00001 /* 00002 * Unix SMB/CIFS implementation. 00003 * MS-RPC client library API definitions/prototypes 00004 * 00005 * Copyright (C) Chris Nicholls 2005. 00006 * 00007 * This program is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * This program is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 00020 */ 00021 00022 #ifndef LIBMSRPC_H 00023 #define LIBMSRPC_H 00024 00025 00026 #include "includes.h" 00027 #include "libsmbclient.h" 00028 #include "libsmb_internal.h" 00029 00030 /*server capability levels*/ 00031 #define SRV_WIN_NT4 1 00032 #define SRV_WIN_2K 2 00033 #define SRV_WIN_2K_SP3 3 00034 #define SRV_WIN_2K3 4 00035 00036 /**@defgroup handle Server Handle*/ 00037 /**@defgroup Library_Functions Library/Utility Functions*/ 00038 /**@defgroup lsa_defs LSA Definitions*/ 00039 /**@defgroup LSA_Functions LSA Functions*/ 00040 /**@defgroup reg_defs Registry Definitions*/ 00041 /**@defgroup Reg_Functions Registry Functions*/ 00042 /**@defgroup sam_defs SAM Definitions*/ 00043 /**@defgroup SAM_Functions SAM Functions*/ 00044 /**@defgroup svc_defs Service Control Definitions*/ 00045 /**@defgroup SCM_Functions Service Control Functions*/ 00046 00047 /**Operation was unsuccessful*/ 00048 #define CAC_FAILURE 0 00049 /**Operation was successful*/ 00050 #define CAC_SUCCESS 1 00051 /**Operation was only partially successful 00052 * an example of this is if you try to lookup a list of accounts to SIDs and not all accounts can be resolved*/ 00053 #define CAC_PARTIAL_SUCCESS 2 00054 00055 /**@ingroup CAC_errors Use this to see if the last operation failed - useful for enumeration functions that use multiple calls*/ 00056 #define CAC_OP_FAILED(status) !NT_STATUS_IS_OK(status) && \ 00057 NT_STATUS_V(status) != NT_STATUS_V(STATUS_SOME_UNMAPPED) && \ 00058 NT_STATUS_V(status) != NT_STATUS_V(STATUS_NO_MORE_FILES) && \ 00059 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NO_MORE_ENTRIES) && \ 00060 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NONE_MAPPED) && \ 00061 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED) 00062 00063 00064 /**Privilege string constants*/ 00065 #define CAC_SE_CREATE_TOKEN "SeCreateTokenPrivilege" 00066 #define CAC_SE_ASSIGN_PRIMARY_TOKEN "SeAssignPrimaryTokenPrivilege" 00067 #define CAC_SE_LOCK_MEMORY "SeLockMemoryPrivilege" 00068 #define CAC_SE_INCREASE_QUOTA "SeIncreaseQuotaPrivilege" 00069 #define CAC_SE_MACHINE_ACCOUNT "SeMachineAccountPrivilege" 00070 #define CAC_SE_TCB "SeTcbPrivilege" 00071 #define CAC_SE_SECURITY "SeSecurityPrivilege" 00072 #define CAC_SE_TAKE_OWNERSHIP "SeTakeOwnershipPrivilege" 00073 #define CAC_SE_LOAD_DRIVER "SeLoadDriverPrivilege" 00074 #define CAC_SE_SYSTEM_PROFILE "SeSystemProfilePrivilege" 00075 #define CAC_SE_SYSTEM_TIME "SeSystemtimePrivilege" 00076 #define CAC_SE_PROFILE_SINGLE_PROC "SeProfileSingleProcessPrivilege" 00077 #define CAC_SE_INCREASE_BASE_PRIORITY "SeIncreaseBasePriorityPrivilege" 00078 #define CAC_SE_CREATE_PAGEFILE "SeCreatePagefilePrivilege" 00079 #define CAC_SE_CREATE_PERMANENT "SeCreatePermanentPrivilege" 00080 #define CAC_SE_BACKUP "SeBackupPrivilege" 00081 #define CAC_SE_RESTORE "SeRestorePrivilege" 00082 #define CAC_SE_SHUTDOWN "SeShutdownPrivilege" 00083 #define CAC_SE_DEBUG "SeDebugPrivilege" 00084 #define CAC_SE_AUDIT "SeAuditPrivilege" 00085 #define CAC_SE_SYSTEM_ENV "SeSystemEnvironmentPrivilege" 00086 #define CAC_SE_CHANGE_NOTIFY "SeChangeNotifyPrivilege" 00087 #define CAC_SE_REMOTE_SHUTDOWN "SeRemoteShutdownPrivilege" 00088 #define CAC_SE_UNDOCK "SeUndockPrivilege" 00089 #define CAC_SE_SYNC_AGENT "SeSyncAgentPrivilege" 00090 #define CAC_SE_ENABLE_DELEGATION "SeEnableDelegationPrivilege" 00091 #define CAC_SE_MANAGE_VOLUME "SeManageVolumePrivilege" 00092 #define CAC_SE_IMPERSONATE "SeImpersonatePrivilege" 00093 #define CAC_SE_CREATE_GLOBAL "SeCreateGlobalPrivilege" 00094 #define CAC_SE_PRINT_OPERATOR "SePrintOperatorPrivilege" 00095 #define CAC_SE_NETWORK_LOGON "SeNetworkLogonRight" 00096 #define CAC_SE_INTERACTIVE_LOGON "SeInteractiveLogonRight" 00097 #define CAC_SE_BATCH_LOGON "SeBatchLogonRight" 00098 #define CAC_SE_SERVICE_LOGON "SeServiceLogonRight" 00099 #define CAC_SE_ADD_USERS "SeAddUsersPrivilege" 00100 #define CAC_SE_DISK_OPERATOR "SeDiskOperatorPrivilege" 00101 00102 /** 00103 * @addtogroup lsa_defs 00104 * @{ 00105 */ 00106 /**used to specify what data to retrieve using cac_LsaQueryTrustedDomainInformation*/ 00107 #define CAC_INFO_TRUSTED_DOMAIN_NAME 0x1 00108 #define CAC_INFO_TRUSTED_DOMAIN_POSIX_OFFSET 0x3 00109 #define CAC_INFO_TRUSTED_DOMAIN_PASSWORD 0x4 00110 00111 /**Used when requesting machine domain information*/ 00112 #define CAC_DOMAIN_INFO 0x0003 00113 00114 /**Used when requesting machine local information*/ 00115 #define CAC_LOCAL_INFO 0x0005 00116 00117 /**Stores information about a SID*/ 00118 typedef struct _CACSIDINFO { 00119 /**The actual SID*/ 00120 DOM_SID sid; 00121 00122 /**The name of the object which maps to this SID*/ 00123 char *name; 00124 00125 /**The domain the SID belongs to*/ 00126 char *domain; 00127 } CacSidInfo; 00128 /* @} */ 00129 00130 /** 00131 * @addtogroup reg_defs 00132 * @{ 00133 */ 00134 /**Null terminated string*/ 00135 typedef char* REG_SZ_DATA; 00136 00137 /**Null terminated string with windows environment variables that should be expanded*/ 00138 typedef char* REG_EXPAND_SZ_DATA; 00139 00140 /**Binary data of some kind*/ 00141 typedef struct _REGBINARYDATA { 00142 uint32 data_length; 00143 uint8 * data; 00144 } REG_BINARY_DATA; 00145 00146 /**32-bit (little endian) number*/ 00147 typedef uint32 REG_DWORD_DATA; 00148 00149 /**32-bit big endian number*/ 00150 typedef uint32 REG_DWORD_BE_DATA; 00151 00152 /**array of strings*/ 00153 typedef struct _REGMULTISZDATA { 00154 uint32 num_strings; 00155 00156 char **strings; 00157 } REG_MULTI_SZ_DATA; 00158 00159 typedef union _REGVALUEDATA { 00160 REG_SZ_DATA reg_sz; 00161 REG_EXPAND_SZ_DATA reg_expand_sz; 00162 REG_BINARY_DATA reg_binary; 00163 REG_DWORD_DATA reg_dword; 00164 REG_DWORD_BE_DATA reg_dword_be; 00165 REG_MULTI_SZ_DATA reg_multi_sz; 00166 } REG_VALUE_DATA; 00167 /**@}*/ 00168 00169 /** 00170 * @addtogroup sam_defs 00171 * @{ 00172 */ 00173 00174 #define CAC_USER_RID 0x1 00175 #define CAC_GROUP_RID 0x2 00176 00177 typedef struct _CACLOOKUPRIDSRECORD { 00178 char *name; 00179 uint32 rid; 00180 00181 /**If found, this will be one of: 00182 * - CAC_USER_RID 00183 * - CAC_GROUP_RID 00184 */ 00185 uint32 type; 00186 00187 /*if the name or RID was looked up, then found = True*/ 00188 BOOL found; 00189 } CacLookupRidsRecord; 00190 00191 typedef struct _CACUSERINFO { 00192 /**Last logon time*/ 00193 time_t logon_time; 00194 00195 /**Last logoff time*/ 00196 time_t logoff_time; 00197 00198 /**Last kickoff time*/ 00199 time_t kickoff_time; 00200 00201 /**Last password set time*/ 00202 time_t pass_last_set_time; 00203 00204 /**Time password can change*/ 00205 time_t pass_can_change_time; 00206 00207 /**Time password must change*/ 00208 time_t pass_must_change_time; 00209 00210 /**LM user password*/ 00211 uint8 lm_password[8]; 00212 00213 /**NT user password*/ 00214 uint8 nt_password[8]; 00215 00216 /**User's RID*/ 00217 uint32 rid; 00218 00219 /**RID of primary group*/ 00220 uint32 group_rid; 00221 00222 /**User's ACB mask*/ 00223 uint32 acb_mask; 00224 00225 /**Bad password count*/ 00226 uint16 bad_passwd_count; 00227 00228 /**Number of logons*/ 00229 uint16 logon_count; 00230 00231 /**Change password at next logon?*/ 00232 BOOL pass_must_change; 00233 00234 /**Username*/ 00235 char *username; 00236 00237 /**User's full name*/ 00238 char *full_name; 00239 00240 /**User's home directory*/ 00241 char *home_dir; 00242 00243 /**Home directory drive*/ 00244 char *home_drive; 00245 00246 /**Logon script*/ 00247 char *logon_script; 00248 00249 /**Path to profile*/ 00250 char *profile_path; 00251 00252 /**Account description*/ 00253 char *description; 00254 00255 /**Login from workstations*/ 00256 char *workstations; 00257 00258 char *dial; 00259 00260 /**Possible logon hours*/ 00261 LOGON_HRS *logon_hours; 00262 00263 } CacUserInfo; 00264 00265 typedef struct _CACGROUPINFO { 00266 /**Group name*/ 00267 char *name; 00268 00269 /**Description*/ 00270 char *description; 00271 00272 /**Number of members*/ 00273 uint32 num_members; 00274 } CacGroupInfo, CacAliasInfo; 00275 00276 /**Represents a period (duration) of time*/ 00277 typedef struct _CACTIME { 00278 /**Number of days*/ 00279 uint32 days; 00280 00281 /**Number of hours*/ 00282 uint32 hours; 00283 00284 /**Number of minutes*/ 00285 uint32 minutes; 00286 00287 /**number of seconds*/ 00288 uint32 seconds; 00289 } CacTime; 00290 00291 00292 typedef struct _CACDOMINFO { 00293 /**The server role. Should be one of: 00294 * ROLE_STANDALONE 00295 * ROLE_DOMAIN_MEMBER 00296 * ROLE_DOMAIN_BDC 00297 * ROLE_DOMAIN_PDC 00298 * see include/smb.h 00299 */ 00300 uint32 server_role; 00301 00302 /**Number of domain users*/ 00303 uint32 num_users; 00304 00305 /**Number of domain groups*/ 00306 uint32 num_domain_groups; 00307 00308 /**Number of local groups*/ 00309 uint32 num_local_groups; 00310 00311 /**Comment*/ 00312 char *comment; 00313 00314 /**Domain name*/ 00315 char *domain_name; 00316 00317 /**Server name*/ 00318 char *server_name; 00319 00320 /**Minimum password length*/ 00321 uint16 min_pass_length; 00322 00323 /**How many previous passwords to remember - ie, password cannot be the same as N previous passwords*/ 00324 uint16 pass_history; 00325 00326 /**How long (from now) before passwords expire*/ 00327 CacTime expire; 00328 00329 /**How long (from now) before passwords can be changed*/ 00330 CacTime min_pass_age; 00331 00332 /**How long users are locked out for too many bad password attempts*/ 00333 CacTime lockout_duration; 00334 00335 /**How long before lockouts are reset*/ 00336 CacTime lockout_reset; 00337 00338 /**How many bad password attempts before lockout occurs*/ 00339 uint16 num_bad_attempts; 00340 } CacDomainInfo; 00341 00342 /**@}*/ /*sam_defs*/ 00343 00344 /**@addtogroup svc_defs 00345 * @{ 00346 */ 00347 typedef struct _CACSERVICE { 00348 /**The service name*/ 00349 char *service_name; 00350 00351 /**The display name of the service*/ 00352 char *display_name; 00353 00354 /**Current status of the service - see include/rpc_svcctl.h for SERVICE_STATUS definition*/ 00355 SERVICE_STATUS status; 00356 } CacService; 00357 00358 typedef struct __CACSERVICECONFIG { 00359 /**The service type*/ 00360 uint32 type; 00361 00362 /**The start type. Should be one of: 00363 * - SVCCTL_BOOT_START 00364 * - SVCCTL_SYSTEM_START 00365 * - SVCCTL_AUTO_START 00366 * - SVCCTL_DEMAND_START 00367 */ 00368 uint32 start_type; 00369 00370 uint32 error_control; 00371 00372 /**Path to executable*/ 00373 char *exe_path; 00374 00375 /***/ 00376 char *load_order_group; 00377 00378 uint32 tag_id; 00379 00380 /**Any dependencies for the service*/ 00381 char *dependencies; 00382 00383 /**Run as...*/ 00384 char *start_name; 00385 00386 /**Service display name*/ 00387 char *display_name; 00388 00389 } CacServiceConfig; 00390 /**@}*/ /*svc_defs*/ 00391 00392 #include "libmsrpc_internal.h" 00393 00394 /** 00395 * @addtogroup handle 00396 * @{ 00397 */ 00398 00399 /** 00400 * Server handle used to keep track of client/server/pipe information. Use cac_NewServerHandle() to allocate. 00401 * Initiliaze as many values as possible before calling cac_Connect(). 00402 * 00403 * @note When allocating memory for the fields, use SMB_MALLOC() (or equivalent) instead of talloc() (or equivalent) - 00404 * If memory is not allocated for a field, cac_Connect will allocate sizeof(fstring) bytes for it. 00405 * 00406 * @note It may be wise to allocate large buffers for these fields and strcpy data into them. 00407 * 00408 * @see cac_NewServerHandle() 00409 * @see cac_FreeHandle() 00410 */ 00411 typedef struct _CACSERVERHANDLE { 00412 /** debug level 00413 */ 00414 int debug; 00415 00416 /** netbios name used to make connections 00417 */ 00418 char *netbios_name; 00419 00420 /** domain name used to make connections 00421 */ 00422 char *domain; 00423 00424 /** username used to make connections 00425 */ 00426 char *username; 00427 00428 /** user's password plain text string 00429 */ 00430 char *password; 00431 00432 /** name or IP address of server we are currently working with 00433 */ 00434 char *server; 00435 00436 /**stores the latest NTSTATUS code 00437 */ 00438 NTSTATUS status; 00439 00440 /** internal. do not modify! 