2 Unix SMB/CIFS implementation.
4 endpoint server for the netlogon pipe
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
7 Copyright (C) Stefan Metzmacher <metze@samba.org> 2005
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #include "librpc/gen_ndr/ndr_netlogon.h"
26 #include "rpc_server/dcerpc_server.h"
27 #include "rpc_server/common/common.h"
28 #include "librpc/gen_ndr/ndr_dcom.h"
29 #include "lib/ldb/include/ldb.h"
30 #include "auth/auth.h"
31 #include "dsdb/samdb/samdb.h"
33 struct server_pipe_state {
34 struct netr_Credential client_challenge;
35 struct netr_Credential server_challenge;
36 struct creds_CredentialState *creds;
41 a client has connected to the netlogon server using schannel, so we need
42 to re-establish the credentials state
44 static NTSTATUS netlogon_schannel_setup(struct dcesrv_call_state *dce_call)
46 struct server_pipe_state *state;
49 /* We want the client and server challenge zero */
50 state = talloc_zero(dce_call->conn, struct server_pipe_state);
52 return NT_STATUS_NO_MEMORY;
55 status = dcerpc_schannel_creds(dce_call->conn->auth_state.gensec_security,
59 if (!NT_STATUS_IS_OK(status)) {
60 DEBUG(3, ("getting schannel credentials failed with %s\n", nt_errstr(status)));
65 dce_call->context->private = state;
71 a hook for bind on the netlogon pipe
73 static NTSTATUS netlogon_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *di)
75 dce_call->context->private = NULL;
77 /* if this is a schannel bind then we need to reconstruct the pipe state */
78 if (dce_call->conn->auth_state.auth_info &&
79 dce_call->conn->auth_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL) {
82 DEBUG(5, ("schannel bind on netlogon\n"));
84 status = netlogon_schannel_setup(dce_call);
85 if (!NT_STATUS_IS_OK(status)) {
86 DEBUG(3, ("schannel bind on netlogon failed with %s\n", nt_errstr(status)));
94 #define DCESRV_INTERFACE_NETLOGON_BIND netlogon_bind
96 static NTSTATUS netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
97 struct netr_ServerReqChallenge *r)
99 struct server_pipe_state *pipe_state = dce_call->context->private;
101 ZERO_STRUCTP(r->out.credentials);
103 /* destroyed on pipe shutdown */
106 talloc_free(pipe_state);
107 dce_call->context->private = NULL;
110 pipe_state = talloc(dce_call->context, struct server_pipe_state);
112 return NT_STATUS_NO_MEMORY;
115 pipe_state->creds = NULL;
117 pipe_state->client_challenge = *r->in.credentials;
119 generate_random_buffer(pipe_state->server_challenge.data,
120 sizeof(pipe_state->server_challenge.data));
122 *r->out.credentials = pipe_state->server_challenge;
124 dce_call->context->private = pipe_state;
129 static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
130 struct netr_ServerAuthenticate3 *r)
132 struct server_pipe_state *pipe_state = dce_call->context->private;
134 struct samr_Password *mach_pwd;
137 struct ldb_message **msgs;
139 const char *attrs[] = {"ntPwdHash", "userAccountControl",
142 ZERO_STRUCTP(r->out.credentials);
144 *r->out.negotiate_flags = *r->in.negotiate_flags;
147 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
148 return NT_STATUS_ACCESS_DENIED;
151 sam_ctx = samdb_connect(mem_ctx, system_session(mem_ctx));
152 if (sam_ctx == NULL) {
153 return NT_STATUS_INVALID_SYSTEM_SERVICE;
155 /* pull the user attributes */
156 num_records = gendb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
157 "(&(sAMAccountName=%s)(objectclass=user))",
160 if (num_records == 0) {
161 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
162 r->in.account_name));
163 return NT_STATUS_ACCESS_DENIED;
166 if (num_records > 1) {
167 DEBUG(0,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
168 return NT_STATUS_INTERNAL_DB_CORRUPTION;
171 acct_flags = samdb_result_acct_flags(msgs[0],
172 "userAccountControl");
174 if (acct_flags & ACB_DISABLED) {
175 DEBUG(1, ("Account [%s] is disabled\n", r->in.account_name));
176 return NT_STATUS_ACCESS_DENIED;
179 if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
180 if (!(acct_flags & ACB_WSTRUST)) {
181 DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", acct_flags));
182 return NT_STATUS_ACCESS_DENIED;
184 } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN) {
