2 * Unix SMB/CIFS implementation.
4 * Winbind rpc backend functions
6 * Copyright (c) 2000-2003 Tim Potter
7 * Copyright (c) 2001 Andrew Tridgell
8 * Copyright (c) 2005 Volker Lendecke
9 * Copyright (c) 2008 Guenther Deschner (pidl conversion)
10 * Copyright (c) 2010 Andreas Schneider <asn@samba.org>
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 3 of the License, or
15 * (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "winbindd_rpc.h"
30 #include "../librpc/gen_ndr/cli_samr.h"
31 #include "rpc_client/cli_samr.h"
32 #include "../librpc/gen_ndr/srv_samr.h"
33 #include "../librpc/gen_ndr/cli_lsa.h"
34 #include "rpc_client/cli_lsarpc.h"
35 #include "../librpc/gen_ndr/srv_lsa.h"
38 #define DBGC_CLASS DBGC_WINBIND
40 static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
41 struct rpc_pipe_client **samr_pipe)
43 static struct rpc_pipe_client *cli = NULL;
44 struct auth_serversupplied_info *server_info = NULL;
51 if (server_info == NULL) {
52 status = make_server_info_system(mem_ctx, &server_info);
53 if (!NT_STATUS_IS_OK(status)) {
54 DEBUG(0, ("open_samr_pipe: Could not create auth_serversupplied_info: %s\n",
60 /* create a samr connection */
61 status = rpc_pipe_open_internal(talloc_autofree_context(),
62 &ndr_table_samr.syntax_id,
66 if (!NT_STATUS_IS_OK(status)) {
67 DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
80 static NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
81 struct winbindd_domain *domain,
82 struct rpc_pipe_client **samr_pipe,
83 struct policy_handle *samr_domain_hnd)
86 struct policy_handle samr_connect_hnd;
88 status = open_internal_samr_pipe(mem_ctx, samr_pipe);
89 if (!NT_STATUS_IS_OK(status)) {
93 status = rpccli_samr_Connect2((*samr_pipe),
95 (*samr_pipe)->desthost,
96 SEC_FLAG_MAXIMUM_ALLOWED,
98 if (!NT_STATUS_IS_OK(status)) {
102 status = rpccli_samr_OpenDomain((*samr_pipe),
105 SEC_FLAG_MAXIMUM_ALLOWED,
112 static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
113 struct rpc_pipe_client **lsa_pipe)
115 static struct rpc_pipe_client *cli = NULL;
116 struct auth_serversupplied_info *server_info = NULL;
123 if (server_info == NULL) {
124 status = make_server_info_system(mem_ctx, &server_info);
125 if (!NT_STATUS_IS_OK(status)) {
126 DEBUG(0, ("open_lsa_pipe: Could not create auth_serversupplied_info: %s\n",
132 /* create a samr connection */
133 status = rpc_pipe_open_internal(talloc_autofree_context(),
134 &ndr_table_lsarpc.syntax_id,
138 if (!NT_STATUS_IS_OK(status)) {
139 DEBUG(0, ("open_lsa_pipe: Could not connect to lsa_pipe: %s\n",
152 static NTSTATUS open_internal_lsa_conn(TALLOC_CTX *mem_ctx,
153 struct rpc_pipe_client **lsa_pipe,
154 struct policy_handle *lsa_hnd)
158 status = open_internal_lsa_pipe(mem_ctx, lsa_pipe);
