/******************/
/* Function: 0x03 */
- NTSTATUS lsa_QuerySecObj (
+ NTSTATUS lsa_QuerySecurity (
[in,ref] policy_handle *handle,
[in] uint32 sec_info,
- [out] sec_desc_buf *sd
+ [out] sec_desc_buf *sdbuf
);
NTSTATUS lsa_GetSystemAccessAccount();
/* Function: 0x18 */
NTSTATUS lsa_SetSystemAccessAccount();
+
/* Function: 0x19 */
- NTSTATUS lsa_OpenTrustedDomain();
+ NTSTATUS lsa_OpenTrustedDomain(
+ [in,ref] policy_handle *handle,
+ [in,ref] dom_sid2 *sid,
+ [in] uint32 access_mask,
+ [out,ref] policy_handle *trustdom_handle
+ );
+
/* Function: 0x1a */
NTSTATUS lsa_QueryInfoTrustedDomain();
/* Function: 0x1b */
NTSTATUS lsa_SetDomInfoPolicy();
/* Function 0x37 */
- NTSTATUS lsa_OpenTrustedDomainByName();
+ NTSTATUS lsa_OpenTrustedDomainByName(
+ [in,ref] policy_handle *handle,
+ [in] lsa_Name name,
+ [in] uint32 access_mask,
+ [out,ref] policy_handle *trustdom_handle
+ );
/* Function 0x38 */
NTSTATUS lsa_TestCall();
/* Function 0x05 */
/* secure channel types */
+ /* Only SEC_CHAN_WKSTA can forward requests to other domains. */
+
const int SEC_CHAN_WKSTA = 2;
const int SEC_CHAN_DOMAIN = 4;
const int SEC_CHAN_BDC = 6;
uint32 unknown6;
uint32 unknown7;
uint32 unknown8;
- } netr_DELTA_ACCOUNTS;
+ } netr_DELTA_ACCOUNT;
typedef struct {
uint16 unknown;
NETR_DELTA_RENAME_ALIAS = 11,
NETR_DELTA_ALIAS_MEMBER = 12,
NETR_DELTA_POLICY = 13,
- NETR_DELTA_TRUSTED_DOMAIN = 14,
+ NETR_DELTA_TRUSTED_DOMAIN = 14,
NETR_DELTA_DELETE_TRUST = 15,
- NETR_DELTA_ACCOUNTS = 16,
+ NETR_DELTA_ACCOUNT = 16,
NETR_DELTA_DELETE_ACCOUNT = 17,
NETR_DELTA_SECRET = 18,
NETR_DELTA_DELETE_SECRET = 19,
[case(NETR_DELTA_RENAME_ALIAS)] netr_DELTA_RENAME *rename_alias;
[case(NETR_DELTA_ALIAS_MEMBER)] netr_DELTA_ALIAS_MEMBER *alias_member;
[case(NETR_DELTA_POLICY)] netr_DELTA_POLICY *policy;
- [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
+ [case(NETR_DELTA_TRUSTED_DOMAIN)] netr_DELTA_TRUSTED_DOMAIN *trusted_domain;
[case(NETR_DELTA_DELETE_TRUST)] netr_DELTA_DELETE_TRUST delete_trust;
- [case(NETR_DELTA_ACCOUNTS)] netr_DELTA_ACCOUNTS *accounts;
+ [case(NETR_DELTA_ACCOUNT)] netr_DELTA_ACCOUNT *account;
[case(NETR_DELTA_DELETE_ACCOUNT)] netr_DELTA_DELETE_ACCOUNT delete_account;
[case(NETR_DELTA_SECRET)] netr_DELTA_SECRET *secret;
[case(NETR_DELTA_DELETE_SECRET)] netr_DELTA_DELETE_SECRET delete_secret;
[case(NETR_DELTA_POLICY)] dom_sid2 *sid;
[case(NETR_DELTA_TRUSTED_DOMAIN)] dom_sid2 *sid;
[case(NETR_DELTA_DELETE_TRUST)] dom_sid2 *sid;
- [case(NETR_DELTA_ACCOUNTS)] dom_sid2 *sid;
+ [case(NETR_DELTA_ACCOUNT)] dom_sid2 *sid;
[case(NETR_DELTA_DELETE_ACCOUNT)] dom_sid2 *sid;
[case(NETR_DELTA_SECRET)] unistr *name;
[case(NETR_DELTA_DELETE_SECRET)] unistr *name;
/*
lsa_QuerySecObj
*/
-static NTSTATUS lsa_QuerySecObj(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_QuerySecObj *r)
+static NTSTATUS lsa_QuerySecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct lsa_QuerySecurity *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
}
-static BOOL test_QuerySecObj(struct dcerpc_pipe *p,
+static BOOL test_QuerySecurity(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
struct policy_handle *acct_handle)
{
NTSTATUS status;
- struct lsa_QuerySecObj r;
+ struct lsa_QuerySecurity r;
- printf("Testing QuerySecObj\n");
+ printf("Testing QuerySecuriy\n");
r.in.handle = acct_handle;
r.in.sec_info = 7;
- status = dcerpc_lsa_QuerySecObj(p, mem_ctx, &r);
+ status = dcerpc_lsa_QuerySecurity(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
- printf("QuerySecObj failed - %s\n", nt_errstr(status));
+ printf("QuerySecurity failed - %s\n", nt_errstr(status));
return False;
}
return False;
}
- if (!test_QuerySecObj(p, mem_ctx, handle, &acct_handle)) {
+ if (!test_QuerySecurity(p, mem_ctx, handle, &acct_handle)) {
return False;
}
NTSTATUS status;
uint32_t resume_handle = 0;
struct lsa_DomainList domains;
+ int i;
+ BOOL ret = True;
printf("\nTesting EnumTrustDom\n");
return False;
}
- return True;
+ printf("\nTesting OpenTrustedDomain and OpenTrustedDomainByName\n");
+
+ for (i=0; i< domains.count; i++) {
+ struct lsa_OpenTrustedDomain trust;
+ struct lsa_OpenTrustedDomainByName trust_by_name;
+ struct policy_handle trust_handle;
+ struct policy_handle handle2;
+ struct lsa_Close c;
+
+ trust.in.handle = handle;
+ trust.in.sid = domains.domains[i].sid;
+ trust.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ trust.out.trustdom_handle = &trust_handle;
+
+ status = dcerpc_lsa_OpenTrustedDomain(p, mem_ctx, &trust);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenTrustedDomain failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ c.in.handle = &trust_handle;
+ c.out.handle = &handle2;
+
+ status = dcerpc_lsa_Close(p, mem_ctx, &c);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Close of trusted doman failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ trust_by_name.in.handle = handle;
+ trust_by_name.in.name = domains.domains[i].name;
+ trust_by_name.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+ trust_by_name.out.trustdom_handle = &trust_handle;
+
+ status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &trust_by_name);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenTrustedDomainByName failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ c.in.handle = &trust_handle;
+ c.out.handle = &handle2;
+
+ status = dcerpc_lsa_Close(p, mem_ctx, &c);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("Close of trusted doman failed - %s\n", nt_errstr(status));
+ return False;
+ }
+ }
+
+ return ret;
}
static BOOL test_QueryInfoPolicy(struct dcerpc_pipe *p,
}
if (!test_SetupCredentials(p, mem_ctx,
- TEST_MACHINE_NAME, machine_pass, &creds)) {
+ TEST_MACHINE_NAME, machine_pass, &creds)) {
ret = False;
}
git.samba.org / sfrench / samba-autobuild / .git / commitdiff