| blob | fa1e5a645bf96b10097e1475ad928998120c09dc |
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
25 /* Connect to SAMR database */
29 {
31 SAMR_Q_CONNECT q;
32 SAMR_R_CONNECT r;
40 /* Marshall data and send request */
47 samr_io_q_connect,
48 samr_io_r_connect,
49 NT_STATUS_UNSUCCESSFUL);
50 /* Return output parameters */
54 #ifdef __INSURE__
56 #endif
57 }
60 }
62 /* Connect to SAMR database */
66 {
68 SAMR_Q_CONNECT4 q;
69 SAMR_R_CONNECT4 r;
75 /* Marshall data and send request */
82 samr_io_q_connect4,
83 samr_io_r_connect4,
84 NT_STATUS_UNSUCCESSFUL);
86 /* Return output parameters */
90 #ifdef __INSURE__
92 #endif
93 }
96 }
98 /* Add a domain group member */
102 {
104 SAMR_Q_ADD_GROUPMEM q;
105 SAMR_R_ADD_GROUPMEM r;
113 /* Marshall data and send request */
120 samr_io_q_add_groupmem,
121 samr_io_r_add_groupmem,
122 NT_STATUS_UNSUCCESSFUL);
124 /* Return output parameters */
129 }
131 /* Delete a domain group member */
135 {
137 SAMR_Q_DEL_GROUPMEM q;
138 SAMR_R_DEL_GROUPMEM r;
146 /* Marshall data and send request */
153 samr_io_q_del_groupmem,
154 samr_io_r_del_groupmem,
155 NT_STATUS_UNSUCCESSFUL);
157 /* Return output parameters */
162 }
164 /* Query user info */
169 uint16 switch_value,
171 {
173 SAMR_Q_QUERY_USERINFO q;
174 SAMR_R_QUERY_USERINFO r;
182 /* Marshall data and send request */
189 samr_io_q_query_userinfo,
190 samr_io_r_query_userinfo,
191 NT_STATUS_UNSUCCESSFUL);
193 /* Return output parameters */
199 }
201 /* Set group info */
205 {
207 SAMR_Q_SET_GROUPINFO q;
208 SAMR_R_SET_GROUPINFO r;
216 /* Marshall data and send request */
223 samr_io_q_set_groupinfo,
224 samr_io_r_set_groupinfo,
225 NT_STATUS_UNSUCCESSFUL);
227 /* Return output parameters */
232 }
234 /* Query group info */
239 {
241 SAMR_Q_QUERY_GROUPINFO q;
242 SAMR_R_QUERY_GROUPINFO r;
250 /* Marshall data and send request */
257 samr_io_q_query_groupinfo,
258 samr_io_r_query_groupinfo,
259 NT_STATUS_UNSUCCESSFUL);
263 /* Return output parameters */
268 }
270 /* Query user groups */
277 {
279 SAMR_Q_QUERY_USERGROUPS q;
280 SAMR_R_QUERY_USERGROUPS r;
288 /* Marshall data and send request */
295 samr_io_q_query_usergroups,
296 samr_io_r_query_usergroups,
297 NT_STATUS_UNSUCCESSFUL);
299 /* Return output parameters */
304 }
307 }
309 /* Set alias info */
313 {
315 SAMR_Q_SET_ALIASINFO q;
316 SAMR_R_SET_ALIASINFO r;
324 /* Marshall data and send request */
331 samr_io_q_set_aliasinfo,
332 samr_io_r_set_aliasinfo,
333 NT_STATUS_UNSUCCESSFUL);
335 /* Return output parameters */
340 }
342 /* Query user aliases */
349 {
351 SAMR_Q_QUERY_USERALIASES q;
352 SAMR_R_QUERY_USERALIASES r;
368 }
373 /* Marshall data and send request */
380 samr_io_q_query_useraliases,
381 samr_io_r_query_useraliases,
382 NT_STATUS_UNSUCCESSFUL);
384 /* Return output parameters */
389 }
392 }
394 /* Query user groups */
400 {
402 SAMR_Q_QUERY_GROUPMEM q;
403 SAMR_R_QUERY_GROUPMEM r;
411 /* Marshall data and send request */