00441 */ 00442 struct CacServerHandleInternal _internal; 00443 00444 } CacServerHandle; 00445 00446 /*@}*/ 00447 00448 /**internal function. do not call this function*/ 00449 SMBCSRV *cac_GetServer(CacServerHandle *hnd); 00450 00451 00452 /** @addtogroup Library_Functions 00453 * @{ 00454 */ 00455 /** 00456 * Initializes the library - do not need to call this function. Open's smb.conf as well as initializes logging. 00457 * @param debug Debug level for library to use 00458 */ 00459 00460 void cac_Init(int debug); 00461 00462 /** 00463 * Creates an un-initialized CacServerHandle 00464 * @param allocate_fields If True, the function will allocate sizeof(fstring) bytes for all char * fields in the handle 00465 * @return - un-initialized server handle 00466 * - NULL if no memory could be allocated 00467 */ 00468 CacServerHandle * cac_NewServerHandle(BOOL allocate_fields); 00469 00470 /** 00471 * Specifies the smbc_get_auth_data_fn to use if you do not want to use the default. 00472 * @param hnd non-NULL server handle 00473 * @param auth_fn auth_data_fn to set in server handle 00474 */ 00475 00476 void cac_SetAuthDataFn(CacServerHandle *hnd, smbc_get_auth_data_fn auth_fn); 00477 00478 /** Use your own libsmbclient context - not necessary. 00479 * @note You must still call cac_Connect() after specifying your own libsmbclient context 00480 * @param hnd Initialized, but not connected CacServerHandle 00481 * @param ctx The libsmbclient context you would like to use. 00482 */ 00483 void cac_SetSmbcContext(CacServerHandle *hnd, SMBCCTX *ctx); 00484 00485 /** Connects to a specified server. If there is already a connection to a different server, 00486 * it will be cleaned up before connecting to the new server. 00487 * @param hnd Pre-initialized CacServerHandle 00488 * @param srv (Optional) Name or IP of the server to connect to. If NULL, server from the CacServerHandle will be used. 00489 * 00490 * @return CAC_FAILURE if the operation could not be completed successfully (hnd->status will also be set with a NTSTATUS code) 00491 * @return CAC_SUCCESS if the operation succeeded 00492 */ 00493 int cac_Connect(CacServerHandle *hnd, const char *srv); 00494 00495 00496 /** 00497 * Cleans up any data used by the CacServerHandle. If the libsmbclient context was set using cac_SetSmbcContext(), it will not be free'd. 00498 * @param hnd the CacServerHandle to destroy 00499 */ 00500 void cac_FreeHandle(CacServerHandle * hnd); 00501 00502 /** 00503 * Initializes a CacTime structure based on an NTTIME structure 00504 * If the function fails, then the CacTime structure will be zero'd out 00505 */ 00506 void cac_InitCacTime(CacTime *cactime, NTTIME nttime); 00507 00508 /** 00509 * Called by cac_NewServerHandle() if allocate_fields = True. You can call this if you want to, allocates sizeof(fstring) char's for every char * field 00510 * @param hnd Uninitialized server handle 00511 * @return CAC_FAILURE Memory could not be allocated 00512 * @return CAC_SUCCESS Memory was allocated 00513 */ 00514 int cac_InitHandleMem(CacServerHandle *hnd); 00515 00516 /** 00517 * Default smbc_get_auth_data_fn for libmsrpc. This function is called when libmsrpc needs to get more information about the 00518 * client (username/password, workgroup). 00519 * This function provides simple prompts to the user to enter the information. This description his here so you know how to re-define this function. 00520 * @see cac_SetAuthDataFn() 00521 * @param pServer Name/IP of the server to connect to. 00522 * @param pShare Share name to connect to 00523 * @param pWorkgroup libmsrpc passes in the workgroup/domain name from hnd->domain. It can be modified in the function. 00524 * @param maxLenWorkgroup The maximum length of a string pWogroup can hold. 00525 * @param pUsername libmsrpc passes in the username from hnd->username. It can be modified in the function. 00526 * @param maxLenUsername The maximum length of a string pUsername can hold. 00527 * @param pPassword libmsrpc pass in the password from hnd->password. It can be modified in the function. 00528 * @param maxLenPassword The maximum length of a string pPassword can hold. 00529 */ 00530 void cac_GetAuthDataFn(const char * pServer, 00531 const char * pShare, 00532 char * pWorkgroup, 00533 int maxLenWorkgroup, 00534 char * pUsername, 00535 int maxLenUsername, 00536 char * pPassword, 00537 int maxLenPassword); 00538 00539 00540 /**@}*/ 00541 00542 /***************** 00543 * LSA Functions * 00544 *****************/ 00545 00546 /** @addtogroup LSA_Functions 00547 * @{ 00548 */ 00549 00550 struct LsaOpenPolicy { 00551 /**Inputs*/ 00552 struct { 00553 /**Access Mask. Refer to Security Access Masks in include/rpc_secdes.h*/ 00554 uint32 access; 00555 00556 /**Use security quality of service? (True/False)*/ 00557 BOOL security_qos; 00558 } in; 00559 00560 /**Outputs*/ 00561 struct { 00562 /**Handle to the open policy (needed for all other operations)*/ 00563 POLICY_HND *pol; 00564 } out; 00565 }; 00566 00567 /** 00568 * Opens a policy handle on a remote machine. 00569 * @param hnd fully initialized CacServerHandle for remote machine 00570 * @param mem_ctx Talloc context for memory allocation 00571 * @param op Initialized parameters 00572 * @return CAC_FAILURE if the policy could not be opened. hnd->status set with appropriate NTSTATUS 00573 * @return CAC_SUCCESS if the policy could be opened, the policy handle can be found 00574 */ 00575 int cac_LsaOpenPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenPolicy *op); 00576 00577 00578 /** 00579 * Closes an LSA policy handle (Retrieved using cac_LsaOpenPolicy). 00580 * If successful, the handle will be closed on the server, and memory for pol will be freed 00581 * @param hnd - An initialized and connected server handle 00582 * @param mem_ctx Talloc context for memory allocation 00583 * @param pol - the policy handle to close 00584 * @return CAC_FAILURE could not close the policy handle, hnd->status is set to the appropriate NTSTATUS error code 00585 * @return CAC_SUCCESS the policy handle was closed 00586 */ 00587 int cac_LsaClosePolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol); 00588 00589 00590 struct LsaGetNamesFromSids { 00591 struct { 00592 /**handle to and open LSA policy*/ 00593 POLICY_HND *pol; 00594 00595 /**the number of SIDs to lookup*/ 00596 uint32 num_sids; 00597 00598 /**array of SIDs to lookup*/ 00599 DOM_SID *sids; 00600 } in; 00601 00602 struct { 00603 /**The number of names returned (in case of CAC_PARTIAL_SUCCESS)*/ 00604 uint32 num_found; 00605 00606 /**array of SID info each index is one sid */ 00607 CacSidInfo *sids; 00608 00609 /**in case of partial success, an array of SIDs that could not be looked up (NULL if all sids were looked up)*/ 00610 DOM_SID *unknown; 00611 } out; 00612 }; 00613 00614 /** 00615 * Looks up the names for a list of SIDS 00616 * @param hnd initialized and connected server handle 00617 * @param mem_ctx Talloc context for memory allocation 00618 * @param op input and output parameters 00619 * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code 00620 * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output 00621 * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs 00622 */ 00623 int cac_LsaGetNamesFromSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetNamesFromSids *op); 00624 00625 struct LsaGetSidsFromNames { 00626 struct { 00627 /**handle to an open LSA policy*/ 00628 POLICY_HND *pol; 00629 00630 /**number of SIDs to lookup*/ 00631 uint32 num_names; 00632 00633 /**array of strings listing the names*/ 00634 char **names; 00635 } in; 00636 00637 struct { 00638 /**The number of SIDs returned (in case of partial success*/ 00639 uint32 num_found; 00640 00641 /**array of SID info for the looked up names*/ 00642 CacSidInfo *sids; 00643 00644 /**in case of partial success, the names that were not looked up*/ 00645 char **unknown; 00646 } out; 00647 }; 00648 00649 /** 00650 * Looks up the SIDs for a list of names 00651 * @param hnd initialized and connected server handle 00652 * @param mem_ctx Talloc context for memory allocation 00653 * @param op input and output parameters 00654 * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code 00655 * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output 00656 * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs 00657 */ 00658 int cac_LsaGetSidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSidsFromNames *op); 00659 00660 struct LsaFetchSid { 00661 struct { 00662 /**handle to an open LSA policy*/ 00663 POLICY_HND *pol; 00664 00665 /**can be CAC_LOCAL_INFO, CAC_DOMAIN_INFO, or (CAC_LOCAL_INFO | CAC_DOMAIN_INFO)*/ 00666 uint16 info_class; 00667 } in; 00668 00669 struct { 00670 /**the machine's local SID and domain name (NULL if not asked for)*/ 00671 CacSidInfo *local_sid; 00672 00673 /**the machine's domain SID and name (NULL if not asked for)*/ 00674 CacSidInfo *domain_sid; 00675 00676 } out; 00677 }; 00678 00679 /** 00680 * Looks up the domain or local sid of a machine with an open LSA policy handle 00681 * @param hnd initialized and connected server handle 00682 * @param mem_ctx Talloc context for memory allocation 00683 * @param op input and output parameters 00684 * @return CAC_FAILURE if the SID could not be fetched 00685 * @return CAC_SUCCESS if the SID was fetched 00686 * @return CAC_PARTIAL_SUCCESS if you asked for both local and domain sids but only one was returned 00687 */ 00688 int cac_LsaFetchSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaFetchSid *op); 00689 00690 struct LsaQueryInfoPolicy { 00691 struct { 00692 /**Open LSA policy handle on remote server*/ 00693 POLICY_HND *pol; 00694 } in; 00695 00696 struct { 00697 /**remote server's domain name*/ 00698 char *domain_name; 00699 00700 /**remote server's dns name*/ 00701 char *dns_name; 00702 00703 /**remote server's forest name*/ 00704 char *forest_name; 00705 00706 /**remote server's domain guid*/ 00707 struct GUID *domain_guid; 00708 00709 /**remote server's domain SID*/ 00710 DOM_SID *domain_sid; 00711 } out; 00712 }; 00713 00714 /** 00715 * Retrieves information about the LSA machine/domain 00716 * @param hnd initialized and connected server handle 00717 * @param mem_ctx Talloc context for memory allocation 00718 * @param op input and output parameters 00719 * Note: for pre-Windows 2000 machines, only op->out.SID and op->out.domain will be set. @see cac_LsaFetchSid 00720 * @return - CAC_FAILURE if the operation was not successful. hnd->status will be set with an accurate NT_STATUS code 00721 * @return CAC_SUCCESS the operation was successful. 00722 */ 00723 int cac_LsaQueryInfoPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryInfoPolicy *op); 00724 00725 struct LsaEnumSids { 00726 struct { 00727 /**Open LSA Policy handle*/ 00728 POLICY_HND *pol; 00729 00730 /**The prefered maximum number of SIDs returned per call*/ 00731 uint32 pref_max_sids; 00732 } in; 00733 00734 struct { 00735 /**used to keep track of how many sids have been retrieved over multiple calls 00736 * should be set to zero via ZERO_STRUCT() befrore the first call. Use the same struct LsaEnumSids for multiple calls*/ 00737 uint32 resume_idx; 00738 00739 /**The number of sids returned this call*/ 00740 uint32 num_sids; 00741 00742 /**Array of sids returned*/ 00743 DOM_SID *sids; 00744 00745 } out; 00746 }; 00747 00748 /** 00749 * Enumerates the SIDs in the LSA. Can be enumerated in blocks by calling the function multiple times. 