2 Unix SMB/CIFS implementation.
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997,2000,
7 Copyright (C) Paul Ashton 1997,2000,
8 Copyright (C) Elrond 2000,
9 Copyright (C) Rafal Szczesniak 2002.
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 /* Connect to SAMR database */
30 NTSTATUS cli_samr_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx,
31 uint32 access_mask, POLICY_HND *connect_pol)
33 prs_struct qbuf, rbuf;
36 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
38 DEBUG(10,("cli_samr_connect to %s\n", cli->desthost));
43 /* Initialise parse structures */
45 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
46 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
48 /* Marshall data and send request */
50 init_samr_q_connect(&q, cli->desthost, access_mask);
52 if (!samr_io_q_connect("", &q, &qbuf, 0) ||
53 !rpc_api_pipe_req(cli, SAMR_CONNECT, &qbuf, &rbuf))
56 /* Unmarshall response */
58 if (!samr_io_r_connect("", &r, &rbuf, 0))
61 /* Return output parameters */
63 if (NT_STATUS_IS_OK(result = r.status)) {
64 *connect_pol = r.connect_pol;
66 connect_pol->marker = malloc(1);
77 /* Connect to SAMR database */
79 NTSTATUS cli_samr_connect4(struct cli_state *cli, TALLOC_CTX *mem_ctx,
80 uint32 access_mask, POLICY_HND *connect_pol)
82 prs_struct qbuf, rbuf;
85 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
87 DEBUG(10,("cli_samr_connect4 to %s\n", cli->desthost));
92 /* Initialise parse structures */
94 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
95 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
97 /* Marshall data and send request */
99 init_samr_q_connect4(&q, cli->desthost, access_mask);
101 if (!samr_io_q_connect4("", &q, &qbuf, 0) ||
102 !rpc_api_pipe_req(cli, SAMR_CONNECT4, &qbuf, &rbuf))
105 /* Unmarshall response */
107 if (!samr_io_r_connect4("", &r, &rbuf, 0))
110 /* Return output parameters */
112 if (NT_STATUS_IS_OK(result = r.status)) {
113 *connect_pol = r.connect_pol;
115 connect_pol->marker = malloc(1);
126 /* Close SAMR handle */
128 NTSTATUS cli_samr_close(struct cli_state *cli, TALLOC_CTX *mem_ctx,
129 POLICY_HND *connect_pol)
131 prs_struct qbuf, rbuf;
134 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
136 DEBUG(10,("cli_samr_close\n"));
141 /* Initialise parse structures */
143 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
144 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
146 /* Marshall data and send request */
148 init_samr_q_close_hnd(&q, connect_pol);
150 if (!samr_io_q_close_hnd("", &q, &qbuf, 0) ||
151 !rpc_api_pipe_req(cli, SAMR_CLOSE_HND, &qbuf, &rbuf))
154 /* Unmarshall response */
156 if (!samr_io_r_close_hnd("", &r, &rbuf, 0))
159 /* Return output parameters */
161 if (NT_STATUS_IS_OK(result = r.status)) {
163 SAFE_FREE(connect_pol->marker);
165 *connect_pol = r.pol;
175 /* Open handle on a domain */
177 NTSTATUS cli_samr_open_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
178 POLICY_HND *connect_pol, uint32 access_mask,
179 const DOM_SID *domain_sid, POLICY_HND *domain_pol)
181 prs_struct qbuf, rbuf;
182 SAMR_Q_OPEN_DOMAIN q;
183 SAMR_R_OPEN_DOMAIN r;
184 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
186 DEBUG(10,("cli_samr_open_domain with sid %s\n", sid_string_static(domain_sid) ));
191 /* Initialise parse structures */
193 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
194 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
196 /* Marshall data and send request */
198 init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid);
200 if (!samr_io_q_open_domain("", &q, &qbuf, 0) ||
201 !rpc_api_pipe_req(cli, SAMR_OPEN_DOMAIN, &qbuf, &rbuf))
204 /* Unmarshall response */
206 if (!samr_io_r_open_domain("", &r, &rbuf, 0))
209 /* Return output parameters */
211 if (NT_STATUS_IS_OK(result = r.status)) {
212 *domain_pol = r.domain_pol;
214 domain_pol->marker = malloc(1);
225 /* Open handle on a user */
227 NTSTATUS cli_samr_open_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
228 POLICY_HND *domain_pol, uint32 access_mask,
229 uint32 user_rid, POLICY_HND *user_pol)
231 prs_struct qbuf, rbuf;
234 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
236 DEBUG(10,("cli_samr_open_user with rid 0x%x\n", user_rid ));
241 /* Initialise parse structures */
243 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
244 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
246 /* Marshall data and send request */
248 init_samr_q_open_user(&q, domain_pol, access_mask, user_rid);
250 if (!samr_io_q_open_user("", &q, &qbuf, 0) ||
251 !rpc_api_pipe_req(cli, SAMR_OPEN_USER, &qbuf, &rbuf))
254 /* Unmarshall response */
256 if (!samr_io_r_open_user("", &r, &rbuf, 0))
259 /* Return output parameters */
261 if (NT_STATUS_IS_OK(result = r.status)) {
262 *user_pol = r.user_pol;
264 user_pol->marker = malloc(1);
275 /* Open handle on a group */
277 NTSTATUS cli_samr_open_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
278 POLICY_HND *domain_pol, uint32 access_mask,
279 uint32 group_rid, POLICY_HND *group_pol)
281 prs_struct qbuf, rbuf;
284 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
286 DEBUG(10,("cli_samr_open_group with rid 0x%x\n", group_rid ));
291 /* Initialise parse structures */
293 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
294 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
