search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r14190: Coverity bug #33. Missing initialization of pipe_hnd.
[Samba/nascimento.git] / source3 / rpc_client / cli_lsarpc.c
blob58443023f21cc28c88fc4891b274eec9a52748da
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002
7 Copyright (C) Jeremy Allison 2005.
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 /** @defgroup lsa LSA - Local Security Architecture
27 * @ingroup rpc_client
28 *
29 * @{
30 **/
31
32 /**
33 * @file cli_lsarpc.c
34 *
35 * RPC client routines for the LSA RPC pipe. LSA means "local
36 * security authority", which is half of a password database.
37 **/
38
39 /** Open a LSA policy handle
40 *
41 * @param cli Handle on an initialised SMB connection */
42
43 NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
44 TALLOC_CTX *mem_ctx,
45 BOOL sec_qos, uint32 des_access,
46 POLICY_HND *pol)
47 {
48 prs_struct qbuf, rbuf;
49 LSA_Q_OPEN_POL q;
50 LSA_R_OPEN_POL r;
51 LSA_SEC_QOS qos;
52 NTSTATUS result;
53
54 ZERO_STRUCT(q);
55 ZERO_STRUCT(r);
56
57 /* Initialise input parameters */
58
59 if (sec_qos) {
60 init_lsa_sec_qos(&qos, 2, 1, 0);
61 init_q_open_pol(&q, '\\', 0, des_access, &qos);
62 } else {
63 init_q_open_pol(&q, '\\', 0, des_access, NULL);
64 }
65
66 /* Marshall data and send request */
67
68 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY,
69 q, r,
70 qbuf, rbuf,
71 lsa_io_q_open_pol,
72 lsa_io_r_open_pol,
73 NT_STATUS_UNSUCCESSFUL );
74
75 /* Return output parameters */
76
77 result = r.status;
78
79 if (NT_STATUS_IS_OK(result)) {
80 *pol = r.pol;
81 #ifdef __INSURE__
82 pol->marker = MALLOC(1);
83 #endif
84 }
85
86 return result;
87 }
88
89 /** Open a LSA policy handle
90 *
91 * @param cli Handle on an initialised SMB connection
92 */
93
94 NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
95 TALLOC_CTX *mem_ctx, BOOL sec_qos,
96 uint32 des_access, POLICY_HND *pol)
97 {
98 prs_struct qbuf, rbuf;
99 LSA_Q_OPEN_POL2 q;
100 LSA_R_OPEN_POL2 r;
101 LSA_SEC_QOS qos;
102 NTSTATUS result;
103 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
104
105 ZERO_STRUCT(q);
106 ZERO_STRUCT(r);
107
108 if (sec_qos) {
109 init_lsa_sec_qos(&qos, 2, 1, 0);
110 init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos);
111 } else {
112 init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL);
113 }
114
115 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2,
116 q, r,
117 qbuf, rbuf,
118 lsa_io_q_open_pol2,
119 lsa_io_r_open_pol2,
120 NT_STATUS_UNSUCCESSFUL );
121
122 /* Return output parameters */
123
124 result = r.status;
125
126 if (NT_STATUS_IS_OK(result)) {
127 *pol = r.pol;
128 #ifdef __INSURE__
129 pol->marker = (char *)malloc(1);
130 #endif
131 }
132
133 return result;
134 }
135
136 /** Close a LSA policy handle */
137
138 NTSTATUS rpccli_lsa_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
139 POLICY_HND *pol)
140 {
141 prs_struct qbuf, rbuf;
142 LSA_Q_CLOSE q;
143 LSA_R_CLOSE r;
144 NTSTATUS result;
145
146 ZERO_STRUCT(q);
147 ZERO_STRUCT(r);
148
149 init_lsa_q_close(&q, pol);
150
151 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CLOSE,
152 q, r,
153 qbuf, rbuf,
154 lsa_io_q_close,
155 lsa_io_r_close,
156 NT_STATUS_UNSUCCESSFUL );
157
158 /* Return output parameters */
159
160 result = r.status;
161
162 if (NT_STATUS_IS_OK(result)) {
163 #ifdef __INSURE__
164 SAFE_FREE(pol->marker);
165 #endif
166 *pol = r.pol;
167 }
168
169 return result;
170 }
171
172 /** Lookup a list of sids */
173
174 NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
175 TALLOC_CTX *mem_ctx,
176 POLICY_HND *pol, int num_sids,
177 const DOM_SID *sids,
178 char ***domains, char ***names, uint32 **types)
179 {
180 prs_struct qbuf, rbuf;
181 LSA_Q_LOOKUP_SIDS q;
182 LSA_R_LOOKUP_SIDS r;
183 DOM_R_REF ref;
184 LSA_TRANS_NAME_ENUM t_names;
185 NTSTATUS result = NT_STATUS_OK;
186 int i;
187
188 ZERO_STRUCT(q);
189 ZERO_STRUCT(r);
190
191 init_q_lookup_sids(mem_ctx, &q, pol, num_sids, sids, 1);
192
193 ZERO_STRUCT(ref);
194 ZERO_STRUCT(t_names);
195
196 r.dom_ref = &ref;
197 r.names = &t_names;
198
199 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
200 q, r,
201 qbuf, rbuf,
202 lsa_io_q_lookup_sids,
203 lsa_io_r_lookup_sids,
204 NT_STATUS_UNSUCCESSFUL );
205
206 if (!NT_STATUS_IS_OK(r.status) &&
207 NT_STATUS_V(r.status) != NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
208
209 /* An actual error occured */
210 result = r.status;
211
212 goto done;
213 }
214
215 /* Return output parameters */
216
217 if (r.mapped_count == 0) {
218 result = NT_STATUS_NONE_MAPPED;
219 goto done;
220 }
221
222 if (!((*domains) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
223 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
