extern int DEBUGLEVEL;
-extern BOOL sam_logon_in_ssb;
-extern pstring samlogon_user;
extern fstring global_sam_name;
extern pstring global_myname;
extern DOM_SID global_sam_sid;
continue;
}
- user_name_len = strlen(pwd->smb_name);
- make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len);
+ user_name_len = strlen(pwd->nt_name);
+ make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->nt_name, user_name_len);
make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len,
user_name_len, 1);
pw_buf[(*num_entries)].user_rid = pwd->user_rid;
pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl;
DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
- (*num_entries), pwd->smb_name,
+ (*num_entries), pwd->nt_name,
pwd->user_rid, pwd->acct_ctrl));
if (acb_mask == 0 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask))
SAMR_R_ENUM_DOM_GROUPS r_e;
DOMAIN_GRP *grps = NULL;
int num_entries = 0;
- BOOL got_grps;
+ BOOL got_grps = False;
DOM_SID sid;
fstring sid_str;
DEBUG(5,("samr_reply_enum_dom_groups: sid %s\n", sid_str));
- /* well-known groups */
- if (sid_equal(&sid, &global_sid_S_1_5_20))
+ if (sid_equal(&sid, &global_sam_sid))
{
- char *name;
+ BOOL ret;
got_grps = True;
- while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
- {
- DOMAIN_GRP tmp_grp;
-
- fstrcpy(tmp_grp.name , name);
- fstrcpy(tmp_grp.comment, "");
- tmp_grp.rid = domain_group_rids[num_entries].rid;
- tmp_grp.attr = 0x7;
+ become_root(True);
+ ret = enumdomgroups(&grps, &num_entries);
+ unbecome_root(True);
- if (!add_domain_group(&grps, &num_entries, &tmp_grp))
- {
- r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
- break;
- }
+ if (!ret)
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
}
}
- else if (sid_equal(&sid, &global_sam_sid))
+
+ if (r_e.status == 0x0 &&
+ (sid_equal(&sid, &global_sam_sid) ||
+ sid_equal(&sid, &global_sid_S_1_5_20)))
{
- BOOL ret;
char *name;
+ int i = 0;
got_grps = True;
- while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
+ while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[i].name) != NULL))
{
DOMAIN_GRP tmp_grp;
fstrcpy(tmp_grp.name , name);
fstrcpy(tmp_grp.comment, "");
- tmp_grp.rid = domain_group_rids[num_entries].rid;
+ tmp_grp.rid = domain_group_rids[i].rid;
tmp_grp.attr = 0x7;
if (!add_domain_group(&grps, &num_entries, &tmp_grp))
r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
break;
}
- }
- become_root(True);
- ret = enumdomgroups(&grps, &num_entries);
- unbecome_root(True);
- if (!ret)
- {
- r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+ i++;
}
}
samr_reply_query_dispinfo(&q_e, rdata);
}
+/*******************************************************************
+ samr_reply_query_groupmem
+ ********************************************************************/
+static void samr_reply_query_groupmem(SAMR_Q_QUERY_GROUPMEM *q_u,
+ prs_struct *rdata)
+{
+ uint32 status = 0;
+
+ DOMAIN_GRP_MEMBER *mem_grp = NULL;
+ uint32 *rid = NULL;
+ uint32 *attr = NULL;
+ int num_rids = 0;
+ DOM_SID group_sid;
+ uint32 group_rid;
+ fstring group_sid_str;
+
+ SAMR_R_QUERY_GROUPMEM r_u;
+
+ DEBUG(5,("samr_query_groupmem: %d\n", __LINE__));
+
+ /* find the policy handle. open a policy on it. */
+ if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->group_pol, &group_sid))
+ {
+ status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+ else
+ {
+ sid_to_string(group_sid_str, &group_sid );
+ sid_split_rid(&group_sid, &group_rid);
+ }
+
+ if (status == 0x0)
+ {
+ DEBUG(10,("sid is %s\n", group_sid_str));
+
+ if (sid_equal(&group_sid, &global_sam_sid))
+ {
+ DEBUG(10,("lookup on Domain SID\n"));
+
+ become_root(True);
