2 * Unix SMB/CIFS implementation.
4 * Winbind rpc backend functions
6 * Copyright (c) 2000-2003 Tim Potter
7 * Copyright (c) 2001 Andrew Tridgell
8 * Copyright (c) 2005 Volker Lendecke
9 * Copyright (c) 2008 Guenther Deschner (pidl conversion)
10 * Copyright (c) 2010 Andreas Schneider <asn@samba.org>
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 3 of the License, or
15 * (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "winbindd_rpc.h"
30 #include "../librpc/gen_ndr/ndr_samr_c.h"
31 #include "rpc_client/cli_samr.h"
32 #include "../librpc/gen_ndr/srv_samr.h"
33 #include "../librpc/gen_ndr/ndr_lsa_c.h"
34 #include "rpc_client/cli_lsarpc.h"
35 #include "../librpc/gen_ndr/srv_lsa.h"
36 #include "rpc_server/rpc_ncacn_np.h"
37 #include "../libcli/security/security.h"
38 #include "passdb/machine_sid.h"
42 #define DBGC_CLASS DBGC_WINBIND
44 static NTSTATUS open_internal_samr_pipe(TALLOC_CTX *mem_ctx,
45 struct rpc_pipe_client **samr_pipe)
47 struct rpc_pipe_client *cli = NULL;
48 struct auth_serversupplied_info *session_info = NULL;
51 if (session_info == NULL) {
52 status = make_session_info_system(mem_ctx, &session_info);
53 if (!NT_STATUS_IS_OK(status)) {
54 DEBUG(0, ("open_samr_pipe: Could not create auth_serversupplied_info: %s\n",
60 /* create a samr connection */
61 status = rpc_pipe_open_interface(mem_ctx,
62 &ndr_table_samr.syntax_id,
65 winbind_messaging_context(),
67 if (!NT_STATUS_IS_OK(status)) {
68 DEBUG(0, ("open_samr_pipe: Could not connect to samr_pipe: %s\n",
80 NTSTATUS open_internal_samr_conn(TALLOC_CTX *mem_ctx,
81 struct winbindd_domain *domain,
82 struct rpc_pipe_client **samr_pipe,
83 struct policy_handle *samr_domain_hnd)
85 NTSTATUS status, result;
86 struct policy_handle samr_connect_hnd;
87 struct dcerpc_binding_handle *b;
89 status = open_internal_samr_pipe(mem_ctx, samr_pipe);
90 if (!NT_STATUS_IS_OK(status)) {
94 b = (*samr_pipe)->binding_handle;
96 status = dcerpc_samr_Connect2(b, mem_ctx,
97 (*samr_pipe)->desthost,
98 SEC_FLAG_MAXIMUM_ALLOWED,
101 if (!NT_STATUS_IS_OK(status)) {
104 if (!NT_STATUS_IS_OK(result)) {
108 status = dcerpc_samr_OpenDomain(b, mem_ctx,
110 SEC_FLAG_MAXIMUM_ALLOWED,
114 if (!NT_STATUS_IS_OK(status)) {
121 static NTSTATUS open_internal_lsa_pipe(TALLOC_CTX *mem_ctx,
122 struct rpc_pipe_client **lsa_pipe)
124 struct rpc_pipe_client *cli = NULL;
125 struct auth_serversupplied_info *session_info = NULL;
128 if (session_info == NULL) {
129 status = make_session_info_system(mem_ctx, &session_info);
130 if (!NT_STATUS_IS_OK(status)) {
131 DEBUG(0, ("open_lsa_pipe: Could not create auth_serversupplied_info: %s\n",
137 /* create a lsa connection */
138 status = rpc_pipe_open_interface(mem_ctx,
139 &ndr_table_lsarpc.syntax_id,
142 winbind_messaging_context(),
144 if (!NT_STATUS_IS_OK(status)) {
145 DEBUG(0, ("open_lsa_pipe: Could not connect to lsa_pipe: %s\n",
157 static NTSTATUS open_internal_lsa_conn(TALLOC_CTX *mem_ctx,
158 struct rpc_pipe_client **lsa_pipe,
159 struct policy_handle *lsa_hnd)
163 status = open_internal_lsa_pipe(mem_ctx, lsa_pipe);
