2 * Unix SMB/CIFS implementation.
4 * Winbind rpc backend functions
6 * Copyright (c) 2000-2003 Tim Potter
7 * Copyright (c) 2001 Andrew Tridgell
8 * Copyright (c) 2005 Volker Lendecke
9 * Copyright (c) 2008 Guenther Deschner (pidl conversion)
10 * Copyright (c) 2010 Andreas Schneider <asn@samba.org>
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 3 of the License, or
15 * (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "winbindd_rpc.h"
30 #include "../librpc/gen_ndr/cli_samr.h"
31 #include "rpc_client/cli_samr.h"
32 #include "../librpc/gen_ndr/srv_samr.h"
33 #include "../librpc/gen_ndr/cli_lsa.h"
34 #include "rpc_client/cli_lsarpc.h"
35 #include "../librpc/gen_ndr/srv_lsa.h"
38 #define DBGC_CLASS DBGC_WINBIND
40 static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
41 struct rpc_pipe_client **samr_pipe)
43 struct rpc_pipe_client *cli = NULL;
44 struct auth_serversupplied_info *server_info = NULL;
51 if (server_info == NULL) {
52 status = make_server_info_system(mem_ctx, &server_info);
53 if (!NT_STATUS_IS_OK(status)) {
54 DEBUG(0, ("open_samr_pipe: Could not create auth_serversupplied_info: %s\n",
60 /* create a samr connection */
61 status = rpc_pipe_open_internal(mem_ctx,
62 &ndr_table_samr.syntax_id,
65 if (!NT_STATUS_IS_OK(status)) {
66 DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
79 NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
80 struct winbindd_domain *domain,
81 struct rpc_pipe_client **samr_pipe,
82 struct policy_handle *samr_domain_hnd)
85 struct policy_handle samr_connect_hnd;
87 status = open_internal_samr_pipe(mem_ctx, samr_pipe);
88 if (!NT_STATUS_IS_OK(status)) {
92 status = rpccli_samr_Connect2((*samr_pipe),
94 (*samr_pipe)->desthost,
95 SEC_FLAG_MAXIMUM_ALLOWED,
97 if (!NT_STATUS_IS_OK(status)) {
101 status = rpccli_samr_OpenDomain((*samr_pipe),
104 SEC_FLAG_MAXIMUM_ALLOWED,
111 static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
112 struct rpc_pipe_client **lsa_pipe)
114 struct rpc_pipe_client *cli = NULL;
115 struct auth_serversupplied_info *server_info = NULL;
122 if (server_info == NULL) {
123 status = make_server_info_system(mem_ctx, &server_info);
124 if (!NT_STATUS_IS_OK(status)) {
125 DEBUG(0, ("open_lsa_pipe: Could not create auth_serversupplied_info: %s\n",
131 /* create a samr connection */
132 status = rpc_pipe_open_internal(mem_ctx,
133 &ndr_table_lsarpc.syntax_id,
136 if (!NT_STATUS_IS_OK(status)) {
137 DEBUG(0, ("open_lsa_pipe: Could not connect to lsa_pipe: %s\n",
150 static NTSTATUS open_internal_lsa_conn(TALLOC_CTX *mem_ctx,
151 struct rpc_pipe_client **lsa_pipe,
152 struct policy_handle *lsa_hnd)
156 status = open_internal_lsa_pipe(mem_ctx, lsa_pipe);
