2 Unix SMB/CIFS implementation.
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002
7 Copyright (C) Jeremy Allison 2005.
8 Copyright (C) Michael Adam 2007.
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 /** @defgroup lsa LSA - Local Security Architecture
35 * RPC client routines for the LSA RPC pipe. LSA means "local
36 * security authority", which is half of a password database.
39 /** Open a LSA policy handle
41 * @param cli Handle on an initialised SMB connection */
43 NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
45 bool sec_qos, uint32 des_access,
48 prs_struct qbuf, rbuf;
57 /* Initialise input parameters */
60 init_lsa_sec_qos(&qos, 2, 1, 0);
61 init_q_open_pol(&q, '\\', 0, des_access, &qos);
63 init_q_open_pol(&q, '\\', 0, des_access, NULL);
66 /* Marshall data and send request */
68 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY,
73 NT_STATUS_UNSUCCESSFUL );
75 /* Return output parameters */
79 if (NT_STATUS_IS_OK(result)) {
86 /** Open a LSA policy handle
88 * @param cli Handle on an initialised SMB connection
91 NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
92 TALLOC_CTX *mem_ctx, bool sec_qos,
93 uint32 des_access, POLICY_HND *pol)
95 prs_struct qbuf, rbuf;
100 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
106 init_lsa_sec_qos(&qos, 2, 1, 0);
107 init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos);
109 init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL);
112 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2,
117 NT_STATUS_UNSUCCESSFUL );
119 /* Return output parameters */
123 if (NT_STATUS_IS_OK(result)) {
130 /* Lookup a list of sids
132 * internal version withOUT memory allocation of the target arrays.
133 * this assumes suffciently sized arrays to store domains, names and types. */
135 static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
142 enum lsa_SidType *types)
144 prs_struct qbuf, rbuf;
148 NTSTATUS result = NT_STATUS_OK;
149 TALLOC_CTX *tmp_ctx = NULL;
152 tmp_ctx = talloc_new(mem_ctx);
154 DEBUG(0, ("rpccli_lsa_lookup_sids_noalloc: out of memory!\n"));
155 result = NT_STATUS_UNSUCCESSFUL;
162 init_q_lookup_sids(tmp_ctx, &q, pol, num_sids, sids, 1);
168 CLI_DO_RPC( cli, tmp_ctx, PI_LSARPC, LSA_LOOKUPSIDS,
171 lsa_io_q_lookup_sids,
172 lsa_io_r_lookup_sids,
173 NT_STATUS_UNSUCCESSFUL );
175 DEBUG(10, ("LSA_LOOKUPSIDS returned '%s', mapped count = %d'\n",
176 nt_errstr(r.status), r.mapped_count));
178 if (!NT_STATUS_IS_OK(r.status) &&
179 !NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) &&
180 !NT_STATUS_EQUAL(r.status, STATUS_SOME_UNMAPPED))
182 /* An actual error occured */
187 /* Return output parameters */
189 if (NT_STATUS_EQUAL(r.status, NT_STATUS_NONE_MAPPED) ||
190 (r.mapped_count == 0))
192 for (i = 0; i < num_sids; i++) {
195 (types)[i] = SID_NAME_UNKNOWN;
197 result = NT_STATUS_NONE_MAPPED;
201 for (i = 0; i < num_sids; i++) {
202 fstring name, dom_name;
203 uint32 dom_idx = r.names.name[i].domain_idx;
205 /* Translate optimised name through domain index array */
207 if (dom_idx != 0xffffffff) {
209 rpcstr_pull_unistr2_fstring(
210 dom_name, &ref.ref_dom[dom_idx].uni_dom_name);
211 rpcstr_pull_unistr2_fstring(
212 name, &r.names.uni_name[i]);
214 (names)[i] = talloc_strdup(mem_ctx, name);
215 (domains)[i] = talloc_strdup(mem_ctx, dom_name);
216 (types)[i] = r.names.name[i].sid_name_use;
218 if (((names)[i] == NULL) || ((domains)[i] == NULL)) {