00750 * Example: while(cac_LsaEnumSids(hnd, mem_ctx, op) { ... } 00751 * @param hnd - An initialized and connected server handle 00752 * @param mem_ctx Talloc context for memory allocation 00753 * @param op Initialized parameters 00754 * @return CAC_FAILURE there was an error during operations OR there are no more results 00755 * @return CAC_SUCCESS the operation completed and results were returned 00756 */ 00757 int cac_LsaEnumSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumSids *op); 00758 00759 struct LsaEnumAccountRights { 00760 struct { 00761 /**Open LSA Policy handle*/ 00762 POLICY_HND *pol; 00763 00764 /**(Optional) SID of the account - must supply either sid or name*/ 00765 DOM_SID *sid; 00766 00767 /**(Optional) name of the account - must supply either sid or name*/ 00768 char *name; 00769 } in; 00770 00771 struct { 00772 /**Count of rights for this account*/ 00773 uint32 num_privs; 00774 00775 /**array of privilege names*/ 00776 char **priv_names; 00777 } out; 00778 }; 00779 00780 /** 00781 * Enumerates rights assigned to a given account. Takes a SID instead of account handle as input 00782 * @param hnd Initialized and connected server handle 00783 * @param mem_ctx Context for memory allocation 00784 * @param op Initialized Parameters 00785 * @return CAC_FAILURE the rights could not be retrieved. hnd->status is set with NT_STATUS code 00786 * @return CAC_SUCCESS the operation was successful. 00787 */ 00788 00789 int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op); 00790 00791 struct LsaEnumTrustedDomains { 00792 struct { 00793 /**Open LSA policy handle*/ 00794 POLICY_HND *pol; 00795 } in; 00796 00797 struct { 00798 /**used to keep track of how many domains have been retrieved over multiple calls 00799 * should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/ 00800 uint32 resume_idx; 00801 00802 /**The number of domains returned by the remote server this call*/ 00803 uint32 num_domains; 00804 00805 /**array of trusted domain names returned by the remote server*/ 00806 char **domain_names; 00807 00808 /**array of trusted domain sids returned by the remote server*/ 00809 DOM_SID *domain_sids; 00810 } out; 00811 }; 00812 00813 /** 00814 * Enumerates the trusted domains in the LSA. 00815 * @param hnd - An initialized and connected server handle 00816 * @param mem_ctx Talloc context for memory allocation 00817 * @param op - initialized parameters 00818 * @return CAC_FAILURE there was an error during operations OR there are no more results 00819 * @return CAC_SUCCESS the operation completed and results were returned 00820 */ 00821 int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op); 00822 00823 struct LsaOpenTrustedDomain { 00824 struct { 00825 /**an open LSA policy handle*/ 00826 POLICY_HND *pol; 00827 00828 /**SID of the trusted domain to open*/ 00829 DOM_SID *domain_sid; 00830 00831 /**Desired access on the open domain*/ 00832 uint32 access; 00833 } in; 00834 00835 struct { 00836 /**A handle to the policy that is opened*/ 00837 POLICY_HND *domain_pol; 00838 } out; 00839 }; 00840 00841 /** 00842 * Opens a trusted domain by SID. 00843 * @param hnd An initialized and connected server handle 00844 * @param mem_ctx Talloc context for memory allocation 00845 * @param op initialized I/O parameters 00846 * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code 00847 * @return CAC_SUCCESS the domain was opened successfully 00848 */ 00849 int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op); 00850 00851 struct LsaQueryTrustedDomainInfo { 00852 struct { 00853 /**Open LSA policy handle*/ 00854 POLICY_HND *pol; 00855 00856 /**Info class of returned data*/ 00857 uint16 info_class; 00858 00859 /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/ 00860 DOM_SID *domain_sid; 00861 00862 /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/ 00863 char *domain_name; 00864 } in; 00865 00866 struct { 00867 /**information about the trusted domain*/ 00868 LSA_TRUSTED_DOMAIN_INFO *info; 00869 } out; 00870 }; 00871 00872 /** 00873 * Retrieves information a trusted domain. 00874 * @param hnd An initialized and connected server handle 00875 * @param mem_ctx Talloc context for memory allocation 00876 * @param op initialized I/O parameters 00877 * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code 00878 * @return CAC_SUCCESS the domain was opened successfully 00879 */ 00880 00881 int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op); 00882 00883 struct LsaEnumPrivileges { 00884 struct { 00885 /**An open LSA policy handle*/ 00886 POLICY_HND *pol; 00887 00888 /**The _preferred_ maxinum number of privileges returned per call*/ 00889 uint32 pref_max_privs; 00890 } in; 00891 00892 struct { 00893 /**Used to keep track of how many privileges have been retrieved over multiple calls. Do not modify this value between calls*/ 00894 uint32 resume_idx; 00895 00896 /**The number of privileges returned this call*/ 00897 uint32 num_privs; 00898 00899 /**Array of privilege names*/ 00900 char **priv_names; 00901 00902 /**Array of high bits for privilege LUID*/ 00903 uint32 *high_bits; 00904 00905 /**Array of low bits for privilege LUID*/ 00906 uint32 *low_bits; 00907 } out; 00908 }; 00909 00910 /** 00911 * Enumerates the Privileges supported by the LSA. Can be enumerated in blocks by calling the function multiple times. 00912 * Example: while(cac_LsaEnumPrivileges(hnd, mem_ctx, op) { ... } 00913 * @param hnd An initialized and connected server handle 00914 * @param mem_ctx Talloc context for memory allocation 00915 * @param op Initialized parameters 00916 * @return CAC_FAILURE there was an error during operations OR there are no more results 00917 * @return CAC_SUCCESS the operation completed and results were returned 00918 * @see CAC_OP_FAILED() 00919 */ 00920 int cac_LsaEnumPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumPrivileges *op); 00921 00922 struct LsaOpenAccount { 00923 struct { 00924 /**An open LSA policy handle*/ 00925 POLICY_HND *pol; 00926 00927 /**(Optional) account SID - must supply either sid or name*/ 00928 DOM_SID *sid; 00929 00930 /**(Optional) account name - must supply either sid or name*/ 00931 char *name; 00932 00933 /**desired access for the handle*/ 00934 uint32 access; 00935 } in; 00936 00937 struct { 00938 /**A handle to the opened user*/ 00939 POLICY_HND *user; 00940 } out; 00941 }; 00942 00943 /** 00944 * Opens a handle to an account in the LSA 00945 * @param hnd Initialized and connected server handle 00946 * @param mem_ctx Context for memory allocation 00947 * @param op Initialized Parameters 00948 * @return CAC_FAILURE the account could not be opened. hnd->status has appropriate NT_STATUS code 00949 * @return CAC_SUCCESS the account was opened 00950 */ 00951 int cac_LsaOpenAccount(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenAccount *op); 00952 00953 struct LsaAddPrivileges { 00954 struct { 00955 /**An open LSA policy handle*/ 00956 POLICY_HND *pol; 00957 00958 /**(Optional) The user's SID (must specify at least sid or name)*/ 00959 DOM_SID *sid; 00960 00961 /**(Optional) The user's name (must specify at least sid or name)*/ 00962 char *name; 00963 00964 /**The privilege names of the privileges to add for the account*/ 00965 char **priv_names; 00966 00967 /**The number of privileges in the priv_names array*/ 00968 uint32 num_privs; 00969 00970 } in; 00971 }; 00972 00973 /** 00974 * Adds Privileges an account. 00975 * @param hnd Initialized and connected server handle 00976 * @param mem_ctx Context for memory allocation 00977 * @param op Initialized Parameters 00978 * @return CAC_FAILURE the privileges could not be set. hnd->status has appropriate NT_STATUS code 00979 * @return CAC_SUCCESS the privileges were set. 00980 */ 00981 int cac_LsaAddPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); 00982 00983 struct LsaRemovePrivileges { 00984 struct { 00985 /**An open handle to the LSA*/ 00986 POLICY_HND *pol; 00987 00988 /**(Optional) The account SID (must specify at least sid or name)*/ 00989 DOM_SID *sid; 00990 00991 /**(Optional) The account name (must specify at least sid or name)*/ 00992 char *name; 00993 00994 /**The privilege names of the privileges to remove from the account*/ 00995 char **priv_names; 00996 00997 /**The number of privileges in the priv_names array*/ 00998 uint32 num_privs; 00999 01000 } in; 01001 01002 }; 01003 01004 /** 01005 * Removes a _specific_ set of privileges from an account 01006 * @param hnd Initialized and connected server handle 01007 * @param mem_ctx Context for memory allocation 01008 * @param op Initialized Parameters 01009 * @return CAC_FAILURE the privileges could not be removed. hnd->status is set with NT_STATUS code 01010 * @return CAC_SUCCESS the privileges were removed 01011 */ 01012 int cac_LsaRemovePrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaRemovePrivileges *op); 01013 01014 struct LsaClearPrivileges { 01015 struct { 01016 /**An open handle to the LSA*/ 01017 POLICY_HND *pol; 01018 01019 /**(Optional) The user's SID (must specify at least sid or name)*/ 01020 DOM_SID *sid; 01021 01022 /**(Optional) The user's name (must specify at least sid or name)*/ 01023 char *name; 01024 } in; 01025 01026 }; 01027 01028 /** 01029 * Removes ALL privileges from an account 01030 * @param hnd Initialized and connected server handle 01031 * @param mem_ctx Context for memory allocation 01032 * @param op Initialized Parameters 01033 * @return CAC_FAILURE the operation was not successful, hnd->status set with NT_STATUS code 01034 * @return CAC_SUCCESS the opeartion was successful. 01035 */ 01036 int cac_LsaClearPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaClearPrivileges *op); 01037 01038 /** 01039 * Sets an accounts priviliges. Removes all privileges and then adds specified privileges. 01040 * @param hnd Initialized and connected server handle 01041 * @param mem_ctx Context for memory allocation 01042 * @param op Initialized Parameters 01043 * @return CAC_FAILURE The operation could not complete successfully 01044 * @return CAC_SUCCESS The operation completed successfully 01045 */ 01046 int cac_LsaSetPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); 01047 01048 struct LsaGetSecurityObject { 01049 struct { 01050 /**Open LSA policy handle*/ 01051 POLICY_HND *pol; 01052 } in; 01053 01054 struct { 01055 /**Returned security descriptor information*/ 01056 SEC_DESC_BUF *sec; 01057 } out; 01058 }; 01059 01060 /** 01061 * Retrieves Security Descriptor information about the LSA 01062 * @param hnd Initialized and connected server handle 01063 * @param mem_ctx Context for memory allocation 01064 * @param op Initialized Parameters 01065 * @return CAC_FAILURE The operation could not complete successfully 01066 * @return CAC_SUCCESS The operation completed successfully 01067 */ 01068 int cac_LsaGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSecurityObject *op); 01069 01070 01071 /**@}*/ /*LSA_Functions*/ 01072 01073 /********************** 01074 * Registry Functions * 01075 *********************/ 01076 01077 /**@addtogroup Reg_Functions 01078 * @{ 01079 */ 01080 01081 struct RegConnect { 01082 struct { 01083 /** must be one of : 01084 * HKEY_CLASSES_ROOT, 01085 * HKEY_LOCAL_MACHINE, 01086 * HKEY_USERS, 01087 * HKEY_PERFORMANCE_DATA, 01088 */ 01089 int root; 01090 01091 /**desired access on the root key 01092 * combination of: 01093 * REG_KEY_READ, 01094 * REG_KEY_WRITE, 01095 * REG_KEY_EXECUTE, 01096 * REG_KEY_ALL, 01097 * found in include/rpc_secdes.h*/ 01098 uint32 access; 01099 } in; 01100 01101 struct { 01102 POLICY_HND *key; 01103 } out; 01104 }; 01105 01106 /** 01107 * Opens a handle to the registry on the server 01108 * @param hnd Initialized and connected server handle 01109 * @param mem_ctx Context for memory allocation 01110 * @param op Initialized Parameters 01111 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01112 * @return CAC_SUCCESS The operation completed successfully 01113 */ 01114 int cac_RegConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegConnect *op); 01115 01116 /** 01117 * Closes an open registry handle 01118 * @param hnd Initialized and connected server handle 01119 * @param mem_ctx Context for memory allocation 01120 * @param key The Key/Handle to close 01121 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01122 * @return CAC_SUCCESS The operation completed successfully 01123 */ 01124 int cac_RegClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key); 01125 01126 struct RegOpenKey { 01127 struct { 01128 /**(Optional)parent key. 01129 * If this is NULL, then cac_RegOpenKey() will attempt to connect to the registry, name MUST start with something like:<br> 01130 * HKEY_LOCAL_MACHINE\ or an abbreviation