1/* 2 * Unix SMB/CIFS implementation. 3 * MS-RPC client library API definitions/prototypes 4 * 5 * Copyright (C) Chris Nicholls 2005. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 20 */ 21 22#ifndef LIBMSRPC_H 23#define LIBMSRPC_H 24 25 26#include "includes.h" 27#include "libsmbclient.h" 28#include "libsmb_internal.h" 29 30/*server capability levels*/ 31#define SRV_WIN_NT4 1 32#define SRV_WIN_2K 2 33#define SRV_WIN_2K_SP3 3 34#define SRV_WIN_2K3 4 35 36/**@defgroup handle Server Handle*/ 37/**@defgroup Library_Functions Library/Utility Functions*/ 38/**@defgroup lsa_defs LSA Definitions*/ 39/**@defgroup LSA_Functions LSA Functions*/ 40/**@defgroup reg_defs Registry Definitions*/ 41/**@defgroup Reg_Functions Registry Functions*/ 42/**@defgroup sam_defs SAM Definitions*/ 43/**@defgroup SAM_Functions SAM Functions*/ 44/**@defgroup svc_defs Service Control Definitions*/ 45/**@defgroup SCM_Functions Service Control Functions*/ 46 47/**Operation was unsuccessful*/ 48#define CAC_FAILURE 0 49/**Operation was successful*/ 50#define CAC_SUCCESS 1 51/**Operation was only partially successful 52 * an example of this is if you try to lookup a list of accounts to SIDs and not all accounts can be resolved*/ 53#define CAC_PARTIAL_SUCCESS 2 54 55/**@ingroup CAC_errors Use this to see if the last operation failed - useful for enumeration functions that use multiple calls*/ 56#define CAC_OP_FAILED(status) !NT_STATUS_IS_OK(status) && \ 57 NT_STATUS_V(status) != NT_STATUS_V(STATUS_SOME_UNMAPPED) && \ 58 NT_STATUS_V(status) != NT_STATUS_V(STATUS_NO_MORE_FILES) && \ 59 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NO_MORE_ENTRIES) && \ 60 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_NONE_MAPPED) && \ 61 NT_STATUS_V(status) != NT_STATUS_V(NT_STATUS_GUIDS_EXHAUSTED) 62 63 64/**Privilege string constants*/ 65#define CAC_SE_CREATE_TOKEN "SeCreateTokenPrivilege" 66#define CAC_SE_ASSIGN_PRIMARY_TOKEN "SeAssignPrimaryTokenPrivilege" 67#define CAC_SE_LOCK_MEMORY "SeLockMemoryPrivilege" 68#define CAC_SE_INCREASE_QUOTA "SeIncreaseQuotaPrivilege" 69#define CAC_SE_MACHINE_ACCOUNT "SeMachineAccountPrivilege" 70#define CAC_SE_TCB "SeTcbPrivilege" 71#define CAC_SE_SECURITY "SeSecurityPrivilege" 72#define CAC_SE_TAKE_OWNERSHIP "SeTakeOwnershipPrivilege" 73#define CAC_SE_LOAD_DRIVER "SeLoadDriverPrivilege" 74#define CAC_SE_SYSTEM_PROFILE "SeSystemProfilePrivilege" 75#define CAC_SE_SYSTEM_TIME "SeSystemtimePrivilege" 76#define CAC_SE_PROFILE_SINGLE_PROC "SeProfileSingleProcessPrivilege" 77#define CAC_SE_INCREASE_BASE_PRIORITY "SeIncreaseBasePriorityPrivilege" 78#define CAC_SE_CREATE_PAGEFILE "SeCreatePagefilePrivilege" 79#define CAC_SE_CREATE_PERMANENT "SeCreatePermanentPrivilege" 80#define CAC_SE_BACKUP "SeBackupPrivilege" 81#define CAC_SE_RESTORE "SeRestorePrivilege" 82#define CAC_SE_SHUTDOWN "SeShutdownPrivilege" 83#define CAC_SE_DEBUG "SeDebugPrivilege" 84#define CAC_SE_AUDIT "SeAuditPrivilege" 85#define CAC_SE_SYSTEM_ENV "SeSystemEnvironmentPrivilege" 86#define CAC_SE_CHANGE_NOTIFY "SeChangeNotifyPrivilege" 87#define CAC_SE_REMOTE_SHUTDOWN "SeRemoteShutdownPrivilege" 88#define CAC_SE_UNDOCK "SeUndockPrivilege" 89#define CAC_SE_SYNC_AGENT "SeSyncAgentPrivilege" 90#define CAC_SE_ENABLE_DELEGATION "SeEnableDelegationPrivilege" 91#define CAC_SE_MANAGE_VOLUME "SeManageVolumePrivilege" 92#define CAC_SE_IMPERSONATE "SeImpersonatePrivilege" 93#define CAC_SE_CREATE_GLOBAL "SeCreateGlobalPrivilege" 94#define CAC_SE_PRINT_OPERATOR "SePrintOperatorPrivilege" 95#define CAC_SE_NETWORK_LOGON "SeNetworkLogonRight" 96#define CAC_SE_INTERACTIVE_LOGON "SeInteractiveLogonRight" 97#define CAC_SE_BATCH_LOGON "SeBatchLogonRight" 98#define CAC_SE_SERVICE_LOGON "SeServiceLogonRight" 99#define CAC_SE_ADD_USERS "SeAddUsersPrivilege" 100#define CAC_SE_DISK_OPERATOR "SeDiskOperatorPrivilege" 101 102/** 103 * @addtogroup lsa_defs 104 * @{ 105 */ 106/**used to specify what data to retrieve using cac_LsaQueryTrustedDomainInformation*/ 107#define CAC_INFO_TRUSTED_DOMAIN_NAME 0x1 108#define CAC_INFO_TRUSTED_DOMAIN_POSIX_OFFSET 0x3 109#define CAC_INFO_TRUSTED_DOMAIN_PASSWORD 0x4 110 111/**Used when requesting machine domain information*/ 112#define CAC_DOMAIN_INFO 0x0003 113 114/**Used when requesting machine local information*/ 115#define CAC_LOCAL_INFO 0x0005 116 117/**Stores information about a SID*/ 118typedef struct _CACSIDINFO { 119 /**The actual SID*/ 120 DOM_SID sid; 121 122 /**The name of the object which maps to this SID*/ 123 char *name; 124 125 /**The domain the SID belongs to*/ 126 char *domain; 127} CacSidInfo; 128/* @} */ 129 130/** 131 * @addtogroup reg_defs 132 * @{ 133 */ 134/**Null terminated string*/ 135typedef char* REG_SZ_DATA; 136 137/**Null terminated string with windows environment variables that should be expanded*/ 138typedef char* REG_EXPAND_SZ_DATA; 139 140/**Binary data of some kind*/ 141typedef struct _REGBINARYDATA { 142 uint32 data_length; 143 uint8 * data; 144} REG_BINARY_DATA; 145 146/**32-bit (little endian) number*/ 147typedef uint32 REG_DWORD_DATA; 148 149/**32-bit big endian number*/ 150typedef uint32 REG_DWORD_BE_DATA; 151 152/**array of strings*/ 153typedef struct _REGMULTISZDATA { 154 uint32 num_strings; 155 156 char **strings; 157} REG_MULTI_SZ_DATA; 158 159typedef union _REGVALUEDATA { 160 REG_SZ_DATA reg_sz; 161 REG_EXPAND_SZ_DATA reg_expand_sz; 162 REG_BINARY_DATA reg_binary; 163 REG_DWORD_DATA reg_dword; 164 REG_DWORD_BE_DATA reg_dword_be; 165 REG_MULTI_SZ_DATA reg_multi_sz; 166} REG_VALUE_DATA; 167/**@}*/ 168 169/** 170 * @addtogroup sam_defs 171 * @{ 172 */ 173 174#define CAC_USER_RID 0x1 175#define CAC_GROUP_RID 0x2 176 177typedef struct _CACLOOKUPRIDSRECORD { 178 char *name; 179 uint32 rid; 180 181 /**If found, this will be one of: 182 * - CAC_USER_RID 183 * - CAC_GROUP_RID 184 */ 185 uint32 type; 186 187 /*if the name or RID was looked up, then found = True*/ 188 BOOL found; 189} CacLookupRidsRecord; 190 191typedef struct _CACUSERINFO { 192 /**Last logon time*/ 193 time_t logon_time; 194 195 /**Last logoff time*/ 196 time_t logoff_time; 197 198 /**Last kickoff time*/ 199 time_t kickoff_time; 200 201 /**Last password set time*/ 202 time_t pass_last_set_time; 203 204 /**Time password can change*/ 205 time_t pass_can_change_time; 206 207 /**Time password must change*/ 208 time_t pass_must_change_time; 209 210 /**LM user password*/ 211 uint8 lm_password[8]; 212 213 /**NT user password*/ 214 uint8 nt_password[8]; 215 216 /**User's RID*/ 217 uint32 rid; 218 219 /**RID of primary group*/ 220 uint32 group_rid; 221 222 /**User's ACB mask*/ 223 uint32 acb_mask; 224 225 /**Bad password count*/ 226 uint16 bad_passwd_count; 227 228 /**Number of logons*/ 229 uint16 logon_count; 230 231 /**Change password at next logon?*/ 232 BOOL pass_must_change; 233 234 /**Username*/ 235 char *username; 236 237 /**User's full name*/ 238 char *full_name; 239 240 /**User's home directory*/ 241 char *home_dir; 242 243 /**Home directory drive*/ 244 char *home_drive; 245 246 /**Logon script*/ 247 char *logon_script; 248 249 /**Path to profile*/ 250 char *profile_path; 251 252 /**Account description*/ 253 char *description; 254 255 /**Login from workstations*/ 256 char *workstations; 257 258 char *dial; 259 260 /**Possible logon hours*/ 261 LOGON_HRS *logon_hours; 262 263} CacUserInfo; 264 265typedef struct _CACGROUPINFO { 266 /**Group name*/ 267 char *name; 268 269 /**Description*/ 270 char *description; 271 272 /**Number of members*/ 273 uint32 num_members; 274} CacGroupInfo, CacAliasInfo; 275 276/**Represents a period (duration) of time*/ 277typedef struct _CACTIME { 278 /**Number of days*/ 279 uint32 days; 280 281 /**Number of hours*/ 282 uint32 hours; 283 284 /**Number of minutes*/ 285 uint32 minutes; 286 287 /**number of seconds*/ 288 uint32 seconds; 289} CacTime; 290 291 292typedef struct _CACDOMINFO { 293 /**The server role. Should be one of: 294 * ROLE_STANDALONE 295 * ROLE_DOMAIN_MEMBER 296 * ROLE_DOMAIN_BDC 297 * ROLE_DOMAIN_PDC 298 * see include/smb.h 299 */ 300 uint32 server_role; 301 302 /**Number of domain users*/ 303 uint32 num_users; 304 305 /**Number of domain groups*/ 306 uint32 num_domain_groups; 307 308 /**Number of local groups*/ 309 uint32 num_local_groups; 310 311 /**Comment*/ 312 char *comment; 313 314 /**Domain name*/ 315 char *domain_name; 316 317 /**Server name*/ 318 char *server_name; 319 320 /**Minimum password length*/ 321 uint16 min_pass_length; 322 323 /**How many previous passwords to remember - ie, password cannot be the same as N previous passwords*/ 324 uint16 pass_history; 325 326 /**How long (from now) before passwords expire*/ 327 CacTime expire; 328 329 /**How long (from now) before passwords can be changed*/ 330 CacTime min_pass_age; 331 332 /**How long users are locked out for too many bad password attempts*/ 333 CacTime lockout_duration; 334 335 /**How long before lockouts are reset*/ 336 CacTime lockout_reset; 337 338 /**How many bad password attempts before lockout occurs*/ 339 uint16 num_bad_attempts; 340} CacDomainInfo; 341 342/**@}*/ /*sam_defs*/ 343 344/**@addtogroup svc_defs 345 * @{ 346 */ 347typedef struct _CACSERVICE { 348 /**The service name*/ 349 char *service_name; 350 351 /**The display name of the service*/ 352 char *display_name; 353 354 /**Current status of the service - see include/rpc_svcctl.h for SERVICE_STATUS definition*/ 355 SERVICE_STATUS status; 356} CacService; 357 358typedef struct __CACSERVICECONFIG { 359 /**The service type*/ 360 uint32 type; 361 362 /**The start type. Should be one of: 363 * - SVCCTL_BOOT_START 364 * - SVCCTL_SYSTEM_START 365 * - SVCCTL_AUTO_START 366 * - SVCCTL_DEMAND_START 367 */ 368 uint32 start_type; 369 370 uint32 error_control; 371 372 /**Path to executable*/ 373 char *exe_path; 374 375 /***/ 376 char *load_order_group; 377 378 uint32 tag_id; 379 380 /**Any dependencies for the service*/ 381 char *dependencies; 382 383 /**Run as...*/ 384 char *start_name; 385 386 /**Service display name*/ 387 char *display_name; 388 389} CacServiceConfig; 390/**@}*/ /*svc_defs*/ 391 392#include "libmsrpc_internal.h" 393 394/** 395 * @addtogroup handle 396 * @{ 397 */ 398 399/** 400 * Server handle used to keep track of client/server/pipe information. Use cac_NewServerHandle() to allocate. 