static bool api_lsa_addprivs(pipes_struct *p)
{
- LSA_Q_ADDPRIVS q_u;
- LSA_R_ADDPRIVS r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_addprivs("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_addprivs: failed to unmarshall LSA_Q_ADDPRIVS.\n"));
- return False;
- }
-
- r_u.status = _lsa_addprivs(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_addprivs("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_addprivs: Failed to marshall LSA_R_ADDPRIVS.\n"));
- return False;
- }
-
- return True;
+ return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT);
}
/***************************************************************************
static bool api_lsa_removeprivs(pipes_struct *p)
{
- LSA_Q_REMOVEPRIVS q_u;
- LSA_R_REMOVEPRIVS r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!lsa_io_q_removeprivs("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_removeprivs: failed to unmarshall LSA_Q_REMOVEPRIVS.\n"));
- return False;
- }
-
- r_u.status = _lsa_removeprivs(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_removeprivs("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_removeprivs: Failed to marshall LSA_R_REMOVEPRIVS.\n"));
- return False;
- }
-
- return True;
+ return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT);
}
/***************************************************************************
}
/***************************************************************************
+ _lsa_AddPrivilegesToAccount
For a given SID, add some privileges.
***************************************************************************/
-NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u)
+NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p,
+ struct lsa_AddPrivilegesToAccount *r)
{
struct lsa_info *info = NULL;
SE_PRIV mask;
- PRIVILEGE_SET *set = NULL;
+ struct lsa_PrivilegeSet *set = NULL;
/* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
+ if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
return NT_STATUS_INVALID_HANDLE;
/* check to see if the pipe_user is root or a Domain Admin since
return NT_STATUS_ACCESS_DENIED;
}
- set = &q_u->set;
-
+ set = r->in.privs;
if ( !privilege_set_to_se_priv( &mask, set ) )
return NT_STATUS_NO_SUCH_PRIVILEGE;
if ( !grant_privilege( &info->sid, &mask ) ) {
- DEBUG(3,("_lsa_addprivs: grant_privilege(%s) failed!\n",
+ DEBUG(3,("_lsa_AddPrivilegesToAccount: grant_privilege(%s) failed!\n",
sid_string_dbg(&info->sid) ));
DEBUG(3,("Privilege mask:\n"));
dump_se_priv( DBGC_ALL, 3, &mask );
}
/***************************************************************************
+ _lsa_RemovePrivilegesFromAccount
For a given SID, remove some privileges.
***************************************************************************/
-NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEPRIVS *r_u)
+NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p,
+ struct lsa_RemovePrivilegesFromAccount *r)
{
struct lsa_info *info = NULL;
SE_PRIV mask;
- PRIVILEGE_SET *set = NULL;
+ struct lsa_PrivilegeSet *set = NULL;
/* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
+ if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
return NT_STATUS_INVALID_HANDLE;
/* check to see if the pipe_user is root or a Domain Admin since
return NT_STATUS_ACCESS_DENIED;
}
- set = &q_u->set;
+ set = r->in.privs;
if ( !privilege_set_to_se_priv( &mask, set ) )
return NT_STATUS_NO_SUCH_PRIVILEGE;
if ( !revoke_privilege( &info->sid, &mask ) ) {
- DEBUG(3,("_lsa_removeprivs: revoke_privilege(%s) failed!\n",
+ DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n",
sid_string_dbg(&info->sid) ));
DEBUG(3,("Privilege mask:\n"));
dump_se_priv( DBGC_ALL, 3, &mask );
return NT_STATUS_NOT_IMPLEMENTED;
}
-NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, struct lsa_AddPrivilegesToAccount *r)
-{
- p->rng_fault_state = True;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, struct lsa_RemovePrivilegesFromAccount *r)
-{
- p->rng_fault_state = True;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r)
{
p->rng_fault_state = True;