2 Unix SMB/CIFS implementation.
4 endpoint server for the lsarpc pipe
6 Copyright (C) Andrew Tridgell 2004
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpc_server/common/common.h"
27 this type allows us to distinguish handle types
36 state associated with a lsa_OpenPolicy() operation
38 struct lsa_policy_state {
43 const char *domain_dn;
50 static void lsa_Policy_close(struct lsa_policy_state *state)
52 state->reference_count--;
53 if (state->reference_count == 0) {
54 samdb_close(state->sam_ctx);
55 talloc_destroy(state->mem_ctx);
60 destroy an open policy. This closes the database connection
62 static void lsa_Policy_destroy(struct dcesrv_connection *conn, struct dcesrv_handle *h)
64 struct lsa_policy_state *state = h->data;
65 lsa_Policy_close(state);
71 static NTSTATUS lsa_Close(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
74 struct dcesrv_handle *h;
76 *r->out.handle = *r->in.handle;
78 DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
80 /* this causes the callback samr_XXX_destroy() to be called by
81 the handle destroy code which destroys the state associated
83 dcesrv_handle_destroy(dce_call->conn, h);
85 ZERO_STRUCTP(r->out.handle);
94 static NTSTATUS lsa_Delete(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
97 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
104 static NTSTATUS lsa_EnumPrivs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
105 struct lsa_EnumPrivs *r)
107 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
114 static NTSTATUS lsa_QuerySecObj(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
115 struct lsa_QuerySecObj *r)
117 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
124 static NTSTATUS lsa_SetSecObj(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
125 struct lsa_SetSecObj *r)
127 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
134 static NTSTATUS lsa_ChangePassword(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
135 struct lsa_ChangePassword *r)
137 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
144 static NTSTATUS lsa_OpenPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
145 struct lsa_OpenPolicy *r)
147 struct lsa_policy_state *state;
148 struct dcesrv_handle *handle;
149 TALLOC_CTX *lsa_mem_ctx;
151 ZERO_STRUCTP(r->out.handle);
153 lsa_mem_ctx = talloc_init("lsa_OpenPolicy");
155 return NT_STATUS_NO_MEMORY;
158 state = talloc_p(lsa_mem_ctx, struct lsa_policy_state);
160 return NT_STATUS_NO_MEMORY;
162 state->mem_ctx = lsa_mem_ctx;
164 /* make sure the sam database is accessible */
165 state->sam_ctx = samdb_connect();
166 if (state->sam_ctx == NULL) {
167 talloc_destroy(state->mem_ctx);
168 return NT_STATUS_INVALID_SYSTEM_SERVICE;
171 /* work out the domain_dn - useful for so many calls its worth
173 state->domain_dn = samdb_search_string(state->sam_ctx, state->mem_ctx, NULL,
174 "dn", "(&(objectClass=domain)(!(objectclass=builtinDomain)))");
175 if (!state->domain_dn) {
176 samdb_close(state->sam_ctx);
177 talloc_destroy(state->mem_ctx);
178 return NT_STATUS_NO_SUCH_DOMAIN;
181 handle = dcesrv_handle_new(dce_call->conn, LSA_HANDLE_POLICY);
183 talloc_destroy(state->mem_ctx);
184 return NT_STATUS_NO_MEMORY;
187 handle->data = state;
188 handle->destroy = lsa_Policy_destroy;
190 state->reference_count = 1;
191 state->access_mask = r->in.access_mask;
192 *r->out.handle = handle->wire_handle;
194 /* note that we have completely ignored the attr element of
195 the OpenPolicy. As far as I can tell, this is what w2k3
203 fill in the AccountDomain info
205 static NTSTATUS lsa_info_AccountDomain(struct lsa_policy_state *state, TALLOC_CTX *mem_ctx,
206 struct lsa_DomainInfo *info)
208 const char * const attrs[] = { "objectSid", "name", NULL};
210 struct ldb_message **res;
212 ret = samdb_search(state->sam_ctx, mem_ctx, NULL, &res, attrs,
213 "dn=%s", state->domain_dn);
215 return NT_STATUS_INTERNAL_DB_CORRUPTION;
218 info->name.name = samdb_result_string(res[0], "name", NULL);
219 info->sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid");
227 static NTSTATUS lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
228 struct lsa_QueryInfoPolicy *r)
230 struct lsa_policy_state *state;
231 struct dcesrv_handle *h;
235 DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
239 r->out.info = talloc_p(mem_ctx, union lsa_PolicyInformation);
241 return NT_STATUS_NO_MEMORY;
244 ZERO_STRUCTP(r->out.info);
246 switch (r->in.level) {
247 case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
248 return lsa_info_AccountDomain(state, mem_ctx, &r->out.info->account_domain);
251 return NT_STATUS_INVALID_INFO_CLASS;
258 static NTSTATUS lsa_SetInfoPolicy(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
259 struct lsa_SetInfoPolicy *r)
261 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
268 static NTSTATUS lsa_ClearAuditLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
269 struct lsa_ClearAuditLog *r)
271 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
278 static NTSTATUS lsa_CreateAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
279 struct lsa_CreateAccount *r)
281 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
288 static NTSTATUS lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
289 struct lsa_EnumAccounts *r)
291 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
296 lsa_CreateTrustedDomain
298 static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
299 struct lsa_CreateTrustedDomain *r)
301 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
308 static NTSTATUS lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
309 struct lsa_EnumTrustDom *r)
311 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
318 static NTSTATUS lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
