2 Unix SMB/CIFS implementation.
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 /* Connect to SAMR database */
28 NTSTATUS
rpccli_samr_connect(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
29 uint32 access_mask
, POLICY_HND
*connect_pol
)
31 prs_struct qbuf
, rbuf
;
34 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
36 DEBUG(10,("cli_samr_connect to %s\n", cli
->cli
->desthost
));
41 /* Marshall data and send request */
43 init_samr_q_connect(&q
, cli
->cli
->desthost
, access_mask
);
45 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CONNECT
,
50 NT_STATUS_UNSUCCESSFUL
);
51 /* Return output parameters */
53 if (NT_STATUS_IS_OK(result
= r
.status
)) {
54 *connect_pol
= r
.connect_pol
;
60 /* Connect to SAMR database */
62 NTSTATUS
rpccli_samr_connect4(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
63 uint32 access_mask
, POLICY_HND
*connect_pol
)
65 prs_struct qbuf
, rbuf
;
68 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
73 /* Marshall data and send request */
75 init_samr_q_connect4(&q
, cli
->cli
->desthost
, access_mask
);
77 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CONNECT4
,
82 NT_STATUS_UNSUCCESSFUL
);
84 /* Return output parameters */
86 if (NT_STATUS_IS_OK(result
= r
.status
)) {
87 *connect_pol
= r
.connect_pol
;
93 /* Close SAMR handle */
95 NTSTATUS
rpccli_samr_close(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
96 POLICY_HND
*connect_pol
)
98 prs_struct qbuf
, rbuf
;
101 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
103 DEBUG(10,("cli_samr_close\n"));
108 /* Marshall data and send request */
110 init_samr_q_close_hnd(&q
, connect_pol
);
112 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CLOSE_HND
,
117 NT_STATUS_UNSUCCESSFUL
);
119 /* Return output parameters */
121 if (NT_STATUS_IS_OK(result
= r
.status
)) {
122 *connect_pol
= r
.pol
;
128 /* Open handle on a domain */
130 NTSTATUS
rpccli_samr_open_domain(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
131 POLICY_HND
*connect_pol
, uint32 access_mask
,
132 const DOM_SID
*domain_sid
,
133 POLICY_HND
*domain_pol
)
135 prs_struct qbuf
, rbuf
;
136 SAMR_Q_OPEN_DOMAIN q
;
137 SAMR_R_OPEN_DOMAIN r
;
138 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
140 DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid
) ));
145 /* Marshall data and send request */
147 init_samr_q_open_domain(&q
, connect_pol
, access_mask
, domain_sid
);
149 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_DOMAIN
,
152 samr_io_q_open_domain
,
153 samr_io_r_open_domain
,
154 NT_STATUS_UNSUCCESSFUL
);
156 /* Return output parameters */
158 if (NT_STATUS_IS_OK(result
= r
.status
)) {
159 *domain_pol
= r
.domain_pol
;
165 NTSTATUS
rpccli_samr_open_user(struct rpc_pipe_client
*cli
,
167 POLICY_HND
*domain_pol
, uint32 access_mask
,
168 uint32 user_rid
, POLICY_HND
*user_pol
)
170 prs_struct qbuf
, rbuf
;
173 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
175 DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid
));
180 /* Marshall data and send request */
182 init_samr_q_open_user(&q
, domain_pol
, access_mask
, user_rid
);
184 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_USER
,
189 NT_STATUS_UNSUCCESSFUL
);
191 /* Return output parameters */
193 if (NT_STATUS_IS_OK(result
= r
.status
)) {
194 *user_pol
= r
.user_pol
;
200 /* Open handle on a group */
202 NTSTATUS
rpccli_samr_open_group(struct rpc_pipe_client
*cli
,
204 POLICY_HND
*domain_pol
, uint32 access_mask
,
205 uint32 group_rid
, POLICY_HND
*group_pol
)
207 prs_struct qbuf
, rbuf
;
210 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
212 DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid
));
217 /* Marshall data and send request */
219 init_samr_q_open_group(&q
, domain_pol
, access_mask
, group_rid
);
221 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_GROUP
,
224 samr_io_q_open_group
,
225 samr_io_r_open_group
,
226 NT_STATUS_UNSUCCESSFUL
);
228 /* Return output parameters */
230 if (NT_STATUS_IS_OK(result
= r
.status
)) {
237 /* Create domain group */
239 NTSTATUS
rpccli_samr_create_dom_group(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
240 POLICY_HND
*domain_pol
,
241 const char *group_name
,
242 uint32 access_mask
, POLICY_HND
*group_pol
)
244 prs_struct qbuf
, rbuf
;
245 SAMR_Q_CREATE_DOM_GROUP q
;
246 SAMR_R_CREATE_DOM_GROUP r
;
247 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
249 DEBUG(10,("cli_samr_create_dom_group\n"));
254 /* Marshall data and send request */
256 init_samr_q_create_dom_group(&q
, domain_pol
, group_name
, access_mask
);
258 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_DOM_GROUP
,
261 samr_io_q_create_dom_group
,
262 samr_io_r_create_dom_group
,
263 NT_STATUS_UNSUCCESSFUL
);
265 /* Return output parameters */
269 if (NT_STATUS_IS_OK(result
))
275 /* Add a domain group member */
277 NTSTATUS
rpccli_samr_add_groupmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
278 POLICY_HND
*group_pol
, uint32 rid
)
280 prs_struct qbuf
, rbuf
;
281 SAMR_Q_ADD_GROUPMEM q
;
282 SAMR_R_ADD_GROUPMEM r
;
283 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
285 DEBUG(10,("cli_samr_add_groupmem\n"));
290 /* Marshall data and send request */
292 init_samr_q_add_groupmem(&q
, group_pol
, rid
);
294 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ADD_GROUPMEM
,
297 samr_io_q_add_groupmem
,
298 samr_io_r_add_groupmem
,
299 NT_STATUS_UNSUCCESSFUL
);
301 /* Return output parameters */
308 /* Delete a domain group member */
310 NTSTATUS
rpccli_samr_del_groupmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
311 POLICY_HND
*group_pol
, uint32 rid
)
313 prs_struct qbuf
, rbuf
;
