[jcifs] Re: Problems with implementing LsarLookupSids()
Ralf Hartmann
Ralf.Hartmann at xsystem.de
Fri Dec 10 22:23:52 GMT 2004
Hello Mr. Allen,
i have found some time to do some further analysis on the IDL. In the attachment
i send you the last version, with needs only some changes for initialization of
struct members. I have tested it also with arrays of SID's. It works now.
I am still wondering about the two additional bytes behind sid_type in
lsa_TranslatedName. It looks like an alignment. Maybe an unicode string has to
be started at 4 byte boundary.
Best Regards
Ralf Hartmann
Ralf Hartmann wrote:
> Hello Mr. Allen,
>
> i want to use jarapac 0.3.7 to resolve SID's to user names. I have
> changed the IDL to support LsarLookupSids() (please refer the
> attachment). The IDL has been compiled with MIDL 0.5.1. The request
> looks fine in the network trace. Also the response from the W2K system
> looks OK. But the decoding of the network packet leads to a crash
> (please see below). I have figured out, that the unicode_string name in
> lsa_TrustInformation doesn't get initalized. I have changed this in the
> Java source. But this leads to another crash in decoding the response.
>
> Can you help me please? Maybe you have implemented LsarLookupSids in the
> IDL but not distributed it yet. Or you have a hint what is wrong with my
> IDL.
>
> Maybe the SID.java i have used for the testing is for interest of you.
> So i send it as an attachment.
>
> Next i will try to implement NTQuerySecurityDesc as an addon to JCIFS. I
> need both (LsarLookupSids and NTQuerySecurityDesc) to display the file
> owner.
>
> JCIFS works very well. It is a great software.
>
> Best Regards
> Ralf Hartmann
>
--
Ralf Hartmann Tel.: +49 89 746603 0
X-System GmbH Fax: +49 89 746603 99
Bavariastr. 7a E-Mail: Ralf.Hartmann at Xsystem.De
80336 Muenchen
-------------- next part --------------
[
uuid(12345778-1234-abcd-ef00-0123456789ab),
version(0.0)
]
interface lsarpc
{
import "rpc.idl";
typedef struct {
uint32_t length;
uint16_t impersonation_level;
uint8_t context_mode;
uint8_t effective_only;
} LsaQosInfo;
typedef struct {
uint32_t length;
uint8_t *root_directory;
unicode_string *object_name;
uint32_t attributes;
uint32_t security_descriptor;
LsaQosInfo *security_quality_of_service;
} LsaObjectAttributes;
typedef struct {
unicode_string name;
sid_t *sid;
} LsaDomainInfo;
enum {
POLICY_INFO_AUDIT_EVENTS = 2,
POLICY_INFO_PRIMARY_DOMAIN = 3,
POLICY_INFO_ACCOUNT_DOMAIN = 5,
POLICY_INFO_SERVER_ROLE = 6,
POLICY_INFO_MODIFICATION = 9,
POLICY_INFO_DNS_DOMAIN = 12
};
typedef [switch_type(short)] union {
[case(POLICY_INFO_ACCOUNT_DOMAIN)] LsaDomainInfo account_domain;
} LsaPolicyInfo;
typedef struct {
sid_t *sid;
} lsa_SidPtr;
typedef [public] struct {
[range(0,1000)] uint32_t num_sids;
[size_is(num_sids)] lsa_SidPtr *sids;
} lsa_SidArray;
typedef struct {
unicode_string name;
sid_t *sid;
} lsa_TrustInformation;
typedef struct {
[range(0,1000)] uint32_t count;
[size_is(count)] lsa_TrustInformation *domains;
uint32_t max_count;
} lsa_RefDomainList;
typedef struct {
uint16_t sid_type;
uint16_t dummy;
unicode_string name;
uint32_t sid_index;
} lsa_TranslatedName;
typedef struct {
[range(0,1000)] uint32_t count;
[size_is(count)] lsa_TranslatedName *names;
} lsa_TransNameArray;
[op(0x00)]
int LsarClose([in,out] policy_handle *handle);
[op(0x07)]
int LsarQueryInformationPolicy([in] policy_handle *handle,
[in] uint16_t level,
[out,switch_is(level),unique] LsaPolicyInfo *info);
[op(0x0f)]
int LsarLookupSids([in] policy_handle *handle,
[in] lsa_SidArray *sids,
[out] lsa_RefDomainList **domains,
[in,out] lsa_TransNameArray *names,
[in] uint16_t level,
[in,out] uint32_t *count
);
[op(0x2c)]
int LsarOpenPolicy([in,string,unique] wchar_t *system_name,
[in] LsaObjectAttributes *object_attributes,
[in] uint32_t desired_access,
[out] policy_handle *policy_handle);
}
-------------- next part --------------
*** lsarpc.java.orig Fri Dec 10 22:39:55 2004
--- lsarpc.java Fri Dec 10 22:53:02 2004
***************
*** 270,275 ****
--- 270,277 ----
}
public void decode(NetworkDataRepresentation _ndr, NdrBuffer _src) throws NdrException {
_src.align(4);
+ name = new rpc.unicode_string();
+ sid = new rpc.sid_t();
name.length = (short)_src.dec_ndr_short();
name.maximum_length = (short)_src.dec_ndr_short();
int _name_bufferp = _src.dec_ndr_long();
***************
*** 386,391 ****
--- 388,394 ----
_src.align(4);
sid_type = (short)_src.dec_ndr_short();
dummy = (short)_src.dec_ndr_short();
+ name = new rpc.unicode_string();
name.length = (short)_src.dec_ndr_short();
name.maximum_length = (short)_src.dec_ndr_short();
int _name_bufferp = _src.dec_ndr_long();
More information about the jcifs
mailing list