source3/rpc_server/srv_lsa.c

   1 #define OLD_NTDOMAIN 1
   2 /*
   3  *  Unix SMB/Netbios implementation.
   4  *  Version 1.9.
   5  *  RPC Pipe client / server routines
   6  *  Copyright (C) Andrew Tridgell              1992-1997,
   7  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
   8  *  Copyright (C) Paul Ashton                       1997.
   9  *  Copyright (C) Jeremy Allison                    1998.
  10  *
  11  *  This program is free software; you can redistribute it and/or modify
  12  *  it under the terms of the GNU General Public License as published by
  13  *  the Free Software Foundation; either version 2 of the License, or
  14  *  (at your option) any later version.
  15  *
  16  *  This program is distributed in the hope that it will be useful,
  17  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  18  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  19  *  GNU General Public License for more details.
  20  *
  21  *  You should have received a copy of the GNU General Public License
  22  *  along with this program; if not, write to the Free Software
  23  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  24  */
  25
  26 #include "includes.h"
  27
  28 extern int DEBUGLEVEL;
  29 extern DOM_SID global_sam_sid;
  30 extern fstring global_myworkgroup;
  31 extern pstring global_myname;
  32
  33 /***************************************************************************
  34  lsa_reply_open_policy2
  35  ***************************************************************************/
  36
  37 static BOOL lsa_reply_open_policy2(prs_struct *rdata)
  38 {
  39         int i;
  40         LSA_R_OPEN_POL2 r_o;
  41
  42         ZERO_STRUCT(r_o);
  43
  44         /* set up the LSA QUERY INFO response */
  45
  46         for (i = 4; i < POL_HND_SIZE; i++)
  47                 r_o.pol.data[i] = i;
  48         r_o.status = 0x0;
  49
  50         /* store the response in the SMB stream */
  51         if(!lsa_io_r_open_pol2("", &r_o, rdata, 0)) {
  52                 DEBUG(0,("lsa_reply_open_policy2: unable to marshall LSA_R_OPEN_POL2.\n"));
  53                 return False;
  54         }
  55
  56         return True;
  57 }
  58
  59 /***************************************************************************
  60 lsa_reply_open_policy
  61  ***************************************************************************/
  62
  63 static BOOL lsa_reply_open_policy(prs_struct *rdata)
  64 {
  65         int i;
  66         LSA_R_OPEN_POL r_o;
  67
  68         ZERO_STRUCT(r_o);
  69
  70         /* set up the LSA QUERY INFO response */
  71
  72         for (i = 4; i < POL_HND_SIZE; i++)
  73                 r_o.pol.data[i] = i;
  74         r_o.status = 0x0;
  75
  76         /* store the response in the SMB stream */
  77         if(!lsa_io_r_open_pol("", &r_o, rdata, 0)) {
  78                 DEBUG(0,("lsa_reply_open_policy: unable to marshall LSA_R_OPEN_POL.\n"));
  79                 return False;
  80         }
  81
  82         return True;
  83 }
  84
  85 /***************************************************************************
  86 Init dom_query
  87  ***************************************************************************/
  88
  89 static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
  90 {
  91         int domlen = (dom_name != NULL) ? strlen(dom_name) : 0;
  92
  93         d_q->uni_dom_max_len = domlen * 2;
  94         d_q->uni_dom_str_len = domlen * 2;
  95
  96         d_q->buffer_dom_name = (dom_name != 0)   ? 1 : 0;
  97         d_q->buffer_dom_sid  = (dom_sid != NULL) ? 1 : 0;
  98
  99         /* this string is supposed to be character short */
 100         init_unistr2(&d_q->uni_domain_name, dom_name, domlen);
 101         if (dom_sid != NULL)
 102                 init_dom_sid2(&d_q->dom_sid, dom_sid);
 103 }
 104
 105 /***************************************************************************
 106  lsa_reply_enum_trust_dom
 107  ***************************************************************************/
 108
 109 static void lsa_reply_enum_trust_dom(LSA_Q_ENUM_TRUST_DOM *q_e,
 110                                 prs_struct *rdata,
 111                                 uint32 enum_context, char *dom_name, DOM_SID *dom_sid)
