uninitialised counter

[samba.git] / source3 / rpc_server / srv_samr.c
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c

index b0742d0e341b8775c21d1782615815cdba08fd9f..5718887906dcebfbbd827eddf2c6d7d44f50157a 100644 (file)
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -30,10 +30,15 @@ extern int DEBUGLEVEL;
  
  extern BOOL sam_logon_in_ssb;
  extern pstring samlogon_user;
-extern DOM_SID global_machine_sid;
+extern fstring global_sam_name;
+extern pstring global_myname;
+extern DOM_SID global_sam_sid;
+extern DOM_SID global_sid_S_1_1;
+extern DOM_SID global_sid_S_1_5_20;
  
  extern rid_name domain_group_rids[];
  extern rid_name domain_alias_rids[];
+extern rid_name builtin_alias_rids[];
  
  /*******************************************************************
    This next function should be replaced with something that
@@ -41,12 +46,13 @@ extern rid_name domain_alias_rids[];
   ********************************************************************/
  
  static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
+                               int start_idx,
                                  int *total_entries, int *num_entries,
                                  int max_num_entries,
                                  uint16 acb_mask)
  {
         void *vp = NULL;
-       struct smb_passwd *pwd = NULL;
+       struct sam_passwd *pwd = NULL;
  
         (*num_entries) = 0;
         (*total_entries) = 0;
@@ -60,13 +66,24 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
                 return False;
         }
  
-       while (((pwd = getsmbpwent(vp)) != NULL) && (*num_entries) < max_num_entries)
+       while (((pwd = getsam21pwent(vp)) != NULL) && (*num_entries) < max_num_entries)
         {
-               int user_name_len = strlen(pwd->smb_name);
-               make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len-1);
-               make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len-1, 
-                              user_name_len-1, 1);
-               pw_buf[(*num_entries)].user_rid = pwd->smb_userid;
+               int user_name_len;
+
+               if (start_idx > 0)
+               {
+                       /* skip the requested number of entries.
+                          not very efficient, but hey...
+                        */
+                       start_idx--;
+                       continue;
+               }
+
+               user_name_len = strlen(pwd->smb_name);
+               make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len);
+               make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len, 
+                              user_name_len, 1);
+               pw_buf[(*num_entries)].user_rid = pwd->user_rid;
                 bzero( pw_buf[(*num_entries)].nt_pwd , 16);
  
                 /* Now check if the NT compatible password is available. */
@@ -77,8 +94,9 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
  
                 pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl;
  
-               DEBUG(5, ("get_smbpwd_entries: idx: %d user %s, uid %d, acb %x",
-               (*num_entries), pwd->smb_name, pwd->smb_userid, pwd->acct_ctrl));
+               DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
+                         (*num_entries), pwd->smb_name,
+                         pwd->user_rid, pwd->acct_ctrl));
  
                 if (acb_mask == 0 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask))
                 {
@@ -131,7 +149,7 @@ static void samr_reply_close_hnd(SAMR_Q_CLOSE_HND *q_u,
  /*******************************************************************
   api_samr_close_hnd
   ********************************************************************/
-static void api_samr_close_hnd( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_close_hnd( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_CLOSE_HND q_u;
  
@@ -151,12 +169,11 @@ static void samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
  {
         SAMR_R_OPEN_DOMAIN r_u;
         BOOL pol_open = False;
-       int pol_idx;
  
         r_u.status = 0x0;
  
         /* find the connection policy handle. */
-       if (r_u.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->connect_pol))) == -1))
+       if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->connect_pol)) == -1))
         {
                 r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -191,7 +208,7 @@ static void samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
  /*******************************************************************
   api_samr_open_domain
   ********************************************************************/
-static void api_samr_open_domain( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_open_domain( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_OPEN_DOMAIN q_u;
  
@@ -203,6 +220,53 @@ static void api_samr_open_domain( int uid, prs_struct *data, prs_struct *rdata)
  }
  
  
+/*******************************************************************
+ samr_reply_unknown_2c
+ ********************************************************************/
+static void samr_reply_unknown_2c(SAMR_Q_UNKNOWN_2C *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_UNKNOWN_2C r_u;
+       uint32 status = 0x0;
+
+       /* find the policy handle.  open a policy on it. */
+       if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
+       {
+               status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+       }
+
+       /* find the user's rid */
+       if ((status == 0x0) && (get_lsa_policy_samr_rid(&(q_u->user_pol)) == 0xffffffff))
+       {
+               status = NT_STATUS_OBJECT_TYPE_MISMATCH;
+       }
+
+       make_samr_r_unknown_2c(&r_u, status);
+
+       DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
+
+       /* store the response in the SMB stream */
+       samr_io_r_unknown_2c("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_unknown_2c
+ ********************************************************************/
+static void api_samr_unknown_2c( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_UNKNOWN_2C q_u;
+
+       /* grab the samr open */
+       samr_io_q_unknown_2c("", &q_u, data, 0);
+
+       /* construct reply.  always indicate success */
+       samr_reply_unknown_2c(&q_u, rdata);
+}
+
+
  /*******************************************************************
   samr_reply_unknown_3
   ********************************************************************/
@@ -211,14 +275,13 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
  {
         SAMR_R_UNKNOWN_3 r_u;
         DOM_SID3 sid[MAX_SAM_SIDS];
-       int pol_idx;
         uint32 rid;
         uint32 status;
  
         status = 0x0;
  
