search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r23041: Remainder of fix for 4630: fix special case of unix_to_nt_time() for
[Samba/nascimento.git] / source3 / rpc_client / cli_samr.c
blob462add43819ed038683ed74dbb2aee717e3246a6
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 /* Connect to SAMR database */
27
28 NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
29 uint32 access_mask, POLICY_HND *connect_pol)
30 {
31 prs_struct qbuf, rbuf;
32 SAMR_Q_CONNECT q;
33 SAMR_R_CONNECT r;
34 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
35
36 DEBUG(10,("cli_samr_connect to %s\n", cli->cli->desthost));
37
38 ZERO_STRUCT(q);
39 ZERO_STRUCT(r);
40
41 /* Marshall data and send request */
42
43 init_samr_q_connect(&q, cli->cli->desthost, access_mask);
44
45 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT,
46 q, r,
47 qbuf, rbuf,
48 samr_io_q_connect,
49 samr_io_r_connect,
50 NT_STATUS_UNSUCCESSFUL);
51 /* Return output parameters */
52
53 if (NT_STATUS_IS_OK(result = r.status)) {
54 *connect_pol = r.connect_pol;
55 }
56
57 return result;
58 }
59
60 /* Connect to SAMR database */
61
62 NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
63 uint32 access_mask, POLICY_HND *connect_pol)
64 {
65 prs_struct qbuf, rbuf;
66 SAMR_Q_CONNECT4 q;
67 SAMR_R_CONNECT4 r;
68 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
69
70 ZERO_STRUCT(q);
71 ZERO_STRUCT(r);
72
73 /* Marshall data and send request */
74
75 init_samr_q_connect4(&q, cli->cli->desthost, access_mask);
76
77 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT4,
78 q, r,
79 qbuf, rbuf,
80 samr_io_q_connect4,
81 samr_io_r_connect4,
82 NT_STATUS_UNSUCCESSFUL);
83
84 /* Return output parameters */
85
86 if (NT_STATUS_IS_OK(result = r.status)) {
87 *connect_pol = r.connect_pol;
88 }
89
90 return result;
91 }
92
93 /* Close SAMR handle */
94
95 NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
96 POLICY_HND *connect_pol)
97 {
98 prs_struct qbuf, rbuf;
99 SAMR_Q_CLOSE_HND q;
100 SAMR_R_CLOSE_HND r;
101 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
102
103 DEBUG(10,("cli_samr_close\n"));
104
105 ZERO_STRUCT(q);
106 ZERO_STRUCT(r);
107
108 /* Marshall data and send request */
109
110 init_samr_q_close_hnd(&q, connect_pol);
111
112 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CLOSE_HND,
113 q, r,
114 qbuf, rbuf,
115 samr_io_q_close_hnd,
116 samr_io_r_close_hnd,
117 NT_STATUS_UNSUCCESSFUL);
118
119 /* Return output parameters */
120
121 if (NT_STATUS_IS_OK(result = r.status)) {
122 *connect_pol = r.pol;
123 }
124
125 return result;
126 }
127
128 /* Open handle on a domain */
129
130 NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
131 POLICY_HND *connect_pol, uint32 access_mask,
132 const DOM_SID *domain_sid,
133 POLICY_HND *domain_pol)
134 {
135 prs_struct qbuf, rbuf;
136 SAMR_Q_OPEN_DOMAIN q;
137 SAMR_R_OPEN_DOMAIN r;
138 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
139
140 DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid) ));
141
142 ZERO_STRUCT(q);
143 ZERO_STRUCT(r);
144
145 /* Marshall data and send request */
146
147 init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
148
149 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_DOMAIN,
150 q, r,
151 qbuf, rbuf,
152 samr_io_q_open_domain,
153 samr_io_r_open_domain,
154 NT_STATUS_UNSUCCESSFUL);
155
156 /* Return output parameters */
157
158 if (NT_STATUS_IS_OK(result = r.status)) {
159 *domain_pol = r.domain_pol;
160 }
161
162 return result;
163 }
164
165 NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli,
166 TALLOC_CTX *mem_ctx,
167 POLICY_HND *domain_pol, uint32 access_mask,
168 uint32 user_rid, POLICY_HND *user_pol)
169 {
170 prs_struct qbuf, rbuf;
171 SAMR_Q_OPEN_USER q;
172 SAMR_R_OPEN_USER r;
173 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
174
175 DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid ));
176
177 ZERO_STRUCT(q);
178 ZERO_STRUCT(r);
179
180 /* Marshall data and send request */
181
182 init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
183
184 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_USER,
185 q, r,
186 qbuf, rbuf,
187 samr_io_q_open_user,
188 samr_io_r_open_user,
189 NT_STATUS_UNSUCCESSFUL);
190
191 /* Return output parameters */
192
193 if (NT_STATUS_IS_OK(result = r.status)) {
194 *user_pol = r.user_pol;
195 }
196
197 return result;
198 }
199
200 /* Open handle on a group */
201
202 NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli,
203 TALLOC_CTX *mem_ctx,
204 POLICY_HND *domain_pol, uint32 access_mask,
205 uint32 group_rid, POLICY_HND *group_pol)
206 {
207 prs_struct qbuf, rbuf;
208 SAMR_Q_OPEN_GROUP q;
209 SAMR_R_OPEN_GROUP r;
210 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
211
212 DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid ));
213
214 ZERO_STRUCT(q);
215 ZERO_STRUCT(r);
216
217 /* Marshall data and send request */
218
219 init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
220
221 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_GROUP,
222 q, r,
223 qbuf, rbuf,
224 samr_io_q_open_group,
225 samr_io_r_open_group,
226 NT_STATUS_UNSUCCESSFUL);
227
228 /* Return output parameters */
229
230 if (NT_STATUS_IS_OK(result = r.status)) {
231 *group_pol = r.pol;
232 }
233
234 return result;
235 }
236
237 /* Create domain group */
238
239 NTSTATUS rpccli_samr_create_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
240 POLICY_HND *domain_pol,
241 const char *group_name,
242 uint32 access_mask, POLICY_HND *group_pol)
243 {
244 prs_struct qbuf, rbuf;
245 SAMR_Q_CREATE_DOM_GROUP q;
246 SAMR_R_CREATE_DOM_GROUP r;
247 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
248
249 DEBUG(10,("cli_samr_create_dom_group\n"));
250
251 ZERO_STRUCT(q);
252 ZERO_STRUCT(r);
253
254 /* Marshall data and send request */
255
256 init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask);
257
258 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_GROUP,
259 q, r,
260 qbuf, rbuf,
261 samr_io_q_create_dom_group,
262 samr_io_r_create_dom_group,
263 NT_STATUS_UNSUCCESSFUL);
264
265 /* Return output parameters */
266
267 result = r.status;
268
269 if (NT_STATUS_IS_OK(result))
270 *group_pol = r.pol;
271
272 return result;
273 }
274
275 /* Add a domain group member */
276
277 NTSTATUS rpccli_samr_add_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
278 POLICY_HND *group_pol, uint32 rid)
279 {
280 prs_struct qbuf, rbuf;
281 SAMR_Q_ADD_GROUPMEM q;
282 SAMR_R_ADD_GROUPMEM r;
283 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
284
285 DEBUG(10,("cli_samr_add_groupmem\n"));
286
287 ZERO_STRUCT(q);
288 ZERO_STRUCT(r);
289
290 /* Marshall data and send request */
291
292 init_samr_q_add_groupmem(&q, group_pol, rid);
293
294 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_GROUPMEM,
295 q, r,
296 qbuf, rbuf,
297 samr_io_q_add_groupmem,
298 samr_io_r_add_groupmem,
