2 Unix SMB/CIFS implementation.
4 endpoint server for the drsuapi pipe
6 Copyright (C) Stefan Metzmacher 2004
7 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2006
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "librpc/gen_ndr/ndr_drsuapi.h"
25 #include "rpc_server/dcerpc_server.h"
26 #include "rpc_server/common/common.h"
27 #include "dsdb/samdb/samdb.h"
28 #include "dsdb/common/util.h"
29 #include "libcli/security/security.h"
30 #include "libcli/security/session.h"
31 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
32 #include "auth/auth.h"
33 #include "param/param.h"
34 #include "lib/messaging/irpc.h"
37 #define DBGC_CLASS DBGC_DRS_REPL
39 #define DRSUAPI_UNSUPPORTED(fname) do { \
40 DEBUG(1,(__location__ ": Unsupported DRS call %s\n", #fname)); \
41 if (DEBUGLVL(2)) NDR_PRINT_IN_DEBUG(fname, r); \
42 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); \
45 #define DCESRV_INTERFACE_DRSUAPI_BIND(call, iface) \
46 dcesrv_interface_drsuapi_bind(call, iface)
47 static NTSTATUS dcesrv_interface_drsuapi_bind(struct dcesrv_call_state *dce_call,
48 const struct dcesrv_interface *iface)
50 struct dcesrv_connection_context *context = dce_call->context;
51 return dcesrv_interface_bind_require_privacy(context, iface);
57 static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
58 struct drsuapi_DsBind *r)
60 struct drsuapi_bind_state *b_state;
61 struct dcesrv_handle *handle;
62 struct drsuapi_DsBindInfoCtr *bind_info;
63 struct drsuapi_DsBindInfoCtr *local_info;
64 struct GUID site_guid, config_guid;
65 struct ldb_result *site_res, *config_res;
66 struct ldb_dn *server_site_dn, *config_dn;
67 static const char *site_attrs[] = { "objectGUID", NULL };
68 static const char *config_attrs[] = { "objectGUID", NULL };
69 struct ldb_result *ntds_res;
70 struct ldb_dn *ntds_dn;
71 static const char *ntds_attrs[] = { "ms-DS-ReplicationEpoch", NULL };
74 uint32_t supported_extensions;
77 struct auth_session_info *auth_info;
79 bool connected_as_system = false;
81 r->out.bind_info = NULL;
82 ZERO_STRUCTP(r->out.bind_handle);
84 b_state = talloc_zero(mem_ctx, struct drsuapi_bind_state);
85 W_ERROR_HAVE_NO_MEMORY(b_state);
87 /* if this is a DC connecting, give them system level access */
88 werr = drs_security_level_check(dce_call, NULL, SECURITY_DOMAIN_CONTROLLER, NULL);
89 if (W_ERROR_IS_OK(werr)) {
90 DEBUG(3,(__location__ ": doing DsBind with system_session\n"));
91 auth_info = system_session(dce_call->conn->dce_ctx->lp_ctx);
92 connected_as_system = true;
94 auth_info = dcesrv_call_session_info(dce_call);
98 * connect to the samdb
100 b_state->sam_ctx = samdb_connect(
103 dce_call->conn->dce_ctx->lp_ctx,
105 dce_call->conn->remote_address,
107 if (!b_state->sam_ctx) {
111 if (connected_as_system) {
112 b_state->sam_ctx_system = b_state->sam_ctx;
114 /* an RODC also needs system samdb access for secret
115 attribute replication */
116 werr = drs_security_level_check(dce_call, NULL, SECURITY_RO_DOMAIN_CONTROLLER,
117 samdb_domain_sid(b_state->sam_ctx));
118 if (W_ERROR_IS_OK(werr)) {
119 b_state->sam_ctx_system
123 dce_call->conn->dce_ctx->lp_ctx,
124 system_session(dce_call->conn->dce_ctx->lp_ctx),
125 dce_call->conn->remote_address,
127 if (!b_state->sam_ctx_system) {
134 * find out the guid of our own site
136 server_site_dn = samdb_server_site_dn(b_state->sam_ctx, mem_ctx);
137 W_ERROR_HAVE_NO_MEMORY(server_site_dn);
139 ret = ldb_search(b_state->sam_ctx, mem_ctx, &site_res,
140 server_site_dn, LDB_SCOPE_BASE, site_attrs,
142 if (ret != LDB_SUCCESS) {
143 return WERR_DS_DRA_INTERNAL_ERROR;
145 if (site_res->count != 1) {
146 return WERR_DS_DRA_INTERNAL_ERROR;
148 site_guid = samdb_result_guid(site_res->msgs[0], "objectGUID");
