2 Unix SMB/CIFS implementation.
4 endpoint server for the netlogon pipe
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpc_server/common/common.h"
26 struct server_pipe_state {
28 struct netr_Credential client_challenge;
29 struct netr_Credential server_challenge;
32 char *computer_name; /* for logging only */
34 uint16_t sec_chan_type;
35 struct creds_CredentialState *creds;
38 static NTSTATUS netlogon_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *di)
40 dce_call->conn->private = NULL;
45 /* this function is called when the client disconnects the endpoint */
46 static void netlogon_unbind(struct dcesrv_connection *conn, const struct dcesrv_interface *di)
48 struct server_pipe_state *pipe_state = conn->private;
51 talloc_destroy(pipe_state->mem_ctx);
56 #define DCESRV_INTERFACE_NETLOGON_BIND netlogon_bind
57 #define DCESRV_INTERFACE_NETLOGON_UNBIND netlogon_unbind
60 netr_ServerReqChallenge
62 NTSTATUS netr_ServerReqChallenge(
63 [in] unistr *server_name,
64 [in] unistr computer_name,
65 [in,out,ref] netr_Credential *credentials
69 static NTSTATUS netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
70 struct netr_ServerReqChallenge *r)
72 struct server_pipe_state *pipe_state = dce_call->conn->private;
73 TALLOC_CTX *pipe_mem_ctx;
75 ZERO_STRUCTP(r->out.credentials);
77 /* destroyed on pipe shutdown */
80 talloc_destroy(pipe_state->mem_ctx);
81 dce_call->conn->private = NULL;
84 pipe_mem_ctx = talloc_init("internal netlogon pipe state for %s",
88 return NT_STATUS_NO_MEMORY;
91 pipe_state = talloc_p(pipe_mem_ctx, struct server_pipe_state);
93 talloc_destroy(pipe_mem_ctx);
94 return NT_STATUS_NO_MEMORY;
97 pipe_state->mem_ctx = pipe_mem_ctx;
98 pipe_state->authenticated = False;
99 pipe_state->creds = NULL;
100 pipe_state->account_name = NULL;
101 pipe_state->computer_name = NULL;
103 pipe_state->client_challenge = *r->in.credentials;
105 generate_random_buffer(pipe_state->server_challenge.data,
106 sizeof(pipe_state->server_challenge.data),
109 *r->out.credentials = pipe_state->server_challenge;
111 dce_call->conn->private = pipe_state;
118 netr_ServerAuthenticate
120 secure channel types:
122 const int SEC_CHAN_WKSTA = 2;
123 const int SEC_CHAN_DOMAIN = 4;
124 const int SEC_CHAN_BDC = 6;
126 NTSTATUS netr_ServerAuthenticate3(
127 [in] unistr *server_name,
128 [in] unistr username,
129 [in] uint16 secure_channel_type,
130 [in] unistr computer_name,
131 [in,out,ref] netr_Credential *credentials
132 [in,out,ref] uint32 *negotiate_flags,
133 [out,ref] uint32 *rid
136 static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
137 struct netr_ServerAuthenticate3 *r)
139 struct server_pipe_state *pipe_state = dce_call->conn->private;
144 struct ldb_message **msgs;
146 const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash", "userAccountControl",
149 ZERO_STRUCTP(r->out.credentials);
151 *r->out.negotiate_flags = *r->in.negotiate_flags;
154 DEBUG(1, ("No challange requested by client, cannot authenticate\n"));
155 return NT_STATUS_ACCESS_DENIED;
158 sam_ctx = samdb_connect();
159 if (sam_ctx == NULL) {
160 return NT_STATUS_INVALID_SYSTEM_SERVICE;
162 /* pull the user attributes */
163 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
164 "(&(sAMAccountName=%s)(objectclass=user))",
167 if (num_records == 0) {
168 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
170 samdb_close(sam_ctx);
171 return NT_STATUS_NO_SUCH_USER;
174 if (num_records > 1) {
175 DEBUG(1,("Found %d records matching user [%s]\n", num_records, r->in.username));
176 samdb_close(sam_ctx);
177 return NT_STATUS_INTERNAL_DB_CORRUPTION;
180 acct_flags = samdb_result_acct_flags(msgs[0],
181 "userAccountControl");
183 if (acct_flags & ACB_DISABLED) {
184 DEBUG(1, ("Account [%s] is disabled\n", r->in.username));
185 return NT_STATUS_ACCESS_DENIED;
188 if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
189 if (!(acct_flags & ACB_WSTRUST)) {
190 DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", acct_flags));
191 return NT_STATUS_ACCESS_DENIED;
193 } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN) {
194 if (!(acct_flags & ACB_DOMTRUST)) {
195 DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", acct_flags));
196 return NT_STATUS_ACCESS_DENIED;
198 } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
199 if (!(acct_flags & ACB_SVRTRUST)) {
200 DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", acct_flags));
201 return NT_STATUS_ACCESS_DENIED;
204 DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
205 r->in.secure_channel_type));
206 return NT_STATUS_ACCESS_DENIED;
209 pipe_state->acct_flags = acct_flags;
210 pipe_state->sec_chan_type = r->in.secure_channel_type;
212 *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0], "objectSid", 0);
214 nt_status = samdb_result_passwords(mem_ctx, msgs[0], NULL, &mach_pwd);
215 if (!NT_STATUS_IS_OK(nt_status)) {
216 samdb_close(sam_ctx);
217 return NT_STATUS_ACCESS_DENIED;
