s3-lsa: implement _lsa_DeleteTrustedDomain().
[samba.git] / source3 / rpc_server / lsa / srv_lsa_nt.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell              1992-1997,
5  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
6  *  Copyright (C) Paul Ashton                       1997,
7  *  Copyright (C) Jeremy Allison                    2001, 2006.
8  *  Copyright (C) Rafal Szczesniak                  2002,
9  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002,
10  *  Copyright (C) Simo Sorce                        2003.
11  *  Copyright (C) Gerald (Jerry) Carter             2005.
12  *  Copyright (C) Volker Lendecke                   2005.
13  *  Copyright (C) Guenther Deschner                 2008.
14  *  Copyright (C) Andrew Bartlett                   2010.
15  *
16  *  This program is free software; you can redistribute it and/or modify
17  *  it under the terms of the GNU General Public License as published by
18  *  the Free Software Foundation; either version 3 of the License, or
19  *  (at your option) any later version.
20  *
21  *  This program is distributed in the hope that it will be useful,
22  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  *  GNU General Public License for more details.
25  *
26  *  You should have received a copy of the GNU General Public License
27  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
28  */
29
30 /* This is the implementation of the lsa server code. */
31
32 #include "includes.h"
33 #include "../librpc/gen_ndr/srv_lsa.h"
34 #include "secrets.h"
35 #include "../librpc/gen_ndr/netlogon.h"
36 #include "rpc_client/init_lsa.h"
37 #include "../libcli/security/security.h"
38
39 #undef DBGC_CLASS
40 #define DBGC_CLASS DBGC_RPC_SRV
41
42 #define MAX_LOOKUP_SIDS 0x5000 /* 20480 */
43
44 enum lsa_handle_type {
45         LSA_HANDLE_POLICY_TYPE = 1,
46         LSA_HANDLE_ACCOUNT_TYPE = 2,
47         LSA_HANDLE_TRUST_TYPE = 3};
48
49 struct lsa_info {
50         struct dom_sid sid;
51         const char *name;
52         uint32 access;
53         enum lsa_handle_type type;
54         struct security_descriptor *sd;
55 };
56
57 const struct generic_mapping lsa_account_mapping = {
58         LSA_ACCOUNT_READ,
59         LSA_ACCOUNT_WRITE,
60         LSA_ACCOUNT_EXECUTE,
61         LSA_ACCOUNT_ALL_ACCESS
62 };
63
64 const struct generic_mapping lsa_policy_mapping = {
65         LSA_POLICY_READ,
66         LSA_POLICY_WRITE,
67         LSA_POLICY_EXECUTE,
68         LSA_POLICY_ALL_ACCESS
69 };
70
71 const struct generic_mapping lsa_secret_mapping = {
72         LSA_SECRET_READ,
73         LSA_SECRET_WRITE,
74         LSA_SECRET_EXECUTE,
75         LSA_SECRET_ALL_ACCESS
76 };
77
78 const struct generic_mapping lsa_trusted_domain_mapping = {
79         LSA_TRUSTED_DOMAIN_READ,
80         LSA_TRUSTED_DOMAIN_WRITE,
81         LSA_TRUSTED_DOMAIN_EXECUTE,
82         LSA_TRUSTED_DOMAIN_ALL_ACCESS
83 };
84
85 /***************************************************************************
86  init_lsa_ref_domain_list - adds a domain if it's not already in, returns the index.
87 ***************************************************************************/
88
89 static int init_lsa_ref_domain_list(TALLOC_CTX *mem_ctx,
90                                     struct lsa_RefDomainList *ref,
91                                     const char *dom_name,
92                                     struct dom_sid *dom_sid)
93 {
94         int num = 0;
95
96         if (dom_name != NULL) {
97                 for (num = 0; num < ref->count; num++) {
98                         if (dom_sid_equal(dom_sid, ref->domains[num].sid)) {
99                                 return num;
100                         }
101                 }
102         } else {
103                 num = ref->count;
104         }
105
106         if (num >= LSA_REF_DOMAIN_LIST_MULTIPLIER) {
107                 /* index not found, already at maximum domain limit */
108                 return -1;
109         }
110
111         ref->count = num + 1;
112         ref->max_size = LSA_REF_DOMAIN_LIST_MULTIPLIER;
113
114         ref->domains = TALLOC_REALLOC_ARRAY(mem_ctx, ref->domains,
115                                             struct lsa_DomainInfo, ref->count);
116         if (!ref->domains) {
117                 return -1;
118         }
119
120         ZERO_STRUCT(ref->domains[num]);
121
122         init_lsa_StringLarge(&ref->domains[num].name, dom_name);
123         ref->domains[num].sid = dom_sid_dup(mem_ctx, dom_sid);
124         if (!ref->domains[num].sid) {
125                 return -1;
126         }
127
128         return num;
129 }
130
131
132 /***************************************************************************
133  initialize a lsa_DomainInfo structure.
134  ***************************************************************************/
135
136 static void init_dom_query_3(struct lsa_DomainInfo *r,
137                              const char *name,
138                              struct dom_sid *sid)
139 {
140         init_lsa_StringLarge(&r->name, name);
141         r->sid = sid;
142 }
143
144 /***************************************************************************
145  initialize a lsa_DomainInfo structure.
146  ***************************************************************************/
147
148 static void init_dom_query_5(struct lsa_DomainInfo *r,
149                              const char *name,
150                              struct dom_sid *sid)
151 {
152         init_lsa_StringLarge(&r->name, name);
153         r->sid = sid;
154 }
155
156 /***************************************************************************
157  lookup_lsa_rids. Must be called as root for lookup_name to work.
158  ***************************************************************************/
159
160 static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx,
161                                 struct lsa_RefDomainList *ref,
162                                 struct lsa_TranslatedSid *prid,
163                                 uint32_t num_entries,
164                                 struct lsa_String *name,
165                                 int flags,
166                                 uint32_t *pmapped_count)
167 {
168         uint32 mapped_count, i;
169
170         SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
171
172         mapped_count = 0;
173         *pmapped_count = 0;
174
175         for (i = 0; i < num_entries; i++) {
176                 struct dom_sid sid;
177                 uint32 rid;
178                 int dom_idx;
179                 const char *full_name;
180                 const char *domain;
181                 enum lsa_SidType type = SID_NAME_UNKNOWN;
182
183                 /* Split name into domain and user component */
184
185                 /* follow w2k8 behavior and return the builtin domain when no
186                  * input has been passed in */
187
188                 if (name[i].string) {
189                         full_name = name[i].string;
190                 } else {
191                         full_name = "BUILTIN";
192                 }
193
194                 DEBUG(5, ("lookup_lsa_rids: looking up name %s\n", full_name));
195
196                 /* We can ignore the result of lookup_name, it will not touch
197                    "type" if it's not successful */
198
199                 lookup_name(mem_ctx, full_name, flags, &domain, NULL,
200                             &sid, &type);
201
202                 switch (type) {
203                 case SID_NAME_USER:
204                 case SID_NAME_DOM_GRP:
205                 case SID_NAME_DOMAIN:
206                 case SID_NAME_ALIAS:
207                 case SID_NAME_WKN_GRP:
208                         DEBUG(5, ("init_lsa_rids: %s found\n", full_name));
209                         /* Leave these unchanged */
210                         break;
211                 default:
212                         /* Don't hand out anything but the list above */
213                         DEBUG(5, ("init_lsa_rids: %s not found\n", full_name));
214                         type = SID_NAME_UNKNOWN;
215                         break;
216                 }
217
218                 rid = 0;
219                 dom_idx = -1;
220
221                 if (type != SID_NAME_UNKNOWN) {
222                         if (type == SID_NAME_DOMAIN) {
223                                 rid = (uint32_t)-1;
224                         } else {
225                                 sid_split_rid(&sid, &rid);
226                         }
227                         dom_idx = init_lsa_ref_domain_list(mem_ctx, ref, domain, &sid);
228                         mapped_count++;
229                 }
230
231                 prid[i].sid_type        = type;
232                 prid[i].rid             = rid;
233                 prid[i].sid_index       = dom_idx;
234         }
235
236         *pmapped_count = mapped_count;
237         return NT_STATUS_OK;
238 }
239
240 /***************************************************************************
241  lookup_lsa_sids. Must be called as root for lookup_name to work.
242  ***************************************************************************/
243
244 static NTSTATUS lookup_lsa_sids(TALLOC_CTX *mem_ctx,
245                                 struct lsa_RefDomainList *ref,
246                                 struct lsa_TranslatedSid3 *trans_sids,
247                                 uint32_t num_entries,
248                                 struct lsa_String *name,
249                                 int flags,
250                                 uint32 *pmapped_count)
251 {
252         uint32 mapped_count, i;
253
254         SMB_ASSERT(num_entries <= MAX_LOOKUP_SIDS);
255
256         mapped_count = 0;
257         *pmapped_count = 0;
258
259         for (i = 0; i < num_entries; i++) {
260                 struct dom_sid sid;
261                 uint32 rid;
262                 int dom_idx;
263                 const char *full_name;
264                 const char *domain;
265                 enum lsa_SidType type = SID_NAME_UNKNOWN;
266
267                 ZERO_STRUCT(sid);
268
269                 /* Split name into domain and user component */
270
271                 full_name = name[i].string;
272                 if (full_name == NULL) {
273                         return NT_STATUS_NO_MEMORY;
274                 }
275
276                 DEBUG(5, ("init_lsa_sids: looking up name %s\n", full_name));
277
278                 /* We can ignore the result of lookup_name, it will not touch
279                    "type" if it's not successful */
280
281                 lookup_name(mem_ctx, full_name, flags, &domain, NULL,
282                             &sid, &type);
283
284                 switch (type) {
285                 case SID_NAME_USER:
286                 case SID_NAME_DOM_GRP:
287                 case SID_NAME_DOMAIN:
288                 case SID_NAME_ALIAS:
289                 case SID_NAME_WKN_GRP:
290                         DEBUG(5, ("init_lsa_sids: %s found\n", full_name));
291                         /* Leave these unchanged */
292                         break;
293                 default:
294                         /* Don't hand out anything but the list above */
295                         DEBUG(5, ("init_lsa_sids: %s not found\n", full_name));
296                         type = SID_NAME_UNKNOWN;
297                         break;
298                 }
299
300                 rid = 0;
301                 dom_idx = -1;
302
303                 if (type != SID_NAME_UNKNOWN) {
304                         struct dom_sid domain_sid;
305                         sid_copy(&domain_sid, &sid);
306                         sid_split_rid(&domain_sid, &rid);
307                         dom_idx = init_lsa_ref_domain_list(mem_ctx, ref, domain, &domain_sid);
308                         mapped_count++;
309                 }
310
311                 /* Initialize the lsa_TranslatedSid3 return. */
312                 trans_sids[i].sid_type = type;
313                 trans_sids[i].sid = dom_sid_dup(mem_ctx, &sid);
314                 trans_sids[i].sid_index = dom_idx;
315         }
316
317         *pmapped_count = mapped_count;
318         return NT_STATUS_OK;
319 }
320
321 static NTSTATUS make_lsa_object_sd(TALLOC_CTX *mem_ctx, struct security_descriptor **sd, size_t *sd_size,
322                                         const struct generic_mapping *map,
323                                         struct dom_sid *sid, uint32_t sid_access)
324 {
325         struct dom_sid adm_sid;
326         struct security_ace ace[5];
327         size_t i = 0;
328
329         struct security_acl *psa = NULL;
330
331         /* READ|EXECUTE access for Everyone */
332
333         init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED,
334                         map->generic_execute | map->generic_read, 0);
335
336         /* Add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
337
338         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
339                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
340         init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators,
341                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
342
343         /* Add Full Access for Domain Admins */
344         sid_compose(&adm_sid, get_global_sam_sid(), DOMAIN_RID_ADMINS);
345         init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
346                         map->generic_all, 0);
347
348         /* If we have a sid, give it some special access */
349
350         if (sid) {
351                 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
352                         sid_access, 0);
353         }
354
355         if((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, i, ace)) == NULL)
356                 return NT_STATUS_NO_MEMORY;
357
358         if((*sd = make_sec_desc(mem_ctx, SECURITY_DESCRIPTOR_REVISION_1,
359                                 SEC_DESC_SELF_RELATIVE, &adm_sid, NULL, NULL,
360                                 psa, sd_size)) == NULL)
361                 return NT_STATUS_NO_MEMORY;
362
363         return NT_STATUS_OK;
364 }
365
366 /***************************************************************************
367  ***************************************************************************/
368
369 static NTSTATUS create_lsa_policy_handle(TALLOC_CTX *mem_ctx,
370                                          struct pipes_struct *p,
371                                          enum lsa_handle_type type,
372                                          uint32_t acc_granted,
373                                          struct dom_sid *sid,
374                                          const char *name,
375                                          const struct security_descriptor *sd,
376                                          struct policy_handle *handle)
377 {
378         struct lsa_info *info;
379
380         ZERO_STRUCTP(handle);
381
382         info = talloc_zero(mem_ctx, struct lsa_info);
383         if (!info) {
384                 return NT_STATUS_NO_MEMORY;
385         }
386
387         info->type = type;
388         info->access = acc_granted;
389
390         if (sid) {
391                 sid_copy(&info->sid, sid);
392         }
393
394         info->name = talloc_strdup(info, name);
395
396         if (sd) {
397                 info->sd = dup_sec_desc(info, sd);
398                 if (!info->sd) {
399                         talloc_free(info);
400                         return NT_STATUS_NO_MEMORY;
401                 }
402         }
403
404         if (!create_policy_hnd(p, handle, info)) {
405                 talloc_free(info);
406                 ZERO_STRUCTP(handle);
407                 return NT_STATUS_NO_MEMORY;
408         }
409
410         return NT_STATUS_OK;
411 }
412
413 /***************************************************************************
414  _lsa_OpenPolicy2
415  ***************************************************************************/
416
417 NTSTATUS _lsa_OpenPolicy2(struct pipes_struct *p,
418                           struct lsa_OpenPolicy2 *r)
419 {
420         struct security_descriptor *psd = NULL;
421         size_t sd_size;
422         uint32 des_access = r->in.access_mask;
423         uint32 acc_granted;
424         NTSTATUS status;
425
426         /* Work out max allowed. */
427         map_max_allowed_access(p->server_info->security_token,
428                                &p->server_info->utok,
429                                &des_access);
430
431         /* map the generic bits to the lsa policy ones */
432         se_map_generic(&des_access, &lsa_policy_mapping);
433
434         /* get the generic lsa policy SD until we store it */
435         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size, &lsa_policy_mapping,
436                         NULL, 0);
437         if (!NT_STATUS_IS_OK(status)) {
438                 return status;
439         }
440
441         status = access_check_object(psd, p->server_info->security_token,
442                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, des_access,
443                                      &acc_granted, "_lsa_OpenPolicy2" );
444         if (!NT_STATUS_IS_OK(status)) {
445                 return status;
446         }
447
448         status = create_lsa_policy_handle(p->mem_ctx, p,
449                                           LSA_HANDLE_POLICY_TYPE,
450                                           acc_granted,
451                                           get_global_sam_sid(),
452                                           NULL,
453                                           psd,
454                                           r->out.handle);
455         if (!NT_STATUS_IS_OK(status)) {
456                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
457         }
458
459         return NT_STATUS_OK;
460 }
461
462 /***************************************************************************
463  _lsa_OpenPolicy
464  ***************************************************************************/
465
466 NTSTATUS _lsa_OpenPolicy(struct pipes_struct *p,
467                          struct lsa_OpenPolicy *r)
468 {
469         struct lsa_OpenPolicy2 o;
470
471         o.in.system_name        = NULL; /* should be ignored */
472         o.in.attr               = r->in.attr;
473         o.in.access_mask        = r->in.access_mask;
474
475         o.out.handle            = r->out.handle;
476
477         return _lsa_OpenPolicy2(p, &o);
478 }
479
480 /***************************************************************************
481  _lsa_EnumTrustDom - this needs fixing to do more than return NULL ! JRA.
