2 Unix SMB/CIFS implementation.
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 /* Connect to SAMR database */
28 NTSTATUS
rpccli_samr_connect(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
29 uint32 access_mask
, POLICY_HND
*connect_pol
)
31 prs_struct qbuf
, rbuf
;
34 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
36 DEBUG(10,("cli_samr_connect to %s\n", cli
->cli
->desthost
));
41 /* Marshall data and send request */
43 init_samr_q_connect(&q
, cli
->cli
->desthost
, access_mask
);
45 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CONNECT
,
50 NT_STATUS_UNSUCCESSFUL
);
51 /* Return output parameters */
53 if (NT_STATUS_IS_OK(result
= r
.status
)) {
54 *connect_pol
= r
.connect_pol
;
60 /* Connect to SAMR database */
62 NTSTATUS
rpccli_samr_connect4(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
63 uint32 access_mask
, POLICY_HND
*connect_pol
)
65 prs_struct qbuf
, rbuf
;
68 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
73 /* Marshall data and send request */
75 init_samr_q_connect4(&q
, cli
->cli
->desthost
, access_mask
);
77 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CONNECT4
,
82 NT_STATUS_UNSUCCESSFUL
);
84 /* Return output parameters */
86 if (NT_STATUS_IS_OK(result
= r
.status
)) {
87 *connect_pol
= r
.connect_pol
;
93 /* Close SAMR handle */
95 NTSTATUS
rpccli_samr_close(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
96 POLICY_HND
*connect_pol
)
98 prs_struct qbuf
, rbuf
;
101 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
103 DEBUG(10,("cli_samr_close\n"));
108 /* Marshall data and send request */
110 init_samr_q_close_hnd(&q
, connect_pol
);
112 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CLOSE_HND
,
117 NT_STATUS_UNSUCCESSFUL
);
119 /* Return output parameters */
121 if (NT_STATUS_IS_OK(result
= r
.status
)) {
122 *connect_pol
= r
.pol
;
128 /* Open handle on a domain */
130 NTSTATUS
rpccli_samr_open_domain(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
131 POLICY_HND
*connect_pol
, uint32 access_mask
,
132 const DOM_SID
*domain_sid
,
133 POLICY_HND
*domain_pol
)
135 prs_struct qbuf
, rbuf
;
136 SAMR_Q_OPEN_DOMAIN q
;
137 SAMR_R_OPEN_DOMAIN r
;
138 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
140 DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid
) ));
145 /* Marshall data and send request */
147 init_samr_q_open_domain(&q
, connect_pol
, access_mask
, domain_sid
);
149 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_DOMAIN
,
152 samr_io_q_open_domain
,
153 samr_io_r_open_domain
,
154 NT_STATUS_UNSUCCESSFUL
);
156 /* Return output parameters */
158 if (NT_STATUS_IS_OK(result
= r
.status
)) {
159 *domain_pol
= r
.domain_pol
;
165 NTSTATUS
rpccli_samr_open_user(struct rpc_pipe_client
*cli
,
167 POLICY_HND
*domain_pol
, uint32 access_mask
,
168 uint32 user_rid
, POLICY_HND
*user_pol
)
170 prs_struct qbuf
, rbuf
;
173 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
175 DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid
));
180 /* Marshall data and send request */
182 init_samr_q_open_user(&q
, domain_pol
, access_mask
, user_rid
);
184 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_USER
,
189 NT_STATUS_UNSUCCESSFUL
);
191 /* Return output parameters */
193 if (NT_STATUS_IS_OK(result
= r
.status
)) {
194 *user_pol
= r
.user_pol
;
200 /* Open handle on a group */
202 NTSTATUS
rpccli_samr_open_group(struct rpc_pipe_client
*cli
,
204 POLICY_HND
*domain_pol
, uint32 access_mask
,
205 uint32 group_rid
, POLICY_HND
*group_pol
)
207 prs_struct qbuf
, rbuf
;
210 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
212 DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid
));
217 /* Marshall data and send request */
219 init_samr_q_open_group(&q
, domain_pol
, access_mask
, group_rid
);
221 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_GROUP
,
224 samr_io_q_open_group
,
225 samr_io_r_open_group
,
226 NT_STATUS_UNSUCCESSFUL
);
228 /* Return output parameters */
230 if (NT_STATUS_IS_OK(result
= r
.status
)) {
237 /* Create domain group */
239 NTSTATUS
rpccli_samr_create_dom_group(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
240 POLICY_HND
*domain_pol
,
241 const char *group_name
,
242 uint32 access_mask
, POLICY_HND
*group_pol
)
244 prs_struct qbuf
, rbuf
;
245 SAMR_Q_CREATE_DOM_GROUP q
;
246 SAMR_R_CREATE_DOM_GROUP r
;
247 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
249 DEBUG(10,("cli_samr_create_dom_group\n"));
254 /* Marshall data and send request */
256 init_samr_q_create_dom_group(&q
, domain_pol
, group_name
, access_mask
);
258 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_DOM_GROUP
,
261 samr_io_q_create_dom_group
,
262 samr_io_r_create_dom_group
,
263 NT_STATUS_UNSUCCESSFUL
);
265 /* Return output parameters */
269 if (NT_STATUS_IS_OK(result
))
275 /* Add a domain group member */
277 NTSTATUS
rpccli_samr_add_groupmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
278 POLICY_HND
*group_pol
, uint32 rid
)
280 prs_struct qbuf
, rbuf
;
281 SAMR_Q_ADD_GROUPMEM q
;
282 SAMR_R_ADD_GROUPMEM r
;
283 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
285 DEBUG(10,("cli_samr_add_groupmem\n"));
290 /* Marshall data and send request */
292 init_samr_q_add_groupmem(&q
, group_pol
, rid
);
294 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ADD_GROUPMEM
,
297 samr_io_q_add_groupmem
,
298 samr_io_r_add_groupmem
,
299 NT_STATUS_UNSUCCESSFUL
);
301 /* Return output parameters */
308 /* Delete a domain group member */
310 NTSTATUS
rpccli_samr_del_groupmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
311 POLICY_HND
*group_pol
, uint32 rid
)
313 prs_struct qbuf
, rbuf
;
314 SAMR_Q_DEL_GROUPMEM q
;
