) {
2004-12-07 21:25:53 +03:00
* domain_sid = TALLOC_P ( mem_ctx , DOM_SID ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_sid ) {
return NT_STATUS_NO_MEMORY ;
2004-01-08 11:19:18 +03:00
}
2006-04-11 19:47:24 +04:00
sid_copy ( * domain_sid , & r . ctr . info . id3 . dom_sid . sid ) ;
2000-12-18 09:09:40 +03:00
}
break ;
case 5 :
2007-09-19 16:45:35 +04:00
2006-04-11 19:47:24 +04:00
if ( domain_name & & ( r . ctr . info . id5 . buffer_dom_name ! = 0 ) ) {
2007-09-19 16:45:35 +04:00
* domain_name = unistr2_tdup ( mem_ctx ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id5 .
2004-01-08 11:19:18 +03:00
uni_domain_name ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_name ) {
return NT_STATUS_NO_MEMORY ;
}
2000-12-18 09:09:40 +03:00
}
2007-09-19 16:45:35 +04:00
2006-04-11 19:47:24 +04:00
if ( domain_sid & & ( r . ctr . info . id5 . buffer_dom_sid ! = 0 ) ) {
2004-12-07 21:25:53 +03:00
* domain_sid = TALLOC_P ( mem_ctx , DOM_SID ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_sid ) {
return NT_STATUS_NO_MEMORY ;
2004-01-08 11:19:18 +03:00
}
2006-04-11 19:47:24 +04:00
sid_copy ( * domain_sid , & r . ctr . info . id5 . dom_sid . sid ) ;
2000-12-18 09:09:40 +03:00
}
break ;
2007-09-19 16:45:35 +04:00
2000-12-18 09:09:40 +03:00
default :
DEBUG ( 3 , ( " unknown info class %d \n " , info_class ) ) ;
2007-09-19 16:45:35 +04:00
break ;
2000-12-18 09:09:40 +03:00
}
2007-09-19 16:45:35 +04:00
2000-12-18 09:09:40 +03:00
done :
return result ;
}
2001-01-10 21:44:39 +03:00
2002-08-12 17:40:59 +04:00
/** Query info policy2
*
* @ param domain_name - returned remote server ' s domain name
* @ param dns_name - returned remote server ' s dns domain name
* @ param forest_name - returned remote server ' s forest name
* @ param domain_guid - returned remote server ' s domain guid
* @ param domain_sid - returned remote server ' s domain sid */
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_query_info_policy2 ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , uint16 info_class ,
2005-06-09 02:10:34 +04:00
char * * domain_name , char * * dns_name ,
char * * forest_name ,
2006-09-19 04:12:11 +04:00
struct GUID * * domain_guid ,
2005-06-09 02:10:34 +04:00
DOM_SID * * domain_sid )
2002-08-12 17:40:59 +04:00
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_INFO2 q ;
LSA_R_QUERY_INFO2 r ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
if ( info_class ! = 12 )
goto done ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_q_query2 ( & q , pol , info_class ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYINFO2 ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_info2 ,
lsa_io_r_query_info2 ,
NT_STATUS_UNSUCCESSFUL ) ;
2002-08-12 17:40:59 +04:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2002-08-12 17:40:59 +04:00
goto done ;
}
/* Return output parameters */
ZERO_STRUCTP ( domain_guid ) ;
2006-04-11 19:47:24 +04:00
if ( domain_name & & r . ctr . info . id12 . hdr_nb_dom_name . buffer ) {
2007-09-19 16:45:35 +04:00
* domain_name = unistr2_tdup ( mem_ctx ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id12
2004-01-08 11:19:18 +03:00
. uni_nb_dom_name ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_name ) {
return NT_STATUS_NO_MEMORY ;
}
2002-08-12 17:40:59 +04:00
}
2006-04-11 19:47:24 +04:00
if ( dns_name & & r . ctr . info . id12 . hdr_dns_dom_name . buffer ) {
2007-09-19 16:45:35 +04:00
* dns_name = unistr2_tdup ( mem_ctx ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id12
2004-01-08 11:19:18 +03:00
. uni_dns_dom_name ) ;
2006-03-30 03:32:40 +04:00
if ( ! * dns_name ) {
return NT_STATUS_NO_MEMORY ;
}
2002-08-12 17:40:59 +04:00
}
2006-04-11 19:47:24 +04:00
if ( forest_name & & r . ctr . info . id12 . hdr_forest_name . buffer ) {
2007-09-19 16:45:35 +04:00
* forest_name = unistr2_tdup ( mem_ctx ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id12
2004-01-08 11:19:18 +03:00
. uni_forest_name ) ;
2006-03-30 03:32:40 +04:00
if ( ! * forest_name ) {
return NT_STATUS_NO_MEMORY ;
}
2002-08-12 17:40:59 +04:00
}
2007-09-19 16:45:35 +04:00
2004-01-08 11:19:18 +03:00
if ( domain_guid ) {
2006-09-19 04:12:11 +04:00
* domain_guid = TALLOC_P ( mem_ctx , struct GUID ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_guid ) {
return NT_STATUS_NO_MEMORY ;
}
