source3/winbindd/winbindd_samr.c

   1 /*
   2  * Unix SMB/CIFS implementation.
   3  *
   4  * Winbind rpc backend functions
   5  *
   6  * Copyright (c) 2000-2003 Tim Potter
   7  * Copyright (c) 2001      Andrew Tridgell
   8  * Copyright (c) 2005      Volker Lendecke
   9  * Copyright (c) 2008      Guenther Deschner (pidl conversion)
  10  * Copyright (c) 2010      Andreas Schneider <asn@samba.org>
  11  *
  12  * This program is free software; you can redistribute it and/or modify
  13  * it under the terms of the GNU General Public License as published by
  14  * the Free Software Foundation; either version 3 of the License, or
  15  * (at your option) any later version.
  16  *
  17  * This program is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20  * GNU General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU General Public License
  23  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  24  */
  25
  26 #include "includes.h"
  27 #include "winbindd.h"
  28 #include "../librpc/gen_ndr/cli_samr.h"
  29 #include "rpc_client/cli_samr.h"
  30 #include "../librpc/gen_ndr/srv_samr.h"
  31 #include "../librpc/gen_ndr/cli_lsa.h"
  32 #include "rpc_client/cli_lsarpc.h"
  33 #include "../librpc/gen_ndr/srv_lsa.h"
  34
  35 #undef DBGC_CLASS
  36 #define DBGC_CLASS DBGC_WINBIND
  37
  38 static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
  39                                         struct rpc_pipe_client **samr_pipe)
  40 {
  41         static struct rpc_pipe_client *cli = NULL;
  42         struct auth_serversupplied_info *server_info = NULL;
  43         NTSTATUS status;
  44
  45         if (cli != NULL) {
  46                 goto done;
  47         }
  48
  49         if (server_info == NULL) {
  50                 status = make_server_info_system(mem_ctx, &server_info);
  51                 if (!NT_STATUS_IS_OK(status)) {
  52                         DEBUG(0, ("open_samr_pipe: Could not create auth_serversupplied_info: %s\n",
  53                                   nt_errstr(status)));
  54                         return status;
  55                 }
  56         }
  57
  58         /* create a samr connection */
  59         status = rpc_pipe_open_internal(talloc_autofree_context(),
  60                                         &ndr_table_samr.syntax_id,
  61                                         rpc_samr_dispatch,
  62                                         server_info,
  63                                         &cli);
  64         if (!NT_STATUS_IS_OK(status)) {
  65                 DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
  66                           nt_errstr(status)));
  67                 return status;
  68         }
  69
  70 done:
  71         if (samr_pipe) {
  72                 *samr_pipe = cli;
  73         }
  74
  75         return NT_STATUS_OK;
  76 }
  77
  78 static NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
  79                                         struct winbindd_domain *domain,
  80                                         struct rpc_pipe_client **samr_pipe,
  81                                         struct policy_handle *samr_domain_hnd)
  82 {
  83         NTSTATUS status;
  84         struct policy_handle samr_connect_hnd;
  85
  86         status = open_internal_samr_pipe(mem_ctx, samr_pipe);
  87         if (!NT_STATUS_IS_OK(status)) {
  88                 return status;
  89         }
  90
  91         status = rpccli_samr_Connect2((*samr_pipe),
  92                                       mem_ctx,
  93                                       (*samr_pipe)->desthost,
  94                                       SEC_FLAG_MAXIMUM_ALLOWED,
  95                                       &samr_connect_hnd);
  96         if (!NT_STATUS_IS_OK(status)) {
  97                 return status;
  98         }
  99
 100         status = rpccli_samr_OpenDomain((*samr_pipe),
 101                                         mem_ctx,
 102                                         &samr_connect_hnd,
 103                                         SEC_FLAG_MAXIMUM_ALLOWED,
 104                                         &domain->sid,
 105                                         samr_domain_hnd);
 106
 107         return status;
 108 }
 109
 110 static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
 111                                        struct rpc_pipe_client **lsa_pipe)
 112 {
 113         static struct rpc_pipe_client *cli = NULL;
 114         struct auth_serversupplied_info *server_info = NULL;
 115         NTSTATUS status;
 116
 117         if (cli != NULL) {
 118                 goto done;
 119         }
 120
 121         if (server_info == NULL) {
 122                 status = make_server_info_system(mem_ctx, &server_info);
 123                 if (!NT_STATUS_IS_OK(status)) {
 124                         DEBUG(0, ("open_samr_pipe: Could not create auth_serversupplied_info: %s\n",