224 result = NT_STATUS_UNSUCCESSFUL;
225 goto done;
226 }
227
228 if (!((*names) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
229 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
230 result = NT_STATUS_UNSUCCESSFUL;
231 goto done;
232 }
233
234 if (!((*types) = TALLOC_ARRAY(mem_ctx, uint32, num_sids))) {
235 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
236 result = NT_STATUS_UNSUCCESSFUL;
237 goto done;
238 }
239
240 for (i = 0; i < num_sids; i++) {
241 fstring name, dom_name;
242 uint32 dom_idx = t_names.name[i].domain_idx;
243
244 /* Translate optimised name through domain index array */
245
246 if (dom_idx != 0xffffffff) {
247
248 rpcstr_pull_unistr2_fstring(
249 dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
250 rpcstr_pull_unistr2_fstring(
251 name, &t_names.uni_name[i]);
252
253 (*names)[i] = talloc_strdup(mem_ctx, name);
254 (*domains)[i] = talloc_strdup(mem_ctx, dom_name);
255 (*types)[i] = t_names.name[i].sid_name_use;
256
257 if (((*names)[i] == NULL) || ((*domains)[i] == NULL)) {
258 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
259 result = NT_STATUS_UNSUCCESSFUL;
260 goto done;
261 }
262
263 } else {
264 (*names)[i] = NULL;
265 (*domains)[i] = NULL;
266 (*types)[i] = SID_NAME_UNKNOWN;
267 }
268 }
269
270 done:
271
272 return result;
273 }
274
275 /** Lookup a list of names */
276
277 NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
278 TALLOC_CTX *mem_ctx,
279 POLICY_HND *pol, int num_names,
280 const char **names,
281 const char ***dom_names,
282 DOM_SID **sids,
283 uint32 **types)
284 {
285 prs_struct qbuf, rbuf;
286 LSA_Q_LOOKUP_NAMES q;
287 LSA_R_LOOKUP_NAMES r;
288 DOM_R_REF ref;
289 NTSTATUS result;
290 int i;
291
292 ZERO_STRUCT(q);
293 ZERO_STRUCT(r);
294
295 ZERO_STRUCT(ref);
296 r.dom_ref = &ref;
297
298 init_q_lookup_names(mem_ctx, &q, pol, num_names, names);
299
300 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
301 q, r,
302 qbuf, rbuf,
303 lsa_io_q_lookup_names,
304 lsa_io_r_lookup_names,
305 NT_STATUS_UNSUCCESSFUL);
306
307 result = r.status;
308
309 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
310 NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
311
312 /* An actual error occured */
313
314 goto done;
315 }
316
317 /* Return output parameters */
318
319 if (r.mapped_count == 0) {
320 result = NT_STATUS_NONE_MAPPED;
321 goto done;
322 }
323
324 if (!((*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, num_names)))) {
325 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
326 result = NT_STATUS_UNSUCCESSFUL;
327 goto done;
328 }
329
330 if (!((*types = TALLOC_ARRAY(mem_ctx, uint32, num_names)))) {
331 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
332 result = NT_STATUS_UNSUCCESSFUL;
333 goto done;
334 }
335
336 if (dom_names != NULL) {
337 *dom_names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
338 if (*dom_names == NULL) {
339 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
340 result = NT_STATUS_NO_MEMORY;
341 goto done;
342 }
343 }
344
345 for (i = 0; i < num_names; i++) {
346 DOM_RID *t_rids = r.dom_rid;
347 uint32 dom_idx = t_rids[i].rid_idx;
348 uint32 dom_rid = t_rids[i].rid;
349 DOM_SID *sid = &(*sids)[i];
350
351 /* Translate optimised sid through domain index array */
352
353 if (dom_idx == 0xffffffff) {
354 /* Nothing to do, this is unknown */
355 ZERO_STRUCTP(sid);
356 (*types)[i] = SID_NAME_UNKNOWN;
357 continue;
358 }
359
360 sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
361
362 if (dom_rid != 0xffffffff) {
363 sid_append_rid(sid, dom_rid);
364 }
365
366 (*types)[i] = t_rids[i].type;
367
368 if (dom_names == NULL) {
369 continue;
370 }
371
372 (*dom_names)[i] = rpcstr_pull_unistr2_talloc(
373 *dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
374 }
375
376 done:
377
378 return result;
379 }
380
381 /** Query info policy
382 *
383 * @param domain_sid - returned remote server's domain sid */
384
385 NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli,
386 TALLOC_CTX *mem_ctx,
387 POLICY_HND *pol, uint16 info_class,
388 char **domain_name, DOM_SID **domain_sid)
389 {
390 prs_struct qbuf, rbuf;
391 LSA_Q_QUERY_INFO q;
392 LSA_R_QUERY_INFO r;
393 NTSTATUS result;
394
395 ZERO_STRUCT(q);
396 ZERO_STRUCT(r);
397
398 init_q_query(&q, pol, info_class);
399
400 CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
401 q, r,
402 qbuf, rbuf,
403 lsa_io_q_query,
404 lsa_io_r_query,
405 NT_STATUS_UNSUCCESSFUL);
406
407 result = r.status;
408
409 if (!NT_STATUS_IS_OK(result)) {
410 goto done;
411 }
412
413 /* Return output parameters */
414
415 switch (info_class) {
416
417 case 3:
418 if (domain_name && (r.dom.id3.buffer_dom_name != 0)) {
419 *domain_name = unistr2_tdup(mem_ctx,
420 &r.dom.id3.