296 /* Marshall data and send request */
298 init_samr_q_open_group(&q, domain_pol, access_mask, group_rid);
300 if (!samr_io_q_open_group("", &q, &qbuf, 0) ||
301 !rpc_api_pipe_req(cli, SAMR_OPEN_GROUP, &qbuf, &rbuf))
304 /* Unmarshall response */
306 if (!samr_io_r_open_group("", &r, &rbuf, 0))
309 /* Return output parameters */
311 if (NT_STATUS_IS_OK(result = r.status)) {
314 group_pol->marker = malloc(1);
325 /* Create domain group */
327 NTSTATUS cli_samr_create_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
328 POLICY_HND *domain_pol,
329 const char *group_name,
330 uint32 access_mask, POLICY_HND *group_pol)
332 prs_struct qbuf, rbuf;
333 SAMR_Q_CREATE_DOM_GROUP q;
334 SAMR_R_CREATE_DOM_GROUP r;
335 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
337 DEBUG(10,("cli_samr_create_dom_group\n"));
342 /* Initialise parse structures */
344 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
345 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
347 /* Marshall data and send request */
349 init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask);
351 if (!samr_io_q_create_dom_group("", &q, &qbuf, 0) ||
352 !rpc_api_pipe_req(cli, SAMR_CREATE_DOM_GROUP, &qbuf, &rbuf))
355 /* Unmarshall response */
357 if (!samr_io_r_create_dom_group("", &r, &rbuf, 0))
360 /* Return output parameters */
364 if (NT_STATUS_IS_OK(result))
374 /* Add a domain group member */
376 NTSTATUS cli_samr_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
377 POLICY_HND *group_pol, uint32 rid)
379 prs_struct qbuf, rbuf;
380 SAMR_Q_ADD_GROUPMEM q;
381 SAMR_R_ADD_GROUPMEM r;
382 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
384 DEBUG(10,("cli_samr_add_groupmem\n"));
389 /* Initialise parse structures */
391 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
392 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
394 /* Marshall data and send request */
396 init_samr_q_add_groupmem(&q, group_pol, rid);
398 if (!samr_io_q_add_groupmem("", &q, &qbuf, 0) ||
399 !rpc_api_pipe_req(cli, SAMR_ADD_GROUPMEM, &qbuf, &rbuf))
402 /* Unmarshall response */
404 if (!samr_io_r_add_groupmem("", &r, &rbuf, 0))
407 /* Return output parameters */
418 /* Delete a domain group member */
420 NTSTATUS cli_samr_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
421 POLICY_HND *group_pol, uint32 rid)
423 prs_struct qbuf, rbuf;
424 SAMR_Q_DEL_GROUPMEM q;
425 SAMR_R_DEL_GROUPMEM r;
426 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
428 DEBUG(10,("cli_samr_del_groupmem\n"));
433 /* Initialise parse structures */
435 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
436 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
438 /* Marshall data and send request */
440 init_samr_q_del_groupmem(&q, group_pol, rid);
442 if (!samr_io_q_del_groupmem("", &q, &qbuf, 0) ||
443 !rpc_api_pipe_req(cli, SAMR_DEL_GROUPMEM, &qbuf, &rbuf))
446 /* Unmarshall response */
448 if (!samr_io_r_del_groupmem("", &r, &rbuf, 0))
451 /* Return output parameters */
462 /* Query user info */
464 NTSTATUS cli_samr_query_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
465 POLICY_HND *user_pol, uint16 switch_value,
466 SAM_USERINFO_CTR **ctr)
468 prs_struct qbuf, rbuf;
469 SAMR_Q_QUERY_USERINFO q;
470 SAMR_R_QUERY_USERINFO r;
471 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
473 DEBUG(10,("cli_samr_query_userinfo\n"));
478 /* Initialise parse structures */
480 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
481 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
483 /* Marshall data and send request */
485 init_samr_q_query_userinfo(&q, user_pol, switch_value);
487 if (!samr_io_q_query_userinfo("", &q, &qbuf, 0) ||
488 !rpc_api_pipe_req(cli, SAMR_QUERY_USERINFO, &qbuf, &rbuf))
491 /* Unmarshall response */
493 if (!samr_io_r_query_userinfo("", &r, &rbuf, 0))
496 /* Return output parameters */
510 NTSTATUS cli_samr_set_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
511 POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
513 prs_struct qbuf, rbuf;
514 SAMR_Q_SET_GROUPINFO q;
515 SAMR_R_SET_GROUPINFO r;
516 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
518 DEBUG(10,("cli_samr_set_groupinfo\n"));
523 /* Initialise parse structures */
525 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
526 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
528 /* Marshall data and send request */
530 init_samr_q_set_groupinfo(&q, group_pol, ctr);
532 if (!samr_io_q_set_groupinfo("", &q, &qbuf, 0) ||
533 !rpc_api_pipe_req(cli, SAMR_SET_GROUPINFO, &qbuf, &rbuf))
536 /* Unmarshall response */
538 if (!samr_io_r_set_groupinfo("", &r, &rbuf, 0))
541 /* Return output parameters */
552 /* Query group info */
554 NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
555 POLICY_HND *group_pol, uint32 info_level,
556 GROUP_INFO_CTR **ctr)
558 prs_struct qbuf, rbuf;
559 SAMR_Q_QUERY_GROUPINFO q;
560 SAMR_R_QUERY_GROUPINFO r;
561 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
563 DEBUG(10,("cli_samr_query_groupinfo\n"));
568 /* Initialise parse structures */
570 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
571 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
573 /* Marshall data and send request */
575 init_samr_q_query_groupinfo(&q, group_pol, info_level);
577 if (!samr_io_q_query_groupinfo("", &q, &qbuf, 0) ||