159 if (!NT_STATUS_IS_OK(status)) {
163 status = rpccli_lsa_open_policy((*lsa_pipe),
166 SEC_FLAG_MAXIMUM_ALLOWED,
172 /*********************************************************************
173 SAM specific functions.
174 *********************************************************************/
176 /* List all domain groups */
177 static NTSTATUS sam_enum_dom_groups(struct winbindd_domain *domain,
180 struct acct_info **pinfo)
182 struct rpc_pipe_client *samr_pipe;
183 struct policy_handle dom_pol;
184 struct acct_info *info = NULL;
185 uint32_t num_info = 0;
189 DEBUG(3,("sam_enum_dom_groups\n"));
191 ZERO_STRUCT(dom_pol);
197 tmp_ctx = talloc_stackframe();
198 if (tmp_ctx == NULL) {
199 return NT_STATUS_NO_MEMORY;
202 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
203 if (!NT_STATUS_IS_OK(status)) {
207 status = rpc_enum_dom_groups(tmp_ctx,
212 if (!NT_STATUS_IS_OK(status)) {
217 *pnum_info = num_info;
221 *pinfo = talloc_move(mem_ctx, &info);
225 if (is_valid_policy_hnd(&dom_pol)) {
226 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
228 TALLOC_FREE(tmp_ctx);
232 /* Query display info for a domain */
233 static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
236 struct wbint_userinfo **pinfo)
238 struct rpc_pipe_client *samr_pipe = NULL;
239 struct policy_handle dom_pol;
240 struct wbint_userinfo *info = NULL;
241 uint32_t num_info = 0;
245 DEBUG(3,("samr_query_user_list\n"));
247 ZERO_STRUCT(dom_pol);
253 tmp_ctx = talloc_stackframe();
254 if (tmp_ctx == NULL) {
255 return NT_STATUS_NO_MEMORY;
258 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
259 if (!NT_STATUS_IS_OK(status)) {
263 status = rpc_query_user_list(tmp_ctx,
269 if (!NT_STATUS_IS_OK(status)) {
274 *pnum_info = num_info;
278 *pinfo = talloc_move(mem_ctx, &info);
282 if (is_valid_policy_hnd(&dom_pol)) {
283 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
286 TALLOC_FREE(tmp_ctx);
290 /* Lookup user information from a rid or username. */
291 static NTSTATUS sam_query_user(struct winbindd_domain *domain,
293 const struct dom_sid *user_sid,
294 struct wbint_userinfo *user_info)
296 struct rpc_pipe_client *samr_pipe;
297 struct policy_handle dom_pol;
301 DEBUG(3,("sam_query_user\n"));
303 ZERO_STRUCT(dom_pol);
306 if (!sid_check_is_in_our_domain(user_sid)) {
307 return NT_STATUS_NO_SUCH_USER;
311 user_info->homedir = NULL;
312 user_info->shell = NULL;
313 user_info->primary_gid = (gid_t) -1;
316 tmp_ctx = talloc_stackframe();
317 if (tmp_ctx == NULL) {
318 return NT_STATUS_NO_MEMORY;
321 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
322 if (!NT_STATUS_IS_OK(status)) {
326 status = rpc_query_user(tmp_ctx,
334 if (is_valid_policy_hnd(&dom_pol)) {
335 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
338 TALLOC_FREE(tmp_ctx);
342 /* get a list of trusted domains - builtin domain */
343 static NTSTATUS sam_trusted_domains(struct winbindd_domain *domain,
345 struct netr_DomainTrustList *ptrust_list)
347 struct rpc_pipe_client *lsa_pipe;
348 struct policy_handle lsa_policy;
349 struct netr_DomainTrust *trusts = NULL;
350 uint32_t num_trusts = 0;
354 DEBUG(3,("samr: trusted domains\n"));
356 ZERO_STRUCT(lsa_policy);
359 ZERO_STRUCTP(ptrust_list);
362 tmp_ctx = talloc_stackframe();
363 if (tmp_ctx == NULL) {
364 return NT_STATUS_NO_MEMORY;
367 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
368 if (!NT_STATUS_IS_OK(status)) {
372 status = rpc_trusted_domains(tmp_ctx,
377 if (!NT_STATUS_IS_OK(status)) {
382 ptrust_list->count = num_trusts;
383 ptrust_list->array = talloc_move(mem_ctx, &trusts);
387 if (is_valid_policy_hnd(&lsa_policy)) {
388 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
391 TALLOC_FREE(tmp_ctx);
395 /* Lookup group membership given a rid. */
396 static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
398 const struct dom_sid *group_sid,
399 enum lsa_SidType type,
400 uint32_t *pnum_names,
401 struct dom_sid **psid_mem,
403 uint32_t **pname_types)
405 struct rpc_pipe_client *samr_pipe;
406 struct policy_handle dom_pol;
408 uint32_t num_names = 0;
409 struct dom_sid *sid_mem = NULL;
411 uint32_t *name_types = NULL;
416 DEBUG(3,("sam_lookup_groupmem\n"));
418 ZERO_STRUCT(dom_pol);
421 if (sid_check_is_in_builtin(group_sid) && (type != SID_NAME_ALIAS)) {
422 /* There's no groups, only aliases in BUILTIN */
423 return NT_STATUS_NO_SUCH_GROUP;
430 tmp_ctx = talloc_stackframe();
431 if (tmp_ctx == NULL) {
432 return NT_STATUS_NO_MEMORY;
435 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
436 if (!NT_STATUS_IS_OK(status)) {
440 status = rpc_lookup_groupmem(tmp_ctx,
453 *pnum_names = num_names;
457 *pnames = talloc_move(mem_ctx, &names);
461 *pname_types = talloc_move(mem_ctx, &name_types);
465 *psid_mem = talloc_move(mem_ctx, &sid_mem);
