2006-09-27 14:32:18 +00:00
2005-09-03 16:55:45 +00:00
/*
* Unix SMB / CIFS implementation .
* MS - RPC client library implementation ( SAMR pipe )
* Copyright ( C ) Chris Nicholls 2005.
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 2 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program ; if not , write to the Free Software
* Foundation , Inc . , 675 Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "libmsrpc.h"
# include "libmsrpc_internal.h"
/*used by cac_SamGetNamesFromRids*/
# define SAMR_RID_UNKNOWN 8
# define SAMR_ENUM_MAX_SIZE 0xffff
/*not sure what this is.. taken from rpcclient/cmd_samr.c*/
# define SAMR_LOOKUP_FLAGS 0x000003e8
2006-09-27 14:32:18 +00:00
int cac_SamConnect ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamConnect * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
POLICY_HND * sam_out = NULL ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | op - > in . access = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
/*initialize for samr pipe if we have to */
if ( ! hnd - > _internal . pipes [ PI_SAMR ] ) {
if ( !
( pipe_hnd =
cli_rpc_pipe_open_noauth ( srv - > cli , PI_SAMR ,
& hnd - > status ) ) ) {
return CAC_FAILURE ;
}
hnd - > _internal . pipes [ PI_SAMR ] = True ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
sam_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! sam_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
if ( hnd - > _internal . srv_level > = SRV_WIN_2K_SP3 ) {
hnd - > status =
rpccli_samr_connect4 ( pipe_hnd , mem_ctx ,
op - > in . access , sam_out ) ;
}
if ( hnd - > _internal . srv_level < SRV_WIN_2K_SP3
| | ! NT_STATUS_IS_OK ( hnd - > status ) ) {
/*if sam_connect4 failed, the use sam_connect and lower srv_level */
hnd - > status =
rpccli_samr_connect ( pipe_hnd , mem_ctx , op - > in . access ,
sam_out ) ;
if ( NT_STATUS_IS_OK ( hnd - > status )
& & hnd - > _internal . srv_level > SRV_WIN_2K ) {
hnd - > _internal . srv_level = SRV_WIN_2K ;
}
}
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
op - > out . sam = sam_out ;
return CAC_SUCCESS ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamClose ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * sam )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! sam | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status = rpccli_samr_close ( pipe_hnd , mem_ctx , sam ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
/*this is an internal function. Due to a circular dependency, it must be prototyped in libmsrpc.h (which I don't want to do)
* cac_SamOpenDomain ( ) is the only function that calls it , so I just put the definition here
*/
2006-09-27 14:32:18 +00:00
2005-09-03 16:55:45 +00:00
/*attempts to find the sid of the domain we are connected to*/
2006-09-27 14:32:18 +00:00
DOM_SID * cac_get_domain_sid ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
uint32 des_access )
{
struct LsaOpenPolicy lop ;
struct LsaFetchSid fs ;
DOM_SID * sid ;
ZERO_STRUCT ( lop ) ;
ZERO_STRUCT ( fs ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
lop . in . access = des_access ;
lop . in . security_qos = True ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! cac_LsaOpenPolicy ( hnd , mem_ctx , & lop ) )
return NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
fs . in . pol = lop . out . pol ;
fs . in . info_class = CAC_DOMAIN_INFO ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! cac_LsaFetchSid ( hnd , mem_ctx , & fs ) )
return NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
cac_LsaClosePolicy ( hnd , mem_ctx , lop . out . pol ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! fs . out . domain_sid )
return NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
sid = ( DOM_SID * ) talloc_memdup ( mem_ctx ,
& ( fs . out . domain_sid - > sid ) ,
sizeof ( DOM_SID ) ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! sid ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return sid ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamOpenDomain ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamOpenDomain * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
DOM_SID * sid_buf ;
POLICY_HND * sam_out ;
POLICY_HND * pol_out ;
struct SamLookupDomain sld ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | op - > in . access = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( ! op - > in . sam ) {
/*use cac_SamConnect() since it does the session setup */
struct SamConnect sc ;
ZERO_STRUCT ( sc ) ;
sc . in . access = op - > in . access ;
if ( ! cac_SamConnect ( hnd , mem_ctx , & sc ) ) {
return CAC_FAILURE ;
}
sam_out = sc . out . sam ;
} else {
sam_out = op - > in . sam ;
}
if ( ! op - > in . sid ) {
/*find the sid for the SAM's domain */
/*try using cac_SamLookupDomain() first */
ZERO_STRUCT ( sld ) ;
sld . in . sam = sam_out ;
sld . in . name = hnd - > domain ;
if ( cac_SamLookupDomain ( hnd , mem_ctx , & sld ) ) {
/*then we got the sid */
sid_buf = sld . out . sid ;
} else {
/*try to get it from the LSA */
sid_buf =
cac_get_domain_sid ( hnd , mem_ctx ,
op - > in . access ) ;
}
} else {
/*we already have the sid for the domain we want */
sid_buf = op - > in . sid ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
pol_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! pol_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
/*now open the domain */
hnd - > status =
rpccli_samr_open_domain ( pipe_hnd , mem_ctx , sam_out ,
op - > in . access , sid_buf , pol_out ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
op - > out . sam = sam_out ;
op - > out . dom_hnd = pol_out ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamOpenUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamOpenUser * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 * rid_buf = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 num_rids = 0 ;
uint32 * rid_types = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * user_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . dom_hnd | | op - > in . access = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( op - > in . rid = = 0 & & op - > in . name = = NULL ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( op - > in . rid = = 0 & & op - > in . name ) {
/*lookup the name and then set rid_buf */
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_lookup_names ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd ,
SAMR_LOOKUP_FLAGS , 1 ,
( const char * * ) & op - > in .