418 samr_io_q_query_groupmem,
419 samr_io_r_query_groupmem,
420 NT_STATUS_UNSUCCESSFUL);
422 /* Return output parameters */
428 }
431 }
433 /**
434 * Enumerate domain users
435 *
436 * @param cli client state structure
437 * @param mem_ctx talloc context
438 * @param pol opened domain policy handle
439 * @param start_idx starting index of enumeration, returns context for
440 next enumeration
441 * @param acb_mask account control bit mask (to enumerate some particular
442 * kind of accounts)
443 * @param size max acceptable size of response
444 * @param dom_users returned array of domain user names
445 * @param rids returned array of domain user RIDs
446 * @param num_dom_users numer returned entries
447 *
448 * @return NTSTATUS returned in rpc response
449 **/
455 {
456 prs_struct qbuf;
457 prs_struct rbuf;
458 SAMR_Q_ENUM_DOM_USERS q;
459 SAMR_R_ENUM_DOM_USERS r;
468 /* always init this */
471 /* Fill query structure with parameters */
478 samr_io_q_enum_dom_users,
479 samr_io_r_enum_dom_users,
480 NT_STATUS_UNSUCCESSFUL);
492 /* allocate memory needed to return received data */
497 }
503 }
505 /* fill output buffers with rpc response */
507 fstring conv_buf;
512 }
513 }
515 done:
517 }
519 /* Enumerate domain groups */
526 {
528 SAMR_Q_ENUM_DOM_GROUPS q;
529 SAMR_R_ENUM_DOM_GROUPS r;
538 /* Marshall data and send request */
545 samr_io_q_enum_dom_groups,
546 samr_io_r_enum_dom_groups,
547 NT_STATUS_UNSUCCESSFUL);
549 /* Return output parameters */
565 }
579 name_idx++;
580 }
583 }
585 done:
587 }
589 /* Enumerate domain groups */
596 {
598 SAMR_Q_ENUM_DOM_ALIASES q;
599 SAMR_R_ENUM_DOM_ALIASES r;
608 /* Marshall data and send request */
615 samr_io_q_enum_dom_aliases,
616 samr_io_r_enum_dom_aliases,
617 NT_STATUS_UNSUCCESSFUL);
619 /* Return output parameters */
626 }
636 }
650 name_idx++;
651 }
654 }
656 done:
658 }
660 /* Query alias members */
666 {
668 SAMR_Q_QUERY_ALIASMEM q;
669 SAMR_R_QUERY_ALIASMEM r;
671 uint32 i;
678 /* Marshall data and send request */
685 samr_io_q_query_aliasmem,
686 samr_io_r_query_aliasmem,
687 NT_STATUS_UNSUCCESSFUL);
689 /* Return output parameters */
693 }
701 }
706 }
710 }
712 done:
714 }
716 /* Add an alias member */
720 {
722 SAMR_Q_ADD_ALIASMEM q;
723 SAMR_R_ADD_ALIASMEM r;
724 NTSTATUS result;
731 /* Marshall data and send request */
738 samr_io_q_add_aliasmem,
739 samr_io_r_add_aliasmem,
740 NT_STATUS_UNSUCCESSFUL);
745 }
747 /* Delete an alias member */
751 {
753 SAMR_Q_DEL_ALIASMEM q;
754 SAMR_R_DEL_ALIASMEM r;
755 NTSTATUS result;
762 /* Marshall data and send request */
769 samr_io_q_del_aliasmem,
770 samr_io_r_del_aliasmem,
771 NT_STATUS_UNSUCCESSFUL);
776 }
778 /* Query alias info */
783 {
785 SAMR_Q_QUERY_ALIASINFO q;
786 SAMR_R_QUERY_ALIASINFO r;
794 /* Marshall data and send request */
801 samr_io_q_query_aliasinfo,
802 samr_io_r_query_aliasinfo,
803 NT_STATUS_UNSUCCESSFUL);
805 /* Return output parameters */
809 }