299 NT_STATUS_UNSUCCESSFUL);
300
301 /* Return output parameters */
302
303 result = r.status;
304
305 return result;
306 }
307
308 /* Delete a domain group member */
309
310 NTSTATUS rpccli_samr_del_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
311 POLICY_HND *group_pol, uint32 rid)
312 {
313 prs_struct qbuf, rbuf;
314 SAMR_Q_DEL_GROUPMEM q;
315 SAMR_R_DEL_GROUPMEM r;
316 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
317
318 DEBUG(10,("cli_samr_del_groupmem\n"));
319
320 ZERO_STRUCT(q);
321 ZERO_STRUCT(r);
322
323 /* Marshall data and send request */
324
325 init_samr_q_del_groupmem(&q, group_pol, rid);
326
327 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_GROUPMEM,
328 q, r,
329 qbuf, rbuf,
330 samr_io_q_del_groupmem,
331 samr_io_r_del_groupmem,
332 NT_STATUS_UNSUCCESSFUL);
333
334 /* Return output parameters */
335
336 result = r.status;
337
338 return result;
339 }
340
341 /* Query user info */
342
343 NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli,
344 TALLOC_CTX *mem_ctx,
345 const POLICY_HND *user_pol,
346 uint16 switch_value,
347 SAM_USERINFO_CTR **ctr)
348 {
349 prs_struct qbuf, rbuf;
350 SAMR_Q_QUERY_USERINFO q;
351 SAMR_R_QUERY_USERINFO r;
352 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
353
354 DEBUG(10,("cli_samr_query_userinfo\n"));
355
356 ZERO_STRUCT(q);
357 ZERO_STRUCT(r);
358
359 /* Marshall data and send request */
360
361 init_samr_q_query_userinfo(&q, user_pol, switch_value);
362
363 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO,
364 q, r,
365 qbuf, rbuf,
366 samr_io_q_query_userinfo,
367 samr_io_r_query_userinfo,
368 NT_STATUS_UNSUCCESSFUL);
369
370 /* Return output parameters */
371
372 result = r.status;
373 *ctr = r.ctr;
374
375 return result;
376 }
377
378 /* Set group info */
379
380 NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
381 POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
382 {
383 prs_struct qbuf, rbuf;
384 SAMR_Q_SET_GROUPINFO q;
385 SAMR_R_SET_GROUPINFO r;
386 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
387
388 DEBUG(10,("cli_samr_set_groupinfo\n"));
389
390 ZERO_STRUCT(q);
391 ZERO_STRUCT(r);
392
393 /* Marshall data and send request */
394
395 init_samr_q_set_groupinfo(&q, group_pol, ctr);
396
397 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO,
398 q, r,
399 qbuf, rbuf,
400 samr_io_q_set_groupinfo,
401 samr_io_r_set_groupinfo,
402 NT_STATUS_UNSUCCESSFUL);
403
404 /* Return output parameters */
405
406 result = r.status;
407
408 return result;
409 }
410
411 /* Query group info */
412
413 NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
414 POLICY_HND *group_pol, uint32 info_level,
415 GROUP_INFO_CTR **ctr)
416 {
417 prs_struct qbuf, rbuf;
418 SAMR_Q_QUERY_GROUPINFO q;
419 SAMR_R_QUERY_GROUPINFO r;
420 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
421
422 DEBUG(10,("cli_samr_query_groupinfo\n"));
423
424 ZERO_STRUCT(q);
425 ZERO_STRUCT(r);
426
427 /* Marshall data and send request */
428
429 init_samr_q_query_groupinfo(&q, group_pol, info_level);
430
431 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO,
432 q, r,
433 qbuf, rbuf,
434 samr_io_q_query_groupinfo,
435 samr_io_r_query_groupinfo,
436 NT_STATUS_UNSUCCESSFUL);
437
438 *ctr = r.ctr;
439
440 /* Return output parameters */
441
442 result = r.status;
443
444 return result;
445 }
446
447 /* Query user groups */
448
449 NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli,
450 TALLOC_CTX *mem_ctx,
451 POLICY_HND *user_pol,
452 uint32 *num_groups,
453 DOM_GID **gid)
454 {
455 prs_struct qbuf, rbuf;
456 SAMR_Q_QUERY_USERGROUPS q;
457 SAMR_R_QUERY_USERGROUPS r;
458 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
459
460 DEBUG(10,("cli_samr_query_usergroups\n"));
461
462 ZERO_STRUCT(q);
463 ZERO_STRUCT(r);
464
465 /* Marshall data and send request */
466
467 init_samr_q_query_usergroups(&q, user_pol);
468
469 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS,
470 q, r,
471 qbuf, rbuf,
472 samr_io_q_query_usergroups,
473 samr_io_r_query_usergroups,
474 NT_STATUS_UNSUCCESSFUL);
475
476 /* Return output parameters */
477
478 if (NT_STATUS_IS_OK(result = r.status)) {
479 *num_groups = r.num_entries;
480 *gid = r.gid;
481 }
482
483 return result;
484 }
485
486 /* Set alias info */
487
488 NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
489 POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
490 {
491 prs_struct qbuf, rbuf;
492 SAMR_Q_SET_ALIASINFO q;
493 SAMR_R_SET_ALIASINFO r;
494 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
495
496 DEBUG(10,("cli_samr_set_aliasinfo\n"));
497
498 ZERO_STRUCT(q);
499 ZERO_STRUCT(r);
500
501 /* Marshall data and send request */
502
503 init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
504
505 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO,
506 q, r,
507 qbuf, rbuf,
508 samr_io_q_set_aliasinfo,
509 samr_io_r_set_aliasinfo,
510 NT_STATUS_UNSUCCESSFUL);
511
512 /* Return output parameters */
513
514 result = r.status;
515
516 return result;
517 }
518
519 /* Query user aliases */
520
521 NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli,
522 TALLOC_CTX *mem_ctx,
523 POLICY_HND *dom_pol, uint32 num_sids,
524 DOM_SID2 *sid,
525 uint32 *num_aliases, uint32 **als_rids)
526 {
527 prs_struct qbuf, rbuf;
528 SAMR_Q_QUERY_USERALIASES q;
529 SAMR_R_QUERY_USERALIASES r;
530 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
531 int i;
532 uint32 *sid_ptrs;
533
534 DEBUG(10,("cli_samr_query_useraliases\n"));
535
536 ZERO_STRUCT(q);
537 ZERO_STRUCT(r);
538
539 if (num_sids) {
540 sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids);
541 if (sid_ptrs == NULL)
542 return NT_STATUS_NO_MEMORY;
543 } else {
544 sid_ptrs = NULL;
545 }
546
547 for (i=0; i<num_sids; i++)
548 sid_ptrs[i] = 1;
549
550 /* Marshall data and send request */
551
552 init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid);
553
554 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES,
555 q, r,
556 qbuf, rbuf,
557 samr_io_q_query_useraliases,
558 samr_io_r_query_useraliases,
559 NT_STATUS_UNSUCCESSFUL);
560
561 /* Return output parameters */
562
563 if (NT_STATUS_IS_OK(result = r.status)) {
564 *num_aliases = r.num_entries;
565 *als_rids = r.rid;
566 }
567
568 return result;
569 }
570
571 /* Query user groups */
572
573 NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli,
574 TALLOC_CTX *mem_ctx,
575 POLICY_HND *group_pol, uint32 *num_mem,
576 uint32 **rid, uint32 **attr)
577 {
578 prs_struct qbuf, rbuf;
579 SAMR_Q_QUERY_GROUPMEM q;
580 SAMR_R_QUERY_GROUPMEM r;
581 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
582
583 DEBUG(10,("cli_samr_query_groupmem\n"));
584
585 ZERO_STRUCT(q);
586 ZERO_STRUCT(r);
587
588 /* Marshall data and send request */
589
590 init_samr_q_query_groupmem(&q, group_pol);
591
592 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPMEM,
593 q, r,