421 uni_domain_name);
422 }
423
424 if (domain_sid && (r.dom.id3.buffer_dom_sid != 0)) {
425 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
426 if (*domain_sid) {
427 sid_copy(*domain_sid, &r.dom.id3.dom_sid.sid);
428 }
429 }
430
431 break;
432
433 case 5:
434
435 if (domain_name && (r.dom.id5.buffer_dom_name != 0)) {
436 *domain_name = unistr2_tdup(mem_ctx,
437 &r.dom.id5.
438 uni_domain_name);
439 }
440
441 if (domain_sid && (r.dom.id5.buffer_dom_sid != 0)) {
442 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
443 if (*domain_sid) {
444 sid_copy(*domain_sid, &r.dom.id5.dom_sid.sid);
445 }
446 }
447 break;
448
449 default:
450 DEBUG(3, ("unknown info class %d\n", info_class));
451 break;
452 }
453
454 done:
455
456 return result;
457 }
458
459 /** Query info policy2
460 *
461 * @param domain_name - returned remote server's domain name
462 * @param dns_name - returned remote server's dns domain name
463 * @param forest_name - returned remote server's forest name
464 * @param domain_guid - returned remote server's domain guid
465 * @param domain_sid - returned remote server's domain sid */
466
467 NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli,
468 TALLOC_CTX *mem_ctx,
469 POLICY_HND *pol, uint16 info_class,
470 char **domain_name, char **dns_name,
471 char **forest_name,
472 struct uuid **domain_guid,
473 DOM_SID **domain_sid)
474 {
475 prs_struct qbuf, rbuf;
476 LSA_Q_QUERY_INFO2 q;
477 LSA_R_QUERY_INFO2 r;
478 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
479
480 if (info_class != 12)
481 goto done;
482
483 ZERO_STRUCT(q);
484 ZERO_STRUCT(r);
485
486 init_q_query2(&q, pol, info_class);
487
488 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
489 q, r,
490 qbuf, rbuf,
491 lsa_io_q_query_info2,
492 lsa_io_r_query_info2,
493 NT_STATUS_UNSUCCESSFUL);
494
495 result = r.status;
496
497 if (!NT_STATUS_IS_OK(result)) {
498 goto done;
499 }
500
501 /* Return output parameters */
502
503 ZERO_STRUCTP(domain_guid);
504
505 if (domain_name && r.info.dns_dom_info.hdr_nb_dom_name.buffer) {
506 *domain_name = unistr2_tdup(mem_ctx,
507 &r.info.dns_dom_info
508 .uni_nb_dom_name);
509 }
510 if (dns_name && r.info.dns_dom_info.hdr_dns_dom_name.buffer) {
511 *dns_name = unistr2_tdup(mem_ctx,
512 &r.info.dns_dom_info
513 .uni_dns_dom_name);
514 }
515 if (forest_name && r.info.dns_dom_info.hdr_forest_name.buffer) {
516 *forest_name = unistr2_tdup(mem_ctx,
517 &r.info.dns_dom_info
518 .uni_forest_name);
519 }
520
521 if (domain_guid) {
522 *domain_guid = TALLOC_P(mem_ctx, struct uuid);
523 memcpy(*domain_guid,
524 &r.info.dns_dom_info.dom_guid,
525 sizeof(struct uuid));
526 }
527
528 if (domain_sid && r.info.dns_dom_info.ptr_dom_sid != 0) {
529 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
530 if (*domain_sid) {
531 sid_copy(*domain_sid,
532 &r.info.dns_dom_info.dom_sid.sid);
533 }
534 }
535
536 done:
537
538 return result;
539 }
540
541 /**
542 * Enumerate list of trusted domains
543 *
544 * @param cli client state (cli_state) structure of the connection
545 * @param mem_ctx memory context
546 * @param pol opened lsa policy handle
547 * @param enum_ctx enumeration context ie. index of first returned domain entry
548 * @param pref_num_domains preferred max number of entries returned in one response
549 * @param num_domains total number of trusted domains returned by response
550 * @param domain_names returned trusted domain names
551 * @param domain_sids returned trusted domain sids
552 *
553 * @return nt status code of response
554 **/
555
556 NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
557 TALLOC_CTX *mem_ctx,
558 POLICY_HND *pol, uint32 *enum_ctx,
559 uint32 *num_domains,
560 char ***domain_names, DOM_SID **domain_sids)
561 {
562 prs_struct qbuf, rbuf;
563 LSA_Q_ENUM_TRUST_DOM in;
564 LSA_R_ENUM_TRUST_DOM out;
565 int i;
566 fstring tmp;
567
568 ZERO_STRUCT(in);
569 ZERO_STRUCT(out);
570
571 /* 64k is enough for about 2000 trusted domains */
572
573 init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000);
574
575 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM,
576 in, out,
577 qbuf, rbuf,
578 lsa_io_q_enum_trust_dom,
579 lsa_io_r_enum_trust_dom,
580 NT_STATUS_UNSUCCESSFUL );
581
582
583 /* check for an actual error */
584
