2
Unix SMB/CIFS implementation.
4
endpoint server for the drsuapi pipe
6
Copyright (C) Stefan Metzmacher 2004
7
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2006
9
This program is free software; you can redistribute it and/or modify
10
it under the terms of the GNU General Public License as published by
11
the Free Software Foundation; either version 3 of the License, or
12
(at your option) any later version.
14
This program is distributed in the hope that it will be useful,
15
but WITHOUT ANY WARRANTY; without even the implied warranty of
16
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
GNU General Public License for more details.
19
You should have received a copy of the GNU General Public License
20
along with this program. If not, see <http://www.gnu.org/licenses/>.
24
#include "librpc/gen_ndr/ndr_drsuapi.h"
25
#include "rpc_server/dcerpc_server.h"
26
#include "rpc_server/common/common.h"
27
#include "rpc_server/drsuapi/dcesrv_drsuapi.h"
28
#include "dsdb/samdb/samdb.h"
29
#include "lib/ldb/include/ldb_errors.h"
30
#include "param/param.h"
35
static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
36
struct drsuapi_DsBind *r)
38
struct drsuapi_bind_state *b_state;
39
struct dcesrv_handle *handle;
40
struct drsuapi_DsBindInfoCtr *bind_info;
41
struct GUID site_guid;
42
struct ldb_result *site_res;
43
struct ldb_dn *server_site_dn;
44
static const char *site_attrs[] = { "objectGUID", NULL };
45
struct ldb_result *ntds_res;
46
struct ldb_dn *ntds_dn;
47
static const char *ntds_attrs[] = { "ms-DS-ReplicationEpoch", NULL };
52
r->out.bind_info = NULL;
53
ZERO_STRUCTP(r->out.bind_handle);
55
b_state = talloc_zero(mem_ctx, struct drsuapi_bind_state);
56
W_ERROR_HAVE_NO_MEMORY(b_state);
59
* connect to the samdb
61
b_state->sam_ctx = samdb_connect(b_state, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
62
if (!b_state->sam_ctx) {
67
* find out the guid of our own site
69
server_site_dn = samdb_server_site_dn(b_state->sam_ctx, mem_ctx);
70
W_ERROR_HAVE_NO_MEMORY(server_site_dn);
72
ret = ldb_search(b_state->sam_ctx, mem_ctx, &site_res,
73
server_site_dn, LDB_SCOPE_BASE, site_attrs,
75
if (ret != LDB_SUCCESS) {
76
return WERR_DS_DRA_INTERNAL_ERROR;
78
if (site_res->count != 1) {
79
return WERR_DS_DRA_INTERNAL_ERROR;
81
site_guid = samdb_result_guid(site_res->msgs[0], "objectGUID");
84
* lookup the local servers Replication Epoch
86
ntds_dn = samdb_ntds_settings_dn(b_state->sam_ctx);
87
W_ERROR_HAVE_NO_MEMORY(ntds_dn);
89
ret = ldb_search(b_state->sam_ctx, mem_ctx, &ntds_res,
90
ntds_dn, LDB_SCOPE_BASE, ntds_attrs,
92
if (ret != LDB_SUCCESS) {
93
return WERR_DS_DRA_INTERNAL_ERROR;
95
if (ntds_res->count != 1) {
96
return WERR_DS_DRA_INTERNAL_ERROR;
98
repl_epoch = samdb_result_uint(ntds_res->msgs[0], "ms-DS-ReplicationEpoch", 0);
101
* The "process identifier" of the client.
102
* According to the WSPP docs, sectin 5.35, this is
103
* for informational and debugging purposes only.
104
* The assignment is implementation specific.