         /* find the policy handle.  open a policy on it. */
-       if (status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->user_pol))) == -1))
+       if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
         {
                 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -231,24 +294,21 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
  
         if (status == 0x0)
         {
-        DOM_SID user_sid;
-        DOM_SID other_sid;
-
-        user_sid = global_machine_sid;
+               DOM_SID usr_sid;
  
-       ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1);
+               usr_sid = global_sam_sid;
  
-        /*
-         * Add the user RID.
-         */
-        user_sid.sub_auths[user_sid.num_auths++] = rid;
-        
-               string_to_sid(&other_sid, "S-1-1");
+               SMB_ASSERT_ARRAY(usr_sid.sub_auths, usr_sid.num_auths+1);
  
-               /* maybe need another 1 or 2 (S-1-5-20-0x220 and S-1-5-20-0x224) */
+               /*
+                * Add the user RID.
+                */
+               sid_append_rid(&usr_sid, rid);
+               
+               /* maybe need another 1 or 2 (S-1-5-0x20-0x220 and S-1-5-20-0x224) */
                 /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
-               make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &other_sid);
-               make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &user_sid);
+               make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &global_sid_S_1_1);
+               make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &usr_sid);
         }
  
         make_samr_r_unknown_3(&r_u,
@@ -268,7 +328,7 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
  /*******************************************************************
   api_samr_unknown_3
   ********************************************************************/
-static void api_samr_unknown_3( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_unknown_3( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_UNKNOWN_3 q_u;
  
@@ -290,14 +350,12 @@ static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u,
         SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
         int num_entries;
         int total_entries;
-       int pol_idx;
-       BOOL got_pwds;
  
         r_e.status = 0x0;
         r_e.total_num_entries = 0;
  
         /* find the policy handle.  open a policy on it. */
-       if (r_e.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -305,7 +363,7 @@ static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u,
         DEBUG(5,("samr_reply_enum_dom_users: %d\n", __LINE__));
  
         become_root(True);
-       got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
+       get_sampwd_entries(pass, 0, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
         unbecome_root(True);
  
         make_samr_r_enum_dom_users(&r_e, total_entries,
@@ -322,7 +380,7 @@ static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u,
  /*******************************************************************
   api_samr_enum_dom_users
   ********************************************************************/
-static void api_samr_enum_dom_users( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_enum_dom_users( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_ENUM_DOM_USERS q_e;
  
@@ -341,44 +399,102 @@ static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
                                 prs_struct *rdata)
  {
         SAMR_R_ENUM_DOM_GROUPS r_e;
-       SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
-       int num_entries;
-       int pol_idx;
+       DOMAIN_GRP *grps = NULL;
+       int num_entries = 0;
         BOOL got_grps;
-       char *dummy_group = "Domain Admins";
+       DOM_SID sid;
+       fstring sid_str;
  
         r_e.status = 0x0;
         r_e.num_entries = 0;
  
         /* find the policy handle.  open a policy on it. */
-       if (r_e.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid))
         {
                 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
  
-       DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
+       sid_to_string(sid_str, &sid);
  
-       got_grps = True;
-       num_entries = 1;
-       make_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group));
-       pass[0].user_rid = DOMAIN_GROUP_RID_ADMINS;
+       DEBUG(5,("samr_reply_enum_dom_groups: sid %s\n", sid_str));
+
+       /* well-known groups */
+       if (sid_equal(&sid, &global_sid_S_1_5_20))
+       {
+               char *name;
+               got_grps = True;
+
+               while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[num_entries].name) != NULL))
+               {
+                       DOMAIN_GRP tmp_grp;
+
+                       fstrcpy(tmp_grp.name   , name);
+                       fstrcpy(tmp_grp.comment, "");
+                       tmp_grp.rid = domain_group_rids[num_entries].rid;
+                       tmp_grp.attr = 0x7;
+
+                       if (!add_domain_group(&grps, &num_entries, &tmp_grp))
+                       {
+                               r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+                               break;
+                       }
+               }
+       }
+       else if (sid_equal(&sid, &global_sam_sid))
+       {
+               BOOL ret;
+               char *name;
+               int i = 0;
+               got_grps = True;
+
+               become_root(True);
+               ret = enumdomgroups(&grps, &num_entries);
+               unbecome_root(True);
+
+               while (num_entries < MAX_SAM_ENTRIES && ((name = domain_group_rids[i].name) != NULL))
+               {
+                       DOMAIN_GRP tmp_grp;
+
+                       fstrcpy(tmp_grp.name   , name);
+                       fstrcpy(tmp_grp.comment, "");
+                       tmp_grp.rid = domain_group_rids[i].rid;
+                       tmp_grp.attr = 0x7;
+
+                       if (!add_domain_group(&grps, &num_entries, &tmp_grp))
+                       {
+                               r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+                               break;
+                       }
+
+                       i++;
+               }
+
+               if (!ret)
+               {
+                       r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+               }
+       }
  
         if (r_e.status == 0 && got_grps)
         {
-               make_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, pass, r_e.status);
+               make_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, grps, r_e.status);
         }
  
