NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
bool sec_qos, uint32 des_access,
- POLICY_HND *pol)
+ struct policy_handle *pol)
{
struct lsa_ObjectAttribute attr;
struct lsa_QosInfo qos;
uint16_t system_name = '\\';
+ ZERO_STRUCT(attr);
+
+ attr.len = 0x18;
+
if (sec_qos) {
- init_lsa_sec_qos(&qos, 0xc, 2, 1, 0);
- init_lsa_obj_attr(&attr,
- 0x18,
- NULL,
- NULL,
- 0,
- NULL,
- &qos);
- } else {
- init_lsa_obj_attr(&attr,
- 0x18,
- NULL,
- NULL,
- 0,
- NULL,
- NULL);
+ qos.len = 0xc;
+ qos.impersonation_level = 2;
+ qos.context_mode = 1;
+ qos.effective_only = 0;
+
+ attr.sec_qos = &qos;
}
return rpccli_lsa_OpenPolicy(cli, mem_ctx,
NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, bool sec_qos,
- uint32 des_access, POLICY_HND *pol)
+ uint32 des_access, struct policy_handle *pol)
{
struct lsa_ObjectAttribute attr;
struct lsa_QosInfo qos;
+ ZERO_STRUCT(attr);
+
+ attr.len = 0x18;
+
if (sec_qos) {
- init_lsa_sec_qos(&qos, 0xc, 2, 1, 0);
- init_lsa_obj_attr(&attr,
- 0x18,
- NULL,
- NULL,
- 0,
- NULL,
- &qos);
- } else {
- init_lsa_obj_attr(&attr,
- 0x18,
- NULL,
- NULL,
- 0,
- NULL,
- NULL);
+ qos.len = 0xc;
+ qos.impersonation_level = 2;
+ qos.context_mode = 1;
+ qos.effective_only = 0;
+
+ attr.sec_qos = &qos;
}
return rpccli_lsa_OpenPolicy2(cli, mem_ctx,
- cli->cli->srv_name_slash,
+ cli->srv_name_slash,
&attr,
des_access,
pol);
static NTSTATUS rpccli_lsa_lookup_sids_noalloc(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
- POLICY_HND *pol,
+ struct policy_handle *pol,
int num_sids,
const DOM_SID *sids,
char **domains,
NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
- POLICY_HND *pol,
+ struct policy_handle *pol,
int num_sids,
const DOM_SID *sids,
char ***pdomains,
NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, int num_names,
+ struct policy_handle *pol, int num_names,
const char **names,
const char ***dom_names,
int level,
return result;
}
-
-#if 0
-
-/** An example of how to use the routines in this file. Fetch a DOMAIN
- sid. Does complete cli setup / teardown anonymously. */
-
-bool fetch_domain_sid( char *domain, char *remote_machine, DOM_SID *psid)
-{
- struct cli_state cli;
- NTSTATUS result;
- POLICY_HND lsa_pol;
- bool ret = False;
-
- ZERO_STRUCT(cli);
- if(cli_initialise(&cli) == False) {
- DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
- return False;
- }
-
- if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
- DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
- goto done;
- }
-
- if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
- DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
-machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- goto done;
- }
-
- if (!attempt_netbios_session_request(&cli, global_myname(), remote_machine, &cli.dest_ip)) {
- DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n",
- remote_machine));
- goto done;
- }
-
- cli.protocol = PROTOCOL_NT1;
-
- if (!cli_negprot(&cli)) {
- DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- goto done;
- }
-
- if (cli.protocol != PROTOCOL_NT1) {
- DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
- remote_machine));
- goto done;
- }
-
- /*
- * Do an anonymous session setup.
- */
-
- if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
- DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- goto done;
- }
-
- if (!(cli.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
- DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
- remote_machine));
- goto done;
- }
-
- if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
- DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
-Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
- goto done;
- }
-
- /* Fetch domain sid */
-
- if (!cli_nt_session_open(&cli, PI_LSARPC)) {
- DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
- goto done;
- }
-
- result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
- nt_errstr(result) ));
- goto done;
- }
-
- result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
- nt_errstr(result) ));
- goto done;
- }
-
- ret = True;
-
- done:
-
- cli_shutdown(&cli);
- return ret;
-}
-
-#endif