Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2008
Copyright (C) Stefan Metzmacher <metze@samba.org> 2005
+ Copyright (C) Matthias Dieter Wallnöfer 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "includes.h"
#include "rpc_server/dcerpc_server.h"
-#include "rpc_server/common/common.h"
-#include "lib/ldb/include/ldb.h"
#include "auth/auth.h"
#include "auth/auth_sam_reply.h"
#include "dsdb/samdb/samdb.h"
-#include "../libds/common/flags.h"
-#include "rpc_server/samr/proto.h"
#include "../lib/util/util_ldb.h"
-#include "libcli/auth/libcli_auth.h"
-#include "auth/gensec/schannel.h"
+#include "../libcli/auth/schannel.h"
+#include "auth/gensec/schannel_state.h"
#include "libcli/security/security.h"
#include "param/param.h"
#include "lib/messaging/irpc.h"
#include "librpc/gen_ndr/ndr_irpc.h"
-#include "librpc/gen_ndr/ndr_netlogon.h"
struct netlogon_server_pipe_state {
struct netr_Credential client_challenge;
}
sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx,
- system_session(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
+ system_session(dce_call->conn->dce_ctx->lp_ctx));
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
return NT_STATUS_ACCESS_DENIED;
}
- nt_status = schannel_store_session_key(schannel_ldb, mem_ctx, creds);
- talloc_free(schannel_ldb);
+ nt_status = schannel_store_session_key_ldb(schannel_ldb, mem_ctx, creds);
+ talloc_unlink(mem_ctx, schannel_ldb);
return nt_status;
}
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
- nt_status = schannel_creds_server_step_check(ldb, mem_ctx,
- computer_name,
- schannel_global_required,
- schannel_in_use,
- received_authenticator,
- return_authenticator, creds_out);
- talloc_free(ldb);
+ nt_status = schannel_creds_server_step_check_ldb(ldb, mem_ctx,
+ computer_name,
+ schannel_global_required,
+ schannel_in_use,
+ received_authenticator,
+ return_authenticator, creds_out);
+ talloc_unlink(mem_ctx, ldb);
return nt_status;
}
&creds);
NT_STATUS_NOT_OK_RETURN(nt_status);
- sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
+ sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(dce_call->conn->dce_ctx->lp_ctx));
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
&creds);
NT_STATUS_NOT_OK_RETURN(nt_status);
- sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(mem_ctx, dce_call->conn->dce_ctx->lp_ctx));
+ sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, system_session(dce_call->conn->dce_ctx->lp_ctx));
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
sam6 = talloc_zero(mem_ctx, struct netr_SamInfo6);
NT_STATUS_HAVE_NO_MEMORY(sam6);
sam6->base = *sam;
- sam6->forest.string = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ sam6->forest.string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
sam6->principle.string = talloc_asprintf(mem_ctx, "%s@%s",
sam->account_name.string, sam6->forest.string);
NT_STATUS_HAVE_NO_MEMORY(sam6->principle.string);
return NT_STATUS_ACCESS_DENIED;
}
- nt_status = schannel_fetch_session_key(ldb, mem_ctx, r->in.computer_name, &creds);
+ nt_status = schannel_fetch_session_key_ldb(ldb, mem_ctx, r->in.computer_name, &creds);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
dce_call->conn->dce_ctx->lp_ctx,
dce_call->conn->auth_state.session_info);
if (sam_ctx == NULL) {
- return WERR_DS_SERVICE_UNAVAILABLE;
+ return WERR_DS_UNAVAILABLE;
}
domain_dn = samdb_domain_to_dn(sam_ctx, mem_ctx,
r->in.domainname);
if (domain_dn == NULL) {
- return WERR_DS_SERVICE_UNAVAILABLE;
+ return WERR_DS_UNAVAILABLE;
}
ret = gendb_search_dn(sam_ctx, mem_ctx,
/*
- fill in a netr_DomainTrustInfo from a ldb search result