2007-09-19 16:45:35 +04:00
memcpy ( * domain_guid ,
& r . ctr . info . id12 . dom_guid ,
2006-09-19 04:12:11 +04:00
sizeof ( struct GUID ) ) ;
2004-01-08 11:19:18 +03:00
}
2006-04-11 19:47:24 +04:00
if ( domain_sid & & r . ctr . info . id12 . ptr_dom_sid ! = 0 ) {
2004-12-07 21:25:53 +03:00
* domain_sid = TALLOC_P ( mem_ctx , DOM_SID ) ;
2006-03-30 03:32:40 +04:00
if ( ! * domain_sid ) {
return NT_STATUS_NO_MEMORY ;
2004-01-08 11:19:18 +03:00
}
2007-09-19 16:45:35 +04:00
sid_copy ( * domain_sid ,
2006-04-11 19:47:24 +04:00
& r . ctr . info . id12 . dom_sid . sid ) ;
2002-08-12 17:40:59 +04:00
}
2007-09-19 16:45:35 +04:00
2002-08-12 17:40:59 +04:00
done :
return result ;
}
2006-04-11 19:47:24 +04:00
NTSTATUS rpccli_lsa_set_info_policy ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
POLICY_HND * pol , uint16 info_class ,
2007-09-19 16:45:35 +04:00
LSA_INFO_CTR ctr )
2006-04-11 19:47:24 +04:00
{
prs_struct qbuf , rbuf ;
LSA_Q_SET_INFO q ;
LSA_R_SET_INFO r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_q_set ( & q , pol , info_class , ctr ) ;
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_SETINFOPOLICY ,
q , r ,
qbuf , rbuf ,
lsa_io_q_set ,
lsa_io_r_set ,
NT_STATUS_UNSUCCESSFUL ) ;
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
goto done ;
}
/* Return output parameters */
done :
return result ;
}
2002-05-17 17:49:01 +04:00
/**
* Enumerate list of trusted domains
*
* @ param cli client state ( cli_state ) structure of the connection
* @ param mem_ctx memory context
* @ param pol opened lsa policy handle
* @ param enum_ctx enumeration context ie . index of first returned domain entry
* @ param pref_num_domains preferred max number of entries returned in one response
* @ param num_domains total number of trusted domains returned by response
* @ param domain_names returned trusted domain names
* @ param domain_sids returned trusted domain sids
*
* @ return nt status code of response
* */
2001-01-10 21:44:39 +03:00
2005-06-09 02:10:34 +04:00
NTSTATUS rpccli_lsa_enum_trust_dom ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , uint32 * enum_ctx ,
2005-06-09 02:10:34 +04:00
uint32 * num_domains ,
char * * * domain_names , DOM_SID * * domain_sids )
2001-01-10 21:44:39 +03:00
{
prs_struct qbuf , rbuf ;
2005-04-07 02:27:55 +04:00
LSA_Q_ENUM_TRUST_DOM in ;
LSA_R_ENUM_TRUST_DOM out ;
2001-01-10 21:44:39 +03:00
int i ;
2005-04-07 02:27:55 +04:00
fstring tmp ;
2001-01-10 21:44:39 +03:00
2005-04-07 02:27:55 +04:00
ZERO_STRUCT ( in ) ;
ZERO_STRUCT ( out ) ;
2001-01-10 21:44:39 +03:00
2002-08-05 06:47:46 +04:00
/* 64k is enough for about 2000 trusted domains */
2007-09-19 16:45:35 +04:00
2005-04-07 02:27:55 +04:00
init_q_enum_trust_dom ( & in , pol , * enum_ctx , 0x10000 ) ;
2001-01-10 21:44:39 +03:00
2007-09-19 16:45:35 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ENUMTRUSTDOM ,
in , out ,
2005-04-07 02:27:55 +04:00
qbuf , rbuf ,
lsa_io_q_enum_trust_dom ,
2007-09-19 16:45:35 +04:00
lsa_io_r_enum_trust_dom ,
2005-04-07 02:27:55 +04:00
NT_STATUS_UNSUCCESSFUL ) ;
2001-01-10 21:44:39 +03:00
2005-04-07 02:27:55 +04:00
/* check for an actual error */
2001-01-10 21:44:39 +03:00
2007-09-19 16:45:35 +04:00
if ( ! NT_STATUS_IS_OK ( out . status )
& & ! NT_STATUS_EQUAL ( out . status , NT_STATUS_NO_MORE_ENTRIES )
2005-04-07 02:27:55 +04:00
& & ! NT_STATUS_EQUAL ( out . status , STATUS_MORE_ENTRIES ) )
{
return out . status ;
2001-01-10 21:44:39 +03:00
}
2007-09-19 16:45:35 +04:00
2001-01-10 21:44:39 +03:00
/* Return output parameters */
2005-04-07 02:27:55 +04:00
* num_domains = out . count ;
* enum_ctx = out . enum_context ;
2007-09-19 16:45:35 +04:00
2005-04-07 02:27:55 +04:00
if ( out . count ) {
2001-01-10 21:44:39 +03:00
2001-06-22 06:15:02 +04:00
/* Allocate memory for trusted domain names and sids */
2001-01-10 21:44:39 +03:00
2005-04-07 02:27:55 +04:00
if ( ! ( * domain_names = TALLOC_ARRAY ( mem_ctx , char * , out . count ) ) ) {
2001-06-22 06:15:02 +04:00
DEBUG ( 0 , ( " cli_lsa_enum_trust_dom(): out of memory \n " ) ) ;
2005-04-07 02:27:55 +04:00
return NT_STATUS_NO_MEMORY ;
2001-06-22 06:15:02 +04:00
}
2005-04-07 02:27:55 +04:00
if ( ! ( * domain_sids = TALLOC_ARRAY ( mem_ctx , DOM_SID , out . count ) ) ) {
2001-06-22 06:15:02 +04:00
DEBUG ( 0 , ( " cli_lsa_enum_trust_dom(): out of memory \n " ) ) ;