+ status = getgrouprid(group_rid, &mem_grp, &num_rids) != NULL ? 0x0 : 0xC0000000 | NT_STATUS_NO_SUCH_GROUP;
+ unbecome_root(True);
+ }
+ else
+ {
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+ }
+ }
+
+ if (status == 0x0 && num_rids > 0)
+ {
+ rid = malloc(num_rids * sizeof(uint32));
+ attr = malloc(num_rids * sizeof(uint32));
+ if (mem_grp != NULL && rid != NULL && attr != NULL)
+ {
+ int i;
+ for (i = 0; i < num_rids; i++)
+ {
+ rid [i] = mem_grp[i].rid;
+ attr[i] = mem_grp[i].attr;
+ }
+ free(mem_grp);
+ }
+ }
+
+ make_samr_r_query_groupmem(&r_u, num_rids, rid, attr, status);
+
+ /* store the response in the SMB stream */
+ samr_io_r_query_groupmem("", &r_u, rdata, 0);
+
+ if (rid != NULL)
+ {
+ free(rid);
+ }
+
+ if (attr != NULL)
+ {
+ free(attr);
+ }
+
+ DEBUG(5,("samr_query_groupmem: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_query_groupmem
+ ********************************************************************/
+static void api_samr_query_groupmem( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+ SAMR_Q_QUERY_GROUPMEM q_u;
+
+ /* grab the samr 0x19 */
+ samr_io_q_query_groupmem("", &q_u, data, 0);
+
+ /* construct reply. always indicate success */
+ samr_reply_query_groupmem(&q_u, rdata);
+}
+
+
+/*******************************************************************
+ samr_reply_query_groupinfo
+ ********************************************************************/
+static void samr_reply_query_groupinfo(SAMR_Q_QUERY_GROUPINFO *q_u,
+ prs_struct *rdata)
+{
+ SAMR_R_QUERY_GROUPINFO r_e;
+ GROUP_INFO_CTR ctr;
+ uint32 status = 0x0;
+
+ r_e.ptr = 0;
+
+ /* find the policy handle. open a policy on it. */
+ if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
+ {
+ r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+
+ DEBUG(5,("samr_reply_query_groupinfo: %d\n", __LINE__));
+
+ if (status == 0x0)
+ {
+ if (q_u->switch_level == 1)
+ {
+ r_e.ptr = 1;
+ ctr.switch_value = 1;
+ make_samr_group_info1(&ctr.group.info1, "account name", "account description");
+ }
+ else if (q_u->switch_level == 4)
+ {
+ r_e.ptr = 1;
+ ctr.switch_value = 4;
+ make_samr_group_info4(&ctr.group.info4, "account description");
+ }
+ else
+ {
+ status = NT_STATUS_INVALID_INFO_CLASS;
+ }
+ }
+
+ make_samr_r_query_groupinfo(&r_e, status == 0 ? &ctr : NULL, status);
+
+ /* store the response in the SMB stream */
+ samr_io_r_query_groupinfo("", &r_e, rdata, 0);
+
+ DEBUG(5,("samr_query_groupinfo: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_query_groupinfo
+ ********************************************************************/
+static void api_samr_query_groupinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+ SAMR_Q_QUERY_GROUPINFO q_e;
+
+ /* grab the samr open */
+ samr_io_q_query_groupinfo("", &q_e, data, 0);
+
+ /* construct reply. */
+ samr_reply_query_groupinfo(&q_e, rdata);
+}
+
/*******************************************************************
samr_reply_query_aliasinfo
prs_struct *rdata)
{
SAMR_R_QUERY_ALIASINFO r_e;
+ ALIAS_INFO_CTR ctr;
+ uint32 status = 0x0;
- r_e.status = 0x0;
r_e.ptr = 0;
/* find the policy handle. open a policy on it. */
DEBUG(5,("samr_reply_query_aliasinfo: %d\n", __LINE__));
- if (r_e.status == 0x0)
+ if (status == 0x0)
{
- if (q_u->switch_level != 3)
+ if (q_u->switch_level == 3)
{
- r_e.status = NT_STATUS_INVALID_INFO_CLASS;
+ r_e.ptr = 1;
+ ctr.switch_value = 3;
+ make_samr_alias_info3(&ctr.alias.info3, "<account description>");
+ }
+ else
+ {
+ status = NT_STATUS_INVALID_INFO_CLASS;
}
}
- make_samr_r_query_aliasinfo(&r_e, q_u->switch_level,
- "<account description>",
- r_e.status);
+ make_samr_r_query_aliasinfo(&r_e, status == 0 ? &ctr : NULL, status);