585 if ( !NT_STATUS_IS_OK(out.status)
586 && !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES)
587 && !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) )
588 {
589 return out.status;
590 }
591
592 /* Return output parameters */
593
594 *num_domains = out.count;
595 *enum_ctx = out.enum_context;
596
597 if ( out.count ) {
598
599 /* Allocate memory for trusted domain names and sids */
600
601 if ( !(*domain_names = TALLOC_ARRAY(mem_ctx, char *, out.count)) ) {
602 DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
603 return NT_STATUS_NO_MEMORY;
604 }
605
606 if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) {
607 DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
608 return NT_STATUS_NO_MEMORY;
609 }
610
611 /* Copy across names and sids */
612
613 for (i = 0; i < out.count; i++) {
614
615 rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer,
616 sizeof(tmp), out.domlist->domains[i].name.length, 0);
617 (*domain_names)[i] = talloc_strdup(mem_ctx, tmp);
618
619 sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid );
620 }
621 }
622
623 return out.status;
624 }
625
626 /** Enumerate privileges*/
627
628 NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
629 POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length,
630 uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low)
631 {
632 prs_struct qbuf, rbuf;
633 LSA_Q_ENUM_PRIVS q;
634 LSA_R_ENUM_PRIVS r;
635 NTSTATUS result;
636 int i;
637
638 ZERO_STRUCT(q);
639 ZERO_STRUCT(r);
640
641 init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
642
643 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS,
644 q, r,
645 qbuf, rbuf,
646 lsa_io_q_enum_privs,
647 lsa_io_r_enum_privs,
648 NT_STATUS_UNSUCCESSFUL);
649
650 result = r.status;
651
652 if (!NT_STATUS_IS_OK(result)) {
653 goto done;
654 }
655
656 /* Return output parameters */
657
658 *enum_context = r.enum_context;
659 *count = r.count;
660
661 if (!((*privs_name = TALLOC_ARRAY(mem_ctx, char *, r.count)))) {
662 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
663 result = NT_STATUS_UNSUCCESSFUL;
664 goto done;
665 }
666
667 if (!((*privs_high = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
668 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
669 result = NT_STATUS_UNSUCCESSFUL;
670 goto done;
671 }
672
673 if (!((*privs_low = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
674 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
675 result = NT_STATUS_UNSUCCESSFUL;
676 goto done;
677 }
678
679 for (i = 0; i < r.count; i++) {
680 fstring name;
681
682 rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
683
684 (*privs_name)[i] = talloc_strdup(mem_ctx, name);
685
686 (*privs_high)[i] = r.privs[i].luid_high;
687 (*privs_low)[i] = r.privs[i].luid_low;
688 }
689
690 done:
691
692 return result;
693 }
694
695 /** Get privilege name */
696
697 NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
698 POLICY_HND *pol, const char *name,
699 uint16 lang_id, uint16 lang_id_sys,
700 fstring description, uint16 *lang_id_desc)
701 {
702 prs_struct qbuf, rbuf;
703 LSA_Q_PRIV_GET_DISPNAME q;
704 LSA_R_PRIV_GET_DISPNAME r;
705 NTSTATUS result;
706
707 ZERO_STRUCT(q);
708 ZERO_STRUCT(r);
709
710 init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys);
711
712 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME,
713 q, r,
714 qbuf, rbuf,
715 lsa_io_q_priv_get_dispname,
716 lsa_io_r_priv_get_dispname,
717 NT_STATUS_UNSUCCESSFUL);
718
719 result = r.status;
720
721 if (!NT_STATUS_IS_OK(result)) {
722 goto done;
723 }
724
725 /* Return output parameters */
726
727 rpcstr_pull_unistr2_fstring(description , &r.desc);
728 *lang_id_desc = r.lang_id;
729
730 done:
731
732 return result;
733 }
734
735 /** Enumerate list of SIDs */
736
737 NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
738 POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length,
739 uint32 *num_sids, DOM_SID **sids)
740 {
741 prs_struct qbuf, rbuf;
742 LSA_Q_ENUM_ACCOUNTS q;
743 LSA_R_ENUM_ACCOUNTS r;
744 NTSTATUS result;
745 int i;
746
747 ZERO_STRUCT(q);
748 ZERO_STRUCT(r);
749
750 init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
751
752 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
753 q, r,
754 qbuf, rbuf,
755 lsa_io_q_enum_accounts,