151 * lookup the local servers Replication Epoch
153 ntds_dn = samdb_ntds_settings_dn(b_state->sam_ctx, mem_ctx);
154 W_ERROR_HAVE_NO_MEMORY(ntds_dn);
156 ret = ldb_search(b_state->sam_ctx, mem_ctx, &ntds_res,
157 ntds_dn, LDB_SCOPE_BASE, ntds_attrs,
159 if (ret != LDB_SUCCESS) {
160 return WERR_DS_DRA_INTERNAL_ERROR;
162 if (ntds_res->count != 1) {
163 return WERR_DS_DRA_INTERNAL_ERROR;
165 repl_epoch = ldb_msg_find_attr_as_uint(ntds_res->msgs[0],
166 "ms-DS-ReplicationEpoch", 0);
169 * The "process identifier" of the client.
170 * According to the WSPP docs, sectin 5.35, this is
171 * for informational and debugging purposes only.
172 * The assignment is implementation specific.
177 * store the clients bind_guid
179 if (r->in.bind_guid) {
180 b_state->remote_bind_guid = *r->in.bind_guid;
184 * store the clients bind_info
186 if (r->in.bind_info) {
187 b_state->remote_info = r->in.bind_info;
191 * fill in our local bind info
193 local_info = talloc_zero(mem_ctx, struct drsuapi_DsBindInfoCtr);
194 W_ERROR_HAVE_NO_MEMORY(local_info);
197 * Fill in supported extensions
199 supported_extensions = 0;
200 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
201 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
202 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
203 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
204 #if 0 /* we don't support MSZIP compression (only decompression) */
205 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
207 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
208 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
209 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
210 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
211 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
212 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
213 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
214 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
215 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
216 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
217 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
218 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
219 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
220 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
221 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5;
222 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
223 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
224 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
225 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
226 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
227 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
228 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
229 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
230 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
231 #if 0 /* we don't support XPRESS compression yet */
232 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
234 supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10;
237 * There is a chance for r->in.bind_info == NULL
238 * Currently we don't care, since it seems to be used nowhere else.
239 * But we need a request length. So use 28 as default.
242 if (r->in.bind_info) {
243 req_length = r->in.bind_info->length;
247 * fill 28 or 48 info, depends on request
249 if (req_length < 48) {
250 local_info->length = 28;
251 local_info->info.info28.supported_extensions = supported_extensions;
252 local_info->info.info28.site_guid = site_guid;
253 local_info->info.info28.pid = pid;
254 local_info->info.info28.repl_epoch = repl_epoch;
256 local_info->length = 48;
257 local_info->info.info48.supported_extensions = supported_extensions;
