SAMR_HANDLE_ALIAS
};
-struct samr_connect_info {
+struct samr_info {
uint32_t access_granted;
-};
-
-struct samr_domain_info {
struct dom_sid sid;
struct disp_info *disp_info;
- uint32_t access_granted;
-};
-
-struct samr_user_info {
- struct dom_sid sid;
- uint32_t access_granted;
-};
-
-struct samr_group_info {
- struct dom_sid sid;
- uint32_t access_granted;
-};
-
-struct samr_alias_info {
- struct dom_sid sid;
- uint32_t access_granted;
};
typedef struct disp_info {
/*******************************************************************
*******************************************************************/
+static NTSTATUS create_samr_policy_handle(TALLOC_CTX *mem_ctx,
+ struct pipes_struct *p,
+ enum samr_handle type,
+ uint32_t acc_granted,
+ struct dom_sid *sid,
+ struct disp_info *disp_info,
+ struct policy_handle *handle)
+{
+ struct samr_info *info = NULL;
+ bool ok;
+
+ ZERO_STRUCTP(handle);
+
+ info = talloc_zero(mem_ctx, struct samr_info);
+ if (info == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ info->access_granted = acc_granted;
+
+ if (sid != NULL) {
+ sid_copy(&info->sid, sid);
+ }
+
+ if (disp_info != NULL) {
+ info->disp_info = disp_info;
+ }
+
+ ok = create_policy_hnd(p, handle, type, info);
+ if (!ok) {
+ talloc_free(info);
+ ZERO_STRUCTP(handle);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
static NTSTATUS samr_handle_access_check(uint32_t access_granted,
uint32_t access_required,
uint32_t *paccess_granted)
NTSTATUS _samr_OpenDomain(struct pipes_struct *p,
struct samr_OpenDomain *r)
{
- struct samr_domain_info *dinfo;
- struct samr_connect_info *cinfo = NULL;
+ struct samr_info *cinfo = NULL;
struct security_descriptor *psd = NULL;
uint32_t acc_granted;
uint32_t des_access = r->in.access_mask;
NTSTATUS status;
size_t sd_size;
uint32_t extra_access = SAMR_DOMAIN_ACCESS_CREATE_USER;
+ struct disp_info *disp_info = NULL;
/* find the connection policy handle. */
cinfo = policy_handle_find(p, r->in.connect_handle,
SAMR_HANDLE_CONNECT,
- struct samr_connect_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_NO_SUCH_DOMAIN;
}
- dinfo = policy_handle_create(p,
- r->out.domain_handle,
- SAMR_HANDLE_DOMAIN,
- struct samr_domain_info,
- &status);
+ disp_info = get_samr_dispinfo_by_sid(r->in.sid);
+
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_DOMAIN,
+ acc_granted,
+ r->in.sid,
+ disp_info,
+ r->out.domain_handle);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- dinfo->sid = *r->in.sid;
- dinfo->disp_info = get_samr_dispinfo_by_sid(r->in.sid);
- dinfo->access_granted = acc_granted;
DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__));
{
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
enum lsa_SidType sid_type;
uint32_t min_password_length = 0;
uint32_t password_properties = 0;
uinfo = policy_handle_find(p, r->in.user_handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_SetSecurity(struct pipes_struct *p,
struct samr_SetSecurity *r)
{
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
uint32_t i;
struct security_acl *dacl;
bool ret;
uinfo = policy_handle_find(p, r->in.handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_QuerySecurity(struct pipes_struct *p,
struct samr_QuerySecurity *r)
{
- struct samr_domain_info *dinfo;
- struct samr_user_info *uinfo;
- struct samr_group_info *ginfo;
- struct samr_alias_info *ainfo;
+ struct samr_info *info;
NTSTATUS status;
struct security_descriptor * psd = NULL;
size_t sd_size = 0;
struct dom_sid_buf buf;
- struct samr_connect_info *cinfo = NULL;
NTSTATUS acc_status;
- cinfo = policy_handle_find(p, r->in.handle,
- SAMR_HANDLE_CONNECT,
- struct samr_connect_info, &status);
- if (cinfo != NULL) {
- acc_status = samr_handle_access_check(cinfo->access_granted,
+ info = policy_handle_find(p, r->in.handle,
+ SAMR_HANDLE_CONNECT,
+ struct samr_info, &status);
+ if (info != NULL) {
+ acc_status = samr_handle_access_check(info->access_granted,
SEC_STD_READ_CONTROL,
NULL);
} else {
goto done;
}
- dinfo = policy_handle_find(p, r->in.handle,
- SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
- if (dinfo != NULL) {
- acc_status = samr_handle_access_check(dinfo->access_granted,
+ info = policy_handle_find(p, r->in.handle,
+ SAMR_HANDLE_DOMAIN,
+ struct samr_info, &status);
+ if (info != NULL) {
+ acc_status = samr_handle_access_check(info->access_granted,
SEC_STD_READ_CONTROL,
NULL);
} else {
if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(acc_status)) {
DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
"with SID: %s\n",
- dom_sid_str_buf(&dinfo->sid, &buf)));
+ dom_sid_str_buf(&info->sid, &buf)));
/*
