svn commit: samba r8945 - in branches/SOC/SAMBA_3_0/source: include
libmsrpc
skel at samba.org
skel at samba.org
Tue Aug 2 20:37:53 GMT 2005
Author: skel
Date: 2005-08-02 20:37:52 +0000 (Tue, 02 Aug 2005)
New Revision: 8945
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8945
Log:
added cac_LsaEnumTrustedDomains() cac_LsaOpenTrustedDomain(), cac_LsaQueryTrustedDomainInfo(). they haven't been tested and I need to define some constants for the
info_class parm of cacLsaQueryTrustedDomainInfo()
Modified:
branches/SOC/SAMBA_3_0/source/include/libmsrpc.h
branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c
Changeset:
Modified: branches/SOC/SAMBA_3_0/source/include/libmsrpc.h
===================================================================
--- branches/SOC/SAMBA_3_0/source/include/libmsrpc.h 2005-08-02 20:35:52 UTC (rev 8944)
+++ branches/SOC/SAMBA_3_0/source/include/libmsrpc.h 2005-08-02 20:37:52 UTC (rev 8945)
@@ -409,10 +409,81 @@
* @return - CAC_FAILURE The operation was not successful, hnd->status is set appropriately
* - CAC_SUCCESS The operation completed successfully
*/
-int cac_LsaEnumAcctRightsFromSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op);
+int cac_LsaEnumAccountRightsBySid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op);
+struct LsaEnumTrustedDomains {
+ struct {
+ /**Open LSA policy handle*/
+ POLICY_HND *pol;
+ } in;
+
+ struct {
+ /**used to keep track of how many domains have been retrieved over multiple calls
+ * should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/
+ uint32 resume_idx;
+
+ /**The number of domains returned by the remote server this call*/
+ uint32 num_domains;
+
+ /**array of trusted domain names returned by the remote server*/
+ char **domain_names;
+
+ /**array of trusted domain sids returned by the remote server*/
+ DOM_SID *domain_sids;
+ } out;
+};
+int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op);
+struct LsaOpenTrustedDomain {
+ struct {
+ /**an open LSA policy handle*/
+ POLICY_HND *pol;
+
+ /**SID of the trusted domain to open*/
+ DOM_SID *domain_sid;
+
+ /**Desired access on the open domain*/
+ uint32 access;
+ } in;
+
+ struct {
+ /**A handle to the policy that is opened*/
+ POLICY_HND *domain_policy;
+ } out;
+};
+
+/** @ingroup LSA_Functions
+ * Opens a trusted domain by SID.
+ * @return - CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code
+ * - CAC_SUCCESS the domain was opened successfully
+ */
+int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op);
+
+struct LsaQueryTrustedDomainInfo {
+ struct {
+ /**Open LSA policy handle*/
+ POLICY_HND *pol;
+
+ /**Info class of returned data*/
+ uint16 info_class;
+
+ /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/
+ DOM_SID *domain_sid;
+
+ /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/
+ char *domain_name;
+ } in;
+
+ struct {
+ /**information about the trusted domain*/
+ LSA_TRUSTED_DOMAIN_INFO *info;
+ } out;
+};
+
+int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op);
+
+
void cac_GetAuthDataFn(const char * pServer,
const char * pShare,
char * pWorkgroup,
Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c
===================================================================
--- branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c 2005-08-02 20:35:52 UTC (rev 8944)
+++ branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c 2005-08-02 20:37:52 UTC (rev 8945)
@@ -558,7 +558,8 @@
}
-int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op) {
+/*TODO: make a cac_LsaEnumAccountRights() that will find the rights based on either a SID or a name*/
+int cac_LsaEnumAccountRightsBySid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op) {
SMBCSRV *srv = NULL;
uint32 count = 0;
@@ -599,3 +600,120 @@
return CAC_SUCCESS;
}
+
+int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op) {
+ SMBCSRV *srv;
+
+ uint32 num_domains;
+ char **domain_names;
+ DOM_SID *domain_sids;
+
+ if(!hnd)
+ return CAC_FAILURE;
+
+ if(!hnd->ctx || !hnd->_pipes[PI_LSARPC]) {
+ hnd->status = NT_STATUS_INVALID_HANDLE;
+ return CAC_FAILURE;
+ }
+
+ if(!op->in.pol) {
+ hnd->status = NT_STATUS_INVALID_PARAMETER;
+ return CAC_FAILURE;
+ }
+
+ if(!cac_Connect(hnd, NULL)) {
+ return CAC_FAILURE;
+ }
+
+ srv = hnd->srv;
+ srv->cli.pipe_idx = PI_LSARPC;
+
+ hnd->status = cli_lsa_enum_trust_dom( &(srv->cli), mem_ctx, op->in.pol, &(op->out.resume_idx), &num_domains, &domain_names, &domain_sids);
+
+ if(!NT_STATUS_IS_OK(hnd->status)) {
+ return CAC_FAILURE;
+ }
+
+ op->out.num_domains = num_domains;
+ op->out.domain_names = domain_names;
+ op->out.domain_sids = domain_sids;
+
+ return CAC_SUCCESS;
+}
+
+
+/*TODO: possibly make this work by either sid OR name*/
+int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op) {
+ SMBCSRV *srv = NULL;
+
+ POLICY_HND *dom_pol = NULL;
+
+ if(!hnd)
+ return CAC_FAILURE;
+
+ if(!hnd->srv || !hnd->_pipes[PI_LSARPC]) {
+ hnd->status = NT_STATUS_INVALID_HANDLE;
+ return CAC_FAILURE;
+ }
+
+ if(!op->in.pol || !op->in.access || !op->in.domain_sid) {
+ hnd->status = NT_STATUS_INVALID_PARAMETER;
+ return CAC_FAILURE;
+ }
+
+ srv = hnd->srv;
+ srv->cli.pipe_idx = PI_LSARPC;
+
+ hnd->status = cli_lsa_open_trusted_domain( &(srv->cli), mem_ctx, op->in.pol, op->in.domain_sid, op->in.access, dom_pol);
+
+ if(!NT_STATUS_IS_OK(hnd->status)) {
+ return CAC_FAILURE;
+ }
+
+ op->out.domain_policy = dom_pol;
+
+ return CAC_SUCCESS;
+}
+
+int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op) {
+ SMBCSRV *srv = NULL;
+
+ LSA_TRUSTED_DOMAIN_INFO *dom_info;
+
+ if(!hnd)
+ return CAC_FAILURE;
+
+ if(!hnd->srv || !hnd->_pipes[PI_LSARPC]) {
+ hnd->status = NT_STATUS_INVALID_HANDLE;
+ return CAC_FAILURE;
+ }
+
+ if(!op->in.pol || !op->in.info_class) {
+ hnd->status = NT_STATUS_INVALID_PARAMETER;
+ return CAC_FAILURE;
+ }
+
+ if(!op->in.domain_sid && !op->in.domain_name) {
+ hnd->status = NT_STATUS_INVALID_PARAMETER;
+ return CAC_FAILURE;
+ }
+
+ srv = hnd->srv;
+ srv->cli.pipe_idx = PI_LSARPC;
+
+ if(op->in.domain_sid) {
+ hnd->status = cli_lsa_query_trusted_domain_info_by_sid( &(srv->cli), mem_ctx, op->in.pol, op->in.info_class, op->in.domain_sid, &dom_info);
+ }
+ else if(op->in.domain_name) {
+ hnd->status = cli_lsa_query_trusted_domain_info_by_name( &(srv->cli), mem_ctx, op->in.pol, op->in.info_class, op->in.domain_name, &dom_info);
+ }
+
+ if(!NT_STATUS_IS_OK(hnd->status)) {
+ return CAC_FAILURE;
+ }
+
+ op->out.info = dom_info;
+
+ return CAC_SUCCESS;
+
+}
More information about the samba-cvs
mailing list