258 local_info->info.info48.site_guid = site_guid;
259 local_info->info.info48.pid = pid;
260 local_info->info.info48.repl_epoch = repl_epoch;
262 local_info->info.info48.supported_extensions_ext = 0;
263 local_info->info.info48.supported_extensions_ext |= DRSUAPI_SUPPORTED_EXTENSION_LH_BETA2;
266 * find out the guid of our own site
268 config_dn = ldb_get_config_basedn(b_state->sam_ctx);
269 W_ERROR_HAVE_NO_MEMORY(config_dn);
271 ret = ldb_search(b_state->sam_ctx, mem_ctx, &config_res,
272 config_dn, LDB_SCOPE_BASE, config_attrs,
274 if (ret != LDB_SUCCESS) {
275 return WERR_DS_DRA_INTERNAL_ERROR;
277 if (config_res->count != 1) {
278 return WERR_DS_DRA_INTERNAL_ERROR;
280 config_guid = samdb_result_guid(config_res->msgs[0], "objectGUID");
281 local_info->info.info48.config_dn_guid = config_guid;
287 b_state->local_info = local_info;
292 bind_info = local_info;
295 * allocate a bind handle
297 handle = dcesrv_handle_create(dce_call, DRSUAPI_BIND_HANDLE);
298 W_ERROR_HAVE_NO_MEMORY(handle);
299 handle->data = talloc_steal(handle, b_state);
304 r->out.bind_info = bind_info;
305 *r->out.bind_handle = handle->wire_handle;
314 static WERROR dcesrv_drsuapi_DsUnbind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
315 struct drsuapi_DsUnbind *r)
317 struct dcesrv_handle *h;
319 *r->out.bind_handle = *r->in.bind_handle;
321 DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
325 ZERO_STRUCTP(r->out.bind_handle);
332 drsuapi_DsReplicaSync
334 static WERROR dcesrv_drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
335 struct drsuapi_DsReplicaSync *r)
340 status = drs_security_level_check(dce_call, "DsReplicaSync", SECURITY_DOMAIN_CONTROLLER, NULL);
341 if (!W_ERROR_IS_OK(status)) {
345 if (r->in.level != 1) {
346 DEBUG(0,("DsReplicaSync called with unsupported level %d\n", r->in.level));
347 return WERR_DS_DRA_INVALID_PARAMETER;
350 if (r->in.req->req1.options & DRSUAPI_DRS_ASYNC_OP) {
351 timeout = IRPC_CALL_TIMEOUT;
354 * use Infinite time for timeout in case
355 * the caller made a sync call
357 timeout = IRPC_CALL_TIMEOUT_INF;
360 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx,
361 r, NDR_DRSUAPI_DSREPLICASYNC,
363 "dreplsrv", "DsReplicaSync",
373 static WERROR dcesrv_drsuapi_DsReplicaAdd(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
374 struct drsuapi_DsReplicaAdd *r)
378 status = drs_security_level_check(dce_call, "DsReplicaAdd", SECURITY_DOMAIN_CONTROLLER, NULL);
379 if (!W_ERROR_IS_OK(status)) {
383 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx,
384 r, NDR_DRSUAPI_DSREPLICAADD,
386 "dreplsrv", "DsReplicaAdd",
396 static WERROR dcesrv_drsuapi_DsReplicaDel(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
397 struct drsuapi_DsReplicaDel *r)
401 status = drs_security_level_check(dce_call, "DsReplicaDel", SECURITY_DOMAIN_CONTROLLER, NULL);
402 if (!W_ERROR_IS_OK(status)) {
406 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx,
407 r, NDR_DRSUAPI_DSREPLICADEL,
409 "dreplsrv", "DsReplicaDel",
417 drsuapi_DsReplicaModify
419 static WERROR dcesrv_drsuapi_DsReplicaMod(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
420 struct drsuapi_DsReplicaMod *r)
424 status = drs_security_level_check(dce_call, "DsReplicaMod", SECURITY_DOMAIN_CONTROLLER, NULL);
425 if (!W_ERROR_IS_OK(status)) {
429 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx,
430 r, NDR_DRSUAPI_DSREPLICAMOD,
432 "dreplsrv", "DsReplicaMod",
442 static WERROR dcesrv_DRSUAPI_VERIFY_NAMES(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
443 struct DRSUAPI_VERIFY_NAMES *r)
445 DRSUAPI_UNSUPPORTED(DRSUAPI_VERIFY_NAMES);
450 drsuapi_DsGetMemberships
452 static WERROR dcesrv_drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
