search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r19655: Jeremy, please review:
[Samba/bb.git] / source3 / rpc_client / cli_samr.c
blob7a4d9fd58abbf076277362e559da75916fc42591
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 /* Connect to SAMR database */
27
28 NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
29 uint32 access_mask, POLICY_HND *connect_pol)
30 {
31 prs_struct qbuf, rbuf;
32 SAMR_Q_CONNECT q;
33 SAMR_R_CONNECT r;
34 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
35
36 DEBUG(10,("cli_samr_connect to %s\n", cli->cli->desthost));
37
38 ZERO_STRUCT(q);
39 ZERO_STRUCT(r);
40
41 /* Marshall data and send request */
42
43 init_samr_q_connect(&q, cli->cli->desthost, access_mask);
44
45 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT,
46 q, r,
47 qbuf, rbuf,
48 samr_io_q_connect,
49 samr_io_r_connect,
50 NT_STATUS_UNSUCCESSFUL);
51 /* Return output parameters */
52
53 if (NT_STATUS_IS_OK(result = r.status)) {
54 *connect_pol = r.connect_pol;
55 }
56
57 return result;
58 }
59
60 /* Connect to SAMR database */
61
62 NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
63 uint32 access_mask, POLICY_HND *connect_pol)
64 {
65 prs_struct qbuf, rbuf;
66 SAMR_Q_CONNECT4 q;
67 SAMR_R_CONNECT4 r;
68 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
69
70 ZERO_STRUCT(q);
71 ZERO_STRUCT(r);
72
73 /* Marshall data and send request */
74
75 init_samr_q_connect4(&q, cli->cli->desthost, access_mask);
76
77 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT4,
78 q, r,
79 qbuf, rbuf,
80 samr_io_q_connect4,
81 samr_io_r_connect4,
82 NT_STATUS_UNSUCCESSFUL);
83
84 /* Return output parameters */
85
86 if (NT_STATUS_IS_OK(result = r.status)) {
87 *connect_pol = r.connect_pol;
88 }
89
90 return result;
91 }
92
93 /* Close SAMR handle */
94
95 NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
96 POLICY_HND *connect_pol)
97 {
98 prs_struct qbuf, rbuf;
99 SAMR_Q_CLOSE_HND q;
100 SAMR_R_CLOSE_HND r;
101 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
102
103 DEBUG(10,("cli_samr_close\n"));
104
105 ZERO_STRUCT(q);
106 ZERO_STRUCT(r);
107
108 /* Marshall data and send request */
109
110 init_samr_q_close_hnd(&q, connect_pol);
111
112 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CLOSE_HND,
113 q, r,
114 qbuf, rbuf,
115 samr_io_q_close_hnd,
116 samr_io_r_close_hnd,
117 NT_STATUS_UNSUCCESSFUL);
118
119 /* Return output parameters */
120
121 if (NT_STATUS_IS_OK(result = r.status)) {
122 *connect_pol = r.pol;
123 }
124
125 return result;
126 }
127
128 /* Open handle on a domain */
129
130 NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
131 POLICY_HND *connect_pol, uint32 access_mask,
132 const DOM_SID *domain_sid,
133 POLICY_HND *domain_pol)
134 {
135 prs_struct qbuf, rbuf;
136 SAMR_Q_OPEN_DOMAIN q;
137 SAMR_R_OPEN_DOMAIN r;
138 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
139
140 DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid) ));
141
142 ZERO_STRUCT(q);
143 ZERO_STRUCT(r);
144
145 /* Marshall data and send request */
146
147 init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
148
149 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_DOMAIN,
150 q, r,
151 qbuf, rbuf,
152 samr_io_q_open_domain,
153 samr_io_r_open_domain,
154 NT_STATUS_UNSUCCESSFUL);
155
156 /* Return output parameters */
157
158 if (NT_STATUS_IS_OK(result = r.status)) {
159 *domain_pol = r.domain_pol;
160 }
161
162 return result;
163 }
164
165 NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli,
166 TALLOC_CTX *mem_ctx,
167 POLICY_HND *domain_pol, uint32 access_mask,
168 uint32 user_rid, POLICY_HND *user_pol)
169 {
170 prs_struct qbuf, rbuf;
171 SAMR_Q_OPEN_USER q;
172 SAMR_R_OPEN_USER r;
173 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
174
175 DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid ));
176
177 ZERO_STRUCT(q);
178 ZERO_STRUCT(r);
179
180 /* Marshall data and send request */
181
182 init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
183
184 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_USER,
185 q, r,
186 qbuf, rbuf,
187 samr_io_q_open_user,
188 samr_io_r_open_user,
189 NT_STATUS_UNSUCCESSFUL);
190
191 /* Return output parameters */
192
193 if (NT_STATUS_IS_OK(result = r.status)) {
194 *user_pol = r.user_pol;
195 }
196
197 return result;
198 }
199
200 /* Open handle on a group */
201
202 NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli,
203 TALLOC_CTX *mem_ctx,
204 POLICY_HND *domain_pol, uint32 access_mask,
205 uint32 group_rid, POLICY_HND *group_pol)
206 {
207 prs_struct qbuf, rbuf;
208 SAMR_Q_OPEN_GROUP q;
209 SAMR_R_OPEN_GROUP r;
210 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
211
212 DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid ));
213
214 ZERO_STRUCT(q);
215 ZERO_STRUCT(r);
216
217 /* Marshall data and send request */
218
219 init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
220
221 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_GROUP,
222 q, r,
223 qbuf, rbuf,
224 samr_io_q_open_group,
225 samr_io_r_open_group,
226 NT_STATUS_UNSUCCESSFUL);
227
228 /* Return output parameters */
229
230 if (NT_STATUS_IS_OK(result = r.status)) {
231 *group_pol = r.pol;
232 }
233
234 return result;
235 }
236
237 /* Create domain group */
238
239 NTSTATUS rpccli_samr_create_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
240 POLICY_HND *domain_pol,
241 const char *group_name,
242 uint32 access_mask, POLICY_HND *group_pol)
243 {
244 prs_struct qbuf, rbuf;
245 SAMR_Q_CREATE_DOM_GROUP q;
246 SAMR_R_CREATE_DOM_GROUP r;
247 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
248
249 DEBUG(10,("cli_samr_create_dom_group\n"));
250
251 ZERO_STRUCT(q);
252 ZERO_STRUCT(r);
253
254 /* Marshall data and send request */
255
256 init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask);
257
258 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_GROUP,
259 q, r,
260 qbuf, rbuf,
261 samr_io_q_create_dom_group,
262 samr_io_r_create_dom_group,
263 NT_STATUS_UNSUCCESSFUL);
264
265 /* Return output parameters */
266
267 result = r.status;
268
269 if (NT_STATUS_IS_OK(result))
270 *group_pol = r.pol;
271
272 return result;
273 }
274
275 /* Add a domain group member */
276
277 NTSTATUS rpccli_samr_add_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
278 POLICY_HND *group_pol, uint32 rid)
279 {
280 prs_struct qbuf, rbuf;
281 SAMR_Q_ADD_GROUPMEM q;
282 SAMR_R_ADD_GROUPMEM r;
283 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
284
285 DEBUG(10,("cli_samr_add_groupmem\n"));
286
287 ZERO_STRUCT(q);
288 ZERO_STRUCT(r);
289
290 /* Marshall data and send request */
291
292 init_samr_q_add_groupmem(&q, group_pol, rid);
293
294 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_GROUPMEM,
295 q, r,
296 qbuf, rbuf,
297 samr_io_q_add_groupmem,
298 samr_io_r_add_groupmem,
299 NT_STATUS_UNSUCCESSFUL);
300
301 /* Return output parameters */
302
303 result = r.status;
304