* TODO: Builtin probably needs a different SD with restricted
* write access
goto done;
}
- uinfo = policy_handle_find(p, r->in.handle,
+ info = policy_handle_find(p, r->in.handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
- if (uinfo != NULL) {
- acc_status = samr_handle_access_check(uinfo->access_granted,
+ struct samr_info, &status);
+ if (info != NULL) {
+ acc_status = samr_handle_access_check(info->access_granted,
SEC_STD_READ_CONTROL,
NULL);
} else {
if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(acc_status)) {
DEBUG(10,("_samr_QuerySecurity: querying security on user "
"Object with SID: %s\n",
- dom_sid_str_buf(&uinfo->sid, &buf)));
- if (check_change_pw_access(p->mem_ctx, &uinfo->sid)) {
+ dom_sid_str_buf(&info->sid, &buf)));
+ if (check_change_pw_access(p->mem_ctx, &info->sid)) {
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_generic_mapping,
- &uinfo->sid, SAMR_USR_RIGHTS_WRITE_PW);
+ &info->sid, SAMR_USR_RIGHTS_WRITE_PW);
} else {
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_nopwchange_generic_mapping,
- &uinfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ &info->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
}
goto done;
}
- ginfo = policy_handle_find(p, r->in.handle,
+ info = policy_handle_find(p, r->in.handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
- if (ginfo != NULL) {
- acc_status = samr_handle_access_check(ginfo->access_granted,
+ struct samr_info, &status);
+ if (info != NULL) {
+ acc_status = samr_handle_access_check(info->access_granted,
SEC_STD_READ_CONTROL,
NULL);
} else {
*/
DEBUG(10,("_samr_QuerySecurity: querying security on group "
"Object with SID: %s\n",
- dom_sid_str_buf(&ginfo->sid, &buf)));
+ dom_sid_str_buf(&info->sid, &buf)));
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_nopwchange_generic_mapping,
- &ginfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ &info->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
goto done;
}
- ainfo = policy_handle_find(p, r->in.handle,
+ info = policy_handle_find(p, r->in.handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
- if (ainfo != NULL) {
- acc_status = samr_handle_access_check(ainfo->access_granted,
+ struct samr_info, &status);
+ if (info != NULL) {
+ acc_status = samr_handle_access_check(info->access_granted,
SEC_STD_READ_CONTROL,
NULL);
} else {
*/
DEBUG(10,("_samr_QuerySecurity: querying security on alias "
"Object with SID: %s\n",
- dom_sid_str_buf(&ainfo->sid, &buf)));
+ dom_sid_str_buf(&info->sid, &buf)));
status = make_samr_object_sd(
p->mem_ctx, &psd, &sd_size,
&usr_nopwchange_generic_mapping,
- &ainfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ &info->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
goto done;
}
struct samr_EnumDomainUsers *r)
{
NTSTATUS status;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
int num_account;
uint32_t enum_context = *r->in.resume_handle;
enum remote_arch_types ra_type = get_remote_arch();
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
struct samr_EnumDomainGroups *r)
{
NTSTATUS status;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
struct samr_displayentry *groups;
uint32_t num_groups;
struct samr_SamArray *samr_array = NULL;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
struct samr_EnumDomainAliases *r)
{
NTSTATUS status;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
struct samr_displayentry *aliases;
uint32_t num_aliases = 0;
struct samr_SamArray *samr_array = NULL;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
struct samr_QueryDisplayInfo *r)
{
NTSTATUS status;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
uint32_t struct_size=0x20; /* W2K always reply that, client doesn't care */
uint32_t max_entries = r->in.max_entries;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_QueryAliasInfo(struct pipes_struct *p,
struct samr_QueryAliasInfo *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
struct acct_info *info;
NTSTATUS status;
union samr_AliasInfo *alias_info = NULL;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_LookupNames(struct pipes_struct *p,
struct samr_LookupNames *r)
{
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
NTSTATUS status;
uint32_t *rid;
enum lsa_SidType *type;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_LookupRids(struct pipes_struct *p,
struct samr_LookupRids *r)
{
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
NTSTATUS status;
const char **names;
enum lsa_SidType *attrs = NULL;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
{
struct samu *sampass=NULL;
struct dom_sid sid;
- struct samr_domain_info *dinfo;