756 lsa_io_r_enum_accounts,
757 NT_STATUS_UNSUCCESSFUL);
758
759 result = r.status;
760
761 if (!NT_STATUS_IS_OK(result)) {
762 goto done;
763 }
764
765 if (r.sids.num_entries==0)
766 goto done;
767
768 /* Return output parameters */
769
770 *sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
771 if (!*sids) {
772 DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
773 result = NT_STATUS_UNSUCCESSFUL;
774 goto done;
775 }
776
777 /* Copy across names and sids */
778
779 for (i = 0; i < r.sids.num_entries; i++) {
780 sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
781 }
782
783 *num_sids= r.sids.num_entries;
784 *enum_ctx = r.enum_context;
785
786 done:
787
788 return result;
789 }
790
791 /** Create a LSA user handle
792 *
793 * @param cli Handle on an initialised SMB connection
794 *
795 * FIXME: The code is actually identical to open account
796 * TODO: Check and code what the function should exactly do
797 *
798 * */
799
800 NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
801 POLICY_HND *dom_pol, DOM_SID *sid, uint32 desired_access,
802 POLICY_HND *user_pol)
803 {
804 prs_struct qbuf, rbuf;
805 LSA_Q_CREATEACCOUNT q;
806 LSA_R_CREATEACCOUNT r;
807 NTSTATUS result;
808
809 ZERO_STRUCT(q);
810 ZERO_STRUCT(r);
811
812 /* Initialise input parameters */
813
814 init_lsa_q_create_account(&q, dom_pol, sid, desired_access);
815
816 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT,
817 q, r,
818 qbuf, rbuf,
819 lsa_io_q_create_account,
820 lsa_io_r_create_account,
821 NT_STATUS_UNSUCCESSFUL);
822
823 /* Return output parameters */
824
825 result = r.status;
826
827 if (NT_STATUS_IS_OK(result)) {
828 *user_pol = r.pol;
829 }
830
831 return result;
832 }
833
834 /** Open a LSA user handle
835 *
836 * @param cli Handle on an initialised SMB connection */
837
838 NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
839 POLICY_HND *dom_pol, DOM_SID *sid, uint32 des_access,
840 POLICY_HND *user_pol)
841 {
842 prs_struct qbuf, rbuf;
843 LSA_Q_OPENACCOUNT q;
844 LSA_R_OPENACCOUNT r;
845 NTSTATUS result;
846
847 ZERO_STRUCT(q);
848 ZERO_STRUCT(r);
849
850 /* Initialise input parameters */
851
852 init_lsa_q_open_account(&q, dom_pol, sid, des_access);
853
854 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT,
855 q, r,
856 qbuf, rbuf,
857 lsa_io_q_open_account,
858 lsa_io_r_open_account,
859 NT_STATUS_UNSUCCESSFUL);
860
861 /* Return output parameters */
862
863 result = r.status;
864
865 if (NT_STATUS_IS_OK(result)) {
866 *user_pol = r.pol;
867 }
868
869 return result;
870 }
871
872 /** Enumerate user privileges
873 *
874 * @param cli Handle on an initialised SMB connection */
875
876 NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
877 POLICY_HND *pol, uint32 *count, LUID_ATTR **set)
878 {
879 prs_struct qbuf, rbuf;
880 LSA_Q_ENUMPRIVSACCOUNT q;
881 LSA_R_ENUMPRIVSACCOUNT r;
882 NTSTATUS result;
883 int i;
884
885 ZERO_STRUCT(q);
886 ZERO_STRUCT(r);
887
888 /* Initialise input parameters */
889
890 init_lsa_q_enum_privsaccount(&q, pol);
891
892 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
893 q, r,
894 qbuf, rbuf,
895 lsa_io_q_enum_privsaccount,
896 lsa_io_r_enum_privsaccount,
897 NT_STATUS_UNSUCCESSFUL);
898
899 /* Return output parameters */
900
901 result = r.status;
902
903 if (!NT_STATUS_IS_OK(result)) {
904 goto done;
905 }
906
907 if (r.count == 0)
908 goto done;
909
910 if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
911 DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
912 result = NT_STATUS_UNSUCCESSFUL;
913 goto done;
914 }
915
916 for (i=0; i<r.count; i++) {
917 (*set)[i].luid.low = r.set.set[i].luid.low;
918 (*set)[i].luid.high = r.set.set[i].luid.high;
919 (*set)[i].attr = r.set.set[i].attr;
920 }
921
922 *count=r.count;
923 done:
924
925 return result;
926 }
927
928 /** Get a privilege value given its name */
929
930 NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
931 POLICY_HND *pol, const char *name, LUID *luid)
932 {
933 prs_struct qbuf, rbuf;
934 LSA_Q_LOOKUP_PRIV_VALUE q;
935 LSA_R_LOOKUP_PRIV_VALUE r;
936 NTSTATUS result;
937
938 ZERO_STRUCT(q);
939 ZERO_STRUCT(r);
940
941 /* Marshall data and send request */
942
943 init_lsa_q_lookup_priv_value(&q, pol, name);
944
945 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE,
