Context Navigation

source: branches/samba-3.0/source/rpc_client/cli_lsarpc.c

Visit:

Last change on this file was 44, checked in by Paul Smedley, 18 years ago
Update source to 3.0.25b
File size: 35.9 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	RPC pipe client
4	Copyright (C) Tim Potter 2000-2001,
5	Copyright (C) Andrew Tridgell 1992-1997,2000,
6	Copyright (C) Rafal Szczesniak 2002
7	Copyright (C) Jeremy Allison 2005.
8
9	This program is free software; you can redistribute it and/or modify
10	it under the terms of the GNU General Public License as published by
11	the Free Software Foundation; either version 2 of the License, or
12	(at your option) any later version.
13
14	This program is distributed in the hope that it will be useful,
15	but WITHOUT ANY WARRANTY; without even the implied warranty of
16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	GNU General Public License for more details.
18
19	You should have received a copy of the GNU General Public License
20	along with this program; if not, write to the Free Software
21	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22	*/
23
24	#include "includes.h"
25
26	/** @defgroup lsa LSA - Local Security Architecture
27	* @ingroup rpc_client
28	*
29	* @{
30	**/
31
32	/**
33	* @file cli_lsarpc.c
34	*
35	* RPC client routines for the LSA RPC pipe. LSA means "local
36	* security authority", which is half of a password database.
37	**/
38
39	/** Open a LSA policy handle
40	*
41	* @param cli Handle on an initialised SMB connection */
42
43	NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
44	TALLOC_CTX *mem_ctx,
45	BOOL sec_qos, uint32 des_access,
46	POLICY_HND *pol)
47	{
48	prs_struct qbuf, rbuf;
49	LSA_Q_OPEN_POL q;
50	LSA_R_OPEN_POL r;
51	LSA_SEC_QOS qos;
52	NTSTATUS result;
53
54	ZERO_STRUCT(q);
55	ZERO_STRUCT(r);
56
57	/* Initialise input parameters */
58
59	if (sec_qos) {
60	init_lsa_sec_qos(&qos, 2, 1, 0);
61	init_q_open_pol(&q, '\\', 0, des_access, &qos);
62	} else {
63	init_q_open_pol(&q, '\\', 0, des_access, NULL);
64	}
65
66	/* Marshall data and send request */
67
68	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY,
69	q, r,
70	qbuf, rbuf,
71	lsa_io_q_open_pol,
72	lsa_io_r_open_pol,
73	NT_STATUS_UNSUCCESSFUL );
74
75	/* Return output parameters */
76
77	result = r.status;
78
79	if (NT_STATUS_IS_OK(result)) {
80	*pol = r.pol;
81	#ifdef __INSURE__
82	pol->marker = MALLOC(1);
83	#endif
84	}
85
86	return result;
87	}
88
89	/** Open a LSA policy handle
90	*
91	* @param cli Handle on an initialised SMB connection
92	*/
93
94	NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
95	TALLOC_CTX *mem_ctx, BOOL sec_qos,
96	uint32 des_access, POLICY_HND *pol)
97	{
98	prs_struct qbuf, rbuf;
99	LSA_Q_OPEN_POL2 q;
100	LSA_R_OPEN_POL2 r;
101	LSA_SEC_QOS qos;
102	NTSTATUS result;
103	char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
104
105	ZERO_STRUCT(q);
106	ZERO_STRUCT(r);
107
108	if (sec_qos) {
109	init_lsa_sec_qos(&qos, 2, 1, 0);
110	init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos);
111	} else {
112	init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL);
113	}
114
115	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2,
116	q, r,
117	qbuf, rbuf,
118	lsa_io_q_open_pol2,
119	lsa_io_r_open_pol2,
120	NT_STATUS_UNSUCCESSFUL );
121
122	/* Return output parameters */
123
124	result = r.status;
125
126	if (NT_STATUS_IS_OK(result)) {
127	*pol = r.pol;
128	#ifdef __INSURE__
129	pol->marker = (char *)malloc(1);
130	#endif
131	}
132
133	return result;
134	}
135
136	/** Close a LSA policy handle */
137
138	NTSTATUS rpccli_lsa_close(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
139	POLICY_HND *pol)
140	{
141	prs_struct qbuf, rbuf;
142	LSA_Q_CLOSE q;
143	LSA_R_CLOSE r;
144	NTSTATUS result;
145
146	ZERO_STRUCT(q);
147	ZERO_STRUCT(r);
148
149	init_lsa_q_close(&q, pol);
150
151	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CLOSE,
152	q, r,
153	qbuf, rbuf,
154	lsa_io_q_close,
155	lsa_io_r_close,
156	NT_STATUS_UNSUCCESSFUL );
157
158	/* Return output parameters */
159
160	result = r.status;
161
162	if (NT_STATUS_IS_OK(result)) {
163	#ifdef __INSURE__
164	SAFE_FREE(pol->marker);
165	#endif
166	*pol = r.pol;
167	}
168
169	return result;
170	}
171
172	/** Lookup a list of sids */
173
174	NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
175	TALLOC_CTX *mem_ctx,
176	POLICY_HND *pol, int num_sids,
177	const DOM_SID *sids,
178	char *domains, char names, uint32 *types)
179	{
180	prs_struct qbuf, rbuf;
181	LSA_Q_LOOKUP_SIDS q;
182	LSA_R_LOOKUP_SIDS r;
183	DOM_R_REF ref;
184	NTSTATUS result = NT_STATUS_OK;
185	int i;
186
187	ZERO_STRUCT(q);
188	ZERO_STRUCT(r);
189
190	init_q_lookup_sids(mem_ctx, &q, pol, num_sids, sids, 1);
191
192	ZERO_STRUCT(ref);
193
194	r.dom_ref = &ref;
195
196	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
197	q, r,
198	qbuf, rbuf,