 112 {
 113         LSA_R_ENUM_TRUST_DOM r_e;
 114
 115         ZERO_STRUCT(r_e);
 116
 117         /* set up the LSA QUERY INFO response */
 118         init_r_enum_trust_dom(&r_e, enum_context, dom_name, dom_sid,
 119               dom_name != NULL ? 0x0 : 0x80000000 | NT_STATUS_UNABLE_TO_FREE_VM);
 120
 121         /* store the response in the SMB stream */
 122         lsa_io_r_enum_trust_dom("", &r_e, rdata, 0);
 123 }
 124
 125 /***************************************************************************
 126 lsa_reply_query_info
 127  ***************************************************************************/
 128
 129 static BOOL lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata,
 130                                 char *dom_name, DOM_SID *dom_sid, uint32 status_code)
 131 {
 132         LSA_R_QUERY_INFO r_q;
 133
 134         ZERO_STRUCT(r_q);
 135
 136         /* set up the LSA QUERY INFO response */
 137
 138         if(status_code == 0) {
 139                 r_q.undoc_buffer = 0x22000000; /* bizarre */
 140                 r_q.info_class = q_q->info_class;
 141
 142                 init_dom_query(&r_q.dom.id5, dom_name, dom_sid);
 143         }
 144
 145         r_q.status = status_code;
 146
 147         /* store the response in the SMB stream */
 148         if(!lsa_io_r_query("", &r_q, rdata, 0)) {
 149                 DEBUG(0,("lsa_reply_query_info: failed to marshall LSA_R_QUERY_INFO.\n"));
 150                 return False;
 151         }
 152
 153         return True;
 154 }
 155
 156 /***************************************************************************
 157  init_dom_ref - adds a domain if it's not already in, returns the index.
 158 ***************************************************************************/
 159
 160 static int init_dom_ref(DOM_R_REF *ref, char *dom_name, DOM_SID *dom_sid)
 161 {
 162         int num = 0;
 163         int len;
 164
 165         if (dom_name != NULL) {
 166                 for (num = 0; num < ref->num_ref_doms_1; num++) {
 167                         fstring domname;
 168                         fstrcpy(domname, dos_unistr2_to_str(&ref->ref_dom[num].uni_dom_name));
 169                         if (strequal(domname, dom_name))
 170                                 return num;
 171                 }
 172         } else {
 173                 num = ref->num_ref_doms_1;
 174         }
 175
 176         if (num >= MAX_REF_DOMAINS) {
 177                 /* index not found, already at maximum domain limit */
 178                 return -1;
 179         }
 180
 181         ref->num_ref_doms_1 = num+1;
 182         ref->ptr_ref_dom  = 1;
 183         ref->max_entries = MAX_REF_DOMAINS;
 184         ref->num_ref_doms_2 = num+1;
 185
 186         len = (dom_name != NULL) ? strlen(dom_name) : 0;
 187         if(dom_name != NULL && len == 0)
 188                 len = 1;
 189
 190         init_uni_hdr(&ref->hdr_ref_dom[num].hdr_dom_name, len);
 191         ref->hdr_ref_dom[num].ptr_dom_sid = dom_sid != NULL ? 1 : 0;
 192
 193         init_unistr2(&ref->ref_dom[num].uni_dom_name, dom_name, len);
 194         init_dom_sid2(&ref->ref_dom[num].ref_dom, dom_sid );
 195
 196         return num;
 197 }
 198
 199 /***************************************************************************
 200  init_lsa_rid2s
 201  ***************************************************************************/
 202
 203 static void init_lsa_rid2s(DOM_R_REF *ref, DOM_RID2 *rid2,
 204                                 int num_entries, UNISTR2 name[MAX_LOOKUP_SIDS],
 205                                 uint32 *mapped_count)
 206 {
 207         int i;
 208         int total = 0;
 209         *mapped_count = 0;
 210
 211         SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
 212
 213         for (i = 0; i < num_entries; i++) {
 214                 BOOL status = False;
 215                 DOM_SID sid;
 216                 uint32 rid = 0xffffffff;
 217                 int dom_idx = -1;
 218                 pstring full_name;
 219                 fstring dom_name, user;
 220                 enum SID_NAME_USE name_type = SID_NAME_UNKNOWN;
 221
 222                 /* Split name into domain and user component */
 223