578 !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPINFO, &qbuf, &rbuf))
581 /* Unmarshall response */
583 if (!samr_io_r_query_groupinfo("", &r, &rbuf, 0))
588 /* Return output parameters */
599 /* Query user groups */
601 NTSTATUS cli_samr_query_usergroups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
602 POLICY_HND *user_pol, uint32 *num_groups,
605 prs_struct qbuf, rbuf;
606 SAMR_Q_QUERY_USERGROUPS q;
607 SAMR_R_QUERY_USERGROUPS r;
608 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
610 DEBUG(10,("cli_samr_query_usergroups\n"));
615 /* Initialise parse structures */
617 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
618 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
620 /* Marshall data and send request */
622 init_samr_q_query_usergroups(&q, user_pol);
624 if (!samr_io_q_query_usergroups("", &q, &qbuf, 0) ||
625 !rpc_api_pipe_req(cli, SAMR_QUERY_USERGROUPS, &qbuf, &rbuf))
628 /* Unmarshall response */
630 if (!samr_io_r_query_usergroups("", &r, &rbuf, 0))
633 /* Return output parameters */
635 if (NT_STATUS_IS_OK(result = r.status)) {
636 *num_groups = r.num_entries;
649 NTSTATUS cli_samr_set_aliasinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
650 POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
652 prs_struct qbuf, rbuf;
653 SAMR_Q_SET_ALIASINFO q;
654 SAMR_R_SET_ALIASINFO r;
655 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
657 DEBUG(10,("cli_samr_set_aliasinfo\n"));
662 /* Initialise parse structures */
664 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
665 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
667 /* Marshall data and send request */
669 init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
671 if (!samr_io_q_set_aliasinfo("", &q, &qbuf, 0) ||
672 !rpc_api_pipe_req(cli, SAMR_SET_ALIASINFO, &qbuf, &rbuf))
675 /* Unmarshall response */
677 if (!samr_io_r_set_aliasinfo("", &r, &rbuf, 0))
680 /* Return output parameters */
691 /* Query user aliases */
693 NTSTATUS cli_samr_query_useraliases(struct cli_state *cli, TALLOC_CTX *mem_ctx,
694 POLICY_HND *user_pol, uint32 num_sids, DOM_SID2 *sid,
695 uint32 *num_aliases, uint32 **als_rids)
697 prs_struct qbuf, rbuf;
698 SAMR_Q_QUERY_USERALIASES q;
699 SAMR_R_QUERY_USERALIASES r;
700 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
703 DEBUG(10,("cli_samr_query_useraliases\n"));
708 /* Initialise parse structures */
710 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
711 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
713 /* Marshall data and send request */
715 init_samr_q_query_useraliases(&q, user_pol, num_sids, &ptr, sid);
717 if (!samr_io_q_query_useraliases("", &q, &qbuf, 0) ||
718 !rpc_api_pipe_req(cli, SAMR_QUERY_USERALIASES, &qbuf, &rbuf))
721 /* Unmarshall response */
723 if (!samr_io_r_query_useraliases("", &r, &rbuf, 0))
726 /* Return output parameters */
728 if (NT_STATUS_IS_OK(result = r.status)) {
729 *num_aliases = r.num_entries;
740 /* Query user groups */
742 NTSTATUS cli_samr_query_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
743 POLICY_HND *group_pol, uint32 *num_mem,
744 uint32 **rid, uint32 **attr)
746 prs_struct qbuf, rbuf;
747 SAMR_Q_QUERY_GROUPMEM q;
748 SAMR_R_QUERY_GROUPMEM r;
749 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
751 DEBUG(10,("cli_samr_query_groupmem\n"));
756 /* Initialise parse structures */
758 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
759 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
761 /* Marshall data and send request */
763 init_samr_q_query_groupmem(&q, group_pol);
765 if (!samr_io_q_query_groupmem("", &q, &qbuf, 0) ||
766 !rpc_api_pipe_req(cli, SAMR_QUERY_GROUPMEM, &qbuf, &rbuf))
769 /* Unmarshall response */
771 if (!samr_io_r_query_groupmem("", &r, &rbuf, 0))
774 /* Return output parameters */
776 if (NT_STATUS_IS_OK(result = r.status)) {
777 *num_mem = r.num_entries;
790 * Enumerate domain users
792 * @param cli client state structure
793 * @param mem_ctx talloc context
794 * @param pol opened domain policy handle
795 * @param start_idx starting index of enumeration, returns context for
797 * @param acb_mask account control bit mask (to enumerate some particular
799 * @param size max acceptable size of response
800 * @param dom_users returned array of domain user names
801 * @param rids returned array of domain user RIDs
802 * @param num_dom_users numer returned entries
804 * @return NTSTATUS returned in rpc response
806 NTSTATUS cli_samr_enum_dom_users(struct cli_state *cli, TALLOC_CTX *mem_ctx,
807 POLICY_HND *pol, uint32 *start_idx, uint16 acb_mask,
808 uint32 size, char ***dom_users, uint32 **rids,
809 uint32 *num_dom_users)
813 SAMR_Q_ENUM_DOM_USERS q;
814 SAMR_R_ENUM_DOM_USERS r;
815 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
818 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
823 /* always init this */
826 /* Initialise parse structures */
828 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
829 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
831 /* Fill query structure with parameters */
833 init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, 0, size);
835 if (!samr_io_q_enum_dom_users("", &q, &qbuf, 0) ||
836 !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_USERS, &qbuf, &rbuf)) {
840 /* unpack received stream */
