mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s3-winbind: prefer dcerpc_netr_X functions.
Guenther Signed-off-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
232378c6e5
commit
c9b3404c68
@ -23,7 +23,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
#include "winbindd.h"
|
||||
#include "../librpc/gen_ndr/cli_netlogon.h"
|
||||
#include "../librpc/gen_ndr/ndr_netlogon_c.h"
|
||||
#include "../libds/common/flags.h"
|
||||
#include "ads.h"
|
||||
#include "secrets.h"
|
||||
@ -1292,10 +1292,12 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
|
||||
struct netr_DomainTrustList *trusts)
|
||||
{
|
||||
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
|
||||
WERROR werr;
|
||||
int i;
|
||||
uint32 flags;
|
||||
struct rpc_pipe_client *cli;
|
||||
int ret_count;
|
||||
struct dcerpc_binding_handle *b;
|
||||
|
||||
DEBUG(3,("ads: trusted_domains\n"));
|
||||
|
||||
@ -1322,14 +1324,20 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
|
||||
result = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx,
|
||||
b = cli->binding_handle;
|
||||
|
||||
result = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx,
|
||||
cli->desthost,
|
||||
flags,
|
||||
trusts,
|
||||
NULL);
|
||||
&werr);
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
return result;
|
||||
}
|
||||
|
||||
if (!W_ERROR_IS_OK(werr)) {
|
||||
return werror_to_ntstatus(werr);
|
||||
}
|
||||
if (trusts->count == 0) {
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
@ -61,7 +61,7 @@
|
||||
#include "includes.h"
|
||||
#include "winbindd.h"
|
||||
#include "../libcli/auth/libcli_auth.h"
|
||||
#include "../librpc/gen_ndr/cli_netlogon.h"
|
||||
#include "../librpc/gen_ndr/ndr_netlogon_c.h"
|
||||
#include "rpc_client/cli_netlogon.h"
|
||||
#include "../librpc/gen_ndr/cli_samr.h"
|
||||
#include "../librpc/gen_ndr/cli_lsa.h"
|
||||
@ -603,6 +603,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain,
|
||||
unsigned int orig_timeout;
|
||||
const char *tmp = NULL;
|
||||
const char *p;
|
||||
struct dcerpc_binding_handle *b;
|
||||
|
||||
/* Hmmmm. We can only open one connection to the NETLOGON pipe at the
|
||||
* moment.... */
|
||||
@ -627,6 +628,8 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain,
|
||||
return False;
|
||||
}
|
||||
|
||||
b = netlogon_pipe->binding_handle;
|
||||
|
||||
/* This call can take a long time - allow the server to time out.
|
||||
35 seconds should do it. */
|
||||
|
||||
@ -635,7 +638,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain,
|
||||
if (our_domain->active_directory) {
|
||||
struct netr_DsRGetDCNameInfo *domain_info = NULL;
|
||||
|
||||
result = rpccli_netr_DsRGetDCName(netlogon_pipe,
|
||||
result = dcerpc_netr_DsRGetDCName(b,
|
||||
mem_ctx,
|
||||
our_domain->dcname,
|
||||
domain->name,
|
||||
@ -662,7 +665,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain,
|
||||
}
|
||||
}
|
||||
} else {
|
||||
result = rpccli_netr_GetAnyDCName(netlogon_pipe, mem_ctx,
|
||||
result = dcerpc_netr_GetAnyDCName(b, mem_ctx,
|
||||
our_domain->dcname,
|
||||
domain->name,
|
||||
&tmp,
|
||||
@ -673,27 +676,27 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain,
|
||||
rpccli_set_timeout(netlogon_pipe, orig_timeout);
|
||||
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
DEBUG(10,("rpccli_netr_GetAnyDCName failed: %s\n",
|
||||
DEBUG(10,("dcerpc_netr_GetAnyDCName failed: %s\n",
|
||||
nt_errstr(result)));
|
||||