109
* store the clients bind_guid
111
if (r->in.bind_guid) {
112
b_state->remote_bind_guid = *r->in.bind_guid;
116
* store the clients bind_info
118
if (r->in.bind_info) {
119
switch (r->in.bind_info->length) {
121
struct drsuapi_DsBindInfo24 *info24;
122
info24 = &r->in.bind_info->info.info24;
123
b_state->remote_info28.supported_extensions = info24->supported_extensions;
124
b_state->remote_info28.site_guid = info24->site_guid;
125
b_state->remote_info28.pid = info24->pid;
126
b_state->remote_info28.repl_epoch = 0;
130
b_state->remote_info28 = r->in.bind_info->info.info28;
136
* fill in our local bind info 28
138
b_state->local_info28.supported_extensions = 0;
139
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
140
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
141
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
142
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
143
#if 0 /* we don't support MSZIP compression (only decompression) */
144
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
146
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
147
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
148
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
149
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
150
if (0 /*domain.behavior_version == 2*/) {
151
/* TODO: find out how this is really triggered! */
152
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
154
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
155
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
156
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
157
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
158
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
159
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
160
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
161
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
162
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
163
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_00100000;
164
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
165
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
166
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
167
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
168
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
169
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
170
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
171
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
172
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
173
#if 0 /* we don't support XPRESS compression yet */
174
b_state->local_info28.supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
176
b_state->local_info28.site_guid = site_guid;
177
b_state->local_info28.pid = pid;
178
b_state->local_info28.repl_epoch = repl_epoch;
181
* allocate the return bind_info
183
bind_info = talloc(mem_ctx, struct drsuapi_DsBindInfoCtr);
184
W_ERROR_HAVE_NO_MEMORY(bind_info);
186
bind_info->length = 28;
187
bind_info->info.info28 = b_state->local_info28;
190
* allocate a bind handle
192
handle = dcesrv_handle_new(dce_call->context, DRSUAPI_BIND_HANDLE);
193
W_ERROR_HAVE_NO_MEMORY(handle);
194
handle->data = talloc_steal(handle, b_state);
199
r->out.bind_info = bind_info;
200
*r->out.bind_handle = handle->wire_handle;
209
static WERROR dcesrv_drsuapi_DsUnbind(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
210
struct drsuapi_DsUnbind *r)
212
struct dcesrv_handle *h;
214
*r->out.bind_handle = *r->in.bind_handle;
216
DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
220
ZERO_STRUCTP(r->out.bind_handle);
227
drsuapi_DsReplicaSync
229
static WERROR dcesrv_drsuapi_DsReplicaSync(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
230
struct drsuapi_DsReplicaSync *r)
232
/* TODO: implement this call correct!
233
* for now we just say yes,
234
* because we have no output parameter
241
drsuapi_DsGetNCChanges
243
static WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
244
struct drsuapi_DsGetNCChanges *r)
246
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
251
drsuapi_DsReplicaUpdateRefs
253
static WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
254
struct drsuapi_DsReplicaUpdateRefs *r)
256
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
263
static WERROR dcesrv_DRSUAPI_REPLICA_ADD(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
264
struct DRSUAPI_REPLICA_ADD *r)
266
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
273
static WERROR dcesrv_DRSUAPI_REPLICA_DEL(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
274
struct DRSUAPI_REPLICA_DEL *r)
276
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