842 if(!samr_io_r_enum_dom_users("", &r, &rbuf, 0))
847 if (!NT_STATUS_IS_OK(result) &&
848 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
851 *start_idx = r.next_idx;
852 *num_dom_users = r.num_entries2;
854 if (r.num_entries2) {
855 /* allocate memory needed to return received data */
856 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
858 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
859 return NT_STATUS_NO_MEMORY;
862 *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
864 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
865 return NT_STATUS_NO_MEMORY;
868 /* fill output buffers with rpc response */
869 for (i = 0; i < r.num_entries2; i++) {
872 (*rids)[i] = r.sam[i].rid;
873 unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf) - 1);
874 (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
885 /* Enumerate domain groups */
887 NTSTATUS cli_samr_enum_dom_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
888 POLICY_HND *pol, uint32 *start_idx,
889 uint32 size, struct acct_info **dom_groups,
890 uint32 *num_dom_groups)
892 prs_struct qbuf, rbuf;
893 SAMR_Q_ENUM_DOM_GROUPS q;
894 SAMR_R_ENUM_DOM_GROUPS r;
895 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
898 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
903 /* Initialise parse structures */
905 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
906 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
908 /* Marshall data and send request */
910 init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
912 if (!samr_io_q_enum_dom_groups("", &q, &qbuf, 0) ||
913 !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_GROUPS, &qbuf, &rbuf))
916 /* Unmarshall response */
918 if (!samr_io_r_enum_dom_groups("", &r, &rbuf, 0))
921 /* Return output parameters */
925 if (!NT_STATUS_IS_OK(result) &&
926 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
929 *num_dom_groups = r.num_entries2;
931 if (*num_dom_groups == 0)
934 if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
935 result = NT_STATUS_NO_MEMORY;
939 memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
943 for (i = 0; i < *num_dom_groups; i++) {
945 (*dom_groups)[i].rid = r.sam[i].rid;
947 if (r.sam[i].hdr_name.buffer) {
948 unistr2_to_ascii((*dom_groups)[i].acct_name,
949 &r.uni_grp_name[name_idx],
950 sizeof(fstring) - 1);
954 *start_idx = r.next_idx;
964 /* Enumerate domain groups */
966 NTSTATUS cli_samr_enum_als_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx,
967 POLICY_HND *pol, uint32 *start_idx,
968 uint32 size, struct acct_info **dom_aliases,
969 uint32 *num_dom_aliases)
971 prs_struct qbuf, rbuf;
972 SAMR_Q_ENUM_DOM_ALIASES q;
973 SAMR_R_ENUM_DOM_ALIASES r;
974 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
977 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
982 /* Initialise parse structures */
984 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
985 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
987 /* Marshall data and send request */
989 init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
991 if (!samr_io_q_enum_dom_aliases("", &q, &qbuf, 0) ||
992 !rpc_api_pipe_req(cli, SAMR_ENUM_DOM_ALIASES, &qbuf, &rbuf)) {
996 /* Unmarshall response */
998 if (!samr_io_r_enum_dom_aliases("", &r, &rbuf, 0)) {
1002 /* Return output parameters */
1006 if (!NT_STATUS_IS_OK(result) &&
1007 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1011 *num_dom_aliases = r.num_entries2;
1013 if (*num_dom_aliases == 0)
1016 if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
1017 result = NT_STATUS_NO_MEMORY;
1021 memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
1025 for (i = 0; i < *num_dom_aliases; i++) {
1027 (*dom_aliases)[i].rid = r.sam[i].rid;
1029 if (r.sam[i].hdr_name.buffer) {
1030 unistr2_to_ascii((*dom_aliases)[i].acct_name,
1031 &r.uni_grp_name[name_idx],
1032 sizeof(fstring) - 1);
1036 *start_idx = r.next_idx;
1040 prs_mem_free(&qbuf);
1041 prs_mem_free(&rbuf);
1046 /* Query alias members */
1048 NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1049 POLICY_HND *alias_pol, uint32 *num_mem,
1052 prs_struct qbuf, rbuf;
1053 SAMR_Q_QUERY_ALIASMEM q;
1054 SAMR_R_QUERY_ALIASMEM r;
1055 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1058 DEBUG(10,("cli_samr_query_aliasmem\n"));
1063 /* Initialise parse structures */
1065 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1066 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1068 /* Marshall data and send request */
1070 init_samr_q_query_aliasmem(&q, alias_pol);
1072 if (!samr_io_q_query_aliasmem("", &q, &qbuf, 0) ||
1073 !rpc_api_pipe_req(cli, SAMR_QUERY_ALIASMEM, &qbuf, &rbuf)) {
1077 /* Unmarshall response */
1079 if (!samr_io_r_query_aliasmem("", &r, &rbuf, 0)) {
1083 /* Return output parameters */
1085 if (!NT_STATUS_IS_OK(result = r.status)) {
1089 *num_mem = r.num_sids;
1091 if (*num_mem == 0) {
1093 result = NT_STATUS_OK;
1097 if (!(*sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *num_mem))) {
1098 result = NT_STATUS_UNSUCCESSFUL;
1102 for (i = 0; i < *num_mem; i++) {
1103 (*sids)[i] = r.sid[i].sid;
1107 prs_mem_free(&qbuf);
1108 prs_mem_free(&rbuf);
1113 /* Open handle on an alias */
1115 NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1116 POLICY_HND *domain_pol, uint32 access_mask,
1117 uint32 alias_rid, POLICY_HND *alias_pol)
