static int traverse_sessionid(struct db_record *db, void *state)
{
struct sessionid sessionid;
fstring uid_str, gid_str;
if (db->value.dsize != sizeof(sessionid))
return 0;
memcpy(&sessionid, db->value.dptr, sizeof(sessionid));
if (!process_exists(sessionid.pid) || !Ucrit_checkUid(sessionid.uid)) {
return 0;
}
Ucrit_addPid( sessionid.pid );
fstr_sprintf(uid_str, "%d", sessionid.uid);
fstr_sprintf(gid_str, "%d", sessionid.gid);
d_printf("%-7s %-12s %-12s %-12s (%s)\n",
procid_str_static(&sessionid.pid),
numeric_only ? uid_str : uidtoname(sessionid.uid),
numeric_only ? gid_str : gidtoname(sessionid.gid),
sessionid.remote_machine, sessionid.hostname);
return 0;
}
void idmap_cache_set_sid2gid(const struct dom_sid *sid, gid_t gid)
{
time_t now = time(NULL);
time_t timeout;
fstring sidstr, key, value;
if (!is_null_sid(sid)) {
fstr_sprintf(key, "IDMAP/SID2GID/%s",
sid_to_fstring(sidstr, sid));
fstr_sprintf(value, "%d", (int)gid);
timeout = (gid == -1)
? lp_idmap_negative_cache_time()
: lp_idmap_cache_time();
gencache_set(key, value, now + timeout);
}
if (gid != -1) {
fstr_sprintf(key, "IDMAP/GID2SID/%d", (int)gid);
if (is_null_sid(sid)) {
/* negative gid mapping */
fstrcpy(value, "-");
timeout = lp_idmap_negative_cache_time();
}
else {
sid_to_fstring(value, sid);
timeout = lp_idmap_cache_time();
}
gencache_set(key, value, now + timeout);
}
}
static char *onefs_cbrl_blr_state_str(const struct blocking_lock_record *blr)
{
static fstring result;
struct onefs_cbrl_blr_state *bs;
SMB_ASSERT(blr);
bs = (struct onefs_cbrl_blr_state *)blr->blr_private;
if (bs == NULL) {
fstrcpy(result, "NULL CBRL BLR state - Posix lock?");
return result;
}
switch (bs->state) {
case ONEFS_CBRL_NONE:
fstr_sprintf(result, "CBRL BLR id=%llu: state=NONE", bs->id);
break;
case ONEFS_CBRL_ASYNC:
fstr_sprintf(result, "CBRL BLR id=%llu: state=ASYNC", bs->id);
break;
case ONEFS_CBRL_DONE:
fstr_sprintf(result, "CBRL BLR id=%llu: state=DONE", bs->id);
break;
case ONEFS_CBRL_ERROR:
fstr_sprintf(result, "CBRL BLR id=%llu: state=ERROR", bs->id);
break;
default:
fstr_sprintf(result, "CBRL BLR id=%llu: unknown state %d",
bs->id, bs->state);
break;
}
return result;
}
static BOOL unparse_afs_acl(struct afs_acl *acl, char *acl_str)
{
/* TODO: String length checks!!!! */
int positives = 0;
int negatives = 0;
fstring line;
*acl_str = 0;
struct afs_ace *ace = acl->acelist;
while (ace != NULL) {
if (ace->positive)
positives++;
else
negatives++;
ace = ace->next;
}
fstr_sprintf(line, "%d\n", positives);
safe_strcat(acl_str, line, MAXSIZE);
fstr_sprintf(line, "%d\n", negatives);
safe_strcat(acl_str, line, MAXSIZE);
ace = acl->acelist;
while (ace != NULL) {
fstr_sprintf(line, "%s\t%d\n", ace->name, ace->rights);
safe_strcat(acl_str, line, MAXSIZE);
ace = ace->next;
}
return True;
}
static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state)
{
struct sessionid sessionid;
fstring uid_str, gid_str;
if (dbuf.dsize != sizeof(sessionid))
return 0;
memcpy(&sessionid, dbuf.dptr, sizeof(sessionid));
if (!process_exists_by_pid(sessionid.pid) || !Ucrit_checkUid(sessionid.uid)) {
return 0;
}
Ucrit_addPid( sessionid.pid );
fstr_sprintf(uid_str, "%d", sessionid.uid);
fstr_sprintf(gid_str, "%d", sessionid.gid);
d_printf("%5d %-12s %-12s %-12s (%s)\n",
(int)sessionid.pid,
numeric_only ? uid_str : uidtoname(sessionid.uid),
numeric_only ? gid_str : gidtoname(sessionid.gid),
sessionid.remote_machine, sessionid.hostname);