220 samdb_close(sam_ctx);
222 if (!pipe_state->creds) {
223 pipe_state->creds = talloc_p(pipe_state->mem_ctx, struct creds_CredentialState);
224 if (!pipe_state->creds) {
225 return NT_STATUS_NO_MEMORY;
229 creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
230 &pipe_state->server_challenge, mach_pwd,
232 *r->in.negotiate_flags);
234 if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
235 return NT_STATUS_ACCESS_DENIED;
238 pipe_state->authenticated = True;
240 if (pipe_state->account_name) {
241 /* We don't want a memory leak on this long-lived talloc context */
242 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
245 pipe_state->account_name = talloc_strdup(pipe_state->mem_ctx, r->in.username);
247 if (pipe_state->computer_name) {
248 /* We don't want a memory leak on this long-lived talloc context */
249 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
252 pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name);
258 static NTSTATUS netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
259 struct netr_ServerAuthenticate *r)
261 struct netr_ServerAuthenticate3 r3;
262 uint32 negotiate_flags, rid;
264 r3.in.server_name = r->in.server_name;
265 r3.in.username = r->in.username;
266 r3.in.secure_channel_type = r->in.secure_channel_type;
267 r3.in.computer_name = r->in.computer_name;
268 r3.in.credentials = r->in.credentials;
269 r3.out.credentials = r->out.credentials;
270 r3.in.negotiate_flags = &negotiate_flags;
271 r3.out.negotiate_flags = &negotiate_flags;
274 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
277 static NTSTATUS netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
278 struct netr_ServerAuthenticate2 *r)
280 struct netr_ServerAuthenticate3 r3;
283 r3.in.server_name = r->in.server_name;
284 r3.in.username = r->in.username;
285 r3.in.secure_channel_type = r->in.secure_channel_type;
286 r3.in.computer_name = r->in.computer_name;
287 r3.in.credentials = r->in.credentials;
288 r3.out.credentials = r->out.credentials;
289 r3.in.negotiate_flags = r->in.negotiate_flags;
290 r3.out.negotiate_flags = r->out.negotiate_flags;
293 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
297 static BOOL netr_creds_server_step_check(struct server_pipe_state *pipe_state,
298 struct netr_Authenticator *received_authenticator,
299 struct netr_Authenticator *return_authenticator)
301 if (!pipe_state->authenticated) {
304 return creds_server_step_check(pipe_state->creds,
305 received_authenticator,
306 return_authenticator);
310 netr_ServerPasswordSet
312 NTSTATUS netr_ServerPasswordSet(
313 [in] unistr *server_name,
314 [in] unistr username,
315 [in] uint16 secure_channel_type,
316 [in] unistr computer_name,
317 [in] netr_Authenticator credential,
318 [in] netr_Password new_password,
319 [out] netr_Authenticator return_authenticator
323 static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
324 struct netr_ServerPasswordSet *r)
326 struct server_pipe_state *pipe_state = dce_call->conn->private;
330 int num_records_domain;
332 struct ldb_message **msgs;
333 struct ldb_message **msgs_domain;
335 struct samr_Hash newNtHash;
336 struct ldb_message mod, *msg_set_pw = &mod;
337 const char *domain_dn;
338 const char *domain_sid;
340 const char *attrs[] = {"objectSid", NULL };
342 const char **domain_attrs = attrs;
345 if (!netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator)) {
346 return NT_STATUS_ACCESS_DENIED;
350 DEBUG(1, ("No challange requested by client, cannot authenticate\n"));
351 return NT_STATUS_ACCESS_DENIED;
354 sam_ctx = samdb_connect();
355 if (sam_ctx == NULL) {
356 return NT_STATUS_INVALID_SYSTEM_SERVICE;
358 /* pull the user attributes */
359 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
360 "(&(sAMAccountName=%s)(objectclass=user))",
361 pipe_state->account_name);
363 if (num_records == 0) {
364 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
365 pipe_state->account_name));
366 samdb_close(sam_ctx);
367 return NT_STATUS_NO_SUCH_USER;
370 if (num_records > 1) {
371 DEBUG(1,("Found %d records matching user [%s]\n", num_records,
372 pipe_state->account_name));
373 samdb_close(sam_ctx);
374 return NT_STATUS_INTERNAL_DB_CORRUPTION;
377 domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
379 samdb_close(sam_ctx);
380 return NT_STATUS_INTERNAL_DB_CORRUPTION;
383 /* find the domain's DN */
384 num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL,
385 &msgs_domain, domain_attrs,
386 "(&(objectSid=%s)(objectclass=domain))",
389 if (num_records_domain == 0) {
390 DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
392 samdb_close(sam_ctx);
393 return NT_STATUS_NO_SUCH_USER;
396 if (num_records_domain > 1) {
397 DEBUG(1,("Found %d records matching domain [%s]\n",
398 num_records_domain, domain_sid));
399 samdb_close(sam_ctx);
400 return NT_STATUS_INTERNAL_DB_CORRUPTION;
403 domain_dn = msgs_domain[0]->dn;
405 mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn);