281
DRSUAPI_REPLICA_MODIFY
283
static WERROR dcesrv_DRSUAPI_REPLICA_MODIFY(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
284
struct DRSUAPI_REPLICA_MODIFY *r)
286
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
293
static WERROR dcesrv_DRSUAPI_VERIFY_NAMES(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
294
struct DRSUAPI_VERIFY_NAMES *r)
296
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
301
drsuapi_DsGetMemberships
303
static WERROR dcesrv_drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
304
struct drsuapi_DsGetMemberships *r)
306
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
311
DRSUAPI_INTER_DOMAIN_MOVE
313
static WERROR dcesrv_DRSUAPI_INTER_DOMAIN_MOVE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
314
struct DRSUAPI_INTER_DOMAIN_MOVE *r)
316
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
321
drsuapi_DsGetNT4ChangeLog
323
static WERROR dcesrv_drsuapi_DsGetNT4ChangeLog(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
324
struct drsuapi_DsGetNT4ChangeLog *r)
326
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
333
static WERROR dcesrv_drsuapi_DsCrackNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
334
struct drsuapi_DsCrackNames *r)
337
struct drsuapi_bind_state *b_state;
338
struct dcesrv_handle *h;
340
*r->out.level_out = r->in.level;
342
DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
345
r->out.ctr = talloc_zero(mem_ctx, union drsuapi_DsNameCtr);
346
W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
348
switch (r->in.level) {
350
struct drsuapi_DsNameCtr1 *ctr1;
351
struct drsuapi_DsNameInfo1 *names;
355
ctr1 = talloc(mem_ctx, struct drsuapi_DsNameCtr1);
356
W_ERROR_HAVE_NO_MEMORY(ctr1);
358
count = r->in.req->req1.count;
359
names = talloc_array(mem_ctx, struct drsuapi_DsNameInfo1, count);
360
W_ERROR_HAVE_NO_MEMORY(names);
362
for (i=0; i < count; i++) {
363
status = DsCrackNameOneName(b_state->sam_ctx, mem_ctx,
364
r->in.req->req1.format_flags,
365
r->in.req->req1.format_offered,
366
r->in.req->req1.format_desired,
367
r->in.req->req1.names[i].str,
369
if (!W_ERROR_IS_OK(status)) {
376
r->out.ctr->ctr1 = ctr1;
382
return WERR_UNKNOWN_LEVEL;
386
drsuapi_DsWriteAccountSpn
388
static WERROR dcesrv_drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
389
struct drsuapi_DsWriteAccountSpn *r)
391
struct drsuapi_bind_state *b_state;
392
struct dcesrv_handle *h;
394
*r->out.level_out = r->in.level;
396
DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
399
r->out.res = talloc(mem_ctx, union drsuapi_DsWriteAccountSpnResult);
400
W_ERROR_HAVE_NO_MEMORY(r->out.res);
402
switch (r->in.level) {
404
struct drsuapi_DsWriteAccountSpnRequest1 *req;
405
struct ldb_message *msg;
407
req = &r->in.req->req1;
410
msg = ldb_msg_new(mem_ctx);
415
msg->dn = ldb_dn_new(msg, b_state->sam_ctx, req->object_dn);
416
if ( ! ldb_dn_validate(msg->dn)) {
417
r->out.res->res1.status = WERR_OK;
422
for (i = 0; i < count; i++) {
423
samdb_msg_add_string(b_state->sam_ctx,
424
msg, msg, "servicePrincipalName",
425
req->spn_names[i].str);
427
for (i=0;i<msg->num_elements;i++) {
428
switch (req->operation) {
429
case DRSUAPI_DS_SPN_OPERATION_ADD:
430
msg->elements[i].flags = LDB_FLAG_MOD_ADD;
432
case DRSUAPI_DS_SPN_OPERATION_REPLACE:
433
msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
435
case DRSUAPI_DS_SPN_OPERATION_DELETE:
436
msg->elements[i].flags = LDB_FLAG_MOD_DELETE;
441
/* Apply to database */
443
ret = ldb_modify(b_state->sam_ctx, msg);
445
DEBUG(0,("Failed to modify SPNs on %s: %s\n",
446
ldb_dn_get_linearized(msg->dn),
447
ldb_errstring(b_state->sam_ctx)));
448
r->out.res->res1.status = WERR_ACCESS_DENIED;
450
r->out.res->res1.status = WERR_OK;
457
return WERR_UNKNOWN_LEVEL;
462
drsuapi_DsRemoveDSServer
464
static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
465
struct drsuapi_DsRemoveDSServer *r)
467
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
472
DRSUAPI_REMOVE_DS_DOMAIN
474
static WERROR dcesrv_DRSUAPI_REMOVE_DS_DOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
475
struct DRSUAPI_REMOVE_DS_DOMAIN *r)
477
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
480
/* Obtain the site name from a server DN */
481
static const char *result_site_name(struct ldb_dn *site_dn)
483
/* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
484
const struct ldb_val *val = ldb_dn_get_component_val(site_dn, 2);
485
const char *name = ldb_dn_get_component_name(site_dn, 2);
487
if (!name || (ldb_attr_cmp(name, "cn") != 0)) {
488
/* Ensure this matches the format. This gives us a
489
* bit more confidence that a 'cn' value will be a
494
return (char *)val->data;
500