         /* store the response in the SMB stream */
         samr_io_r_enum_dom_groups("", &r_e, rdata, 0);
  
-       DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
+       if (grps != NULL)
+       {
+               free(grps);
+       }
  
+       DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
  }
  
  /*******************************************************************
   api_samr_enum_dom_groups
   ********************************************************************/
-static void api_samr_enum_dom_groups( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_enum_dom_groups( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_ENUM_DOM_GROUPS q_e;
  
@@ -397,36 +513,72 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
                                 prs_struct *rdata)
  {
         SAMR_R_ENUM_DOM_ALIASES r_e;
-       SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
-       int num_entries;
-       int pol_idx;
-       BOOL got_aliases;
-       char *dummy_alias = "admins";
+       LOCAL_GRP *alss = NULL;
+       int num_entries = 0;
+       DOM_SID sid;
+       fstring sid_str;
  
         r_e.status = 0x0;
         r_e.num_entries = 0;
  
         /* find the policy handle.  open a policy on it. */
-       if (r_e.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (r_e.status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &sid))
         {
                 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
  
-       DEBUG(5,("samr_reply_enum_dom_aliases: %d\n", __LINE__));
+       sid_to_string(sid_str, &sid);
  
-       got_aliases = True;
-       num_entries = 1;
-       make_unistr2(&(pass[0].uni_user_name), dummy_alias, strlen(dummy_alias));
-       pass[0].user_rid = BUILTIN_ALIAS_RID_ADMINS;
+       DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
  
-       if (r_e.status == 0 && got_aliases)
+       /* well-known aliases */
+       if (sid_equal(&sid, &global_sid_S_1_5_20))
         {
-               make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
+               char *name;
+
+               while ((name = builtin_alias_rids[num_entries].name) != NULL)
+               {
+                       LOCAL_GRP tmp_als;
+
+                       fstrcpy(tmp_als.name   , name);
+                       fstrcpy(tmp_als.comment, "");
+                       tmp_als.rid = builtin_alias_rids[num_entries].rid;
+
+                       if (!add_domain_alias(&alss, &num_entries, &tmp_als))
+                       {
+                               r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+                               break;
+                       }
+               }
+       }
+       else if (sid_equal(&sid, &global_sam_sid))
+       {
+               BOOL ret;
+               /* local aliases */
+               num_entries = 0;
+
+               become_root(True);
+               ret = enumdomaliases(&alss, &num_entries);
+               unbecome_root(True);
+               if (!ret)
+               {
+                       r_e.status = 0xC0000000 | NT_STATUS_NO_MEMORY;
+               }
+       }
+               
+       if (r_e.status == 0x0)
+       {
+               make_samr_r_enum_dom_aliases(&r_e, num_entries, alss, r_e.status);
         }
  
         /* store the response in the SMB stream */
         samr_io_r_enum_dom_aliases("", &r_e, rdata, 0);
  
+       if (alss != NULL)
+       {
+               free(alss);
+       }
+
         DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
  
  }
@@ -434,7 +586,7 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
  /*******************************************************************
   api_samr_enum_dom_aliases
   ********************************************************************/
-static void api_samr_enum_dom_aliases( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_enum_dom_aliases( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_ENUM_DOM_ALIASES q_e;
  
@@ -457,50 +609,55 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
         SAM_INFO_1 info1;
         SAM_INFO_2 info2;
         SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
-       int num_entries;
-       int total_entries;
-       int pol_idx;
+       int num_entries = 0;
+       int total_entries = 0;
         BOOL got_pwds;
         uint16 switch_level = 0x0;
  
+       ZERO_STRUCT(r_e);
+
         r_e.status = 0x0;
  
+       DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
+
         /* find the policy handle.  open a policy on it. */
-       if (r_e.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+               DEBUG(5,("samr_reply_query_dispinfo: invalid handle\n"));
         }
  
-       DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
-
-       become_root(True);
-       got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
-       unbecome_root(True);
-
-       switch (q_u->switch_level)
+       if (r_e.status == 0x0)
         {
-               case 0x1:
+               become_root(True);
+               got_pwds = get_sampwd_entries(pass, q_u->start_idx, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
+               unbecome_root(True);
+
+               switch (q_u->switch_level)
                 {
-               
-                       /* query disp info is for users */
-                       switch_level = 0x1;
-                       make_sam_info_1(&info1, ACB_NORMAL,
-                               q_u->start_idx, num_entries, pass);
+                       case 0x1:
+                       {
+                       
+                               /* query disp info is for users */
+                               switch_level = 0x1;
+                               make_sam_info_1(&info1, ACB_NORMAL,
+                                       q_u->start_idx, num_entries, pass);
  
-                       ctr.sam.info1 = &info1;
+                               ctr.sam.info1 = &info1;
  
-                       break;
-               }
-               case 0x2:
-               {
-                       /* query disp info is for servers */
-                       switch_level = 0x2;
-                       make_sam_info_2(&info2, ACB_WSTRUST,
-                               q_u->start_idx, num_entries, pass);
+                               break;
+                       }
+                       case 0x2:
+                       {
+                               /* query disp info is for servers */
+                               switch_level = 0x2;
+                               make_sam_info_2(&info2, ACB_WSTRUST,
+                                       q_u->start_idx, num_entries, pass);
  
