/******************/
/* Function: 0x00 */
NTSTATUS lsa_Close (
- [in,ref] policy_handle *handle
+ [in,out,ref] policy_handle *handle
);
typedef struct {
lsa_Name name;
dom_sid2 *sid;
- } lsa_TrustInformation;
+ } lsa_DomainInformation;
typedef struct {
uint32 count;
- [size_is(count)] lsa_TrustInformation *domains;
- uint32 max_count;
- } lsa_RefDomainList;
+ [size_is(count)] lsa_DomainInformation *domains;
+ } lsa_DomainList;
NTSTATUS lsa_EnumTrustDom (
[in,ref] policy_handle *handle,
[in,out,ref] uint32 *resume_handle,
[in] uint32 num_entries,
- [out] lsa_RefDomainList *domains
+ [out,ref] lsa_DomainList *domains
);
[size_is(count)] lsa_TranslatedSid *sids;
} lsa_TransSidArray;
+ typedef struct {
+ lsa_Name name;
+ dom_sid2 *sid;
+ } lsa_TrustInformation;
+
+ typedef struct {
+ uint32 count;
+ [size_is(count)] lsa_TrustInformation *domains;
+ uint32 max_count;
+ } lsa_RefDomainList;
+
NTSTATUS lsa_LookupNames (
[in,ref] policy_handle *handle,
[in] uint32 num_names,
/* Function: 0x10 */
NTSTATUS CREATESECRET ();
- /* Function: 0x11 */
- NTSTATUS OPENACCOUNT ();
+
+
+ /*****************************************/
+ /* Function: 0x11 */
+ NTSTATUS lsa_OpenAccount (
+ [in,ref] policy_handle *handle,
+ [in,ref] dom_sid2 *sid,
+ [in] uint32 desired_access,
+ [out,ref] policy_handle *acct_handle
+ );
+
+
/* Function: 0x12 */
NTSTATUS ENUMPRIVSACCOUNT ();
/* Function: 0x13 */
NTSTATUS ndr_pull_lsa_Close(struct ndr_pull *ndr, struct lsa_Close *r)
{
+ NDR_CHECK(ndr_pull_policy_handle(ndr, r->out.handle));
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
return NT_STATUS_OK;
return NT_STATUS_OK;
}
-static NTSTATUS ndr_push_lsa_TrustInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_TrustInformation *r)
+static NTSTATUS ndr_push_lsa_DomainInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_DomainInformation *r)
{
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name));
return NT_STATUS_OK;
}
-static NTSTATUS ndr_pull_lsa_TrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_TrustInformation *r)
+static NTSTATUS ndr_pull_lsa_DomainInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_DomainInformation *r)
{
uint32 _ptr_sid;
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
return NT_STATUS_OK;
}
-static NTSTATUS ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_RefDomainList *r)
+static NTSTATUS ndr_push_lsa_DomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_DomainList *r)
{
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
NDR_CHECK(ndr_push_uint32(ndr, r->count));
NDR_CHECK(ndr_push_ptr(ndr, r->domains));
- NDR_CHECK(ndr_push_uint32(ndr, r->max_count));
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->domains) {
- NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TrustInformation));
+ NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_DomainInformation));
}
done:
return NT_STATUS_OK;
}
-static NTSTATUS ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r)
+static NTSTATUS ndr_pull_lsa_DomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_DomainList *r)
{
uint32 _ptr_domains;
if (!(ndr_flags & NDR_SCALARS)) goto buffers;
} else {
r->domains = NULL;
}
- NDR_CHECK(ndr_pull_uint32(ndr, &r->max_count));
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->domains) {
NDR_ALLOC_N_SIZE(ndr, r->domains, r->count, sizeof(r->domains[0]));
- NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TrustInformation));
+ NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_DomainInformation));
}
done:
return NT_STATUS_OK;
NTSTATUS ndr_pull_lsa_EnumTrustDom(struct ndr_pull *ndr, struct lsa_EnumTrustDom *r)
{
- uint32 _ptr_domains;
NDR_CHECK(ndr_pull_uint32(ndr, r->out.resume_handle));
- NDR_ALLOC(ndr, r->out.domains);
- NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains));
- if (_ptr_domains) {