305 return result;
306 }
307
308 /* Delete a domain group member */
309
310 NTSTATUS rpccli_samr_del_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
311 POLICY_HND *group_pol, uint32 rid)
312 {
313 prs_struct qbuf, rbuf;
314 SAMR_Q_DEL_GROUPMEM q;
315 SAMR_R_DEL_GROUPMEM r;
316 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
317
318 DEBUG(10,("cli_samr_del_groupmem\n"));
319
320 ZERO_STRUCT(q);
321 ZERO_STRUCT(r);
322
323 /* Marshall data and send request */
324
325 init_samr_q_del_groupmem(&q, group_pol, rid);
326
327 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_GROUPMEM,
328 q, r,
329 qbuf, rbuf,
330 samr_io_q_del_groupmem,
331 samr_io_r_del_groupmem,
332 NT_STATUS_UNSUCCESSFUL);
333
334 /* Return output parameters */
335
336 result = r.status;
337
338 return result;
339 }
340
341 /* Query user info */
342
343 NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli,
344 TALLOC_CTX *mem_ctx,
345 const POLICY_HND *user_pol,
346 uint16 switch_value,
347 SAM_USERINFO_CTR **ctr)
348 {
349 prs_struct qbuf, rbuf;
350 SAMR_Q_QUERY_USERINFO q;
351 SAMR_R_QUERY_USERINFO r;
352 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
353
354 DEBUG(10,("cli_samr_query_userinfo\n"));
355
356 ZERO_STRUCT(q);
357 ZERO_STRUCT(r);
358
359 /* Marshall data and send request */
360
361 init_samr_q_query_userinfo(&q, user_pol, switch_value);
362
363 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO,
364 q, r,
365 qbuf, rbuf,
366 samr_io_q_query_userinfo,
367 samr_io_r_query_userinfo,
368 NT_STATUS_UNSUCCESSFUL);
369
370 /* Return output parameters */
371
372 result = r.status;
373 *ctr = r.ctr;
374
375 return result;
376 }
377
378 /* Set group info */
379
380 NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
381 POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
382 {
383 prs_struct qbuf, rbuf;
384 SAMR_Q_SET_GROUPINFO q;
385 SAMR_R_SET_GROUPINFO r;
386 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
387
388 DEBUG(10,("cli_samr_set_groupinfo\n"));
389
390 ZERO_STRUCT(q);
391 ZERO_STRUCT(r);
392
393 /* Marshall data and send request */
394
395 init_samr_q_set_groupinfo(&q, group_pol, ctr);
396
397 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO,
398 q, r,
399 qbuf, rbuf,
400 samr_io_q_set_groupinfo,
401 samr_io_r_set_groupinfo,
402 NT_STATUS_UNSUCCESSFUL);
403
404 /* Return output parameters */
405
406 result = r.status;
407
408 return result;
409 }
410
411 /* Query group info */
412
413 NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
414 POLICY_HND *group_pol, uint32 info_level,
415 GROUP_INFO_CTR **ctr)
416 {
417 prs_struct qbuf, rbuf;
418 SAMR_Q_QUERY_GROUPINFO q;
419 SAMR_R_QUERY_GROUPINFO r;
420 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
421
422 DEBUG(10,("cli_samr_query_groupinfo\n"));
423
424 ZERO_STRUCT(q);
425 ZERO_STRUCT(r);
426
427 /* Marshall data and send request */
428
429 init_samr_q_query_groupinfo(&q, group_pol, info_level);
430
431 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO,
432 q, r,
433 qbuf, rbuf,
434 samr_io_q_query_groupinfo,
435 samr_io_r_query_groupinfo,
436 NT_STATUS_UNSUCCESSFUL);
437
438 *ctr = r.ctr;
439
440 /* Return output parameters */
441
442 result = r.status;
443
444 return result;
445 }
446
447 /* Query user groups */
448
449 NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli,
450 TALLOC_CTX *mem_ctx,
451 POLICY_HND *user_pol,
452 uint32 *num_groups,
453 DOM_GID **gid)
454 {
455 prs_struct qbuf, rbuf;
456 SAMR_Q_QUERY_USERGROUPS q;
457 SAMR_R_QUERY_USERGROUPS r;
458 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
459
460 DEBUG(10,("cli_samr_query_usergroups\n"));
461
462 ZERO_STRUCT(q);
463 ZERO_STRUCT(r);
464
465 /* Marshall data and send request */
466
467 init_samr_q_query_usergroups(&q, user_pol);
468
469 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS,
470 q, r,
471 qbuf, rbuf,
472 samr_io_q_query_usergroups,
473 samr_io_r_query_usergroups,
474 NT_STATUS_UNSUCCESSFUL);
475
476 /* Return output parameters */
477
478 if (NT_STATUS_IS_OK(result = r.status)) {
479 *num_groups = r.num_entries;
480 *gid = r.gid;
481 }
482
483 return result;
484 }
485
486 /* Set alias info */
487
488 NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
489 POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
490 {
491 prs_struct qbuf, rbuf;
492 SAMR_Q_SET_ALIASINFO q;
493 SAMR_R_SET_ALIASINFO r;
494 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
495
496 DEBUG(10,("cli_samr_set_aliasinfo\n"));
497
498 ZERO_STRUCT(q);
499 ZERO_STRUCT(r);
500
501 /* Marshall data and send request */
502
503 init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
504
505 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO,
506 q, r,
507 qbuf, rbuf,
508 samr_io_q_set_aliasinfo,
509 samr_io_r_set_aliasinfo,
510 NT_STATUS_UNSUCCESSFUL);
511
512 /* Return output parameters */
513
514 result = r.status;
515
516 return result;
517 }
518
519 /* Query user aliases */
520
521 NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli,
522 TALLOC_CTX *mem_ctx,
523 POLICY_HND *dom_pol, uint32 num_sids,
524 DOM_SID2 *sid,
525 uint32 *num_aliases, uint32 **als_rids)
526 {
527 prs_struct qbuf, rbuf;
528 SAMR_Q_QUERY_USERALIASES q;
529 SAMR_R_QUERY_USERALIASES r;
530 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
531 int i;
532 uint32 *sid_ptrs;
533
534 DEBUG(10,("cli_samr_query_useraliases\n"));
535
536 ZERO_STRUCT(q);
537 ZERO_STRUCT(r);
538
539 sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids);
540 if (sid_ptrs == NULL)
541 return NT_STATUS_NO_MEMORY;
542
543 for (i=0; i<num_sids; i++)
544 sid_ptrs[i] = 1;
545
546 /* Marshall data and send request */
547
548 init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid);
549
550 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES,
551 q, r,
552 qbuf, rbuf,
553 samr_io_q_query_useraliases,
554 samr_io_r_query_useraliases,
555 NT_STATUS_UNSUCCESSFUL);
556
557 /* Return output parameters */
558
559 if (NT_STATUS_IS_OK(result = r.status)) {
560 *num_aliases = r.num_entries;
561 *als_rids = r.rid;
562 }
563
564 return result;
565 }
566
567 /* Query user groups */
568
569 NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli,
570 TALLOC_CTX *mem_ctx,
571 POLICY_HND *group_pol, uint32 *num_mem,
572 uint32 **rid, uint32 **attr)
573 {
574 prs_struct qbuf, rbuf;
575 SAMR_Q_QUERY_GROUPMEM q;
576 SAMR_R_QUERY_GROUPMEM r;
577 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
578
579 DEBUG(10,("cli_samr_query_groupmem\n"));
580
581 ZERO_STRUCT(q);
582 ZERO_STRUCT(r);
583
584 /* Marshall data and send request */
585
586 init_samr_q_query_groupmem(&q, group_pol);
587
588 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPMEM,
589 q, r,
590 qbuf, rbuf,
591 samr_io_q_query_groupmem,
592 samr_io_r_query_groupmem,
593 NT_STATUS_UNSUCCESSFUL);
594
595 /* Return output parameters */
596
597 if (NT_STATUS_IS_OK(result = r.status)) {
