2 Unix SMB/CIFS implementation.
4 endpoint server for the netlogon pipe
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpc_server/common/common.h"
26 struct server_pipe_state {
28 struct netr_Credential client_challenge;
29 struct netr_Credential server_challenge;
32 char *computer_name; /* for logging only */
34 uint16_t sec_chan_type;
35 struct creds_CredentialState *creds;
38 static NTSTATUS netlogon_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *di)
40 dce_call->conn->private = NULL;
45 /* this function is called when the client disconnects the endpoint */
46 static void netlogon_unbind(struct dcesrv_connection *conn, const struct dcesrv_interface *di)
48 struct server_pipe_state *pipe_state = conn->private;
51 talloc_destroy(pipe_state->mem_ctx);
56 #define DCESRV_INTERFACE_NETLOGON_BIND netlogon_bind
57 #define DCESRV_INTERFACE_NETLOGON_UNBIND netlogon_unbind
59 static NTSTATUS netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
60 struct netr_ServerReqChallenge *r)
62 struct server_pipe_state *pipe_state = dce_call->conn->private;
63 TALLOC_CTX *pipe_mem_ctx;
65 ZERO_STRUCTP(r->out.credentials);
67 /* destroyed on pipe shutdown */
70 talloc_destroy(pipe_state->mem_ctx);
71 dce_call->conn->private = NULL;
74 pipe_mem_ctx = talloc_init("internal netlogon pipe state for %s",
78 return NT_STATUS_NO_MEMORY;
81 pipe_state = talloc_p(pipe_mem_ctx, struct server_pipe_state);
83 talloc_destroy(pipe_mem_ctx);
84 return NT_STATUS_NO_MEMORY;
87 pipe_state->mem_ctx = pipe_mem_ctx;
88 pipe_state->authenticated = False;
89 pipe_state->creds = NULL;
90 pipe_state->account_name = NULL;
91 pipe_state->computer_name = NULL;
93 pipe_state->client_challenge = *r->in.credentials;
95 generate_random_buffer(pipe_state->server_challenge.data,
96 sizeof(pipe_state->server_challenge.data),
99 *r->out.credentials = pipe_state->server_challenge;
101 dce_call->conn->private = pipe_state;
106 static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
107 struct netr_ServerAuthenticate3 *r)
109 struct server_pipe_state *pipe_state = dce_call->conn->private;
111 struct samr_Password *mach_pwd;
114 struct ldb_message **msgs;
116 const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash", "userAccountControl",
119 ZERO_STRUCTP(r->out.credentials);
121 *r->out.negotiate_flags = *r->in.negotiate_flags;
124 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
125 return NT_STATUS_ACCESS_DENIED;
128 sam_ctx = samdb_connect();
129 if (sam_ctx == NULL) {
130 return NT_STATUS_INVALID_SYSTEM_SERVICE;
132 /* pull the user attributes */
133 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
134 "(&(sAMAccountName=%s)(objectclass=user))",
137 if (num_records == 0) {
138 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
139 r->in.account_name));
140 samdb_close(sam_ctx);
141 return NT_STATUS_NO_SUCH_USER;
144 if (num_records > 1) {
145 DEBUG(1,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
146 samdb_close(sam_ctx);
147 return NT_STATUS_INTERNAL_DB_CORRUPTION;
150 acct_flags = samdb_result_acct_flags(msgs[0],
151 "userAccountControl");
153 if (acct_flags & ACB_DISABLED) {
154 DEBUG(1, ("Account [%s] is disabled\n", r->in.account_name));
155 return NT_STATUS_ACCESS_DENIED;
158 if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
159 if (!(acct_flags & ACB_WSTRUST)) {
160 DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", acct_flags));
161 return NT_STATUS_ACCESS_DENIED;
163 } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN) {
164 if (!(acct_flags & ACB_DOMTRUST)) {
165 DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", acct_flags));
166 return NT_STATUS_ACCESS_DENIED;
168 } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
169 if (!(acct_flags & ACB_SVRTRUST)) {
170 DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", acct_flags));
171 return NT_STATUS_ACCESS_DENIED;
174 DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
175 r->in.secure_channel_type));
176 return NT_STATUS_ACCESS_DENIED;
179 pipe_state->acct_flags = acct_flags;
180 pipe_state->sec_chan_type = r->in.secure_channel_type;
182 *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0], "objectSid", 0);
184 nt_status = samdb_result_passwords(mem_ctx, msgs[0], NULL, &mach_pwd);
185 if (!NT_STATUS_IS_OK(nt_status) || mach_pwd == NULL) {
186 samdb_close(sam_ctx);
187 return NT_STATUS_ACCESS_DENIED;
190 samdb_close(sam_ctx);
192 if (!pipe_state->creds) {
193 pipe_state->creds = talloc_p(pipe_state->mem_ctx, struct creds_CredentialState);
194 if (!pipe_state->creds) {
195 return NT_STATUS_NO_MEMORY;
199 creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
200 &pipe_state->server_challenge, mach_pwd,
202 *r->in.negotiate_flags);
204 if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