199	lsa_io_q_lookup_sids,
200	lsa_io_r_lookup_sids,
201	NT_STATUS_UNSUCCESSFUL );
202
203	if (!NT_STATUS_IS_OK(r.status) &&
204	NT_STATUS_V(r.status) != NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
205
206	/* An actual error occured */
207	result = r.status;
208
209	goto done;
210	}
211
212	/* Return output parameters */
213
214	if (r.mapped_count == 0) {
215	result = NT_STATUS_NONE_MAPPED;
216	goto done;
217	}
218
219	if (num_sids) {
220	if (!((domains) = TALLOC_ARRAY(mem_ctx, char , num_sids))) {
221	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
222	result = NT_STATUS_NO_MEMORY;
223	goto done;
224	}
225
226	if (!((names) = TALLOC_ARRAY(mem_ctx, char , num_sids))) {
227	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
228	result = NT_STATUS_NO_MEMORY;
229	goto done;
230	}
231
232	if (!((*types) = TALLOC_ARRAY(mem_ctx, uint32, num_sids))) {
233	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
234	result = NT_STATUS_NO_MEMORY;
235	goto done;
236	}
237	} else {
238	(*domains) = NULL;
239	(*names) = NULL;
240	(*types) = NULL;
241	}
242
243	for (i = 0; i < num_sids; i++) {
244	fstring name, dom_name;
245	uint32 dom_idx = r.names.name[i].domain_idx;
246
247	/* Translate optimised name through domain index array */
248
249	if (dom_idx != 0xffffffff) {
250
251	rpcstr_pull_unistr2_fstring(
252	dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
253	rpcstr_pull_unistr2_fstring(
254	name, &r.names.uni_name[i]);
255
256	(*names)[i] = talloc_strdup(mem_ctx, name);
257	(*domains)[i] = talloc_strdup(mem_ctx, dom_name);
258	(*types)[i] = r.names.name[i].sid_name_use;
259
260	if (((names)[i] == NULL) \|\| ((domains)[i] == NULL)) {
261	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
262	result = NT_STATUS_UNSUCCESSFUL;
263	goto done;
264	}
265
266	} else {
267	(*names)[i] = NULL;
268	(*domains)[i] = NULL;
269	(*types)[i] = SID_NAME_UNKNOWN;
270	}
271	}
272
273	done:
274
275	return result;
276	}
277
278	/** Lookup a list of names */
279
280	NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
281	TALLOC_CTX *mem_ctx,
282	POLICY_HND *pol, int num_names,
283	const char **names,
284	const char ***dom_names,
285	DOM_SID **sids,
286	uint32 **types)
287	{
288	prs_struct qbuf, rbuf;
289	LSA_Q_LOOKUP_NAMES q;
290	LSA_R_LOOKUP_NAMES r;
291	DOM_R_REF ref;
292	NTSTATUS result;
293	int i;
294
295	ZERO_STRUCT(q);
296	ZERO_STRUCT(r);
297
298	ZERO_STRUCT(ref);
299	r.dom_ref = &ref;
300
301	init_q_lookup_names(mem_ctx, &q, pol, num_names, names);
302
303	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
304	q, r,
305	qbuf, rbuf,
306	lsa_io_q_lookup_names,
307	lsa_io_r_lookup_names,
308	NT_STATUS_UNSUCCESSFUL);
309
310	result = r.status;
311
312	if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
313	NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
314
315	/* An actual error occured */
316
317	goto done;
318	}
319
320	/* Return output parameters */
321
322	if (r.mapped_count == 0) {
323	result = NT_STATUS_NONE_MAPPED;
324	goto done;
325	}
326
327	if (num_names) {
328	if (!((*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, num_names)))) {
329	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
330	result = NT_STATUS_NO_MEMORY;
331	goto done;
332	}
333
334	if (!((*types = TALLOC_ARRAY(mem_ctx, uint32, num_names)))) {
335	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
336	result = NT_STATUS_NO_MEMORY;
337	goto done;
338	}
339
340	if (dom_names != NULL) {
341	dom_names = TALLOC_ARRAY(mem_ctx, const char , num_names);
342	if (*dom_names == NULL) {
343	DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
344	result = NT_STATUS_NO_MEMORY;
345	goto done;
346	}
347	}
348	} else {
349	*sids = NULL;
350	*types = NULL;
351	if (dom_names != NULL) {
352	*dom_names = NULL;
353	}
354	}
355
356	for (i = 0; i < num_names; i++) {
357	DOM_RID *t_rids = r.dom_rid;
358	uint32 dom_idx = t_rids[i].rid_idx;
359	uint32 dom_rid = t_rids[i].rid;
360	DOM_SID sid = &(sids)[i];
361
362	/* Translate optimised sid through domain index array */
363
364	if (dom_idx == 0xffffffff) {
365	/* Nothing to do, this is unknown */
366	ZERO_STRUCTP(sid);
367	(*types)[i] = SID_NAME_UNKNOWN;
368	continue;
369	}
370
371	sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
372
373	if (dom_rid != 0xffffffff) {
374	sid_append_rid(sid, dom_rid);
375	}
376
377	(*types)[i] = t_rids[i].type;
378
379	if (dom_names == NULL) {
380	continue;
381	}
382
383	(*dom_names)[i] = rpcstr_pull_unistr2_talloc(
384	*dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
385	}
386
387	done:
388
389	return result;
390	}
391
392	NTSTATUS rpccli_lsa_query_info_policy_new(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
393	POLICY_HND *pol, uint16 info_class,
394	LSA_INFO_CTR *ctr)
395	{
396	prs_struct qbuf, rbuf;
397	LSA_Q_QUERY_INFO q;
398	LSA_R_QUERY_INFO r;
399	NTSTATUS result;
400
401	ZERO_STRUCT(q);
