source3/rpc_client/cli_samr.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    RPC pipe client
   4    Copyright (C) Tim Potter                        2000-2001,
   5    Copyright (C) Andrew Tridgell              1992-1997,2000,
   6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997,2000,
   7    Copyright (C) Paul Ashton                       1997,2000,
   8    Copyright (C) Elrond                                 2000,
   9    Copyright (C) Rafal Szczesniak                       2002.
  10
  11    This program is free software; you can redistribute it and/or modify
  12    it under the terms of the GNU General Public License as published by
  13    the Free Software Foundation; either version 2 of the License, or
  14    (at your option) any later version.
  15
  16    This program is distributed in the hope that it will be useful,
  17    but WITHOUT ANY WARRANTY; without even the implied warranty of
  18    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19    GNU General Public License for more details.
  20
  21    You should have received a copy of the GNU General Public License
  22    along with this program; if not, write to the Free Software
  23    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  24 */
  25
  26 #include "includes.h"
  27
  28 /* Connect to SAMR database */
  29
  30 NTSTATUS cli_samr_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx,
  31                           uint32 access_mask, POLICY_HND *connect_pol)
  32 {
  33         prs_struct qbuf, rbuf;
  34         SAMR_Q_CONNECT q;
  35         SAMR_R_CONNECT r;
  36         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
  37
  38         ZERO_STRUCT(q);
  39         ZERO_STRUCT(r);
  40
  41         /* Initialise parse structures */
  42
  43         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
  44         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
  45
  46         /* Marshall data and send request */
  47
  48         init_samr_q_connect(&q, cli->desthost, access_mask);
  49
  50         if (!samr_io_q_connect("", &q, &qbuf, 0) ||
  51             !rpc_api_pipe_req(cli, SAMR_CONNECT, &qbuf, &rbuf))
  52                 goto done;
  53
  54         /* Unmarshall response */
  55
  56         if (!samr_io_r_connect("", &r, &rbuf, 0))
  57                 goto done;
  58
  59         /* Return output parameters */
  60
  61         if (NT_STATUS_IS_OK(result = r.status)) {
  62                 *connect_pol = r.connect_pol;
  63 #ifdef __INSURE__
  64                 connect_pol->marker = malloc(1);
  65 #endif
  66         }
  67
  68  done:
  69         prs_mem_free(&qbuf);
  70         prs_mem_free(&rbuf);
  71
  72         return result;
  73 }
  74
  75 /* Connect to SAMR database */
  76
  77 NTSTATUS cli_samr_connect4(struct cli_state *cli, TALLOC_CTX *mem_ctx,
  78                            uint32 access_mask, POLICY_HND *connect_pol)
  79 {
  80         prs_struct qbuf, rbuf;
  81         SAMR_Q_CONNECT4 q;
  82         SAMR_R_CONNECT4 r;
  83         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
  84
  85         ZERO_STRUCT(q);
  86         ZERO_STRUCT(r);
  87
  88         /* Initialise parse structures */
  89
  90         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
  91         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
  92
  93         /* Marshall data and send request */
  94
  95         init_samr_q_connect4(&q, cli->desthost, access_mask);
  96
  97         if (!samr_io_q_connect4("", &q, &qbuf, 0) ||
  98             !rpc_api_pipe_req(cli, SAMR_CONNECT4, &qbuf, &rbuf))
  99                 goto done;
 100
 101         /* Unmarshall response */
 102
 103         if (!samr_io_r_connect4("", &r, &rbuf, 0))
 104                 goto done;
 105
 106         /* Return output parameters */
 107
 108         if (NT_STATUS_IS_OK(result = r.status)) {
 109                 *connect_pol = r.connect_pol;
 110 #ifdef __INSURE__
 111                 connect_pol->marker = malloc(1);
 112 #endif
 113         }
 114
 115  done:
 116         prs_mem_free(&qbuf);
 117         prs_mem_free(&rbuf);
 118
 119         return result;
 120 }
 121
 122 /* Close SAMR handle */
 123
 124 NTSTATUS cli_samr_close(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 125                         POLICY_HND *connect_pol)
 126 {
 127         prs_struct qbuf, rbuf;
 128         SAMR_Q_CLOSE_HND q;
 129         SAMR_R_CLOSE_HND r;
 130         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 131
 132         ZERO_STRUCT(q);
 133         ZERO_STRUCT(r);
 134
 135         /* Initialise parse structures */
 136
 137         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 138         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 139
 140         /* Marshall data and send request */
 141
 142         init_samr_q_close_hnd(&q, connect_pol);
 143
 144         if (!samr_io_q_close_hnd("", &q, &qbuf, 0) ||
 145             !rpc_api_pipe_req(cli, SAMR_CLOSE_HND, &qbuf, &rbuf))
 146                 goto done;
 147
 148         /* Unmarshall response */
 149
 150         if (!samr_io_r_close_hnd("", &r, &rbuf, 0))
 151                 goto done;
 152
 153         /* Return output parameters */
 154
 155         if (NT_STATUS_IS_OK(result = r.status)) {
 156 #ifdef __INSURE__
 157                 SAFE_FREE(connect_pol->marker);
 158 #endif
 159                 *connect_pol = r.pol;
 160         }
 161
 162  done:
 163         prs_mem_free(&qbuf);
 164         prs_mem_free(&rbuf);
 165
 166         return result;
 167 }
 168
 169 /* Open handle on a domain */
 170
 171 NTSTATUS cli_samr_open_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 172                               POLICY_HND *connect_pol, uint32 access_mask,
 173                               const DOM_SID *domain_sid, POLICY_HND *domain_pol)
 174 {
 175         prs_struct qbuf, rbuf;
 176         SAMR_Q_OPEN_DOMAIN q;
 177         SAMR_R_OPEN_DOMAIN r;
 178         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 179
 180         ZERO_STRUCT(q);
 181         ZERO_STRUCT(r);
 182
 183         /* Initialise parse structures */
 184
 185         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 186         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 187