185 if (!(acct_flags & ACB_DOMTRUST)) {
186 DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", acct_flags));
187 return NT_STATUS_ACCESS_DENIED;
189 } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
190 if (!(acct_flags & ACB_SVRTRUST)) {
191 DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", acct_flags));
192 return NT_STATUS_ACCESS_DENIED;
195 DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
196 r->in.secure_channel_type));
197 return NT_STATUS_ACCESS_DENIED;
200 *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0],
203 mach_pwd = samdb_result_hash(mem_ctx, msgs[0], "ntPwdHash");
204 if (mach_pwd == NULL) {
205 return NT_STATUS_ACCESS_DENIED;
208 if (pipe_state->creds) {
209 talloc_free(pipe_state->creds);
211 pipe_state->creds = talloc(pipe_state, struct creds_CredentialState);
212 if (!pipe_state->creds) {
213 return NT_STATUS_NO_MEMORY;
216 creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
217 &pipe_state->server_challenge, mach_pwd,
219 *r->in.negotiate_flags);
221 if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
222 talloc_free(pipe_state->creds);
223 pipe_state->creds = NULL;
224 return NT_STATUS_ACCESS_DENIED;
227 pipe_state->creds->account_name = talloc_steal(pipe_state->creds, r->in.account_name);
229 pipe_state->creds->computer_name = talloc_steal(pipe_state->creds, r->in.computer_name);
231 pipe_state->creds->secure_channel_type = r->in.secure_channel_type;
233 pipe_state->creds->sid = samdb_result_dom_sid(pipe_state->creds, msgs[0], "objectSid");
235 pipe_state->creds->domain = talloc_strdup(pipe_state->creds, lp_workgroup());
237 /* remember this session key state */
238 nt_status = schannel_store_session_key(mem_ctx, pipe_state->creds);
243 static NTSTATUS netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
244 struct netr_ServerAuthenticate *r)
246 struct netr_ServerAuthenticate3 r3;
249 * negotiate_flags is used as an [in] parameter
250 * so it need to be initialised.
252 * (I think ... = 0; seems wrong here --metze)
254 uint32_t negotiate_flags = 0;
256 r3.in.server_name = r->in.server_name;
257 r3.in.account_name = r->in.account_name;
258 r3.in.secure_channel_type = r->in.secure_channel_type;
259 r3.in.computer_name = r->in.computer_name;
260 r3.in.credentials = r->in.credentials;
261 r3.out.credentials = r->out.credentials;
262 r3.in.negotiate_flags = &negotiate_flags;
263 r3.out.negotiate_flags = &negotiate_flags;
266 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
269 static NTSTATUS netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
270 struct netr_ServerAuthenticate2 *r)
272 struct netr_ServerAuthenticate3 r3;
275 r3.in.server_name = r->in.server_name;
276 r3.in.account_name = r->in.account_name;
277 r3.in.secure_channel_type = r->in.secure_channel_type;
278 r3.in.computer_name = r->in.computer_name;
279 r3.in.credentials = r->in.credentials;
280 r3.out.credentials = r->out.credentials;
281 r3.in.negotiate_flags = r->in.negotiate_flags;
282 r3.out.negotiate_flags = r->out.negotiate_flags;
285 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
289 static NTSTATUS netr_creds_server_step_check(struct server_pipe_state *pipe_state,
290 struct netr_Authenticator *received_authenticator,
291 struct netr_Authenticator *return_authenticator)
294 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
295 return NT_STATUS_ACCESS_DENIED;
298 return creds_server_step_check(pipe_state->creds,
299 received_authenticator,
300 return_authenticator);
304 static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
305 struct netr_ServerPasswordSet *r)
307 struct server_pipe_state *pipe_state = dce_call->context->private;
309 struct ldb_context *sam_ctx;
312 nt_status = netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator);
313 NT_STATUS_NOT_OK_RETURN(nt_status);
315 sam_ctx = samdb_connect(mem_ctx, system_session(mem_ctx));
316 if (sam_ctx == NULL) {
317 return NT_STATUS_INVALID_SYSTEM_SERVICE;
320 creds_des_decrypt(pipe_state->creds, &r->in.new_password);
322 /* Using the sid for the account as the key, set the password */
323 nt_status = samdb_set_password_sid(sam_ctx, mem_ctx,
324 pipe_state->creds->sid,
325 NULL, /* Don't have plaintext */
326 NULL, &r->in.new_password,
