2 Unix SMB/Netbios implementation.
5 Winbind daemon glue functions to connect new cli interface
6 to older style lsa_ and samr_ functions
8 Copyright (C) tridge@samba.org 2001
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 /****************************************************************************
29 ****************************************************************************/
30 BOOL wb_lsa_open_policy(char *server, BOOL sec_qos, uint32 des_access,
33 struct nmb_name calling, called;
34 struct ntuser_creds creds;
35 struct in_addr dest_ip;
37 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
38 extern pstring global_myname;
42 pol->cli = (struct cli_state *)malloc(sizeof(struct cli_state));
43 pol->mem_ctx = talloc_init();
45 ZERO_STRUCTP(pol->cli);
47 if (!pol->cli || !pol->mem_ctx)
50 /* Initialise RPC connection */
52 if (!cli_initialise(pol->cli))
56 creds.pwd.null_pwd = 1;
58 cli_init_creds(pol->cli, &creds);
60 /* Establish a SMB connection */
62 if (!resolve_srv_name(server, dest_host, &dest_ip)) {
66 make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20);
67 make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
69 if (!cli_establish_connection(pol->cli, dest_host, &dest_ip, &calling,
70 &called, "IPC$", "IPC", False, True)) {
74 if (!cli_nt_session_open (pol->cli, PIPE_LSARPC)) {
78 result = cli_lsa_open_policy(pol->cli, pol->mem_ctx, sec_qos,
79 des_access, &pol->handle);
82 if (!NT_STATUS_IS_OK(result) && pol->cli) {
83 if (pol->cli->initialised)
84 cli_shutdown(pol->cli);
88 return NT_STATUS_IS_OK(result);
91 /****************************************************************************
92 do a LSA Enumerate Trusted Domain
93 ****************************************************************************/
94 BOOL wb_lsa_enum_trust_dom(CLI_POLICY_HND *hnd, uint32 *enum_ctx,
95 uint32 * num_doms, char ***names, DOM_SID **sids)
99 ret = cli_lsa_enum_trust_dom(hnd->cli, hnd->mem_ctx, &hnd->handle,
100 enum_ctx, num_doms, names, sids);
102 return NT_STATUS_IS_OK(ret);
105 /****************************************************************************
106 do a LSA Query Info Policy
107 ****************************************************************************/
108 BOOL wb_lsa_query_info_pol(CLI_POLICY_HND *hnd, uint16 info_class,
109 fstring domain_name, DOM_SID *domain_sid)
113 ret = cli_lsa_query_info_policy(hnd->cli, hnd->mem_ctx, &hnd->handle,
114 info_class, domain_name, domain_sid);
116 return NT_STATUS_IS_OK(ret);
119 /****************************************************************************
120 do a LSA Lookup Names
121 ****************************************************************************/
122 BOOL wb_lsa_lookup_names(CLI_POLICY_HND *hnd, int num_names, char **names,
123 DOM_SID **sids, uint32 **types, int *num_sids)
127 ret = cli_lsa_lookup_names(hnd->cli, hnd->mem_ctx, &hnd->handle,
128 num_names, names, sids, types, num_sids);
130 return NT_STATUS_IS_OK(ret);
133 /****************************************************************************
135 ****************************************************************************/
136 BOOL wb_lsa_lookup_sids(CLI_POLICY_HND *hnd, int num_sids, DOM_SID *sids,
137 char ***names, uint32 **types, int *num_names)
141 ret = cli_lsa_lookup_sids(hnd->cli, hnd->mem_ctx, &hnd->handle,
142 num_sids, sids, names, types, num_names);
144 return NT_STATUS_IS_OK(ret);
147 /****************************************************************************