315 SAMR_R_DEL_GROUPMEM r
;
316 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
318 DEBUG(10,("cli_samr_del_groupmem\n"));
323 /* Marshall data and send request */
325 init_samr_q_del_groupmem(&q
, group_pol
, rid
);
327 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DEL_GROUPMEM
,
330 samr_io_q_del_groupmem
,
331 samr_io_r_del_groupmem
,
332 NT_STATUS_UNSUCCESSFUL
);
334 /* Return output parameters */
341 /* Query user info */
343 NTSTATUS
rpccli_samr_query_userinfo(struct rpc_pipe_client
*cli
,
345 const POLICY_HND
*user_pol
,
347 SAM_USERINFO_CTR
**ctr
)
349 prs_struct qbuf
, rbuf
;
350 SAMR_Q_QUERY_USERINFO q
;
351 SAMR_R_QUERY_USERINFO r
;
352 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
354 DEBUG(10,("cli_samr_query_userinfo\n"));
359 /* Marshall data and send request */
361 init_samr_q_query_userinfo(&q
, user_pol
, switch_value
);
363 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERINFO
,
366 samr_io_q_query_userinfo
,
367 samr_io_r_query_userinfo
,
368 NT_STATUS_UNSUCCESSFUL
);
370 /* Return output parameters */
380 NTSTATUS
rpccli_samr_set_groupinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
381 POLICY_HND
*group_pol
, GROUP_INFO_CTR
*ctr
)
383 prs_struct qbuf
, rbuf
;
384 SAMR_Q_SET_GROUPINFO q
;
385 SAMR_R_SET_GROUPINFO r
;
386 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
388 DEBUG(10,("cli_samr_set_groupinfo\n"));
393 /* Marshall data and send request */
395 init_samr_q_set_groupinfo(&q
, group_pol
, ctr
);
397 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_GROUPINFO
,
400 samr_io_q_set_groupinfo
,
401 samr_io_r_set_groupinfo
,
402 NT_STATUS_UNSUCCESSFUL
);
404 /* Return output parameters */
411 /* Query group info */
413 NTSTATUS
rpccli_samr_query_groupinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
414 POLICY_HND
*group_pol
, uint32 info_level
,
415 GROUP_INFO_CTR
**ctr
)
417 prs_struct qbuf
, rbuf
;
418 SAMR_Q_QUERY_GROUPINFO q
;
419 SAMR_R_QUERY_GROUPINFO r
;
420 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
422 DEBUG(10,("cli_samr_query_groupinfo\n"));
427 /* Marshall data and send request */
429 init_samr_q_query_groupinfo(&q
, group_pol
, info_level
);
431 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_GROUPINFO
,
434 samr_io_q_query_groupinfo
,
435 samr_io_r_query_groupinfo
,
436 NT_STATUS_UNSUCCESSFUL
);
440 /* Return output parameters */
447 /* Query user groups */
449 NTSTATUS
rpccli_samr_query_usergroups(struct rpc_pipe_client
*cli
,
451 POLICY_HND
*user_pol
,
455 prs_struct qbuf
, rbuf
;
456 SAMR_Q_QUERY_USERGROUPS q
;
457 SAMR_R_QUERY_USERGROUPS r
;
458 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
460 DEBUG(10,("cli_samr_query_usergroups\n"));
465 /* Marshall data and send request */
467 init_samr_q_query_usergroups(&q
, user_pol
);
469 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERGROUPS
,
472 samr_io_q_query_usergroups
,
473 samr_io_r_query_usergroups
,
474 NT_STATUS_UNSUCCESSFUL
);
476 /* Return output parameters */
478 if (NT_STATUS_IS_OK(result
= r
.status
)) {
479 *num_groups
= r
.num_entries
;
488 NTSTATUS
rpccli_samr_set_aliasinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
489 POLICY_HND
*alias_pol
, ALIAS_INFO_CTR
*ctr
)
491 prs_struct qbuf
, rbuf
;
492 SAMR_Q_SET_ALIASINFO q
;
493 SAMR_R_SET_ALIASINFO r
;
494 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
496 DEBUG(10,("cli_samr_set_aliasinfo\n"));
501 /* Marshall data and send request */
503 init_samr_q_set_aliasinfo(&q
, alias_pol
, ctr
);
505 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_ALIASINFO
,
508 samr_io_q_set_aliasinfo
,
509 samr_io_r_set_aliasinfo
,
510 NT_STATUS_UNSUCCESSFUL
);
512 /* Return output parameters */
519 /* Query user aliases */
521 NTSTATUS
rpccli_samr_query_useraliases(struct rpc_pipe_client
*cli
,
523 POLICY_HND
*dom_pol
, uint32 num_sids
,
525 uint32
*num_aliases
, uint32
**als_rids
)
527 prs_struct qbuf
, rbuf
;
528 SAMR_Q_QUERY_USERALIASES q
;
529 SAMR_R_QUERY_USERALIASES r
;
530 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
534 DEBUG(10,("cli_samr_query_useraliases\n"));
539 sid_ptrs
= TALLOC_ARRAY(mem_ctx
, uint32
, num_sids
);
540 if (sid_ptrs
== NULL
)
541 return NT_STATUS_NO_MEMORY
;
543 for (i
=0; i
<num_sids
; i
++)
546 /* Marshall data and send request */
548 init_samr_q_query_useraliases(&q
, dom_pol
, num_sids
, sid_ptrs
, sid
);
550 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERALIASES
,
553 samr_io_q_query_useraliases
,
554 samr_io_r_query_useraliases
,
555 NT_STATUS_UNSUCCESSFUL
);
557 /* Return output parameters */
559 if (NT_STATUS_IS_OK(result
= r
.status
)) {
560 *num_aliases
= r
.num_entries
;
567 /* Query user groups */
569 NTSTATUS
rpccli_samr_query_groupmem(struct rpc_pipe_client
*cli
,
571 POLICY_HND
*group_pol
, uint32
*num_mem
,
572 uint32
**rid
, uint32
**attr
)
574 prs_struct qbuf
, rbuf
;
575 SAMR_Q_QUERY_GROUPMEM q
;
576 SAMR_R_QUERY_GROUPMEM r
;
577 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
579 DEBUG(10,("cli_samr_query_groupmem\n"));
584 /* Marshall data and send request */
586 init_samr_q_query_groupmem(&q
, group_pol
);
588 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_GROUPMEM
,
591 samr_io_q_query_groupmem
,
592 samr_io_r_query_groupmem
,
593 NT_STATUS_UNSUCCESSFUL
);
595 /* Return output parameters */
597 if (NT_STATUS_IS_OK(result
= r
.status
)) {
598 *num_mem
= r
.num_entries
;
607 * Enumerate domain users
609 * @param cli client state structure
610 * @param mem_ctx talloc context
611 * @param pol opened domain policy handle
612 * @param start_idx starting index of enumeration, returns context for
614 * @param acb_mask account control bit mask (to enumerate some particular