like HKCR\ 01131 * 01132 * supported root names: 01133 * - HKEY_LOCAL_MACHINE\ or HKLM\ 01134 * - HKEY_CLASSES_ROOT\ or HKCR\ 01135 * - HKEY_USERS\ or HKU\ 01136 * - HKEY_PERFORMANCE_DATA or HKPD\ 01137 */ 01138 POLICY_HND *parent_key; 01139 01140 /**name/path of key*/ 01141 char *name; 01142 01143 /**desired access on this key*/ 01144 uint32 access; 01145 } in; 01146 01147 struct { 01148 POLICY_HND *key; 01149 } out; 01150 }; 01151 01152 /** 01153 * Opens a registry key 01154 * @param hnd Initialized and connected server handle 01155 * @param mem_ctx Context for memory allocation 01156 * @param op Initialized parameters 01157 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01158 * @return CAC_SUCCESS The operation completed successfully 01159 */ 01160 01161 int cac_RegOpenKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegOpenKey *op); 01162 01163 struct RegEnumKeys { 01164 struct { 01165 /**enumerate subkeys of this key*/ 01166 POLICY_HND *key; 01167 01168 /**maximum number of keys to enumerate each call*/ 01169 uint32 max_keys; 01170 } in; 01171 01172 struct { 01173 /**keeps track of the index to resume enumerating*/ 01174 uint32 resume_idx; 01175 01176 /**the number of keys returned this call*/ 01177 uint32 num_keys; 01178 01179 /**array of key names*/ 01180 char **key_names; 01181 01182 /**class names of the keys*/ 01183 char **class_names; 01184 01185 /**last modification time of the key*/ 01186 time_t *mod_times; 01187 } out; 01188 }; 01189 01190 /** 01191 * Enumerates Subkeys of a given key. Can be run in a loop. Example: while(cac_RegEnumKeys(hnd, mem_ctx, op)) { ... } 01192 * @param hnd Initialized and connected server handle 01193 * @param mem_ctx Context for memory allocation 01194 * @param op Initialized Parameters 01195 * @see CAC_OP_FAILED() 01196 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01197 * @return CAC_SUCCESS The operation completed successfully 01198 */ 01199 int cac_RegEnumKeys(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumKeys *op); 01200 01201 01202 struct RegCreateKey { 01203 struct { 01204 /**create a subkey of parent_key*/ 01205 POLICY_HND *parent_key; 01206 01207 /**name of the key to create*/ 01208 char *key_name; 01209 01210 /**class of the key*/ 01211 char *class_name; 01212 01213 /**Access mask to open the key with. See REG_KEY_* in include/rpc_secdes.h*/ 01214 uint32 access; 01215 } in; 01216 01217 struct { 01218 /**Open handle to the key*/ 01219 POLICY_HND *key; 01220 } out; 01221 }; 01222 01223 /** 01224 * Creates a registry key, if the key already exists, it will be opened __Creating keys is not currently working__. 01225 * @param hnd Initialized and connected server handle 01226 * @param mem_ctx Context for memory allocation 01227 * @param op Initialized Parmeters 01228 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01229 * @return CAC_SUCCESS The operation completed successfully 01230 */ 01231 int cac_RegCreateKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegCreateKey *op); 01232 01233 struct RegDeleteKey { 01234 struct { 01235 /**handle to open registry key*/ 01236 POLICY_HND *parent_key; 01237 01238 /**name of the key to delete*/ 01239 char *name; 01240 01241 /**delete recursively. WARNING: this might not always work as planned*/ 01242 BOOL recursive; 01243 } in; 01244 01245 }; 01246 01247 /** 01248 * Deletes a subkey of an open key. Note: if you run this with op->in.recursive == True, and the operation fails, it may leave the key in an inconsistent state. 01249 * @param hnd Initialized and connected server handle 01250 * @param mem_ctx Context for memory allocation 01251 * @param op Initialized parameters 01252 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01253 * @return CAC_SUCCESS The operation completed successfully 01254 */ 01255 01256 int cac_RegDeleteKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteKey *op); 01257 01258 struct RegDeleteValue { 01259 struct { 01260 /**handle to open registry key*/ 01261 POLICY_HND *parent_key; 01262 01263 /**name of the value to delete*/ 01264 char *name; 01265 } in; 01266 }; 01267 01268 /** 01269 * Deletes a registry value. 01270 * @param hnd Initialized and connected server handle 01271 * @param mem_ctx Context for memory allocation 01272 * @param op Initialized Parameters 01273 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01274 * @return CAC_SUCCESS The operation completed successfully 01275 */ 01276 int cac_RegDeleteValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteValue *op); 01277 01278 struct RegQueryKeyInfo { 01279 struct { 01280 /**Open handle to the key to query*/ 01281 POLICY_HND *key; 01282 } in; 01283 01284 struct { 01285 /**name of the key class*/ 01286 char *class_name; 01287 01288 /**number of subkeys of the key*/ 01289 uint32 num_subkeys; 01290 01291 /**length (in characters) of the longest subkey name*/ 01292 uint32 longest_subkey; 01293 01294 /**length (in characters) of the longest class name*/ 01295 uint32 longest_class; 01296 01297 /**number of values in this key*/ 01298 uint32 num_values; 01299 01300 /**length (in characters) of the longest value name*/ 01301 uint32 longest_value_name; 01302 01303 /**length (in bytes) of the biggest value data*/ 01304 uint32 longest_value_data; 01305 01306 /**size (in bytes) of the security descriptor*/ 01307 uint32 security_desc_size; 01308 01309 /**time of the last write*/ 01310 time_t last_write_time; 01311 } out; 01312 }; 01313 01314 /** 01315 * Retrieves information about an open key 01316 * @param hnd Initialized and connected server handle 01317 * @param mem_ctx Context for memory allocation 01318 * @param op Initialized parameters 01319 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01320 * @return CAC_SUCCESS The operation completed successfully 01321 */ 01322 01323 int cac_RegQueryKeyInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryKeyInfo *op); 01324 01325 struct RegSaveKey { 01326 struct { 01327 /**Open key to be saved*/ 01328 POLICY_HND *key; 01329 01330 /**The path (on the remote computer) to save the file to*/ 01331 char *filename; 01332 } in; 01333 }; 01334 01335 /** 01336 * Saves a key to a file on the remote machine __Not currently working__. 01337 * @param hnd Initialized and connected server handle 01338 * @param mem_ctx Context for memory allocation 01339 * @param op Initialized parameters 01340 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01341 * @return CAC_SUCCESS The operation completed successfully 01342 */ 01343 01344 int cac_RegSaveKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSaveKey *op); 01345 01346 struct RegQueryValue { 01347 struct { 01348 /**handle to open registry key*/ 01349 POLICY_HND *key; 01350 01351 /**name of the value to query*/ 01352 char *val_name; 01353 } in; 01354 01355 struct { 01356 /**Value type. 01357 * One of: 01358 * - REG_DWORD (equivalent to REG_DWORD_LE) 01359 * - REG_DWORD_BE 01360 * - REG_SZ 01361 * - REG_EXPAND_SZ 01362 * - REG_MULTI_SZ 01363 * - REG_BINARY 01364 */ 01365 uint32 type; 01366 01367 /**The value*/ 01368 REG_VALUE_DATA *data; 01369 } out; 01370 }; 01371 01372 /** 01373 * Retrieves a value (type and data) _not currently working_. 01374 * @param hnd Initialized and connected server handle 01375 * @param mem_ctx Context for memory allocation 01376 * @param op Initialized parameters 01377 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01378 * @return CAC_SUCCESS The operation completed successfully 01379 */ 01380 01381 int cac_RegQueryValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryValue *op); 01382 01383 struct RegEnumValues { 01384 struct { 01385 /**handle to open key*/ 01386 POLICY_HND *key; 01387 01388 /**max number of values returned per call*/ 01389 uint32 max_values; 01390 01391 } in; 01392 01393 struct { 01394 /**keeps track of the index to resume from - used over multiple calls*/ 01395 uint32 resume_idx; 01396 01397 /**the number of values that were returned this call*/ 01398 uint32 num_values; 01399 01400 /**Array of value types. A type can be one of: 01401 * - REG_DWORD (equivalent to REG_DWORD_LE) 01402 * - REG_DWORD_BE 01403 * - REG_SZ 01404 * - REG_EXPAND_SZ 01405 * - REG_MULTI_SZ 01406 * - REG_BINARY 01407 */ 01408 uint32 *types; 01409 01410 /**array of strings storing the names of the values*/ 01411 char **value_names; 01412 01413 /**array of pointers to the value data returned*/ 01414 REG_VALUE_DATA **values; 01415 } out; 01416 }; 01417 01418 /** 01419 * Enumerates a number of Registry values in an open registry key. 01420 * Can be run in a loop. Example: while(cac_RegEnumValues(hnd, mem_ctx, op)) { ... } 01421 * @param hnd Initialized and connected server handle 01422 * @param mem_ctx Context for memory allocation 01423 * @param op Initialized Parameters 01424 * @see CAC_OP_FAILED() 01425 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01426 * @return CAC_SUCCESS The operation completed successfully 01427 */ 01428 int cac_RegEnumValues(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumValues *op); 01429 01430 struct RegSetValue { 01431 struct { 01432 /**Handle to open registry key*/ 01433 POLICY_HND *key; 01434 01435 /**Name of the value*/ 01436 char *val_name; 01437 01438 /**Value type. 01439 * One of: 01440 * - REG_DWORD (equivalent to REG_DWORD_LE) 01441 * - REG_DWORD_BE 01442 * - REG_SZ 01443 * - REG_EXPAND_SZ 01444 * - REG_MULTI_SZ 01445 * - REG_BINARY 01446 */ 01447 uint32 type; 01448 01449 /**the value*/ 01450 REG_VALUE_DATA value; 01451 } in; 01452 }; 01453 01454 /** 01455 * Sets or creates value (type and data). 01456 * @param hnd Initialized and connected server handle 01457 * @param mem_ctx Context for memory allocation 01458 * @param op Initialized parameters 01459 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01460 * @return CAC_SUCCESS The operation completed successfully 01461 */ 01462 int cac_RegSetValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetValue *op); 01463 01464 struct RegGetVersion { 01465 struct { 01466 /**open registry key*/ 01467 POLICY_HND *key; 01468 } in; 01469 01470 struct { 01471 /**version number*/ 01472 uint32 version; 01473 } out; 01474 }; 01475 01476 /** 01477 * Retrieves the registry version number 01478 * @param hnd Initialized and connected server handle 01479 * @param mem_ctx Context for memory allocation 01480 * @param op Initialized parameters 01481 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01482 * @return CAC_SUCCESS The operation completed successfully 01483 */ 01484 int cac_RegGetVersion(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetVersion *op); 01485 01486 struct RegGetKeySecurity { 01487 struct { 01488 /**Handle to key to query*/ 01489 POLICY_HND *key; 01490 01491 /**Info that you want. Should be a combination of (1 or more or'd): 01492 * - OWNER_SECURITY_INFORMATION 01493 * - GROUP_SECURITY_INFORMATION 01494 * - DACL_SECURITY_INFORMATION 01495 * - SACL_SECURITY_INFORMATION 01496 * - UNPROTECTED_SACL_SECURITY_INFORMATION 01497 * - UNPROTECTED_DACL_SECURITY_INFORMATION 01498 * - PROTECTED_SACL_SECURITY_INFORMATION 01499 * - PROTECTED_DACL_SECURITY_INFORMATION 01500 * 01501 * or use: 01502 * - ALL_SECURITY_INFORMATION 01503 * 01504 * all definitions from include/rpc_secdes.h 01505 */ 01506 uint32 info_type; 01507 } in; 01508 01509 struct { 01510 /**size of the data returned*/ 01511 uint32 size; 01512 01513 /**Security descriptor*/ 01514 SEC_DESC *descriptor; 01515 } out; 01516 }; 01517 01518 /** 01519 * Retrieves a key security descriptor. 01520 * @param hnd Initialized and connected server handle 01521 * @param mem_ctx Context for memory allocation 01522 * @param op Initialized parameters 01523 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01524 * @return CAC_SUCCESS The operation completed successfully 01525 */ 01526 01527 int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetKeySecurity *op); 01528 01529 struct RegSetKeySecurity { 01530 struct { 01531 /**Handle to key to query*/ 01532 POLICY_HND *key; 01533 01534 /**Info that you want. Should be a combination of (1 or more or'd): 01535 * - OWNER_SECURITY_INFORMATION 01536 * - GROUP_SECURITY_INFORMATION 01537 * - DACL_SECURITY_INFORMATION 01538 * - SACL_SECURITY_INFORMATION 01539 * - UNPROTECTED_SACL_SECURITY_INFORMATION 01540 * - UNPROTECTED_DACL_SECURITY_INFORMATION 01541 * - PROTECTED_SACL_SECURITY_INFORMATION 01542 * - PROTECTED_DACL_SECURITY_INFORMATION 01543 * 01544 * or use: 01545 * - ALL_SECURITY_INFORMATION 01546 * 01547 * all definitions from include/rpc_secdes.h 01548 */ 01549 uint32 info_type; 01550 01551 /**size of the descriptor*/ 01552 size_t size; 01553 01554 /**Security descriptor*/ 01555 SEC_DESC *descriptor; 01556 } in; 01557 }; 01558 01559 /** 01560 * Sets the key security descriptor. 