cli_samr.c

来自「samba-3.0.22.tar.gz 编译smb服务器的源码」· C语言 代码 · 共 1,888 行 · 第 1/3 页

		ZERO_STRUCT(old_lanman_hash_enc);
	}

	encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
	
	SamOEMhash( new_nt_password, old_nt_hash, 516);
	E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);

	/* Marshall data and send request */

	init_samr_q_chgpasswd3(&q, srv_name_slash, username, 
			       new_nt_password, 
			       old_nt_hash_enc, 
			       new_lm_password,
			       old_lanman_hash_enc);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD3,
		q, r,
		qbuf, rbuf,
		samr_io_q_chgpasswd3,
		samr_io_r_chgpasswd3,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	if (!NT_STATUS_IS_OK(result = r.status)) {
		*info = &r.info;
		*reject = &r.reject;
		goto done;
	}

 done:

	return result;
}

/* This function returns the bizzare set of (max_entries, max_size) required
   for the QueryDisplayInfo RPC to actually work against a domain controller
   with large (10k and higher) numbers of users.  These values were 
   obtained by inspection using ethereal and NT4 running User Manager. */

void get_query_dispinfo_params(int loop_count, uint32 *max_entries,
			       uint32 *max_size)
{
	switch(loop_count) {
	case 0:
		*max_entries = 512;
		*max_size = 16383;
		break;
	case 1:
		*max_entries = 1024;
		*max_size = 32766;
		break;
	case 2:
		*max_entries = 2048;
		*max_size = 65532;
		break;
	case 3:
		*max_entries = 4096;
		*max_size = 131064;
		break;
	default:              /* loop_count >= 4 */
		*max_entries = 4096;
		*max_size = 131071;
		break;
	}
}		     

/* Query display info */

NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
				    TALLOC_CTX *mem_ctx, 
				    POLICY_HND *domain_pol, uint32 *start_idx,
				    uint16 switch_value, uint32 *num_entries,
				    uint32 max_entries, uint32 max_size,
				    SAM_DISPINFO_CTR *ctr)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_QUERY_DISPINFO q;
	SAMR_R_QUERY_DISPINFO r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	*num_entries = 0;

	/* Marshall data and send request */

	init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
				   *start_idx, max_entries, max_size);

	r.ctr = ctr;

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
		q, r,
		qbuf, rbuf,
		samr_io_q_query_dispinfo,
		samr_io_r_query_dispinfo,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

        result = r.status;

	if (!NT_STATUS_IS_OK(result) &&
	    NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
		goto done;
	}

	*num_entries = r.num_entries;
	*start_idx += r.num_entries;  /* No next_idx in this structure! */

 done:
	return result;
}

/* Lookup rids.  Note that NT4 seems to crash if more than ~1000 rids are
   looked up in one packet. */

NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
				 TALLOC_CTX *mem_ctx, 
				 POLICY_HND *domain_pol,
				 uint32 num_rids, uint32 *rids, 
				 uint32 *num_names, char ***names,
				 uint32 **name_types)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_LOOKUP_RIDS q;
	SAMR_R_LOOKUP_RIDS r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
	uint32 i;

	DEBUG(10,("cli_samr_lookup_rids\n"));

        if (num_rids > 1000) {
                DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
                          "more than ~1000 rids are looked up at once.\n"));
        }

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
		q, r,
		qbuf, rbuf,
		samr_io_q_lookup_rids,
		samr_io_r_lookup_rids,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	if (!NT_STATUS_IS_OK(result) &&
	    !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
		goto done;

	if (r.num_names1 == 0) {
		*num_names = 0;
		*names = NULL;
		goto done;
	}

	*num_names = r.num_names1;
	*names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
	*name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);

	for (i = 0; i < r.num_names1; i++) {
		fstring tmp;

		unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp) - 1);
		(*names)[i] = talloc_strdup(mem_ctx, tmp);
		(*name_types)[i] = r.type[i];
	}

 done:

	return result;
}

/* Lookup names */

NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                               POLICY_HND *domain_pol, uint32 flags,
                               uint32 num_names, const char **names,
                               uint32 *num_rids, uint32 **rids,
                               uint32 **rid_types)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_LOOKUP_NAMES q;
	SAMR_R_LOOKUP_NAMES r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
	uint32 i;

	DEBUG(10,("cli_samr_lookup_names\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
				 num_names, names);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
		q, r,
		qbuf, rbuf,
		samr_io_q_lookup_names,
		samr_io_r_lookup_names,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	if (!NT_STATUS_IS_OK(result = r.status)) {
		goto done;
	}

	if (r.num_rids1 == 0) {
		*num_rids = 0;
		goto done;
	}

	*num_rids = r.num_rids1;
	*rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
	*rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);

	for (i = 0; i < r.num_rids1; i++) {
		(*rids)[i] = r.rids[i];
		(*rid_types)[i] = r.types[i];
	}

 done:

	return result;
}

/* Create a domain user */

NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                                  POLICY_HND *domain_pol, const char *acct_name,
                                  uint32 acb_info, uint32 unknown, 
                                  POLICY_HND *user_pol, uint32 *rid)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_CREATE_USER q;
	SAMR_R_CREATE_USER r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_create_dom_user %s\n", acct_name));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
		q, r,
		qbuf, rbuf,
		samr_io_q_create_user,
		samr_io_r_create_user,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	if (!NT_STATUS_IS_OK(result = r.status)) {
		goto done;
	}

	if (user_pol)
		*user_pol = r.user_pol;

	if (rid)
		*rid = r.user_rid;

 done:

	return result;
}

/* Set userinfo */

NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                               POLICY_HND *user_pol, uint16 switch_value,
                               DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_SET_USERINFO q;
	SAMR_R_SET_USERINFO r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_set_userinfo\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	if (!sess_key->length) {
		DEBUG(1, ("No user session key\n"));
		return NT_STATUS_NO_USER_SESSION_KEY;
	}