594 qbuf, rbuf,
595 samr_io_q_query_groupmem,
596 samr_io_r_query_groupmem,
597 NT_STATUS_UNSUCCESSFUL);
598
599 /* Return output parameters */
600
601 if (NT_STATUS_IS_OK(result = r.status)) {
602 *num_mem = r.num_entries;
603 *rid = r.rid;
604 *attr = r.attr;
605 }
606
607 return result;
608 }
609
610 /**
611 * Enumerate domain users
612 *
613 * @param cli client state structure
614 * @param mem_ctx talloc context
615 * @param pol opened domain policy handle
616 * @param start_idx starting index of enumeration, returns context for
617 next enumeration
618 * @param acb_mask account control bit mask (to enumerate some particular
619 * kind of accounts)
620 * @param size max acceptable size of response
621 * @param dom_users returned array of domain user names
622 * @param rids returned array of domain user RIDs
623 * @param num_dom_users numer returned entries
624 *
625 * @return NTSTATUS returned in rpc response
626 **/
627
628 NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
629 POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
630 uint32 size, char ***dom_users, uint32 **rids,
631 uint32 *num_dom_users)
632 {
633 prs_struct qbuf;
634 prs_struct rbuf;
635 SAMR_Q_ENUM_DOM_USERS q;
636 SAMR_R_ENUM_DOM_USERS r;
637 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
638 int i;
639
640 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
641
642 ZERO_STRUCT(q);
643 ZERO_STRUCT(r);
644
645 /* always init this */
646 *num_dom_users = 0;
647
648 /* Fill query structure with parameters */
649
650 init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
651
652 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
653 q, r,
654 qbuf, rbuf,
655 samr_io_q_enum_dom_users,
656 samr_io_r_enum_dom_users,
657 NT_STATUS_UNSUCCESSFUL);
658
659 result = r.status;
660
661 if (!NT_STATUS_IS_OK(result) &&
662 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
663 goto done;
664
665 *start_idx = r.next_idx;
666 *num_dom_users = r.num_entries2;
667
668 if (r.num_entries2) {
669 /* allocate memory needed to return received data */
670 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
671 if (!*rids) {
672 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
673 return NT_STATUS_NO_MEMORY;
674 }
675
676 *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
677 if (!*dom_users) {
678 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
679 return NT_STATUS_NO_MEMORY;
680 }
681
682 /* fill output buffers with rpc response */
683 for (i = 0; i < r.num_entries2; i++) {
684 fstring conv_buf;
685
686 (*rids)[i] = r.sam[i].rid;
687 unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf) - 1);
688 (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
689 }
690 }
691
692 done:
693 return result;
694 }
695
696 /* Enumerate domain groups */
697
698 NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli,
699 TALLOC_CTX *mem_ctx,
700 POLICY_HND *pol, uint32 *start_idx,
701 uint32 size, struct acct_info **dom_groups,
702 uint32 *num_dom_groups)
703 {
704 prs_struct qbuf, rbuf;
705 SAMR_Q_ENUM_DOM_GROUPS q;
706 SAMR_R_ENUM_DOM_GROUPS r;
707 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
708 uint32 name_idx, i;
709
710 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
711
712 ZERO_STRUCT(q);
713 ZERO_STRUCT(r);
714
715 /* Marshall data and send request */
716
717 init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
718
719 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS,
720 q, r,
721 qbuf, rbuf,
722 samr_io_q_enum_dom_groups,
723 samr_io_r_enum_dom_groups,
724 NT_STATUS_UNSUCCESSFUL);
725
726 /* Return output parameters */
727
728 result = r.status;
729
730 if (!NT_STATUS_IS_OK(result) &&
731 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
732 goto done;
733
734 *num_dom_groups = r.num_entries2;
735
736 if (*num_dom_groups == 0)
737 goto done;
738
739 if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
740 result = NT_STATUS_NO_MEMORY;
741 goto done;
742 }
743
744 memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
745
746 name_idx = 0;
747
748 for (i = 0; i < *num_dom_groups; i++) {
749
750 (*dom_groups)[i].rid = r.sam[i].rid;
751
752 if (r.sam[i].hdr_name.buffer) {
753 unistr2_to_ascii((*dom_groups)[i].acct_name,
754 &r.uni_grp_name[name_idx],
755 sizeof(fstring) - 1);
756 name_idx++;
757 }
758
759 *start_idx = r.next_idx;
760 }
761
762 done:
763 return result;
764 }
765
766 /* Enumerate domain groups */
767
768 NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli,
769 TALLOC_CTX *mem_ctx,
770 POLICY_HND *pol, uint32 *start_idx,
771 uint32 size, struct acct_info **dom_aliases,
772 uint32 *num_dom_aliases)
773 {
774 prs_struct qbuf, rbuf;
775 SAMR_Q_ENUM_DOM_ALIASES q;
776 SAMR_R_ENUM_DOM_ALIASES r;
777 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
778 uint32 name_idx, i;
779
780 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
781
782 ZERO_STRUCT(q);
783 ZERO_STRUCT(r);
784
785 /* Marshall data and send request */
786
787 init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
788
789 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES,
790 q, r,
791 qbuf, rbuf,
792 samr_io_q_enum_dom_aliases,
793 samr_io_r_enum_dom_aliases,
794 NT_STATUS_UNSUCCESSFUL);
795
796 /* Return output parameters */
797
798 result = r.status;
799
800 if (!NT_STATUS_IS_OK(result) &&
801 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
802 goto done;
803 }
804
805 *num_dom_aliases = r.num_entries2;
806
807 if (*num_dom_aliases == 0)
808 goto done;
809
810 if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
811 result = NT_STATUS_NO_MEMORY;
812 goto done;
813 }
814
815 memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
816
817 name_idx = 0;
818
819 for (i = 0; i < *num_dom_aliases; i++) {
820
821 (*dom_aliases)[i].rid = r.sam[i].rid;
822
823 if (r.sam[i].hdr_name.buffer) {
824 unistr2_to_ascii((*dom_aliases)[i].acct_name,
825 &r.uni_grp_name[name_idx],
826 sizeof(fstring) - 1);
827 name_idx++;
828 }
829
830 *start_idx = r.next_idx;
831 }
832
833 done:
834 return result;
835 }
836
837 /* Query alias members */
838
839 NTSTATUS rpccli_samr_query_aliasmem(struct rpc_pipe_client *cli,
840 TALLOC_CTX *mem_ctx,
841 POLICY_HND *alias_pol, uint32 *num_mem,
842 DOM_SID **sids)
843 {
844 prs_struct qbuf, rbuf;
845 SAMR_Q_QUERY_ALIASMEM q;
846 SAMR_R_QUERY_ALIASMEM r;
847 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
848 uint32 i;
849
850 DEBUG(10,("cli_samr_query_aliasmem\n"));
851
852 ZERO_STRUCT(q);
853 ZERO_STRUCT(r);
854
855 /* Marshall data and send request */
856
857 init_samr_q_query_aliasmem(&q, alias_pol);
858
859 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASMEM,
860 q, r,
861 qbuf, rbuf,
862 samr_io_q_query_aliasmem,
863 samr_io_r_query_aliasmem,
864 NT_STATUS_UNSUCCESSFUL);
865
866 /* Return output parameters */
867
868 if (!NT_STATUS_IS_OK(result = r.status)) {
869 goto done;