01561 * @param hnd Initialized and connected server handle 01562 * @param mem_ctx Context for memory allocation 01563 * @param op Initialized parameters 01564 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01565 * @return CAC_SUCCESS The operation completed successfully 01566 */ 01567 int cac_RegSetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetKeySecurity *op); 01568 01569 /**@}*/ /*Reg_Functions*/ 01570 01571 struct Shutdown { 01572 struct { 01573 /**the message to display (can be NULL)*/ 01574 char *message; 01575 01576 /**timeout in seconds*/ 01577 uint32 timeout; 01578 01579 /**False = shutdown, True = reboot*/ 01580 BOOL reboot; 01581 01582 /**force the*/ 01583 BOOL force; 01584 01585 /*FIXME: make this useful*/ 01586 uint32 reason; 01587 } in; 01588 }; 01589 01590 01591 /** 01592 * Shutdown the server _not currently working_. 01593 * @param hnd Initialized and connected server handle 01594 * @param mem_ctx Context for memory allocation 01595 * @param op Initialized parameters 01596 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01597 * @return CAC_SUCCESS The operation completed successfully 01598 */ 01599 int cac_Shutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct Shutdown *op); 01600 01601 /** 01602 * Attempt to abort initiated shutdown on the server _not currently working_. 01603 * @param hnd Initialized and connected server handle 01604 * @param mem_ctx Context for memory allocation 01605 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01606 * @return CAC_SUCCESS The operation completed successfully 01607 */ 01608 int cac_AbortShutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx); 01609 01610 /***************** 01611 * SAM Functions * 01612 *****************/ 01613 01614 /**@addtogroup SAM_Functions 01615 * @{ 01616 */ 01617 struct SamConnect { 01618 struct { 01619 /**Access mask to open with 01620 * see generic access masks in include/smb.h*/ 01621 uint32 access; 01622 } in; 01623 01624 struct { 01625 POLICY_HND *sam; 01626 } out; 01627 }; 01628 01629 /** 01630 * Connects to the SAM. This can be skipped by just calling cac_SamOpenDomain() 01631 * @param hnd Initialized and connected server handle 01632 * @param mem_ctx Context for memory allocation 01633 * @param op Initialized parameters 01634 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01635 * @return CAC_SUCCESS The operation completed successfully 01636 */ 01637 01638 int cac_SamConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamConnect *op); 01639 01640 01641 /** 01642 * Closes any (SAM, domain, user, group, etc.) SAM handle. 01643 * @param hnd Initialized and connected server handle 01644 * @param mem_ctx Context for memory allocation 01645 * @param sam Handle to close 01646 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01647 * @return CAC_SUCCESS The operation completed successfully 01648 */ 01649 01650 int cac_SamClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *sam); 01651 01652 struct SamOpenDomain { 01653 struct { 01654 /**The desired access. See generic access masks - include/smb.h*/ 01655 uint32 access; 01656 01657 /**(Optional) An open handle to the SAM. If it is NULL, the function will connect to the SAM with the access mask above*/ 01658 POLICY_HND *sam; 01659 01660 /**(Optional) The SID of the domain to open. 01661 * If this this is NULL, the function will attempt to open the domain specified in hnd->domain */ 01662 DOM_SID *sid; 01663 } in; 01664 01665 struct { 01666 /**handle to the open domain*/ 01667 POLICY_HND *dom_hnd; 01668 01669 /**Handle to the open SAM*/ 01670 POLICY_HND *sam; 01671 } out; 01672 }; 01673 01674 /** 01675 * Opens a handle to a domain. This must be called before any other SAM functions 01676 * @param hnd Initialized and connected server handle 01677 * @param mem_ctx Context for memory allocation 01678 * @param op Initialized parameters 01679 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01680 * @return CAC_SUCCESS The operation completed successfully 01681 */ 01682 int cac_SamOpenDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenDomain *op); 01683 01684 struct SamCreateUser { 01685 struct { 01686 /**Open domain handle*/ 01687 POLICY_HND *dom_hnd; 01688 01689 /**Username*/ 01690 char *name; 01691 01692 /**See Allowable account control bits in include/smb.h*/ 01693 uint32 acb_mask; 01694 } in; 01695 01696 struct { 01697 /**handle to the user*/ 01698 POLICY_HND *user_hnd; 01699 01700 /**rid of the user*/ 01701 uint32 rid; 01702 } out; 01703 }; 01704 01705 /** 01706 * Creates a new domain user, if the account already exists it will _not_ be opened and hnd->status will be NT_STATUS_USER_EXISTS 01707 * @param hnd Initialized and connected server handle 01708 * @param mem_ctx Context for memory allocation 01709 * @param op Initialized parameters 01710 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01711 * @return CAC_SUCCESS The operation completed successfully 01712 */ 01713 01714 int cac_SamCreateUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateUser *op); 01715 01716 struct SamOpenUser { 01717 struct { 01718 /**Handle to open SAM connection*/ 01719 POLICY_HND *dom_hnd; 01720 01721 /**desired access - see generic access masks in include/smb.h*/ 01722 uint32 access; 01723 01724 /**RID of the user*/ 01725 uint32 rid; 01726 01727 /**(Optional) name of the user - must supply either RID or user name*/ 01728 char *name; 01729 } in; 01730 01731 struct { 01732 /**Handle to the user*/ 01733 POLICY_HND *user_hnd; 01734 } out; 01735 }; 01736 01737 /** 01738 * Opens a domain user. 01739 * @param hnd Initialized and connected server handle 01740 * @param mem_ctx Context for memory allocation 01741 * @param op Initialized parameters 01742 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01743 * @return CAC_SUCCESS The operation completed successfully 01744 */ 01745 int cac_SamOpenUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenUser *op); 01746 01747 /** 01748 * Deletes a domain user. 01749 * @param hnd Initialized and connected server handle 01750 * @param mem_ctx Context for memory allocation 01751 * @param user_hnd Open handle to the user 01752 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01753 * @return CAC_SUCCESS The operation completed successfully 01754 */ 01755 int cac_SamDeleteUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 01756 01757 01758 struct SamEnumUsers { 01759 struct { 01760 /**Open handle to a domain*/ 01761 POLICY_HND *dom_hnd; 01762 01763 /**Enumerate users with specific ACB. If 0, all users will be enumerated*/ 01764 uint32 acb_mask; 01765 } in; 01766 01767 struct { 01768 /**where to resume from. Used over multiple calls*/ 01769 uint32 resume_idx; 01770 01771 /**the number of users returned this call*/ 01772 uint32 num_users; 01773 01774 /**Array storing the rids of the returned users*/ 01775 uint32 *rids; 01776 01777 /**Array storing the names of all the users returned*/ 01778 char **names; 01779 01780 BOOL done; 01781 } out; 01782 }; 01783 01784 /** 01785 * Enumerates domain users. Can be used as a loop condition. Example: while(cac_SamEnumUsers(hnd, mem_ctx, op)) { ... } 01786 * @param hnd Initialized and connected server handle 01787 * @param mem_ctx Context for memory allocation 01788 * @param op Initialized parameters 01789 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01790 * @return CAC_SUCCESS The operation completed successfully 01791 */ 01792 int cac_SamEnumUsers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumUsers *op); 01793 01794 struct SamGetNamesFromRids { 01795 struct { 01796 /**An open handle to the domain SAM from cac_SamOpenDomain()*/ 01797 POLICY_HND *dom_hnd; 01798 01799 /**Number of RIDs to resolve*/ 01800 uint32 num_rids; 01801 01802 /**Array of RIDs to resolve*/ 01803 uint32 *rids; 01804 } in; 01805 01806 struct { 01807 /**the number of names returned - if this is 0, the map is NULL*/ 01808 uint32 num_names; 01809 01810 /**array contiaing the Names and RIDs*/ 01811 CacLookupRidsRecord *map; 01812 } out; 01813 }; 01814 01815 /** 01816 * Returns a list of names which map to a list of RIDs. 01817 * @param hnd Initialized and connected server handle 01818 * @param mem_ctx Context for memory allocation 01819 * @param op Initialized parameters 01820 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01821 * @return CAC_SUCCESS The operation completed successfully 01822 */ 01823 int cac_SamGetNamesFromRids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetNamesFromRids *op); 01824 01825 struct SamGetRidsFromNames { 01826 struct { 01827 /**An open handle to the domain SAM from cac_SamOpenDomain()*/ 01828 POLICY_HND *dom_hnd; 01829 01830 /**Number of names to resolve*/ 01831 uint32 num_names; 01832 01833 /**Array of names to resolve*/ 01834 char **names; 01835 } in; 01836 01837 struct { 01838 /**the number of names returned - if this is 0, then map is NULL*/ 01839 uint32 num_rids; 01840 01841 /**array contiaing the Names and RIDs*/ 01842 CacLookupRidsRecord *map; 01843 } out; 01844 }; 01845 01846 /** 01847 * Returns a list of RIDs which map to a list of names. 01848 * @param hnd Initialized and connected server handle 01849 * @param mem_ctx Context for memory allocation 01850 * @param op Initialized parameters 01851 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01852 * @return CAC_SUCCESS The operation completed successfully 01853 */ 01854 int cac_SamGetRidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetRidsFromNames *op); 01855 01856 struct SamGetGroupsForUser { 01857 struct { 01858 /**An open handle to the user*/ 01859 POLICY_HND *user_hnd; 01860 } in; 01861 01862 struct { 01863 /**The number of groups the user is a member of*/ 01864 uint32 num_groups; 01865 01866 /**The RIDs of the groups*/ 01867 uint32 *rids; 01868 01869 /**The attributes of the groups*/ 01870 uint32 *attributes; 01871 } out; 01872 }; 01873 /** 01874 * Retrieves a list of groups that a user is a member of. 01875 * @param hnd Initialized and connected server handle 01876 * @param mem_ctx Context for memory allocation 01877 * @param op Initialized parameters 01878 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01879 * @return CAC_SUCCESS The operation completed successfully 01880 */ 01881 int cac_SamGetGroupsForUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupsForUser *op); 01882 01883 struct SamOpenGroup { 01884 struct { 01885 /**Open handle to the domain SAM*/ 01886 POLICY_HND *dom_hnd; 01887 01888 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 01889 uint32 access; 01890 01891 /**rid of the group*/ 01892 uint32 rid; 01893 } in; 01894 01895 struct { 01896 /**Handle to the group*/ 01897 POLICY_HND *group_hnd; 01898 } out; 01899 }; 01900 01901 /** 01902 * Opens a domain group. 01903 * @param hnd Initialized and connected server handle 01904 * @param mem_ctx Context for memory allocation 01905 * @param op Initialized parameters 01906 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01907 * @return CAC_SUCCESS The operation completed successfully 01908 */ 01909 int cac_SamOpenGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenGroup *op); 01910 01911 struct SamCreateGroup { 01912 struct { 01913 /**Open handle to the domain SAM*/ 01914 POLICY_HND *dom_hnd; 01915 01916 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 01917 uint32 access; 01918 01919 /**The name of the group*/ 01920 char *name; 01921 } in; 01922 01923 struct { 01924 /**Handle to the group*/ 01925 POLICY_HND *group_hnd; 01926 } out; 01927 }; 01928 01929 /** 01930 * Creates a group. If the group already exists it will not be opened. 