164 if (!NT_STATUS_IS_OK(status)) {
168 status = rpccli_lsa_open_policy((*lsa_pipe),
171 SEC_FLAG_MAXIMUM_ALLOWED,
177 /*********************************************************************
178 SAM specific functions.
179 *********************************************************************/
181 /* List all domain groups */
182 static NTSTATUS sam_enum_dom_groups(struct winbindd_domain *domain,
185 struct wb_acct_info **pinfo)
187 struct rpc_pipe_client *samr_pipe;
188 struct policy_handle dom_pol;
189 struct wb_acct_info *info = NULL;
190 uint32_t num_info = 0;
192 NTSTATUS status, result;
193 struct dcerpc_binding_handle *b = NULL;
195 DEBUG(3,("sam_enum_dom_groups\n"));
197 ZERO_STRUCT(dom_pol);
203 tmp_ctx = talloc_stackframe();
204 if (tmp_ctx == NULL) {
205 return NT_STATUS_NO_MEMORY;
208 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
209 if (!NT_STATUS_IS_OK(status)) {
213 b = samr_pipe->binding_handle;
215 status = rpc_enum_dom_groups(tmp_ctx,
220 if (!NT_STATUS_IS_OK(status)) {
225 *pnum_info = num_info;
229 *pinfo = talloc_move(mem_ctx, &info);
233 if (b && is_valid_policy_hnd(&dom_pol)) {
234 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
236 TALLOC_FREE(tmp_ctx);
240 /* Query display info for a domain */
241 static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
244 struct wbint_userinfo **pinfo)
246 struct rpc_pipe_client *samr_pipe = NULL;
247 struct policy_handle dom_pol;
248 struct wbint_userinfo *info = NULL;
249 uint32_t num_info = 0;
251 NTSTATUS status, result;
252 struct dcerpc_binding_handle *b = NULL;
254 DEBUG(3,("samr_query_user_list\n"));
256 ZERO_STRUCT(dom_pol);
262 tmp_ctx = talloc_stackframe();
263 if (tmp_ctx == NULL) {
264 return NT_STATUS_NO_MEMORY;
267 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
268 if (!NT_STATUS_IS_OK(status)) {
272 b = samr_pipe->binding_handle;
274 status = rpc_query_user_list(tmp_ctx,
280 if (!NT_STATUS_IS_OK(status)) {
285 *pnum_info = num_info;
289 *pinfo = talloc_move(mem_ctx, &info);
293 if (b && is_valid_policy_hnd(&dom_pol)) {
294 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
297 TALLOC_FREE(tmp_ctx);
301 /* Lookup user information from a rid or username. */
302 static NTSTATUS sam_query_user(struct winbindd_domain *domain,
304 const struct dom_sid *user_sid,
305 struct wbint_userinfo *user_info)
307 struct rpc_pipe_client *samr_pipe;
308 struct policy_handle dom_pol;
310 NTSTATUS status, result;
311 struct dcerpc_binding_handle *b = NULL;
313 DEBUG(3,("sam_query_user\n"));
315 ZERO_STRUCT(dom_pol);
318 if (!sid_check_is_in_our_domain(user_sid)) {
319 return NT_STATUS_NO_SUCH_USER;
323 user_info->homedir = NULL;
324 user_info->shell = NULL;
325 user_info->primary_gid = (gid_t) -1;
328 tmp_ctx = talloc_stackframe();
329 if (tmp_ctx == NULL) {
330 return NT_STATUS_NO_MEMORY;
333 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
334 if (!NT_STATUS_IS_OK(status)) {
338 b = samr_pipe->binding_handle;
340 status = rpc_query_user(tmp_ctx,
348 if (b && is_valid_policy_hnd(&dom_pol)) {
349 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
352 TALLOC_FREE(tmp_ctx);
356 /* get a list of trusted domains - builtin domain */
357 static NTSTATUS sam_trusted_domains(struct winbindd_domain *domain,
359 struct netr_DomainTrustList *ptrust_list)
361 struct rpc_pipe_client *lsa_pipe;
362 struct policy_handle lsa_policy;
363 struct netr_DomainTrust *trusts = NULL;
364 uint32_t num_trusts = 0;
366 NTSTATUS status, result;