482  ufff, done :)  mimir
483  ***************************************************************************/
484
485 NTSTATUS _lsa_EnumTrustDom(struct pipes_struct *p,
486                            struct lsa_EnumTrustDom *r)
487 {
488         struct lsa_info *info;
489         uint32_t count;
490         struct trustdom_info **domains;
491         struct lsa_DomainInfo *entries;
492         int i;
493         NTSTATUS nt_status;
494
495         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
496                 return NT_STATUS_INVALID_HANDLE;
497
498         if (info->type != LSA_HANDLE_POLICY_TYPE) {
499                 return NT_STATUS_INVALID_HANDLE;
500         }
501
502         /* check if the user has enough rights */
503         if (!(info->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
504                 return NT_STATUS_ACCESS_DENIED;
505
506         become_root();
507         nt_status = pdb_enum_trusteddoms(p->mem_ctx, &count, &domains);
508         unbecome_root();
509
510         if (!NT_STATUS_IS_OK(nt_status)) {
511                 return nt_status;
512         }
513
514         entries = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_DomainInfo, count);
515         if (!entries) {
516                 return NT_STATUS_NO_MEMORY;
517         }
518
519         for (i=0; i<count; i++) {
520                 init_lsa_StringLarge(&entries[i].name, domains[i]->name);
521                 entries[i].sid = &domains[i]->sid;
522         }
523
524         if (*r->in.resume_handle >= count) {
525                 *r->out.resume_handle = -1;
526                 TALLOC_FREE(entries);
527                 return NT_STATUS_NO_MORE_ENTRIES;
528         }
529
530         /* return the rest, limit by max_size. Note that we
531            use the w2k3 element size value of 60 */
532         r->out.domains->count = count - *r->in.resume_handle;
533         r->out.domains->count = MIN(r->out.domains->count,
534                                  1+(r->in.max_size/LSA_ENUM_TRUST_DOMAIN_MULTIPLIER));
535
536         r->out.domains->domains = entries + *r->in.resume_handle;
537
538         if (r->out.domains->count < count - *r->in.resume_handle) {
539                 *r->out.resume_handle = *r->in.resume_handle + r->out.domains->count;
540                 return STATUS_MORE_ENTRIES;
541         }
542
543         /* according to MS-LSAD 3.1.4.7.8 output resume handle MUST
544          * always be larger than the previous input resume handle, in
545          * particular when hitting the last query it is vital to set the
546          * resume handle correctly to avoid infinite client loops, as
547          * seen e.g. with Windows XP SP3 when resume handle is 0 and
548          * status is NT_STATUS_OK - gd */
549
550         *r->out.resume_handle = (uint32_t)-1;
551
552         return NT_STATUS_OK;
553 }
554
555 #define LSA_AUDIT_NUM_CATEGORIES_NT4    7
556 #define LSA_AUDIT_NUM_CATEGORIES_WIN2K  9
557 #define LSA_AUDIT_NUM_CATEGORIES LSA_AUDIT_NUM_CATEGORIES_NT4
558
559 /***************************************************************************
560  _lsa_QueryInfoPolicy
561  ***************************************************************************/
562
563 NTSTATUS _lsa_QueryInfoPolicy(struct pipes_struct *p,
564                               struct lsa_QueryInfoPolicy *r)
565 {
566         NTSTATUS status = NT_STATUS_OK;
567         struct lsa_info *handle;
568         struct dom_sid domain_sid;
569         const char *name;
570         struct dom_sid *sid = NULL;
571         union lsa_PolicyInformation *info = NULL;
572         uint32_t acc_required = 0;
573
574         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
575                 return NT_STATUS_INVALID_HANDLE;
576
577         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
578                 return NT_STATUS_INVALID_HANDLE;
579         }
580
581         switch (r->in.level) {
582         case LSA_POLICY_INFO_AUDIT_LOG:
583         case LSA_POLICY_INFO_AUDIT_EVENTS:
584                 acc_required = LSA_POLICY_VIEW_AUDIT_INFORMATION;
585                 break;
586         case LSA_POLICY_INFO_DOMAIN:
587                 acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
588                 break;
589         case LSA_POLICY_INFO_PD:
590                 acc_required = LSA_POLICY_GET_PRIVATE_INFORMATION;
591                 break;
592         case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
593                 acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
594                 break;
595         case LSA_POLICY_INFO_ROLE:
596         case LSA_POLICY_INFO_REPLICA:
597                 acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
598                 break;
599         case LSA_POLICY_INFO_QUOTA:
600                 acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
601                 break;
602         case LSA_POLICY_INFO_MOD:
603         case LSA_POLICY_INFO_AUDIT_FULL_SET:
604                 /* according to MS-LSAD 3.1.4.4.3 */
605                 return NT_STATUS_INVALID_PARAMETER;
606         case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
607                 acc_required = LSA_POLICY_VIEW_AUDIT_INFORMATION;
608                 break;
609         case LSA_POLICY_INFO_DNS:
610         case LSA_POLICY_INFO_DNS_INT:
611         case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
612                 acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
613                 break;
614         default:
615                 break;
616         }
617
618         if (!(handle->access & acc_required)) {
619                 /* return NT_STATUS_ACCESS_DENIED; */
620         }
621
622         info = TALLOC_ZERO_P(p->mem_ctx, union lsa_PolicyInformation);
623         if (!info) {
624                 return NT_STATUS_NO_MEMORY;
625         }
626
627         switch (r->in.level) {
628         /* according to MS-LSAD 3.1.4.4.3 */
629         case LSA_POLICY_INFO_MOD:
630         case LSA_POLICY_INFO_AUDIT_FULL_SET:
631         case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
632                 return NT_STATUS_INVALID_PARAMETER;
633         case LSA_POLICY_INFO_AUDIT_LOG:
634                 info->audit_log.percent_full            = 0;
635                 info->audit_log.maximum_log_size        = 0;
636                 info->audit_log.retention_time          = 0;
637                 info->audit_log.shutdown_in_progress    = 0;
638                 info->audit_log.time_to_shutdown        = 0;
639                 info->audit_log.next_audit_record       = 0;
640                 status = NT_STATUS_OK;
641                 break;
642         case LSA_POLICY_INFO_PD:
643                 info->pd.name.string                    = NULL;
644                 status = NT_STATUS_OK;
645                 break;
646         case LSA_POLICY_INFO_REPLICA:
647                 info->replica.source.string             = NULL;
648                 info->replica.account.string            = NULL;
649                 status = NT_STATUS_OK;
650                 break;
651         case LSA_POLICY_INFO_QUOTA:
652                 info->quota.paged_pool                  = 0;
653                 info->quota.non_paged_pool              = 0;
654                 info->quota.min_wss                     = 0;
655                 info->quota.max_wss                     = 0;
656                 info->quota.pagefile                    = 0;
657                 info->quota.unknown                     = 0;
658                 status = NT_STATUS_OK;
659                 break;
660         case LSA_POLICY_INFO_AUDIT_EVENTS:
661                 {
662
663                 uint32 policy_def = LSA_AUDIT_POLICY_ALL;
664
665                 /* check if the user has enough rights */
666                 if (!(handle->access & LSA_POLICY_VIEW_AUDIT_INFORMATION)) {
667                         DEBUG(10,("_lsa_QueryInfoPolicy: insufficient access rights\n"));
668                         return NT_STATUS_ACCESS_DENIED;
669                 }
670
671                 /* fake info: We audit everything. ;) */
672
673                 info->audit_events.auditing_mode = true;
674                 info->audit_events.count = LSA_AUDIT_NUM_CATEGORIES;
675                 info->audit_events.settings = TALLOC_ZERO_ARRAY(p->mem_ctx,
676                                                                 enum lsa_PolicyAuditPolicy,
677                                                                 info->audit_events.count);
678                 if (!info->audit_events.settings) {
679                         return NT_STATUS_NO_MEMORY;
680                 }
681
682                 info->audit_events.settings[LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT] = policy_def;
683                 info->audit_events.settings[LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS] = policy_def;
684                 info->audit_events.settings[LSA_AUDIT_CATEGORY_LOGON] = policy_def;
685                 info->audit_events.settings[LSA_AUDIT_CATEGORY_PROCCESS_TRACKING] = policy_def;
686                 info->audit_events.settings[LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES] = policy_def;
687                 info->audit_events.settings[LSA_AUDIT_CATEGORY_SYSTEM] = policy_def;
688                 info->audit_events.settings[LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS] = policy_def;
689
690                 break;
691                 }
692         case LSA_POLICY_INFO_DOMAIN:
693                 /* check if the user has enough rights */
694                 if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
695                         return NT_STATUS_ACCESS_DENIED;
696
697                 /* Request PolicyPrimaryDomainInformation. */
698                 switch (lp_server_role()) {
699                         case ROLE_DOMAIN_PDC:
700                         case ROLE_DOMAIN_BDC:
701                                 name = get_global_sam_name();
702                                 sid = dom_sid_dup(p->mem_ctx, get_global_sam_sid());
703                                 if (!sid) {
704                                         return NT_STATUS_NO_MEMORY;
705                                 }
706                                 break;
707                         case ROLE_DOMAIN_MEMBER:
708                                 name = lp_workgroup();
709                                 /* We need to return the Domain SID here. */
710                                 if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
711                                         sid = dom_sid_dup(p->mem_ctx, &domain_sid);
712                                         if (!sid) {
713                                                 return NT_STATUS_NO_MEMORY;
714                                         }
715                                 } else {
716                                         return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
717                                 }
718                                 break;
719                         case ROLE_STANDALONE:
720                                 name = lp_workgroup();
721                                 sid = NULL;
722                                 break;
723                         default:
724                                 return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
725                 }
726                 init_dom_query_3(&info->domain, name, sid);
727                 break;
728         case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
729                 /* check if the user has enough rights */
730                 if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
731                         return NT_STATUS_ACCESS_DENIED;
732
733                 /* Request PolicyAccountDomainInformation. */
734                 name = get_global_sam_name();
735                 sid = get_global_sam_sid();
736
737                 init_dom_query_5(&info->account_domain, name, sid);
738                 break;
739         case LSA_POLICY_INFO_ROLE:
740                 /* check if the user has enough rights */
741                 if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
742                         return NT_STATUS_ACCESS_DENIED;
743
744                 switch (lp_server_role()) {
745                         case ROLE_DOMAIN_BDC:
746                                 /*
747                                  * only a BDC is a backup controller
748                                  * of the domain, it controls.
749                                  */
750                                 info->role.role = LSA_ROLE_BACKUP;
751                                 break;
752                         default:
753                                 /*
754                                  * any other role is a primary
755                                  * of the domain, it controls.