327 False, /* This is not considered a password change */
328 False, /* don't restrict this password change (match w2k3) */
337 static WERROR netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
338 struct netr_LogonUasLogon *r)
340 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
347 static WERROR netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
348 struct netr_LogonUasLogoff *r)
350 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
357 This version of the function allows other wrappers to say 'do not check the credentials'
359 static NTSTATUS netr_LogonSamLogonEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
360 struct netr_LogonSamLogonEx *r)
362 struct server_pipe_state *pipe_state = dce_call->context->private;
364 struct auth_context *auth_context;
365 struct auth_usersupplied_info *user_info;
366 struct auth_serversupplied_info *server_info;
368 static const char zeros[16];
369 struct netr_SamBaseInfo *sam;
370 struct netr_SamInfo2 *sam2;
371 struct netr_SamInfo3 *sam3;
372 struct netr_SamInfo6 *sam6;
374 user_info = talloc(mem_ctx, struct auth_usersupplied_info);
376 return NT_STATUS_NO_MEMORY;
379 user_info->flags = 0;
380 user_info->mapped_state = False;
381 user_info->remote_host = NULL;
383 switch (r->in.logon_level) {
387 if (pipe_state->creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
388 creds_arcfour_crypt(pipe_state->creds,
389 r->in.logon.password->lmpassword.hash,
390 sizeof(r->in.logon.password->lmpassword.hash));
391 creds_arcfour_crypt(pipe_state->creds,
392 r->in.logon.password->ntpassword.hash,
393 sizeof(r->in.logon.password->ntpassword.hash));
395 creds_des_decrypt(pipe_state->creds, &r->in.logon.password->lmpassword);
396 creds_des_decrypt(pipe_state->creds, &r->in.logon.password->ntpassword);
399 /* TODO: we need to deny anonymous access here */
400 nt_status = auth_context_create(mem_ctx, lp_auth_methods(), &auth_context,
401 dce_call->event_ctx);
402 NT_STATUS_NOT_OK_RETURN(nt_status);
404 user_info->logon_parameters = r->in.logon.password->identity_info.parameter_control;
405 user_info->client.account_name = r->in.logon.password->identity_info.account_name.string;
406 user_info->client.domain_name = r->in.logon.password->identity_info.domain_name.string;
407 user_info->workstation_name = r->in.logon.password->identity_info.workstation.string;
409 user_info->password_state = AUTH_PASSWORD_HASH;
410 user_info->password.hash.lanman = talloc(user_info, struct samr_Password);
411 if (!user_info->password.hash.lanman) {
412 return NT_STATUS_NO_MEMORY;
414 *user_info->password.hash.lanman = r->in.logon.password->lmpassword;
416 user_info->password.hash.nt = talloc(user_info, struct samr_Password);
417 if (!user_info->password.hash.nt) {
418 return NT_STATUS_NO_MEMORY;
420 *user_info->password.hash.nt = r->in.logon.password->ntpassword;
422 user_info->flags |= USER_INFO_INTERACTIVE_LOGON;
428 /* TODO: we need to deny anonymous access here */
429 nt_status = auth_context_create(mem_ctx, lp_auth_methods(), &auth_context,
430 dce_call->event_ctx);
431 NT_STATUS_NOT_OK_RETURN(nt_status);
433 nt_status = auth_context_set_challenge(auth_context, r->in.logon.network->challenge, "netr_LogonSamLogonWithFlags");
434 NT_STATUS_NOT_OK_RETURN(nt_status);
436 user_info->logon_parameters = r->in.logon.network->identity_info.parameter_control;
437 user_info->client.account_name = r->in.logon.network->identity_info.account_name.string;
438 user_info->client.domain_name = r->in.logon.network->identity_info.domain_name.string;
439 user_info->workstation_name = r->in.logon.network->identity_info.workstation.string;
441 user_info->password_state = AUTH_PASSWORD_RESPONSE;
442 user_info->password.response.lanman = data_blob(r->in.logon.network->lm.data, r->in.logon.network->lm.length);
443 user_info->password.response.nt = data_blob(r->in.logon.network->nt.data, r->in.logon.network->nt.length);
447 return NT_STATUS_INVALID_PARAMETER;
450 nt_status = auth_check_password(auth_context, mem_ctx, user_info, &server_info);
451 NT_STATUS_NOT_OK_RETURN(nt_status);
453 nt_status = auth_convert_server_info_sambaseinfo(mem_ctx, server_info, &sam);
455 NT_STATUS_NOT_OK_RETURN(nt_status);