name , & num_rids , & rid_buf ,
& rid_types ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( num_rids = = 0 | | rid_buf = = NULL
| | rid_types [ 0 ] = = SAMR_RID_UNKNOWN ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
TALLOC_FREE ( rid_types ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
} else {
rid_buf = & op - > in . rid ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
user_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! user_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_open_user ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
op - > in . access , * rid_buf , user_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . user_hnd = user_out ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamCreateUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamCreateUser * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * user_out = NULL ;
uint32 rid_out ;
2005-09-03 16:55:45 +00:00
/**found in rpcclient/cmd_samr.c*/
2006-09-27 14:32:18 +00:00
uint32 unknown = 0xe005000b ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . dom_hnd | | ! op - > in . name | | op - > in . acb_mask = = 0
| | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
user_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! user_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
hnd - > status =
rpccli_samr_create_dom_user ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd , op - > in . name ,
op - > in . acb_mask , unknown ,
user_out , & rid_out ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
op - > out . user_hnd = user_out ;
op - > out . rid = rid_out ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamDeleteUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * user_hnd )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! user_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_delete_dom_user ( pipe_hnd , mem_ctx , user_hnd ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamEnumUsers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamEnumUsers * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 resume_idx_out = 0 ;
char * * names_out = NULL ;
uint32 * rids_out = NULL ;
uint32 num_users_out = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*this is a hack.. but is the only reliable way to know if everything has been enumerated */
if ( op - > out . done = = True )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
resume_idx_out = op - > out . resume_idx ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_enum_dom_users ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
& resume_idx_out , op - > in . acb_mask ,
SAMR_ENUM_MAX_SIZE , & names_out ,
& rids_out , & num_users_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( NT_STATUS_IS_OK ( hnd - > status ) )
op - > out . done = True ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*if there are no more entries, the operation will return NT_STATUS_OK.
* We want to return failure if no results were returned */
if ( ! NT_STATUS_IS_OK ( hnd - > status )
& & NT_STATUS_V ( hnd - > status ) ! =
NT_STATUS_V ( STATUS_MORE_ENTRIES ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . resume_idx = resume_idx_out ;
op - > out . num_users = num_users_out ;
op - > out . rids = rids_out ;
op - > out . names = names_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetNamesFromRids ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetNamesFromRids * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
uint32 num_names_out ;
char * * names_out ;
uint32 * name_types_out ;
uint32 i = 0 ;
CacLookupRidsRecord * map_out ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( ! op - > in . rids & & op - > in . num_rids ! = 0 ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( op - > in . num_rids = = 0 ) {
/*nothing to do */
op - > out . num_names = 0 ;
return CAC_SUCCESS ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
hnd - > status =
rpccli_samr_lookup_rids ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
op - > in . num_rids , op - > in . rids ,
& num_names_out , & names_out ,
& name_types_out ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status )
& & ! NT_STATUS_EQUAL ( hnd - > status , STATUS_SOME_UNMAPPED ) )
return CAC_FAILURE ;
map_out = TALLOC_ARRAY ( mem_ctx , CacLookupRidsRecord , num_names_out ) ;
if ( ! map_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
for ( i = 0 ; i < num_names_out ; i + + ) {
if ( name_types_out [ i ] = = SAMR_RID_UNKNOWN ) {
map_out [ i ] . found = False ;
map_out [ i ] . name = NULL ;
map_out [ i ] . type = 0 ;
} else {
map_out [ i ] . found = True ;
map_out [ i ] . name =
talloc_strdup ( mem_ctx , names_out [ i ] ) ;
map_out [ i ] . type = name_types_out [ i ] ;
}
map_out [ i ] . rid = op - > in . rids [ i ] ;
}
TALLOC_FREE ( names_out ) ;
TALLOC_FREE ( name_types_out ) ;
op - > out . num_names = num_names_out ;
op - > out . map = map_out ;
if ( NT_STATUS_EQUAL ( hnd - > status , STATUS_SOME_UNMAPPED ) )
return CAC_PARTIAL_SUCCESS ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetRidsFromNames ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetRidsFromNames * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
uint32 num_rids_out ;
uint32 * rids_out ;
uint32 * rid_types_out ;
uint32 i = 0 ;
CacLookupRidsRecord * map_out ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( ! op - > in . names & & op - > in . num_names ! = 0 ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( op - > in . num_names = = 0 ) {