 188         /* Marshall data and send request */
 189
 190         init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
 191
 192         if (!samr_io_q_open_domain("", &q, &qbuf, 0) ||
 193             !rpc_api_pipe_req(cli, SAMR_OPEN_DOMAIN, &qbuf, &rbuf))
 194                 goto done;
 195
 196         /* Unmarshall response */
 197
 198         if (!samr_io_r_open_domain("", &r, &rbuf, 0))
 199                 goto done;
 200
 201         /* Return output parameters */
 202
 203         if (NT_STATUS_IS_OK(result = r.status)) {
 204                 *domain_pol = r.domain_pol;
 205 #ifdef __INSURE__
 206                 domain_pol->marker = malloc(1);
 207 #endif
 208         }
 209
 210  done:
 211         prs_mem_free(&qbuf);
 212         prs_mem_free(&rbuf);
 213
 214         return result;
 215 }
 216
 217 /* Open handle on a user */
 218
 219 NTSTATUS cli_samr_open_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 220                             POLICY_HND *domain_pol, uint32 access_mask,
 221                             uint32 user_rid, POLICY_HND *user_pol)
 222 {
 223         prs_struct qbuf, rbuf;
 224         SAMR_Q_OPEN_USER q;
 225         SAMR_R_OPEN_USER r;
 226         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 227
 228         ZERO_STRUCT(q);
 229         ZERO_STRUCT(r);
 230
 231         /* Initialise parse structures */
 232
 233         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 234         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 235
 236         /* Marshall data and send request */
 237
 238         init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
 239
 240         if (!samr_io_q_open_user("", &q, &qbuf, 0) ||
 241             !rpc_api_pipe_req(cli, SAMR_OPEN_USER, &qbuf, &rbuf))
 242                 goto done;
 243
 244         /* Unmarshall response */
 245
 246         if (!samr_io_r_open_user("", &r, &rbuf, 0))
 247                 goto done;
 248
 249         /* Return output parameters */
 250
 251         if (NT_STATUS_IS_OK(result = r.status)) {
 252                 *user_pol = r.user_pol;
 253 #ifdef __INSURE__
 254                 user_pol->marker = malloc(1);
 255 #endif
 256         }
 257
 258  done:
 259         prs_mem_free(&qbuf);
 260         prs_mem_free(&rbuf);
 261
 262         return result;
 263 }
 264
 265 /* Open handle on a group */
 266
 267 NTSTATUS cli_samr_open_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 268                              POLICY_HND *domain_pol, uint32 access_mask,
 269                              uint32 group_rid, POLICY_HND *group_pol)
 270 {
 271         prs_struct qbuf, rbuf;
 272         SAMR_Q_OPEN_GROUP q;
 273         SAMR_R_OPEN_GROUP r;
 274         NTSTATUS result =  NT_STATUS_UNSUCCESSFUL;
 275
 276         ZERO_STRUCT(q);
 277         ZERO_STRUCT(r);
 278
 279         /* Initialise parse structures */
 280
 281         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 282         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 283
 284         /* Marshall data and send request */
 285
 286         init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
 287
 288         if (!samr_io_q_open_group("", &q, &qbuf, 0) ||
 289             !rpc_api_pipe_req(cli, SAMR_OPEN_GROUP, &qbuf, &rbuf))
 290                 goto done;
 291
 292         /* Unmarshall response */
 293
 294         if (!samr_io_r_open_group("", &r, &rbuf, 0))
 295                 goto done;
 296
 297         /* Return output parameters */
 298
 299         if (NT_STATUS_IS_OK(result = r.status)) {
 300                 *group_pol = r.pol;
 301 #ifdef __INSURE__
 302                 group_pol->marker = malloc(1);
 303 #endif
 304         }
 305
 306  done:
 307         prs_mem_free(&qbuf);
 308         prs_mem_free(&rbuf);
 309
 310         return result;
 311 }
 312
 313 /* Query user info */
 314
 315 NTSTATUS cli_samr_query_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 316                                  POLICY_HND *user_pol, uint16 switch_value,
 317                                  SAM_USERINFO_CTR **ctr)
 318 {
 319         prs_struct qbuf, rbuf;
 320         SAMR_Q_QUERY_USERINFO q;
 321         SAMR_R_QUERY_USERINFO r;
 322         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 323
 324         ZERO_STRUCT(q);
 325         ZERO_STRUCT(r);
 326
 327         /* Initialise parse structures */
 328
 329         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 330         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 331
 332         /* Marshall data and send request */
 333
 334         init_samr_q_query_userinfo(&q, user_pol, switch_value);
 335
 336         if (!samr_io_q_query_userinfo("", &q, &qbuf, 0) ||
 337             !rpc_api_pipe_req(cli, SAMR_QUERY_USERINFO, &qbuf, &rbuf))
 338                 goto done;
 339
 340         /* Unmarshall response */
 341
 342         if (!samr_io_r_query_userinfo("", &r, &rbuf, 0))
 343                 goto done;
 344
 345         /* Return output parameters */
 346
 347         result = r.status;
 348         *ctr = r.ctr;
 349
 350  done:
 351         prs_mem_free(&qbuf);
 352         prs_mem_free(&rbuf);
 353
 354         return result;
 355 }
 356
 357 /* Query group info */
 358
 359 NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 360                                   POLICY_HND *group_pol, uint32 info_level,
 361                                   GROUP_INFO_CTR **ctr)
 362 {
 363         prs_struct qbuf, rbuf;
 364         SAMR_Q_QUERY_GROUPINFO q;
 365         SAMR_R_QUERY_GROUPINFO r;
 366         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 367
 368         ZERO_STRUCT(q);
 369         ZERO_STRUCT(r);
 370
 371         /* Initialise parse structures */
 372
 373         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 374         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 375
 376         /* Marshall data and send request */
 377
 378         init_samr_q_query_groupinfo(&q, group_pol, info_level);
 379
 380         if (!samr_io_q_query_groupinfo("", &q, &qbuf, 0) ||
 381             !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPINFO, &qbuf, &rbuf))