367 struct dcerpc_binding_handle *b = NULL;
369 DEBUG(3,("samr: trusted domains\n"));
371 ZERO_STRUCT(lsa_policy);
374 ZERO_STRUCTP(ptrust_list);
377 tmp_ctx = talloc_stackframe();
378 if (tmp_ctx == NULL) {
379 return NT_STATUS_NO_MEMORY;
382 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
383 if (!NT_STATUS_IS_OK(status)) {
387 b = lsa_pipe->binding_handle;
389 status = rpc_trusted_domains(tmp_ctx,
394 if (!NT_STATUS_IS_OK(status)) {
399 ptrust_list->count = num_trusts;
400 ptrust_list->array = talloc_move(mem_ctx, &trusts);
404 if (b && is_valid_policy_hnd(&lsa_policy)) {
405 dcerpc_lsa_Close(b, mem_ctx, &lsa_policy, &result);
408 TALLOC_FREE(tmp_ctx);
412 /* Lookup group membership given a rid. */
413 static NTSTATUS sam_lookup_groupmem(struct winbindd_domain *domain,
415 const struct dom_sid *group_sid,
416 enum lsa_SidType type,
417 uint32_t *pnum_names,
418 struct dom_sid **psid_mem,
420 uint32_t **pname_types)
422 struct rpc_pipe_client *samr_pipe;
423 struct policy_handle dom_pol;
425 uint32_t num_names = 0;
426 struct dom_sid *sid_mem = NULL;
428 uint32_t *name_types = NULL;
431 NTSTATUS status, result;
432 struct dcerpc_binding_handle *b = NULL;
434 DEBUG(3,("sam_lookup_groupmem\n"));
436 ZERO_STRUCT(dom_pol);
439 if (sid_check_is_in_builtin(group_sid) && (type != SID_NAME_ALIAS)) {
440 /* There's no groups, only aliases in BUILTIN */
441 return NT_STATUS_NO_SUCH_GROUP;
448 tmp_ctx = talloc_stackframe();
449 if (tmp_ctx == NULL) {
450 return NT_STATUS_NO_MEMORY;
453 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
454 if (!NT_STATUS_IS_OK(status)) {
458 b = samr_pipe->binding_handle;
460 status = rpc_lookup_groupmem(tmp_ctx,
473 *pnum_names = num_names;
477 *pnames = talloc_move(mem_ctx, &names);
481 *pname_types = talloc_move(mem_ctx, &name_types);
485 *psid_mem = talloc_move(mem_ctx, &sid_mem);
489 if (b && is_valid_policy_hnd(&dom_pol)) {
490 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
493 TALLOC_FREE(tmp_ctx);
497 /*********************************************************************
498 BUILTIN specific functions.
499 *********************************************************************/
501 /* List all domain groups */
502 static NTSTATUS builtin_enum_dom_groups(struct winbindd_domain *domain,
505 struct wb_acct_info **info)
507 /* BUILTIN doesn't have domain groups */
513 /* Query display info for a domain */
514 static NTSTATUS builtin_query_user_list(struct winbindd_domain *domain,
517 struct wbint_userinfo **info)
519 /* We don't have users */
525 /* Lookup user information from a rid or username. */
526 static NTSTATUS builtin_query_user(struct winbindd_domain *domain,
528 const struct dom_sid *user_sid,
529 struct wbint_userinfo *user_info)
531 return NT_STATUS_NO_SUCH_USER;
534 /* get a list of trusted domains - builtin domain */
535 static NTSTATUS builtin_trusted_domains(struct winbindd_domain *domain,
537 struct netr_DomainTrustList *trusts)
539 ZERO_STRUCTP(trusts);
543 /*********************************************************************
545 *********************************************************************/
547 /* List all local groups (aliases) */
548 static NTSTATUS sam_enum_local_groups(struct winbindd_domain *domain,
551 struct wb_acct_info **pinfo)
553 struct rpc_pipe_client *samr_pipe;
554 struct policy_handle dom_pol;
555 struct wb_acct_info *info = NULL;
556 uint32_t num_info = 0;
558 NTSTATUS status, result;
559 struct dcerpc_binding_handle *b = NULL;