 125                                   nt_errstr(status)));
 126                         return status;
 127                 }
 128         }
 129
 130         /* create a samr connection */
 131         status = rpc_pipe_open_internal(talloc_autofree_context(),
 132                                         &ndr_table_lsarpc.syntax_id,
 133                                         rpc_lsarpc_dispatch,
 134                                         server_info,
 135                                         &cli);
 136         if (!NT_STATUS_IS_OK(status)) {
 137                 DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
 138                           nt_errstr(status)));
 139                 return status;
 140         }
 141
 142 done:
 143         if (lsa_pipe) {
 144                 *lsa_pipe = cli;
 145         }
 146
 147         return NT_STATUS_OK;
 148 }
 149
 150 static NTSTATUS open_internal_lsa_conn(TALLOC_CTX *mem_ctx,
 151                                        struct rpc_pipe_client **lsa_pipe,
 152                                        struct policy_handle *lsa_hnd)
 153 {
 154         NTSTATUS status;
 155
 156         status = open_internal_lsa_pipe(mem_ctx, lsa_pipe);
 157         if (!NT_STATUS_IS_OK(status)) {
 158                 return status;
 159         }
 160
 161         status = rpccli_lsa_open_policy((*lsa_pipe),
 162                                         mem_ctx,
 163                                         true,
 164                                         SEC_FLAG_MAXIMUM_ALLOWED,
 165                                         lsa_hnd);
 166
 167         return status;
 168 }
 169
 170 /*********************************************************************
 171  SAM specific functions.
 172 *********************************************************************/
 173
 174 /* List all domain groups */
 175 static NTSTATUS sam_enum_dom_groups(struct winbindd_domain *domain,
 176                                     TALLOC_CTX *mem_ctx,
 177                                     uint32_t *pnum_info,
 178                                     struct acct_info **pinfo)
 179 {
 180         struct rpc_pipe_client *samr_pipe;
 181         struct policy_handle dom_pol;
 182         struct acct_info *info = NULL;
 183         TALLOC_CTX *tmp_ctx;
 184         uint32_t start = 0;
 185         uint32_t num_info = 0;
 186         NTSTATUS status;
 187
 188         DEBUG(3,("samr: query_user_list\n"));
 189
 190         if (pnum_info) {
 191                 *pnum_info = 0;
 192         }
 193
 194         tmp_ctx = talloc_stackframe();
 195         if (tmp_ctx == NULL) {
 196                 return NT_STATUS_NO_MEMORY;
 197         }
 198
 199         status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
 200         if (!NT_STATUS_IS_OK(status)) {
 201                 goto error;
 202         }
 203
 204         do {
 205                 struct samr_SamArray *sam_array = NULL;
 206                 uint32_t count = 0;
 207                 uint32_t g;
 208
 209                 /* start is updated by this call. */
 210                 status = rpccli_samr_EnumDomainGroups(samr_pipe,
 211                                                       tmp_ctx,
 212                                                       &dom_pol,
 213                                                       &start,
 214                                                       &sam_array,
 215                                                       0xFFFF, /* buffer size? */
 216                                                       &count);
 217                 if (!NT_STATUS_IS_OK(status)) {
 218                         if (!NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
 219                                 DEBUG(2,("query_user_list: failed to enum domain groups: %s\n",
 220                                          nt_errstr(status)));
 221                                 goto error;
 222                         }
 223                 }
 224
 225                 info = TALLOC_REALLOC_ARRAY(tmp_ctx,
 226                                             info,
 227                                             struct acct_info,
 228                                             num_info + count);
 229                 if (info == NULL) {
 230                         status = NT_STATUS_NO_MEMORY;
 231                         goto error;
 232                 }
 233
 234                 for (g = 0; g < count; g++) {
 235                         fstrcpy(info[num_info + g].acct_name,
 236                                 sam_array->entries[g].name.string);
 237
 238                         info[num_info + g].rid = sam_array->entries[g].idx;
 239                 }
 240
 241                 num_info += count;
 242         } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
 243