453 struct drsuapi_DsGetMemberships *r)
455 DRSUAPI_UNSUPPORTED(drsuapi_DsGetMemberships);
460 DRSUAPI_INTER_DOMAIN_MOVE
462 static WERROR dcesrv_DRSUAPI_INTER_DOMAIN_MOVE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
463 struct DRSUAPI_INTER_DOMAIN_MOVE *r)
465 DRSUAPI_UNSUPPORTED(DRSUAPI_INTER_DOMAIN_MOVE);
470 drsuapi_DsGetNT4ChangeLog
472 static WERROR dcesrv_drsuapi_DsGetNT4ChangeLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
473 struct drsuapi_DsGetNT4ChangeLog *r)
475 DRSUAPI_UNSUPPORTED(drsuapi_DsGetNT4ChangeLog);
481 static WERROR dcesrv_drsuapi_DsCrackNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
482 struct drsuapi_DsCrackNames *r)
484 struct drsuapi_bind_state *b_state;
485 struct dcesrv_handle *h;
487 *r->out.level_out = r->in.level;
489 DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
492 r->out.ctr = talloc_zero(mem_ctx, union drsuapi_DsNameCtr);
493 W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
495 switch (r->in.level) {
497 switch(r->in.req->req1.format_offered){
498 case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN_EX:
499 case DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT_NAME_SANS_DOMAIN:
500 case DRSUAPI_DS_NAME_FORMAT_STRING_SID_NAME:
501 case DRSUAPI_DS_NAME_FORMAT_ALT_SECURITY_IDENTITIES_NAME:
502 case DRSUAPI_DS_NAME_FORMAT_MAP_SCHEMA_GUID:
503 case DRSUAPI_DS_NAME_FORMAT_LIST_NCS:
504 case DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS:
505 case DRSUAPI_DS_NAME_FORMAT_LIST_GLOBAL_CATALOG_SERVERS:
506 case DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_WITH_DCS_IN_SITE:
507 case DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_FOR_DOMAIN_IN_SITE:
508 case DRSUAPI_DS_NAME_FORMAT_LIST_DOMAINS_IN_SITE:
509 case DRSUAPI_DS_NAME_FORMAT_LIST_SERVERS_IN_SITE:
510 case DRSUAPI_DS_NAME_FORMAT_LIST_SITES:
511 case DRSUAPI_DS_NAME_FORMAT_UPN_AND_ALTSECID:
512 case DRSUAPI_DS_NAME_FORMAT_UPN_FOR_LOGON:
513 DEBUG(0, ("DsCrackNames: Unsupported operation requested: %X",
514 r->in.req->req1.format_offered));
516 case DRSUAPI_DS_NAME_FORMAT_LIST_INFO_FOR_SERVER:
517 return dcesrv_drsuapi_ListInfoServer(b_state->sam_ctx, mem_ctx, &r->in.req->req1, &r->out.ctr->ctr1);
518 case DRSUAPI_DS_NAME_FORMAT_LIST_ROLES:
519 return dcesrv_drsuapi_ListRoles(b_state->sam_ctx, mem_ctx,
520 &r->in.req->req1, &r->out.ctr->ctr1);
521 default:/* format_offered is in the enum drsuapi_DsNameFormat*/
522 return dcesrv_drsuapi_CrackNamesByNameFormat(b_state->sam_ctx, mem_ctx,
523 &r->in.req->req1, &r->out.ctr->ctr1);
527 return WERR_INVALID_LEVEL;
532 drsuapi_DsRemoveDSServer
534 static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
535 struct drsuapi_DsRemoveDSServer *r)
537 struct drsuapi_bind_state *b_state;
538 struct dcesrv_handle *h;
539 struct ldb_dn *ntds_dn;
544 *r->out.level_out = 1;
546 status = drs_security_level_check(dce_call, "DsRemoveDSServer", SECURITY_DOMAIN_CONTROLLER, NULL);
547 if (!W_ERROR_IS_OK(status)) {
551 DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
554 switch (r->in.level) {
556 ntds_dn = ldb_dn_new(mem_ctx, b_state->sam_ctx, r->in.req->req1.server_dn);
557 W_ERROR_HAVE_NO_MEMORY(ntds_dn);
559 ok = ldb_dn_validate(ntds_dn);
564 /* TODO: it's likely that we need more checks here */
566 ok = ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings");
571 if (r->in.req->req1.commit) {
572 ret = dsdb_delete(b_state->sam_ctx, ntds_dn, DSDB_TREE_DELETE);
573 if (ret != LDB_SUCCESS) {
588 DRSUAPI_REMOVE_DS_DOMAIN
590 static WERROR dcesrv_DRSUAPI_REMOVE_DS_DOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
591 struct DRSUAPI_REMOVE_DS_DOMAIN *r)
593 DRSUAPI_UNSUPPORTED(DRSUAPI_REMOVE_DS_DOMAIN);