/*then we don't have to do anything */
op - > out . num_rids = 0 ;
return CAC_SUCCESS ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
hnd - > status =
rpccli_samr_lookup_names ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
SAMR_LOOKUP_FLAGS , op - > in . num_names ,
( const char * * ) op - > in . names ,
& num_rids_out , & rids_out ,
& rid_types_out ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status )
& & ! NT_STATUS_EQUAL ( hnd - > status , STATUS_SOME_UNMAPPED ) )
return CAC_FAILURE ;
map_out = TALLOC_ARRAY ( mem_ctx , CacLookupRidsRecord , num_rids_out ) ;
if ( ! map_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
for ( i = 0 ; i < num_rids_out ; i + + ) {
if ( rid_types_out [ i ] = = SAMR_RID_UNKNOWN ) {
map_out [ i ] . found = False ;
map_out [ i ] . rid = 0 ;
map_out [ i ] . type = 0 ;
} else {
map_out [ i ] . found = True ;
map_out [ i ] . rid = rids_out [ i ] ;
map_out [ i ] . type = rid_types_out [ i ] ;
}
map_out [ i ] . name = talloc_strdup ( mem_ctx , op - > in . names [ i ] ) ;
}
op - > out . num_rids = num_rids_out ;
op - > out . map = map_out ;
TALLOC_FREE ( rids_out ) ;
TALLOC_FREE ( rid_types_out ) ;
if ( NT_STATUS_EQUAL ( hnd - > status , STATUS_SOME_UNMAPPED ) )
return CAC_PARTIAL_SUCCESS ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetGroupsForUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetGroupsForUser * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
DOM_GID * groups = NULL ;
uint32 num_groups_out = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 * rids_out = NULL ;
uint32 * attr_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 i ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . user_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_usergroups ( pipe_hnd , mem_ctx ,
op - > in . user_hnd ,
& num_groups_out , & groups ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
rids_out = talloc_array ( mem_ctx , uint32 , num_groups_out ) ;
if ( ! rids_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
attr_out = talloc_array ( mem_ctx , uint32 , num_groups_out ) ;
if ( ! attr_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
for ( i = 0 ; i < num_groups_out ; i + + ) {
rids_out [ i ] = groups [ i ] . g_rid ;
attr_out [ i ] = groups [ i ] . attr ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
TALLOC_FREE ( groups ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . num_groups = num_groups_out ;
op - > out . rids = rids_out ;
op - > out . attributes = attr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamOpenGroup ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamOpenGroup * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * group_hnd_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | op - > in . access = = 0 | | op - > in . rid = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
group_hnd_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! group_hnd_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_open_group ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
op - > in . access , op - > in . rid ,
group_hnd_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . group_hnd = group_hnd_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamCreateGroup ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamCreateGroup * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * group_hnd_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . name | | op - > in . name [ 0 ] = = ' \0 '
| | op - > in . access = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
group_hnd_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! group_hnd_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_create_dom_group ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd , op - > in . name ,
op - > in . access , group_hnd_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . group_hnd = group_hnd_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamDeleteGroup ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * group_hnd )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! group_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_delete_dom_group ( pipe_hnd , mem_ctx , group_hnd ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetGroupMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetGroupMembers * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 num_mem_out ;
uint32 * rids_out ;
uint32 * attr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . group_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_groupmem ( pipe_hnd , mem_ctx ,
op - > in . group_hnd , & num_mem_out ,
& rids_out , & attr_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . num_members = num_mem_out ;
op - > out . rids = rids_out ;
op - > out . attributes = attr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamAddGroupMember ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamAddGroupMember * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . group_hnd | | op - > in . rid = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_add_groupmem ( pipe_hnd , mem_ctx , op - > in . group_hnd ,
op - > in . rid ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamRemoveGroupMember ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamRemoveGroupMember * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . group_hnd | | op - > in . rid = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_del_groupmem ( pipe_hnd , mem_ctx , op - > in . group_hnd ,