946 q, r,
947 qbuf, rbuf,
948 lsa_io_q_lookup_priv_value,
949 lsa_io_r_lookup_priv_value,
950 NT_STATUS_UNSUCCESSFUL);
951
952 result = r.status;
953
954 if (!NT_STATUS_IS_OK(result)) {
955 goto done;
956 }
957
958 /* Return output parameters */
959
960 (*luid).low=r.luid.low;
961 (*luid).high=r.luid.high;
962
963 done:
964
965 return result;
966 }
967
968 /** Query LSA security object */
969
970 NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
971 POLICY_HND *pol, uint32 sec_info,
972 SEC_DESC_BUF **psdb)
973 {
974 prs_struct qbuf, rbuf;
975 LSA_Q_QUERY_SEC_OBJ q;
976 LSA_R_QUERY_SEC_OBJ r;
977 NTSTATUS result;
978
979 ZERO_STRUCT(q);
980 ZERO_STRUCT(r);
981
982 /* Marshall data and send request */
983
984 init_q_query_sec_obj(&q, pol, sec_info);
985
986 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ,
987 q, r,
988 qbuf, rbuf,
989 lsa_io_q_query_sec_obj,
990 lsa_io_r_query_sec_obj,
991 NT_STATUS_UNSUCCESSFUL);
992
993 result = r.status;
994
995 if (!NT_STATUS_IS_OK(result)) {
996 goto done;
997 }
998
999 /* Return output parameters */
1000
1001 if (psdb)
1002 *psdb = r.buf;
1003
1004 done:
1005
1006 return result;
1007 }
1008
1009
1010 /* Enumerate account rights This is similar to enum_privileges but
1011 takes a SID directly, avoiding the open_account call.
1012 */
1013
1014 NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1015 POLICY_HND *pol, DOM_SID *sid,
1016 uint32 *count, char ***priv_names)
1017 {
1018 prs_struct qbuf, rbuf;
1019 LSA_Q_ENUM_ACCT_RIGHTS q;
1020 LSA_R_ENUM_ACCT_RIGHTS r;
1021 NTSTATUS result;
1022 int i;
1023 fstring *privileges;
1024 char **names;
1025
1026 ZERO_STRUCT(q);
1027 ZERO_STRUCT(r);
1028
1029 /* Marshall data and send request */
1030 init_q_enum_acct_rights(&q, pol, 2, sid);
1031
1032 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS,
1033 q, r,
1034 qbuf, rbuf,
1035 lsa_io_q_enum_acct_rights,
1036 lsa_io_r_enum_acct_rights,
1037 NT_STATUS_UNSUCCESSFUL);
1038
1039 result = r.status;
1040
1041 if (!NT_STATUS_IS_OK(result)) {
1042 goto done;
1043 }
1044
1045 *count = r.count;
1046 if (! *count) {
1047 goto done;
1048 }
1049
1050
1051 privileges = TALLOC_ARRAY( mem_ctx, fstring, *count );
1052 names = TALLOC_ARRAY( mem_ctx, char *, *count );
1053
1054 for ( i=0; i<*count; i++ ) {
1055 UNISTR4 *uni_string = &r.rights->strings[i];
1056
1057 if ( !uni_string->string )
1058 continue;
1059
1060 rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
1061
1062 /* now copy to the return array */
1063 names[i] = talloc_strdup( mem_ctx, privileges[i] );
1064 }
1065
1066 *priv_names = names;
1067
1068 done:
1069
1070 return result;
1071 }
1072
1073
1074
1075 /* add account rights to an account. */
1076
1077 NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1078 POLICY_HND *pol, DOM_SID sid,
1079 uint32 count, const char **privs_name)
1080 {
1081 prs_struct qbuf, rbuf;
1082 LSA_Q_ADD_ACCT_RIGHTS q;
1083 LSA_R_ADD_ACCT_RIGHTS r;
1084 NTSTATUS result;
1085
1086 ZERO_STRUCT(q);
1087 ZERO_STRUCT(r);
1088
1089 /* Marshall data and send request */
1090 init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
1091
1092 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
1093 q, r,
1094 qbuf, rbuf,
1095 lsa_io_q_add_acct_rights,
1096 lsa_io_r_add_acct_rights,
1097 NT_STATUS_UNSUCCESSFUL);
1098
1099 result = r.status;
1100
1101 if (!NT_STATUS_IS_OK(result)) {
1102 goto done;
1103 }
1104 done:
1105
1106 return result;
1107 }
1108
1109
1110 /* remove account rights for an account. */
1111
1112 NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1113 POLICY_HND *pol, DOM_SID sid, BOOL removeall,
1114 uint32 count, const char **privs_name)
1115 {
1116 prs_struct qbuf, rbuf;
1117 LSA_Q_REMOVE_ACCT_RIGHTS q;
1118 LSA_R_REMOVE_ACCT_RIGHTS r;
1119 NTSTATUS result;
1120
1121 ZERO_STRUCT(q);
1122 ZERO_STRUCT(r);
1123
1124 /* Marshall data and send request */
1125 init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
1126
1127 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
1128 q, r,
1129 qbuf, rbuf,
1130 lsa_io_q_remove_acct_rights,
1131 lsa_io_r_remove_acct_rights,
1132 NT_STATUS_UNSUCCESSFUL);
1133
1134 result = r.status;
1135
1136 if (!NT_STATUS_IS_OK(result)) {
1137 goto done;
1138 }
1139 done:
1140
1141 return result;