- struct samr_user_info *uinfo;
+ struct samr_info *dinfo;
struct security_descriptor *psd = NULL;
uint32_t acc_granted;
uint32_t des_access = r->in.access_mask;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* If we did the rid admins hack above, allow access. */
acc_granted |= extra_access;
- uinfo = policy_handle_create(p,
- r->out.user_handle,
- SAMR_HANDLE_USER,
- struct samr_user_info,
- &nt_status);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_USER,
+ acc_granted,
+ &sid,
+ NULL,
+ r->out.user_handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- uinfo->sid = sid;
- uinfo->access_granted = acc_granted;
return NT_STATUS_OK;
}
{
NTSTATUS status;
union samr_UserInfo *user_info = NULL;
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
struct dom_sid domain_sid;
uint32_t rid;
bool ret = false;
uinfo = policy_handle_find(p, r->in.user_handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_GetGroupsForUser(struct pipes_struct *p,
struct samr_GetGroupsForUser *r)
{
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
struct samu *sam_pass=NULL;
struct dom_sid *sids;
struct samr_RidWithAttribute dom_gid;
uinfo = policy_handle_find(p, r->in.user_handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &result);
+ struct samr_info, &result);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
static NTSTATUS query_dom_info_2(TALLOC_CTX *mem_ctx,
struct samr_DomGeneralInformation *r,
- struct samr_domain_info *dinfo)
+ struct samr_info *dinfo)
{
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
static NTSTATUS query_dom_info_11(TALLOC_CTX *mem_ctx,
struct samr_DomGeneralInformation2 *r,
- struct samr_domain_info *dinfo)
+ struct samr_info *dinfo)
{
NTSTATUS status;
uint32_t account_policy_temp;
struct samr_QueryDomainInfo *r)
{
NTSTATUS status = NT_STATUS_OK;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
union samr_DomainInfo *dom_info;
uint32_t acc_required;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
const char *account = NULL;
struct dom_sid sid;
uint32_t acb_info = r->in.acct_flags;
- struct samr_domain_info *dinfo;
- struct samr_user_info *uinfo;
+ struct samr_info *dinfo;
NTSTATUS nt_status;
uint32_t acc_granted;
struct security_descriptor *psd;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &nt_status);
+ struct samr_info, &nt_status);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
return nt_status;
}
- uinfo = policy_handle_create(p,
- r->out.user_handle,
- SAMR_HANDLE_USER,
- struct samr_user_info,
- &nt_status);
+ nt_status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_USER,
+ acc_granted,
+ &sid,
+ NULL,
+ r->out.user_handle);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
- uinfo->sid = sid;
- uinfo->access_granted = acc_granted;
/* After a "set" ensure we have no cached display info. */
force_flush_samr_cache(&sid);
struct samr_Connect *r)
{
uint32_t acc_granted;
- struct policy_handle hnd;
uint32_t des_access = r->in.access_mask;
NTSTATUS status;
- struct samr_connect_info *cinfo = NULL;
/* Access check */
|SAMR_ACCESS_LOOKUP_DOMAIN);
/* set up the SAMR connect_anon response */
-
- cinfo = policy_handle_create(p,
- &hnd,
- SAMR_HANDLE_CONNECT,
- struct samr_connect_info,
- &status);
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_CONNECT,
+ acc_granted,
+ NULL,
+ NULL,
+ r->out.connect_handle);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- cinfo->access_granted = acc_granted;
-
- *r->out.connect_handle = hnd;
return NT_STATUS_OK;
}
NTSTATUS _samr_Connect2(struct pipes_struct *p,
struct samr_Connect2 *r)
{
- struct policy_handle hnd;
struct security_descriptor *psd = NULL;
uint32_t acc_granted;
uint32_t des_access = r->in.access_mask;
NTSTATUS nt_status;
size_t sd_size;
const char *fn = "_samr_Connect2";
- struct samr_connect_info *cinfo = NULL;
switch (p->opnum) {
case NDR_SAMR_CONNECT2:
if ( !NT_STATUS_IS_OK(nt_status) )
return nt_status;
- cinfo = policy_handle_create(p,
- &hnd,
- SAMR_HANDLE_CONNECT,
- struct samr_connect_info,
- &nt_status);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
-
- cinfo->access_granted = acc_granted;
+ nt_status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_CONNECT,
+ acc_granted,
+ NULL,
+ NULL,
+ r->out.connect_handle);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
DEBUG(5,("%s: %d\n", fn, __LINE__));
- *r->out.connect_handle = hnd;
return NT_STATUS_OK;
}
const char *domain_name;
struct dom_sid *sid = NULL;
struct dom_sid_buf buf;
- struct samr_connect_info *cinfo = NULL;
+ struct samr_info *cinfo = NULL;
/* win9x user manager likes to use SAMR_ACCESS_ENUM_DOMAINS here.
