Пример #1
0
static NTSTATUS sam_password_policy(struct winbindd_domain *domain,
				    TALLOC_CTX *mem_ctx,
				    struct samr_DomInfo1 *passwd_policy)
{
	struct rpc_pipe_client *samr_pipe;
	struct policy_handle dom_pol;
	union samr_DomainInfo *info = NULL;
	TALLOC_CTX *tmp_ctx;
	NTSTATUS status, result;
	struct dcerpc_binding_handle *b = NULL;

	DEBUG(3,("sam_password_policy\n"));

	ZERO_STRUCT(dom_pol);

	tmp_ctx = talloc_stackframe();
	if (tmp_ctx == NULL) {
		return NT_STATUS_NO_MEMORY;
	}

	status = open_internal_samr_conn(tmp_ctx, domain, &samr_pipe, &dom_pol);
	if (!NT_STATUS_IS_OK(status)) {
		goto error;
	}

	b = samr_pipe->binding_handle;

	status = dcerpc_samr_QueryDomainInfo(b,
					     mem_ctx,
					     &dom_pol,
					     1,
					     &info,
					     &result);
	if (!NT_STATUS_IS_OK(status)) {
		goto error;
	}
	if (!NT_STATUS_IS_OK(result)) {
		status = result;
		goto error;
	}

	*passwd_policy = info->info1;

error:
	if (b && is_valid_policy_hnd(&dom_pol)) {
		dcerpc_samr_Close(b, mem_ctx, &dom_pol, &result);
	}

	TALLOC_FREE(tmp_ctx);
	return status;
}
Пример #2
0
WERROR NetLocalGroupEnum_r(struct libnetapi_ctx *ctx,
			   struct NetLocalGroupEnum *r)
{
	struct rpc_pipe_client *pipe_cli = NULL;
	NTSTATUS status, result;
	WERROR werr;
	struct policy_handle connect_handle, domain_handle, builtin_handle, alias_handle;
	struct dom_sid2 *domain_sid = NULL;
	uint32_t entries_read = 0;
	union samr_DomainInfo *domain_info = NULL;
	union samr_DomainInfo *builtin_info = NULL;
	struct samr_SamArray *domain_sam_array = NULL;
	struct samr_SamArray *builtin_sam_array = NULL;
	int i;
	struct dcerpc_binding_handle *b = NULL;

	if (!r->out.buffer) {
		return WERR_INVALID_PARAM;
	}

	switch (r->in.level) {
		case 0:
		case 1:
			break;
		default:
			return WERR_UNKNOWN_LEVEL;
	}

	if (r->out.total_entries) {
		*r->out.total_entries = 0;
	}
	if (r->out.entries_read) {
		*r->out.entries_read = 0;
	}

	ZERO_STRUCT(connect_handle);
	ZERO_STRUCT(builtin_handle);
	ZERO_STRUCT(domain_handle);
	ZERO_STRUCT(alias_handle);

	werr = libnetapi_open_pipe(ctx, r->in.server_name,
				   &ndr_table_samr,
				   &pipe_cli);
	if (!W_ERROR_IS_OK(werr)) {
		goto done;
	}

	b = pipe_cli->binding_handle;

	werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
						  SAMR_ACCESS_LOOKUP_DOMAIN |
						  SAMR_ACCESS_ENUM_DOMAINS,
						  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
						  SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
						  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
						  &connect_handle,
						  &builtin_handle);
	if (!W_ERROR_IS_OK(werr)) {
		goto done;
	}

	werr = libnetapi_samr_open_domain(ctx, pipe_cli,
					  SAMR_ACCESS_LOOKUP_DOMAIN |
					  SAMR_ACCESS_ENUM_DOMAINS,
					  SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
					  SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
					  SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
					  &connect_handle,
					  &domain_handle,
					  &domain_sid);
	if (!W_ERROR_IS_OK(werr)) {
		goto done;
	}

	status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(),
					     &builtin_handle,
					     2,
					     &builtin_info,
					     &result);
	if (!NT_STATUS_IS_OK(status)) {
		werr = ntstatus_to_werror(status);
		goto done;
	}
	if (!NT_STATUS_IS_OK(result)) {
		werr = ntstatus_to_werror(result);
		goto done;
	}

	if (r->out.total_entries) {
		*r->out.total_entries += builtin_info->general.num_aliases;
	}

	status = dcerpc_samr_QueryDomainInfo(b, talloc_tos(),
					     &domain_handle,
					     2,
					     &domain_info,
					     &result);
	if (!NT_STATUS_IS_OK(status)) {
		werr = ntstatus_to_werror(status);
		goto done;
	}
	if (!NT_STATUS_IS_OK(result)) {
		werr = ntstatus_to_werror(result);
		goto done;
	}

	if (r->out.total_entries) {
		*r->out.total_entries += domain_info->general.num_aliases;
	}

	status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(),
					       &builtin_handle,
					       r->in.resume_handle,
					       &builtin_sam_array,
					       r->in.prefmaxlen,
					       &entries_read,
					       &result);
	if (!NT_STATUS_IS_OK(status)) {
		werr = ntstatus_to_werror(status);
		goto done;
	}
	if (!NT_STATUS_IS_OK(result)) {
		werr = ntstatus_to_werror(result);
		goto done;
	}

	for (i=0; i<builtin_sam_array->count; i++) {
		union samr_AliasInfo *alias_info = NULL;

		if (r->in.level == 1) {

			status = libnetapi_samr_open_alias_queryinfo(ctx, pipe_cli,
								     &builtin_handle,
								     builtin_sam_array->entries[i].idx,
								     SAMR_ALIAS_ACCESS_LOOKUP_INFO,
								     ALIASINFOALL,
								     &alias_info);
			if (!NT_STATUS_IS_OK(status)) {
				werr = ntstatus_to_werror(status);
				goto done;
			}
		}

		werr = map_alias_info_to_buffer(ctx,
						builtin_sam_array->entries[i].name.string,
						alias_info ? &alias_info->all : NULL,
						r->in.level,
						r->out.entries_read,
						r->out.buffer);
	}

	status = dcerpc_samr_EnumDomainAliases(b, talloc_tos(),
					       &domain_handle,
					       r->in.resume_handle,
					       &domain_sam_array,
					       r->in.prefmaxlen,
					       &entries_read,
					       &result);
	if (!NT_STATUS_IS_OK(status)) {
		werr = ntstatus_to_werror(status);
		goto done;
	}
	if (!NT_STATUS_IS_OK(result)) {
		werr = ntstatus_to_werror(result);
		goto done;
	}

	for (i=0; i<domain_sam_array->count; i++) {

		union samr_AliasInfo *alias_info = NULL;

		if (r->in.level == 1) {
			status = libnetapi_samr_open_alias_queryinfo(ctx, pipe_cli,
								     &domain_handle,
								     domain_sam_array->entries[i].idx,
								     SAMR_ALIAS_ACCESS_LOOKUP_INFO,
								     ALIASINFOALL,
								     &alias_info);
			if (!NT_STATUS_IS_OK(status)) {
				werr = ntstatus_to_werror(status);
				goto done;
			}
		}

		werr = map_alias_info_to_buffer(ctx,
						domain_sam_array->entries[i].name.string,
						alias_info ? &alias_info->all : NULL,
						r->in.level,
						r->out.entries_read,
						r->out.buffer);
	}

 done:
	if (ctx->disable_policy_handle_cache) {
		libnetapi_samr_close_domain_handle(ctx, &domain_handle);
		libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
		libnetapi_samr_close_connect_handle(ctx, &connect_handle);
	}

	return werr;
}