756                                  */
757                                 info->role.role = LSA_ROLE_PRIMARY;
758                                 break;
759                 }
760                 break;
761         case LSA_POLICY_INFO_DNS:
762         case LSA_POLICY_INFO_DNS_INT: {
763                 struct pdb_domain_info *dominfo;
764
765                 if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
766                         DEBUG(10, ("Not replying to LSA_POLICY_INFO_DNS "
767                                    "without ADS passdb backend\n"));
768                         status = NT_STATUS_INVALID_INFO_CLASS;
769                         break;
770                 }
771
772                 dominfo = pdb_get_domain_info(info);
773                 if (dominfo == NULL) {
774                         status = NT_STATUS_NO_MEMORY;
775                         break;
776                 }
777
778                 init_lsa_StringLarge(&info->dns.name,
779                                      dominfo->name);
780                 init_lsa_StringLarge(&info->dns.dns_domain,
781                                      dominfo->dns_domain);
782                 init_lsa_StringLarge(&info->dns.dns_forest,
783                                      dominfo->dns_forest);
784                 info->dns.domain_guid = dominfo->guid;
785                 info->dns.sid = &dominfo->sid;
786                 break;
787         }
788         default:
789                 DEBUG(0,("_lsa_QueryInfoPolicy: unknown info level in Lsa Query: %d\n",
790                         r->in.level));
791                 status = NT_STATUS_INVALID_INFO_CLASS;
792                 break;
793         }
794
795         *r->out.info = info;
796
797         return status;
798 }
799
800 /***************************************************************************
801  _lsa_QueryInfoPolicy2
802  ***************************************************************************/
803
804 NTSTATUS _lsa_QueryInfoPolicy2(struct pipes_struct *p,
805                                struct lsa_QueryInfoPolicy2 *r2)
806 {
807         struct lsa_QueryInfoPolicy r;
808
809         if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
810                 p->rng_fault_state = True;
811                 return NT_STATUS_NOT_IMPLEMENTED;
812         }
813
814         ZERO_STRUCT(r);
815         r.in.handle = r2->in.handle;
816         r.in.level = r2->in.level;
817         r.out.info = r2->out.info;
818
819         return _lsa_QueryInfoPolicy(p, &r);
820 }
821
822 /***************************************************************************
823  _lsa_lookup_sids_internal
824  ***************************************************************************/
825
826 static NTSTATUS _lsa_lookup_sids_internal(struct pipes_struct *p,
827                                           TALLOC_CTX *mem_ctx,
828                                           uint16_t level,                       /* input */
829                                           int num_sids,                         /* input */
830                                           struct lsa_SidPtr *sid,               /* input */
831                                           struct lsa_RefDomainList **pp_ref,    /* input/output */
832                                           struct lsa_TranslatedName2 **pp_names,/* input/output */
833                                           uint32_t *pp_mapped_count)            /* input/output */
834 {
835         NTSTATUS status;
836         int i;
837         const struct dom_sid **sids = NULL;
838         struct lsa_RefDomainList *ref = NULL;
839         uint32 mapped_count = 0;
840         struct lsa_dom_info *dom_infos = NULL;
841         struct lsa_name_info *name_infos = NULL;
842         struct lsa_TranslatedName2 *names = NULL;
843
844         *pp_mapped_count = 0;
845         *pp_names = NULL;
846         *pp_ref = NULL;
847
848         if (num_sids == 0) {
849                 return NT_STATUS_OK;
850         }
851
852         sids = TALLOC_ARRAY(p->mem_ctx, const struct dom_sid *, num_sids);
853         ref = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList);
854
855         if (sids == NULL || ref == NULL) {
856                 return NT_STATUS_NO_MEMORY;
857         }
858
859         for (i=0; i<num_sids; i++) {
860                 sids[i] = sid[i].sid;
861         }
862
863         status = lookup_sids(p->mem_ctx, num_sids, sids, level,
864                                   &dom_infos, &name_infos);
865
866         if (!NT_STATUS_IS_OK(status)) {
867                 return status;
868         }
869
870         names = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedName2, num_sids);
871         if (names == NULL) {
872                 return NT_STATUS_NO_MEMORY;
873         }
874
875         for (i=0; i<LSA_REF_DOMAIN_LIST_MULTIPLIER; i++) {
876
877                 if (!dom_infos[i].valid) {
878                         break;
879                 }
880
881                 if (init_lsa_ref_domain_list(mem_ctx, ref,
882                                              dom_infos[i].name,
883                                              &dom_infos[i].sid) != i) {
884                         DEBUG(0, ("Domain %s mentioned twice??\n",
885                                   dom_infos[i].name));
886                         return NT_STATUS_INTERNAL_ERROR;
887                 }
888         }
889
890         for (i=0; i<num_sids; i++) {
891                 struct lsa_name_info *name = &name_infos[i];
892
893                 if (name->type == SID_NAME_UNKNOWN) {
894                         fstring tmp;
895                         name->dom_idx = -1;
896                         /* Unknown sids should return the string
897                          * representation of the SID. Windows 2003 behaves
898                          * rather erratic here, in many cases it returns the
899                          * RID as 8 bytes hex, in others it returns the full
900                          * SID. We (Jerry/VL) could not figure out which the
901                          * hard cases are, so leave it with the SID.  */
902                         name->name = talloc_asprintf(p->mem_ctx, "%s",
903                                                      sid_to_fstring(tmp,
904                                                                     sids[i]));
905                         if (name->name == NULL) {
906                                 return NT_STATUS_NO_MEMORY;
907                         }
908                 } else {
909                         mapped_count += 1;
910                 }
911
912                 names[i].sid_type       = name->type;
913                 names[i].name.string    = name->name;
914                 names[i].sid_index      = name->dom_idx;
915                 names[i].unknown        = 0;
916         }
917
918         status = NT_STATUS_NONE_MAPPED;
919         if (mapped_count > 0) {
920                 status = (mapped_count < num_sids) ?
921                         STATUS_SOME_UNMAPPED : NT_STATUS_OK;
922         }
923
924         DEBUG(10, ("num_sids %d, mapped_count %d, status %s\n",
925                    num_sids, mapped_count, nt_errstr(status)));
926
927         *pp_mapped_count = mapped_count;
928         *pp_names = names;
929         *pp_ref = ref;
930
931         return status;
932 }
933
934 /***************************************************************************
935  _lsa_LookupSids
936  ***************************************************************************/
937
938 NTSTATUS _lsa_LookupSids(struct pipes_struct *p,
939                          struct lsa_LookupSids *r)
940 {
941         NTSTATUS status;
942         struct lsa_info *handle;
943         int num_sids = r->in.sids->num_sids;
944         uint32 mapped_count = 0;
945         struct lsa_RefDomainList *domains = NULL;
946         struct lsa_TranslatedName *names_out = NULL;
947         struct lsa_TranslatedName2 *names = NULL;
948         int i;
949
950         if ((r->in.level < 1) || (r->in.level > 6)) {
951                 return NT_STATUS_INVALID_PARAMETER;
952         }
953
954         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
955                 return NT_STATUS_INVALID_HANDLE;
956         }
957
958         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
959                 return NT_STATUS_INVALID_HANDLE;
960         }
961
962         /* check if the user has enough rights */
963         if (!(handle->access & LSA_POLICY_LOOKUP_NAMES)) {
964                 return NT_STATUS_ACCESS_DENIED;
965         }
966
967         if (num_sids >  MAX_LOOKUP_SIDS) {
968                 DEBUG(5,("_lsa_LookupSids: limit of %d exceeded, requested %d\n",
969                          MAX_LOOKUP_SIDS, num_sids));
970                 return NT_STATUS_NONE_MAPPED;
971         }
972
973         status = _lsa_lookup_sids_internal(p,
974                                            p->mem_ctx,
975                                            r->in.level,
976                                            num_sids,
977                                            r->in.sids->sids,
978                                            &domains,
979                                            &names,
980                                            &mapped_count);
981
982         /* Only return here when there is a real error.
983            NT_STATUS_NONE_MAPPED is a special case as it indicates that none of
984            the requested sids could be resolved. Older versions of XP (pre SP3)
985            rely that we return with the string representations of those SIDs in
986            that case. If we don't, XP crashes - Guenther
987            */
988
989         if (NT_STATUS_IS_ERR(status) &&
990             !NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) {
991                 return status;
992         }
993
994         /* Convert from lsa_TranslatedName2 to lsa_TranslatedName */
995         names_out = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedName,
996                                  num_sids);
997         if (!names_out) {
998                 return NT_STATUS_NO_MEMORY;
999         }
1000
1001         for (i=0; i<num_sids; i++) {
1002                 names_out[i].sid_type = names[i].sid_type;
1003                 names_out[i].name = names[i].name;
1004                 names_out[i].sid_index = names[i].sid_index;
1005         }
1006
1007         *r->out.domains = domains;
1008         r->out.names->count = num_sids;
1009         r->out.names->names = names_out;
1010         *r->out.count = mapped_count;
1011
1012         return status;
1013 }
1014
1015 /***************************************************************************
1016  _lsa_LookupSids2
1017  ***************************************************************************/
1018
1019 NTSTATUS _lsa_LookupSids2(struct pipes_struct *p,
1020                           struct lsa_LookupSids2 *r)
1021 {
1022         NTSTATUS status;
1023         struct lsa_info *handle;
1024         int num_sids = r->in.sids->num_sids;
1025         uint32 mapped_count = 0;
1026         struct lsa_RefDomainList *domains = NULL;
1027         struct lsa_TranslatedName2 *names = NULL;
1028         bool check_policy = true;
1029
1030         switch (p->opnum) {
1031                 case NDR_LSA_LOOKUPSIDS3:
1032                         check_policy = false;
1033                         break;
1034                 case NDR_LSA_LOOKUPSIDS2:
1035                 default:
1036                         check_policy = true;
1037         }
1038
1039         if ((r->in.level < 1) || (r->in.level > 6)) {
1040                 return NT_STATUS_INVALID_PARAMETER;
1041         }
1042
1043         if (check_policy) {
1044                 if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
1045                         return NT_STATUS_INVALID_HANDLE;
1046                 }
1047
1048                 if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1049                         return NT_STATUS_INVALID_HANDLE;
1050                 }
1051
1052                 /* check if the user has enough rights */
1053                 if (!(handle->access & LSA_POLICY_LOOKUP_NAMES)) {
1054                         return NT_STATUS_ACCESS_DENIED;
1055                 }
1056         }
1057
1058         if (num_sids >  MAX_LOOKUP_SIDS) {
1059                 DEBUG(5,("_lsa_LookupSids2: limit of %d exceeded, requested %d\n",
1060                          MAX_LOOKUP_SIDS, num_sids));
1061                 return NT_STATUS_NONE_MAPPED;
1062         }
1063
1064         status = _lsa_lookup_sids_internal(p,
1065                                            p->mem_ctx,
1066                                            r->in.level,
1067                                            num_sids,
1068                                            r->in.sids->sids,
1069                                            &domains,
1070                                            &names,
1071                                            &mapped_count);
1072
1073         *r->out.domains = domains;
1074         r->out.names->count = num_sids;
1075         r->out.names->names = names;
1076         *r->out.count = mapped_count;
1077
1078         return status;
1079 }
1080
1081 /***************************************************************************
1082  _lsa_LookupSids3
1083  ***************************************************************************/
1084
1085 NTSTATUS _lsa_LookupSids3(struct pipes_struct *p,
1086                           struct lsa_LookupSids3 *r)
1087 {
1088         struct lsa_LookupSids2 q;
1089
1090         /* No policy handle on this call. Restrict to crypto connections. */
1091         if (p->auth.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
1092                 DEBUG(0,("_lsa_LookupSids3: client %s not using schannel for netlogon\n",
1093                         get_remote_machine_name() ));
1094                 return NT_STATUS_INVALID_PARAMETER;
1095         }
1096
1097         q.in.handle             = NULL;