598 *num_mem = r.num_entries;
599 *rid = r.rid;
600 *attr = r.attr;
601 }
602
603 return result;
604 }
605
606 /**
607 * Enumerate domain users
608 *
609 * @param cli client state structure
610 * @param mem_ctx talloc context
611 * @param pol opened domain policy handle
612 * @param start_idx starting index of enumeration, returns context for
613 next enumeration
614 * @param acb_mask account control bit mask (to enumerate some particular
615 * kind of accounts)
616 * @param size max acceptable size of response
617 * @param dom_users returned array of domain user names
618 * @param rids returned array of domain user RIDs
619 * @param num_dom_users numer returned entries
620 *
621 * @return NTSTATUS returned in rpc response
622 **/
623
624 NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
625 POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
626 uint32 size, char ***dom_users, uint32 **rids,
627 uint32 *num_dom_users)
628 {
629 prs_struct qbuf;
630 prs_struct rbuf;
631 SAMR_Q_ENUM_DOM_USERS q;
632 SAMR_R_ENUM_DOM_USERS r;
633 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
634 int i;
635
636 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
637
638 ZERO_STRUCT(q);
639 ZERO_STRUCT(r);
640
641 /* always init this */
642 *num_dom_users = 0;
643
644 /* Fill query structure with parameters */
645
646 init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
647
648 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
649 q, r,
650 qbuf, rbuf,
651 samr_io_q_enum_dom_users,
652 samr_io_r_enum_dom_users,
653 NT_STATUS_UNSUCCESSFUL);
654
655 result = r.status;
656
657 if (!NT_STATUS_IS_OK(result) &&
658 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
659 goto done;
660
661 *start_idx = r.next_idx;
662 *num_dom_users = r.num_entries2;
663
664 if (r.num_entries2) {
665 /* allocate memory needed to return received data */
666 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
667 if (!*rids) {
668 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
669 return NT_STATUS_NO_MEMORY;
670 }
671
672 *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
673 if (!*dom_users) {
674 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
675 return NT_STATUS_NO_MEMORY;
676 }
677
678 /* fill output buffers with rpc response */
679 for (i = 0; i < r.num_entries2; i++) {
680 fstring conv_buf;
681
682 (*rids)[i] = r.sam[i].rid;
683 unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf) - 1);
684 (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
685 }
686 }
687
688 done:
689 return result;
690 }
691
692 /* Enumerate domain groups */
693
694 NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli,
695 TALLOC_CTX *mem_ctx,
696 POLICY_HND *pol, uint32 *start_idx,
697 uint32 size, struct acct_info **dom_groups,
698 uint32 *num_dom_groups)
699 {
700 prs_struct qbuf, rbuf;
701 SAMR_Q_ENUM_DOM_GROUPS q;
702 SAMR_R_ENUM_DOM_GROUPS r;
703 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
704 uint32 name_idx, i;
705
706 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
707
708 ZERO_STRUCT(q);
709 ZERO_STRUCT(r);
710
711 /* Marshall data and send request */
712
713 init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
714
715 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS,
716 q, r,
717 qbuf, rbuf,
718 samr_io_q_enum_dom_groups,
719 samr_io_r_enum_dom_groups,
720 NT_STATUS_UNSUCCESSFUL);
721
722 /* Return output parameters */
723
724 result = r.status;
725
726 if (!NT_STATUS_IS_OK(result) &&
727 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
728 goto done;
729
730 *num_dom_groups = r.num_entries2;
731
732 if (*num_dom_groups == 0)
733 goto done;
734
735 if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
736 result = NT_STATUS_NO_MEMORY;
737 goto done;
738 }
739
740 memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
741
742 name_idx = 0;
743
744 for (i = 0; i < *num_dom_groups; i++) {
745
746 (*dom_groups)[i].rid = r.sam[i].rid;
747
748 if (r.sam[i].hdr_name.buffer) {
749 unistr2_to_ascii((*dom_groups)[i].acct_name,
750 &r.uni_grp_name[name_idx],
751 sizeof(fstring) - 1);
752 name_idx++;
753 }
754
755 *start_idx = r.next_idx;
756 }
757
758 done:
759 return result;
760 }
761
762 /* Enumerate domain groups */
763
764 NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli,
765 TALLOC_CTX *mem_ctx,
766 POLICY_HND *pol, uint32 *start_idx,
767 uint32 size, struct acct_info **dom_aliases,
768 uint32 *num_dom_aliases)
769 {
770 prs_struct qbuf, rbuf;
771 SAMR_Q_ENUM_DOM_ALIASES q;
772 SAMR_R_ENUM_DOM_ALIASES r;
773 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
774 uint32 name_idx, i;
775
776 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
777
778 ZERO_STRUCT(q);
779 ZERO_STRUCT(r);
780
781 /* Marshall data and send request */
782
783 init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
784
785 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES,
786 q, r,
787 qbuf, rbuf,
788 samr_io_q_enum_dom_aliases,
789 samr_io_r_enum_dom_aliases,
790 NT_STATUS_UNSUCCESSFUL);
791
792 /* Return output parameters */
793
794 result = r.status;
795
796 if (!NT_STATUS_IS_OK(result) &&
797 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
798 goto done;
799 }
800
801 *num_dom_aliases = r.num_entries2;
802
803 if (*num_dom_aliases == 0)
804 goto done;
805
806 if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
807 result = NT_STATUS_NO_MEMORY;
808 goto done;
809 }
810
811 memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
812
813 name_idx = 0;
814
815 for (i = 0; i < *num_dom_aliases; i++) {
816
817 (*dom_aliases)[i].rid = r.sam[i].rid;
818
819 if (r.sam[i].hdr_name.buffer) {
820 unistr2_to_ascii((*dom_aliases)[i].acct_name,
821 &r.uni_grp_name[name_idx],
822 sizeof(fstring) - 1);
823 name_idx++;
824 }
825
826 *start_idx = r.next_idx;
827 }
828
829 done:
830 return result;
831 }
832
833 /* Query alias members */
834
835 NTSTATUS rpccli_samr_query_aliasmem(struct rpc_pipe_client *cli,
836 TALLOC_CTX *mem_ctx,
837 POLICY_HND *alias_pol, uint32 *num_mem,
838 DOM_SID **sids)
839 {
840 prs_struct qbuf, rbuf;
841 SAMR_Q_QUERY_ALIASMEM q;
842 SAMR_R_QUERY_ALIASMEM r;
843 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
844 uint32 i;
845
846 DEBUG(10,("cli_samr_query_aliasmem\n"));
847
848 ZERO_STRUCT(q);
849 ZERO_STRUCT(r);
850
851 /* Marshall data and send request */
852
853 init_samr_q_query_aliasmem(&q, alias_pol);
854
855 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASMEM,
856 q, r,
857 qbuf, rbuf,
858 samr_io_q_query_aliasmem,
859 samr_io_r_query_aliasmem,
860 NT_STATUS_UNSUCCESSFUL);
861
862 /* Return output parameters */
863
864 if (!NT_STATUS_IS_OK(result = r.status)) {
865 goto done;
866 }
867
868 *num_mem = r.num_sids;
869
870 if (*num_mem == 0) {
871 *sids = NULL;
872 result = NT_STATUS_OK;
873 goto done;
874 }
875
876 if (!(*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_mem))) {
877 result = NT_STATUS_UNSUCCESSFUL;