469 if (is_valid_policy_hnd(&dom_pol)) {
470 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
473 TALLOC_FREE(tmp_ctx);
477 /*********************************************************************
478 BUILTIN specific functions.
479 *********************************************************************/
481 /* List all domain groups */
482 static NTSTATUS builtin_enum_dom_groups(struct winbindd_domain *domain,
485 struct acct_info **info)
487 /* BUILTIN doesn't have domain groups */
493 /* Query display info for a domain */
494 static NTSTATUS builtin_query_user_list(struct winbindd_domain *domain,
497 struct wbint_userinfo **info)
499 /* We don't have users */
505 /* Lookup user information from a rid or username. */
506 static NTSTATUS builtin_query_user(struct winbindd_domain *domain,
508 const struct dom_sid *user_sid,
509 struct wbint_userinfo *user_info)
511 return NT_STATUS_NO_SUCH_USER;
514 /* get a list of trusted domains - builtin domain */
515 static NTSTATUS builtin_trusted_domains(struct winbindd_domain *domain,
517 struct netr_DomainTrustList *trusts)
519 ZERO_STRUCTP(trusts);
523 /*********************************************************************
525 *********************************************************************/
527 /* List all local groups (aliases) */
528 static NTSTATUS sam_enum_local_groups(struct winbindd_domain *domain,
531 struct acct_info **pinfo)
533 struct rpc_pipe_client *samr_pipe;
534 struct policy_handle dom_pol;
535 struct acct_info *info = NULL;
536 uint32_t num_info = 0;
540 DEBUG(3,("samr: enum local groups\n"));
542 ZERO_STRUCT(dom_pol);
548 tmp_ctx = talloc_stackframe();
549 if (tmp_ctx == NULL) {
550 return NT_STATUS_NO_MEMORY;
553 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
554 if (!NT_STATUS_IS_OK(status)) {
558 status = rpc_enum_local_groups(mem_ctx,
563 if (!NT_STATUS_IS_OK(status)) {
568 *pnum_info = num_info;
572 *pinfo = talloc_move(mem_ctx, &info);
576 if (is_valid_policy_hnd(&dom_pol)) {
577 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
580 TALLOC_FREE(tmp_ctx);
584 /* convert a single name to a sid in a domain */
585 static NTSTATUS sam_name_to_sid(struct winbindd_domain *domain,
587 const char *domain_name,
590 struct dom_sid *psid,
591 enum lsa_SidType *ptype)
593 struct rpc_pipe_client *lsa_pipe;
594 struct policy_handle lsa_policy;
596 enum lsa_SidType type;
600 DEBUG(3,("sam_name_to_sid\n"));
602 ZERO_STRUCT(lsa_policy);
604 tmp_ctx = talloc_stackframe();
605 if (tmp_ctx == NULL) {
606 return NT_STATUS_NO_MEMORY;
609 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
610 if (!NT_STATUS_IS_OK(status)) {
614 status = rpc_name_to_sid(tmp_ctx,
622 if (!NT_STATUS_IS_OK(status)) {
627 sid_copy(psid, &sid);
634 if (is_valid_policy_hnd(&lsa_policy)) {
635 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
638 TALLOC_FREE(tmp_ctx);
642 /* convert a domain SID to a user or group name */
643 static NTSTATUS sam_sid_to_name(struct winbindd_domain *domain,
645 const struct dom_sid *sid,
648 enum lsa_SidType *ptype)
650 struct rpc_pipe_client *lsa_pipe;
651 struct policy_handle lsa_policy;
652 char *domain_name = NULL;
654 enum lsa_SidType type;
658 DEBUG(3,("sam_sid_to_name\n"));
660 ZERO_STRUCT(lsa_policy);
663 if (!sid_check_is_in_builtin(sid) &&
664 !sid_check_is_in_our_domain(sid) &&
665 !sid_check_is_in_unix_users(sid) &&
666 !sid_check_is_unix_users(sid) &&
667 !sid_check_is_in_unix_groups(sid) &&
668 !sid_check_is_unix_groups(sid) &&
669 !sid_check_is_in_wellknown_domain(sid)) {
670 DEBUG(0, ("sam_sid_to_name: possible deadlock - trying to "
671 "lookup SID %s\n", sid_string_dbg(sid)));