- NDR_ALLOC(ndr, r->out.domains);
- } else {
- r->out.domains = NULL;
- }
- if (r->out.domains) {
- NDR_CHECK(ndr_pull_lsa_RefDomainList(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.domains));
- }
+ NDR_CHECK(ndr_pull_lsa_DomainList(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.domains));
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
return NT_STATUS_OK;
return NT_STATUS_OK;
}
+static NTSTATUS ndr_push_lsa_TrustInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_TrustInformation *r)
+{
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name));
+ NDR_CHECK(ndr_push_ptr(ndr, r->sid));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name));
+ if (r->sid) {
+ NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_TrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_TrustInformation *r)
+{
+ uint32 _ptr_sid;
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name));
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sid));
+ if (_ptr_sid) {
+ NDR_ALLOC(ndr, r->sid);
+ } else {
+ r->sid = NULL;
+ }
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name));
+ if (r->sid) {
+ NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_RefDomainList *r)
+{
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_push_uint32(ndr, r->count));
+ NDR_CHECK(ndr_push_ptr(ndr, r->domains));
+ NDR_CHECK(ndr_push_uint32(ndr, r->max_count));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ if (r->domains) {
+ NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TrustInformation));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r)
+{
+ uint32 _ptr_domains;
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_pull_uint32(ndr, &r->count));
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains));
+ if (_ptr_domains) {
+ NDR_ALLOC(ndr, r->domains);
+ } else {
+ r->domains = NULL;
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, &r->max_count));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ if (r->domains) {
+ NDR_ALLOC_N_SIZE(ndr, r->domains, r->count, sizeof(r->domains[0]));
+ NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TrustInformation));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
NTSTATUS ndr_push_lsa_LookupNames(struct ndr_push *ndr, struct lsa_LookupNames *r)
{
NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
return NT_STATUS_OK;
}
-NTSTATUS ndr_push_OPENACCOUNT(struct ndr_push *ndr, struct OPENACCOUNT *r)
+NTSTATUS ndr_push_lsa_OpenAccount(struct ndr_push *ndr, struct lsa_OpenAccount *r)
{
+ NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+ NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid));
+ NDR_CHECK(ndr_push_uint32(ndr, r->in.desired_access));
return NT_STATUS_OK;
}
-NTSTATUS ndr_pull_OPENACCOUNT(struct ndr_pull *ndr, struct OPENACCOUNT *r)
+NTSTATUS ndr_pull_lsa_OpenAccount(struct ndr_pull *ndr, struct lsa_OpenAccount *r)
{
+ NDR_CHECK(ndr_pull_policy_handle(ndr, r->out.acct_handle));
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
return NT_STATUS_OK;
} in;
struct {
+ struct policy_handle *handle;
NTSTATUS result;
} out;
};
-struct lsa_TrustInformation {
+struct lsa_DomainInformation {
struct lsa_Name name;
struct dom_sid2 *sid;
};
-struct lsa_RefDomainList {
+struct lsa_DomainList {
uint32 count;
- struct lsa_TrustInformation *domains;
- uint32 max_count;
+ struct lsa_DomainInformation *domains;
};
struct lsa_EnumTrustDom {
struct {
uint32 *resume_handle;
- struct lsa_RefDomainList *domains;
+ struct lsa_DomainList *domains;
NTSTATUS result;
} out;
struct lsa_TranslatedSid *sids;
};
+struct lsa_TrustInformation {
+ struct lsa_Name name;
+ struct dom_sid2 *sid;
+};
+
+struct lsa_RefDomainList {
+ uint32 count;
+ struct lsa_TrustInformation *domains;
+ uint32 max_count;
+};
+
struct lsa_LookupNames {
struct {
struct policy_handle *handle;
};
-struct OPENACCOUNT {