+ fill in a netr_OneDomainInfo from a ldb search result
*/
-static NTSTATUS fill_domain_trust_info(TALLOC_CTX *mem_ctx,
- struct loadparm_context *lp_ctx,
- struct ldb_context *sam_ctx,
- struct ldb_message *res,
- struct netr_DomainTrustInfo *info,
- bool is_local, bool is_trust_list)
+static NTSTATUS fill_one_domain_info(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
+ struct ldb_context *sam_ctx,
+ struct ldb_message *res,
+ struct netr_OneDomainInfo *info,
+ bool is_local, bool is_trust_list)
{
ZERO_STRUCTP(info);
- info->trust_extension.info = talloc_zero(mem_ctx, struct netr_trust_extension);
- info->trust_extension.length = 16;
- info->trust_extension.info->flags =
- NETR_TRUST_FLAG_TREEROOT |
- NETR_TRUST_FLAG_IN_FOREST |
- NETR_TRUST_FLAG_PRIMARY;
-
- info->trust_extension.info->parent_index = 0; /* should be index into array
- of parent */
- info->trust_extension.info->trust_type = LSA_TRUST_TYPE_UPLEVEL; /* should be based on ldb search for trusts */
- info->trust_extension.info->trust_attributes = LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE; /* needs to be based on ldb search */
+ if (is_trust_list) {
+ /* w2k8 only fills this on trusted domains */
+ info->trust_extension.info = talloc_zero(mem_ctx, struct netr_trust_extension);
+ info->trust_extension.length = 16;
+ info->trust_extension.info->flags =
+ NETR_TRUST_FLAG_TREEROOT |
+ NETR_TRUST_FLAG_IN_FOREST |
+ NETR_TRUST_FLAG_PRIMARY |
+ NETR_TRUST_FLAG_NATIVE;
+
+ info->trust_extension.info->parent_index = 0; /* should be index into array
+ of parent */
+ info->trust_extension.info->trust_type = LSA_TRUST_TYPE_UPLEVEL; /* should be based on ldb search for trusts */
+ info->trust_extension.info->trust_attributes = 0; /* TODO: base on ldb search? */
+ }
if (is_trust_list) {
/* MS-NRPC 3.5.4.3.9 - must be set to NULL for trust list */
- info->forest.string = NULL;
+ info->dns_forestname.string = NULL;
} else {
char *p;
/* TODO: we need a common function for pulling the forest */
- info->forest.string = ldb_dn_canonical_string(info, ldb_get_root_basedn(sam_ctx));
- if (!info->forest.string) {
+ info->dns_forestname.string = ldb_dn_canonical_string(info, ldb_get_root_basedn(sam_ctx));
+ if (!info->dns_forestname.string) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
- p = strchr(info->forest.string, '/');
+ p = strchr(info->dns_forestname.string, '/');
if (p) {
*p = '\0';
}
+ info->dns_forestname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_forestname.string);
+
}
if (is_local) {
info->domainname.string = lp_sam_name(lp_ctx);
- info->fulldomainname.string = lp_realm(lp_ctx);
- info->guid = samdb_result_guid(res, "objectGUID");
- info->sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
+ info->dns_domainname.string = lp_dnsdomain(lp_ctx);
+ info->domain_guid = samdb_result_guid(res, "objectGUID");
+ info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
} else {
info->domainname.string = samdb_result_string(res, "flatName", NULL);
- info->fulldomainname.string = samdb_result_string(res, "trustPartner", NULL);
- info->guid = samdb_result_guid(res, "objectGUID");
- info->sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
+ info->dns_domainname.string = samdb_result_string(res, "trustPartner", NULL);
+ info->domain_guid = samdb_result_guid(res, "objectGUID");
+ info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
+ }
+ if (!is_trust_list) {
+ info->dns_domainname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_domainname.string);
}
return NT_STATUS_OK;
It has an important role in convaying details about the client, such
as Operating System, Version, Service Pack etc.