1142 }
1143
1144
1145 #if 0
1146
1147 /** An example of how to use the routines in this file. Fetch a DOMAIN
1148 sid. Does complete cli setup / teardown anonymously. */
1149
1150 BOOL fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
1151 {
1152 extern pstring global_myname;
1153 struct cli_state cli;
1154 NTSTATUS result;
1155 POLICY_HND lsa_pol;
1156 BOOL ret = False;
1157
1158 ZERO_STRUCT(cli);
1159 if(cli_initialise(&cli) == False) {
1160 DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
1161 return False;
1162 }
1163
1164 if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
1165 DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
1166 goto done;
1167 }
1168
1169 if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
1170 DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
1171 machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1172 goto done;
1173 }
1174
1175 if (!attempt_netbios_session_request(&cli, global_myname, remote_machine, &cli.dest_ip)) {
1176 DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
1177 remote_machine));
1178 goto done;
1179 }
1180
1181 cli.protocol = PROTOCOL_NT1;
1182
1183 if (!cli_negprot(&cli)) {
1184 DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
1185 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1186 goto done;
1187 }
1188
1189 if (cli.protocol != PROTOCOL_NT1) {
1190 DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
1191 remote_machine));
1192 goto done;
1193 }
1194
1195 /*
1196 * Do an anonymous session setup.
1197 */
1198
1199 if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
1200 DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
1201 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1202 goto done;
1203 }
1204
1205 if (!(cli.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
1206 DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
1207 remote_machine));
1208 goto done;
1209 }
1210
1211 if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
1212 DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
1213 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1214 goto done;
1215 }
1216
1217 /* Fetch domain sid */
1218
1219 if (!cli_nt_session_open(&cli, PI_LSARPC)) {
1220 DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
1221 goto done;
1222 }
1223
1224 result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
1225 if (!NT_STATUS_IS_OK(result)) {
1226 DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
1227 nt_errstr(result) ));
1228 goto done;
1229 }
1230
1231 result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
1232 if (!NT_STATUS_IS_OK(result)) {
1233 DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
1234 nt_errstr(result) ));
1235 goto done;
1236 }
1237
1238 ret = True;
1239
1240 done:
1241
1242 cli_shutdown(&cli);
1243 return ret;
1244 }
1245
1246 #endif
1247
1248 NTSTATUS rpccli_lsa_open_trusted_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1249 POLICY_HND *pol, DOM_SID *dom_sid, uint32 access_mask,
1250 POLICY_HND *trustdom_pol)
1251 {
1252 prs_struct qbuf, rbuf;
1253 LSA_Q_OPEN_TRUSTED_DOMAIN q;
1254 LSA_R_OPEN_TRUSTED_DOMAIN r;
1255 NTSTATUS result;
1256
1257 ZERO_STRUCT(q);
1258 ZERO_STRUCT(r);
1259
1260 /* Initialise input parameters */
1261
1262 init_lsa_q_open_trusted_domain(&q, pol, dom_sid, access_mask);
1263
1264 /* Marshall data and send request */
1265
1266 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENTRUSTDOM,
1267 q, r,
1268 qbuf, rbuf,
1269 lsa_io_q_open_trusted_domain,
1270 lsa_io_r_open_trusted_domain,
1271 NT_STATUS_UNSUCCESSFUL);
1272
1273 /* Return output parameters */
1274
1275 result = r.status;
1276
1277 if (NT_STATUS_IS_OK(result)) {
1278 *trustdom_pol = r.handle;
1279 }
1280
1281 return result;
1282 }
1283
1284 NTSTATUS rpccli_lsa_query_trusted_domain_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1285 POLICY_HND *pol,
1286 uint16 info_class,
1287 LSA_TRUSTED_DOMAIN_INFO **info)
1288 {
1289 prs_struct qbuf, rbuf;
1290 LSA_Q_QUERY_TRUSTED_DOMAIN_INFO q;
1291 LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1292 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1293
1294 ZERO_STRUCT(q);
1295 ZERO_STRUCT(r);
1296
1297 /* Marshall data and send request */
1298
1299 init_q_query_trusted_domain_info(&q, pol, info_class);