401 * Initiliaze as many values as possible before calling cac_Connect(). 402 * 403 * @note When allocating memory for the fields, use SMB_MALLOC() (or equivalent) instead of talloc() (or equivalent) - 404 * If memory is not allocated for a field, cac_Connect will allocate sizeof(fstring) bytes for it. 405 * 406 * @note It may be wise to allocate large buffers for these fields and strcpy data into them. 407 * 408 * @see cac_NewServerHandle() 409 * @see cac_FreeHandle() 410 */ 411typedef struct _CACSERVERHANDLE { 412 /** debug level 413 */ 414 int debug; 415 416 /** netbios name used to make connections 417 */ 418 char *netbios_name; 419 420 /** domain name used to make connections 421 */ 422 char *domain; 423 424 /** username used to make connections 425 */ 426 char *username; 427 428 /** user's password plain text string 429 */ 430 char *password; 431 432 /** name or IP address of server we are currently working with 433 */ 434 char *server; 435 436 /**stores the latest NTSTATUS code 437 */ 438 NTSTATUS status; 439 440 /** internal. do not modify! 441 */ 442 struct CacServerHandleInternal _internal; 443 444} CacServerHandle; 445 446/*@}*/ 447 448/**internal function. do not call this function*/ 449SMBCSRV *cac_GetServer(CacServerHandle *hnd); 450 451 452/** @addtogroup Library_Functions 453 * @{ 454 */ 455/** 456 * Initializes the library - do not need to call this function. Open's smb.conf as well as initializes logging. 457 * @param debug Debug level for library to use 458 */ 459 460void cac_Init(int debug); 461 462/** 463 * Creates an un-initialized CacServerHandle 464 * @param allocate_fields If True, the function will allocate sizeof(fstring) bytes for all char * fields in the handle 465 * @return - un-initialized server handle 466 * - NULL if no memory could be allocated 467 */ 468CacServerHandle * cac_NewServerHandle(BOOL allocate_fields); 469 470/** 471 * Specifies the smbc_get_auth_data_fn to use if you do not want to use the default. 472 * @param hnd non-NULL server handle 473 * @param auth_fn auth_data_fn to set in server handle 474 */ 475 476void cac_SetAuthDataFn(CacServerHandle *hnd, smbc_get_auth_data_fn auth_fn); 477 478/** Use your own libsmbclient context - not necessary. 479 * @note You must still call cac_Connect() after specifying your own libsmbclient context 480 * @param hnd Initialized, but not connected CacServerHandle 481 * @param ctx The libsmbclient context you would like to use. 482 */ 483void cac_SetSmbcContext(CacServerHandle *hnd, SMBCCTX *ctx); 484 485/** Connects to a specified server. If there is already a connection to a different server, 486 * it will be cleaned up before connecting to the new server. 487 * @param hnd Pre-initialized CacServerHandle 488 * @param srv (Optional) Name or IP of the server to connect to. If NULL, server from the CacServerHandle will be used. 489 * 490 * @return CAC_FAILURE if the operation could not be completed successfully (hnd->status will also be set with a NTSTATUS code) 491 * @return CAC_SUCCESS if the operation succeeded 492 */ 493int cac_Connect(CacServerHandle *hnd, const char *srv); 494 495 496/** 497 * Cleans up any data used by the CacServerHandle. If the libsmbclient context was set using cac_SetSmbcContext(), it will not be free'd. 498 * @param hnd the CacServerHandle to destroy 499 */ 500void cac_FreeHandle(CacServerHandle * hnd); 501 502/** 503 * Initializes a CacTime structure based on an NTTIME structure 504 * If the function fails, then the CacTime structure will be zero'd out 505 */ 506void cac_InitCacTime(CacTime *cactime, NTTIME nttime); 507 508/** 509 * Called by cac_NewServerHandle() if allocate_fields = True. You can call this if you want to, allocates sizeof(fstring) char's for every char * field 510 * @param hnd Uninitialized server handle 511 * @return CAC_FAILURE Memory could not be allocated 512 * @return CAC_SUCCESS Memory was allocated 513 */ 514int cac_InitHandleMem(CacServerHandle *hnd); 515 516/** 517 * Default smbc_get_auth_data_fn for libmsrpc. This function is called when libmsrpc needs to get more information about the 518 * client (username/password, workgroup). 519 * This function provides simple prompts to the user to enter the information. This description his here so you know how to re-define this function. 520 * @see cac_SetAuthDataFn() 521 * @param pServer Name/IP of the server to connect to. 522 * @param pShare Share name to connect to 523 * @param pWorkgroup libmsrpc passes in the workgroup/domain name from hnd->domain. It can be modified in the function. 524 * @param maxLenWorkgroup The maximum length of a string pWogroup can hold. 525 * @param pUsername libmsrpc passes in the username from hnd->username. It can be modified in the function. 526 * @param maxLenUsername The maximum length of a string pUsername can hold. 527 * @param pPassword libmsrpc pass in the password from hnd->password. It can be modified in the function. 528 * @param maxLenPassword The maximum length of a string pPassword can hold. 529 */ 530void cac_GetAuthDataFn(const char * pServer, 531 const char * pShare, 532 char * pWorkgroup, 533 int maxLenWorkgroup, 534 char * pUsername, 535 int maxLenUsername, 536 char * pPassword, 537 int maxLenPassword); 538 539 540/**@}*/ 541 542/***************** 543 * LSA Functions * 544 *****************/ 545 546/** @addtogroup LSA_Functions 547 * @{ 548 */ 549 550struct LsaOpenPolicy { 551 /**Inputs*/ 552 struct { 553 /**Access Mask. Refer to Security Access Masks in include/rpc_secdes.h*/ 554 uint32 access; 555 556 /**Use security quality of service? (True/False)*/ 557 BOOL security_qos; 558 } in; 559 560 /**Outputs*/ 561 struct { 562 /**Handle to the open policy (needed for all other operations)*/ 563 POLICY_HND *pol; 564 } out; 565}; 566 567/** 568 * Opens a policy handle on a remote machine. 569 * @param hnd fully initialized CacServerHandle for remote machine 570 * @param mem_ctx Talloc context for memory allocation 571 * @param op Initialized parameters 572 * @return CAC_FAILURE if the policy could not be opened. hnd->status set with appropriate NTSTATUS 573 * @return CAC_SUCCESS if the policy could be opened, the policy handle can be found 574 */ 575int cac_LsaOpenPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenPolicy *op); 576 577 578/** 579 * Closes an LSA policy handle (Retrieved using cac_LsaOpenPolicy). 580 * If successful, the handle will be closed on the server, and memory for pol will be freed 581 * @param hnd - An initialized and connected server handle 582 * @param mem_ctx Talloc context for memory allocation 583 * @param pol - the policy handle to close 584 * @return CAC_FAILURE could not close the policy handle, hnd->status is set to the appropriate NTSTATUS error code 585 * @return CAC_SUCCESS the policy handle was closed 586 */ 587int cac_LsaClosePolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *pol); 588 589 590struct LsaGetNamesFromSids { 591 struct { 592 /**handle to and open LSA policy*/ 593 POLICY_HND *pol; 594 595 /**the number of SIDs to lookup*/ 596 uint32 num_sids; 597 598 /**array of SIDs to lookup*/ 599 DOM_SID *sids; 600 } in; 601 602 struct { 603 /**The number of names returned (in case of CAC_PARTIAL_SUCCESS)*/ 604 uint32 num_found; 605 606 /**array of SID info each index is one sid */ 607 CacSidInfo *sids; 608 609 /**in case of partial success, an array of SIDs that could not be looked up (NULL if all sids were looked up)*/ 610 DOM_SID *unknown; 611 } out; 612}; 613 614/** 615 * Looks up the names for a list of SIDS 616 * @param hnd initialized and connected server handle 617 * @param mem_ctx Talloc context for memory allocation 618 * @param op input and output parameters 619 * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code 620 * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output 621 * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs 622 */ 623int cac_LsaGetNamesFromSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetNamesFromSids *op); 624 625struct LsaGetSidsFromNames { 626 struct { 627 /**handle to an open LSA policy*/ 628 POLICY_HND *pol; 629 630 /**number of SIDs to lookup*/ 631 uint32 num_names; 632 633 /**array of strings listing the names*/ 634 char **names; 635 } in; 636 637 struct { 638 /**The number of SIDs returned (in case of partial success*/ 639 uint32 num_found; 640 641 /**array of SID info for the looked up names*/ 642 CacSidInfo *sids; 643 644 /**in case of partial success, the names that were not looked up*/ 645 char **unknown; 646 } out; 647}; 648 649/** 650 * Looks up the SIDs for a list of names 651 * @param hnd initialized and connected server handle 652 * @param mem_ctx Talloc context for memory allocation 653 * @param op input and output parameters 654 * @return CAC_FAILURE none of the SIDs could be looked up hnd->status is set with appropriate NTSTATUS error code 655 * @return CAC_SUCCESS all of the SIDs were translated and a list of names has been output 656 * @return CAC_PARTIAL_SUCCESS not all of the SIDs were translated, as a result the number of returned names is less than the original list of SIDs 657 */ 658int cac_LsaGetSidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSidsFromNames *op); 659 660struct LsaFetchSid { 661 struct { 662 /**handle to an open LSA policy*/ 663 POLICY_HND *pol; 664 665 /**can be CAC_LOCAL_INFO, CAC_DOMAIN_INFO, or (CAC_LOCAL_INFO | CAC_DOMAIN_INFO)*/ 666 uint16 info_class; 667 } in; 668 669 struct { 670 /**the machine's local SID and domain name (NULL if not asked for)*/ 671 CacSidInfo *local_sid; 672 673 /**the machine's domain SID and name (NULL if not asked for)*/ 674 CacSidInfo *domain_sid; 675 676 } out; 677}; 678 679/** 680 * Looks up the domain or local sid of a machine with an open LSA policy handle 681 * @param hnd initialized and connected server handle 682 * @param mem_ctx Talloc context for memory allocation 683 * @param op input and output parameters 684 * @return CAC_FAILURE if the SID could not be fetched 685 * @return CAC_SUCCESS if the SID was fetched 686 * @return CAC_PARTIAL_SUCCESS if you asked for both local and domain sids but only one was returned 687 */ 688int cac_LsaFetchSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaFetchSid *op); 689 690struct LsaQueryInfoPolicy { 691 struct { 692 /**Open LSA policy handle on remote server*/ 693 POLICY_HND *pol; 694 } in; 695 696 struct { 697 /**remote server's domain name*/ 698 char *domain_name; 699 700 /**remote server's dns name*/ 701 char *dns_name; 702 703 /**remote server's forest name*/ 704 char *forest_name; 705 706 /**remote server's domain guid*/ 707 struct GUID *domain_guid; 708 709 /**remote server's domain SID*/ 710 DOM_SID *domain_sid; 711 } out; 712}; 713 714/** 715 * Retrieves information about the LSA machine/domain 716 * @param hnd initialized and connected server handle 717 * @param mem_ctx Talloc context for memory allocation 718 * @param op input and output parameters 719 * Note: for pre-Windows 2000 machines, only op->out.SID and op->out.domain will be set. @see cac_LsaFetchSid 720 * @return - CAC_FAILURE if the operation was not successful. hnd->status will be set with an accurate NT_STATUS code 721 * @return CAC_SUCCESS the operation was successful. 