return 0;
}
static NTSTATUS sid_to_name(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
struct dom_sid *sid,
fstring name)
{
struct policy_handle pol;
enum lsa_SidType *sid_types = NULL;
NTSTATUS status, result;
char **domains = NULL, **names = NULL;
struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
SEC_FLAG_MAXIMUM_ALLOWED, &pol);
if ( !NT_STATUS_IS_OK(status) )
return status;
status = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &pol, 1, sid, &domains, &names, &sid_types);
if ( NT_STATUS_IS_OK(status) ) {
if ( *domains[0] )
fstr_sprintf( name, "%s\\%s", domains[0], names[0] );
else
fstrcpy( name, names[0] );
}
dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
return status;
}
static bool set_privileges( const DOM_SID *sid, SE_PRIV *mask )
{
struct db_context *db = get_account_pol_db();
fstring tmp, keystr;
TDB_DATA data;
if ( !lp_enable_privileges() )
return False;
if ( db == NULL )
return False;
if ( !sid || (sid->num_auths == 0) ) {
DEBUG(0,("set_privileges: Refusing to store empty SID!\n"));
return False;
}
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
/* no packing. static size structure, just write it out */
data.dptr = (uint8 *)mask;
data.dsize = sizeof(SE_PRIV);
return NT_STATUS_IS_OK(dbwrap_store_bystring(db, keystr, data,
TDB_REPLACE));
}
static bool get_privileges( const DOM_SID *sid, SE_PRIV *mask )
{
struct db_context *db = get_account_pol_db();
fstring tmp, keystr;
TDB_DATA data;
/* Fail if the admin has not enable privileges */
if ( !lp_enable_privileges() ) {
return False;
}
if ( db == NULL )
return False;
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
data = dbwrap_fetch_bystring( db, talloc_tos(), keystr );
if ( !data.dptr ) {
DEBUG(3, ("get_privileges: No privileges assigned to SID "
"[%s]\n", sid_string_dbg(sid)));
return False;
}
SMB_ASSERT( data.dsize == sizeof( SE_PRIV ) );
se_priv_copy( mask, (SE_PRIV*)data.dptr );
TALLOC_FREE(data.dptr);
return True;
}
static const char *session_dialect_str(uint16_t dialect)
{
static fstring unkown_dialect;
switch(dialect){
case SMB2_DIALECT_REVISION_000:
return "NT1";
case SMB2_DIALECT_REVISION_202:
return "SMB2_02";
case SMB2_DIALECT_REVISION_210:
return "SMB2_10";
case SMB2_DIALECT_REVISION_222:
return "SMB2_22";
case SMB2_DIALECT_REVISION_224:
return "SMB2_24";
case SMB3_DIALECT_REVISION_300:
return "SMB3_00";
case SMB3_DIALECT_REVISION_302:
return "SMB3_02";
case SMB3_DIALECT_REVISION_310:
return "SMB3_10";
case SMB3_DIALECT_REVISION_311:
return "SMB3_11";
}
fstr_sprintf(unkown_dialect, "Unknown (0x%04x)", dialect);
return unkown_dialect;
}
static NTSTATUS store_cache_seqnum( struct winbindd_domain *domain )
{
TDB_DATA data, key;
fstring key_str;
char buf[8];
if (!wcache->tdb) {
DEBUG(10,("store_cache_seqnum: tdb == NULL\n"));
return NT_STATUS_UNSUCCESSFUL;
}
fstr_sprintf( key_str, "SEQNUM/%s", domain->name );
key.dptr = key_str;
key.dsize = strlen(key_str)+1;
SIVAL(buf, 0, domain->sequence_number);
SIVAL(buf, 4, domain->last_seq_check);
data.dptr = buf;
data.dsize = 8;
if ( tdb_store( wcache->tdb, key, data, TDB_REPLACE) == -1 ) {
DEBUG(10,("store_cache_seqnum: tdb_store fail key [%s]\n", key_str ));
return NT_STATUS_UNSUCCESSFUL;
}
DEBUG(10,("store_cache_seqnum: success [%s][%u @ %u]\n",
domain->name, domain->sequence_number,
(uint32)domain->last_seq_check));
return NT_STATUS_OK;
}
