r9888: add IDL for lsa_QueryDomainInformationPolicy to query Kerberos Settings.

author Günther Deschner <gd@samba.org>

Thu, 1 Sep 2005 10:36:48 +0000 (10:36 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:36:20 +0000 (13:36 -0500)
author Günther Deschner <gd@samba.org>
Thu, 1 Sep 2005 10:36:48 +0000 (10:36 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:36:20 +0000 (13:36 -0500)
diff --git a/source/librpc/idl/lsa.idl b/source/librpc/idl/lsa.idl

index 83251b37db806461bdd987ff3353e4a6f630aa68..0927e6ef85f50af46e3d297e8932240b39b898d4 100644 (file)
--- a/source/librpc/idl/lsa.idl
+++ b/source/librpc/idl/lsa.idl
@@ -738,10 +738,45 @@
         NTSTATUS lsa_CloseTrustedDomainEx();
  
         /* Function 0x35 */
-       NTSTATUS lsa_QueryDomainInformationPolicy();
+
+       /* w2k3 returns either 0x000bbbd000000000 or 0x000a48e800000000 
+          for unknown6 - gd */
+       typedef struct {
+               uint32 enforce_restrictions;
+               hyper service_tkt_lifetime;
+               hyper user_tkt_lifetime;
+               hyper user_tkt_renewaltime;
+               hyper clock_skew;
+               hyper unknown6;
+       } lsa_DomainInfoKerberos;
+
+       typedef struct {
+               uint32 blob_size;
+               [size_is(blob_size)] uint8 *efs_blob;
+       } lsa_DomainInfoEfs;
+
+       typedef enum {
+               LSA_DOMAIN_INFO_POLICY_EFS=2,
+               LSA_DOMAIN_INFO_POLICY_KERBEROS=3
+       } lsa_DomainInfoEnum;
+
+       typedef [switch_type(uint16)] union {
+               [case(LSA_DOMAIN_INFO_POLICY_EFS)]      lsa_DomainInfoEfs       efs_info;
+               [case(LSA_DOMAIN_INFO_POLICY_KERBEROS)] lsa_DomainInfoKerberos  kerberos_info;
+       } lsa_DomainInformationPolicy;
+
+       NTSTATUS lsa_QueryDomainInformationPolicy(
+               [in,ref]                policy_handle *handle,
+               [in]                    uint16 level,
+               [out,switch_is(level)]  lsa_DomainInformationPolicy *info
+               );
  
         /* Function 0x36 */
-       NTSTATUS lsa_SetDomInfoPolicy();
+       NTSTATUS lsa_SetDomainInformationPolicy(
+               [in,ref]                policy_handle *handle,
+               [in]                    uint16 level,
+               [in,switch_is(level)]   lsa_DomainInformationPolicy *info
+               );
  
         /**********************/
         /* Function 0x37 */
diff --git a/source/rpc_server/lsa/dcesrv_lsa.c b/source/rpc_server/lsa/dcesrv_lsa.c

index b976330bee948af2f82f5ca39717ac3c39f6ad1e..55fc9920809847bf768767adef38162de7c8e37f 100644 (file)
--- a/source/rpc_server/lsa/dcesrv_lsa.c
+++ b/source/rpc_server/lsa/dcesrv_lsa.c
@@ -2479,9 +2479,9 @@ static NTSTATUS lsa_QueryDomainInformationPolicy(struct dcesrv_call_state *dce_c
  /*
    lsa_SetDomInfoPolicy
  */
-static NTSTATUS lsa_SetDomInfoPolicy(struct dcesrv_call_state *dce_call,
-                                    TALLOC_CTX *mem_ctx,
-                                    struct lsa_SetDomInfoPolicy *r)
+static NTSTATUS lsa_SetDomainInformationPolicy(struct dcesrv_call_state *dce_call,
+                                             TALLOC_CTX *mem_ctx,
+                                             struct lsa_SetDomainInformationPolicy *r)
  {
         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
  }
diff --git a/source/torture/rpc/lsa.c b/source/torture/rpc/lsa.c

index f723f68a0226e087f0063aba53065863f7e9996d..7630056503c56897bd8e7002ce3c4ae29d2868cb 100644 (file)
--- a/source/torture/rpc/lsa.c
+++ b/source/torture/rpc/lsa.c
@@ -1477,6 +1477,35 @@ static BOOL test_CreateTrustedDomain(struct dcerpc_pipe *p,
         return ret;
  }
  
+static BOOL test_QueryDomainInfoPolicy(struct dcerpc_pipe *p, 
+                                TALLOC_CTX *mem_ctx, 
+                                struct policy_handle *handle)
+{
+       struct lsa_QueryDomainInformationPolicy r;
+       NTSTATUS status;
+       int i;
+       BOOL ret = True;
+       printf("\nTesting QueryDomainInformationPolicy\n");
+
+       for (i=2;i<4;i++) {
+               r.in.handle = handle;
+               r.in.level = i;
+
+               printf("\ntrying QueryDomainInformationPolicy level %d\n", i);
+
+               status = dcerpc_lsa_QueryDomainInformationPolicy(p, mem_ctx, &r);
+
+               if (!NT_STATUS_IS_OK(status)) {
+                       printf("QueryDomainInformationPolicy failed - %s\n", nt_errstr(status));
+                       ret = False;
+                       continue;
+               }
+       }
+
+       return ret;
+}
+
+
  static BOOL test_QueryInfoPolicy(struct dcerpc_pipe *p, 
                                  TALLOC_CTX *mem_ctx, 
                                  struct policy_handle *handle)
@@ -1630,6 +1659,10 @@ BOOL torture_rpc_lsa(void)
                 ret = False;
         }
  
+       if (!test_QueryDomainInfoPolicy(p, mem_ctx, &handle)) {
+               ret = False;
+       }
+
         if (!test_many_LookupSids(p, mem_ctx, &handle)) {
                 ret = False;
         }
author	Günther Deschner <gd@samba.org>
	Thu, 1 Sep 2005 10:36:48 +0000 (10:36 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:36:20 +0000 (13:36 -0500)
source/librpc/idl/lsa.idl		patch \| blob \| history
source/rpc_server/lsa/dcesrv_lsa.c		patch \| blob \| history
source/torture/rpc/lsa.c		patch \| blob \| history