878 goto done;
879 }
880
881 for (i = 0; i < *num_mem; i++) {
882 (*sids)[i] = r.sid[i].sid;
883 }
884
885 done:
886 return result;
887 }
888
889 /* Open handle on an alias */
890
891 NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli,
892 TALLOC_CTX *mem_ctx,
893 POLICY_HND *domain_pol, uint32 access_mask,
894 uint32 alias_rid, POLICY_HND *alias_pol)
895 {
896 prs_struct qbuf, rbuf;
897 SAMR_Q_OPEN_ALIAS q;
898 SAMR_R_OPEN_ALIAS r;
899 NTSTATUS result;
900
901 DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid));
902
903 ZERO_STRUCT(q);
904 ZERO_STRUCT(r);
905
906 /* Marshall data and send request */
907
908 init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
909
910 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_ALIAS,
911 q, r,
912 qbuf, rbuf,
913 samr_io_q_open_alias,
914 samr_io_r_open_alias,
915 NT_STATUS_UNSUCCESSFUL);
916
917 /* Return output parameters */
918
919 if (NT_STATUS_IS_OK(result = r.status)) {
920 *alias_pol = r.pol;
921 }
922
923 return result;
924 }
925
926 /* Create an alias */
927
928 NTSTATUS rpccli_samr_create_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
929 POLICY_HND *domain_pol, const char *name,
930 POLICY_HND *alias_pol)
931 {
932 prs_struct qbuf, rbuf;
933 SAMR_Q_CREATE_DOM_ALIAS q;
934 SAMR_R_CREATE_DOM_ALIAS r;
935 NTSTATUS result;
936
937 DEBUG(10,("cli_samr_create_dom_alias named %s\n", name));
938
939 ZERO_STRUCT(q);
940 ZERO_STRUCT(r);
941
942 /* Marshall data and send request */
943
944 init_samr_q_create_dom_alias(&q, domain_pol, name);
945
946 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_ALIAS,
947 q, r,
948 qbuf, rbuf,
949 samr_io_q_create_dom_alias,
950 samr_io_r_create_dom_alias,
951 NT_STATUS_UNSUCCESSFUL);
952
953 /* Return output parameters */
954
955 if (NT_STATUS_IS_OK(result = r.status)) {
956 *alias_pol = r.alias_pol;
957 }
958
959 return result;
960 }
961
962 /* Add an alias member */
963
964 NTSTATUS rpccli_samr_add_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
965 POLICY_HND *alias_pol, DOM_SID *member)
966 {
967 prs_struct qbuf, rbuf;
968 SAMR_Q_ADD_ALIASMEM q;
969 SAMR_R_ADD_ALIASMEM r;
970 NTSTATUS result;
971
972 DEBUG(10,("cli_samr_add_aliasmem"));
973
974 ZERO_STRUCT(q);
975 ZERO_STRUCT(r);
976
977 /* Marshall data and send request */
978
979 init_samr_q_add_aliasmem(&q, alias_pol, member);
980
981 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_ALIASMEM,
982 q, r,
983 qbuf, rbuf,
984 samr_io_q_add_aliasmem,
985 samr_io_r_add_aliasmem,
986 NT_STATUS_UNSUCCESSFUL);
987
988 result = r.status;
989
990 return result;
991 }
992
993 /* Delete an alias member */
994
995 NTSTATUS rpccli_samr_del_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
996 POLICY_HND *alias_pol, DOM_SID *member)
997 {
998 prs_struct qbuf, rbuf;
999 SAMR_Q_DEL_ALIASMEM q;
1000 SAMR_R_DEL_ALIASMEM r;
1001 NTSTATUS result;
1002
1003 DEBUG(10,("cli_samr_del_aliasmem"));
1004
1005 ZERO_STRUCT(q);
1006 ZERO_STRUCT(r);
1007
1008 /* Marshall data and send request */
1009
1010 init_samr_q_del_aliasmem(&q, alias_pol, member);
1011
1012 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_ALIASMEM,
1013 q, r,
1014 qbuf, rbuf,
1015 samr_io_q_del_aliasmem,
1016 samr_io_r_del_aliasmem,
1017 NT_STATUS_UNSUCCESSFUL);
1018
1019 result = r.status;
1020
1021 return result;
1022 }
1023
1024 /* Query alias info */
1025
1026 NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1027 POLICY_HND *alias_pol, uint16 switch_value,
1028 ALIAS_INFO_CTR *ctr)
1029 {
1030 prs_struct qbuf, rbuf;
1031 SAMR_Q_QUERY_ALIASINFO q;
1032 SAMR_R_QUERY_ALIASINFO r;
1033 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1034
1035 DEBUG(10,("cli_samr_query_alias_info\n"));
1036
1037 ZERO_STRUCT(q);
1038 ZERO_STRUCT(r);
1039
1040 /* Marshall data and send request */
1041
1042 init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
1043
1044 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO,
1045 q, r,
1046 qbuf, rbuf,
1047 samr_io_q_query_aliasinfo,
1048 samr_io_r_query_aliasinfo,
1049 NT_STATUS_UNSUCCESSFUL);
1050
1051 /* Return output parameters */
1052
1053 if (!NT_STATUS_IS_OK(result = r.status)) {
1054 goto done;
1055 }
1056
1057 *ctr = *r.ctr;
1058
1059 done:
1060
1061 return result;
1062 }
1063
1064 /* Query domain info */
1065
1066 NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
1067 TALLOC_CTX *mem_ctx,
1068 POLICY_HND *domain_pol,
1069 uint16 switch_value,
1070 SAM_UNK_CTR *ctr)
1071 {
1072 prs_struct qbuf, rbuf;
1073 SAMR_Q_QUERY_DOMAIN_INFO q;
1074 SAMR_R_QUERY_DOMAIN_INFO r;
1075 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1076
1077 DEBUG(10,("cli_samr_query_dom_info\n"));
1078
1079 ZERO_STRUCT(q);
1080 ZERO_STRUCT(r);
1081
1082 /* Marshall data and send request */
1083
1084 init_samr_q_query_domain_info(&q, domain_pol, switch_value);
1085
1086 r.ctr = ctr;
1087
1088 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO,
1089 q, r,
1090 qbuf, rbuf,
1091 samr_io_q_query_domain_info,
1092 samr_io_r_query_domain_info,
1093 NT_STATUS_UNSUCCESSFUL);
1094
1095 /* Return output parameters */
1096
1097 if (!NT_STATUS_IS_OK(result = r.status)) {
1098 goto done;
1099 }
1100
1101 done:
1102
1103 return result;
1104 }
1105
1106 /* Query domain info2 */
1107
1108 NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli,
1109 TALLOC_CTX *mem_ctx,
1110 POLICY_HND *domain_pol,
1111 uint16 switch_value,
1112 SAM_UNK_CTR *ctr)
1113 {
1114 prs_struct qbuf, rbuf;
1115 SAMR_Q_QUERY_DOMAIN_INFO2 q;
1116 SAMR_R_QUERY_DOMAIN_INFO2 r;
1117 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1118
1119 DEBUG(10,("cli_samr_query_dom_info2\n"));
1120
1121 ZERO_STRUCT(q);
1122 ZERO_STRUCT(r);
1123
1124 /* Marshall data and send request */
1125
1126 init_samr_q_query_domain_info2(&q, domain_pol, switch_value);
1127
1128 r.ctr = ctr;
1129
1130 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2,
1131 q, r,
1132 qbuf, rbuf,
1133 samr_io_q_query_domain_info2,
1134 samr_io_r_query_domain_info2,
1135 NT_STATUS_UNSUCCESSFUL);
1136
1137 /* Return output parameters */
1138
1139 if (!NT_STATUS_IS_OK(result = r.status)) {
1140 goto done;
1141 }
1142
1143 done:
1144
1145 return result;
1146 }
1147
1148 /* Set domain info */
1149
1150 NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
1151 TALLOC_CTX *mem_ctx,
1152 POLICY_HND *domain_pol,
1153 uint16 switch_value,
1154 SAM_UNK_CTR *ctr)
1155 {
1156 prs_struct qbuf, rbuf;
1157 SAMR_Q_SET_DOMAIN_INFO q;
1158 SAMR_R_SET_DOMAIN_INFO r;
1159 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1160
1161 DEBUG(10,("cli_samr_set_domain_info\n"));
1162
1163 ZERO_STRUCT(q);
1164 ZERO_STRUCT(r);
1165
1166 /* Marshall data and send request */
1167
1168 init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
1169
1170 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
1171 q, r,
1172 qbuf, rbuf,
1173 samr_io_q_set_domain_info,
1174 samr_io_r_set_domain_info,
1175 NT_STATUS_UNSUCCESSFUL);