402	ZERO_STRUCT(r);
403
404	init_q_query(&q, pol, info_class);
405
406	CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
407	q, r,
408	qbuf, rbuf,
409	lsa_io_q_query,
410	lsa_io_r_query,
411	NT_STATUS_UNSUCCESSFUL);
412
413	result = r.status;
414
415	if (!NT_STATUS_IS_OK(result)) {
416	goto done;
417	}
418
419	done:
420
421	*ctr = r.ctr;
422
423	return result;
424	}
425
426	NTSTATUS rpccli_lsa_query_info_policy2_new(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
427	POLICY_HND *pol, uint16 info_class,
428	LSA_INFO_CTR2 *ctr)
429	{
430	prs_struct qbuf, rbuf;
431	LSA_Q_QUERY_INFO2 q;
432	LSA_R_QUERY_INFO2 r;
433	NTSTATUS result;
434
435	ZERO_STRUCT(q);
436	ZERO_STRUCT(r);
437
438	init_q_query2(&q, pol, info_class);
439
440	CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
441	q, r,
442	qbuf, rbuf,
443	lsa_io_q_query_info2,
444	lsa_io_r_query_info2,
445	NT_STATUS_UNSUCCESSFUL);
446
447	result = r.status;
448
449	if (!NT_STATUS_IS_OK(result)) {
450	goto done;
451	}
452
453	done:
454
455	*ctr = r.ctr;
456
457	return result;
458	}
459
460
461
462	/** Query info policy
463	*
464	* @param domain_sid - returned remote server's domain sid */
465
466	NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli,
467	TALLOC_CTX *mem_ctx,
468	POLICY_HND *pol, uint16 info_class,
469	char domain_name, DOM_SID domain_sid)
470	{
471	prs_struct qbuf, rbuf;
472	LSA_Q_QUERY_INFO q;
473	LSA_R_QUERY_INFO r;
474	NTSTATUS result;
475
476	ZERO_STRUCT(q);
477	ZERO_STRUCT(r);
478
479	init_q_query(&q, pol, info_class);
480
481	CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
482	q, r,
483	qbuf, rbuf,
484	lsa_io_q_query,
485	lsa_io_r_query,
486	NT_STATUS_UNSUCCESSFUL);
487
488	result = r.status;
489
490	if (!NT_STATUS_IS_OK(result)) {
491	goto done;
492	}
493
494	/* Return output parameters */
495
496	switch (info_class) {
497
498	case 3:
499	if (domain_name && (r.ctr.info.id3.buffer_dom_name != 0)) {
500	*domain_name = unistr2_tdup(mem_ctx,
501	&r.ctr.info.id3.
502	uni_domain_name);
503	if (!*domain_name) {
504	return NT_STATUS_NO_MEMORY;
505	}
506	}
507
508	if (domain_sid && (r.ctr.info.id3.buffer_dom_sid != 0)) {
509	*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
510	if (!*domain_sid) {
511	return NT_STATUS_NO_MEMORY;
512	}
513	sid_copy(*domain_sid, &r.ctr.info.id3.dom_sid.sid);
514	}
515
516	break;
517
518	case 5:
519
520	if (domain_name && (r.ctr.info.id5.buffer_dom_name != 0)) {
521	*domain_name = unistr2_tdup(mem_ctx,
522	&r.ctr.info.id5.
523	uni_domain_name);
524	if (!*domain_name) {
525	return NT_STATUS_NO_MEMORY;
526	}
527	}
528
529	if (domain_sid && (r.ctr.info.id5.buffer_dom_sid != 0)) {
530	*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
531	if (!*domain_sid) {
532	return NT_STATUS_NO_MEMORY;
533	}
534	sid_copy(*domain_sid, &r.ctr.info.id5.dom_sid.sid);
535	}
536	break;
537
538	default:
539	DEBUG(3, ("unknown info class %d\n", info_class));
540	break;
541	}
542
543	done:
544
545	return result;
546	}
547
548	/** Query info policy2
549	*
550	* @param domain_name - returned remote server's domain name
551	* @param dns_name - returned remote server's dns domain name
552	* @param forest_name - returned remote server's forest name
553	* @param domain_guid - returned remote server's domain guid
554	* @param domain_sid - returned remote server's domain sid */
555
556	NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli,
557	TALLOC_CTX *mem_ctx,
558	POLICY_HND *pol, uint16 info_class,
559	char domain_name, char dns_name,
560	char **forest_name,
561	struct GUID **domain_guid,
562	DOM_SID **domain_sid)
563	{
564	prs_struct qbuf, rbuf;
565	LSA_Q_QUERY_INFO2 q;
566	LSA_R_QUERY_INFO2 r;
567	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
568
569	if (info_class != 12)
570	goto done;
571
572	ZERO_STRUCT(q);
573	ZERO_STRUCT(r);
574
575	init_q_query2(&q, pol, info_class);
576
577	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
578	q, r,
579	qbuf, rbuf,
580	lsa_io_q_query_info2,
581	lsa_io_r_query_info2,
582	NT_STATUS_UNSUCCESSFUL);
583
584	result = r.status;
585
586	if (!NT_STATUS_IS_OK(result)) {
587	goto done;
588	}
589
590	/* Return output parameters */
591
592	ZERO_STRUCTP(domain_guid);
593
594	if (domain_name && r.ctr.info.id12.hdr_nb_dom_name.buffer) {
595	*domain_name = unistr2_tdup(mem_ctx,
596	&r.ctr.info.id12
597	.uni_nb_dom_name);
598	if (!*domain_name) {
599	return NT_STATUS_NO_MEMORY;
600	}
601	}
602	if (dns_name && r.ctr.info.id12.hdr_dns_dom_name.buffer) {
603	*dns_name = unistr2_tdup(mem_ctx,
604	&r.ctr.info.id12
605	.uni_dns_dom_name);
606	if (!*dns_name) {
607	return NT_STATUS_NO_MEMORY;
608	}
609	}
610	if (forest_name && r.ctr.info.id12.hdr_forest_name.buffer) {
611	*forest_name = unistr2_tdup(mem_ctx,
612	&r.ctr.info.id12
613	.uni_forest_name);
614	if (!*forest_name) {
615	return NT_STATUS_NO_MEMORY;
616	}
617	}
618