01931 * @param hnd Initialized and connected server handle 01932 * @param mem_ctx Context for memory allocation 01933 * @param op Initialized parameters 01934 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01935 * @return CAC_SUCCESS The operation completed successfully 01936 */ 01937 int cac_SamCreateGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateGroup *op); 01938 01939 /** 01940 * Deletes a domain group. 01941 * @param hnd Initialized and connected server handle 01942 * @param mem_ctx Context for memory allocation 01943 * @param group_hnd Open handle to the group. 01944 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01945 * @return CAC_SUCCESS The operation completed successfully 01946 */ 01947 int cac_SamDeleteGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); 01948 01949 struct SamGetGroupMembers { 01950 struct { 01951 /**Open handle to a group*/ 01952 POLICY_HND *group_hnd; 01953 } in; 01954 01955 struct { 01956 /**The number of members in the group*/ 01957 uint32 num_members; 01958 01959 /**An array storing the RIDs of the users*/ 01960 uint32 *rids; 01961 01962 /**The attributes*/ 01963 uint32 *attributes; 01964 } out; 01965 }; 01966 01967 /** 01968 * Retrives a list of users in a group. 01969 * @param hnd Initialized and connected server handle 01970 * @param mem_ctx Context for memory allocation 01971 * @param op Initialized parameters 01972 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01973 * @return CAC_SUCCESS The operation completed successfully 01974 */ 01975 int cac_SamGetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupMembers *op); 01976 01977 struct SamAddGroupMember { 01978 struct { 01979 /**Open handle to a group*/ 01980 POLICY_HND *group_hnd; 01981 01982 /**RID of new member*/ 01983 uint32 rid; 01984 } in; 01985 }; 01986 01987 /** 01988 * Adds a user to a group. 01989 * @param hnd Initialized and connected server handle 01990 * @param mem_ctx Context for memory allocation 01991 * @param op Initialized parameters 01992 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 01993 * @return CAC_SUCCESS The operation completed successfully 01994 */ 01995 int cac_SamAddGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddGroupMember *op); 01996 01997 struct SamRemoveGroupMember { 01998 struct { 01999 /**Open handle to a group*/ 02000 POLICY_HND *group_hnd; 02001 02002 /**RID of member to remove*/ 02003 uint32 rid; 02004 } in; 02005 }; 02006 02007 /** 02008 * Removes a user from a group. 02009 * @param hnd Initialized and connected server handle 02010 * @param mem_ctx Context for memory allocation 02011 * @param op Initialized parameters 02012 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02013 * @return CAC_SUCCESS The operation completed successfully 02014 */ 02015 int cac_SamRemoveGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveGroupMember *op); 02016 02017 /** 02018 * Removes all the members of a group - warning: if this function fails is is possible that some but not all members were removed 02019 * @param hnd Initialized and connected server handle 02020 * @param mem_ctx Context for memory allocation 02021 * @param group_hnd Open handle to the group to clear 02022 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02023 * @return CAC_SUCCESS The operation completed successfully 02024 */ 02025 int cac_SamClearGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); 02026 02027 struct SamSetGroupMembers { 02028 struct { 02029 /**Open handle to the group*/ 02030 POLICY_HND *group_hnd; 02031 02032 /**Number of members in the group - if this is 0, all members of the group will be removed*/ 02033 uint32 num_members; 02034 02035 /**The RIDs of the users to add*/ 02036 uint32 *rids; 02037 } in; 02038 }; 02039 02040 /** 02041 * Clears the members of a group and adds a list of members to the group 02042 * @param hnd Initialized and connected server handle 02043 * @param mem_ctx Context for memory allocation 02044 * @param op Initialized parameters 02045 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02046 * @return CAC_SUCCESS The operation completed successfully 02047 */ 02048 int cac_SamSetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupMembers *op); 02049 02050 struct SamEnumGroups { 02051 struct { 02052 /**Open handle to a domain*/ 02053 POLICY_HND *dom_hnd; 02054 } in; 02055 02056 struct { 02057 /**Where to resume from _do not_ modify this value. Used over multiple calls.*/ 02058 uint32 resume_idx; 02059 02060 /**the number of users returned this call*/ 02061 uint32 num_groups; 02062 02063 /**Array storing the rids of the returned groups*/ 02064 uint32 *rids; 02065 02066 /**Array storing the names of all the groups returned*/ 02067 char **names; 02068 02069 /**Array storing the descriptions of all the groups returned*/ 02070 char **descriptions; 02071 02072 BOOL done; 02073 } out; 02074 }; 02075 02076 /** 02077 * Enumerates domain groups. Can be used as a loop condition. Example: while(cac_SamEnumGroups(hnd, mem_ctx, op)) { ... } 02078 * @param hnd Initialized and connected server handle 02079 * @param mem_ctx Context for memory allocation 02080 * @param op Initialized parameters 02081 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02082 * @return CAC_SUCCESS The operation completed successfully 02083 */ 02084 int cac_SamEnumGroups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumGroups *op); 02085 02086 struct SamEnumAliases { 02087 struct { 02088 /**Open handle to a domain*/ 02089 POLICY_HND *dom_hnd; 02090 } in; 02091 02092 struct { 02093 /**where to resume from. Used over multiple calls*/ 02094 uint32 resume_idx; 02095 02096 /**the number of users returned this call*/ 02097 uint32 num_aliases; 02098 02099 /**Array storing the rids of the returned groups*/ 02100 uint32 *rids; 02101 02102 /**Array storing the names of all the groups returned*/ 02103 char **names; 02104 02105 /**Array storing the descriptions of all the groups returned*/ 02106 char **descriptions; 02107 02108 BOOL done; 02109 } out; 02110 }; 02111 02112 /** 02113 * Enumerates domain aliases. Can be used as a loop condition. Example: while(cac_SamEnumAliases(hnd, mem_ctx, op)) { ... } 02114 * @param hnd Initialized and connected server handle 02115 * @param mem_ctx Context for memory allocation 02116 * @param op Initialized parameters 02117 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02118 * @return CAC_SUCCESS The operation completed successfully 02119 */ 02120 int cac_SamEnumAliases(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumAliases *op); 02121 02122 struct SamCreateAlias { 02123 struct { 02124 /**Open handle to the domain SAM*/ 02125 POLICY_HND *dom_hnd; 02126 02127 /**The name of the alias*/ 02128 char *name; 02129 } in; 02130 02131 struct { 02132 /**Handle to the group*/ 02133 POLICY_HND *alias_hnd; 02134 } out; 02135 }; 02136 02137 /** 02138 * Creates an alias. If the alias already exists it will not be opened. 02139 * @param hnd Initialized and connected server handle 02140 * @param mem_ctx Context for memory allocation 02141 * @param op Initialized parameters 02142 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02143 * @return CAC_SUCCESS The operation completed successfully 02144 */ 02145 02146 int cac_SamCreateAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateAlias *op); 02147 02148 struct SamOpenAlias { 02149 struct { 02150 /**Open handle to the domain SAM*/ 02151 POLICY_HND *dom_hnd; 02152 02153 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 02154 uint32 access; 02155 02156 /**rid of the alias*/ 02157 uint32 rid; 02158 } in; 02159 02160 struct { 02161 /**Handle to the alias*/ 02162 POLICY_HND *alias_hnd; 02163 } out; 02164 }; 02165 02166 /** 02167 * Opens a handle to an alias. 02168 * @param hnd Initialized and connected server handle 02169 * @param mem_ctx Context for memory allocation 02170 * @param op Initialized parameters 02171 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02172 * @return CAC_SUCCESS The operation completed successfully 02173 */ 02174 int cac_SamOpenAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenAlias *op); 02175 02176 /** 02177 * Deletes an alias. 02178 * @param hnd Initialized and connected server handle 02179 * @param mem_ctx Context for memory allocation 02180 * @param alias_hnd Open handle to the alias 02181 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02182 * @return CAC_SUCCESS The operation completed successfully 02183 */ 02184 int cac_SamDeleteAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); 02185 02186 struct SamAddAliasMember { 02187 struct { 02188 /**Open handle to a alias*/ 02189 POLICY_HND *alias_hnd; 02190 02191 /**SID of new member*/ 02192 DOM_SID *sid; 02193 } in; 02194 }; 02195 02196 /** 02197 * Adds an account to an alias. 02198 * @param hnd Initialized and connected server handle 02199 * @param mem_ctx Context for memory allocation 02200 * @param op Initialized parameters 02201 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02202 * @return CAC_SUCCESS The operation completed successfully 02203 */ 02204 int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op); 02205 02206 struct SamRemoveAliasMember { 02207 struct { 02208 /**Open handle to the alias*/ 02209 POLICY_HND *alias_hnd; 02210 02211 /**The SID of the member*/ 02212 DOM_SID *sid; 02213 } in; 02214 }; 02215 02216 /** 02217 * Removes an account from an alias. 02218 * @param hnd Initialized and connected server handle 02219 * @param mem_ctx Context for memory allocation 02220 * @param op Initialized parameters 02221 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02222 * @return CAC_SUCCESS The operation completed successfully 02223 */ 02224 int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op); 02225 02226 struct SamGetAliasMembers { 02227 struct { 02228 /**Open handle to the alias*/ 02229 POLICY_HND *alias_hnd; 02230 } in; 02231 02232 struct { 02233 /**The number of members*/ 02234 uint32 num_members; 02235 02236 /**An array storing the SIDs of the accounts*/ 02237 DOM_SID *sids; 02238 } out; 02239 }; 02240 02241 /** 02242 * Retrieves a list of all accounts in an alias. 02243 * @param hnd Initialized and connected server handle 02244 * @param mem_ctx Context for memory allocation 02245 * @param op Initialized parameters 02246 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02247 * @return CAC_SUCCESS The operation completed successfully 02248 */ 02249 int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op); 02250 02251 /** 02252 * Removes all the members of an alias - warning: if this function fails is is possible that some but not all members were removed 02253 * @param hnd Initialized and connected server handle 02254 * @param mem_ctx Context for memory allocation 02255 * @param alias_hnd Handle to the alias to clear 02256 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02257 * @return CAC_SUCCESS The operation completed successfully 02258 */ 02259 02260 int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); 02261 02262 struct SamSetAliasMembers { 02263 struct { 02264 /**Open handle to the group*/ 02265 POLICY_HND *alias_hnd; 02266 02267 /**Number of members in the group - if this is 0, all members of the group will be removed*/ 02268 uint32 num_members; 02269 02270 /**The SIDs of the accounts to add*/ 02271 DOM_SID *sids; 02272 } in; 02273 }; 02274 02275 /** 02276 * Clears the members of an alias and adds a list of members to the alias 02277 * @param hnd Initialized and connected server handle 02278 * @param mem_ctx Context for memory allocation 02279 * @param op Initialized parameters 02280 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02281 * @return CAC_SUCCESS The operation completed successfully 02282 */ 02283 int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op); 02284 02285 02286 struct SamUserChangePasswd { 02287 struct { 02288 /**The username*/ 02289 char *username; 02290 02291 /**The current password*/ 02292 char *password; 02293 02294 /**The new password*/ 02295 char *new_password; 02296 } in; 02297 }; 02298 /**Used by a user to change their password*/ 02299 int cac_SamUserChangePasswd(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamUserChangePasswd *op); 02300 02301 /** 02302 * Enables a user 02303 * @param hnd Initialized and