1098         q.in.sids               = r->in.sids;
1099         q.in.level              = r->in.level;
1100         q.in.lookup_options     = r->in.lookup_options;
1101         q.in.client_revision    = r->in.client_revision;
1102         q.in.names              = r->in.names;
1103         q.in.count              = r->in.count;
1104
1105         q.out.domains           = r->out.domains;
1106         q.out.names             = r->out.names;
1107         q.out.count             = r->out.count;
1108
1109         return _lsa_LookupSids2(p, &q);
1110 }
1111
1112 /***************************************************************************
1113  ***************************************************************************/
1114
1115 static int lsa_lookup_level_to_flags(enum lsa_LookupNamesLevel level)
1116 {
1117         int flags;
1118
1119         switch (level) {
1120                 case LSA_LOOKUP_NAMES_ALL: /* 1 */
1121                         flags = LOOKUP_NAME_ALL;
1122                         break;
1123                 case LSA_LOOKUP_NAMES_DOMAINS_ONLY: /* 2 */
1124                         flags = LOOKUP_NAME_DOMAIN|LOOKUP_NAME_REMOTE|LOOKUP_NAME_ISOLATED;
1125                         break;
1126                 case LSA_LOOKUP_NAMES_PRIMARY_DOMAIN_ONLY: /* 3 */
1127                         flags = LOOKUP_NAME_DOMAIN|LOOKUP_NAME_ISOLATED;
1128                         break;
1129                 case LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY: /* 4 */
1130                 case LSA_LOOKUP_NAMES_FOREST_TRUSTS_ONLY: /* 5 */
1131                 case LSA_LOOKUP_NAMES_UPLEVEL_TRUSTS_ONLY2: /* 6 */
1132                 case LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC: /* 7 */
1133                 default:
1134                         flags = LOOKUP_NAME_NONE;
1135                         break;
1136         }
1137
1138         return flags;
1139 }
1140
1141 /***************************************************************************
1142  _lsa_LookupNames
1143  ***************************************************************************/
1144
1145 NTSTATUS _lsa_LookupNames(struct pipes_struct *p,
1146                           struct lsa_LookupNames *r)
1147 {
1148         NTSTATUS status = NT_STATUS_NONE_MAPPED;
1149         struct lsa_info *handle;
1150         struct lsa_String *names = r->in.names;
1151         uint32 num_entries = r->in.num_names;
1152         struct lsa_RefDomainList *domains = NULL;
1153         struct lsa_TranslatedSid *rids = NULL;
1154         uint32 mapped_count = 0;
1155         int flags = 0;
1156
1157         if (num_entries >  MAX_LOOKUP_SIDS) {
1158                 num_entries = MAX_LOOKUP_SIDS;
1159                 DEBUG(5,("_lsa_LookupNames: truncating name lookup list to %d\n",
1160                         num_entries));
1161         }
1162
1163         flags = lsa_lookup_level_to_flags(r->in.level);
1164
1165         domains = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList);
1166         if (!domains) {
1167                 return NT_STATUS_NO_MEMORY;
1168         }
1169
1170         if (num_entries) {
1171                 rids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_TranslatedSid,
1172                                          num_entries);
1173                 if (!rids) {
1174                         return NT_STATUS_NO_MEMORY;
1175                 }
1176         } else {
1177                 rids = NULL;
1178         }
1179
1180         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
1181                 status = NT_STATUS_INVALID_HANDLE;
1182                 goto done;
1183         }
1184
1185         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1186                 return NT_STATUS_INVALID_HANDLE;
1187         }
1188
1189         /* check if the user has enough rights */
1190         if (!(handle->access & LSA_POLICY_LOOKUP_NAMES)) {
1191                 status = NT_STATUS_ACCESS_DENIED;
1192                 goto done;
1193         }
1194
1195         /* set up the LSA Lookup RIDs response */
1196         become_root(); /* lookup_name can require root privs */
1197         status = lookup_lsa_rids(p->mem_ctx, domains, rids, num_entries,
1198                                  names, flags, &mapped_count);
1199         unbecome_root();
1200
1201 done:
1202
1203         if (NT_STATUS_IS_OK(status) && (num_entries != 0) ) {
1204                 if (mapped_count == 0) {
1205                         status = NT_STATUS_NONE_MAPPED;
1206                 } else if (mapped_count != num_entries) {
1207                         status = STATUS_SOME_UNMAPPED;
1208                 }
1209         }
1210
1211         *r->out.count = mapped_count;
1212         *r->out.domains = domains;
1213         r->out.sids->sids = rids;
1214         r->out.sids->count = num_entries;
1215
1216         return status;
1217 }
1218
1219 /***************************************************************************
1220  _lsa_LookupNames2
1221  ***************************************************************************/
1222
1223 NTSTATUS _lsa_LookupNames2(struct pipes_struct *p,
1224                            struct lsa_LookupNames2 *r)
1225 {
1226         NTSTATUS status;
1227         struct lsa_LookupNames q;
1228         struct lsa_TransSidArray2 *sid_array2 = r->in.sids;
1229         struct lsa_TransSidArray *sid_array = NULL;
1230         uint32_t i;
1231
1232         sid_array = TALLOC_ZERO_P(p->mem_ctx, struct lsa_TransSidArray);
1233         if (!sid_array) {
1234                 return NT_STATUS_NO_MEMORY;
1235         }
1236
1237         q.in.handle             = r->in.handle;
1238         q.in.num_names          = r->in.num_names;
1239         q.in.names              = r->in.names;
1240         q.in.level              = r->in.level;
1241         q.in.sids               = sid_array;
1242         q.in.count              = r->in.count;
1243         /* we do not know what this is for */
1244         /*                      = r->in.unknown1; */
1245         /*                      = r->in.unknown2; */
1246
1247         q.out.domains           = r->out.domains;
1248         q.out.sids              = sid_array;
1249         q.out.count             = r->out.count;
1250
1251         status = _lsa_LookupNames(p, &q);
1252
1253         sid_array2->count = sid_array->count;
1254         sid_array2->sids = TALLOC_ARRAY(p->mem_ctx, struct lsa_TranslatedSid2, sid_array->count);
1255         if (!sid_array2->sids) {
1256                 return NT_STATUS_NO_MEMORY;
1257         }
1258
1259         for (i=0; i<sid_array->count; i++) {
1260                 sid_array2->sids[i].sid_type  = sid_array->sids[i].sid_type;
1261                 sid_array2->sids[i].rid       = sid_array->sids[i].rid;
1262                 sid_array2->sids[i].sid_index = sid_array->sids[i].sid_index;
1263                 sid_array2->sids[i].unknown   = 0;
1264         }
1265
1266         r->out.sids = sid_array2;
1267
1268         return status;
1269 }
1270
1271 /***************************************************************************
1272  _lsa_LookupNames3
1273  ***************************************************************************/
1274
1275 NTSTATUS _lsa_LookupNames3(struct pipes_struct *p,
1276                            struct lsa_LookupNames3 *r)
1277 {
1278         NTSTATUS status;
1279         struct lsa_info *handle;
1280         struct lsa_String *names = r->in.names;
1281         uint32 num_entries = r->in.num_names;
1282         struct lsa_RefDomainList *domains = NULL;
1283         struct lsa_TranslatedSid3 *trans_sids = NULL;
1284         uint32 mapped_count = 0;
1285         int flags = 0;
1286         bool check_policy = true;
1287
1288         switch (p->opnum) {
1289                 case NDR_LSA_LOOKUPNAMES4:
1290                         check_policy = false;
1291                         break;
1292                 case NDR_LSA_LOOKUPNAMES3:
1293                 default:
1294                         check_policy = true;
1295         }
1296
1297         if (num_entries >  MAX_LOOKUP_SIDS) {
1298                 num_entries = MAX_LOOKUP_SIDS;
1299                 DEBUG(5,("_lsa_LookupNames3: truncating name lookup list to %d\n", num_entries));
1300         }
1301
1302         /* Probably the lookup_level is some sort of bitmask. */
1303         if (r->in.level == 1) {
1304                 flags = LOOKUP_NAME_ALL;
1305         }
1306
1307         domains = TALLOC_ZERO_P(p->mem_ctx, struct lsa_RefDomainList);
1308         if (!domains) {
1309                 return NT_STATUS_NO_MEMORY;
1310         }
1311
1312         if (num_entries) {
1313                 trans_sids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_TranslatedSid3,
1314                                                num_entries);
1315                 if (!trans_sids) {
1316                         return NT_STATUS_NO_MEMORY;
1317                 }
1318         } else {
1319                 trans_sids = NULL;
1320         }
1321
1322         if (check_policy) {
1323
1324                 if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
1325                         status = NT_STATUS_INVALID_HANDLE;
1326                         goto done;
1327                 }
1328
1329                 if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1330                         return NT_STATUS_INVALID_HANDLE;
1331                 }
1332
1333                 /* check if the user has enough rights */
1334                 if (!(handle->access & LSA_POLICY_LOOKUP_NAMES)) {
1335                         status = NT_STATUS_ACCESS_DENIED;
1336                         goto done;
1337                 }
1338         }
1339
1340         /* set up the LSA Lookup SIDs response */
1341         become_root(); /* lookup_name can require root privs */
1342         status = lookup_lsa_sids(p->mem_ctx, domains, trans_sids, num_entries,
1343                                  names, flags, &mapped_count);
1344         unbecome_root();
1345
1346 done:
1347
1348         if (NT_STATUS_IS_OK(status)) {
1349                 if (mapped_count == 0) {
1350                         status = NT_STATUS_NONE_MAPPED;
1351                 } else if (mapped_count != num_entries) {
1352                         status = STATUS_SOME_UNMAPPED;
1353                 }
1354         }
1355
1356         *r->out.count = mapped_count;
1357         *r->out.domains = domains;
1358         r->out.sids->sids = trans_sids;
1359         r->out.sids->count = num_entries;
1360
1361         return status;
1362 }
1363
1364 /***************************************************************************
1365  _lsa_LookupNames4
1366  ***************************************************************************/
1367
1368 NTSTATUS _lsa_LookupNames4(struct pipes_struct *p,
1369                            struct lsa_LookupNames4 *r)
1370 {
1371         struct lsa_LookupNames3 q;
1372
1373         /* No policy handle on this call. Restrict to crypto connections. */
1374         if (p->auth.auth_type != DCERPC_AUTH_TYPE_SCHANNEL) {
1375                 DEBUG(0,("_lsa_lookup_names4: client %s not using schannel for netlogon\n",
1376                         get_remote_machine_name() ));
1377                 return NT_STATUS_INVALID_PARAMETER;
1378         }
1379
1380         q.in.handle             = NULL;
1381         q.in.num_names          = r->in.num_names;
1382         q.in.names              = r->in.names;
1383         q.in.level              = r->in.level;
1384         q.in.lookup_options     = r->in.lookup_options;
1385         q.in.client_revision    = r->in.client_revision;
1386         q.in.sids               = r->in.sids;
1387         q.in.count              = r->in.count;
1388
1389         q.out.domains           = r->out.domains;
1390         q.out.sids              = r->out.sids;
1391         q.out.count             = r->out.count;
1392
1393         return _lsa_LookupNames3(p, &q);
1394 }
1395
1396 /***************************************************************************
1397  _lsa_close. Also weird - needs to check if lsa handle is correct. JRA.
1398  ***************************************************************************/
1399
1400 NTSTATUS _lsa_Close(struct pipes_struct *p, struct lsa_Close *r)
1401 {
1402         if (!find_policy_by_hnd(p, r->in.handle, NULL)) {
1403                 return NT_STATUS_INVALID_HANDLE;
1404         }
1405
1406         close_policy_hnd(p, r->in.handle);
1407         ZERO_STRUCTP(r->out.handle);
1408         return NT_STATUS_OK;
1409 }
1410
1411 /***************************************************************************
1412  ***************************************************************************/
1413
1414 static NTSTATUS lsa_lookup_trusted_domain_by_sid(TALLOC_CTX *mem_ctx,
1415                                                  const struct dom_sid *sid,
1416                                                  struct trustdom_info **info)
1417 {
1418         NTSTATUS status;
1419         uint32_t num_domains = 0;
1420         struct trustdom_info **domains = NULL;
1421         int i;
1422
1423         status = pdb_enum_trusteddoms(mem_ctx, &num_domains, &domains);
1424         if (!NT_STATUS_IS_OK(status)) {
1425                 return status;
1426         }
1427
1428         for (i=0; i < num_domains; i++) {
1429                 if (dom_sid_equal(&domains[i]->sid, sid)) {
1430                         break;
1431                 }
1432         }
1433
1434         if (i == num_domains) {
1435                 return NT_STATUS_INVALID_PARAMETER;
1436         }
1437
1438         *info = domains[i];
1439
1440         return NT_STATUS_OK;
1441 }
1442
1443 /***************************************************************************
1444  ***************************************************************************/
1445
1446 static NTSTATUS lsa_lookup_trusted_domain_by_name(TALLOC_CTX *mem_ctx,
1447                                                   const char *netbios_domain_name,
1448                                                   struct trustdom_info **info_p)
