search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
merge from 2.2 in password_ok() to ensure that we check the
[Samba/gbeck.git] / source / libsmb / cli_samr.c
blob985a0a1ecb1bdb24de66bffa06b9659ba5f0eaad
1 /*
2 Unix SMB/Netbios implementation.
3 Version 2.2
4 RPC pipe client
5 Copyright (C) Tim Potter 2000,
6 Copyright (C) Andrew Tridgell 1992-1997,2000,
7 Copyright (C) Luke Kenneth Casson Leighton 1996-1997,2000,
8 Copyright (C) Paul Ashton 1997,2000,
9 Copyright (C) Elrond 2000.
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 */
25
26 #include "includes.h"
27
28 /* Opens a SMB connection to the SAMR pipe */
29
30 struct cli_state *cli_samr_initialise(struct cli_state *cli, char *system_name,
31 struct ntuser_creds *creds)
32 {
33 struct in_addr dest_ip;
34 struct nmb_name calling, called;
35 fstring dest_host;
36 extern pstring global_myname;
37 struct ntuser_creds anon;
38
39 /* Initialise cli_state information */
40
41 if (!cli_initialise(cli)) {
42 return NULL;
43 }
44
45 if (!creds) {
46 ZERO_STRUCT(anon);
47 anon.pwd.null_pwd = 1;
48 creds = &anon;
49 }
50
51 cli_init_creds(cli, creds);
52
53 /* Establish a SMB connection */
54
55 if (!resolve_srv_name(system_name, dest_host, &dest_ip)) {
56 return NULL;
57 }
58
59 make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20);
60 make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
61
62 if (!cli_establish_connection(cli, dest_host, &dest_ip, &calling,
63 &called, "IPC$", "IPC", False, True)) {
64 return NULL;
65 }
66
67 /* Open a NT session thingy */
68
69 if (!cli_nt_session_open(cli, PIPE_SAMR)) {
70 cli_shutdown(cli);
71 return NULL;
72 }
73
74 return cli;
75 }
76
77 /* Shut down a SMB connection to the SAMR pipe */
78
79 void cli_samr_shutdown(struct cli_state *cli)
80 {
81 if (cli->fd != -1) cli_ulogoff(cli);
82 cli_shutdown(cli);
83 }
84
85 /* Connect to SAMR database */
86
87 uint32 cli_samr_connect(
88 struct cli_state *cli,
89 TALLOC_CTX *mem_ctx,
90 char *srv_name,
91 uint32 access_mask,
92 POLICY_HND *connect_pol
93 )
94 {
95 prs_struct qbuf, rbuf;
96 SAMR_Q_CONNECT q;
97 SAMR_R_CONNECT r;
98 uint32 result;
99
100 ZERO_STRUCT(q);
101 ZERO_STRUCT(r);
102
103 /* Initialise parse structures */
104
105 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
106 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
107
108 /* Marshall data and send request */
109
110 init_samr_q_connect(&q, srv_name, access_mask);
111
112 if (!samr_io_q_connect("", &q, &qbuf, 0) ||
113 !rpc_api_pipe_req(cli, SAMR_CONNECT, &qbuf, &rbuf)) {
114 result = NT_STATUS_UNSUCCESSFUL;
115 goto done;
116 }
117
118 /* Unmarshall response */
119
120 if (!samr_io_r_connect("", &r, &rbuf, 0)) {
121 result = NT_STATUS_UNSUCCESSFUL;
122 goto done;
123 }
124
125 /* Return output parameters */
126
127 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
128 *connect_pol = r.connect_pol;
129 }
130
131 done:
132 prs_mem_free(&qbuf);
133 prs_mem_free(&rbuf);
134
135 return result;
136 }
137
138 /* Close SAMR handle */
139
140 uint32 cli_samr_close(
141 struct cli_state *cli,
142 TALLOC_CTX *mem_ctx,
143 POLICY_HND *connect_pol
144 )
145 {
146 prs_struct qbuf, rbuf;
147 SAMR_Q_CLOSE_HND q;
148 SAMR_R_CLOSE_HND r;
149 uint32 result;
150
151 ZERO_STRUCT(q);
152 ZERO_STRUCT(r);
153
154 /* Initialise parse structures */
155
156 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