616 * @param size max acceptable size of response
617 * @param dom_users returned array of domain user names
618 * @param rids returned array of domain user RIDs
619 * @param num_dom_users numer returned entries
621 * @return NTSTATUS returned in rpc response
624 NTSTATUS
rpccli_samr_enum_dom_users(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
625 POLICY_HND
*pol
, uint32
*start_idx
, uint32 acb_mask
,
626 uint32 size
, char ***dom_users
, uint32
**rids
,
627 uint32
*num_dom_users
)
631 SAMR_Q_ENUM_DOM_USERS q
;
632 SAMR_R_ENUM_DOM_USERS r
;
633 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
636 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx
));
641 /* always init this */
644 /* Fill query structure with parameters */
646 init_samr_q_enum_dom_users(&q
, pol
, *start_idx
, acb_mask
, size
);
648 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_USERS
,
651 samr_io_q_enum_dom_users
,
652 samr_io_r_enum_dom_users
,
653 NT_STATUS_UNSUCCESSFUL
);
657 if (!NT_STATUS_IS_OK(result
) &&
658 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
))
661 *start_idx
= r
.next_idx
;
662 *num_dom_users
= r
.num_entries2
;
664 if (r
.num_entries2
) {
665 /* allocate memory needed to return received data */
666 *rids
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_entries2
);
668 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
669 return NT_STATUS_NO_MEMORY
;
672 *dom_users
= TALLOC_ARRAY(mem_ctx
, char*, r
.num_entries2
);
674 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
675 return NT_STATUS_NO_MEMORY
;
678 /* fill output buffers with rpc response */
679 for (i
= 0; i
< r
.num_entries2
; i
++) {
682 (*rids
)[i
] = r
.sam
[i
].rid
;
683 unistr2_to_ascii(conv_buf
, &(r
.uni_acct_name
[i
]), sizeof(conv_buf
) - 1);
684 (*dom_users
)[i
] = talloc_strdup(mem_ctx
, conv_buf
);
692 /* Enumerate domain groups */
694 NTSTATUS
rpccli_samr_enum_dom_groups(struct rpc_pipe_client
*cli
,
696 POLICY_HND
*pol
, uint32
*start_idx
,
697 uint32 size
, struct acct_info
**dom_groups
,
698 uint32
*num_dom_groups
)
700 prs_struct qbuf
, rbuf
;
701 SAMR_Q_ENUM_DOM_GROUPS q
;
702 SAMR_R_ENUM_DOM_GROUPS r
;
703 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
706 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx
));
711 /* Marshall data and send request */
713 init_samr_q_enum_dom_groups(&q
, pol
, *start_idx
, size
);
715 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_GROUPS
,
718 samr_io_q_enum_dom_groups
,
719 samr_io_r_enum_dom_groups
,
720 NT_STATUS_UNSUCCESSFUL
);
722 /* Return output parameters */
726 if (!NT_STATUS_IS_OK(result
) &&
727 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
))
730 *num_dom_groups
= r
.num_entries2
;
732 if (*num_dom_groups
== 0)
735 if (!((*dom_groups
) = TALLOC_ARRAY(mem_ctx
, struct acct_info
, *num_dom_groups
))) {
736 result
= NT_STATUS_NO_MEMORY
;
740 memset(*dom_groups
, 0, sizeof(struct acct_info
) * (*num_dom_groups
));
744 for (i
= 0; i
< *num_dom_groups
; i
++) {
746 (*dom_groups
)[i
].rid
= r
.sam
[i
].rid
;
748 if (r
.sam
[i
].hdr_name
.buffer
) {
749 unistr2_to_ascii((*dom_groups
)[i
].acct_name
,
750 &r
.uni_grp_name
[name_idx
],
751 sizeof(fstring
) - 1);
755 *start_idx
= r
.next_idx
;
762 /* Enumerate domain groups */
764 NTSTATUS
rpccli_samr_enum_als_groups(struct rpc_pipe_client
*cli
,
766 POLICY_HND
*pol
, uint32
*start_idx
,
767 uint32 size
, struct acct_info
**dom_aliases
,
768 uint32
*num_dom_aliases
)
770 prs_struct qbuf
, rbuf
;
771 SAMR_Q_ENUM_DOM_ALIASES q
;
772 SAMR_R_ENUM_DOM_ALIASES r
;
773 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
776 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx
));
781 /* Marshall data and send request */
783 init_samr_q_enum_dom_aliases(&q
, pol
, *start_idx
, size
);
785 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_ALIASES
,
788 samr_io_q_enum_dom_aliases
,
789 samr_io_r_enum_dom_aliases
,
790 NT_STATUS_UNSUCCESSFUL
);
792 /* Return output parameters */
796 if (!NT_STATUS_IS_OK(result
) &&
797 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
801 *num_dom_aliases
= r
.num_entries2
;
803 if (*num_dom_aliases
== 0)
806 if (!((*dom_aliases
) = TALLOC_ARRAY(mem_ctx
, struct acct_info
, *num_dom_aliases
))) {
807 result
= NT_STATUS_NO_MEMORY
;
811 memset(*dom_aliases
, 0, sizeof(struct acct_info
) * *num_dom_aliases
);
815 for (i
= 0; i
< *num_dom_aliases
; i
++) {
817 (*dom_aliases
)[i
].rid
= r
.sam
[i
].rid
;
819 if (r
.sam
[i
].hdr_name
.buffer
) {
820 unistr2_to_ascii((*dom_aliases
)[i
].acct_name
,
821 &r
.uni_grp_name
[name_idx
],
822 sizeof(fstring
) - 1);
826 *start_idx
= r
.next_idx
;
833 /* Query alias members */
835 NTSTATUS
rpccli_samr_query_aliasmem(struct rpc_pipe_client
*cli
,
837 POLICY_HND
*alias_pol
, uint32
*num_mem
,
840 prs_struct qbuf
, rbuf
;
841 SAMR_Q_QUERY_ALIASMEM q
;
842 SAMR_R_QUERY_ALIASMEM r
;
843 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
846 DEBUG(10,("cli_samr_query_aliasmem\n"));
851 /* Marshall data and send request */
853 init_samr_q_query_aliasmem(&q
, alias_pol
);
855 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_ALIASMEM
,
858 samr_io_q_query_aliasmem
,
859 samr_io_r_query_aliasmem
,
860 NT_STATUS_UNSUCCESSFUL
);
862 /* Return output parameters */
864 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
868 *num_mem
= r
.num_sids
;
872 result
= NT_STATUS_OK
;
876 if (!(*sids
= TALLOC_ARRAY(mem_ctx
, DOM_SID
, *num_mem
))) {
877 result
= NT_STATUS_UNSUCCESSFUL
;
881 for (i
= 0; i
< *num_mem
; i
++) {
882 (*sids
)[i
] = r
.sid
[i
].sid
;
889 /* Open handle on an alias */
891 NTSTATUS
rpccli_samr_open_alias(struct rpc_pipe_client
*cli
,
893 POLICY_HND
*domain_pol