149 ****************************************************************************/
150 BOOL wb_lsa_close(CLI_POLICY_HND *hnd)
154 ret = cli_lsa_close(hnd->cli, hnd->mem_ctx, &hnd->handle);
156 return NT_STATUS_IS_OK(ret);
160 /****************************************************************************
162 ****************************************************************************/
163 BOOL wb_samr_close(CLI_POLICY_HND *hnd)
167 ret = cli_samr_close(hnd->cli, hnd->mem_ctx, &hnd->handle);
169 return NT_STATUS_IS_OK(ret);
173 /****************************************************************************
175 ****************************************************************************/
176 BOOL wb_samr_connect(char *server, uint32 access_mask, CLI_POLICY_HND *pol)
178 struct nmb_name calling, called;
179 struct ntuser_creds creds;
180 struct in_addr dest_ip;
182 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
183 extern pstring global_myname;
187 pol->cli = (struct cli_state *)malloc(sizeof(struct cli_state));
189 ZERO_STRUCTP(pol->cli);
191 pol->mem_ctx = talloc_init();
193 if (!pol->cli || !pol->mem_ctx)
196 /* Initialise RPC connection */
198 if (!cli_initialise(pol->cli))
202 creds.pwd.null_pwd = 1;
204 cli_init_creds(pol->cli, &creds);
206 /* Establish a SMB connection */
208 if (!resolve_srv_name(server, dest_host, &dest_ip)) {
212 make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20);
213 make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
215 if (!cli_establish_connection(pol->cli, dest_host, &dest_ip, &calling,
216 &called, "IPC$", "IPC", False, True)) {
220 if (!cli_nt_session_open (pol->cli, PIPE_SAMR)) {
224 result = cli_samr_connect(pol->cli, pol->mem_ctx,
225 access_mask, &pol->handle);
228 if (!NT_STATUS_IS_OK(result) && pol->cli) {
229 if (pol->cli->initialised)
230 cli_shutdown(pol->cli);
234 return NT_STATUS_IS_OK(result);
238 /****************************************************************************
239 samr_open_domain glue
240 ****************************************************************************/
241 BOOL wb_samr_open_domain(CLI_POLICY_HND *connect_pol, uint32 ace_perms,
242 DOM_SID *sid, CLI_POLICY_HND *domain_pol)
246 ret = cli_samr_open_domain(connect_pol->cli,
247 connect_pol->mem_ctx,
248 &connect_pol->handle,
251 &domain_pol->handle);
253 if NT_STATUS_IS_OK(ret) {
254 domain_pol->cli = connect_pol->cli;
255 domain_pol->mem_ctx = connect_pol->mem_ctx;
262 /****************************************************************************
263 do a SAMR enumerate groups
264 ****************************************************************************/
265 NTSTATUS wb_samr_enum_dom_groups(CLI_POLICY_HND *pol, uint32 *start_idx,
266 uint32 size, struct acct_info **sam,
267 uint32 *num_sam_groups)
269 return cli_samr_enum_dom_groups(pol->cli, pol->mem_ctx, &pol->handle,
270 start_idx, size, sam, num_sam_groups);
273 /****************************************************************************
274 do a SAMR query userinfo
275 ****************************************************************************/
276 BOOL wb_get_samr_query_userinfo(CLI_POLICY_HND *pol, uint32 info_level,
277 uint32 user_rid, SAM_USERINFO_CTR **ctr)
280 BOOL got_user_pol = False;
283 result = cli_samr_open_user(pol->cli, pol->mem_ctx,
284 &pol->handle, MAXIMUM_ALLOWED_ACCESS,
285 user_rid, &user_pol);
286 if (!NT_STATUS_IS_OK(result))
291 result = cli_samr_query_userinfo(pol->cli, pol->mem_ctx,
