root/source4/rpc_server/drsuapi/dcesrv_drsuapi.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. dcesrv_drsuapi_DsBind
  2. dcesrv_drsuapi_DsUnbind
  3. dcesrv_drsuapi_DsReplicaSync
  4. dcesrv_drsuapi_DsGetNCChanges
  5. dcesrv_drsuapi_DsReplicaUpdateRefs
  6. dcesrv_DRSUAPI_REPLICA_ADD
  7. dcesrv_DRSUAPI_REPLICA_DEL
  8. dcesrv_DRSUAPI_REPLICA_MODIFY
  9. dcesrv_DRSUAPI_VERIFY_NAMES
  10. dcesrv_drsuapi_DsGetMemberships
  11. dcesrv_DRSUAPI_INTER_DOMAIN_MOVE
  12. dcesrv_drsuapi_DsGetNT4ChangeLog
  13. dcesrv_drsuapi_DsCrackNames
  14. dcesrv_drsuapi_DsWriteAccountSpn
  15. dcesrv_drsuapi_DsRemoveDSServer
  16. dcesrv_DRSUAPI_REMOVE_DS_DOMAIN
  17. result_site_name
  18. dcesrv_drsuapi_DsGetDomainControllerInfo_1
  19. dcesrv_drsuapi_DsGetDomainControllerInfo
  20. dcesrv_drsuapi_DsAddEntry
  21. dcesrv_DRSUAPI_EXECUTE_KCC
  22. dcesrv_drsuapi_DsReplicaGetInfo
  23. dcesrv_DRSUAPI_ADD_SID_HISTORY
  24. dcesrv_drsuapi_DsGetMemberships2
  25. dcesrv_DRSUAPI_REPLICA_VERIFY_OBJECTS
  26. dcesrv_DRSUAPI_GET_OBJECT_EXISTENCE
  27. dcesrv_drsuapi_QuerySitesByCost

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    endpoint server for the drsuapi pipe
   5 
   6    Copyright (C) Stefan Metzmacher 2004
   7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2006
   8    
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13    
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18    
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22 
  23 #include "includes.h"
  24 #include "librpc/gen_ndr/ndr_drsuapi.h"
  25 #include "rpc_server/dcerpc_server.h"
  26 #include "rpc_server/common/common.h"
  27 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
  28 #include "dsdb/samdb/samdb.h"
  29 #include "lib/ldb/include/ldb_errors.h"
  30 #include "param/param.h"
  31 
  32 /* 
  33   drsuapi_DsBind 
  34 */
  35 static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
  36                        struct drsuapi_DsBind *r)
  37 {
  38         struct drsuapi_bind_state *b_state;
  39         struct dcesrv_handle *handle;
  40         struct drsuapi_DsBindInfoCtr *bind_info;
  41         struct GUID site_guid;
  42         struct ldb_result *site_res;
  43         struct ldb_dn *server_site_dn;
  44         static const char *site_attrs[] = { "objectGUID", NULL };
  45         struct ldb_result *ntds_res;
  46         struct ldb_dn *ntds_dn;
  47         static const char *ntds_attrs[] = { "ms-DS-ReplicationEpoch", NULL };
  48         uint32_t pid;
  49         uint32_t repl_epoch;
  50         int ret;
  51 
  52         r->out.bind_info = NULL;
  53         ZERO_STRUCTP(r->out.bind_handle);
  54 
  55         b_state = talloc_zero(mem_ctx, struct drsuapi_bind_state);
  56         W_ERROR_HAVE_NO_MEMORY(b_state);
  57 
  58         /*
  59          * connect to the samdb
  60          */
  61         b_state->sam_ctx = samdb_connect(b_state, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info); 
  62         if (!b_state->sam_ctx) {
  63                 return WERR_FOOBAR;
  64         }
  65 
  66         /*
  67          * find out the guid of our own site
  68          */
  69         server_site_dn = samdb_server_site_dn(b_state->sam_ctx, mem_ctx);
  70         W_ERROR_HAVE_NO_MEMORY(server_site_dn);
  71 
  72         ret = ldb_search(b_state->sam_ctx, mem_ctx, &site_res,
  73                                  server_site_dn, LDB_SCOPE_BASE, site_attrs,
  74                                  "(objectClass=*)");
  75         if (ret != LDB_SUCCESS) {
  76                 return WERR_DS_DRA_INTERNAL_ERROR;
  77         }
  78         if (site_res->count != 1) {
  79                 return WERR_DS_DRA_INTERNAL_ERROR;
  80         }
  81         site_guid = samdb_result_guid(site_res->msgs[0], "objectGUID");
  82 
  83         /*
  84          * lookup the local servers Replication Epoch
  85          */
  86         ntds_dn = samdb_ntds_settings_dn(b_state->sam_ctx);
  87         W_ERROR_HAVE_NO_MEMORY(ntds_dn);
  88 
  89         ret = ldb_search(b_state->sam_ctx, mem_ctx, &ntds_res,
  90                                  ntds_dn, LDB_SCOPE_BASE, ntds_attrs,
  91                                  "(objectClass=*)");
  92         if (ret != LDB_SUCCESS) {
  93                 return WERR_DS_DRA_INTERNAL_ERROR;
  94         }
  95         if (ntds_res->count != 1) {
  96                 return WERR_DS_DRA_INTERNAL_ERROR;
  97         }
  98         repl_epoch = samdb_result_uint(ntds_res->msgs[0], "ms-DS-ReplicationEpoch", 0);
  99 
 100         /*
 101          * The "process identifier" of the client.
 102          * According to the WSPP docs, sectin 5.35, this is