205 return NT_STATUS_ACCESS_DENIED;
208 pipe_state->authenticated = True;
210 if (pipe_state->account_name) {
211 /* We don't want a memory leak on this long-lived talloc context */
212 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
215 pipe_state->account_name = talloc_strdup(pipe_state->mem_ctx, r->in.account_name);
217 if (pipe_state->computer_name) {
218 /* We don't want a memory leak on this long-lived talloc context */
219 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
222 pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name);
224 /* remember this session key state */
225 nt_status = schannel_store_session_key(mem_ctx, pipe_state->computer_name, pipe_state->creds);
231 static NTSTATUS netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
232 struct netr_ServerAuthenticate *r)
234 struct netr_ServerAuthenticate3 r3;
235 uint32 negotiate_flags, rid;
237 r3.in.server_name = r->in.server_name;
238 r3.in.account_name = r->in.account_name;
239 r3.in.secure_channel_type = r->in.secure_channel_type;
240 r3.in.computer_name = r->in.computer_name;
241 r3.in.credentials = r->in.credentials;
242 r3.out.credentials = r->out.credentials;
243 r3.in.negotiate_flags = &negotiate_flags;
244 r3.out.negotiate_flags = &negotiate_flags;
247 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
250 static NTSTATUS netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
251 struct netr_ServerAuthenticate2 *r)
253 struct netr_ServerAuthenticate3 r3;
256 r3.in.server_name = r->in.server_name;
257 r3.in.account_name = r->in.account_name;
258 r3.in.secure_channel_type = r->in.secure_channel_type;
259 r3.in.computer_name = r->in.computer_name;
260 r3.in.credentials = r->in.credentials;
261 r3.out.credentials = r->out.credentials;
262 r3.in.negotiate_flags = r->in.negotiate_flags;
263 r3.out.negotiate_flags = r->out.negotiate_flags;
266 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
270 static BOOL netr_creds_server_step_check(struct server_pipe_state *pipe_state,
271 struct netr_Authenticator *received_authenticator,
272 struct netr_Authenticator *return_authenticator)
274 if (!pipe_state->authenticated) {
277 return creds_server_step_check(pipe_state->creds,
278 received_authenticator,
279 return_authenticator);
283 static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
284 struct netr_ServerPasswordSet *r)
286 struct server_pipe_state *pipe_state = dce_call->conn->private;
290 int num_records_domain;
292 struct ldb_message **msgs;
293 struct ldb_message **msgs_domain;
295 struct ldb_message mod, *msg_set_pw = &mod;
296 const char *domain_dn;
297 const char *domain_sid;
299 const char *attrs[] = {"objectSid", NULL };
301 const char **domain_attrs = attrs;
304 if (!netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator)) {
305 return NT_STATUS_ACCESS_DENIED;
309 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
310 return NT_STATUS_ACCESS_DENIED;
313 sam_ctx = samdb_connect();
314 if (sam_ctx == NULL) {
315 return NT_STATUS_INVALID_SYSTEM_SERVICE;
317 /* pull the user attributes */
318 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
319 "(&(sAMAccountName=%s)(objectclass=user))",
320 pipe_state->account_name);
322 if (num_records == 0) {
323 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
324 pipe_state->account_name));
325 samdb_close(sam_ctx);
326 return NT_STATUS_NO_SUCH_USER;
329 if (num_records > 1) {
330 DEBUG(1,("Found %d records matching user [%s]\n", num_records,
331 pipe_state->account_name));
332 samdb_close(sam_ctx);
333 return NT_STATUS_INTERNAL_DB_CORRUPTION;
336 domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
338 samdb_close(sam_ctx);
339 DEBUG(1,("no objectSid in user record\n"));
340 return NT_STATUS_INTERNAL_DB_CORRUPTION;
343 /* find the domain's DN */
344 num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL,
345 &msgs_domain, domain_attrs,
346 "(&(objectSid=%s)(objectclass=domain))",
349 if (num_records_domain == 0) {
350 DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
352 samdb_close(sam_ctx);
353 return NT_STATUS_NO_SUCH_USER;
356 if (num_records_domain > 1) {
357 DEBUG(1,("Found %d records matching domain [%s]\n",
358 num_records_domain, domain_sid));
359 samdb_close(sam_ctx);
360 return NT_STATUS_INTERNAL_DB_CORRUPTION;
363 domain_dn = msgs_domain[0]->dn;
365 mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn);
367 samdb_close(sam_ctx);
368 return NT_STATUS_NO_MEMORY;
371 creds_des_decrypt(pipe_state->creds, &r->in.new_password);
373 /* set the password - samdb needs to know both the domain and user DNs,
374 so the domain password policy can be used */
375 nt_status = samdb_set_password(sam_ctx, mem_ctx,
376 msgs[0]->dn, domain_dn,