219 DEBUG(0, ("cli_lsa_lookup_sids_noalloc(): out of memory\n"));
220 result = NT_STATUS_UNSUCCESSFUL;
227 (types)[i] = SID_NAME_UNKNOWN;
232 TALLOC_FREE(tmp_ctx);
236 /* Lookup a list of sids
238 * do it the right way: there is a limit (of 20480 for w2k3) entries
239 * returned by this call. when the sids list contains more entries,
240 * empty lists are returned. This version of lsa_lookup_sids passes
241 * the list of sids in hunks of LOOKUP_SIDS_HUNK_SIZE to the lsa call. */
243 /* This constant defines the limit of how many sids to look up
244 * in one call (maximum). the limit from the server side is
245 * at 20480 for win2k3, but we keep it at a save 1000 for now. */
246 #define LOOKUP_SIDS_HUNK_SIZE 1000
248 NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
255 enum lsa_SidType **types)
257 NTSTATUS result = NT_STATUS_OK;
259 int sids_processed = 0;
260 const DOM_SID *hunk_sids = sids;
261 char **hunk_domains = NULL;
262 char **hunk_names = NULL;
263 enum lsa_SidType *hunk_types = NULL;
266 if (!((*domains) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
267 DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
268 result = NT_STATUS_NO_MEMORY;
272 if (!((*names) = TALLOC_ARRAY(mem_ctx, char *, num_sids))) {
273 DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
274 result = NT_STATUS_NO_MEMORY;
278 if (!((*types) = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_sids))) {
279 DEBUG(0, ("rpccli_lsa_lookup_sids(): out of memory\n"));
280 result = NT_STATUS_NO_MEMORY;
289 sids_left = num_sids;
290 hunk_domains = *domains;
294 while (sids_left > 0) {
296 NTSTATUS hunk_result = NT_STATUS_OK;
298 hunk_num_sids = ((sids_left > LOOKUP_SIDS_HUNK_SIZE)
299 ? LOOKUP_SIDS_HUNK_SIZE
302 DEBUG(10, ("rpccli_lsa_lookup_sids: processing items "
305 sids_processed + hunk_num_sids - 1,
308 hunk_result = rpccli_lsa_lookup_sids_noalloc(cli,
317 if (!NT_STATUS_IS_OK(hunk_result) &&
318 !NT_STATUS_EQUAL(hunk_result, STATUS_SOME_UNMAPPED) &&
319 !NT_STATUS_EQUAL(hunk_result, NT_STATUS_NONE_MAPPED))
321 /* An actual error occured */
322 result = hunk_result;
326 /* adapt overall result */
327 if (( NT_STATUS_IS_OK(result) &&
328 !NT_STATUS_IS_OK(hunk_result))
330 ( NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) &&
331 !NT_STATUS_EQUAL(hunk_result, NT_STATUS_NONE_MAPPED)))
333 result = STATUS_SOME_UNMAPPED;
336 sids_left -= hunk_num_sids;
337 sids_processed += hunk_num_sids; /* only used in DEBUG */
338 hunk_sids += hunk_num_sids;
339 hunk_domains += hunk_num_sids;
340 hunk_names += hunk_num_sids;
341 hunk_types += hunk_num_sids;
347 TALLOC_FREE(*domains);
353 /** Lookup a list of names */
355 NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
357 POLICY_HND *pol, int num_names,
359 const char ***dom_names,
362 enum lsa_SidType **types)
364 prs_struct qbuf, rbuf;
365 LSA_Q_LOOKUP_NAMES q;
366 LSA_R_LOOKUP_NAMES r;
377 init_q_lookup_names(mem_ctx, &q, pol, num_names, names, level);
379 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES,
382 lsa_io_q_lookup_names,
383 lsa_io_r_lookup_names,
384 NT_STATUS_UNSUCCESSFUL);
388 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
389 NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
391 /* An actual error occured */
396 /* Return output parameters */
398 if (r.mapped_count == 0) {
399 result = NT_STATUS_NONE_MAPPED;