, uint32 access_mask
,
894 uint32 alias_rid
, POLICY_HND
*alias_pol
)
896 prs_struct qbuf
, rbuf
;
901 DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid
));
906 /* Marshall data and send request */
908 init_samr_q_open_alias(&q
, domain_pol
, access_mask
, alias_rid
);
910 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_ALIAS
,
913 samr_io_q_open_alias
,
914 samr_io_r_open_alias
,
915 NT_STATUS_UNSUCCESSFUL
);
917 /* Return output parameters */
919 if (NT_STATUS_IS_OK(result
= r
.status
)) {
926 /* Create an alias */
928 NTSTATUS
rpccli_samr_create_dom_alias(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
929 POLICY_HND
*domain_pol
, const char *name
,
930 POLICY_HND
*alias_pol
)
932 prs_struct qbuf
, rbuf
;
933 SAMR_Q_CREATE_DOM_ALIAS q
;
934 SAMR_R_CREATE_DOM_ALIAS r
;
937 DEBUG(10,("cli_samr_create_dom_alias named %s\n", name
));
942 /* Marshall data and send request */
944 init_samr_q_create_dom_alias(&q
, domain_pol
, name
);
946 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_DOM_ALIAS
,
949 samr_io_q_create_dom_alias
,
950 samr_io_r_create_dom_alias
,
951 NT_STATUS_UNSUCCESSFUL
);
953 /* Return output parameters */
955 if (NT_STATUS_IS_OK(result
= r
.status
)) {
956 *alias_pol
= r
.alias_pol
;
962 /* Add an alias member */
964 NTSTATUS
rpccli_samr_add_aliasmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
965 POLICY_HND
*alias_pol
, DOM_SID
*member
)
967 prs_struct qbuf
, rbuf
;
968 SAMR_Q_ADD_ALIASMEM q
;
969 SAMR_R_ADD_ALIASMEM r
;
972 DEBUG(10,("cli_samr_add_aliasmem"));
977 /* Marshall data and send request */
979 init_samr_q_add_aliasmem(&q
, alias_pol
, member
);
981 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ADD_ALIASMEM
,
984 samr_io_q_add_aliasmem
,
985 samr_io_r_add_aliasmem
,
986 NT_STATUS_UNSUCCESSFUL
);
993 /* Delete an alias member */
995 NTSTATUS
rpccli_samr_del_aliasmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
996 POLICY_HND
*alias_pol
, DOM_SID
*member
)
998 prs_struct qbuf
, rbuf
;
999 SAMR_Q_DEL_ALIASMEM q
;
1000 SAMR_R_DEL_ALIASMEM r
;
1003 DEBUG(10,("cli_samr_del_aliasmem"));
1008 /* Marshall data and send request */
1010 init_samr_q_del_aliasmem(&q
, alias_pol
, member
);
1012 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DEL_ALIASMEM
,
1015 samr_io_q_del_aliasmem
,
1016 samr_io_r_del_aliasmem
,
1017 NT_STATUS_UNSUCCESSFUL
);
1024 /* Query alias info */
1026 NTSTATUS
rpccli_samr_query_alias_info(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1027 POLICY_HND
*alias_pol
, uint16 switch_value
,
1028 ALIAS_INFO_CTR
*ctr
)
1030 prs_struct qbuf
, rbuf
;
1031 SAMR_Q_QUERY_ALIASINFO q
;
1032 SAMR_R_QUERY_ALIASINFO r
;
1033 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1035 DEBUG(10,("cli_samr_query_alias_info\n"));
1040 /* Marshall data and send request */
1042 init_samr_q_query_aliasinfo(&q
, alias_pol
, switch_value
);
1044 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_ALIASINFO
,
1047 samr_io_q_query_aliasinfo
,
1048 samr_io_r_query_aliasinfo
,
1049 NT_STATUS_UNSUCCESSFUL
);
1051 /* Return output parameters */
1053 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1064 /* Query domain info */
1066 NTSTATUS
rpccli_samr_query_dom_info(struct rpc_pipe_client
*cli
,
1067 TALLOC_CTX
*mem_ctx
,
1068 POLICY_HND
*domain_pol
,
1069 uint16 switch_value
,
1072 prs_struct qbuf
, rbuf
;
1073 SAMR_Q_QUERY_DOMAIN_INFO q
;
1074 SAMR_R_QUERY_DOMAIN_INFO r
;
1075 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1077 DEBUG(10,("cli_samr_query_dom_info\n"));
1082 /* Marshall data and send request */
1084 init_samr_q_query_domain_info(&q
, domain_pol
, switch_value
);
1088 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DOMAIN_INFO
,
1091 samr_io_q_query_domain_info
,
1092 samr_io_r_query_domain_info
,
1093 NT_STATUS_UNSUCCESSFUL
);
1095 /* Return output parameters */
1097 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1106 /* Query domain info2 */
1108 NTSTATUS
rpccli_samr_query_dom_info2(struct rpc_pipe_client
*cli
,
1109 TALLOC_CTX
*mem_ctx
,
1110 POLICY_HND
*domain_pol
,
1111 uint16 switch_value
,
1114 prs_struct qbuf
, rbuf
;
1115 SAMR_Q_QUERY_DOMAIN_INFO2 q
;
1116 SAMR_R_QUERY_DOMAIN_INFO2 r
;
1117 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1119 DEBUG(10,("cli_samr_query_dom_info2\n"));
1124 /* Marshall data and send request */
1126 init_samr_q_query_domain_info2(&q
, domain_pol
, switch_value
);
1130 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DOMAIN_INFO2
,
1133 samr_io_q_query_domain_info2
,
1134 samr_io_r_query_domain_info2
,
1135 NT_STATUS_UNSUCCESSFUL
);
1137 /* Return output parameters */
1139 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1148 /* Set domain info */
1150 NTSTATUS
rpccli_samr_set_domain_info(struct rpc_pipe_client
*cli
,
1151 TALLOC_CTX
*mem_ctx
,
1152 POLICY_HND
*domain_pol
,
1153 uint16 switch_value
,
1156 prs_struct qbuf
, rbuf
;
1157 SAMR_Q_SET_DOMAIN_INFO q
;
1158 SAMR_R_SET_DOMAIN_INFO r
;
1159 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1161 DEBUG(10,("cli_samr_set_domain_info\n"));
1166 /* Marshall data and send request */
1168 init_samr_q_set_domain_info(&q
, domain_pol
, switch_value
, ctr
);
1170 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_DOMAIN_INFO
,
1173 samr_io_q_set_domain_info
,
1174 samr_io_r_set_domain_info
,
1175 NT_STATUS_UNSUCCESSFUL
);
1177 /* Return output parameters */
1179 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1188 /* User change password */
1190 NTSTATUS
rpccli_samr_chgpasswd_user(struct rpc_pipe_client
*cli
,
1191 TALLOC_CTX
*mem_ctx
,
1192 const char *username
,
1193 const char *newpassword
,
1194 const char *oldpassword
)
1196 prs_struct qbuf
, rbuf
;