378 NULL, /* Don't have plaintext */
379 NULL, &r->in.new_password,
380 False /* This is not considered a password change */,
383 if (!NT_STATUS_IS_OK(nt_status)) {
384 samdb_close(sam_ctx);
388 ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw);
390 /* we really need samdb.c to return NTSTATUS */
392 samdb_close(sam_ctx);
393 return NT_STATUS_UNSUCCESSFUL;
396 samdb_close(sam_ctx);
404 static WERROR netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
405 struct netr_LogonUasLogon *r)
407 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
414 static WERROR netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
415 struct netr_LogonUasLogoff *r)
417 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
427 static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
428 struct netr_LogonSamLogon *r)
430 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
437 static NTSTATUS netr_LogonSamLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
438 struct netr_LogonSamLogoff *r)
440 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
448 static NTSTATUS netr_DatabaseDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
449 struct netr_DatabaseDeltas *r)
451 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
458 static NTSTATUS netr_DatabaseSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
459 struct netr_DatabaseSync *r)
461 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
468 static NTSTATUS netr_AccountDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
469 struct netr_AccountDeltas *r)
471 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
478 static NTSTATUS netr_AccountSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
479 struct netr_AccountSync *r)
481 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
488 static NTSTATUS netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
489 struct netr_GetDcName *r)
491 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
498 static WERROR netr_LogonControl(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
499 struct netr_LogonControl *r)
501 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
508 static WERROR netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
509 struct netr_GetAnyDCName *r)
511 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
518 static WERROR netr_LogonControl2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
519 struct netr_LogonControl2 *r)
521 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
528 static NTSTATUS netr_DatabaseSync2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
529 struct netr_DatabaseSync2 *r)
531 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
538 static NTSTATUS netr_DatabaseRedo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
539 struct netr_DatabaseRedo *r)
541 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
548 static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
549 struct netr_LogonControl2Ex *r)
551 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
556 netr_NETRENUMERATETRUSTEDDOMAINS
558 static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
559 struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
561 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
568 static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
569 struct netr_DSRGETDCNAME *r)
571 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
576 netr_NETRLOGONDUMMYROUTINE1
578 static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
579 struct netr_NETRLOGONDUMMYROUTINE1 *r)
581 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
586 netr_NETRLOGONSETSERVICEBITS
588 static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
589 struct netr_NETRLOGONSETSERVICEBITS *r)
591 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
596 netr_NETRLOGONGETTRUSTRID
598 static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
599 struct netr_NETRLOGONGETTRUSTRID *r)
601 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
606 netr_NETRLOGONCOMPUTESERVERDIGEST
608 static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
609 struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
611 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
616 netr_NETRLOGONCOMPUTECLIENTDIGEST
618 static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
619 struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
621 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
628 static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
629 struct netr_DSRGETDCNAMEX *r)
631 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
638 static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
639 struct netr_DSRGETSITENAME *r)
641 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
646 netr_NETRLOGONGETDOMAININFO