1449 {
1450         NTSTATUS status;
1451         struct trustdom_info *info;
1452         struct pdb_trusted_domain *td;
1453
1454         status = pdb_get_trusted_domain(mem_ctx, netbios_domain_name, &td);
1455         if (!NT_STATUS_IS_OK(status)) {
1456                 return status;
1457         }
1458
1459         info = talloc(mem_ctx, struct trustdom_info);
1460         if (!info) {
1461                 return NT_STATUS_NO_MEMORY;
1462         }
1463
1464         info->name      = talloc_strdup(info, netbios_domain_name);
1465         NT_STATUS_HAVE_NO_MEMORY(info->name);
1466
1467         sid_copy(&info->sid, &td->security_identifier);
1468
1469         *info_p = info;
1470
1471         return NT_STATUS_OK;
1472 }
1473
1474 /***************************************************************************
1475  ***************************************************************************/
1476
1477 NTSTATUS _lsa_OpenSecret(struct pipes_struct *p, struct lsa_OpenSecret *r)
1478 {
1479         return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1480 }
1481
1482 /***************************************************************************
1483  ***************************************************************************/
1484
1485 NTSTATUS _lsa_OpenTrustedDomain(struct pipes_struct *p,
1486                                 struct lsa_OpenTrustedDomain *r)
1487 {
1488         return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1489 }
1490
1491 /***************************************************************************
1492  _lsa_CreateTrustedDomainEx2
1493  ***************************************************************************/
1494
1495 NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
1496                                      struct lsa_CreateTrustedDomainEx2 *r)
1497 {
1498         struct lsa_info *policy;
1499         NTSTATUS status;
1500         uint32_t acc_granted;
1501         struct security_descriptor *psd;
1502         size_t sd_size;
1503         struct pdb_trusted_domain td;
1504
1505         if (!IS_DC) {
1506                 return NT_STATUS_NOT_SUPPORTED;
1507         }
1508
1509         if (!find_policy_by_hnd(p, r->in.policy_handle, (void **)(void *)&policy)) {
1510                 return NT_STATUS_INVALID_HANDLE;
1511         }
1512
1513         if (!(policy->access & LSA_POLICY_TRUST_ADMIN)) {
1514                 return NT_STATUS_ACCESS_DENIED;
1515         }
1516
1517         if (p->server_info->utok.uid != sec_initial_uid() &&
1518             !nt_token_check_domain_rid(p->server_info->security_token, DOMAIN_RID_ADMINS)) {
1519                 return NT_STATUS_ACCESS_DENIED;
1520         }
1521
1522         /* Work out max allowed. */
1523         map_max_allowed_access(p->server_info->security_token,
1524                                &p->server_info->utok,
1525                                &r->in.access_mask);
1526
1527         /* map the generic bits to the lsa policy ones */
1528         se_map_generic(&r->in.access_mask, &lsa_account_mapping);
1529
1530         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
1531                                     &lsa_trusted_domain_mapping,
1532                                     NULL, 0);
1533         if (!NT_STATUS_IS_OK(status)) {
1534                 return status;
1535         }
1536
1537         status = access_check_object(psd, p->server_info->security_token,
1538                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0,
1539                                      r->in.access_mask, &acc_granted,
1540                                      "_lsa_CreateTrustedDomainEx2");
1541         if (!NT_STATUS_IS_OK(status)) {
1542                 return status;
1543         }
1544
1545         ZERO_STRUCT(td);
1546
1547         td.domain_name = r->in.info->domain_name.string;
1548         td.netbios_name = r->in.info->netbios_name.string;
1549         sid_copy(&td.security_identifier, r->in.info->sid);
1550         td.trust_auth_incoming.data = NULL;
1551         td.trust_auth_incoming.length = 0;
1552         td.trust_auth_outgoing.data = NULL;
1553         td.trust_auth_outgoing.length = 0;
1554         td.trust_direction = r->in.info->trust_direction;
1555         td.trust_type = r->in.info->trust_type;
1556         td.trust_attributes = r->in.info->trust_attributes;
1557
1558         status = pdb_set_trusted_domain(r->in.info->domain_name.string, &td);
1559         if (!NT_STATUS_IS_OK(status)) {
1560                 return status;
1561         }
1562
1563         status = create_lsa_policy_handle(p->mem_ctx, p,
1564                                           LSA_HANDLE_TRUST_TYPE,
1565                                           acc_granted,
1566                                           r->in.info->sid,
1567                                           r->in.info->netbios_name.string,
1568                                           psd,
1569                                           r->out.trustdom_handle);
1570         if (!NT_STATUS_IS_OK(status)) {
1571                 pdb_del_trusteddom_pw(r->in.info->netbios_name.string);
1572                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1573         }
1574
1575         return NT_STATUS_OK;
1576 }
1577
1578 /***************************************************************************
1579  _lsa_CreateTrustedDomainEx
1580  ***************************************************************************/
1581
1582 NTSTATUS _lsa_CreateTrustedDomainEx(struct pipes_struct *p,
1583                                     struct lsa_CreateTrustedDomainEx *r)
1584 {
1585         struct lsa_CreateTrustedDomainEx2 q;
1586
1587         q.in.policy_handle      = r->in.policy_handle;
1588         q.in.info               = r->in.info;
1589         q.in.auth_info          = r->in.auth_info;
1590         q.in.access_mask        = r->in.access_mask;
1591         q.out.trustdom_handle   = r->out.trustdom_handle;
1592
1593         return _lsa_CreateTrustedDomainEx2(p, &q);
1594 }
1595
1596 /***************************************************************************
1597  _lsa_CreateTrustedDomain
1598  ***************************************************************************/
1599
1600 NTSTATUS _lsa_CreateTrustedDomain(struct pipes_struct *p,
1601                                   struct lsa_CreateTrustedDomain *r)
1602 {
1603         struct lsa_CreateTrustedDomainEx2 c;
1604         struct lsa_TrustDomainInfoInfoEx info;
1605         struct lsa_TrustDomainInfoAuthInfoInternal auth_info;
1606
1607         ZERO_STRUCT(auth_info);
1608
1609         info.domain_name        = r->in.info->name;
1610         info.netbios_name       = r->in.info->name;
1611         info.sid                = r->in.info->sid;
1612         info.trust_direction    = LSA_TRUST_DIRECTION_OUTBOUND;
1613         info.trust_type         = LSA_TRUST_TYPE_DOWNLEVEL;
1614         info.trust_attributes   = 0;
1615
1616         c.in.policy_handle      = r->in.policy_handle;
1617         c.in.info               = &info;
1618         c.in.auth_info          = &auth_info;
1619         c.in.access_mask        = r->in.access_mask;
1620         c.out.trustdom_handle   = r->out.trustdom_handle;
1621
1622         return _lsa_CreateTrustedDomainEx2(p, &c);
1623 }
1624
1625 /***************************************************************************
1626  _lsa_DeleteTrustedDomain
1627  ***************************************************************************/
1628
1629 NTSTATUS _lsa_DeleteTrustedDomain(struct pipes_struct *p,
1630                                   struct lsa_DeleteTrustedDomain *r)
1631 {
1632         NTSTATUS status;
1633         struct lsa_info *handle;
1634         struct trustdom_info *info;
1635
1636         /* find the connection policy handle. */
1637         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) {
1638                 return NT_STATUS_INVALID_HANDLE;
1639         }
1640
1641         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1642                 return NT_STATUS_INVALID_HANDLE;
1643         }
1644
1645         if (!(handle->access & LSA_POLICY_TRUST_ADMIN)) {
1646                 return NT_STATUS_ACCESS_DENIED;
1647         }
1648
1649         status = lsa_lookup_trusted_domain_by_sid(p->mem_ctx,
1650                                                   r->in.dom_sid,
1651                                                   &info);
1652         if (!NT_STATUS_IS_OK(status)) {
1653                 return status;
1654         }
1655
1656         if (!pdb_del_trusteddom_pw(info->name)) {
1657                 return NT_STATUS_NO_TRUST_LSA_SECRET;
1658         }
1659
1660         return NT_STATUS_OK;
1661 }
1662
1663 /***************************************************************************
1664  ***************************************************************************/
1665
1666 NTSTATUS _lsa_CreateSecret(struct pipes_struct *p, struct lsa_CreateSecret *r)
1667 {
1668         return NT_STATUS_ACCESS_DENIED;
1669 }
1670
1671 /***************************************************************************
1672  ***************************************************************************/
1673
1674 NTSTATUS _lsa_SetSecret(struct pipes_struct *p, struct lsa_SetSecret *r)
1675 {
1676         return NT_STATUS_ACCESS_DENIED;
1677 }
1678
1679 /***************************************************************************
1680  _lsa_DeleteObject
1681  ***************************************************************************/
1682
1683 NTSTATUS _lsa_DeleteObject(struct pipes_struct *p,
1684                            struct lsa_DeleteObject *r)
1685 {
1686         NTSTATUS status;
1687         struct lsa_info *info = NULL;
1688
1689         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
1690                 return NT_STATUS_INVALID_HANDLE;
1691         }
1692
1693         if (!(info->access & SEC_STD_DELETE)) {
1694                 return NT_STATUS_ACCESS_DENIED;
1695         }
1696
1697         switch (info->type) {
1698         case LSA_HANDLE_ACCOUNT_TYPE:
1699                 status = privilege_delete_account(&info->sid);
1700                 if (!NT_STATUS_IS_OK(status)) {
1701                         DEBUG(10,("_lsa_DeleteObject: privilege_delete_account gave: %s\n",
1702                                 nt_errstr(status)));
1703                         return status;
1704                 }
1705                 break;
1706         default:
1707                 return NT_STATUS_INVALID_HANDLE;
1708         }
1709
1710         close_policy_hnd(p, r->in.handle);
1711         ZERO_STRUCTP(r->out.handle);
1712
1713         return status;
1714 }
1715
1716 /***************************************************************************
1717  _lsa_EnumPrivs
1718  ***************************************************************************/
1719
1720 NTSTATUS _lsa_EnumPrivs(struct pipes_struct *p,
1721                         struct lsa_EnumPrivs *r)
1722 {
1723         struct lsa_info *handle;
1724         uint32 i;
1725         uint32 enum_context = *r->in.resume_handle;
1726         int num_privs = num_privileges_in_short_list();
1727         struct lsa_PrivEntry *entries = NULL;
1728
1729         /* remember that the enum_context starts at 0 and not 1 */
1730
1731         if ( enum_context >= num_privs )
1732                 return NT_STATUS_NO_MORE_ENTRIES;
1733
1734         DEBUG(10,("_lsa_EnumPrivs: enum_context:%d total entries:%d\n",
1735                 enum_context, num_privs));
1736
1737         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
1738                 return NT_STATUS_INVALID_HANDLE;
1739
1740         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1741                 return NT_STATUS_INVALID_HANDLE;
1742         }
1743
1744         /* check if the user has enough rights
1745            I don't know if it's the right one. not documented.  */
1746
1747         if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
1748                 return NT_STATUS_ACCESS_DENIED;
1749
1750         if (num_privs) {
1751                 entries = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_PrivEntry, num_privs);
1752                 if (!entries) {
1753                         return NT_STATUS_NO_MEMORY;
1754                 }
1755         } else {
1756                 entries = NULL;
1757         }
1758
1759         for (i = 0; i < num_privs; i++) {
1760                 if( i < enum_context) {
1761
1762                         init_lsa_StringLarge(&entries[i].name, NULL);
1763
1764                         entries[i].luid.low = 0;
1765                         entries[i].luid.high = 0;
1766                 } else {
1767
1768                         init_lsa_StringLarge(&entries[i].name, sec_privilege_name_from_index(i));
1769
1770                         entries[i].luid.low = sec_privilege_from_index(i);
1771                         entries[i].luid.high = 0;
1772                 }
1773         }
1774
1775         enum_context = num_privs;
1776
1777         *r->out.resume_handle = enum_context;
1778         r->out.privs->count = num_privs;
1779         r->out.privs->privs = entries;
1780
1781         return NT_STATUS_OK;
1782 }
1783
1784 /***************************************************************************
1785  _lsa_LookupPrivDisplayName
1786  ***************************************************************************/
1787
1788 NTSTATUS _lsa_LookupPrivDisplayName(struct pipes_struct *p,
1789                                     struct lsa_LookupPrivDisplayName *r)
1790 {
1791         struct lsa_info *handle;
1792         const char *description;
1793         struct lsa_StringLarge *lsa_name;
1794
1795         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
1796                 return NT_STATUS_INVALID_HANDLE;
1797
1798         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1799                 return NT_STATUS_INVALID_HANDLE;
1800         }
1801
1802         /* check if the user has enough rights */
1803
1804         /*
1805          * I don't know if it's the right one. not documented.
