[jcifs] Re: Problems with implementing LsarLookupSids()

Ralf Hartmann Ralf.Hartmann at xsystem.de
Fri Dec 10 22:23:52 GMT 2004

Hello Mr. Allen,

i have found some time to do some further analysis on the IDL. In the attachment 
i send you the last version, with needs only some changes for initialization of 
struct members. I have tested it also with arrays of SID's. It works now.

I am still wondering about the two additional bytes behind sid_type in 
lsa_TranslatedName. It looks like an alignment. Maybe an unicode string has to 
be started at 4 byte boundary.

Best Regards
Ralf Hartmann

Ralf Hartmann wrote:
> Hello Mr. Allen,
> i want to use jarapac 0.3.7 to resolve SID's to user names. I have 
> changed the IDL to support LsarLookupSids() (please refer the 
> attachment). The IDL has been compiled with MIDL 0.5.1. The request 
> looks fine in the network trace. Also the response from the W2K system 
> looks OK. But the decoding of the network packet leads to a crash 
> (please see below). I have figured out, that the unicode_string name in 
> lsa_TrustInformation  doesn't get initalized. I have changed this in the 
> Java source.  But this leads to another crash in decoding the response.
> Can you help me please? Maybe you have implemented LsarLookupSids in the 
> IDL but not distributed it yet. Or you have a hint what is wrong with my 
> IDL.
> Maybe the SID.java i have used for the testing is for interest of you. 
> So i send it as an attachment.
> Next i will try to implement NTQuerySecurityDesc as an addon to JCIFS. I 
> need both (LsarLookupSids and NTQuerySecurityDesc) to display the file 
> owner.
> JCIFS works very well. It is a great software.
> Best Regards
> Ralf Hartmann

Ralf Hartmann                           Tel.:   +49 89 746603 0
X-System GmbH                           Fax:    +49 89 746603 99
Bavariastr. 7a                          E-Mail: Ralf.Hartmann at Xsystem.De
80336 Muenchen
-------------- next part --------------
interface lsarpc
	import "rpc.idl";

	typedef struct {
		uint32_t length;
		uint16_t impersonation_level;
		uint8_t context_mode;
		uint8_t effective_only;
	} LsaQosInfo;

	typedef struct {
		uint32_t length;
		uint8_t *root_directory;
		unicode_string *object_name;
		uint32_t attributes;
		uint32_t security_descriptor;
		LsaQosInfo *security_quality_of_service;
	} LsaObjectAttributes;

	typedef struct {
		unicode_string name;
		sid_t *sid;
	} LsaDomainInfo;

	enum {

	typedef [switch_type(short)] union {
		[case(POLICY_INFO_ACCOUNT_DOMAIN)] LsaDomainInfo account_domain;
	} LsaPolicyInfo;

        typedef struct {
                sid_t *sid;
        } lsa_SidPtr;

        typedef [public] struct {
                [range(0,1000)] uint32_t num_sids;
                [size_is(num_sids)] lsa_SidPtr *sids;
        } lsa_SidArray;

        typedef struct {
                unicode_string name;
                sid_t  *sid;
        } lsa_TrustInformation;

        typedef struct {
                [range(0,1000)] uint32_t count;
                [size_is(count)] lsa_TrustInformation *domains;
                uint32_t max_count;
        } lsa_RefDomainList;

        typedef struct {
                uint16_t sid_type;
		uint16_t dummy;
                unicode_string name;
                uint32_t sid_index;
        } lsa_TranslatedName;

        typedef struct {
                [range(0,1000)] uint32_t count;
                [size_is(count)] lsa_TranslatedName *names;
        } lsa_TransNameArray;

	int LsarClose([in,out] policy_handle *handle);

	int LsarQueryInformationPolicy([in] policy_handle *handle,
			[in] uint16_t level,
			[out,switch_is(level),unique] LsaPolicyInfo *info);

	int LsarLookupSids([in] policy_handle *handle,
			[in] lsa_SidArray *sids,
			[out] lsa_RefDomainList **domains,
			[in,out] lsa_TransNameArray *names,
			[in] uint16_t level,
			[in,out] uint32_t *count

	int LsarOpenPolicy([in,string,unique] wchar_t *system_name,
			[in] LsaObjectAttributes *object_attributes,
			[in] uint32_t desired_access,
			[out] policy_handle *policy_handle);
-------------- next part --------------
*** lsarpc.java.orig	Fri Dec 10 22:39:55 2004
--- lsarpc.java	Fri Dec 10 22:53:02 2004
*** 270,275 ****
--- 270,277 ----
          public void decode(NetworkDataRepresentation _ndr, NdrBuffer _src) throws NdrException {
+             name = new rpc.unicode_string();
+             sid = new rpc.sid_t();
              name.length = (short)_src.dec_ndr_short();
              name.maximum_length = (short)_src.dec_ndr_short();
              int _name_bufferp = _src.dec_ndr_long();
*** 386,391 ****
--- 388,394 ----
              sid_type = (short)_src.dec_ndr_short();
              dummy = (short)_src.dec_ndr_short();
+             name = new rpc.unicode_string();
              name.length = (short)_src.dec_ndr_short();
              name.maximum_length = (short)_src.dec_ndr_short();
              int _name_bufferp = _src.dec_ndr_long();

More information about the jcifs mailing list