	/* Initialise parse structures */

	prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
	prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);

	/* Marshall data and send request */

	q.ctr = ctr;

	init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value, 
				 ctr->info.id);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
		q, r,
		qbuf, rbuf,
		samr_io_q_set_userinfo,
		samr_io_r_set_userinfo,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	if (!NT_STATUS_IS_OK(result = r.status)) {
		goto done;
	}

 done:

	return result;
}

/* Set userinfo2 */

NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                                POLICY_HND *user_pol, uint16 switch_value,
                                DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_SET_USERINFO2 q;
	SAMR_R_SET_USERINFO2 r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_set_userinfo2\n"));

	if (!sess_key->length) {
		DEBUG(1, ("No user session key\n"));
		return NT_STATUS_NO_USER_SESSION_KEY;
	}

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
		q, r,
		qbuf, rbuf,
		samr_io_q_set_userinfo2,
		samr_io_r_set_userinfo2,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	if (!NT_STATUS_IS_OK(result = r.status)) {
		goto done;
	}

 done:

	return result;
}

/* Delete domain group */

NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                                  POLICY_HND *group_pol)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_DELETE_DOM_GROUP q;
	SAMR_R_DELETE_DOM_GROUP r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_delete_dom_group\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_delete_dom_group(&q, group_pol);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP,
		q, r,
		qbuf, rbuf,
		samr_io_q_delete_dom_group,
		samr_io_r_delete_dom_group,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	return result;
}

/* Delete domain alias */

NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                                  POLICY_HND *alias_pol)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_DELETE_DOM_ALIAS q;
	SAMR_R_DELETE_DOM_ALIAS r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_delete_dom_alias\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_delete_dom_alias(&q, alias_pol);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS,
		q, r,
		qbuf, rbuf,
		samr_io_q_delete_dom_alias,
		samr_io_r_delete_dom_alias,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	return result;
}

/* Delete domain user */

NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
                                  POLICY_HND *user_pol)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_DELETE_DOM_USER q;
	SAMR_R_DELETE_DOM_USER r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_delete_dom_user\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_delete_dom_user(&q, user_pol);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER,
		q, r,
		qbuf, rbuf,
		samr_io_q_delete_dom_user,
		samr_io_r_delete_dom_user,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	return result;
}

/* Remove foreign SID */

NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli, 
					    TALLOC_CTX *mem_ctx, 
					    POLICY_HND *user_pol,
					    DOM_SID *sid)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN q;
	SAMR_R_REMOVE_SID_FOREIGN_DOMAIN r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_remove_sid_foreign_domain\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN,
		q, r,
		qbuf, rbuf,
		samr_io_q_remove_sid_foreign_domain,
		samr_io_r_remove_sid_foreign_domain,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	return result;
}

/* Query user security object */

NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
                                 POLICY_HND *user_pol, uint16 switch_value, 
                                 TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_QUERY_SEC_OBJ q;
	SAMR_R_QUERY_SEC_OBJ r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_query_sec_obj\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_query_sec_obj(&q, user_pol, switch_value);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT,
		q, r,
		qbuf, rbuf,
		samr_io_q_query_sec_obj,
		samr_io_r_query_sec_obj,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;
	*sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);

	return result;
}

/* Get domain password info */

NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
				 uint16 *min_pwd_length, uint32 *password_properties)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_GET_DOM_PWINFO q;
	SAMR_R_GET_DOM_PWINFO r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_get_dom_pwinfo\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_get_dom_pwinfo(&q, cli->cli->desthost);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DOM_PWINFO,
		q, r,
		qbuf, rbuf,
		samr_io_q_get_dom_pwinfo,
		samr_io_r_get_dom_pwinfo,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	if (NT_STATUS_IS_OK(result)) {
		if (min_pwd_length)
			*min_pwd_length = r.min_pwd_length;
		if (password_properties)
			*password_properties = r.password_properties;
	}

	return result;
}

/* Lookup Domain Name */

NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
				POLICY_HND *user_pol, char *domain_name, 
				DOM_SID *sid)
{
	prs_struct qbuf, rbuf;
	SAMR_Q_LOOKUP_DOMAIN q;
	SAMR_R_LOOKUP_DOMAIN r;
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;

	DEBUG(10,("cli_samr_lookup_domain\n"));

	ZERO_STRUCT(q);
	ZERO_STRUCT(r);

	/* Marshall data and send request */

	init_samr_q_lookup_domain(&q, user_pol, domain_name);

	CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN,
		q, r,
		qbuf, rbuf,
		samr_io_q_lookup_domain,
		samr_io_r_lookup_domain,
		NT_STATUS_UNSUCCESSFUL); 

	/* Return output parameters */

	result = r.status;

	if (NT_STATUS_IS_OK(result))
		sid_copy(sid, &r.dom_sid.sid);

	return result;
}