404 if (!((*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, num_names)))) {
405 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
406 result = NT_STATUS_NO_MEMORY;
410 if (!((*types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_names)))) {
411 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
412 result = NT_STATUS_NO_MEMORY;
416 if (dom_names != NULL) {
417 *dom_names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
418 if (*dom_names == NULL) {
419 DEBUG(0, ("cli_lsa_lookup_sids(): out of memory\n"));
420 result = NT_STATUS_NO_MEMORY;
427 if (dom_names != NULL) {
432 for (i = 0; i < num_names; i++) {
433 DOM_RID *t_rids = r.dom_rid;
434 uint32 dom_idx = t_rids[i].rid_idx;
435 uint32 dom_rid = t_rids[i].rid;
436 DOM_SID *sid = &(*sids)[i];
438 /* Translate optimised sid through domain index array */
440 if (dom_idx == 0xffffffff) {
441 /* Nothing to do, this is unknown */
443 (*types)[i] = SID_NAME_UNKNOWN;
447 sid_copy(sid, &ref.ref_dom[dom_idx].ref_dom.sid);
449 if (dom_rid != 0xffffffff) {
450 sid_append_rid(sid, dom_rid);
453 (*types)[i] = t_rids[i].type;
455 if (dom_names == NULL) {
459 (*dom_names)[i] = rpcstr_pull_unistr2_talloc(
460 *dom_names, &ref.ref_dom[dom_idx].uni_dom_name);
468 NTSTATUS rpccli_lsa_query_info_policy_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
469 POLICY_HND *pol, uint16 info_class,
472 prs_struct qbuf, rbuf;
480 init_q_query(&q, pol, info_class);
482 CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
487 NT_STATUS_UNSUCCESSFUL);
491 if (!NT_STATUS_IS_OK(result)) {
502 NTSTATUS rpccli_lsa_query_info_policy2_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
503 POLICY_HND *pol, uint16 info_class,
506 prs_struct qbuf, rbuf;
514 init_q_query2(&q, pol, info_class);
516 CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
519 lsa_io_q_query_info2,
520 lsa_io_r_query_info2,
521 NT_STATUS_UNSUCCESSFUL);
525 if (!NT_STATUS_IS_OK(result)) {
538 /** Query info policy
540 * @param domain_sid - returned remote server's domain sid */
542 NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli,
544 POLICY_HND *pol, uint16 info_class,
545 const char **domain_name,
546 DOM_SID **domain_sid)
548 prs_struct qbuf, rbuf;
556 init_q_query(&q, pol, info_class);
558 CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
563 NT_STATUS_UNSUCCESSFUL);
567 if (!NT_STATUS_IS_OK(result)) {
571 /* Return output parameters */
573 switch (info_class) {
576 if (domain_name && (r.ctr.info.id3.buffer_dom_name != 0)) {
577 *domain_name = unistr2_to_ascii_talloc(mem_ctx,
581 return NT_STATUS_NO_MEMORY;
585 if (domain_sid && (r.ctr.info.id3.buffer_dom_sid != 0)) {
586 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
588 return NT_STATUS_NO_MEMORY;
590 sid_copy(*domain_sid, &r.ctr.info.id3.dom_sid.sid);
597 if (domain_name && (r.ctr.info.id5.buffer_dom_name != 0)) {
598 *domain_name = unistr2_to_ascii_talloc(mem_ctx,
602 return NT_STATUS_NO_MEMORY;
606 if (domain_sid && (r.ctr.info.id5.buffer_dom_sid != 0)) {
607 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
609 return NT_STATUS_NO_MEMORY;
611 sid_copy(*domain_sid, &r.ctr.info.id5.dom_sid.sid);
616 DEBUG(3, ("unknown info class %d\n", info_class));
625 /** Query info policy2
627 * @param domain_name - returned remote server's domain name
628 * @param dns_name - returned remote server's dns domain name
629 * @param forest_name - returned remote server's forest name