*/
-static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct netr_LogonGetDomainInfo *r)
+static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx, struct netr_LogonGetDomainInfo *r)
{
- const char * const attrs[] = { "objectSid",
- "objectGUID", "flatName", "securityIdentifier",
- "trustPartner", NULL };
+ struct netlogon_creds_CredentialState *creds;
+ const char * const attrs[] = { "objectSid", "objectGUID", "flatName",
+ "securityIdentifier", "trustPartner", NULL };
+ const char * const attrs2[] = { "dNSHostName",
+ "msDS-SupportedEncryptionTypes", NULL };
+ const char *temp_str;
+ const char *old_dns_hostname;
struct ldb_context *sam_ctx;
- struct ldb_message **res1, **res2;
- struct netr_DomainInfo1 *info1;
- int ret1, ret2, i;
+ struct ldb_message **res1, **res2, **res3, *new_msg;
+ struct ldb_dn *workstation_dn;
+ struct netr_DomainInformation *domain_info;
+ struct netr_LsaPolicyInformation *lsa_policy_info;
+ struct netr_OsVersionInfoEx *os_version;
+ uint32_t default_supported_enc_types = 0xFFFFFFFF;
+ int ret1, ret2, ret3, i;
NTSTATUS status;
- const char *local_domain;
-
status = dcesrv_netr_creds_server_step_check(dce_call,
mem_ctx,
r->in.computer_name,
r->in.credential,
r->out.return_authenticator,
- NULL);
+ &creds);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,(__location__ " Bad credentials - error\n"));
}
NT_STATUS_NOT_OK_RETURN(status);
- sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
+ sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx,
+ dce_call->conn->dce_ctx->lp_ctx,
+ system_session(dce_call->conn->dce_ctx->lp_ctx));
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
- /* we need to do two searches. The first will pull our primary
- domain and the second will pull any trusted domains. Our
- primary domain is also a "trusted" domain, so we need to
- put the primary domain into the lists of returned trusts as
- well */
- ret1 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx), &res1, attrs);
- if (ret1 != 1) {
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
+ switch (r->in.level) {
+ case 1: /* Domain information */
- /* try and find the domain */
- local_domain = lp_sam_name(dce_call->conn->dce_ctx->lp_ctx);
+ /* TODO: check NTSTATUS results - and fail also on SAMDB
+ * errors (needs some testing against Windows Server 2008) */
- ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
- if (ret2 == -1) {
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
+ /*
+ * Check that the computer name parameter matches as prefix with
+ * the DNS hostname in the workstation info structure.
+ */
+ temp_str = strndup(r->in.query->workstation_info->dns_hostname,
+ strcspn(r->in.query->workstation_info->dns_hostname,
+ "."));
+ if (strcasecmp(r->in.computer_name, temp_str) != 0)
+ return NT_STATUS_INVALID_PARAMETER;
+
+ workstation_dn = ldb_dn_new_fmt(mem_ctx, sam_ctx, "<SID=%s>",
+ dom_sid_string(mem_ctx, creds->sid));
+ NT_STATUS_HAVE_NO_MEMORY(workstation_dn);
+
+ /* Lookup for attributes in workstation object */
+ ret1 = gendb_search_dn(sam_ctx, mem_ctx, workstation_dn,
+ &res1, attrs2);
+ if (ret1 != 1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
- info1 = talloc(mem_ctx, struct netr_DomainInfo1);