314 SAMR_Q_DEL_GROUPMEM q
;
315 SAMR_R_DEL_GROUPMEM r
;
316 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
318 DEBUG(10,("cli_samr_del_groupmem\n"));
323 /* Marshall data and send request */
325 init_samr_q_del_groupmem(&q
, group_pol
, rid
);
327 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DEL_GROUPMEM
,
330 samr_io_q_del_groupmem
,
331 samr_io_r_del_groupmem
,
332 NT_STATUS_UNSUCCESSFUL
);
334 /* Return output parameters */
341 /* Query user info */
343 NTSTATUS
rpccli_samr_query_userinfo(struct rpc_pipe_client
*cli
,
345 const POLICY_HND
*user_pol
,
347 SAM_USERINFO_CTR
**ctr
)
349 prs_struct qbuf
, rbuf
;
350 SAMR_Q_QUERY_USERINFO q
;
351 SAMR_R_QUERY_USERINFO r
;
352 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
354 DEBUG(10,("cli_samr_query_userinfo\n"));
359 /* Marshall data and send request */
361 init_samr_q_query_userinfo(&q
, user_pol
, switch_value
);
363 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERINFO
,
366 samr_io_q_query_userinfo
,
367 samr_io_r_query_userinfo
,
368 NT_STATUS_UNSUCCESSFUL
);
370 /* Return output parameters */
380 NTSTATUS
rpccli_samr_set_groupinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
381 POLICY_HND
*group_pol
, GROUP_INFO_CTR
*ctr
)
383 prs_struct qbuf
, rbuf
;
384 SAMR_Q_SET_GROUPINFO q
;
385 SAMR_R_SET_GROUPINFO r
;
386 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
388 DEBUG(10,("cli_samr_set_groupinfo\n"));
393 /* Marshall data and send request */
395 init_samr_q_set_groupinfo(&q
, group_pol
, ctr
);
397 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_GROUPINFO
,
400 samr_io_q_set_groupinfo
,
401 samr_io_r_set_groupinfo
,
402 NT_STATUS_UNSUCCESSFUL
);
404 /* Return output parameters */
411 /* Query group info */
413 NTSTATUS
rpccli_samr_query_groupinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
414 POLICY_HND
*group_pol
, uint32 info_level
,
415 GROUP_INFO_CTR
**ctr
)
417 prs_struct qbuf
, rbuf
;
418 SAMR_Q_QUERY_GROUPINFO q
;
419 SAMR_R_QUERY_GROUPINFO r
;
420 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
422 DEBUG(10,("cli_samr_query_groupinfo\n"));
427 /* Marshall data and send request */
429 init_samr_q_query_groupinfo(&q
, group_pol
, info_level
);
431 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_GROUPINFO
,
434 samr_io_q_query_groupinfo
,
435 samr_io_r_query_groupinfo
,
436 NT_STATUS_UNSUCCESSFUL
);
440 /* Return output parameters */
447 /* Query user groups */
449 NTSTATUS
rpccli_samr_query_usergroups(struct rpc_pipe_client
*cli
,
451 POLICY_HND
*user_pol
,
455 prs_struct qbuf
, rbuf
;
456 SAMR_Q_QUERY_USERGROUPS q
;
457 SAMR_R_QUERY_USERGROUPS r
;
458 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
460 DEBUG(10,("cli_samr_query_usergroups\n"));
465 /* Marshall data and send request */
467 init_samr_q_query_usergroups(&q
, user_pol
);
469 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERGROUPS
,
472 samr_io_q_query_usergroups
,
473 samr_io_r_query_usergroups
,
474 NT_STATUS_UNSUCCESSFUL
);
476 /* Return output parameters */
478 if (NT_STATUS_IS_OK(result
= r
.status
)) {
479 *num_groups
= r
.num_entries
;
488 NTSTATUS
rpccli_samr_set_aliasinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
489 POLICY_HND
*alias_pol
, ALIAS_INFO_CTR
*ctr
)
491 prs_struct qbuf
, rbuf
;
492 SAMR_Q_SET_ALIASINFO q
;
493 SAMR_R_SET_ALIASINFO r
;
494 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
496 DEBUG(10,("cli_samr_set_aliasinfo\n"));
501 /* Marshall data and send request */
503 init_samr_q_set_aliasinfo(&q
, alias_pol
, ctr
);
505 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_ALIASINFO
,
508 samr_io_q_set_aliasinfo
,
509 samr_io_r_set_aliasinfo
,
510 NT_STATUS_UNSUCCESSFUL
);
512 /* Return output parameters */
519 /* Query user aliases */
521 NTSTATUS
rpccli_samr_query_useraliases(struct rpc_pipe_client
*cli
,
523 POLICY_HND
*dom_pol
, uint32 num_sids
,
525 uint32
*num_aliases
, uint32
**als_rids
)
527 prs_struct qbuf
, rbuf
;
528 SAMR_Q_QUERY_USERALIASES q
;
529 SAMR_R_QUERY_USERALIASES r
;
530 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
534 DEBUG(10,("cli_samr_query_useraliases\n"));
540 sid_ptrs
= TALLOC_ARRAY(mem_ctx
, uint32
, num_sids
);
541 if (sid_ptrs
== NULL
)
542 return NT_STATUS_NO_MEMORY
;
547 for (i
=0; i
<num_sids
; i
++)
550 /* Marshall data and send request */
552 init_samr_q_query_useraliases(&q
, dom_pol
, num_sids
, sid_ptrs
, sid
);
554 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_USERALIASES
,
557 samr_io_q_query_useraliases
,
558 samr_io_r_query_useraliases
,
559 NT_STATUS_UNSUCCESSFUL
);
561 /* Return output parameters */
563 if (NT_STATUS_IS_OK(result
= r
.status
)) {
564 *num_aliases
= r
.num_entries
;
571 /* Query user groups */
573 NTSTATUS
rpccli_samr_query_groupmem(struct rpc_pipe_client
*cli
,
575 POLICY_HND
*group_pol
, uint32
*num_mem
,
576 uint32
**rid
, uint32
**attr
)
578 prs_struct qbuf
, rbuf
;
579 SAMR_Q_QUERY_GROUPMEM q
;
580 SAMR_R_QUERY_GROUPMEM r
;
581 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
583 DEBUG(10,("cli_samr_query_groupmem\n"));
588 /* Marshall data and send request */
590 init_samr_q_query_groupmem(&q
, group_pol
);
592 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_GROUPMEM
,
595 samr_io_q_query_groupmem
,
596 samr_io_r_query_groupmem
,
597 NT_STATUS_UNSUCCESSFUL
);
599 /* Return output parameters */
601 if (NT_STATUS_IS_OK(result
= r
.status
)) {
602 *num_mem
= r
.num_entries
;
611 * Enumerate domain users
613 * @param cli client state structure
614 * @param mem_ctx talloc context
615 * @param pol opened domain policy handle
616 * @param start_idx starting index of enumeration, returns context for
