2 Unix SMB/CIFS implementation.
4 Copyright (C) Tim Potter 2000-2001,
5 Copyright (C) Andrew Tridgell 1992-1997,2000,
6 Copyright (C) Rafal Szczesniak 2002.
7 Copyright (C) Jeremy Allison 2005.
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
27 NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli,
29 const POLICY_HND *user_pol,
31 SAM_USERINFO_CTR **ctr)
33 prs_struct qbuf, rbuf;
34 SAMR_Q_QUERY_USERINFO q;
35 SAMR_R_QUERY_USERINFO r;
36 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
38 DEBUG(10,("cli_samr_query_userinfo\n"));
43 /* Marshall data and send request */
45 init_samr_q_query_userinfo(&q, user_pol, switch_value);
47 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO,
50 samr_io_q_query_userinfo,
51 samr_io_r_query_userinfo,
52 NT_STATUS_UNSUCCESSFUL);
54 /* Return output parameters */
64 NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
65 POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
67 prs_struct qbuf, rbuf;
68 SAMR_Q_SET_GROUPINFO q;
69 SAMR_R_SET_GROUPINFO r;
70 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
72 DEBUG(10,("cli_samr_set_groupinfo\n"));
77 /* Marshall data and send request */
79 init_samr_q_set_groupinfo(&q, group_pol, ctr);
81 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO,
84 samr_io_q_set_groupinfo,
85 samr_io_r_set_groupinfo,
86 NT_STATUS_UNSUCCESSFUL);
88 /* Return output parameters */
95 /* Query group info */
97 NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
98 POLICY_HND *group_pol, uint32 info_level,
101 prs_struct qbuf, rbuf;
102 SAMR_Q_QUERY_GROUPINFO q;
103 SAMR_R_QUERY_GROUPINFO r;
104 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
106 DEBUG(10,("cli_samr_query_groupinfo\n"));
111 /* Marshall data and send request */
113 init_samr_q_query_groupinfo(&q, group_pol, info_level);
115 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO,
118 samr_io_q_query_groupinfo,
119 samr_io_r_query_groupinfo,
120 NT_STATUS_UNSUCCESSFUL);
124 /* Return output parameters */
131 /* Query user groups */
133 NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli,
135 POLICY_HND *user_pol,
139 prs_struct qbuf, rbuf;
140 SAMR_Q_QUERY_USERGROUPS q;
141 SAMR_R_QUERY_USERGROUPS r;
142 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
144 DEBUG(10,("cli_samr_query_usergroups\n"));
149 /* Marshall data and send request */
151 init_samr_q_query_usergroups(&q, user_pol);
153 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS,
156 samr_io_q_query_usergroups,
157 samr_io_r_query_usergroups,
158 NT_STATUS_UNSUCCESSFUL);
160 /* Return output parameters */
162 if (NT_STATUS_IS_OK(result = r.status)) {
163 *num_groups = r.num_entries;
172 NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
173 POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
175 prs_struct qbuf, rbuf;
176 SAMR_Q_SET_ALIASINFO q;
177 SAMR_R_SET_ALIASINFO r;
178 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
180 DEBUG(10,("cli_samr_set_aliasinfo\n"));
185 /* Marshall data and send request */
187 init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
189 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO,
192 samr_io_q_set_aliasinfo,
193 samr_io_r_set_aliasinfo,
194 NT_STATUS_UNSUCCESSFUL);
196 /* Return output parameters */
203 /* Query user aliases */
205 NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli,
207 POLICY_HND *dom_pol, uint32 num_sids,
209 uint32 *num_aliases, uint32 **als_rids)
211 prs_struct qbuf, rbuf;
212 SAMR_Q_QUERY_USERALIASES q;
213 SAMR_R_QUERY_USERALIASES r;
214 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
218 DEBUG(10,("cli_samr_query_useraliases\n"));
224 sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids);
225 if (sid_ptrs == NULL)
226 return NT_STATUS_NO_MEMORY;
231 for (i=0; i<num_sids; i++)
234 /* Marshall data and send request */
236 init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid);
238 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES,
241 samr_io_q_query_useraliases,
242 samr_io_r_query_useraliases,
243 NT_STATUS_UNSUCCESSFUL);
245 /* Return output parameters */
247 if (NT_STATUS_IS_OK(result = r.status)) {
248 *num_aliases = r.num_entries;
256 * Enumerate domain users
258 * @param cli client state structure
259 * @param mem_ctx talloc context
260 * @param pol opened domain policy handle
261 * @param start_idx starting index of enumeration, returns context for
263 * @param acb_mask account control bit mask (to enumerate some particular
265 * @param size max acceptable size of response