630 * @param domain_guid - returned remote server's domain guid
631 * @param domain_sid - returned remote server's domain sid */
633 NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli,
635 POLICY_HND *pol, uint16 info_class,
636 const char **domain_name,
637 const char **dns_name,
638 const char **forest_name,
639 struct GUID **domain_guid,
640 DOM_SID **domain_sid)
642 prs_struct qbuf, rbuf;
645 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
647 if (info_class != 12)
653 init_q_query2(&q, pol, info_class);
655 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
658 lsa_io_q_query_info2,
659 lsa_io_r_query_info2,
660 NT_STATUS_UNSUCCESSFUL);
664 if (!NT_STATUS_IS_OK(result)) {
668 /* Return output parameters */
670 ZERO_STRUCTP(domain_guid);
672 if (domain_name && r.ctr.info.id12.hdr_nb_dom_name.buffer) {
673 *domain_name = unistr2_to_ascii_talloc(mem_ctx,
677 return NT_STATUS_NO_MEMORY;
680 if (dns_name && r.ctr.info.id12.hdr_dns_dom_name.buffer) {
681 *dns_name = unistr2_to_ascii_talloc(mem_ctx,
685 return NT_STATUS_NO_MEMORY;
688 if (forest_name && r.ctr.info.id12.hdr_forest_name.buffer) {
689 *forest_name = unistr2_to_ascii_talloc(mem_ctx,
693 return NT_STATUS_NO_MEMORY;
698 *domain_guid = TALLOC_P(mem_ctx, struct GUID);
700 return NT_STATUS_NO_MEMORY;
703 &r.ctr.info.id12.dom_guid,
704 sizeof(struct GUID));
707 if (domain_sid && r.ctr.info.id12.ptr_dom_sid != 0) {
708 *domain_sid = TALLOC_P(mem_ctx, DOM_SID);
710 return NT_STATUS_NO_MEMORY;
712 sid_copy(*domain_sid,
713 &r.ctr.info.id12.dom_sid.sid);
722 * Enumerate list of trusted domains
724 * @param cli client state (cli_state) structure of the connection
725 * @param mem_ctx memory context
726 * @param pol opened lsa policy handle
727 * @param enum_ctx enumeration context ie. index of first returned domain entry
728 * @param pref_num_domains preferred max number of entries returned in one response
729 * @param num_domains total number of trusted domains returned by response
730 * @param domain_names returned trusted domain names
731 * @param domain_sids returned trusted domain sids
733 * @return nt status code of response
736 NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
738 POLICY_HND *pol, uint32 *enum_ctx,
740 char ***domain_names, DOM_SID **domain_sids)
742 prs_struct qbuf, rbuf;
743 LSA_Q_ENUM_TRUST_DOM in;
744 LSA_R_ENUM_TRUST_DOM out;
751 /* 64k is enough for about 2000 trusted domains */
753 init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000);
755 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM,
758 lsa_io_q_enum_trust_dom,
759 lsa_io_r_enum_trust_dom,
760 NT_STATUS_UNSUCCESSFUL );
763 /* check for an actual error */
765 if ( !NT_STATUS_IS_OK(out.status)
766 && !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES)
767 && !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) )
772 /* Return output parameters */
774 *num_domains = out.count;
775 *enum_ctx = out.enum_context;
779 /* Allocate memory for trusted domain names and sids */
781 if ( !(*domain_names = TALLOC_ARRAY(mem_ctx, char *, out.count)) ) {
782 DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
783 return NT_STATUS_NO_MEMORY;
786 if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) {
787 DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n"));
788 return NT_STATUS_NO_MEMORY;
791 /* Copy across names and sids */
793 for (i = 0; i < out.count; i++) {