1197 SAMR_Q_CHGPASSWD_USER q
;
1198 SAMR_R_CHGPASSWD_USER r
;
1199 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1201 uchar new_nt_password
[516];
1202 uchar new_lm_password
[516];
1203 uchar old_nt_hash
[16];
1204 uchar old_lanman_hash
[16];
1205 uchar old_nt_hash_enc
[16];
1206 uchar old_lanman_hash_enc
[16];
1208 uchar new_nt_hash
[16];
1209 uchar new_lanman_hash
[16];
1211 char *srv_name_slash
= talloc_asprintf(mem_ctx
, "\\\\%s", cli
->cli
->desthost
);
1213 DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
1218 /* Calculate the MD4 hash (NT compatible) of the password */
1219 E_md4hash(oldpassword
, old_nt_hash
);
1220 E_md4hash(newpassword
, new_nt_hash
);
1222 if (lp_client_lanman_auth()
1223 && E_deshash(newpassword
, new_lanman_hash
)
1224 && E_deshash(oldpassword
, old_lanman_hash
)) {
1225 /* E_deshash returns false for 'long' passwords (> 14
1226 DOS chars). This allows us to match Win2k, which
1227 does not store a LM hash for these passwords (which
1228 would reduce the effective password length to 14) */
1230 encode_pw_buffer(new_lm_password
, newpassword
, STR_UNICODE
);
1232 SamOEMhash( new_lm_password
, old_nt_hash
, 516);
1233 E_old_pw_hash( new_nt_hash
, old_lanman_hash
, old_lanman_hash_enc
);
1235 ZERO_STRUCT(new_lm_password
);
1236 ZERO_STRUCT(old_lanman_hash_enc
);
1239 encode_pw_buffer(new_nt_password
, newpassword
, STR_UNICODE
);
1241 SamOEMhash( new_nt_password
, old_nt_hash
, 516);
1242 E_old_pw_hash( new_nt_hash
, old_nt_hash
, old_nt_hash_enc
);
1244 /* Marshall data and send request */
1246 init_samr_q_chgpasswd_user(&q
, srv_name_slash
, username
,
1250 old_lanman_hash_enc
);
1252 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CHGPASSWD_USER
,
1255 samr_io_q_chgpasswd_user
,
1256 samr_io_r_chgpasswd_user
,
1257 NT_STATUS_UNSUCCESSFUL
);
1259 /* Return output parameters */
1261 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1270 /* User change passwd with auth crap */
1272 NTSTATUS
rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client
*cli
,
1273 TALLOC_CTX
*mem_ctx
,
1274 const char *username
,
1275 DATA_BLOB new_nt_password
,
1276 DATA_BLOB old_nt_hash_enc
,
1277 DATA_BLOB new_lm_password
,
1278 DATA_BLOB old_lm_hash_enc
)
1280 prs_struct qbuf
, rbuf
;
1281 SAMR_Q_CHGPASSWD_USER q
;
1282 SAMR_R_CHGPASSWD_USER r
;
1283 char *srv_name_slash
;
1285 if (!(srv_name_slash
= talloc_asprintf(mem_ctx
, "\\\\%s",
1286 cli
->cli
->desthost
))) {
1287 return NT_STATUS_NO_MEMORY
;
1290 DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n",
1296 /* Marshall data and send request */
1298 init_samr_q_chgpasswd_user(&q
, srv_name_slash
, username
,
1299 new_nt_password
.data
,
1300 old_nt_hash_enc
.data
,
1301 new_lm_password
.data
,
1302 old_lm_hash_enc
.data
);
1304 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CHGPASSWD_USER
,
1307 samr_io_q_chgpasswd_user
,
1308 samr_io_r_chgpasswd_user
,
1309 NT_STATUS_UNSUCCESSFUL
);
1314 /* change password 3 */
1316 NTSTATUS
rpccli_samr_chgpasswd3(struct rpc_pipe_client
*cli
,
1317 TALLOC_CTX
*mem_ctx
,
1318 const char *username
,
1319 const char *newpassword
,
1320 const char *oldpassword
,
1321 SAM_UNK_INFO_1
*info
,
1322 SAMR_CHANGE_REJECT
*reject
)
1324 prs_struct qbuf
, rbuf
;
1325 SAMR_Q_CHGPASSWD_USER3 q
;
1326 SAMR_R_CHGPASSWD_USER3 r
;
1328 uchar new_nt_password
[516];
1329 uchar new_lm_password
[516];
1330 uchar old_nt_hash
[16];
1331 uchar old_lanman_hash
[16];
1332 uchar old_nt_hash_enc
[16];
1333 uchar old_lanman_hash_enc
[16];
1335 uchar new_nt_hash
[16];
1336 uchar new_lanman_hash
[16];
1338 char *srv_name_slash
= talloc_asprintf(mem_ctx
, "\\\\%s", cli
->cli
->desthost
);
1340 DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
1345 /* Calculate the MD4 hash (NT compatible) of the password */
1346 E_md4hash(oldpassword
, old_nt_hash
);
1347 E_md4hash(newpassword
, new_nt_hash
);
1349 if (lp_client_lanman_auth()
1350 && E_deshash(newpassword
, new_lanman_hash
)
1351 && E_deshash(oldpassword
, old_lanman_hash
)) {
1352 /* E_deshash returns false for 'long' passwords (> 14
1353 DOS chars). This allows us to match Win2k, which
1354 does not store a LM hash for these passwords (which
1355 would reduce the effective password length to 14) */
1357 encode_pw_buffer(new_lm_password
, newpassword
, STR_UNICODE
);
1359 SamOEMhash( new_lm_password
, old_nt_hash
, 516);
1360 E_old_pw_hash( new_nt_hash
, old_lanman_hash
, old_lanman_hash_enc
);
1362 ZERO_STRUCT(new_lm_password
);
1363 ZERO_STRUCT(old_lanman_hash_enc
);
1366 encode_pw_buffer(new_nt_password
, newpassword
, STR_UNICODE
);
1368 SamOEMhash( new_nt_password
, old_nt_hash
, 516);
1369 E_old_pw_hash( new_nt_hash
, old_nt_hash
, old_nt_hash_enc
);
1371 /* Marshall data and send request */
1373 init_samr_q_chgpasswd_user3(&q
, srv_name_slash
, username
,
1377 old_lanman_hash_enc
);
1381 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CHGPASSWD_USER3
,
1384 samr_io_q_chgpasswd_user3
,
1385 samr_io_r_chgpasswd_user3
,
1386 NT_STATUS_UNSUCCESSFUL
);
1388 /* Return output parameters */
1393 /* This function returns the bizzare set of (max_entries, max_size) required
1394 for the QueryDisplayInfo RPC to actually work against a domain controller
1395 with large (10k and higher) numbers of users. These values were
1396 obtained by inspection using ethereal and NT4 running User Manager. */
1398 void get_query_dispinfo_params(int loop_count
, uint32
*max_entries
,
1401 switch(loop_count
) {
1407 *max_entries
= 1024;
1411 *max_entries
= 2048;
1415 *max_entries
= 4096;
1418 default: /* loop_count >= 4 */
1419 *max_entries
= 4096;
1425 /* Query display info */
1427 NTSTATUS
rpccli_samr_query_dispinfo(struct rpc_pipe_client