457 /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
458 /* It appears that level 6 is not individually encrypted */
459 if ((r->in.validation_level != 6)
460 && memcmp(sam->key.key, zeros,
461 sizeof(sam->key.key)) != 0) {
463 /* This key is sent unencrypted without the ARCFOUR flag set */
464 if (pipe_state->creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
465 creds_arcfour_crypt(pipe_state->creds,
467 sizeof(sam->key.key));
471 /* Don't crypt an all-zero key, it would give away the NETLOGON pipe session key */
472 /* It appears that level 6 is not individually encrypted */
473 if ((r->in.validation_level != 6)
474 && memcmp(sam->LMSessKey.key, zeros,
475 sizeof(sam->LMSessKey.key)) != 0) {
476 if (pipe_state->creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
477 creds_arcfour_crypt(pipe_state->creds,
479 sizeof(sam->LMSessKey.key));
481 creds_des_encrypt_LMKey(pipe_state->creds,
486 switch (r->in.validation_level) {
488 sam2 = talloc_zero(mem_ctx, struct netr_SamInfo2);
489 NT_STATUS_HAVE_NO_MEMORY(sam2);
491 r->out.validation.sam2 = sam2;
495 sam3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
496 NT_STATUS_HAVE_NO_MEMORY(sam3);
498 r->out.validation.sam3 = sam3;
502 sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
503 NT_STATUS_HAVE_NO_MEMORY(sam6);
505 sam6->forest.string = lp_realm();
506 sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
507 sam->account_name.string, sam6->forest.string);
508 NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
509 r->out.validation.sam6 = sam6;
516 r->out.authoritative = 1;
518 /* TODO: Describe and deal with these flags */
525 netr_LogonSamLogonWithFlags
528 static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
529 struct netr_LogonSamLogonWithFlags *r)
531 struct server_pipe_state *pipe_state = dce_call->context->private;
533 struct netr_LogonSamLogonEx r2;
535 struct netr_Authenticator *return_authenticator;
537 return_authenticator = talloc(mem_ctx, struct netr_Authenticator);
538 NT_STATUS_HAVE_NO_MEMORY(return_authenticator);
540 nt_status = netr_creds_server_step_check(pipe_state, r->in.credential, return_authenticator);
541 NT_STATUS_NOT_OK_RETURN(nt_status);
545 r2.in.server_name = r->in.server_name;
546 r2.in.workstation = r->in.workstation;
547 r2.in.logon_level = r->in.logon_level;
548 r2.in.logon = r->in.logon;
549 r2.in.validation_level = r->in.validation_level;
550 r2.in.flags = r->in.flags;
552 nt_status = netr_LogonSamLogonEx(dce_call, mem_ctx, &r2);
554 r->out.return_authenticator = return_authenticator;
555 r->out.validation = r2.out.validation;
556 r->out.authoritative = r2.out.authoritative;
557 r->out.flags = r2.out.flags;
565 static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
566 struct netr_LogonSamLogon *r)
568 struct netr_LogonSamLogonWithFlags r2;
573 r2.in.server_name = r->in.server_name;
574 r2.in.workstation = r->in.workstation;
575 r2.in.credential = r->in.credential;
576 r2.in.return_authenticator = r->in.return_authenticator;
577 r2.in.logon_level = r->in.logon_level;
578 r2.in.logon = r->in.logon;
579 r2.in.validation_level = r->in.validation_level;
582 status = netr_LogonSamLogonWithFlags(dce_call, mem_ctx, &r2);
584 r->out.return_authenticator = r2.out.return_authenticator;
585 r->out.validation = r2.out.validation;
586 r->out.authoritative = r2.out.authoritative;
595 static NTSTATUS netr_LogonSamLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
596 struct netr_LogonSamLogoff *r)
598 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
606 static NTSTATUS netr_DatabaseDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
607 struct netr_DatabaseDeltas *r)
609 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
616 static NTSTATUS netr_DatabaseSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
617 struct netr_DatabaseSync *r)
619 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
626 static NTSTATUS netr_AccountDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
627 struct netr_AccountDeltas *r)
629 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
636 static NTSTATUS netr_AccountSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
637 struct netr_AccountSync *r)