1806          */
1807         if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
1808                 return NT_STATUS_ACCESS_DENIED;
1809
1810         DEBUG(10,("_lsa_LookupPrivDisplayName: name = %s\n", r->in.name->string));
1811
1812         description = get_privilege_dispname(r->in.name->string);
1813         if (!description) {
1814                 DEBUG(10,("_lsa_LookupPrivDisplayName: doesn't exist\n"));
1815                 return NT_STATUS_NO_SUCH_PRIVILEGE;
1816         }
1817
1818         DEBUG(10,("_lsa_LookupPrivDisplayName: display name = %s\n", description));
1819
1820         lsa_name = TALLOC_ZERO_P(p->mem_ctx, struct lsa_StringLarge);
1821         if (!lsa_name) {
1822                 return NT_STATUS_NO_MEMORY;
1823         }
1824
1825         init_lsa_StringLarge(lsa_name, description);
1826
1827         *r->out.returned_language_id = r->in.language_id;
1828         *r->out.disp_name = lsa_name;
1829
1830         return NT_STATUS_OK;
1831 }
1832
1833 /***************************************************************************
1834  _lsa_EnumAccounts
1835  ***************************************************************************/
1836
1837 NTSTATUS _lsa_EnumAccounts(struct pipes_struct *p,
1838                            struct lsa_EnumAccounts *r)
1839 {
1840         struct lsa_info *handle;
1841         struct dom_sid *sid_list;
1842         int i, j, num_entries;
1843         NTSTATUS status;
1844         struct lsa_SidPtr *sids = NULL;
1845
1846         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
1847                 return NT_STATUS_INVALID_HANDLE;
1848
1849         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1850                 return NT_STATUS_INVALID_HANDLE;
1851         }
1852
1853         if (!(handle->access & LSA_POLICY_VIEW_LOCAL_INFORMATION))
1854                 return NT_STATUS_ACCESS_DENIED;
1855
1856         sid_list = NULL;
1857         num_entries = 0;
1858
1859         /* The only way we can currently find out all the SIDs that have been
1860            privileged is to scan all privileges */
1861
1862         status = privilege_enumerate_accounts(&sid_list, &num_entries);
1863         if (!NT_STATUS_IS_OK(status)) {
1864                 return status;
1865         }
1866
1867         if (*r->in.resume_handle >= num_entries) {
1868                 return NT_STATUS_NO_MORE_ENTRIES;
1869         }
1870
1871         if (num_entries - *r->in.resume_handle) {
1872                 sids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_SidPtr,
1873                                          num_entries - *r->in.resume_handle);
1874                 if (!sids) {
1875                         talloc_free(sid_list);
1876                         return NT_STATUS_NO_MEMORY;
1877                 }
1878
1879                 for (i = *r->in.resume_handle, j = 0; i < num_entries; i++, j++) {
1880                         sids[j].sid = dom_sid_dup(p->mem_ctx, &sid_list[i]);
1881                         if (!sids[j].sid) {
1882                                 talloc_free(sid_list);
1883                                 return NT_STATUS_NO_MEMORY;
1884                         }
1885                 }
1886         }
1887
1888         talloc_free(sid_list);
1889
1890         *r->out.resume_handle = num_entries;
1891         r->out.sids->num_sids = num_entries;
1892         r->out.sids->sids = sids;
1893
1894         return NT_STATUS_OK;
1895 }
1896
1897 /***************************************************************************
1898  _lsa_GetUserName
1899  ***************************************************************************/
1900
1901 NTSTATUS _lsa_GetUserName(struct pipes_struct *p,
1902                           struct lsa_GetUserName *r)
1903 {
1904         const char *username, *domname;
1905         struct lsa_String *account_name = NULL;
1906         struct lsa_String *authority_name = NULL;
1907
1908         if (r->in.account_name &&
1909            *r->in.account_name) {
1910                 return NT_STATUS_INVALID_PARAMETER;
1911         }
1912
1913         if (r->in.authority_name &&
1914            *r->in.authority_name) {
1915                 return NT_STATUS_INVALID_PARAMETER;
1916         }
1917
1918         if (p->server_info->guest) {
1919                 /*
1920                  * I'm 99% sure this is not the right place to do this,
1921                  * global_sid_Anonymous should probably be put into the token
1922                  * instead of the guest id -- vl
1923                  */
1924                 if (!lookup_sid(p->mem_ctx, &global_sid_Anonymous,
1925                                 &domname, &username, NULL)) {
1926                         return NT_STATUS_NO_MEMORY;
1927                 }
1928         } else {
1929                 username = p->server_info->sanitized_username;
1930                 domname = p->server_info->info3->base.domain.string;
1931         }
1932
1933         account_name = TALLOC_P(p->mem_ctx, struct lsa_String);
1934         if (!account_name) {
1935                 return NT_STATUS_NO_MEMORY;
1936         }
1937         init_lsa_String(account_name, username);
1938
1939         if (r->out.authority_name) {
1940                 authority_name = TALLOC_P(p->mem_ctx, struct lsa_String);
1941                 if (!authority_name) {
1942                         return NT_STATUS_NO_MEMORY;
1943                 }
1944                 init_lsa_String(authority_name, domname);
1945         }
1946
1947         *r->out.account_name = account_name;
1948         if (r->out.authority_name) {
1949                 *r->out.authority_name = authority_name;
1950         }
1951
1952         return NT_STATUS_OK;
1953 }
1954
1955 /***************************************************************************
1956  _lsa_CreateAccount
1957  ***************************************************************************/
1958
1959 NTSTATUS _lsa_CreateAccount(struct pipes_struct *p,
1960                             struct lsa_CreateAccount *r)
1961 {
1962         NTSTATUS status;
1963         struct lsa_info *handle;
1964         uint32_t acc_granted;
1965         struct security_descriptor *psd;
1966         size_t sd_size;
1967
1968         /* find the connection policy handle. */
1969         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
1970                 return NT_STATUS_INVALID_HANDLE;
1971
1972         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
1973                 return NT_STATUS_INVALID_HANDLE;
1974         }
1975
1976         /* check if the user has enough rights */
1977
1978         if (!(handle->access & LSA_POLICY_CREATE_ACCOUNT)) {
1979                 return NT_STATUS_ACCESS_DENIED;
1980         }
1981
1982         /* Work out max allowed. */
1983         map_max_allowed_access(p->server_info->security_token,
1984                                &p->server_info->utok,
1985                                &r->in.access_mask);
1986
1987         /* map the generic bits to the lsa policy ones */
1988         se_map_generic(&r->in.access_mask, &lsa_account_mapping);
1989
1990         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
1991                                     &lsa_account_mapping,
1992                                     r->in.sid, LSA_POLICY_ALL_ACCESS);
1993         if (!NT_STATUS_IS_OK(status)) {
1994                 return status;
1995         }
1996
1997         status = access_check_object(psd, p->server_info->security_token,
1998                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, r->in.access_mask,
1999                                      &acc_granted, "_lsa_CreateAccount");
2000         if (!NT_STATUS_IS_OK(status)) {
2001                 return status;
2002         }
2003
2004         if ( is_privileged_sid( r->in.sid ) )
2005                 return NT_STATUS_OBJECT_NAME_COLLISION;
2006
2007         status = create_lsa_policy_handle(p->mem_ctx, p,
2008                                           LSA_HANDLE_ACCOUNT_TYPE,
2009                                           acc_granted,
2010                                           r->in.sid,
2011                                           NULL,
2012                                           psd,
2013                                           r->out.acct_handle);
2014         if (!NT_STATUS_IS_OK(status)) {
2015                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2016         }
2017
2018         return privilege_create_account(r->in.sid);
2019 }
2020
2021 /***************************************************************************
2022  _lsa_OpenAccount
2023  ***************************************************************************/
2024
2025 NTSTATUS _lsa_OpenAccount(struct pipes_struct *p,
2026                           struct lsa_OpenAccount *r)
2027 {
2028         struct lsa_info *handle;
2029         struct security_descriptor *psd = NULL;
2030         size_t sd_size;
2031         uint32_t des_access = r->in.access_mask;
2032         uint32_t acc_granted;
2033         NTSTATUS status;
2034
2035         /* find the connection policy handle. */
2036         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
2037                 return NT_STATUS_INVALID_HANDLE;
2038
2039         if (handle->type != LSA_HANDLE_POLICY_TYPE) {
2040                 return NT_STATUS_INVALID_HANDLE;
2041         }
2042
2043         /* des_access is for the account here, not the policy
2044          * handle - so don't check against policy handle. */
2045
2046         /* Work out max allowed. */
2047         map_max_allowed_access(p->server_info->security_token,
2048                                &p->server_info->utok,
2049                                &des_access);
2050
2051         /* map the generic bits to the lsa account ones */
2052         se_map_generic(&des_access, &lsa_account_mapping);
2053
2054         /* get the generic lsa account SD until we store it */
2055         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
2056                                 &lsa_account_mapping,
2057                                 r->in.sid, LSA_ACCOUNT_ALL_ACCESS);
2058         if (!NT_STATUS_IS_OK(status)) {
2059                 return status;
2060         }
2061
2062         status = access_check_object(psd, p->server_info->security_token,
2063                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, des_access,
2064                                      &acc_granted, "_lsa_OpenAccount" );
2065         if (!NT_STATUS_IS_OK(status)) {
2066                 return status;
2067         }
2068
2069         /* TODO: Fis the parsing routine before reenabling this check! */
2070         #if 0
2071         if (!lookup_sid(&handle->sid, dom_name, name, &type))
2072                 return NT_STATUS_ACCESS_DENIED;
2073         #endif
2074
2075         status = create_lsa_policy_handle(p->mem_ctx, p,
2076                                           LSA_HANDLE_ACCOUNT_TYPE,
2077                                           acc_granted,
2078                                           r->in.sid,
2079                                           NULL,
2080                                           psd,
2081                                           r->out.acct_handle);
2082         if (!NT_STATUS_IS_OK(status)) {
2083                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2084         }
2085
2086         return NT_STATUS_OK;
2087 }
2088
2089 /***************************************************************************
2090  _lsa_EnumPrivsAccount
2091  For a given SID, enumerate all the privilege this account has.
2092  ***************************************************************************/
2093
2094 NTSTATUS _lsa_EnumPrivsAccount(struct pipes_struct *p,
2095                                struct lsa_EnumPrivsAccount *r)
2096 {
2097         NTSTATUS status = NT_STATUS_OK;
2098         struct lsa_info *info=NULL;
2099         PRIVILEGE_SET *privileges;
2100         struct lsa_PrivilegeSet *priv_set = NULL;
2101
2102         /* find the connection policy handle. */
2103         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2104                 return NT_STATUS_INVALID_HANDLE;
2105
2106         if (info->type != LSA_HANDLE_ACCOUNT_TYPE) {
2107                 return NT_STATUS_INVALID_HANDLE;
2108         }
2109
2110         if (!(info->access & LSA_ACCOUNT_VIEW))
2111                 return NT_STATUS_ACCESS_DENIED;
2112
2113         status = get_privileges_for_sid_as_set(p->mem_ctx, &privileges, &info->sid);
2114         if (!NT_STATUS_IS_OK(status)) {
2115                 return status;
2116         }
2117
2118         *r->out.privs = priv_set = TALLOC_ZERO_P(p->mem_ctx, struct lsa_PrivilegeSet);
2119         if (!priv_set) {
2120                 return NT_STATUS_NO_MEMORY;
2121         }
2122
2123         DEBUG(10,("_lsa_EnumPrivsAccount: %s has %d privileges\n",
2124                   sid_string_dbg(&info->sid),
2125                   privileges->count));
2126
2127         priv_set->count = privileges->count;
2128         priv_set->unknown = 0;
2129         priv_set->set = talloc_move(priv_set, &privileges->set);
2130
2131         return status;
2132 }
2133
2134 /***************************************************************************
2135  _lsa_GetSystemAccessAccount
2136  ***************************************************************************/
2137
2138 NTSTATUS _lsa_GetSystemAccessAccount(struct pipes_struct *p,
2139                                      struct lsa_GetSystemAccessAccount *r)
2140 {
2141         NTSTATUS status;
2142         struct lsa_info *info = NULL;
2143         struct lsa_EnumPrivsAccount e;
2144         struct lsa_PrivilegeSet *privset;
2145
2146         /* find the connection policy handle. */
2147
2148         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2149                 return NT_STATUS_INVALID_HANDLE;
2150
2151         if (info->type != LSA_HANDLE_ACCOUNT_TYPE) {
2152                 return NT_STATUS_INVALID_HANDLE;
2153         }
2154
2155         if (!(info->access & LSA_ACCOUNT_VIEW))
2156                 return NT_STATUS_ACCESS_DENIED;
2157
2158         privset = talloc_zero(p->mem_ctx, struct lsa_PrivilegeSet);
2159         if (!privset) {
2160                 return NT_STATUS_NO_MEMORY;
2161         }
2162
2163         e.in.handle = r->in.handle;
2164         e.out.privs = &privset;
2165
2166         status = _lsa_EnumPrivsAccount(p, &e);
2167         if (!NT_STATUS_IS_OK(status)) {
2168                 DEBUG(10,("_lsa_GetSystemAccessAccount: "
2169                         "failed to call _lsa_EnumPrivsAccount(): %s\n",
2170                         nt_errstr(status)));
2171                 return status;
2172         }
2173
2174         /* Samba4 would iterate over the privset to merge the policy mode bits,
2175          * not sure samba3 can do the same here, so just return what we did in
2176          * the past - gd */
2177
2178         /*
2179           0x01 -> Log on locally
2180           0x02 -> Access this computer from network
2181           0x04 -> Log on as a batch job
2182           0x10 -> Log on as a service
2183
2184           they can be ORed together
2185         */
2186
2187         *r->out.access_mask = LSA_POLICY_MODE_INTERACTIVE |
2188                               LSA_POLICY_MODE_NETWORK;
2189
2190         return NT_STATUS_OK;
2191 }
2192
2193 /***************************************************************************
2194   update the systemaccount information
2195  ***************************************************************************/
2196
2197 NTSTATUS _lsa_SetSystemAccessAccount(struct pipes_struct *p,
2198                                      struct lsa_SetSystemAccessAccount *r)
2199 {
2200         struct lsa_info *info=NULL;
2201         GROUP_MAP map;
2202
2203         /* find the connection policy handle. */
2204         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2205                 return NT_STATUS_INVALID_HANDLE;
2206
2207         if (info->type != LSA_HANDLE_ACCOUNT_TYPE) {
2208                 return NT_STATUS_INVALID_HANDLE;
2209         }
2210
2211         if (!(info->access & LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS)) {
2212                 return NT_STATUS_ACCESS_DENIED;
2213         }
2214
2215         if (!pdb_getgrsid(&map, info->sid))
2216                 return NT_STATUS_NO_SUCH_GROUP;
2217
2218         return pdb_update_group_mapping_entry(&map);
2219 }
2220
2221 /***************************************************************************
2222  _lsa_AddPrivilegesToAccount
2223  For a given SID, add some privileges.
2224  ***************************************************************************/
2225
2226 NTSTATUS _lsa_AddPrivilegesToAccount(struct pipes_struct *p,
2227                                      struct lsa_AddPrivilegesToAccount *r)
2228 {
2229         struct lsa_info *info = NULL;
2230         struct lsa_PrivilegeSet *set = NULL;
2231
2232         /* find the connection policy handle. */
2233         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2234                 return NT_STATUS_INVALID_HANDLE;
2235
2236         if (info->type != LSA_HANDLE_ACCOUNT_TYPE) {
2237                 return NT_STATUS_INVALID_HANDLE;
2238         }
2239
2240         if (!(info->access & LSA_ACCOUNT_ADJUST_PRIVILEGES)) {
2241                 return NT_STATUS_ACCESS_DENIED;
2242         }
2243
2244         set = r->in.privs;
2245
2246         if ( !grant_privilege_set( &info->sid, set ) ) {
2247                 DEBUG(3,("_lsa_AddPrivilegesToAccount: grant_privilege_set(%s) failed!\n",
2248                          sid_string_dbg(&info->sid) ));
2249                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2250         }
2251
2252         return NT_STATUS_OK;
2253 }
2254
2255 /***************************************************************************