*cli
,
1428 TALLOC_CTX
*mem_ctx
,
1429 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1430 uint16 switch_value
, uint32
*num_entries
,
1431 uint32 max_entries
, uint32 max_size
,
1432 SAM_DISPINFO_CTR
*ctr
)
1434 prs_struct qbuf
, rbuf
;
1435 SAMR_Q_QUERY_DISPINFO q
;
1436 SAMR_R_QUERY_DISPINFO r
;
1437 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1439 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx
));
1446 /* Marshall data and send request */
1448 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1449 *start_idx
, max_entries
, max_size
);
1453 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO
,
1456 samr_io_q_query_dispinfo
,
1457 samr_io_r_query_dispinfo
,
1458 NT_STATUS_UNSUCCESSFUL
);
1460 /* Return output parameters */
1464 if (!NT_STATUS_IS_OK(result
) &&
1465 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1469 *num_entries
= r
.num_entries
;
1470 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1477 /* Query display info2 */
1479 NTSTATUS
rpccli_samr_query_dispinfo2(struct rpc_pipe_client
*cli
,
1480 TALLOC_CTX
*mem_ctx
,
1481 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1482 uint16 switch_value
, uint32
*num_entries
,
1483 uint32 max_entries
, uint32 max_size
,
1484 SAM_DISPINFO_CTR
*ctr
)
1486 prs_struct qbuf
, rbuf
;
1487 SAMR_Q_QUERY_DISPINFO q
;
1488 SAMR_R_QUERY_DISPINFO r
;
1489 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1491 DEBUG(10,("cli_samr_query_dispinfo2 for start_idx = %u\n", *start_idx
));
1498 /* Marshall data and send request */
1500 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1501 *start_idx
, max_entries
, max_size
);
1505 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO2
,
1508 samr_io_q_query_dispinfo
,
1509 samr_io_r_query_dispinfo
,
1510 NT_STATUS_UNSUCCESSFUL
);
1512 /* Return output parameters */
1516 if (!NT_STATUS_IS_OK(result
) &&
1517 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1521 *num_entries
= r
.num_entries
;
1522 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1528 /* Query display info */
1530 NTSTATUS
rpccli_samr_query_dispinfo3(struct rpc_pipe_client
*cli
,
1531 TALLOC_CTX
*mem_ctx
,
1532 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1533 uint16 switch_value
, uint32
*num_entries
,
1534 uint32 max_entries
, uint32 max_size
,
1535 SAM_DISPINFO_CTR
*ctr
)
1537 prs_struct qbuf
, rbuf
;
1538 SAMR_Q_QUERY_DISPINFO q
;
1539 SAMR_R_QUERY_DISPINFO r
;
1540 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1542 DEBUG(10,("cli_samr_query_dispinfo3 for start_idx = %u\n", *start_idx
));
1549 /* Marshall data and send request */
1551 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1552 *start_idx
, max_entries
, max_size
);
1556 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO3
,
1559 samr_io_q_query_dispinfo
,
1560 samr_io_r_query_dispinfo
,
1561 NT_STATUS_UNSUCCESSFUL
);
1563 /* Return output parameters */
1567 if (!NT_STATUS_IS_OK(result
) &&
1568 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1572 *num_entries
= r
.num_entries
;
1573 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1579 /* Query display info index */
1581 NTSTATUS
rpccli_samr_get_dispenum_index(struct rpc_pipe_client
*cli
,
1582 TALLOC_CTX
*mem_ctx
,
1583 POLICY_HND
*domain_pol
,
1584 uint16 switch_value
,
1588 prs_struct qbuf
, rbuf
;
1589 SAMR_Q_GET_DISPENUM_INDEX q
;
1590 SAMR_R_GET_DISPENUM_INDEX r
;
1591 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1593 DEBUG(10,("cli_samr_get_dispenum_index for name = %s\n", name
));
1598 /* Marshall data and send request */
1600 init_samr_q_get_dispenum_index(&q
, domain_pol
, switch_value
, name
);
1602 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DISPENUM_INDEX
,
1605 samr_io_q_get_dispenum_index
,
1606 samr_io_r_get_dispenum_index
,
1607 NT_STATUS_UNSUCCESSFUL
);
1609 /* Return output parameters */
1615 if (!NT_STATUS_IS_ERR(result
)) {
1622 NTSTATUS
rpccli_samr_get_dispenum_index2(struct rpc_pipe_client
*cli
,
1623 TALLOC_CTX
*mem_ctx
,
1624 POLICY_HND
*domain_pol
,
1625 uint16 switch_value
,
1629 prs_struct qbuf
, rbuf
;
1630 SAMR_Q_GET_DISPENUM_INDEX q
;
1631 SAMR_R_GET_DISPENUM_INDEX r
;
1632 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1634 DEBUG(10,("cli_samr_get_dispenum_index2 for name = %s\n", name
));
1639 /* Marshall data and send request */
1641 init_samr_q_get_dispenum_index(&q
, domain_pol
, switch_value
, name
);
1643 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DISPENUM_INDEX2
,
1646 samr_io_q_get_dispenum_index
,
1647 samr_io_r_get_dispenum_index
,
1648 NT_STATUS_UNSUCCESSFUL
);
1650 /* Return output parameters */
1656 if (!NT_STATUS_IS_ERR(result
)) {
1664 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1665 looked up in one packet. */
1667 NTSTATUS
rpccli_samr_lookup_rids(struct rpc_pipe_client
*cli
,
1668 TALLOC_CTX
*mem_ctx
,
1669 POLICY_HND
*domain_pol
,
1670 uint32 num_rids
, uint32
*rids
,
1671 uint32
*num_names
, char ***names
,
1672 uint32
**name_types
)
1674 prs_struct qbuf
, rbuf
;
1675 SAMR_Q_LOOKUP_RIDS q
;
1676 SAMR_R_LOOKUP_RIDS r
;
1677 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1680 DEBUG(10,("cli_samr_lookup_rids\n"));
1682 if (num_rids
> 1000) {
1683 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1684 "more than ~1000 rids are looked up at once.\n"));
1690 /* Marshall data and send request */
1692 init_samr_q_lookup_rids(mem_ctx
, &q
, domain_pol
, 1000, num_rids
, rids
);
1694 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_RIDS
,
1697 samr_io_q_lookup_rids
,
1698 samr_io_r_lookup_rids
,
1699 NT_STATUS_UNSUCCESSFUL
);
1701 /* Return output parameters */
1705 if (!NT_STATUS_IS_OK(result
) &&