Reverted that change so we will work with RAS servers again */
cinfo = policy_handle_find(p, r->in.connect_handle,
SAMR_HANDLE_CONNECT,
- struct samr_connect_info,
+ struct samr_info,
&status);
if (!NT_STATUS_IS_OK(status)) {
return status;
uint32_t num_entries = 2;
struct samr_SamEntry *entry_array = NULL;
struct samr_SamArray *sam;
- struct samr_connect_info *cinfo = NULL;
+ struct samr_info *cinfo = NULL;
cinfo = policy_handle_find(p, r->in.connect_handle,
SAMR_HANDLE_CONNECT,
- struct samr_connect_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
{
struct dom_sid sid;
uint32_t alias_rid = r->in.rid;
- struct samr_alias_info *ainfo;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
struct security_descriptor *psd = NULL;
uint32_t acc_granted;
uint32_t des_access = r->in.access_mask;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
}
- ainfo = policy_handle_create(p,
- r->out.alias_handle,
- SAMR_HANDLE_ALIAS,
- struct samr_alias_info,
- &status);
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_ALIAS,
+ acc_granted,
+ &sid,
+ NULL,
+ r->out.alias_handle);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- ainfo->sid = sid;
- ainfo->access_granted = acc_granted;
return NT_STATUS_OK;
}
NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
struct samr_SetUserInfo *r)
{
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
NTSTATUS status;
struct samu *pwd = NULL;
union samr_UserInfo *info = r->in.info;
uinfo = policy_handle_find(p, r->in.user_handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
{
size_t num_alias_rids;
uint32_t *alias_rids;
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
size_t i;
NTSTATUS status;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_GetMembersInAlias(struct pipes_struct *p,
struct samr_GetMembersInAlias *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
NTSTATUS status;
size_t i;
size_t num_sids = 0;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_QueryGroupMember(struct pipes_struct *p,
struct samr_QueryGroupMember *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
size_t i, num_members;
uint32_t *rid=NULL;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_AddAliasMember(struct pipes_struct *p,
struct samr_AddAliasMember *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
struct dom_sid_buf buf;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_DeleteAliasMember(struct pipes_struct *p,
struct samr_DeleteAliasMember *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
struct dom_sid_buf buf;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_AddGroupMember(struct pipes_struct *p,
struct samr_AddGroupMember *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
struct dom_sid_buf buf;
NTSTATUS status;
uint32_t group_rid;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
struct samr_DeleteGroupMember *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
NTSTATUS status;
uint32_t group_rid;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_DeleteUser(struct pipes_struct *p,
struct samr_DeleteUser *r)
{
- struct samr_user_info *uinfo;
+ struct samr_info *uinfo;
NTSTATUS status;
struct samu *sam_pass=NULL;
bool ret;
uinfo = policy_handle_find(p, r->in.user_handle,
SAMR_HANDLE_USER,
- struct samr_user_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_DeleteDomainGroup(struct pipes_struct *p,
struct samr_DeleteDomainGroup *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
struct dom_sid_buf buf;
NTSTATUS status;
uint32_t group_rid;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_DeleteDomAlias(struct pipes_struct *p,
struct samr_DeleteDomAlias *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
struct dom_sid_buf buf;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
{
NTSTATUS status;
const char *name;
- struct samr_domain_info *dinfo;
- struct samr_group_info *ginfo;
+ struct samr_info *dinfo;
+ struct dom_sid sid;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if ( !NT_STATUS_IS_OK(status) )
return status;
- ginfo = policy_handle_create(p,
- r->out.group_handle,
- SAMR_HANDLE_GROUP,
- struct samr_group_info,