static BOOL set_privileges( const DOM_SID *sid, SE_PRIV *mask )
{
TDB_CONTEXT *tdb = get_account_pol_tdb();
fstring keystr;
TDB_DATA key, data;
if ( !lp_enable_privileges() )
return False;
if ( !tdb )
return False;
if ( !sid || (sid->num_auths == 0) ) {
DEBUG(0,("set_privileges: Refusing to store empty SID!\n"));
return False;
}
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf( keystr, "%s%s", PRIVPREFIX, sid_string_static(sid) );
key.dptr = keystr;
key.dsize = strlen(keystr) + 1;
/* no packing. static size structure, just write it out */
data.dptr = (char*)mask;
data.dsize = sizeof(SE_PRIV);
return ( tdb_store(tdb, key, data, TDB_REPLACE) != -1 );
}
static const char *display_time(NTTIME nttime)
{
static fstring string;
float high;
float low;
int sec;
int days, hours, mins, secs;
if (nttime.high==0 && nttime.low==0)
return "Now";
if (nttime.high==0x80000000 && nttime.low==0)
return "Never";
high = 65536;
high = high/10000;
high = high*65536;
high = high/1000;
high = high * (~nttime.high);
low = ~nttime.low;
low = low/(1000*1000*10);
sec=high+low;
days=sec/(60*60*24);
hours=(sec - (days*60*60*24)) / (60*60);
mins=(sec - (days*60*60*24) - (hours*60*60) ) / 60;
secs=sec - (days*60*60*24) - (hours*60*60) - (mins*60);
fstr_sprintf(string, "%u days, %u hours, %u minutes, %u seconds", days, hours, mins, secs);
return (string);
}
static int push_signature(uint8_t **outbuf)
{
char *lanman;
int result, tmp;
fstring native_os;
result = 0;
fstr_sprintf(native_os, "Windows %d.%d", SAMBA_MAJOR_NBT_ANNOUNCE_VERSION,
SAMBA_MINOR_NBT_ANNOUNCE_VERSION);
tmp = message_push_string(outbuf, native_os, STR_TERMINATE);
if (tmp == -1) return -1;
result += tmp;
if (asprintf(&lanman, "Samba %s", samba_version_string()) != -1) {
tmp = message_push_string(outbuf, lanman, STR_TERMINATE);
SAFE_FREE(lanman);
}
else {
tmp = message_push_string(outbuf, "Samba", STR_TERMINATE);
}
if (tmp == -1) return -1;
result += tmp;
tmp = message_push_string(outbuf, lp_workgroup(), STR_TERMINATE);
if (tmp == -1) return -1;
result += tmp;
return result;
}
static NTSTATUS sid_to_name(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
DOM_SID *sid,
fstring name)
{
struct policy_handle pol;
enum lsa_SidType *sid_types = NULL;
NTSTATUS result;
char **domains = NULL, **names = NULL;
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
SEC_FLAG_MAXIMUM_ALLOWED, &pol);
if ( !NT_STATUS_IS_OK(result) )
return result;
result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &pol, 1, sid, &domains, &names, &sid_types);
if ( NT_STATUS_IS_OK(result) ) {
if ( *domains[0] )
fstr_sprintf( name, "%s\\%s", domains[0], names[0] );
else
fstrcpy( name, names[0] );
}
rpccli_lsa_Close(pipe_hnd, mem_ctx, &pol);
return result;
}
static bool tdb_delete_samacct_only( struct samu *sam_pass )
{
fstring keystr;
fstring name;
NTSTATUS status;
fstrcpy(name, pdb_get_username(sam_pass));
if (!strlower_m(name)) {
return false;
}
/* set the search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* it's outaa here! 8^) */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdb_delete_samacct_only: failed to open %s!\n",
tdbsam_filename));
return false;
}
status = dbwrap_delete_bystring(db_sam, keystr);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5, ("Error deleting entry from tdb passwd "
"database: %s!\n", nt_errstr(status)));
return false;
}
return true;
}
/***************************************************************************