618 * @param acb_mask account control bit mask (to enumerate some particular
620 * @param size max acceptable size of response
621 * @param dom_users returned array of domain user names
622 * @param rids returned array of domain user RIDs
623 * @param num_dom_users numer returned entries
625 * @return NTSTATUS returned in rpc response
628 NTSTATUS
rpccli_samr_enum_dom_users(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
629 POLICY_HND
*pol
, uint32
*start_idx
, uint32 acb_mask
,
630 uint32 size
, char ***dom_users
, uint32
**rids
,
631 uint32
*num_dom_users
)
635 SAMR_Q_ENUM_DOM_USERS q
;
636 SAMR_R_ENUM_DOM_USERS r
;
637 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
640 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx
));
645 /* always init this */
648 /* Fill query structure with parameters */
650 init_samr_q_enum_dom_users(&q
, pol
, *start_idx
, acb_mask
, size
);
652 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_USERS
,
655 samr_io_q_enum_dom_users
,
656 samr_io_r_enum_dom_users
,
657 NT_STATUS_UNSUCCESSFUL
);
661 if (!NT_STATUS_IS_OK(result
) &&
662 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
))
665 *start_idx
= r
.next_idx
;
666 *num_dom_users
= r
.num_entries2
;
668 if (r
.num_entries2
) {
669 /* allocate memory needed to return received data */
670 *rids
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_entries2
);
672 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
673 return NT_STATUS_NO_MEMORY
;
676 *dom_users
= TALLOC_ARRAY(mem_ctx
, char*, r
.num_entries2
);
678 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
679 return NT_STATUS_NO_MEMORY
;
682 /* fill output buffers with rpc response */
683 for (i
= 0; i
< r
.num_entries2
; i
++) {
686 (*rids
)[i
] = r
.sam
[i
].rid
;
687 unistr2_to_ascii(conv_buf
, &(r
.uni_acct_name
[i
]), sizeof(conv_buf
) - 1);
688 (*dom_users
)[i
] = talloc_strdup(mem_ctx
, conv_buf
);
696 /* Enumerate domain groups */
698 NTSTATUS
rpccli_samr_enum_dom_groups(struct rpc_pipe_client
*cli
,
700 POLICY_HND
*pol
, uint32
*start_idx
,
701 uint32 size
, struct acct_info
**dom_groups
,
702 uint32
*num_dom_groups
)
704 prs_struct qbuf
, rbuf
;
705 SAMR_Q_ENUM_DOM_GROUPS q
;
706 SAMR_R_ENUM_DOM_GROUPS r
;
707 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
710 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx
));
715 /* Marshall data and send request */
717 init_samr_q_enum_dom_groups(&q
, pol
, *start_idx
, size
);
719 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_GROUPS
,
722 samr_io_q_enum_dom_groups
,
723 samr_io_r_enum_dom_groups
,
724 NT_STATUS_UNSUCCESSFUL
);
726 /* Return output parameters */
730 if (!NT_STATUS_IS_OK(result
) &&
731 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
))
734 *num_dom_groups
= r
.num_entries2
;
736 if (*num_dom_groups
== 0)
739 if (!((*dom_groups
) = TALLOC_ARRAY(mem_ctx
, struct acct_info
, *num_dom_groups
))) {
740 result
= NT_STATUS_NO_MEMORY
;
744 memset(*dom_groups
, 0, sizeof(struct acct_info
) * (*num_dom_groups
));
748 for (i
= 0; i
< *num_dom_groups
; i
++) {
750 (*dom_groups
)[i
].rid
= r
.sam
[i
].rid
;
752 if (r
.sam
[i
].hdr_name
.buffer
) {
753 unistr2_to_ascii((*dom_groups
)[i
].acct_name
,
754 &r
.uni_grp_name
[name_idx
],
755 sizeof(fstring
) - 1);
759 *start_idx
= r
.next_idx
;
766 /* Enumerate domain groups */
768 NTSTATUS
rpccli_samr_enum_als_groups(struct rpc_pipe_client
*cli
,
770 POLICY_HND
*pol
, uint32
*start_idx
,
771 uint32 size
, struct acct_info
**dom_aliases
,
772 uint32
*num_dom_aliases
)
774 prs_struct qbuf
, rbuf
;
775 SAMR_Q_ENUM_DOM_ALIASES q
;
776 SAMR_R_ENUM_DOM_ALIASES r
;
777 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
780 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx
));
785 /* Marshall data and send request */
787 init_samr_q_enum_dom_aliases(&q
, pol
, *start_idx
, size
);
789 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ENUM_DOM_ALIASES
,
792 samr_io_q_enum_dom_aliases
,
793 samr_io_r_enum_dom_aliases
,
794 NT_STATUS_UNSUCCESSFUL
);
796 /* Return output parameters */
800 if (!NT_STATUS_IS_OK(result
) &&
801 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
805 *num_dom_aliases
= r
.num_entries2
;
807 if (*num_dom_aliases
== 0)
810 if (!((*dom_aliases
) = TALLOC_ARRAY(mem_ctx
, struct acct_info
, *num_dom_aliases
))) {
811 result
= NT_STATUS_NO_MEMORY
;
815 memset(*dom_aliases
, 0, sizeof(struct acct_info
) * *num_dom_aliases
);
819 for (i
= 0; i
< *num_dom_aliases
; i
++) {
821 (*dom_aliases
)[i
].rid
= r
.sam
[i
].rid
;
823 if (r
.sam
[i
].hdr_name
.buffer
) {
824 unistr2_to_ascii((*dom_aliases
)[i
].acct_name
,
825 &r
.uni_grp_name
[name_idx
],
826 sizeof(fstring
) - 1);
830 *start_idx
= r
.next_idx
;
837 /* Query alias members */
839 NTSTATUS
rpccli_samr_query_aliasmem(struct rpc_pipe_client
*cli
,
841 POLICY_HND
*alias_pol
, uint32
*num_mem
,
844 prs_struct qbuf
, rbuf
;
845 SAMR_Q_QUERY_ALIASMEM q
;
846 SAMR_R_QUERY_ALIASMEM r
;
847 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
850 DEBUG(10,("cli_samr_query_aliasmem\n"));
855 /* Marshall data and send request */
857 init_samr_q_query_aliasmem(&q
, alias_pol
);
859 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_ALIASMEM
,
862 samr_io_q_query_aliasmem
,
863 samr_io_r_query_aliasmem
,
864 NT_STATUS_UNSUCCESSFUL
);
866 /* Return output parameters */
868 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
872 *num_mem
= r
.num_sids
;
876 result
= NT_STATUS_OK
;
880 if (!(*sids
= TALLOC_ARRAY(mem_ctx
, DOM_SID
, *num_mem
))) {
881 result
= NT_STATUS_UNSUCCESSFUL
;
885 for (i
= 0; i
< *num_mem
; i
++) {
886 (*sids
)[i
] = r
.sid
[i
].sid
;
893 /* Open handle on an alias */