722 */ 723int cac_LsaQueryInfoPolicy(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryInfoPolicy *op); 724 725struct LsaEnumSids { 726 struct { 727 /**Open LSA Policy handle*/ 728 POLICY_HND *pol; 729 730 /**The prefered maximum number of SIDs returned per call*/ 731 uint32 pref_max_sids; 732 } in; 733 734 struct { 735 /**used to keep track of how many sids have been retrieved over multiple calls 736 * should be set to zero via ZERO_STRUCT() befrore the first call. Use the same struct LsaEnumSids for multiple calls*/ 737 uint32 resume_idx; 738 739 /**The number of sids returned this call*/ 740 uint32 num_sids; 741 742 /**Array of sids returned*/ 743 DOM_SID *sids; 744 745 } out; 746}; 747 748/** 749 * Enumerates the SIDs in the LSA. Can be enumerated in blocks by calling the function multiple times. 750 * Example: while(cac_LsaEnumSids(hnd, mem_ctx, op) { ... } 751 * @param hnd - An initialized and connected server handle 752 * @param mem_ctx Talloc context for memory allocation 753 * @param op Initialized parameters 754 * @return CAC_FAILURE there was an error during operations OR there are no more results 755 * @return CAC_SUCCESS the operation completed and results were returned 756 */ 757int cac_LsaEnumSids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumSids *op); 758 759struct LsaEnumAccountRights { 760 struct { 761 /**Open LSA Policy handle*/ 762 POLICY_HND *pol; 763 764 /**(Optional) SID of the account - must supply either sid or name*/ 765 DOM_SID *sid; 766 767 /**(Optional) name of the account - must supply either sid or name*/ 768 char *name; 769 } in; 770 771 struct { 772 /**Count of rights for this account*/ 773 uint32 num_privs; 774 775 /**array of privilege names*/ 776 char **priv_names; 777 } out; 778}; 779 780/** 781 * Enumerates rights assigned to a given account. Takes a SID instead of account handle as input 782 * @param hnd Initialized and connected server handle 783 * @param mem_ctx Context for memory allocation 784 * @param op Initialized Parameters 785 * @return CAC_FAILURE the rights could not be retrieved. hnd->status is set with NT_STATUS code 786 * @return CAC_SUCCESS the operation was successful. 787 */ 788 789int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op); 790 791struct LsaEnumTrustedDomains { 792 struct { 793 /**Open LSA policy handle*/ 794 POLICY_HND *pol; 795 } in; 796 797 struct { 798 /**used to keep track of how many domains have been retrieved over multiple calls 799 * should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/ 800 uint32 resume_idx; 801 802 /**The number of domains returned by the remote server this call*/ 803 uint32 num_domains; 804 805 /**array of trusted domain names returned by the remote server*/ 806 char **domain_names; 807 808 /**array of trusted domain sids returned by the remote server*/ 809 DOM_SID *domain_sids; 810 } out; 811}; 812 813/** 814 * Enumerates the trusted domains in the LSA. 815 * @param hnd - An initialized and connected server handle 816 * @param mem_ctx Talloc context for memory allocation 817 * @param op - initialized parameters 818 * @return CAC_FAILURE there was an error during operations OR there are no more results 819 * @return CAC_SUCCESS the operation completed and results were returned 820 */ 821int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op); 822 823struct LsaOpenTrustedDomain { 824 struct { 825 /**an open LSA policy handle*/ 826 POLICY_HND *pol; 827 828 /**SID of the trusted domain to open*/ 829 DOM_SID *domain_sid; 830 831 /**Desired access on the open domain*/ 832 uint32 access; 833 } in; 834 835 struct { 836 /**A handle to the policy that is opened*/ 837 POLICY_HND *domain_pol; 838 } out; 839}; 840 841/** 842 * Opens a trusted domain by SID. 843 * @param hnd An initialized and connected server handle 844 * @param mem_ctx Talloc context for memory allocation 845 * @param op initialized I/O parameters 846 * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code 847 * @return CAC_SUCCESS the domain was opened successfully 848 */ 849int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op); 850 851struct LsaQueryTrustedDomainInfo { 852 struct { 853 /**Open LSA policy handle*/ 854 POLICY_HND *pol; 855 856 /**Info class of returned data*/ 857 uint16 info_class; 858 859 /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/ 860 DOM_SID *domain_sid; 861 862 /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/ 863 char *domain_name; 864 } in; 865 866 struct { 867 /**information about the trusted domain*/ 868 LSA_TRUSTED_DOMAIN_INFO *info; 869 } out; 870}; 871 872/** 873 * Retrieves information a trusted domain. 874 * @param hnd An initialized and connected server handle 875 * @param mem_ctx Talloc context for memory allocation 876 * @param op initialized I/O parameters 877 * @return CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code 878 * @return CAC_SUCCESS the domain was opened successfully 879 */ 880 881int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op); 882 883struct LsaEnumPrivileges { 884 struct { 885 /**An open LSA policy handle*/ 886 POLICY_HND *pol; 887 888 /**The _preferred_ maxinum number of privileges returned per call*/ 889 uint32 pref_max_privs; 890 } in; 891 892 struct { 893 /**Used to keep track of how many privileges have been retrieved over multiple calls. Do not modify this value between calls*/ 894 uint32 resume_idx; 895 896 /**The number of privileges returned this call*/ 897 uint32 num_privs; 898 899 /**Array of privilege names*/ 900 char **priv_names; 901 902 /**Array of high bits for privilege LUID*/ 903 uint32 *high_bits; 904 905 /**Array of low bits for privilege LUID*/ 906 uint32 *low_bits; 907 } out; 908}; 909 910/** 911 * Enumerates the Privileges supported by the LSA. Can be enumerated in blocks by calling the function multiple times. 912 * Example: while(cac_LsaEnumPrivileges(hnd, mem_ctx, op) { ... } 913 * @param hnd An initialized and connected server handle 914 * @param mem_ctx Talloc context for memory allocation 915 * @param op Initialized parameters 916 * @return CAC_FAILURE there was an error during operations OR there are no more results 917 * @return CAC_SUCCESS the operation completed and results were returned 918 * @see CAC_OP_FAILED() 919 */ 920int cac_LsaEnumPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumPrivileges *op); 921 922struct LsaOpenAccount { 923 struct { 924 /**An open LSA policy handle*/ 925 POLICY_HND *pol; 926 927 /**(Optional) account SID - must supply either sid or name*/ 928 DOM_SID *sid; 929 930 /**(Optional) account name - must supply either sid or name*/ 931 char *name; 932 933 /**desired access for the handle*/ 934 uint32 access; 935 } in; 936 937 struct { 938 /**A handle to the opened user*/ 939 POLICY_HND *user; 940 } out; 941}; 942 943/** 944 * Opens a handle to an account in the LSA 945 * @param hnd Initialized and connected server handle 946 * @param mem_ctx Context for memory allocation 947 * @param op Initialized Parameters 948 * @return CAC_FAILURE the account could not be opened. hnd->status has appropriate NT_STATUS code 949 * @return CAC_SUCCESS the account was opened 950 */ 951int cac_LsaOpenAccount(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenAccount *op); 952 953struct LsaAddPrivileges { 954 struct { 955 /**An open LSA policy handle*/ 956 POLICY_HND *pol; 957 958 /**(Optional) The user's SID (must specify at least sid or name)*/ 959 DOM_SID *sid; 960 961 /**(Optional) The user's name (must specify at least sid or name)*/ 962 char *name; 963 964 /**The privilege names of the privileges to add for the account*/ 965 char **priv_names; 966 967 /**The number of privileges in the priv_names array*/ 968 uint32 num_privs; 969 970 } in; 971}; 972 973/** 974 * Adds Privileges an account. 975 * @param hnd Initialized and connected server handle 976 * @param mem_ctx Context for memory allocation 977 * @param op Initialized Parameters 978 * @return CAC_FAILURE the privileges could not be set. hnd->status has appropriate NT_STATUS code 979 * @return CAC_SUCCESS the privileges were set. 980 */ 981int cac_LsaAddPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); 982 983struct LsaRemovePrivileges { 984 struct { 985 /**An open handle to the LSA*/ 986 POLICY_HND *pol; 987 988 /**(Optional) The account SID (must specify at least sid or name)*/ 989 DOM_SID *sid; 990 991 /**(Optional) The account name (must specify at least sid or name)*/ 992 char *name; 993 994 /**The privilege names of the privileges to remove from the account*/ 995 char **priv_names; 996 997 /**The number of privileges in the priv_names array*/ 998 uint32 num_privs; 999 1000 } in; 1001 1002}; 1003 1004/** 1005 * Removes a _specific_ set of privileges from an account 1006 * @param hnd Initialized and connected server handle 1007 * @param mem_ctx Context for memory allocation 1008 * @param op Initialized Parameters 1009 * @return CAC_FAILURE the privileges could not be removed. hnd->status is set with NT_STATUS code 1010 * @return CAC_SUCCESS the privileges were removed 1011 */ 1012int cac_LsaRemovePrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaRemovePrivileges *op); 1013 1014struct LsaClearPrivileges { 1015 struct { 1016 /**An open handle to the LSA*/ 1017 POLICY_HND *pol; 1018 1019 /**(Optional) The user's SID (must specify at least sid or name)*/ 1020 DOM_SID *sid; 1021 1022 /**(Optional) The user's name (must specify at least sid or name)*/ 1023 char *name; 1024 } in; 1025 1026}; 1027 1028/** 1029 * Removes ALL privileges from an account 1030 * @param hnd Initialized and connected server handle 1031 * @param mem_ctx Context for memory allocation 1032 * @param op Initialized Parameters 1033 * @return CAC_FAILURE the operation was not successful, hnd->status set with NT_STATUS code 1034 * @return CAC_SUCCESS the opeartion was successful. 