-                       ctr.sam.info2 = &info2;
+                               ctr.sam.info2 = &info2;
  
-                       break;
+                               break;
+                       }
                 }
         }
  
@@ -519,7 +676,7 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
  /*******************************************************************
   api_samr_query_dispinfo
   ********************************************************************/
-static void api_samr_query_dispinfo( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_dispinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_QUERY_DISPINFO q_e;
  
@@ -538,14 +695,12 @@ static void samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
                                 prs_struct *rdata)
  {
         SAMR_R_QUERY_ALIASINFO r_e;
-       int pol_idx;
-       BOOL got_alias;
  
         r_e.status = 0x0;
         r_e.ptr = 0;
  
         /* find the policy handle.  open a policy on it. */
-       if (r_e.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -560,11 +715,6 @@ static void samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
                 }
         }
  
-       if (r_e.status == 0x0)
-       {
-               got_alias = True;
-       }
-
         make_samr_r_query_aliasinfo(&r_e, q_u->switch_level,
                             "<account description>",
                                 r_e.status);
@@ -579,7 +729,7 @@ static void samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
  /*******************************************************************
   api_samr_query_aliasinfo
   ********************************************************************/
-static void api_samr_query_aliasinfo( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_aliasinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_QUERY_ALIASINFO q_e;
  
@@ -599,51 +749,92 @@ static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
  {
         uint32 rid[MAX_SAM_ENTRIES];
         uint32 status     = 0;
-       int num_rids = q_u->num_sids1;
+       int num_rids = 0;
+       int i;
+       struct sam_passwd *sam_pass;
+       DOM_SID usr_sid;
+       DOM_SID dom_sid;
+       uint32 user_rid;
+       fstring sam_sid_str;
+       fstring dom_sid_str;
+       fstring usr_sid_str;
  
         SAMR_R_LOOKUP_IDS r_u;
  
         DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
  
+       /* find the policy handle.  open a policy on it. */
+       if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &dom_sid))
+       {
+               status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+       }
+       else
+       {
+               sid_to_string(dom_sid_str, &dom_sid       );
+               sid_to_string(sam_sid_str, &global_sam_sid);
+       }
+
         if (num_rids > MAX_SAM_ENTRIES)
         {
                 num_rids = MAX_SAM_ENTRIES;
                 DEBUG(5,("samr_lookup_ids: truncating entries to %d\n", num_rids));
         }
  
-#if 0
-       int i;
-       ASSERT_ARRAY(q_u->uni_user_name, num_rids);
-
-       for (i = 0; i < num_rids && status == 0; i++)
+       if (status == 0x0)
         {
-               struct smb_passwd *smb_pass;
-               fstring user_name;
-
+               usr_sid = q_u->sid[0].sid;
+               sid_split_rid(&usr_sid, &user_rid);
+               sid_to_string(usr_sid_str, &usr_sid);
  
-               fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
-                                                                       q_u->uni_user_name[i].uni_str_len));
+       }
  
+       if (status == 0x0)
+       {
                 /* find the user account */
                 become_root(True);
-               smb_pass = get_sampwd_entry(user_name, 0);
+               sam_pass = getsam21pwrid(user_rid);
                 unbecome_root(True);
  
-               if (smb_pass == NULL)
+               if (sam_pass == NULL)
                 {
                         status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
-                       rid[i] = 0;
+                       num_rids = 0;
+               }
+       }
+
+       if (status == 0x0)
+       {
+               if (sid_equal(&dom_sid, &global_sid_S_1_5_20))
+               {
+                       DEBUG(5,("lookup on S-1-5-20\n"));
+               }
+               else if (sid_equal(&dom_sid, &usr_sid))
+               {
+                       DOMAIN_GRP *mem_grp = NULL;
+                       BOOL ret;
+
+                       DEBUG(5,("lookup on Domain SID\n"));
+
+                       become_root(True);
+                       ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_rids);
+                       unbecome_root(True);
+
+                       num_rids = MIN(num_rids, MAX_SAM_ENTRIES);
+
+                       if (mem_grp != NULL)
+                       {
+                               for (i = 0; i < num_rids; i++)
+                               {
+                                       rid[i] = mem_grp[i].rid;
+                               }
+                               free(mem_grp);
+                       }
                 }
                 else
                 {
-                       /* lkclXXXX SHOULD use name_to_rid() here! */
-                       rid[i] = smb_pass->smb_userid;
+                       status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
                 }
         }
-#endif
-
-       num_rids = 1;
-       rid[0] = BUILTIN_ALIAS_RID_USERS;
  
         make_samr_r_lookup_ids(&r_u, num_rids, rid, status);
  
@@ -657,7 +848,7 @@ static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
  /*******************************************************************
   api_samr_lookup_ids
   ********************************************************************/
-static void api_samr_lookup_ids( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_lookup_ids( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_LOOKUP_IDS q_u;
  
