Author: gd Date: 2006-07-04 10:25:04 +0000 (Tue, 04 Jul 2006) New Revision: 16796
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=16796 Log: Fill in dsr_GetMemberships() / dsr_GetMemberships2(). This intersting call is apparently used to construct the user token, collect memberships from other DSAs and to retrieve (nested) memberships of a given group. Torture test to follow (once I cleaned it up). Guenther Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl =================================================================== --- branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl 2006-07-04 03:32:39 UTC (rev 16795) +++ branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl 2006-07-04 10:25:04 UTC (rev 16796) @@ -7,11 +7,13 @@ authservice("ldap"), helpstring("Active Directory Replication"), pointer_default(unique), - depends(security,misc), + depends(security,misc,samr), keepref ] interface drsuapi { + declare bitmap samr_GroupAttrs; + /*****************/ /* Function 0x00 */ typedef [bitmap32bit] bitmap { @@ -767,8 +769,52 @@ /*****************/ /* Function 0x09 */ - WERROR DRSUAPI_GET_MEMBERSHIPS(); + /* how are type 4 and 7 different from 2 and 3 ? */ + typedef [v1_enum] enum { + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_AND_DOMAIN_GROUPS = 1, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS = 2, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS = 3, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_LOCAL_GROUPS2 = 4, + DRSUAPI_DS_MEMBERSHIP_TYPE_UNIVERSAL_GROUPS = 5, + DRSUAPI_DS_MEMBERSHIP_TYPE_GROUPMEMBERS = 6, + DRSUAPI_DS_MEMBERSHIP_TYPE_DOMAIN_GROUPS2 = 7 + } drsuapi_DsMembershipType; + + typedef struct { + NTSTATUS status; + [range(0,10000)] uint32 num_memberships; + [range(0,10000)] uint32 num_sids; + [size_is(num_memberships)] drsuapi_DsReplicaObjectIdentifier **info_array; + [size_is(num_memberships)] samr_GroupAttrs *group_attrs; + [size_is(num_sids)] dom_sid28 **sids; + } drsuapi_DsGetMembershipsCtr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMembershipsCtr; + + const int DRSUAPI_DS_MEMBERSHIP_FLAG_GROUP_ATTR = 0x1; + + typedef struct { + [range(1,10000)] uint32 count; + [size_is(count)] drsuapi_DsReplicaObjectIdentifier **info_array; + uint32 flags; + drsuapi_DsMembershipType type; + drsuapi_DsReplicaObjectIdentifier *domain; + } drsuapi_DsGetMembershipsRequest1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsRequest1 req1; + } drsuapi_DsGetMembershipsRequest; + + WERROR drsuapi_DsGetMemberships( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMembershipsRequest req, + [out] [switch_is(level)] drsuapi_DsGetMembershipsCtr ctr + ); + /*****************/ /* Function 0x0a */ WERROR DRSUAPI_INTER_DOMAIN_MOVE(); @@ -1370,8 +1416,33 @@ /*****************/ /* Function 0x15 */ - WERROR DRSUAPI_GET_MEMBERSHIPS2(); + typedef struct { + [range(0,10000)] uint32 num_entries; + [size_is(num_entries)] drsuapi_DsGetMembershipsCtr1 **ctrl_array; + } drsuapi_DsGetMemberships2Ctr1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMembershipsCtr1 ctr1; + } drsuapi_DsGetMemberships2Ctr; + + typedef struct { + [range(1,10000)] uint32 num_req; + [size_is(num_req)] drsuapi_DsGetMembershipsRequest1 **req_array; + } drsuapi_DsGetMemberships2Request1; + + typedef [switch_type(int32)] union { + [case(1)] drsuapi_DsGetMemberships2Request1 req1; + } drsuapi_DsGetMemberships2Request; + + WERROR drsuapi_DsGetMemberships2( + [in] policy_handle *bind_handle, + [in,out] int32 level, + [in] [switch_is(level)] drsuapi_DsGetMemberships2Request req, + [out] [switch_is(level)] drsuapi_DsGetMemberships2Ctr ctr + ); + + /*****************/ /* Function 0x16 */ WERROR DRSUAPI_REPLICA_VERIFY_OBJECTS(); Modified: branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c =================================================================== --- branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2006-07-04 03:32:39 UTC (rev 16795) +++ branches/SAMBA_4_0/source/rpc_server/drsuapi/dcesrv_drsuapi.c 2006-07-04 10:25:04 UTC (rev 16796) @@ -171,10 +171,10 @@ /* - DRSUAPI_GET_MEMBERSHIPS + drsuapi_DsGetMemberships */ -static WERROR DRSUAPI_GET_MEMBERSHIPS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct DRSUAPI_GET_MEMBERSHIPS *r) +static WERROR drsuapi_DsGetMemberships(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsGetMemberships *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } @@ -332,17 +332,15 @@ DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } - /* - DRSUAPI_GET_MEMBERSHIPS2 + drsuapi_DsGetMemberships2 */ -static WERROR DRSUAPI_GET_MEMBERSHIPS2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct DRSUAPI_GET_MEMBERSHIPS2 *r) +static WERROR drsuapi_DsGetMemberships2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsGetMemberships2 *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } - /* DRSUAPI_REPLICA_VERIFY_OBJECTS */