561 DEBUG(3,("samr: enum local groups\n"));
563 ZERO_STRUCT(dom_pol);
569 tmp_ctx = talloc_stackframe();
570 if (tmp_ctx == NULL) {
571 return NT_STATUS_NO_MEMORY;
574 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
575 if (!NT_STATUS_IS_OK(status)) {
579 b = samr_pipe->binding_handle;
581 status = rpc_enum_local_groups(mem_ctx,
586 if (!NT_STATUS_IS_OK(status)) {
591 *pnum_info = num_info;
595 *pinfo = talloc_move(mem_ctx, &info);
599 if (b && is_valid_policy_hnd(&dom_pol)) {
600 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
603 TALLOC_FREE(tmp_ctx);
607 /* convert a single name to a sid in a domain */
608 static NTSTATUS sam_name_to_sid(struct winbindd_domain *domain,
610 const char *domain_name,
613 struct dom_sid *psid,
614 enum lsa_SidType *ptype)
616 struct rpc_pipe_client *lsa_pipe;
617 struct policy_handle lsa_policy;
619 enum lsa_SidType type;
621 NTSTATUS status, result;
622 struct dcerpc_binding_handle *b = NULL;
624 DEBUG(3,("sam_name_to_sid\n"));
626 ZERO_STRUCT(lsa_policy);
628 tmp_ctx = talloc_stackframe();
629 if (tmp_ctx == NULL) {
630 return NT_STATUS_NO_MEMORY;
633 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
634 if (!NT_STATUS_IS_OK(status)) {
638 b = lsa_pipe->binding_handle;
640 status = rpc_name_to_sid(tmp_ctx,
648 if (!NT_STATUS_IS_OK(status)) {
653 sid_copy(psid, &sid);
660 if (b && is_valid_policy_hnd(&lsa_policy)) {
661 dcerpc_lsa_Close(b, mem_ctx, &lsa_policy, &result);
664 TALLOC_FREE(tmp_ctx);
668 /* convert a domain SID to a user or group name */
669 static NTSTATUS sam_sid_to_name(struct winbindd_domain *domain,
671 const struct dom_sid *sid,
674 enum lsa_SidType *ptype)
676 struct rpc_pipe_client *lsa_pipe;
677 struct policy_handle lsa_policy;
678 char *domain_name = NULL;
680 enum lsa_SidType type;
682 NTSTATUS status, result;
683 struct dcerpc_binding_handle *b = NULL;
685 DEBUG(3,("sam_sid_to_name\n"));
687 ZERO_STRUCT(lsa_policy);
690 if (!sid_check_is_in_builtin(sid) &&
691 !sid_check_is_in_our_domain(sid) &&
692 !sid_check_is_in_unix_users(sid) &&
693 !sid_check_is_unix_users(sid) &&
694 !sid_check_is_in_unix_groups(sid) &&
695 !sid_check_is_unix_groups(sid) &&
696 !sid_check_is_in_wellknown_domain(sid)) {
697 DEBUG(0, ("sam_sid_to_name: possible deadlock - trying to "
698 "lookup SID %s\n", sid_string_dbg(sid)));
699 return NT_STATUS_NONE_MAPPED;
702 tmp_ctx = talloc_stackframe();
703 if (tmp_ctx == NULL) {
704 return NT_STATUS_NO_MEMORY;
707 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
708 if (!NT_STATUS_IS_OK(status)) {
712 b = lsa_pipe->binding_handle;
714 status = rpc_sid_to_name(tmp_ctx,
728 *pname = talloc_move(mem_ctx, &name);
732 *pdomain_name = talloc_move(mem_ctx, &domain_name);
736 if (b && is_valid_policy_hnd(&lsa_policy)) {
737 dcerpc_lsa_Close(b, mem_ctx, &lsa_policy, &result);
740 TALLOC_FREE(tmp_ctx);
744 static NTSTATUS sam_rids_to_names(struct winbindd_domain *domain,
746 const struct dom_sid *domain_sid,
751 enum lsa_SidType **ptypes)
753 struct rpc_pipe_client *lsa_pipe;
754 struct policy_handle lsa_policy;
755 enum lsa_SidType *types = NULL;
756 char *domain_name = NULL;
759 NTSTATUS status, result;
760 struct dcerpc_binding_handle *b = NULL;
762 DEBUG(3,("sam_rids_to_names for %s\n", domain->name));
764 ZERO_STRUCT(lsa_policy);
767 if (!sid_check_is_builtin(domain_sid) &&
768 !sid_check_is_domain(domain_sid) &&
769 !sid_check_is_unix_users(domain_sid) &&
770 !sid_check_is_unix_groups(domain_sid) &&