2005-04-07 02:27:55 +04:00
return NT_STATUS_NO_MEMORY ;
2001-06-22 06:15:02 +04:00
}
/* Copy across names and sids */
2005-04-07 02:27:55 +04:00
for ( i = 0 ; i < out . count ; i + + ) {
2001-06-22 06:15:02 +04:00
2007-09-19 16:45:35 +04:00
rpcstr_pull ( tmp , out . domlist - > domains [ i ] . name . string - > buffer ,
2005-04-07 02:27:55 +04:00
sizeof ( tmp ) , out . domlist - > domains [ i ] . name . length , 0 ) ;
2002-04-04 10:11:22 +04:00
( * domain_names ) [ i ] = talloc_strdup ( mem_ctx , tmp ) ;
2005-04-07 02:27:55 +04:00
sid_copy ( & ( * domain_sids ) [ i ] , & out . domlist - > domains [ i ] . sid - > sid ) ;
2001-06-22 06:15:02 +04:00
}
2001-01-10 21:44:39 +03:00
}
2005-04-07 02:27:55 +04:00
return out . status ;
2001-01-10 21:44:39 +03:00
}
2001-11-15 09:03:22 +03:00
2001-11-22 19:12:43 +03:00
/** Enumerate privileges*/
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_enum_privilege ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2001-11-22 19:12:43 +03:00
POLICY_HND * pol , uint32 * enum_context , uint32 pref_max_length ,
uint32 * count , char * * * privs_name , uint32 * * privs_high , uint32 * * privs_low )
{
prs_struct qbuf , rbuf ;
LSA_Q_ENUM_PRIVS q ;
LSA_R_ENUM_PRIVS r ;
NTSTATUS result ;
int i ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_q_enum_privs ( & q , pol , * enum_context , pref_max_length ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ENUM_PRIVS ,
q , r ,
qbuf , rbuf ,
lsa_io_q_enum_privs ,
lsa_io_r_enum_privs ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-22 19:12:43 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-11-22 19:12:43 +03:00
goto done ;
}
/* Return output parameters */
* enum_context = r . enum_context ;
* count = r . count ;
2007-04-30 06:39:34 +04:00
if ( r . count ) {
if ( ! ( ( * privs_name = TALLOC_ARRAY ( mem_ctx , char * , r . count ) ) ) ) {
DEBUG ( 0 , ( " (cli_lsa_enum_privilege): out of memory \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2001-11-22 19:12:43 +03:00
2007-04-30 06:39:34 +04:00
if ( ! ( ( * privs_high = TALLOC_ARRAY ( mem_ctx , uint32 , r . count ) ) ) ) {
DEBUG ( 0 , ( " (cli_lsa_enum_privilege): out of memory \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2001-11-22 19:12:43 +03:00
2007-04-30 06:39:34 +04:00
if ( ! ( ( * privs_low = TALLOC_ARRAY ( mem_ctx , uint32 , r . count ) ) ) ) {
DEBUG ( 0 , ( " (cli_lsa_enum_privilege): out of memory \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
} else {
* privs_name = NULL ;
* privs_high = NULL ;
* privs_low = NULL ;
2001-11-22 19:12:43 +03:00
}
for ( i = 0 ; i < r . count ; i + + ) {
fstring name ;
rpcstr_pull_unistr2_fstring ( name , & r . privs [ i ] . name ) ;
( * privs_name ) [ i ] = talloc_strdup ( mem_ctx , name ) ;
( * privs_high ) [ i ] = r . privs [ i ] . luid_high ;
( * privs_low ) [ i ] = r . privs [ i ] . luid_low ;
}
done :
return result ;
}
2001-11-22 19:54:48 +03:00
/** Get privilege name */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_get_dispname ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , const char * name ,
2003-02-26 02:51:56 +03:00
uint16 lang_id , uint16 lang_id_sys ,
2001-11-22 19:54:48 +03:00
fstring description , uint16 * lang_id_desc )
{
prs_struct qbuf , rbuf ;
LSA_Q_PRIV_GET_DISPNAME q ;
LSA_R_PRIV_GET_DISPNAME r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_lsa_priv_get_dispname ( & q , pol , name , lang_id , lang_id_sys ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_PRIV_GET_DISPNAME ,
q , r ,
qbuf , rbuf ,
lsa_io_q_priv_get_dispname ,
lsa_io_r_priv_get_dispname ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-22 19:54:48 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-11-22 19:54:48 +03:00
goto done ;
}
/* Return output parameters */
2007-09-19 16:45:35 +04:00
2001-11-22 19:54:48 +03:00
rpcstr_pull_unistr2_fstring ( description , & r . desc ) ;
* lang_id_desc = r . lang_id ;
done :
return result ;
}
2001-11-23 02:50:16 +03:00
/** Enumerate list of SIDs */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_enum_sids ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , uint32 * enum_ctx , uint32 pref_max_length ,
2001-11-23 02:50:16 +03:00
uint32 * num_sids , DOM_SID * * sids )
{
prs_struct qbuf , rbuf ;
LSA_Q_ENUM_ACCOUNTS q ;