1119 prs_struct qbuf, rbuf;
1120 SAMR_Q_OPEN_ALIAS q;
1121 SAMR_R_OPEN_ALIAS r;
1124 DEBUG(10,("cli_samr_open_alias with rid 0x%x\n", alias_rid));
1129 /* Initialise parse structures */
1131 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1132 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1134 /* Marshall data and send request */
1136 init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid);
1138 if (!samr_io_q_open_alias("", &q, &qbuf, 0) ||
1139 !rpc_api_pipe_req(cli, SAMR_OPEN_ALIAS, &qbuf, &rbuf)) {
1140 result = NT_STATUS_UNSUCCESSFUL;
1144 /* Unmarshall response */
1146 if (!samr_io_r_open_alias("", &r, &rbuf, 0)) {
1147 result = NT_STATUS_UNSUCCESSFUL;
1151 /* Return output parameters */
1153 if (NT_STATUS_IS_OK(result = r.status)) {
1156 alias_pol->marker = malloc(1);
1161 prs_mem_free(&qbuf);
1162 prs_mem_free(&rbuf);
1167 /* Create an alias */
1169 NTSTATUS cli_samr_create_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1170 POLICY_HND *domain_pol, const char *name,
1171 POLICY_HND *alias_pol)
1173 prs_struct qbuf, rbuf;
1174 SAMR_Q_CREATE_DOM_ALIAS q;
1175 SAMR_R_CREATE_DOM_ALIAS r;
1178 DEBUG(10,("cli_samr_create_dom_alias named %s\n", name));
1183 /* Initialise parse structures */
1185 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1186 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1188 /* Marshall data and send request */
1190 init_samr_q_create_dom_alias(&q, domain_pol, name);
1192 if (!samr_io_q_create_dom_alias("", &q, &qbuf, 0) ||
1193 !rpc_api_pipe_req(cli, SAMR_CREATE_DOM_ALIAS, &qbuf, &rbuf)) {
1194 result = NT_STATUS_UNSUCCESSFUL;
1198 /* Unmarshall response */
1200 if (!samr_io_r_create_dom_alias("", &r, &rbuf, 0)) {
1201 result = NT_STATUS_UNSUCCESSFUL;
1205 /* Return output parameters */
1207 if (NT_STATUS_IS_OK(result = r.status)) {
1208 *alias_pol = r.alias_pol;
1212 prs_mem_free(&qbuf);
1213 prs_mem_free(&rbuf);
1218 /* Add an alias member */
1220 NTSTATUS cli_samr_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1221 POLICY_HND *alias_pol, DOM_SID *member)
1223 prs_struct qbuf, rbuf;
1224 SAMR_Q_ADD_ALIASMEM q;
1225 SAMR_R_ADD_ALIASMEM r;
1228 DEBUG(10,("cli_samr_add_aliasmem"));
1233 /* Initialise parse structures */
1235 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1236 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1238 /* Marshall data and send request */
1240 init_samr_q_add_aliasmem(&q, alias_pol, member);
1242 if (!samr_io_q_add_aliasmem("", &q, &qbuf, 0) ||
1243 !rpc_api_pipe_req(cli, SAMR_ADD_ALIASMEM, &qbuf, &rbuf)) {
1244 result = NT_STATUS_UNSUCCESSFUL;
1248 /* Unmarshall response */
1250 if (!samr_io_r_add_aliasmem("", &r, &rbuf, 0)) {
1251 result = NT_STATUS_UNSUCCESSFUL;
1258 prs_mem_free(&qbuf);
1259 prs_mem_free(&rbuf);
1264 /* Delete an alias member */
1266 NTSTATUS cli_samr_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1267 POLICY_HND *alias_pol, DOM_SID *member)
1269 prs_struct qbuf, rbuf;
1270 SAMR_Q_DEL_ALIASMEM q;
1271 SAMR_R_DEL_ALIASMEM r;
1274 DEBUG(10,("cli_samr_del_aliasmem"));
1279 /* Initialise parse structures */
1281 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1282 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1284 /* Marshall data and send request */
1286 init_samr_q_del_aliasmem(&q, alias_pol, member);
1288 if (!samr_io_q_del_aliasmem("", &q, &qbuf, 0) ||
1289 !rpc_api_pipe_req(cli, SAMR_DEL_ALIASMEM, &qbuf, &rbuf)) {
1290 result = NT_STATUS_UNSUCCESSFUL;
1294 /* Unmarshall response */
1296 if (!samr_io_r_del_aliasmem("", &r, &rbuf, 0)) {
1297 result = NT_STATUS_UNSUCCESSFUL;
1304 prs_mem_free(&qbuf);
1305 prs_mem_free(&rbuf);
1310 /* Query alias info */
1312 NTSTATUS cli_samr_query_alias_info(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1313 POLICY_HND *alias_pol, uint16 switch_value,
1314 ALIAS_INFO_CTR *ctr)
1316 prs_struct qbuf, rbuf;
1317 SAMR_Q_QUERY_ALIASINFO q;
1318 SAMR_R_QUERY_ALIASINFO r;
1319 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1321 DEBUG(10,("cli_samr_query_dom_info\n"));
1326 /* Initialise parse structures */
1328 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1329 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1331 /* Marshall data and send request */
1333 init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
1335 if (!samr_io_q_query_aliasinfo("", &q, &qbuf, 0) ||
1336 !rpc_api_pipe_req(cli, SAMR_QUERY_ALIASINFO, &qbuf, &rbuf)) {
1340 /* Unmarshall response */
1342 if (!samr_io_r_query_aliasinfo("", &r, &rbuf, 0)) {
1346 /* Return output parameters */
1348 if (!NT_STATUS_IS_OK(result = r.status)) {
1355 prs_mem_free(&qbuf);
1356 prs_mem_free(&rbuf);
1361 /* Query domain info */
1363 NTSTATUS cli_samr_query_dom_info(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1364 POLICY_HND *domain_pol, uint16 switch_value,
1367 prs_struct qbuf, rbuf;
1368 SAMR_Q_QUERY_DOMAIN_INFO q;
1369 SAMR_R_QUERY_DOMAIN_INFO r;
1370 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1372 DEBUG(10,("cli_samr_query_dom_info\n"));
1377 /* Initialise parse structures */
1379 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1380 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1382 /* Marshall data and send request */
1384 init_samr_q_query_dom_info(&q, domain_pol, switch_value);
1386 if (!samr_io_q_query_dom_info("", &q, &qbuf, 0) ||