292 &user_pol, info_level, ctr);
293 if (!NT_STATUS_IS_OK(result))
297 if (got_user_pol) cli_samr_close(pol->cli, pol->mem_ctx, &user_pol);
299 return NT_STATUS_IS_OK(result);
302 /****************************************************************************
303 do a SAMR enumerate groups
304 ****************************************************************************/
305 BOOL wb_samr_open_user(CLI_POLICY_HND *pol, uint32 access_mask, uint32 rid,
306 POLICY_HND *user_pol)
310 ret = cli_samr_open_user(pol->cli, pol->mem_ctx, &pol->handle,
311 access_mask, rid, user_pol);
313 return NT_STATUS_IS_OK(ret);
316 BOOL wb_samr_query_usergroups(CLI_POLICY_HND *pol, uint32 *num_groups,
321 ret = cli_samr_query_usergroups(pol->cli, pol->mem_ctx, &pol->handle,
324 return NT_STATUS_IS_OK(ret);
327 BOOL wb_get_samr_query_groupinfo(CLI_POLICY_HND *pol, uint32 info_level,
328 uint32 group_rid, GROUP_INFO_CTR *ctr)
330 POLICY_HND group_pol;
331 BOOL got_group_pol = False;
334 result = cli_samr_open_group(pol->cli, pol->mem_ctx,
335 &pol->handle, MAXIMUM_ALLOWED_ACCESS,
336 group_rid, &group_pol);
337 if (!NT_STATUS_IS_OK(result))
340 got_group_pol = True;
342 result = cli_samr_query_groupinfo(pol->cli, pol->mem_ctx,
343 &group_pol, info_level,
346 if (got_group_pol) cli_samr_close(pol->cli, pol->mem_ctx, &group_pol);
348 return NT_STATUS_IS_OK(result);
351 BOOL wb_sam_query_groupmem(CLI_POLICY_HND *pol, uint32 group_rid,
352 uint32 *num_names, uint32 **rid_mem,
353 char ***names, uint32 **name_types)
355 BOOL got_group_pol = False;
356 POLICY_HND group_pol;
358 uint32 i, total_names = 0;
360 result = cli_samr_open_group(pol->cli, pol->mem_ctx,
361 &pol->handle, MAXIMUM_ALLOWED_ACCESS,
362 group_rid, &group_pol);
363 if (!NT_STATUS_IS_OK(result))
366 got_group_pol = True;
368 result = cli_samr_query_groupmem(pol->cli, pol->mem_ctx,
369 &group_pol, num_names, rid_mem,
371 if (!NT_STATUS_IS_OK(result))
374 /* Call cli_samr_lookup_rids() in bunches of ~1000 rids to avoid
377 #define MAX_LOOKUP_RIDS 900
379 *names = talloc(pol->mem_ctx, *num_names * sizeof(char *));
380 *name_types = talloc(pol->mem_ctx, *num_names * sizeof(uint32));
382 for (i = 0; i < *num_names; i += MAX_LOOKUP_RIDS) {
383 int num_lookup_rids = MIN(*num_names - i, MAX_LOOKUP_RIDS);
384 uint32 tmp_num_names = 0;
385 char **tmp_names = NULL;
386 uint32 *tmp_types = NULL;
388 /* Lookup a chunk of rids */
390 result = cli_samr_lookup_rids(pol->cli, pol->mem_ctx,
391 &pol->handle, 1000, /* flags */
395 &tmp_names, &tmp_types);
396 if (!NT_STATUS_IS_OK(result))
399 /* Copy result into array. The talloc system will take
400 care of freeing the temporary arrays later on. */
402 memcpy(&(*names)[i], tmp_names, sizeof(char *) *
405 memcpy(&(*name_types)[i], tmp_types, sizeof(uint32) *
408 total_names += tmp_num_names;
411 *num_names = total_names;
415 cli_samr_close(pol->cli, pol->mem_ctx, &group_pol);
417 return NT_STATUS_IS_OK(result);
420 BOOL wb_samr_query_dom_info(CLI_POLICY_HND *pol, uint16 switch_value,
425 ret = cli_samr_query_dom_info(pol->cli, pol->mem_ctx,
426 &pol->handle, switch_value, ctr);
428 return NT_STATUS_IS_OK(ret);
431 /* Unlike all the others, the status code of this function is actually used
434 NTSTATUS wb_samr_query_dispinfo(CLI_POLICY_HND *pol, uint32 *start_ndx,
435 uint16 info_level, uint32 *num_entries,
436 SAM_DISPINFO_CTR *ctr)
438 return cli_samr_query_dispinfo(pol->cli, pol->mem_ctx,
439 &pol->handle, start_ndx,
440 info_level, num_entries,