op - > in . rid ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamClearGroupMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * group_hnd )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int result = CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int i = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 num_mem = 0 ;
uint32 * rid = NULL ;
uint32 * attr = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
NTSTATUS status ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! group_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_groupmem ( pipe_hnd , mem_ctx , group_hnd ,
& num_mem , & rid , & attr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*try to delete the users one by one */
for ( i = 0 ; i < num_mem & & NT_STATUS_IS_OK ( hnd - > status ) ; i + + ) {
hnd - > status =
rpccli_samr_del_groupmem ( pipe_hnd , mem_ctx ,
group_hnd , rid [ i ] ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*if not all members could be removed, then try to re-add the members that were already deleted */
if ( ! NT_STATUS_IS_OK ( hnd - > status ) ) {
status = NT_STATUS_OK ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
for ( i - = 1 ; i > = 0 & & NT_STATUS_IS_OK ( status ) ; i - - ) {
status = rpccli_samr_add_groupmem ( pipe_hnd , mem_ctx ,
group_hnd ,
rid [ i ] ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*we return with the NTSTATUS error that we got when trying to delete users */
if ( ! NT_STATUS_IS_OK ( status ) )
result = CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
TALLOC_FREE ( attr ) ;
return result ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetGroupMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetGroupMembers * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
uint32 i = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . group_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*use cac_SamClearGroupMembers() to clear them */
if ( ! cac_SamClearGroupMembers ( hnd , mem_ctx , op - > in . group_hnd ) )
return CAC_FAILURE ; /*hnd->status is already set */
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
for ( i = 0 ; i < op - > in . num_members & & NT_STATUS_IS_OK ( hnd - > status ) ;
i + + ) {
hnd - > status =
rpccli_samr_add_groupmem ( pipe_hnd , mem_ctx ,
op - > in . group_hnd ,
op - > in . rids [ i ] ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamEnumGroups ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamEnumGroups * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
uint32 i = 0 ;
uint32 resume_idx_out = 0 ;
char * * names_out = NULL ;
char * * desc_out = NULL ;
uint32 * rids_out = NULL ;
uint32 num_groups_out = 0 ;
struct acct_info * acct_buf = NULL ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
/*using this BOOL is the only reliable way to know that we are done */
if ( op - > out . done = = True ) /*we return failure so the call will break out of a loop */
return CAC_FAILURE ;
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
resume_idx_out = op - > out . resume_idx ;
hnd - > status =
rpccli_samr_enum_dom_groups ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd , & resume_idx_out ,
SAMR_ENUM_MAX_SIZE , & acct_buf ,
& num_groups_out ) ;
if ( NT_STATUS_IS_OK ( hnd - > status ) ) {
op - > out . done = True ;
} else if ( NT_STATUS_V ( hnd - > status ) ! =
NT_STATUS_V ( STATUS_MORE_ENTRIES ) ) {
/*if there are no more entries, the operation will return NT_STATUS_OK.
* We want to return failure if no results were returned */
return CAC_FAILURE ;
}
names_out = talloc_array ( mem_ctx , char * , num_groups_out ) ;
if ( ! names_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
return CAC_FAILURE ;
}
desc_out = talloc_array ( mem_ctx , char * , num_groups_out ) ;
if ( ! desc_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
TALLOC_FREE ( names_out ) ;
return CAC_FAILURE ;
}
rids_out = talloc_array ( mem_ctx , uint32 , num_groups_out ) ;
if ( ! rids_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
TALLOC_FREE ( names_out ) ;
TALLOC_FREE ( desc_out ) ;
return CAC_FAILURE ;
}
for ( i = 0 ; i < num_groups_out ; i + + ) {
names_out [ i ] =
talloc_strdup ( mem_ctx , acct_buf [ i ] . acct_name ) ;
desc_out [ i ] = talloc_strdup ( mem_ctx , acct_buf [ i ] . acct_desc ) ;
rids_out [ i ] = acct_buf [ i ] . rid ;
if ( ! names_out [ i ] | | ! desc_out [ i ] ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
}
op - > out . resume_idx = resume_idx_out ;
op - > out . num_groups = num_groups_out ;
op - > out . rids = rids_out ;
op - > out . names = names_out ;
op - > out . descriptions = desc_out ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamEnumAliases ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamEnumAliases * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
uint32 i = 0 ;
uint32 resume_idx_out = 0 ;
char * * names_out = NULL ;
char * * desc_out = NULL ;
uint32 * rids_out = NULL ;
uint32 num_als_out = 0 ;
struct acct_info * acct_buf = NULL ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
/*this is a hack.. but is the only reliable way to know if everything has been enumerated */
if ( op - > out . done = = True ) {
return CAC_FAILURE ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
resume_idx_out = op - > out . resume_idx ;
hnd - > status =
rpccli_samr_enum_als_groups ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd , & resume_idx_out ,
SAMR_ENUM_MAX_SIZE , & acct_buf ,
& num_als_out ) ;
if ( NT_STATUS_IS_OK ( hnd - > status ) )
op - > out . done = True ;
/*if there are no more entries, the operation will return NT_STATUS_OK.