 224                 pstrcpy(full_name, dos_unistr2_to_str(&name[i]));
 225                 split_domain_name(full_name, dom_name, user);
 226
 227                 /* Lookup name */
 228
 229                 DEBUG(5, ("init_lsa_rid2s: looking up name %s\n", full_name));
 230
 231                 status = lookup_name(full_name, &sid, &name_type);
 232
 233                 DEBUG(5, ("init_lsa_rid2s: %s\n", status ? "found" :
 234                           "not found"));
 235
 236                 if (status) {
 237                         sid_split_rid(&sid, &rid);
 238                         dom_idx = init_dom_ref(ref, dom_name, &sid);
 239                         (*mapped_count)++;
 240                 } else {
 241                         dom_idx = -1;
 242                         rid = 0xffffffff;
 243                         name_type = SID_NAME_UNKNOWN;
 244                 }
 245
 246                 init_dom_rid2(&rid2[total], rid, name_type, dom_idx);
 247                 total++;
 248         }
 249 }
 250
 251 /***************************************************************************
 252  init_reply_lookup_names
 253  ***************************************************************************/
 254
 255 static void init_reply_lookup_names(LSA_R_LOOKUP_NAMES *r_l,
 256                 DOM_R_REF *ref, uint32 num_entries,
 257                 DOM_RID2 *rid2, uint32 mapped_count)
 258 {
 259         r_l->ptr_dom_ref  = 1;
 260         r_l->dom_ref      = ref;
 261
 262         r_l->num_entries  = num_entries;
 263         r_l->ptr_entries  = 1;
 264         r_l->num_entries2 = num_entries;
 265         r_l->dom_rid      = rid2;
 266
 267         r_l->mapped_count = mapped_count;
 268
 269         if (mapped_count == 0)
 270                 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 271         else
 272                 r_l->status = 0x0;
 273 }
 274
 275 /***************************************************************************
 276  Init lsa_trans_names.
 277  ***************************************************************************/
 278
 279 static void init_lsa_trans_names(DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *trn,
 280                                 int num_entries, DOM_SID2 sid[MAX_LOOKUP_SIDS], uint32 *mapped_count)
 281 {
 282         int i;
 283         int total = 0;
 284         *mapped_count = 0;
 285
 286         SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
 287
 288         for (i = 0; i < num_entries; i++) {
 289                 BOOL status = False;
 290                 DOM_SID find_sid = sid[i].sid;
 291                 uint32 rid = 0xffffffff;
 292                 int dom_idx = -1;
 293                 fstring name, dom_name;
 294                 enum SID_NAME_USE sid_name_use = (enum SID_NAME_USE)0;
 295
 296                 sid_to_string(name, &find_sid);
 297                 DEBUG(5, ("init_lsa_trans_names: looking up sid %s\n", name));
 298
 299                 /* Lookup sid from winbindd */
 300
 301                 memset(dom_name, '\0', sizeof(dom_name));
 302                 memset(name, '\0', sizeof(name));
 303
 304                 status = lookup_sid(&find_sid, dom_name, name, &sid_name_use);
 305
 306                 DEBUG(5, ("init_lsa_trans_names: %s\n", status ? "found" :
 307                           "not found"));
 308
 309                 if (!status) {
 310                         sid_name_use = SID_NAME_UNKNOWN;
 311                 }
 312
 313                 /* Store domain sid in ref array */
 314
 315                 if (find_sid.num_auths == 5) {
 316                         sid_split_rid(&find_sid, &rid);
 317                 }
 318
 319                 dom_idx = init_dom_ref(ref, dom_name, &find_sid);
 320
 321                 DEBUG(10,("init_lsa_trans_names: added user '%s\\%s' to referenced list.\n", dom_name, name ));
 322
 323                 (*mapped_count)++;
 324
 325                 init_lsa_trans_name(&trn->name[total], &trn->uni_name[total],
 326                                         sid_name_use, name, dom_idx);
 327                 total++;
 328         }
 329
 330         trn->num_entries = total;
 331         trn->ptr_trans_names = 1;
 332         trn->num_entries2 = total;