 382                 goto done;
 383
 384         /* Unmarshall response */
 385
 386         if (!samr_io_r_query_groupinfo("", &r, &rbuf, 0))
 387                 goto done;
 388
 389         *ctr = r.ctr;
 390
 391         /* Return output parameters */
 392
 393         result = r.status;
 394
 395  done:
 396         prs_mem_free(&qbuf);
 397         prs_mem_free(&rbuf);
 398
 399         return result;
 400 }
 401
 402 /* Query user groups */
 403
 404 NTSTATUS cli_samr_query_usergroups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 405                                    POLICY_HND *user_pol, uint32 *num_groups,
 406                                    DOM_GID **gid)
 407 {
 408         prs_struct qbuf, rbuf;
 409         SAMR_Q_QUERY_USERGROUPS q;
 410         SAMR_R_QUERY_USERGROUPS r;
 411         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 412
 413         ZERO_STRUCT(q);
 414         ZERO_STRUCT(r);
 415
 416         /* Initialise parse structures */
 417
 418         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 419         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 420
 421         /* Marshall data and send request */
 422
 423         init_samr_q_query_usergroups(&q, user_pol);
 424
 425         if (!samr_io_q_query_usergroups("", &q, &qbuf, 0) ||
 426             !rpc_api_pipe_req(cli, SAMR_QUERY_USERGROUPS, &qbuf, &rbuf))
 427                 goto done;
 428
 429         /* Unmarshall response */
 430
 431         if (!samr_io_r_query_usergroups("", &r, &rbuf, 0))
 432                 goto done;
 433
 434         /* Return output parameters */
 435
 436         if (NT_STATUS_IS_OK(result = r.status)) {
 437                 *num_groups = r.num_entries;
 438                 *gid = r.gid;
 439         }
 440
 441  done:
 442         prs_mem_free(&qbuf);
 443         prs_mem_free(&rbuf);
 444
 445         return result;
 446 }
 447
 448 /* Query user aliases */
 449
 450 NTSTATUS cli_samr_query_useraliases(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 451                                    POLICY_HND *user_pol, uint32 num_sids, DOM_SID2 *sid,
 452                                    uint32 *num_aliases, uint32 **als_rids)
 453 {
 454         prs_struct qbuf, rbuf;
 455         SAMR_Q_QUERY_USERALIASES q;
 456         SAMR_R_QUERY_USERALIASES r;
 457         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 458         unsigned int ptr=1;
 459
 460         ZERO_STRUCT(q);
 461         ZERO_STRUCT(r);
 462
 463         /* Initialise parse structures */
 464
 465         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 466         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 467
 468         /* Marshall data and send request */
 469
 470         init_samr_q_query_useraliases(&q, user_pol, num_sids, &ptr, sid);
 471
 472         if (!samr_io_q_query_useraliases("", &q, &qbuf, 0) ||
 473             !rpc_api_pipe_req(cli, SAMR_QUERY_USERALIASES, &qbuf, &rbuf))
 474                 goto done;
 475
 476         /* Unmarshall response */
 477
 478         if (!samr_io_r_query_useraliases("", &r, &rbuf, 0))
 479                 goto done;
 480
 481         /* Return output parameters */
 482
 483         if (NT_STATUS_IS_OK(result = r.status)) {
 484                 *num_aliases = r.num_entries;
 485                 *als_rids = r.rid;
 486         }
 487
 488  done:
 489         prs_mem_free(&qbuf);
 490         prs_mem_free(&rbuf);
 491
 492         return result;
 493 }
 494
 495 /* Query user groups */
 496
 497 NTSTATUS cli_samr_query_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 498                                  POLICY_HND *group_pol, uint32 *num_mem,
 499                                  uint32 **rid, uint32 **attr)
 500 {
 501         prs_struct qbuf, rbuf;
 502         SAMR_Q_QUERY_GROUPMEM q;
 503         SAMR_R_QUERY_GROUPMEM r;
 504         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 505
 506         ZERO_STRUCT(q);
 507         ZERO_STRUCT(r);
 508
 509         /* Initialise parse structures */
 510
 511         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 512         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 513
 514         /* Marshall data and send request */
 515
 516         init_samr_q_query_groupmem(&q, group_pol);
 517
 518         if (!samr_io_q_query_groupmem("", &q, &qbuf, 0) ||
 519             !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPMEM, &qbuf, &rbuf))
 520                 goto done;
 521
 522         /* Unmarshall response */
 523
 524         if (!samr_io_r_query_groupmem("", &r, &rbuf, 0))
 525                 goto done;
 526
 527         /* Return output parameters */
 528
 529         if (NT_STATUS_IS_OK(result = r.status)) {
 530                 *num_mem = r.num_entries;
 531                 *rid = r.rid;
 532                 *attr = r.attr;
 533         }
 534
 535  done:
 536         prs_mem_free(&qbuf);
 537         prs_mem_free(&rbuf);
 538
 539         return result;
 540 }
 541
 542 /**
 543  * Enumerate domain users
 544  *
 545  * @param cli client state structure
 546  * @param mem_ctx talloc context
 547  * @param pol opened domain policy handle
 548  * @param start_idx starting index of enumeration, returns context for
 549                     next enumeration
 550  * @param acb_mask account control bit mask (to enumerate some particular
 551  *                 kind of accounts)
 552  * @param size max acceptable size of response
 553  * @param dom_users returned array of domain user names
 554  * @param rids returned array of domain user RIDs
 555  * @param num_dom_users numer returned entries
 556  *
 557  * @return NTSTATUS returned in rpc response
 558  **/
 559 NTSTATUS cli_samr_enum_dom_users(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 560                                  POLICY_HND *pol, uint32 *start_idx, uint16 acb_mask,
 561                                  uint32 size, char ***dom_users, uint32 **rids,
 562                                  uint32 *num_dom_users)
 563 {
 564         prs_struct qbuf;
 565         prs_struct rbuf;
 566         SAMR_Q_ENUM_DOM_USERS q;
 567         SAMR_R_ENUM_DOM_USERS r;