1300
1301 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFO,
1302 q, r,
1303 qbuf, rbuf,
1304 lsa_io_q_query_trusted_domain_info,
1305 lsa_io_r_query_trusted_domain_info,
1306 NT_STATUS_UNSUCCESSFUL);
1307
1308 result = r.status;
1309
1310 if (!NT_STATUS_IS_OK(result)) {
1311 goto done;
1312 }
1313
1314 *info = r.info;
1315
1316 done:
1317 return result;
1318 }
1319
1320 NTSTATUS rpccli_lsa_open_trusted_domain_by_name(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1321 POLICY_HND *pol, const char *name, uint32 access_mask,
1322 POLICY_HND *trustdom_pol)
1323 {
1324 prs_struct qbuf, rbuf;
1325 LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME q;
1326 LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME r;
1327 NTSTATUS result;
1328
1329 ZERO_STRUCT(q);
1330 ZERO_STRUCT(r);
1331
1332 /* Initialise input parameters */
1333
1334 init_lsa_q_open_trusted_domain_by_name(&q, pol, name, access_mask);
1335
1336 /* Marshall data and send request */
1337
1338 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENTRUSTDOMBYNAME,
1339 q, r,
1340 qbuf, rbuf,
1341 lsa_io_q_open_trusted_domain_by_name,
1342 lsa_io_r_open_trusted_domain_by_name,
1343 NT_STATUS_UNSUCCESSFUL);
1344
1345 /* Return output parameters */
1346
1347 result = r.status;
1348
1349 if (NT_STATUS_IS_OK(result)) {
1350 *trustdom_pol = r.handle;
1351 }
1352
1353 return result;
1354 }
1355
1356
1357 NTSTATUS rpccli_lsa_query_trusted_domain_info_by_sid(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1358 POLICY_HND *pol,
1359 uint16 info_class, DOM_SID *dom_sid,
1360 LSA_TRUSTED_DOMAIN_INFO **info)
1361 {
1362 prs_struct qbuf, rbuf;
1363 LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID q;
1364 LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1365 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1366
1367 ZERO_STRUCT(q);
1368 ZERO_STRUCT(r);
1369
1370 /* Marshall data and send request */
1371
1372 init_q_query_trusted_domain_info_by_sid(&q, pol, info_class, dom_sid);
1373
1374 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYSID,
1375 q, r,
1376 qbuf, rbuf,
1377 lsa_io_q_query_trusted_domain_info_by_sid,
1378 lsa_io_r_query_trusted_domain_info,
1379 NT_STATUS_UNSUCCESSFUL);
1380
1381 result = r.status;
1382
1383 if (!NT_STATUS_IS_OK(result)) {
1384 goto done;
1385 }
1386
1387 *info = r.info;
1388
1389 done:
1390
1391 return result;
1392 }
1393
1394 NTSTATUS rpccli_lsa_query_trusted_domain_info_by_name(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1395 POLICY_HND *pol,
1396 uint16 info_class, const char *domain_name,
1397 LSA_TRUSTED_DOMAIN_INFO **info)
1398 {
1399 prs_struct qbuf, rbuf;
1400 LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME q;
1401 LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1402 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1403
1404 ZERO_STRUCT(q);
1405 ZERO_STRUCT(r);
1406
1407 /* Marshall data and send request */
1408
1409 init_q_query_trusted_domain_info_by_name(&q, pol, info_class, domain_name);
1410
1411 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYNAME,
1412 q, r,
1413 qbuf, rbuf,
1414 lsa_io_q_query_trusted_domain_info_by_name,
1415 lsa_io_r_query_trusted_domain_info,
1416 NT_STATUS_UNSUCCESSFUL);
1417
1418 result = r.status;
1419
1420 if (!NT_STATUS_IS_OK(result)) {
1421 goto done;
1422 }
1423
1424 *info = r.info;
1425
1426 done:
1427
1428 return result;
1429 }
1430
1431 NTSTATUS cli_lsa_query_domain_info_policy(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1432 POLICY_HND *pol,
1433 uint16 info_class, LSA_DOM_INFO_UNION **info)
1434 {
1435 prs_struct qbuf, rbuf;
1436 LSA_Q_QUERY_DOM_INFO_POLICY q;
1437 LSA_R_QUERY_DOM_INFO_POLICY r;
1438 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1439
1440 ZERO_STRUCT(q);
1441 ZERO_STRUCT(r);
1442
1443 /* Marshall data and send request */
1444
1445 init_q_query_dom_info(&q, pol, info_class);
1446
1447 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYDOMINFOPOL,
1448 q, r,
1449 qbuf, rbuf,
1450 lsa_io_q_query_dom_info,
1451 lsa_io_r_query_dom_info,
1452 NT_STATUS_UNSUCCESSFUL);
1453
1454 result = r.status;
1455
1456 if (!NT_STATUS_IS_OK(result)) {
1457 goto done;
1458 }
1459
1460 *info = r.info;
1461
1462 done:
1463 return result;
1464 }
1465