2 Unix SMB/CIFS implementation.
4 endpoint server for the netlogon pipe
6 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpc_server/common/common.h"
26 struct server_pipe_state {
28 struct netr_Credential client_challenge;
29 struct netr_Credential server_challenge;
32 char *computer_name; /* for logging only */
34 uint16_t sec_chan_type;
35 struct creds_CredentialState *creds;
38 static NTSTATUS netlogon_bind(struct dcesrv_call_state *dce_call, const struct dcesrv_interface *di)
40 dce_call->conn->private = NULL;
45 /* this function is called when the client disconnects the endpoint */
46 static void netlogon_unbind(struct dcesrv_connection *conn, const struct dcesrv_interface *di)
48 struct server_pipe_state *pipe_state = conn->private;
51 talloc_destroy(pipe_state->mem_ctx);
57 #define DCESRV_INTERFACE_NETLOGON_BIND netlogon_bind
58 #define DCESRV_INTERFACE_NETLOGON_UNBIND netlogon_unbind
60 static NTSTATUS netr_ServerReqChallenge(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
61 struct netr_ServerReqChallenge *r)
63 struct server_pipe_state *pipe_state = dce_call->conn->private;
64 TALLOC_CTX *pipe_mem_ctx;
66 ZERO_STRUCTP(r->out.credentials);
68 /* destroyed on pipe shutdown */
71 talloc_destroy(pipe_state->mem_ctx);
72 dce_call->conn->private = NULL;
75 pipe_mem_ctx = talloc_init("internal netlogon pipe state for %s",
79 return NT_STATUS_NO_MEMORY;
82 pipe_state = talloc_p(pipe_mem_ctx, struct server_pipe_state);
84 talloc_destroy(pipe_mem_ctx);
85 return NT_STATUS_NO_MEMORY;
88 pipe_state->mem_ctx = pipe_mem_ctx;
89 pipe_state->authenticated = False;
90 pipe_state->creds = NULL;
91 pipe_state->account_name = NULL;
92 pipe_state->computer_name = NULL;
94 pipe_state->client_challenge = *r->in.credentials;
96 generate_random_buffer(pipe_state->server_challenge.data,
97 sizeof(pipe_state->server_challenge.data),
100 *r->out.credentials = pipe_state->server_challenge;
102 dce_call->conn->private = pipe_state;
107 static NTSTATUS netr_ServerAuthenticate3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
108 struct netr_ServerAuthenticate3 *r)
110 struct server_pipe_state *pipe_state = dce_call->conn->private;
112 struct samr_Password *mach_pwd;
115 struct ldb_message **msgs;
117 const char *attrs[] = {"unicodePwd", "lmPwdHash", "ntPwdHash", "userAccountControl",
120 ZERO_STRUCTP(r->out.credentials);
122 *r->out.negotiate_flags = *r->in.negotiate_flags;
125 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
126 return NT_STATUS_ACCESS_DENIED;
129 sam_ctx = samdb_connect();
130 if (sam_ctx == NULL) {
131 return NT_STATUS_INVALID_SYSTEM_SERVICE;
133 /* pull the user attributes */
134 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
135 "(&(sAMAccountName=%s)(objectclass=user))",
138 if (num_records == 0) {
139 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
140 r->in.account_name));
141 samdb_close(sam_ctx);
142 return NT_STATUS_NO_SUCH_USER;
145 if (num_records > 1) {
146 DEBUG(1,("Found %d records matching user [%s]\n", num_records, r->in.account_name));
147 samdb_close(sam_ctx);
148 return NT_STATUS_INTERNAL_DB_CORRUPTION;
151 acct_flags = samdb_result_acct_flags(msgs[0],
152 "userAccountControl");
154 if (acct_flags & ACB_DISABLED) {
155 DEBUG(1, ("Account [%s] is disabled\n", r->in.account_name));
156 return NT_STATUS_ACCESS_DENIED;
159 if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
160 if (!(acct_flags & ACB_WSTRUST)) {
161 DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", acct_flags));
162 return NT_STATUS_ACCESS_DENIED;
164 } else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN) {
165 if (!(acct_flags & ACB_DOMTRUST)) {
166 DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", acct_flags));
167 return NT_STATUS_ACCESS_DENIED;
169 } else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
170 if (!(acct_flags & ACB_SVRTRUST)) {
171 DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", acct_flags));
172 return NT_STATUS_ACCESS_DENIED;
175 DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
176 r->in.secure_channel_type));
177 return NT_STATUS_ACCESS_DENIED;
180 pipe_state->acct_flags = acct_flags;
181 pipe_state->sec_chan_type = r->in.secure_channel_type;
183 *r->out.rid = samdb_result_rid_from_sid(mem_ctx, msgs[0], "objectSid", 0);
185 nt_status = samdb_result_passwords(mem_ctx, msgs[0], NULL, &mach_pwd);
186 if (!NT_STATUS_IS_OK(nt_status) || mach_pwd == NULL) {
187 samdb_close(sam_ctx);
188 return NT_STATUS_ACCESS_DENIED;
191 samdb_close(sam_ctx);
193 if (!pipe_state->creds) {