266 * @param dom_users returned array of domain user names
267 * @param rids returned array of domain user RIDs
268 * @param num_dom_users numer returned entries
270 * @return NTSTATUS returned in rpc response
273 NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
274 POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
275 uint32 size, char ***dom_users, uint32 **rids,
276 uint32 *num_dom_users)
280 SAMR_Q_ENUM_DOM_USERS q;
281 SAMR_R_ENUM_DOM_USERS r;
282 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
285 DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
290 /* always init this */
293 /* Fill query structure with parameters */
295 init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
297 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
300 samr_io_q_enum_dom_users,
301 samr_io_r_enum_dom_users,
302 NT_STATUS_UNSUCCESSFUL);
306 if (!NT_STATUS_IS_OK(result) &&
307 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
310 *start_idx = r.next_idx;
311 *num_dom_users = r.num_entries2;
313 if (r.num_entries2) {
314 /* allocate memory needed to return received data */
315 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
317 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
318 return NT_STATUS_NO_MEMORY;
321 *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
323 DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
324 return NT_STATUS_NO_MEMORY;
327 /* fill output buffers with rpc response */
328 for (i = 0; i < r.num_entries2; i++) {
331 (*rids)[i] = r.sam[i].rid;
332 unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf));
333 (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
341 /* Enumerate domain groups */
343 NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli,
345 POLICY_HND *pol, uint32 *start_idx,
346 uint32 size, struct acct_info **dom_groups,
347 uint32 *num_dom_groups)
349 prs_struct qbuf, rbuf;
350 SAMR_Q_ENUM_DOM_GROUPS q;
351 SAMR_R_ENUM_DOM_GROUPS r;
352 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
355 DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
360 /* Marshall data and send request */
362 init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
364 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS,
367 samr_io_q_enum_dom_groups,
368 samr_io_r_enum_dom_groups,
369 NT_STATUS_UNSUCCESSFUL);
371 /* Return output parameters */
375 if (!NT_STATUS_IS_OK(result) &&
376 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
379 *num_dom_groups = r.num_entries2;
381 if (*num_dom_groups == 0)
384 if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
385 result = NT_STATUS_NO_MEMORY;
389 memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
393 for (i = 0; i < *num_dom_groups; i++) {
395 (*dom_groups)[i].rid = r.sam[i].rid;
397 if (r.sam[i].hdr_name.buffer) {
398 unistr2_to_ascii((*dom_groups)[i].acct_name,
399 &r.uni_grp_name[name_idx],
400 sizeof((*dom_groups)[i].acct_name));
404 *start_idx = r.next_idx;
411 /* Enumerate domain groups */
413 NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli,
415 POLICY_HND *pol, uint32 *start_idx,
416 uint32 size, struct acct_info **dom_aliases,
417 uint32 *num_dom_aliases)
419 prs_struct qbuf, rbuf;
420 SAMR_Q_ENUM_DOM_ALIASES q;
421 SAMR_R_ENUM_DOM_ALIASES r;
422 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
425 DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
430 /* Marshall data and send request */
432 init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
434 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES,
437 samr_io_q_enum_dom_aliases,
438 samr_io_r_enum_dom_aliases,
439 NT_STATUS_UNSUCCESSFUL);
441 /* Return output parameters */
445 if (!NT_STATUS_IS_OK(result) &&
446 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
450 *num_dom_aliases = r.num_entries2;
452 if (*num_dom_aliases == 0)
455 if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
456 result = NT_STATUS_NO_MEMORY;
460 memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
464 for (i = 0; i < *num_dom_aliases; i++) {
466 (*dom_aliases)[i].rid = r.sam[i].rid;
468 if (r.sam[i].hdr_name.buffer) {
469 unistr2_to_ascii((*dom_aliases)[i].acct_name,
470 &r.uni_grp_name[name_idx],
471 sizeof((*dom_aliases)[i].acct_name));
475 *start_idx = r.next_idx;
482 /* Query alias info */
484 NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
485 POLICY_HND *alias_pol, uint16 switch_value,
488 prs_struct qbuf, rbuf;
489 SAMR_Q_QUERY_ALIASINFO q;
490 SAMR_R_QUERY_ALIASINFO r;
491 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