- NT_STATUS_HAVE_NO_MEMORY(info1);
+ /* Gets the old DNS hostname */
+ old_dns_hostname = samdb_result_string(res1[0], "dNSHostName",
+ NULL);
- ZERO_STRUCTP(info1);
+ /* Gets host informations and put them in our directory */
+ new_msg = ldb_msg_new(mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(new_msg);
- info1->num_trusts = ret2 + 1;
- info1->trusts = talloc_array(mem_ctx, struct netr_DomainTrustInfo,
- info1->num_trusts);
- NT_STATUS_HAVE_NO_MEMORY(info1->trusts);
+ new_msg->dn = workstation_dn;
- status = fill_domain_trust_info(mem_ctx, dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res1[0], &info1->domaininfo,
- true, false);
- NT_STATUS_NOT_OK_RETURN(status);
+ /* Deletes old OS version values */
+ samdb_msg_add_delete(sam_ctx, mem_ctx, new_msg,
+ "operatingSystemServicePack");
+ samdb_msg_add_delete(sam_ctx, mem_ctx, new_msg,
+ "operatingSystemVersion");
+
+ if (samdb_replace(sam_ctx, mem_ctx, new_msg) != LDB_SUCCESS) {
+ DEBUG(3,("Impossible to update samdb: %s\n",
+ ldb_errstring(sam_ctx)));
+ }
+
+ talloc_free(new_msg);
+
+ new_msg = ldb_msg_new(mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(new_msg);
+
+ new_msg->dn = workstation_dn;
+
+ /* Sets the OS name */
+ samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
+ "operatingSystem",
+ r->in.query->workstation_info->os_name.string);
+
+ if (r->in.query->workstation_info->dns_hostname) {
+ /* TODO: should this always be done? */
+ samdb_msg_add_string(sam_ctx, mem_ctx, new_msg,
+ "dNSHostname",
+ r->in.query->workstation_info->dns_hostname);
+ }
+
+ /*
+ * Sets informations from "os_version". On a empty structure
+ * the values are cleared.
+ */
+ if (r->in.query->workstation_info->os_version.os != NULL) {
+ os_version = &r->in.query->workstation_info->os_version.os->os;
+
+ samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
+ "operatingSystemServicePack",
+ os_version->CSDVersion);
+
+ samdb_msg_set_string(sam_ctx, mem_ctx, new_msg,
+ "operatingSystemVersion",
+ talloc_asprintf(mem_ctx, "%d.%d (%d)",
+ os_version->MajorVersion,
+ os_version->MinorVersion,
+ os_version->BuildNumber
+ )
+ );
+ }
+
+ /*
+ * Updates the "dNSHostname" and the "servicePrincipalName"s
+ * since the client wishes that the server should handle this
+ * for him ("NETR_WS_FLAG_HANDLES_SPN_UPDATE" not set).
+ * See MS-NRPC section 3.5.4.3.9
+ */
+ if ((r->in.query->workstation_info->workstation_flags
+ & NETR_WS_FLAG_HANDLES_SPN_UPDATE) == 0) {
+
+ samdb_msg_add_string(sam_ctx, mem_ctx, new_msg,
+ "servicePrincipalName",
+ talloc_asprintf(mem_ctx, "HOST/%s",
+ r->in.computer_name)
+ );
+ samdb_msg_add_string(sam_ctx, mem_ctx, new_msg,
+ "servicePrincipalName",
+ talloc_asprintf(mem_ctx, "HOST/%s",
+ r->in.query->workstation_info->dns_hostname)
+ );
+ }
+
+ if (samdb_replace(sam_ctx, mem_ctx, new_msg) != LDB_SUCCESS) {
+ DEBUG(3,("Impossible to update samdb: %s\n",
+ ldb_errstring(sam_ctx)));
+ }
- for (i=0;i<ret2;i++) {
- status = fill_domain_trust_info(mem_ctx, dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res2[i], &info1->trusts[i],
- false, true);
+ talloc_free(new_msg);
+
+ /* Writes back the domain information */
+
+ /* We need to do two searches. The first will pull our primary