1035 */ 1036int cac_LsaClearPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaClearPrivileges *op); 1037 1038/** 1039 * Sets an accounts priviliges. Removes all privileges and then adds specified privileges. 1040 * @param hnd Initialized and connected server handle 1041 * @param mem_ctx Context for memory allocation 1042 * @param op Initialized Parameters 1043 * @return CAC_FAILURE The operation could not complete successfully 1044 * @return CAC_SUCCESS The operation completed successfully 1045 */ 1046int cac_LsaSetPrivileges(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaAddPrivileges *op); 1047 1048struct LsaGetSecurityObject { 1049 struct { 1050 /**Open LSA policy handle*/ 1051 POLICY_HND *pol; 1052 } in; 1053 1054 struct { 1055 /**Returned security descriptor information*/ 1056 SEC_DESC_BUF *sec; 1057 } out; 1058}; 1059 1060/** 1061 * Retrieves Security Descriptor information about the LSA 1062 * @param hnd Initialized and connected server handle 1063 * @param mem_ctx Context for memory allocation 1064 * @param op Initialized Parameters 1065 * @return CAC_FAILURE The operation could not complete successfully 1066 * @return CAC_SUCCESS The operation completed successfully 1067 */ 1068int cac_LsaGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaGetSecurityObject *op); 1069 1070 1071/**@}*/ /*LSA_Functions*/ 1072 1073/********************** 1074 * Registry Functions * 1075 *********************/ 1076 1077/**@addtogroup Reg_Functions 1078 * @{ 1079 */ 1080 1081struct RegConnect { 1082 struct { 1083 /** must be one of : 1084 * HKEY_CLASSES_ROOT, 1085 * HKEY_LOCAL_MACHINE, 1086 * HKEY_USERS, 1087 * HKEY_PERFORMANCE_DATA, 1088 */ 1089 int root; 1090 1091 /**desired access on the root key 1092 * combination of: 1093 * REG_KEY_READ, 1094 * REG_KEY_WRITE, 1095 * REG_KEY_EXECUTE, 1096 * REG_KEY_ALL, 1097 * found in include/rpc_secdes.h*/ 1098 uint32 access; 1099 } in; 1100 1101 struct { 1102 POLICY_HND *key; 1103 } out; 1104}; 1105 1106/** 1107 * Opens a handle to the registry on the server 1108 * @param hnd Initialized and connected server handle 1109 * @param mem_ctx Context for memory allocation 1110 * @param op Initialized Parameters 1111 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1112 * @return CAC_SUCCESS The operation completed successfully 1113 */ 1114int cac_RegConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegConnect *op); 1115 1116/** 1117 * Closes an open registry handle 1118 * @param hnd Initialized and connected server handle 1119 * @param mem_ctx Context for memory allocation 1120 * @param key The Key/Handle to close 1121 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1122 * @return CAC_SUCCESS The operation completed successfully 1123 */ 1124int cac_RegClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *key); 1125 1126struct RegOpenKey { 1127 struct { 1128 /**(Optional)parent key. 1129 * If this is NULL, then cac_RegOpenKey() will attempt to connect to the registry, name MUST start with something like:<br> 1130 * HKEY_LOCAL_MACHINE\ or an abbreviation like HKCR\ 1131 * 1132 * supported root names: 1133 * - HKEY_LOCAL_MACHINE\ or HKLM\ 1134 * - HKEY_CLASSES_ROOT\ or HKCR\ 1135 * - HKEY_USERS\ or HKU\ 1136 * - HKEY_PERFORMANCE_DATA or HKPD\ 1137 */ 1138 POLICY_HND *parent_key; 1139 1140 /**name/path of key*/ 1141 char *name; 1142 1143 /**desired access on this key*/ 1144 uint32 access; 1145 } in; 1146 1147 struct { 1148 POLICY_HND *key; 1149 } out; 1150}; 1151 1152/** 1153 * Opens a registry key 1154 * @param hnd Initialized and connected server handle 1155 * @param mem_ctx Context for memory allocation 1156 * @param op Initialized parameters 1157 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1158 * @return CAC_SUCCESS The operation completed successfully 1159 */ 1160 1161int cac_RegOpenKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegOpenKey *op); 1162 1163struct RegEnumKeys { 1164 struct { 1165 /**enumerate subkeys of this key*/ 1166 POLICY_HND *key; 1167 1168 /**maximum number of keys to enumerate each call*/ 1169 uint32 max_keys; 1170 } in; 1171 1172 struct { 1173 /**keeps track of the index to resume enumerating*/ 1174 uint32 resume_idx; 1175 1176 /**the number of keys returned this call*/ 1177 uint32 num_keys; 1178 1179 /**array of key names*/ 1180 char **key_names; 1181 1182 /**class names of the keys*/ 1183 char **class_names; 1184 1185 /**last modification time of the key*/ 1186 time_t *mod_times; 1187 } out; 1188}; 1189 1190/** 1191 * Enumerates Subkeys of a given key. Can be run in a loop. Example: while(cac_RegEnumKeys(hnd, mem_ctx, op)) { ... } 1192 * @param hnd Initialized and connected server handle 1193 * @param mem_ctx Context for memory allocation 1194 * @param op Initialized Parameters 1195 * @see CAC_OP_FAILED() 1196 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1197 * @return CAC_SUCCESS The operation completed successfully 1198 */ 1199int cac_RegEnumKeys(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumKeys *op); 1200 1201 1202struct RegCreateKey { 1203 struct { 1204 /**create a subkey of parent_key*/ 1205 POLICY_HND *parent_key; 1206 1207 /**name of the key to create*/ 1208 char *key_name; 1209 1210 /**class of the key*/ 1211 char *class_name; 1212 1213 /**Access mask to open the key with. See REG_KEY_* in include/rpc_secdes.h*/ 1214 uint32 access; 1215 } in; 1216 1217 struct { 1218 /**Open handle to the key*/ 1219 POLICY_HND *key; 1220 } out; 1221}; 1222 1223/** 1224 * Creates a registry key, if the key already exists, it will be opened __Creating keys is not currently working__. 1225 * @param hnd Initialized and connected server handle 1226 * @param mem_ctx Context for memory allocation 1227 * @param op Initialized Parmeters 1228 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1229 * @return CAC_SUCCESS The operation completed successfully 1230 */ 1231int cac_RegCreateKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegCreateKey *op); 1232 1233struct RegDeleteKey { 1234 struct { 1235 /**handle to open registry key*/ 1236 POLICY_HND *parent_key; 1237 1238 /**name of the key to delete*/ 1239 char *name; 1240 1241 /**delete recursively. WARNING: this might not always work as planned*/ 1242 BOOL recursive; 1243 } in; 1244 1245}; 1246 1247/** 1248 * Deletes a subkey of an open key. Note: if you run this with op->in.recursive == True, and the operation fails, it may leave the key in an inconsistent state. 1249 * @param hnd Initialized and connected server handle 1250 * @param mem_ctx Context for memory allocation 1251 * @param op Initialized parameters 1252 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1253 * @return CAC_SUCCESS The operation completed successfully 1254 */ 1255 1256int cac_RegDeleteKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteKey *op); 1257 1258struct RegDeleteValue { 1259 struct { 1260 /**handle to open registry key*/ 1261 POLICY_HND *parent_key; 1262 1263 /**name of the value to delete*/ 1264 char *name; 1265 } in; 1266}; 1267 1268/** 1269 * Deletes a registry value. 1270 * @param hnd Initialized and connected server handle 1271 * @param mem_ctx Context for memory allocation 1272 * @param op Initialized Parameters 1273 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1274 * @return CAC_SUCCESS The operation completed successfully 1275 */ 1276int cac_RegDeleteValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegDeleteValue *op); 1277 1278struct RegQueryKeyInfo { 1279 struct { 1280 /**Open handle to the key to query*/ 1281 POLICY_HND *key; 1282 } in; 1283 1284 struct { 1285 /**name of the key class*/ 1286 char *class_name; 1287 1288 /**number of subkeys of the key*/ 1289 uint32 num_subkeys; 1290 1291 /**length (in characters) of the longest subkey name*/ 1292 uint32 longest_subkey; 1293 1294 /**length (in characters) of the longest class name*/ 1295 uint32 longest_class; 1296 1297 /**number of values in this key*/ 1298 uint32 num_values; 1299 1300 /**length (in characters) of the longest value name*/ 1301 uint32 longest_value_name; 1302 1303 /**length (in bytes) of the biggest value data*/ 1304 uint32 longest_value_data; 1305 1306 /**size (in bytes) of the security descriptor*/ 1307 uint32 security_desc_size; 1308 1309 /**time of the last write*/ 1310 time_t last_write_time; 1311 } out; 1312}; 1313 1314/** 1315 * Retrieves information about an open key 1316 * @param hnd Initialized and connected server handle 1317 * @param mem_ctx Context for memory allocation 1318 * @param op Initialized parameters 1319 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1320 * @return CAC_SUCCESS The operation completed successfully 1321 */ 1322 1323int cac_RegQueryKeyInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryKeyInfo *op); 1324 1325struct RegSaveKey { 1326 struct { 1327 /**Open key to be saved*/ 1328 POLICY_HND *key; 1329 1330 /**The path (on the remote computer) to save the file to*/ 1331 char *filename; 1332 } in; 1333}; 1334 1335/** 1336 * Saves a key to a file on the remote machine __Not currently working__. 1337 * @param hnd Initialized and connected server handle 1338 * @param mem_ctx Context for memory allocation 1339 * @param op Initialized parameters 1340 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1341 * @return CAC_SUCCESS The operation completed successfully 1342 */ 1343 1344int cac_RegSaveKey(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSaveKey *op); 1345 1346struct RegQueryValue { 1347 struct { 1348 /**handle to open registry key*/ 1349 POLICY_HND *key; 1350 1351 /**name of the value to query*/ 1352 char *val_name; 1353 } in; 1354 1355 struct { 1356 /**Value type. 1357 * One of: 1358 * - REG_DWORD (equivalent to REG_DWORD_LE) 1359 * - REG_DWORD_BE 1360 * - REG_SZ 1361 * - REG_EXPAND_SZ 1362 * - REG_MULTI_SZ 1363 * - REG_BINARY 1364 */ 1365 uint32 type; 1366 1367 /**The value*/ 1368 REG_VALUE_DATA *data; 1369 } out; 1370}; 1371 1372/** 1373 * Retrieves a value (type and data) _not currently working_. 