596 /* Obtain the site name from a server DN */
597 static const char *result_site_name(struct ldb_dn *server_dn)
599 /* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
600 const struct ldb_val *val = ldb_dn_get_component_val(server_dn, 2);
601 const char *name = ldb_dn_get_component_name(server_dn, 2);
603 if (!name || (ldb_attr_cmp(name, "cn") != 0)) {
604 /* Ensure this matches the format. This gives us a
605 * bit more confidence that a 'cn' value will be a
610 return (char *)val->data;
616 drsuapi_DsGetDomainControllerInfo
618 static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_state *b_state,
620 struct drsuapi_DsGetDomainControllerInfo *r)
622 struct ldb_dn *sites_dn;
623 struct ldb_result *res;
625 const char *attrs_account_1[] = { "cn", "dnsHostName", NULL };
626 const char *attrs_account_2[] = { "cn", "dnsHostName", "objectGUID", NULL };
628 const char *attrs_none[] = { NULL };
630 const char *attrs_site[] = { "objectGUID", NULL };
632 const char *attrs_ntds[] = { "options", "objectGUID", NULL };
634 const char *attrs_1[] = { "serverReference", "cn", "dnsHostName", NULL };
635 const char *attrs_2[] = { "serverReference", "cn", "dnsHostName", "objectGUID", NULL };
638 struct drsuapi_DsGetDCInfoCtr1 *ctr1;
639 struct drsuapi_DsGetDCInfoCtr2 *ctr2;
640 struct drsuapi_DsGetDCInfoCtr3 *ctr3;
645 *r->out.level_out = r->in.req->req1.level;
646 r->out.ctr = talloc_zero(mem_ctx, union drsuapi_DsGetDCInfoCtr);
647 W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
649 switch (*r->out.level_out) {
651 /* this level is not like the others */
652 return WERR_INVALID_LEVEL;
661 return WERR_INVALID_LEVEL;
664 sites_dn = samdb_sites_dn(b_state->sam_ctx, mem_ctx);
666 return WERR_DS_OBJ_NOT_FOUND;
669 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res, sites_dn, LDB_SCOPE_SUBTREE, attrs,
670 "(&(objectClass=server)(serverReference=*))");
673 DEBUG(1, ("searching for servers in sites DN %s failed: %s\n",
674 ldb_dn_get_linearized(sites_dn), ldb_errstring(b_state->sam_ctx)));
675 return WERR_GEN_FAILURE;
678 switch (*r->out.level_out) {
680 ctr1 = &r->out.ctr->ctr1;
681 ctr1->count = res->count;
682 ctr1->array = talloc_zero_array(mem_ctx,
683 struct drsuapi_DsGetDCInfo1,
685 for (i=0; i < res->count; i++) {
686 struct ldb_dn *domain_dn;
687 struct ldb_result *res_domain;
688 struct ldb_result *res_account;
689 struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
691 struct ldb_dn *ref_dn
692 = ldb_msg_find_attr_as_dn(b_state->sam_ctx,
693 mem_ctx, res->msgs[i],
696 if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
697 return WERR_NOT_ENOUGH_MEMORY;
700 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
701 LDB_SCOPE_BASE, attrs_account_1,
702 "(&(objectClass=computer)(userAccountControl:1.2.840.113556.1.4.803:=%u))",
703 UF_SERVER_TRUST_ACCOUNT);
704 if (ret == LDB_SUCCESS && res_account->count == 1) {
706 ctr1->array[i].dns_name
707 = ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
708 ctr1->array[i].netbios_name
709 = ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
710 ctr1->array[i].computer_dn
711 = ldb_dn_get_linearized(res_account->msgs[0]->dn);
713 /* Determine if this is the PDC */
714 ret = samdb_search_for_parent_domain(b_state->sam_ctx,
715 mem_ctx, res_account->msgs[0]->dn,
716 &domain_dn, &errstr);
718 if (ret == LDB_SUCCESS) {
719 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
720 LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
721 ldb_dn_get_linearized(ntds_dn));
723 return WERR_GEN_FAILURE;
725 if (res_domain->count == 1) {
726 ctr1->array[i].is_pdc = true;
730 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
731 DEBUG(5, ("warning: searching for computer DN %s failed: %s\n",