Update the TDB SAM RID record only
Assumes that the tdbsam is already open
****************************************************************************/
static bool tdb_update_ridrec_only( struct samu* newpwd, int flag )
{
TDB_DATA data;
fstring keystr;
fstring name;
NTSTATUS status;
fstrcpy(name, pdb_get_username(newpwd));
if (!strlower_m(name)) {
return false;
}
/* setup RID data */
data = string_term_tdb_data(name);
/* setup the RID index key */
fstr_sprintf(keystr, "%s%.8x", RIDPREFIX, pdb_get_user_rid(newpwd));
/* add the reference */
status = dbwrap_store_bystring(db_sam, keystr, data, flag);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Unable to modify TDB passwd: %s!\n",
nt_errstr(status)));
return false;
}
return true;
}
static NTSTATUS sid_to_name(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
DOM_SID *sid, fstring name)
{
POLICY_HND pol;
uint32 *sid_types;
NTSTATUS result;
char **domains, **names;
result = cli_lsa_open_policy(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED, &pol);
if ( !NT_STATUS_IS_OK(result) )
return result;
result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, 1, sid, &domains, &names, &sid_types);
if ( NT_STATUS_IS_OK(result) ) {
if ( *domains[0] )
fstr_sprintf( name, "%s\\%s", domains[0], names[0] );
else
fstrcpy( name, names[0] );
}
cli_lsa_close(cli, mem_ctx, &pol);
return result;
}
static char *quota_str_static(SMB_BIG_UINT val, BOOL special, BOOL _numeric)
{
static fstring buffer;
memset(buffer,'\0',sizeof(buffer));
if (!_numeric&&special&&(val == SMB_NTQUOTAS_NO_LIMIT)) {
fstr_sprintf(buffer,"NO LIMIT");
return buffer;
}
#if defined(HAVE_LONGLONG)
fstr_sprintf(buffer,"%llu",val);
#else
fstr_sprintf(buffer,"%lu",val);
#endif
return buffer;
}
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods,
struct samu *user, const char *sname)
{
TDB_DATA data;
fstring keystr;
fstring name;
NTSTATUS status;
if ( !user ) {
DEBUG(0,("pdb_getsampwnam: struct samu is NULL.\n"));
return NT_STATUS_NO_MEMORY;
}
/* Data is stored in all lower-case */
fstrcpy(name, sname);
if (!strlower_m(name)) {
return NT_STATUS_INVALID_PARAMETER;
}
/* set search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
return NT_STATUS_ACCESS_DENIED;
}
/* get the record */
status = dbwrap_fetch_bystring(db_sam, talloc_tos(), keystr, &data);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
DEBUGADD(5, (" Key: %s\n", keystr));
return NT_STATUS_NO_SUCH_USER;
}
if (data.dsize == 0) {
DEBUG(5, ("%s: Got 0-sized record for key %s\n", __func__,
keystr));
return NT_STATUS_NO_SUCH_USER;
}
/* unpack the buffer */
if (!init_samu_from_buffer(user, SAMU_BUFFER_LATEST, data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
TALLOC_FREE(data.dptr);
return NT_STATUS_NO_MEMORY;
}
/* success */
TALLOC_FREE(data.dptr);
return NT_STATUS_OK;
}
bool trustdom_cache_store_timestamp( uint32 t, time_t timeout )
{
fstring value;
fstr_sprintf(value, "%d", t );
if (!gencache_set(TDOMTSKEY, value, timeout)) {
DEBUG(5, ("failed to set timestamp for trustdom_cache\n"));
return False;
}
return True;
}
static int add_signature(char *outbuf, char *p)
{
char *start = p;
fstring lanman;
fstr_sprintf( lanman, "Samba %s", SAMBA_VERSION_STRING);
p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
p += srvstr_push(outbuf, p, lanman, -1, STR_TERMINATE);
p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