drsuapi_DsGetDomainControllerInfo
502
static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo_1(struct drsuapi_bind_state *b_state,
504
struct drsuapi_DsGetDomainControllerInfo *r)
506
struct ldb_dn *sites_dn;
507
struct ldb_result *res;
509
const char *attrs_account_1[] = { "cn", "dnsHostName", NULL };
510
const char *attrs_account_2[] = { "cn", "dnsHostName", "objectGUID", NULL };
512
const char *attrs_none[] = { NULL };
514
const char *attrs_site[] = { "objectGUID", NULL };
516
const char *attrs_ntds[] = { "options", "objectGUID", NULL };
518
const char *attrs_1[] = { "serverReference", "cn", "dnsHostName", NULL };
519
const char *attrs_2[] = { "serverReference", "cn", "dnsHostName", "objectGUID", NULL };
522
struct drsuapi_DsGetDCInfoCtr1 *ctr1;
523
struct drsuapi_DsGetDCInfoCtr2 *ctr2;
527
*r->out.level_out = r->in.req->req1.level;
528
r->out.ctr = talloc(mem_ctx, union drsuapi_DsGetDCInfoCtr);
529
W_ERROR_HAVE_NO_MEMORY(r->out.ctr);
531
sites_dn = samdb_sites_dn(b_state->sam_ctx, mem_ctx);
533
return WERR_DS_OBJ_NOT_FOUND;
536
switch (*r->out.level_out) {
538
/* this level is not like the others */
539
return WERR_UNKNOWN_LEVEL;
547
return WERR_UNKNOWN_LEVEL;
550
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res, sites_dn, LDB_SCOPE_SUBTREE, attrs,
551
"objectClass=server");
554
DEBUG(1, ("searching for servers in sites DN %s failed: %s\n",
555
ldb_dn_get_linearized(sites_dn), ldb_errstring(b_state->sam_ctx)));
556
return WERR_GENERAL_FAILURE;
559
switch (*r->out.level_out) {
561
ctr1 = &r->out.ctr->ctr1;
562
ctr1->count = res->count;
563
ctr1->array = talloc_zero_array(mem_ctx,
564
struct drsuapi_DsGetDCInfo1,
566
for (i=0; i < res->count; i++) {
567
struct ldb_dn *domain_dn;
568
struct ldb_result *res_domain;
569
struct ldb_result *res_account;
570
struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
572
struct ldb_dn *ref_dn
573
= ldb_msg_find_attr_as_dn(b_state->sam_ctx,
574
mem_ctx, res->msgs[i],
577
if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
581
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
582
LDB_SCOPE_BASE, attrs_account_1, "objectClass=computer");
583
if (ret == LDB_SUCCESS && res_account->count == 1) {
585
ctr1->array[i].dns_name
586
= ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
587
ctr1->array[i].netbios_name
588
= ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
589
ctr1->array[i].computer_dn
590
= ldb_dn_get_linearized(res_account->msgs[0]->dn);
592
/* Determine if this is the PDC */
593
ret = samdb_search_for_parent_domain(b_state->sam_ctx,
594
mem_ctx, res_account->msgs[0]->dn,
595
&domain_dn, &errstr);
597
if (ret == LDB_SUCCESS) {
598
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
599
LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
600
ldb_dn_get_linearized(ntds_dn));
602
return WERR_GENERAL_FAILURE;
604
if (res_domain->count == 1) {
605
ctr1->array[i].is_pdc = true;
609
if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
610
DEBUG(5, ("warning: searching for computer DN %s failed: %s\n",
611
ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
614
/* Look at server DN and extract site component */
615
ctr1->array[i].site_name = result_site_name(res->msgs[i]->dn);
616
ctr1->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
619
ctr1->array[i].is_enabled = true;
624
ctr2 = &r->out.ctr->ctr2;
625
ctr2->count = res->count;
626
ctr2->array = talloc_zero_array(mem_ctx,
627
struct drsuapi_DsGetDCInfo2,
629
for (i=0; i < res->count; i++) {
630
struct ldb_dn *domain_dn;
631
struct ldb_result *res_domain;
632
struct ldb_result *res_account;
633
struct ldb_dn *ntds_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
634
struct ldb_result *res_ntds;
635
struct ldb_dn *site_dn = ldb_dn_copy(mem_ctx, res->msgs[i]->dn);
636
struct ldb_result *res_site;
637
struct ldb_dn *ref_dn
638
= ldb_msg_find_attr_as_dn(b_state->sam_ctx,
639
mem_ctx, res->msgs[i],
642
if (!ntds_dn || !ldb_dn_add_child_fmt(ntds_dn, "CN=NTDS Settings")) {
646
/* Format is cn=<NETBIOS name>,cn=Servers,cn=<site>,cn=sites.... */
647
if (!site_dn || !ldb_dn_remove_child_components(site_dn, 2)) {
651
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_ntds, ntds_dn,
652
LDB_SCOPE_BASE, attrs_ntds, "objectClass=nTDSDSA");
653
if (ret == LDB_SUCCESS && res_ntds->count == 1) {
655
= (ldb_msg_find_attr_as_int(res_ntds->msgs[0], "options", 0) == 1);
656
ctr2->array[i].ntds_guid
657
= samdb_result_guid(res_ntds->msgs[0], "objectGUID");
658
ctr2->array[i].ntds_dn = ldb_dn_get_linearized(res_ntds->msgs[0]->dn);
660
if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
661
DEBUG(5, ("warning: searching for NTDS DN %s failed: %s\n",