157 if (!NT_STATUS_IS_OK(status)) {
161 status = rpccli_lsa_open_policy((*lsa_pipe),
164 SEC_FLAG_MAXIMUM_ALLOWED,
170 /*********************************************************************
171 SAM specific functions.
172 *********************************************************************/
174 /* List all domain groups */
175 static NTSTATUS sam_enum_dom_groups(struct winbindd_domain *domain,
178 struct acct_info **pinfo)
180 struct rpc_pipe_client *samr_pipe;
181 struct policy_handle dom_pol;
182 struct acct_info *info = NULL;
183 uint32_t num_info = 0;
187 DEBUG(3,("sam_enum_dom_groups\n"));
189 ZERO_STRUCT(dom_pol);
195 tmp_ctx = talloc_stackframe();
196 if (tmp_ctx == NULL) {
197 return NT_STATUS_NO_MEMORY;
200 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
201 if (!NT_STATUS_IS_OK(status)) {
205 status = rpc_enum_dom_groups(tmp_ctx,
210 if (!NT_STATUS_IS_OK(status)) {
215 *pnum_info = num_info;
219 *pinfo = talloc_move(mem_ctx, &info);
223 if (is_valid_policy_hnd(&dom_pol)) {
224 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
226 TALLOC_FREE(tmp_ctx);
230 /* Query display info for a domain */
231 static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
234 struct wbint_userinfo **pinfo)
236 struct rpc_pipe_client *samr_pipe = NULL;
237 struct policy_handle dom_pol;
238 struct wbint_userinfo *info = NULL;
239 uint32_t num_info = 0;
243 DEBUG(3,("samr_query_user_list\n"));
245 ZERO_STRUCT(dom_pol);
251 tmp_ctx = talloc_stackframe();
252 if (tmp_ctx == NULL) {
253 return NT_STATUS_NO_MEMORY;
256 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
257 if (!NT_STATUS_IS_OK(status)) {
261 status = rpc_query_user_list(tmp_ctx,
267 if (!NT_STATUS_IS_OK(status)) {
272 *pnum_info = num_info;
276 *pinfo = talloc_move(mem_ctx, &info);
280 if (is_valid_policy_hnd(&dom_pol)) {
281 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
284 TALLOC_FREE(tmp_ctx);
288 /* Lookup user information from a rid or username. */
289 static NTSTATUS sam_query_user(struct winbindd_domain *domain,
291 const struct dom_sid *user_sid,
292 struct wbint_userinfo *user_info)
294 struct rpc_pipe_client *samr_pipe;
295 struct policy_handle dom_pol;
299 DEBUG(3,("sam_query_user\n"));
301 ZERO_STRUCT(dom_pol);
304 if (!sid_check_is_in_our_domain(user_sid)) {
305 return NT_STATUS_NO_SUCH_USER;
309 user_info->homedir = NULL;
310 user_info->shell = NULL;
311 user_info->primary_gid = (gid_t) -1;
314 tmp_ctx = talloc_stackframe();
315 if (tmp_ctx == NULL) {
316 return NT_STATUS_NO_MEMORY;
319 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
320 if (!NT_STATUS_IS_OK(status)) {
324 status = rpc_query_user(tmp_ctx,
332 if (is_valid_policy_hnd(&dom_pol)) {
333 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
336 TALLOC_FREE(tmp_ctx);
340 /* get a list of trusted domains - builtin domain */
341 static NTSTATUS sam_trusted_domains(struct winbindd_domain *domain,
343 struct netr_DomainTrustList *ptrust_list)
345 struct rpc_pipe_client *lsa_pipe;
346 struct policy_handle lsa_policy;
347 struct netr_DomainTrust *trusts = NULL;
348 uint32_t num_trusts = 0;
352 DEBUG(3,("samr: trusted domains\n"));
354 ZERO_STRUCT(lsa_policy);
357 ZERO_STRUCTP(ptrust_list);
360 tmp_ctx = talloc_stackframe();
361 if (tmp_ctx == NULL) {
362 return NT_STATUS_NO_MEMORY;
365 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
366 if (!NT_STATUS_IS_OK(status)) {
370 status = rpc_trusted_domains(tmp_ctx,
375 if (!NT_STATUS_IS_OK(status)) {
380 ptrust_list->count = num_trusts;
381 ptrust_list->array = talloc_move(mem_ctx, &trusts);
385 if (is_valid_policy_hnd(&lsa_policy)) {
386 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
389 TALLOC_FREE(tmp_ctx);
393 /* Lookup group membership given a rid. */
394 static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
396 const struct dom_sid *group_sid,
397 enum lsa_SidType type,
398 uint32_t *pnum_names,
399 struct dom_sid **psid_mem,
401 uint32_t **pname_types)
403 struct rpc_pipe_client *samr_pipe;
404 struct policy_handle dom_pol;
406 uint32_t num_names = 0;
407 struct dom_sid *sid_mem = NULL;
409 uint32_t *name_types = NULL;
414 DEBUG(3,("sam_lookup_groupmem\n"));
416 ZERO_STRUCT(dom_pol);
419 if (sid_check_is_in_builtin(group_sid) && (type != SID_NAME_ALIAS)) {
420 /* There's no groups, only aliases in BUILTIN */
421 return NT_STATUS_NO_SUCH_GROUP;
428 tmp_ctx = talloc_stackframe();
429 if (tmp_ctx == NULL) {
430 return NT_STATUS_NO_MEMORY;
433 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
434 if (!NT_STATUS_IS_OK(status)) {
438 status = rpc_lookup_groupmem(tmp_ctx,
451 *pnum_names = num_names;
455 *pnames = talloc_move(mem_ctx, &names);
459 *pname_types = talloc_move(mem_ctx, &name_types);
463 *psid_mem = talloc_move(mem_ctx, &sid_mem);