 103          * for informational and debugging purposes only.
 104          * The assignment is implementation specific.
 105          */
 106         pid = 0;
 107 
 108         /*
 109          * store the clients bind_guid
 110          */
 111         if (r->in.bind_guid) {
 112                 b_state->remote_bind_guid = *r->in.bind_guid;
 113         }
 114 
 115         /*
 116          * store the clients bind_info
 117          */
 118         if (r->in.bind_info) {
 119                 switch (r->in.bind_info->length) {
 120                 case 24: {
 121                         struct drsuapi_DsBindInfo24 *info24;
 122                         info24 = &r->in.bind_info->info.info24;
 123                         b_state->remote_info28.supported_extensions     = info24->supported_extensions;
 124                         b_state->remote_info28.site_guid                = info24->site_guid;
 125                         b_state->remote_info28.pid                      = info24->pid;
 126                         b_state->remote_info28.repl_epoch               = 0;
 127                         break;
 128                 }
 129                 case 28:
 130                         b_state->remote_info28 = r->in.bind_info->info.info28;
 131                         break;
 132                 }
 133         }
 134 
 135         /*
 136          * fill in our local bind info 28
 137          */
 138         b_state->local_info28.supported_extensions      = 0;
 139         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
 140         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
 141         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
 142         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
 143 #if 0 /* we don't support MSZIP compression (only decompression) */
 144         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
 145 #endif
 146         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
 147         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
 148         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
 149         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
 150         if (0 /*domain.behavior_version == 2*/) {
 151                 /* TODO: find out how this is really triggered! */
 152                 b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
 153         }
 154         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
 155         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
 156         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
 157         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
 158         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
 159         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
 160         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
 161         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
 162         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
 163         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_00100000;
 164         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
 165         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
 166         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
 167         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
 168         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
 169         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
 170         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
 171         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
 172         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
 173 #if 0 /* we don't support XPRESS compression yet */
 174         b_state->local_info28.supported_extensions      |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
 175 #endif
 176         b_state->local_info28.site_guid                 = site_guid;
 177         b_state->local_info28.pid                       = pid;
 178         b_state->local_info28.repl_epoch                = repl_epoch;
 179 
 180         /*
 181          * allocate the return bind_info
 182          */
 183         bind_info = talloc(mem_ctx, struct drsuapi_DsBindInfoCtr);
 184         W_ERROR_HAVE_NO_MEMORY(bind_info);
 185 
 186         bind_info->length       = 28;
 187         bind_info->info.info28  = b_state->local_info28;
 188 
 189         /*
 190          * allocate a bind handle
 191          */
 192         handle = dcesrv_handle_new(dce_call->context, DRSUAPI_BIND_HANDLE);
 193         W_ERROR_HAVE_NO_MEMORY(handle);