157 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
158
159 /* Marshall data and send request */
160
161 init_samr_q_close_hnd(&q, connect_pol);
162
163 if (!samr_io_q_close_hnd("", &q, &qbuf, 0) ||
164 !rpc_api_pipe_req(cli, SAMR_CLOSE_HND, &qbuf, &rbuf)) {
165 result = NT_STATUS_UNSUCCESSFUL;
166 goto done;
167 }
168
169 /* Unmarshall response */
170
171 if (!samr_io_r_close_hnd("", &r, &rbuf, 0)) {
172 result = NT_STATUS_UNSUCCESSFUL;
173 goto done;
174 }
175
176 /* Return output parameters */
177
178 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
179 *connect_pol = r.pol;
180 }
181
182 done:
183 prs_mem_free(&qbuf);
184 prs_mem_free(&rbuf);
185
186 return result;
187 }
188
189 /* Open handle on a domain */
190
191 uint32 cli_samr_open_domain(
192 struct cli_state *cli,
193 TALLOC_CTX *mem_ctx,
194 POLICY_HND *connect_pol,
195 uint32 access_mask,
196 DOM_SID *domain_sid,
197 POLICY_HND *domain_pol
198 )
199 {
200 prs_struct qbuf, rbuf;
201 SAMR_Q_OPEN_DOMAIN q;
202 SAMR_R_OPEN_DOMAIN r;
203 uint32 result;
204
205 ZERO_STRUCT(q);
206 ZERO_STRUCT(r);
207
208 /* Initialise parse structures */
209
210 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
211 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
212
213 /* Marshall data and send request */
214
215 init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
216
217 if (!samr_io_q_open_domain("", &q, &qbuf, 0) ||
218 !rpc_api_pipe_req(cli, SAMR_OPEN_DOMAIN, &qbuf, &rbuf)) {
219 result = NT_STATUS_UNSUCCESSFUL;
220 goto done;
221 }
222
223 /* Unmarshall response */
224
225 if (!samr_io_r_open_domain("", &r, &rbuf, 0)) {
226 result = NT_STATUS_UNSUCCESSFUL;
227 goto done;
228 }
229
230 /* Return output parameters */
231
232 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
233 *domain_pol = r.domain_pol;
234 }
235
236 done:
237 prs_mem_free(&qbuf);
238 prs_mem_free(&rbuf);
239
240 return result;
241 }
242
243 /* Open handle on a user */
244
245 uint32 cli_samr_open_user(
246 struct cli_state *cli,
247 TALLOC_CTX *mem_ctx,
248 POLICY_HND *domain_pol,
249 uint32 access_mask,
250 uint32 user_rid,
251 POLICY_HND *user_pol
252 )
253 {
254 prs_struct qbuf, rbuf;
255 SAMR_Q_OPEN_USER q;
256 SAMR_R_OPEN_USER r;
257 uint32 result;
258
259 ZERO_STRUCT(q);
260 ZERO_STRUCT(r);
261
262 /* Initialise parse structures */
263
264 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
265 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
266
267 /* Marshall data and send request */
268
269 init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
270
271 if (!samr_io_q_open_user("", &q, &qbuf, 0) ||
272 !rpc_api_pipe_req(cli, SAMR_OPEN_USER, &qbuf, &rbuf)) {
273 result = NT_STATUS_UNSUCCESSFUL;
274 goto done;
275 }
276
277 /* Unmarshall response */
278
279 if (!samr_io_r_open_user("", &r, &rbuf, 0)) {
280 result = NT_STATUS_UNSUCCESSFUL;
281 goto done;
282 }
283
284 /* Return output parameters */
285
286 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
287 *user_pol = r.user_pol;
288 }
289
290 done:
291 prs_mem_free(&qbuf);
292 prs_mem_free(&rbuf);
293
294 return result;
295 }
296
297 /* Open handle on a group */
298
299 uint32 cli_samr_open_group(
300 struct cli_state *cli,
301 TALLOC_CTX *mem_ctx,
302 POLICY_HND *domain_pol,
303 uint32 access_mask,
304 uint32 group_rid,
305 POLICY_HND *group_pol
306 )