connected server handle 02304 * @param mem_ctx Context for memory allocation 02305 * @param user_hnd Open handle to the user to enable 02306 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02307 * @return CAC_SUCCESS The operation completed successfully 02308 */ 02309 int cac_SamEnableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 02310 02311 /** 02312 * Disables a user 02313 * @param hnd Initialized and connected server handle 02314 * @param mem_ctx Context for memory allocation 02315 * @param user_hnd Open handle to the user to disables 02316 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02317 * @return CAC_SUCCESS The operation completed successfully 02318 */ 02319 int cac_SamDisableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 02320 02321 struct SamSetPassword { 02322 struct { 02323 /**Open handle to a user*/ 02324 POLICY_HND *user_hnd; 02325 02326 /**The new password*/ 02327 char *password; 02328 } in; 02329 }; 02330 02331 /** 02332 * Sets a user's password 02333 * @param hnd Initialized and connected server handle 02334 * @param mem_ctx Context for memory allocation 02335 * @param op Initialized parameters 02336 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02337 * @return CAC_SUCCESS The operation completed successfully 02338 */ 02339 02340 int cac_SamSetPassword(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetPassword *op); 02341 02342 struct SamGetUserInfo { 02343 struct { 02344 /**Open Handle to a user*/ 02345 POLICY_HND *user_hnd; 02346 } in; 02347 02348 struct { 02349 CacUserInfo *info; 02350 } out; 02351 }; 02352 02353 /** 02354 * Retrieves user information using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly, use cac_SamGetUserInfoCtr() 02355 * @param hnd Initialized and connected server handle 02356 * @param mem_ctx Context for memory allocation 02357 * @param op Initialized parameters 02358 * @see cac_SamGetUserInfoCtr() 02359 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02360 * @return CAC_SUCCESS The operation completed successfully 02361 */ 02362 int cac_SamGetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfo *op); 02363 02364 struct SamSetUserInfo { 02365 struct { 02366 /**Open handle to a user*/ 02367 POLICY_HND *user_hnd; 02368 02369 /**Structure containing the data you would like to set*/ 02370 CacUserInfo *info; 02371 } in; 02372 }; 02373 02374 /** 02375 * Sets the user info using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly use cac_SamSetUserInfoCtr(). 02376 * @note All fields in the CacUserInfo structure will be set. Best to call cac_GetUserInfo() modify fields that you want, and then call cac_SetUserInfo(). 02377 * @note When calling this, you _must_ set the user's password. 02378 * @param hnd Initialized and connected server handle 02379 * @param mem_ctx Context for memory allocation 02380 * @param op Initialized parameters 02381 * @see cac_SamSetUserInfoCtr() 02382 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02383 * @return CAC_SUCCESS The operation completed successfully 02384 */ 02385 int cac_SamSetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfo *op); 02386 02387 struct SamGetUserInfoCtr { 02388 struct { 02389 /**Open handle to a user*/ 02390 POLICY_HND *user_hnd; 02391 02392 /**What USER_INFO structure you want. See include/rpc_samr.h*/ 02393 uint16 info_class; 02394 } in; 02395 02396 struct { 02397 /**returned user info*/ 02398 SAM_USERINFO_CTR *ctr; 02399 } out; 02400 }; 02401 02402 /** 02403 * Retrieves user information using a SAM_USERINFO_CTR structure. If you don't want to use this structure, user SamGetUserInfo() 02404 * @param hnd Initialized and connected server handle 02405 * @param mem_ctx Context for memory allocation 02406 * @param op Initialized parameters 02407 * @see cac_SamGetUserInfo() 02408 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02409 * @return CAC_SUCCESS The operation completed successfully 02410 */ 02411 int cac_SamGetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfoCtr *op); 02412 02413 struct SamSetUserInfoCtr { 02414 struct { 02415 /**Open handle to a user*/ 02416 POLICY_HND *user_hnd; 02417 02418 /**user info - make sure ctr->switch_value is set properly*/ 02419 SAM_USERINFO_CTR *ctr; 02420 } in; 02421 }; 02422 02423 /** 02424 * Sets the user info using a SAM_USERINFO_CTR structure. If you don't want to use this structure, use cac_SamSetUserInfo() 02425 * @param hnd Initialized and connected server handle 02426 * @param mem_ctx Context for memory allocation 02427 * @param op Initialized parameters 02428 * @see cac_SamSetUserInfo() 02429 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02430 * @return CAC_SUCCESS The operation completed successfully 02431 */ 02432 02433 int cac_SamSetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfoCtr *op); 02434 02435 struct SamRenameUser { 02436 struct { 02437 /**Open handle to user*/ 02438 POLICY_HND *user_hnd; 02439 02440 /**New user name*/ 02441 char *new_name; 02442 } in; 02443 }; 02444 02445 /** 02446 * Changes the name of a user. 02447 * @param hnd Initialized and connected server handle 02448 * @param mem_ctx Context for memory allocation 02449 * @param op Initialized parameters 02450 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02451 * @return CAC_SUCCESS The operation completed successfully 02452 */ 02453 int cac_SamRenameUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameUser *op); 02454 02455 struct SamGetGroupInfo { 02456 struct { 02457 /**Open handle to a group*/ 02458 POLICY_HND *group_hnd; 02459 } in; 02460 02461 struct { 02462 /**Returned info about the group*/ 02463 CacGroupInfo *info; 02464 } out; 02465 }; 02466 02467 /** 02468 * Retrieves information about a group. 02469 * @param hnd Initialized and connected server handle 02470 * @param mem_ctx Context for memory allocation 02471 * @param op Initialized parameters 02472 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02473 * @return CAC_SUCCESS The operation completed successfully 02474 */ 02475 int cac_SamGetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupInfo *op); 02476 02477 struct SamSetGroupInfo { 02478 struct { 02479 /**Open handle to a group*/ 02480 POLICY_HND *group_hnd; 02481 02482 /**group info*/ 02483 CacGroupInfo *info; 02484 } in; 02485 }; 02486 02487 /** 02488 * Sets information about a group. 02489 * @param hnd Initialized and connected server handle 02490 * @param mem_ctx Context for memory allocation 02491 * @param op Initialized parameters 02492 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02493 * @return CAC_SUCCESS The operation completed successfully 02494 */ 02495 int cac_SamSetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupInfo *op); 02496 02497 struct SamRenameGroup { 02498 struct { 02499 /**Open handle to a group*/ 02500 POLICY_HND *group_hnd; 02501 02502 /**New name*/ 02503 char *new_name; 02504 } in; 02505 }; 02506 02507 /** 02508 * Changes the name of a group 02509 * @param hnd Initialized and connected server handle 02510 * @param mem_ctx Context for memory allocation 02511 * @param op Initialized parameters 02512 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02513 * @return CAC_SUCCESS The operation completed successfully 02514 */ 02515 02516 int cac_SamRenameGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameGroup *op); 02517 02518 struct SamGetAliasInfo { 02519 struct { 02520 /**Open handle to an alias*/ 02521 POLICY_HND *alias_hnd; 02522 } in; 02523 02524 struct { 02525 /**Returned alias info*/ 02526 CacAliasInfo *info; 02527 } out; 02528 }; 02529 02530 /** 02531 * Retrieves information about an alias. 02532 * @param hnd Initialized and connected server handle 02533 * @param mem_ctx Context for memory allocation 02534 * @param op Initialized parameters 02535 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02536 * @return CAC_SUCCESS The operation completed successfully 02537 */ 02538 int cac_SamGetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasInfo *op); 02539 02540 struct SamSetAliasInfo { 02541 struct { 02542 /**Open handle to an alias*/ 02543 POLICY_HND *alias_hnd; 02544 02545 /**Returned alias info*/ 02546 CacAliasInfo *info; 02547 } in; 02548 }; 02549 02550 /** 02551 * Sets information about an alias. 02552 * @param hnd Initialized and connected server handle 02553 * @param mem_ctx Context for memory allocation 02554 * @param op Initialized parameters 02555 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 02556 * @return CAC_SUCCESS The operation completed successfully 02557 */ 02558 int cac_SamSetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasInfo *op); 02559 02560 struct SamGetDomainInfo { 02561 struct { 02562 /**Open handle to the domain SAM*/ 02563 POLICY_HND *dom_hnd; 02564 } in; 02565 02566 struct { 02567 /**Returned domain info*/ 02568 CacDomainInfo *info; 02569 } out; 02570 }; 02571 02572 /** 02573 * Gets domain information in the form of a CacDomainInfo structure. 02574 * @param hnd Initialized and connected server handle 02575 * @param mem_ctx Context for memory allocation 02576 * @param op Initialized parameters 02577 * @see SamGetDomainInfoCtr() 02578 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02579 * @return CAC_SUCCESS - the operation was successful 02580 * @return CAC_PARTIAL_SUCCESS - This function makes 3 rpc calls, if one or two fail and the rest succeed, 02581 * not all fields in the CacDomainInfo structure will be filled 02582 */ 02583 int cac_SamGetDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfo *op); 02584 02585 struct SamGetDomainInfoCtr { 02586 struct { 02587 /**Open handle to domain*/ 02588 POLICY_HND *dom_hnd; 02589 02590 /**What info level you want*/ 02591 uint16 info_class; 02592 } in; 02593 02594 struct { 02595 SAM_UNK_CTR *info; 02596 } out; 02597 }; 02598 02599 /** 02600 * Gets domain information in the form of a SAM_UNK_CTR structure. 02601 * @param hnd Initialized and connected server handle 02602 * @param mem_ctx Context for memory allocation 02603 * @param op Initialized parameters 02604 * @see SamGetDomainInfo() 02605 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02606 * @return CAC_SUCCESS - the operation was successful 02607 */ 02608 int cac_SamGetDomainInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfoCtr *op); 02609 02610 struct SamGetDisplayInfo { 02611 struct { 02612 /**Open handle to domain*/ 02613 POLICY_HND *dom_hnd; 02614 02615 /**What type of data*/ 02616 uint16 info_class; 02617 02618 /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ 02619 uint32 max_entries; 02620 02621 /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ 02622 uint32 max_size; 02623 } in; 02624 02625 struct { 02626 /**Do not modify this value, use the same value between multiple calls (ie in while loop)*/ 02627 uint32 resume_idx; 02628 02629 /**Number of entries returned*/ 02630 uint32 num_entries; 02631 02632 /**Returned display info*/ 02633 SAM_DISPINFO_CTR ctr; 02634 02635 /**Internal value. Do not modify.*/ 02636 uint32 loop_count; 02637 02638 BOOL done; 02639 } out; 02640 }; 02641 02642 /** 02643 * Gets dislpay information using a SAM_DISPINFO_CTR. 02644 * @param hnd Initialized and connected server handle 02645 * @param mem_ctx Context for memory allocation 02646 * @param op Initialized parameters 02647 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02648 * @return CAC_SUCCESS - the operation was successful 02649 */ 02650 int cac_SamGetDisplayInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDisplayInfo *op); 02651 02652 struct SamLookupDomain { 02653 struct { 02654 /**Open handle to the sam (opened with cac_SamConnect() or cac_SamOpenDomain()*/ 02655 POLICY_HND *sam; 02656 02657 /**Name of the domain to lookup*/ 02658 char *name; 02659 } in; 02660 02661 struct { 02662 /**SID of the domain*/ 02663 DOM_SID *sid; 02664 } out; 02665 }; 02666 02667 /** 02668 * Looks up a Domain SID given it's name. 02669 * @param hnd Initialized and connected server handle 02670 * @param mem_ctx Context for memory allocation 02671 * @param op Initialized parameters 02672 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02673 * @return CAC_SUCCESS - the operation was successful 02674 */ 02675 int cac_SamLookupDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamLookupDomain *op); 02676 02677 struct SamGetSecurityObject { 02678 struct { 02679 /**An open handle (SAM, domain or user)*/ 02680 POLICY_HND *pol; 02681 } in; 02682 02683 struct { 02684 SEC_DESC_BUF *sec; 02685 } out; 02686 }; 02687 02688 /** 02689 * Retrievies Security descriptor information for a SAM/Domain/user 02690 * @param hnd Initialized and connected server handle 02691 * @param mem_ctx Context for memory allocation 02692 * @param op Initialized parameters 02693 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02694 * @return CAC_SUCCESS - the operation was successful 02695 */ 02696 int cac_SamGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetSecurityObject *op); 02697 02698 struct SamFlush { 02699 struct { 02700 /**Open handle to the domain SAM*/ 02701 POLICY_HND *dom_hnd; 02702 02703 /**(Optional)Domain SID. If NULL, the domain in hnd->domain will be opened*/ 02704 DOM_SID *sid; 02705 02706 /**(Optional)Desired access to re-open the domain with. If 0, MAXIMUM_ALLOWED_ACCESS is used.