407 samdb_close(sam_ctx);
408 return NT_STATUS_NO_MEMORY;
411 creds_des_decrypt(pipe_state->creds, &r->in.new_password);
413 memcpy(newNtHash.hash, r->in.new_password.data, sizeof(newNtHash.hash));
415 /* set the password - samdb needs to know both the domain and user DNs,
416 so the domain password policy can be used */
417 nt_status = samdb_set_password(sam_ctx, mem_ctx,
418 msgs[0]->dn, domain_dn,
420 NULL, /* Don't have plaintext */
422 False /* This is not considered a password change */,
425 if (!NT_STATUS_IS_OK(nt_status)) {
426 samdb_close(sam_ctx);
430 ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw);
432 /* we really need samdb.c to return NTSTATUS */
434 samdb_close(sam_ctx);
435 return NT_STATUS_UNSUCCESSFUL;
438 samdb_close(sam_ctx);
446 static WERROR netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
447 struct netr_LogonUasLogon *r)
449 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
456 static WERROR netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
457 struct netr_LogonUasLogoff *r)
459 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
469 static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
470 struct netr_LogonSamLogon *r)
472 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
479 static NTSTATUS netr_LogonSamLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
480 struct netr_LogonSamLogoff *r)
482 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
490 static NTSTATUS netr_DatabaseDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
491 struct netr_DatabaseDeltas *r)
493 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
500 static NTSTATUS netr_DatabaseSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
501 struct netr_DatabaseSync *r)
503 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
510 static NTSTATUS netr_AccountDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
511 struct netr_AccountDeltas *r)
513 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
520 static NTSTATUS netr_AccountSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
521 struct netr_AccountSync *r)
523 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
530 static NTSTATUS netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
531 struct netr_GetDcName *r)
533 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
540 static WERROR netr_LogonControl(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
541 struct netr_LogonControl *r)
543 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
550 static WERROR netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
551 struct netr_GetAnyDCName *r)
553 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
560 static WERROR netr_LogonControl2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
561 struct netr_LogonControl2 *r)
563 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
570 static NTSTATUS netr_DatabaseSync2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
571 struct netr_DatabaseSync2 *r)
573 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
580 static NTSTATUS netr_DatabaseRedo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
581 struct netr_DatabaseRedo *r)
583 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
590 static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
591 struct netr_LogonControl2Ex *r)
593 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
598 netr_NETRENUMERATETRUSTEDDOMAINS
600 static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
601 struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
603 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
610 static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
611 struct netr_DSRGETDCNAME *r)
613 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
618 netr_NETRLOGONDUMMYROUTINE1
620 static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
621 struct netr_NETRLOGONDUMMYROUTINE1 *r)
623 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
628 netr_NETRLOGONSETSERVICEBITS
630 static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
631 struct netr_NETRLOGONSETSERVICEBITS *r)
633 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
638 netr_NETRLOGONGETTRUSTRID
640 static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
641 struct netr_NETRLOGONGETTRUSTRID *r)
643 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
648 netr_NETRLOGONCOMPUTESERVERDIGEST
650 static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
651 struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
653 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
658 netr_NETRLOGONCOMPUTECLIENTDIGEST
660 static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
661 struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
663 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
670 static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
671 struct netr_DSRGETDCNAMEX *r)
673 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