@@ -674,7 +865,8 @@ static void api_samr_lookup_ids( int uid, prs_struct *data, prs_struct *rdata)
  static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
                                 prs_struct *rdata)
  {
-       uint32 rid[MAX_SAM_ENTRIES];
+       uint32 rid [MAX_SAM_ENTRIES];
+       uint8  type[MAX_SAM_ENTRIES];
         uint32 status     = 0;
         int i;
         int num_rids = q_u->num_rids1;
@@ -689,22 +881,26 @@ static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
                 DEBUG(5,("samr_lookup_names: truncating entries to %d\n", num_rids));
         }
  
-       ASSERT_ARRAY(q_u->uni_user_name, num_rids);
+       SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
  
         for (i = 0; i < num_rids && status == 0; i++)
         {
+               DOM_SID sid;
                 fstring name;
-
-               status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
-
                 fstrcpy(name, unistrn2(q_u->uni_user_name[i].buffer, q_u->uni_user_name[i].uni_str_len));
  
-               status = (status != 0x0) ? lookup_user_rid (name, &(rid[i])) : status;
-               status = (status != 0x0) ? lookup_group_rid(name, &(rid[i])) : status;
-               status = (status != 0x0) ? lookup_alias_rid(name, &(rid[i])) : status;
+               status = lookup_name(name, &sid, &(type[i]));
+               if (status == 0x0)
+               {
+                       sid_split_rid(&sid, &rid[i]);
+               }
+               else
+               {
+                       type[i] = SID_NAME_UNKNOWN;
+               }
         }
  
-       make_samr_r_lookup_names(&r_u, num_rids, rid, status);
+       make_samr_r_lookup_names(&r_u, num_rids, rid, type, status);
  
         /* store the response in the SMB stream */
         samr_io_r_lookup_names("", &r_u, rdata, 0);
@@ -716,7 +912,7 @@ static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
  /*******************************************************************
   api_samr_lookup_names
   ********************************************************************/
-static void api_samr_lookup_names( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_LOOKUP_NAMES q_u;
  
@@ -727,6 +923,84 @@ static void api_samr_lookup_names( int uid, prs_struct *data, prs_struct *rdata)
         samr_reply_lookup_names(&q_u, rdata);
  }
  
+/*******************************************************************
+ samr_reply_chgpasswd_user
+ ********************************************************************/
+static void samr_reply_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_CHGPASSWD_USER r_u;
+       uint32 status = 0x0;
+       fstring user_name;
+       fstring wks;
+
+       fstrcpy(user_name, unistrn2(q_u->uni_user_name.buffer, q_u->uni_user_name.uni_str_len));
+       fstrcpy(wks      , unistrn2(q_u->uni_dest_host.buffer, q_u->uni_dest_host.uni_str_len));
+
+       DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
+
+       if (!pass_oem_change(user_name,
+                            q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
+                            q_u->nt_newpass.pass, q_u->nt_oldhash.hash))
+       {
+               status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
+       }
+
+       make_samr_r_chgpasswd_user(&r_u, status);
+
+       /* store the response in the SMB stream */
+       samr_io_r_chgpasswd_user("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_chgpasswd_user: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_chgpasswd_user
+ ********************************************************************/
+static void api_samr_chgpasswd_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_CHGPASSWD_USER q_u;
+
+       /* unknown 38 command */
+       samr_io_q_chgpasswd_user("", &q_u, data, 0);
+
+       /* construct reply. */
+       samr_reply_chgpasswd_user(&q_u, rdata);
+}
+
+
+/*******************************************************************
+ samr_reply_unknown_38
+ ********************************************************************/
+static void samr_reply_unknown_38(SAMR_Q_UNKNOWN_38 *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_UNKNOWN_38 r_u;
+
+       DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+
+       make_samr_r_unknown_38(&r_u);
+
+       /* store the response in the SMB stream */
+       samr_io_r_unknown_38("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
+}
+
+/*******************************************************************
+ api_samr_unknown_38
+ ********************************************************************/
+static void api_samr_unknown_38( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_UNKNOWN_38 q_u;
+
+       /* unknown 38 command */
+       samr_io_q_unknown_38("", &q_u, data, 0);
+
+       /* construct reply.  always indicate success */
+       samr_reply_unknown_38(&q_u, rdata);
+}
+
  
  /*******************************************************************
   samr_reply_unknown_12
@@ -735,21 +1009,26 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
                                 prs_struct *rdata)
  {
         fstring group_names[MAX_SAM_ENTRIES];
-       uint32  group_attrs[MAX_SAM_ENTRIES];
+       uint8   group_attrs[MAX_SAM_ENTRIES];
         uint32 status     = 0;
         int num_gids = q_u->num_gids1;
-       uint32 pol_idx;
+       DOM_SID pol_sid;
  
         SAMR_R_UNKNOWN_12 r_u;
  
         DEBUG(5,("samr_unknown_12: %d\n", __LINE__));
  
         /* find the policy handle.  open a policy on it. */
-       if (status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
  