2256  _lsa_RemovePrivilegesFromAccount
2257  For a given SID, remove some privileges.
2258  ***************************************************************************/
2259
2260 NTSTATUS _lsa_RemovePrivilegesFromAccount(struct pipes_struct *p,
2261                                           struct lsa_RemovePrivilegesFromAccount *r)
2262 {
2263         struct lsa_info *info = NULL;
2264         struct lsa_PrivilegeSet *set = NULL;
2265
2266         /* find the connection policy handle. */
2267         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2268                 return NT_STATUS_INVALID_HANDLE;
2269
2270         if (info->type != LSA_HANDLE_ACCOUNT_TYPE) {
2271                 return NT_STATUS_INVALID_HANDLE;
2272         }
2273
2274         if (!(info->access & LSA_ACCOUNT_ADJUST_PRIVILEGES)) {
2275                 return NT_STATUS_ACCESS_DENIED;
2276         }
2277
2278         set = r->in.privs;
2279
2280         if ( !revoke_privilege_set( &info->sid, set) ) {
2281                 DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n",
2282                          sid_string_dbg(&info->sid) ));
2283                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2284         }
2285
2286         return NT_STATUS_OK;
2287 }
2288
2289 /***************************************************************************
2290  _lsa_LookupPrivName
2291  ***************************************************************************/
2292
2293 NTSTATUS _lsa_LookupPrivName(struct pipes_struct *p,
2294                              struct lsa_LookupPrivName *r)
2295 {
2296         struct lsa_info *info = NULL;
2297         const char *name;
2298         struct lsa_StringLarge *lsa_name;
2299
2300         /* find the connection policy handle. */
2301         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
2302                 return NT_STATUS_INVALID_HANDLE;
2303         }
2304
2305         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2306                 return NT_STATUS_INVALID_HANDLE;
2307         }
2308
2309         if (!(info->access & LSA_POLICY_VIEW_LOCAL_INFORMATION)) {
2310                 return NT_STATUS_ACCESS_DENIED;
2311         }
2312
2313         if (r->in.luid->high != 0) {
2314                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2315         }
2316
2317         name = sec_privilege_name(r->in.luid->low);
2318         if (!name) {
2319                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2320         }
2321
2322         lsa_name = TALLOC_ZERO_P(p->mem_ctx, struct lsa_StringLarge);
2323         if (!lsa_name) {
2324                 return NT_STATUS_NO_MEMORY;
2325         }
2326
2327         lsa_name->string = talloc_strdup(lsa_name, name);
2328         if (!lsa_name->string) {
2329                 TALLOC_FREE(lsa_name);
2330                 return NT_STATUS_NO_MEMORY;
2331         }
2332
2333         *r->out.name = lsa_name;
2334
2335         return NT_STATUS_OK;
2336 }
2337
2338 /***************************************************************************
2339  _lsa_QuerySecurity
2340  ***************************************************************************/
2341
2342 NTSTATUS _lsa_QuerySecurity(struct pipes_struct *p,
2343                             struct lsa_QuerySecurity *r)
2344 {
2345         struct lsa_info *handle=NULL;
2346         struct security_descriptor *psd = NULL;
2347         size_t sd_size;
2348         NTSTATUS status;
2349
2350         /* find the connection policy handle. */
2351         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
2352                 return NT_STATUS_INVALID_HANDLE;
2353
2354         switch (handle->type) {
2355         case LSA_HANDLE_POLICY_TYPE:
2356                 status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
2357                                 &lsa_policy_mapping, NULL, 0);
2358                 break;
2359         case LSA_HANDLE_ACCOUNT_TYPE:
2360                 status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
2361                                 &lsa_account_mapping,
2362                                 &handle->sid, LSA_ACCOUNT_ALL_ACCESS);
2363                 break;
2364         default:
2365                 status = NT_STATUS_INVALID_HANDLE;
2366                 break;
2367         }
2368
2369         if (!NT_STATUS_IS_OK(status)) {
2370                 return status;
2371         }
2372
2373         *r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd);
2374         if (!*r->out.sdbuf) {
2375                 return NT_STATUS_NO_MEMORY;
2376         }
2377
2378         return status;
2379 }
2380
2381 /***************************************************************************
2382  _lsa_AddAccountRights
2383  ***************************************************************************/
2384
2385 NTSTATUS _lsa_AddAccountRights(struct pipes_struct *p,
2386                                struct lsa_AddAccountRights *r)
2387 {
2388         struct lsa_info *info = NULL;
2389         int i = 0;
2390         uint32_t acc_granted = 0;
2391         struct security_descriptor *psd = NULL;
2392         size_t sd_size;
2393         struct dom_sid sid;
2394         NTSTATUS status;
2395
2396         /* find the connection policy handle. */
2397         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2398                 return NT_STATUS_INVALID_HANDLE;
2399
2400         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2401                 return NT_STATUS_INVALID_HANDLE;
2402         }
2403
2404         /* get the generic lsa account SD for this SID until we store it */
2405         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
2406                                 &lsa_account_mapping,
2407                                 r->in.sid, LSA_ACCOUNT_ALL_ACCESS);
2408         if (!NT_STATUS_IS_OK(status)) {
2409                 return status;
2410         }
2411
2412         /*
2413          * From the MS DOCs. If the sid doesn't exist, ask for LSA_POLICY_CREATE_ACCOUNT
2414          * on the policy handle. If it does, ask for
2415          * LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS|LSA_ACCOUNT_VIEW,
2416          * on the account sid. We don't check here so just use the latter. JRA.
2417          */
2418
2419         status = access_check_object(psd, p->server_info->security_token,
2420                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0,
2421                                      LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS|LSA_ACCOUNT_VIEW,
2422                                      &acc_granted, "_lsa_AddAccountRights" );
2423         if (!NT_STATUS_IS_OK(status)) {
2424                 return status;
2425         }
2426
2427         /* according to an NT4 PDC, you can add privileges to SIDs even without
2428            call_lsa_create_account() first.  And you can use any arbitrary SID. */
2429
2430         sid_copy( &sid, r->in.sid );
2431
2432         for ( i=0; i < r->in.rights->count; i++ ) {
2433
2434                 const char *privname = r->in.rights->names[i].string;
2435
2436                 /* only try to add non-null strings */
2437
2438                 if ( !privname )
2439                         continue;
2440
2441                 if ( !grant_privilege_by_name( &sid, privname ) ) {
2442                         DEBUG(2,("_lsa_AddAccountRights: Failed to add privilege [%s]\n",
2443                                 privname ));
2444                         return NT_STATUS_NO_SUCH_PRIVILEGE;
2445                 }
2446         }
2447
2448         return NT_STATUS_OK;
2449 }
2450
2451 /***************************************************************************
2452  _lsa_RemoveAccountRights
2453  ***************************************************************************/
2454
2455 NTSTATUS _lsa_RemoveAccountRights(struct pipes_struct *p,
2456                                   struct lsa_RemoveAccountRights *r)
2457 {
2458         struct lsa_info *info = NULL;
2459         int i = 0;
2460         struct security_descriptor *psd = NULL;
2461         size_t sd_size;
2462         struct dom_sid sid;
2463         const char *privname = NULL;
2464         uint32_t acc_granted = 0;
2465         NTSTATUS status;
2466
2467         /* find the connection policy handle. */
2468         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2469                 return NT_STATUS_INVALID_HANDLE;
2470
2471         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2472                 return NT_STATUS_INVALID_HANDLE;
2473         }
2474
2475         /* get the generic lsa account SD for this SID until we store it */
2476         status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size,
2477                                 &lsa_account_mapping,
2478                                 r->in.sid, LSA_ACCOUNT_ALL_ACCESS);
2479         if (!NT_STATUS_IS_OK(status)) {
2480                 return status;
2481         }
2482
2483         /*
2484          * From the MS DOCs. We need
2485          * LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS|LSA_ACCOUNT_VIEW
2486          * and DELETE on the account sid.
2487          */
2488
2489         status = access_check_object(psd, p->server_info->security_token,
2490                                      SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0,
2491                                      LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS|
2492                                      LSA_ACCOUNT_VIEW|SEC_STD_DELETE,
2493                                      &acc_granted, "_lsa_RemoveAccountRights");
2494         if (!NT_STATUS_IS_OK(status)) {
2495                 return status;
2496         }
2497
2498         sid_copy( &sid, r->in.sid );
2499
2500         if ( r->in.remove_all ) {
2501                 if ( !revoke_all_privileges( &sid ) )
2502                         return NT_STATUS_ACCESS_DENIED;
2503
2504                 return NT_STATUS_OK;
2505         }
2506
2507         for ( i=0; i < r->in.rights->count; i++ ) {
2508
2509                 privname = r->in.rights->names[i].string;
2510
2511                 /* only try to add non-null strings */
2512
2513                 if ( !privname )
2514                         continue;
2515
2516                 if ( !revoke_privilege_by_name( &sid, privname ) ) {
2517                         DEBUG(2,("_lsa_RemoveAccountRights: Failed to revoke privilege [%s]\n",
2518                                 privname ));
2519                         return NT_STATUS_NO_SUCH_PRIVILEGE;
2520                 }
2521         }
2522
2523         return NT_STATUS_OK;
2524 }
2525
2526 /*******************************************************************
2527 ********************************************************************/
2528
2529 static NTSTATUS init_lsa_right_set(TALLOC_CTX *mem_ctx,
2530                                    struct lsa_RightSet *r,
2531                                    PRIVILEGE_SET *privileges)
2532 {
2533         uint32 i;
2534         const char *privname;
2535         const char **privname_array = NULL;
2536         int num_priv = 0;
2537
2538         for (i=0; i<privileges->count; i++) {
2539                 if (privileges->set[i].luid.high) {
2540                         continue;
2541                 }
2542                 privname = sec_privilege_name(privileges->set[i].luid.low);
2543                 if (privname) {
2544                         if (!add_string_to_array(mem_ctx, privname,
2545                                                  &privname_array, &num_priv)) {
2546                                 return NT_STATUS_NO_MEMORY;
2547                         }
2548                 }
2549         }
2550
2551         if (num_priv) {
2552
2553                 r->names = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_StringLarge,
2554                                              num_priv);
2555                 if (!r->names) {
2556                         return NT_STATUS_NO_MEMORY;
2557                 }
2558
2559                 for (i=0; i<num_priv; i++) {
2560                         init_lsa_StringLarge(&r->names[i], privname_array[i]);
2561                 }
2562
2563                 r->count = num_priv;
2564         }
2565
2566         return NT_STATUS_OK;
2567 }
2568
2569 /***************************************************************************
2570  _lsa_EnumAccountRights
2571  ***************************************************************************/
2572
2573 NTSTATUS _lsa_EnumAccountRights(struct pipes_struct *p,
2574                                 struct lsa_EnumAccountRights *r)
2575 {
2576         NTSTATUS status;
2577         struct lsa_info *info = NULL;
2578         PRIVILEGE_SET *privileges;
2579
2580         /* find the connection policy handle. */
2581
2582         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2583                 return NT_STATUS_INVALID_HANDLE;
2584
2585         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2586                 return NT_STATUS_INVALID_HANDLE;
2587         }
2588
2589         if (!(info->access & LSA_ACCOUNT_VIEW)) {
2590                 return NT_STATUS_ACCESS_DENIED;
2591         }
2592
2593         /* according to an NT4 PDC, you can add privileges to SIDs even without
2594            call_lsa_create_account() first.  And you can use any arbitrary SID. */
2595
2596         /* according to MS-LSAD 3.1.4.5.10 it is required to return
2597          * NT_STATUS_OBJECT_NAME_NOT_FOUND if the account sid was not found in
2598          * the lsa database */
2599
2600         status = get_privileges_for_sid_as_set(p->mem_ctx, &privileges, r->in.sid);
2601         if (!NT_STATUS_IS_OK(status)) {
2602                 return status;
2603         }
2604
2605         DEBUG(10,("_lsa_EnumAccountRights: %s has %d privileges\n",
2606                   sid_string_dbg(r->in.sid), privileges->count));
2607
2608         status = init_lsa_right_set(p->mem_ctx, r->out.rights, privileges);
2609
2610         return status;
2611 }
2612
2613 /***************************************************************************
2614  _lsa_LookupPrivValue
2615  ***************************************************************************/
2616
2617 NTSTATUS _lsa_LookupPrivValue(struct pipes_struct *p,
2618                               struct lsa_LookupPrivValue *r)
2619 {
2620         struct lsa_info *info = NULL;
2621         const char *name = NULL;
2622
2623         /* find the connection policy handle. */
2624
2625         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
2626                 return NT_STATUS_INVALID_HANDLE;
2627
2628         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2629                 return NT_STATUS_INVALID_HANDLE;
2630         }
2631
2632         if (!(info->access & LSA_POLICY_LOOKUP_NAMES))
2633                 return NT_STATUS_ACCESS_DENIED;
2634
2635         name = r->in.name->string;
2636
2637         DEBUG(10,("_lsa_lookup_priv_value: name = %s\n", name));
2638
2639         r->out.luid->low = sec_privilege_id(name);
2640         r->out.luid->high = 0;
2641         if (r->out.luid->low == SEC_PRIV_INVALID) {
2642                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2643         }
2644         return NT_STATUS_OK;
2645 }
2646
2647 /***************************************************************************
2648  _lsa_EnumAccountsWithUserRight
2649  ***************************************************************************/
2650
2651 NTSTATUS _lsa_EnumAccountsWithUserRight(struct pipes_struct *p,
2652                                         struct lsa_EnumAccountsWithUserRight *r)
2653 {
2654         NTSTATUS status;
2655         struct lsa_info *info = NULL;
2656         struct dom_sid *sids = NULL;
2657         int num_sids = 0;
2658         uint32_t i;
2659         enum sec_privilege privilege;
2660
2661         if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) {
2662                 return NT_STATUS_INVALID_HANDLE;
2663         }
2664
2665         if (info->type != LSA_HANDLE_POLICY_TYPE) {
2666                 return NT_STATUS_INVALID_HANDLE;
2667         }
2668
2669         if (!(info->access & LSA_POLICY_LOOKUP_NAMES)) {
2670                 return NT_STATUS_ACCESS_DENIED;
2671         }
2672
2673         if (!r->in.name || !r->in.name->string) {
2674                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2675         }
2676
2677         privilege = sec_privilege_id(r->in.name->string);
2678         if (privilege == SEC_PRIV_INVALID) {
2679                 return NT_STATUS_NO_SUCH_PRIVILEGE;
2680         }
2681
2682         status = privilege_enum_sids(privilege, p->mem_ctx,
2683                                      &sids, &num_sids);
2684         if (!NT_STATUS_IS_OK(status)) {
2685                 return status;
2686         }
2687
2688         r->out.sids->num_sids = num_sids;
2689         r->out.sids->sids = talloc_array(p->mem_ctx, struct lsa_SidPtr,
2690                                          r->out.sids->num_sids);
2691
2692         for (i=0; i < r->out.sids->num_sids; i++) {
2693                 r->out.sids->sids[i].sid = dom_sid_dup(r->out.sids->sids,
2694                                                           &sids[i]);
2695                 if (!r->out.sids->sids[i].sid) {
2696                         TALLOC_FREE(r->out.sids->sids);
2697                         r->out.sids->num_sids = 0;
2698                         return NT_STATUS_NO_MEMORY;
2699                 }
2700         }
2701
2702         return NT_STATUS_OK;
2703 }
2704
2705 /***************************************************************************
2706  _lsa_Delete
2707  ***************************************************************************/
2708
2709 NTSTATUS _lsa_Delete(struct pipes_struct *p,
2710                      struct lsa_Delete *r)
2711 {
2712         return NT_STATUS_NOT_SUPPORTED;
2713 }
2714
2715 /*
2716  * From here on the server routines are just dummy ones to make smbd link with
2717  * librpc/gen_ndr/srv_lsa.c. These routines are actually never called, we are
2718  * pulling the server stubs across one by one.