795 rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer,
796 sizeof(tmp), out.domlist->domains[i].name.length, 0);
797 (*domain_names)[i] = talloc_strdup(mem_ctx, tmp);
799 sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid );
806 /** Enumerate privileges*/
808 NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
809 POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length,
810 uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low)
812 prs_struct qbuf, rbuf;
821 init_q_enum_privs(&q, pol, *enum_context, pref_max_length);
823 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS,
828 NT_STATUS_UNSUCCESSFUL);
832 if (!NT_STATUS_IS_OK(result)) {
836 /* Return output parameters */
838 *enum_context = r.enum_context;
842 if (!((*privs_name = TALLOC_ARRAY(mem_ctx, char *, r.count)))) {
843 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
844 result = NT_STATUS_UNSUCCESSFUL;
848 if (!((*privs_high = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
849 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
850 result = NT_STATUS_UNSUCCESSFUL;
854 if (!((*privs_low = TALLOC_ARRAY(mem_ctx, uint32, r.count)))) {
855 DEBUG(0, ("(cli_lsa_enum_privilege): out of memory\n"));
856 result = NT_STATUS_UNSUCCESSFUL;
865 for (i = 0; i < r.count; i++) {
868 rpcstr_pull_unistr2_fstring( name, &r.privs[i].name);
870 (*privs_name)[i] = talloc_strdup(mem_ctx, name);
872 (*privs_high)[i] = r.privs[i].luid_high;
873 (*privs_low)[i] = r.privs[i].luid_low;
881 /** Get privilege name */
883 NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
884 POLICY_HND *pol, const char *name,
885 uint16 lang_id, uint16 lang_id_sys,
886 fstring description, uint16 *lang_id_desc)
888 prs_struct qbuf, rbuf;
889 LSA_Q_PRIV_GET_DISPNAME q;
890 LSA_R_PRIV_GET_DISPNAME r;
896 init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys);
898 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME,
901 lsa_io_q_priv_get_dispname,
902 lsa_io_r_priv_get_dispname,
903 NT_STATUS_UNSUCCESSFUL);
907 if (!NT_STATUS_IS_OK(result)) {
911 /* Return output parameters */
913 rpcstr_pull_unistr2_fstring(description , &r.desc);
914 *lang_id_desc = r.lang_id;
921 /** Enumerate list of SIDs */
923 NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
924 POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length,
925 uint32 *num_sids, DOM_SID **sids)
927 prs_struct qbuf, rbuf;
928 LSA_Q_ENUM_ACCOUNTS q;
929 LSA_R_ENUM_ACCOUNTS r;
936 init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length);
938 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS,
941 lsa_io_q_enum_accounts,
942 lsa_io_r_enum_accounts,
943 NT_STATUS_UNSUCCESSFUL);
947 if (!NT_STATUS_IS_OK(result)) {
951 if (r.sids.num_entries==0)
954 /* Return output parameters */
956 *sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.sids.num_entries);
958 DEBUG(0, ("(cli_lsa_enum_sids): out of memory\n"));
959 result = NT_STATUS_UNSUCCESSFUL;
963 /* Copy across names and sids */
965 for (i = 0; i < r.sids.num_entries; i++) {
966 sid_copy(&(*sids)[i], &r.sids.sid[i].sid);
969 *num_sids= r.sids.num_entries;
970 *enum_ctx = r.enum_context;
977 /** Create a LSA user handle
979 * @param cli Handle on an initialised SMB connection
981 * FIXME: The code is actually identical to open account
982 * TODO: Check and code what the function should exactly do
986 NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