619	if (domain_guid) {
620	*domain_guid = TALLOC_P(mem_ctx, struct GUID);
621	if (!*domain_guid) {
622	return NT_STATUS_NO_MEMORY;
623	}
624	memcpy(*domain_guid,
625	&r.ctr.info.id12.dom_guid,
626	sizeof(struct GUID));
627	}
628
629	if (domain_sid && r.ctr.info.id12.ptr_dom_sid != 0) {
630	*domain_sid = TALLOC_P(mem_ctx, DOM_SID);
631	if (!*domain_sid) {
632	return NT_STATUS_NO_MEMORY;
633	}
634	sid_copy(*domain_sid,
635	&r.ctr.info.id12.dom_sid.sid);
636	}
637
638	done:
639
640	return result;
641	}
642
643	NTSTATUS rpccli_lsa_set_info_policy(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
644	POLICY_HND *pol, uint16 info_class,
645	LSA_INFO_CTR ctr)
646	{
647	prs_struct qbuf, rbuf;
648	LSA_Q_SET_INFO q;
649	LSA_R_SET_INFO r;
650	NTSTATUS result;
651
652	ZERO_STRUCT(q);
653	ZERO_STRUCT(r);
654
655	init_q_set(&q, pol, info_class, ctr);
656
657	CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_SETINFOPOLICY,
658	q, r,
659	qbuf, rbuf,
660	lsa_io_q_set,
661	lsa_io_r_set,
662	NT_STATUS_UNSUCCESSFUL);
663
664	result = r.status;
665
666	if (!NT_STATUS_IS_OK(result)) {
667	goto done;
668	}
669
670	/* Return output parameters */
671
672	done:
673
674	return result;
675	}
676
677
678	/**
679	* Enumerate list of trusted domains
680	*
681	* @param cli client state (cli_state) structure of the connection
682	* @param mem_ctx memory context
683	* @param pol opened lsa policy handle
684	* @param enum_ctx enumeration context ie. index of first returned domain entry
685	* @param pref_num_domains preferred max number of entries returned in one response
686	* @param num_domains total number of trusted domains returned by response
687	* @param domain_names returned trusted domain names
688	* @param domain_sids returned trusted domain sids
689	*
690	* @return nt status code of response
691	**/
692
693	NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
694	TALLOC_CTX *mem_ctx,
695	POLICY_HND pol, uint32 enum_ctx,
696	uint32 *num_domains,
697	char *domain_names, DOM_SID domain_sids)
698	{
699	prs_struct qbuf, rbuf;
700	LSA_Q_ENUM_TRUST_DOM in;
701	LSA_R_ENUM_TRUST_DOM out;
702	int i;
703	fstring tmp;
704
705	ZERO_STRUCT(in);
706	ZERO_STRUCT(out);
707
708	/* 64k is enough for about 2000 trusted domains */
709
710	init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000);
711
712	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM,
713	in, out,
714	qbuf, rbuf,
715	lsa_io_q_enum_trust_dom,
716	lsa_io_r_enum_trust_dom,
717	NT_STATUS_UNSUCCESSFUL );
718
719
720	/* check for an actual error */
721
722	if ( !NT_STATUS_IS_OK(out.status)
723	&& !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES)
724	&& !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) )
725	{
726	return out.status;
727	}
728
729	/* Return output parameters */
730
731	*num_domains = out.count;
732	*enum_ctx = out.enum_context;
733
734	if ( out.count ) {
735
736	/* Allocate memory for trusted domain names and sids */
737
738	if ( !(domain_names = TALLOC_ARRAY(mem_ctx, char , out.count)) ) {
739	DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
740	return NT_STATUS_NO_MEMORY;
741	}
742
743	if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) {
744	DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
745	return NT_STATUS_NO_MEMORY;
746	}
747
748	/* Copy across names and sids */
749
750	for (i = 0; i < out.count; i++) {
751
752	rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer,
753	sizeof(tmp), out.domlist->domains[i].name.length, 0);
754	(*domain_names)[i] = talloc_strdup(mem_ctx, tmp);
755
756	sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid );
757	}
758	}
759
760	return out.status;
761	}
762
763	/** Enumerate privileges*/
764
765	NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
766	POLICY_HND pol, uint32 enum_context, uint32 pref_max_length,
767	uint32 count, char privs_name, uint32 privs_high, uint32 **privs_low)
768	{
769	prs_struct qbuf, rbuf;
770	LSA_Q_ENUM_PRIVS q;
771	LSA_R_ENUM_PRIVS r;
772	NTSTATUS result;
773	int i;
774
775	ZERO_STRUCT(q);
776	ZERO_STRUCT(r);
777
778	init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
779
780	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS,
781	q, r,
782	qbuf, rbuf,
783	lsa_io_q_enum_privs,
784	lsa_io_r_enum_privs,
785	NT_STATUS_UNSUCCESSFUL);
786
787	result = r.status;
788
789	if (!NT_STATUS_IS_OK(result)) {
790	goto done;
791	}
792
793	/* Return output parameters */
794
795	*enum_context = r.enum_context;
796	*count = r.count;
797
798	if (r.count) {
799	if (!((privs_name = TALLOC_ARRAY(mem_ctx, char , r.count)))) {
800	DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
801	result = NT_STATUS_UNSUCCESSFUL;
802	goto done;
803	}
804
805	if (!((*privs_high = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
806	DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
807	result = NT_STATUS_UNSUCCESSFUL;
808	goto done;
