static NTSTATUS sam_password_policy(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
struct samr_DomInfo1 *passwd_policy)
{
struct rpc_pipe_client *samr_pipe;
struct policy_handle dom_pol;
union samr_DomainInfo *info = NULL;
TALLOC_CTX *tmp_ctx;
NTSTATUS status, result;
struct dcerpc_binding_handle *b = NULL;
DEBUG(3,("sam_password_policy\n"));
ZERO_STRUCT(dom_pol);
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
if (!NT_STATUS_IS_OK(status)) {
goto error;
}
b = samr_pipe->binding_handle;
status = dcerpc_samr_QueryDomainInfo(b,
mem_ctx,
&dom_pol,
1,
&info,
&result);
if (!NT_STATUS_IS_OK(status)) {
goto error;
}
if (!NT_STATUS_IS_OK(result)) {
status = result;
goto error;
}
*passwd_policy = info->info1;
error:
if (b && is_valid_policy_hnd(&dom_pol)) {
dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
}
TALLOC_FREE(tmp_ctx);
return status;
}
WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx,
struct NetLocalGroupEnum *r)
{
struct rpc_pipe_client *pipe_cli = NULL;
NTSTATUS status, result;
WERROR werr;
struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle;
struct dom_sid2 *domain_sid = NULL;
uint32_t entries_read = 0;
union samr_DomainInfo *domain_info = NULL;
union samr_DomainInfo *builtin_info = NULL;
struct samr_SamArray *domain_sam_array = NULL;
struct samr_SamArray *builtin_sam_array = NULL;
int i;
struct dcerpc_binding_handle *b = NULL;
if (!r->out.buffer) {
return WERR_INVALID_PARAM;
}
switch (r->in.level) {
case 0:
case 1:
break;
default:
return WERR_UNKNOWN_LEVEL;
}
if (r->out.total_entries) {
*r->out.total_entries = 0;
}
if (r->out.entries_read) {
*r->out.entries_read = 0;
}
ZERO_STRUCT(connect_handle);
ZERO_STRUCT(builtin_handle);
ZERO_STRUCT(domain_handle);
ZERO_STRUCT(alias_handle);
werr = libnetapi_open_pipe(ctx, r->in.server_name,
&ndr_table_samr,
&pipe_cli);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
b = pipe_cli->binding_handle;
werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
SAMR_ACCESS_LOOKUP_DOMAIN |
SAMR_ACCESS_ENUM_DOMAINS,
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
&connect_handle,
&builtin_handle);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = libnetapi_samr_open_domain(ctx, pipe_cli,
SAMR_ACCESS_LOOKUP_DOMAIN |
SAMR_ACCESS_ENUM_DOMAINS,
SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
&connect_handle,
&domain_handle,
&domain_sid);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(),
&builtin_handle,
2,
&builtin_info,
&result);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
goto done;
}
if (r->out.total_entries) {
*r->out.total_entries += builtin_info->general.num_aliases;
}
status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(),
&domain_handle,
2,
&domain_info,
&result);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
goto done;
}
if (r->out.total_entries) {
*r->out.total_entries += domain_info->general.num_aliases;
}
status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(),
&builtin_handle,
r->in.resume_handle,
&builtin_sam_array,
r->in.prefmaxlen,
&entries_read,
&result);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
goto done;
}
for (i=0; i<builtin_sam_array->count; i++) {
union samr_AliasInfo *alias_info = NULL;
if (r->in.level == 1) {
status = libnetapi_samr_open_alias_queryinfo(ctx, pipe_cli,
&builtin_handle,
builtin_sam_array->entries[i].idx,
SAMR_ALIAS_ACCESS_LOOKUP_INFO,
ALIASINFOALL,
&alias_info);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
}
werr = map_alias_info_to_buffer(ctx,
builtin_sam_array->entries[i].name.string,
alias_info ? &alias_info->all : NULL,
r->in.level,
r->out.entries_read,
r->out.buffer);
}
status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(),
&domain_handle,
r->in.resume_handle,
&domain_sam_array,
r->in.prefmaxlen,
&entries_read,
&result);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
werr = ntstatus_to_werror(result);
goto done;
}
for (i=0; i<domain_sam_array->count; i++) {
union samr_AliasInfo *alias_info = NULL;
if (r->in.level == 1) {
status = libnetapi_samr_open_alias_queryinfo(ctx, pipe_cli,
&domain_handle,
domain_sam_array->entries[i].idx,
SAMR_ALIAS_ACCESS_LOOKUP_INFO,
ALIASINFOALL,
&alias_info);
if (!NT_STATUS_IS_OK(status)) {
werr = ntstatus_to_werror(status);
goto done;
}
}
werr = map_alias_info_to_buffer(ctx,
domain_sam_array->entries[i].name.string,
alias_info ? &alias_info->all : NULL,
r->in.level,
r->out.entries_read,
r->out.buffer);
}
done:
if (ctx->disable_policy_handle_cache) {
libnetapi_samr_close_domain_handle(ctx, &domain_handle);
libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
libnetapi_samr_close_connect_handle(ctx, &connect_handle);
}
return werr;
}