 568         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 569         int i;
 570
 571         ZERO_STRUCT(q);
 572         ZERO_STRUCT(r);
 573
 574         /* always init this */
 575         *num_dom_users = 0;
 576
 577         /* Initialise parse structures */
 578
 579         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 580         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 581
 582         /* Fill query structure with parameters */
 583
 584         init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, 0, size);
 585
 586         if (!samr_io_q_enum_dom_users("", &q, &qbuf, 0) ||
 587             !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_USERS, &qbuf, &rbuf)) {
 588                 goto done;
 589         }
 590
 591         /* unpack received stream */
 592
 593         if(!samr_io_r_enum_dom_users("", &r, &rbuf, 0))
 594                 goto done;
 595
 596         result = r.status;
 597
 598         if (!NT_STATUS_IS_OK(result) &&
 599             NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
 600                 goto done;
 601
 602         *start_idx = r.next_idx;
 603         *num_dom_users = r.num_entries2;
 604
 605         if (r.num_entries2) {
 606                 /* allocate memory needed to return received data */
 607                 *rids = (uint32*)talloc(mem_ctx, sizeof(uint32) * r.num_entries2);
 608                 if (!*rids) {
 609                         DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
 610                         return NT_STATUS_NO_MEMORY;
 611                 }
 612
 613                 *dom_users = (char**)talloc(mem_ctx, sizeof(char*) * r.num_entries2);
 614                 if (!*dom_users) {
 615                         DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
 616                         return NT_STATUS_NO_MEMORY;
 617                 }
 618
 619                 /* fill output buffers with rpc response */
 620                 for (i = 0; i < r.num_entries2; i++) {
 621                         fstring conv_buf;
 622
 623                         (*rids)[i] = r.sam[i].rid;
 624                         unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf) - 1);
 625                         (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
 626                 }
 627         }
 628
 629 done:
 630         prs_mem_free(&qbuf);
 631         prs_mem_free(&rbuf);
 632
 633         return result;
 634 };
 635
 636 /* Enumerate domain groups */
 637
 638 NTSTATUS cli_samr_enum_dom_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 639                                   POLICY_HND *pol, uint32 *start_idx,
 640                                   uint32 size, struct acct_info **dom_groups,
 641                                   uint32 *num_dom_groups)
 642 {
 643         prs_struct qbuf, rbuf;
 644         SAMR_Q_ENUM_DOM_GROUPS q;
 645         SAMR_R_ENUM_DOM_GROUPS r;
 646         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 647         uint32 name_idx, i;
 648
 649         ZERO_STRUCT(q);
 650         ZERO_STRUCT(r);
 651
 652         /* Initialise parse structures */
 653
 654         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 655         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 656
 657         /* Marshall data and send request */
 658
 659         init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
 660
 661         if (!samr_io_q_enum_dom_groups("", &q, &qbuf, 0) ||
 662             !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_GROUPS, &qbuf, &rbuf))
 663                 goto done;
 664
 665         /* Unmarshall response */
 666
 667         if (!samr_io_r_enum_dom_groups("", &r, &rbuf, 0))
 668                 goto done;
 669
 670         /* Return output parameters */
 671
 672         result = r.status;
 673
 674         if (!NT_STATUS_IS_OK(result) &&
 675             NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
 676                 goto done;
 677
 678         *num_dom_groups = r.num_entries2;
 679
 680         if (*num_dom_groups == 0)
 681                 goto done;
 682
 683         if (!((*dom_groups) = (struct acct_info *)
 684               talloc(mem_ctx, sizeof(struct acct_info) * *num_dom_groups))) {
 685                 result = NT_STATUS_NO_MEMORY;
 686                 goto done;
 687         }
 688
 689         memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
 690
 691         name_idx = 0;
 692
 693         for (i = 0; i < *num_dom_groups; i++) {
 694
 695                 (*dom_groups)[i].rid = r.sam[i].rid;
 696
 697                 if (r.sam[i].hdr_name.buffer) {
 698                         unistr2_to_ascii((*dom_groups)[i].acct_name,
 699                                          &r.uni_grp_name[name_idx],
 700                                          sizeof(fstring) - 1);
 701                         name_idx++;
 702                 }
 703
 704                 *start_idx = r.next_idx;
 705         }
 706
 707  done:
 708         prs_mem_free(&qbuf);
 709         prs_mem_free(&rbuf);
 710
 711         return result;
 712 }
 713
 714 /* Enumerate domain groups */
 715
 716 NTSTATUS cli_samr_enum_als_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 717                                   POLICY_HND *pol, uint32 *start_idx,
 718                                   uint32 size, struct acct_info **dom_aliases,
 719                                   uint32 *num_dom_aliases)
 720 {
 721         prs_struct qbuf, rbuf;
 722         SAMR_Q_ENUM_DOM_ALIASES q;
 723         SAMR_R_ENUM_DOM_ALIASES r;
 724         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 725         uint32 name_idx, i;
 726
 727         ZERO_STRUCT(q);
 728         ZERO_STRUCT(r);
 729
 730         /* Initialise parse structures */
 731
 732         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 733         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 734
 735         /* Marshall data and send request */
 736
 737         init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
 738
 739         if (!samr_io_q_enum_dom_aliases("", &q, &qbuf, 0) ||
 740             !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_ALIASES, &qbuf, &rbuf)) {