/* store the response in the SMB stream */
samr_io_r_query_aliasinfo("", &r_e, rdata, 0);
/*******************************************************************
- samr_reply_lookup_ids
+ samr_reply_query_useraliases
********************************************************************/
-static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
+static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u,
prs_struct *rdata)
{
- uint32 rid[MAX_SAM_ENTRIES];
- uint32 status = 0;
+ uint32 status = 0;
+
+ LOCAL_GRP *mem_grp = NULL;
+ uint32 *rid = NULL;
int num_rids = 0;
- int i;
struct sam_passwd *sam_pass;
DOM_SID usr_sid;
DOM_SID dom_sid;
fstring dom_sid_str;
fstring usr_sid_str;
- SAMR_R_LOOKUP_IDS r_u;
+ SAMR_R_QUERY_USERALIASES r_u;
- DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
+ DEBUG(5,("samr_query_useraliases: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &dom_sid))
sid_to_string(sam_sid_str, &global_sam_sid);
}
- if (num_rids > MAX_SAM_ENTRIES)
- {
- num_rids = MAX_SAM_ENTRIES;
- DEBUG(5,("samr_lookup_ids: truncating entries to %d\n", num_rids));
- }
-
if (status == 0x0)
{
usr_sid = q_u->sid[0].sid;
if (status == 0x0)
{
+ DEBUG(10,("sid is %s\n", dom_sid_str));
+
if (sid_equal(&dom_sid, &global_sid_S_1_5_20))
{
- DEBUG(5,("lookup on S-1-5-20\n"));
+ DEBUG(10,("lookup on S-1-5-20\n"));
+
+ become_root(True);
+ getuserbuiltinntnam(sam_pass->nt_name, &mem_grp, &num_rids);
+ unbecome_root(True);
}
else if (sid_equal(&dom_sid, &usr_sid))
{
- DOMAIN_GRP *mem_grp = NULL;
-
- DEBUG(5,("lookup on Domain SID\n"));
+ DEBUG(10,("lookup on Domain SID\n"));
become_root(True);
- getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_rids);
+ getuseraliasntnam(sam_pass->nt_name, &mem_grp, &num_rids);
unbecome_root(True);
+ }
+ else
+ {
+ status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
+ }
+ }
- num_rids = MIN(num_rids, MAX_SAM_ENTRIES);
-
- if (mem_grp != NULL)
+ if (status == 0x0 && num_rids > 0)
+ {
+ rid = malloc(num_rids * sizeof(uint32));
+ if (mem_grp != NULL && rid != NULL)
{
+ int i;
for (i = 0; i < num_rids; i++)
{
rid[i] = mem_grp[i].rid;
}
free(mem_grp);
- }
+ }
+ }
+
+ make_samr_r_query_useraliases(&r_u, num_rids, rid, status);
+
+ /* store the response in the SMB stream */
+ samr_io_r_query_useraliases("", &r_u, rdata, 0);
+
+ if (rid != NULL)
+ {
+ free(rid);
+ }
+
+ DEBUG(5,("samr_query_useraliases: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_query_useraliases
+ ********************************************************************/
+static void api_samr_query_useraliases( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+ SAMR_Q_QUERY_USERALIASES q_u;
+
+ /* grab the samr 0x10 */
+ samr_io_q_query_useraliases("", &q_u, data, 0);
+
+ /* construct reply. always indicate success */
+ samr_reply_query_useraliases(&q_u, rdata);
+}
+
+/*******************************************************************
+ samr_reply_query_aliasmem
+ ********************************************************************/
+static void samr_reply_query_aliasmem(SAMR_Q_QUERY_ALIASMEM *q_u,
+ prs_struct *rdata)
+{
+ uint32 status = 0;
+
+ LOCAL_GRP_MEMBER *mem_grp = NULL;
+ DOM_SID2 *sid = NULL;
+ int num_sids = 0;
+ DOM_SID alias_sid;
+ uint32 alias_rid;
+ fstring alias_sid_str;
+
+ SAMR_R_QUERY_ALIASMEM r_u;
+
+ DEBUG(5,("samr_query_aliasmem: %d\n", __LINE__));
+
+ /* find the policy handle. open a policy on it. */
+ if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->alias_pol, &alias_sid))
+ {
+ status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+ else
+ {
+ sid_to_string(alias_sid_str, &alias_sid );
+ sid_split_rid(&alias_sid, &alias_rid);
+ }
+
+ if (status == 0x0)
+ {