732 ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
735 /* Look at server DN and extract site component */
736 ctr1->array[i].site_name = result_site_name(res->msgs[i]->dn);
737 ctr1->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
740 ctr1->array[i].is_enabled = true;
745 ctr2 = &r->out.ctr->ctr2;
746 ctr2->count = res->count;
747 ctr2->array = talloc_zero_array(mem_ctx,
748 struct drsuapi_DsGetDCInfo2,
750 for (i=0; i < res->count; i++) {
751 struct ldb_dn *domain_dn;
752 struct ldb_result *res_domain;
753 struct ldb_result *res_account;
754 struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
755 struct ldb_result *res_ntds;
756 struct ldb_dn *site_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
757 struct ldb_result *res_site;
758 struct ldb_dn *ref_dn
759 = ldb_msg_find_attr_as_dn(b_state->sam_ctx,
760 mem_ctx, res->msgs[i],
763 if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
764 return WERR_NOT_ENOUGH_MEMORY;
767 /* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
768 if (!site_dn || !ldb_dn_remove_child_components(site_dn, 2)) {
769 return WERR_NOT_ENOUGH_MEMORY;
772 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_ntds, ntds_dn,
773 LDB_SCOPE_BASE, attrs_ntds, "objectClass=nTDSDSA");
774 if (ret == LDB_SUCCESS && res_ntds->count == 1) {
776 = (ldb_msg_find_attr_as_uint(res_ntds->msgs[0], "options", 0) & DS_NTDSDSA_OPT_IS_GC);
777 ctr2->array[i].ntds_guid
778 = samdb_result_guid(res_ntds->msgs[0], "objectGUID");
779 ctr2->array[i].ntds_dn = ldb_dn_get_linearized(res_ntds->msgs[0]->dn);
781 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
782 DEBUG(5, ("warning: searching for NTDS DN %s failed: %s\n",
783 ldb_dn_get_linearized(ntds_dn), ldb_errstring(b_state->sam_ctx)));
786 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_site, site_dn,
787 LDB_SCOPE_BASE, attrs_site, "objectClass=site");
788 if (ret == LDB_SUCCESS && res_site->count == 1) {
789 ctr2->array[i].site_guid
790 = samdb_result_guid(res_site->msgs[0], "objectGUID");
791 ctr2->array[i].site_dn = ldb_dn_get_linearized(res_site->msgs[0]->dn);
793 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
794 DEBUG(5, ("warning: searching for site DN %s failed: %s\n",
795 ldb_dn_get_linearized(site_dn), ldb_errstring(b_state->sam_ctx)));
798 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
799 LDB_SCOPE_BASE, attrs_account_2, "objectClass=computer");
800 if (ret == LDB_SUCCESS && res_account->count == 1) {
802 ctr2->array[i].dns_name
803 = ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
804 ctr2->array[i].netbios_name
805 = ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
806 ctr2->array[i].computer_dn = ldb_dn_get_linearized(res_account->msgs[0]->dn);
807 ctr2->array[i].computer_guid
808 = samdb_result_guid(res_account->msgs[0], "objectGUID");
810 /* Determine if this is the PDC */
811 ret = samdb_search_for_parent_domain(b_state->sam_ctx,
812 mem_ctx, res_account->msgs[0]->dn,
813 &domain_dn, &errstr);
815 if (ret == LDB_SUCCESS) {
816 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
817 LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
818 ldb_dn_get_linearized(ntds_dn));
819 if (ret == LDB_SUCCESS && res_domain->count == 1) {
820 ctr2->array[i].is_pdc = true;
822 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
823 DEBUG(5, ("warning: searching for domain DN %s failed: %s\n",
824 ldb_dn_get_linearized(domain_dn), ldb_errstring(b_state->sam_ctx)));
828 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
829 DEBUG(5, ("warning: searching for computer account DN %s failed: %s\n",
830 ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
833 /* Look at server DN and extract site component */