771 !sid_check_is_in_wellknown_domain(domain_sid)) {
772 DEBUG(0, ("sam_rids_to_names: possible deadlock - trying to "
773 "lookup SID %s\n", sid_string_dbg(domain_sid)));
774 return NT_STATUS_NONE_MAPPED;
777 tmp_ctx = talloc_stackframe();
778 if (tmp_ctx == NULL) {
779 return NT_STATUS_NO_MEMORY;
782 status = open_internal_lsa_conn(tmp_ctx, &lsa_pipe, &lsa_policy);
783 if (!NT_STATUS_IS_OK(status)) {
787 b = lsa_pipe->binding_handle;
789 status = rpc_rids_to_names(tmp_ctx,
799 if (!NT_STATUS_IS_OK(status)) {
804 *pdomain_name = talloc_move(mem_ctx, &domain_name);
808 *ptypes = talloc_move(mem_ctx, &types);
812 *pnames = talloc_move(mem_ctx, &names);
816 if (b && is_valid_policy_hnd(&lsa_policy)) {
817 dcerpc_lsa_Close(b, mem_ctx, &lsa_policy, &result);
820 TALLOC_FREE(tmp_ctx);
824 static NTSTATUS sam_lockout_policy(struct winbindd_domain *domain,
826 struct samr_DomInfo12 *lockout_policy)
828 struct rpc_pipe_client *samr_pipe;
829 struct policy_handle dom_pol;
830 union samr_DomainInfo *info = NULL;
832 NTSTATUS status, result;
833 struct dcerpc_binding_handle *b = NULL;
835 DEBUG(3,("sam_lockout_policy\n"));
837 ZERO_STRUCT(dom_pol);
839 tmp_ctx = talloc_stackframe();
840 if (tmp_ctx == NULL) {
841 return NT_STATUS_NO_MEMORY;
844 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
845 if (!NT_STATUS_IS_OK(status)) {
849 b = samr_pipe->binding_handle;
851 status = dcerpc_samr_QueryDomainInfo(b,
857 if (!NT_STATUS_IS_OK(status)) {
860 if (!NT_STATUS_IS_OK(result)) {
865 *lockout_policy = info->info12;
868 if (b && is_valid_policy_hnd(&dom_pol)) {
869 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
872 TALLOC_FREE(tmp_ctx);
876 static NTSTATUS sam_password_policy(struct winbindd_domain *domain,
878 struct samr_DomInfo1 *passwd_policy)
880 struct rpc_pipe_client *samr_pipe;
881 struct policy_handle dom_pol;
882 union samr_DomainInfo *info = NULL;
884 NTSTATUS status, result;
885 struct dcerpc_binding_handle *b = NULL;
887 DEBUG(3,("sam_password_policy\n"));
889 ZERO_STRUCT(dom_pol);
891 tmp_ctx = talloc_stackframe();
892 if (tmp_ctx == NULL) {
893 return NT_STATUS_NO_MEMORY;
896 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
897 if (!NT_STATUS_IS_OK(status)) {
901 b = samr_pipe->binding_handle;
903 status = dcerpc_samr_QueryDomainInfo(b,
909 if (!NT_STATUS_IS_OK(status)) {
912 if (!NT_STATUS_IS_OK(result)) {
917 *passwd_policy = info->info1;
920 if (b && is_valid_policy_hnd(&dom_pol)) {
921 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
924 TALLOC_FREE(tmp_ctx);
928 /* Lookup groups a user is a member of. */
929 static NTSTATUS sam_lookup_usergroups(struct winbindd_domain *domain,
931 const struct dom_sid *user_sid,
932 uint32_t *pnum_groups,
933 struct dom_sid **puser_grpsids)
935 struct rpc_pipe_client *samr_pipe;
936 struct policy_handle dom_pol;
937 struct dom_sid *user_grpsids = NULL;
938 uint32_t num_groups = 0;
940 NTSTATUS status, result;
941 struct dcerpc_binding_handle *b = NULL;
943 DEBUG(3,("sam_lookup_usergroups\n"));
945 ZERO_STRUCT(dom_pol);
951 tmp_ctx = talloc_stackframe();
952 if (tmp_ctx == NULL) {
953 return NT_STATUS_NO_MEMORY;
956 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
957 if (!NT_STATUS_IS_OK(status)) {
961 b = samr_pipe->binding_handle;
963 status = rpc_lookup_usergroups(tmp_ctx,
970 if (!NT_STATUS_IS_OK(status)) {
975 *pnum_groups = num_groups;
979 *puser_grpsids = talloc_move(mem_ctx, &user_grpsids);
983 if (b && is_valid_policy_hnd(&dom_pol)) {