870 }
871
872 *num_mem = r.num_sids;
873
874 if (*num_mem == 0) {
875 *sids = NULL;
876 result = NT_STATUS_OK;
877 goto done;
878 }
879
880 if (!(*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_mem))) {
881 result = NT_STATUS_UNSUCCESSFUL;
882 goto done;
883 }
884
885 for (i = 0; i < *num_mem; i++) {
886 (*sids)[i] = r.sid[i].sid;
887 }
888
889 done:
890 return result;
891 }
892
893 /* Open handle on an alias */
894
895 NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli,
896 TALLOC_CTX *mem_ctx,
897 POLICY_HND *domain_pol, uint32 access_mask,
898 uint32 alias_rid, POLICY_HND *alias_pol)
899 {
900 prs_struct qbuf, rbuf;
901 SAMR_Q_OPEN_ALIAS q;
902 SAMR_R_OPEN_ALIAS r;
903 NTSTATUS result;
904
905 DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid));
906
907 ZERO_STRUCT(q);
908 ZERO_STRUCT(r);
909
910 /* Marshall data and send request */
911
912 init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
913
914 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_ALIAS,
915 q, r,
916 qbuf, rbuf,
917 samr_io_q_open_alias,
918 samr_io_r_open_alias,
919 NT_STATUS_UNSUCCESSFUL);
920
921 /* Return output parameters */
922
923 if (NT_STATUS_IS_OK(result = r.status)) {
924 *alias_pol = r.pol;
925 }
926
927 return result;
928 }
929
930 /* Create an alias */
931
932 NTSTATUS rpccli_samr_create_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
933 POLICY_HND *domain_pol, const char *name,
934 POLICY_HND *alias_pol)
935 {
936 prs_struct qbuf, rbuf;
937 SAMR_Q_CREATE_DOM_ALIAS q;
938 SAMR_R_CREATE_DOM_ALIAS r;
939 NTSTATUS result;
940
941 DEBUG(10,("cli_samr_create_dom_alias named %s\n", name));
942
943 ZERO_STRUCT(q);
944 ZERO_STRUCT(r);
945
946 /* Marshall data and send request */
947
948 init_samr_q_create_dom_alias(&q, domain_pol, name);
949
950 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_ALIAS,
951 q, r,
952 qbuf, rbuf,
953 samr_io_q_create_dom_alias,
954 samr_io_r_create_dom_alias,
955 NT_STATUS_UNSUCCESSFUL);
956
957 /* Return output parameters */
958
959 if (NT_STATUS_IS_OK(result = r.status)) {
960 *alias_pol = r.alias_pol;
961 }
962
963 return result;
964 }
965
966 /* Add an alias member */
967
968 NTSTATUS rpccli_samr_add_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
969 POLICY_HND *alias_pol, DOM_SID *member)
970 {
971 prs_struct qbuf, rbuf;
972 SAMR_Q_ADD_ALIASMEM q;
973 SAMR_R_ADD_ALIASMEM r;
974 NTSTATUS result;
975
976 DEBUG(10,("cli_samr_add_aliasmem"));
977
978 ZERO_STRUCT(q);
979 ZERO_STRUCT(r);
980
981 /* Marshall data and send request */
982
983 init_samr_q_add_aliasmem(&q, alias_pol, member);
984
985 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_ALIASMEM,
986 q, r,
987 qbuf, rbuf,
988 samr_io_q_add_aliasmem,
989 samr_io_r_add_aliasmem,
990 NT_STATUS_UNSUCCESSFUL);
991
992 result = r.status;
993
994 return result;
995 }
996
997 /* Delete an alias member */
998
999 NTSTATUS rpccli_samr_del_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1000 POLICY_HND *alias_pol, DOM_SID *member)
1001 {
1002 prs_struct qbuf, rbuf;
1003 SAMR_Q_DEL_ALIASMEM q;
1004 SAMR_R_DEL_ALIASMEM r;
1005 NTSTATUS result;
1006
1007 DEBUG(10,("cli_samr_del_aliasmem"));
1008
1009 ZERO_STRUCT(q);
1010 ZERO_STRUCT(r);
1011
1012 /* Marshall data and send request */
1013
1014 init_samr_q_del_aliasmem(&q, alias_pol, member);
1015
1016 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_ALIASMEM,
1017 q, r,
1018 qbuf, rbuf,
1019 samr_io_q_del_aliasmem,
1020 samr_io_r_del_aliasmem,
1021 NT_STATUS_UNSUCCESSFUL);
1022
1023 result = r.status;
1024
1025 return result;
1026 }
1027
1028 /* Query alias info */
1029
1030 NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1031 POLICY_HND *alias_pol, uint16 switch_value,
1032 ALIAS_INFO_CTR *ctr)
1033 {
1034 prs_struct qbuf, rbuf;
1035 SAMR_Q_QUERY_ALIASINFO q;
1036 SAMR_R_QUERY_ALIASINFO r;
1037 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1038
1039 DEBUG(10,("cli_samr_query_alias_info\n"));
1040
1041 ZERO_STRUCT(q);
1042 ZERO_STRUCT(r);
1043
1044 /* Marshall data and send request */
1045
1046 init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
1047
1048 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO,
1049 q, r,
1050 qbuf, rbuf,
1051 samr_io_q_query_aliasinfo,
1052 samr_io_r_query_aliasinfo,
1053 NT_STATUS_UNSUCCESSFUL);
1054
1055 /* Return output parameters */
1056
1057 if (!NT_STATUS_IS_OK(result = r.status)) {
1058 goto done;
1059 }
1060
1061 *ctr = *r.ctr;
1062
1063 done:
1064
1065 return result;
1066 }
1067
1068 /* Query domain info */
1069
1070 NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
1071 TALLOC_CTX *mem_ctx,
1072 POLICY_HND *domain_pol,
1073 uint16 switch_value,
1074 SAM_UNK_CTR *ctr)
1075 {
1076 prs_struct qbuf, rbuf;
1077 SAMR_Q_QUERY_DOMAIN_INFO q;
1078 SAMR_R_QUERY_DOMAIN_INFO r;
1079 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1080
1081 DEBUG(10,("cli_samr_query_dom_info\n"));
1082
1083 ZERO_STRUCT(q);
1084 ZERO_STRUCT(r);
1085
1086 /* Marshall data and send request */
1087
1088 init_samr_q_query_domain_info(&q, domain_pol, switch_value);
1089
1090 r.ctr = ctr;
1091
1092 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO,
1093 q, r,
1094 qbuf, rbuf,
1095 samr_io_q_query_domain_info,
1096 samr_io_r_query_domain_info,
1097 NT_STATUS_UNSUCCESSFUL);
1098
1099 /* Return output parameters */
1100
1101 if (!NT_STATUS_IS_OK(result = r.status)) {
1102 goto done;
1103 }
1104
1105 done:
1106
1107 return result;
1108 }
1109
1110 /* Query domain info2 */
1111
1112 NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli,
1113 TALLOC_CTX *mem_ctx,
1114 POLICY_HND *domain_pol,
1115 uint16 switch_value,
1116 SAM_UNK_CTR *ctr)
1117 {
1118 prs_struct qbuf, rbuf;
1119 SAMR_Q_QUERY_DOMAIN_INFO2 q;
1120 SAMR_R_QUERY_DOMAIN_INFO2 r;
1121 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1122
1123 DEBUG(10,("cli_samr_query_dom_info2\n"));
1124
1125 ZERO_STRUCT(q);
1126 ZERO_STRUCT(r);
1127
1128 /* Marshall data and send request */
1129
1130 init_samr_q_query_domain_info2(&q, domain_pol, switch_value);
1131
1132 r.ctr = ctr;
1133
1134 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2,
1135 q, r,
1136 qbuf, rbuf,
1137 samr_io_q_query_domain_info2,
1138 samr_io_r_query_domain_info2,
1139 NT_STATUS_UNSUCCESSFUL);
1140
1141 /* Return output parameters */
1142
1143 if (!NT_STATUS_IS_OK(result = r.status)) {
1144 goto done;
1145 }
1146
1147 done:
1148
1149 return result;
1150 }
1151
1152 /* Set domain info */
1153
1154 NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
1155 TALLOC_CTX *mem_ctx,
1156 POLICY_HND *domain_pol,
1157 uint16 switch_value,
1158 SAM_UNK_CTR *ctr)
1159 {
1160 prs_struct qbuf, rbuf;
1161 SAMR_Q_SET_DOMAIN_INFO q;
1162 SAMR_R_SET_DOMAIN_INFO r;
1163 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1164
1165 DEBUG(10,("cli_samr_set_domain_info\n"));
1166
1167 ZERO_STRUCT(q);
1168 ZERO_STRUCT(r);