* We want to return failure if no results were returned */
if ( ! NT_STATUS_IS_OK ( hnd - > status )
& & NT_STATUS_V ( hnd - > status ) ! =
NT_STATUS_V ( STATUS_MORE_ENTRIES ) )
return CAC_FAILURE ;
names_out = talloc_array ( mem_ctx , char * , num_als_out ) ;
if ( ! names_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
return CAC_FAILURE ;
}
desc_out = talloc_array ( mem_ctx , char * , num_als_out ) ;
if ( ! desc_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
TALLOC_FREE ( names_out ) ;
return CAC_FAILURE ;
}
rids_out = talloc_array ( mem_ctx , uint32 , num_als_out ) ;
if ( ! rids_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
TALLOC_FREE ( acct_buf ) ;
TALLOC_FREE ( names_out ) ;
TALLOC_FREE ( desc_out ) ;
return CAC_FAILURE ;
}
for ( i = 0 ; i < num_als_out ; i + + ) {
names_out [ i ] =
talloc_strdup ( mem_ctx , acct_buf [ i ] . acct_name ) ;
desc_out [ i ] = talloc_strdup ( mem_ctx , acct_buf [ i ] . acct_desc ) ;
rids_out [ i ] = acct_buf [ i ] . rid ;
if ( ! names_out [ i ] | | ! desc_out [ i ] ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
}
op - > out . resume_idx = resume_idx_out ;
op - > out . num_aliases = num_als_out ;
op - > out . rids = rids_out ;
op - > out . names = names_out ;
op - > out . descriptions = desc_out ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamCreateAlias ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamCreateAlias * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * als_hnd_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . name | | op - > in . name [ 0 ] = = ' \0 ' | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
als_hnd_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! als_hnd_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_create_dom_alias ( pipe_hnd , mem_ctx ,
op - > in . dom_hnd , op - > in . name ,
als_hnd_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . alias_hnd = als_hnd_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamOpenAlias ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamOpenAlias * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
POLICY_HND * als_hnd_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | op - > in . access = = 0 | | op - > in . rid = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
als_hnd_out = talloc ( mem_ctx , POLICY_HND ) ;
if ( ! als_hnd_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_open_alias ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
op - > in . access , op - > in . rid ,
als_hnd_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . alias_hnd = als_hnd_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamDeleteAlias ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * alias_hnd )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! alias_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_delete_dom_alias ( pipe_hnd , mem_ctx , alias_hnd ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamAddAliasMember ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamAddAliasMember * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . alias_hnd | | ! op - > in . sid | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_add_aliasmem ( pipe_hnd , mem_ctx , op - > in . alias_hnd ,
op - > in . sid ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamRemoveAliasMember ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamRemoveAliasMember * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . alias_hnd | | ! op - > in . sid | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_del_aliasmem ( pipe_hnd , mem_ctx , op - > in . alias_hnd ,
op - > in . sid ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetAliasMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetAliasMembers * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 num_mem_out ;
DOM_SID * sids_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . alias_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_aliasmem ( pipe_hnd , mem_ctx ,
op - > in . alias_hnd , & num_mem_out ,
& sids_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . num_members = num_mem_out ;
op - > out . sids = sids_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamClearAliasMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * alias_hnd )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int result = CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int i = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 num_mem = 0 ;
DOM_SID * sid = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
NTSTATUS status ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! alias_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_aliasmem ( pipe_hnd , mem_ctx , alias_hnd ,
& num_mem , & sid ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*try to delete the users one by one */
for ( i = 0 ; i < num_mem & & NT_STATUS_IS_OK ( hnd - > status ) ; i + + ) {
hnd - > status =
rpccli_samr_del_aliasmem ( pipe_hnd , mem_ctx ,
alias_hnd , & sid [ i ] ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*if not all members could be removed, then try to re-add the members that were already deleted */
if ( ! NT_STATUS_IS_OK ( hnd - > status ) ) {
status = NT_STATUS_OK ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
for ( i - = 1 ; i > = 0 & & NT_STATUS_IS_OK ( status ) ; i - - ) {
status = rpccli_samr_add_aliasmem ( pipe_hnd , mem_ctx ,
alias_hnd ,
& sid [ i ] ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*we return with the NTSTATUS error that we got when trying to delete users */
if ( ! NT_STATUS_IS_OK ( status ) )
result = CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
TALLOC_FREE ( sid ) ;
return result ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamSetAliasMembers ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetAliasMembers * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
uint32 i = 0 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . alias_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*use cac_SamClearAliasMembers() to clear them */
if ( ! cac_SamClearAliasMembers ( hnd , mem_ctx , op - > in . alias_hnd ) )
return CAC_FAILURE ; /*hnd->status is already set */
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
for ( i = 0 ; i < op - > in . num_members & & NT_STATUS_IS_OK ( hnd - > status ) ;
i + + ) {
hnd - > status =
rpccli_samr_add_aliasmem ( pipe_hnd , mem_ctx ,
op - > in . alias_hnd ,
& ( op - > in . sids [ i ] ) ) ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamUserChangePasswd ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamUserChangePasswd * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op | | ! op - > in . username | | ! op - > in . password
| | ! op - > in . new_password | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
/*open a session on SAMR if we don't have one */
if ( ! hnd - > _internal . pipes [ PI_SAMR ] ) {
if ( !