1706 !NT_STATUS_EQUAL(result
, STATUS_SOME_UNMAPPED
))
1709 if (r
.num_names1
== 0) {
1715 *num_names
= r
.num_names1
;
1716 *names
= TALLOC_ARRAY(mem_ctx
, char *, r
.num_names1
);
1717 *name_types
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_names1
);
1719 if ((*names
== NULL
) || (*name_types
== NULL
)) {
1720 TALLOC_FREE(*names
);
1721 TALLOC_FREE(*name_types
);
1722 return NT_STATUS_NO_MEMORY
;
1725 for (i
= 0; i
< r
.num_names1
; i
++) {
1728 unistr2_to_ascii(tmp
, &r
.uni_name
[i
], sizeof(tmp
) - 1);
1729 (*names
)[i
] = talloc_strdup(mem_ctx
, tmp
);
1730 (*name_types
)[i
] = r
.type
[i
];
1740 NTSTATUS
rpccli_samr_lookup_names(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1741 POLICY_HND
*domain_pol
, uint32 flags
,
1742 uint32 num_names
, const char **names
,
1743 uint32
*num_rids
, uint32
**rids
,
1746 prs_struct qbuf
, rbuf
;
1747 SAMR_Q_LOOKUP_NAMES q
;
1748 SAMR_R_LOOKUP_NAMES r
;
1749 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1752 DEBUG(10,("cli_samr_lookup_names\n"));
1757 /* Marshall data and send request */
1759 init_samr_q_lookup_names(mem_ctx
, &q
, domain_pol
, flags
,
1762 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_NAMES
,
1765 samr_io_q_lookup_names
,
1766 samr_io_r_lookup_names
,
1767 NT_STATUS_UNSUCCESSFUL
);
1769 /* Return output parameters */
1771 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1775 if (r
.num_rids1
== 0) {
1780 *num_rids
= r
.num_rids1
;
1781 *rids
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_rids1
);
1782 *rid_types
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_rids1
);
1784 if ((*rids
== NULL
) || (*rid_types
== NULL
)) {
1786 TALLOC_FREE(*rid_types
);
1787 return NT_STATUS_NO_MEMORY
;
1790 for (i
= 0; i
< r
.num_rids1
; i
++) {
1791 (*rids
)[i
] = r
.rids
[i
];
1792 (*rid_types
)[i
] = r
.types
[i
];
1800 /* Create a domain user */
1802 NTSTATUS
rpccli_samr_create_dom_user(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1803 POLICY_HND
*domain_pol
, const char *acct_name
,
1804 uint32 acb_info
, uint32 unknown
,
1805 POLICY_HND
*user_pol
, uint32
*rid
)
1807 prs_struct qbuf
, rbuf
;
1808 SAMR_Q_CREATE_USER q
;
1809 SAMR_R_CREATE_USER r
;
1810 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1812 DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name
));
1817 /* Marshall data and send request */
1819 init_samr_q_create_user(&q
, domain_pol
, acct_name
, acb_info
, unknown
);
1821 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_USER
,
1824 samr_io_q_create_user
,
1825 samr_io_r_create_user
,
1826 NT_STATUS_UNSUCCESSFUL
);
1828 /* Return output parameters */
1830 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1835 *user_pol
= r
.user_pol
;
1847 NTSTATUS
rpccli_samr_set_userinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1848 const POLICY_HND
*user_pol
, uint16 switch_value
,
1849 DATA_BLOB
*sess_key
, SAM_USERINFO_CTR
*ctr
)
1851 prs_struct qbuf
, rbuf
;
1852 SAMR_Q_SET_USERINFO q
;
1853 SAMR_R_SET_USERINFO r
;
1854 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1856 DEBUG(10,("cli_samr_set_userinfo\n"));
1861 if (!sess_key
->length
) {
1862 DEBUG(1, ("No user session key\n"));
1863 return NT_STATUS_NO_USER_SESSION_KEY
;
1866 /* Initialise parse structures */
1868 prs_init(&qbuf
, RPC_MAX_PDU_FRAG_LEN
, mem_ctx
, MARSHALL
);
1869 prs_init(&rbuf
, 0, mem_ctx
, UNMARSHALL
);
1871 /* Marshall data and send request */
1875 init_samr_q_set_userinfo(&q
, user_pol
, sess_key
, switch_value
,
1878 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_USERINFO
,
1881 samr_io_q_set_userinfo
,
1882 samr_io_r_set_userinfo
,
1883 NT_STATUS_UNSUCCESSFUL
);
1885 /* Return output parameters */
1887 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1898 NTSTATUS
rpccli_samr_set_userinfo2(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1899 const POLICY_HND
*user_pol
, uint16 switch_value
,
1900 DATA_BLOB
*sess_key
, SAM_USERINFO_CTR
*ctr
)
1902 prs_struct qbuf
, rbuf
;
1903 SAMR_Q_SET_USERINFO2 q
;
1904 SAMR_R_SET_USERINFO2 r
;
1905 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1907 DEBUG(10,("cli_samr_set_userinfo2\n"));
1909 if (!sess_key
->length
) {
1910 DEBUG(1, ("No user session key\n"));
1911 return NT_STATUS_NO_USER_SESSION_KEY
;
1917 /* Marshall data and send request */
1919 init_samr_q_set_userinfo2(&q
, user_pol
, sess_key
, switch_value
, ctr
);
1921 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_USERINFO2
,
1924 samr_io_q_set_userinfo2
,
1925 samr_io_r_set_userinfo2
,
1926 NT_STATUS_UNSUCCESSFUL
);
1928 /* Return output parameters */
1930 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1939 /* Delete domain group */
1941 NTSTATUS
rpccli_samr_delete_dom_group(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1942 POLICY_HND
*group_pol
)
1944 prs_struct qbuf
, rbuf
;
1945 SAMR_Q_DELETE_DOM_GROUP q
;
1946 SAMR_R_DELETE_DOM_GROUP r
;
1947 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1949 DEBUG(10,("cli_samr_delete_dom_group\n"));
1954 /* Marshall data and send request */
1956 init_samr_q_delete_dom_group(&q
, group_pol
);
1958 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_GROUP
,
1961 samr_io_q_delete_dom_group
,
1962 samr_io_r_delete_dom_group
,
1963 NT_STATUS_UNSUCCESSFUL
);
1965 /* Return output parameters */
1972 /* Delete domain alias */
1974 NTSTATUS
rpccli_samr_delete_dom_alias(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1975 POLICY_HND
*alias_pol
)
1977 prs_struct qbuf
, rbuf
;
1978 SAMR_Q_DELETE_DOM_ALIAS q
;
1979 SAMR_R_DELETE_DOM_ALIAS r
;
1980 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1982 DEBUG(10,("cli_samr_delete_dom_alias\n"));
1987 /* Marshall data and send request */