895 NTSTATUS
rpccli_samr_open_alias(struct rpc_pipe_client
*cli
,
897 POLICY_HND
*domain_pol
, uint32 access_mask
,
898 uint32 alias_rid
, POLICY_HND
*alias_pol
)
900 prs_struct qbuf
, rbuf
;
905 DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid
));
910 /* Marshall data and send request */
912 init_samr_q_open_alias(&q
, domain_pol
, access_mask
, alias_rid
);
914 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_OPEN_ALIAS
,
917 samr_io_q_open_alias
,
918 samr_io_r_open_alias
,
919 NT_STATUS_UNSUCCESSFUL
);
921 /* Return output parameters */
923 if (NT_STATUS_IS_OK(result
= r
.status
)) {
930 /* Create an alias */
932 NTSTATUS
rpccli_samr_create_dom_alias(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
933 POLICY_HND
*domain_pol
, const char *name
,
934 POLICY_HND
*alias_pol
)
936 prs_struct qbuf
, rbuf
;
937 SAMR_Q_CREATE_DOM_ALIAS q
;
938 SAMR_R_CREATE_DOM_ALIAS r
;
941 DEBUG(10,("cli_samr_create_dom_alias named %s\n", name
));
946 /* Marshall data and send request */
948 init_samr_q_create_dom_alias(&q
, domain_pol
, name
);
950 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_DOM_ALIAS
,
953 samr_io_q_create_dom_alias
,
954 samr_io_r_create_dom_alias
,
955 NT_STATUS_UNSUCCESSFUL
);
957 /* Return output parameters */
959 if (NT_STATUS_IS_OK(result
= r
.status
)) {
960 *alias_pol
= r
.alias_pol
;
966 /* Add an alias member */
968 NTSTATUS
rpccli_samr_add_aliasmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
969 POLICY_HND
*alias_pol
, DOM_SID
*member
)
971 prs_struct qbuf
, rbuf
;
972 SAMR_Q_ADD_ALIASMEM q
;
973 SAMR_R_ADD_ALIASMEM r
;
976 DEBUG(10,("cli_samr_add_aliasmem"));
981 /* Marshall data and send request */
983 init_samr_q_add_aliasmem(&q
, alias_pol
, member
);
985 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_ADD_ALIASMEM
,
988 samr_io_q_add_aliasmem
,
989 samr_io_r_add_aliasmem
,
990 NT_STATUS_UNSUCCESSFUL
);
997 /* Delete an alias member */
999 NTSTATUS
rpccli_samr_del_aliasmem(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1000 POLICY_HND
*alias_pol
, DOM_SID
*member
)
1002 prs_struct qbuf
, rbuf
;
1003 SAMR_Q_DEL_ALIASMEM q
;
1004 SAMR_R_DEL_ALIASMEM r
;
1007 DEBUG(10,("cli_samr_del_aliasmem"));
1012 /* Marshall data and send request */
1014 init_samr_q_del_aliasmem(&q
, alias_pol
, member
);
1016 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DEL_ALIASMEM
,
1019 samr_io_q_del_aliasmem
,
1020 samr_io_r_del_aliasmem
,
1021 NT_STATUS_UNSUCCESSFUL
);
1028 /* Query alias info */
1030 NTSTATUS
rpccli_samr_query_alias_info(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1031 POLICY_HND
*alias_pol
, uint16 switch_value
,
1032 ALIAS_INFO_CTR
*ctr
)
1034 prs_struct qbuf
, rbuf
;
1035 SAMR_Q_QUERY_ALIASINFO q
;
1036 SAMR_R_QUERY_ALIASINFO r
;
1037 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1039 DEBUG(10,("cli_samr_query_alias_info\n"));
1044 /* Marshall data and send request */
1046 init_samr_q_query_aliasinfo(&q
, alias_pol
, switch_value
);
1048 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_ALIASINFO
,
1051 samr_io_q_query_aliasinfo
,
1052 samr_io_r_query_aliasinfo
,
1053 NT_STATUS_UNSUCCESSFUL
);
1055 /* Return output parameters */
1057 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1068 /* Query domain info */
1070 NTSTATUS
rpccli_samr_query_dom_info(struct rpc_pipe_client
*cli
,
1071 TALLOC_CTX
*mem_ctx
,
1072 POLICY_HND
*domain_pol
,
1073 uint16 switch_value
,
1076 prs_struct qbuf
, rbuf
;
1077 SAMR_Q_QUERY_DOMAIN_INFO q
;
1078 SAMR_R_QUERY_DOMAIN_INFO r
;
1079 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1081 DEBUG(10,("cli_samr_query_dom_info\n"));
1086 /* Marshall data and send request */
1088 init_samr_q_query_domain_info(&q
, domain_pol
, switch_value
);
1092 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DOMAIN_INFO
,
1095 samr_io_q_query_domain_info
,
1096 samr_io_r_query_domain_info
,
1097 NT_STATUS_UNSUCCESSFUL
);
1099 /* Return output parameters */
1101 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1110 /* Query domain info2 */
1112 NTSTATUS
rpccli_samr_query_dom_info2(struct rpc_pipe_client
*cli
,
1113 TALLOC_CTX
*mem_ctx
,
1114 POLICY_HND
*domain_pol
,
1115 uint16 switch_value
,
1118 prs_struct qbuf
, rbuf
;
1119 SAMR_Q_QUERY_DOMAIN_INFO2 q
;
1120 SAMR_R_QUERY_DOMAIN_INFO2 r
;
1121 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1123 DEBUG(10,("cli_samr_query_dom_info2\n"));
1128 /* Marshall data and send request */
1130 init_samr_q_query_domain_info2(&q
, domain_pol
, switch_value
);
1134 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DOMAIN_INFO2
,
1137 samr_io_q_query_domain_info2
,
1138 samr_io_r_query_domain_info2
,
1139 NT_STATUS_UNSUCCESSFUL
);
1141 /* Return output parameters */
1143 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1152 /* Set domain info */
1154 NTSTATUS
rpccli_samr_set_domain_info(struct rpc_pipe_client
*cli
,
1155 TALLOC_CTX
*mem_ctx
,
1156 POLICY_HND
*domain_pol
,
1157 uint16 switch_value
,
1160 prs_struct qbuf
, rbuf
;
1161 SAMR_Q_SET_DOMAIN_INFO q
;
1162 SAMR_R_SET_DOMAIN_INFO r
;
1163 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1165 DEBUG(10,("cli_samr_set_domain_info\n"));
1170 /* Marshall data and send request */
1172 init_samr_q_set_domain_info(&q
, domain_pol
, switch_value
, ctr
);
1174 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_DOMAIN_INFO
,
1177 samr_io_q_set_domain_info
,
1178 samr_io_r_set_domain_info
,
1179 NT_STATUS_UNSUCCESSFUL
);
1181 /* Return output parameters */
1183 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1192 /* User change password */
1194 NTSTATUS
rpccli_samr_chgpasswd_user(struct rpc_pipe_client
*cli
,
1195 TALLOC_CTX
*mem_ctx