680 static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
681 struct netr_DSRGETSITENAME *r)
683 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
688 netr_NETRLOGONGETDOMAININFO
690 static WERROR netr_NETRLOGONGETDOMAININFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
691 struct netr_NETRLOGONGETDOMAININFO *r)
693 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
698 netr_NETRSERVERPASSWORDSET2
700 static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
701 struct netr_NETRSERVERPASSWORDSET2 *r)
703 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
708 netr_NETRSERVERPASSWORDGET
710 static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
711 struct netr_NETRSERVERPASSWORDGET *r)
713 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
718 netr_NETRLOGONSENDTOSAM
720 static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
721 struct netr_NETRLOGONSENDTOSAM *r)
723 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
728 netr_DSRADDRESSTOSITENAMESW
730 static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
731 struct netr_DSRADDRESSTOSITENAMESW *r)
733 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
740 static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
741 struct netr_DSRGETDCNAMEEX2 *r)
743 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
748 netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
750 static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
751 struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
753 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
758 netr_NETRENUMERATETRUSTEDDOMAINSEX
760 static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
761 struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
763 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
768 netr_DSRADDRESSTOSITENAMESEXW
770 static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
771 struct netr_DSRADDRESSTOSITENAMESEXW *r)
773 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
778 netr_DSRGETDCSITECOVERAGEW
780 static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
781 struct netr_DSRGETDCSITECOVERAGEW *r)
783 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
788 netr_NETRLOGONSAMLOGONEX
790 static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
791 struct netr_NETRLOGONSAMLOGONEX *r)
793 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
798 netr_DsrEnumerateDomainTrusts
800 static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
801 struct netr_DsrEnumerateDomainTrusts *r)
803 struct netr_DomainTrust *trusts;
806 struct ldb_message **res;
807 const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
811 sam_ctx = samdb_connect();
812 if (sam_ctx == NULL) {
813 return WERR_GENERAL_FAILURE;
816 ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
818 samdb_close(sam_ctx);
819 return WERR_GENERAL_FAILURE;
826 trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
827 if (trusts == NULL) {
832 r->out.trusts = trusts;
834 /* TODO: add filtering by trust_flags, and correct trust_type
836 for (i=0;i<ret;i++) {
837 trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
838 trusts[i].dns_name = samdb_result_string(res[i], "dnsDomain", NULL);
839 trusts[i].trust_flags =
840 NETR_TRUST_FLAG_TREEROOT |
841 NETR_TRUST_FLAG_IN_FOREST |
842 NETR_TRUST_FLAG_PRIMARY;
843 trusts[i].parent_index = 0;
844 trusts[i].trust_type = 2;
845 trusts[i].trust_attributes = 0;
846 trusts[i].sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
847 trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
856 netr_DSRDEREGISTERDNSHOSTRECORDS
858 static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
859 struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
861 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
866 netr_NETRSERVERTRUSTPASSWORDSGET
868 static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
869 struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
871 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
876 netr_DSRGETFORESTTRUSTINFORMATION
878 static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
879 struct netr_DSRGETFORESTTRUSTINFORMATION *r)
881 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
886 netr_NETRGETFORESTTRUSTINFORMATION
888 static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
889 struct netr_NETRGETFORESTTRUSTINFORMATION *r)
891 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
896 netr_NETRLOGONSAMLOGONWITHFLAGS
898 static WERROR netr_NETRLOGONSAMLOGONWITHFLAGS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
899 struct netr_NETRLOGONSAMLOGONWITHFLAGS *r)
901 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
906 netr_NETRSERVERGETTRUSTINFO
908 static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
909 struct netr_NETRSERVERGETTRUSTINFO *r)
911 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
915 /* include the generated boilerplate */
916 #include "librpc/gen_ndr/ndr_netlogon_s.c"