987 POLICY_HND *dom_pol, DOM_SID *sid, uint32 desired_access,
988 POLICY_HND *user_pol)
990 prs_struct qbuf, rbuf;
991 LSA_Q_CREATEACCOUNT q;
992 LSA_R_CREATEACCOUNT r;
998 /* Initialise input parameters */
1000 init_lsa_q_create_account(&q, dom_pol, sid, desired_access);
1002 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT,
1005 lsa_io_q_create_account,
1006 lsa_io_r_create_account,
1007 NT_STATUS_UNSUCCESSFUL);
1009 /* Return output parameters */
1013 if (NT_STATUS_IS_OK(result)) {
1020 /** Open a LSA user handle
1022 * @param cli Handle on an initialised SMB connection */
1024 NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1025 POLICY_HND *dom_pol, DOM_SID *sid, uint32 des_access,
1026 POLICY_HND *user_pol)
1028 prs_struct qbuf, rbuf;
1029 LSA_Q_OPENACCOUNT q;
1030 LSA_R_OPENACCOUNT r;
1036 /* Initialise input parameters */
1038 init_lsa_q_open_account(&q, dom_pol, sid, des_access);
1040 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT,
1043 lsa_io_q_open_account,
1044 lsa_io_r_open_account,
1045 NT_STATUS_UNSUCCESSFUL);
1047 /* Return output parameters */
1051 if (NT_STATUS_IS_OK(result)) {
1058 /** Enumerate user privileges
1060 * @param cli Handle on an initialised SMB connection */
1062 NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1063 POLICY_HND *pol, uint32 *count, LUID_ATTR **set)
1065 prs_struct qbuf, rbuf;
1066 LSA_Q_ENUMPRIVSACCOUNT q;
1067 LSA_R_ENUMPRIVSACCOUNT r;
1074 /* Initialise input parameters */
1076 init_lsa_q_enum_privsaccount(&q, pol);
1078 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT,
1081 lsa_io_q_enum_privsaccount,
1082 lsa_io_r_enum_privsaccount,
1083 NT_STATUS_UNSUCCESSFUL);
1085 /* Return output parameters */
1089 if (!NT_STATUS_IS_OK(result)) {
1096 if (!((*set = TALLOC_ARRAY(mem_ctx, LUID_ATTR, r.count)))) {
1097 DEBUG(0, ("(cli_lsa_enum_privsaccount): out of memory\n"));
1098 result = NT_STATUS_UNSUCCESSFUL;
1102 for (i=0; i<r.count; i++) {
1103 (*set)[i].luid.low = r.set.set[i].luid.low;
1104 (*set)[i].luid.high = r.set.set[i].luid.high;
1105 (*set)[i].attr = r.set.set[i].attr;
1114 /** Get a privilege value given its name */
1116 NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1117 POLICY_HND *pol, const char *name, LUID *luid)
1119 prs_struct qbuf, rbuf;
1120 LSA_Q_LOOKUP_PRIV_VALUE q;
1121 LSA_R_LOOKUP_PRIV_VALUE r;
1127 /* Marshall data and send request */
1129 init_lsa_q_lookup_priv_value(&q, pol, name);
1131 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE,
1134 lsa_io_q_lookup_priv_value,
1135 lsa_io_r_lookup_priv_value,
1136 NT_STATUS_UNSUCCESSFUL);
1140 if (!NT_STATUS_IS_OK(result)) {
1144 /* Return output parameters */
1146 (*luid).low=r.luid.low;
1147 (*luid).high=r.luid.high;
1154 /** Query LSA security object */
1156 NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1157 POLICY_HND *pol, uint32 sec_info,
1158 SEC_DESC_BUF **psdb)
1160 prs_struct qbuf, rbuf;
1161 LSA_Q_QUERY_SEC_OBJ q;
1162 LSA_R_QUERY_SEC_OBJ r;
1168 /* Marshall data and send request */
1170 init_q_query_sec_obj(&q, pol, sec_info);
1172 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ,
1175 lsa_io_q_query_sec_obj,
1176 lsa_io_r_query_sec_obj,
1177 NT_STATUS_UNSUCCESSFUL);
1181 if (!NT_STATUS_IS_OK(result)) {
1185 /* Return output parameters */
1196 /* Enumerate account rights This is similar to enum_privileges but
1197 takes a SID directly, avoiding the open_account call.