307 {
308 prs_struct qbuf, rbuf;
309 SAMR_Q_OPEN_GROUP q;
310 SAMR_R_OPEN_GROUP r;
311 uint32 result;
312
313 ZERO_STRUCT(q);
314 ZERO_STRUCT(r);
315
316 /* Initialise parse structures */
317
318 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
319 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
320
321 /* Marshall data and send request */
322
323 init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
324
325 if (!samr_io_q_open_group("", &q, &qbuf, 0) ||
326 !rpc_api_pipe_req(cli, SAMR_OPEN_GROUP, &qbuf, &rbuf)) {
327 result = NT_STATUS_UNSUCCESSFUL;
328 goto done;
329 }
330
331 /* Unmarshall response */
332
333 if (!samr_io_r_open_group("", &r, &rbuf, 0)) {
334 result = NT_STATUS_UNSUCCESSFUL;
335 goto done;
336 }
337
338 /* Return output parameters */
339
340 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
341 *group_pol = r.pol;
342 }
343
344 done:
345 prs_mem_free(&qbuf);
346 prs_mem_free(&rbuf);
347
348 return result;
349 }
350
351 /* Query user info */
352
353 uint32 cli_samr_query_userinfo(
354 struct cli_state *cli,
355 TALLOC_CTX *mem_ctx,
356 POLICY_HND *user_pol,
357 uint16 switch_value,
358 SAM_USERINFO_CTR *ctr
359 )
360 {
361 prs_struct qbuf, rbuf;
362 SAMR_Q_QUERY_USERINFO q;
363 SAMR_R_QUERY_USERINFO r;
364 uint32 result;
365
366 ZERO_STRUCT(q);
367 ZERO_STRUCT(r);
368
369 /* Initialise parse structures */
370
371 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
372 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
373
374 /* Marshall data and send request */
375
376 init_samr_q_query_userinfo(&q, user_pol, switch_value);
377
378 if (!samr_io_q_query_userinfo("", &q, &qbuf, 0) ||
379 !rpc_api_pipe_req(cli, SAMR_QUERY_USERINFO, &qbuf, &rbuf)) {
380 result = NT_STATUS_UNSUCCESSFUL;
381 goto done;
382 }
383
384 /* Unmarshall response */
385
386 r.ctr = ctr;
387
388 if (!samr_io_r_query_userinfo("", &r, &rbuf, 0)) {
389 result = NT_STATUS_UNSUCCESSFUL;
390 goto done;
391 }
392
393 /* Return output parameters */
394
395 result = r.status;
396
397 done:
398 prs_mem_free(&qbuf);
399 prs_mem_free(&rbuf);
400
401 return result;
402 }
403
404 /* Query group info */
405
406 uint32 cli_samr_query_groupinfo(
407 struct cli_state *cli,
408 TALLOC_CTX *mem_ctx,
409 POLICY_HND *group_pol,
410 uint32 info_level,
411 GROUP_INFO_CTR *ctr
412 )
413 {
414 prs_struct qbuf, rbuf;
415 SAMR_Q_QUERY_GROUPINFO q;
416 SAMR_R_QUERY_GROUPINFO r;
417 uint32 result;
418
419 ZERO_STRUCT(q);
420 ZERO_STRUCT(r);
421
422 /* Initialise parse structures */
423
424 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
425 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
426
427 /* Marshall data and send request */
428
429 init_samr_q_query_groupinfo(&q, group_pol, info_level);
430
431 if (!samr_io_q_query_groupinfo("", &q, &qbuf, 0) ||
432 !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPINFO, &qbuf, &rbuf)) {
433 result = NT_STATUS_UNSUCCESSFUL;
434 goto done;
435 }
436
437 /* Unmarshall response */
438
439 r.ctr = ctr;
440
441 if (!samr_io_r_query_groupinfo("", &r, &rbuf, 0)) {
442 result = NT_STATUS_UNSUCCESSFUL;
443 goto done;
444 }
445
446 /* Return output parameters */
447
448 result = r.status;
449
450 done:
451 prs_mem_free(&qbuf);
452 prs_mem_free(&rbuf);
453
454 return result;
455 }
456
457 /* Query user groups */
458
459 uint32 cli_samr_query_usergroups(