319 struct lsa_LookupNames *r)
321 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
328 static NTSTATUS lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
329 struct lsa_LookupSids *r)
331 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
338 static NTSTATUS lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
339 struct lsa_CreateSecret *r)
341 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
348 static NTSTATUS lsa_OpenAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
349 struct lsa_OpenAccount *r)
351 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
358 static NTSTATUS lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
359 struct lsa_EnumPrivsAccount *r)
361 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
368 static NTSTATUS ADDPRIVS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
371 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
378 static NTSTATUS REMOVEPRIVS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
379 struct REMOVEPRIVS *r)
381 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
388 static NTSTATUS GETQUOTAS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
391 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
398 static NTSTATUS SETQUOTAS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
401 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
408 static NTSTATUS GETSYSTEMACCOUNT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
409 struct GETSYSTEMACCOUNT *r)
411 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
418 static NTSTATUS SETSYSTEMACCOUNT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
419 struct SETSYSTEMACCOUNT *r)
421 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
428 static NTSTATUS OPENTRUSTDOM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
429 struct OPENTRUSTDOM *r)
431 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
438 static NTSTATUS QUERYTRUSTDOM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
439 struct QUERYTRUSTDOM *r)
441 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
448 static NTSTATUS SETINFOTRUSTDOM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
449 struct SETINFOTRUSTDOM *r)
451 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
458 static NTSTATUS lsa_OpenSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
459 struct lsa_OpenSecret *r)
461 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
468 static NTSTATUS lsa_SetSecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
469 struct lsa_SetSecret *r)
471 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
478 static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
479 struct lsa_QuerySecret *r)
481 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
488 static NTSTATUS LOOKUPPRIVVALUE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
489 struct LOOKUPPRIVVALUE *r)
491 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
498 static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
499 struct lsa_LookupPrivName *r)
501 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
508 static NTSTATUS PRIV_GET_DISPNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
509 struct PRIV_GET_DISPNAME *r)
511 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
518 static NTSTATUS DELETEOBJECT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
519 struct DELETEOBJECT *r)
521 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
528 static NTSTATUS ENUMACCTWITHRIGHT(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
529 struct ENUMACCTWITHRIGHT *r)
531 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
536 lsa_EnumAccountRights
538 static NTSTATUS lsa_EnumAccountRights(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
539 struct lsa_EnumAccountRights *r)
541 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
548 static NTSTATUS ADDACCTRIGHTS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
549 struct ADDACCTRIGHTS *r)
551 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
558 static NTSTATUS REMOVEACCTRIGHTS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
559 struct REMOVEACCTRIGHTS *r)
561 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
568 static NTSTATUS QUERYTRUSTDOMINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
569 struct QUERYTRUSTDOMINFO *r)
571 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
578 static NTSTATUS SETTRUSTDOMINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
579 struct SETTRUSTDOMINFO *r)
581 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
588 static NTSTATUS DELETETRUSTDOM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
589 struct DELETETRUSTDOM *r)
591 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
598 static NTSTATUS STOREPRIVDATA(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
599 struct STOREPRIVDATA *r)
601 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
608 static NTSTATUS RETRPRIVDATA(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
609 struct RETRPRIVDATA *r)
611 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
618 static NTSTATUS lsa_OpenPolicy2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
619 struct lsa_OpenPolicy2 *r)
621 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
628 static NTSTATUS UNK_GET_CONNUSER(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
629 struct UNK_GET_CONNUSER *r)
631 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
638 static NTSTATUS QUERYINFO2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
639 struct QUERYINFO2 *r)
641 DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
645 /* include the generated boilerplate */
646 #include "librpc/gen_ndr/ndr_lsa_s.c"