- &status);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- sid_compose(&ginfo->sid, &dinfo->sid, *r->out.rid);
- ginfo->access_granted = GENERIC_RIGHTS_GROUP_ALL_ACCESS;
+ sid_compose(&sid, &dinfo->sid, *r->out.rid);
+
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_GROUP,
+ GENERIC_RIGHTS_GROUP_ALL_ACCESS,
+ &sid,
+ NULL,
+ r->out.group_handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
force_flush_samr_cache(&dinfo->sid);
{
struct dom_sid info_sid;
const char *name = NULL;
- struct samr_domain_info *dinfo;
- struct samr_alias_info *ainfo;
+ struct samr_info *dinfo;
gid_t gid;
NTSTATUS result;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &result);
+ struct samr_info, &result);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
return NT_STATUS_ACCESS_DENIED;
}
- ainfo = policy_handle_create(p,
- r->out.alias_handle,
- SAMR_HANDLE_ALIAS,
- struct samr_alias_info,
- &result);
- if (!NT_STATUS_IS_OK(result)) {
- return result;
- }
- ainfo->sid = info_sid;
- ainfo->access_granted = GENERIC_RIGHTS_ALIAS_ALL_ACCESS;
+ result = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_ALIAS,
+ GENERIC_RIGHTS_ALIAS_ALL_ACCESS,
+ &info_sid,
+ NULL,
+ r->out.alias_handle);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
force_flush_samr_cache(&info_sid);
NTSTATUS _samr_QueryGroupInfo(struct pipes_struct *p,
struct samr_QueryGroupInfo *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
NTSTATUS status;
GROUP_MAP *map;
union samr_GroupInfo *info = NULL;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_SetGroupInfo(struct pipes_struct *p,
struct samr_SetGroupInfo *r)
{
- struct samr_group_info *ginfo;
+ struct samr_info *ginfo;
GROUP_MAP *map;
NTSTATUS status;
bool ret;
ginfo = policy_handle_find(p, r->in.group_handle,
SAMR_HANDLE_GROUP,
- struct samr_group_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_SetAliasInfo(struct pipes_struct *p,
struct samr_SetAliasInfo *r)
{
- struct samr_alias_info *ainfo;
+ struct samr_info *ainfo;
struct acct_info *info;
NTSTATUS status;
ainfo = policy_handle_find(p, r->in.alias_handle,
SAMR_HANDLE_ALIAS,
- struct samr_alias_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
struct dom_sid info_sid;
struct dom_sid_buf buf;
GROUP_MAP *map;
- struct samr_domain_info *dinfo;
- struct samr_group_info *ginfo;
+ struct samr_info *dinfo;
struct security_descriptor *psd = NULL;
uint32_t acc_granted;
uint32_t des_access = r->in.access_mask;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
TALLOC_FREE(map);
- ginfo = policy_handle_create(p,
- r->out.group_handle,
- SAMR_HANDLE_GROUP,
- struct samr_group_info,
- &status);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- ginfo->sid = info_sid;
- ginfo->access_granted = acc_granted;
+ status = create_samr_policy_handle(p->mem_ctx,
+ p,
+ SAMR_HANDLE_GROUP,
+ acc_granted,
+ &info_sid,
+ NULL,
+ r->out.group_handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
return NT_STATUS_OK;
}
NTSTATUS _samr_RemoveMemberFromForeignDomain(struct pipes_struct *p,
struct samr_RemoveMemberFromForeignDomain *r)
{
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
struct dom_sid_buf buf;
NTSTATUS result;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &result);
+ struct samr_info, &result);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
{
NTSTATUS status;
uint32_t acc_required = 0;
- struct samr_domain_info *dinfo = NULL;
+ struct samr_info *dinfo = NULL;
DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__));
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_GetDisplayEnumerationIndex(struct pipes_struct *p,
struct samr_GetDisplayEnumerationIndex *r)
{
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
uint32_t max_entries = (uint32_t) -1;
uint32_t enum_context = 0;
int i;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
NTSTATUS _samr_RidToSid(struct pipes_struct *p,
struct samr_RidToSid *r)
{
- struct samr_domain_info *dinfo;
+ struct samr_info *dinfo;
NTSTATUS status;
struct dom_sid sid;
dinfo = policy_handle_find(p, r->in.domain_handle,
SAMR_HANDLE_DOMAIN,
- struct samr_domain_info, &status);
+ struct samr_info, &status);
if (!NT_STATUS_IS_OK(status)) {
return status;
}