1989 init_samr_q_delete_dom_alias(&q
, alias_pol
);
1991 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_ALIAS
,
1994 samr_io_q_delete_dom_alias
,
1995 samr_io_r_delete_dom_alias
,
1996 NT_STATUS_UNSUCCESSFUL
);
1998 /* Return output parameters */
2005 /* Delete domain user */
2007 NTSTATUS
rpccli_samr_delete_dom_user(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2008 POLICY_HND
*user_pol
)
2010 prs_struct qbuf
, rbuf
;
2011 SAMR_Q_DELETE_DOM_USER q
;
2012 SAMR_R_DELETE_DOM_USER r
;
2013 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2015 DEBUG(10,("cli_samr_delete_dom_user\n"));
2020 /* Marshall data and send request */
2022 init_samr_q_delete_dom_user(&q
, user_pol
);
2024 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_USER
,
2027 samr_io_q_delete_dom_user
,
2028 samr_io_r_delete_dom_user
,
2029 NT_STATUS_UNSUCCESSFUL
);
2031 /* Return output parameters */
2038 /* Remove foreign SID */
2040 NTSTATUS
rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client
*cli
,
2041 TALLOC_CTX
*mem_ctx
,
2042 POLICY_HND
*user_pol
,
2045 prs_struct qbuf
, rbuf
;
2046 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q
;
2047 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r
;
2048 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2050 DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
2055 /* Marshall data and send request */
2057 init_samr_q_remove_sid_foreign_domain(&q
, user_pol
, sid
);
2059 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_REMOVE_SID_FOREIGN_DOMAIN
,
2062 samr_io_q_remove_sid_foreign_domain
,
2063 samr_io_r_remove_sid_foreign_domain
,
2064 NT_STATUS_UNSUCCESSFUL
);
2066 /* Return output parameters */
2073 /* Query user security object */
2075 NTSTATUS
rpccli_samr_query_sec_obj(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2076 POLICY_HND
*user_pol
, uint32 sec_info
,
2077 TALLOC_CTX
*ctx
, SEC_DESC_BUF
**sec_desc_buf
)
2079 prs_struct qbuf
, rbuf
;
2080 SAMR_Q_QUERY_SEC_OBJ q
;
2081 SAMR_R_QUERY_SEC_OBJ r
;
2082 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2084 DEBUG(10,("cli_samr_query_sec_obj\n"));
2089 /* Marshall data and send request */
2091 init_samr_q_query_sec_obj(&q
, user_pol
, sec_info
);
2093 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_SEC_OBJECT
,
2096 samr_io_q_query_sec_obj
,
2097 samr_io_r_query_sec_obj
,
2098 NT_STATUS_UNSUCCESSFUL
);
2100 /* Return output parameters */
2103 *sec_desc_buf
=dup_sec_desc_buf(ctx
, r
.buf
);
2108 /* Set user security object */
2110 NTSTATUS
rpccli_samr_set_sec_obj(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2111 POLICY_HND
*user_pol
, uint32 sec_info
,
2112 SEC_DESC_BUF
*sec_desc_buf
)
2114 prs_struct qbuf
, rbuf
;
2115 SAMR_Q_SET_SEC_OBJ q
;
2116 SAMR_R_SET_SEC_OBJ r
;
2117 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2119 DEBUG(10,("cli_samr_set_sec_obj\n"));
2124 /* Marshall data and send request */
2126 init_samr_q_set_sec_obj(&q
, user_pol
, sec_info
, sec_desc_buf
);
2128 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_SEC_OBJECT
,
2131 samr_io_q_set_sec_obj
,
2132 samr_io_r_set_sec_obj
,
2133 NT_STATUS_UNSUCCESSFUL
);
2135 /* Return output parameters */
2143 /* Get domain password info */
2145 NTSTATUS
rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2146 uint16
*min_pwd_length
, uint32
*password_properties
)
2148 prs_struct qbuf
, rbuf
;
2149 SAMR_Q_GET_DOM_PWINFO q
;
2150 SAMR_R_GET_DOM_PWINFO r
;
2151 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2153 DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
2158 /* Marshall data and send request */
2160 init_samr_q_get_dom_pwinfo(&q
, cli
->cli
->desthost
);
2162 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DOM_PWINFO
,
2165 samr_io_q_get_dom_pwinfo
,
2166 samr_io_r_get_dom_pwinfo
,
2167 NT_STATUS_UNSUCCESSFUL
);
2169 /* Return output parameters */
2173 if (NT_STATUS_IS_OK(result
)) {
2175 *min_pwd_length
= r
.min_pwd_length
;
2176 if (password_properties
)
2177 *password_properties
= r
.password_properties
;
2183 /* Get domain password info */
2185 NTSTATUS
rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2186 POLICY_HND
*pol
, uint16
*min_pwd_length
,
2187 uint32
*password_properties
, uint32
*unknown1
)
2189 prs_struct qbuf
, rbuf
;
2190 SAMR_Q_GET_USRDOM_PWINFO q
;
2191 SAMR_R_GET_USRDOM_PWINFO r
;
2192 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2194 DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
2199 /* Marshall data and send request */
2201 init_samr_q_get_usrdom_pwinfo(&q
, pol
);
2203 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_USRDOM_PWINFO
,
2206 samr_io_q_get_usrdom_pwinfo
,
2207 samr_io_r_get_usrdom_pwinfo
,
2208 NT_STATUS_UNSUCCESSFUL
);
2210 /* Return output parameters */
2214 if (NT_STATUS_IS_OK(result
)) {
2216 *min_pwd_length
= r
.min_pwd_length
;
2217 if (password_properties
)
2218 *password_properties
= r
.password_properties
;
2220 *unknown1
= r
.unknown_1
;
2227 /* Lookup Domain Name */
2229 NTSTATUS
rpccli_samr_lookup_domain(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2230 POLICY_HND
*user_pol
, char *domain_name
,
2233 prs_struct qbuf
, rbuf
;
2234 SAMR_Q_LOOKUP_DOMAIN q
;
2235 SAMR_R_LOOKUP_DOMAIN r
;
2236 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2238 DEBUG(10,("cli_samr_lookup_domain\n"));
2243 /* Marshall data and send request */
2245 init_samr_q_lookup_domain(&q
, user_pol
, domain_name
);
2247 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_DOMAIN
,
2250 samr_io_q_lookup_domain
,
2251 samr_io_r_lookup_domain
,
2252 NT_STATUS_UNSUCCESSFUL
);
2254 /* Return output parameters */
2258 if (NT_STATUS_IS_OK(result
))
2259 sid_copy(sid
, &r
.dom_sid
.sid
);