+ DEBUG(10,("sid is %s\n", alias_sid_str));
+
+ if (sid_equal(&alias_sid, &global_sid_S_1_5_20))
+ {
+ DEBUG(10,("lookup on S-1-5-20\n"));
+
+ become_root(True);
+ status = getbuiltinrid(alias_rid, &mem_grp, &num_sids) != NULL ? 0x0 : 0xC0000000 | NT_STATUS_NO_SUCH_GROUP;
+ unbecome_root(True);
+ }
+ else if (sid_equal(&alias_sid, &global_sam_sid))
+ {
+ DEBUG(10,("lookup on Domain SID\n"));
+
+ become_root(True);
+ status = getaliasrid(alias_rid, &mem_grp, &num_sids) != NULL ? 0x0 : 0xC0000000 | NT_STATUS_NO_SUCH_GROUP;
+ unbecome_root(True);
}
else
{
}
}
- make_samr_r_lookup_ids(&r_u, num_rids, rid, status);
+ if (status == 0x0 && num_sids > 0)
+ {
+ sid = malloc(num_sids * sizeof(DOM_SID));
+ if (mem_grp != NULL && sid != NULL)
+ {
+ int i;
+ for (i = 0; i < num_sids; i++)
+ {
+ make_dom_sid2(&sid[i], &mem_grp[i].sid);
+ }
+ free(mem_grp);
+ }
+ }
+
+ make_samr_r_query_aliasmem(&r_u, num_sids, sid, status);
/* store the response in the SMB stream */
- samr_io_r_lookup_ids("", &r_u, rdata, 0);
+ samr_io_r_query_aliasmem("", &r_u, rdata, 0);
- DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
+ if (sid != NULL)
+ {
+ free(sid);
+ }
+
+ DEBUG(5,("samr_query_aliasmem: %d\n", __LINE__));
}
/*******************************************************************
- api_samr_lookup_ids
+ api_samr_query_aliasmem
********************************************************************/
-static void api_samr_lookup_ids( uint16 vuid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_aliasmem( uint16 vuid, prs_struct *data, prs_struct *rdata)
{
- SAMR_Q_LOOKUP_IDS q_u;
+ SAMR_Q_QUERY_ALIASMEM q_u;
- /* grab the samr 0x10 */
- samr_io_q_lookup_ids("", &q_u, data, 0);
+ /* grab the samr 0x21 */
+ samr_io_q_query_aliasmem("", &q_u, data, 0);
/* construct reply. always indicate success */
- samr_reply_lookup_ids(&q_u, rdata);
+ samr_reply_query_aliasmem(&q_u, rdata);
}
/*******************************************************************
for (i = 0; i < num_rids && status == 0; i++)
{
+ DOM_SID sid;
fstring name;
fstrcpy(name, unistrn2(q_u->uni_user_name[i].buffer, q_u->uni_user_name[i].uni_str_len));
- status = lookup_rid(name, &(rid[i]), &(type[i]));
+ status = lookup_name(name, &sid, &(type[i]));
+ if (status == 0x0)
+ {
+ sid_split_rid(&sid, &rid[i]);
+ }
+ else
+ {
+ type[i] = SID_NAME_UNKNOWN;
+ }
}
make_samr_r_lookup_names(&r_u, num_rids, rid, type, status);
prs_struct *rdata)
{
fstring group_names[MAX_SAM_ENTRIES];
- uint32 group_attrs[MAX_SAM_ENTRIES];
+ uint8 group_attrs[MAX_SAM_ENTRIES];
uint32 status = 0;
int num_gids = q_u->num_gids1;
+ DOM_SID pol_sid;
SAMR_R_UNKNOWN_12 r_u;
status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
}
+ if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &pol_sid))
+ {
+ status = NT_STATUS_OBJECT_TYPE_MISMATCH;
+ }
+
if (status == 0x0)
{
int i;
for (i = 0; i < num_gids && status == 0; i++)
{
- fstrcpy(group_names[i], "dummy group");
- group_attrs[i] = 0x2;
+ DOM_SID sid;
+ sid_copy(&sid, &pol_sid);
+ sid_append_rid(&sid, q_u->gid[i]);
+ lookup_sid(&sid, group_names[i], &group_attrs[i]);
}
}
*************************************************************************/
static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
{
- struct smb_passwd *smb_pass;
-
- if (!pwdb_rid_is_user(user_rid))
- {
- DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
- return False;
- }
+ struct sam_passwd *sam_pass;
become_root(True);
- smb_pass = getsmbpwrid(user_rid);
+ sam_pass = getsam21pwrid(user_rid);
unbecome_root(True);
- if (smb_pass == NULL)
+ if (sam_pass == NULL)
{
DEBUG(4,("User 0x%x not found\n", user_rid));
return False;
}
- DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