 194         handle->data = talloc_steal(handle, b_state);
 195 
 196         /*
 197          * prepare reply
 198          */
 199         r->out.bind_info = bind_info;
 200         *r->out.bind_handle = handle->wire_handle;
 201 
 202         return WERR_OK;
 203 }
 204 
 205 
 206 /* 
 207   drsuapi_DsUnbind 
 208 */
 209 static WERROR dcesrv_drsuapi_DsUnbind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 210                                struct drsuapi_DsUnbind *r)
 211 {
 212         struct dcesrv_handle *h;
 213 
 214         *r->out.bind_handle = *r->in.bind_handle;
 215 
 216         DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
 217 
 218         talloc_free(h);
 219 
 220         ZERO_STRUCTP(r->out.bind_handle);
 221 
 222         return WERR_OK;
 223 }
 224 
 225 
 226 /* 
 227   drsuapi_DsReplicaSync 
 228 */
 229 static WERROR dcesrv_drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 230                        struct drsuapi_DsReplicaSync *r)
 231 {
 232         /* TODO: implement this call correct!
 233          *       for now we just say yes,
 234          *       because we have no output parameter
 235          */
 236         return WERR_OK;
 237 }
 238 
 239 
 240 /* 
 241   drsuapi_DsGetNCChanges
 242 */
 243 static WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 244                        struct drsuapi_DsGetNCChanges *r)
 245 {
 246         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 247 }
 248 
 249 
 250 /* 
 251   drsuapi_DsReplicaUpdateRefs
 252 */
 253 static WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 254                        struct drsuapi_DsReplicaUpdateRefs *r)
 255 {
 256         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 257 }
 258 
 259 
 260 /* 
 261   DRSUAPI_REPLICA_ADD 
 262 */
 263 static WERROR dcesrv_DRSUAPI_REPLICA_ADD(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 264                        struct DRSUAPI_REPLICA_ADD *r)
 265 {
 266         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 267 }
 268 
 269 
 270 /* 
 271   DRSUAPI_REPLICA_DEL 
 272 */
 273 static WERROR dcesrv_DRSUAPI_REPLICA_DEL(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 274                        struct DRSUAPI_REPLICA_DEL *r)
 275 {
 276         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 277 }
 278 
 279 
 280 /* 
 281   DRSUAPI_REPLICA_MODIFY 
 282 */
 283 static WERROR dcesrv_DRSUAPI_REPLICA_MODIFY(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 284                        struct DRSUAPI_REPLICA_MODIFY *r)
 285 {
 286         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 287 }
 288 
 289 
 290 /* 
 291   DRSUAPI_VERIFY_NAMES 
 292 */
 293 static WERROR dcesrv_DRSUAPI_VERIFY_NAMES(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 294                        struct DRSUAPI_VERIFY_NAMES *r)
 295 {
 296         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 297 }
 298 
 299 
 300 /* 
 301   drsuapi_DsGetMemberships 
 302 */
 303 static WERROR dcesrv_drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 304                        struct drsuapi_DsGetMemberships *r)
 305 {
 306         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 307 }
 308 
 309 
 310 /* 
 311   DRSUAPI_INTER_DOMAIN_MOVE 
 312 */
 313 static WERROR dcesrv_DRSUAPI_INTER_DOMAIN_MOVE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 314                        struct DRSUAPI_INTER_DOMAIN_MOVE *r)
 315 {
 316         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 317 }
 318 
 319 
 320 /* 
 321   drsuapi_DsGetNT4ChangeLog 
 322 */
 323 static WERROR dcesrv_drsuapi_DsGetNT4ChangeLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 324                        struct drsuapi_DsGetNT4ChangeLog *r)
 325 {
 326         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 327 }
 328 
 329 
 330 /* 
 331   drsuapi_DsCrackNames 
 332 */
 333 static WERROR dcesrv_drsuapi_DsCrackNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 334                             struct drsuapi_DsCrackNames *r)
 335 {
 336         WERROR status;
 337         struct drsuapi_bind_state *b_state;
 338         struct dcesrv_handle *h;
 339 
 340         *r->out.level_out = r->in.level;
 341 
 342         DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
 343         b_state = h->data;
 344 
 345         r->out.ctr = talloc_zero(mem_ctx, union drsuapi_DsNameCtr);
 346         W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
 347 
 348         switch (r->in.level) {
 349                 case 1: {
 350                         struct drsuapi_DsNameCtr1 *ctr1;