639 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
646 static NTSTATUS netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
647 struct netr_GetDcName *r)
649 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
656 static WERROR netr_LogonControl(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
657 struct netr_LogonControl *r)
659 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
666 static WERROR netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
667 struct netr_GetAnyDCName *r)
669 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
676 static WERROR netr_LogonControl2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
677 struct netr_LogonControl2 *r)
679 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
686 static NTSTATUS netr_DatabaseSync2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
687 struct netr_DatabaseSync2 *r)
689 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
696 static NTSTATUS netr_DatabaseRedo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
697 struct netr_DatabaseRedo *r)
699 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
706 static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
707 struct netr_LogonControl2Ex *r)
709 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
714 netr_NETRENUMERATETRUSTEDDOMAINS
716 static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
717 struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
719 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
724 netr_NETRLOGONDUMMYROUTINE1
726 static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
727 struct netr_NETRLOGONDUMMYROUTINE1 *r)
729 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
734 netr_NETRLOGONSETSERVICEBITS
736 static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
737 struct netr_NETRLOGONSETSERVICEBITS *r)
739 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
744 netr_NETRLOGONGETTRUSTRID
746 static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
747 struct netr_NETRLOGONGETTRUSTRID *r)
749 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
754 netr_NETRLOGONCOMPUTESERVERDIGEST
756 static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
757 struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
759 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
764 netr_NETRLOGONCOMPUTECLIENTDIGEST
766 static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
767 struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
769 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
777 static WERROR netr_DsRGetSiteName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
778 struct netr_DsRGetSiteName *r)
780 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
785 fill in a netr_DomainTrustInfo from a ldb search result
787 static NTSTATUS fill_domain_primary_info(TALLOC_CTX *mem_ctx, struct ldb_message *res,
788 struct netr_DomainTrustInfo *info,
789 const char *local_domain)
793 info->domainname.string = local_domain;
794 info->fulldomainname.string = talloc_asprintf(info, "%s.", samdb_result_string(res, "dnsDomain", NULL));
795 /* TODO: we need proper forest support */
796 info->forest.string = info->fulldomainname.string;
797 info->guid = samdb_result_guid(res, "objectGUID");
798 info->sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
804 fill in a netr_DomainTrustInfo from a ldb search result
806 static NTSTATUS fill_domain_trust_info(TALLOC_CTX *mem_ctx, struct ldb_message *res,
807 struct netr_DomainTrustInfo *info,
808 const char *local_domain, BOOL is_local)
813 info->domainname.string = local_domain;
814 info->fulldomainname.string = samdb_result_string(res, "dnsDomain", NULL);
815 info->forest.string = NULL;
816 info->guid = samdb_result_guid(res, "objectGUID");
817 info->sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
819 info->domainname.string = samdb_result_string(res, "flatName", NULL);
820 info->fulldomainname.string = samdb_result_string(res, "name", NULL);
821 info->forest.string = NULL;
822 info->guid = samdb_result_guid(res, "objectGUID");
823 info->sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
830 netr_LogonGetDomainInfo
831 this is called as part of the ADS domain logon procedure.