493 DEBUG(10,("cli_samr_query_alias_info\n"));
498 /* Marshall data and send request */
500 init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
502 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO,
505 samr_io_q_query_aliasinfo,
506 samr_io_r_query_aliasinfo,
507 NT_STATUS_UNSUCCESSFUL);
509 /* Return output parameters */
511 if (!NT_STATUS_IS_OK(result = r.status)) {
522 /* Query domain info */
524 NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
526 POLICY_HND *domain_pol,
530 prs_struct qbuf, rbuf;
531 SAMR_Q_QUERY_DOMAIN_INFO q;
532 SAMR_R_QUERY_DOMAIN_INFO r;
533 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
535 DEBUG(10,("cli_samr_query_dom_info\n"));
540 /* Marshall data and send request */
542 init_samr_q_query_domain_info(&q, domain_pol, switch_value);
546 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO,
549 samr_io_q_query_domain_info,
550 samr_io_r_query_domain_info,
551 NT_STATUS_UNSUCCESSFUL);
553 /* Return output parameters */
555 if (!NT_STATUS_IS_OK(result = r.status)) {
564 /* Query domain info2 */
566 NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli,
568 POLICY_HND *domain_pol,
572 prs_struct qbuf, rbuf;
573 SAMR_Q_QUERY_DOMAIN_INFO2 q;
574 SAMR_R_QUERY_DOMAIN_INFO2 r;
575 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
577 DEBUG(10,("cli_samr_query_dom_info2\n"));
582 /* Marshall data and send request */
584 init_samr_q_query_domain_info2(&q, domain_pol, switch_value);
588 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2,
591 samr_io_q_query_domain_info2,
592 samr_io_r_query_domain_info2,
593 NT_STATUS_UNSUCCESSFUL);
595 /* Return output parameters */
597 if (!NT_STATUS_IS_OK(result = r.status)) {
606 /* Set domain info */
608 NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
610 POLICY_HND *domain_pol,
614 prs_struct qbuf, rbuf;
615 SAMR_Q_SET_DOMAIN_INFO q;
616 SAMR_R_SET_DOMAIN_INFO r;
617 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
619 DEBUG(10,("cli_samr_set_domain_info\n"));
624 /* Marshall data and send request */
626 init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
628 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
631 samr_io_q_set_domain_info,
632 samr_io_r_set_domain_info,
633 NT_STATUS_UNSUCCESSFUL);
635 /* Return output parameters */
637 if (!NT_STATUS_IS_OK(result = r.status)) {
646 /* User change password */
648 NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
650 const char *username,
651 const char *newpassword,
652 const char *oldpassword )
654 prs_struct qbuf, rbuf;
655 SAMR_Q_CHGPASSWD_USER q;
656 SAMR_R_CHGPASSWD_USER r;
657 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
659 uchar new_nt_password[516];
660 uchar new_lm_password[516];
661 uchar old_nt_hash[16];
662 uchar old_lanman_hash[16];
663 uchar old_nt_hash_enc[16];
664 uchar old_lanman_hash_enc[16];
666 uchar new_nt_hash[16];
667 uchar new_lanman_hash[16];
669 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
671 DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
676 /* Calculate the MD4 hash (NT compatible) of the password */
677 E_md4hash(oldpassword, old_nt_hash);
678 E_md4hash(newpassword, new_nt_hash);
680 if (lp_client_lanman_auth()
681 && E_deshash(newpassword, new_lanman_hash)
682 && E_deshash(oldpassword, old_lanman_hash)) {
683 /* E_deshash returns false for 'long' passwords (> 14
684 DOS chars). This allows us to match Win2k, which
685 does not store a LM hash for these passwords (which
686 would reduce the effective password length to 14) */
688 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
690 SamOEMhash( new_lm_password, old_nt_hash, 516);
691 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
693 ZERO_STRUCT(new_lm_password);
694 ZERO_STRUCT(old_lanman_hash_enc);
697 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
699 SamOEMhash( new_nt_password, old_nt_hash, 516);
700 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
702 /* Marshall data and send request */
704 init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
708 old_lanman_hash_enc);
710 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
713 samr_io_q_chgpasswd_user,
714 samr_io_r_chgpasswd_user,
715 NT_STATUS_UNSUCCESSFUL);
717 /* Return output parameters */
719 if (!NT_STATUS_IS_OK(result = r.status)) {
728 /* User change password given blobs */
730 NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
732 const char *username,
733 DATA_BLOB new_nt_password,
734 DATA_BLOB old_nt_hash_enc,
735 DATA_BLOB new_lm_password,
736 DATA_BLOB old_lm_hash_enc)