 351                         struct drsuapi_DsNameInfo1 *names;
 352                         int count;
 353                         int i;
 354 
 355                         ctr1 = talloc(mem_ctx, struct drsuapi_DsNameCtr1);
 356                         W_ERROR_HAVE_NO_MEMORY(ctr1);
 357 
 358                         count = r->in.req->req1.count;
 359                         names = talloc_array(mem_ctx, struct drsuapi_DsNameInfo1, count);
 360                         W_ERROR_HAVE_NO_MEMORY(names);
 361 
 362                         for (i=0; i < count; i++) {
 363                                 status = DsCrackNameOneName(b_state->sam_ctx, mem_ctx,
 364                                                             r->in.req->req1.format_flags,
 365                                                             r->in.req->req1.format_offered,
 366                                                             r->in.req->req1.format_desired,
 367                                                             r->in.req->req1.names[i].str,
 368                                                             &names[i]);
 369                                 if (!W_ERROR_IS_OK(status)) {
 370                                         return status;
 371                                 }
 372                         }
 373 
 374                         ctr1->count = count;
 375                         ctr1->array = names;
 376                         r->out.ctr->ctr1 = ctr1;
 377 
 378                         return WERR_OK;
 379                 }
 380         }
 381         
 382         return WERR_UNKNOWN_LEVEL;
 383 }
 384 
 385 /* 
 386   drsuapi_DsWriteAccountSpn 
 387 */
 388 static WERROR dcesrv_drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 389                        struct drsuapi_DsWriteAccountSpn *r)
 390 {
 391         struct drsuapi_bind_state *b_state;
 392         struct dcesrv_handle *h;
 393 
 394         *r->out.level_out = r->in.level;
 395 
 396         DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
 397         b_state = h->data;
 398 
 399         r->out.res = talloc(mem_ctx, union drsuapi_DsWriteAccountSpnResult);
 400         W_ERROR_HAVE_NO_MEMORY(r->out.res);
 401 
 402         switch (r->in.level) {
 403                 case 1: {
 404                         struct drsuapi_DsWriteAccountSpnRequest1 *req;
 405                         struct ldb_message *msg;
 406                         int count, i, ret;
 407                         req = &r->in.req->req1;
 408                         count = req->count;
 409 
 410                         msg = ldb_msg_new(mem_ctx);
 411                         if (msg == NULL) {
 412                                 return WERR_NOMEM;
 413                         }
 414 
 415                         msg->dn = ldb_dn_new(msg, b_state->sam_ctx, req->object_dn);
 416                         if ( ! ldb_dn_validate(msg->dn)) {
 417                                 r->out.res->res1.status = WERR_OK;
 418                                 return WERR_OK;
 419                         }
 420                         
 421                         /* construct mods */
 422                         for (i = 0; i < count; i++) {
 423                                 samdb_msg_add_string(b_state->sam_ctx, 
 424                                                      msg, msg, "servicePrincipalName",
 425                                                      req->spn_names[i].str);
 426                         }
 427                         for (i=0;i<msg->num_elements;i++) {
 428                                 switch (req->operation) {
 429                                 case DRSUAPI_DS_SPN_OPERATION_ADD:
 430                                         msg->elements[i].flags = LDB_FLAG_MOD_ADD;
 431                                         break;
 432                                 case DRSUAPI_DS_SPN_OPERATION_REPLACE:
 433                                         msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
 434                                         break;
 435                                 case DRSUAPI_DS_SPN_OPERATION_DELETE:
 436                                         msg->elements[i].flags = LDB_FLAG_MOD_DELETE;
 437                                         break;
 438                                 }
 439                         }
 440    
 441                         /* Apply to database */
 442 
 443                         ret = ldb_modify(b_state->sam_ctx, msg);
 444                         if (ret != 0) {
 445                                 DEBUG(0,("Failed to modify SPNs on %s: %s\n",