 333 }
 334
 335 /***************************************************************************
 336  Init_reply_lookup_sids.
 337  ***************************************************************************/
 338
 339 static void init_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l,
 340                 DOM_R_REF *ref, LSA_TRANS_NAME_ENUM *names,
 341                 uint32 mapped_count)
 342 {
 343         r_l->ptr_dom_ref  = 1;
 344         r_l->dom_ref      = ref;
 345         r_l->names        = names;
 346         r_l->mapped_count = mapped_count;
 347
 348         if (mapped_count == 0)
 349                 r_l->status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
 350         else
 351                 r_l->status = 0x0;
 352 }
 353
 354 /***************************************************************************
 355 lsa_reply_lookup_sids
 356  ***************************************************************************/
 357
 358 static BOOL lsa_reply_lookup_sids(prs_struct *rdata, DOM_SID2 *sid, int num_entries)
 359 {
 360         LSA_R_LOOKUP_SIDS r_l;
 361         DOM_R_REF ref;
 362         LSA_TRANS_NAME_ENUM names;
 363         uint32 mapped_count = 0;
 364
 365         ZERO_STRUCT(r_l);
 366         ZERO_STRUCT(ref);
 367         ZERO_STRUCT(names);
 368
 369         /* set up the LSA Lookup SIDs response */
 370         init_lsa_trans_names(&ref, &names, num_entries, sid, &mapped_count);
 371         init_reply_lookup_sids(&r_l, &ref, &names, mapped_count);
 372
 373         /* store the response in the SMB stream */
 374         if(!lsa_io_r_lookup_sids("", &r_l, rdata, 0)) {
 375                 DEBUG(0,("lsa_reply_lookup_sids: Failed to marshall LSA_R_LOOKUP_SIDS.\n"));
 376                 return False;
 377         }
 378
 379         return True;
 380 }
 381
 382 /***************************************************************************
 383 lsa_reply_lookup_names
 384  ***************************************************************************/
 385
 386 static BOOL lsa_reply_lookup_names(prs_struct *rdata,
 387                 UNISTR2 names[MAX_LOOKUP_SIDS], int num_entries)
 388 {
 389         LSA_R_LOOKUP_NAMES r_l;
 390         DOM_R_REF ref;
 391         DOM_RID2 rids[MAX_LOOKUP_SIDS];
 392         uint32 mapped_count = 0;
 393
 394         ZERO_STRUCT(r_l);
 395         ZERO_STRUCT(ref);
 396         ZERO_ARRAY(rids);
 397
 398         /* set up the LSA Lookup RIDs response */
 399         init_lsa_rid2s(&ref, rids, num_entries, names, &mapped_count);
 400         init_reply_lookup_names(&r_l, &ref, num_entries, rids, mapped_count);
 401
 402         /* store the response in the SMB stream */
 403         if(!lsa_io_r_lookup_names("", &r_l, rdata, 0)) {
 404                 DEBUG(0,("lsa_reply_lookup_names: Failed to marshall LSA_R_LOOKUP_NAMES.\n"));
 405                 return False;
 406         }
 407
 408         return True;
 409 }
 410
 411 /***************************************************************************
 412  api_lsa_open_policy2
 413  ***************************************************************************/
 414
 415 static BOOL api_lsa_open_policy2(pipes_struct *p)
 416 {
 417         prs_struct *data = &p->in_data.data;
 418         prs_struct *rdata = &p->out_data.rdata;
 419
 420         LSA_Q_OPEN_POL2 q_o;
 421
 422         ZERO_STRUCT(q_o);
 423
 424         /* grab the server, object attributes and desired access flag...*/
 425         if(!lsa_io_q_open_pol2("", &q_o, data, 0)) {
 426                 DEBUG(0,("api_lsa_open_policy2: unable to unmarshall LSA_Q_OPEN_POL2.\n"));
 427                 return False;
 428         }
 429
 430         /* lkclXXXX having decoded it, ignore all fields in the open policy! */
 431
 432         /* return a 20 byte policy handle */
 433         if(!lsa_reply_open_policy2(rdata))
 434                 return False;
 435
 436         return True;
 437 }
 438
 439 /***************************************************************************
 440 api_lsa_open_policy
 441  ***************************************************************************/
 442 static BOOL api_lsa_open_policy(pipes_struct *p)
 443 {
 444         prs_struct *data = &p->in_data.data;
 445         prs_struct *rdata = &p->out_data.rdata;
 446
 447         LSA_Q_OPEN_POL q_o;