834 ctr2->array[i].site_name = result_site_name(res->msgs[i]->dn);
835 ctr2->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
836 ctr2->array[i].server_guid
837 = samdb_result_guid(res->msgs[i], "objectGUID");
839 ctr2->array[i].is_enabled = true;
844 ctr3 = &r->out.ctr->ctr3;
845 ctr3->count = res->count;
846 ctr3->array = talloc_zero_array(mem_ctx,
847 struct drsuapi_DsGetDCInfo3,
849 for (i=0; i<res->count; i++) {
850 struct ldb_dn *domain_dn;
851 struct ldb_result *res_domain;
852 struct ldb_result *res_account;
853 struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
854 struct ldb_result *res_ntds;
855 struct ldb_dn *site_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
856 struct ldb_result *res_site;
858 struct ldb_dn *ref_dn
859 = ldb_msg_find_attr_as_dn(b_state->sam_ctx,
860 mem_ctx, res->msgs[i],
863 if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
864 return WERR_NOT_ENOUGH_MEMORY;
867 /* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
868 if (!site_dn || !ldb_dn_remove_child_components(site_dn, 2)) {
869 return WERR_NOT_ENOUGH_MEMORY;
872 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_ntds, ntds_dn,
873 LDB_SCOPE_BASE, attrs_ntds, "objectClass=nTDSDSA");
874 if (ret == LDB_SUCCESS && res_ntds->count == 1) {
876 = (ldb_msg_find_attr_as_uint(res_ntds->msgs[0], "options", 0) & DS_NTDSDSA_OPT_IS_GC);
877 ctr3->array[i].ntds_guid
878 = samdb_result_guid(res_ntds->msgs[0], "objectGUID");
879 ctr3->array[i].ntds_dn = ldb_dn_get_linearized(res_ntds->msgs[0]->dn);
881 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
882 DEBUG(5, ("warning: searching for NTDS DN %s failed: %s\n",
883 ldb_dn_get_linearized(ntds_dn), ldb_errstring(b_state->sam_ctx)));
886 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_site, site_dn,
887 LDB_SCOPE_BASE, attrs_site, "objectClass=site");
888 if (ret == LDB_SUCCESS && res_site->count == 1) {
889 ctr3->array[i].site_guid
890 = samdb_result_guid(res_site->msgs[0], "objectGUID");
891 ctr3->array[i].site_dn = ldb_dn_get_linearized(res_site->msgs[0]->dn);
893 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
894 DEBUG(5, ("warning: searching for site DN %s failed: %s\n",
895 ldb_dn_get_linearized(site_dn), ldb_errstring(b_state->sam_ctx)));
898 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
899 LDB_SCOPE_BASE, attrs_account_2, "objectClass=computer");
900 if (ret == LDB_SUCCESS && res_account->count == 1) {
902 ctr3->array[i].dns_name
903 = ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
904 ctr3->array[i].netbios_name
905 = ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
906 ctr3->array[i].computer_dn = ldb_dn_get_linearized(res_account->msgs[0]->dn);
907 ctr3->array[i].computer_guid
908 = samdb_result_guid(res_account->msgs[0], "objectGUID");
910 /* Determine if this is the PDC */
911 ret = samdb_search_for_parent_domain(b_state->sam_ctx,
912 mem_ctx, res_account->msgs[0]->dn,
913 &domain_dn, &errstr);
915 if (ret == LDB_SUCCESS) {
916 ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
917 LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
918 ldb_dn_get_linearized(ntds_dn));
919 if (ret == LDB_SUCCESS && res_domain->count == 1) {
920 ctr3->array[i].is_pdc = true;
922 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
923 DEBUG(5, ("warning: searching for domain DN %s failed: %s\n",
924 ldb_dn_get_linearized(domain_dn), ldb_errstring(b_state->sam_ctx)));
928 if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
929 DEBUG(5, ("warning: searching for computer account DN %s failed: %s\n",
930 ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
933 /* Look at server DN and extract site component */