 446                                          ldb_dn_get_linearized(msg->dn), 
 447                                          ldb_errstring(b_state->sam_ctx)));
 448                                 r->out.res->res1.status = WERR_ACCESS_DENIED;
 449                         } else {
 450                                 r->out.res->res1.status = WERR_OK;
 451                         }
 452 
 453                         return WERR_OK;
 454                 }
 455         }
 456         
 457         return WERR_UNKNOWN_LEVEL;
 458 }
 459 
 460 
 461 /* 
 462   drsuapi_DsRemoveDSServer
 463 */
 464 static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 465                                        struct drsuapi_DsRemoveDSServer *r)
 466 {
 467         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 468 }
 469 
 470 
 471 /* 
 472   DRSUAPI_REMOVE_DS_DOMAIN 
 473 */
 474 static WERROR dcesrv_DRSUAPI_REMOVE_DS_DOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 475                        struct DRSUAPI_REMOVE_DS_DOMAIN *r)
 476 {
 477         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 478 }
 479 
 480 /* Obtain the site name from a server DN */
 481 static const char *result_site_name(struct ldb_dn *site_dn)
     /* [<][>][^][v][top][bottom][index][help] */
 482 {
 483         /* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
 484         const struct ldb_val *val = ldb_dn_get_component_val(site_dn, 2);
 485         const char *name = ldb_dn_get_component_name(site_dn, 2);
 486 
 487         if (!name || (ldb_attr_cmp(name, "cn") != 0)) {
 488                 /* Ensure this matches the format.  This gives us a
 489                  * bit more confidence that a 'cn' value will be a
 490                  * ascii string */
 491                 return NULL;
 492         }
 493         if (val) {
 494                 return (char *)val->data;
 495         }
 496         return NULL;
 497 }
 498 
 499 /* 
 500   drsuapi_DsGetDomainControllerInfo 
 501 */
 502 static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_state *b_state, 
     /* [<][>][^][v][top][bottom][index][help] */
 503                                                 TALLOC_CTX *mem_ctx,
 504                                                 struct drsuapi_DsGetDomainControllerInfo *r)
 505 {
 506         struct ldb_dn *sites_dn;
 507         struct ldb_result *res;
 508 
 509         const char *attrs_account_1[] = { "cn", "dnsHostName", NULL };
 510         const char *attrs_account_2[] = { "cn", "dnsHostName", "objectGUID", NULL };
 511 
 512         const char *attrs_none[] = { NULL };
 513 
 514         const char *attrs_site[] = { "objectGUID", NULL };
 515 
 516         const char *attrs_ntds[] = { "options", "objectGUID", NULL };
 517 
 518         const char *attrs_1[] = { "serverReference", "cn", "dnsHostName", NULL };
 519         const char *attrs_2[] = { "serverReference", "cn", "dnsHostName", "objectGUID", NULL };
 520         const char **attrs;
 521 
 522         struct drsuapi_DsGetDCInfoCtr1 *ctr1;
 523         struct drsuapi_DsGetDCInfoCtr2 *ctr2;
 524 
 525         int ret, i;
 526 
 527         *r->out.level_out = r->in.req->req1.level;
 528         r->out.ctr = talloc(mem_ctx, union drsuapi_DsGetDCInfoCtr);
 529         W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
 530 
 531         sites_dn = samdb_sites_dn(b_state->sam_ctx, mem_ctx);
 532         if (!sites_dn) {
 533                 return WERR_DS_OBJ_NOT_FOUND;
 534         }
 535 
 536         switch (*r->out.level_out) {
 537         case -1:
 538                 /* this level is not like the others */
 539                 return WERR_UNKNOWN_LEVEL;
 540         case 1:
 541                 attrs = attrs_1;
 542                 break;
 543         case 2:
 544                 attrs = attrs_2;
 545                 break;
 546         default:
 547                 return WERR_UNKNOWN_LEVEL;
 548         }
 549 
 550         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res, sites_dn, LDB_SCOPE_SUBTREE, attrs,
 551                                  "objectClass=server");
 552         
 553         if (ret) {
 554                 DEBUG(1, ("searching for servers in sites DN %s failed: %s\n", 
 555                           ldb_dn_get_linearized(sites_dn), ldb_errstring(b_state->sam_ctx)));
 556                 return WERR_GENERAL_FAILURE;
 557         }
 558 
 559         switch (*r->out.level_out) {
 560         case 1:
 561                 ctr1 = &r->out.ctr->ctr1;
 562                 ctr1->count = res->count;
 563                 ctr1->array = talloc_zero_array(mem_ctx, 
