static WERROR scripts_store_reg_gpovals(TALLOC_CTX *mem_ctx,
struct registry_key *key,
const struct GROUP_POLICY_OBJECT *gpo)
{
WERROR werr;
if (!key || !gpo) {
return WERR_INVALID_PARAMETER;
}
werr = gp_store_reg_val_sz(mem_ctx, key, "DisplayName",
gpo->display_name);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "FileSysPath",
gpo->file_sys_path);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "GPO-ID",
gpo->ds_path);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "GPOName",
gpo->name);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "SOM-ID",
gpo->link);
W_ERROR_NOT_OK_RETURN(werr);
return werr;
}
static WERROR gp_store_reg_gpovals(TALLOC_CTX *mem_ctx,
struct registry_key *key,
struct GROUP_POLICY_OBJECT *gpo)
{
WERROR werr;
if (!key || !gpo) {
return WERR_INVALID_PARAM;
}
werr = gp_store_reg_val_dword(mem_ctx, key, "Version",
gpo->version);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_dword(mem_ctx, key, "WQLFilterPass",
true); /* fake */
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_dword(mem_ctx, key, "AccessDenied",
false); /* fake */
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_dword(mem_ctx, key, "GPO-Disabled",
(gpo->options & GPO_FLAG_DISABLE));
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_dword(mem_ctx, key, "Options",
gpo->options);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "GPOID",
gpo->name);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "SOM",
gpo->link);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "DisplayName",
gpo->display_name);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_store_reg_val_sz(mem_ctx, key, "WQL-Id",
NULL);
W_ERROR_NOT_OK_RETURN(werr);
return werr;
}
static WERROR gp_reg_store_groupmembership(TALLOC_CTX *mem_ctx,
struct gp_registry_context *reg_ctx,
const struct security_token *token,
uint32_t flags)
{
struct registry_key *key = NULL;
WERROR werr;
int i = 0;
const char *valname = NULL;
const char *path = NULL;
const char *val = NULL;
int count = 0;
path = gp_reg_groupmembership_path(mem_ctx, &token->sids[0],
flags);
W_ERROR_HAVE_NO_MEMORY(path);
gp_reg_del_groupmembership(mem_ctx, reg_ctx->curr_key, token, flags);
werr = gp_store_reg_subkey(mem_ctx, path,
reg_ctx->curr_key, &key);
W_ERROR_NOT_OK_RETURN(werr);
for (i=0; i<token->num_sids; i++) {
valname = talloc_asprintf(mem_ctx, "Group%d", count++);
W_ERROR_HAVE_NO_MEMORY(valname);
val = sid_string_talloc(mem_ctx, &token->sids[i]);
W_ERROR_HAVE_NO_MEMORY(val);
werr = gp_store_reg_val_sz(mem_ctx, key, valname, val);
W_ERROR_NOT_OK_RETURN(werr);
}
werr = gp_store_reg_val_dword(mem_ctx, key, "Count", count);
W_ERROR_NOT_OK_RETURN(werr);
return WERR_OK;
}
WERROR gp_reg_state_store(TALLOC_CTX *mem_ctx,
uint32_t flags,
const char *dn,
const struct security_token *token,
struct GROUP_POLICY_OBJECT *gpo_list)
{
struct gp_registry_context *reg_ctx = NULL;
WERROR werr = WERR_GENERAL_FAILURE;
const char *subkeyname = NULL;
struct GROUP_POLICY_OBJECT *gpo;
int count = 0;
struct registry_key *key;
werr = gp_init_reg_ctx(mem_ctx, KEY_GROUP_POLICY, REG_KEY_WRITE,
token, ®_ctx);
W_ERROR_NOT_OK_RETURN(werr);
werr = gp_secure_key(mem_ctx, flags, reg_ctx->curr_key,
&token->sids[0]);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to secure key: %s\n", win_errstr(werr)));
goto done;
}
werr = gp_reg_store_groupmembership(mem_ctx, reg_ctx, token, flags);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to store group membership: %s\n", win_errstr(werr)));
goto done;
}
subkeyname = gp_req_state_path(mem_ctx, &token->sids[0], flags);
if (!subkeyname) {
werr = WERR_NOMEM;
goto done;
}
werr = gp_del_reg_state(mem_ctx, reg_ctx->curr_key, subkeyname);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("failed to delete old state: %s\n", win_errstr(werr)));
/* goto done; */
}
werr = gp_store_reg_subkey(mem_ctx, subkeyname,
reg_ctx->curr_key, ®_ctx->curr_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = gp_store_reg_val_sz(mem_ctx, reg_ctx->curr_key,
"Distinguished-Name", dn);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
/* store link list */
werr = gp_store_reg_subkey(mem_ctx, "GPLink-List",
reg_ctx->curr_key, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
/* store gpo list */
werr = gp_store_reg_subkey(mem_ctx, "GPO-List",
reg_ctx->curr_key, ®_ctx->curr_key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
for (gpo = gpo_list; gpo; gpo = gpo->next) {
subkeyname = talloc_asprintf(mem_ctx, "%d", count++);
if (!subkeyname) {
werr = WERR_NOMEM;
goto done;
}
werr = gp_store_reg_subkey(mem_ctx, subkeyname,
reg_ctx->curr_key, &key);
if (!W_ERROR_IS_OK(werr)) {
goto done;
}
werr = gp_store_reg_gpovals(mem_ctx, key, gpo);
if (!W_ERROR_IS_OK(werr)) {
DEBUG(0,("gp_reg_state_store: "
"gpo_store_reg_gpovals failed for %s: %s\n",
gpo->display_name, win_errstr(werr)));
goto done;
}
}
done:
gp_free_reg_ctx(reg_ctx);
return werr;
}