1200 NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1201 POLICY_HND *pol, DOM_SID *sid,
1202 uint32 *count, char ***priv_names)
1204 prs_struct qbuf, rbuf;
1205 LSA_Q_ENUM_ACCT_RIGHTS q;
1206 LSA_R_ENUM_ACCT_RIGHTS r;
1209 fstring *privileges;
1215 /* Marshall data and send request */
1216 init_q_enum_acct_rights(&q, pol, 2, sid);
1218 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS,
1221 lsa_io_q_enum_acct_rights,
1222 lsa_io_r_enum_acct_rights,
1223 NT_STATUS_UNSUCCESSFUL);
1227 if (!NT_STATUS_IS_OK(result)) {
1237 privileges = TALLOC_ARRAY( mem_ctx, fstring, *count );
1238 names = TALLOC_ARRAY( mem_ctx, char *, *count );
1240 if ((privileges == NULL) || (names == NULL)) {
1241 TALLOC_FREE(privileges);
1243 return NT_STATUS_NO_MEMORY;
1246 for ( i=0; i<*count; i++ ) {
1247 UNISTR4 *uni_string = &r.rights->strings[i];
1249 if ( !uni_string->string )
1252 rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE );
1254 /* now copy to the return array */
1255 names[i] = talloc_strdup( mem_ctx, privileges[i] );
1258 *priv_names = names;
1267 /* add account rights to an account. */
1269 NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1270 POLICY_HND *pol, DOM_SID sid,
1271 uint32 count, const char **privs_name)
1273 prs_struct qbuf, rbuf;
1274 LSA_Q_ADD_ACCT_RIGHTS q;
1275 LSA_R_ADD_ACCT_RIGHTS r;
1281 /* Marshall data and send request */
1282 init_q_add_acct_rights(&q, pol, &sid, count, privs_name);
1284 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS,
1287 lsa_io_q_add_acct_rights,
1288 lsa_io_r_add_acct_rights,
1289 NT_STATUS_UNSUCCESSFUL);
1293 if (!NT_STATUS_IS_OK(result)) {
1302 /* remove account rights for an account. */
1304 NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1305 POLICY_HND *pol, DOM_SID sid, bool removeall,
1306 uint32 count, const char **privs_name)
1308 prs_struct qbuf, rbuf;
1309 LSA_Q_REMOVE_ACCT_RIGHTS q;
1310 LSA_R_REMOVE_ACCT_RIGHTS r;
1316 /* Marshall data and send request */
1317 init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name);
1319 CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS,
1322 lsa_io_q_remove_acct_rights,
1323 lsa_io_r_remove_acct_rights,
1324 NT_STATUS_UNSUCCESSFUL);
1328 if (!NT_STATUS_IS_OK(result)) {
1339 /** An example of how to use the routines in this file. Fetch a DOMAIN
1340 sid. Does complete cli setup / teardown anonymously. */
1342 bool fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
1344 struct cli_state cli;
1350 if(cli_initialise(&cli) == False) {
1351 DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
1355 if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
1356 DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
1360 if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
1361 DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
1362 machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1366 if (!attempt_netbios_session_request(&cli, global_myname(), remote_machine, &cli.dest_ip)) {
1367 DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
1372 cli.protocol = PROTOCOL_NT1;
1374 if (!cli_negprot(&cli)) {
1375 DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
1376 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1380 if (cli.protocol != PROTOCOL_NT1) {
1381 DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
1387 * Do an anonymous session setup.
1390 if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
1391 DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
1392 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1396 if (!(cli.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
1397 DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
1402 if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
1403 DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
1404 Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
1408 /* Fetch domain sid */
1410 if (!cli_nt_session_open(&cli, PI_LSARPC)) {
1411 DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
1415 result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
1416 if (!NT_STATUS_IS_OK(result)) {
1417 DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
1418 nt_errstr(result) ));
1422 result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
1423 if (!NT_STATUS_IS_OK(result)) {
1424 DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
1425 nt_errstr(result) ));