return PTR_DIFF(p, start);
}
static int traverse_sessionid(const char *key, struct sessionid *session,
void *private_data)
{
fstring uid_str, gid_str;
if (!process_exists(session->pid)
|| !Ucrit_checkUid(session->uid)) {
return 0;
}
Ucrit_addPid(session->pid);
fstr_sprintf(uid_str, "%u", (unsigned int)session->uid);
fstr_sprintf(gid_str, "%u", (unsigned int)session->gid);
d_printf("%-7s %-12s %-12s %-12s (%s)\n",
procid_str_static(&session->pid),
numeric_only ? uid_str : uidtoname(session->uid),
numeric_only ? gid_str : gidtoname(session->gid),
session->remote_machine, session->hostname);
return 0;
}
/* run kinit to setup our ccache */
int ads_kinit_password(ADS_STRUCT *ads)
{
char *s;
int ret;
const char *account_name;
fstring acct_name;
if (ads->auth.flags & ADS_AUTH_USER_CREDS) {
account_name = ads->auth.user_name;
goto got_accountname;
}
if ( IS_DC ) {
/* this will end up getting a ticket for [email protected] */
account_name = lp_workgroup();
} else {
/* always use the sAMAccountName for security = domain */
/* global_myname()[email protected] */
if ( lp_security() == SEC_DOMAIN ) {
fstr_sprintf( acct_name, "%s$", global_myname() );
account_name = acct_name;
}
else
/* This looks like host/global_myname()@REA.LM */
account_name = ads->auth.user_name;
}
got_accountname:
if (asprintf(&s, "%s@%s", account_name, ads->auth.realm) == -1) {
return KRB5_CC_NOMEM;
}
if (!ads->auth.password) {
SAFE_FREE(s);
return KRB5_LIBOS_CANTREADPWD;
}
ret = kerberos_kinit_password_ext(s, ads->auth.password, ads->auth.time_offset,
&ads->auth.tgt_expire, NULL, NULL, False, False, ads->auth.renewable,
NULL);
if (ret) {
DEBUG(0,("kerberos_kinit_password %s failed: %s\n",
s, error_message(ret)));
}
SAFE_FREE(s);
return ret;
}
const char *svc_status_string( uint32 state )
{
fstring msg;
int i;
fstr_sprintf( msg, _("Unknown State [%d]"), state );
for ( i=0; state_msg_table[i].message; i++ ) {
if ( state_msg_table[i].flag == state ) {
fstrcpy( msg, state_msg_table[i].message );
break;
}
}
return talloc_strdup(talloc_tos(), msg);
}
const char* svc_status_string( uint32 state )
{
static fstring msg;
int i;
fstr_sprintf( msg, "Unknown State [%d]", state );
for ( i=0; state_msg_table[i].message; i++ ) {
if ( state_msg_table[i].flag == state ) {
fstrcpy( msg, state_msg_table[i].message );
break;
}
}
return msg;
}
/***************************************************************************
Update the TDB SAM account record only
Assumes that the tdbsam is already open
****************************************************************************/
static bool tdb_update_samacct_only( struct samu* newpwd, int flag )
{
TDB_DATA data;
uint8_t *buf = NULL;
fstring keystr;
fstring name;
bool ret = false;
NTSTATUS status;
/* copy the struct samu struct into a BYTE buffer for storage */
if ( (data.dsize=init_buffer_from_samu(&buf, newpwd, False)) == -1 ) {
DEBUG(0,("tdb_update_sam: ERROR - Unable to copy struct samu info BYTE buffer!\n"));
goto done;
}
data.dptr = buf;
fstrcpy(name, pdb_get_username(newpwd));
if (!strlower_m(name)) {
goto done;
}
DEBUG(5, ("Storing %saccount %s with RID %d\n",
flag == TDB_INSERT ? "(new) " : "", name,
pdb_get_user_rid(newpwd)));
/* setup the USER index key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* add the account */
status = dbwrap_store_bystring(db_sam, keystr, data, flag);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Unable to modify passwd TDB: %s!",