 244         if (pnum_info) {
 245                 *pnum_info = num_info;
 246         }
 247
 248         if (pinfo) {
 249                 *pinfo = talloc_move(mem_ctx, &info);
 250         }
 251
 252 error:
 253         TALLOC_FREE(tmp_ctx);
 254         return status;
 255 }
 256
 257 /* Query display info for a domain */
 258 static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
 259                                     TALLOC_CTX *mem_ctx,
 260                                     uint32_t *pnum_info,
 261                                     struct wbint_userinfo **pinfo)
 262 {
 263         struct rpc_pipe_client *samr_pipe = NULL;
 264         struct wbint_userinfo *info = NULL;
 265         struct policy_handle dom_pol;
 266         uint32_t num_info = 0;
 267         uint32_t loop_count = 0;
 268         uint32_t start_idx = 0;
 269         uint32_t i = 0;
 270         TALLOC_CTX *tmp_ctx;
 271         NTSTATUS status;
 272
 273         DEBUG(3,("samr: query_user_list\n"));
 274
 275         if (pnum_info) {
 276                 *pnum_info = 0;
 277         }
 278
 279         tmp_ctx = talloc_stackframe();
 280         if (tmp_ctx == NULL) {
 281                 return NT_STATUS_NO_MEMORY;
 282         }
 283
 284         status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
 285         if (!NT_STATUS_IS_OK(status)) {
 286                 goto error;
 287         }
 288
 289         do {
 290                 uint32_t j;
 291                 uint32_t num_dom_users;
 292                 uint32_t max_entries, max_size;
 293                 uint32_t total_size, returned_size;
 294                 union samr_DispInfo disp_info;
 295
 296                 get_query_dispinfo_params(loop_count,
 297                                           &max_entries,
 298                                           &max_size);
 299
 300                 status = rpccli_samr_QueryDisplayInfo(samr_pipe,
 301                                                       tmp_ctx,
 302                                                       &dom_pol,
 303                                                       1, /* level */
 304                                                       start_idx,
 305                                                       max_entries,
 306                                                       max_size,
 307                                                       &total_size,
 308                                                       &returned_size,
 309                                                       &disp_info);
 310                 if (!NT_STATUS_IS_OK(status)) {
 311                         if (!NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
 312                                 goto error;
 313                         }
 314                 }
 315
 316                 /* increment required start query values */
 317                 start_idx += disp_info.info1.count;
 318                 loop_count++;
 319                 num_dom_users = disp_info.info1.count;
 320
 321                 num_info += num_dom_users;
 322
 323                 info = TALLOC_REALLOC_ARRAY(tmp_ctx,
 324                                             info,
 325                                             struct wbint_userinfo,
 326                                             num_info);
 327                 if (info == NULL) {
 328                         status = NT_STATUS_NO_MEMORY;
 329                         goto error;
 330                 }
 331
 332                 for (j = 0; j < num_dom_users; i++, j++) {
 333                         uint32_t rid = disp_info.info1.entries[j].rid;
 334                         struct samr_DispEntryGeneral *src;
 335                         struct wbint_userinfo *dst;
 336
 337                         src = &(disp_info.info1.entries[j]);
 338                         dst = &(info[i]);
 339
 340                         dst->acct_name = talloc_strdup(info,
 341                                                        src->account_name.string);
 342                         if (dst->acct_name == NULL) {
 343                                 status = NT_STATUS_NO_MEMORY;
 344                                 goto error;
 345                         }
 346
 347                         dst->full_name = talloc_strdup(info, src->full_name.string);
 348                         if (dst->full_name == NULL) {
 349                                 status = NT_STATUS_NO_MEMORY;
 350                                 goto error;
 351                         }
 352
 353                         dst->homedir = NULL;
 354                         dst->shell = NULL;
 355
 356                         sid_compose(&dst->user_sid, &domain->sid, rid);
 357
 358                         /* For the moment we set the primary group for
 359                            every user to be the Domain Users group.
