LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
} lsa_TrustDirection;
- typedef [v1_enum] enum {
+ typedef [public,v1_enum] enum {
LSA_TRUST_TYPE_DOWNLEVEL = 0x00000001,
LSA_TRUST_TYPE_UPLEVEL = 0x00000002,
- LSA_TRUST_TYPE_MIT = 0x00000003
+ LSA_TRUST_TYPE_MIT = 0x00000003,
+ LSA_TRUST_TYPE_DCE = 0x00000004
} lsa_TrustType;
typedef [public,bitmap32bit] bitmap {
/****************/
/* Function 0x24 */
- typedef [v1_enum] enum {
- NETR_TRUST_TYPE_DOWNLEVEL = 1,
- NETR_TRUST_TYPE_UPLEVEL = 2,
- NETR_TRUST_TYPE_MIT = 3,
- NETR_TRUST_TYPE_DCE = 4
- } netr_TrustType;
-
- typedef [bitmap32bit] bitmap {
- NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE = 0x00000001,
- NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY = 0x00000002,
- NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
- NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE = 0x00000008,
- NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
- NETR_TRUST_ATTRIBUTE_WITHIN_FOREST = 0x00000020,
- NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL = 0x00000040
- } netr_TrustAttributes;
-
typedef struct {
[string,charset(UTF16)] uint16 *netbios_name;
[string,charset(UTF16)] uint16 *dns_name;
netr_TrustFlags trust_flags;
uint32 parent_index;
- netr_TrustType trust_type;
- netr_TrustAttributes trust_attributes;
+ lsa_TrustType trust_type;
+ lsa_TrustAttributes trust_attributes;
dom_sid2 *sid;
GUID guid;
} netr_DomainTrust;
bld.SAMBA_SUBSYSTEM('NDR_WINBIND',
source='gen_ndr/ndr_winbind.c',
- public_deps='ndr'
+ public_deps='ndr NDR_LSA'
)
bld.SAMBA_SUBSYSTEM('RPC_NDR_WINBIND',
*/
if ((trust->trust_attributes
- == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) &&
+ == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) &&
!domain->primary )
{
DEBUG(10,("trusted_domains: Skipping external trusted "
domain->domain_type = trusts.array[i].trust_type;
domain->domain_trust_attribs = trusts.array[i].trust_attributes;
- if ( domain->domain_type == NETR_TRUST_TYPE_UPLEVEL )
+ if ( domain->domain_type == LSA_TRUST_TYPE_UPLEVEL )
domain->active_directory = True;
/* This flag is only set if the domain is *our*
static enum trust_type get_trust_type(struct winbindd_tdc_domain *domain)
{
- if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
+ if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
return EXTERNAL;
- else if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
+ else if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
return FOREST;
else if (((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) == NETR_TRUST_FLAG_IN_FOREST) &&
((domain->trust_flags & NETR_TRUST_FLAG_PRIMARY) == 0x0))
static bool trust_is_transitive(struct winbindd_tdc_domain *domain)
{
- if ((domain->trust_attribs == NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
- (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
- (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
+ if ((domain->trust_attribs == LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
+ (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
+ (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
return False;
return True;
}
#include "winbindd.h"
#include "../librpc/gen_ndr/ndr_netlogon.h"
#include "../librpc/gen_ndr/ndr_security.h"
+#include "../librpc/gen_ndr/ndr_lsa.h"
#include "../librpc/ndr/libndr.h"
#undef DBGC_CLASS
ndr_print_string(ndr, "forest_name", r->forest_name);
ndr_print_dom_sid(ndr, "sid", &r->sid);
ndr_print_netr_TrustFlags(ndr, "domain_flags", r->domain_flags);
- ndr_print_netr_TrustType(ndr, "domain_type", r->domain_type);
- ndr_print_netr_TrustAttributes(ndr, "domain_trust_attribs", r->domain_trust_attribs);
+ ndr_print_lsa_TrustType(ndr, "domain_type", r->domain_type);
+ ndr_print_lsa_TrustAttributes(ndr, "domain_trust_attribs", r->domain_trust_attribs);
ndr_print_bool(ndr, "initialized", r->initialized);
ndr_print_bool(ndr, "native_mode", r->native_mode);
ndr_print_bool(ndr, "active_directory", r->active_directory);
#ifdef HAVE_KRB5
if ((state->request->flags & WBFLAG_PAM_KRB5) &&
((tdc_domain = wcache_tdc_fetch_domain(state->mem_ctx, name_domain)) != NULL) &&
- ((tdc_domain->trust_type & NETR_TRUST_TYPE_UPLEVEL) ||
+ ((tdc_domain->trust_type & LSA_TRUST_TYPE_UPLEVEL) ||
/* used to cope with the case winbindd starting without network. */
!strequal(tdc_domain->domain_name, tdc_domain->dns_name))) {
continue;
if ( (flags & NETR_TRUST_FLAG_INBOUND) &&
- (type == NETR_TRUST_TYPE_UPLEVEL) &&
- (attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) )
+ (type == LSA_TRUST_TYPE_UPLEVEL) &&
+ (attribs == LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) )
{
/* add the trusted domain if we don't know
about it */
trust_attributes = ldb_msg_find_attr_as_uint(dom_res[i],
"trustAttributes", 0);
- if (!(trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)) {
+ if (!(trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)) {
return NT_STATUS_INVALID_PARAMETER;
}
#include "dsdb/samdb/ldb_modules/util.h"
#include "lib/tsocket/tsocket.h"
#include "librpc/gen_ndr/ndr_netlogon.h"
+#include "librpc/gen_ndr/ndr_lsa.h"
#include "librpc/gen_ndr/ndr_irpc.h"
#include "lib/socket/netif.h"
ldb_msg_find_attr_as_uint(dom_res[i],
"trustAttributes", 0);
- if ((trusts->array[n].trust_type == NETR_TRUST_TYPE_MIT) ||
- (trusts->array[n].trust_type == NETR_TRUST_TYPE_DCE)) {
+ if ((trusts->array[n].trust_type == LSA_TRUST_TYPE_MIT) ||
+ (trusts->array[n].trust_type == LSA_TRUST_TYPE_DCE)) {
struct dom_sid zero_sid;
ZERO_STRUCT(zero_sid);
trusts->array[n].sid =
NETR_TRUST_FLAG_PRIMARY;
/* we are always the root domain for now */
trusts->array[n].parent_index = 0;
- trusts->array[n].trust_type = NETR_TRUST_TYPE_UPLEVEL;
+ trusts->array[n].trust_type = LSA_TRUST_TYPE_UPLEVEL;
trusts->array[n].trust_attributes = 0;
trusts->array[n].sid = samdb_result_dom_sid(mem_ctx,
dom_res[0],
for (i=0; i< domains->count; i++) {
- if (domains->domains[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
+ if (domains->domains[i].trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
ret &= test_QueryForestTrustInformation(b, tctx, handle,
domains->domains[i].domain_name.string);
}
/* get info for transitive forest trusts */
- if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
+ if (r.out.trusts->array[i].trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
if (!test_netr_DsRGetForestTrustInformation(tctx, p,
r.out.trusts->array[i].dns_name)) {
return false;