467 if (is_valid_policy_hnd(&dom_pol)) {
468 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
471 TALLOC_FREE(tmp_ctx);
475 /*********************************************************************
476 BUILTIN specific functions.
477 *********************************************************************/
479 /* List all domain groups */
480 static NTSTATUS builtin_enum_dom_groups(struct winbindd_domain *domain,
483 struct acct_info **info)
485 /* BUILTIN doesn't have domain groups */
491 /* Query display info for a domain */
492 static NTSTATUS builtin_query_user_list(struct winbindd_domain *domain,
495 struct wbint_userinfo **info)
497 /* We don't have users */
503 /* Lookup user information from a rid or username. */
504 static NTSTATUS builtin_query_user(struct winbindd_domain *domain,
506 const struct dom_sid *user_sid,
507 struct wbint_userinfo *user_info)
509 return NT_STATUS_NO_SUCH_USER;
512 /* get a list of trusted domains - builtin domain */
513 static NTSTATUS builtin_trusted_domains(struct winbindd_domain *domain,
515 struct netr_DomainTrustList *trusts)
517 ZERO_STRUCTP(trusts);
521 /*********************************************************************
523 *********************************************************************/
525 /* List all local groups (aliases) */
526 static NTSTATUS sam_enum_local_groups(struct winbindd_domain *domain,
529 struct acct_info **pinfo)
531 struct rpc_pipe_client *samr_pipe;
532 struct policy_handle dom_pol;
533 struct acct_info *info = NULL;
534 uint32_t num_info = 0;
538 DEBUG(3,("samr: enum local groups\n"));
540 ZERO_STRUCT(dom_pol);
546 tmp_ctx = talloc_stackframe();
547 if (tmp_ctx == NULL) {
548 return NT_STATUS_NO_MEMORY;
551 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
552 if (!NT_STATUS_IS_OK(status)) {
556 status = rpc_enum_local_groups(mem_ctx,
561 if (!NT_STATUS_IS_OK(status)) {
566 *pnum_info = num_info;
570 *pinfo = talloc_move(mem_ctx, &info);
574 if (is_valid_policy_hnd(&dom_pol)) {
575 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
578 TALLOC_FREE(tmp_ctx);
582 /* convert a single name to a sid in a domain */
583 static NTSTATUS sam_name_to_sid(struct winbindd_domain *domain,
585 const char *domain_name,
588 struct dom_sid *psid,
589 enum lsa_SidType *ptype)
591 struct rpc_pipe_client *lsa_pipe;
592 struct policy_handle lsa_policy;
594 enum lsa_SidType type;
598 DEBUG(3,("sam_name_to_sid\n"));
600 ZERO_STRUCT(lsa_policy);
602 tmp_ctx = talloc_stackframe();
603 if (tmp_ctx == NULL) {
604 return NT_STATUS_NO_MEMORY;
607 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
608 if (!NT_STATUS_IS_OK(status)) {
612 status = rpc_name_to_sid(tmp_ctx,
620 if (!NT_STATUS_IS_OK(status)) {
625 sid_copy(psid, &sid);
632 if (is_valid_policy_hnd(&lsa_policy)) {
633 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
636 TALLOC_FREE(tmp_ctx);
640 /* convert a domain SID to a user or group name */
641 static NTSTATUS sam_sid_to_name(struct winbindd_domain *domain,
643 const struct dom_sid *sid,
646 enum lsa_SidType *ptype)
648 struct rpc_pipe_client *lsa_pipe;
649 struct policy_handle lsa_policy;
650 char *domain_name = NULL;
652 enum lsa_SidType type;
656 DEBUG(3,("sam_sid_to_name\n"));
658 ZERO_STRUCT(lsa_policy);
661 if (!sid_check_is_in_builtin(sid) &&
662 !sid_check_is_in_our_domain(sid) &&
663 !sid_check_is_in_unix_users(sid) &&
664 !sid_check_is_unix_users(sid) &&
665 !sid_check_is_in_unix_groups(sid) &&
666 !sid_check_is_unix_groups(sid) &&
667 !sid_check_is_in_wellknown_domain(sid)) {
668 DEBUG(0, ("sam_sid_to_name: possible deadlock - trying to "
669 "lookup SID %s\n", sid_string_dbg(sid)));