1176
1177 /* Return output parameters */
1178
1179 if (!NT_STATUS_IS_OK(result = r.status)) {
1180 goto done;
1181 }
1182
1183 done:
1184
1185 return result;
1186 }
1187
1188 /* User change password */
1189
1190 NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
1191 TALLOC_CTX *mem_ctx,
1192 const char *username,
1193 const char *newpassword,
1194 const char *oldpassword )
1195 {
1196 prs_struct qbuf, rbuf;
1197 SAMR_Q_CHGPASSWD_USER q;
1198 SAMR_R_CHGPASSWD_USER r;
1199 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1200
1201 uchar new_nt_password[516];
1202 uchar new_lm_password[516];
1203 uchar old_nt_hash[16];
1204 uchar old_lanman_hash[16];
1205 uchar old_nt_hash_enc[16];
1206 uchar old_lanman_hash_enc[16];
1207
1208 uchar new_nt_hash[16];
1209 uchar new_lanman_hash[16];
1210
1211 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
1212
1213 DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
1214
1215 ZERO_STRUCT(q);
1216 ZERO_STRUCT(r);
1217
1218 /* Calculate the MD4 hash (NT compatible) of the password */
1219 E_md4hash(oldpassword, old_nt_hash);
1220 E_md4hash(newpassword, new_nt_hash);
1221
1222 if (lp_client_lanman_auth()
1223 && E_deshash(newpassword, new_lanman_hash)
1224 && E_deshash(oldpassword, old_lanman_hash)) {
1225 /* E_deshash returns false for 'long' passwords (> 14
1226 DOS chars). This allows us to match Win2k, which
1227 does not store a LM hash for these passwords (which
1228 would reduce the effective password length to 14) */
1229
1230 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
1231
1232 SamOEMhash( new_lm_password, old_nt_hash, 516);
1233 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
1234 } else {
1235 ZERO_STRUCT(new_lm_password);
1236 ZERO_STRUCT(old_lanman_hash_enc);
1237 }
1238
1239 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
1240
1241 SamOEMhash( new_nt_password, old_nt_hash, 516);
1242 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
1243
1244 /* Marshall data and send request */
1245
1246 init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
1247 new_nt_password,
1248 old_nt_hash_enc,
1249 new_lm_password,
1250 old_lanman_hash_enc);
1251
1252 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
1253 q, r,
1254 qbuf, rbuf,
1255 samr_io_q_chgpasswd_user,
1256 samr_io_r_chgpasswd_user,
1257 NT_STATUS_UNSUCCESSFUL);
1258
1259 /* Return output parameters */
1260
1261 if (!NT_STATUS_IS_OK(result = r.status)) {
1262 goto done;
1263 }
1264
1265 done:
1266
1267 return result;
1268 }
1269
1270 /* User change passwd with auth crap */
1271
1272 NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
1273 TALLOC_CTX *mem_ctx,
1274 const char *username,
1275 DATA_BLOB new_nt_password,
1276 DATA_BLOB old_nt_hash_enc,
1277 DATA_BLOB new_lm_password,
1278 DATA_BLOB old_lm_hash_enc)
1279 {
1280 prs_struct qbuf, rbuf;
1281 SAMR_Q_CHGPASSWD_USER q;
1282 SAMR_R_CHGPASSWD_USER r;
1283 char *srv_name_slash;
1284
1285 if (!(srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s",
1286 cli->cli->desthost))) {
1287 return NT_STATUS_NO_MEMORY;
1288 }
1289
1290 DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n",
1291 srv_name_slash));
1292
1293 ZERO_STRUCT(q);
1294 ZERO_STRUCT(r);
1295
1296 /* Marshall data and send request */
1297
1298 init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
1299 new_nt_password.data,
1300 old_nt_hash_enc.data,
1301 new_lm_password.data,
1302 old_lm_hash_enc.data);
1303
1304 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
1305 q, r,
1306 qbuf, rbuf,
1307 samr_io_q_chgpasswd_user,
1308 samr_io_r_chgpasswd_user,
1309 NT_STATUS_UNSUCCESSFUL);
1310
1311 return r.status;
1312 }
1313
1314 /* change password 3 */
1315
1316 NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli,
1317 TALLOC_CTX *mem_ctx,
1318 const char *username,
1319 const char *newpassword,
1320 const char *oldpassword,
1321 SAM_UNK_INFO_1 *info,
1322 SAMR_CHANGE_REJECT *reject)
1323 {
1324 prs_struct qbuf, rbuf;
1325 SAMR_Q_CHGPASSWD_USER3 q;
1326 SAMR_R_CHGPASSWD_USER3 r;
1327
1328 uchar new_nt_password[516];
1329 uchar new_lm_password[516];
1330 uchar old_nt_hash[16];
1331 uchar old_lanman_hash[16];
1332 uchar old_nt_hash_enc[16];
1333 uchar old_lanman_hash_enc[16];
1334
1335 uchar new_nt_hash[16];
1336 uchar new_lanman_hash[16];
1337
1338 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
1339
1340 DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
1341
1342 ZERO_STRUCT(q);
1343 ZERO_STRUCT(r);
1344
1345 /* Calculate the MD4 hash (NT compatible) of the password */
1346 E_md4hash(oldpassword, old_nt_hash);
1347 E_md4hash(newpassword, new_nt_hash);
1348
1349 if (lp_client_lanman_auth()
1350 && E_deshash(newpassword, new_lanman_hash)
1351 && E_deshash(oldpassword, old_lanman_hash)) {
1352 /* E_deshash returns false for 'long' passwords (> 14
1353 DOS chars). This allows us to match Win2k, which
1354 does not store a LM hash for these passwords (which
1355 would reduce the effective password length to 14) */
1356
1357 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
1358
1359 SamOEMhash( new_lm_password, old_nt_hash, 516);
1360 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
1361 } else {
1362 ZERO_STRUCT(new_lm_password);
1363 ZERO_STRUCT(old_lanman_hash_enc);
1364 }
1365
1366 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
1367
1368 SamOEMhash( new_nt_password, old_nt_hash, 516);
1369 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
1370
1371 /* Marshall data and send request */
1372
1373 init_samr_q_chgpasswd_user3(&q, srv_name_slash, username,
1374 new_nt_password,
1375 old_nt_hash_enc,
1376 new_lm_password,
1377 old_lanman_hash_enc);
1378 r.info = info;
1379 r.reject = reject;
1380
1381 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER3,
1382 q, r,
1383 qbuf, rbuf,
1384 samr_io_q_chgpasswd_user3,
1385 samr_io_r_chgpasswd_user3,
1386 NT_STATUS_UNSUCCESSFUL);
1387
1388 /* Return output parameters */
1389
1390 return r.status;
1391 }
1392
1393 /* This function returns the bizzare set of (max_entries, max_size) required
1394 for the QueryDisplayInfo RPC to actually work against a domain controller
1395 with large (10k and higher) numbers of users. These values were
1396 obtained by inspection using ethereal and NT4 running User Manager. */
1397
1398 void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
1399 uint32 *max_size)
1400 {
1401 switch(loop_count) {
1402 case 0:
1403 *max_entries = 512;
1404 *max_size = 16383;
1405 break;
1406 case 1:
1407 *max_entries = 1024;
1408 *max_size = 32766;
1409 break;
1410 case 2:
1411 *max_entries = 2048;
1412 *max_size = 65532;
1413 break;
1414 case 3:
1415 *max_entries = 4096;
1416 *max_size = 131064;
1417 break;
1418 default: /* loop_count >= 4 */
1419 *max_entries = 4096;
1420 *max_size = 131071;
1421 break;
1422 }
1423 }
1424
1425 /* Query display info */
1426
1427 NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