738 prs_struct qbuf, rbuf;
739 SAMR_Q_CHGPASSWD_USER q;
740 SAMR_R_CHGPASSWD_USER r;
741 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
743 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
745 DEBUG(10,("rpccli_samr_chng_pswd_auth_crap\n"));
750 /* Marshall data and send request */
752 init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
753 new_nt_password.data,
754 old_nt_hash_enc.data,
755 new_lm_password.data,
756 old_lm_hash_enc.data);
758 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
761 samr_io_q_chgpasswd_user,
762 samr_io_r_chgpasswd_user,
763 NT_STATUS_UNSUCCESSFUL);
765 /* Return output parameters */
767 if (!NT_STATUS_IS_OK(result = r.status)) {
777 /* change password 3 */
779 NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli,
781 const char *username,
782 const char *newpassword,
783 const char *oldpassword,
784 SAM_UNK_INFO_1 *info,
785 SAMR_CHANGE_REJECT *reject)
787 prs_struct qbuf, rbuf;
788 SAMR_Q_CHGPASSWD_USER3 q;
789 SAMR_R_CHGPASSWD_USER3 r;
791 uchar new_nt_password[516];
792 uchar new_lm_password[516];
793 uchar old_nt_hash[16];
794 uchar old_lanman_hash[16];
795 uchar old_nt_hash_enc[16];
796 uchar old_lanman_hash_enc[16];
798 uchar new_nt_hash[16];
799 uchar new_lanman_hash[16];
801 char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
803 DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
808 /* Calculate the MD4 hash (NT compatible) of the password */
809 E_md4hash(oldpassword, old_nt_hash);
810 E_md4hash(newpassword, new_nt_hash);
812 if (lp_client_lanman_auth()
813 && E_deshash(newpassword, new_lanman_hash)
814 && E_deshash(oldpassword, old_lanman_hash)) {
815 /* E_deshash returns false for 'long' passwords (> 14
816 DOS chars). This allows us to match Win2k, which
817 does not store a LM hash for these passwords (which
818 would reduce the effective password length to 14) */
820 encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
822 SamOEMhash( new_lm_password, old_nt_hash, 516);
823 E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
825 ZERO_STRUCT(new_lm_password);
826 ZERO_STRUCT(old_lanman_hash_enc);
829 encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
831 SamOEMhash( new_nt_password, old_nt_hash, 516);
832 E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
834 /* Marshall data and send request */
836 init_samr_q_chgpasswd_user3(&q, srv_name_slash, username,
840 old_lanman_hash_enc);
844 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER3,
847 samr_io_q_chgpasswd_user3,
848 samr_io_r_chgpasswd_user3,
849 NT_STATUS_UNSUCCESSFUL);
851 /* Return output parameters */
856 /* This function returns the bizzare set of (max_entries, max_size) required
857 for the QueryDisplayInfo RPC to actually work against a domain controller
858 with large (10k and higher) numbers of users. These values were
859 obtained by inspection using ethereal and NT4 running User Manager. */
861 void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
881 default: /* loop_count >= 4 */
888 /* Query display info */
890 NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
892 POLICY_HND *domain_pol, uint32 *start_idx,
893 uint16 switch_value, uint32 *num_entries,
894 uint32 max_entries, uint32 max_size,
895 SAM_DISPINFO_CTR *ctr)
897 prs_struct qbuf, rbuf;
898 SAMR_Q_QUERY_DISPINFO q;
899 SAMR_R_QUERY_DISPINFO r;
900 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
902 DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
909 /* Marshall data and send request */
911 init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
912 *start_idx, max_entries, max_size);
916 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
919 samr_io_q_query_dispinfo,
920 samr_io_r_query_dispinfo,
921 NT_STATUS_UNSUCCESSFUL);
923 /* Return output parameters */
927 if (!NT_STATUS_IS_OK(result) &&
928 NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
932 *num_entries = r.num_entries;
933 *start_idx += r.num_entries; /* No next_idx in this structure! */
939 /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
940 looked up in one packet. */
942 NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
944 POLICY_HND *domain_pol,
945 uint32 num_rids, uint32 *rids,
946 uint32 *num_names, char ***names,
949 prs_struct qbuf, rbuf;
950 SAMR_Q_LOOKUP_RIDS q;
951 SAMR_R_LOOKUP_RIDS r;
952 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
955 DEBUG(10,("cli_samr_lookup_rids\n"));
957 if (num_rids > 1000) {
958 DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