LSA_R_ENUM_ACCOUNTS r ;
NTSTATUS result ;
int i ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
init_lsa_q_enum_accounts ( & q , pol , * enum_ctx , pref_max_length ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ENUM_ACCOUNTS ,
q , r ,
qbuf , rbuf ,
lsa_io_q_enum_accounts ,
lsa_io_r_enum_accounts ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-23 02:50:16 +03:00
result = r . status ;
2005-10-27 22:06:29 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-11-23 02:50:16 +03:00
goto done ;
}
2001-11-23 18:11:22 +03:00
if ( r . sids . num_entries = = 0 )
goto done ;
2001-11-23 02:50:16 +03:00
/* Return output parameters */
2004-12-07 21:25:53 +03:00
* sids = TALLOC_ARRAY ( mem_ctx , DOM_SID , r . sids . num_entries ) ;
2001-11-23 02:50:16 +03:00
if ( ! * sids ) {
DEBUG ( 0 , ( " (cli_lsa_enum_sids): out of memory \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
/* Copy across names and sids */
for ( i = 0 ; i < r . sids . num_entries ; i + + ) {
sid_copy ( & ( * sids ) [ i ] , & r . sids . sid [ i ] . sid ) ;
}
* num_sids = r . sids . num_entries ;
* enum_ctx = r . enum_context ;
done :
return result ;
}
2005-01-14 22:26:13 +03:00
/** Create a LSA user handle
*
* @ param cli Handle on an initialised SMB connection
*
* FIXME : The code is actually identical to open account
* TODO : Check and code what the function should exactly do
*
* */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_create_account ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * dom_pol , DOM_SID * sid , uint32 desired_access ,
2005-01-14 22:26:13 +03:00
POLICY_HND * user_pol )
{
prs_struct qbuf , rbuf ;
LSA_Q_CREATEACCOUNT q ;
LSA_R_CREATEACCOUNT r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
init_lsa_q_create_account ( & q , dom_pol , sid , desired_access ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_CREATEACCOUNT ,
q , r ,
qbuf , rbuf ,
lsa_io_q_create_account ,
lsa_io_r_create_account ,
NT_STATUS_UNSUCCESSFUL ) ;
2005-01-14 22:26:13 +03:00
/* Return output parameters */
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
2005-01-14 22:26:13 +03:00
* user_pol = r . pol ;
}
return result ;
}
2001-11-24 03:13:41 +03:00
/** Open a LSA user handle
*
* @ param cli Handle on an initialised SMB connection */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_open_account ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * dom_pol , DOM_SID * sid , uint32 des_access ,
2001-11-24 03:13:41 +03:00
POLICY_HND * user_pol )
{
prs_struct qbuf , rbuf ;
LSA_Q_OPENACCOUNT q ;
LSA_R_OPENACCOUNT r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
init_lsa_q_open_account ( & q , dom_pol , sid , des_access ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_OPENACCOUNT ,
q , r ,
qbuf , rbuf ,
lsa_io_q_open_account ,
lsa_io_r_open_account ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-24 03:13:41 +03:00
/* Return output parameters */
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
2001-11-24 03:13:41 +03:00
* user_pol = r . pol ;
}
return result ;
}
/** Enumerate user privileges
*
* @ param cli Handle on an initialised SMB connection */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_enum_privsaccount ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2001-11-24 03:13:41 +03:00
POLICY_HND * pol , uint32 * count , LUID_ATTR * * set )
{
prs_struct qbuf , rbuf ;
LSA_Q_ENUMPRIVSACCOUNT q ;
LSA_R_ENUMPRIVSACCOUNT r ;
NTSTATUS result ;
int i ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
init_lsa_q_enum_privsaccount ( & q , pol ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ENUMPRIVSACCOUNT ,
q , r ,
qbuf , rbuf ,
lsa_io_q_enum_privsaccount ,
lsa_io_r_enum_privsaccount ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-24 03:13:41 +03:00
/* Return output parameters */
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-11-24 03:13:41 +03:00
goto done ;
}
if ( r . count = = 0 )
goto done ;
2004-12-07 21:25:53 +03:00
if ( ! ( ( * set = TALLOC_ARRAY ( mem_ctx , LUID_ATTR , r . count ) ) ) ) {
2001-11-24 03:13:41 +03:00
DEBUG ( 0 , ( " (cli_lsa_enum_privsaccount): out of memory \n " ) ) ;
result = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
for ( i = 0 ; i < r . count ; i + + ) {
2005-01-13 21:20:37 +03:00