,
1196 const char *username
,
1197 const char *newpassword
,
1198 const char *oldpassword
)
1200 uchar new_nt_password
[516];
1201 uchar new_lm_password
[516];
1202 uchar old_nt_hash
[16];
1203 uchar old_lanman_hash
[16];
1204 uchar old_nt_hash_enc
[16];
1205 uchar old_lanman_hash_enc
[16];
1207 uchar new_nt_hash
[16];
1208 uchar new_lanman_hash
[16];
1210 DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
1212 /* Calculate the MD4 hash (NT compatible) of the password */
1213 E_md4hash(oldpassword
, old_nt_hash
);
1214 E_md4hash(newpassword
, new_nt_hash
);
1216 if (lp_client_lanman_auth()
1217 && E_deshash(newpassword
, new_lanman_hash
)
1218 && E_deshash(oldpassword
, old_lanman_hash
)) {
1219 /* E_deshash returns false for 'long' passwords (> 14
1220 DOS chars). This allows us to match Win2k, which
1221 does not store a LM hash for these passwords (which
1222 would reduce the effective password length to 14) */
1224 encode_pw_buffer(new_lm_password
, newpassword
, STR_UNICODE
);
1226 SamOEMhash( new_lm_password
, old_nt_hash
, 516);
1227 E_old_pw_hash( new_nt_hash
, old_lanman_hash
, old_lanman_hash_enc
);
1229 ZERO_STRUCT(new_lm_password
);
1230 ZERO_STRUCT(old_lanman_hash_enc
);
1233 encode_pw_buffer(new_nt_password
, newpassword
, STR_UNICODE
);
1235 SamOEMhash( new_nt_password
, old_nt_hash
, 516);
1236 E_old_pw_hash( new_nt_hash
, old_nt_hash
, old_nt_hash_enc
);
1238 return rpccli_samr_chng_pswd_auth_crap(cli
, mem_ctx
, username
,
1239 data_blob_const(new_nt_password
,sizeof(new_nt_password
)),
1240 data_blob_const(old_nt_hash_enc
,sizeof(old_nt_hash_enc
)),
1241 data_blob_const(new_lm_password
,sizeof(new_lm_password
)),
1242 data_blob_const(old_lanman_hash_enc
,sizeof(old_lanman_hash_enc
)));
1245 /* User change passwd with auth crap */
1247 NTSTATUS
rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client
*cli
,
1248 TALLOC_CTX
*mem_ctx
,
1249 const char *username
,
1250 DATA_BLOB new_nt_password
,
1251 DATA_BLOB old_nt_hash_enc
,
1252 DATA_BLOB new_lm_password
,
1253 DATA_BLOB old_lm_hash_enc
)
1255 prs_struct qbuf
, rbuf
;
1256 SAMR_Q_CHGPASSWD_USER q
;
1257 SAMR_R_CHGPASSWD_USER r
;
1258 char *srv_name_slash
;
1260 if (!(srv_name_slash
= talloc_asprintf(mem_ctx
, "\\\\%s",
1261 cli
->cli
->desthost
))) {
1262 return NT_STATUS_NO_MEMORY
;
1265 DEBUG(5,("rpccli_samr_chng_pswd_auth_crap on server: %s\n",
1271 /* Marshall data and send request */
1273 init_samr_q_chgpasswd_user(&q
, srv_name_slash
, username
,
1274 new_nt_password
.data
,
1275 old_nt_hash_enc
.data
,
1276 new_lm_password
.data
,
1277 old_lm_hash_enc
.data
);
1279 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CHGPASSWD_USER
,
1282 samr_io_q_chgpasswd_user
,
1283 samr_io_r_chgpasswd_user
,
1284 NT_STATUS_UNSUCCESSFUL
);
1289 /* change password 3 */
1291 NTSTATUS
rpccli_samr_chgpasswd3(struct rpc_pipe_client
*cli
,
1292 TALLOC_CTX
*mem_ctx
,
1293 const char *username
,
1294 const char *newpassword
,
1295 const char *oldpassword
,
1296 SAM_UNK_INFO_1
*info
,
1297 SAMR_CHANGE_REJECT
*reject
)
1299 prs_struct qbuf
, rbuf
;
1300 SAMR_Q_CHGPASSWD_USER3 q
;
1301 SAMR_R_CHGPASSWD_USER3 r
;
1303 uchar new_nt_password
[516];
1304 uchar new_lm_password
[516];
1305 uchar old_nt_hash
[16];
1306 uchar old_lanman_hash
[16];
1307 uchar old_nt_hash_enc
[16];
1308 uchar old_lanman_hash_enc
[16];
1310 uchar new_nt_hash
[16];
1311 uchar new_lanman_hash
[16];
1313 char *srv_name_slash
= talloc_asprintf(mem_ctx
, "\\\\%s", cli
->cli
->desthost
);
1315 DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
1320 /* Calculate the MD4 hash (NT compatible) of the password */
1321 E_md4hash(oldpassword
, old_nt_hash
);
1322 E_md4hash(newpassword
, new_nt_hash
);
1324 if (lp_client_lanman_auth()
1325 && E_deshash(newpassword
, new_lanman_hash
)
1326 && E_deshash(oldpassword
, old_lanman_hash
)) {
1327 /* E_deshash returns false for 'long' passwords (> 14
1328 DOS chars). This allows us to match Win2k, which
1329 does not store a LM hash for these passwords (which
1330 would reduce the effective password length to 14) */
1332 encode_pw_buffer(new_lm_password
, newpassword
, STR_UNICODE
);
1334 SamOEMhash( new_lm_password
, old_nt_hash
, 516);
1335 E_old_pw_hash( new_nt_hash
, old_lanman_hash
, old_lanman_hash_enc
);
1337 ZERO_STRUCT(new_lm_password
);
1338 ZERO_STRUCT(old_lanman_hash_enc
);
1341 encode_pw_buffer(new_nt_password
, newpassword
, STR_UNICODE
);
1343 SamOEMhash( new_nt_password
, old_nt_hash
, 516);
1344 E_old_pw_hash( new_nt_hash
, old_nt_hash
, old_nt_hash_enc
);
1346 /* Marshall data and send request */
1348 init_samr_q_chgpasswd_user3(&q
, srv_name_slash
, username
,
1352 old_lanman_hash_enc
);
1356 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CHGPASSWD_USER3
,
1359 samr_io_q_chgpasswd_user3
,
1360 samr_io_r_chgpasswd_user3
,
1361 NT_STATUS_UNSUCCESSFUL
);
1363 /* Return output parameters */
1368 /* This function returns the bizzare set of (max_entries, max_size) required
1369 for the QueryDisplayInfo RPC to actually work against a domain controller
1370 with large (10k and higher) numbers of users. These values were
1371 obtained by inspection using ethereal and NT4 running User Manager. */
1373 void get_query_dispinfo_params(int loop_count
, uint32
*max_entries
,
1376 switch(loop_count
) {
1382 *max_entries
= 1024;
1386 *max_entries
= 2048;
1390 *max_entries
= 4096;
1393 default: /* loop_count >= 4 */
1394 *max_entries
= 4096;
1400 /* Query display info */
1402 NTSTATUS
rpccli_samr_query_dispinfo(struct rpc_pipe_client
*cli
,
1403 TALLOC_CTX
*mem_ctx
,
1404 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1405 uint16 switch_value
, uint32