1374 * @param hnd Initialized and connected server handle 1375 * @param mem_ctx Context for memory allocation 1376 * @param op Initialized parameters 1377 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1378 * @return CAC_SUCCESS The operation completed successfully 1379 */ 1380 1381int cac_RegQueryValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegQueryValue *op); 1382 1383struct RegEnumValues { 1384 struct { 1385 /**handle to open key*/ 1386 POLICY_HND *key; 1387 1388 /**max number of values returned per call*/ 1389 uint32 max_values; 1390 1391 } in; 1392 1393 struct { 1394 /**keeps track of the index to resume from - used over multiple calls*/ 1395 uint32 resume_idx; 1396 1397 /**the number of values that were returned this call*/ 1398 uint32 num_values; 1399 1400 /**Array of value types. A type can be one of: 1401 * - REG_DWORD (equivalent to REG_DWORD_LE) 1402 * - REG_DWORD_BE 1403 * - REG_SZ 1404 * - REG_EXPAND_SZ 1405 * - REG_MULTI_SZ 1406 * - REG_BINARY 1407 */ 1408 uint32 *types; 1409 1410 /**array of strings storing the names of the values*/ 1411 char **value_names; 1412 1413 /**array of pointers to the value data returned*/ 1414 REG_VALUE_DATA **values; 1415 } out; 1416}; 1417 1418/** 1419 * Enumerates a number of Registry values in an open registry key. 1420 * Can be run in a loop. Example: while(cac_RegEnumValues(hnd, mem_ctx, op)) { ... } 1421 * @param hnd Initialized and connected server handle 1422 * @param mem_ctx Context for memory allocation 1423 * @param op Initialized Parameters 1424 * @see CAC_OP_FAILED() 1425 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1426 * @return CAC_SUCCESS The operation completed successfully 1427 */ 1428int cac_RegEnumValues(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegEnumValues *op); 1429 1430struct RegSetValue { 1431 struct { 1432 /**Handle to open registry key*/ 1433 POLICY_HND *key; 1434 1435 /**Name of the value*/ 1436 char *val_name; 1437 1438 /**Value type. 1439 * One of: 1440 * - REG_DWORD (equivalent to REG_DWORD_LE) 1441 * - REG_DWORD_BE 1442 * - REG_SZ 1443 * - REG_EXPAND_SZ 1444 * - REG_MULTI_SZ 1445 * - REG_BINARY 1446 */ 1447 uint32 type; 1448 1449 /**the value*/ 1450 REG_VALUE_DATA value; 1451 } in; 1452}; 1453 1454/** 1455 * Sets or creates value (type and data). 1456 * @param hnd Initialized and connected server handle 1457 * @param mem_ctx Context for memory allocation 1458 * @param op Initialized parameters 1459 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1460 * @return CAC_SUCCESS The operation completed successfully 1461 */ 1462int cac_RegSetValue(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetValue *op); 1463 1464struct RegGetVersion { 1465 struct { 1466 /**open registry key*/ 1467 POLICY_HND *key; 1468 } in; 1469 1470 struct { 1471 /**version number*/ 1472 uint32 version; 1473 } out; 1474}; 1475 1476/** 1477 * Retrieves the registry version number 1478 * @param hnd Initialized and connected server handle 1479 * @param mem_ctx Context for memory allocation 1480 * @param op Initialized parameters 1481 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1482 * @return CAC_SUCCESS The operation completed successfully 1483 */ 1484int cac_RegGetVersion(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetVersion *op); 1485 1486struct RegGetKeySecurity { 1487 struct { 1488 /**Handle to key to query*/ 1489 POLICY_HND *key; 1490 1491 /**Info that you want. Should be a combination of (1 or more or'd): 1492 * - OWNER_SECURITY_INFORMATION 1493 * - GROUP_SECURITY_INFORMATION 1494 * - DACL_SECURITY_INFORMATION 1495 * - SACL_SECURITY_INFORMATION 1496 * - UNPROTECTED_SACL_SECURITY_INFORMATION 1497 * - UNPROTECTED_DACL_SECURITY_INFORMATION 1498 * - PROTECTED_SACL_SECURITY_INFORMATION 1499 * - PROTECTED_DACL_SECURITY_INFORMATION 1500 * 1501 * or use: 1502 * - ALL_SECURITY_INFORMATION 1503 * 1504 * all definitions from include/rpc_secdes.h 1505 */ 1506 uint32 info_type; 1507 } in; 1508 1509 struct { 1510 /**size of the data returned*/ 1511 uint32 size; 1512 1513 /**Security descriptor*/ 1514 SEC_DESC *descriptor; 1515 } out; 1516}; 1517 1518/** 1519 * Retrieves a key security descriptor. 1520 * @param hnd Initialized and connected server handle 1521 * @param mem_ctx Context for memory allocation 1522 * @param op Initialized parameters 1523 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1524 * @return CAC_SUCCESS The operation completed successfully 1525 */ 1526 1527int cac_RegGetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegGetKeySecurity *op); 1528 1529struct RegSetKeySecurity { 1530 struct { 1531 /**Handle to key to query*/ 1532 POLICY_HND *key; 1533 1534 /**Info that you want. Should be a combination of (1 or more or'd): 1535 * - OWNER_SECURITY_INFORMATION 1536 * - GROUP_SECURITY_INFORMATION 1537 * - DACL_SECURITY_INFORMATION 1538 * - SACL_SECURITY_INFORMATION 1539 * - UNPROTECTED_SACL_SECURITY_INFORMATION 1540 * - UNPROTECTED_DACL_SECURITY_INFORMATION 1541 * - PROTECTED_SACL_SECURITY_INFORMATION 1542 * - PROTECTED_DACL_SECURITY_INFORMATION 1543 * 1544 * or use: 1545 * - ALL_SECURITY_INFORMATION 1546 * 1547 * all definitions from include/rpc_secdes.h 1548 */ 1549 uint32 info_type; 1550 1551 /**size of the descriptor*/ 1552 size_t size; 1553 1554 /**Security descriptor*/ 1555 SEC_DESC *descriptor; 1556 } in; 1557}; 1558 1559/** 1560 * Sets the key security descriptor. 1561 * @param hnd Initialized and connected server handle 1562 * @param mem_ctx Context for memory allocation 1563 * @param op Initialized parameters 1564 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1565 * @return CAC_SUCCESS The operation completed successfully 1566 */ 1567int cac_RegSetKeySecurity(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct RegSetKeySecurity *op); 1568 1569/**@}*/ /*Reg_Functions*/ 1570 1571struct Shutdown { 1572 struct { 1573 /**the message to display (can be NULL)*/ 1574 char *message; 1575 1576 /**timeout in seconds*/ 1577 uint32 timeout; 1578 1579 /**False = shutdown, True = reboot*/ 1580 BOOL reboot; 1581 1582 /**force the*/ 1583 BOOL force; 1584 1585 /*FIXME: make this useful*/ 1586 uint32 reason; 1587 } in; 1588}; 1589 1590 1591/** 1592 * Shutdown the server _not currently working_. 1593 * @param hnd Initialized and connected server handle 1594 * @param mem_ctx Context for memory allocation 1595 * @param op Initialized parameters 1596 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1597 * @return CAC_SUCCESS The operation completed successfully 1598 */ 1599int cac_Shutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct Shutdown *op); 1600 1601/** 1602 * Attempt to abort initiated shutdown on the server _not currently working_. 1603 * @param hnd Initialized and connected server handle 1604 * @param mem_ctx Context for memory allocation 1605 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1606 * @return CAC_SUCCESS The operation completed successfully 1607 */ 1608int cac_AbortShutdown(CacServerHandle *hnd, TALLOC_CTX *mem_ctx); 1609 1610/***************** 1611 * SAM Functions * 1612 *****************/ 1613 1614/**@addtogroup SAM_Functions 1615 * @{ 1616 */ 1617struct SamConnect { 1618 struct { 1619 /**Access mask to open with 1620 * see generic access masks in include/smb.h*/ 1621 uint32 access; 1622 } in; 1623 1624 struct { 1625 POLICY_HND *sam; 1626 } out; 1627}; 1628 1629/** 1630 * Connects to the SAM. This can be skipped by just calling cac_SamOpenDomain() 1631 * @param hnd Initialized and connected server handle 1632 * @param mem_ctx Context for memory allocation 1633 * @param op Initialized parameters 1634 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1635 * @return CAC_SUCCESS The operation completed successfully 1636 */ 1637 1638int cac_SamConnect(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamConnect *op); 1639 1640 1641/** 1642 * Closes any (SAM, domain, user, group, etc.) SAM handle. 1643 * @param hnd Initialized and connected server handle 1644 * @param mem_ctx Context for memory allocation 1645 * @param sam Handle to close 1646 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1647 * @return CAC_SUCCESS The operation completed successfully 1648 */ 1649 1650int cac_SamClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *sam); 1651 1652struct SamOpenDomain { 1653 struct { 1654 /**The desired access. See generic access masks - include/smb.h*/ 1655 uint32 access; 1656 1657 /**(Optional) An open handle to the SAM. If it is NULL, the function will connect to the SAM with the access mask above*/ 1658 POLICY_HND *sam; 1659 1660 /**(Optional) The SID of the domain to open. 1661 * If this this is NULL, the function will attempt to open the domain specified in hnd->domain */ 1662 DOM_SID *sid; 1663 } in; 1664 1665 struct { 1666 /**handle to the open domain*/ 1667 POLICY_HND *dom_hnd; 1668 1669 /**Handle to the open SAM*/ 1670 POLICY_HND *sam; 1671 } out; 1672}; 1673 1674/** 1675 * Opens a handle to a domain. This must be called before any other SAM functions 1676 * @param hnd Initialized and connected server handle 1677 * @param mem_ctx Context for memory allocation 1678 * @param op Initialized parameters 1679 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1680 * @return CAC_SUCCESS The operation completed successfully 1681 */ 1682int cac_SamOpenDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenDomain *op); 1683 1684struct SamCreateUser { 1685 struct { 1686 /**Open domain handle*/ 1687 POLICY_HND *dom_hnd; 1688 1689 /**Username*/ 1690 char *name; 1691 1692 /**See Allowable account control bits in include/smb.h*/ 1693 uint32 acb_mask; 1694 } in; 1695 1696 struct { 1697 /**handle to the user*/ 1698 POLICY_HND *user_hnd; 1699 1700 /**rid of the user*/ 1701 uint32 rid; 1702 } out; 1703}; 1704 1705/** 1706 * Creates a new domain user, if the account