809	}
810
811	if (!((*privs_low = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
812	DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
813	result = NT_STATUS_UNSUCCESSFUL;
814	goto done;
815	}
816	} else {
817	*privs_name = NULL;
818	*privs_high = NULL;
819	*privs_low = NULL;
820	}
821
822	for (i = 0; i < r.count; i++) {
823	fstring name;
824
825	rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
826
827	(*privs_name)[i] = talloc_strdup(mem_ctx, name);
828
829	(*privs_high)[i] = r.privs[i].luid_high;
830	(*privs_low)[i] = r.privs[i].luid_low;
831	}
832
833	done:
834
835	return result;
836	}
837
838	/** Get privilege name */
839
840	NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
841	POLICY_HND pol, const char name,
842	uint16 lang_id, uint16 lang_id_sys,
843	fstring description, uint16 *lang_id_desc)
844	{
845	prs_struct qbuf, rbuf;
846	LSA_Q_PRIV_GET_DISPNAME q;
847	LSA_R_PRIV_GET_DISPNAME r;
848	NTSTATUS result;
849
850	ZERO_STRUCT(q);
851	ZERO_STRUCT(r);
852
853	init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys);
854
855	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME,
856	q, r,
857	qbuf, rbuf,
858	lsa_io_q_priv_get_dispname,
859	lsa_io_r_priv_get_dispname,
860	NT_STATUS_UNSUCCESSFUL);
861
862	result = r.status;
863
864	if (!NT_STATUS_IS_OK(result)) {
865	goto done;
866	}
867
868	/* Return output parameters */
869
870	rpcstr_pull_unistr2_fstring(description , &r.desc);
871	*lang_id_desc = r.lang_id;
872
873	done:
874
875	return result;
876	}
877
878	/** Enumerate list of SIDs */
879
880	NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
881	POLICY_HND pol, uint32 enum_ctx, uint32 pref_max_length,
882	uint32 num_sids, DOM_SID *sids)
883	{
884	prs_struct qbuf, rbuf;
885	LSA_Q_ENUM_ACCOUNTS q;
886	LSA_R_ENUM_ACCOUNTS r;
887	NTSTATUS result;
888	int i;
889
890	ZERO_STRUCT(q);
891	ZERO_STRUCT(r);
892
893	init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
894
895	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
896	q, r,
897	qbuf, rbuf,
898	lsa_io_q_enum_accounts,
899	lsa_io_r_enum_accounts,
900	NT_STATUS_UNSUCCESSFUL);
901
902	result = r.status;
903
904	if (!NT_STATUS_IS_OK(result)) {
905	goto done;
906	}
907
908	if (r.sids.num_entries==0)
909	goto done;
910
911	/* Return output parameters */
912
913	*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
914	if (!*sids) {
915	DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
916	result = NT_STATUS_UNSUCCESSFUL;
917	goto done;
918	}
919
920	/* Copy across names and sids */
921
922	for (i = 0; i < r.sids.num_entries; i++) {
923	sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
924	}
925
926	*num_sids= r.sids.num_entries;
927	*enum_ctx = r.enum_context;
928
929	done:
930
931	return result;
932	}
933
934	/** Create a LSA user handle
935	*
936	* @param cli Handle on an initialised SMB connection
937	*
938	* FIXME: The code is actually identical to open account
939	* TODO: Check and code what the function should exactly do
940	*
941	* */
942
943	NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
944	POLICY_HND dom_pol, DOM_SID sid, uint32 desired_access,
945	POLICY_HND *user_pol)
946	{
947	prs_struct qbuf, rbuf;
948	LSA_Q_CREATEACCOUNT q;
949	LSA_R_CREATEACCOUNT r;
950	NTSTATUS result;
951
952	ZERO_STRUCT(q);
953	ZERO_STRUCT(r);
954
955	/* Initialise input parameters */
956
957	init_lsa_q_create_account(&q, dom_pol, sid, desired_access);
958
959	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT,
960	q, r,
961	qbuf, rbuf,
962	lsa_io_q_create_account,
963	lsa_io_r_create_account,
964	NT_STATUS_UNSUCCESSFUL);
965
966	/* Return output parameters */
967
968	result = r.status;
969
970	if (NT_STATUS_IS_OK(result)) {
971	*user_pol = r.pol;
972	}
973
974	return result;
975	}
976
977	/** Open a LSA user handle
978	*
979	* @param cli Handle on an initialised SMB connection */
980
981	NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
982	POLICY_HND dom_pol, DOM_SID sid, uint32 des_access,
983	POLICY_HND *user_pol)
984	{
985	prs_struct qbuf, rbuf;
986	LSA_Q_OPENACCOUNT q;
987	LSA_R_OPENACCOUNT r;
988	NTSTATUS result;
989
990	ZERO_STRUCT(q);
991	ZERO_STRUCT(r);
992
993	/* Initialise input parameters */
994
995	init_lsa_q_open_account(&q, dom_pol, sid, des_access);
996
997	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT,
998	q, r,
999	qbuf, rbuf,
1000	lsa_io_q_open_account,
1001	lsa_io_r_open_account,
1002	NT_STATUS_UNSUCCESSFUL);
1003
1004	/* Return output parameters */
1005
1006	result = r.status;
1007
1008	if (NT_STATUS_IS_OK(result)) {
1009	*user_pol = r.pol;
1010	}
1011
1012	return result;
1013	}
1014
1015	/** Enumerate user privileges
1016	*
1017	* @param cli Handle on an initialised SMB connection */
1018
1019	NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1020	POLICY_HND pol, uint32 count, LUID_ATTR **set)
1021	{
1022	prs_struct qbuf, rbuf;