 741                 goto done;
 742         }
 743
 744         /* Unmarshall response */
 745
 746         if (!samr_io_r_enum_dom_aliases("", &r, &rbuf, 0)) {
 747                 goto done;
 748         }
 749
 750         /* Return output parameters */
 751
 752         result = r.status;
 753
 754         if (!NT_STATUS_IS_OK(result) &&
 755             NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
 756                 goto done;
 757         }
 758
 759         *num_dom_aliases = r.num_entries2;
 760
 761         if (*num_dom_aliases == 0)
 762                 goto done;
 763
 764         if (!((*dom_aliases) = (struct acct_info *)
 765               talloc(mem_ctx, sizeof(struct acct_info) * *num_dom_aliases))) {
 766                 result = NT_STATUS_NO_MEMORY;
 767                 goto done;
 768         }
 769
 770         memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
 771
 772         name_idx = 0;
 773
 774         for (i = 0; i < *num_dom_aliases; i++) {
 775
 776                 (*dom_aliases)[i].rid = r.sam[i].rid;
 777
 778                 if (r.sam[i].hdr_name.buffer) {
 779                         unistr2_to_ascii((*dom_aliases)[i].acct_name,
 780                                          &r.uni_grp_name[name_idx],
 781                                          sizeof(fstring) - 1);
 782                         name_idx++;
 783                 }
 784
 785                 *start_idx = r.next_idx;
 786         }
 787
 788  done:
 789         prs_mem_free(&qbuf);
 790         prs_mem_free(&rbuf);
 791
 792         return result;
 793 }
 794
 795 /* Query alias members */
 796
 797 NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 798                                  POLICY_HND *alias_pol, uint32 *num_mem,
 799                                  DOM_SID **sids)
 800 {
 801         prs_struct qbuf, rbuf;
 802         SAMR_Q_QUERY_ALIASMEM q;
 803         SAMR_R_QUERY_ALIASMEM r;
 804         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 805         uint32 i;
 806
 807         ZERO_STRUCT(q);
 808         ZERO_STRUCT(r);
 809
 810         /* Initialise parse structures */
 811
 812         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 813         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 814
 815         /* Marshall data and send request */
 816
 817         init_samr_q_query_aliasmem(&q, alias_pol);
 818
 819         if (!samr_io_q_query_aliasmem("", &q, &qbuf, 0) ||
 820             !rpc_api_pipe_req(cli, SAMR_QUERY_ALIASMEM, &qbuf, &rbuf)) {
 821                 goto done;
 822         }
 823
 824         /* Unmarshall response */
 825
 826         if (!samr_io_r_query_aliasmem("", &r, &rbuf, 0)) {
 827                 goto done;
 828         }
 829
 830         /* Return output parameters */
 831
 832         if (!NT_STATUS_IS_OK(result = r.status)) {
 833                 goto done;
 834         }
 835
 836         *num_mem = r.num_sids;
 837
 838         if (!(*sids = talloc(mem_ctx, sizeof(DOM_SID) * *num_mem))) {
 839                 result = NT_STATUS_UNSUCCESSFUL;
 840                 goto done;
 841         }
 842
 843         for (i = 0; i < *num_mem; i++) {
 844                 (*sids)[i] = r.sid[i].sid;
 845         }
 846
 847  done:
 848         prs_mem_free(&qbuf);
 849         prs_mem_free(&rbuf);
 850
 851         return result;
 852 }
 853
 854 /* Open handle on an alias */
 855
 856 NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 857                              POLICY_HND *domain_pol, uint32 access_mask,
 858                              uint32 alias_rid, POLICY_HND *alias_pol)
 859 {
 860         prs_struct qbuf, rbuf;
 861         SAMR_Q_OPEN_ALIAS q;
 862         SAMR_R_OPEN_ALIAS r;
 863         NTSTATUS result;
 864
 865         ZERO_STRUCT(q);
 866         ZERO_STRUCT(r);
 867
 868         /* Initialise parse structures */
 869
 870         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 871         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 872
 873         /* Marshall data and send request */
 874
 875         init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
 876
 877         if (!samr_io_q_open_alias("", &q, &qbuf, 0) ||
 878             !rpc_api_pipe_req(cli, SAMR_OPEN_ALIAS, &qbuf, &rbuf)) {
 879                 result = NT_STATUS_UNSUCCESSFUL;
 880                 goto done;
 881         }
 882
 883         /* Unmarshall response */
 884
 885         if (!samr_io_r_open_alias("", &r, &rbuf, 0)) {
 886                 result = NT_STATUS_UNSUCCESSFUL;
 887                 goto done;
 888         }
 889
 890         /* Return output parameters */
 891
 892         if (NT_STATUS_IS_OK(result = r.status)) {
 893                 *alias_pol = r.pol;
 894 #ifdef __INSURE__
 895                 alias_pol->marker = malloc(1);
 896 #endif
 897         }
 898
 899  done:
 900         prs_mem_free(&qbuf);
 901         prs_mem_free(&rbuf);
 902
 903         return result;
 904 }
 905
 906 /* Query domain info */
 907
 908 NTSTATUS cli_samr_query_dom_info(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 909                                  POLICY_HND *domain_pol, uint16 switch_value,
 910                                  SAM_UNK_CTR *ctr)
 911 {
 912         prs_struct qbuf, rbuf;
 913         SAMR_Q_QUERY_DOMAIN_INFO q;
 914         SAMR_R_QUERY_DOMAIN_INFO r;
 915         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 916
 917         ZERO_STRUCT(q);
 918         ZERO_STRUCT(r);
 919
 920         /* Initialise parse structures */
 921
 922         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
 923         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
 924
 925         /* Marshall data and send request */
 926
 927         init_samr_q_query_dom_info(&q, domain_pol, switch_value);
 928
 929         if (!samr_io_q_query_dom_info("", &q, &qbuf, 0) ||
 930             !rpc_api_pipe_req(cli, SAMR_QUERY_DOMAIN_INFO, &qbuf, &rbuf)) {
 931                 goto done;
 932         }
 933
 934         /* Unmarshall response */
 935
 936         r.ctr = ctr;
 937
 938         if (!samr_io_r_query_dom_info("", &r, &rbuf, 0)) {
 939                 goto done;