talloc_destroy(mem_ctx);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!W_ERROR_IS_OK(werr)) {
|
||||
DEBUG(10,("rpccli_netr_GetAnyDCName failed: %s\n",
|
||||
DEBUG(10,("dcerpc_netr_GetAnyDCName failed: %s\n",
|
||||
win_errstr(werr)));
|
||||
talloc_destroy(mem_ctx);
|
||||
return false;
|
||||
}
|
||||
|
||||
/* rpccli_netr_GetAnyDCName gives us a name with \\ */
|
||||
/* dcerpc_netr_GetAnyDCName gives us a name with \\ */
|
||||
p = strip_hostname(tmp);
|
||||
|
||||
fstrcpy(dcname, p);
|
||||
|
||||
talloc_destroy(mem_ctx);
|
||||
|
||||
DEBUG(10,("rpccli_netr_GetAnyDCName returned %s\n", dcname));
|
||||
DEBUG(10,("dcerpc_netr_GetAnyDCName returned %s\n", dcname));
|
||||
|
||||
if (!resolve_name(dcname, dc_ss, 0x20, true)) {
|
||||
return False;
|
||||
@ -1704,6 +1707,7 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain )
|
||||
{
|
||||
struct winbindd_domain *our_domain;
|
||||
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
|
||||
WERROR werr;
|
||||
struct netr_DomainTrustList trusts;
|
||||
int i;
|
||||
uint32 flags = (NETR_TRUST_FLAG_IN_FOREST |
|
||||
@ -1711,6 +1715,7 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain )
|
||||
NETR_TRUST_FLAG_INBOUND);
|
||||
struct rpc_pipe_client *cli;
|
||||
TALLOC_CTX *mem_ctx = NULL;
|
||||
struct dcerpc_binding_handle *b;
|
||||
|
||||
DEBUG(5, ("set_dc_type_and_flags_trustinfo: domain %s\n", domain->name ));
|
||||
|
||||
@ -1745,16 +1750,18 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain )
|
||||
return False;
|
||||
}
|
||||
|
||||
b = cli->binding_handle;
|
||||
|
||||
if ( (mem_ctx = talloc_init("set_dc_type_and_flags_trustinfo")) == NULL ) {
|
||||
DEBUG(0,("set_dc_type_and_flags_trustinfo: talloc_init() failed!\n"));
|
||||
return False;
|
||||
}
|
||||
|
||||
result = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx,
|
||||
result = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx,
|
||||
cli->desthost,
|
||||
flags,
|
||||
&trusts,
|
||||
NULL);
|
||||
&werr);
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
DEBUG(0,("set_dc_type_and_flags_trustinfo: "
|
||||
"failed to query trusted domain list: %s\n",
|
||||
@ -1762,6 +1769,13 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain )
|
||||
talloc_destroy(mem_ctx);
|
||||
return false;
|
||||
}
|
||||
if (!W_ERROR_IS_OK(werr)) {
|
||||
DEBUG(0,("set_dc_type_and_flags_trustinfo: "
|
||||
"failed to query trusted domain list: %s\n",
|
||||
win_errstr(werr)));
|
||||
talloc_destroy(mem_ctx);
|
||||
return false;
|
||||
}
|
||||
|
||||
/* Now find the domain name and get the flags */
|
||||
|
||||
|
@ -24,7 +24,7 @@
|
||||
#include "winbindd/winbindd.h"
|
||||
#include "winbindd/winbindd_proto.h"
|
||||
#include "librpc/gen_ndr/srv_wbint.h"
|
||||
#include "../librpc/gen_ndr/cli_netlogon.h"
|
||||
#include "../librpc/gen_ndr/ndr_netlogon_c.h"
|
||||
#include "idmap.h"
|
||||
#include "../libcli/security/security.h"
|
||||
|
||||
@ -291,6 +291,7 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r)
|
||||
NTSTATUS status;
|
||||
WERROR werr;
|
||||
unsigned int orig_timeout;
|
||||
struct dcerpc_binding_handle *b;
|
||||
|
||||
if (domain == NULL) {
|
||||
return dsgetdcname(p->mem_ctx, winbind_messaging_context(),
|
||||
@ -307,14 +308,16 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r)
|
||||
return status;
|
||||
}
|
||||
|
||||
b = netlogon_pipe->binding_handle;
|
||||
|
||||
/* This call can take a long time - allow the server to time out.