 564                                                 struct drsuapi_DsGetDCInfo1, 
 565                                                 res->count);
 566                 for (i=0; i < res->count; i++) {
 567                         struct ldb_dn *domain_dn;
 568                         struct ldb_result *res_domain;
 569                         struct ldb_result *res_account;
 570                         struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
 571                         
 572                         struct ldb_dn *ref_dn
 573                                 = ldb_msg_find_attr_as_dn(b_state->sam_ctx, 
 574                                                           mem_ctx, res->msgs[i], 
 575                                                           "serverReference");
 576 
 577                         if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
 578                                 return WERR_NOMEM;
 579                         }
 580 
 581                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
 582                                                  LDB_SCOPE_BASE, attrs_account_1, "objectClass=computer");
 583                         if (ret == LDB_SUCCESS && res_account->count == 1) {
 584                                 const char *errstr;
 585                                 ctr1->array[i].dns_name
 586                                         = ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
 587                                 ctr1->array[i].netbios_name
 588                                         = ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
 589                                 ctr1->array[i].computer_dn
 590                                         = ldb_dn_get_linearized(res_account->msgs[0]->dn);
 591 
 592                                 /* Determine if this is the PDC */
 593                                 ret = samdb_search_for_parent_domain(b_state->sam_ctx, 
 594                                                                      mem_ctx, res_account->msgs[0]->dn,
 595                                                                      &domain_dn, &errstr);
 596                                 
 597                                 if (ret == LDB_SUCCESS) {
 598                                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
 599                                                                  LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
 600                                                                  ldb_dn_get_linearized(ntds_dn));
 601                                         if (ret) {
 602                                                 return WERR_GENERAL_FAILURE;
 603                                         }
 604                                         if (res_domain->count == 1) {
 605                                                 ctr1->array[i].is_pdc = true;
 606                                         }
 607                                 }
 608                         }
 609                         if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
 610                                 DEBUG(5, ("warning: searching for computer DN %s failed: %s\n", 
 611                                           ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
 612                         }
 613 
 614                         /* Look at server DN and extract site component */
 615                         ctr1->array[i].site_name = result_site_name(res->msgs[i]->dn);
 616                         ctr1->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
 617 
 618 
 619                         ctr1->array[i].is_enabled = true;
 620 
 621                 }
 622                 break;
 623         case 2:
 624                 ctr2 = &r->out.ctr->ctr2;
 625                 ctr2->count = res->count;
 626                 ctr2->array = talloc_zero_array(mem_ctx, 
 627                                                  struct drsuapi_DsGetDCInfo2, 
 628                                                  res->count);
 629                 for (i=0; i < res->count; i++) {
 630                         struct ldb_dn *domain_dn;
 631                         struct ldb_result *res_domain;
 632                         struct ldb_result *res_account;
 633                         struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
 634                         struct ldb_result *res_ntds;
 635                         struct ldb_dn *site_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
 636                         struct ldb_result *res_site;