1169
1170 /* Marshall data and send request */
1171
1172 init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
1173
1174 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
1175 q, r,
1176 qbuf, rbuf,
1177 samr_io_q_set_domain_info,
1178 samr_io_r_set_domain_info,
1179 NT_STATUS_UNSUCCESSFUL);
1180
1181 /* Return output parameters */
1182
1183 if (!NT_STATUS_IS_OK(result = r.status)) {
1184 goto done;
1185 }
1186
1187 done:
1188
1189 return result;
1190 }
1191
1192 /* User change password */
1193
1194 NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
1195 TALLOC_CTX *mem_ctx,
1196 const char *username,
1197 const char *newpassword,
1198 const char *oldpassword )
1199 {
1200 uchar new_nt_password[516];
1201 uchar new_lm_password[516];
1202 uchar old_nt_hash[16];
1203 uchar old_lanman_hash[16];
1204 uchar old_nt_hash_enc[16];
1205 uchar old_lanman_hash_enc[16];
1206
1207 uchar new_nt_hash[16];
1208 uchar new_lanman_hash[16];
1209
1210 DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
1211
1212 /* Calculate the MD4 hash (NT compatible) of the password */
1213 E_md4hash(oldpassword, old_nt_hash);
1214 E_md4hash(newpassword, new_nt_hash);
1215
1216 if (lp_client_lanman_auth()
1217 && E_deshash(newpassword, new_lanman_hash)
1218 && E_deshash(oldpassword, old_lanman_hash)) {
1219 /* E_deshash returns false for 'long' passwords (> 14
1220 DOS chars). This allows us to match Win2k, which
1221 does not store a LM hash for these passwords (which
1222 would reduce the effective password length to 14) */
1223
1224 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
1225
1226 SamOEMhash( new_lm_password, old_nt_hash, 516);
1227 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
1228 } else {
1229 ZERO_STRUCT(new_lm_password);
1230 ZERO_STRUCT(old_lanman_hash_enc);
1231 }
1232
1233 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
1234
1235 SamOEMhash( new_nt_password, old_nt_hash, 516);
1236 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
1237
1238 return rpccli_samr_chng_pswd_auth_crap(cli, mem_ctx, username,
1239 data_blob_const(new_nt_password,sizeof(new_nt_password)),
1240 data_blob_const(old_nt_hash_enc,sizeof(old_nt_hash_enc)),
1241 data_blob_const(new_lm_password,sizeof(new_lm_password)),
1242 data_blob_const(old_lanman_hash_enc,sizeof(old_lanman_hash_enc)));
1243 }
1244
1245 /* User change passwd with auth crap */
1246
1247 NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
1248 TALLOC_CTX *mem_ctx,
1249 const char *username,
1250 DATA_BLOB new_nt_password,
1251 DATA_BLOB old_nt_hash_enc,
1252 DATA_BLOB new_lm_password,
1253 DATA_BLOB old_lm_hash_enc)
1254 {
1255 prs_struct qbuf, rbuf;
1256 SAMR_Q_CHGPASSWD_USER q;
1257 SAMR_R_CHGPASSWD_USER r;
1258 char *srv_name_slash;
1259
1260 if (!(srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s",
1261 cli->cli->desthost))) {
1262 return NT_STATUS_NO_MEMORY;
1263 }
1264
1265 DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n",
1266 srv_name_slash));
1267
1268 ZERO_STRUCT(q);
1269 ZERO_STRUCT(r);
1270
1271 /* Marshall data and send request */
1272
1273 init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
1274 new_nt_password.data,
1275 old_nt_hash_enc.data,
1276 new_lm_password.data,
1277 old_lm_hash_enc.data);
1278
1279 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
1280 q, r,
1281 qbuf, rbuf,
1282 samr_io_q_chgpasswd_user,
1283 samr_io_r_chgpasswd_user,
1284 NT_STATUS_UNSUCCESSFUL);
1285
1286 return r.status;
1287 }
1288
1289 /* change password 3 */
1290
1291 NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli,
1292 TALLOC_CTX *mem_ctx,
1293 const char *username,
1294 const char *newpassword,
1295 const char *oldpassword,
1296 SAM_UNK_INFO_1 *info,
1297 SAMR_CHANGE_REJECT *reject)
1298 {
1299 prs_struct qbuf, rbuf;
1300 SAMR_Q_CHGPASSWD_USER3 q;
1301 SAMR_R_CHGPASSWD_USER3 r;
1302
1303 uchar new_nt_password[516];
1304 uchar new_lm_password[516];
1305 uchar old_nt_hash[16];
1306 uchar old_lanman_hash[16];
1307 uchar old_nt_hash_enc[16];
1308 uchar old_lanman_hash_enc[16];
1309
1310 uchar new_nt_hash[16];
1311 uchar new_lanman_hash[16];
1312
1313 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
1314
1315 DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
1316
1317 ZERO_STRUCT(q);
1318 ZERO_STRUCT(r);
1319
1320 /* Calculate the MD4 hash (NT compatible) of the password */
1321 E_md4hash(oldpassword, old_nt_hash);
1322 E_md4hash(newpassword, new_nt_hash);
1323
1324 if (lp_client_lanman_auth()
1325 && E_deshash(newpassword, new_lanman_hash)
1326 && E_deshash(oldpassword, old_lanman_hash)) {
1327 /* E_deshash returns false for 'long' passwords (> 14
1328 DOS chars). This allows us to match Win2k, which
1329 does not store a LM hash for these passwords (which
1330 would reduce the effective password length to 14) */
1331
1332 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
1333
1334 SamOEMhash( new_lm_password, old_nt_hash, 516);
1335 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
1336 } else {
1337 ZERO_STRUCT(new_lm_password);
1338 ZERO_STRUCT(old_lanman_hash_enc);
1339 }
1340
1341 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
1342
1343 SamOEMhash( new_nt_password, old_nt_hash, 516);
1344 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
1345
1346 /* Marshall data and send request */
1347
1348 init_samr_q_chgpasswd_user3(&q, srv_name_slash, username,
1349 new_nt_password,
1350 old_nt_hash_enc,
1351 new_lm_password,
1352 old_lanman_hash_enc);
1353 r.info = info;
1354 r.reject = reject;
1355
1356 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER3,
1357 q, r,
1358 qbuf, rbuf,
1359 samr_io_q_chgpasswd_user3,
1360 samr_io_r_chgpasswd_user3,
1361 NT_STATUS_UNSUCCESSFUL);
1362
1363 /* Return output parameters */
1364
1365 return r.status;
1366 }
1367
1368 /* This function returns the bizzare set of (max_entries, max_size) required
1369 for the QueryDisplayInfo RPC to actually work against a domain controller
1370 with large (10k and higher) numbers of users. These values were
1371 obtained by inspection using ethereal and NT4 running User Manager. */
1372
1373 void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
1374 uint32 *max_size)
1375 {
1376 switch(loop_count) {
1377 case 0:
1378 *max_entries = 512;
1379 *max_size = 16383;
1380 break;
1381 case 1:
1382 *max_entries = 1024;
1383 *max_size = 32766;
1384 break;
1385 case 2:
1386 *max_entries = 2048;
1387 *max_size = 65532;
1388 break;
1389 case 3:
1390 *max_entries = 4096;
1391 *max_size = 131064;
1392 break;
1393 default: /* loop_count >= 4 */
1394 *max_entries = 4096;
1395 *max_size = 131071;
1396 break;
1397 }
1398 }
1399
1400 /* Query display info */
1401
1402 NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
1403 TALLOC_CTX *mem_ctx,
1404 POLICY_HND *domain_pol, uint32 *start_idx,
1405 uint16 switch_value, uint32 *num_entries,