984 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
987 TALLOC_FREE(tmp_ctx);
991 static NTSTATUS sam_lookup_useraliases(struct winbindd_domain *domain,
994 const struct dom_sid *sids,
995 uint32_t *pnum_aliases,
996 uint32_t **palias_rids)
998 struct rpc_pipe_client *samr_pipe;
999 struct policy_handle dom_pol;
1000 uint32_t num_aliases = 0;
1001 uint32_t *alias_rids = NULL;
1002 TALLOC_CTX *tmp_ctx;
1003 NTSTATUS status, result;
1004 struct dcerpc_binding_handle *b = NULL;
1006 DEBUG(3,("sam_lookup_useraliases\n"));
1008 ZERO_STRUCT(dom_pol);
1014 tmp_ctx = talloc_stackframe();
1015 if (tmp_ctx == NULL) {
1016 return NT_STATUS_NO_MEMORY;
1019 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
1020 if (!NT_STATUS_IS_OK(status)) {
1024 b = samr_pipe->binding_handle;
1026 status = rpc_lookup_useraliases(tmp_ctx,
1033 if (!NT_STATUS_IS_OK(status)) {
1038 *pnum_aliases = num_aliases;
1042 *palias_rids = talloc_move(mem_ctx, &alias_rids);
1046 if (b && is_valid_policy_hnd(&dom_pol)) {
1047 dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
1050 TALLOC_FREE(tmp_ctx);
1054 /* find the sequence number for a domain */
1055 static NTSTATUS sam_sequence_number(struct winbindd_domain *domain,
1058 struct rpc_pipe_client *samr_pipe;
1059 struct policy_handle dom_pol;
1061 TALLOC_CTX *tmp_ctx;
1062 NTSTATUS status, result;
1063 struct dcerpc_binding_handle *b = NULL;
1065 DEBUG(3,("samr: sequence number\n"));
1067 ZERO_STRUCT(dom_pol);
1070 *pseq = DOM_SEQUENCE_NONE;
1073 tmp_ctx = talloc_stackframe();
1074 if (tmp_ctx == NULL) {
1075 return NT_STATUS_NO_MEMORY;
1078 status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
1079 if (!NT_STATUS_IS_OK(status)) {
1083 b = samr_pipe->binding_handle;
1085 status = rpc_sequence_number(tmp_ctx,
1090 if (!NT_STATUS_IS_OK(status)) {
1098 if (b && is_valid_policy_hnd(&dom_pol)) {
1099 dcerpc_samr_Close(b, tmp_ctx, &dom_pol, &result);
1102 TALLOC_FREE(tmp_ctx);
1106 /* the rpc backend methods are exposed via this structure */
1107 struct winbindd_methods builtin_passdb_methods = {
1108 .consistent = false,
1110 .query_user_list = builtin_query_user_list,
1111 .enum_dom_groups = builtin_enum_dom_groups,
1112 .enum_local_groups = sam_enum_local_groups,
1113 .name_to_sid = sam_name_to_sid,
1114 .sid_to_name = sam_sid_to_name,
1115 .rids_to_names = sam_rids_to_names,
1116 .query_user = builtin_query_user,
1117 .lookup_usergroups = sam_lookup_usergroups,
1118 .lookup_useraliases = sam_lookup_useraliases,
1119 .lookup_groupmem = sam_lookup_groupmem,
1120 .sequence_number = sam_sequence_number,
1121 .lockout_policy = sam_lockout_policy,
1122 .password_policy = sam_password_policy,
1123 .trusted_domains = builtin_trusted_domains
1126 /* the rpc backend methods are exposed via this structure */
1127 struct winbindd_methods sam_passdb_methods = {
1128 .consistent = false,
1130 .query_user_list = sam_query_user_list,
1131 .enum_dom_groups = sam_enum_dom_groups,
1132 .enum_local_groups = sam_enum_local_groups,
1133 .name_to_sid = sam_name_to_sid,
1134 .sid_to_name = sam_sid_to_name,
1135 .rids_to_names = sam_rids_to_names,
1136 .query_user = sam_query_user,
1137 .lookup_usergroups = sam_lookup_usergroups,
1138 .lookup_useraliases = sam_lookup_useraliases,
1139 .lookup_groupmem = sam_lookup_groupmem,
1140 .sequence_number = sam_sequence_number,
1141 .lockout_policy = sam_lockout_policy,
1142 .password_policy = sam_password_policy,
1143 .trusted_domains = sam_trusted_domains