 637                         struct ldb_dn *ref_dn
 638                                 = ldb_msg_find_attr_as_dn(b_state->sam_ctx, 
 639                                                           mem_ctx, res->msgs[i], 
 640                                                           "serverReference");
 641 
 642                         if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
 643                                 return WERR_NOMEM;
 644                         }
 645 
 646                         /* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
 647                         if (!site_dn || !ldb_dn_remove_child_components(site_dn, 2)) {
 648                                 return WERR_NOMEM;
 649                         }
 650 
 651                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_ntds, ntds_dn,
 652                                                  LDB_SCOPE_BASE, attrs_ntds, "objectClass=nTDSDSA");
 653                         if (ret == LDB_SUCCESS && res_ntds->count == 1) {
 654                                 ctr2->array[i].is_gc
 655                                         = (ldb_msg_find_attr_as_int(res_ntds->msgs[0], "options", 0) == 1);
 656                                 ctr2->array[i].ntds_guid 
 657                                         = samdb_result_guid(res_ntds->msgs[0], "objectGUID");
 658                                 ctr2->array[i].ntds_dn = ldb_dn_get_linearized(res_ntds->msgs[0]->dn);
 659                         }
 660                         if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
 661                                 DEBUG(5, ("warning: searching for NTDS DN %s failed: %s\n", 
 662                                           ldb_dn_get_linearized(ntds_dn), ldb_errstring(b_state->sam_ctx)));
 663                         }
 664 
 665                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_site, site_dn,
 666                                                  LDB_SCOPE_BASE, attrs_site, "objectClass=site");
 667                         if (ret == LDB_SUCCESS && res_site->count == 1) {
 668                                 ctr2->array[i].site_guid 
 669                                         = samdb_result_guid(res_site->msgs[0], "objectGUID");
 670                                 ctr2->array[i].site_dn = ldb_dn_get_linearized(res_site->msgs[0]->dn);
 671                         }
 672                         if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
 673                                 DEBUG(5, ("warning: searching for site DN %s failed: %s\n", 
 674                                           ldb_dn_get_linearized(site_dn), ldb_errstring(b_state->sam_ctx)));
 675                         }
 676 
 677                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
 678                                                  LDB_SCOPE_BASE, attrs_account_2, "objectClass=computer");
 679                         if (ret == LDB_SUCCESS && res_account->count == 1) {
 680                                 const char *errstr;
 681                                 ctr2->array[i].dns_name
 682                                         = ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
 683                                 ctr2->array[i].netbios_name
 684                                         = ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
 685                                 ctr2->array[i].computer_dn = ldb_dn_get_linearized(res_account->msgs[0]->dn);
 686                                 ctr2->array[i].computer_guid 
 687                                         = samdb_result_guid(res_account->msgs[0], "objectGUID");
 688 
 689                                 /* Determine if this is the PDC */
 690                                 ret = samdb_search_for_parent_domain(b_state->sam_ctx, 
 691                                                                      mem_ctx, res_account->msgs[0]->dn,
 692                                                                      &domain_dn, &errstr);
 693                                 
 694                                 if (ret == LDB_SUCCESS) {
 695                                         ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
 696                                                                  LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
 697                                                                  ldb_dn_get_linearized(ntds_dn));
 698                                         if (ret == LDB_SUCCESS && res_domain->count == 1) {
 699                                                 ctr2->array[i].is_pdc = true;