( pipe_hnd =
cli_rpc_pipe_open_noauth ( srv - > cli , PI_SAMR ,
& hnd - > status ) ) ) {
return CAC_FAILURE ;
}
hnd - > _internal . pipes [ PI_SAMR ] = True ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
hnd - > status =
rpccli_samr_chgpasswd_user ( pipe_hnd , mem_ctx ,
op - > in . username ,
op - > in . new_password ,
op - > in . password ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamEnableUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * user_hnd )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR * ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! user_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*info_level = 21 is the only level that I have found to work reliably. It would be nice if user_level = 10 worked. */
hnd - > status =
rpccli_samr_query_userinfo ( pipe_hnd , mem_ctx , user_hnd , 0x10 ,
& ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
/**check the ACB mask*/
2006-09-27 14:32:18 +00:00
if ( ( ctr - > info . id16 - > acb_info & ACB_DISABLED ) = = ACB_DISABLED ) {
/*toggle the disabled bit */
ctr - > info . id16 - > acb_info ^ = ACB_DISABLED ;
} else {
/*the user is already enabled so just return success */
return CAC_SUCCESS ;
}
/*now set the userinfo */
hnd - > status =
rpccli_samr_set_userinfo2 ( pipe_hnd , mem_ctx , user_hnd , 0x10 ,
& srv - > cli - > user_session_key , ctr ) ;
/*this will only work properly if we use set_userinfo2 - fail if it is not supported */
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamDisableUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
POLICY_HND * user_hnd )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR * ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! user_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_userinfo ( pipe_hnd , mem_ctx , user_hnd , 0x10 ,
& ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ( ctr - > info . id16 - > acb_info & ACB_DISABLED ) = = ACB_DISABLED ) {
/*then the user is already disabled */
return CAC_SUCCESS ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*toggle the disabled bit */
ctr - > info . id16 - > acb_info ^ = ACB_DISABLED ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*this will only work properly if we use set_userinfo2 */
hnd - > status =
rpccli_samr_set_userinfo2 ( pipe_hnd , mem_ctx , user_hnd , 0x10 ,
& srv - > cli - > user_session_key , ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*this will only work properly if we use set_userinfo2 fail if it is not supported */
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetPassword ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetPassword * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR ctr ;
SAM_USER_INFO_24 info24 ;
uint8 pw [ 516 ] ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . user_hnd | | ! op - > in . password | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ZERO_STRUCT ( ctr ) ;
ZERO_STRUCT ( info24 ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
encode_pw_buffer ( pw , op - > in . password , STR_UNICODE ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
init_sam_user_info24 ( & info24 , ( char * ) pw , 24 ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ctr . switch_value = 24 ;
ctr . info . id24 = & info24 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_userinfo ( pipe_hnd , mem_ctx , op - > in . user_hnd ,
24 , & srv - > cli - > user_session_key ,
& ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetUserInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetUserInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR * ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . user_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_userinfo ( pipe_hnd , mem_ctx ,
op - > in . user_hnd , 21 , & ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . info = cac_MakeUserInfo ( mem_ctx , ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > out . info ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetUserInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetUserInfo * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
SAM_USERINFO_CTR * ctr ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op - > in . user_hnd | | ! op - > in . info | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
ctr = cac_MakeUserInfoCtr ( mem_ctx , op - > in . info ) ;
if ( ! ctr ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( hnd - > _internal . srv_level > = SRV_WIN_NT4 ) {
hnd - > status =
rpccli_samr_set_userinfo2 ( pipe_hnd , mem_ctx ,
op - > in . user_hnd , 21 ,
& srv - > cli - >
user_session_key , ctr ) ;
}
if ( hnd - > _internal . srv_level < SRV_WIN_NT4
| | ! NT_STATUS_IS_OK ( hnd - > status ) ) {
hnd - > status =
rpccli_samr_set_userinfo ( pipe_hnd , mem_ctx ,
op - > in . user_hnd , 21 ,
& srv - > cli - > user_session_key ,
ctr ) ;
if ( NT_STATUS_IS_OK ( hnd - > status )
& & hnd - > _internal . srv_level > SRV_WIN_NT4 ) {
hnd - > _internal . srv_level = SRV_WIN_NT4 ;
}
}
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
return CAC_SUCCESS ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamGetUserInfoCtr ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetUserInfoCtr * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR * ctr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . user_hnd | | op - > in . info_class = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_userinfo ( pipe_hnd , mem_ctx ,
op - > in . user_hnd ,
op - > in . info_class , & ctr_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . ctr = ctr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetUserInfoCtr ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetUserInfoCtr * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . user_hnd | | ! op - > in . ctr | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_userinfo ( pipe_hnd , mem_ctx , op - > in . user_hnd ,