672 return NT_STATUS_NONE_MAPPED;
675 tmp_ctx = talloc_stackframe();
676 if (tmp_ctx == NULL) {
677 return NT_STATUS_NO_MEMORY;
680 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
681 if (!NT_STATUS_IS_OK(status)) {
685 status = rpc_sid_to_name(tmp_ctx,
699 *pname = talloc_move(mem_ctx, &name);
703 *pdomain_name = talloc_move(mem_ctx, &domain_name);
707 if (is_valid_policy_hnd(&lsa_policy)) {
708 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
711 TALLOC_FREE(tmp_ctx);
715 static NTSTATUS sam_rids_to_names(struct winbindd_domain *domain,
717 const struct dom_sid *sid,
722 enum lsa_SidType **ptypes)
724 struct rpc_pipe_client *lsa_pipe;
725 struct policy_handle lsa_policy;
726 enum lsa_SidType *types = NULL;
727 char *domain_name = NULL;
732 DEBUG(3,("sam_rids_to_names for %s\n", domain->name));
734 ZERO_STRUCT(lsa_policy);
737 if (!sid_check_is_in_builtin(sid) &&
738 !sid_check_is_in_our_domain(sid) &&
739 !sid_check_is_in_unix_users(sid) &&
740 !sid_check_is_unix_users(sid) &&
741 !sid_check_is_in_unix_groups(sid) &&
742 !sid_check_is_unix_groups(sid) &&
743 !sid_check_is_in_wellknown_domain(sid)) {
744 DEBUG(0, ("sam_rids_to_names: possible deadlock - trying to "
745 "lookup SID %s\n", sid_string_dbg(sid)));
746 return NT_STATUS_NONE_MAPPED;
749 tmp_ctx = talloc_stackframe();
750 if (tmp_ctx == NULL) {
751 return NT_STATUS_NO_MEMORY;
754 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
755 if (!NT_STATUS_IS_OK(status)) {
759 status = rpc_rids_to_names(tmp_ctx,
769 if (!NT_STATUS_IS_OK(status)) {
774 *pdomain_name = talloc_move(mem_ctx, &domain_name);
778 *ptypes = talloc_move(mem_ctx, &types);
782 *pnames = talloc_move(mem_ctx, &names);
786 if (is_valid_policy_hnd(&lsa_policy)) {
787 rpccli_lsa_Close(lsa_pipe, mem_ctx, &lsa_policy);
790 TALLOC_FREE(tmp_ctx);
794 static NTSTATUS sam_lockout_policy(struct winbindd_domain *domain,
796 struct samr_DomInfo12 *lockout_policy)
798 struct rpc_pipe_client *samr_pipe;
799 struct policy_handle dom_pol;
800 union samr_DomainInfo *info = NULL;
804 DEBUG(3,("sam_lockout_policy\n"));
806 ZERO_STRUCT(dom_pol);
808 tmp_ctx = talloc_stackframe();
809 if (tmp_ctx == NULL) {
810 return NT_STATUS_NO_MEMORY;
813 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
814 if (!NT_STATUS_IS_OK(status)) {
818 status = rpccli_samr_QueryDomainInfo(samr_pipe,
823 if (!NT_STATUS_IS_OK(status)) {
827 *lockout_policy = info->info12;
830 if (is_valid_policy_hnd(&dom_pol)) {
831 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
834 TALLOC_FREE(tmp_ctx);
838 static NTSTATUS sam_password_policy(struct winbindd_domain *domain,
840 struct samr_DomInfo1 *passwd_policy)
842 struct rpc_pipe_client *samr_pipe;
843 struct policy_handle dom_pol;
844 union samr_DomainInfo *info = NULL;
848 DEBUG(3,("sam_password_policy\n"));
850 ZERO_STRUCT(dom_pol);
852 tmp_ctx = talloc_stackframe();
853 if (tmp_ctx == NULL) {
854 return NT_STATUS_NO_MEMORY;
857 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
858 if (!NT_STATUS_IS_OK(status)) {
862 status = rpccli_samr_QueryDomainInfo(samr_pipe,
867 if (!NT_STATUS_IS_OK(status)) {
871 *passwd_policy = info->info1;
874 if (is_valid_policy_hnd(&dom_pol)) {
875 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
878 TALLOC_FREE(tmp_ctx);
882 /* Lookup groups a user is a member of. */
883 static NTSTATUS sam_lookup_usergroups(struct winbindd_domain *domain,
885 const struct dom_sid *user_sid,
886 uint32_t *pnum_groups,
887 struct dom_sid **puser_grpsids)
889 struct rpc_pipe_client *samr_pipe;
890 struct policy_handle dom_pol;
891 struct dom_sid *user_grpsids = NULL;
892 uint32_t num_groups = 0;
