Author: skel Date: 2005-08-17 17:01:41 +0000 (Wed, 17 Aug 2005) New Revision: 9367
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9367 Log: added functions to remove/list/clear/set alias members Modified: branches/SOC/SAMBA_3_0/source/include/libmsrpc.h branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c Changeset: Modified: branches/SOC/SAMBA_3_0/source/include/libmsrpc.h =================================================================== --- branches/SOC/SAMBA_3_0/source/include/libmsrpc.h 2005-08-17 15:23:52 UTC (rev 9366) +++ branches/SOC/SAMBA_3_0/source/include/libmsrpc.h 2005-08-17 17:01:41 UTC (rev 9367) @@ -1516,6 +1516,58 @@ int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op); +struct SamRemoveAliasMember { + struct { + /**Open handle to the alias*/ + POLICY_HND *alias_hnd; + + /**The SID of the member*/ + DOM_SID *sid; + } in; +}; + +int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_Ctx, struct SamRemoveAliasMember *op); + +struct SamGetAliasMembers { + struct { + /**Open handle to the alias*/ + POLICY_HND *alias_hnd; + } in; + + struct { + /**The number of members*/ + uint32 num_members; + + /**An array storing the SIDs of the users*/ + DOM_SID *sids; + } out; +}; + +int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op); + +/[EMAIL PROTECTED] SAM_Functions + * Removes all the members of an alias - warning: if this function fails is is possible that some but not all members were removed + */ +int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); + +struct SamSetAliasMembers { + struct { + /**Open handle to the group*/ + POLICY_HND *alias_hnd; + + /**Number of members in the group - if this is 0, all members of the group will be removed*/ + uint32 num_members; + + /**The SIDs of the accounts to add*/ + DOM_SID *sids; + } in; +}; + +/[EMAIL PROTECTED] SAM_Functions + * Removes all the users from an alias and adds a list of members to the alias*/ +int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op); + + void cac_GetAuthDataFn(const char * pServer, const char * pShare, char * pWorkgroup, Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c =================================================================== --- branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c 2005-08-17 15:23:52 UTC (rev 9366) +++ branches/SOC/SAMBA_3_0/source/libmsrpc/cac_samr.c 2005-08-17 17:01:41 UTC (rev 9367) @@ -1274,3 +1274,175 @@ return CAC_SUCCESS; } +int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op) { + SMBCSRV *srv = NULL; + + if(!hnd) + return CAC_FAILURE; + + if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if(!op || !op->in.alias_hnd || !op->in.sid || !mem_ctx) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer(hnd); + if(!srv) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + srv->cli.pipe_idx = PI_SAMR; + + hnd->status = cli_samr_del_aliasmem( &(srv->cli), mem_ctx, op->in.alias_hnd, op->in.sid); + + if(!NT_STATUS_IS_OK(hnd->status)) + return CAC_FAILURE; + + return CAC_SUCCESS; +} + +int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op) { + SMBCSRV *srv = NULL; + + uint32 num_mem_out; + DOM_SID *sids_out; + + if(!hnd) + return CAC_FAILURE; + + if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if(!op || !op->in.alias_hnd || !mem_ctx) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer(hnd); + if(!srv) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + srv->cli.pipe_idx = PI_SAMR; + + hnd->status = cli_samr_query_aliasmem( &(srv->cli), mem_ctx, op->in.alias_hnd, &num_mem_out, &sids_out); + + if(!NT_STATUS_IS_OK(hnd->status)) + return CAC_FAILURE; + + op->out.num_members = num_mem_out; + op->out.sids = sids_out; + + return CAC_SUCCESS; +} + +int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd) { + SMBCSRV *srv = NULL; + + int result = CAC_SUCCESS; + + uint32 i = 0; + + uint32 num_mem = 0; + DOM_SID *sid = NULL; + + NTSTATUS status; + + if(!hnd) + return CAC_FAILURE; + + if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if(!alias_hnd || !mem_ctx) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer(hnd); + if(!srv) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + srv->cli.pipe_idx = PI_SAMR; + + hnd->status = cli_samr_query_aliasmem(&(srv->cli), mem_ctx, alias_hnd, &num_mem, &sid); + + if(!NT_STATUS_IS_OK(hnd->status)) + return CAC_FAILURE; + + /*try to delete the users one by one*/ + for(i = 0; i < num_mem && NT_STATUS_IS_OK(hnd->status); i++) { + hnd->status = cli_samr_del_aliasmem(&(srv->cli), mem_ctx, alias_hnd, &sid[i]); + } + + /*if not all members could be removed, then try to re-add the members that were already deleted*/ + if(!NT_STATUS_IS_OK(hnd->status)) { + status = NT_STATUS_OK; + + for(i -= 1; i >= 0 && NT_STATUS_IS_OK(status); i--) { + status = cli_samr_add_aliasmem( &(srv->cli), mem_ctx, alias_hnd, &sid[i]); + } + + /*we return with the NTSTATUS error that we got when trying to delete users*/ + if(!NT_STATUS_IS_OK(status)) + result = CAC_FAILURE; + } + + talloc_free(sid); + return result; +} + +int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op) { + SMBCSRV *srv = NULL; + + uint32 i = 0; + + if(!hnd) + return CAC_FAILURE; + + if(!hnd->_internal.ctx || !hnd->_internal.pipes[PI_SAMR]) { + hnd->status = NT_STATUS_INVALID_HANDLE; + return CAC_FAILURE; + } + + if(!op || !op->in.alias_hnd || !mem_ctx) { + hnd->status = NT_STATUS_INVALID_PARAMETER; + return CAC_FAILURE; + } + + srv = cac_GetServer(hnd); + if(!srv) { + hnd->status = NT_STATUS_UNSUCCESSFUL; + return CAC_FAILURE; + } + + srv->cli.pipe_idx = PI_SAMR; + + /*use cac_SamClearAliasMembers() to clear them*/ + if(!cac_SamClearAliasMembers(hnd, mem_ctx, op->in.alias_hnd)) + return CAC_FAILURE; /*hnd->status is already set*/ + + + for(i = 0; i < op->in.num_members && NT_STATUS_IS_OK(hnd->status); i++) { + hnd->status = cli_samr_add_aliasmem( &(srv->cli), mem_ctx, op->in.alias_hnd, &(op->in.sids[i])); + } + + if(!NT_STATUS_IS_OK(hnd->status)) + return CAC_FAILURE; + + return CAC_SUCCESS; + +} +