194 pipe_state->creds = talloc_p(pipe_state->mem_ctx, struct creds_CredentialState);
195 if (!pipe_state->creds) {
196 return NT_STATUS_NO_MEMORY;
200 creds_server_init(pipe_state->creds, &pipe_state->client_challenge,
201 &pipe_state->server_challenge, mach_pwd,
203 *r->in.negotiate_flags);
205 if (!creds_server_check(pipe_state->creds, r->in.credentials)) {
206 return NT_STATUS_ACCESS_DENIED;
209 pipe_state->authenticated = True;
211 if (pipe_state->account_name) {
212 /* We don't want a memory leak on this long-lived talloc context */
213 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
216 pipe_state->account_name = talloc_strdup(pipe_state->mem_ctx, r->in.account_name);
218 if (pipe_state->computer_name) {
219 /* We don't want a memory leak on this long-lived talloc context */
220 talloc_free(pipe_state->mem_ctx, pipe_state->account_name);
223 pipe_state->computer_name = talloc_strdup(pipe_state->mem_ctx, r->in.computer_name);
225 /* remember this session key state */
226 nt_status = schannel_store_session_key(mem_ctx, pipe_state->computer_name, pipe_state->creds);
232 static NTSTATUS netr_ServerAuthenticate(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
233 struct netr_ServerAuthenticate *r)
235 struct netr_ServerAuthenticate3 r3;
236 uint32 negotiate_flags, rid;
238 r3.in.server_name = r->in.server_name;
239 r3.in.account_name = r->in.account_name;
240 r3.in.secure_channel_type = r->in.secure_channel_type;
241 r3.in.computer_name = r->in.computer_name;
242 r3.in.credentials = r->in.credentials;
243 r3.out.credentials = r->out.credentials;
244 r3.in.negotiate_flags = &negotiate_flags;
245 r3.out.negotiate_flags = &negotiate_flags;
248 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
251 static NTSTATUS netr_ServerAuthenticate2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
252 struct netr_ServerAuthenticate2 *r)
254 struct netr_ServerAuthenticate3 r3;
257 r3.in.server_name = r->in.server_name;
258 r3.in.account_name = r->in.account_name;
259 r3.in.secure_channel_type = r->in.secure_channel_type;
260 r3.in.computer_name = r->in.computer_name;
261 r3.in.credentials = r->in.credentials;
262 r3.out.credentials = r->out.credentials;
263 r3.in.negotiate_flags = r->in.negotiate_flags;
264 r3.out.negotiate_flags = r->out.negotiate_flags;
267 return netr_ServerAuthenticate3(dce_call, mem_ctx, &r3);
271 static BOOL netr_creds_server_step_check(struct server_pipe_state *pipe_state,
272 struct netr_Authenticator *received_authenticator,
273 struct netr_Authenticator *return_authenticator)
275 if (!pipe_state->authenticated) {
278 return creds_server_step_check(pipe_state->creds,
279 received_authenticator,
280 return_authenticator);
284 static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
285 struct netr_ServerPasswordSet *r)
287 struct server_pipe_state *pipe_state = dce_call->conn->private;
291 int num_records_domain;
293 struct ldb_message **msgs;
294 struct ldb_message **msgs_domain;
296 struct ldb_message mod, *msg_set_pw = &mod;
297 const char *domain_dn;
298 const char *domain_sid;
300 const char *attrs[] = {"objectSid", NULL };
302 const char **domain_attrs = attrs;
305 if (!netr_creds_server_step_check(pipe_state, &r->in.credential, &r->out.return_authenticator)) {
306 return NT_STATUS_ACCESS_DENIED;
310 DEBUG(1, ("No challenge requested by client, cannot authenticate\n"));
311 return NT_STATUS_ACCESS_DENIED;
314 sam_ctx = samdb_connect();
315 if (sam_ctx == NULL) {
316 return NT_STATUS_INVALID_SYSTEM_SERVICE;
318 /* pull the user attributes */
319 num_records = samdb_search(sam_ctx, mem_ctx, NULL, &msgs, attrs,
320 "(&(sAMAccountName=%s)(objectclass=user))",
321 pipe_state->account_name);
323 if (num_records == 0) {
324 DEBUG(3,("Couldn't find user [%s] in samdb.\n",
325 pipe_state->account_name));
326 samdb_close(sam_ctx);
327 return NT_STATUS_NO_SUCH_USER;
330 if (num_records > 1) {
331 DEBUG(1,("Found %d records matching user [%s]\n", num_records,
332 pipe_state->account_name));
333 samdb_close(sam_ctx);
334 return NT_STATUS_INTERNAL_DB_CORRUPTION;
337 domain_sid = samdb_result_sid_prefix(mem_ctx, msgs[0], "objectSid");
339 samdb_close(sam_ctx);
340 DEBUG(1,("no objectSid in user record\n"));
341 return NT_STATUS_INTERNAL_DB_CORRUPTION;
344 /* find the domain's DN */
345 num_records_domain = samdb_search(sam_ctx, mem_ctx, NULL,
346 &msgs_domain, domain_attrs,
347 "(&(objectSid=%s)(objectclass=domain))",
350 if (num_records_domain == 0) {
351 DEBUG(3,("check_sam_security: Couldn't find domain [%s] in passdb file.\n",
353 samdb_close(sam_ctx);
354 return NT_STATUS_NO_SUCH_USER;