 940         }
 941
 942         /* Return output parameters */
 943
 944         if (!NT_STATUS_IS_OK(result = r.status)) {
 945                 goto done;
 946         }
 947
 948  done:
 949         prs_mem_free(&qbuf);
 950         prs_mem_free(&rbuf);
 951
 952         return result;
 953 }
 954
 955 /* This function returns the bizzare set of (max_entries, max_size) required
 956    for the QueryDisplayInfo RPC to actually work against a domain controller
 957    with large (10k and higher) numbers of users.  These values were
 958    obtained by inspection using ethereal and NT4 running User Manager. */
 959
 960 void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
 961                                uint32 *max_size)
 962 {
 963         switch(loop_count) {
 964         case 0:
 965                 *max_entries = 512;
 966                 *max_size = 16383;
 967                 break;
 968         case 1:
 969                 *max_entries = 1024;
 970                 *max_size = 32766;
 971                 break;
 972         case 2:
 973                 *max_entries = 2048;
 974                 *max_size = 65532;
 975                 break;
 976         case 3:
 977                 *max_entries = 4096;
 978                 *max_size = 131064;
 979                 break;
 980         default:              /* loop_count >= 4 */
 981                 *max_entries = 4096;
 982                 *max_size = 131071;
 983                 break;
 984         }
 985 }
 986
 987 /* Query display info */
 988
 989 NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 990                                  POLICY_HND *domain_pol, uint32 *start_idx,
 991                                  uint16 switch_value, uint32 *num_entries,
 992                                  uint32 max_entries, uint32 max_size,
 993                                  SAM_DISPINFO_CTR *ctr)
 994 {
 995         prs_struct qbuf, rbuf;
 996         SAMR_Q_QUERY_DISPINFO q;
 997         SAMR_R_QUERY_DISPINFO r;
 998         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 999
1000         ZERO_STRUCT(q);
1001         ZERO_STRUCT(r);
1002
1003         *num_entries = 0;
1004
1005         /* Initialise parse structures */
1006
1007         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1008         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1009
1010         /* Marshall data and send request */
1011
1012         init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1013                                    *start_idx, max_entries, max_size);
1014
1015         if (!samr_io_q_query_dispinfo("", &q, &qbuf, 0) ||
1016             !rpc_api_pipe_req(cli, SAMR_QUERY_DISPINFO, &qbuf, &rbuf)) {
1017                 goto done;
1018         }
1019
1020         /* Unmarshall response */
1021
1022         r.ctr = ctr;
1023
1024         if (!samr_io_r_query_dispinfo("", &r, &rbuf, 0)) {
1025                 goto done;
1026         }
1027
1028         /* Return output parameters */
1029
1030         result = r.status;
1031
1032         if (!NT_STATUS_IS_OK(result) &&
1033             NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1034                 goto done;
1035         }
1036
1037         *num_entries = r.num_entries;
1038         *start_idx += r.num_entries;  /* No next_idx in this structure! */
1039
1040  done:
1041         prs_mem_free(&qbuf);
1042         prs_mem_free(&rbuf);
1043
1044         return result;
1045 }
1046
1047 /* Lookup rids.  Note that NT4 seems to crash if more than ~1000 rids are
1048    looked up in one packet. */
1049
1050 NTSTATUS cli_samr_lookup_rids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1051                               POLICY_HND *domain_pol, uint32 flags,
1052                               uint32 num_rids, uint32 *rids,
1053                               uint32 *num_names, char ***names,
1054                               uint32 **name_types)
1055 {
1056         prs_struct qbuf, rbuf;
1057         SAMR_Q_LOOKUP_RIDS q;
1058         SAMR_R_LOOKUP_RIDS r;
1059         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1060         uint32 i;
1061
1062         if (num_rids > 1000) {
1063                 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1064                           "more than ~1000 rids are looked up at once.\n"));
1065         }
1066
1067         ZERO_STRUCT(q);
1068         ZERO_STRUCT(r);
1069
1070         /* Initialise parse structures */
1071
1072         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1073         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1074
1075         /* Marshall data and send request */
1076
1077         init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, flags,
1078                                 num_rids, rids);
1079
1080         if (!samr_io_q_lookup_rids("", &q, &qbuf, 0) ||
1081             !rpc_api_pipe_req(cli, SAMR_LOOKUP_RIDS, &qbuf, &rbuf)) {
1082                 goto done;
1083         }
1084
1085         /* Unmarshall response */
1086
1087         if (!samr_io_r_lookup_rids("", &r, &rbuf, 0)) {
1088                 goto done;
1089         }
1090
1091         /* Return output parameters */
1092
1093         if (!NT_STATUS_IS_OK(result = r.status)) {
1094                 goto done;
1095         }
1096
1097         if (r.num_names1 == 0) {
1098                 *num_names = 0;
1099                 *names = NULL;
1100                 goto done;
1101         }
1102
1103         *num_names = r.num_names1;
1104         *names = talloc(mem_ctx, sizeof(char *) * r.num_names1);
1105         *name_types = talloc(mem_ctx, sizeof(uint32) * r.num_names1);
1106
1107         for (i = 0; i < r.num_names1; i++) {
1108                 fstring tmp;
1109
1110                 unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp) - 1);
1111                 (*names)[i] = talloc_strdup(mem_ctx, tmp);
1112                 (*name_types)[i] = r.type[i];
1113         }
1114
1115  done:
1116         prs_mem_free(&qbuf);
1117         prs_mem_free(&rbuf);
1118
1119         return result;
1120 }
1121
1122 /* Lookup names */
1123
1124 NTSTATUS cli_samr_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1125                                POLICY_HND *domain_pol, uint32 flags,