 360                            There are serious problems with determining
 361                            the actual primary group for large domains.
 362                            This should really be made into a 'winbind
 363                            force group' smb.conf parameter or
 364                            something like that. */
 365                         sid_compose(&dst->group_sid, &domain->sid,
 366                                     DOMAIN_RID_USERS);
 367                 }
 368         } while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
 369
 370         if (pnum_info) {
 371                 *pnum_info = num_info;
 372         }
 373
 374         if (pinfo) {
 375                 *pinfo = talloc_move(mem_ctx, &info);
 376         }
 377
 378 error:
 379         TALLOC_FREE(tmp_ctx);
 380         return status;
 381 }
 382
 383 /* Lookup user information from a rid or username. */
 384 static NTSTATUS sam_query_user(struct winbindd_domain *domain,
 385                                TALLOC_CTX *mem_ctx,
 386                                const struct dom_sid *user_sid,
 387                                struct wbint_userinfo *user_info)
 388 {
 389         struct rpc_pipe_client *samr_pipe;
 390         struct policy_handle dom_pol, user_pol;
 391         union samr_UserInfo *info = NULL;
 392         TALLOC_CTX *tmp_ctx;
 393         uint32_t user_rid;
 394         NTSTATUS status;
 395
 396         DEBUG(3,("samr: query_user\n"));
 397
 398         if (!sid_peek_check_rid(&domain->sid, user_sid, &user_rid)) {
 399                 return NT_STATUS_UNSUCCESSFUL;
 400         }
 401
 402         if (user_info) {
 403                 user_info->homedir = NULL;
 404                 user_info->shell = NULL;
 405                 user_info->primary_gid = (gid_t) -1;
 406         }
 407
 408         tmp_ctx = talloc_stackframe();
 409         if (tmp_ctx == NULL) {
 410                 return NT_STATUS_NO_MEMORY;
 411         }
 412
 413         status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
 414         if (!NT_STATUS_IS_OK(status)) {
 415                 goto error;
 416         }
 417
 418         /* Get user handle */
 419         status = rpccli_samr_OpenUser(samr_pipe,
 420                                       tmp_ctx,
 421                                       &dom_pol,
 422                                       SEC_FLAG_MAXIMUM_ALLOWED,
 423                                       user_rid,
 424                                       &user_pol);
 425         if (!NT_STATUS_IS_OK(status)) {
 426                 goto error;
 427         }
 428
 429         /* Get user info */
 430         status = rpccli_samr_QueryUserInfo(samr_pipe,
 431                                            tmp_ctx,
 432                                            &user_pol,
 433                                            0x15,
 434                                            &info);
 435
 436         rpccli_samr_Close(samr_pipe, tmp_ctx, &user_pol);
 437
 438         if (!NT_STATUS_IS_OK(status)) {
 439                 goto error;
 440         }
 441
 442         sid_compose(&user_info->user_sid, &domain->sid, user_rid);
 443         sid_compose(&user_info->group_sid, &domain->sid,
 444                     info->info21.primary_gid);
 445
 446         if (user_info) {
 447                 user_info->acct_name = talloc_strdup(mem_ctx,
 448                                                      info->info21.account_name.string);
 449                 if (user_info->acct_name == NULL) {
 450                         status = NT_STATUS_NO_MEMORY;
 451                         goto error;
 452                 }
 453
 454                 user_info->full_name = talloc_strdup(mem_ctx,
 455                                                      info->info21.full_name.string);
 456                 if (user_info->acct_name == NULL) {
 457                         status = NT_STATUS_NO_MEMORY;
 458                         goto error;
 459                 }
 460
 461                 user_info->homedir = NULL;
 462                 user_info->shell = NULL;
 463                 user_info->primary_gid = (gid_t)-1;
 464         }
 465
 466         status = NT_STATUS_OK;
 467 error:
 468         TALLOC_FREE(tmp_ctx);
 469         return status;
 470 }
 471
 472 /* get a list of trusted domains - builtin domain */
 473 static NTSTATUS sam_trusted_domains(struct winbindd_domain *domain,
 474                                     TALLOC_CTX *mem_ctx,
 475                                     struct netr_DomainTrustList *trusts)
 476 {
 477         /* TODO FIXME */
 478         return NT_STATUS_NOT_IMPLEMENTED;
 479 }
 480
 481 /* Lookup group membership given a rid.   */
 482 static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
 483                                     TALLOC_CTX *mem_ctx,
 484                                     const struct dom_sid *group_sid,
 485                                     enum lsa_SidType type,
 486                                     uint32_t *num_names,
 487                                     struct dom_sid **sid_mem,
 488                                     char ***names,
 489                                     uint32_t **name_types)
 490 {
 491         /* TODO FIXME */
 492         return NT_STATUS_NOT_IMPLEMENTED;
 493 }
 494
 495 /*********************************************************************
 496  BUILTIN specific functions.
 497 *********************************************************************/
 498
 499 /* List all domain groups */
 500 static NTSTATUS builtin_enum_dom_groups(struct winbindd_domain *domain,
 501                                 TALLOC_CTX *mem_ctx,
 502                                 uint32 *num_entries,
 503                                 struct acct_info **info)
 504 {
 505         /* BUILTIN doesn't have domain groups */
 506         *num_entries = 0;
 507         *info = NULL;
 508         return NT_STATUS_OK;
 509 }
 510
 511 /* Query display info for a domain */
 512 static NTSTATUS builtin_query_user_list(struct winbindd_domain *domain,
 513                                 TALLOC_CTX *mem_ctx,
 514                                 uint32 *num_entries,
 515                                 struct wbint_userinfo **info)
 516 {
 517         /* We don't have users */
 518         *num_entries = 0;
 519         *info = NULL;
 520         return NT_STATUS_OK;
 521 }
 522
 523 /* Lookup user information from a rid or username. */
 524 static NTSTATUS builtin_query_user(struct winbindd_domain *domain,
 525                                 TALLOC_CTX *mem_ctx,
 526                                 const struct dom_sid *user_sid,
 527                                 struct wbint_userinfo *user_info)
 528 {
 529         return NT_STATUS_NO_SUCH_USER;
 530 }
 531
 532 /* get a list of trusted domains - builtin domain */
 533 static NTSTATUS builtin_trusted_domains(struct winbindd_domain *domain,
 534                                         TALLOC_CTX *mem_ctx,
 535                                         struct netr_DomainTrustList *trusts)
 536 {
 537         ZERO_STRUCTP(trusts);
 538         return NT_STATUS_OK;
 539 }
 540
 541 /*********************************************************************
 542  COMMON functions.
 543 *********************************************************************/
 544
 545 /* List all local groups (aliases) */
 546 static NTSTATUS common_enum_local_groups(struct winbindd_domain *domain,
 547                                          TALLOC_CTX *mem_ctx,
 548                                          uint32_t *num_entries,
 549                                          struct acct_info **info)
 550 {
 551         /* TODO FIXME */
 552         return NT_STATUS_NOT_IMPLEMENTED;
 553 }
 554
 555 /* convert a single name to a sid in a domain */
 556 static NTSTATUS common_name_to_sid(struct winbindd_domain *domain,
 557                                    TALLOC_CTX *mem_ctx,
 558                                    const char *domain_name,
 559                                    const char *name,
 560                                    uint32_t flags,
 561                                    struct dom_sid *sid,
 562                                    enum lsa_SidType *type)
 563 {
 564         /* TODO FIXME */
 565         return NT_STATUS_NOT_IMPLEMENTED;
 566 }
 567
 568 /* convert a domain SID to a user or group name */
 569 static NTSTATUS common_sid_to_name(struct winbindd_domain *domain,
 570                                    TALLOC_CTX *mem_ctx,
 571                                    const struct dom_sid *sid,
 572                                    char **domain_name,
 573                                    char **name,
 574                                    enum lsa_SidType *type)
 575 {
 576         /* TODO FIXME */
 577         return NT_STATUS_NOT_IMPLEMENTED;
 578 }
 579
 580 static NTSTATUS common_rids_to_names(struct winbindd_domain *domain,
 581                                      TALLOC_CTX *mem_ctx,
 582                                      const struct dom_sid *sid,
 583                                      uint32 *rids,
 584                                      size_t num_rids,
 585                                      char **domain_name,
 586                                      char ***names,
 587                                      enum lsa_SidType **types)
 588 {
 589         /* TODO FIXME */
 590         return NT_STATUS_NOT_IMPLEMENTED;
 591 }
 592
 593 static NTSTATUS common_lockout_policy(struct winbindd_domain *domain,
 594                                       TALLOC_CTX *mem_ctx,
 595                                       struct samr_DomInfo12 *policy)
 596 {
 597         /* TODO FIXME */
 598         return NT_STATUS_NOT_IMPLEMENTED;
 599 }
 600
 601 static NTSTATUS common_password_policy(struct winbindd_domain *domain,
 602                                        TALLOC_CTX *mem_ctx,
 603                                        struct samr_DomInfo1 *policy)
 604 {
 605         /* TODO FIXME */
 606         return NT_STATUS_NOT_IMPLEMENTED;
 607 }
 608
 609 /* Lookup groups a user is a member of.  I wish Unix had a call like this! */
 610 static NTSTATUS common_lookup_usergroups(struct winbindd_domain *domain,
 611                                          TALLOC_CTX *mem_ctx,
 612                                          const struct dom_sid *user_sid,
 613                                          uint32_t *num_groups,
 614                                          struct dom_sid **user_gids)
 615 {
 616         /* TODO FIXME */
 617         return NT_STATUS_NOT_IMPLEMENTED;
 618 }
 619
 620 static NTSTATUS common_lookup_useraliases(struct winbindd_domain *domain,
 621                                           TALLOC_CTX *mem_ctx,
 622                                           uint32_t num_sids,
 623                                           const struct dom_sid *sids,
 624                                           uint32_t *p_num_aliases,
 625                                           uint32_t **rids)
 626 {
 627         /* TODO FIXME */
 628         return NT_STATUS_NOT_IMPLEMENTED;
 629 }
 630
 631 /* find the sequence number for a domain */
 632 static NTSTATUS common_sequence_number(struct winbindd_domain *domain,
 633                                        uint32_t *seq)
 634 {
 635         /* TODO FIXME */
 636         return NT_STATUS_NOT_IMPLEMENTED;
 637 }
 638
 639 #if 0
 640 /* the rpc backend methods are exposed via this structure */
 641 struct winbindd_methods builtin_passdb_methods = {
 642         .consistent            = false,
 643
 644         .query_user_list       = builtin_query_user_list,
 645         .enum_dom_groups       = builtin_enum_dom_groups,
 646         .enum_local_groups     = common_enum_local_groups,
 647         .name_to_sid           = common_name_to_sid,
 648         .sid_to_name           = common_sid_to_name,
 649         .rids_to_names         = common_rids_to_names,
 650         .query_user            = builtin_query_user,
 651         .lookup_usergroups     = common_lookup_usergroups,
 652         .lookup_useraliases    = common_lookup_useraliases,
 653         .lookup_groupmem       = sam_lookup_groupmem,
 654         .sequence_number       = common_sequence_number,
 655         .lockout_policy        = common_lockout_policy,
 656         .password_policy       = common_password_policy,
 657         .trusted_domains       = builtin_trusted_domains
 658 };
 659
 660 /* the rpc backend methods are exposed via this structure */
 661 struct winbindd_methods sam_passdb_methods = {
 662         .consistent            = false,
 663
 664         .query_user_list       = sam_query_user_list,
 665         .enum_dom_groups       = sam_enum_dom_groups,
 666         .enum_local_groups     = common_enum_local_groups,
 667         .name_to_sid           = common_name_to_sid,
 668         .sid_to_name           = common_sid_to_name,
 669         .rids_to_names         = common_rids_to_names,
 670         .query_user            = sam_query_user,
 671         .lookup_usergroups     = common_lookup_usergroups,
 672         .lookup_useraliases    = common_lookup_useraliases,
 673         .lookup_groupmem       = sam_lookup_groupmem,
 674         .sequence_number       = common_sequence_number,
 675         .lockout_policy        = common_lockout_policy,
 676         .password_policy       = common_password_policy,
 677         .trusted_domains       = sam_trusted_domains
 678 };
 679 #endif