648 static WERROR netr_NETRLOGONGETDOMAININFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
649 struct netr_NETRLOGONGETDOMAININFO *r)
651 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
656 netr_NETRSERVERPASSWORDSET2
658 static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
659 struct netr_NETRSERVERPASSWORDSET2 *r)
661 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
666 netr_NETRSERVERPASSWORDGET
668 static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
669 struct netr_NETRSERVERPASSWORDGET *r)
671 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
676 netr_NETRLOGONSENDTOSAM
678 static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
679 struct netr_NETRLOGONSENDTOSAM *r)
681 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
686 netr_DSRADDRESSTOSITENAMESW
688 static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
689 struct netr_DSRADDRESSTOSITENAMESW *r)
691 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
698 static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
699 struct netr_DSRGETDCNAMEEX2 *r)
701 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
706 netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
708 static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
709 struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
711 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
716 netr_NETRENUMERATETRUSTEDDOMAINSEX
718 static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
719 struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
721 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
726 netr_DSRADDRESSTOSITENAMESEXW
728 static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
729 struct netr_DSRADDRESSTOSITENAMESEXW *r)
731 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
736 netr_DSRGETDCSITECOVERAGEW
738 static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
739 struct netr_DSRGETDCSITECOVERAGEW *r)
741 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
746 netr_NETRLOGONSAMLOGONEX
748 static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
749 struct netr_NETRLOGONSAMLOGONEX *r)
751 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
756 netr_DsrEnumerateDomainTrusts
758 static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
759 struct netr_DsrEnumerateDomainTrusts *r)
761 struct netr_DomainTrust *trusts;
764 struct ldb_message **res;
765 const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
769 sam_ctx = samdb_connect();
770 if (sam_ctx == NULL) {
771 return WERR_GENERAL_FAILURE;
774 ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
776 samdb_close(sam_ctx);
777 return WERR_GENERAL_FAILURE;
784 trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
785 if (trusts == NULL) {
790 r->out.trusts = trusts;
792 /* TODO: add filtering by trust_flags, and correct trust_type
794 for (i=0;i<ret;i++) {
795 trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
796 trusts[i].dns_name = samdb_result_string(res[i], "dnsDomain", NULL);
797 trusts[i].trust_flags =
798 NETR_TRUST_FLAG_TREEROOT |
799 NETR_TRUST_FLAG_IN_FOREST |
800 NETR_TRUST_FLAG_PRIMARY;
801 trusts[i].parent_index = 0;
802 trusts[i].trust_type = 2;
803 trusts[i].trust_attributes = 0;
804 trusts[i].sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
805 trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
814 netr_DSRDEREGISTERDNSHOSTRECORDS
816 static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
817 struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
819 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
824 netr_NETRSERVERTRUSTPASSWORDSGET
826 static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
827 struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
829 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
834 netr_DSRGETFORESTTRUSTINFORMATION
836 static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
837 struct netr_DSRGETFORESTTRUSTINFORMATION *r)
839 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
844 netr_NETRGETFORESTTRUSTINFORMATION
846 static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
847 struct netr_NETRGETFORESTTRUSTINFORMATION *r)
849 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
854 netr_NETRLOGONSAMLOGONWITHFLAGS
856 static WERROR netr_NETRLOGONSAMLOGONWITHFLAGS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
857 struct netr_NETRLOGONSAMLOGONWITHFLAGS *r)
859 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
864 netr_NETRSERVERGETTRUSTINFO
866 static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
867 struct netr_NETRSERVERGETTRUSTINFO *r)
869 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
873 /* include the generated boilerplate */
874 #include "librpc/gen_ndr/ndr_netlogon_s.c"