+ DEBUG(3,("User:[%s]\n", sam_pass->nt_name));
- make_sam_user_info10(id10, smb_pass->acct_ctrl);
+ make_sam_user_info10(id10, sam_pass->acct_ctrl);
return True;
}
*************************************************************************/
static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
{
- NTTIME dummy_time;
struct sam_passwd *sam_pass;
LOGON_HRS hrs;
int i;
- if (!pwdb_rid_is_user(user_rid))
- {
- DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
- return False;
- }
-
become_root(True);
sam_pass = getsam21pwrid(user_rid);
unbecome_root(True);
return False;
}
- DEBUG(3,("User:[%s]\n", sam_pass->smb_name));
-
- dummy_time.low = 0xffffffff;
- dummy_time.high = 0x7fffffff;
-
- DEBUG(0,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n"));
+ DEBUG(3,("User:[%s]\n", sam_pass->nt_name));
/* create a LOGON_HRS structure */
hrs.len = sam_pass->hours_len;
make_sam_user_info21(id21,
- &dummy_time, /* logon_time */
- &dummy_time, /* logoff_time */
- &dummy_time, /* kickoff_time */
- &dummy_time, /* pass_last_set_time */
- &dummy_time, /* pass_can_change_time */
- &dummy_time, /* pass_must_change_time */
+ &sam_pass->logon_time,
+ &sam_pass->logoff_time,
+ &sam_pass->kickoff_time,
+ &sam_pass->pass_last_set_time,
+ &sam_pass->pass_can_change_time,
+ &sam_pass->pass_must_change_time,
- sam_pass->smb_name, /* user_name */
+ sam_pass->nt_name, /* user_name */
sam_pass->full_name, /* full_name */
sam_pass->home_dir, /* home_dir */
sam_pass->dir_drive, /* dir_drive */
sam_pass->user_rid, /* RID user_id */
sam_pass->group_rid, /* RID group_id */
- sam_pass->acct_ctrl,
+ sam_pass->acct_ctrl,
- sam_pass->unknown_3, /* unknown_3 */
- sam_pass->logon_divs, /* divisions per week */
- &hrs, /* logon hours */
- sam_pass->unknown_5,
- sam_pass->unknown_6);
+ sam_pass->unknown_3, /* unknown_3 */
+ sam_pass->logon_divs, /* divisions per week */
+ &hrs, /* logon hours */
+ sam_pass->unknown_5,
+ sam_pass->unknown_6);
return True;
}
DOMAIN_GRP *mem_grp = NULL;
become_root(True);
- getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_groups);
+ getusergroupsntnam(sam_pass->nt_name, &mem_grp, &num_groups);
unbecome_root(True);
gids = NULL;
q_u.uni_mach_acct.uni_str_len));
become_root(True);
- sam_pass = getsam21pwnam(mach_acct);
+ sam_pass = getsam21pwntnam(mach_acct);
unbecome_root(True);
if (sam_pass != NULL)
prs_struct *rdata)
{
SAMR_R_OPEN_ALIAS r_u;
+ DOM_SID sid;
BOOL pol_open = False;
/* set up the SAMR open_alias response */
r_u.status = 0x0;
+ if (r_u.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->dom_pol, &sid))
+ {
+ r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+
/* get a (unique) handle. open a policy on it. */
if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.pol))))
{
r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
+ DEBUG(0,("TODO: verify that the alias rid exists\n"));
+
/* associate a RID with the (unique) handle. */
if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.pol), q_u->rid_alias))
{
r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
+ sid_append_rid(&sid, q_u->rid_alias);
+
+ /* associate an alias SID with the (unique) handle. */
+ if (r_u.status == 0x0 && !set_lsa_policy_samr_sid(&(r_u.pol), &sid))
+ {
+ /* oh, whoops. don't know what error message to return, here */
+ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
if (r_u.status != 0 && pol_open)
{
close_lsa_policy_hnd(&(r_u.pol));
samr_reply_open_alias(&q_u, rdata);
}
+/*******************************************************************
+ samr_reply_open_group
+ ********************************************************************/