+       if (status == 0x0 && !get_lsa_policy_samr_sid(&q_u->pol, &pol_sid))
+       {
+               status = NT_STATUS_OBJECT_TYPE_MISMATCH;
+       }
+
         if (status == 0x0)
         {
                 int i;
@@ -761,7 +1040,10 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
  
                 for (i = 0; i < num_gids && status == 0; i++)
                 {
-                       fstrcpy(group_names[i], "dummy group");
+                       DOM_SID sid;
+                       sid_copy(&sid, &pol_sid);
+                       sid_append_rid(&sid, q_u->gid[i]);
+                       lookup_sid(&sid, group_names[i], &group_attrs[i]);
                         group_attrs[i] = 0x2;
                 }
         }
@@ -778,7 +1060,7 @@ static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
  /*******************************************************************
   api_samr_unknown_12
   ********************************************************************/
-static void api_samr_unknown_12( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_unknown_12( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_UNKNOWN_12 q_u;
  
@@ -798,8 +1080,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u,
                                 int status)
  {
         SAMR_R_OPEN_USER r_u;
-       struct smb_passwd *smb_pass;
-       int pol_idx;
+       struct sam_passwd *sam_pass;
         BOOL pol_open = False;
  
         /* set up the SAMR open_user response */
@@ -808,7 +1089,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u,
         r_u.status = 0x0;
  
         /* find the policy handle.  open a policy on it. */
-       if (r_u.status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->domain_pol))) == -1))
+       if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
         {
                 r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -820,11 +1101,11 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u,
         }
  
         become_root(True);
-       smb_pass = getsmbpwuid(q_u->user_rid);
+       sam_pass = getsam21pwrid(q_u->user_rid);
         unbecome_root(True);
  
         /* check that the RID exists in our domain. */
-       if (r_u.status == 0x0 && smb_pass == NULL)
+       if (r_u.status == 0x0 && sam_pass == NULL)
         {
                 r_u.status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
         }
@@ -853,7 +1134,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u,
  /*******************************************************************
   api_samr_open_user
   ********************************************************************/
-static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_open_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_OPEN_USER q_u;
  
@@ -865,6 +1146,36 @@ static void api_samr_open_user( int uid, prs_struct *data, prs_struct *rdata)
  }
  
  
+/*************************************************************************
+ get_user_info_10
+ *************************************************************************/
+static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
+{
+       struct smb_passwd *smb_pass;
+
+       if (!pwdb_rid_is_user(user_rid))
+       {
+               DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
+               return False;
+       }
+
+       become_root(True);
+       smb_pass = getsmbpwrid(user_rid);
+       unbecome_root(True);
+
+       if (smb_pass == NULL)
+       {
+               DEBUG(4,("User 0x%x not found\n", user_rid));
+               return False;
+       }
+
+       DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
+
+       make_sam_user_info10(id10, smb_pass->acct_ctrl); 
+
+       return True;
+}
+
  /*************************************************************************
   get_user_info_21
   *************************************************************************/
@@ -875,8 +1186,9 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
         LOGON_HRS hrs;
         int i;
  
-       if (!pdb_rid_is_user(user_rid))
+       if (!pwdb_rid_is_user(user_rid))
         {
+               DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
                 return False;
         }
  
@@ -886,6 +1198,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
  
         if (sam_pass == NULL)
         {
+               DEBUG(4,("User 0x%x not found\n", user_rid));
                 return False;
         }
  
@@ -898,7 +1211,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
  
         /* create a LOGON_HRS structure */
         hrs.len = sam_pass->hours_len;
-       ASSERT_ARRAY(hrs.hours, hrs.len);
+       SMB_ASSERT_ARRAY(hrs.hours, hrs.len);
         for (i = 0; i < hrs.len; i++)
         {
                 hrs.hours[i] = sam_pass->hours[i];
@@ -947,17 +1260,17 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
  #if 0
         SAM_USER_INFO_11 id11;
  #endif
+       SAM_USER_INFO_10 id10;
         SAM_USER_INFO_21 id21;
         void *info = NULL;
  
         uint32 status = 0x0;
-       uint32 rid;
-       int obj_idx;
+       uint32 rid = 0x0;
  
         DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__));
  
         /* search for the handle */
-       if (status == 0x0 && (obj_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1)
+       if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 status = NT_STATUS_INVALID_HANDLE;
         }
@@ -968,11 +1281,19 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
                 status = NT_STATUS_OBJECT_TYPE_MISMATCH;
         }
  
+       DEBUG(5,("samr_reply_query_userinfo: rid:0x%x\n", rid));
+
         /* ok!  user info levels (there are lots: see MSDEV help), off we go... */
         if (status == 0x0)
         {
                 switch (q_u->switch_value)
                 {
+                       case 0x10:
+                       {
+                               info = (void*)&id10;
+                               status = get_user_info_10(&id10, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
+                               break;
+                       }
  #if 0
  /* whoops - got this wrong.  i think.  or don't understand what's happening. */
                         case 0x11:
@@ -1016,7 +1337,7 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
  /*******************************************************************
   api_samr_query_userinfo
   ********************************************************************/
-static void api_samr_query_userinfo( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_userinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_QUERY_USERINFO q_u;
  
@@ -1037,16 +1358,15 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
         SAMR_R_QUERY_USERGROUPS r_u;
         uint32 status = 0x0;
  
-       struct smb_passwd *smb_pass;
+       struct sam_passwd *sam_pass;
         DOM_GID *gids = NULL;
         int num_groups = 0;
-       int pol_idx;
         uint32 rid;
  
         DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
  
         /* find the policy handle.  open a policy on it. */
-       if (status == 0x0 && ((pol_idx = find_lsa_policy_by_hnd(&(q_u->pol))) == -1))
+       if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
         {
                 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
         }
@@ -1060,10 +1380,10 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
         if (status == 0x0)
         {
                 become_root(True);
-               smb_pass = getsmbpwuid(rid);
+               sam_pass = getsam21pwrid(rid);
                 unbecome_root(True);
  
-               if (smb_pass == NULL)
+               if (sam_pass == NULL)
                 {
                         status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
                 }
@@ -1071,10 +1391,20 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
  
         if (status == 0x0)
         {
-               pstring groups;
-               get_domain_user_groups(groups, smb_pass->smb_name);
+               DOMAIN_GRP *mem_grp = NULL;
+               BOOL ret;
+
+               become_root(True);
+               ret = getusergroupsnam(sam_pass->smb_name, &mem_grp, &num_groups);
+               unbecome_root(True);
+
                  gids = NULL;
-               num_groups = make_dom_gids(groups, &gids);
+               num_groups = make_dom_gids(mem_grp, num_groups, &gids);
+
+               if (mem_grp != NULL)
+               {
+                       free(mem_grp);
+               }
         }
  
         /* construct the response.  lkclXXXX: gids are not copied! */
@@ -1083,8 +1413,11 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
         /* store the response in the SMB stream */
         samr_io_r_query_usergroups("", &r_u, rdata, 0);
  
-        if(gids)
-          free((char *)gids);
+       if (gids)
+       {
+               free((char *)gids);
+       }
+
         DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
  
  }
@@ -1092,7 +1425,7 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
  /*******************************************************************
   api_samr_query_usergroups
   ********************************************************************/
-static void api_samr_query_usergroups( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_query_usergroups( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_QUERY_USERGROUPS q_u;
         /* grab the samr unknown 32 */
@@ -1103,6 +1436,75 @@ static void api_samr_query_usergroups( int uid, prs_struct *data, prs_struct *rd
  }
  
  
+/*******************************************************************
+ samr_reply_query_dom_info
+ ********************************************************************/
+static void samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_QUERY_DOMAIN_INFO r_u;
+       SAM_UNK_CTR ctr;
+       uint16 switch_value = 0x0;
+       uint32 status = 0x0;
+
+       ZERO_STRUCT(r_u);
+       ZERO_STRUCT(ctr);
+
+       r_u.ctr = &ctr;
+
+       DEBUG(5,("samr_reply_query_dom_info: %d\n", __LINE__));
+
+       /* find the policy handle.  open a policy on it. */
+       if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
+       {
+               r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
+               DEBUG(5,("samr_reply_query_dom_info: invalid handle\n"));
+       }
+
+       if (status == 0x0)
+       {
+               switch (q_u->switch_value)
+               {
+                       case 0x02:
+                       {
+                               switch_value = 0x2;
+                               make_unk_info2(&ctr.info.inf2, global_sam_name, global_myname);
+
+                               break;
+                       }
+                       default:
+                       {
+                               status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
+                               break;
+                       }
+               }
+       }
+
+       make_samr_r_query_dom_info(&r_u, switch_value, &ctr, status);
+
+       /* store the response in the SMB stream */
+       samr_io_r_query_dom_info("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_query_dom_info: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_query_dom_info
+ ********************************************************************/
+static void api_samr_query_dom_info( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_QUERY_DOMAIN_INFO q_e;
+
+       /* grab the samr unknown 8 command */
+       samr_io_q_query_dom_info("", &q_e, data, 0);
+
+       /* construct reply. */
+       samr_reply_query_dom_info(&q_e, rdata);
+}
+
+
+
  /*******************************************************************
   samr_reply_unknown_32
   ********************************************************************/
@@ -1138,10 +1540,10 @@ static void samr_reply_unknown_32(SAMR_Q_UNKNOWN_32 *q_u,
  /*******************************************************************
   api_samr_unknown_32
   ********************************************************************/
-static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_unknown_32( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         uint32 status = 0;
-       struct smb_passwd *smb_pass;
+       struct sam_passwd *sam_pass;
         fstring mach_acct;
  
         SAMR_Q_UNKNOWN_32 q_u;
@@ -1159,10 +1561,10 @@ static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata)
                                     q_u.uni_mach_acct.uni_str_len));
  
         become_root(True);
-       smb_pass = getsmbpwnam(mach_acct);
+       sam_pass = getsam21pwnam(mach_acct);
         unbecome_root(True);
  
-       if (smb_pass != NULL)
+       if (sam_pass != NULL)
         {
                 /* machine account exists: say so */
                 status = 0xC0000000 | NT_STATUS_USER_EXISTS;
@@ -1170,6 +1572,7 @@ static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata)
         else
         {
                 /* this could cause trouble... */
+               DEBUG(0,("trouble!\n"));
                 status = 0;
         }
  
@@ -1178,6 +1581,59 @@ static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata)
  }
  