959 "more than ~1000 rids are looked up at once.\n"));
965 /* Marshall data and send request */
967 init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);
969 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
972 samr_io_q_lookup_rids,
973 samr_io_r_lookup_rids,
974 NT_STATUS_UNSUCCESSFUL);
976 /* Return output parameters */
980 if (!NT_STATUS_IS_OK(result) &&
981 !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
984 if (r.num_names1 == 0) {
990 *num_names = r.num_names1;
991 *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
992 *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
994 if ((*names == NULL) || (*name_types == NULL)) {
996 TALLOC_FREE(*name_types);
997 return NT_STATUS_NO_MEMORY;
1000 for (i = 0; i < r.num_names1; i++) {
1003 unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp));
1004 (*names)[i] = talloc_strdup(mem_ctx, tmp);
1005 (*name_types)[i] = r.type[i];
1015 NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1016 POLICY_HND *domain_pol, uint32 flags,
1017 uint32 num_names, const char **names,
1018 uint32 *num_rids, uint32 **rids,
1021 prs_struct qbuf, rbuf;
1022 SAMR_Q_LOOKUP_NAMES q;
1023 SAMR_R_LOOKUP_NAMES r;
1024 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1027 DEBUG(10,("cli_samr_lookup_names\n"));
1032 /* Marshall data and send request */
1034 init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
1037 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
1040 samr_io_q_lookup_names,
1041 samr_io_r_lookup_names,
1042 NT_STATUS_UNSUCCESSFUL);
1044 /* Return output parameters */
1046 if (!NT_STATUS_IS_OK(result = r.status)) {
1050 if (r.num_rids1 == 0) {
1055 *num_rids = r.num_rids1;
1056 *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1057 *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
1059 if ((*rids == NULL) || (*rid_types == NULL)) {
1061 TALLOC_FREE(*rid_types);
1062 return NT_STATUS_NO_MEMORY;
1065 for (i = 0; i < r.num_rids1; i++) {
1066 (*rids)[i] = r.rids[i];
1067 (*rid_types)[i] = r.types[i];
1077 NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1078 const POLICY_HND *user_pol, uint16 switch_value,
1079 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1081 prs_struct qbuf, rbuf;
1082 SAMR_Q_SET_USERINFO q;
1083 SAMR_R_SET_USERINFO r;
1084 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1086 DEBUG(10,("cli_samr_set_userinfo\n"));
1091 if (!sess_key->length) {
1092 DEBUG(1, ("No user session key\n"));
1093 return NT_STATUS_NO_USER_SESSION_KEY;
1096 /* Initialise parse structures */
1098 prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
1099 prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
1101 /* Marshall data and send request */
1105 init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
1108 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
1111 samr_io_q_set_userinfo,
1112 samr_io_r_set_userinfo,
1113 NT_STATUS_UNSUCCESSFUL);
1115 /* Return output parameters */
1117 if (!NT_STATUS_IS_OK(result = r.status)) {
1128 NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
1129 const POLICY_HND *user_pol, uint16 switch_value,
1130 DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
1132 prs_struct qbuf, rbuf;
1133 SAMR_Q_SET_USERINFO2 q;
1134 SAMR_R_SET_USERINFO2 r;
1135 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1137 DEBUG(10,("cli_samr_set_userinfo2\n"));
1139 if (!sess_key->length) {
1140 DEBUG(1, ("No user session key\n"));
1141 return NT_STATUS_NO_USER_SESSION_KEY;
1147 /* Marshall data and send request */
1149 init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
1151 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
1154 samr_io_q_set_userinfo2,
1155 samr_io_r_set_userinfo2,
1156 NT_STATUS_UNSUCCESSFUL);
1158 /* Return output parameters */
1160 if (!NT_STATUS_IS_OK(result = r.status)) {
1169 /* Remove foreign SID */
1171 NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli,
1172 TALLOC_CTX *mem_ctx,
1173 POLICY_HND *user_pol,
1176 prs_struct qbuf, rbuf;
1177 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
1178 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
1179 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1181 DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));
1186 /* Marshall data and send request */
1188 init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid);
1190 CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN,
1193 samr_io_q_remove_sid_foreign_domain,
1194 samr_io_r_remove_sid_foreign_domain,
1195 NT_STATUS_UNSUCCESSFUL);
1197 /* Return output parameters */