460 struct cli_state *cli,
461 TALLOC_CTX *mem_ctx,
462 POLICY_HND *user_pol,
463 uint32 *num_groups,
464 DOM_GID **gid
465 )
466 {
467 prs_struct qbuf, rbuf;
468 SAMR_Q_QUERY_USERGROUPS q;
469 SAMR_R_QUERY_USERGROUPS r;
470 uint32 result;
471
472 ZERO_STRUCT(q);
473 ZERO_STRUCT(r);
474
475 /* Initialise parse structures */
476
477 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
478 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
479
480 /* Marshall data and send request */
481
482 init_samr_q_query_usergroups(&q, user_pol);
483
484 if (!samr_io_q_query_usergroups("", &q, &qbuf, 0) ||
485 !rpc_api_pipe_req(cli, SAMR_QUERY_USERGROUPS, &qbuf, &rbuf)) {
486 result = NT_STATUS_UNSUCCESSFUL;
487 goto done;
488 }
489
490 /* Unmarshall response */
491
492 if (!samr_io_r_query_usergroups("", &r, &rbuf, 0)) {
493 result = NT_STATUS_UNSUCCESSFUL;
494 goto done;
495 }
496
497 /* Return output parameters */
498
499 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
500 *num_groups = r.num_entries;
501 *gid = r.gid;
502 }
503
504 done:
505 prs_mem_free(&qbuf);
506 prs_mem_free(&rbuf);
507
508 return result;
509 }
510
511 /* Query user groups */
512
513 uint32 cli_samr_query_groupmem(
514 struct cli_state *cli,
515 TALLOC_CTX *mem_ctx,
516 POLICY_HND *group_pol,
517 uint32 *num_mem,
518 uint32 **rid,
519 uint32 **attr
520 )
521 {
522 prs_struct qbuf, rbuf;
523 SAMR_Q_QUERY_GROUPMEM q;
524 SAMR_R_QUERY_GROUPMEM r;
525 uint32 result;
526
527 ZERO_STRUCT(q);
528 ZERO_STRUCT(r);
529
530 /* Initialise parse structures */
531
532 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
533 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
534
535 /* Marshall data and send request */
536
537 init_samr_q_query_groupmem(&q, group_pol);
538
539 if (!samr_io_q_query_groupmem("", &q, &qbuf, 0) ||
540 !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPMEM, &qbuf, &rbuf)) {
541 result = NT_STATUS_UNSUCCESSFUL;
542 goto done;
543 }
544
545 /* Unmarshall response */
546
547 if (!samr_io_r_query_groupmem("", &r, &rbuf, 0)) {
548 result = NT_STATUS_UNSUCCESSFUL;
549 goto done;
550 }
551
552 /* Return output parameters */
553
554 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
555 *num_mem = r.num_entries;
556 *rid = r.rid;
557 *attr = r.attr;
558 }
559
560 done:
561 prs_mem_free(&qbuf);
562 prs_mem_free(&rbuf);
563
564 return result;
565 }
566
567 /* Enumerate domain groups */
568
569 uint32 cli_samr_enum_dom_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
570 POLICY_HND *pol, uint32 *start_idx,
571 uint32 size, struct acct_info **dom_groups,
572 uint32 *num_dom_groups)
573 {
574 prs_struct qbuf, rbuf;
575 SAMR_Q_ENUM_DOM_GROUPS q;
576 SAMR_R_ENUM_DOM_GROUPS r;
577 uint32 result = NT_STATUS_UNSUCCESSFUL, name_idx, i;
578
579 ZERO_STRUCT(q);
580 ZERO_STRUCT(r);
581
582 /* Initialise parse structures */
583
584 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
585 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
586
587 /* Marshall data and send request */
588
589 init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
590
591 if (!samr_io_q_enum_dom_groups("", &q, &qbuf, 0) ||
592 !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_GROUPS, &qbuf, &rbuf)) {
593 goto done;
594 }
595
596 /* Unmarshall response */
597
598 if (!samr_io_r_enum_dom_groups("", &r, &rbuf, 0)) {
599 goto done;
600 }
601