+ domain and the second will pull any trusted domains. Our
+ primary domain is also a "trusted" domain, so we need to
+ put the primary domain into the lists of returned trusts as
+ well. */
+ ret2 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
+ &res2, attrs);
+ if (ret2 != 1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ ret3 = gendb_search(sam_ctx, mem_ctx, NULL, &res3, attrs,
+ "(objectClass=trustedDomain)");
+ if (ret3 == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ domain_info = talloc(mem_ctx, struct netr_DomainInformation);
+ NT_STATUS_HAVE_NO_MEMORY(domain_info);
+
+ ZERO_STRUCTP(domain_info);
+
+ /* Informations about the local and trusted domains */
+
+ status = fill_one_domain_info(mem_ctx,
+ dce_call->conn->dce_ctx->lp_ctx,
+ sam_ctx, res2[0], &domain_info->primary_domain,
+ true, false);
NT_STATUS_NOT_OK_RETURN(status);
- }
- status = fill_domain_trust_info(mem_ctx, dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res1[0], &info1->trusts[i],
- true, true);
- NT_STATUS_NOT_OK_RETURN(status);
+ domain_info->trusted_domain_count = ret3 + 1;
+ domain_info->trusted_domains = talloc_array(mem_ctx,
+ struct netr_OneDomainInfo,
+ domain_info->trusted_domain_count);
+ NT_STATUS_HAVE_NO_MEMORY(domain_info->trusted_domains);
+
+ for (i=0;i<ret3;i++) {
+ status = fill_one_domain_info(mem_ctx,
+ dce_call->conn->dce_ctx->lp_ctx,
+ sam_ctx, res3[i],
+ &domain_info->trusted_domains[i],
+ false, true);
+ NT_STATUS_NOT_OK_RETURN(status);
+ }
+
+ status = fill_one_domain_info(mem_ctx,
+ dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res2[0],
+ &domain_info->trusted_domains[i], true, true);
+ NT_STATUS_NOT_OK_RETURN(status);
+
+ /* Sets the supported encryption types */
+ domain_info->supported_enc_types = samdb_result_uint(res1[0],
+ "msDS-SupportedEncryptionTypes",
+ default_supported_enc_types);
+
+ /* Other host domain informations */
+
+ lsa_policy_info = talloc(mem_ctx,
+ struct netr_LsaPolicyInformation);
+ NT_STATUS_HAVE_NO_MEMORY(lsa_policy_info);
+ ZERO_STRUCTP(lsa_policy_info);
+
+ domain_info->lsa_policy = *lsa_policy_info;
- info1->dns_hostname.string = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
- info1->workstation_flags =
- NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS | NETR_WS_FLAG_HANDLES_SPN_UPDATE;
- info1->supported_enc_types = 0; /* w2008 gives this 0 */
+ domain_info->dns_hostname.string = old_dns_hostname;
+ domain_info->workstation_flags =
+ r->in.query->workstation_info->workstation_flags;
- r->out.info->info1 = info1;
+ r->out.info->domain_info = domain_info;
+ break;
+ case 2: /* LSA policy information - not used at the moment */
+ lsa_policy_info = talloc(mem_ctx,
+ struct netr_LsaPolicyInformation);
+ NT_STATUS_HAVE_NO_MEMORY(lsa_policy_info);
+ ZERO_STRUCTP(lsa_policy_info);
+
+ r->out.info->lsa_policy_info = lsa_policy_info;
+ break;
+ default:
+ return NT_STATUS_INVALID_LEVEL;
+ break;
+ }
return NT_STATUS_OK;
}
sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
if (sam_ctx == NULL) {
- return WERR_DS_SERVICE_UNAVAILABLE;
+ return WERR_DS_UNAVAILABLE;
}
- /* Win7-beta will send the domain name in the form the user typed, so we have to cope
- with both the short and long form here */