833 static NTSTATUS netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
834 struct netr_LogonGetDomainInfo *r)
836 struct server_pipe_state *pipe_state = dce_call->context->private;
837 const char * const attrs[] = { "dnsDomain", "objectSid",
838 "objectGUID", "flatName", "securityIdentifier",
840 const char * const ref_attrs[] = { "nETBIOSName", NULL };
841 struct ldb_context *sam_ctx;
842 struct ldb_message **res1, **res2, **ref_res;
843 struct netr_DomainInfo1 *info1;
844 int ret, ret1, ret2, i;
847 const char *local_domain;
849 status = netr_creds_server_step_check(pipe_state,
850 r->in.credential, r->out.return_authenticator);
851 if (!NT_STATUS_IS_OK(status)) {
855 sam_ctx = samdb_connect(mem_ctx, dce_call->conn->auth_state.session_info);
856 if (sam_ctx == NULL) {
857 return NT_STATUS_INVALID_SYSTEM_SERVICE;
860 /* we need to do two searches. The first will pull our primary
861 domain and the second will pull any trusted domains. Our
862 primary domain is also a "trusted" domain, so we need to
863 put the primary domain into the lists of returned trusts as
865 ret1 = gendb_search(sam_ctx, mem_ctx, NULL, &res1, attrs, "(objectClass=domainDNS)");
867 return NT_STATUS_INTERNAL_DB_CORRUPTION;
870 /* try and find the domain */
871 ret = gendb_search(sam_ctx, mem_ctx, NULL,
873 "(&(objectClass=crossRef)(ncName=%s))",
874 ldb_dn_linearize(mem_ctx, res1[0]->dn));
876 return NT_STATUS_INTERNAL_DB_CORRUPTION;
879 local_domain = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
881 ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
883 return NT_STATUS_INTERNAL_DB_CORRUPTION;
886 info1 = talloc(mem_ctx, struct netr_DomainInfo1);
888 return NT_STATUS_NO_MEMORY;
893 info1->num_trusts = ret2 + 1;
894 info1->trusts = talloc_array(mem_ctx, struct netr_DomainTrustInfo,
896 if (info1->trusts == NULL) {
897 return NT_STATUS_NO_MEMORY;
900 status = fill_domain_primary_info(mem_ctx, res1[0], &info1->domaininfo, local_domain);
901 if (!NT_STATUS_IS_OK(status)) {
905 for (i=0;i<ret2;i++) {
906 status = fill_domain_trust_info(mem_ctx, res2[i], &info1->trusts[i], NULL, False);
907 if (!NT_STATUS_IS_OK(status)) {
912 status = fill_domain_trust_info(mem_ctx, res1[0], &info1->trusts[i], local_domain, True);
913 if (!NT_STATUS_IS_OK(status)) {
917 r->out.info.info1 = info1;
924 netr_ServerPasswordSet2
926 static NTSTATUS netr_ServerPasswordSet2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
927 struct netr_ServerPasswordSet2 *r)
929 struct server_pipe_state *pipe_state = dce_call->context->private;
931 struct ldb_context *sam_ctx;
934 uint32_t new_pass_len;
937 struct samr_CryptPassword password_buf;
939 nt_status = netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator);
940 NT_STATUS_NOT_OK_RETURN(nt_status);
942 sam_ctx = samdb_connect(mem_ctx, system_session(mem_ctx));
943 if (sam_ctx == NULL) {
944 return NT_STATUS_INVALID_SYSTEM_SERVICE;
947 memcpy(password_buf.data, r->in.new_password.data, 512);
948 SIVAL(password_buf.data,512,r->in.new_password.length);
949 creds_arcfour_crypt(pipe_state->creds, password_buf.data, 516);
951 ret = decode_pw_buffer(password_buf.data, new_pass, sizeof(new_pass),
952 &new_pass_len, STR_UNICODE);
954 DEBUG(3,("netr_ServerPasswordSet2: failed to decode password buffer\n"));
955 return NT_STATUS_ACCESS_DENIED;
958 /* Using the sid for the account as the key, set the password */
959 nt_status = samdb_set_password_sid(sam_ctx, mem_ctx,