 448
 449         ZERO_STRUCT(q_o);
 450
 451         /* grab the server, object attributes and desired access flag...*/
 452         if(!lsa_io_q_open_pol("", &q_o, data, 0)) {
 453                 DEBUG(0,("api_lsa_open_policy: unable to unmarshall LSA_Q_OPEN_POL.\n"));
 454                 return False;
 455         }
 456
 457         /* lkclXXXX having decoded it, ignore all fields in the open policy! */
 458
 459         /* return a 20 byte policy handle */
 460         if(!lsa_reply_open_policy(rdata))
 461                 return False;
 462
 463         return True;
 464 }
 465
 466 /***************************************************************************
 467 api_lsa_enum_trust_dom
 468  ***************************************************************************/
 469 static BOOL api_lsa_enum_trust_dom(pipes_struct *p)
 470 {
 471         LSA_Q_ENUM_TRUST_DOM q_e;
 472         prs_struct *data = &p->in_data.data;
 473         prs_struct *rdata = &p->out_data.rdata;
 474
 475         ZERO_STRUCT(q_e);
 476
 477         /* grab the enum trust domain context etc. */
 478         if(!lsa_io_q_enum_trust_dom("", &q_e, data, 0))
 479                 return False;
 480
 481         /* construct reply.  return status is always 0x0 */
 482         lsa_reply_enum_trust_dom(&q_e, rdata, 0, NULL, NULL);
 483
 484         return True;
 485 }
 486
 487 /***************************************************************************
 488 api_lsa_query_info
 489  ***************************************************************************/
 490 static BOOL api_lsa_query_info(pipes_struct *p)
 491 {
 492         LSA_Q_QUERY_INFO q_i;
 493         DOM_SID domain_sid;
 494         char *name = NULL;
 495         DOM_SID *sid = NULL;
 496         uint32 status_code = 0;
 497         prs_struct *data = &p->in_data.data;
 498         prs_struct *rdata = &p->out_data.rdata;
 499
 500         ZERO_STRUCT(q_i);
 501
 502         /* grab the info class and policy handle */
 503         if(!lsa_io_q_query("", &q_i, data, 0)) {
 504                 DEBUG(0,("api_lsa_query_info: failed to unmarshall LSA_Q_QUERY_INFO.\n"));
 505                 return False;
 506         }
 507
 508         switch (q_i.info_class) {
 509         case 0x03:
 510                 switch (lp_server_role())
 511                 {
 512                         case ROLE_DOMAIN_PDC:
 513                         case ROLE_DOMAIN_BDC:
 514                                 name = global_myworkgroup;
 515                                 sid = &global_sam_sid;
 516                                 break;
 517                         case ROLE_DOMAIN_MEMBER:
 518                                 if (secrets_fetch_domain_sid(global_myworkgroup,
 519                                         &domain_sid))
 520                                 {
 521                                         name = global_myworkgroup;
 522                                         sid = &domain_sid;
 523                                 }
 524                         default:
 525                                 break;
 526                 }
 527                 break;
 528         case 0x05:
 529                 name = global_myname;
 530                 sid = &global_sam_sid;
 531                 break;
 532         default:
 533                 DEBUG(0,("api_lsa_query_info: unknown info level in Lsa Query: %d\n", q_i.info_class));
 534                 status_code = (NT_STATUS_INVALID_INFO_CLASS | 0xC0000000);
 535                 break;
 536         }
 537
 538         /* construct reply.  return status is always 0x0 */
 539         if(!lsa_reply_query_info(&q_i, rdata, name, sid, status_code))
 540                 return False;
 541
 542         return True;
 543 }
 544
 545 /***************************************************************************
 546  api_lsa_lookup_sids
 547  ***************************************************************************/
 548
 549 static BOOL api_lsa_lookup_sids(pipes_struct *p)
 550 {
 551         LSA_Q_LOOKUP_SIDS q_l;
 552         prs_struct *data = &p->in_data.data;
 553         prs_struct *rdata = &p->out_data.rdata;
 554
 555         ZERO_STRUCT(q_l);
 556
 557         /* grab the info class and policy handle */
 558         if(!lsa_io_q_lookup_sids("", &q_l, data, 0)) {