602 /* Return output parameters */
603
604 result = r.status;
605
606 if (result != NT_STATUS_NOPROBLEMO &&
607 result != STATUS_MORE_ENTRIES) {
608 goto done;
609 }
610
611 *num_dom_groups = r.num_entries2;
612
613 if (!((*dom_groups) = (struct acct_info *)
614 talloc(mem_ctx, sizeof(struct acct_info) * *num_dom_groups))) {
615 result = NT_STATUS_UNSUCCESSFUL;
616 goto done;
617 }
618
619 memset(*dom_groups, 0, sizeof(struct acct_info) * *num_dom_groups);
620
621 name_idx = 0;
622
623 for (i = 0; i < *num_dom_groups; i++) {
624
625 (*dom_groups)[i].rid = r.sam[i].rid;
626
627 if (r.sam[i].hdr_name.buffer) {
628 unistr2_to_ascii((*dom_groups)[i].acct_name,
629 &r.uni_grp_name[name_idx],
630 sizeof(fstring) - 1);
631 name_idx++;
632 }
633
634 *start_idx = r.next_idx;
635 }
636
637 done:
638 prs_mem_free(&qbuf);
639 prs_mem_free(&rbuf);
640
641 return result;
642 }
643
644 /* Query alias members */
645
646 uint32 cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
647 POLICY_HND *alias_pol, uint32 *num_mem,
648 DOM_SID **sids)
649 {
650 prs_struct qbuf, rbuf;
651 SAMR_Q_QUERY_ALIASMEM q;
652 SAMR_R_QUERY_ALIASMEM r;
653 uint32 result = NT_STATUS_UNSUCCESSFUL, i;
654
655 ZERO_STRUCT(q);
656 ZERO_STRUCT(r);
657
658 /* Initialise parse structures */
659
660 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
661 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
662
663 /* Marshall data and send request */
664
665 init_samr_q_query_aliasmem(&q, alias_pol);
666
667 if (!samr_io_q_query_aliasmem("", &q, &qbuf, 0) ||
668 !rpc_api_pipe_req(cli, SAMR_QUERY_ALIASMEM, &qbuf, &rbuf)) {
669 goto done;
670 }
671
672 /* Unmarshall response */
673
674 if (!samr_io_r_query_aliasmem("", &r, &rbuf, 0)) {
675 goto done;
676 }
677
678 /* Return output parameters */
679
680 if ((result = r.status) != NT_STATUS_NOPROBLEMO) {
681 goto done;
682 }
683
684 *num_mem = r.num_sids;
685
686 if (!(*sids = talloc(mem_ctx, sizeof(DOM_SID) * *num_mem))) {
687 result = NT_STATUS_UNSUCCESSFUL;
688 goto done;
689 }
690
691 for (i = 0; i < *num_mem; i++) {
692 (*sids)[i] = r.sid[i].sid;
693 }
694
695 done:
696 prs_mem_free(&qbuf);
697 prs_mem_free(&rbuf);
698
699 return result;
700 }
701
702 /* Open handle on an alias */
703
704 uint32 cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
705 POLICY_HND *domain_pol, uint32 access_mask,
706 uint32 alias_rid, POLICY_HND *alias_pol)
707 {
708 prs_struct qbuf, rbuf;
709 SAMR_Q_OPEN_ALIAS q;
710 SAMR_R_OPEN_ALIAS r;
711 uint32 result;
712
713 ZERO_STRUCT(q);
714 ZERO_STRUCT(r);
715
716 /* Initialise parse structures */
717
718 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
719 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
720
721 /* Marshall data and send request */
722
723 init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
724
725 if (!samr_io_q_open_alias("", &q, &qbuf, 0) ||
726 !rpc_api_pipe_req(cli, SAMR_OPEN_ALIAS, &qbuf, &rbuf)) {
727 result = NT_STATUS_UNSUCCESSFUL;
728 goto done;
729 }
730
731 /* Unmarshall response */
732
733 if (!samr_io_r_open_alias("", &r, &rbuf, 0)) {
734 result = NT_STATUS_UNSUCCESSFUL;
735 goto done;
736 }
737
738 /* Return output parameters */
739
740 if ((result = r.status) == NT_STATUS_NOPROBLEMO) {
741 *alias_pol = r.pol;
742 }
743
744 done:
745 prs_mem_free(&qbuf);
746 prs_mem_free(&rbuf);
747
748 return result;
749 }
WIP