813 done:
816 }
818 /* Query domain info */
823 uint16 switch_value,
825 {
827 SAMR_Q_QUERY_DOMAIN_INFO q;
828 SAMR_R_QUERY_DOMAIN_INFO r;
836 /* Marshall data and send request */
845 samr_io_q_query_domain_info,
846 samr_io_r_query_domain_info,
847 NT_STATUS_UNSUCCESSFUL);
849 /* Return output parameters */
853 }
855 done:
858 }
860 /* Query domain info2 */
865 uint16 switch_value,
867 {
869 SAMR_Q_QUERY_DOMAIN_INFO2 q;
870 SAMR_R_QUERY_DOMAIN_INFO2 r;
878 /* Marshall data and send request */
887 samr_io_q_query_domain_info2,
888 samr_io_r_query_domain_info2,
889 NT_STATUS_UNSUCCESSFUL);
891 /* Return output parameters */
895 }
897 done:
900 }
902 /* Set domain info */
907 uint16 switch_value,
909 {
911 SAMR_Q_SET_DOMAIN_INFO q;
912 SAMR_R_SET_DOMAIN_INFO r;
920 /* Marshall data and send request */
927 samr_io_q_set_domain_info,
928 samr_io_r_set_domain_info,
929 NT_STATUS_UNSUCCESSFUL);
931 /* Return output parameters */
935 }
937 done:
940 }
942 /* User change password */
949 {
951 SAMR_Q_CHGPASSWD_USER q;
952 SAMR_R_CHGPASSWD_USER r;
972 /* Calculate the MD4 hash (NT compatible) of the password */
979 /* E_deshash returns false for 'long' passwords (> 14
980 DOS chars). This allows us to match Win2k, which
981 does not store a LM hash for these passwords (which
982 would reduce the effective password length to 14) */
991 }
998 /* Marshall data and send request */
1001 new_nt_password,
1002 old_nt_hash_enc,
1003 new_lm_password,
1004 old_lanman_hash_enc);
1009 samr_io_q_chgpasswd_user,
1010 samr_io_r_chgpasswd_user,
1011 NT_STATUS_UNSUCCESSFUL);
1013 /* Return output parameters */
1017 }
1019 done:
1022 }
1024 /* User change password given blobs */
1029 DATA_BLOB new_nt_password,
1030 DATA_BLOB old_nt_hash_enc,
1031 DATA_BLOB new_lm_password,
1032 DATA_BLOB old_lm_hash_enc)
1033 {
1035 SAMR_Q_CHGPASSWD_USER q;
1036 SAMR_R_CHGPASSWD_USER r;
1046 /* Marshall data and send request */
1057 samr_io_q_chgpasswd_user,
1058 samr_io_r_chgpasswd_user,
1059 NT_STATUS_UNSUCCESSFUL);
1061 /* Return output parameters */
1065 }
1067 done:
1070 }
1073 /* change password 3 */
1082 {
1084 SAMR_Q_CHGPASSWD_USER3 q;
1085 SAMR_R_CHGPASSWD_USER3 r;
1104 /* Calculate the MD4 hash (NT compatible) of the password */
1111 /* E_deshash returns false for 'long' passwords (> 14
1112 DOS chars). This allows us to match Win2k, which
1113 does not store a LM hash for these passwords (which
1114 would reduce the effective password length to 14) */
1123 }
1130 /* Marshall data and send request */
1133 new_nt_password,
1134 old_nt_hash_enc,
1135 new_lm_password,
1136 old_lanman_hash_enc);
1143 samr_io_q_chgpasswd_user3,
1144 samr_io_r_chgpasswd_user3,
1145 NT_STATUS_UNSUCCESSFUL);
1147 /* Return output parameters */
1150 }
1152 /* This function returns the bizzare set of (max_entries, max_size) required
1153 for the QueryDisplayInfo RPC to actually work against a domain controller