896 DEBUG(3,("sam_lookup_usergroups\n"));
898 ZERO_STRUCT(dom_pol);
904 tmp_ctx = talloc_stackframe();
905 if (tmp_ctx == NULL) {
906 return NT_STATUS_NO_MEMORY;
909 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
910 if (!NT_STATUS_IS_OK(status)) {
914 status = rpc_lookup_usergroups(tmp_ctx,
921 if (!NT_STATUS_IS_OK(status)) {
926 *pnum_groups = num_groups;
930 *puser_grpsids = talloc_move(mem_ctx, &user_grpsids);
934 if (is_valid_policy_hnd(&dom_pol)) {
935 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
938 TALLOC_FREE(tmp_ctx);
942 static NTSTATUS sam_lookup_useraliases(struct winbindd_domain *domain,
945 const struct dom_sid *sids,
946 uint32_t *pnum_aliases,
947 uint32_t **palias_rids)
949 struct rpc_pipe_client *samr_pipe;
950 struct policy_handle dom_pol;
951 uint32_t num_aliases = 0;
952 uint32_t *alias_rids = NULL;
956 DEBUG(3,("sam_lookup_useraliases\n"));
958 ZERO_STRUCT(dom_pol);
964 tmp_ctx = talloc_stackframe();
965 if (tmp_ctx == NULL) {
966 return NT_STATUS_NO_MEMORY;
969 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
970 if (!NT_STATUS_IS_OK(status)) {
974 status = rpc_lookup_useraliases(tmp_ctx,
981 if (!NT_STATUS_IS_OK(status)) {
986 *pnum_aliases = num_aliases;
990 *palias_rids = talloc_move(mem_ctx, &alias_rids);
994 if (is_valid_policy_hnd(&dom_pol)) {
995 rpccli_samr_Close(samr_pipe, mem_ctx, &dom_pol);
998 TALLOC_FREE(tmp_ctx);
1002 /* find the sequence number for a domain */
1003 static NTSTATUS sam_sequence_number(struct winbindd_domain *domain,
1006 struct rpc_pipe_client *samr_pipe;
1007 struct policy_handle dom_pol;
1009 TALLOC_CTX *tmp_ctx;
1012 DEBUG(3,("samr: sequence number\n"));
1014 ZERO_STRUCT(dom_pol);
1017 *pseq = DOM_SEQUENCE_NONE;
1020 tmp_ctx = talloc_stackframe();
1021 if (tmp_ctx == NULL) {
1022 return NT_STATUS_NO_MEMORY;
1025 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
1026 if (!NT_STATUS_IS_OK(status)) {
1030 status = rpc_sequence_number(tmp_ctx,
1035 if (!NT_STATUS_IS_OK(status)) {
1043 if (is_valid_policy_hnd(&dom_pol)) {
1044 rpccli_samr_Close(samr_pipe, tmp_ctx, &dom_pol);
1047 TALLOC_FREE(tmp_ctx);
1051 /* the rpc backend methods are exposed via this structure */
1052 struct winbindd_methods builtin_passdb_methods = {
1053 .consistent = false,
1055 .query_user_list = builtin_query_user_list,
1056 .enum_dom_groups = builtin_enum_dom_groups,
1057 .enum_local_groups = sam_enum_local_groups,
1058 .name_to_sid = sam_name_to_sid,
1059 .sid_to_name = sam_sid_to_name,
1060 .rids_to_names = sam_rids_to_names,
1061 .query_user = builtin_query_user,
1062 .lookup_usergroups = sam_lookup_usergroups,
1063 .lookup_useraliases = sam_lookup_useraliases,
1064 .lookup_groupmem = sam_lookup_groupmem,
1065 .sequence_number = sam_sequence_number,
1066 .lockout_policy = sam_lockout_policy,
1067 .password_policy = sam_password_policy,
1068 .trusted_domains = builtin_trusted_domains
1071 /* the rpc backend methods are exposed via this structure */
1072 struct winbindd_methods sam_passdb_methods = {
1073 .consistent = false,
1075 .query_user_list = sam_query_user_list,
1076 .enum_dom_groups = sam_enum_dom_groups,
1077 .enum_local_groups = sam_enum_local_groups,
1078 .name_to_sid = sam_name_to_sid,
1079 .sid_to_name = sam_sid_to_name,
1080 .rids_to_names = sam_rids_to_names,
1081 .query_user = sam_query_user,
1082 .lookup_usergroups = sam_lookup_usergroups,
1083 .lookup_useraliases = sam_lookup_useraliases,
1084 .lookup_groupmem = sam_lookup_groupmem,
1085 .sequence_number = sam_sequence_number,
1086 .lockout_policy = sam_lockout_policy,
1087 .password_policy = sam_password_policy,
1088 .trusted_domains = sam_trusted_domains