 559                 DEBUG(0,("api_lsa_lookup_sids: failed to unmarshall LSA_Q_LOOKUP_SIDS.\n"));
 560                 return False;
 561         }
 562
 563         /* construct reply.  return status is always 0x0 */
 564         if(!lsa_reply_lookup_sids(rdata, q_l.sids.sid, q_l.sids.num_entries))
 565                 return False;
 566
 567         return True;
 568 }
 569
 570 /***************************************************************************
 571  api_lsa_lookup_names
 572  ***************************************************************************/
 573
 574 static BOOL api_lsa_lookup_names(pipes_struct *p)
 575 {
 576         LSA_Q_LOOKUP_NAMES q_l;
 577         prs_struct *data = &p->in_data.data;
 578         prs_struct *rdata = &p->out_data.rdata;
 579
 580         ZERO_STRUCT(q_l);
 581
 582         /* grab the info class and policy handle */
 583         if(!lsa_io_q_lookup_names("", &q_l, data, 0)) {
 584                 DEBUG(0,("api_lsa_lookup_names: failed to unmarshall LSA_Q_LOOKUP_NAMES.\n"));
 585                 return False;
 586         }
 587
 588         SMB_ASSERT_ARRAY(q_l.uni_name, q_l.num_entries);
 589
 590         return lsa_reply_lookup_names(rdata, q_l.uni_name, q_l.num_entries);
 591 }
 592
 593 /***************************************************************************
 594  api_lsa_close
 595  ***************************************************************************/
 596 static BOOL api_lsa_close(pipes_struct *p)
 597 {
 598         LSA_R_CLOSE r_c;
 599         prs_struct *rdata = &p->out_data.rdata;
 600
 601         ZERO_STRUCT(r_c);
 602
 603         /* store the response in the SMB stream */
 604         if (!lsa_io_r_close("", &r_c, rdata, 0)) {
 605                 DEBUG(0,("api_lsa_close: lsa_io_r_close failed.\n"));
 606                 return False;
 607         }
 608
 609         return True;
 610 }
 611
 612 /***************************************************************************
 613  api_lsa_open_secret
 614  ***************************************************************************/
 615 static BOOL api_lsa_open_secret(pipes_struct *p)
 616 {
 617         /* XXXX this is NOT good */
 618         size_t i;
 619         uint32 dummy = 0;
 620         prs_struct *rdata = &p->out_data.rdata;
 621
 622         for(i =0; i < 4; i++) {
 623                 if(!prs_uint32("api_lsa_close", rdata, 1, &dummy)) {
 624                         DEBUG(0,("api_lsa_open_secret: prs_uint32 %d failed.\n",
 625                                 (int)i ));
 626                         return False;
 627                 }
 628         }
 629
 630         dummy = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
 631         if(!prs_uint32("api_lsa_close", rdata, 1, &dummy)) {
 632                 DEBUG(0,("api_lsa_open_secret: prs_uint32 status failed.\n"));
 633                 return False;
 634         }
 635
 636         return True;
 637 }
 638
 639 /***************************************************************************
 640  \PIPE\ntlsa commands
 641  ***************************************************************************/
 642 static struct api_struct api_lsa_cmds[] =
 643 {
 644         { "LSA_OPENPOLICY2"     , LSA_OPENPOLICY2     , api_lsa_open_policy2   },
 645         { "LSA_OPENPOLICY"      , LSA_OPENPOLICY      , api_lsa_open_policy    },
 646         { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info     },
 647         { "LSA_ENUMTRUSTDOM"    , LSA_ENUMTRUSTDOM    , api_lsa_enum_trust_dom },
 648         { "LSA_CLOSE"           , LSA_CLOSE           , api_lsa_close          },
 649         { "LSA_OPENSECRET"      , LSA_OPENSECRET      , api_lsa_open_secret    },
 650         { "LSA_LOOKUPSIDS"      , LSA_LOOKUPSIDS      , api_lsa_lookup_sids    },
 651         { "LSA_LOOKUPNAMES"     , LSA_LOOKUPNAMES     , api_lsa_lookup_names   },
 652         { NULL                  , 0                   , NULL                   }
 653 };
 654
 655 /***************************************************************************
 656  api_ntLsarpcTNP
 657  ***************************************************************************/
 658 BOOL api_ntlsa_rpc(pipes_struct *p)
 659 {
 660         return api_rpcTNP(p, "api_ntlsa_rpc", api_lsa_cmds);
 661 }
 662
 663 #undef OLD_NTDOMAIN