+struct lsa_OpenAccount {
struct {
+ struct policy_handle *handle;
+ struct dom_sid2 *sid;
+ uint32 desired_access;
} in;
struct {
+ struct policy_handle *acct_handle;
NTSTATUS result;
} out;
#define DCERPC_LSA_LOOKUPNAMES 14
#define DCERPC_LSA_LOOKUPSIDS 15
#define DCERPC_CREATESECRET 16
-#define DCERPC_OPENACCOUNT 17
+#define DCERPC_LSA_OPENACCOUNT 17
#define DCERPC_ENUMPRIVSACCOUNT 18
#define DCERPC_ADDPRIVS 19
#define DCERPC_REMOVEPRIVS 20
goto failed;
}
+ if (pull->offset != pull->data_size) {
+ DEBUG(0,("Warning! %d unread bytes\n", pull->data_size - pull->offset));
+ }
+
failed:
ndr_push_free(push);
return status;
return r->out.result;
}
-NTSTATUS dcerpc_OPENACCOUNT(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct OPENACCOUNT *r)
+NTSTATUS dcerpc_lsa_OpenAccount(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct lsa_OpenAccount *r)
{
NTSTATUS status;
- status = dcerpc_ndr_request(p, DCERPC_OPENACCOUNT, mem_ctx,
- (ndr_push_fn_t) ndr_push_OPENACCOUNT,
- (ndr_pull_fn_t) ndr_pull_OPENACCOUNT,
+ status = dcerpc_ndr_request(p, DCERPC_LSA_OPENACCOUNT, mem_ctx,
+ (ndr_push_fn_t) ndr_push_lsa_OpenAccount,
+ (ndr_pull_fn_t) ndr_pull_lsa_OpenAccount,
r);
if (!NT_STATUS_IS_OK(status)) {
return status;
r.out.sids = &sids;
status = dcerpc_lsa_LookupNames(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
printf("LookupNames failed - %s\n", nt_errstr(status));
return False;
}
r.out.names = &names;
status = dcerpc_lsa_LookupSids(p, mem_ctx, &r);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
printf("LookupSids failed - %s\n", nt_errstr(status));
return False;
}
return True;
}
+static BOOL test_OpenAccount(struct dcerpc_pipe *p,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle,
+ struct dom_sid *sid)
+{
+ NTSTATUS status;
+ struct lsa_OpenAccount r;
+ struct policy_handle acct_handle;
+
+ printf("Testing account %s\n", lsa_sid_string_talloc(mem_ctx, sid));
+
+ r.in.handle = handle;
+ r.in.sid = sid;
+ r.in.desired_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ r.out.acct_handle = &acct_handle;
+
+ status = dcerpc_lsa_OpenAccount(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenAccount failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
static BOOL test_EnumAccounts(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle)
if (!test_LookupSids(p, mem_ctx, handle, &sids1)) {
return False;
}
+
+ printf("testing all accounts\n");
+ for (i=0;i<sids1.num_sids;i++) {
+ test_OpenAccount(p, mem_ctx, handle, sids1.sids[i].sid);
+ }
+ printf("\n");
if (sids1.num_sids < 3) {
return True;
NTSTATUS status;
int i;
uint32 resume_handle = 0;
+ struct lsa_RefDomainList domains;
printf("\nTesting EnumTrustDom\n");
r.in.handle = handle;
r.in.resume_handle = &resume_handle;
r.in.num_entries = 1000;
+ r.out.domains = &domains;
r.out.resume_handle = &resume_handle;
status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r);
return False;
}
- if (r.out.domains) {
- printf("lookup gave %d domains (max_count=%d)\n",
- r.out.domains->count,
- r.out.domains->max_count);
- for (i=0;i<r.out.domains->count;i++) {
- printf("name='%s' sid=%s\n",
- r.out.domains->domains[i].name.name,
- lsa_sid_string_talloc(mem_ctx, r.out.domains->domains[i].sid));
- }
+ printf("lookup gave %d domains (max_count=%d)\n",
+ domains.count,
+ domains.max_count);
+ for (i=0;i<r.out.domains->count;i++) {
+ printf("name='%s' sid=%s\n",
+ domains.domains[i].name.name,
+ lsa_sid_string_talloc(mem_ctx, domains.domains[i].sid));
}
return True;
{
NTSTATUS status;
struct lsa_Close r;
+ struct policy_handle handle2;
printf("\ntesting Close\n");
r.in.handle = handle;
+ r.out.handle = &handle2;
+
status = dcerpc_lsa_Close(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
printf("Close failed - %s\n", nt_errstr(status));
git.samba.org / ira / wip.git / commitdiff