( * set ) [ i ] . luid . low = r . set . set [ i ] . luid . low ;
( * set ) [ i ] . luid . high = r . set . set [ i ] . luid . high ;
( * set ) [ i ] . attr = r . set . set [ i ] . attr ;
2001-11-24 03:13:41 +03:00
}
* count = r . count ;
done :
return result ;
}
/** Get a privilege value given its name */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_lookup_priv_value ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2003-02-26 02:51:56 +03:00
POLICY_HND * pol , const char * name , LUID * luid )
2001-11-24 03:13:41 +03:00
{
prs_struct qbuf , rbuf ;
2005-03-10 21:50:47 +03:00
LSA_Q_LOOKUP_PRIV_VALUE q ;
LSA_R_LOOKUP_PRIV_VALUE r ;
2001-11-24 03:13:41 +03:00
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2005-03-10 21:50:47 +03:00
init_lsa_q_lookup_priv_value ( & q , pol , name ) ;
2001-11-24 03:13:41 +03:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_LOOKUPPRIVVALUE ,
q , r ,
qbuf , rbuf ,
lsa_io_q_lookup_priv_value ,
lsa_io_r_lookup_priv_value ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-11-24 03:13:41 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-11-24 03:13:41 +03:00
goto done ;
}
/* Return output parameters */
( * luid ) . low = r . luid . low ;
( * luid ) . high = r . luid . high ;
done :
return result ;
}
2001-12-11 05:17:26 +03:00
/** Query LSA security object */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_query_secobj ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol , uint32 sec_info ,
2001-12-11 05:17:26 +03:00
SEC_DESC_BUF * * psdb )
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_SEC_OBJ q ;
LSA_R_QUERY_SEC_OBJ r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
init_q_query_sec_obj ( & q , pol , sec_info ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYSECOBJ ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_sec_obj ,
lsa_io_r_query_sec_obj ,
NT_STATUS_UNSUCCESSFUL ) ;
2001-12-11 05:17:26 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2001-12-11 05:17:26 +03:00
goto done ;
}
/* Return output parameters */
if ( psdb )
* psdb = r . buf ;
done :
return result ;
}
2003-01-15 20:22:48 +03:00
/* Enumerate account rights This is similar to enum_privileges but
takes a SID directly , avoiding the open_account call .
*/
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_enum_account_rights ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2005-01-18 21:28:34 +03:00
POLICY_HND * pol , DOM_SID * sid ,
2005-01-19 19:52:19 +03:00
uint32 * count , char * * * priv_names )
2003-01-15 20:22:48 +03:00
{
prs_struct qbuf , rbuf ;
LSA_Q_ENUM_ACCT_RIGHTS q ;
LSA_R_ENUM_ACCT_RIGHTS r ;
NTSTATUS result ;
int i ;
2005-01-18 21:28:34 +03:00
fstring * privileges ;
2005-01-19 19:52:19 +03:00
char * * names ;
2003-01-15 20:22:48 +03:00
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2005-01-18 21:28:34 +03:00
init_q_enum_acct_rights ( & q , pol , 2 , sid ) ;
2003-01-15 20:22:48 +03:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ENUMACCTRIGHTS ,
q , r ,
qbuf , rbuf ,
lsa_io_q_enum_acct_rights ,
lsa_io_r_enum_acct_rights ,
NT_STATUS_UNSUCCESSFUL ) ;
2003-01-15 20:22:48 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2003-01-15 20:22:48 +03:00
goto done ;
}
* count = r . count ;
if ( ! * count ) {
goto done ;
}
2007-09-19 16:45:35 +04:00
2005-03-26 09:52:56 +03:00
privileges = TALLOC_ARRAY ( mem_ctx , fstring , * count ) ;
names = TALLOC_ARRAY ( mem_ctx , char * , * count ) ;
2006-06-17 11:43:56 +04:00
if ( ( privileges = = NULL ) | | ( names = = NULL ) ) {
TALLOC_FREE ( privileges ) ;
TALLOC_FREE ( names ) ;
return NT_STATUS_NO_MEMORY ;
}
2005-01-18 21:28:34 +03:00
for ( i = 0 ; i < * count ; i + + ) {
2005-03-26 09:52:56 +03:00
UNISTR4 * uni_string = & r . rights - > strings [ i ] ;
if ( ! uni_string - > string )
continue ;
rpcstr_pull ( privileges [ i ] , uni_string - > string - > buffer , sizeof ( privileges [ i ] ) , - 1 , STR_TERMINATE ) ;
2007-09-19 16:45:35 +04:00
2005-01-18 21:28:34 +03:00
/* now copy to the return array */
2005-01-19 19:52:19 +03:00
names [ i ] = talloc_strdup ( mem_ctx , privileges [ i ] ) ;
2003-01-15 20:22:48 +03:00
}
2007-09-19 16:45:35 +04:00
2005-01-19 19:52:19 +03:00
* priv_names = names ;
2003-01-15 20:22:48 +03:00
done :
return result ;
}
2003-01-29 05:24:12 +03:00
2003-01-29 00:09:56 +03:00