|
||||
35 seconds should do it. */
|
||||
|
||||
orig_timeout = rpccli_set_timeout(netlogon_pipe, 35000);
|
||||
|
||||
if (domain->active_directory) {
|
||||
status = rpccli_netr_DsRGetDCName(
|
||||
netlogon_pipe, p->mem_ctx, domain->dcname,
|
||||
status = dcerpc_netr_DsRGetDCName(b,
|
||||
p->mem_ctx, domain->dcname,
|
||||
r->in.domain_name, NULL, r->in.domain_guid,
|
||||
r->in.flags, r->out.dc_info, &werr);
|
||||
if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(werr)) {
|
||||
@ -333,22 +336,22 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r)
|
||||
}
|
||||
|
||||
if (r->in.flags & DS_PDC_REQUIRED) {
|
||||
status = rpccli_netr_GetDcName(
|
||||
netlogon_pipe, p->mem_ctx, domain->dcname,
|
||||
status = dcerpc_netr_GetDcName(b,
|
||||
p->mem_ctx, domain->dcname,
|
||||
r->in.domain_name, &dc_info->dc_unc, &werr);
|
||||
} else {
|
||||
status = rpccli_netr_GetAnyDCName(
|
||||
netlogon_pipe, p->mem_ctx, domain->dcname,
|
||||
status = dcerpc_netr_GetAnyDCName(b,
|
||||
p->mem_ctx, domain->dcname,
|
||||
r->in.domain_name, &dc_info->dc_unc, &werr);
|
||||
}
|
||||
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(10, ("rpccli_netr_Get[Any]DCName failed: %s\n",
|
||||
DEBUG(10, ("dcerpc_netr_Get[Any]DCName failed: %s\n",
|
||||
nt_errstr(status)));
|
||||
goto done;
|
||||
}
|
||||
if (!W_ERROR_IS_OK(werr)) {
|
||||
DEBUG(10, ("rpccli_netr_Get[Any]DCName failed: %s\n",
|
||||
DEBUG(10, ("dcerpc_netr_Get[Any]DCName failed: %s\n",
|
||||
win_errstr(werr)));
|
||||
status = werror_to_ntstatus(werr);
|
||||
goto done;
|
||||
@ -526,6 +529,7 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r)
|
||||
union netr_CONTROL_QUERY_INFORMATION info;
|
||||
WERROR werr;
|
||||
fstring logon_server;
|
||||
struct dcerpc_binding_handle *b;
|
||||
|
||||
domain = wb_child_domain();
|
||||
if (domain == NULL) {
|
||||
@ -538,6 +542,8 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r)
|
||||
return status;
|
||||
}
|
||||
|
||||
b = netlogon_pipe->binding_handle;
|
||||
|
||||
fstr_sprintf(logon_server, "\\\\%s", domain->dcname);
|
||||
|
||||
/*
|
||||
@ -546,23 +552,29 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r)
|
||||
* call to work, but the main point here is testing that the
|
||||
* netlogon pipe works.
|
||||
*/
|
||||
status = rpccli_netr_LogonControl(netlogon_pipe, p->mem_ctx,
|
||||
status = dcerpc_netr_LogonControl(b, p->mem_ctx,
|
||||
logon_server, NETLOGON_CONTROL_QUERY,
|
||||
2, &info, &werr);
|
||||
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
|
||||
DEBUG(2, ("rpccli_netr_LogonControl timed out\n"));
|
||||
DEBUG(2, ("dcerpc_netr_LogonControl timed out\n"));
|
||||
invalidate_cm_connection(&domain->conn);
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!NT_STATUS_EQUAL(status, NT_STATUS_CTL_FILE_NOT_SUPPORTED)) {
|
||||
DEBUG(2, ("rpccli_netr_LogonControl returned %s, expected "
|
||||
"NT_STATUS_CTL_FILE_NOT_SUPPORTED\n",
|
||||
nt_errstr(status)));
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(2, ("dcerpc_netr_LogonControl failed: %s\n",
|
||||
nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!W_ERROR_EQUAL(werr, WERR_NOT_SUPPORTED)) {
|
||||
DEBUG(2, ("dcerpc_netr_LogonControl returned %s, expected "
|
||||
"WERR_NOT_SUPPORTED\n",
|
||||
win_errstr(werr)));
|
||||
return werror_to_ntstatus(werr);
|
||||
}
|
||||
|
||||
DEBUG(5, ("winbindd_dual_ping_dc succeeded\n"));
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
@ -22,7 +22,6 @@
|
||||
|
||||
#include "includes.h"
|
||||
#include "winbindd.h"
|
||||
#include "../librpc/gen_ndr/cli_netlogon.h"
|
||||
|
||||
#undef DBGC_CLASS
|
||||
#define DBGC_CLASS DBGC_WINBIND
|
||||
|
Loading…
Reference in New Issue
Block a user