*/ 02707 uint32 access; 02708 } in; 02709 }; 02710 02711 /** 02712 * Closes the domain handle, then re-opens it - effectively flushing any changes made. 02713 * WARNING: if this fails you will no longer have an open handle to the domain SAM. 02714 * @param hnd Initialized and connected server handle 02715 * @param mem_ctx Context for memory allocation 02716 * @param op Initialized Parameters 02717 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02718 * @return CAC_SUCCESS - the operation was successful 02719 */ 02720 int cac_SamFlush(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamFlush *op); 02721 02722 /**@}*/ /*SAM_Functions*/ 02723 02724 /**@addtogroup SCM_Functions 02725 * @{ 02726 */ 02727 02728 struct SvcOpenScm { 02729 struct { 02730 /**Desired access to open the Handle with. See SC_RIGHT_MGR_* or SC_MANAGER_* in include/rpc_secdes.h*/ 02731 uint32 access; 02732 } in; 02733 02734 struct { 02735 /**Handle to the SCM*/ 02736 POLICY_HND *scm_hnd; 02737 } out; 02738 }; 02739 02740 /** 02741 * Opens a handle to the SCM on the remote machine. 02742 * @param hnd Initialized and connected server handle 02743 * @param mem_ctx Context for memory allocation 02744 * @param op Initialized parameters 02745 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02746 * @return CAC_SUCCESS - the operation was successful 02747 */ 02748 int cac_SvcOpenScm(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenScm *op); 02749 02750 /** 02751 * Closes an Svc handle (SCM or Service) 02752 * @param hnd Initialized and connected server handle 02753 * @param mem_ctx Context for memory allocation 02754 * @param scm_hnd The handle to close 02755 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02756 * @return CAC_SUCCESS - the operation was successful 02757 */ 02758 int cac_SvcClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *scm_hnd); 02759 02760 struct SvcEnumServices { 02761 struct { 02762 /**Open handle to the SCM*/ 02763 POLICY_HND *scm_hnd; 02764 02765 /**(Optional)Type of service to enumerate. Possible values: 02766 * - SVCCTL_TYPE_WIN32 02767 * - SVCCTL_TYPE_DRIVER 02768 * If this is 0, (SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32) is assumed. 02769 */ 02770 uint32 type; 02771 02772 /**(Optional)State of service to enumerate. Possible values: 02773 * - SVCCTL_STATE_ACTIVE 02774 * - SVCCTL_STATE_INACTIVE 02775 * - SVCCTL_STATE_ALL 02776 * If this is 0, SVCCTL_STATE_ALL is assumed. 02777 */ 02778 uint32 state; 02779 } in; 02780 02781 struct { 02782 /**Number of services returned*/ 02783 uint32 num_services; 02784 02785 /**Array of service structures*/ 02786 CacService *services; 02787 } out; 02788 }; 02789 02790 /** 02791 * Enumerates services on the remote machine. 02792 * @param hnd Initialized and connected server handle 02793 * @param mem_ctx Context for memory allocation 02794 * @param op Initialized parameters 02795 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02796 * @return CAC_SUCCESS - the operation was successful 02797 */ 02798 int cac_SvcEnumServices(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcEnumServices *op); 02799 02800 struct SvcOpenService { 02801 struct { 02802 /**Handle to the Service Control Manager*/ 02803 POLICY_HND *scm_hnd; 02804 02805 /**Access mask to open service with see SERVICE_* or SC_RIGHT_SVC_* in include/rpc_secdes.h*/ 02806 uint32 access; 02807 02808 /**The name of the service. _not_ the display name*/ 02809 char *name; 02810 } in; 02811 02812 struct { 02813 /**Handle to the open service*/ 02814 POLICY_HND *svc_hnd; 02815 } out; 02816 }; 02817 02818 /** 02819 * Opens a handle to a service. 02820 * @param hnd Initialized and connected server handle 02821 * @param mem_ctx Context for memory allocation 02822 * @param op Initialized Parameters 02823 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02824 * @return CAC_SUCCESS - the operation was successful 02825 */ 02826 02827 int cac_SvcOpenService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenService *op); 02828 02829 struct SvcGetStatus { 02830 struct { 02831 /**Open handle to the service to query*/ 02832 POLICY_HND *svc_hnd; 02833 } in; 02834 02835 struct { 02836 /**The status of the service. See include/rpc_svcctl.h for SERVICE_STATUS definition.*/ 02837 SERVICE_STATUS status; 02838 } out; 02839 }; 02840 02841 /** 02842 * Retrieves the status of a service. 02843 * @param hnd Initialized and connected server handle 02844 * @param mem_ctx Context for memory allocation 02845 * @param op Initialized Parameters 02846 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02847 * @return CAC_SUCCESS - the operation was successful 02848 */ 02849 int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetStatus *op); 02850 02851 struct SvcStartService { 02852 struct { 02853 /**open handle to the service*/ 02854 POLICY_HND *svc_hnd; 02855 02856 /**Array of parameters to start the service with. Can be NULL if num_parms is 0*/ 02857 char **parms; 02858 02859 /**Number of parameters in the parms array*/ 02860 uint32 num_parms; 02861 02862 /**Number of seconds to wait for the service to actually start. If this is 0, then the status will not be checked after the initial call*/ 02863 uint32 timeout; 02864 } in; 02865 }; 02866 02867 /** 02868 * Attempts to start a service. 02869 * @param hnd Initialized and connected server handle 02870 * @param mem_ctx Context for memory allocation 02871 * @param op Initialized Parameters 02872 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02873 * @return CAC_SUCCESS - the operation was successful 02874 */ 02875 02876 int cac_SvcStartService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStartService *op); 02877 02878 struct SvcControlService { 02879 struct { 02880 /**Open handle to the service to control*/ 02881 POLICY_HND *svc_hnd; 02882 02883 /**The control operation to perform. Possible values (from include/rpc_svcctl.h): 02884 * - SVCCTL_CONTROL_STOP 02885 * - SVCCTL_CONTROL_PAUSE 02886 * - SVCCTL_CONTROL_CONTINUE 02887 * - SVCCTL_CONTROL_SHUTDOWN 02888 */ 02889 uint32 control; 02890 } in; 02891 02892 struct { 02893 /**The returned status of the service, _immediately_ after the call*/ 02894 SERVICE_STATUS *status; 02895 } out; 02896 }; 02897 02898 /** 02899 * Performs a control operation on a service and _immediately_ returns. 02900 * @see cac_SvcStopService() 02901 * @see cac_SvcPauseService() 02902 * @see cac_SvcContinueService() 02903 * @see cac_SvcShutdownService() 02904 * @param hnd Initialized and connected server handle 02905 * @param mem_ctx Context for memory allocation 02906 * @param op Initialized Parameters 02907 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 02908 * @return CAC_SUCCESS - the operation was successful 02909 */ 02910 int cac_SvcControlService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcControlService *op); 02911 02912 struct SvcStopService { 02913 struct { 02914 /**Open handle to the service*/ 02915 POLICY_HND *svc_hnd; 02916 02917 /**Number of seconds to wait for the service to actually start. 02918 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 02919 */ 02920 uint32 timeout; 02921 } in; 02922 02923 struct { 02924 /**Status of the service after the operation*/ 02925 SERVICE_STATUS status; 02926 } out; 02927 }; 02928 02929 /** 02930 * Attempts to stop a service. 02931 * @see cacSvcControlService() 02932 * @param hnd Initialized and connected server handle 02933 * @param mem_ctx Context for memory allocation 02934 * @param op Initialized Parameters 02935 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 02936 * @return CAC_SUCCESS - the operation was successful 02937 */ 02938 int cac_SvcStopService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStopService *op); 02939 02940 struct SvcPauseService { 02941 struct { 02942 /**Open handle to the service*/ 02943 POLICY_HND *svc_hnd; 02944 02945 /**Number of seconds to wait for the service to actually start. 02946 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 02947 */ 02948 uint32 timeout; 02949 } in; 02950 02951 struct { 02952 /**Status of the service after the operation*/ 02953 SERVICE_STATUS status; 02954 } out; 02955 }; 02956 02957 /** 02958 * Attempts to pause a service. 02959 * @see cacSvcControlService() 02960 * @param hnd Initialized and connected server handle 02961 * @param mem_ctx Context for memory allocation 02962 * @param op Initialized Parameters 02963 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 02964 * @return CAC_SUCCESS - the operation was successful 02965 */ 02966 int cac_SvcPauseService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcPauseService *op); 02967 02968 struct SvcContinueService { 02969 struct { 02970 /**Open handle to the service*/ 02971 POLICY_HND *svc_hnd; 02972 02973 /**Number of seconds to wait for the service to actually start. 02974 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 02975 */ 02976 uint32 timeout; 02977 } in; 02978 02979 struct { 02980 /**Status of the service after the operation*/ 02981 SERVICE_STATUS status; 02982 } out; 02983 }; 02984 02985 /** 02986 * Attempts to continue a paused service. 02987 * @see cacSvcControlService() 02988 * @param hnd Initialized and connected server handle 02989 * @param mem_ctx Context for memory allocation 02990 * @param op Initialized Parameters 02991 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 02992 * @return CAC_SUCCESS - the operation was successful 02993 */ 02994 int cac_SvcContinueService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcContinueService *op); 02995 02996 struct SvcGetDisplayName { 02997 struct { 02998 /**Open handle to the service*/ 02999 POLICY_HND *svc_hnd; 03000 } in; 03001 03002 struct { 03003 /**The returned display name of the service*/ 03004 char *display_name; 03005 } out; 03006 }; 03007 03008 /** 03009 * Retrieves the display name of a service _not currently working_ 03010 * @param hnd Initialized and connected server handle 03011 * @param mem_ctx Context for memory allocation 03012 * @param op Initialized Parameters 03013 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 03014 * @return CAC_SUCCESS - the operation was successful 03015 */ 03016 int cac_SvcGetDisplayName(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetDisplayName *op); 03017 03018 struct SvcGetServiceConfig { 03019 struct { 03020 /**Open handle to the service*/ 03021 POLICY_HND *svc_hnd; 03022 } in; 03023 03024 struct { 03025 /**Returned Configuration information*/ 03026 CacServiceConfig config; 03027 } out; 03028 }; 03029 03030 /** 03031 * Retrieves configuration information about a service. 03032 * @param hnd Initialized and connected server handle 03033 * @param mem_ctx Context for memory allocation 03034 * @param op Initialized Parameters 03035 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 03036 * @return CAC_SUCCESS - the operation was successful 03037 */ 03038 int cac_SvcGetServiceConfig(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetServiceConfig *op); 03039 03040 /**@}*/ /*SCM_Functions*/ 03041 03042 struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx); 03043 03044 #endif /* LIBMSRPC_H */ 03045 03046