/* add account rights to an account. */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_add_account_rights ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2003-01-29 05:24:12 +03:00
POLICY_HND * pol , DOM_SID sid ,
2005-09-30 21:13:37 +04:00
uint32 count , const char * * privs_name )
2003-01-29 00:09:56 +03:00
{
prs_struct qbuf , rbuf ;
LSA_Q_ADD_ACCT_RIGHTS q ;
LSA_R_ADD_ACCT_RIGHTS r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
2005-09-30 21:13:37 +04:00
ZERO_STRUCT ( r ) ;
2003-01-29 00:09:56 +03:00
/* Marshall data and send request */
init_q_add_acct_rights ( & q , pol , & sid , count , privs_name ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_ADDACCTRIGHTS ,
q , r ,
qbuf , rbuf ,
lsa_io_q_add_acct_rights ,
lsa_io_r_add_acct_rights ,
NT_STATUS_UNSUCCESSFUL ) ;
2003-01-29 00:09:56 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2003-01-29 05:24:12 +03:00
goto done ;
}
done :
return result ;
}
/* remove account rights for an account. */
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_remove_account_rights ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2003-01-29 05:24:12 +03:00
POLICY_HND * pol , DOM_SID sid , BOOL removeall ,
uint32 count , const char * * privs_name )
{
prs_struct qbuf , rbuf ;
LSA_Q_REMOVE_ACCT_RIGHTS q ;
LSA_R_REMOVE_ACCT_RIGHTS r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
2005-09-30 21:13:37 +04:00
ZERO_STRUCT ( r ) ;
2003-01-29 05:24:12 +03:00
/* Marshall data and send request */
init_q_remove_acct_rights ( & q , pol , & sid , removeall ? 1 : 0 , count , privs_name ) ;
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_REMOVEACCTRIGHTS ,
q , r ,
qbuf , rbuf ,
lsa_io_q_remove_acct_rights ,
lsa_io_r_remove_acct_rights ,
NT_STATUS_UNSUCCESSFUL ) ;
2003-01-29 00:09:56 +03:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2003-01-29 05:24:12 +03:00
goto done ;
}
2003-01-29 00:09:56 +03:00
done :
return result ;
}
2003-01-15 20:22:48 +03:00
2003-01-29 05:24:12 +03:00
2002-04-04 10:55:32 +04:00
#if 0
/** An example of how to use the routines in this file. Fetch a DOMAIN
sid . Does complete cli setup / teardown anonymously . */
2001-11-24 03:13:41 +03:00
2001-12-05 22:33:35 +03:00
BOOL fetch_domain_sid ( char * domain , char * remote_machine , DOM_SID * psid )
{
extern pstring global_myname ;
2006-07-11 22:01:26 +04:00
struct cli_state * cli ;
2001-12-05 22:33:35 +03:00
NTSTATUS result ;
POLICY_HND lsa_pol ;
BOOL ret = False ;
2007-09-19 16:45:35 +04:00
2001-12-05 22:33:35 +03:00
ZERO_STRUCT ( cli ) ;
2006-07-11 22:01:26 +04:00
if ( ( cli = cli_initialise ( ) ) = = NULL ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: unable to initialize client connection. \n " ) ) ;
return False ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! resolve_name ( remote_machine , & cli - > dest_ip , 0x20 ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: Can't resolve address for %s \n " , remote_machine ) ) ;
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! cli_connect ( cli , remote_machine , & cli - > dest_ip ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: unable to connect to SMB server on \
2006-07-11 22:01:26 +04:00
machine % s . Error was : % s . \ n " , remote_machine, cli_errstr(cli) ));
2001-12-05 22:33:35 +03:00
goto done ;
}
2006-07-11 22:01:26 +04:00
if ( ! attempt_netbios_session_request ( cli , global_myname , remote_machine , & cli - > dest_ip ) ) {
2007-09-19 16:45:35 +04:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s rejected the NetBIOS session request. \n " ,
2002-02-13 19:44:49 +03:00
remote_machine ) ) ;
2001-12-05 22:33:35 +03:00
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
cli - > protocol = PROTOCOL_NT1 ;
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! cli_negprot ( cli ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s rejected the negotiate protocol. \
2006-07-11 22:01:26 +04:00
Error was : % s . \ n " , remote_machine, cli_errstr(cli) ));
2001-12-05 22:33:35 +03:00
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( cli - > protocol ! = PROTOCOL_NT1 ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s didn't negotiate NT protocol. \n " ,
remote_machine ) ) ;
goto done ;
}
2007-09-19 16:45:35 +04:00
2001-12-05 22:33:35 +03:00
/*
* Do an anonymous session setup .