1126                                uint32 num_names, const char **names,
1127                                uint32 *num_rids, uint32 **rids,
1128                                uint32 **rid_types)
1129 {
1130         prs_struct qbuf, rbuf;
1131         SAMR_Q_LOOKUP_NAMES q;
1132         SAMR_R_LOOKUP_NAMES r;
1133         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1134         uint32 i;
1135
1136         ZERO_STRUCT(q);
1137         ZERO_STRUCT(r);
1138
1139         /* Initialise parse structures */
1140
1141         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1142         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1143
1144         /* Marshall data and send request */
1145
1146         init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
1147                                  num_names, names);
1148
1149         if (!samr_io_q_lookup_names("", &q, &qbuf, 0) ||
1150             !rpc_api_pipe_req(cli, SAMR_LOOKUP_NAMES, &qbuf, &rbuf)) {
1151                 goto done;
1152         }
1153
1154         /* Unmarshall response */
1155
1156         if (!samr_io_r_lookup_names("", &r, &rbuf, 0)) {
1157                 goto done;
1158         }
1159
1160         /* Return output parameters */
1161
1162         if (!NT_STATUS_IS_OK(result = r.status)) {
1163                 goto done;
1164         }
1165
1166         if (r.num_rids1 == 0) {
1167                 *num_rids = 0;
1168                 goto done;
1169         }
1170
1171         *num_rids = r.num_rids1;
1172         *rids = talloc(mem_ctx, sizeof(uint32) * r.num_rids1);
1173         *rid_types = talloc(mem_ctx, sizeof(uint32) * r.num_rids1);
1174
1175         for (i = 0; i < r.num_rids1; i++) {
1176                 (*rids)[i] = r.rids[i];
1177                 (*rid_types)[i] = r.types[i];
1178         }
1179
1180  done:
1181         prs_mem_free(&qbuf);
1182         prs_mem_free(&rbuf);
1183
1184         return result;
1185 }
1186
1187 /* Create a domain user */
1188
1189 NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1190                                   POLICY_HND *domain_pol, const char *acct_name,
1191                                   uint32 acb_info, uint32 unknown,
1192                                   POLICY_HND *user_pol, uint32 *rid)
1193 {
1194         prs_struct qbuf, rbuf;
1195         SAMR_Q_CREATE_USER q;
1196         SAMR_R_CREATE_USER r;
1197         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1198
1199         ZERO_STRUCT(q);
1200         ZERO_STRUCT(r);
1201
1202         /* Initialise parse structures */
1203
1204         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1205         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1206
1207         /* Marshall data and send request */
1208
1209         init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);
1210
1211         if (!samr_io_q_create_user("", &q, &qbuf, 0) ||
1212             !rpc_api_pipe_req(cli, SAMR_CREATE_USER, &qbuf, &rbuf)) {
1213                 goto done;
1214         }
1215
1216         /* Unmarshall response */
1217
1218         if (!samr_io_r_create_user("", &r, &rbuf, 0)) {
1219                 goto done;
1220         }
1221
1222         /* Return output parameters */
1223
1224         if (!NT_STATUS_IS_OK(result = r.status)) {
1225                 goto done;
1226         }
1227
1228         if (user_pol)
1229                 *user_pol = r.user_pol;
1230
1231         if (rid)
1232                 *rid = r.user_rid;
1233
1234  done:
1235         prs_mem_free(&qbuf);
1236         prs_mem_free(&rbuf);
1237
1238         return result;
1239 }
1240
1241 /* Set userinfo */
1242
1243 NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1244                                POLICY_HND *user_pol, uint16 switch_value,
1245                                uchar sess_key[16], SAM_USERINFO_CTR *ctr)
1246 {
1247         prs_struct qbuf, rbuf;
1248         SAMR_Q_SET_USERINFO q;
1249         SAMR_R_SET_USERINFO r;
1250         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1251
1252         ZERO_STRUCT(q);
1253         ZERO_STRUCT(r);
1254
1255         /* Initialise parse structures */
1256
1257         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1258         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1259
1260         /* Marshall data and send request */
1261
1262         q.ctr = ctr;
1263
1264         init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
1265                                  ctr->info.id);
1266
1267         if (!samr_io_q_set_userinfo("", &q, &qbuf, 0) ||
1268             !rpc_api_pipe_req(cli, SAMR_SET_USERINFO, &qbuf, &rbuf)) {
1269                 goto done;
1270         }
1271
1272         /* Unmarshall response */
1273
1274         if (!samr_io_r_set_userinfo("", &r, &rbuf, 0)) {
1275                 goto done;
1276         }
1277
1278         /* Return output parameters */
1279
1280         if (!NT_STATUS_IS_OK(result = r.status)) {
1281                 goto done;
1282         }
1283
1284  done:
1285         prs_mem_free(&qbuf);
1286         prs_mem_free(&rbuf);
1287
1288         return result;
1289 }
1290
1291 /* Set userinfo2 */
1292
1293 NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1294                                 POLICY_HND *user_pol, uint16 switch_value,
1295                                 uchar sess_key[16], SAM_USERINFO_CTR *ctr)
1296 {
1297         prs_struct qbuf, rbuf;
1298         SAMR_Q_SET_USERINFO2 q;
1299         SAMR_R_SET_USERINFO2 r;
1300         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1301
1302         ZERO_STRUCT(q);
1303         ZERO_STRUCT(r);
1304
1305         /* Initialise parse structures */
1306
1307         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1308         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1309
1310         /* Marshall data and send request */
1311
1312         init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
1313
1314         if (!samr_io_q_set_userinfo2("", &q, &qbuf, 0) ||
1315             !rpc_api_pipe_req(cli, SAMR_SET_USERINFO2, &qbuf, &rbuf)) {
1316                 goto done;
1317         }
1318
1319         /* Unmarshall response */
1320