1023	LSA_Q_ENUMPRIVSACCOUNT q;
1024	LSA_R_ENUMPRIVSACCOUNT r;
1025	NTSTATUS result;
1026	int i;
1027
1028	ZERO_STRUCT(q);
1029	ZERO_STRUCT(r);
1030
1031	/* Initialise input parameters */
1032
1033	init_lsa_q_enum_privsaccount(&q, pol);
1034
1035	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
1036	q, r,
1037	qbuf, rbuf,
1038	lsa_io_q_enum_privsaccount,
1039	lsa_io_r_enum_privsaccount,
1040	NT_STATUS_UNSUCCESSFUL);
1041
1042	/* Return output parameters */
1043
1044	result = r.status;
1045
1046	if (!NT_STATUS_IS_OK(result)) {
1047	goto done;
1048	}
1049
1050	if (r.count == 0)
1051	goto done;
1052
1053	if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
1054	DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
1055	result = NT_STATUS_UNSUCCESSFUL;
1056	goto done;
1057	}
1058
1059	for (i=0; i<r.count; i++) {
1060	(*set)[i].luid.low = r.set.set[i].luid.low;
1061	(*set)[i].luid.high = r.set.set[i].luid.high;
1062	(*set)[i].attr = r.set.set[i].attr;
1063	}
1064
1065	*count=r.count;
1066	done:
1067
1068	return result;
1069	}
1070
1071	/** Get a privilege value given its name */
1072
1073	NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1074	POLICY_HND pol, const char name, LUID *luid)
1075	{
1076	prs_struct qbuf, rbuf;
1077	LSA_Q_LOOKUP_PRIV_VALUE q;
1078	LSA_R_LOOKUP_PRIV_VALUE r;
1079	NTSTATUS result;
1080
1081	ZERO_STRUCT(q);
1082	ZERO_STRUCT(r);
1083
1084	/* Marshall data and send request */
1085
1086	init_lsa_q_lookup_priv_value(&q, pol, name);
1087
1088	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE,
1089	q, r,
1090	qbuf, rbuf,
1091	lsa_io_q_lookup_priv_value,
1092	lsa_io_r_lookup_priv_value,
1093	NT_STATUS_UNSUCCESSFUL);
1094
1095	result = r.status;
1096
1097	if (!NT_STATUS_IS_OK(result)) {
1098	goto done;
1099	}
1100
1101	/* Return output parameters */
1102
1103	(*luid).low=r.luid.low;
1104	(*luid).high=r.luid.high;
1105
1106	done:
1107
1108	return result;
1109	}
1110
1111	/** Query LSA security object */
1112
1113	NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1114	POLICY_HND *pol, uint32 sec_info,
1115	SEC_DESC_BUF **psdb)
1116	{
1117	prs_struct qbuf, rbuf;
1118	LSA_Q_QUERY_SEC_OBJ q;
1119	LSA_R_QUERY_SEC_OBJ r;
1120	NTSTATUS result;
1121
1122	ZERO_STRUCT(q);
1123	ZERO_STRUCT(r);
1124
1125	/* Marshall data and send request */
1126
1127	init_q_query_sec_obj(&q, pol, sec_info);
1128
1129	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ,
1130	q, r,
1131	qbuf, rbuf,
1132	lsa_io_q_query_sec_obj,
1133	lsa_io_r_query_sec_obj,
1134	NT_STATUS_UNSUCCESSFUL);
1135
1136	result = r.status;
1137
1138	if (!NT_STATUS_IS_OK(result)) {
1139	goto done;
1140	}
1141
1142	/* Return output parameters */
1143
1144	if (psdb)
1145	*psdb = r.buf;
1146
1147	done:
1148
1149	return result;
1150	}
1151
1152
1153	/* Enumerate account rights This is similar to enum_privileges but
1154	takes a SID directly, avoiding the open_account call.
1155	*/
1156
1157	NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1158	POLICY_HND pol, DOM_SID sid,
1159	uint32 count, char **priv_names)
1160	{
1161	prs_struct qbuf, rbuf;
1162	LSA_Q_ENUM_ACCT_RIGHTS q;
1163	LSA_R_ENUM_ACCT_RIGHTS r;
1164	NTSTATUS result;
1165	int i;
1166	fstring *privileges;
1167	char **names;
1168
1169	ZERO_STRUCT(q);
1170	ZERO_STRUCT(r);
1171
1172	/* Marshall data and send request */
1173	init_q_enum_acct_rights(&q, pol, 2, sid);
1174
1175	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS,
1176	q, r,
1177	qbuf, rbuf,
1178	lsa_io_q_enum_acct_rights,
1179	lsa_io_r_enum_acct_rights,
1180	NT_STATUS_UNSUCCESSFUL);
1181
1182	result = r.status;
1183
1184	if (!NT_STATUS_IS_OK(result)) {
1185	goto done;
1186	}
1187
1188	*count = r.count;
1189	if (! *count) {
1190	goto done;
1191	}
1192
1193
1194	privileges = TALLOC_ARRAY( mem_ctx, fstring, *count );
1195	names = TALLOC_ARRAY( mem_ctx, char , count );
1196
1197	if ((privileges == NULL) \|\| (names == NULL)) {
1198	TALLOC_FREE(privileges);
1199	TALLOC_FREE(names);
1200	return NT_STATUS_NO_MEMORY;
1201	}
1202
1203	for ( i=0; i<*count; i++ ) {
1204	UNISTR4 *uni_string = &r.rights->strings[i];
1205
1206	if ( !uni_string->string )
1207	continue;
1208
1209	rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
1210
1211	/* now copy to the return array */
1212	names[i] = talloc_strdup( mem_ctx, privileges[i] );
1213	}
1214
1215	*priv_names = names;
1216
1217	done:
1218
1219	return result;
1220	}
1221
1222
1223
1224	/* add account rights to an account. */
1225
1226	NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1227	POLICY_HND *pol, DOM_SID sid,
1228	uint32 count, const char **privs_name)
1229	{
1230	prs_struct qbuf, rbuf;
1231	LSA_Q_ADD_ACCT_RIGHTS q;
1232	LSA_R_ADD_ACCT_RIGHTS r;
1233	NTSTATUS result;
1234
1235	ZERO_STRUCT(q);
1236	ZERO_STRUCT(r);
1237
1238	/* Marshall data and send request */
1239	init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