+static void samr_reply_open_group(SAMR_Q_OPEN_GROUP *q_u,
+ prs_struct *rdata)
+{
+ SAMR_R_OPEN_GROUP r_u;
+ DOM_SID sid;
+ BOOL pol_open = False;
+
+ /* set up the SAMR open_group response */
+
+ r_u.status = 0x0;
+ if (r_u.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->domain_pol, &sid))
+ {
+ r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+ }
+
+ /* get a (unique) handle. open a policy on it. */
+ if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.pol))))
+ {
+ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ DEBUG(0,("TODO: verify that the group rid exists\n"));
+
+ /* associate a RID with the (unique) handle. */
+ if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.pol), q_u->rid_group))
+ {
+ /* oh, whoops. don't know what error message to return, here */
+ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ sid_append_rid(&sid, q_u->rid_group);
+
+ /* associate an group SID with the (unique) handle. */
+ if (r_u.status == 0x0 && !set_lsa_policy_samr_sid(&(r_u.pol), &sid))
+ {
+ /* oh, whoops. don't know what error message to return, here */
+ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
+
+ if (r_u.status != 0 && pol_open)
+ {
+ close_lsa_policy_hnd(&(r_u.pol));
+ }
+
+ DEBUG(5,("samr_open_group: %d\n", __LINE__));
+
+ /* store the response in the SMB stream */
+ samr_io_r_open_group("", &r_u, rdata, 0);
+
+ DEBUG(5,("samr_open_group: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_open_group
+ ********************************************************************/
+static void api_samr_open_group( uint16 vuid, prs_struct *data, prs_struct *rdata)
+
+{
+ SAMR_Q_OPEN_GROUP q_u;
+
+ /* grab the samr open policy */
+ samr_io_q_open_group("", &q_u, data, 0);
+
+ /* construct reply. always indicate success */
+ samr_reply_open_group(&q_u, rdata);
+}
+
/*******************************************************************
array of \PIPE\samr operations
********************************************************************/
{ "SAMR_ENUM_DOM_USERS" , SAMR_ENUM_DOM_USERS , api_samr_enum_dom_users },
{ "SAMR_ENUM_DOM_GROUPS" , SAMR_ENUM_DOM_GROUPS , api_samr_enum_dom_groups },
{ "SAMR_ENUM_DOM_ALIASES" , SAMR_ENUM_DOM_ALIASES , api_samr_enum_dom_aliases },
- { "SAMR_LOOKUP_IDS" , SAMR_LOOKUP_IDS , api_samr_lookup_ids },
+ { "SAMR_QUERY_USERALIASES", SAMR_QUERY_USERALIASES, api_samr_query_useraliases},
+ { "SAMR_QUERY_ALIASMEM" , SAMR_QUERY_ALIASMEM , api_samr_query_aliasmem },
+ { "SAMR_QUERY_GROUPMEM" , SAMR_QUERY_GROUPMEM , api_samr_query_groupmem },
{ "SAMR_LOOKUP_NAMES" , SAMR_LOOKUP_NAMES , api_samr_lookup_names },
{ "SAMR_OPEN_USER" , SAMR_OPEN_USER , api_samr_open_user },
{ "SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo },
- { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info },
+ { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info },
{ "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups },
{ "SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo },
{ "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo },
+ { "SAMR_QUERY_GROUPINFO" , SAMR_QUERY_GROUPINFO , api_samr_query_groupinfo },
{ "SAMR_0x32" , 0x32 , api_samr_unknown_32 },
{ "SAMR_UNKNOWN_12" , SAMR_UNKNOWN_12 , api_samr_unknown_12 },
{ "SAMR_UNKNOWN_38" , SAMR_UNKNOWN_38 , api_samr_unknown_38 },
{ "SAMR_CHGPASSWD_USER" , SAMR_CHGPASSWD_USER , api_samr_chgpasswd_user },
{ "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
+ { "SAMR_OPEN_GROUP" , SAMR_OPEN_GROUP , api_samr_open_group },
{ "SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain },
{ "SAMR_UNKNOWN_3" , SAMR_UNKNOWN_3 , api_samr_unknown_3 },
{ "SAMR_UNKNOWN_2C" , SAMR_UNKNOWN_2C , api_samr_unknown_2c },