2719  */
2720
2721 NTSTATUS _lsa_SetSecObj(struct pipes_struct *p, struct lsa_SetSecObj *r)
2722 {
2723         p->rng_fault_state = True;
2724         return NT_STATUS_NOT_IMPLEMENTED;
2725 }
2726
2727 NTSTATUS _lsa_ChangePassword(struct pipes_struct *p,
2728                              struct lsa_ChangePassword *r)
2729 {
2730         p->rng_fault_state = True;
2731         return NT_STATUS_NOT_IMPLEMENTED;
2732 }
2733
2734 NTSTATUS _lsa_SetInfoPolicy(struct pipes_struct *p, struct lsa_SetInfoPolicy *r)
2735 {
2736         p->rng_fault_state = True;
2737         return NT_STATUS_NOT_IMPLEMENTED;
2738 }
2739
2740 NTSTATUS _lsa_ClearAuditLog(struct pipes_struct *p, struct lsa_ClearAuditLog *r)
2741 {
2742         p->rng_fault_state = True;
2743         return NT_STATUS_NOT_IMPLEMENTED;
2744 }
2745
2746 NTSTATUS _lsa_GetQuotasForAccount(struct pipes_struct *p,
2747                                   struct lsa_GetQuotasForAccount *r)
2748 {
2749         p->rng_fault_state = True;
2750         return NT_STATUS_NOT_IMPLEMENTED;
2751 }
2752
2753 NTSTATUS _lsa_SetQuotasForAccount(struct pipes_struct *p,
2754                                   struct lsa_SetQuotasForAccount *r)
2755 {
2756         p->rng_fault_state = True;
2757         return NT_STATUS_NOT_IMPLEMENTED;
2758 }
2759
2760 NTSTATUS _lsa_QueryTrustedDomainInfo(struct pipes_struct *p,
2761                                      struct lsa_QueryTrustedDomainInfo *r)
2762 {
2763         p->rng_fault_state = True;
2764         return NT_STATUS_NOT_IMPLEMENTED;
2765 }
2766
2767 NTSTATUS _lsa_SetInformationTrustedDomain(struct pipes_struct *p,
2768                                           struct lsa_SetInformationTrustedDomain *r)
2769 {
2770         p->rng_fault_state = True;
2771         return NT_STATUS_NOT_IMPLEMENTED;
2772 }
2773
2774 NTSTATUS _lsa_QuerySecret(struct pipes_struct *p, struct lsa_QuerySecret *r)
2775 {
2776         p->rng_fault_state = True;
2777         return NT_STATUS_NOT_IMPLEMENTED;
2778 }
2779
2780 NTSTATUS _lsa_QueryTrustedDomainInfoBySid(struct pipes_struct *p,
2781                                           struct lsa_QueryTrustedDomainInfoBySid *r)
2782 {
2783         p->rng_fault_state = True;
2784         return NT_STATUS_NOT_IMPLEMENTED;
2785 }
2786
2787 NTSTATUS _lsa_SetTrustedDomainInfo(struct pipes_struct *p,
2788                                    struct lsa_SetTrustedDomainInfo *r)
2789 {
2790         p->rng_fault_state = True;
2791         return NT_STATUS_NOT_IMPLEMENTED;
2792 }
2793
2794 NTSTATUS _lsa_StorePrivateData(struct pipes_struct *p,
2795                                struct lsa_StorePrivateData *r)
2796 {
2797         p->rng_fault_state = True;
2798         return NT_STATUS_NOT_IMPLEMENTED;
2799 }
2800
2801 NTSTATUS _lsa_RetrievePrivateData(struct pipes_struct *p,
2802                                   struct lsa_RetrievePrivateData *r)
2803 {
2804         p->rng_fault_state = True;
2805         return NT_STATUS_NOT_IMPLEMENTED;
2806 }
2807
2808 NTSTATUS _lsa_SetInfoPolicy2(struct pipes_struct *p,
2809                              struct lsa_SetInfoPolicy2 *r)
2810 {
2811         p->rng_fault_state = True;
2812         return NT_STATUS_NOT_IMPLEMENTED;
2813 }
2814
2815 NTSTATUS _lsa_QueryTrustedDomainInfoByName(struct pipes_struct *p,
2816                                            struct lsa_QueryTrustedDomainInfoByName *r)
2817 {
2818         p->rng_fault_state = True;
2819         return NT_STATUS_NOT_IMPLEMENTED;
2820 }
2821
2822 NTSTATUS _lsa_SetTrustedDomainInfoByName(struct pipes_struct *p,
2823                                          struct lsa_SetTrustedDomainInfoByName *r)
2824 {
2825         p->rng_fault_state = True;
2826         return NT_STATUS_NOT_IMPLEMENTED;
2827 }
2828
2829 NTSTATUS _lsa_EnumTrustedDomainsEx(struct pipes_struct *p,
2830                                    struct lsa_EnumTrustedDomainsEx *r)
2831 {
2832         p->rng_fault_state = True;
2833         return NT_STATUS_NOT_IMPLEMENTED;
2834 }
2835
2836 NTSTATUS _lsa_CloseTrustedDomainEx(struct pipes_struct *p,
2837                                    struct lsa_CloseTrustedDomainEx *r)
2838 {
2839         p->rng_fault_state = True;
2840         return NT_STATUS_NOT_IMPLEMENTED;
2841 }
2842
2843 NTSTATUS _lsa_QueryDomainInformationPolicy(struct pipes_struct *p,
2844                                            struct lsa_QueryDomainInformationPolicy *r)
2845 {
2846         p->rng_fault_state = True;
2847         return NT_STATUS_NOT_IMPLEMENTED;
2848 }
2849
2850 NTSTATUS _lsa_SetDomainInformationPolicy(struct pipes_struct *p,
2851                                          struct lsa_SetDomainInformationPolicy *r)
2852 {
2853         p->rng_fault_state = True;
2854         return NT_STATUS_NOT_IMPLEMENTED;
2855 }
2856
2857 NTSTATUS _lsa_OpenTrustedDomainByName(struct pipes_struct *p,
2858                                       struct lsa_OpenTrustedDomainByName *r)
2859 {
2860         p->rng_fault_state = True;
2861         return NT_STATUS_NOT_IMPLEMENTED;
2862 }
2863
2864 NTSTATUS _lsa_TestCall(struct pipes_struct *p, struct lsa_TestCall *r)
2865 {
2866         p->rng_fault_state = True;
2867         return NT_STATUS_NOT_IMPLEMENTED;
2868 }
2869
2870 NTSTATUS _lsa_CREDRWRITE(struct pipes_struct *p, struct lsa_CREDRWRITE *r)
2871 {
2872         p->rng_fault_state = True;
2873         return NT_STATUS_NOT_IMPLEMENTED;
2874 }
2875
2876 NTSTATUS _lsa_CREDRREAD(struct pipes_struct *p, struct lsa_CREDRREAD *r)
2877 {
2878         p->rng_fault_state = True;
2879         return NT_STATUS_NOT_IMPLEMENTED;
2880 }
2881
2882 NTSTATUS _lsa_CREDRENUMERATE(struct pipes_struct *p, struct lsa_CREDRENUMERATE *r)
2883 {
2884         p->rng_fault_state = True;
2885         return NT_STATUS_NOT_IMPLEMENTED;
2886 }
2887
2888 NTSTATUS _lsa_CREDRWRITEDOMAINCREDENTIALS(struct pipes_struct *p,
2889                                           struct lsa_CREDRWRITEDOMAINCREDENTIALS *r)
2890 {
2891         p->rng_fault_state = True;
2892         return NT_STATUS_NOT_IMPLEMENTED;
2893 }
2894
2895 NTSTATUS _lsa_CREDRREADDOMAINCREDENTIALS(struct pipes_struct *p,
2896                                          struct lsa_CREDRREADDOMAINCREDENTIALS *r)
2897 {
2898         p->rng_fault_state = True;
2899         return NT_STATUS_NOT_IMPLEMENTED;
2900 }
2901
2902 NTSTATUS _lsa_CREDRDELETE(struct pipes_struct *p, struct lsa_CREDRDELETE *r)
2903 {
2904         p->rng_fault_state = True;
2905         return NT_STATUS_NOT_IMPLEMENTED;
2906 }
2907
2908 NTSTATUS _lsa_CREDRGETTARGETINFO(struct pipes_struct *p,
2909                                  struct lsa_CREDRGETTARGETINFO *r)
2910 {
2911         p->rng_fault_state = True;
2912         return NT_STATUS_NOT_IMPLEMENTED;
2913 }
2914
2915 NTSTATUS _lsa_CREDRPROFILELOADED(struct pipes_struct *p,
2916                                  struct lsa_CREDRPROFILELOADED *r)
2917 {
2918         p->rng_fault_state = True;
2919         return NT_STATUS_NOT_IMPLEMENTED;
2920 }
2921
2922 NTSTATUS _lsa_CREDRGETSESSIONTYPES(struct pipes_struct *p,
2923                                    struct lsa_CREDRGETSESSIONTYPES *r)
2924 {
2925         p->rng_fault_state = True;
2926         return NT_STATUS_NOT_IMPLEMENTED;
2927 }
2928
2929 NTSTATUS _lsa_LSARREGISTERAUDITEVENT(struct pipes_struct *p,
2930                                      struct lsa_LSARREGISTERAUDITEVENT *r)
2931 {
2932         p->rng_fault_state = True;
2933         return NT_STATUS_NOT_IMPLEMENTED;
2934 }
2935
2936 NTSTATUS _lsa_LSARGENAUDITEVENT(struct pipes_struct *p,
2937                                 struct lsa_LSARGENAUDITEVENT *r)
2938 {
2939         p->rng_fault_state = True;
2940         return NT_STATUS_NOT_IMPLEMENTED;
2941 }
2942
2943 NTSTATUS _lsa_LSARUNREGISTERAUDITEVENT(struct pipes_struct *p,
2944                                        struct lsa_LSARUNREGISTERAUDITEVENT *r)
2945 {
2946         p->rng_fault_state = True;
2947         return NT_STATUS_NOT_IMPLEMENTED;
2948 }
2949
2950 NTSTATUS _lsa_lsaRQueryForestTrustInformation(struct pipes_struct *p,
2951                                               struct lsa_lsaRQueryForestTrustInformation *r)
2952 {
2953         p->rng_fault_state = True;
2954         return NT_STATUS_NOT_IMPLEMENTED;
2955 }
2956
2957 NTSTATUS _lsa_lsaRSetForestTrustInformation(struct pipes_struct *p,
2958                                             struct lsa_lsaRSetForestTrustInformation *r)
2959 {
2960         p->rng_fault_state = True;
2961         return NT_STATUS_NOT_IMPLEMENTED;
2962 }
2963
2964 NTSTATUS _lsa_CREDRRENAME(struct pipes_struct *p,
2965                           struct lsa_CREDRRENAME *r)
2966 {
2967         p->rng_fault_state = True;
2968         return NT_STATUS_NOT_IMPLEMENTED;
2969 }
2970
2971 NTSTATUS _lsa_LSAROPENPOLICYSCE(struct pipes_struct *p,
2972                                 struct lsa_LSAROPENPOLICYSCE *r)
2973 {
2974         p->rng_fault_state = True;
2975         return NT_STATUS_NOT_IMPLEMENTED;
2976 }
2977
2978 NTSTATUS _lsa_LSARADTREGISTERSECURITYEVENTSOURCE(struct pipes_struct *p,
2979                                                  struct lsa_LSARADTREGISTERSECURITYEVENTSOURCE *r)
2980 {
2981         p->rng_fault_state = True;
2982         return NT_STATUS_NOT_IMPLEMENTED;
2983 }
2984
2985 NTSTATUS _lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE(struct pipes_struct *p,
2986                                                    struct lsa_LSARADTUNREGISTERSECURITYEVENTSOURCE *r)
2987 {
2988         p->rng_fault_state = True;
2989         return NT_STATUS_NOT_IMPLEMENTED;
2990 }
2991
2992 NTSTATUS _lsa_LSARADTREPORTSECURITYEVENT(struct pipes_struct *p,
2993                                          struct lsa_LSARADTREPORTSECURITYEVENT *r)
2994 {
2995         p->rng_fault_state = True;
2996         return NT_STATUS_NOT_IMPLEMENTED;
2997 }