1406 uint32 max_entries, uint32 max_size,
1407 SAM_DISPINFO_CTR *ctr)
1408 {
1409 prs_struct qbuf, rbuf;
1410 SAMR_Q_QUERY_DISPINFO q;
1411 SAMR_R_QUERY_DISPINFO r;
1412 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1413
1414 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
1415
1416 ZERO_STRUCT(q);
1417 ZERO_STRUCT(r);
1418
1419 *num_entries = 0;
1420
1421 /* Marshall data and send request */
1422
1423 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1424 *start_idx, max_entries, max_size);
1425
1426 r.ctr = ctr;
1427
1428 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
1429 q, r,
1430 qbuf, rbuf,
1431 samr_io_q_query_dispinfo,
1432 samr_io_r_query_dispinfo,
1433 NT_STATUS_UNSUCCESSFUL);
1434
1435 /* Return output parameters */
1436
1437 result = r.status;
1438
1439 if (!NT_STATUS_IS_OK(result) &&
1440 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1441 goto done;
1442 }
1443
1444 *num_entries = r.num_entries;
1445 *start_idx += r.num_entries; /* No next_idx in this structure! */
1446
1447 done:
1448 return result;
1449 }
1450
1451
1452 /* Query display info2 */
1453
1454 NTSTATUS rpccli_samr_query_dispinfo2(struct rpc_pipe_client *cli,
1455 TALLOC_CTX *mem_ctx,
1456 POLICY_HND *domain_pol, uint32 *start_idx,
1457 uint16 switch_value, uint32 *num_entries,
1458 uint32 max_entries, uint32 max_size,
1459 SAM_DISPINFO_CTR *ctr)
1460 {
1461 prs_struct qbuf, rbuf;
1462 SAMR_Q_QUERY_DISPINFO q;
1463 SAMR_R_QUERY_DISPINFO r;
1464 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1465
1466 DEBUG(10,("cli_samr_query_dispinfo2 for start_idx = %u\n", *start_idx));
1467
1468 ZERO_STRUCT(q);
1469 ZERO_STRUCT(r);
1470
1471 *num_entries = 0;
1472
1473 /* Marshall data and send request */
1474
1475 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1476 *start_idx, max_entries, max_size);
1477
1478 r.ctr = ctr;
1479
1480 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO2,
1481 q, r,
1482 qbuf, rbuf,
1483 samr_io_q_query_dispinfo,
1484 samr_io_r_query_dispinfo,
1485 NT_STATUS_UNSUCCESSFUL);
1486
1487 /* Return output parameters */
1488
1489 result = r.status;
1490
1491 if (!NT_STATUS_IS_OK(result) &&
1492 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1493 goto done;
1494 }
1495
1496 *num_entries = r.num_entries;
1497 *start_idx += r.num_entries; /* No next_idx in this structure! */
1498
1499 done:
1500 return result;
1501 }
1502
1503 /* Query display info */
1504
1505 NTSTATUS rpccli_samr_query_dispinfo3(struct rpc_pipe_client *cli,
1506 TALLOC_CTX *mem_ctx,
1507 POLICY_HND *domain_pol, uint32 *start_idx,
1508 uint16 switch_value, uint32 *num_entries,
1509 uint32 max_entries, uint32 max_size,
1510 SAM_DISPINFO_CTR *ctr)
1511 {
1512 prs_struct qbuf, rbuf;
1513 SAMR_Q_QUERY_DISPINFO q;
1514 SAMR_R_QUERY_DISPINFO r;
1515 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1516
1517 DEBUG(10,("cli_samr_query_dispinfo3 for start_idx = %u\n", *start_idx));
1518
1519 ZERO_STRUCT(q);
1520 ZERO_STRUCT(r);
1521
1522 *num_entries = 0;
1523
1524 /* Marshall data and send request */
1525
1526 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1527 *start_idx, max_entries, max_size);
1528
1529 r.ctr = ctr;
1530
1531 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO3,
1532 q, r,
1533 qbuf, rbuf,
1534 samr_io_q_query_dispinfo,
1535 samr_io_r_query_dispinfo,
1536 NT_STATUS_UNSUCCESSFUL);
1537
1538 /* Return output parameters */
1539
1540 result = r.status;
1541
1542 if (!NT_STATUS_IS_OK(result) &&
1543 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1544 goto done;
1545 }
1546
1547 *num_entries = r.num_entries;
1548 *start_idx += r.num_entries; /* No next_idx in this structure! */
1549
1550 done:
1551 return result;
1552 }
1553
1554 /* Query display info index */
1555
1556 NTSTATUS rpccli_samr_get_dispenum_index(struct rpc_pipe_client *cli,
1557 TALLOC_CTX *mem_ctx,
1558 POLICY_HND *domain_pol,
1559 uint16 switch_value,
1560 const char *name,
1561 uint32 *idx)
1562 {
1563 prs_struct qbuf, rbuf;
1564 SAMR_Q_GET_DISPENUM_INDEX q;
1565 SAMR_R_GET_DISPENUM_INDEX r;
1566 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1567
1568 DEBUG(10,("cli_samr_get_dispenum_index for name = %s\n", name));
1569
1570 ZERO_STRUCT(q);
1571 ZERO_STRUCT(r);
1572
1573 /* Marshall data and send request */
1574
1575 init_samr_q_get_dispenum_index(&q, domain_pol, switch_value, name);
1576
1577 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DISPENUM_INDEX,
1578 q, r,
1579 qbuf, rbuf,
1580 samr_io_q_get_dispenum_index,
1581 samr_io_r_get_dispenum_index,
1582 NT_STATUS_UNSUCCESSFUL);
1583
1584 /* Return output parameters */
1585
1586 *idx = 0;
1587
1588 result = r.status;
1589
1590 if (!NT_STATUS_IS_ERR(result)) {
1591 *idx = r.idx;
1592 }
1593
1594 return result;
1595 }
1596
1597 NTSTATUS rpccli_samr_get_dispenum_index2(struct rpc_pipe_client *cli,
1598 TALLOC_CTX *mem_ctx,
1599 POLICY_HND *domain_pol,
1600 uint16 switch_value,
1601 const char *name,
1602 uint32 *idx)
1603 {
1604 prs_struct qbuf, rbuf;
1605 SAMR_Q_GET_DISPENUM_INDEX q;
1606 SAMR_R_GET_DISPENUM_INDEX r;
1607 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1608
1609 DEBUG(10,("cli_samr_get_dispenum_index2 for name = %s\n", name));
1610
1611 ZERO_STRUCT(q);
1612 ZERO_STRUCT(r);
1613
1614 /* Marshall data and send request */
1615
1616 init_samr_q_get_dispenum_index(&q, domain_pol, switch_value, name);
1617
1618 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DISPENUM_INDEX2,
1619 q, r,
1620 qbuf, rbuf,
1621 samr_io_q_get_dispenum_index,
1622 samr_io_r_get_dispenum_index,
1623 NT_STATUS_UNSUCCESSFUL);
1624
1625 /* Return output parameters */
1626
1627 *idx = 0;
1628
1629 result = r.status;
1630
1631 if (!NT_STATUS_IS_ERR(result)) {
1632 *idx = r.idx;
1633 }
1634
1635 return result;
1636 }
1637
1638
1639 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1640 looked up in one packet. */
1641
1642 NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
1643 TALLOC_CTX *mem_ctx,
1644 POLICY_HND *domain_pol,
1645 uint32 num_rids, uint32 *rids,
1646 uint32 *num_names, char ***names,
1647 uint32 **name_types)
1648 {
1649 prs_struct qbuf, rbuf;
1650 SAMR_Q_LOOKUP_RIDS q;
1651 SAMR_R_LOOKUP_RIDS r;
1652 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1653 uint32 i;
1654
1655 DEBUG(10,("cli_samr_lookup_rids\n"));
1656
1657 if (num_rids > 1000) {
1658 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1659 "more than ~1000 rids are looked up at once.\n"));
1660 }
1661
1662 ZERO_STRUCT(q);
1663 ZERO_STRUCT(r);
1664
1665 /* Marshall data and send request */
1666
1667 init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);
1668
1669 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
1670 q, r,
1671 qbuf, rbuf,
1672 samr_io_q_lookup_rids,
1673 samr_io_r_lookup_rids,
1674 NT_STATUS_UNSUCCESSFUL);
1675
1676 /* Return output parameters */
1677
1678 result = r.status;