357 if (num_records_domain > 1) {
358 DEBUG(1,("Found %d records matching domain [%s]\n",
359 num_records_domain, domain_sid));
360 samdb_close(sam_ctx);
361 return NT_STATUS_INTERNAL_DB_CORRUPTION;
364 domain_dn = msgs_domain[0]->dn;
366 mod.dn = talloc_strdup(mem_ctx, msgs[0]->dn);
368 samdb_close(sam_ctx);
369 return NT_STATUS_NO_MEMORY;
372 creds_des_decrypt(pipe_state->creds, &r->in.new_password);
374 /* set the password - samdb needs to know both the domain and user DNs,
375 so the domain password policy can be used */
376 nt_status = samdb_set_password(sam_ctx, mem_ctx,
377 msgs[0]->dn, domain_dn,
379 NULL, /* Don't have plaintext */
380 NULL, &r->in.new_password,
381 False /* This is not considered a password change */,
384 if (!NT_STATUS_IS_OK(nt_status)) {
385 samdb_close(sam_ctx);
389 ret = samdb_replace(sam_ctx, mem_ctx, msg_set_pw);
391 /* we really need samdb.c to return NTSTATUS */
393 samdb_close(sam_ctx);
394 return NT_STATUS_UNSUCCESSFUL;
397 samdb_close(sam_ctx);
405 static WERROR netr_LogonUasLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
406 struct netr_LogonUasLogon *r)
408 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
415 static WERROR netr_LogonUasLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
416 struct netr_LogonUasLogoff *r)
418 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
431 static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
432 struct netr_LogonSamLogon *r)
434 struct server_pipe_state *pipe_state = dce_call->conn->private;
436 struct auth_context *auth_context;
437 struct auth_usersupplied_info *user_info;
438 struct auth_serversupplied_info *server_info;
443 switch (r->in.logon_level) {
446 creds_arcfour_crypt(pipe_state->creds,
447 r->in.logon.password->lmpassword.hash,
448 sizeof(r->in.logon.password->lmpassword.hash));
449 creds_arcfour_crypt(pipe_state->creds,
450 r->in.logon.password->ntpassword.hash,
451 sizeof(r->in.logon.password->ntpassword.hash));
453 nt_status = make_auth_context_subsystem(&auth_context);
454 if (!NT_STATUS_IS_OK(nt_status)) {
458 chal = auth_context->get_ntlm_challenge(auth_context);
459 nt_status = make_user_info_netlogon_interactive(&user_info,
460 r->in.logon.password->identity_info.account_name.string,
461 r->in.logon.password->identity_info.domain_name.string,
462 r->in.logon.password->identity_info.workstation.string,
464 &r->in.logon.password->lmpassword,
465 &r->in.logon.password->ntpassword);
470 nt_status = make_auth_context_fixed(&auth_context, r->in.logon.network->challenge);
471 if (!NT_STATUS_IS_OK(nt_status)) {
475 nt_status = make_user_info_netlogon_network(&user_info,
476 r->in.logon.network->identity_info.account_name.string,
477 r->in.logon.network->identity_info.domain_name.string,
478 r->in.logon.network->identity_info.workstation.string,
479 r->in.logon.network->nt.data, r->in.logon.network->nt.length,
480 r->in.logon.network->lm.data, r->in.logon.network->lm.length);
483 free_auth_context(&auth_context);
484 return NT_STATUS_INVALID_PARAMETER;
487 if (!NT_STATUS_IS_OK(nt_status)) {
491 nt_status = auth_context->check_ntlm_password(auth_context,
495 if (!NT_STATUS_IS_OK(nt_status)) {
496 free_auth_context(&auth_context);
499 free_auth_context(&auth_context);
501 switch (r->in.validation_level) {
504 struct netr_SamInfo *sam;
505 sam = talloc_p(mem_ctx, struct netr_SamInfo);
506 r->out.validation.sam = sam;
508 sam->last_logon = server_info->last_logon;
509 sam->last_logoff = server_info->last_logoff;
510 sam->acct_expiry = server_info->acct_expiry;
511 sam->last_password_change = server_info->last_password_change;
512 sam->allow_password_change = server_info->allow_password_change;
513 sam->force_password_change = server_info->force_password_change;
515 sam->account_name.string = talloc_strdup(mem_ctx, server_info->account_name);
516 sam->full_name.string = talloc_strdup(mem_ctx, server_info->full_name);
517 sam->logon_script.string = talloc_strdup(mem_ctx, server_info->account_name);
518 sam->profile_path.string = talloc_strdup(mem_ctx, server_info->profile_path);
519 sam->home_directory.string = talloc_strdup(mem_ctx, server_info->home_directory);
520 sam->home_drive.string = talloc_strdup(mem_ctx, server_info->home_drive);
522 sam->logon_count = server_info->logon_count;
523 sam->bad_password_count = sam->bad_password_count;
524 sam->rid = server_info->user_sid->sub_auths[server_info->user_sid->num_auths-1];
525 sam->primary_gid = server_info->primary_group_sid->sub_auths[server_info->primary_group_sid->num_auths-1];
526 sam->group_count = 0;