670 return NT_STATUS_NONE_MAPPED;
673 tmp_ctx = talloc_stackframe();
674 if (tmp_ctx == NULL) {
675 return NT_STATUS_NO_MEMORY;
678 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
679 if (!NT_STATUS_IS_OK(status)) {
683 status = rpc_sid_to_name(tmp_ctx,
697 *pname = talloc_move(mem_ctx, &name);
701 *pdomain_name = talloc_move(mem_ctx, &domain_name);
705 if (is_valid_policy_hnd(&lsa_policy)) {
706 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
709 TALLOC_FREE(tmp_ctx);
713 static NTSTATUS sam_rids_to_names(struct winbindd_domain *domain,
715 const struct dom_sid *sid,
720 enum lsa_SidType **ptypes)
722 struct rpc_pipe_client *lsa_pipe;
723 struct policy_handle lsa_policy;
724 enum lsa_SidType *types = NULL;
725 char *domain_name = NULL;
730 DEBUG(3,("sam_rids_to_names for %s\n", domain->name));
732 ZERO_STRUCT(lsa_policy);
735 if (!sid_check_is_in_builtin(sid) &&
736 !sid_check_is_in_our_domain(sid) &&
737 !sid_check_is_in_unix_users(sid) &&
738 !sid_check_is_unix_users(sid) &&
739 !sid_check_is_in_unix_groups(sid) &&
740 !sid_check_is_unix_groups(sid) &&
741 !sid_check_is_in_wellknown_domain(sid)) {
742 DEBUG(0, ("sam_rids_to_names: possible deadlock - trying to "
743 "lookup SID %s\n", sid_string_dbg(sid)));
744 return NT_STATUS_NONE_MAPPED;
747 tmp_ctx = talloc_stackframe();
748 if (tmp_ctx == NULL) {
749 return NT_STATUS_NO_MEMORY;
752 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
753 if (!NT_STATUS_IS_OK(status)) {
757 status = rpc_rids_to_names(tmp_ctx,
767 if (!NT_STATUS_IS_OK(status)) {
772 *pdomain_name = talloc_move(mem_ctx, &domain_name);
776 *ptypes = talloc_move(mem_ctx, &types);
780 *pnames = talloc_move(mem_ctx, &names);
784 if (is_valid_policy_hnd(&lsa_policy)) {
785 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
788 TALLOC_FREE(tmp_ctx);
792 static NTSTATUS sam_lockout_policy(struct winbindd_domain *domain,
794 struct samr_DomInfo12 *lockout_policy)
796 struct rpc_pipe_client *samr_pipe;
797 struct policy_handle dom_pol;
798 union samr_DomainInfo *info = NULL;
802 DEBUG(3,("sam_lockout_policy\n"));
804 ZERO_STRUCT(dom_pol);
806 tmp_ctx = talloc_stackframe();
807 if (tmp_ctx == NULL) {
808 return NT_STATUS_NO_MEMORY;
811 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
812 if (!NT_STATUS_IS_OK(status)) {
816 status = rpccli_samr_QueryDomainInfo(samr_pipe,
821 if (!NT_STATUS_IS_OK(status)) {
825 *lockout_policy = info->info12;
828 if (is_valid_policy_hnd(&dom_pol)) {
829 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
832 TALLOC_FREE(tmp_ctx);
836 static NTSTATUS sam_password_policy(struct winbindd_domain *domain,
838 struct samr_DomInfo1 *passwd_policy)
840 struct rpc_pipe_client *samr_pipe;
841 struct policy_handle dom_pol;
842 union samr_DomainInfo *info = NULL;
846 DEBUG(3,("sam_password_policy\n"));
848 ZERO_STRUCT(dom_pol);
850 tmp_ctx = talloc_stackframe();
851 if (tmp_ctx == NULL) {
852 return NT_STATUS_NO_MEMORY;
855 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
856 if (!NT_STATUS_IS_OK(status)) {
860 status = rpccli_samr_QueryDomainInfo(samr_pipe,
865 if (!NT_STATUS_IS_OK(status)) {
869 *passwd_policy = info->info1;
872 if (is_valid_policy_hnd(&dom_pol)) {
873 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
876 TALLOC_FREE(tmp_ctx);
880 /* Lookup groups a user is a member of. */
881 static NTSTATUS sam_lookup_usergroups(struct winbindd_domain *domain,
883 const struct dom_sid *user_sid,
884 uint32_t *pnum_groups,
885 struct dom_sid **puser_grpsids)
887 struct rpc_pipe_client *samr_pipe;
888 struct policy_handle dom_pol;
889 struct dom_sid *user_grpsids = NULL;
890 uint32_t num_groups = 0;
