return WERR_UNKNOWN_LEVEL;
}
+ switch (r->in.function_code) {
+ case NETLOGON_CONTROL_QUERY:
+ case NETLOGON_CONTROL_REPLICATE:
+ case NETLOGON_CONTROL_SYNCHRONIZE:
+ case NETLOGON_CONTROL_PDC_REPLICATE:
+ case NETLOGON_CONTROL_BREAKPOINT:
+ case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
+ case NETLOGON_CONTROL_TRUNCATE_LOG:
+ break;
+ default:
+ return WERR_NOT_SUPPORTED;
+ }
+
l.in.logon_server = r->in.logon_server;
l.in.function_code = r->in.function_code;
l.in.level = r->in.level;
struct netr_NETLOGON_INFO_3 *info3;
struct netr_NETLOGON_INFO_4 *info4;
const char *fn;
- uint32_t acct_ctrl;
NTSTATUS status;
struct netr_DsRGetDCNameInfo *dc_info;
return WERR_INVALID_PARAM;
}
- acct_ctrl = p->session_info->info->acct_flags;
+ switch (r->in.level) {
+ case 1:
+ case 2:
+ case 3:
+ case 4:
+ break;
+ default:
+ return WERR_INVALID_LEVEL;
+ }
switch (r->in.function_code) {
- case NETLOGON_CONTROL_TC_VERIFY:
- case NETLOGON_CONTROL_CHANGE_PASSWORD:
- case NETLOGON_CONTROL_REDISCOVER:
+ case NETLOGON_CONTROL_QUERY:
+ break;
+ default:
if ((geteuid() != sec_initial_uid()) &&
!nt_token_check_domain_rid(p->session_info->security_token, DOMAIN_RID_ADMINS) &&
- !nt_token_check_sid(&global_sid_Builtin_Administrators, p->session_info->security_token) &&
- !(acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST))) {
+ !nt_token_check_sid(&global_sid_Builtin_Administrators, p->session_info->security_token))
+ {
return WERR_ACCESS_DENIED;
}
break;
- default:
- break;
}
tc_status = WERR_NO_SUCH_DOMAIN;
switch (r->in.function_code) {
case NETLOGON_CONTROL_QUERY:
+ switch (r->in.level) {
+ case 1:
+ case 3:
+ break;
+ default:
+ return WERR_INVALID_PARAMETER;
+ }
+
tc_status = WERR_OK;
break;
case NETLOGON_CONTROL_REPLICATE:
case NETLOGON_CONTROL_PDC_REPLICATE:
case NETLOGON_CONTROL_BACKUP_CHANGE_LOG:
case NETLOGON_CONTROL_BREAKPOINT:
- if (acct_ctrl & ACB_NORMAL) {
- return WERR_NOT_SUPPORTED;
- } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
- return WERR_ACCESS_DENIED;
- } else {
- return WERR_ACCESS_DENIED;
- }
case NETLOGON_CONTROL_TRUNCATE_LOG:
- if (acct_ctrl & ACB_NORMAL) {
- break;
- } else if (acct_ctrl & (ACB_WSTRUST | ACB_SVRTRUST)) {
- return WERR_ACCESS_DENIED;
- } else {
- return WERR_ACCESS_DENIED;
- }
-
case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
case NETLOGON_CONTROL_FORCE_DNS_REG:
case NETLOGON_CONTROL_QUERY_DNS_REG:
return WERR_NOT_SUPPORTED;
+
case NETLOGON_CONTROL_FIND_USER:
if (!r->in.data || !r->in.data->user) {
return WERR_NOT_SUPPORTED;
/* no idea what this should be */
DEBUG(0,("%s: unimplemented function level [%d]\n",
fn, r->in.function_code));
- return WERR_UNKNOWN_LEVEL;
+ return WERR_NOT_SUPPORTED;
}
/* prepare the response */