1240
1241	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
1242	q, r,
1243	qbuf, rbuf,
1244	lsa_io_q_add_acct_rights,
1245	lsa_io_r_add_acct_rights,
1246	NT_STATUS_UNSUCCESSFUL);
1247
1248	result = r.status;
1249
1250	if (!NT_STATUS_IS_OK(result)) {
1251	goto done;
1252	}
1253	done:
1254
1255	return result;
1256	}
1257
1258
1259	/* remove account rights for an account. */
1260
1261	NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1262	POLICY_HND *pol, DOM_SID sid, BOOL removeall,
1263	uint32 count, const char **privs_name)
1264	{
1265	prs_struct qbuf, rbuf;
1266	LSA_Q_REMOVE_ACCT_RIGHTS q;
1267	LSA_R_REMOVE_ACCT_RIGHTS r;
1268	NTSTATUS result;
1269
1270	ZERO_STRUCT(q);
1271	ZERO_STRUCT(r);
1272
1273	/* Marshall data and send request */
1274	init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
1275
1276	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
1277	q, r,
1278	qbuf, rbuf,
1279	lsa_io_q_remove_acct_rights,
1280	lsa_io_r_remove_acct_rights,
1281	NT_STATUS_UNSUCCESSFUL);
1282
1283	result = r.status;
1284
1285	if (!NT_STATUS_IS_OK(result)) {
1286	goto done;
1287	}
1288	done:
1289
1290	return result;
1291	}
1292
1293
1294	#if 0
1295
1296	/** An example of how to use the routines in this file. Fetch a DOMAIN
1297	sid. Does complete cli setup / teardown anonymously. */
1298
1299	BOOL fetch_domain_sid( char domain, char remote_machine, DOM_SID *psid)
1300	{
1301	extern pstring global_myname;
1302	struct cli_state cli;
1303	NTSTATUS result;
1304	POLICY_HND lsa_pol;
1305	BOOL ret = False;
1306
1307	ZERO_STRUCT(cli);
1308	if(cli_initialise(&cli) == False) {
1309	DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
1310	return False;
1311	}
1312
1313	if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
1314	DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
1315	goto done;
1316	}
1317
1318	if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
1319	DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
1320	machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1321	goto done;
1322	}
1323
1324	if (!attempt_netbios_session_request(&cli, global_myname, remote_machine, &cli.dest_ip)) {
1325	DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
1326	remote_machine));
1327	goto done;
1328	}
1329
1330	cli.protocol = PROTOCOL_NT1;
1331
1332	if (!cli_negprot(&cli)) {
1333	DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
1334	Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1335	goto done;
1336	}
1337
1338	if (cli.protocol != PROTOCOL_NT1) {
1339	DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
1340	remote_machine));
1341	goto done;
1342	}
1343
1344	/*
1345	* Do an anonymous session setup.
1346	*/
1347
1348	if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
1349	DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
1350	Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1351	goto done;
1352	}
1353
1354	if (!(cli.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
1355	DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
1356	remote_machine));
1357	goto done;
1358	}
1359
1360	if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
1361	DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
1362	Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1363	goto done;
1364	}
1365
1366	/* Fetch domain sid */
1367
1368	if (!cli_nt_session_open(&cli, PI_LSARPC)) {
1369	DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
1370	goto done;
1371	}
1372
1373	result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
1374	if (!NT_STATUS_IS_OK(result)) {
1375	DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
1376	nt_errstr(result) ));
1377	goto done;
1378	}
1379
1380	result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
1381	if (!NT_STATUS_IS_OK(result)) {
1382	DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
1383	nt_errstr(result) ));
1384	goto done;
1385	}
1386
1387	ret = True;
1388
1389	done:
1390
1391	cli_shutdown(&cli);
1392	return ret;
1393	}
1394
1395	#endif
1396
1397	NTSTATUS rpccli_lsa_open_trusted_domain(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1398	POLICY_HND pol, DOM_SID dom_sid, uint32 access_mask,
1399	POLICY_HND *trustdom_pol)
1400	{
1401	prs_struct qbuf, rbuf;
1402	LSA_Q_OPEN_TRUSTED_DOMAIN q;
1403	LSA_R_OPEN_TRUSTED_DOMAIN r;
1404	NTSTATUS result;
1405
1406	ZERO_STRUCT(q);
1407	ZERO_STRUCT(r);
1408
1409	/* Initialise input parameters */
1410
1411	init_lsa_q_open_trusted_domain(&q, pol, dom_sid, access_mask);
1412
1413	/* Marshall data and send request */
1414
1415	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENTRUSTDOM,
1416	q, r,
1417	qbuf, rbuf,
1418	lsa_io_q_open_trusted_domain,
1419	lsa_io_r_open_trusted_domain,
1420	NT_STATUS_UNSUCCESSFUL);
1421
1422	/* Return output parameters */
1423
1424	result = r.status;
1425
1426	if (NT_STATUS_IS_OK(result)) {