1387 !rpc_api_pipe_req(cli, SAMR_QUERY_DOMAIN_INFO, &qbuf, &rbuf)) {
1391 /* Unmarshall response */
1395 if (!samr_io_r_query_dom_info("", &r, &rbuf, 0)) {
1399 /* Return output parameters */
1401 if (!NT_STATUS_IS_OK(result = r.status)) {
1406 prs_mem_free(&qbuf);
1407 prs_mem_free(&rbuf);
1412 /* User change password */
1414 NTSTATUS cli_samr_chgpasswd_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1415 const char *username,
1416 const char *newpassword,
1417 const char *oldpassword )
1419 prs_struct qbuf, rbuf;
1420 SAMR_Q_CHGPASSWD_USER q;
1421 SAMR_R_CHGPASSWD_USER r;
1422 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1424 uchar new_nt_password[516];
1425 uchar new_lm_password[516];
1426 uchar old_nt_hash[16];
1427 uchar old_lanman_hash[16];
1428 uchar old_nt_hash_enc[16];
1429 uchar old_lanman_hash_enc[16];
1431 uchar new_nt_hash[16];
1432 uchar new_lanman_hash[16];
1434 DEBUG(10,("cli_samr_query_dom_info\n"));
1439 /* Calculate the MD4 hash (NT compatible) of the password */
1440 E_md4hash(oldpassword, old_nt_hash);
1441 E_md4hash(newpassword, new_nt_hash);
1443 if (lp_client_lanman_auth()
1444 && E_deshash(newpassword, new_lanman_hash)
1445 && E_deshash(oldpassword, old_lanman_hash)) {
1446 /* E_deshash returns false for 'long' passwords (> 14
1447 DOS chars). This allows us to match Win2k, which
1448 does not store a LM hash for these passwords (which
1449 would reduce the effective password length to 14) */
1451 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
1453 SamOEMhash( new_lm_password, old_nt_hash, 516);
1454 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
1456 ZERO_STRUCT(new_lm_password);
1457 ZERO_STRUCT(old_lanman_hash_enc);
1460 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
1462 SamOEMhash( new_nt_password, old_nt_hash, 516);
1463 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
1465 /* Initialise parse structures */
1467 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1468 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1470 /* Marshall data and send request */
1472 init_samr_q_chgpasswd_user(&q, cli->srv_name_slash, username,
1476 old_lanman_hash_enc);
1478 if (!samr_io_q_chgpasswd_user("", &q, &qbuf, 0) ||
1479 !rpc_api_pipe_req(cli, SAMR_CHGPASSWD_USER, &qbuf, &rbuf)) {
1483 /* Unmarshall response */
1485 if (!samr_io_r_chgpasswd_user("", &r, &rbuf, 0)) {
1489 /* Return output parameters */
1491 if (!NT_STATUS_IS_OK(result = r.status)) {
1496 prs_mem_free(&qbuf);
1497 prs_mem_free(&rbuf);
1502 /* This function returns the bizzare set of (max_entries, max_size) required
1503 for the QueryDisplayInfo RPC to actually work against a domain controller
1504 with large (10k and higher) numbers of users. These values were
1505 obtained by inspection using ethereal and NT4 running User Manager. */
1507 void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
1510 switch(loop_count) {
1516 *max_entries = 1024;
1520 *max_entries = 2048;
1524 *max_entries = 4096;
1527 default: /* loop_count >= 4 */
1528 *max_entries = 4096;
1534 /* Query display info */
1536 NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1537 POLICY_HND *domain_pol, uint32 *start_idx,
1538 uint16 switch_value, uint32 *num_entries,
1539 uint32 max_entries, uint32 max_size,
1540 SAM_DISPINFO_CTR *ctr)
1542 prs_struct qbuf, rbuf;
1543 SAMR_Q_QUERY_DISPINFO q;
1544 SAMR_R_QUERY_DISPINFO r;
1545 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1547 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
1554 /* Initialise parse structures */
1556 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1557 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1559 /* Marshall data and send request */
1561 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
1562 *start_idx, max_entries, max_size);
1564 if (!samr_io_q_query_dispinfo("", &q, &qbuf, 0) ||
1565 !rpc_api_pipe_req(cli, SAMR_QUERY_DISPINFO, &qbuf, &rbuf)) {
1569 /* Unmarshall response */
1573 if (!samr_io_r_query_dispinfo("", &r, &rbuf, 0)) {
1577 /* Return output parameters */
1581 if (!NT_STATUS_IS_OK(result) &&
1582 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1586 *num_entries = r.num_entries;
1587 *start_idx += r.num_entries; /* No next_idx in this structure! */
1590 prs_mem_free(&qbuf);
1591 prs_mem_free(&rbuf);
1596 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
1597 looked up in one packet. */
1599 NTSTATUS cli_samr_lookup_rids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1600 POLICY_HND *domain_pol, uint32 flags,
1601 uint32 num_rids, uint32 *rids,
1602 uint32 *num_names, char ***names,
1603 uint32 **name_types)
1605 prs_struct qbuf, rbuf;
1606 SAMR_Q_LOOKUP_RIDS q;
1607 SAMR_R_LOOKUP_RIDS r;
1608 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1611 DEBUG(10,("cli_samr_lookup_rids\n"));
1613 if (num_rids > 1000) {
1614 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
1615 "more than ~1000 rids are looked up at once.\n"));
1621 /* Initialise parse structures */
1623 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1624 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1626 /* Marshall data and send request */
1628 init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, flags,
1631 if (!samr_io_q_lookup_rids("", &q, &qbuf, 0) ||
1632 !rpc_api_pipe_req(cli, SAMR_LOOKUP_RIDS, &qbuf, &rbuf)) {