1679
1680 if (!NT_STATUS_IS_OK(result) &&
1681 !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1682 goto done;
1683
1684 if (r.num_names1 == 0) {
1685 *num_names = 0;
1686 *names = NULL;
1687 goto done;
1688 }
1689
1690 *num_names = r.num_names1;
1691 *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
1692 *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
1693
1694 if ((*names == NULL) || (*name_types == NULL)) {
1695 TALLOC_FREE(*names);
1696 TALLOC_FREE(*name_types);
1697 return NT_STATUS_NO_MEMORY;
1698 }
1699
1700 for (i = 0; i < r.num_names1; i++) {
1701 fstring tmp;
1702
1703 unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp) - 1);
1704 (*names)[i] = talloc_strdup(mem_ctx, tmp);
1705 (*name_types)[i] = r.type[i];
1706 }
1707
1708 done:
1709
1710 return result;
1711 }
1712
1713 /* Lookup names */
1714
1715 NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1716 POLICY_HND *domain_pol, uint32 flags,
1717 uint32 num_names, const char **names,
1718 uint32 *num_rids, uint32 **rids,
1719 uint32 **rid_types)
1720 {
1721 prs_struct qbuf, rbuf;
1722 SAMR_Q_LOOKUP_NAMES q;
1723 SAMR_R_LOOKUP_NAMES r;
1724 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1725 uint32 i;
1726
1727 DEBUG(10,("cli_samr_lookup_names\n"));
1728
1729 ZERO_STRUCT(q);
1730 ZERO_STRUCT(r);
1731
1732 /* Marshall data and send request */
1733
1734 init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
1735 num_names, names);
1736
1737 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
1738 q, r,
1739 qbuf, rbuf,
1740 samr_io_q_lookup_names,
1741 samr_io_r_lookup_names,
1742 NT_STATUS_UNSUCCESSFUL);
1743
1744 /* Return output parameters */
1745
1746 if (!NT_STATUS_IS_OK(result = r.status)) {
1747 goto done;
1748 }
1749
1750 if (r.num_rids1 == 0) {
1751 *num_rids = 0;
1752 goto done;
1753 }
1754
1755 *num_rids = r.num_rids1;
1756 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1757 *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1758
1759 if ((*rids == NULL) || (*rid_types == NULL)) {
1760 TALLOC_FREE(*rids);
1761 TALLOC_FREE(*rid_types);
1762 return NT_STATUS_NO_MEMORY;
1763 }
1764
1765 for (i = 0; i < r.num_rids1; i++) {
1766 (*rids)[i] = r.rids[i];
1767 (*rid_types)[i] = r.types[i];
1768 }
1769
1770 done:
1771
1772 return result;
1773 }
1774
1775 /* Create a domain user */
1776
1777 NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1778 POLICY_HND *domain_pol, const char *acct_name,
1779 uint32 acb_info, uint32 unknown,
1780 POLICY_HND *user_pol, uint32 *rid)
1781 {
1782 prs_struct qbuf, rbuf;
1783 SAMR_Q_CREATE_USER q;
1784 SAMR_R_CREATE_USER r;
1785 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1786
1787 DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name));
1788
1789 ZERO_STRUCT(q);
1790 ZERO_STRUCT(r);
1791
1792 /* Marshall data and send request */
1793
1794 init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);
1795
1796 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
1797 q, r,
1798 qbuf, rbuf,
1799 samr_io_q_create_user,
1800 samr_io_r_create_user,
1801 NT_STATUS_UNSUCCESSFUL);
1802
1803 /* Return output parameters */
1804
1805 if (!NT_STATUS_IS_OK(result = r.status)) {
1806 goto done;
1807 }
1808
1809 if (user_pol)
1810 *user_pol = r.user_pol;
1811
1812 if (rid)
1813 *rid = r.user_rid;
1814
1815 done:
1816
1817 return result;
1818 }
1819
1820 /* Set userinfo */
1821
1822 NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1823 const POLICY_HND *user_pol, uint16 switch_value,
1824 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1825 {
1826 prs_struct qbuf, rbuf;
1827 SAMR_Q_SET_USERINFO q;
1828 SAMR_R_SET_USERINFO r;
1829 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1830
1831 DEBUG(10,("cli_samr_set_userinfo\n"));
1832
1833 ZERO_STRUCT(q);
1834 ZERO_STRUCT(r);
1835
1836 if (!sess_key->length) {
1837 DEBUG(1, ("No user session key\n"));
1838 return NT_STATUS_NO_USER_SESSION_KEY;
1839 }
1840
1841 /* Initialise parse structures */
1842
1843 prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1844 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1845
1846 /* Marshall data and send request */
1847
1848 q.ctr = ctr;
1849
1850 init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
1851 ctr->info.id);
1852
1853 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
1854 q, r,
1855 qbuf, rbuf,
1856 samr_io_q_set_userinfo,
1857 samr_io_r_set_userinfo,
1858 NT_STATUS_UNSUCCESSFUL);
1859
1860 /* Return output parameters */
1861
1862 if (!NT_STATUS_IS_OK(result = r.status)) {
1863 goto done;
1864 }
1865
1866 done:
1867
1868 return result;
1869 }
1870
1871 /* Set userinfo2 */
1872
1873 NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1874 const POLICY_HND *user_pol, uint16 switch_value,
1875 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1876 {
1877 prs_struct qbuf, rbuf;
1878 SAMR_Q_SET_USERINFO2 q;
1879 SAMR_R_SET_USERINFO2 r;
1880 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1881
1882 DEBUG(10,("cli_samr_set_userinfo2\n"));
1883
1884 if (!sess_key->length) {
1885 DEBUG(1, ("No user session key\n"));
1886 return NT_STATUS_NO_USER_SESSION_KEY;
1887 }
1888
1889 ZERO_STRUCT(q);
1890 ZERO_STRUCT(r);
1891
1892 /* Marshall data and send request */
1893
1894 init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
1895
1896 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
1897 q, r,
1898 qbuf, rbuf,
1899 samr_io_q_set_userinfo2,
1900 samr_io_r_set_userinfo2,
1901 NT_STATUS_UNSUCCESSFUL);
1902
1903 /* Return output parameters */
1904
1905 if (!NT_STATUS_IS_OK(result = r.status)) {
1906 goto done;
1907 }
1908
1909 done:
1910
1911 return result;
1912 }
1913
1914 /* Delete domain group */
1915
1916 NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1917 POLICY_HND *group_pol)
1918 {
1919 prs_struct qbuf, rbuf;
1920 SAMR_Q_DELETE_DOM_GROUP q;
1921 SAMR_R_DELETE_DOM_GROUP r;
1922 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1923
1924 DEBUG(10,("cli_samr_delete_dom_group\n"));
1925
1926 ZERO_STRUCT(q);
1927 ZERO_STRUCT(r);
1928
1929 /* Marshall data and send request */
1930
1931 init_samr_q_delete_dom_group(&q, group_pol);
1932
1933 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP,
1934 q, r,
1935 qbuf, rbuf,
1936 samr_io_q_delete_dom_group,
1937 samr_io_r_delete_dom_group,
1938 NT_STATUS_UNSUCCESSFUL);
1939
1940 /* Return output parameters */
1941
1942 result = r.status;
1943
1944 return result;
1945 }
1946
1947 /* Delete domain alias */
1948
1949 NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1950 POLICY_HND *alias_pol)
1951 {
1952 prs_struct qbuf, rbuf;
1953 SAMR_Q_DELETE_DOM_ALIAS q;
1954 SAMR_R_DELETE_DOM_ALIAS r;
1955 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1956
1957 DEBUG(10,("cli_samr_delete_dom_alias\n"));
1958
1959 ZERO_STRUCT(q);
1960 ZERO_STRUCT(r);
1961
1962 /* Marshall data and send request */
1963