527 sam->groupids = NULL;
529 sam->acct_flags = server_info->acct_flags;
531 sam->domain.string = talloc_strdup(mem_ctx, server_info->domain);
539 struct netr_SamInfo2 *sam;
540 sam = talloc_p(mem_ctx, struct netr_SamInfo2);
541 r->out.validation.sam2 = sam;
549 r->out.authoritative = 1;
554 static NTSTATUS netr_LogonSamLogon(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
555 struct netr_LogonSamLogon *r)
557 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
564 static NTSTATUS netr_LogonSamLogoff(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
565 struct netr_LogonSamLogoff *r)
567 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
575 static NTSTATUS netr_DatabaseDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
576 struct netr_DatabaseDeltas *r)
578 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
585 static NTSTATUS netr_DatabaseSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
586 struct netr_DatabaseSync *r)
588 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
595 static NTSTATUS netr_AccountDeltas(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
596 struct netr_AccountDeltas *r)
598 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
605 static NTSTATUS netr_AccountSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
606 struct netr_AccountSync *r)
608 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
615 static NTSTATUS netr_GetDcName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
616 struct netr_GetDcName *r)
618 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
625 static WERROR netr_LogonControl(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
626 struct netr_LogonControl *r)
628 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
635 static WERROR netr_GetAnyDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
636 struct netr_GetAnyDCName *r)
638 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
645 static WERROR netr_LogonControl2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
646 struct netr_LogonControl2 *r)
648 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
655 static NTSTATUS netr_DatabaseSync2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
656 struct netr_DatabaseSync2 *r)
658 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
665 static NTSTATUS netr_DatabaseRedo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
666 struct netr_DatabaseRedo *r)
668 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
675 static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
676 struct netr_LogonControl2Ex *r)
678 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
683 netr_NETRENUMERATETRUSTEDDOMAINS
685 static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
686 struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
688 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
695 static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
696 struct netr_DSRGETDCNAME *r)
698 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
703 netr_NETRLOGONDUMMYROUTINE1
705 static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
706 struct netr_NETRLOGONDUMMYROUTINE1 *r)
708 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
713 netr_NETRLOGONSETSERVICEBITS
715 static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
716 struct netr_NETRLOGONSETSERVICEBITS *r)
718 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
723 netr_NETRLOGONGETTRUSTRID
725 static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
726 struct netr_NETRLOGONGETTRUSTRID *r)
728 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
733 netr_NETRLOGONCOMPUTESERVERDIGEST
735 static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
736 struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
738 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
743 netr_NETRLOGONCOMPUTECLIENTDIGEST
745 static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
746 struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
748 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
755 static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
756 struct netr_DSRGETDCNAMEX *r)
758 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
765 static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
766 struct netr_DSRGETSITENAME *r)
768 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
773 netr_NETRLOGONGETDOMAININFO
775 static WERROR netr_NETRLOGONGETDOMAININFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
776 struct netr_NETRLOGONGETDOMAININFO *r)
778 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