1428 TALLOC_CTX *mem_ctx,
1429 POLICY_HND *domain_pol, uint32 *start_idx,
1430 uint16 switch_value, uint32 *num_entries,
1431 uint32 max_entries, uint32 max_size,
1432 SAM_DISPINFO_CTR *ctr)
1433 {
1434 prs_struct qbuf, rbuf;
1435 SAMR_Q_QUERY_DISPINFO q;
1436 SAMR_R_QUERY_DISPINFO r;
1437 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1438
1439 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
1440
1441 ZERO_STRUCT(q);
1442 ZERO_STRUCT(r);
1443
1444 *num_entries = 0;
1445
1446 /* Marshall data and send request */
1447
1448 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1449 *start_idx, max_entries, max_size);
1450
1451 r.ctr = ctr;
1452
1453 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
1454 q, r,
1455 qbuf, rbuf,
1456 samr_io_q_query_dispinfo,
1457 samr_io_r_query_dispinfo,
1458 NT_STATUS_UNSUCCESSFUL);
1459
1460 /* Return output parameters */
1461
1462 result = r.status;
1463
1464 if (!NT_STATUS_IS_OK(result) &&
1465 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1466 goto done;
1467 }
1468
1469 *num_entries = r.num_entries;
1470 *start_idx += r.num_entries; /* No next_idx in this structure! */
1471
1472 done:
1473 return result;
1474 }
1475
1476
1477 /* Query display info2 */
1478
1479 NTSTATUS rpccli_samr_query_dispinfo2(struct rpc_pipe_client *cli,
1480 TALLOC_CTX *mem_ctx,
1481 POLICY_HND *domain_pol, uint32 *start_idx,
1482 uint16 switch_value, uint32 *num_entries,
1483 uint32 max_entries, uint32 max_size,
1484 SAM_DISPINFO_CTR *ctr)
1485 {
1486 prs_struct qbuf, rbuf;
1487 SAMR_Q_QUERY_DISPINFO q;
1488 SAMR_R_QUERY_DISPINFO r;
1489 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1490
1491 DEBUG(10,("cli_samr_query_dispinfo2 for start_idx = %u\n", *start_idx));
1492
1493 ZERO_STRUCT(q);
1494 ZERO_STRUCT(r);
1495
1496 *num_entries = 0;
1497
1498 /* Marshall data and send request */
1499
1500 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1501 *start_idx, max_entries, max_size);
1502
1503 r.ctr = ctr;
1504
1505 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO2,
1506 q, r,
1507 qbuf, rbuf,
1508 samr_io_q_query_dispinfo,
1509 samr_io_r_query_dispinfo,
1510 NT_STATUS_UNSUCCESSFUL);
1511
1512 /* Return output parameters */
1513
1514 result = r.status;
1515
1516 if (!NT_STATUS_IS_OK(result) &&
1517 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1518 goto done;
1519 }
1520
1521 *num_entries = r.num_entries;
1522 *start_idx += r.num_entries; /* No next_idx in this structure! */
1523
1524 done:
1525 return result;
1526 }
1527
1528 /* Query display info */
1529
1530 NTSTATUS rpccli_samr_query_dispinfo3(struct rpc_pipe_client *cli,
1531 TALLOC_CTX *mem_ctx,
1532 POLICY_HND *domain_pol, uint32 *start_idx,
1533 uint16 switch_value, uint32 *num_entries,
1534 uint32 max_entries, uint32 max_size,
1535 SAM_DISPINFO_CTR *ctr)
1536 {
1537 prs_struct qbuf, rbuf;
1538 SAMR_Q_QUERY_DISPINFO q;
1539 SAMR_R_QUERY_DISPINFO r;
1540 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1541
1542 DEBUG(10,("cli_samr_query_dispinfo3 for start_idx = %u\n", *start_idx));
1543
1544 ZERO_STRUCT(q);
1545 ZERO_STRUCT(r);
1546
1547 *num_entries = 0;
1548
1549 /* Marshall data and send request */
1550
1551 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1552 *start_idx, max_entries, max_size);
1553
1554 r.ctr = ctr;
1555
1556 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO3,
1557 q, r,
1558 qbuf, rbuf,
1559 samr_io_q_query_dispinfo,
1560 samr_io_r_query_dispinfo,
1561 NT_STATUS_UNSUCCESSFUL);
1562
1563 /* Return output parameters */
1564
1565 result = r.status;
1566
1567 if (!NT_STATUS_IS_OK(result) &&
1568 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1569 goto done;
1570 }
1571
1572 *num_entries = r.num_entries;
1573 *start_idx += r.num_entries; /* No next_idx in this structure! */
1574
1575 done:
1576 return result;
1577 }
1578
1579 /* Query display info index */
1580
1581 NTSTATUS rpccli_samr_get_dispenum_index(struct rpc_pipe_client *cli,
1582 TALLOC_CTX *mem_ctx,
1583 POLICY_HND *domain_pol,
1584 uint16 switch_value,
1585 const char *name,
1586 uint32 *idx)
1587 {
1588 prs_struct qbuf, rbuf;
1589 SAMR_Q_GET_DISPENUM_INDEX q;
1590 SAMR_R_GET_DISPENUM_INDEX r;
1591 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1592
1593 DEBUG(10,("cli_samr_get_dispenum_index for name = %s\n", name));
1594
1595 ZERO_STRUCT(q);
1596 ZERO_STRUCT(r);
1597
1598 /* Marshall data and send request */
1599
1600 init_samr_q_get_dispenum_index(&q, domain_pol, switch_value, name);
1601
1602 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DISPENUM_INDEX,
1603 q, r,
1604 qbuf, rbuf,
1605 samr_io_q_get_dispenum_index,
1606 samr_io_r_get_dispenum_index,
1607 NT_STATUS_UNSUCCESSFUL);
1608
1609 /* Return output parameters */
1610
1611 *idx = 0;
1612
1613 result = r.status;
1614
1615 if (!NT_STATUS_IS_ERR(result)) {
1616 *idx = r.idx;
1617 }
1618
1619 return result;
1620 }
1621
1622 NTSTATUS rpccli_samr_get_dispenum_index2(struct rpc_pipe_client *cli,
1623 TALLOC_CTX *mem_ctx,
1624 POLICY_HND *domain_pol,
1625 uint16 switch_value,
1626 const char *name,
1627 uint32 *idx)
1628 {
1629 prs_struct qbuf, rbuf;
1630 SAMR_Q_GET_DISPENUM_INDEX q;
1631 SAMR_R_GET_DISPENUM_INDEX r;
1632 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1633
1634 DEBUG(10,("cli_samr_get_dispenum_index2 for name = %s\n", name));
1635
1636 ZERO_STRUCT(q);
1637 ZERO_STRUCT(r);
1638
1639 /* Marshall data and send request */
1640
1641 init_samr_q_get_dispenum_index(&q, domain_pol, switch_value, name);
1642
1643 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DISPENUM_INDEX2,
1644 q, r,
1645 qbuf, rbuf,
1646 samr_io_q_get_dispenum_index,
1647 samr_io_r_get_dispenum_index,
1648 NT_STATUS_UNSUCCESSFUL);
1649
1650 /* Return output parameters */
1651
1652 *idx = 0;
1653
1654 result = r.status;
1655
1656 if (!NT_STATUS_IS_ERR(result)) {
1657 *idx = r.idx;
1658 }
1659
1660 return result;
1661 }
1662
1663
1664 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1665 looked up in one packet. */
1666
1667 NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
1668 TALLOC_CTX *mem_ctx,
1669 POLICY_HND *domain_pol,
1670 uint32 num_rids, uint32 *rids,
1671 uint32 *num_names, char ***names,
1672 uint32 **name_types)
1673 {
1674 prs_struct qbuf, rbuf;
1675 SAMR_Q_LOOKUP_RIDS q;
1676 SAMR_R_LOOKUP_RIDS r;
1677 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1678 uint32 i;
1679
1680 DEBUG(10,("cli_samr_lookup_rids\n"));
1681
1682 if (num_rids > 1000) {
1683 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1684 "more than ~1000 rids are looked up at once.\n"));
1685 }
1686
1687 ZERO_STRUCT(q);
1688 ZERO_STRUCT(r);
1689
1690 /* Marshall data and send request */
1691
1692 init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);
1693
1694 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
1695 q, r,
1696 qbuf, rbuf,
1697 samr_io_q_lookup_rids,
1698 samr_io_r_lookup_rids,