1321         if (!samr_io_r_set_userinfo2("", &r, &rbuf, 0)) {
1322                 goto done;
1323         }
1324
1325         /* Return output parameters */
1326
1327         if (!NT_STATUS_IS_OK(result = r.status)) {
1328                 goto done;
1329         }
1330
1331  done:
1332         prs_mem_free(&qbuf);
1333         prs_mem_free(&rbuf);
1334
1335         return result;
1336 }
1337
1338 /* Delete domain user */
1339
1340 NTSTATUS cli_samr_delete_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1341                                   POLICY_HND *user_pol)
1342 {
1343         prs_struct qbuf, rbuf;
1344         SAMR_Q_DELETE_DOM_USER q;
1345         SAMR_R_DELETE_DOM_USER r;
1346         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1347
1348         ZERO_STRUCT(q);
1349         ZERO_STRUCT(r);
1350
1351         /* Initialise parse structures */
1352
1353         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1354         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1355
1356         /* Marshall data and send request */
1357
1358         init_samr_q_delete_dom_user(&q, user_pol);
1359
1360         if (!samr_io_q_delete_dom_user("", &q, &qbuf, 0) ||
1361             !rpc_api_pipe_req(cli, SAMR_DELETE_DOM_USER, &qbuf, &rbuf)) {
1362                 goto done;
1363         }
1364
1365         /* Unmarshall response */
1366
1367         if (!samr_io_r_delete_dom_user("", &r, &rbuf, 0)) {
1368                 goto done;
1369         }
1370
1371         /* Return output parameters */
1372
1373         result = r.status;
1374
1375  done:
1376         prs_mem_free(&qbuf);
1377         prs_mem_free(&rbuf);
1378
1379         return result;
1380 }
1381
1382 /* Query user security object */
1383
1384 NTSTATUS cli_samr_query_sec_obj(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1385                                  POLICY_HND *user_pol, uint16 switch_value,
1386                                  TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
1387 {
1388         prs_struct qbuf, rbuf;
1389         SAMR_Q_QUERY_SEC_OBJ q;
1390         SAMR_R_QUERY_SEC_OBJ r;
1391         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1392
1393         ZERO_STRUCT(q);
1394         ZERO_STRUCT(r);
1395
1396         /* Initialise parse structures */
1397
1398         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1399         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1400
1401         /* Marshall data and send request */
1402
1403         init_samr_q_query_sec_obj(&q, user_pol, switch_value);
1404
1405         if (!samr_io_q_query_sec_obj("", &q, &qbuf, 0) ||
1406             !rpc_api_pipe_req(cli, SAMR_QUERY_SEC_OBJECT, &qbuf, &rbuf)) {
1407                 goto done;
1408         }
1409
1410         /* Unmarshall response */
1411
1412         if (!samr_io_r_query_sec_obj("", &r, &rbuf, 0)) {
1413                 goto done;
1414         }
1415
1416         /* Return output parameters */
1417
1418         result = r.status;
1419         *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
1420
1421  done:
1422         prs_mem_free(&qbuf);
1423         prs_mem_free(&rbuf);
1424
1425         return result;
1426 }
1427
1428 /* Get domain password info */
1429
1430 NTSTATUS cli_samr_get_dom_pwinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1431                                  uint16 *unk_0, uint16 *unk_1, uint16 *unk_2)
1432 {
1433         prs_struct qbuf, rbuf;
1434         SAMR_Q_GET_DOM_PWINFO q;
1435         SAMR_R_GET_DOM_PWINFO r;
1436         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1437
1438         ZERO_STRUCT(q);
1439         ZERO_STRUCT(r);
1440
1441         /* Initialise parse structures */
1442
1443         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1444         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1445
1446         /* Marshall data and send request */
1447
1448         init_samr_q_get_dom_pwinfo(&q, cli->desthost);
1449
1450         if (!samr_io_q_get_dom_pwinfo("", &q, &qbuf, 0) ||
1451             !rpc_api_pipe_req(cli, SAMR_GET_DOM_PWINFO, &qbuf, &rbuf))
1452                 goto done;
1453
1454         /* Unmarshall response */
1455
1456         if (!samr_io_r_get_dom_pwinfo("", &r, &rbuf, 0))
1457                 goto done;
1458
1459         /* Return output parameters */
1460
1461         result = r.status;
1462
1463         if (NT_STATUS_IS_OK(result)) {
1464                 if (unk_0)
1465                         *unk_0 = r.unk_0;
1466                 if (unk_1)
1467                         *unk_1 = r.unk_1;
1468                 if (unk_2)
1469                         *unk_2 = r.unk_2;
1470         }
1471
1472  done:
1473         prs_mem_free(&qbuf);
1474         prs_mem_free(&rbuf);
1475
1476         return result;
1477 }
1478
1479 /* Lookup Domain Name */
1480
1481 NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1482                                 POLICY_HND *user_pol, char *domain_name,
1483                                 DOM_SID *sid)
1484 {
1485         prs_struct qbuf, rbuf;
1486         SAMR_Q_LOOKUP_DOMAIN q;
1487         SAMR_R_LOOKUP_DOMAIN r;
1488         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1489
1490         ZERO_STRUCT(q);
1491         ZERO_STRUCT(r);
1492
1493         /* Initialise parse structures */
1494
1495         prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1496         prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1497
1498         /* Marshall data and send request */
1499
1500         init_samr_q_lookup_domain(&q, user_pol, domain_name);
1501
1502         if (!samr_io_q_lookup_domain("", &q, &qbuf, 0) ||
1503             !rpc_api_pipe_req(cli, SAMR_LOOKUP_DOMAIN, &qbuf, &rbuf))
1504                 goto done;
1505
1506         /* Unmarshall response */
1507
1508         if (!samr_io_r_lookup_domain("", &r, &rbuf, 0))
1509                 goto done;
1510
1511         /* Return output parameters */
1512
1513         result = r.status;
1514
1515         if (NT_STATUS_IS_OK(result))
1516                 sid_copy(sid, &r.dom_sid.sid);
1517
1518  done:
1519         prs_mem_free(&qbuf);
1520         prs_mem_free(&rbuf);
1521
1522         return result;
1523 }