783 netr_NETRSERVERPASSWORDSET2
785 static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
786 struct netr_NETRSERVERPASSWORDSET2 *r)
788 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
793 netr_NETRSERVERPASSWORDGET
795 static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
796 struct netr_NETRSERVERPASSWORDGET *r)
798 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
803 netr_NETRLOGONSENDTOSAM
805 static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
806 struct netr_NETRLOGONSENDTOSAM *r)
808 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
813 netr_DSRADDRESSTOSITENAMESW
815 static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
816 struct netr_DSRADDRESSTOSITENAMESW *r)
818 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
825 static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
826 struct netr_DSRGETDCNAMEEX2 *r)
828 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
833 netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN
835 static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
836 struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
838 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
843 netr_NETRENUMERATETRUSTEDDOMAINSEX
845 static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
846 struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
848 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
853 netr_DSRADDRESSTOSITENAMESEXW
855 static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
856 struct netr_DSRADDRESSTOSITENAMESEXW *r)
858 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
863 netr_DSRGETDCSITECOVERAGEW
865 static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
866 struct netr_DSRGETDCSITECOVERAGEW *r)
868 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
873 netr_NETRLOGONSAMLOGONEX
875 static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
876 struct netr_NETRLOGONSAMLOGONEX *r)
878 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
883 netr_DsrEnumerateDomainTrusts
885 static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
886 struct netr_DsrEnumerateDomainTrusts *r)
888 struct netr_DomainTrust *trusts;
891 struct ldb_message **res;
892 const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
896 sam_ctx = samdb_connect();
897 if (sam_ctx == NULL) {
898 return WERR_GENERAL_FAILURE;
901 ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
903 samdb_close(sam_ctx);
904 return WERR_GENERAL_FAILURE;
911 trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
912 if (trusts == NULL) {
917 r->out.trusts = trusts;
919 /* TODO: add filtering by trust_flags, and correct trust_type
921 for (i=0;i<ret;i++) {
922 trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
923 trusts[i].dns_name = samdb_result_string(res[i], "dnsDomain", NULL);
924 trusts[i].trust_flags =
925 NETR_TRUST_FLAG_TREEROOT |
926 NETR_TRUST_FLAG_IN_FOREST |
927 NETR_TRUST_FLAG_PRIMARY;
928 trusts[i].parent_index = 0;
929 trusts[i].trust_type = 2;
930 trusts[i].trust_attributes = 0;
931 trusts[i].sid = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
932 trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
941 netr_DSRDEREGISTERDNSHOSTRECORDS
943 static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
944 struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
946 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
951 netr_NETRSERVERTRUSTPASSWORDSGET
953 static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
954 struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
956 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
961 netr_DSRGETFORESTTRUSTINFORMATION
963 static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
964 struct netr_DSRGETFORESTTRUSTINFORMATION *r)
966 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
971 netr_NETRGETFORESTTRUSTINFORMATION
973 static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
974 struct netr_NETRGETFORESTTRUSTINFORMATION *r)
976 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
981 netr_NETRLOGONSAMLOGONWITHFLAGS
983 static WERROR netr_NETRLOGONSAMLOGONWITHFLAGS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
984 struct netr_NETRLOGONSAMLOGONWITHFLAGS *r)
986 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
991 netr_NETRSERVERGETTRUSTINFO
993 static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
994 struct netr_NETRSERVERGETTRUSTINFO *r)
996 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
1000 /* include the generated boilerplate */
1001 #include "librpc/gen_ndr/ndr_netlogon_s.c"