*num_entries
,
1406 uint32 max_entries
, uint32 max_size
,
1407 SAM_DISPINFO_CTR
*ctr
)
1409 prs_struct qbuf
, rbuf
;
1410 SAMR_Q_QUERY_DISPINFO q
;
1411 SAMR_R_QUERY_DISPINFO r
;
1412 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1414 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx
));
1421 /* Marshall data and send request */
1423 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1424 *start_idx
, max_entries
, max_size
);
1428 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO
,
1431 samr_io_q_query_dispinfo
,
1432 samr_io_r_query_dispinfo
,
1433 NT_STATUS_UNSUCCESSFUL
);
1435 /* Return output parameters */
1439 if (!NT_STATUS_IS_OK(result
) &&
1440 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1444 *num_entries
= r
.num_entries
;
1445 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1452 /* Query display info2 */
1454 NTSTATUS
rpccli_samr_query_dispinfo2(struct rpc_pipe_client
*cli
,
1455 TALLOC_CTX
*mem_ctx
,
1456 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1457 uint16 switch_value
, uint32
*num_entries
,
1458 uint32 max_entries
, uint32 max_size
,
1459 SAM_DISPINFO_CTR
*ctr
)
1461 prs_struct qbuf
, rbuf
;
1462 SAMR_Q_QUERY_DISPINFO q
;
1463 SAMR_R_QUERY_DISPINFO r
;
1464 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1466 DEBUG(10,("cli_samr_query_dispinfo2 for start_idx = %u\n", *start_idx
));
1473 /* Marshall data and send request */
1475 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1476 *start_idx
, max_entries
, max_size
);
1480 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO2
,
1483 samr_io_q_query_dispinfo
,
1484 samr_io_r_query_dispinfo
,
1485 NT_STATUS_UNSUCCESSFUL
);
1487 /* Return output parameters */
1491 if (!NT_STATUS_IS_OK(result
) &&
1492 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1496 *num_entries
= r
.num_entries
;
1497 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1503 /* Query display info */
1505 NTSTATUS
rpccli_samr_query_dispinfo3(struct rpc_pipe_client
*cli
,
1506 TALLOC_CTX
*mem_ctx
,
1507 POLICY_HND
*domain_pol
, uint32
*start_idx
,
1508 uint16 switch_value
, uint32
*num_entries
,
1509 uint32 max_entries
, uint32 max_size
,
1510 SAM_DISPINFO_CTR
*ctr
)
1512 prs_struct qbuf
, rbuf
;
1513 SAMR_Q_QUERY_DISPINFO q
;
1514 SAMR_R_QUERY_DISPINFO r
;
1515 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1517 DEBUG(10,("cli_samr_query_dispinfo3 for start_idx = %u\n", *start_idx
));
1524 /* Marshall data and send request */
1526 init_samr_q_query_dispinfo(&q
, domain_pol
, switch_value
,
1527 *start_idx
, max_entries
, max_size
);
1531 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_DISPINFO3
,
1534 samr_io_q_query_dispinfo
,
1535 samr_io_r_query_dispinfo
,
1536 NT_STATUS_UNSUCCESSFUL
);
1538 /* Return output parameters */
1542 if (!NT_STATUS_IS_OK(result
) &&
1543 NT_STATUS_V(result
) != NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1547 *num_entries
= r
.num_entries
;
1548 *start_idx
+= r
.num_entries
; /* No next_idx in this structure! */
1554 /* Query display info index */
1556 NTSTATUS
rpccli_samr_get_dispenum_index(struct rpc_pipe_client
*cli
,
1557 TALLOC_CTX
*mem_ctx
,
1558 POLICY_HND
*domain_pol
,
1559 uint16 switch_value
,
1563 prs_struct qbuf
, rbuf
;
1564 SAMR_Q_GET_DISPENUM_INDEX q
;
1565 SAMR_R_GET_DISPENUM_INDEX r
;
1566 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1568 DEBUG(10,("cli_samr_get_dispenum_index for name = %s\n", name
));
1573 /* Marshall data and send request */
1575 init_samr_q_get_dispenum_index(&q
, domain_pol
, switch_value
, name
);
1577 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DISPENUM_INDEX
,
1580 samr_io_q_get_dispenum_index
,
1581 samr_io_r_get_dispenum_index
,
1582 NT_STATUS_UNSUCCESSFUL
);
1584 /* Return output parameters */
1590 if (!NT_STATUS_IS_ERR(result
)) {
1597 NTSTATUS
rpccli_samr_get_dispenum_index2(struct rpc_pipe_client
*cli
,
1598 TALLOC_CTX
*mem_ctx
,
1599 POLICY_HND
*domain_pol
,
1600 uint16 switch_value
,
1604 prs_struct qbuf
, rbuf
;
1605 SAMR_Q_GET_DISPENUM_INDEX q
;
1606 SAMR_R_GET_DISPENUM_INDEX r
;
1607 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1609 DEBUG(10,("cli_samr_get_dispenum_index2 for name = %s\n", name
));
1614 /* Marshall data and send request */
1616 init_samr_q_get_dispenum_index(&q
, domain_pol
, switch_value
, name
);
1618 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DISPENUM_INDEX2
,
1621 samr_io_q_get_dispenum_index
,
1622 samr_io_r_get_dispenum_index
,
1623 NT_STATUS_UNSUCCESSFUL
);
1625 /* Return output parameters */
1631 if (!NT_STATUS_IS_ERR(result
)) {
1639 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1640 looked up in one packet. */
1642 NTSTATUS
rpccli_samr_lookup_rids(struct rpc_pipe_client
*cli
,
1643 TALLOC_CTX
*mem_ctx
,
1644 POLICY_HND
*domain_pol
,
1645 uint32 num_rids
, uint32
*rids
,
1646 uint32
*num_names
, char ***names
,
1647 uint32
**name_types
)
1649 prs_struct qbuf
, rbuf
;
1650 SAMR_Q_LOOKUP_RIDS q
;
1651 SAMR_R_LOOKUP_RIDS r
;
1652 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1655 DEBUG(10,("cli_samr_lookup_rids\n"));
1657 if (num_rids
> 1000) {
1658 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1659 "more than ~1000 rids are looked up at once.\n"));
1665 /* Marshall data and send request */
1667 init_samr_q_lookup_rids(mem_ctx
, &q
, domain_pol
, 1000, num_rids
, rids
);
1669 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_RIDS
,
1672 samr_io_q_lookup_rids
,
1673 samr_io_r_lookup_rids
,
1674 NT_STATUS_UNSUCCESSFUL
);
1676 /* Return output parameters */
1680 if (!NT_STATUS_IS_OK(result
) &&
1681 !NT_STATUS_EQUAL(result
, STATUS_SOME_UNMAPPED
))
1684 if (r
.num_names1