1154 with large (10k and higher) numbers of users. These values were
1155 obtained by inspection using ethereal and NT4 running User Manager. */
1159 {
1181 }
1182 }
1184 /* Query display info */
1192 {
1194 SAMR_Q_QUERY_DISPINFO q;
1195 SAMR_R_QUERY_DISPINFO r;
1205 /* Marshall data and send request */
1215 samr_io_q_query_dispinfo,
1216 samr_io_r_query_dispinfo,
1217 NT_STATUS_UNSUCCESSFUL);
1219 /* Return output parameters */
1226 }
1231 done:
1233 }
1235 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1236 looked up in one packet. */
1244 {
1246 SAMR_Q_LOOKUP_RIDS q;
1247 SAMR_R_LOOKUP_RIDS r;
1249 uint32 i;
1256 }
1261 /* Marshall data and send request */
1268 samr_io_q_lookup_rids,
1269 samr_io_r_lookup_rids,
1270 NT_STATUS_UNSUCCESSFUL);
1272 /* Return output parameters */
1284 }
1294 }
1297 fstring tmp;
1302 }
1304 done:
1307 }
1309 /* Lookup names */
1316 {
1318 SAMR_Q_LOOKUP_NAMES q;
1319 SAMR_R_LOOKUP_NAMES r;
1321 uint32 i;
1328 /* Marshall data and send request */
1336 samr_io_q_lookup_names,
1337 samr_io_r_lookup_names,
1338 NT_STATUS_UNSUCCESSFUL);
1340 /* Return output parameters */
1344 }
1349 }
1359 }
1364 }
1366 done:
1369 }
1371 /* Set userinfo */
1376 {
1378 SAMR_Q_SET_USERINFO q;
1379 SAMR_R_SET_USERINFO r;
1390 }
1392 /* Initialise parse structures */
1397 /* Marshall data and send request */
1407 samr_io_q_set_userinfo,
1408 samr_io_r_set_userinfo,
1409 NT_STATUS_UNSUCCESSFUL);
1411 /* Return output parameters */
1415 }
1417 done:
1420 }
1422 /* Set userinfo2 */
1427 {
1429 SAMR_Q_SET_USERINFO2 q;
1430 SAMR_R_SET_USERINFO2 r;
1438 }
1443 /* Marshall data and send request */
1450 samr_io_q_set_userinfo2,
1451 samr_io_r_set_userinfo2,
1452 NT_STATUS_UNSUCCESSFUL);
1454 /* Return output parameters */
1458 }
1460 done:
1463 }
1465 /* Remove foreign SID */
1471 {
1473 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
1474 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
1482 /* Marshall data and send request */
1489 samr_io_q_remove_sid_foreign_domain,
1490 samr_io_r_remove_sid_foreign_domain,
1491 NT_STATUS_UNSUCCESSFUL);
1493 /* Return output parameters */
1498 }
1500 /* Query user security object */
1505 {
1507 SAMR_Q_QUERY_SEC_OBJ q;
1508 SAMR_R_QUERY_SEC_OBJ r;
1516 /* Marshall data and send request */
1523 samr_io_q_query_sec_obj,
1524 samr_io_r_query_sec_obj,
1525 NT_STATUS_UNSUCCESSFUL);
1527 /* Return output parameters */
1533 }
1535 /* Set user security object */
1540 {
1542 SAMR_Q_SET_SEC_OBJ q;
1543 SAMR_R_SET_SEC_OBJ r;
1551 /* Marshall data and send request */
1558 samr_io_q_set_sec_obj,
1559 samr_io_r_set_sec_obj,
1560 NT_STATUS_UNSUCCESSFUL);
1562 /* Return output parameters */
1567 }
1569 /* Lookup Domain Name */
1574 {
1576 SAMR_Q_LOOKUP_DOMAIN q;
1577 SAMR_R_LOOKUP_DOMAIN r;
1585 /* Marshall data and send request */
1592 samr_io_q_lookup_domain,
1593 samr_io_r_lookup_domain,
1594 NT_STATUS_UNSUCCESSFUL);
1596 /* Return output parameters */
1604 }