op - > in . ctr - > switch_value ,
& srv - > cli - > user_session_key ,
op - > in . ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamRenameUser ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamRenameUser * op )
{
SMBCSRV * srv = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_USERINFO_CTR ctr ;
SAM_USER_INFO_7 info7 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . user_hnd | | ! op - > in . new_name
| | op - > in . new_name [ 0 ] = = ' \0 ' | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
srv = cac_GetServer ( hnd ) ;
if ( ! srv ) {
hnd - > status = NT_STATUS_INVALID_CONNECTION ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ZERO_STRUCT ( ctr ) ;
ZERO_STRUCT ( info7 ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
init_sam_user_info7 ( & info7 , op - > in . new_name ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ctr . switch_value = 7 ;
ctr . info . id7 = & info7 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_userinfo ( pipe_hnd , mem_ctx , op - > in . user_hnd ,
7 , & srv - > cli - > user_session_key ,
& ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetGroupInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetGroupInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
GROUP_INFO_CTR * ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . group_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*get a GROUP_INFO_1 structure */
hnd - > status =
rpccli_samr_query_groupinfo ( pipe_hnd , mem_ctx ,
op - > in . group_hnd , 1 , & ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . info = cac_MakeGroupInfo ( mem_ctx , ctr ) ;
if ( ! op - > out . info ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetGroupInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetGroupInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
GROUP_INFO_CTR * ctr = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . group_hnd | | ! op - > in . info | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ctr = cac_MakeGroupInfoCtr ( mem_ctx , op - > in . info ) ;
if ( ! ctr ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_groupinfo ( pipe_hnd , mem_ctx ,
op - > in . group_hnd , ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamRenameGroup ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamRenameGroup * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
GROUP_INFO_CTR ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . group_hnd | | ! op - > in . new_name
| | op - > in . new_name [ 0 ] = = ' \0 ' | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ZERO_STRUCT ( ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
init_samr_group_info2 ( & ctr . group . info2 , op - > in . new_name ) ;
ctr . switch_value1 = 2 ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_groupinfo ( pipe_hnd , mem_ctx ,
op - > in . group_hnd , & ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetAliasInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetAliasInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ALIAS_INFO_CTR ctr ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . alias_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*get a GROUP_INFO_1 structure */
hnd - > status =
rpccli_samr_query_alias_info ( pipe_hnd , mem_ctx ,
op - > in . alias_hnd , 1 , & ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . info = cac_MakeAliasInfo ( mem_ctx , ctr ) ;
if ( ! op - > out . info ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamSetAliasInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamSetAliasInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ALIAS_INFO_CTR * ctr = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . alias_hnd | | ! op - > in . info | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ctr = cac_MakeAliasInfoCtr ( mem_ctx , op - > in . info ) ;
if ( ! ctr ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_set_aliasinfo ( pipe_hnd , mem_ctx ,
op - > in . alias_hnd , ctr ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetDomainInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetDomainInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
SAM_UNK_CTR ctr ;
SAM_UNK_INFO_1 info1 ;
SAM_UNK_INFO_2 info2 ;
SAM_UNK_INFO_12 info12 ;
/*use this to keep track of a failed call */
NTSTATUS status_buf = NT_STATUS_OK ;
uint16 fail_count = 0 ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
/*first try with info 1 */
hnd - > status =
rpccli_samr_query_dom_info ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
1 , & ctr ) ;
if ( NT_STATUS_IS_OK ( hnd - > status ) ) {
/*then we buffer the SAM_UNK_INFO_1 structure */
info1 = ctr . info . inf1 ;
} else {
/*then the call failed, store the status and ZERO out the info structure */
ZERO_STRUCT ( info1 ) ;
status_buf = hnd - > status ;
fail_count + + ;
}
/*try again for the next one */
hnd - > status =
rpccli_samr_query_dom_info ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
2 , & ctr ) ;
if ( NT_STATUS_IS_OK ( hnd - > status ) ) {
/*store the info */
info2 = ctr . info . inf2 ;
} else {
/*ZERO out the structure and store the bad status */
ZERO_STRUCT ( info2 ) ;
status_buf = hnd - > status ;
fail_count + + ;
}
/*once more */
hnd - > status =
rpccli_samr_query_dom_info ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
12 , & ctr ) ;
if ( NT_STATUS_IS_OK ( hnd - > status ) ) {
info12 = ctr . info . inf12 ;
} else {
ZERO_STRUCT ( info12 ) ;
status_buf = hnd - > status ;
fail_count + + ;
}
/*return failure if all 3 calls failed */