== 0) {
1690 *num_names
= r
.num_names1
;
1691 *names
= TALLOC_ARRAY(mem_ctx
, char *, r
.num_names1
);
1692 *name_types
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_names1
);
1694 if ((*names
== NULL
) || (*name_types
== NULL
)) {
1695 TALLOC_FREE(*names
);
1696 TALLOC_FREE(*name_types
);
1697 return NT_STATUS_NO_MEMORY
;
1700 for (i
= 0; i
< r
.num_names1
; i
++) {
1703 unistr2_to_ascii(tmp
, &r
.uni_name
[i
], sizeof(tmp
) - 1);
1704 (*names
)[i
] = talloc_strdup(mem_ctx
, tmp
);
1705 (*name_types
)[i
] = r
.type
[i
];
1715 NTSTATUS
rpccli_samr_lookup_names(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1716 POLICY_HND
*domain_pol
, uint32 flags
,
1717 uint32 num_names
, const char **names
,
1718 uint32
*num_rids
, uint32
**rids
,
1721 prs_struct qbuf
, rbuf
;
1722 SAMR_Q_LOOKUP_NAMES q
;
1723 SAMR_R_LOOKUP_NAMES r
;
1724 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1727 DEBUG(10,("cli_samr_lookup_names\n"));
1732 /* Marshall data and send request */
1734 init_samr_q_lookup_names(mem_ctx
, &q
, domain_pol
, flags
,
1737 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_NAMES
,
1740 samr_io_q_lookup_names
,
1741 samr_io_r_lookup_names
,
1742 NT_STATUS_UNSUCCESSFUL
);
1744 /* Return output parameters */
1746 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1750 if (r
.num_rids1
== 0) {
1755 *num_rids
= r
.num_rids1
;
1756 *rids
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_rids1
);
1757 *rid_types
= TALLOC_ARRAY(mem_ctx
, uint32
, r
.num_rids1
);
1759 if ((*rids
== NULL
) || (*rid_types
== NULL
)) {
1761 TALLOC_FREE(*rid_types
);
1762 return NT_STATUS_NO_MEMORY
;
1765 for (i
= 0; i
< r
.num_rids1
; i
++) {
1766 (*rids
)[i
] = r
.rids
[i
];
1767 (*rid_types
)[i
] = r
.types
[i
];
1775 /* Create a domain user */
1777 NTSTATUS
rpccli_samr_create_dom_user(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1778 POLICY_HND
*domain_pol
, const char *acct_name
,
1779 uint32 acb_info
, uint32 unknown
,
1780 POLICY_HND
*user_pol
, uint32
*rid
)
1782 prs_struct qbuf
, rbuf
;
1783 SAMR_Q_CREATE_USER q
;
1784 SAMR_R_CREATE_USER r
;
1785 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1787 DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name
));
1792 /* Marshall data and send request */
1794 init_samr_q_create_user(&q
, domain_pol
, acct_name
, acb_info
, unknown
);
1796 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_CREATE_USER
,
1799 samr_io_q_create_user
,
1800 samr_io_r_create_user
,
1801 NT_STATUS_UNSUCCESSFUL
);
1803 /* Return output parameters */
1805 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1810 *user_pol
= r
.user_pol
;
1822 NTSTATUS
rpccli_samr_set_userinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1823 const POLICY_HND
*user_pol
, uint16 switch_value
,
1824 DATA_BLOB
*sess_key
, SAM_USERINFO_CTR
*ctr
)
1826 prs_struct qbuf
, rbuf
;
1827 SAMR_Q_SET_USERINFO q
;
1828 SAMR_R_SET_USERINFO r
;
1829 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1831 DEBUG(10,("cli_samr_set_userinfo\n"));
1836 if (!sess_key
->length
) {
1837 DEBUG(1, ("No user session key\n"));
1838 return NT_STATUS_NO_USER_SESSION_KEY
;
1841 /* Initialise parse structures */
1843 prs_init(&qbuf
, RPC_MAX_PDU_FRAG_LEN
, mem_ctx
, MARSHALL
);
1844 prs_init(&rbuf
, 0, mem_ctx
, UNMARSHALL
);
1846 /* Marshall data and send request */
1850 init_samr_q_set_userinfo(&q
, user_pol
, sess_key
, switch_value
,
1853 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_USERINFO
,
1856 samr_io_q_set_userinfo
,
1857 samr_io_r_set_userinfo
,
1858 NT_STATUS_UNSUCCESSFUL
);
1860 /* Return output parameters */
1862 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1873 NTSTATUS
rpccli_samr_set_userinfo2(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1874 const POLICY_HND
*user_pol
, uint16 switch_value
,
1875 DATA_BLOB
*sess_key
, SAM_USERINFO_CTR
*ctr
)
1877 prs_struct qbuf
, rbuf
;
1878 SAMR_Q_SET_USERINFO2 q
;
1879 SAMR_R_SET_USERINFO2 r
;
1880 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1882 DEBUG(10,("cli_samr_set_userinfo2\n"));
1884 if (!sess_key
->length
) {
1885 DEBUG(1, ("No user session key\n"));
1886 return NT_STATUS_NO_USER_SESSION_KEY
;
1892 /* Marshall data and send request */
1894 init_samr_q_set_userinfo2(&q
, user_pol
, sess_key
, switch_value
, ctr
);
1896 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_USERINFO2
,
1899 samr_io_q_set_userinfo2
,
1900 samr_io_r_set_userinfo2
,
1901 NT_STATUS_UNSUCCESSFUL
);
1903 /* Return output parameters */
1905 if (!NT_STATUS_IS_OK(result
= r
.status
)) {
1914 /* Delete domain group */
1916 NTSTATUS
rpccli_samr_delete_dom_group(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1917 POLICY_HND
*group_pol
)
1919 prs_struct qbuf
, rbuf
;
1920 SAMR_Q_DELETE_DOM_GROUP q
;
1921 SAMR_R_DELETE_DOM_GROUP r
;
1922 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1924 DEBUG(10,("cli_samr_delete_dom_group\n"));
1929 /* Marshall data and send request */
1931 init_samr_q_delete_dom_group(&q
, group_pol
);
1933 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_GROUP
,
1936 samr_io_q_delete_dom_group
,
1937 samr_io_r_delete_dom_group
,
1938 NT_STATUS_UNSUCCESSFUL
);
1940 /* Return output parameters */
1947 /* Delete domain alias */
1949 NTSTATUS
rpccli_samr_delete_dom_alias(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1950 POLICY_HND
*alias_pol
)
1952 prs_struct qbuf
, rbuf
;
1953 SAMR_Q_DELETE_DOM_ALIAS q
;
1954 SAMR_R_DELETE_DOM_ALIAS r
;
1955 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1957 DEBUG(10,("cli_samr_delete_dom_alias\n"));
1962 /* Marshall data and send request */
1964 init_samr_q_delete_dom_alias(&q
, alias_pol