1427	*trustdom_pol = r.handle;
1428	}
1429
1430	return result;
1431	}
1432
1433	NTSTATUS rpccli_lsa_query_trusted_domain_info(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1434	POLICY_HND *pol,
1435	uint16 info_class,
1436	LSA_TRUSTED_DOMAIN_INFO **info)
1437	{
1438	prs_struct qbuf, rbuf;
1439	LSA_Q_QUERY_TRUSTED_DOMAIN_INFO q;
1440	LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1441	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1442
1443	ZERO_STRUCT(q);
1444	ZERO_STRUCT(r);
1445
1446	/* Marshall data and send request */
1447
1448	init_q_query_trusted_domain_info(&q, pol, info_class);
1449
1450	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFO,
1451	q, r,
1452	qbuf, rbuf,
1453	lsa_io_q_query_trusted_domain_info,
1454	lsa_io_r_query_trusted_domain_info,
1455	NT_STATUS_UNSUCCESSFUL);
1456
1457	result = r.status;
1458
1459	if (!NT_STATUS_IS_OK(result)) {
1460	goto done;
1461	}
1462
1463	*info = r.info;
1464
1465	done:
1466	return result;
1467	}
1468
1469	NTSTATUS rpccli_lsa_open_trusted_domain_by_name(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1470	POLICY_HND pol, const char name, uint32 access_mask,
1471	POLICY_HND *trustdom_pol)
1472	{
1473	prs_struct qbuf, rbuf;
1474	LSA_Q_OPEN_TRUSTED_DOMAIN_BY_NAME q;
1475	LSA_R_OPEN_TRUSTED_DOMAIN_BY_NAME r;
1476	NTSTATUS result;
1477
1478	ZERO_STRUCT(q);
1479	ZERO_STRUCT(r);
1480
1481	/* Initialise input parameters */
1482
1483	init_lsa_q_open_trusted_domain_by_name(&q, pol, name, access_mask);
1484
1485	/* Marshall data and send request */
1486
1487	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENTRUSTDOMBYNAME,
1488	q, r,
1489	qbuf, rbuf,
1490	lsa_io_q_open_trusted_domain_by_name,
1491	lsa_io_r_open_trusted_domain_by_name,
1492	NT_STATUS_UNSUCCESSFUL);
1493
1494	/* Return output parameters */
1495
1496	result = r.status;
1497
1498	if (NT_STATUS_IS_OK(result)) {
1499	*trustdom_pol = r.handle;
1500	}
1501
1502	return result;
1503	}
1504
1505
1506	NTSTATUS rpccli_lsa_query_trusted_domain_info_by_sid(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1507	POLICY_HND *pol,
1508	uint16 info_class, DOM_SID *dom_sid,
1509	LSA_TRUSTED_DOMAIN_INFO **info)
1510	{
1511	prs_struct qbuf, rbuf;
1512	LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_SID q;
1513	LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1514	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1515
1516	ZERO_STRUCT(q);
1517	ZERO_STRUCT(r);
1518
1519	/* Marshall data and send request */
1520
1521	init_q_query_trusted_domain_info_by_sid(&q, pol, info_class, dom_sid);
1522
1523	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYSID,
1524	q, r,
1525	qbuf, rbuf,
1526	lsa_io_q_query_trusted_domain_info_by_sid,
1527	lsa_io_r_query_trusted_domain_info,
1528	NT_STATUS_UNSUCCESSFUL);
1529
1530	result = r.status;
1531
1532	if (!NT_STATUS_IS_OK(result)) {
1533	goto done;
1534	}
1535
1536	*info = r.info;
1537
1538	done:
1539
1540	return result;
1541	}
1542
1543	NTSTATUS rpccli_lsa_query_trusted_domain_info_by_name(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1544	POLICY_HND *pol,
1545	uint16 info_class, const char *domain_name,
1546	LSA_TRUSTED_DOMAIN_INFO **info)
1547	{
1548	prs_struct qbuf, rbuf;
1549	LSA_Q_QUERY_TRUSTED_DOMAIN_INFO_BY_NAME q;
1550	LSA_R_QUERY_TRUSTED_DOMAIN_INFO r;
1551	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1552
1553	ZERO_STRUCT(q);
1554	ZERO_STRUCT(r);
1555
1556	/* Marshall data and send request */
1557
1558	init_q_query_trusted_domain_info_by_name(&q, pol, info_class, domain_name);
1559
1560	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYNAME,
1561	q, r,
1562	qbuf, rbuf,
1563	lsa_io_q_query_trusted_domain_info_by_name,
1564	lsa_io_r_query_trusted_domain_info,
1565	NT_STATUS_UNSUCCESSFUL);
1566
1567	result = r.status;
1568
1569	if (!NT_STATUS_IS_OK(result)) {
1570	goto done;
1571	}
1572
1573	*info = r.info;
1574
1575	done:
1576
1577	return result;
1578	}
1579
1580	NTSTATUS cli_lsa_query_domain_info_policy(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
1581	POLICY_HND *pol,
1582	uint16 info_class, LSA_DOM_INFO_UNION **info)
1583	{
1584	prs_struct qbuf, rbuf;
1585	LSA_Q_QUERY_DOM_INFO_POLICY q;
1586	LSA_R_QUERY_DOM_INFO_POLICY r;
1587	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1588
1589	ZERO_STRUCT(q);
1590	ZERO_STRUCT(r);
1591
1592	/* Marshall data and send request */
1593
1594	init_q_query_dom_info(&q, pol, info_class);
1595
1596	CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYDOMINFOPOL,
1597	q, r,
1598	qbuf, rbuf,
1599	lsa_io_q_query_dom_info,
1600	lsa_io_r_query_dom_info,
1601	NT_STATUS_UNSUCCESSFUL);
1602
1603	result = r.status;
1604
1605	if (!NT_STATUS_IS_OK(result)) {
1606	goto done;
1607	}
1608
1609	*info = r.info;
1610
1611	done:
1612	return result;
1613	}
1614

Note: See TracBrowser for help on using the repository browser.

Download in other formats: