fix for enumerate domain users (bug spotted by sean matthews).
[samba.git] / source3 / rpc_client / cli_samr.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 1.9.
4    NT Domain Authentication SMB / MSRPC client
5    Copyright (C) Andrew Tridgell 1994-1997
6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7    
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23
24
25 #ifdef SYSLOG
26 #undef SYSLOG
27 #endif
28
29 #include "includes.h"
30 #include "nterr.h"
31
32 extern int DEBUGLEVEL;
33
34
35
36 /****************************************************************************
37 do a SAMR create domain alias
38 ****************************************************************************/
39 BOOL create_samr_domain_alias(struct cli_state *cli, uint16 fnum, 
40                                 POLICY_HND *pol_open_domain,
41                                 const char *acct_name, const char *acct_desc,
42                                 uint32 *rid)
43 {
44         POLICY_HND pol_open_alias;
45         ALIAS_INFO_CTR ctr;
46         BOOL ret = True;
47
48         if (pol_open_domain == NULL || acct_name == NULL || acct_desc == NULL) return False;
49
50         /* send create alias */
51         if (!samr_create_dom_alias(cli, fnum,
52                                 pol_open_domain,
53                                 acct_name,
54                                 &pol_open_alias, rid))
55         {
56                 return False;
57         }
58
59         DEBUG(5,("create_samr_domain_alias: name: %s rid 0x%x\n",
60                   acct_name, *rid));
61
62         ctr.switch_value1 = 3;
63         make_samr_alias_info3(&ctr.alias.info3, acct_desc);
64
65         /* send set alias info */
66         if (!samr_set_aliasinfo(cli, fnum,
67                                 &pol_open_alias,
68                                 &ctr))
69         {
70                 DEBUG(5,("create_samr_domain_alias: error in samr_set_aliasinfo\n"));
71                 ret = False;
72         }
73
74         return samr_close(cli, fnum,&pol_open_alias) && ret;
75 }
76
77 /****************************************************************************
78 do a SAMR create domain group
79 ****************************************************************************/
80 BOOL create_samr_domain_group(struct cli_state *cli, uint16 fnum, 
81                                 POLICY_HND *pol_open_domain,
82                                 const char *acct_name, const char *acct_desc,
83                                 uint32 *rid)
84 {
85         POLICY_HND pol_open_group;
86         GROUP_INFO_CTR ctr;
87         BOOL ret = True;
88
89         if (pol_open_domain == NULL || acct_name == NULL || acct_desc == NULL) return False;
90
91         /* send create group*/
92         if (!samr_create_dom_group(cli, fnum,
93                                 pol_open_domain,
94                                 acct_name,
95                                 &pol_open_group, rid))
96         {
97                 return False;
98         }
99
100         DEBUG(5,("create_samr_domain_group: name: %s rid 0x%x\n",
101                   acct_name, *rid));
102
103         ctr.switch_value1 = 4;
104         ctr.switch_value2 = 4;
105         make_samr_group_info4(&ctr.group.info4, acct_desc);
106
107         /* send user groups query */
108         if (!samr_set_groupinfo(cli, fnum,
109                                 &pol_open_group,
110                                 &ctr))
111         {
112                 DEBUG(5,("create_samr_domain_group: error in samr_set_groupinfo\n"));
113                 ret = False;
114         }
115
116         return samr_close(cli, fnum,&pol_open_group) && ret;
117 }
118
119 /****************************************************************************
120 do a SAMR query user groups
121 ****************************************************************************/
122 BOOL get_samr_query_usergroups(struct cli_state *cli, uint16 fnum, 
123                                 POLICY_HND *pol_open_domain, uint32 user_rid,
124                                 uint32 *num_groups, DOM_GID *gid)
125 {
126         POLICY_HND pol_open_user;
127         BOOL ret = True;
128
129         if (pol_open_domain == NULL || num_groups == NULL || gid == NULL) return False;
130
131         /* send open domain (on user sid) */
132         if (!samr_open_user(cli, fnum,
133                                 pol_open_domain,
134                                 0x02011b, user_rid,
135                                 &pol_open_user))
136         {
137                 return False;
138         }
139
140         /* send user groups query */
141         if (!samr_query_usergroups(cli, fnum,
142                                 &pol_open_user,
143                                 num_groups, gid))
144         {
145                 DEBUG(5,("samr_query_usergroups: error in query user groups\n"));
146                 ret = False;
147         }
148
149         return samr_close(cli, fnum,&pol_open_user) && ret;
150 }
151
152 /****************************************************************************
153 do a SAMR delete group 
154 ****************************************************************************/
155 BOOL delete_samr_dom_group(struct cli_state *cli, uint16 fnum, 
156                                 POLICY_HND *pol_open_domain,
157                                 uint32 group_rid)
158 {
159         POLICY_HND pol_open_group;
160
161         if (pol_open_domain == NULL) return False;
162
163         /* send open domain (on group rid) */
164         if (!samr_open_group(cli, fnum,pol_open_domain,
165                                 0x00000010, group_rid,
166                                 &pol_open_group))
167         {
168                 return False;
169         }
170
171         /* send group delete */
172         if (!samr_delete_dom_group(cli, fnum,&pol_open_group))
173                                 
174         {
175                 DEBUG(5,("delete_samr_dom_group: error in delete domain group\n"));
176                 samr_close(cli, fnum,&pol_open_group);
177                 return False;
178         }
179
180         return True;
181 }
182
183
184 /****************************************************************************
185 do a SAMR query group members 
186 ****************************************************************************/
187 BOOL get_samr_query_groupmem(struct cli_state *cli, uint16 fnum, 
188                                 POLICY_HND *pol_open_domain,
189                                 uint32 group_rid, uint32 *num_mem,
190                                 uint32 *rid, uint32 *attr)
191 {
192         POLICY_HND pol_open_group;
193         BOOL ret = True;
194
195         if (pol_open_domain == NULL || num_mem == NULL || rid == NULL || attr == NULL) return False;
196
197         /* send open domain (on group sid) */
198         if (!samr_open_group(cli, fnum,pol_open_domain,
199                                 0x00000010, group_rid,
200                                 &pol_open_group))
201         {
202                 return False;
203         }
204
205         /* send group info query */
206         if (!samr_query_groupmem(cli, fnum,&pol_open_group, num_mem, rid, attr))
207                                 
208         {
209                 DEBUG(5,("samr_query_group: error in query group members\n"));
210                 ret = False;
211         }
212
213         return samr_close(cli, fnum,&pol_open_group) && ret;
214 }
215
216 /****************************************************************************
217 do a SAMR delete alias 
218 ****************************************************************************/
219 BOOL delete_samr_dom_alias(struct cli_state *cli, uint16 fnum, 
220                                 POLICY_HND *pol_open_domain,
221                                 uint32 alias_rid)
222 {
223         POLICY_HND pol_open_alias;
224
225         if (pol_open_domain == NULL) return False;
226
227         /* send open domain (on alias rid) */
228         if (!samr_open_alias(cli, fnum,pol_open_domain,
229                                 0x000f001f, alias_rid, &pol_open_alias))
230         {
231                 return False;
232         }
233
234         /* send alias delete */
235         if (!samr_delete_dom_alias(cli, fnum,&pol_open_alias))
236                                 
237         {
238                 DEBUG(5,("delete_samr_dom_alias: error in delete domain alias\n"));
239                 samr_close(cli, fnum,&pol_open_alias);
240                 return False;
241         }
242
243         return True;
244 }
245
246
247 /****************************************************************************
248 do a SAMR query alias members 
249 ****************************************************************************/
250 BOOL get_samr_query_aliasmem(struct cli_state *cli, uint16 fnum, 
251                                 POLICY_HND *pol_open_domain,
252                                 uint32 alias_rid, uint32 *num_mem, DOM_SID2 *sid)
253 {
254         POLICY_HND pol_open_alias;
255         BOOL ret = True;
256
257         if (pol_open_domain == NULL || num_mem == NULL || sid == NULL) return False;
258
259         /* send open domain (on alias sid) */
260         if (!samr_open_alias(cli, fnum, pol_open_domain,
261                                 0x000f001f, alias_rid,
262                                 &pol_open_alias))
263         {
264                 return False;
265         }
266
267         /* send alias info query */
268         if (!samr_query_aliasmem(cli, fnum, &pol_open_alias, num_mem, sid))
269                                 
270         {
271                 DEBUG(5,("samr_query_alias: error in query alias members\n"));
272                 ret = False;
273         }
274
275         return samr_close(cli, fnum,&pol_open_alias) && ret;
276 }
277
278 /****************************************************************************
279 do a SAMR query user info
280 ****************************************************************************/
281 BOOL get_samr_query_userinfo(struct cli_state *cli, uint16 fnum, 
282                                 POLICY_HND *pol_open_domain,
283                                 uint32 info_level,
284                                 uint32 user_rid, SAM_USER_INFO_21 *usr)
285 {
286         POLICY_HND pol_open_user;
287         BOOL ret = True;
288
289         if (pol_open_domain == NULL || usr == NULL) return False;
290
291         bzero(usr, sizeof(*usr));
292
293         /* send open domain (on user sid) */
294         if (!samr_open_user(cli, fnum,
295                                 pol_open_domain,
296                                 0x02011b, user_rid,
297                                 &pol_open_user))
298         {
299                 return False;
300         }
301
302         /* send user info query */
303         if (!samr_query_userinfo(cli, fnum,
304                                 &pol_open_user,
305                                 info_level, (void*)usr))
306         {
307                 DEBUG(5,("samr_query_userinfo: error in query user info, level 0x%x\n",
308                           info_level));
309                 ret = False;
310         }
311
312         return samr_close(cli, fnum,&pol_open_user) && ret;
313 }
314
315 /****************************************************************************
316 do a SAMR query group info
317 ****************************************************************************/
318 BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum, 
319                                 POLICY_HND *pol_open_domain,
320                                 uint32 info_level,
321                                 uint32 group_rid, GROUP_INFO_CTR *ctr)
322 {
323         POLICY_HND pol_open_group;
324         BOOL ret = True;
325
326         if (pol_open_domain == NULL || ctr == NULL) return False;
327
328         bzero(ctr, sizeof(*ctr));
329
330         /* send open domain (on group sid) */
331         if (!samr_open_group(cli, fnum,
332                                 pol_open_domain,
333                                 0x00000010, group_rid, &pol_open_group))
334         {
335                 return False;
336         }
337
338         /* send group info query */
339         if (!samr_query_groupinfo(cli, fnum,
340                                 &pol_open_group,
341                                 info_level, ctr))
342         {
343                 DEBUG(5,("samr_query_groupinfo: error in query group info, level 0x%x\n",
344                           info_level));
345                 ret = False;
346         }
347
348         return samr_close(cli, fnum,&pol_open_group) && ret;
349 }
350
351 /****************************************************************************
352 do a SAMR change user password command
353 ****************************************************************************/
354 BOOL samr_chgpasswd_user(struct cli_state *cli, uint16 fnum,
355                 char *srv_name, char *user_name,
356                 char nt_newpass[516], uchar nt_oldhash[16],
357                 char lm_newpass[516], uchar lm_oldhash[16])
358 {
359         prs_struct data;
360         prs_struct rdata;
361
362         SAMR_Q_CHGPASSWD_USER q_e;
363         BOOL valid_pwc = False;
364
365         /* create and send a MSRPC command with api SAMR_CHGPASSWD_USER */
366
367         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
368         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
369
370         DEBUG(4,("SAMR Change User Password. server:%s username:%s\n",
371                 srv_name, user_name));
372
373         make_samr_q_chgpasswd_user(&q_e, srv_name, user_name,
374                                    nt_newpass, nt_oldhash,
375                                    lm_newpass, lm_oldhash);
376
377         /* turn parameters into data stream */
378         samr_io_q_chgpasswd_user("", &q_e, &data, 0);
379
380         /* send the data on \PIPE\ */
381         if (rpc_api_pipe_req(cli, fnum, SAMR_CHGPASSWD_USER, &data, &rdata))
382         {
383                 SAMR_R_CHGPASSWD_USER r_e;
384                 BOOL p;
385
386                 samr_io_r_chgpasswd_user("", &r_e, &rdata, 0);
387
388                 p = rdata.offset != 0;
389                 if (p && r_e.status != 0)
390                 {
391                         /* report error code */
392                         DEBUG(0,("SAMR_R_CHGPASSWD_USER: %s\n", get_nt_error_msg(r_e.status)));
393                         p = False;
394                 }
395
396                 if (p)
397                 {
398                         valid_pwc = True;
399                 }
400         }
401
402         prs_mem_free(&data   );
403         prs_mem_free(&rdata  );
404
405         return valid_pwc;
406 }
407
408 /****************************************************************************
409 do a SAMR unknown 0x38 command
410 ****************************************************************************/
411 BOOL samr_unknown_38(struct cli_state *cli, uint16 fnum, char *srv_name)
412 {
413         prs_struct data;
414         prs_struct rdata;
415
416         SAMR_Q_UNKNOWN_38 q_e;
417         BOOL valid_un8 = False;
418
419         /* create and send a MSRPC command with api SAMR_ENUM_DOM_USERS */
420
421         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
422         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
423
424         DEBUG(4,("SAMR Unknown 38 server:%s\n", srv_name));
425
426         make_samr_q_unknown_38(&q_e, srv_name);
427
428         /* turn parameters into data stream */
429         samr_io_q_unknown_38("", &q_e, &data, 0);
430
431         /* send the data on \PIPE\ */
432         if (rpc_api_pipe_req(cli, fnum, SAMR_UNKNOWN_38, &data, &rdata))
433         {
434                 SAMR_R_UNKNOWN_38 r_e;
435                 BOOL p;
436
437                 samr_io_r_unknown_38("", &r_e, &rdata, 0);
438
439                 p = rdata.offset != 0;
440 #if 0
441                 if (p && r_e.status != 0)
442                 {
443                         /* report error code */
444                         DEBUG(0,("SAMR_R_UNKNOWN_38: %s\n", get_nt_error_msg(r_e.status)));
445                         p = False;
446                 }
447 #endif
448                 if (p)
449                 {
450                         valid_un8 = True;
451                 }
452         }
453
454         prs_mem_free(&data   );
455         prs_mem_free(&rdata  );
456
457         return valid_un8;
458 }
459
460 /****************************************************************************
461 do a SAMR unknown 0x8 command
462 ****************************************************************************/
463 BOOL samr_query_dom_info(struct cli_state *cli, uint16 fnum, 
464                                 POLICY_HND *domain_pol, uint16 switch_value)
465 {
466         prs_struct data;
467         prs_struct rdata;
468
469         SAMR_Q_QUERY_DOMAIN_INFO q_e;
470         BOOL valid_un8 = False;
471
472         DEBUG(4,("SAMR Unknown 8 switch:%d\n", switch_value));
473
474         if (domain_pol == NULL) return False;
475
476         /* create and send a MSRPC command with api SAMR_ENUM_DOM_USERS */
477
478         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
479         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
480
481         /* store the parameters */
482         make_samr_q_query_dom_info(&q_e, domain_pol, switch_value);
483
484         /* turn parameters into data stream */
485         samr_io_q_query_dom_info("", &q_e, &data, 0);
486
487         /* send the data on \PIPE\ */
488         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_DOMAIN_INFO, &data, &rdata))
489         {
490                 SAMR_R_QUERY_DOMAIN_INFO r_e;
491                 BOOL p;
492
493                 samr_io_r_query_dom_info("", &r_e, &rdata, 0);
494
495                 p = rdata.offset != 0;
496                 if (p && r_e.status != 0)
497                 {
498                         /* report error code */
499                         DEBUG(0,("SAMR_R_QUERY_DOMAIN_INFO: %s\n", get_nt_error_msg(r_e.status)));
500                         p = False;
501                 }
502
503                 if (p)
504                 {
505                         valid_un8 = True;
506                 }
507         }
508
509         prs_mem_free(&data   );
510         prs_mem_free(&rdata  );
511
512         return valid_un8;
513 }
514
515 /****************************************************************************
516 do a SAMR enumerate groups
517 ****************************************************************************/
518 BOOL samr_enum_dom_groups(struct cli_state *cli, uint16 fnum, 
519                                 POLICY_HND *pol, uint32 size,
520                                 struct acct_info **sam,
521                                 int *num_sam_groups)
522 {
523         prs_struct data;
524         prs_struct rdata;
525
526         SAMR_Q_ENUM_DOM_GROUPS q_e;
527         BOOL valid_pol = False;
528
529         DEBUG(4,("SAMR Enum SAM DB max size:%x\n", size));
530
531         if (pol == NULL || num_sam_groups == NULL) return False;
532
533         /* create and send a MSRPC command with api SAMR_ENUM_DOM_GROUPS */
534
535         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
536         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
537
538         /* store the parameters */
539         make_samr_q_enum_dom_groups(&q_e, pol, 3, 0, size);
540
541         /* turn parameters into data stream */
542         samr_io_q_enum_dom_groups("", &q_e, &data, 0);
543
544         /* send the data on \PIPE\ */
545         if (rpc_api_pipe_req(cli, fnum, SAMR_ENUM_DOM_GROUPS, &data, &rdata))
546         {
547                 SAMR_R_ENUM_DOM_GROUPS r_e;
548                 BOOL p;
549
550                 samr_io_r_enum_dom_groups("", &r_e, &rdata, 0);
551
552                 p = rdata.offset != 0;
553                 if (p && r_e.status != 0)
554                 {
555                         /* report error code */
556                         DEBUG(0,("SAMR_R_ENUM_DOM_GROUPS: %s\n", get_nt_error_msg(r_e.status)));
557                         p = False;
558                 }
559
560                 if (p)
561                 {
562                         int i;
563                         int name_idx = 0;
564                         int desc_idx = 0;
565
566                         *num_sam_groups = r_e.num_entries2;
567                         if (*num_sam_groups > MAX_SAM_ENTRIES)
568                         {
569                                 *num_sam_groups = MAX_SAM_ENTRIES;
570                                 DEBUG(2,("samr_enum_dom_groups: sam user entries limited to %d\n",
571                                           *num_sam_groups));
572                         }
573
574                         *sam = (struct acct_info*) malloc(sizeof(struct acct_info) * (*num_sam_groups));
575                                     
576                         if ((*sam) == NULL)
577                         {
578                                 *num_sam_groups = 0;
579                         }
580
581                         for (i = 0; i < *num_sam_groups; i++)
582                         {
583                                 (*sam)[i].rid = r_e.sam[i].rid_grp;
584                                 (*sam)[i].acct_name[0] = 0;
585                                 (*sam)[i].acct_desc[0] = 0;
586                                 if (r_e.sam[i].hdr_grp_name.buffer)
587                                 {
588                                         fstrcpy((*sam)[i].acct_name, unistr2_to_str(&r_e.str[name_idx].uni_grp_name));
589                                         name_idx++;
590                                 }
591                                 if (r_e.sam[i].hdr_grp_desc.buffer)
592                                 {
593                                         fstrcpy((*sam)[i].acct_desc, unistr2_to_str(&r_e.str[desc_idx].uni_grp_desc));
594                                         desc_idx++;
595                                 }
596                                 DEBUG(5,("samr_enum_dom_groups: idx: %4d rid: %8x acct: %s desc: %s\n",
597                                           i, (*sam)[i].rid, (*sam)[i].acct_name, (*sam)[i].acct_desc));
598                         }
599                         valid_pol = True;
600                 }
601         }
602
603         prs_mem_free(&data   );
604         prs_mem_free(&rdata  );
605
606         return valid_pol;
607 }
608
609 /****************************************************************************
610 do a SAMR enumerate aliases
611 ****************************************************************************/
612 BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, 
613                                 POLICY_HND *pol, uint32 size,
614                                 struct acct_info **sam,
615                                 int *num_sam_aliases)
616 {
617         prs_struct data;
618         prs_struct rdata;
619
620         SAMR_Q_ENUM_DOM_ALIASES q_e;
621         BOOL valid_pol = False;
622
623         DEBUG(4,("SAMR Enum SAM DB max size:%x\n", size));
624
625         if (pol == NULL || num_sam_aliases == NULL) return False;
626
627         /* create and send a MSRPC command with api SAMR_ENUM_DOM_ALIASES */
628
629         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
630         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
631
632         /* store the parameters */
633         make_samr_q_enum_dom_aliases(&q_e, pol, size);
634
635         /* turn parameters into data stream */
636         samr_io_q_enum_dom_aliases("", &q_e, &data, 0);
637
638         /* send the data on \PIPE\ */
639         if (rpc_api_pipe_req(cli, fnum, SAMR_ENUM_DOM_ALIASES, &data, &rdata))
640         {
641                 SAMR_R_ENUM_DOM_ALIASES r_e;
642                 BOOL p;
643
644                 samr_io_r_enum_dom_aliases("", &r_e, &rdata, 0);
645
646                 p = rdata.offset != 0;
647                 if (p && r_e.status != 0)
648                 {
649                         /* report error code */
650                         DEBUG(0,("SAMR_R_ENUM_DOM_ALIASES: %s\n", get_nt_error_msg(r_e.status)));
651                         p = False;
652                 }
653
654                 if (p)
655                 {
656                         int i;
657                         int name_idx = 0;
658
659                         *num_sam_aliases = r_e.num_entries2;
660                         if (*num_sam_aliases > MAX_SAM_ENTRIES)
661                         {
662                                 *num_sam_aliases = MAX_SAM_ENTRIES;
663                                 DEBUG(2,("samr_enum_dom_aliases: sam user entries limited to %d\n",
664                                           *num_sam_aliases));
665                         }
666
667                         *sam = (struct acct_info*) malloc(sizeof(struct acct_info) * (*num_sam_aliases));
668                                     
669                         if ((*sam) == NULL)
670                         {
671                                 *num_sam_aliases = 0;
672                         }
673
674                         for (i = 0; i < *num_sam_aliases; i++)
675                         {
676                                 (*sam)[i].rid = r_e.sam[i].rid;
677                                 (*sam)[i].acct_name[0] = 0;
678                                 (*sam)[i].acct_desc[0] = 0;
679                                 if (r_e.sam[i].hdr_name.buffer)
680                                 {
681                                         fstrcpy((*sam)[i].acct_name, unistr2_to_str(&r_e.uni_grp_name[name_idx]));
682                                         name_idx++;
683                                 }
684                                 DEBUG(5,("samr_enum_dom_aliases: idx: %4d rid: %8x acct: %s\n",
685                                           i, (*sam)[i].rid, (*sam)[i].acct_name));
686                         }
687                         valid_pol = True;
688                 }
689         }
690
691         prs_mem_free(&data   );
692         prs_mem_free(&rdata  );
693
694         return valid_pol;
695 }
696
697 /****************************************************************************
698 do a SAMR enumerate users
699 ****************************************************************************/
700 BOOL samr_enum_dom_users(struct cli_state *cli, uint16 fnum, 
701                                 POLICY_HND *pol, uint32 start_idx, 
702                                 uint16 acb_mask, uint16 unk_1, uint32 size,
703                                 struct acct_info **sam,
704                                 int *num_sam_users)
705 {
706         prs_struct data;
707         prs_struct rdata;
708
709         SAMR_Q_ENUM_DOM_USERS q_e;
710         BOOL valid_pol = False;
711
712         DEBUG(4,("SAMR Enum SAM DB max size:%x\n", size));
713
714         if (pol == NULL || num_sam_users == NULL) return False;
715
716         /* create and send a MSRPC command with api SAMR_ENUM_DOM_USERS */
717
718         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
719         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
720
721         /* store the parameters */
722         make_samr_q_enum_dom_users(&q_e, pol, start_idx, acb_mask, unk_1, size);
723
724         /* turn parameters into data stream */
725         samr_io_q_enum_dom_users("", &q_e, &data, 0);
726
727         /* send the data on \PIPE\ */
728         if (rpc_api_pipe_req(cli, fnum, SAMR_ENUM_DOM_USERS, &data, &rdata))
729         {
730                 SAMR_R_ENUM_DOM_USERS r_e;
731                 BOOL p;
732
733                 samr_io_r_enum_dom_users("", &r_e, &rdata, 0);
734
735                 p = rdata.offset != 0;
736                 if (p && r_e.status != 0)
737                 {
738                         /* report error code */
739                         DEBUG(0,("SAMR_R_ENUM_DOM_USERS: %s\n", get_nt_error_msg(r_e.status)));
740                         p = False;
741                 }
742
743                 if (p)
744                 {
745                         int i;
746                         int name_idx = 0;
747
748                         *num_sam_users = r_e.num_entries2;
749                         if (*num_sam_users > MAX_SAM_ENTRIES)
750                         {
751                                 *num_sam_users = MAX_SAM_ENTRIES;
752                                 DEBUG(2,("samr_enum_dom_users: sam user entries limited to %d\n",
753                                           *num_sam_users));
754                         }
755
756                         *sam = (struct acct_info*) malloc(sizeof(struct acct_info) * (*num_sam_users));
757                                     
758                         if ((*sam) == NULL)
759                         {
760                                 *num_sam_users = 0;
761                         }
762
763                         for (i = 0; i < *num_sam_users; i++)
764                         {
765                                 (*sam)[i].rid = r_e.sam[i].rid;
766                                 (*sam)[i].acct_name[0] = 0;
767                                 (*sam)[i].acct_desc[0] = 0;
768                                 if (r_e.sam[i].hdr_name.buffer)
769                                 {
770                                         fstrcpy((*sam)[i].acct_name, unistr2_to_str(&r_e.uni_acct_name[name_idx]));
771                                         name_idx++;
772                                 }
773                                 DEBUG(5,("samr_enum_dom_users: idx: %4d rid: %8x acct: %s\n",
774                                           i, (*sam)[i].rid, (*sam)[i].acct_name));
775                         }
776                         valid_pol = True;
777                 }
778         }
779
780         prs_mem_free(&data   );
781         prs_mem_free(&rdata  );
782
783         return valid_pol;
784 }
785
786 /****************************************************************************
787 do a SAMR Connect
788 ****************************************************************************/
789 BOOL samr_connect(struct cli_state *cli, uint16 fnum, 
790                                 char *srv_name, uint32 unknown_0,
791                                 POLICY_HND *connect_pol)
792 {
793         prs_struct data;
794         prs_struct rdata;
795
796         SAMR_Q_CONNECT q_o;
797         BOOL valid_pol = False;
798
799         DEBUG(4,("SAMR Open Policy server:%s undoc value:%x\n",
800                                 srv_name, unknown_0));
801
802         if (srv_name == NULL || connect_pol == NULL) return False;
803
804         /* create and send a MSRPC command with api SAMR_CONNECT */
805
806         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
807         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
808
809         /* store the parameters */
810         make_samr_q_connect(&q_o, srv_name, unknown_0);
811
812         /* turn parameters into data stream */
813         samr_io_q_connect("", &q_o,  &data, 0);
814
815         /* send the data on \PIPE\ */
816         if (rpc_api_pipe_req(cli, fnum, SAMR_CONNECT, &data, &rdata))
817         {
818                 SAMR_R_CONNECT r_o;
819                 BOOL p;
820
821                 samr_io_r_connect("", &r_o, &rdata, 0);
822                 p = rdata.offset != 0;
823                 
824                 if (p && r_o.status != 0)
825                 {
826                         /* report error code */
827                         DEBUG(0,("SAMR_R_CONNECT: %s\n", get_nt_error_msg(r_o.status)));
828                         p = False;
829                 }
830
831                 if (p)
832                 {
833                         memcpy(connect_pol, &r_o.connect_pol, sizeof(r_o.connect_pol));
834                         valid_pol = True;
835                 }
836         }
837
838         prs_mem_free(&data   );
839         prs_mem_free(&rdata  );
840
841         return valid_pol;
842 }
843
844 /****************************************************************************
845 do a SAMR Open User
846 ****************************************************************************/
847 BOOL samr_open_user(struct cli_state *cli, uint16 fnum, 
848                                 POLICY_HND *pol, uint32 unk_0, uint32 rid, 
849                                 POLICY_HND *user_pol)
850 {
851         prs_struct data;
852         prs_struct rdata;
853
854         SAMR_Q_OPEN_USER q_o;
855         BOOL valid_pol = False;
856
857         DEBUG(4,("SAMR Open User.  unk_0: %08x RID:%x\n",
858                   unk_0, rid));
859
860         if (pol == NULL || user_pol == NULL) return False;
861
862         /* create and send a MSRPC command with api SAMR_OPEN_USER */
863
864         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
865         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
866
867         /* store the parameters */
868         make_samr_q_open_user(&q_o, pol, unk_0, rid);
869
870         /* turn parameters into data stream */
871         samr_io_q_open_user("", &q_o,  &data, 0);
872
873         /* send the data on \PIPE\ */
874         if (rpc_api_pipe_req(cli, fnum, SAMR_OPEN_USER, &data, &rdata))
875         {
876                 SAMR_R_OPEN_USER r_o;
877                 BOOL p;
878
879                 samr_io_r_open_user("", &r_o, &rdata, 0);
880                 p = rdata.offset != 0;
881                 
882                 if (p && r_o.status != 0)
883                 {
884                         /* report error code */
885                         DEBUG(0,("SAMR_R_OPEN_USER: %s\n", get_nt_error_msg(r_o.status)));
886                         p = False;
887                 }
888
889                 if (p)
890                 {
891                         memcpy(user_pol, &r_o.user_pol, sizeof(r_o.user_pol));
892                         valid_pol = True;
893                 }
894         }
895
896         prs_mem_free(&data   );
897         prs_mem_free(&rdata  );
898
899         return valid_pol;
900 }
901
902 /****************************************************************************
903 do a SAMR Open Alias
904 ****************************************************************************/
905 BOOL samr_open_alias(struct cli_state *cli, uint16 fnum, 
906                                 POLICY_HND *domain_pol,
907                                 uint32 flags, uint32 rid,
908                                 POLICY_HND *alias_pol)
909 {
910         prs_struct data;
911         prs_struct rdata;
912
913         SAMR_Q_OPEN_ALIAS q_o;
914         BOOL valid_pol = False;
915
916         DEBUG(4,("SAMR Open Alias. RID:%x\n", rid));
917
918         if (alias_pol == NULL || domain_pol == NULL) return False;
919
920         /* create and send a MSRPC command with api SAMR_OPEN_ALIAS */
921
922         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
923         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
924
925         /* store the parameters */
926         make_samr_q_open_alias(&q_o, domain_pol, flags, rid);
927
928         /* turn parameters into data stream */
929         samr_io_q_open_alias("", &q_o,  &data, 0);
930
931         /* send the data on \PIPE\ */
932         if (rpc_api_pipe_req(cli, fnum, SAMR_OPEN_ALIAS, &data, &rdata))
933         {
934                 SAMR_R_OPEN_ALIAS r_o;
935                 BOOL p;
936
937                 samr_io_r_open_alias("", &r_o, &rdata, 0);
938                 p = rdata.offset != 0;
939
940                 if (p && r_o.status != 0)
941                 {
942                         /* report error code */
943                         DEBUG(0,("SAMR_R_OPEN_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
944                         p = False;
945                 }
946
947                 if (p)
948                 {
949                         memcpy(alias_pol, &r_o.pol, sizeof(r_o.pol));
950                         valid_pol = True;
951                 }
952         }
953
954         prs_mem_free(&data   );
955         prs_mem_free(&rdata  );
956
957         return valid_pol;
958 }
959
960 /****************************************************************************
961 do a SAMR Delete Alias Member
962 ****************************************************************************/
963 BOOL samr_del_aliasmem(struct cli_state *cli, uint16 fnum, 
964                                 POLICY_HND *alias_pol, DOM_SID *sid)
965 {
966         prs_struct data;
967         prs_struct rdata;
968
969         SAMR_Q_DEL_ALIASMEM q_o;
970         BOOL valid_pol = False;
971
972         if (alias_pol == NULL || sid == NULL) return False;
973
974         /* create and send a MSRPC command with api SAMR_DEL_ALIASMEM */
975
976         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
977         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
978
979         DEBUG(4,("SAMR Delete Alias Member.\n"));
980
981         /* store the parameters */
982         make_samr_q_del_aliasmem(&q_o, alias_pol, sid);
983
984         /* turn parameters into data stream */
985         samr_io_q_del_aliasmem("", &q_o,  &data, 0);
986
987         /* send the data on \PIPE\ */
988         if (rpc_api_pipe_req(cli, fnum, SAMR_DEL_ALIASMEM, &data, &rdata))
989         {
990                 SAMR_R_DEL_ALIASMEM r_o;
991                 BOOL p;
992
993                 samr_io_r_del_aliasmem("", &r_o, &rdata, 0);
994                 p = rdata.offset != 0;
995
996                 if (p && r_o.status != 0)
997                 {
998                         /* report error code */
999                         DEBUG(0,("SAMR_R_DEL_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
1000                         p = False;
1001                 }
1002
1003                 if (p)
1004                 {
1005                         valid_pol = True;
1006                 }
1007         }
1008
1009         prs_mem_free(&data   );
1010         prs_mem_free(&rdata  );
1011
1012         return valid_pol;
1013 }
1014
1015 /****************************************************************************
1016 do a SAMR Add Alias Member
1017 ****************************************************************************/
1018 BOOL samr_add_aliasmem(struct cli_state *cli, uint16 fnum, 
1019                                 POLICY_HND *alias_pol, DOM_SID *sid)
1020 {
1021         prs_struct data;
1022         prs_struct rdata;
1023
1024         SAMR_Q_ADD_ALIASMEM q_o;
1025         BOOL valid_pol = False;
1026
1027         if (alias_pol == NULL || sid == NULL) return False;
1028
1029         /* create and send a MSRPC command with api SAMR_ADD_ALIASMEM */
1030
1031         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1032         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1033
1034         DEBUG(4,("SAMR Add Alias Member.\n"));
1035
1036         /* store the parameters */
1037         make_samr_q_add_aliasmem(&q_o, alias_pol, sid);
1038
1039         /* turn parameters into data stream */
1040         samr_io_q_add_aliasmem("", &q_o,  &data, 0);
1041
1042         /* send the data on \PIPE\ */
1043         if (rpc_api_pipe_req(cli, fnum, SAMR_ADD_ALIASMEM, &data, &rdata))
1044         {
1045                 SAMR_R_ADD_ALIASMEM r_o;
1046                 BOOL p;
1047
1048                 samr_io_r_add_aliasmem("", &r_o, &rdata, 0);
1049                 p = rdata.offset != 0;
1050
1051                 if (p && r_o.status != 0)
1052                 {
1053                         /* report error code */
1054                         DEBUG(0,("SAMR_R_ADD_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
1055                         p = False;
1056                 }
1057
1058                 if (p)
1059                 {
1060                         valid_pol = True;
1061                 }
1062         }
1063
1064         prs_mem_free(&data   );
1065         prs_mem_free(&rdata  );
1066
1067         return valid_pol;
1068 }
1069
1070 /****************************************************************************
1071 do a SAMR Delete Domain Alias
1072 ****************************************************************************/
1073 BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum, 
1074                                 POLICY_HND *alias_pol)
1075 {
1076         prs_struct data;
1077         prs_struct rdata;
1078
1079         SAMR_Q_DELETE_DOM_ALIAS q_o;
1080         BOOL valid_pol = False;
1081
1082         if (alias_pol == NULL) return False;
1083
1084         /* delete and send a MSRPC command with api SAMR_DELETE_DOM_ALIAS */
1085
1086         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1087         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1088
1089         DEBUG(4,("SAMR Delete Domain Alias.\n"));
1090
1091         /* store the parameters */
1092         make_samr_q_delete_dom_alias(&q_o, alias_pol);
1093
1094         /* turn parameters into data stream */
1095         samr_io_q_delete_dom_alias("", &q_o,  &data, 0);
1096
1097         /* send the data on \PIPE\ */
1098         if (rpc_api_pipe_req(cli, fnum, SAMR_DELETE_DOM_ALIAS, &data, &rdata))
1099         {
1100                 SAMR_R_DELETE_DOM_ALIAS r_o;
1101                 BOOL p;
1102
1103                 samr_io_r_delete_dom_alias("", &r_o, &rdata, 0);
1104                 p = rdata.offset != 0;
1105
1106                 if (p && r_o.status != 0)
1107                 {
1108                         /* report error code */
1109                         DEBUG(0,("SAMR_R_DELETE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
1110                         p = False;
1111                 }
1112
1113                 if (p)
1114                 {
1115                         valid_pol = True;
1116                 }
1117         }
1118
1119         prs_mem_free(&data   );
1120         prs_mem_free(&rdata  );
1121
1122         return valid_pol;
1123 }
1124
1125 /****************************************************************************
1126 do a SAMR Create Domain Alias
1127 ****************************************************************************/
1128 BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum, 
1129                                 POLICY_HND *domain_pol, const char *acct_name,
1130                                 POLICY_HND *alias_pol, uint32 *rid)
1131 {
1132         prs_struct data;
1133         prs_struct rdata;
1134
1135         SAMR_Q_CREATE_DOM_ALIAS q_o;
1136         BOOL valid_pol = False;
1137
1138         if (alias_pol == NULL || domain_pol == NULL || acct_name == NULL || rid == NULL) return False;
1139
1140         /* create and send a MSRPC command with api SAMR_CREATE_DOM_ALIAS */
1141
1142         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1143         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1144
1145         DEBUG(4,("SAMR Create Domain Alias. Name:%s\n", acct_name));
1146
1147         /* store the parameters */
1148         make_samr_q_create_dom_alias(&q_o, domain_pol, acct_name);
1149
1150         /* turn parameters into data stream */
1151         samr_io_q_create_dom_alias("", &q_o,  &data, 0);
1152
1153         /* send the data on \PIPE\ */
1154         if (rpc_api_pipe_req(cli, fnum, SAMR_CREATE_DOM_ALIAS, &data, &rdata))
1155         {
1156                 SAMR_R_CREATE_DOM_ALIAS r_o;
1157                 BOOL p;
1158
1159                 samr_io_r_create_dom_alias("", &r_o, &rdata, 0);
1160                 p = rdata.offset != 0;
1161
1162                 if (p && r_o.status != 0)
1163                 {
1164                         /* report error code */
1165                         DEBUG(0,("SAMR_R_CREATE_DOM_ALIAS: %s\n", get_nt_error_msg(r_o.status)));
1166                         p = False;
1167                 }
1168
1169                 if (p)
1170                 {
1171                         memcpy(alias_pol, &r_o.alias_pol, sizeof(r_o.alias_pol));
1172                         *rid = r_o.rid;
1173                         valid_pol = True;
1174                 }
1175         }
1176
1177         prs_mem_free(&data   );
1178         prs_mem_free(&rdata  );
1179
1180         return valid_pol;
1181 }
1182
1183 /****************************************************************************
1184 do a SAMR Set Alias Info
1185 ****************************************************************************/
1186 BOOL samr_set_aliasinfo(struct cli_state *cli, uint16 fnum, 
1187                                 POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
1188 {
1189         prs_struct data;
1190         prs_struct rdata;
1191
1192         SAMR_Q_SET_ALIASINFO q_o;
1193         BOOL valid_pol = False;
1194
1195         if (alias_pol == NULL || ctr == NULL) return False;
1196
1197         /* create and send a MSRPC command with api SAMR_SET_ALIASINFO */
1198
1199         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1200         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1201
1202         DEBUG(4,("SAMR Set Alias Info\n"));
1203
1204         /* store the parameters */
1205         make_samr_q_set_aliasinfo(&q_o, alias_pol, ctr);
1206
1207         /* turn parameters into data stream */
1208         samr_io_q_set_aliasinfo("", &q_o,  &data, 0);
1209
1210         /* send the data on \PIPE\ */
1211         if (rpc_api_pipe_req(cli, fnum, SAMR_SET_ALIASINFO, &data, &rdata))
1212         {
1213                 SAMR_R_SET_ALIASINFO r_o;
1214                 BOOL p;
1215
1216                 samr_io_r_set_aliasinfo("", &r_o, &rdata, 0);
1217                 p = rdata.offset != 0;
1218
1219                 if (p && r_o.status != 0)
1220                 {
1221                         /* report error code */
1222                         DEBUG(0,("SAMR_R_SET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status)));
1223                         p = False;
1224                 }
1225
1226                 if (p)
1227                 {
1228                         valid_pol = True;
1229                 }
1230         }
1231
1232         prs_mem_free(&data   );
1233         prs_mem_free(&rdata  );
1234
1235         return valid_pol;
1236 }
1237
1238 /****************************************************************************
1239 do a SAMR Open Group
1240 ****************************************************************************/
1241 BOOL samr_open_group(struct cli_state *cli, uint16 fnum, 
1242                                 POLICY_HND *domain_pol,
1243                                 uint32 flags, uint32 rid,
1244                                 POLICY_HND *group_pol)
1245 {
1246         prs_struct data;
1247         prs_struct rdata;
1248
1249         SAMR_Q_OPEN_GROUP q_o;
1250         BOOL valid_pol = False;
1251
1252         DEBUG(4,("SAMR Open Group. RID:%x\n", rid));
1253
1254         if (group_pol == NULL || domain_pol == NULL) return False;
1255
1256         /* create and send a MSRPC command with api SAMR_OPEN_GROUP */
1257
1258         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1259         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1260
1261         /* store the parameters */
1262         make_samr_q_open_group(&q_o, domain_pol, flags, rid);
1263
1264         /* turn parameters into data stream */
1265         samr_io_q_open_group("", &q_o,  &data, 0);
1266
1267         /* send the data on \PIPE\ */
1268         if (rpc_api_pipe_req(cli, fnum, SAMR_OPEN_GROUP, &data, &rdata))
1269         {
1270                 SAMR_R_OPEN_GROUP r_o;
1271                 BOOL p;
1272
1273                 samr_io_r_open_group("", &r_o, &rdata, 0);
1274                 p = rdata.offset != 0;
1275
1276                 if (p && r_o.status != 0)
1277                 {
1278                         /* report error code */
1279                         DEBUG(0,("SAMR_R_OPEN_GROUP: %s\n", get_nt_error_msg(r_o.status)));
1280                         p = False;
1281                 }
1282
1283                 if (p)
1284                 {
1285                         memcpy(group_pol, &r_o.pol, sizeof(r_o.pol));
1286                         valid_pol = True;
1287                 }
1288         }
1289
1290         prs_mem_free(&data   );
1291         prs_mem_free(&rdata  );
1292
1293         return valid_pol;
1294 }
1295
1296 /****************************************************************************
1297 do a SAMR Delete Group Member
1298 ****************************************************************************/
1299 BOOL samr_del_groupmem(struct cli_state *cli, uint16 fnum, 
1300                                 POLICY_HND *group_pol, uint32 rid)
1301 {
1302         prs_struct data;
1303         prs_struct rdata;
1304
1305         SAMR_Q_DEL_GROUPMEM q_o;
1306         BOOL valid_pol = False;
1307
1308         if (group_pol == NULL) return False;
1309
1310         /* create and send a MSRPC command with api SAMR_DEL_GROUPMEM */
1311
1312         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1313         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1314
1315         DEBUG(4,("SAMR Delete Group Member.\n"));
1316
1317         /* store the parameters */
1318         make_samr_q_del_groupmem(&q_o, group_pol, rid);
1319
1320         /* turn parameters into data stream */
1321         samr_io_q_del_groupmem("", &q_o,  &data, 0);
1322
1323         /* send the data on \PIPE\ */
1324         if (rpc_api_pipe_req(cli, fnum, SAMR_DEL_GROUPMEM, &data, &rdata))
1325         {
1326                 SAMR_R_DEL_GROUPMEM r_o;
1327                 BOOL p;
1328
1329                 samr_io_r_del_groupmem("", &r_o, &rdata, 0);
1330                 p = rdata.offset != 0;
1331
1332                 if (p && r_o.status != 0)
1333                 {
1334                         /* report error code */
1335                         DEBUG(0,("SAMR_R_DEL_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
1336                         p = False;
1337                 }
1338
1339                 if (p)
1340                 {
1341                         valid_pol = True;
1342                 }
1343         }
1344
1345         prs_mem_free(&data   );
1346         prs_mem_free(&rdata  );
1347
1348         return valid_pol;
1349 }
1350
1351 /****************************************************************************
1352 do a SAMR Add Group Member
1353 ****************************************************************************/
1354 BOOL samr_add_groupmem(struct cli_state *cli, uint16 fnum, 
1355                                 POLICY_HND *group_pol, uint32 rid)
1356 {
1357         prs_struct data;
1358         prs_struct rdata;
1359
1360         SAMR_Q_ADD_GROUPMEM q_o;
1361         BOOL valid_pol = False;
1362
1363         if (group_pol == NULL) return False;
1364
1365         /* create and send a MSRPC command with api SAMR_ADD_GROUPMEM */
1366
1367         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1368         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1369
1370         DEBUG(4,("SAMR Add Group Member.\n"));
1371
1372         /* store the parameters */
1373         make_samr_q_add_groupmem(&q_o, group_pol, rid);
1374
1375         /* turn parameters into data stream */
1376         samr_io_q_add_groupmem("", &q_o,  &data, 0);
1377
1378         /* send the data on \PIPE\ */
1379         if (rpc_api_pipe_req(cli, fnum, SAMR_ADD_GROUPMEM, &data, &rdata))
1380         {
1381                 SAMR_R_ADD_GROUPMEM r_o;
1382                 BOOL p;
1383
1384                 samr_io_r_add_groupmem("", &r_o, &rdata, 0);
1385                 p = rdata.offset != 0;
1386
1387                 if (p && r_o.status != 0)
1388                 {
1389                         /* report error code */
1390                         DEBUG(0,("SAMR_R_ADD_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
1391                         p = False;
1392                 }
1393
1394                 if (p)
1395                 {
1396                         valid_pol = True;
1397                 }
1398         }
1399
1400         prs_mem_free(&data   );
1401         prs_mem_free(&rdata  );
1402
1403         return valid_pol;
1404 }
1405
1406 /****************************************************************************
1407 do a SAMR Delete Domain Group
1408 ****************************************************************************/
1409 BOOL samr_delete_dom_group(struct cli_state *cli, uint16 fnum, POLICY_HND *group_pol)
1410 {
1411         prs_struct data;
1412         prs_struct rdata;
1413
1414         SAMR_Q_DELETE_DOM_GROUP q_o;
1415         BOOL valid_pol = False;
1416
1417         if (group_pol == NULL) return False;
1418
1419         /* delete and send a MSRPC command with api SAMR_DELETE_DOM_GROUP */
1420
1421         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1422         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1423
1424         DEBUG(4,("SAMR Delete Domain Group.\n"));
1425
1426         /* store the parameters */
1427         make_samr_q_delete_dom_group(&q_o, group_pol);
1428
1429         /* turn parameters into data stream */
1430         samr_io_q_delete_dom_group("", &q_o,  &data, 0);
1431
1432         /* send the data on \PIPE\ */
1433         if (rpc_api_pipe_req(cli, fnum, SAMR_DELETE_DOM_GROUP, &data, &rdata))
1434         {
1435                 SAMR_R_DELETE_DOM_GROUP r_o;
1436                 BOOL p;
1437
1438                 samr_io_r_delete_dom_group("", &r_o, &rdata, 0);
1439                 p = rdata.offset != 0;
1440
1441                 if (p && r_o.status != 0)
1442                 {
1443                         /* report error code */
1444                         DEBUG(0,("SAMR_R_DELETE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status)));
1445                         p = False;
1446                 }
1447
1448                 if (p)
1449                 {
1450                         valid_pol = True;
1451                 }
1452         }
1453
1454         prs_mem_free(&data   );
1455         prs_mem_free(&rdata  );
1456
1457         return valid_pol;
1458 }
1459
1460 /****************************************************************************
1461 do a SAMR Create Domain Group
1462 ****************************************************************************/
1463 BOOL samr_create_dom_group(struct cli_state *cli, uint16 fnum, 
1464                                 POLICY_HND *domain_pol, const char *acct_name,
1465                                 POLICY_HND *group_pol, uint32 *rid)
1466 {
1467         prs_struct data;
1468         prs_struct rdata;
1469
1470         SAMR_Q_CREATE_DOM_GROUP q_o;
1471         BOOL valid_pol = False;
1472
1473         if (group_pol == NULL || domain_pol == NULL || acct_name == NULL || rid == NULL) return False;
1474
1475         /* create and send a MSRPC command with api SAMR_CREATE_DOM_GROUP */
1476
1477         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1478         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1479
1480         DEBUG(4,("SAMR Create Domain Group. Name:%s\n", acct_name));
1481
1482         /* store the parameters */
1483         make_samr_q_create_dom_group(&q_o, domain_pol, acct_name);
1484
1485         /* turn parameters into data stream */
1486         samr_io_q_create_dom_group("", &q_o,  &data, 0);
1487
1488         /* send the data on \PIPE\ */
1489         if (rpc_api_pipe_req(cli, fnum, SAMR_CREATE_DOM_GROUP, &data, &rdata))
1490         {
1491                 SAMR_R_CREATE_DOM_GROUP r_o;
1492                 BOOL p;
1493
1494                 samr_io_r_create_dom_group("", &r_o, &rdata, 0);
1495                 p = rdata.offset != 0;
1496
1497                 if (p && r_o.status != 0)
1498                 {
1499                         /* report error code */
1500                         DEBUG(0,("SAMR_R_CREATE_DOM_GROUP: %s\n", get_nt_error_msg(r_o.status)));
1501                         p = False;
1502                 }
1503
1504                 if (p)
1505                 {
1506                         memcpy(group_pol, &r_o.pol, sizeof(r_o.pol));
1507                         *rid = r_o.rid;
1508                         valid_pol = True;
1509                 }
1510         }
1511
1512         prs_mem_free(&data   );
1513         prs_mem_free(&rdata  );
1514
1515         return valid_pol;
1516 }
1517
1518 /****************************************************************************
1519 do a SAMR Set Group Info
1520 ****************************************************************************/
1521 BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum, 
1522                                 POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
1523 {
1524         prs_struct data;
1525         prs_struct rdata;
1526
1527         SAMR_Q_SET_GROUPINFO q_o;
1528         BOOL valid_pol = False;
1529
1530         if (group_pol == NULL || ctr == NULL) return False;
1531
1532         /* create and send a MSRPC command with api SAMR_SET_GROUPINFO */
1533
1534         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1535         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1536
1537         DEBUG(4,("SAMR Set Group Info\n"));
1538
1539         /* store the parameters */
1540         make_samr_q_set_groupinfo(&q_o, group_pol, ctr);
1541
1542         /* turn parameters into data stream */
1543         samr_io_q_set_groupinfo("", &q_o,  &data, 0);
1544
1545         /* send the data on \PIPE\ */
1546         if (rpc_api_pipe_req(cli, fnum, SAMR_SET_GROUPINFO, &data, &rdata))
1547         {
1548                 SAMR_R_SET_GROUPINFO r_o;
1549                 BOOL p;
1550
1551                 samr_io_r_set_groupinfo("", &r_o, &rdata, 0);
1552                 p = rdata.offset != 0;
1553
1554                 if (p && r_o.status != 0)
1555                 {
1556                         /* report error code */
1557                         DEBUG(0,("SAMR_R_SET_GROUPINFO: %s\n", get_nt_error_msg(r_o.status)));
1558                         p = False;
1559                 }
1560
1561                 if (p)
1562                 {
1563                         valid_pol = True;
1564                 }
1565         }
1566
1567         prs_mem_free(&data   );
1568         prs_mem_free(&rdata  );
1569
1570         return valid_pol;
1571 }
1572
1573 /****************************************************************************
1574 do a SAMR Open Domain
1575 ****************************************************************************/
1576 BOOL samr_open_domain(struct cli_state *cli, uint16 fnum, 
1577                                 POLICY_HND *connect_pol, uint32 flags, DOM_SID *sid,
1578                                 POLICY_HND *domain_pol)
1579 {
1580         pstring sid_str;
1581         prs_struct data;
1582         prs_struct rdata;
1583
1584         SAMR_Q_OPEN_DOMAIN q_o;
1585         BOOL valid_pol = False;
1586
1587         sid_to_string(sid_str, sid);
1588         DEBUG(4,("SAMR Open Domain.  SID:%s Flags:%x\n", sid_str, flags));
1589
1590         if (connect_pol == NULL || sid == NULL || domain_pol == NULL) return False;
1591
1592         /* create and send a MSRPC command with api SAMR_OPEN_DOMAIN */
1593
1594         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1595         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1596
1597         /* store the parameters */
1598         make_samr_q_open_domain(&q_o, connect_pol, flags, sid);
1599
1600         /* turn parameters into data stream */
1601         samr_io_q_open_domain("", &q_o,  &data, 0);
1602
1603         /* send the data on \PIPE\ */
1604         if (rpc_api_pipe_req(cli, fnum, SAMR_OPEN_DOMAIN, &data, &rdata))
1605         {
1606                 SAMR_R_OPEN_DOMAIN r_o;
1607                 BOOL p;
1608
1609                 samr_io_r_open_domain("", &r_o, &rdata, 0);
1610                 p = rdata.offset != 0;
1611
1612                 if (p && r_o.status != 0)
1613                 {
1614                         /* report error code */
1615                         DEBUG(0,("SAMR_R_OPEN_DOMAIN: %s\n", get_nt_error_msg(r_o.status)));
1616                         p = False;
1617                 }
1618
1619                 if (p)
1620                 {
1621                         memcpy(domain_pol, &r_o.domain_pol, sizeof(r_o.domain_pol));
1622                         valid_pol = True;
1623                 }
1624         }
1625
1626         prs_mem_free(&data   );
1627         prs_mem_free(&rdata  );
1628
1629         return valid_pol;
1630 }
1631
1632 /****************************************************************************
1633 do a SAMR Query Lookup Names
1634 ****************************************************************************/
1635 BOOL samr_query_lookup_names(struct cli_state *cli, uint16 fnum, 
1636                                 POLICY_HND *pol, uint32 flags,
1637                                 uint32 num_names, const char **names,
1638                                 uint32 *num_rids,
1639                                 uint32 rid[MAX_LOOKUP_SIDS],
1640                                 uint32 type[MAX_LOOKUP_SIDS])
1641 {
1642         prs_struct data;
1643         prs_struct rdata;
1644
1645         SAMR_Q_LOOKUP_NAMES q_o;
1646         BOOL valid_query = False;
1647
1648         if (pol == NULL || flags == 0 || num_names == 0 || names == NULL ||
1649             num_rids == NULL || rid == NULL || type == NULL ) return False;
1650
1651         /* create and send a MSRPC command with api SAMR_LOOKUP_NAMES */
1652
1653         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1654         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1655
1656         DEBUG(4,("SAMR Query Lookup NAMES.\n"));
1657
1658         /* store the parameters */
1659         make_samr_q_lookup_names(&q_o, pol, flags, num_names, names);
1660
1661         /* turn parameters into data stream */
1662         samr_io_q_lookup_names("", &q_o, &data, 0);
1663
1664         /* send the data on \PIPE\ */
1665         if (rpc_api_pipe_req(cli, fnum, SAMR_LOOKUP_NAMES, &data, &rdata))
1666         {
1667                 SAMR_R_LOOKUP_NAMES r_o;
1668                 BOOL p;
1669
1670                 samr_io_r_lookup_names("", &r_o, &rdata, 0);
1671                 p = rdata.offset != 0;
1672                 
1673                 if (p && r_o.status != 0)
1674                 {
1675                         /* report error code */
1676                         DEBUG(0,("SAMR_R_LOOKUP_NAMES: %s\n", get_nt_error_msg(r_o.status)));
1677                         p = False;
1678                 }
1679
1680                 if (p)
1681                 {
1682                         if (r_o.ptr_rids != 0 && r_o.ptr_types != 0 &&
1683                             r_o.num_types1 == r_o.num_rids1)
1684                         {
1685                                 int i;
1686
1687                                 valid_query = True;
1688                                 *num_rids = r_o.num_rids1;
1689
1690                                 for (i = 0; i < r_o.num_rids1; i++)
1691                                 {
1692                                         rid[i] = r_o.rid[i];
1693                                 }
1694                                 for (i = 0; i < r_o.num_types1; i++)
1695                                 {
1696                                         type[i] = r_o.type[i];
1697                                 }
1698                         }
1699                         else if (r_o.ptr_rids == 0 && r_o.ptr_types == 0)
1700                         {
1701                                 valid_query = True;
1702                                 *num_rids = 0;
1703                         }
1704                         else
1705                         {
1706                                 p = False;
1707                         }
1708                 }
1709         }
1710
1711         prs_mem_free(&data   );
1712         prs_mem_free(&rdata  );
1713
1714         return valid_query;
1715 }
1716
1717 /****************************************************************************
1718 do a SAMR Query Lookup RIDS
1719 ****************************************************************************/
1720 BOOL samr_query_lookup_rids(struct cli_state *cli, uint16 fnum, 
1721                                 POLICY_HND *pol, uint32 flags,
1722                                 uint32 num_rids, uint32 *rids,
1723                                 uint32 *num_names,
1724                                 fstring names[MAX_LOOKUP_SIDS],
1725                                 uint32  type [MAX_LOOKUP_SIDS])
1726 {
1727         prs_struct data;
1728         prs_struct rdata;
1729
1730         SAMR_Q_LOOKUP_RIDS q_o;
1731         BOOL valid_query = False;
1732
1733         if (pol == NULL || flags == 0 || num_rids == 0 || rids == NULL ||
1734             num_names == NULL || names == NULL || type == NULL ) return False;
1735
1736         /* create and send a MSRPC command with api SAMR_LOOKUP_RIDS */
1737
1738         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1739         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1740
1741         DEBUG(4,("SAMR Query Lookup RIDs.\n"));
1742
1743         /* store the parameters */
1744         make_samr_q_lookup_rids(&q_o, pol, flags, num_rids, rids);
1745
1746         /* turn parameters into data stream */
1747         samr_io_q_lookup_rids("", &q_o,  &data, 0);
1748
1749         /* send the data on \PIPE\ */
1750         if (rpc_api_pipe_req(cli, fnum, SAMR_LOOKUP_RIDS, &data, &rdata))
1751         {
1752                 SAMR_R_LOOKUP_RIDS r_o;
1753                 BOOL p;
1754
1755                 samr_io_r_lookup_rids("", &r_o, &rdata, 0);
1756                 p = rdata.offset != 0;
1757                 
1758                 if (p && r_o.status != 0)
1759                 {
1760                         /* report error code */
1761                         DEBUG(0,("SAMR_R_LOOKUP_RIDS: %s\n", get_nt_error_msg(r_o.status)));
1762                         p = False;
1763                 }
1764
1765                 if (p)
1766                 {
1767                         if (r_o.ptr_names != 0 && r_o.ptr_types != 0 &&
1768                             r_o.num_types1 == r_o.num_names1)
1769                         {
1770                                 int i;
1771
1772                                 valid_query = True;
1773                                 *num_names = r_o.num_names1;
1774
1775                                 for (i = 0; i < r_o.num_names1; i++)
1776                                 {
1777                                         fstrcpy(names[i], unistr2_to_str(&r_o.uni_name[i]));
1778                                 }
1779                                 for (i = 0; i < r_o.num_types1; i++)
1780                                 {
1781                                         type[i] = r_o.type[i];
1782                                 }
1783                         }
1784                         else if (r_o.ptr_names == 0 && r_o.ptr_types == 0)
1785                         {
1786                                 valid_query = True;
1787                                 *num_names = 0;
1788                         }
1789                         else
1790                         {
1791                                 p = False;
1792                         }
1793                 }
1794         }
1795
1796         prs_mem_free(&data   );
1797         prs_mem_free(&rdata  );
1798
1799         return valid_query;
1800 }
1801
1802 /****************************************************************************
1803 do a SAMR Query Alias Members
1804 ****************************************************************************/
1805 BOOL samr_query_aliasmem(struct cli_state *cli, uint16 fnum, 
1806                                 POLICY_HND *alias_pol, 
1807                                 uint32 *num_mem, DOM_SID2 *sid)
1808 {
1809         prs_struct data;
1810         prs_struct rdata;
1811
1812         SAMR_Q_QUERY_ALIASMEM q_o;
1813         BOOL valid_query = False;
1814
1815         DEBUG(4,("SAMR Query Alias Members.\n"));
1816
1817         if (alias_pol == NULL || sid == NULL || num_mem == NULL) return False;
1818
1819         /* create and send a MSRPC command with api SAMR_QUERY_ALIASMEM */
1820
1821         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1822         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1823
1824         /* store the parameters */
1825         make_samr_q_query_aliasmem(&q_o, alias_pol);
1826
1827         /* turn parameters into data stream */
1828         samr_io_q_query_aliasmem("", &q_o,  &data, 0);
1829
1830         /* send the data on \PIPE\ */
1831         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_ALIASMEM, &data, &rdata))
1832         {
1833                 SAMR_R_QUERY_ALIASMEM r_o;
1834                 BOOL p;
1835
1836                 /* get user info */
1837                 r_o.sid = sid;
1838
1839                 samr_io_r_query_aliasmem("", &r_o, &rdata, 0);
1840                 p = rdata.offset != 0;
1841                 
1842                 if (p && r_o.status != 0)
1843                 {
1844                         /* report error code */
1845                         DEBUG(0,("SAMR_R_QUERY_ALIASMEM: %s\n", get_nt_error_msg(r_o.status)));
1846                         p = False;
1847                 }
1848
1849                 if (p && r_o.ptr != 0)
1850                 {
1851                         valid_query = True;
1852                         *num_mem = r_o.num_sids;
1853                 }
1854
1855         }
1856
1857         prs_mem_free(&data   );
1858         prs_mem_free(&rdata  );
1859
1860         return valid_query;
1861 }
1862
1863 /****************************************************************************
1864 do a SAMR Query User Aliases
1865 ****************************************************************************/
1866 BOOL samr_query_useraliases(struct cli_state *cli, uint16 fnum, 
1867                                 POLICY_HND *pol, DOM_SID *sid,
1868                                 uint32 *num_aliases, uint32 *rid)
1869 {
1870         prs_struct data;
1871         prs_struct rdata;
1872
1873         SAMR_Q_QUERY_USERALIASES q_o;
1874         BOOL valid_query = False;
1875
1876         DEBUG(4,("SAMR Query User Aliases.\n"));
1877
1878         if (pol == NULL || sid == NULL || rid == NULL || num_aliases == 0) return False;
1879
1880         /* create and send a MSRPC command with api SAMR_QUERY_USERALIASES */
1881
1882         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1883         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1884
1885         /* store the parameters */
1886         make_samr_q_query_useraliases(&q_o, pol, sid);
1887
1888         /* turn parameters into data stream */
1889         samr_io_q_query_useraliases("", &q_o,  &data, 0);
1890
1891         /* send the data on \PIPE\ */
1892         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_USERALIASES, &data, &rdata))
1893         {
1894                 SAMR_R_QUERY_USERALIASES r_o;
1895                 BOOL p;
1896
1897                 /* get user info */
1898                 r_o.rid = rid;
1899
1900                 samr_io_r_query_useraliases("", &r_o, &rdata, 0);
1901                 p = rdata.offset != 0;
1902                 
1903                 if (p && r_o.status != 0)
1904                 {
1905                         /* report error code */
1906                         DEBUG(0,("SAMR_R_QUERY_USERALIASES: %s\n", get_nt_error_msg(r_o.status)));
1907                         p = False;
1908                 }
1909
1910                 if (p && r_o.ptr != 0)
1911                 {
1912                         valid_query = True;
1913                         *num_aliases = r_o.num_entries;
1914                 }
1915
1916         }
1917
1918         prs_mem_free(&data   );
1919         prs_mem_free(&rdata  );
1920
1921         return valid_query;
1922 }
1923
1924 /****************************************************************************
1925 do a SAMR Query Group Members
1926 ****************************************************************************/
1927 BOOL samr_query_groupmem(struct cli_state *cli, uint16 fnum, 
1928                                 POLICY_HND *group_pol, 
1929                                 uint32 *num_mem, uint32 *rid, uint32 *attr)
1930 {
1931         prs_struct data;
1932         prs_struct rdata;
1933
1934         SAMR_Q_QUERY_GROUPMEM q_o;
1935         BOOL valid_query = False;
1936
1937         DEBUG(4,("SAMR Query Group Members.\n"));
1938
1939         if (group_pol == NULL || rid == NULL || attr == NULL || num_mem == NULL) return False;
1940
1941         /* create and send a MSRPC command with api SAMR_QUERY_GROUPMEM */
1942
1943         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
1944         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
1945
1946         /* store the parameters */
1947         make_samr_q_query_groupmem(&q_o, group_pol);
1948
1949         /* turn parameters into data stream */
1950         samr_io_q_query_groupmem("", &q_o,  &data, 0);
1951
1952         /* send the data on \PIPE\ */
1953         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_GROUPMEM, &data, &rdata))
1954         {
1955                 SAMR_R_QUERY_GROUPMEM r_o;
1956                 BOOL p;
1957
1958                 /* get user info */
1959                 r_o.rid  = rid;
1960                 r_o.attr = attr;
1961
1962                 samr_io_r_query_groupmem("", &r_o, &rdata, 0);
1963                 p = rdata.offset != 0;
1964                 
1965                 if (p && r_o.status != 0)
1966                 {
1967                         /* report error code */
1968                         DEBUG(0,("SAMR_R_QUERY_GROUPMEM: %s\n", get_nt_error_msg(r_o.status)));
1969                         p = False;
1970                 }
1971
1972                 if (p && r_o.ptr != 0 &&
1973                     r_o.ptr_rids != 0 && r_o.ptr_attrs != 0 &&
1974                     r_o.num_rids == r_o.num_attrs)
1975                 {
1976                         valid_query = True;
1977                         *num_mem = r_o.num_rids;
1978                 }
1979
1980         }
1981
1982         prs_mem_free(&data   );
1983         prs_mem_free(&rdata  );
1984
1985         return valid_query;
1986 }
1987
1988 /****************************************************************************
1989 do a SAMR Query User Groups
1990 ****************************************************************************/
1991 BOOL samr_query_usergroups(struct cli_state *cli, uint16 fnum, 
1992                                 POLICY_HND *pol, uint32 *num_groups, DOM_GID *gid)
1993 {
1994         prs_struct data;
1995         prs_struct rdata;
1996
1997         SAMR_Q_QUERY_USERGROUPS q_o;
1998         BOOL valid_query = False;
1999
2000         DEBUG(4,("SAMR Query User Groups.\n"));
2001
2002         if (pol == NULL || gid == NULL || num_groups == 0) return False;
2003
2004         /* create and send a MSRPC command with api SAMR_QUERY_USERGROUPS */
2005
2006         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
2007         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
2008
2009         /* store the parameters */
2010         make_samr_q_query_usergroups(&q_o, pol);
2011
2012         /* turn parameters into data stream */
2013         samr_io_q_query_usergroups("", &q_o,  &data, 0);
2014
2015         /* send the data on \PIPE\ */
2016         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_USERGROUPS, &data, &rdata))
2017         {
2018                 SAMR_R_QUERY_USERGROUPS r_o;
2019                 BOOL p;
2020
2021                 /* get user info */
2022                 r_o.gid = gid;
2023
2024                 samr_io_r_query_usergroups("", &r_o, &rdata, 0);
2025                 p = rdata.offset != 0;
2026                 
2027                 if (p && r_o.status != 0)
2028                 {
2029                         /* report error code */
2030                         DEBUG(0,("SAMR_R_QUERY_USERGROUPS: %s\n", get_nt_error_msg(r_o.status)));
2031                         p = False;
2032                 }
2033
2034                 if (p && r_o.ptr_0 != 0)
2035                 {
2036                         valid_query = True;
2037                         *num_groups = r_o.num_entries;
2038                 }
2039
2040         }
2041
2042         prs_mem_free(&data   );
2043         prs_mem_free(&rdata  );
2044
2045         return valid_query;
2046 }
2047
2048 /****************************************************************************
2049 do a SAMR Query Group Info
2050 ****************************************************************************/
2051 BOOL samr_query_groupinfo(struct cli_state *cli, uint16 fnum, 
2052                                 POLICY_HND *pol,
2053                                 uint16 switch_value, GROUP_INFO_CTR* ctr)
2054 {
2055         prs_struct data;
2056         prs_struct rdata;
2057
2058         SAMR_Q_QUERY_GROUPINFO q_o;
2059         BOOL valid_query = False;
2060
2061         DEBUG(4,("SAMR Query Group Info.  level: %d\n", switch_value));
2062
2063         if (pol == NULL || ctr == NULL || switch_value == 0) return False;
2064
2065         /* create and send a MSRPC command with api SAMR_QUERY_GROUPINFO */
2066
2067         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
2068         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
2069
2070         /* store the parameters */
2071         make_samr_q_query_groupinfo(&q_o, pol, switch_value);
2072
2073         /* turn parameters into data stream */
2074         samr_io_q_query_groupinfo("", &q_o,  &data, 0);
2075
2076         /* send the data on \PIPE\ */
2077         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_GROUPINFO, &data, &rdata))
2078         {
2079                 SAMR_R_QUERY_GROUPINFO r_o;
2080                 BOOL p;
2081
2082                 /* get user info */
2083                 r_o.ctr = ctr;
2084
2085                 samr_io_r_query_groupinfo("", &r_o, &rdata, 0);
2086                 p = rdata.offset != 0;
2087                 
2088                 if (p && r_o.status != 0)
2089                 {
2090                         /* report error code */
2091                         DEBUG(0,("SAMR_R_QUERY_GROUPINFO: %s\n", get_nt_error_msg(r_o.status)));
2092                         p = False;
2093                 }
2094
2095                 if (p && r_o.ctr->switch_value1 != switch_value)
2096                 {
2097                         DEBUG(0,("SAMR_R_QUERY_GROUPINFO: received incorrect level %d\n",
2098                                   r_o.ctr->switch_value1));
2099                 }
2100
2101                 if (p && r_o.ptr != 0)
2102                 {
2103                         valid_query = True;
2104                 }
2105         }
2106
2107         prs_mem_free(&data   );
2108         prs_mem_free(&rdata  );
2109
2110         return valid_query;
2111 }
2112
2113 /****************************************************************************
2114 do a SAMR Query User Info
2115 ****************************************************************************/
2116 BOOL samr_query_userinfo(struct cli_state *cli, uint16 fnum, 
2117                                 POLICY_HND *pol, uint16 switch_value, void* usr)
2118 {
2119         prs_struct data;
2120         prs_struct rdata;
2121
2122         SAMR_Q_QUERY_USERINFO q_o;
2123         BOOL valid_query = False;
2124
2125         DEBUG(4,("SAMR Query User Info.  level: %d\n", switch_value));
2126
2127         if (pol == NULL || usr == NULL || switch_value == 0) return False;
2128
2129         /* create and send a MSRPC command with api SAMR_QUERY_USERINFO */
2130
2131         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
2132         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
2133
2134         /* store the parameters */
2135         make_samr_q_query_userinfo(&q_o, pol, switch_value);
2136
2137         /* turn parameters into data stream */
2138         samr_io_q_query_userinfo("", &q_o,  &data, 0);
2139
2140         /* send the data on \PIPE\ */
2141         if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_USERINFO, &data, &rdata))
2142         {
2143                 SAMR_R_QUERY_USERINFO r_o;
2144                 BOOL p;
2145
2146                 /* get user info */
2147                 r_o.info.id = usr;
2148
2149                 samr_io_r_query_userinfo("", &r_o, &rdata, 0);
2150                 p = rdata.offset != 0;
2151                 
2152                 if (p && r_o.status != 0)
2153                 {
2154                         /* report error code */
2155                         DEBUG(0,("SAMR_R_QUERY_USERINFO: %s\n", get_nt_error_msg(r_o.status)));
2156                         p = False;
2157                 }
2158
2159                 if (p && r_o.switch_value != switch_value)
2160                 {
2161                         DEBUG(0,("SAMR_R_QUERY_USERINFO: received incorrect level %d\n",
2162                                   r_o.switch_value));
2163                 }
2164
2165                 if (p && r_o.ptr != 0)
2166                 {
2167                         valid_query = True;
2168                 }
2169         }
2170
2171         prs_mem_free(&data   );
2172         prs_mem_free(&rdata  );
2173
2174         return valid_query;
2175 }
2176
2177 /****************************************************************************
2178 do a SAMR Close
2179 ****************************************************************************/
2180 BOOL samr_close(struct cli_state *cli, uint16 fnum, POLICY_HND *hnd)
2181 {
2182         prs_struct data;
2183         prs_struct rdata;
2184
2185         SAMR_Q_CLOSE_HND q_c;
2186         BOOL valid_close = False;
2187
2188         DEBUG(4,("SAMR Close\n"));
2189
2190         if (hnd == NULL) return False;
2191
2192         prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
2193         prs_init(&rdata, 0   , 4, SAFETY_MARGIN, True );
2194
2195         /* create and send a MSRPC command with api SAMR_CLOSE_HND */
2196
2197         /* store the parameters */
2198         make_samr_q_close_hnd(&q_c, hnd);
2199
2200         /* turn parameters into data stream */
2201         samr_io_q_close_hnd("", &q_c,  &data, 0);
2202
2203         /* send the data on \PIPE\ */
2204         if (rpc_api_pipe_req(cli, fnum, SAMR_CLOSE_HND, &data, &rdata))
2205         {
2206                 SAMR_R_CLOSE_HND r_c;
2207                 BOOL p;
2208
2209                 samr_io_r_close_hnd("", &r_c, &rdata, 0);
2210                 p = rdata.offset != 0;
2211
2212                 if (p && r_c.status != 0)
2213                 {
2214                         /* report error code */
2215                         DEBUG(0,("SAMR_CLOSE_HND: %s\n", get_nt_error_msg(r_c.status)));
2216                         p = False;
2217                 }
2218
2219                 if (p)
2220                 {
2221                         /* check that the returned policy handle is all zeros */
2222                         int i;
2223                         valid_close = True;
2224
2225                         for (i = 0; i < sizeof(r_c.pol.data); i++)
2226                         {
2227                                 if (r_c.pol.data[i] != 0)
2228                                 {
2229                                         valid_close = False;
2230                                         break;
2231                                 }
2232                         }       
2233                         if (!valid_close)
2234                         {
2235                                 DEBUG(0,("SAMR_CLOSE_HND: non-zero handle returned\n"));
2236                         }
2237                 }
2238         }
2239
2240         prs_mem_free(&data   );
2241         prs_mem_free(&rdata  );
2242
2243         return valid_close;
2244 }
2245