if ( fail_count = = 3 )
return CAC_FAILURE ;
op - > out . info = cac_MakeDomainInfo ( mem_ctx , & info1 , & info2 , & info12 ) ;
if ( ! op - > out . info ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
if ( fail_count > 0 ) {
hnd - > status = status_buf ;
return CAC_PARTIAL_SUCCESS ;
}
return CAC_SUCCESS ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamGetDomainInfoCtr ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetDomainInfoCtr * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SAM_UNK_CTR * ctr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . dom_hnd | | op - > in . info_class = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ctr_out = talloc ( mem_ctx , SAM_UNK_CTR ) ;
if ( ! ctr_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_dom_info ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
op - > in . info_class , ctr_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . info = ctr_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
int cac_SamGetDisplayInfo ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetDisplayInfo * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
SAM_DISPINFO_CTR ctr_out ;
uint32 max_entries_buf = 0 ;
uint32 max_size_buf = 0 ;
uint32 resume_idx_out ;
uint32 num_entries_out ;
if ( ! hnd )
return CAC_FAILURE ;
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( ! op - > in . dom_hnd | | op - > in . info_class = = 0 | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
if ( op - > out . done = = True ) /*this is done so we can use the function as a loop condition */
return CAC_FAILURE ;
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
if ( op - > in . max_entries = = 0 | | op - > in . max_size = = 0 ) {
get_query_dispinfo_params ( op - > out . loop_count ,
& max_entries_buf , & max_size_buf ) ;
} else {
max_entries_buf = op - > in . max_entries ;
max_size_buf = op - > in . max_size ;
}
resume_idx_out = op - > out . resume_idx ;
hnd - > status =
rpccli_samr_query_dispinfo ( pipe_hnd , mem_ctx , op - > in . dom_hnd ,
& resume_idx_out ,
op - > in . info_class ,
& num_entries_out , max_entries_buf ,
max_size_buf , & ctr_out ) ;
if ( ! NT_STATUS_IS_OK ( hnd - > status )
& & ! NT_STATUS_EQUAL ( hnd - > status , STATUS_MORE_ENTRIES ) ) {
/*be defensive, maybe they'll call again without zeroing the struct */
op - > out . loop_count = 0 ;
op - > out . resume_idx = 0 ;
return CAC_FAILURE ;
}
if ( NT_STATUS_IS_OK ( hnd - > status ) ) {
/*we want to quit once the function is called next. so it can be used in a loop */
op - > out . done = True ;
}
op - > out . resume_idx = resume_idx_out ;
op - > out . num_entries = num_entries_out ;
op - > out . ctr = ctr_out ;
op - > out . loop_count + + ;
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamLookupDomain ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamLookupDomain * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
DOM_SID * sid_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . sam | | ! op - > in . name | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
sid_out = talloc ( mem_ctx , DOM_SID ) ;
if ( ! sid_out ) {
hnd - > status = NT_STATUS_NO_MEMORY ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_lookup_domain ( pipe_hnd , mem_ctx , op - > in . sam ,
op - > in . name , sid_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . sid = sid_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamGetSecurityObject ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamGetSecurityObject * op )
{
struct rpc_pipe_client * pipe_hnd = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*this number taken from rpcclient/cmd_samr.c, I think it is the only supported level */
uint32 sec_info = DACL_SECURITY_INFORMATION ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
SEC_DESC_BUF * sec_out = NULL ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op - > in . pol | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
pipe_hnd = cac_GetPipe ( hnd , PI_SAMR ) ;
if ( ! pipe_hnd ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
hnd - > status =
rpccli_samr_query_sec_obj ( pipe_hnd , mem_ctx , op - > in . pol ,
sec_info , mem_ctx , & sec_out ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! NT_STATUS_IS_OK ( hnd - > status ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
op - > out . sec = sec_out ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
2006-09-27 14:32:18 +00:00
int cac_SamFlush ( CacServerHandle * hnd , TALLOC_CTX * mem_ctx ,
struct SamFlush * op )
{
struct SamOpenDomain od ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! hnd - > _internal . ctx | | ! hnd - > _internal . pipes [ PI_SAMR ] ) {
hnd - > status = NT_STATUS_INVALID_HANDLE ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! op | | ! op - > in . dom_hnd | | ! mem_ctx ) {
hnd - > status = NT_STATUS_INVALID_PARAMETER ;
return CAC_FAILURE ;
}
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! cac_SamClose ( hnd , mem_ctx , op - > in . dom_hnd ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
ZERO_STRUCT ( od ) ;
od . in . access =
( op - > in . access ) ? op - > in . access : MAXIMUM_ALLOWED_ACCESS ;
od . in . sid = op - > in . sid ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
if ( ! cac_SamOpenDomain ( hnd , mem_ctx , & od ) )
return CAC_FAILURE ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
/*this function does not use an output parameter to make it as convenient as possible to use */
* op - > in . dom_hnd = * od . out . dom_hnd ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
TALLOC_FREE ( od . out . dom_hnd ) ;
2005-09-03 16:55:45 +00:00
2006-09-27 14:32:18 +00:00
return CAC_SUCCESS ;
2005-09-03 16:55:45 +00:00
}