1636 /* Unmarshall response */
1638 if (!samr_io_r_lookup_rids("", &r, &rbuf, 0)) {
1642 /* Return output parameters */
1644 if (!NT_STATUS_IS_OK(result = r.status)) {
1648 if (r.num_names1 == 0) {
1654 *num_names = r.num_names1;
1655 *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
1656 *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
1658 for (i = 0; i < r.num_names1; i++) {
1661 unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp) - 1);
1662 (*names)[i] = talloc_strdup(mem_ctx, tmp);
1663 (*name_types)[i] = r.type[i];
1667 prs_mem_free(&qbuf);
1668 prs_mem_free(&rbuf);
1675 NTSTATUS cli_samr_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1676 POLICY_HND *domain_pol, uint32 flags,
1677 uint32 num_names, const char **names,
1678 uint32 *num_rids, uint32 **rids,
1681 prs_struct qbuf, rbuf;
1682 SAMR_Q_LOOKUP_NAMES q;
1683 SAMR_R_LOOKUP_NAMES r;
1684 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1687 DEBUG(10,("cli_samr_lookup_names\n"));
1692 /* Initialise parse structures */
1694 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1695 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1697 /* Marshall data and send request */
1699 init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
1702 if (!samr_io_q_lookup_names("", &q, &qbuf, 0) ||
1703 !rpc_api_pipe_req(cli, SAMR_LOOKUP_NAMES, &qbuf, &rbuf)) {
1707 /* Unmarshall response */
1709 if (!samr_io_r_lookup_names("", &r, &rbuf, 0)) {
1713 /* Return output parameters */
1715 if (!NT_STATUS_IS_OK(result = r.status)) {
1719 if (r.num_rids1 == 0) {
1724 *num_rids = r.num_rids1;
1725 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1726 *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1728 for (i = 0; i < r.num_rids1; i++) {
1729 (*rids)[i] = r.rids[i];
1730 (*rid_types)[i] = r.types[i];
1734 prs_mem_free(&qbuf);
1735 prs_mem_free(&rbuf);
1740 /* Create a domain user */
1742 NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1743 POLICY_HND *domain_pol, const char *acct_name,
1744 uint32 acb_info, uint32 unknown,
1745 POLICY_HND *user_pol, uint32 *rid)
1747 prs_struct qbuf, rbuf;
1748 SAMR_Q_CREATE_USER q;
1749 SAMR_R_CREATE_USER r;
1750 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1752 DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name));
1757 /* Initialise parse structures */
1759 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1760 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1762 /* Marshall data and send request */
1764 init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);
1766 if (!samr_io_q_create_user("", &q, &qbuf, 0) ||
1767 !rpc_api_pipe_req(cli, SAMR_CREATE_USER, &qbuf, &rbuf)) {
1771 /* Unmarshall response */
1773 if (!samr_io_r_create_user("", &r, &rbuf, 0)) {
1777 /* Return output parameters */
1779 if (!NT_STATUS_IS_OK(result = r.status)) {
1784 *user_pol = r.user_pol;
1790 prs_mem_free(&qbuf);
1791 prs_mem_free(&rbuf);
1798 NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1799 POLICY_HND *user_pol, uint16 switch_value,
1800 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1802 prs_struct qbuf, rbuf;
1803 SAMR_Q_SET_USERINFO q;
1804 SAMR_R_SET_USERINFO r;
1805 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1807 DEBUG(10,("cli_samr_set_userinfo\n"));
1812 if (!sess_key->length) {
1813 DEBUG(1, ("No user session key\n"));
1814 return NT_STATUS_NO_USER_SESSION_KEY;
1817 /* Initialise parse structures */
1819 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1820 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1822 /* Marshall data and send request */
1826 init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
1829 if (!samr_io_q_set_userinfo("", &q, &qbuf, 0) ||
1830 !rpc_api_pipe_req(cli, SAMR_SET_USERINFO, &qbuf, &rbuf)) {
1834 /* Unmarshall response */
1836 if (!samr_io_r_set_userinfo("", &r, &rbuf, 0)) {
1840 /* Return output parameters */
1842 if (!NT_STATUS_IS_OK(result = r.status)) {
1847 prs_mem_free(&qbuf);
1848 prs_mem_free(&rbuf);
1855 NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1856 POLICY_HND *user_pol, uint16 switch_value,
1857 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1859 prs_struct qbuf, rbuf;
1860 SAMR_Q_SET_USERINFO2 q;
1861 SAMR_R_SET_USERINFO2 r;
1862 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1864 DEBUG(10,("cli_samr_set_userinfo2\n"));
1866 if (!sess_key->length) {
1867 DEBUG(1, ("No user session key\n"));
1868 return NT_STATUS_NO_USER_SESSION_KEY;
1874 /* Initialise parse structures */
1876 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1877 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1879 /* Marshall data and send request */
1881 init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
1883 if (!samr_io_q_set_userinfo2("", &q, &qbuf, 0) ||
1884 !rpc_api_pipe_req(cli, SAMR_SET_USERINFO2, &qbuf, &rbuf)) {
1888 /* Unmarshall response */
1890 if (!samr_io_r_set_userinfo2("", &r, &rbuf, 0)) {
1894 /* Return output parameters */
1896 if (!NT_STATUS_IS_OK(result = r.status)) {
1901 prs_mem_free(&qbuf);
1902 prs_mem_free(&rbuf);
1907 /* Delete domain group */
1909 NTSTATUS cli_samr_delete_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1910 POLICY_HND *group_pol)
1912 prs_struct qbuf, rbuf;
1913 SAMR_Q_DELETE_DOM_GROUP q;
1914 SAMR_R_DELETE_DOM_GROUP r;