- if (r->in.domain_name != NULL && !lp_is_my_domain_or_realm(dce_call->conn->dce_ctx->lp_ctx,
- r->in.domain_name)) {
+ /* Windows 7 sends the domain name in the form the user typed, so we
+ * have to cope with both the short and long form here */
+ if (r->in.domain_name != NULL &&
+ !lp_is_my_domain_or_realm(dce_call->conn->dce_ctx->lp_ctx,
+ r->in.domain_name)) {
return WERR_NO_SUCH_DOMAIN;
}
domain_dn = ldb_get_default_basedn(sam_ctx);
if (domain_dn == NULL) {
- return WERR_DS_SERVICE_UNAVAILABLE;
+ return WERR_DS_UNAVAILABLE;
}
ret = gendb_search_dn(sam_ctx, mem_ctx,
*/
info->dc_unc = talloc_asprintf(mem_ctx, "\\\\%s.%s",
lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx),
- lp_realm(dce_call->conn->dce_ctx->lp_ctx));
+ lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx));
W_ERROR_HAVE_NO_MEMORY(info->dc_unc);
info->dc_address = talloc_strdup(mem_ctx, "\\\\0.0.0.0");
W_ERROR_HAVE_NO_MEMORY(info->dc_address);
info->dc_address_type = DS_ADDRESS_TYPE_INET;
info->domain_guid = samdb_result_guid(res[0], "objectGUID");
- info->domain_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
- info->forest_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
- info->dc_flags = DS_DNS_FOREST |
+ info->domain_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
+ info->forest_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
+ info->dc_flags = DS_DNS_FOREST_ROOT |
DS_DNS_DOMAIN |
DS_DNS_CONTROLLER |
DS_SERVER_WRITABLE |
DS_SERVER_LDAP |
DS_SERVER_GC |
DS_SERVER_PDC;
- info->dc_site_name = talloc_strdup(mem_ctx, "Default-First-Site-Name");
+ info->dc_site_name = samdb_server_site_name(sam_ctx, mem_ctx);
W_ERROR_HAVE_NO_MEMORY(info->dc_site_name);
+ /* FIXME: Hardcoded site name */
info->client_site_name = talloc_strdup(mem_ctx, "Default-First-Site-Name");
W_ERROR_HAVE_NO_MEMORY(info->client_site_name);
netr_DsRAddressToSitenamesExW
*/
static WERROR dcesrv_netr_DsRAddressToSitenamesExW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct netr_DsRAddressToSitenamesExW *r)
+ struct netr_DsRAddressToSitenamesExW *r)
{
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct netr_DsRAddressToSitenamesExWCtr *ctr;
+ int i;
+
+ /* we should map the provided IPs to site names, once we have
+ * sites support
+ */
+ ctr = talloc(mem_ctx, struct netr_DsRAddressToSitenamesExWCtr);
+ W_ERROR_HAVE_NO_MEMORY(ctr);
+
+ *r->out.ctr = ctr;
+
+ ctr->count = r->in.count;
+ ctr->sitename = talloc_array(ctr, struct lsa_String, ctr->count);
+ W_ERROR_HAVE_NO_MEMORY(ctr->sitename);
+ ctr->subnetname = talloc_array(ctr, struct lsa_String, ctr->count);
+ W_ERROR_HAVE_NO_MEMORY(ctr->subnetname);
+
+ for (i=0; i<ctr->count; i++) {
+ /* FIXME: Hardcoded site name */
+ ctr->sitename[i].string = "Default-First-Site-Name";
+ ctr->subnetname[i].string = NULL;
+ }
+
+ return WERR_OK;
}
/* TODO: add filtering by trust_flags, and correct trust_type
and attributes */
trusts->array[0].netbios_name = lp_sam_name(dce_call->conn->dce_ctx->lp_ctx);
- trusts->array[0].dns_name = lp_realm(dce_call->conn->dce_ctx->lp_ctx);
+ trusts->array[0].dns_name = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx);
trusts->array[0].trust_flags =
NETR_TRUST_FLAG_TREEROOT |
NETR_TRUST_FLAG_IN_FOREST |