nt_errstr(status)));
goto done;
}
ret = true;
done:
/* cleanup */
SAFE_FREE(buf);
return ret;
}
NTSTATUS create_builtin_administrators(const struct dom_sid *dom_sid)
{
NTSTATUS status;
struct dom_sid dom_admins, root_sid;
fstring root_name;
enum lsa_SidType type;
TALLOC_CTX *ctx;
bool ret;
status = create_builtin(BUILTIN_RID_ADMINISTRATORS);
if ( !NT_STATUS_IS_OK(status) ) {
DEBUG(5,("create_builtin_administrators: Failed to create Administrators\n"));
return status;
}
/* add domain admins */
if ((IS_DC || (lp_server_role() == ROLE_DOMAIN_MEMBER))
&& sid_compose(&dom_admins, dom_sid, DOMAIN_RID_ADMINS))
{
status = add_sid_to_builtin(&global_sid_Builtin_Administrators,
&dom_admins);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
/* add root */
if ( (ctx = talloc_init("create_builtin_administrators")) == NULL ) {
return NT_STATUS_NO_MEMORY;
}
fstr_sprintf( root_name, "%s\\root", get_global_sam_name() );
ret = lookup_name(ctx, root_name, LOOKUP_NAME_DOMAIN, NULL, NULL,
&root_sid, &type);
TALLOC_FREE( ctx );
if ( ret ) {
status = add_sid_to_builtin(&global_sid_Builtin_Administrators,
&root_sid);
}
return status;
}
static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now )
{
TDB_DATA data;
fstring key;
uint32 time_diff;
if (!wcache->tdb) {
DEBUG(10,("fetch_cache_seqnum: tdb == NULL\n"));
return NT_STATUS_UNSUCCESSFUL;
}
fstr_sprintf( key, "SEQNUM/%s", domain->name );
data = tdb_fetch_bystring( wcache->tdb, key );
if ( !data.dptr || data.dsize!=8 ) {
DEBUG(10,("fetch_cache_seqnum: invalid data size key [%s]\n", key ));
return NT_STATUS_UNSUCCESSFUL;
}
domain->sequence_number = IVAL(data.dptr, 0);
domain->last_seq_check = IVAL(data.dptr, 4);
/* have we expired? */
time_diff = now - domain->last_seq_check;
if ( time_diff > lp_winbind_cache_time() ) {
DEBUG(10,("fetch_cache_seqnum: timeout [%s][%u @ %u]\n",
domain->name, domain->sequence_number,
(uint32)domain->last_seq_check));
return NT_STATUS_UNSUCCESSFUL;
}
DEBUG(10,("fetch_cache_seqnum: success [%s][%u @ %u]\n",
domain->name, domain->sequence_number,
(uint32)domain->last_seq_check));
return NT_STATUS_OK;
}
WERROR rpccli_svcctl_open_scm(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *hSCM, uint32 access_desired )
{
SVCCTL_Q_OPEN_SCMANAGER in;
SVCCTL_R_OPEN_SCMANAGER out;
prs_struct qbuf, rbuf;
fstring server;
ZERO_STRUCT(in);
ZERO_STRUCT(out);
/* leave the database name NULL to get the default service db */
in.database = NULL;
/* set the server name */
if ( !(in.servername = TALLOC_P( mem_ctx, UNISTR2 )) )
return WERR_NOMEM;
fstr_sprintf( server, "\\\\%s", cli->cli->desthost );
init_unistr2( in.servername, server, UNI_STR_TERMINATE );
in.access = access_desired;
CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W,
in, out,
qbuf, rbuf,
svcctl_io_q_open_scmanager,
svcctl_io_r_open_scmanager,
WERR_GENERAL_FAILURE );
if ( !W_ERROR_IS_OK( out.status ) )
return out.status;
memcpy( hSCM, &out.handle, sizeof(POLICY_HND) );
return out.status;
}
NTSTATUS privilege_delete_account(const struct dom_sid *sid)
{
struct db_context *db = get_account_pol_db();
fstring tmp, keystr;
if (!lp_enable_privileges()) {
return NT_STATUS_OK;
}
if (!db) {
return NT_STATUS_INVALID_HANDLE;
}
if (!sid || (sid->num_auths == 0)) {
return NT_STATUS_INVALID_SID;
}
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
return dbwrap_delete_bystring(db, keystr);
}