960 pipe_state->creds->sid,
961 new_pass, /* we have plaintext */
963 False, /* This is not considered a password change */
964 False, /* don't restrict this password change (match w2k3) */
971 netr_NETRSERVERPASSWORDGET
973 static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
974 struct netr_NETRSERVERPASSWORDGET *r)
976 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
981 netr_NETRLOGONSENDTOSAM
983 static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
984 struct netr_NETRLOGONSENDTOSAM *r)
986 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
991 netr_DSRADDRESSTOSITENAMESW
993 static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
994 struct netr_DSRADDRESSTOSITENAMESW *r)
996 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1001 netr_DsRGetDCNameEx2
1003 static WERROR netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1004 struct netr_DsRGetDCNameEx2 *r)
1006 const char * const attrs[] = { "dnsDomain", "objectGUID", NULL };
1008 struct ldb_message **res;
1011 ZERO_STRUCT(r->out);
1013 sam_ctx = samdb_connect(mem_ctx, dce_call->conn->auth_state.session_info);
1014 if (sam_ctx == NULL) {
1015 return WERR_DS_SERVICE_UNAVAILABLE;
1018 ret = gendb_search(sam_ctx, mem_ctx, NULL, &res, attrs,
1019 "(&(objectClass=domainDNS)(dnsDomain=%s))",
1022 return WERR_NO_SUCH_DOMAIN;
1025 r->out.info = talloc(mem_ctx, struct netr_DsRGetDCNameInfo);
1030 /* TODO: - return real IP address
1031 * - check all r->in.* parameters (server_unc is ignored by w2k3!)
1033 r->out.info->dc_unc = talloc_asprintf(mem_ctx, "\\\\%s.%s", lp_netbios_name(),lp_realm());
1034 r->out.info->dc_address = talloc_strdup(mem_ctx, "\\\\0.0.0.0");
1035 r->out.info->dc_address_type = 1;
1036 r->out.info->domain_guid = samdb_result_guid(res[0], "objectGUID");
1037 r->out.info->domain_name = samdb_result_string(res[0], "dnsDomain", NULL);
1038 r->out.info->forest_name = samdb_result_string(res[0], "dnsDomain", NULL);
1039 r->out.info->dc_flags = 0xE00001FD;
1040 r->out.info->dc_site_name = talloc_strdup(mem_ctx, "Default-First-Site-Name");
1041 r->out.info->client_site_name = talloc_strdup(mem_ctx, "Default-First-Site-Name");
1049 static WERROR netr_DsRGetDCNameEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1050 struct netr_DsRGetDCNameEx *r)
1052 struct netr_DsRGetDCNameEx2 r2;
1057 r2.in.server_unc = r->in.server_unc;
1058 r2.in.client_account = NULL;
1060 r2.in.domain_guid = r->in.domain_guid;
1061 r2.in.domain_name = r->in.domain_name;
1062 r2.in.site_name = r->in.site_name;
1063 r2.in.flags = r->in.flags;
1066 werr = netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
1068 r->out.info = r2.out.info;
1076 static WERROR netr_DsRGetDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1077 struct netr_DsRGetDCName *r)
1079 struct netr_DsRGetDCNameEx2 r2;
1084 r2.in.server_unc = r->in.server_unc;
1085 r2.in.client_account = NULL;
1087 r2.in.domain_name = r->in.domain_name;
1088 r2.in.domain_guid = r->in.domain_guid;
1090 r2.in.site_name = NULL; /* should fill in from site GUID */
1091 r2.in.flags = r->in.flags;
1094 werr = netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
1096 r->out.info = r2.out.info;
1102 netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
1104 static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1105 struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
1107 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1112 netr_NETRENUMERATETRUSTEDDOMAINSEX