1699 NT_STATUS_UNSUCCESSFUL);
1700
1701 /* Return output parameters */
1702
1703 result = r.status;
1704
1705 if (!NT_STATUS_IS_OK(result) &&
1706 !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1707 goto done;
1708
1709 if (r.num_names1 == 0) {
1710 *num_names = 0;
1711 *names = NULL;
1712 goto done;
1713 }
1714
1715 *num_names = r.num_names1;
1716 *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
1717 *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
1718
1719 if ((*names == NULL) || (*name_types == NULL)) {
1720 TALLOC_FREE(*names);
1721 TALLOC_FREE(*name_types);
1722 return NT_STATUS_NO_MEMORY;
1723 }
1724
1725 for (i = 0; i < r.num_names1; i++) {
1726 fstring tmp;
1727
1728 unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp) - 1);
1729 (*names)[i] = talloc_strdup(mem_ctx, tmp);
1730 (*name_types)[i] = r.type[i];
1731 }
1732
1733 done:
1734
1735 return result;
1736 }
1737
1738 /* Lookup names */
1739
1740 NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1741 POLICY_HND *domain_pol, uint32 flags,
1742 uint32 num_names, const char **names,
1743 uint32 *num_rids, uint32 **rids,
1744 uint32 **rid_types)
1745 {
1746 prs_struct qbuf, rbuf;
1747 SAMR_Q_LOOKUP_NAMES q;
1748 SAMR_R_LOOKUP_NAMES r;
1749 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1750 uint32 i;
1751
1752 DEBUG(10,("cli_samr_lookup_names\n"));
1753
1754 ZERO_STRUCT(q);
1755 ZERO_STRUCT(r);
1756
1757 /* Marshall data and send request */
1758
1759 init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
1760 num_names, names);
1761
1762 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
1763 q, r,
1764 qbuf, rbuf,
1765 samr_io_q_lookup_names,
1766 samr_io_r_lookup_names,
1767 NT_STATUS_UNSUCCESSFUL);
1768
1769 /* Return output parameters */
1770
1771 if (!NT_STATUS_IS_OK(result = r.status)) {
1772 goto done;
1773 }
1774
1775 if (r.num_rids1 == 0) {
1776 *num_rids = 0;
1777 goto done;
1778 }
1779
1780 *num_rids = r.num_rids1;
1781 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1782 *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1783
1784 if ((*rids == NULL) || (*rid_types == NULL)) {
1785 TALLOC_FREE(*rids);
1786 TALLOC_FREE(*rid_types);
1787 return NT_STATUS_NO_MEMORY;
1788 }
1789
1790 for (i = 0; i < r.num_rids1; i++) {
1791 (*rids)[i] = r.rids[i];
1792 (*rid_types)[i] = r.types[i];
1793 }
1794
1795 done:
1796
1797 return result;
1798 }
1799
1800 /* Create a domain user */
1801
1802 NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1803 POLICY_HND *domain_pol, const char *acct_name,
1804 uint32 acb_info, uint32 unknown,
1805 POLICY_HND *user_pol, uint32 *rid)
1806 {
1807 prs_struct qbuf, rbuf;
1808 SAMR_Q_CREATE_USER q;
1809 SAMR_R_CREATE_USER r;
1810 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1811
1812 DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name));
1813
1814 ZERO_STRUCT(q);
1815 ZERO_STRUCT(r);
1816
1817 /* Marshall data and send request */
1818
1819 init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);
1820
1821 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
1822 q, r,
1823 qbuf, rbuf,
1824 samr_io_q_create_user,
1825 samr_io_r_create_user,
1826 NT_STATUS_UNSUCCESSFUL);
1827
1828 /* Return output parameters */
1829
1830 if (!NT_STATUS_IS_OK(result = r.status)) {
1831 goto done;
1832 }
1833
1834 if (user_pol)
1835 *user_pol = r.user_pol;
1836
1837 if (rid)
1838 *rid = r.user_rid;
1839
1840 done:
1841
1842 return result;
1843 }
1844
1845 /* Set userinfo */
1846
1847 NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1848 const POLICY_HND *user_pol, uint16 switch_value,
1849 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1850 {
1851 prs_struct qbuf, rbuf;
1852 SAMR_Q_SET_USERINFO q;
1853 SAMR_R_SET_USERINFO r;
1854 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1855
1856 DEBUG(10,("cli_samr_set_userinfo\n"));
1857
1858 ZERO_STRUCT(q);
1859 ZERO_STRUCT(r);
1860
1861 if (!sess_key->length) {
1862 DEBUG(1, ("No user session key\n"));
1863 return NT_STATUS_NO_USER_SESSION_KEY;
1864 }
1865
1866 /* Initialise parse structures */
1867
1868 prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1869 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1870
1871 /* Marshall data and send request */
1872
1873 q.ctr = ctr;
1874
1875 init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
1876 ctr->info.id);
1877
1878 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
1879 q, r,
1880 qbuf, rbuf,
1881 samr_io_q_set_userinfo,
1882 samr_io_r_set_userinfo,
1883 NT_STATUS_UNSUCCESSFUL);
1884
1885 /* Return output parameters */
1886
1887 if (!NT_STATUS_IS_OK(result = r.status)) {
1888 goto done;
1889 }
1890
1891 done:
1892
1893 return result;
1894 }
1895
1896 /* Set userinfo2 */
1897
1898 NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1899 const POLICY_HND *user_pol, uint16 switch_value,
1900 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1901 {
1902 prs_struct qbuf, rbuf;
1903 SAMR_Q_SET_USERINFO2 q;
1904 SAMR_R_SET_USERINFO2 r;
1905 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1906
1907 DEBUG(10,("cli_samr_set_userinfo2\n"));
1908
1909 if (!sess_key->length) {
1910 DEBUG(1, ("No user session key\n"));
1911 return NT_STATUS_NO_USER_SESSION_KEY;
1912 }
1913
1914 ZERO_STRUCT(q);
1915 ZERO_STRUCT(r);
1916
1917 /* Marshall data and send request */
1918
1919 init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
1920
1921 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
1922 q, r,
1923 qbuf, rbuf,
1924 samr_io_q_set_userinfo2,
1925 samr_io_r_set_userinfo2,
1926 NT_STATUS_UNSUCCESSFUL);
1927
1928 /* Return output parameters */
1929
1930 if (!NT_STATUS_IS_OK(result = r.status)) {
1931 goto done;
1932 }
1933
1934 done:
1935
1936 return result;
1937 }
1938
1939 /* Delete domain group */
1940
1941 NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1942 POLICY_HND *group_pol)
1943 {
1944 prs_struct qbuf, rbuf;
1945 SAMR_Q_DELETE_DOM_GROUP q;
1946 SAMR_R_DELETE_DOM_GROUP r;
1947 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1948
1949 DEBUG(10,("cli_samr_delete_dom_group\n"));
1950
1951 ZERO_STRUCT(q);
1952 ZERO_STRUCT(r);
1953
1954 /* Marshall data and send request */
1955
1956 init_samr_q_delete_dom_group(&q, group_pol);
1957
1958 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP,
1959 q, r,
1960 qbuf, rbuf,
1961 samr_io_q_delete_dom_group,
1962 samr_io_r_delete_dom_group,
1963 NT_STATUS_UNSUCCESSFUL);
1964
1965 /* Return output parameters */
1966
1967 result = r.status;
1968
1969 return result;
1970 }
1971
1972 /* Delete domain alias */
1973
1974 NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1975 POLICY_HND *alias_pol)
1976 {
1977 prs_struct qbuf, rbuf;
1978 SAMR_Q_DELETE_DOM_ALIAS q;
1979 SAMR_R_DELETE_DOM_ALIAS r;
1980 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1981
1982 DEBUG(10,("cli_samr_delete_dom_alias\n"));
1983
1984 ZERO_STRUCT(q);
1985 ZERO_STRUCT(r);
1986