*/
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! cli_session_setup ( cli , " " , " " , 0 , " " , 0 , " " ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s rejected the session setup. \
2006-07-11 22:01:26 +04:00
Error was : % s . \ n " , remote_machine, cli_errstr(cli) ));
2001-12-05 22:33:35 +03:00
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! ( cli - > sec_mode & NEGOTIATE_SECURITY_USER_LEVEL ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s isn't in user level security mode \n " ,
remote_machine ) ) ;
goto done ;
}
2006-07-11 22:01:26 +04:00
if ( ! cli_send_tconX ( cli , " IPC$ " , " IPC " , " " , 1 ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
2006-07-11 22:01:26 +04:00
Error was : % s . \ n " , remote_machine, cli_errstr(cli) ));
2001-12-05 22:33:35 +03:00
goto done ;
}
/* Fetch domain sid */
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
if ( ! cli_nt_session_open ( cli , PI_LSARPC ) ) {
2001-12-05 22:33:35 +03:00
DEBUG ( 0 , ( " fetch_domain_sid: Error connecting to SAM pipe \n " ) ) ;
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
result = cli_lsa_open_policy ( cli , cli - > mem_ctx , True , SEC_RIGHTS_QUERY_VALUE , & lsa_pol ) ;
2001-12-05 22:33:35 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
DEBUG ( 0 , ( " fetch_domain_sid: Error opening lsa policy handle. %s \n " ,
2002-03-17 07:36:35 +03:00
nt_errstr ( result ) ) ) ;
2001-12-05 22:33:35 +03:00
goto done ;
}
2007-09-19 16:45:35 +04:00
2006-07-11 22:01:26 +04:00
result = cli_lsa_query_info_policy ( cli , cli - > mem_ctx , & lsa_pol , 5 , domain , psid ) ;
2001-12-05 22:33:35 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
DEBUG ( 0 , ( " fetch_domain_sid: Error querying lsa policy handle. %s \n " ,
2002-03-17 07:36:35 +03:00
nt_errstr ( result ) ) ) ;
2001-12-05 22:33:35 +03:00
goto done ;
}
2007-09-19 16:45:35 +04:00
2001-12-05 22:33:35 +03:00
ret = True ;
done :
2006-07-11 22:01:26 +04:00
cli_shutdown ( cli ) ;
2001-12-05 22:33:35 +03:00
return ret ;
}
2002-01-06 06:48:41 +03:00
2002-04-04 10:55:32 +04:00
# endif
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_open_trusted_domain ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2005-06-08 17:59:03 +04:00
POLICY_HND * pol , DOM_SID * dom_sid , uint32 access_mask ,
POLICY_HND * trustdom_pol )
{
prs_struct qbuf , rbuf ;
LSA_Q_OPEN_TRUSTED_DOMAIN q ;
LSA_R_OPEN_TRUSTED_DOMAIN r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
init_lsa_q_open_trusted_domain ( & q , pol , dom_sid , access_mask ) ;
/* Marshall data and send request */
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_OPENTRUSTDOM ,
q , r ,
qbuf , rbuf ,
lsa_io_q_open_trusted_domain ,
lsa_io_r_open_trusted_domain ,
NT_STATUS_UNSUCCESSFUL ) ;
2005-06-08 17:59:03 +04:00
/* Return output parameters */
2007-09-19 16:45:35 +04:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
2005-06-08 17:59:03 +04:00
* trustdom_pol = r . handle ;
}
return result ;
}
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_query_trusted_domain_info ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol ,
uint16 info_class ,
2005-06-08 17:59:03 +04:00
LSA_TRUSTED_DOMAIN_INFO * * info )
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_TRUSTED_DOMAIN_INFO q ;
LSA_R_QUERY_TRUSTED_DOMAIN_INFO r ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2007-09-19 16:45:35 +04:00
init_q_query_trusted_domain_info ( & q , pol , info_class ) ;
2005-06-08 17:59:03 +04:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYTRUSTDOMINFO ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_trusted_domain_info ,
lsa_io_r_query_trusted_domain_info ,
NT_STATUS_UNSUCCESSFUL ) ;
2005-06-08 17:59:03 +04:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2005-06-08 17:59:03 +04:00
goto done ;
}
* info = r . info ;
2007-09-19 16:45:35 +04:00
2005-06-08 17:59:03 +04:00