1964 init_samr_q_delete_dom_alias(&q, alias_pol);
1965
1966 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS,
1967 q, r,
1968 qbuf, rbuf,
1969 samr_io_q_delete_dom_alias,
1970 samr_io_r_delete_dom_alias,
1971 NT_STATUS_UNSUCCESSFUL);
1972
1973 /* Return output parameters */
1974
1975 result = r.status;
1976
1977 return result;
1978 }
1979
1980 /* Delete domain user */
1981
1982 NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1983 POLICY_HND *user_pol)
1984 {
1985 prs_struct qbuf, rbuf;
1986 SAMR_Q_DELETE_DOM_USER q;
1987 SAMR_R_DELETE_DOM_USER r;
1988 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1989
1990 DEBUG(10,("cli_samr_delete_dom_user\n"));
1991
1992 ZERO_STRUCT(q);
1993 ZERO_STRUCT(r);
1994
1995 /* Marshall data and send request */
1996
1997 init_samr_q_delete_dom_user(&q, user_pol);
1998
1999 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER,
2000 q, r,
2001 qbuf, rbuf,
2002 samr_io_q_delete_dom_user,
2003 samr_io_r_delete_dom_user,
2004 NT_STATUS_UNSUCCESSFUL);
2005
2006 /* Return output parameters */
2007
2008 result = r.status;
2009
2010 return result;
2011 }
2012
2013 /* Remove foreign SID */
2014
2015 NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli,
2016 TALLOC_CTX *mem_ctx,
2017 POLICY_HND *user_pol,
2018 DOM_SID *sid)
2019 {
2020 prs_struct qbuf, rbuf;
2021 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
2022 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
2023 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2024
2025 DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
2026
2027 ZERO_STRUCT(q);
2028 ZERO_STRUCT(r);
2029
2030 /* Marshall data and send request */
2031
2032 init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid);
2033
2034 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN,
2035 q, r,
2036 qbuf, rbuf,
2037 samr_io_q_remove_sid_foreign_domain,
2038 samr_io_r_remove_sid_foreign_domain,
2039 NT_STATUS_UNSUCCESSFUL);
2040
2041 /* Return output parameters */
2042
2043 result = r.status;
2044
2045 return result;
2046 }
2047
2048 /* Query user security object */
2049
2050 NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2051 POLICY_HND *user_pol, uint32 sec_info,
2052 TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
2053 {
2054 prs_struct qbuf, rbuf;
2055 SAMR_Q_QUERY_SEC_OBJ q;
2056 SAMR_R_QUERY_SEC_OBJ r;
2057 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2058
2059 DEBUG(10,("cli_samr_query_sec_obj\n"));
2060
2061 ZERO_STRUCT(q);
2062 ZERO_STRUCT(r);
2063
2064 /* Marshall data and send request */
2065
2066 init_samr_q_query_sec_obj(&q, user_pol, sec_info);
2067
2068 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT,
2069 q, r,
2070 qbuf, rbuf,
2071 samr_io_q_query_sec_obj,
2072 samr_io_r_query_sec_obj,
2073 NT_STATUS_UNSUCCESSFUL);
2074
2075 /* Return output parameters */
2076
2077 result = r.status;
2078 *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
2079
2080 return result;
2081 }
2082
2083 /* Set user security object */
2084
2085 NTSTATUS rpccli_samr_set_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2086 POLICY_HND *user_pol, uint32 sec_info,
2087 SEC_DESC_BUF *sec_desc_buf)
2088 {
2089 prs_struct qbuf, rbuf;
2090 SAMR_Q_SET_SEC_OBJ q;
2091 SAMR_R_SET_SEC_OBJ r;
2092 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2093
2094 DEBUG(10,("cli_samr_set_sec_obj\n"));
2095
2096 ZERO_STRUCT(q);
2097 ZERO_STRUCT(r);
2098
2099 /* Marshall data and send request */
2100
2101 init_samr_q_set_sec_obj(&q, user_pol, sec_info, sec_desc_buf);
2102
2103 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_SEC_OBJECT,
2104 q, r,
2105 qbuf, rbuf,
2106 samr_io_q_set_sec_obj,
2107 samr_io_r_set_sec_obj,
2108 NT_STATUS_UNSUCCESSFUL);
2109
2110 /* Return output parameters */
2111
2112 result = r.status;
2113
2114 return result;
2115 }
2116
2117
2118 /* Get domain password info */
2119
2120 NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2121 uint16 *min_pwd_length, uint32 *password_properties)
2122 {
2123 prs_struct qbuf, rbuf;
2124 SAMR_Q_GET_DOM_PWINFO q;
2125 SAMR_R_GET_DOM_PWINFO r;
2126 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2127
2128 DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
2129
2130 ZERO_STRUCT(q);
2131 ZERO_STRUCT(r);
2132
2133 /* Marshall data and send request */
2134
2135 init_samr_q_get_dom_pwinfo(&q, cli->cli->desthost);
2136
2137 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DOM_PWINFO,
2138 q, r,
2139 qbuf, rbuf,
2140 samr_io_q_get_dom_pwinfo,
2141 samr_io_r_get_dom_pwinfo,
2142 NT_STATUS_UNSUCCESSFUL);
2143
2144 /* Return output parameters */
2145
2146 result = r.status;
2147
2148 if (NT_STATUS_IS_OK(result)) {
2149 if (min_pwd_length)
2150 *min_pwd_length = r.min_pwd_length;
2151 if (password_properties)
2152 *password_properties = r.password_properties;
2153 }
2154
2155 return result;
2156 }
2157
2158 /* Get domain password info */
2159
2160 NTSTATUS rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2161 POLICY_HND *pol, uint16 *min_pwd_length,
2162 uint32 *password_properties, uint32 *unknown1)
2163 {
2164 prs_struct qbuf, rbuf;
2165 SAMR_Q_GET_USRDOM_PWINFO q;
2166 SAMR_R_GET_USRDOM_PWINFO r;
2167 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2168
2169 DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
2170
2171 ZERO_STRUCT(q);
2172 ZERO_STRUCT(r);
2173
2174 /* Marshall data and send request */
2175
2176 init_samr_q_get_usrdom_pwinfo(&q, pol);
2177
2178 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_USRDOM_PWINFO,
2179 q, r,
2180 qbuf, rbuf,
2181 samr_io_q_get_usrdom_pwinfo,
2182 samr_io_r_get_usrdom_pwinfo,
2183 NT_STATUS_UNSUCCESSFUL);
2184
2185 /* Return output parameters */
2186
2187 result = r.status;
2188
2189 if (NT_STATUS_IS_OK(result)) {
2190 if (min_pwd_length)
2191 *min_pwd_length = r.min_pwd_length;
2192 if (password_properties)
2193 *password_properties = r.password_properties;
2194 if (unknown1)
2195 *unknown1 = r.unknown_1;
2196 }
2197
2198 return result;
2199 }
2200
2201
2202 /* Lookup Domain Name */
2203
2204 NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
2205 POLICY_HND *user_pol, char *domain_name,
2206 DOM_SID *sid)
2207 {
2208 prs_struct qbuf, rbuf;
2209 SAMR_Q_LOOKUP_DOMAIN q;
2210 SAMR_R_LOOKUP_DOMAIN r;
2211 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2212
2213 DEBUG(10,("cli_samr_lookup_domain\n"));
2214
2215 ZERO_STRUCT(q);
2216 ZERO_STRUCT(r);
2217
2218 /* Marshall data and send request */
2219
2220 init_samr_q_lookup_domain(&q, user_pol, domain_name);
2221
2222 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN,
2223 q, r,
2224 qbuf, rbuf,
2225 samr_io_q_lookup_domain,
2226 samr_io_r_lookup_domain,
2227 NT_STATUS_UNSUCCESSFUL);
2228
2229 /* Return output parameters */
2230
2231 result = r.status;
2232
2233 if (NT_STATUS_IS_OK(result))
2234 sid_copy(sid, &r.dom_sid.sid);
2235
2236 return result;
2237 }