1915 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1917 DEBUG(10,("cli_samr_delete_dom_group\n"));
1922 /* Initialise parse structures */
1924 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1925 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1927 /* Marshall data and send request */
1929 init_samr_q_delete_dom_group(&q, group_pol);
1931 if (!samr_io_q_delete_dom_group("", &q, &qbuf, 0) ||
1932 !rpc_api_pipe_req(cli, SAMR_DELETE_DOM_GROUP, &qbuf, &rbuf)) {
1936 /* Unmarshall response */
1938 if (!samr_io_r_delete_dom_group("", &r, &rbuf, 0)) {
1942 /* Return output parameters */
1947 prs_mem_free(&qbuf);
1948 prs_mem_free(&rbuf);
1953 /* Delete domain alias */
1955 NTSTATUS cli_samr_delete_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx,
1956 POLICY_HND *alias_pol)
1958 prs_struct qbuf, rbuf;
1959 SAMR_Q_DELETE_DOM_ALIAS q;
1960 SAMR_R_DELETE_DOM_ALIAS r;
1961 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1963 DEBUG(10,("cli_samr_delete_dom_alias\n"));
1968 /* Initialise parse structures */
1970 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1971 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1973 /* Marshall data and send request */
1975 init_samr_q_delete_dom_alias(&q, alias_pol);
1977 if (!samr_io_q_delete_dom_alias("", &q, &qbuf, 0) ||
1978 !rpc_api_pipe_req(cli, SAMR_DELETE_DOM_ALIAS, &qbuf, &rbuf)) {
1982 /* Unmarshall response */
1984 if (!samr_io_r_delete_dom_alias("", &r, &rbuf, 0)) {
1988 /* Return output parameters */
1993 prs_mem_free(&qbuf);
1994 prs_mem_free(&rbuf);
1999 /* Delete domain user */
2001 NTSTATUS cli_samr_delete_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
2002 POLICY_HND *user_pol)
2004 prs_struct qbuf, rbuf;
2005 SAMR_Q_DELETE_DOM_USER q;
2006 SAMR_R_DELETE_DOM_USER r;
2007 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2009 DEBUG(10,("cli_samr_delete_dom_user\n"));
2014 /* Initialise parse structures */
2016 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
2017 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
2019 /* Marshall data and send request */
2021 init_samr_q_delete_dom_user(&q, user_pol);
2023 if (!samr_io_q_delete_dom_user("", &q, &qbuf, 0) ||
2024 !rpc_api_pipe_req(cli, SAMR_DELETE_DOM_USER, &qbuf, &rbuf)) {
2028 /* Unmarshall response */
2030 if (!samr_io_r_delete_dom_user("", &r, &rbuf, 0)) {
2034 /* Return output parameters */
2039 prs_mem_free(&qbuf);
2040 prs_mem_free(&rbuf);
2045 /* Query user security object */
2047 NTSTATUS cli_samr_query_sec_obj(struct cli_state *cli, TALLOC_CTX *mem_ctx,
2048 POLICY_HND *user_pol, uint16 switch_value,
2049 TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
2051 prs_struct qbuf, rbuf;
2052 SAMR_Q_QUERY_SEC_OBJ q;
2053 SAMR_R_QUERY_SEC_OBJ r;
2054 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2056 DEBUG(10,("cli_samr_query_sec_obj\n"));
2061 /* Initialise parse structures */
2063 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
2064 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
2066 /* Marshall data and send request */
2068 init_samr_q_query_sec_obj(&q, user_pol, switch_value);
2070 if (!samr_io_q_query_sec_obj("", &q, &qbuf, 0) ||
2071 !rpc_api_pipe_req(cli, SAMR_QUERY_SEC_OBJECT, &qbuf, &rbuf)) {
2075 /* Unmarshall response */
2077 if (!samr_io_r_query_sec_obj("", &r, &rbuf, 0)) {
2081 /* Return output parameters */
2084 *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
2087 prs_mem_free(&qbuf);
2088 prs_mem_free(&rbuf);
2093 /* Get domain password info */
2095 NTSTATUS cli_samr_get_dom_pwinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
2096 uint16 *unk_0, uint16 *unk_1)
2098 prs_struct qbuf, rbuf;
2099 SAMR_Q_GET_DOM_PWINFO q;
2100 SAMR_R_GET_DOM_PWINFO r;
2101 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2103 DEBUG(10,("cli_samr_get_dom_pwinfo\n"));
2108 /* Initialise parse structures */
2110 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
2111 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
2113 /* Marshall data and send request */
2115 init_samr_q_get_dom_pwinfo(&q, cli->desthost);
2117 if (!samr_io_q_get_dom_pwinfo("", &q, &qbuf, 0) ||
2118 !rpc_api_pipe_req(cli, SAMR_GET_DOM_PWINFO, &qbuf, &rbuf))
2121 /* Unmarshall response */
2123 if (!samr_io_r_get_dom_pwinfo("", &r, &rbuf, 0))
2126 /* Return output parameters */
2130 if (NT_STATUS_IS_OK(result)) {
2138 prs_mem_free(&qbuf);
2139 prs_mem_free(&rbuf);
2144 /* Lookup Domain Name */
2146 NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx,
2147 POLICY_HND *user_pol, char *domain_name,
2150 prs_struct qbuf, rbuf;
2151 SAMR_Q_LOOKUP_DOMAIN q;
2152 SAMR_R_LOOKUP_DOMAIN r;
2153 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2155 DEBUG(10,("cli_samr_lookup_domain\n"));
2160 /* Initialise parse structures */
2162 prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
2163 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
2165 /* Marshall data and send request */
2167 init_samr_q_lookup_domain(&q, user_pol, domain_name);
2169 if (!samr_io_q_lookup_domain("", &q, &qbuf, 0) ||
2170 !rpc_api_pipe_req(cli, SAMR_LOOKUP_DOMAIN, &qbuf, &rbuf))
2173 /* Unmarshall response */
2175 if (!samr_io_r_lookup_domain("", &r, &rbuf, 0))
2178 /* Return output parameters */
2182 if (NT_STATUS_IS_OK(result))
2183 sid_copy(sid, &r.dom_sid.sid);
2186 prs_mem_free(&qbuf);
2187 prs_mem_free(&rbuf);