934 ctr3->array[i].site_name = result_site_name(res->msgs[i]->dn);
935 ctr3->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
936 ctr3->array[i].server_guid
937 = samdb_result_guid(res->msgs[i], "objectGUID");
939 ctr3->array[i].is_enabled = true;
942 ret = samdb_is_rodc(b_state->sam_ctx, &ctr3->array[i].server_guid, &is_rodc);
943 if (ret == LDB_SUCCESS && is_rodc) {
944 ctr3->array[i].is_rodc = true;
949 return WERR_INVALID_LEVEL;
955 drsuapi_DsGetDomainControllerInfo
957 static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
958 struct drsuapi_DsGetDomainControllerInfo *r)
960 struct dcesrv_handle *h;
961 struct drsuapi_bind_state *b_state;
962 DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
965 switch (r->in.level) {
967 return dcesrv_drsuapi_DsGetDomainControllerInfo_1(b_state, mem_ctx, r);
970 return WERR_INVALID_LEVEL;
978 static WERROR dcesrv_drsuapi_DsExecuteKCC(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
979 struct drsuapi_DsExecuteKCC *r)
983 status = drs_security_level_check(dce_call, "DsExecuteKCC", SECURITY_DOMAIN_CONTROLLER, NULL);
985 if (!W_ERROR_IS_OK(status)) {
988 if (r->in.req->ctr1.taskID != 0) {
989 return WERR_INVALID_PARAMETER;
991 if (r->in.req->ctr1.flags & DRSUAPI_DS_EXECUTE_KCC_ASYNCHRONOUS_OPERATION) {
992 timeout = IRPC_CALL_TIMEOUT;
995 * use Infinite time for timeout in case
996 * the caller made a sync call
998 timeout = IRPC_CALL_TIMEOUT_INF;
1001 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx, r, NDR_DRSUAPI_DSEXECUTEKCC,
1002 &ndr_table_drsuapi, "kccsrv", "DsExecuteKCC",
1004 DEBUG(10, ("Forwarded the call to execute the KCC\n"));
1010 drsuapi_DsReplicaGetInfo
1012 static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1013 struct drsuapi_DsReplicaGetInfo *r)
1015 struct auth_session_info *session_info =
1016 dcesrv_call_session_info(dce_call);
1017 enum security_user_level level;
1019 if (!lpcfg_parm_bool(dce_call->conn->dce_ctx->lp_ctx, NULL,
1020 "drs", "disable_sec_check", false)) {
1021 level = security_session_user_level(session_info, NULL);
1022 if (level < SECURITY_DOMAIN_CONTROLLER) {
1023 DEBUG(1,(__location__ ": Administrator access required for DsReplicaGetInfo\n"));
1024 security_token_debug(DBGC_DRS_REPL, 2,
1025 session_info->security_token);
1026 return WERR_DS_DRA_ACCESS_DENIED;
1030 dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx, r, NDR_DRSUAPI_DSREPLICAGETINFO,
1031 &ndr_table_drsuapi, "kccsrv", "DsReplicaGetInfo",
1039 DRSUAPI_ADD_SID_HISTORY
1041 static WERROR dcesrv_DRSUAPI_ADD_SID_HISTORY(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1042 struct DRSUAPI_ADD_SID_HISTORY *r)
1044 DRSUAPI_UNSUPPORTED(DRSUAPI_ADD_SID_HISTORY);
1048 drsuapi_DsGetMemberships2
1050 static WERROR dcesrv_drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1051 struct drsuapi_DsGetMemberships2 *r)
1053 DRSUAPI_UNSUPPORTED(drsuapi_DsGetMemberships2);
1057 DRSUAPI_REPLICA_VERIFY_OBJECTS
1059 static WERROR dcesrv_DRSUAPI_REPLICA_VERIFY_OBJECTS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1060 struct DRSUAPI_REPLICA_VERIFY_OBJECTS *r)
1062 DRSUAPI_UNSUPPORTED(DRSUAPI_REPLICA_VERIFY_OBJECTS);
1067 DRSUAPI_GET_OBJECT_EXISTENCE
1069 static WERROR dcesrv_DRSUAPI_GET_OBJECT_EXISTENCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1070 struct DRSUAPI_GET_OBJECT_EXISTENCE *r)
1072 DRSUAPI_UNSUPPORTED(DRSUAPI_GET_OBJECT_EXISTENCE);
1077 drsuapi_QuerySitesByCost
1079 static WERROR dcesrv_drsuapi_QuerySitesByCost(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1080 struct drsuapi_QuerySitesByCost *r)
1082 DRSUAPI_UNSUPPORTED(drsuapi_QuerySitesByCost);
1086 /* include the generated boilerplate */
1087 #include "librpc/gen_ndr/ndr_drsuapi_s.c"