1987 /* Marshall data and send request */
1988
1989 init_samr_q_delete_dom_alias(&q, alias_pol);
1990
1991 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS,
1992 q, r,
1993 qbuf, rbuf,
1994 samr_io_q_delete_dom_alias,
1995 samr_io_r_delete_dom_alias,
1996 NT_STATUS_UNSUCCESSFUL);
1997
1998 /* Return output parameters */
1999
2000 result = r.status;
2001
2002 return result;
2003 }
2004
2005 /* Delete domain user */
2006
2007 NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2008 POLICY_HND *user_pol)
2009 {
2010 prs_struct qbuf, rbuf;
2011 SAMR_Q_DELETE_DOM_USER q;
2012 SAMR_R_DELETE_DOM_USER r;
2013 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2014
2015 DEBUG(10,("cli_samr_delete_dom_user\n"));
2016
2017 ZERO_STRUCT(q);
2018 ZERO_STRUCT(r);
2019
2020 /* Marshall data and send request */
2021
2022 init_samr_q_delete_dom_user(&q, user_pol);
2023
2024 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER,
2025 q, r,
2026 qbuf, rbuf,
2027 samr_io_q_delete_dom_user,
2028 samr_io_r_delete_dom_user,
2029 NT_STATUS_UNSUCCESSFUL);
2030
2031 /* Return output parameters */
2032
2033 result = r.status;
2034
2035 return result;
2036 }
2037
2038 /* Remove foreign SID */
2039
2040 NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli,
2041 TALLOC_CTX *mem_ctx,
2042 POLICY_HND *user_pol,
2043 DOM_SID *sid)
2044 {
2045 prs_struct qbuf, rbuf;
2046 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
2047 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
2048 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2049
2050 DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
2051
2052 ZERO_STRUCT(q);
2053 ZERO_STRUCT(r);
2054
2055 /* Marshall data and send request */
2056
2057 init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid);
2058
2059 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN,
2060 q, r,
2061 qbuf, rbuf,
2062 samr_io_q_remove_sid_foreign_domain,
2063 samr_io_r_remove_sid_foreign_domain,
2064 NT_STATUS_UNSUCCESSFUL);
2065
2066 /* Return output parameters */
2067
2068 result = r.status;
2069
2070 return result;
2071 }
2072
2073 /* Query user security object */
2074
2075 NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2076 POLICY_HND *user_pol, uint32 sec_info,
2077 TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
2078 {
2079 prs_struct qbuf, rbuf;
2080 SAMR_Q_QUERY_SEC_OBJ q;
2081 SAMR_R_QUERY_SEC_OBJ r;
2082 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2083
2084 DEBUG(10,("cli_samr_query_sec_obj\n"));
2085
2086 ZERO_STRUCT(q);
2087 ZERO_STRUCT(r);
2088
2089 /* Marshall data and send request */
2090
2091 init_samr_q_query_sec_obj(&q, user_pol, sec_info);
2092
2093 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT,
2094 q, r,
2095 qbuf, rbuf,
2096 samr_io_q_query_sec_obj,
2097 samr_io_r_query_sec_obj,
2098 NT_STATUS_UNSUCCESSFUL);
2099
2100 /* Return output parameters */
2101
2102 result = r.status;
2103 *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
2104
2105 return result;
2106 }
2107
2108 /* Set user security object */
2109
2110 NTSTATUS rpccli_samr_set_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2111 POLICY_HND *user_pol, uint32 sec_info,
2112 SEC_DESC_BUF *sec_desc_buf)
2113 {
2114 prs_struct qbuf, rbuf;
2115 SAMR_Q_SET_SEC_OBJ q;
2116 SAMR_R_SET_SEC_OBJ r;
2117 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2118
2119 DEBUG(10,("cli_samr_set_sec_obj\n"));
2120
2121 ZERO_STRUCT(q);
2122 ZERO_STRUCT(r);
2123
2124 /* Marshall data and send request */
2125
2126 init_samr_q_set_sec_obj(&q, user_pol, sec_info, sec_desc_buf);
2127
2128 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_SEC_OBJECT,
2129 q, r,
2130 qbuf, rbuf,
2131 samr_io_q_set_sec_obj,
2132 samr_io_r_set_sec_obj,
2133 NT_STATUS_UNSUCCESSFUL);
2134
2135 /* Return output parameters */
2136
2137 result = r.status;
2138
2139 return result;
2140 }
2141
2142
2143 /* Get domain password info */
2144
2145 NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2146 uint16 *min_pwd_length, uint32 *password_properties)
2147 {
2148 prs_struct qbuf, rbuf;
2149 SAMR_Q_GET_DOM_PWINFO q;
2150 SAMR_R_GET_DOM_PWINFO r;
2151 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2152
2153 DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
2154
2155 ZERO_STRUCT(q);
2156 ZERO_STRUCT(r);
2157
2158 /* Marshall data and send request */
2159
2160 init_samr_q_get_dom_pwinfo(&q, cli->cli->desthost);
2161
2162 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DOM_PWINFO,
2163 q, r,
2164 qbuf, rbuf,
2165 samr_io_q_get_dom_pwinfo,
2166 samr_io_r_get_dom_pwinfo,
2167 NT_STATUS_UNSUCCESSFUL);
2168
2169 /* Return output parameters */
2170
2171 result = r.status;
2172
2173 if (NT_STATUS_IS_OK(result)) {
2174 if (min_pwd_length)
2175 *min_pwd_length = r.min_pwd_length;
2176 if (password_properties)
2177 *password_properties = r.password_properties;
2178 }
2179
2180 return result;
2181 }
2182
2183 /* Get domain password info */
2184
2185 NTSTATUS rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2186 POLICY_HND *pol, uint16 *min_pwd_length,
2187 uint32 *password_properties, uint32 *unknown1)
2188 {
2189 prs_struct qbuf, rbuf;
2190 SAMR_Q_GET_USRDOM_PWINFO q;
2191 SAMR_R_GET_USRDOM_PWINFO r;
2192 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2193
2194 DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
2195
2196 ZERO_STRUCT(q);
2197 ZERO_STRUCT(r);
2198
2199 /* Marshall data and send request */
2200
2201 init_samr_q_get_usrdom_pwinfo(&q, pol);
2202
2203 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_USRDOM_PWINFO,
2204 q, r,
2205 qbuf, rbuf,
2206 samr_io_q_get_usrdom_pwinfo,
2207 samr_io_r_get_usrdom_pwinfo,
2208 NT_STATUS_UNSUCCESSFUL);
2209
2210 /* Return output parameters */
2211
2212 result = r.status;
2213
2214 if (NT_STATUS_IS_OK(result)) {
2215 if (min_pwd_length)
2216 *min_pwd_length = r.min_pwd_length;
2217 if (password_properties)
2218 *password_properties = r.password_properties;
2219 if (unknown1)
2220 *unknown1 = r.unknown_1;
2221 }
2222
2223 return result;
2224 }
2225
2226
2227 /* Lookup Domain Name */
2228
2229 NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2230 POLICY_HND *user_pol, char *domain_name,
2231 DOM_SID *sid)
2232 {
2233 prs_struct qbuf, rbuf;
2234 SAMR_Q_LOOKUP_DOMAIN q;
2235 SAMR_R_LOOKUP_DOMAIN r;
2236 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2237
2238 DEBUG(10,("cli_samr_lookup_domain\n"));
2239
2240 ZERO_STRUCT(q);
2241 ZERO_STRUCT(r);
2242
2243 /* Marshall data and send request */
2244
2245 init_samr_q_lookup_domain(&q, user_pol, domain_name);
2246
2247 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN,
2248 q, r,
2249 qbuf, rbuf,
2250 samr_io_q_lookup_domain,
2251 samr_io_r_lookup_domain,
2252 NT_STATUS_UNSUCCESSFUL);
2253
2254 /* Return output parameters */
2255
2256 result = r.status;
2257
2258 if (NT_STATUS_IS_OK(result))
2259 sid_copy(sid, &r.dom_sid.sid);
2260
2261 return result;
2262 }