1114 static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1115 struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
1117 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1122 netr_DSRADDRESSTOSITENAMESEXW
1124 static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1125 struct netr_DSRADDRESSTOSITENAMESEXW *r)
1127 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1132 netr_DSRGETDCSITECOVERAGEW
1134 static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1135 struct netr_DSRGETDCSITECOVERAGEW *r)
1137 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1142 netr_DsrEnumerateDomainTrusts
1144 static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1145 struct netr_DsrEnumerateDomainTrusts *r)
1147 struct netr_DomainTrust *trusts;
1150 struct ldb_message **dom_res, **ref_res;
1151 const char * const dom_attrs[] = { "dnsDomain", "objectSid", "objectGUID", NULL };
1152 const char * const ref_attrs[] = { "nETBIOSName", NULL };
1154 ZERO_STRUCT(r->out);
1156 sam_ctx = samdb_connect(mem_ctx, dce_call->conn->auth_state.session_info);
1157 if (sam_ctx == NULL) {
1158 return WERR_GENERAL_FAILURE;
1161 ret = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(mem_ctx), &dom_res, dom_attrs);
1163 return WERR_GENERAL_FAILURE;
1167 return WERR_GENERAL_FAILURE;
1170 ret = gendb_search(sam_ctx, mem_ctx, NULL, &ref_res, ref_attrs,
1171 "(&(objectClass=crossRef)(ncName=%s))",
1172 ldb_dn_linearize(mem_ctx, dom_res[0]->dn));
1174 return WERR_GENERAL_FAILURE;
1178 return WERR_GENERAL_FAILURE;
1183 trusts = talloc_array(mem_ctx, struct netr_DomainTrust, ret);
1184 if (trusts == NULL) {
1189 r->out.trusts = trusts;
1191 /* TODO: add filtering by trust_flags, and correct trust_type
1193 trusts[0].netbios_name = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
1194 trusts[0].dns_name = samdb_result_string(dom_res[0], "dnsDomain", NULL);
1195 trusts[0].trust_flags =
1196 NETR_TRUST_FLAG_TREEROOT |
1197 NETR_TRUST_FLAG_IN_FOREST |
1198 NETR_TRUST_FLAG_PRIMARY;
1199 trusts[0].parent_index = 0;
1200 trusts[0].trust_type = 2;
1201 trusts[0].trust_attributes = 0;
1202 trusts[0].sid = samdb_result_dom_sid(mem_ctx, dom_res[0], "objectSid");
1203 trusts[0].guid = samdb_result_guid(dom_res[0], "objectGUID");
1210 netr_DSRDEREGISTERDNSHOSTRECORDS
1212 static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1213 struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
1215 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1220 netr_NETRSERVERTRUSTPASSWORDSGET
1222 static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1223 struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
1225 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1230 netr_DSRGETFORESTTRUSTINFORMATION
1232 static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1233 struct netr_DSRGETFORESTTRUSTINFORMATION *r)
1235 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1240 netr_NETRGETFORESTTRUSTINFORMATION
1242 static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1243 struct netr_NETRGETFORESTTRUSTINFORMATION *r)
1245 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1250 netr_NETRSERVERGETTRUSTINFO
1252 static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
1253 struct netr_NETRSERVERGETTRUSTINFO *r)
1255 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1259 /* include the generated boilerplate */
1260 #include "librpc/gen_ndr/ndr_netlogon_s.c"