);
1966 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_ALIAS
,
1969 samr_io_q_delete_dom_alias
,
1970 samr_io_r_delete_dom_alias
,
1971 NT_STATUS_UNSUCCESSFUL
);
1973 /* Return output parameters */
1980 /* Delete domain user */
1982 NTSTATUS
rpccli_samr_delete_dom_user(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
1983 POLICY_HND
*user_pol
)
1985 prs_struct qbuf
, rbuf
;
1986 SAMR_Q_DELETE_DOM_USER q
;
1987 SAMR_R_DELETE_DOM_USER r
;
1988 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1990 DEBUG(10,("cli_samr_delete_dom_user\n"));
1995 /* Marshall data and send request */
1997 init_samr_q_delete_dom_user(&q
, user_pol
);
1999 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_DELETE_DOM_USER
,
2002 samr_io_q_delete_dom_user
,
2003 samr_io_r_delete_dom_user
,
2004 NT_STATUS_UNSUCCESSFUL
);
2006 /* Return output parameters */
2013 /* Remove foreign SID */
2015 NTSTATUS
rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client
*cli
,
2016 TALLOC_CTX
*mem_ctx
,
2017 POLICY_HND
*user_pol
,
2020 prs_struct qbuf
, rbuf
;
2021 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q
;
2022 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r
;
2023 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2025 DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
2030 /* Marshall data and send request */
2032 init_samr_q_remove_sid_foreign_domain(&q
, user_pol
, sid
);
2034 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_REMOVE_SID_FOREIGN_DOMAIN
,
2037 samr_io_q_remove_sid_foreign_domain
,
2038 samr_io_r_remove_sid_foreign_domain
,
2039 NT_STATUS_UNSUCCESSFUL
);
2041 /* Return output parameters */
2048 /* Query user security object */
2050 NTSTATUS
rpccli_samr_query_sec_obj(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2051 POLICY_HND
*user_pol
, uint32 sec_info
,
2052 TALLOC_CTX
*ctx
, SEC_DESC_BUF
**sec_desc_buf
)
2054 prs_struct qbuf
, rbuf
;
2055 SAMR_Q_QUERY_SEC_OBJ q
;
2056 SAMR_R_QUERY_SEC_OBJ r
;
2057 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2059 DEBUG(10,("cli_samr_query_sec_obj\n"));
2064 /* Marshall data and send request */
2066 init_samr_q_query_sec_obj(&q
, user_pol
, sec_info
);
2068 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_QUERY_SEC_OBJECT
,
2071 samr_io_q_query_sec_obj
,
2072 samr_io_r_query_sec_obj
,
2073 NT_STATUS_UNSUCCESSFUL
);
2075 /* Return output parameters */
2078 *sec_desc_buf
=dup_sec_desc_buf(ctx
, r
.buf
);
2083 /* Set user security object */
2085 NTSTATUS
rpccli_samr_set_sec_obj(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2086 POLICY_HND
*user_pol
, uint32 sec_info
,
2087 SEC_DESC_BUF
*sec_desc_buf
)
2089 prs_struct qbuf
, rbuf
;
2090 SAMR_Q_SET_SEC_OBJ q
;
2091 SAMR_R_SET_SEC_OBJ r
;
2092 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2094 DEBUG(10,("cli_samr_set_sec_obj\n"));
2099 /* Marshall data and send request */
2101 init_samr_q_set_sec_obj(&q
, user_pol
, sec_info
, sec_desc_buf
);
2103 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_SET_SEC_OBJECT
,
2106 samr_io_q_set_sec_obj
,
2107 samr_io_r_set_sec_obj
,
2108 NT_STATUS_UNSUCCESSFUL
);
2110 /* Return output parameters */
2118 /* Get domain password info */
2120 NTSTATUS
rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2121 uint16
*min_pwd_length
, uint32
*password_properties
)
2123 prs_struct qbuf
, rbuf
;
2124 SAMR_Q_GET_DOM_PWINFO q
;
2125 SAMR_R_GET_DOM_PWINFO r
;
2126 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2128 DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
2133 /* Marshall data and send request */
2135 init_samr_q_get_dom_pwinfo(&q
, cli
->cli
->desthost
);
2137 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_DOM_PWINFO
,
2140 samr_io_q_get_dom_pwinfo
,
2141 samr_io_r_get_dom_pwinfo
,
2142 NT_STATUS_UNSUCCESSFUL
);
2144 /* Return output parameters */
2148 if (NT_STATUS_IS_OK(result
)) {
2150 *min_pwd_length
= r
.min_pwd_length
;
2151 if (password_properties
)
2152 *password_properties
= r
.password_properties
;
2158 /* Get domain password info */
2160 NTSTATUS
rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2161 POLICY_HND
*pol
, uint16
*min_pwd_length
,
2162 uint32
*password_properties
, uint32
*unknown1
)
2164 prs_struct qbuf
, rbuf
;
2165 SAMR_Q_GET_USRDOM_PWINFO q
;
2166 SAMR_R_GET_USRDOM_PWINFO r
;
2167 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2169 DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
2174 /* Marshall data and send request */
2176 init_samr_q_get_usrdom_pwinfo(&q
, pol
);
2178 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_GET_USRDOM_PWINFO
,
2181 samr_io_q_get_usrdom_pwinfo
,
2182 samr_io_r_get_usrdom_pwinfo
,
2183 NT_STATUS_UNSUCCESSFUL
);
2185 /* Return output parameters */
2189 if (NT_STATUS_IS_OK(result
)) {
2191 *min_pwd_length
= r
.min_pwd_length
;
2192 if (password_properties
)
2193 *password_properties
= r
.password_properties
;
2195 *unknown1
= r
.unknown_1
;
2202 /* Lookup Domain Name */
2204 NTSTATUS
rpccli_samr_lookup_domain(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
2205 POLICY_HND
*user_pol
, char *domain_name
,
2208 prs_struct qbuf
, rbuf
;
2209 SAMR_Q_LOOKUP_DOMAIN q
;
2210 SAMR_R_LOOKUP_DOMAIN r
;
2211 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2213 DEBUG(10,("cli_samr_lookup_domain\n"));
2218 /* Marshall data and send request */
2220 init_samr_q_lookup_domain(&q
, user_pol
, domain_name
);
2222 CLI_DO_RPC(cli
, mem_ctx
, PI_SAMR
, SAMR_LOOKUP_DOMAIN
,
2225 samr_io_q_lookup_domain
,
2226 samr_io_r_lookup_domain
,
2227 NT_STATUS_UNSUCCESSFUL
);
2229 /* Return output parameters */
2233 if (NT_STATUS_IS_OK(result
))
2234 sid_copy(sid
, &r
.dom_sid
.sid
);