done :
return result ;
}
2006-02-04 01:19:41 +03:00
NTSTATUS rpccli_lsa_open_trusted_domain_by_name ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
POLICY_HND * pol , const char * name , uint32 access_mask ,
POLICY_HND * trustdom_pol )
{
prs_struct qbuf , rbuf ;
LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME q ;
LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME r ;
NTSTATUS result ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Initialise input parameters */
init_lsa_q_open_trusted_domain_by_name ( & q , pol , name , access_mask ) ;
/* Marshall data and send request */
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_OPENTRUSTDOMBYNAME ,
q , r ,
qbuf , rbuf ,
lsa_io_q_open_trusted_domain_by_name ,
lsa_io_r_open_trusted_domain_by_name ,
NT_STATUS_UNSUCCESSFUL ) ;
/* Return output parameters */
2007-09-19 16:45:35 +04:00
2006-02-04 01:19:41 +03:00
result = r . status ;
if ( NT_STATUS_IS_OK ( result ) ) {
* trustdom_pol = r . handle ;
}
return result ;
}
2005-06-08 17:59:03 +04:00
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_query_trusted_domain_info_by_sid ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol ,
uint16 info_class , DOM_SID * dom_sid ,
2005-06-08 17:59:03 +04:00
LSA_TRUSTED_DOMAIN_INFO * * info )
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID q ;
LSA_R_QUERY_TRUSTED_DOMAIN_INFO r ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2007-09-19 16:45:35 +04:00
init_q_query_trusted_domain_info_by_sid ( & q , pol , info_class , dom_sid ) ;
2005-06-08 17:59:03 +04:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYTRUSTDOMINFOBYSID ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_trusted_domain_info_by_sid ,
lsa_io_r_query_trusted_domain_info ,
NT_STATUS_UNSUCCESSFUL ) ;
2005-06-08 17:59:03 +04:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2005-06-08 17:59:03 +04:00
goto done ;
}
* info = r . info ;
done :
return result ;
}
2005-09-30 21:13:37 +04:00
NTSTATUS rpccli_lsa_query_trusted_domain_info_by_name ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol ,
uint16 info_class , const char * domain_name ,
2005-06-08 17:59:03 +04:00
LSA_TRUSTED_DOMAIN_INFO * * info )
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME q ;
LSA_R_QUERY_TRUSTED_DOMAIN_INFO r ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2007-09-19 16:45:35 +04:00
init_q_query_trusted_domain_info_by_name ( & q , pol , info_class , domain_name ) ;
2005-06-08 17:59:03 +04:00
2005-09-30 21:13:37 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYTRUSTDOMINFOBYNAME ,
q , r ,
qbuf , rbuf ,
lsa_io_q_query_trusted_domain_info_by_name ,
lsa_io_r_query_trusted_domain_info ,
NT_STATUS_UNSUCCESSFUL ) ;
2005-06-08 17:59:03 +04:00
2005-10-27 22:06:29 +04:00
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2005-06-08 17:59:03 +04:00
goto done ;
}
* info = r . info ;
done :
2007-09-19 16:45:35 +04:00
2005-06-08 17:59:03 +04:00
return result ;
}
2006-02-04 01:19:41 +03:00
NTSTATUS cli_lsa_query_domain_info_policy ( struct rpc_pipe_client * cli , TALLOC_CTX * mem_ctx ,
2007-09-19 16:45:35 +04:00
POLICY_HND * pol ,
2006-02-04 01:19:41 +03:00
uint16 info_class , LSA_DOM_INFO_UNION * * info )
{
prs_struct qbuf , rbuf ;
LSA_Q_QUERY_DOM_INFO_POLICY q ;
LSA_R_QUERY_DOM_INFO_POLICY r ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
ZERO_STRUCT ( q ) ;
ZERO_STRUCT ( r ) ;
/* Marshall data and send request */
2007-09-19 16:45:35 +04:00
init_q_query_dom_info ( & q , pol , info_class ) ;
2006-02-04 01:19:41 +03:00
2007-09-19 16:45:35 +04:00
CLI_DO_RPC ( cli , mem_ctx , PI_LSARPC , LSA_QUERYDOMINFOPOL ,
2006-02-04 01:19:41 +03:00
q , r ,
qbuf , rbuf ,
lsa_io_q_query_dom_info ,
lsa_io_r_query_dom_info ,
NT_STATUS_UNSUCCESSFUL ) ;
result = r . status ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
goto done ;
}
* info = r . info ;
done :
return result ;
}