already exists it will _not_ be opened and hnd->status will be NT_STATUS_USER_EXISTS 1707 * @param hnd Initialized and connected server handle 1708 * @param mem_ctx Context for memory allocation 1709 * @param op Initialized parameters 1710 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1711 * @return CAC_SUCCESS The operation completed successfully 1712 */ 1713 1714int cac_SamCreateUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateUser *op); 1715 1716struct SamOpenUser { 1717 struct { 1718 /**Handle to open SAM connection*/ 1719 POLICY_HND *dom_hnd; 1720 1721 /**desired access - see generic access masks in include/smb.h*/ 1722 uint32 access; 1723 1724 /**RID of the user*/ 1725 uint32 rid; 1726 1727 /**(Optional) name of the user - must supply either RID or user name*/ 1728 char *name; 1729 } in; 1730 1731 struct { 1732 /**Handle to the user*/ 1733 POLICY_HND *user_hnd; 1734 } out; 1735}; 1736 1737/** 1738 * Opens a domain user. 1739 * @param hnd Initialized and connected server handle 1740 * @param mem_ctx Context for memory allocation 1741 * @param op Initialized parameters 1742 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1743 * @return CAC_SUCCESS The operation completed successfully 1744 */ 1745int cac_SamOpenUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenUser *op); 1746 1747/** 1748 * Deletes a domain user. 1749 * @param hnd Initialized and connected server handle 1750 * @param mem_ctx Context for memory allocation 1751 * @param user_hnd Open handle to the user 1752 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1753 * @return CAC_SUCCESS The operation completed successfully 1754 */ 1755int cac_SamDeleteUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 1756 1757 1758struct SamEnumUsers { 1759 struct { 1760 /**Open handle to a domain*/ 1761 POLICY_HND *dom_hnd; 1762 1763 /**Enumerate users with specific ACB. If 0, all users will be enumerated*/ 1764 uint32 acb_mask; 1765 } in; 1766 1767 struct { 1768 /**where to resume from. Used over multiple calls*/ 1769 uint32 resume_idx; 1770 1771 /**the number of users returned this call*/ 1772 uint32 num_users; 1773 1774 /**Array storing the rids of the returned users*/ 1775 uint32 *rids; 1776 1777 /**Array storing the names of all the users returned*/ 1778 char **names; 1779 1780 BOOL done; 1781 } out; 1782}; 1783 1784/** 1785 * Enumerates domain users. Can be used as a loop condition. Example: while(cac_SamEnumUsers(hnd, mem_ctx, op)) { ... } 1786 * @param hnd Initialized and connected server handle 1787 * @param mem_ctx Context for memory allocation 1788 * @param op Initialized parameters 1789 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1790 * @return CAC_SUCCESS The operation completed successfully 1791 */ 1792int cac_SamEnumUsers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumUsers *op); 1793 1794struct SamGetNamesFromRids { 1795 struct { 1796 /**An open handle to the domain SAM from cac_SamOpenDomain()*/ 1797 POLICY_HND *dom_hnd; 1798 1799 /**Number of RIDs to resolve*/ 1800 uint32 num_rids; 1801 1802 /**Array of RIDs to resolve*/ 1803 uint32 *rids; 1804 } in; 1805 1806 struct { 1807 /**the number of names returned - if this is 0, the map is NULL*/ 1808 uint32 num_names; 1809 1810 /**array contiaing the Names and RIDs*/ 1811 CacLookupRidsRecord *map; 1812 } out; 1813}; 1814 1815/** 1816 * Returns a list of names which map to a list of RIDs. 1817 * @param hnd Initialized and connected server handle 1818 * @param mem_ctx Context for memory allocation 1819 * @param op Initialized parameters 1820 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1821 * @return CAC_SUCCESS The operation completed successfully 1822 */ 1823int cac_SamGetNamesFromRids(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetNamesFromRids *op); 1824 1825struct SamGetRidsFromNames { 1826 struct { 1827 /**An open handle to the domain SAM from cac_SamOpenDomain()*/ 1828 POLICY_HND *dom_hnd; 1829 1830 /**Number of names to resolve*/ 1831 uint32 num_names; 1832 1833 /**Array of names to resolve*/ 1834 char **names; 1835 } in; 1836 1837 struct { 1838 /**the number of names returned - if this is 0, then map is NULL*/ 1839 uint32 num_rids; 1840 1841 /**array contiaing the Names and RIDs*/ 1842 CacLookupRidsRecord *map; 1843 } out; 1844}; 1845 1846/** 1847 * Returns a list of RIDs which map to a list of names. 1848 * @param hnd Initialized and connected server handle 1849 * @param mem_ctx Context for memory allocation 1850 * @param op Initialized parameters 1851 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1852 * @return CAC_SUCCESS The operation completed successfully 1853 */ 1854int cac_SamGetRidsFromNames(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetRidsFromNames *op); 1855 1856struct SamGetGroupsForUser { 1857 struct { 1858 /**An open handle to the user*/ 1859 POLICY_HND *user_hnd; 1860 } in; 1861 1862 struct { 1863 /**The number of groups the user is a member of*/ 1864 uint32 num_groups; 1865 1866 /**The RIDs of the groups*/ 1867 uint32 *rids; 1868 1869 /**The attributes of the groups*/ 1870 uint32 *attributes; 1871 } out; 1872}; 1873/** 1874 * Retrieves a list of groups that a user is a member of. 1875 * @param hnd Initialized and connected server handle 1876 * @param mem_ctx Context for memory allocation 1877 * @param op Initialized parameters 1878 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1879 * @return CAC_SUCCESS The operation completed successfully 1880 */ 1881int cac_SamGetGroupsForUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupsForUser *op); 1882 1883struct SamOpenGroup { 1884 struct { 1885 /**Open handle to the domain SAM*/ 1886 POLICY_HND *dom_hnd; 1887 1888 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 1889 uint32 access; 1890 1891 /**rid of the group*/ 1892 uint32 rid; 1893 } in; 1894 1895 struct { 1896 /**Handle to the group*/ 1897 POLICY_HND *group_hnd; 1898 } out; 1899}; 1900 1901/** 1902 * Opens a domain group. 1903 * @param hnd Initialized and connected server handle 1904 * @param mem_ctx Context for memory allocation 1905 * @param op Initialized parameters 1906 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1907 * @return CAC_SUCCESS The operation completed successfully 1908 */ 1909int cac_SamOpenGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenGroup *op); 1910 1911struct SamCreateGroup { 1912 struct { 1913 /**Open handle to the domain SAM*/ 1914 POLICY_HND *dom_hnd; 1915 1916 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 1917 uint32 access; 1918 1919 /**The name of the group*/ 1920 char *name; 1921 } in; 1922 1923 struct { 1924 /**Handle to the group*/ 1925 POLICY_HND *group_hnd; 1926 } out; 1927}; 1928 1929/** 1930 * Creates a group. If the group already exists it will not be opened. 1931 * @param hnd Initialized and connected server handle 1932 * @param mem_ctx Context for memory allocation 1933 * @param op Initialized parameters 1934 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1935 * @return CAC_SUCCESS The operation completed successfully 1936 */ 1937int cac_SamCreateGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateGroup *op); 1938 1939/** 1940 * Deletes a domain group. 1941 * @param hnd Initialized and connected server handle 1942 * @param mem_ctx Context for memory allocation 1943 * @param group_hnd Open handle to the group. 1944 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1945 * @return CAC_SUCCESS The operation completed successfully 1946 */ 1947int cac_SamDeleteGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); 1948 1949struct SamGetGroupMembers { 1950 struct { 1951 /**Open handle to a group*/ 1952 POLICY_HND *group_hnd; 1953 } in; 1954 1955 struct { 1956 /**The number of members in the group*/ 1957 uint32 num_members; 1958 1959 /**An array storing the RIDs of the users*/ 1960 uint32 *rids; 1961 1962 /**The attributes*/ 1963 uint32 *attributes; 1964 } out; 1965}; 1966 1967/** 1968 * Retrives a list of users in a group. 1969 * @param hnd Initialized and connected server handle 1970 * @param mem_ctx Context for memory allocation 1971 * @param op Initialized parameters 1972 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1973 * @return CAC_SUCCESS The operation completed successfully 1974 */ 1975int cac_SamGetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupMembers *op); 1976 1977struct SamAddGroupMember { 1978 struct { 1979 /**Open handle to a group*/ 1980 POLICY_HND *group_hnd; 1981 1982 /**RID of new member*/ 1983 uint32 rid; 1984 } in; 1985}; 1986 1987/** 1988 * Adds a user to a group. 1989 * @param hnd Initialized and connected server handle 1990 * @param mem_ctx Context for memory allocation 1991 * @param op Initialized parameters 1992 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 1993 * @return CAC_SUCCESS The operation completed successfully 1994 */ 1995int cac_SamAddGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddGroupMember *op); 1996 1997struct SamRemoveGroupMember { 1998 struct { 1999 /**Open handle to a group*/ 2000 POLICY_HND *group_hnd; 2001 2002 /**RID of member to remove*/ 2003 uint32 rid; 2004 } in; 2005}; 2006 2007/** 2008 * Removes a user from a group. 2009 * @param hnd Initialized and connected server handle 2010 * @param mem_ctx Context for memory allocation 2011 * @param op Initialized parameters 2012 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2013 * @return CAC_SUCCESS The operation completed successfully 2014 */ 2015int cac_SamRemoveGroupMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveGroupMember *op); 2016 2017/** 2018 * Removes all the members of a group - warning: if this function fails is is possible that some but not all members were removed 2019 * @param hnd Initialized and connected server handle 2020 * @param mem_ctx Context for memory allocation 2021 * @param group_hnd Open handle to the group to clear 2022 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2023 * @return CAC_SUCCESS The operation completed successfully 2024 */ 2025int cac_SamClearGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd); 2026 2027struct SamSetGroupMembers { 2028 struct { 2029 /**Open handle to the group*/ 2030 POLICY_HND *group_hnd; 2031 2032 /**Number of members in the group - if this is 0, all members of the group will be removed*/ 2033 uint32 num_members; 2034 2035 /**The RIDs of the users to add*/ 2036 uint32 *rids; 2037 } in; 2038}; 2039 2040/** 2041 * Clears the members of a group and adds a list of members to the group 2042 * @param hnd Initialized and connected server handle 2043 * @param mem_ctx Context for memory allocation 2044 * @param op Initialized parameters 2045 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2046 * @return CAC_SUCCESS The operation completed successfully 2047 */ 2048int cac_SamSetGroupMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupMembers *op); 2049 2050struct SamEnumGroups { 2051 struct { 2052 /**Open handle to a domain*/ 2053 POLICY_HND *dom_hnd; 2054 } in; 2055 2056 struct { 2057 /**Where to resume from _do not_ modify this value. Used over multiple calls.