894 DEBUG(3,("sam_lookup_usergroups\n"));
896 ZERO_STRUCT(dom_pol);
902 tmp_ctx = talloc_stackframe();
903 if (tmp_ctx == NULL) {
904 return NT_STATUS_NO_MEMORY;
907 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
908 if (!NT_STATUS_IS_OK(status)) {
912 status = rpc_lookup_usergroups(tmp_ctx,
919 if (!NT_STATUS_IS_OK(status)) {
924 *pnum_groups = num_groups;
928 *puser_grpsids = talloc_move(mem_ctx, &user_grpsids);
932 if (is_valid_policy_hnd(&dom_pol)) {
933 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
936 TALLOC_FREE(tmp_ctx);
940 static NTSTATUS sam_lookup_useraliases(struct winbindd_domain *domain,
943 const struct dom_sid *sids,
944 uint32_t *pnum_aliases,
945 uint32_t **palias_rids)
947 struct rpc_pipe_client *samr_pipe;
948 struct policy_handle dom_pol;
949 uint32_t num_aliases = 0;
950 uint32_t *alias_rids = NULL;
954 DEBUG(3,("sam_lookup_useraliases\n"));
956 ZERO_STRUCT(dom_pol);
962 tmp_ctx = talloc_stackframe();
963 if (tmp_ctx == NULL) {
964 return NT_STATUS_NO_MEMORY;
967 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
968 if (!NT_STATUS_IS_OK(status)) {
972 status = rpc_lookup_useraliases(tmp_ctx,
979 if (!NT_STATUS_IS_OK(status)) {
984 *pnum_aliases = num_aliases;
988 *palias_rids = talloc_move(mem_ctx, &alias_rids);
992 if (is_valid_policy_hnd(&dom_pol)) {
993 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
996 TALLOC_FREE(tmp_ctx);
1000 /* find the sequence number for a domain */
1001 static NTSTATUS sam_sequence_number(struct winbindd_domain *domain,
1004 struct rpc_pipe_client *samr_pipe;
1005 struct policy_handle dom_pol;
1007 TALLOC_CTX *tmp_ctx;
1010 DEBUG(3,("samr: sequence number\n"));
1012 ZERO_STRUCT(dom_pol);
1015 *pseq = DOM_SEQUENCE_NONE;
1018 tmp_ctx = talloc_stackframe();
1019 if (tmp_ctx == NULL) {
1020 return NT_STATUS_NO_MEMORY;
1023 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
1024 if (!NT_STATUS_IS_OK(status)) {
1028 status = rpc_sequence_number(tmp_ctx,
1033 if (!NT_STATUS_IS_OK(status)) {
1041 if (is_valid_policy_hnd(&dom_pol)) {
1042 rpccli_samr_Close(samr_pipe, tmp_ctx, &dom_pol);
1045 TALLOC_FREE(tmp_ctx);
1049 /* the rpc backend methods are exposed via this structure */
1050 struct winbindd_methods builtin_passdb_methods = {
1051 .consistent = false,
1053 .query_user_list = builtin_query_user_list,
1054 .enum_dom_groups = builtin_enum_dom_groups,
1055 .enum_local_groups = sam_enum_local_groups,
1056 .name_to_sid = sam_name_to_sid,
1057 .sid_to_name = sam_sid_to_name,
1058 .rids_to_names = sam_rids_to_names,
1059 .query_user = builtin_query_user,
1060 .lookup_usergroups = sam_lookup_usergroups,
1061 .lookup_useraliases = sam_lookup_useraliases,
1062 .lookup_groupmem = sam_lookup_groupmem,
1063 .sequence_number = sam_sequence_number,
1064 .lockout_policy = sam_lockout_policy,
1065 .password_policy = sam_password_policy,
1066 .trusted_domains = builtin_trusted_domains
1069 /* the rpc backend methods are exposed via this structure */
1070 struct winbindd_methods sam_passdb_methods = {
1071 .consistent = false,
1073 .query_user_list = sam_query_user_list,
1074 .enum_dom_groups = sam_enum_dom_groups,
1075 .enum_local_groups = sam_enum_local_groups,
1076 .name_to_sid = sam_name_to_sid,
1077 .sid_to_name = sam_sid_to_name,
1078 .rids_to_names = sam_rids_to_names,
1079 .query_user = sam_query_user,
1080 .lookup_usergroups = sam_lookup_usergroups,
1081 .lookup_useraliases = sam_lookup_useraliases,
1082 .lookup_groupmem = sam_lookup_groupmem,
1083 .sequence_number = sam_sequence_number,
1084 .lockout_policy = sam_lockout_policy,
1085 .password_policy = sam_password_policy,
1086 .trusted_domains = sam_trusted_domains