  
+/*******************************************************************
+ samr_reply_connect_anon
+ ********************************************************************/
+static void samr_reply_connect_anon(SAMR_Q_CONNECT_ANON *q_u,
+                               prs_struct *rdata)
+{
+       SAMR_R_CONNECT_ANON r_u;
+       BOOL pol_open = False;
+
+       /* set up the SAMR connect_anon response */
+
+       r_u.status = 0x0;
+       /* get a (unique) handle.  open a policy on it. */
+       if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.connect_pol))))
+       {
+               r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+       }
+
+       /* associate the domain SID with the (unique) handle. */
+       if (r_u.status == 0x0 && !set_lsa_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0))
+       {
+               /* oh, whoops.  don't know what error message to return, here */
+               r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
+       }
+
+       if (r_u.status != 0 && pol_open)
+       {
+               close_lsa_policy_hnd(&(r_u.connect_pol));
+       }
+
+       DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
+
+       /* store the response in the SMB stream */
+       samr_io_r_connect_anon("", &r_u, rdata, 0);
+
+       DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
+
+}
+
+/*******************************************************************
+ api_samr_connect_anon
+ ********************************************************************/
+static void api_samr_connect_anon( uint16 vuid, prs_struct *data, prs_struct *rdata)
+{
+       SAMR_Q_CONNECT_ANON q_u;
+
+       /* grab the samr open policy */
+       samr_io_q_connect_anon("", &q_u, data, 0);
+
+       /* construct reply.  always indicate success */
+       samr_reply_connect_anon(&q_u, rdata);
+}
+
  /*******************************************************************
   samr_reply_connect
   ********************************************************************/
@@ -1220,7 +1676,7 @@ static void samr_reply_connect(SAMR_Q_CONNECT *q_u,
  /*******************************************************************
   api_samr_connect
   ********************************************************************/
-static void api_samr_connect( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_connect( uint16 vuid, prs_struct *data, prs_struct *rdata)
  {
         SAMR_Q_CONNECT q_u;
  
@@ -1273,7 +1729,7 @@ static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u,
  /*******************************************************************
   api_samr_open_alias
   ********************************************************************/
-static void api_samr_open_alias( int uid, prs_struct *data, prs_struct *rdata)
+static void api_samr_open_alias( uint16 vuid, prs_struct *data, prs_struct *rdata)
                                  
  {
         SAMR_Q_OPEN_ALIAS q_u;
@@ -1292,6 +1748,7 @@ static struct api_struct api_samr_cmds [] =
  {
         { "SAMR_CLOSE_HND"        , SAMR_CLOSE_HND        , api_samr_close_hnd        },
         { "SAMR_CONNECT"          , SAMR_CONNECT          , api_samr_connect          },
+       { "SAMR_CONNECT_ANON"     , SAMR_CONNECT_ANON     , api_samr_connect_anon     },
         { "SAMR_ENUM_DOM_USERS"   , SAMR_ENUM_DOM_USERS   , api_samr_enum_dom_users   },
         { "SAMR_ENUM_DOM_GROUPS"  , SAMR_ENUM_DOM_GROUPS  , api_samr_enum_dom_groups  },
         { "SAMR_ENUM_DOM_ALIASES" , SAMR_ENUM_DOM_ALIASES , api_samr_enum_dom_aliases },
@@ -1299,15 +1756,19 @@ static struct api_struct api_samr_cmds [] =
         { "SAMR_LOOKUP_NAMES"     , SAMR_LOOKUP_NAMES     , api_samr_lookup_names     },
         { "SAMR_OPEN_USER"        , SAMR_OPEN_USER        , api_samr_open_user        },
         { "SAMR_QUERY_USERINFO"   , SAMR_QUERY_USERINFO   , api_samr_query_userinfo   },
+       { "SAMR_QUERY_DOMAIN_INFO", SAMR_QUERY_DOMAIN_INFO, api_samr_query_dom_info        },
         { "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups },
         { "SAMR_QUERY_DISPINFO"   , SAMR_QUERY_DISPINFO   , api_samr_query_dispinfo   },
         { "SAMR_QUERY_ALIASINFO"  , SAMR_QUERY_ALIASINFO  , api_samr_query_aliasinfo  },
         { "SAMR_0x32"             , 0x32                  , api_samr_unknown_32       },
         { "SAMR_UNKNOWN_12"       , SAMR_UNKNOWN_12       , api_samr_unknown_12       },
+       { "SAMR_UNKNOWN_38"       , SAMR_UNKNOWN_38       , api_samr_unknown_38       },
+       { "SAMR_CHGPASSWD_USER"   , SAMR_CHGPASSWD_USER   , api_samr_chgpasswd_user   },
         { "SAMR_OPEN_ALIAS"       , SAMR_OPEN_ALIAS       , api_samr_open_alias       },
         { "SAMR_OPEN_DOMAIN"      , SAMR_OPEN_DOMAIN      , api_samr_open_domain      },
         { "SAMR_UNKNOWN_3"        , SAMR_UNKNOWN_3        , api_samr_unknown_3        },
-    { NULL                    , 0                     , NULL                      }
+       { "SAMR_UNKNOWN_2C"       , SAMR_UNKNOWN_2C       , api_samr_unknown_2c       },
+       { NULL                    , 0                     , NULL                      }
  };
  
  /*******************************************************************