*/ 2058 uint32 resume_idx; 2059 2060 /**the number of users returned this call*/ 2061 uint32 num_groups; 2062 2063 /**Array storing the rids of the returned groups*/ 2064 uint32 *rids; 2065 2066 /**Array storing the names of all the groups returned*/ 2067 char **names; 2068 2069 /**Array storing the descriptions of all the groups returned*/ 2070 char **descriptions; 2071 2072 BOOL done; 2073 } out; 2074}; 2075 2076/** 2077 * Enumerates domain groups. Can be used as a loop condition. Example: while(cac_SamEnumGroups(hnd, mem_ctx, op)) { ... } 2078 * @param hnd Initialized and connected server handle 2079 * @param mem_ctx Context for memory allocation 2080 * @param op Initialized parameters 2081 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2082 * @return CAC_SUCCESS The operation completed successfully 2083 */ 2084int cac_SamEnumGroups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumGroups *op); 2085 2086struct SamEnumAliases { 2087 struct { 2088 /**Open handle to a domain*/ 2089 POLICY_HND *dom_hnd; 2090 } in; 2091 2092 struct { 2093 /**where to resume from. Used over multiple calls*/ 2094 uint32 resume_idx; 2095 2096 /**the number of users returned this call*/ 2097 uint32 num_aliases; 2098 2099 /**Array storing the rids of the returned groups*/ 2100 uint32 *rids; 2101 2102 /**Array storing the names of all the groups returned*/ 2103 char **names; 2104 2105 /**Array storing the descriptions of all the groups returned*/ 2106 char **descriptions; 2107 2108 BOOL done; 2109 } out; 2110}; 2111 2112/** 2113 * Enumerates domain aliases. Can be used as a loop condition. Example: while(cac_SamEnumAliases(hnd, mem_ctx, op)) { ... } 2114 * @param hnd Initialized and connected server handle 2115 * @param mem_ctx Context for memory allocation 2116 * @param op Initialized parameters 2117 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2118 * @return CAC_SUCCESS The operation completed successfully 2119 */ 2120int cac_SamEnumAliases(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamEnumAliases *op); 2121 2122struct SamCreateAlias { 2123 struct { 2124 /**Open handle to the domain SAM*/ 2125 POLICY_HND *dom_hnd; 2126 2127 /**The name of the alias*/ 2128 char *name; 2129 } in; 2130 2131 struct { 2132 /**Handle to the group*/ 2133 POLICY_HND *alias_hnd; 2134 } out; 2135}; 2136 2137/** 2138 * Creates an alias. If the alias already exists it will not be opened. 2139 * @param hnd Initialized and connected server handle 2140 * @param mem_ctx Context for memory allocation 2141 * @param op Initialized parameters 2142 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2143 * @return CAC_SUCCESS The operation completed successfully 2144 */ 2145 2146int cac_SamCreateAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamCreateAlias *op); 2147 2148struct SamOpenAlias { 2149 struct { 2150 /**Open handle to the domain SAM*/ 2151 POLICY_HND *dom_hnd; 2152 2153 /**Desired access to open the group with. See Generic access masks in include/smb.h*/ 2154 uint32 access; 2155 2156 /**rid of the alias*/ 2157 uint32 rid; 2158 } in; 2159 2160 struct { 2161 /**Handle to the alias*/ 2162 POLICY_HND *alias_hnd; 2163 } out; 2164}; 2165 2166/** 2167 * Opens a handle to an alias. 2168 * @param hnd Initialized and connected server handle 2169 * @param mem_ctx Context for memory allocation 2170 * @param op Initialized parameters 2171 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2172 * @return CAC_SUCCESS The operation completed successfully 2173 */ 2174int cac_SamOpenAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamOpenAlias *op); 2175 2176/** 2177 * Deletes an alias. 2178 * @param hnd Initialized and connected server handle 2179 * @param mem_ctx Context for memory allocation 2180 * @param alias_hnd Open handle to the alias 2181 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2182 * @return CAC_SUCCESS The operation completed successfully 2183 */ 2184int cac_SamDeleteAlias(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); 2185 2186struct SamAddAliasMember { 2187 struct { 2188 /**Open handle to a alias*/ 2189 POLICY_HND *alias_hnd; 2190 2191 /**SID of new member*/ 2192 DOM_SID *sid; 2193 } in; 2194}; 2195 2196/** 2197 * Adds an account to an alias. 2198 * @param hnd Initialized and connected server handle 2199 * @param mem_ctx Context for memory allocation 2200 * @param op Initialized parameters 2201 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2202 * @return CAC_SUCCESS The operation completed successfully 2203 */ 2204int cac_SamAddAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamAddAliasMember *op); 2205 2206struct SamRemoveAliasMember { 2207 struct { 2208 /**Open handle to the alias*/ 2209 POLICY_HND *alias_hnd; 2210 2211 /**The SID of the member*/ 2212 DOM_SID *sid; 2213 } in; 2214}; 2215 2216/** 2217 * Removes an account from an alias. 2218 * @param hnd Initialized and connected server handle 2219 * @param mem_ctx Context for memory allocation 2220 * @param op Initialized parameters 2221 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2222 * @return CAC_SUCCESS The operation completed successfully 2223 */ 2224int cac_SamRemoveAliasMember(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRemoveAliasMember *op); 2225 2226struct SamGetAliasMembers { 2227 struct { 2228 /**Open handle to the alias*/ 2229 POLICY_HND *alias_hnd; 2230 } in; 2231 2232 struct { 2233 /**The number of members*/ 2234 uint32 num_members; 2235 2236 /**An array storing the SIDs of the accounts*/ 2237 DOM_SID *sids; 2238 } out; 2239}; 2240 2241/** 2242 * Retrieves a list of all accounts in an alias. 2243 * @param hnd Initialized and connected server handle 2244 * @param mem_ctx Context for memory allocation 2245 * @param op Initialized parameters 2246 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2247 * @return CAC_SUCCESS The operation completed successfully 2248 */ 2249int cac_SamGetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasMembers *op); 2250 2251/** 2252 * Removes all the members of an alias - warning: if this function fails is is possible that some but not all members were removed 2253 * @param hnd Initialized and connected server handle 2254 * @param mem_ctx Context for memory allocation 2255 * @param alias_hnd Handle to the alias to clear 2256 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2257 * @return CAC_SUCCESS The operation completed successfully 2258 */ 2259 2260int cac_SamClearAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *alias_hnd); 2261 2262struct SamSetAliasMembers { 2263 struct { 2264 /**Open handle to the group*/ 2265 POLICY_HND *alias_hnd; 2266 2267 /**Number of members in the group - if this is 0, all members of the group will be removed*/ 2268 uint32 num_members; 2269 2270 /**The SIDs of the accounts to add*/ 2271 DOM_SID *sids; 2272 } in; 2273}; 2274 2275/** 2276 * Clears the members of an alias and adds a list of members to the alias 2277 * @param hnd Initialized and connected server handle 2278 * @param mem_ctx Context for memory allocation 2279 * @param op Initialized parameters 2280 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2281 * @return CAC_SUCCESS The operation completed successfully 2282 */ 2283int cac_SamSetAliasMembers(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasMembers *op); 2284 2285 2286struct SamUserChangePasswd { 2287 struct { 2288 /**The username*/ 2289 char *username; 2290 2291 /**The current password*/ 2292 char *password; 2293 2294 /**The new password*/ 2295 char *new_password; 2296 } in; 2297}; 2298/**Used by a user to change their password*/ 2299int cac_SamUserChangePasswd(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamUserChangePasswd *op); 2300 2301/** 2302 * Enables a user 2303 * @param hnd Initialized and connected server handle 2304 * @param mem_ctx Context for memory allocation 2305 * @param user_hnd Open handle to the user to enable 2306 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2307 * @return CAC_SUCCESS The operation completed successfully 2308 */ 2309int cac_SamEnableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 2310 2311/** 2312 * Disables a user 2313 * @param hnd Initialized and connected server handle 2314 * @param mem_ctx Context for memory allocation 2315 * @param user_hnd Open handle to the user to disables 2316 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2317 * @return CAC_SUCCESS The operation completed successfully 2318 */ 2319int cac_SamDisableUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd); 2320 2321struct SamSetPassword { 2322 struct { 2323 /**Open handle to a user*/ 2324 POLICY_HND *user_hnd; 2325 2326 /**The new password*/ 2327 char *password; 2328 } in; 2329}; 2330 2331/** 2332 * Sets a user's password 2333 * @param hnd Initialized and connected server handle 2334 * @param mem_ctx Context for memory allocation 2335 * @param op Initialized parameters 2336 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2337 * @return CAC_SUCCESS The operation completed successfully 2338 */ 2339 2340int cac_SamSetPassword(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetPassword *op); 2341 2342struct SamGetUserInfo { 2343 struct { 2344 /**Open Handle to a user*/ 2345 POLICY_HND *user_hnd; 2346 } in; 2347 2348 struct { 2349 CacUserInfo *info; 2350 } out; 2351}; 2352 2353/** 2354 * Retrieves user information using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly, use cac_SamGetUserInfoCtr() 2355 * @param hnd Initialized and connected server handle 2356 * @param mem_ctx Context for memory allocation 2357 * @param op Initialized parameters 2358 * @see cac_SamGetUserInfoCtr() 2359 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2360 * @return CAC_SUCCESS The operation completed successfully 2361 */ 2362int cac_SamGetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfo *op); 2363 2364struct SamSetUserInfo { 2365 struct { 2366 /**Open handle to a user*/ 2367 POLICY_HND *user_hnd; 2368 2369 /**Structure containing the data you would like to set*/ 2370 CacUserInfo *info; 2371 } in; 2372}; 2373 2374/** 2375 * Sets the user info using a CacUserInfo structure. If you would like to use a SAM_USERINFO_CTR directly use cac_SamSetUserInfoCtr(). 