662
ldb_dn_get_linearized(ntds_dn), ldb_errstring(b_state->sam_ctx)));
665
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_site, site_dn,
666
LDB_SCOPE_BASE, attrs_site, "objectClass=site");
667
if (ret == LDB_SUCCESS && res_site->count == 1) {
668
ctr2->array[i].site_guid
669
= samdb_result_guid(res_site->msgs[0], "objectGUID");
670
ctr2->array[i].site_dn = ldb_dn_get_linearized(res_site->msgs[0]->dn);
672
if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
673
DEBUG(5, ("warning: searching for site DN %s failed: %s\n",
674
ldb_dn_get_linearized(site_dn), ldb_errstring(b_state->sam_ctx)));
677
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_account, ref_dn,
678
LDB_SCOPE_BASE, attrs_account_2, "objectClass=computer");
679
if (ret == LDB_SUCCESS && res_account->count == 1) {
681
ctr2->array[i].dns_name
682
= ldb_msg_find_attr_as_string(res_account->msgs[0], "dNSHostName", NULL);
683
ctr2->array[i].netbios_name
684
= ldb_msg_find_attr_as_string(res_account->msgs[0], "cn", NULL);
685
ctr2->array[i].computer_dn = ldb_dn_get_linearized(res_account->msgs[0]->dn);
686
ctr2->array[i].computer_guid
687
= samdb_result_guid(res_account->msgs[0], "objectGUID");
689
/* Determine if this is the PDC */
690
ret = samdb_search_for_parent_domain(b_state->sam_ctx,
691
mem_ctx, res_account->msgs[0]->dn,
692
&domain_dn, &errstr);
694
if (ret == LDB_SUCCESS) {
695
ret = ldb_search(b_state->sam_ctx, mem_ctx, &res_domain, domain_dn,
696
LDB_SCOPE_BASE, attrs_none, "fSMORoleOwner=%s",
697
ldb_dn_get_linearized(ntds_dn));
698
if (ret == LDB_SUCCESS && res_domain->count == 1) {
699
ctr2->array[i].is_pdc = true;
701
if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
702
DEBUG(5, ("warning: searching for domain DN %s failed: %s\n",
703
ldb_dn_get_linearized(domain_dn), ldb_errstring(b_state->sam_ctx)));
707
if ((ret != LDB_SUCCESS) && (ret != LDB_ERR_NO_SUCH_OBJECT)) {
708
DEBUG(5, ("warning: searching for computer account DN %s failed: %s\n",
709
ldb_dn_get_linearized(ref_dn), ldb_errstring(b_state->sam_ctx)));
712
/* Look at server DN and extract site component */
713
ctr2->array[i].site_name = result_site_name(res->msgs[i]->dn);
714
ctr2->array[i].server_dn = ldb_dn_get_linearized(res->msgs[i]->dn);
715
ctr2->array[i].server_guid
716
= samdb_result_guid(res->msgs[i], "objectGUID");
718
ctr2->array[i].is_enabled = true;
727
drsuapi_DsGetDomainControllerInfo
729
static WERROR dcesrv_drsuapi_DsGetDomainControllerInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
730
struct drsuapi_DsGetDomainControllerInfo *r)
732
struct dcesrv_handle *h;
733
struct drsuapi_bind_state *b_state;
734
DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE);
737
switch (r->in.level) {
739
return dcesrv_drsuapi_DsGetDomainControllerInfo_1(b_state, mem_ctx, r);
742
return WERR_UNKNOWN_LEVEL;
749
static WERROR dcesrv_drsuapi_DsAddEntry(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
750
struct drsuapi_DsAddEntry *r)
752
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
759
static WERROR dcesrv_DRSUAPI_EXECUTE_KCC(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
760
struct DRSUAPI_EXECUTE_KCC *r)
762
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
767
drsuapi_DsReplicaGetInfo
769
static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
770
struct drsuapi_DsReplicaGetInfo *r)
772
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
777
DRSUAPI_ADD_SID_HISTORY
779
static WERROR dcesrv_DRSUAPI_ADD_SID_HISTORY(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
780
struct DRSUAPI_ADD_SID_HISTORY *r)
782
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
786
drsuapi_DsGetMemberships2
788
static WERROR dcesrv_drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
789
struct drsuapi_DsGetMemberships2 *r)
791
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
795
DRSUAPI_REPLICA_VERIFY_OBJECTS
797
static WERROR dcesrv_DRSUAPI_REPLICA_VERIFY_OBJECTS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
798
struct DRSUAPI_REPLICA_VERIFY_OBJECTS *r)
800
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
805
DRSUAPI_GET_OBJECT_EXISTENCE
807
static WERROR dcesrv_DRSUAPI_GET_OBJECT_EXISTENCE(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
808
struct DRSUAPI_GET_OBJECT_EXISTENCE *r)
810
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
815
drsuapi_QuerySitesByCost
817
static WERROR dcesrv_drsuapi_QuerySitesByCost(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
818
struct drsuapi_QuerySitesByCost *r)
820
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
824
/* include the generated boilerplate */
825
#include "librpc/gen_ndr/ndr_drsuapi_s.c"