 700                                         }
 701                                         if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
 702                                                 DEBUG(5, ("warning: searching for domain DN %s failed: %s\n", 
 703                                                           ldb_dn_get_linearized(domain_dn), ldb_errstring(b_state->sam_ctx)));
 704                                         }
 705                                 }
 706                         }
 707                         if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
 708                                 DEBUG(5, ("warning: searching for computer account DN %s failed: %s\n", 
 709                                           ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
 710                         }
 711 
 712                         /* Look at server DN and extract site component */
 713                         ctr2->array[i].site_name = result_site_name(res->msgs[i]->dn);
 714                         ctr2->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
 715                         ctr2->array[i].server_guid 
 716                                 = samdb_result_guid(res->msgs[i], "objectGUID");
 717 
 718                         ctr2->array[i].is_enabled = true;
 719 
 720                 }
 721                 break;
 722         }
 723         return WERR_OK;
 724 }
 725 
 726 /* 
 727   drsuapi_DsGetDomainControllerInfo 
 728 */
 729 static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 730                                                 struct drsuapi_DsGetDomainControllerInfo *r)
 731 {
 732         struct dcesrv_handle *h;
 733         struct drsuapi_bind_state *b_state;     
 734         DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
 735         b_state = h->data;
 736 
 737         switch (r->in.level) {
 738         case 1:
 739                 return dcesrv_drsuapi_DsGetDomainControllerInfo_1(b_state, mem_ctx, r);
 740         }
 741 
 742         return WERR_UNKNOWN_LEVEL;
 743 }
 744 
 745 
 746 /* 
 747   drsuapi_DsAddEntry
 748 */
 749 static WERROR dcesrv_drsuapi_DsAddEntry(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 750                        struct drsuapi_DsAddEntry *r)
 751 {
 752         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 753 }
 754 
 755 
 756 /* 
 757   DRSUAPI_EXECUTE_KCC 
 758 */
 759 static WERROR dcesrv_DRSUAPI_EXECUTE_KCC(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 760                        struct DRSUAPI_EXECUTE_KCC *r)
 761 {
 762         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 763 }
 764 
 765 
 766 /* 
 767   drsuapi_DsReplicaGetInfo 
 768 */
 769 static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 770                        struct drsuapi_DsReplicaGetInfo *r)
 771 {
 772         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 773 }
 774 
 775 
 776 /* 
 777   DRSUAPI_ADD_SID_HISTORY 
 778 */
 779 static WERROR dcesrv_DRSUAPI_ADD_SID_HISTORY(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 780                        struct DRSUAPI_ADD_SID_HISTORY *r)
 781 {
 782         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 783 }
 784 
 785 /* 
 786   drsuapi_DsGetMemberships2 
 787 */
 788 static WERROR dcesrv_drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 789                        struct drsuapi_DsGetMemberships2 *r)
 790 {
 791         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 792 }
 793 
 794 /* 
 795   DRSUAPI_REPLICA_VERIFY_OBJECTS 
 796 */
 797 static WERROR dcesrv_DRSUAPI_REPLICA_VERIFY_OBJECTS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 798                        struct DRSUAPI_REPLICA_VERIFY_OBJECTS *r)
 799 {
 800         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 801 }
 802 
 803 
 804 /* 
 805   DRSUAPI_GET_OBJECT_EXISTENCE 
 806 */
 807 static WERROR dcesrv_DRSUAPI_GET_OBJECT_EXISTENCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 808                        struct DRSUAPI_GET_OBJECT_EXISTENCE *r)
 809 {
 810         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 811 }
 812 
 813 
 814 /* 
 815   drsuapi_QuerySitesByCost 
 816 */
 817 static WERROR dcesrv_drsuapi_QuerySitesByCost(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 818                        struct drsuapi_QuerySitesByCost *r)
 819 {
 820         DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
 821 }
 822 
 823 
 824 /* include the generated boilerplate */
 825 #include "librpc/gen_ndr/ndr_drsuapi_s.c"

/* [<][>][^][v][top][bottom][index][help] */