2376 * @note All fields in the CacUserInfo structure will be set. Best to call cac_GetUserInfo() modify fields that you want, and then call cac_SetUserInfo(). 2377 * @note When calling this, you _must_ set the user's password. 2378 * @param hnd Initialized and connected server handle 2379 * @param mem_ctx Context for memory allocation 2380 * @param op Initialized parameters 2381 * @see cac_SamSetUserInfoCtr() 2382 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2383 * @return CAC_SUCCESS The operation completed successfully 2384 */ 2385int cac_SamSetUserInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfo *op); 2386 2387struct SamGetUserInfoCtr { 2388 struct { 2389 /**Open handle to a user*/ 2390 POLICY_HND *user_hnd; 2391 2392 /**What USER_INFO structure you want. See include/rpc_samr.h*/ 2393 uint16 info_class; 2394 } in; 2395 2396 struct { 2397 /**returned user info*/ 2398 SAM_USERINFO_CTR *ctr; 2399 } out; 2400}; 2401 2402/** 2403 * Retrieves user information using a SAM_USERINFO_CTR structure. If you don't want to use this structure, user SamGetUserInfo() 2404 * @param hnd Initialized and connected server handle 2405 * @param mem_ctx Context for memory allocation 2406 * @param op Initialized parameters 2407 * @see cac_SamGetUserInfo() 2408 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2409 * @return CAC_SUCCESS The operation completed successfully 2410 */ 2411int cac_SamGetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetUserInfoCtr *op); 2412 2413struct SamSetUserInfoCtr { 2414 struct { 2415 /**Open handle to a user*/ 2416 POLICY_HND *user_hnd; 2417 2418 /**user info - make sure ctr->switch_value is set properly*/ 2419 SAM_USERINFO_CTR *ctr; 2420 } in; 2421}; 2422 2423/** 2424 * Sets the user info using a SAM_USERINFO_CTR structure. If you don't want to use this structure, use cac_SamSetUserInfo() 2425 * @param hnd Initialized and connected server handle 2426 * @param mem_ctx Context for memory allocation 2427 * @param op Initialized parameters 2428 * @see cac_SamSetUserInfo() 2429 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2430 * @return CAC_SUCCESS The operation completed successfully 2431 */ 2432 2433int cac_SamSetUserInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetUserInfoCtr *op); 2434 2435struct SamRenameUser { 2436 struct { 2437 /**Open handle to user*/ 2438 POLICY_HND *user_hnd; 2439 2440 /**New user name*/ 2441 char *new_name; 2442 } in; 2443}; 2444 2445/** 2446 * Changes the name of a user. 2447 * @param hnd Initialized and connected server handle 2448 * @param mem_ctx Context for memory allocation 2449 * @param op Initialized parameters 2450 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2451 * @return CAC_SUCCESS The operation completed successfully 2452 */ 2453int cac_SamRenameUser(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameUser *op); 2454 2455struct SamGetGroupInfo { 2456 struct { 2457 /**Open handle to a group*/ 2458 POLICY_HND *group_hnd; 2459 } in; 2460 2461 struct { 2462 /**Returned info about the group*/ 2463 CacGroupInfo *info; 2464 } out; 2465}; 2466 2467/** 2468 * Retrieves information about a group. 2469 * @param hnd Initialized and connected server handle 2470 * @param mem_ctx Context for memory allocation 2471 * @param op Initialized parameters 2472 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2473 * @return CAC_SUCCESS The operation completed successfully 2474 */ 2475int cac_SamGetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetGroupInfo *op); 2476 2477struct SamSetGroupInfo { 2478 struct { 2479 /**Open handle to a group*/ 2480 POLICY_HND *group_hnd; 2481 2482 /**group info*/ 2483 CacGroupInfo *info; 2484 } in; 2485}; 2486 2487/** 2488 * Sets information about a group. 2489 * @param hnd Initialized and connected server handle 2490 * @param mem_ctx Context for memory allocation 2491 * @param op Initialized parameters 2492 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2493 * @return CAC_SUCCESS The operation completed successfully 2494 */ 2495int cac_SamSetGroupInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetGroupInfo *op); 2496 2497struct SamRenameGroup { 2498 struct { 2499 /**Open handle to a group*/ 2500 POLICY_HND *group_hnd; 2501 2502 /**New name*/ 2503 char *new_name; 2504 } in; 2505}; 2506 2507/** 2508 * Changes the name of a group 2509 * @param hnd Initialized and connected server handle 2510 * @param mem_ctx Context for memory allocation 2511 * @param op Initialized parameters 2512 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2513 * @return CAC_SUCCESS The operation completed successfully 2514 */ 2515 2516int cac_SamRenameGroup(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamRenameGroup *op); 2517 2518struct SamGetAliasInfo { 2519 struct { 2520 /**Open handle to an alias*/ 2521 POLICY_HND *alias_hnd; 2522 } in; 2523 2524 struct { 2525 /**Returned alias info*/ 2526 CacAliasInfo *info; 2527 } out; 2528}; 2529 2530/** 2531 * Retrieves information about an alias. 2532 * @param hnd Initialized and connected server handle 2533 * @param mem_ctx Context for memory allocation 2534 * @param op Initialized parameters 2535 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2536 * @return CAC_SUCCESS The operation completed successfully 2537 */ 2538int cac_SamGetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetAliasInfo *op); 2539 2540struct SamSetAliasInfo { 2541 struct { 2542 /**Open handle to an alias*/ 2543 POLICY_HND *alias_hnd; 2544 2545 /**Returned alias info*/ 2546 CacAliasInfo *info; 2547 } in; 2548}; 2549 2550/** 2551 * Sets information about an alias. 2552 * @param hnd Initialized and connected server handle 2553 * @param mem_ctx Context for memory allocation 2554 * @param op Initialized parameters 2555 * @return CAC_FAILURE The operation could not complete successfully. hnd->status is set with appropriate NTSTATUS code 2556 * @return CAC_SUCCESS The operation completed successfully 2557 */ 2558int cac_SamSetAliasInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamSetAliasInfo *op); 2559 2560struct SamGetDomainInfo { 2561 struct { 2562 /**Open handle to the domain SAM*/ 2563 POLICY_HND *dom_hnd; 2564 } in; 2565 2566 struct { 2567 /**Returned domain info*/ 2568 CacDomainInfo *info; 2569 } out; 2570}; 2571 2572/** 2573 * Gets domain information in the form of a CacDomainInfo structure. 2574 * @param hnd Initialized and connected server handle 2575 * @param mem_ctx Context for memory allocation 2576 * @param op Initialized parameters 2577 * @see SamGetDomainInfoCtr() 2578 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2579 * @return CAC_SUCCESS - the operation was successful 2580 * @return CAC_PARTIAL_SUCCESS - This function makes 3 rpc calls, if one or two fail and the rest succeed, 2581 * not all fields in the CacDomainInfo structure will be filled 2582 */ 2583int cac_SamGetDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfo *op); 2584 2585struct SamGetDomainInfoCtr { 2586 struct { 2587 /**Open handle to domain*/ 2588 POLICY_HND *dom_hnd; 2589 2590 /**What info level you want*/ 2591 uint16 info_class; 2592 } in; 2593 2594 struct { 2595 SAM_UNK_CTR *info; 2596 } out; 2597}; 2598 2599/** 2600 * Gets domain information in the form of a SAM_UNK_CTR structure. 2601 * @param hnd Initialized and connected server handle 2602 * @param mem_ctx Context for memory allocation 2603 * @param op Initialized parameters 2604 * @see SamGetDomainInfo() 2605 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2606 * @return CAC_SUCCESS - the operation was successful 2607 */ 2608int cac_SamGetDomainInfoCtr(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDomainInfoCtr *op); 2609 2610struct SamGetDisplayInfo { 2611 struct { 2612 /**Open handle to domain*/ 2613 POLICY_HND *dom_hnd; 2614 2615 /**What type of data*/ 2616 uint16 info_class; 2617 2618 /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ 2619 uint32 max_entries; 2620 2621 /**(Optional)If 0, max_entries and max_size will be filled in by the function*/ 2622 uint32 max_size; 2623 } in; 2624 2625 struct { 2626 /**Do not modify this value, use the same value between multiple calls (ie in while loop)*/ 2627 uint32 resume_idx; 2628 2629 /**Number of entries returned*/ 2630 uint32 num_entries; 2631 2632 /**Returned display info*/ 2633 SAM_DISPINFO_CTR ctr; 2634 2635 /**Internal value. Do not modify.*/ 2636 uint32 loop_count; 2637 2638 BOOL done; 2639 } out; 2640}; 2641 2642/** 2643 * Gets dislpay information using a SAM_DISPINFO_CTR. 2644 * @param hnd Initialized and connected server handle 2645 * @param mem_ctx Context for memory allocation 2646 * @param op Initialized parameters 2647 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2648 * @return CAC_SUCCESS - the operation was successful 2649 */ 2650int cac_SamGetDisplayInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetDisplayInfo *op); 2651 2652struct SamLookupDomain { 2653 struct { 2654 /**Open handle to the sam (opened with cac_SamConnect() or cac_SamOpenDomain()*/ 2655 POLICY_HND *sam; 2656 2657 /**Name of the domain to lookup*/ 2658 char *name; 2659 } in; 2660 2661 struct { 2662 /**SID of the domain*/ 2663 DOM_SID *sid; 2664 } out; 2665}; 2666 2667/** 2668 * Looks up a Domain SID given it's name. 2669 * @param hnd Initialized and connected server handle 2670 * @param mem_ctx Context for memory allocation 2671 * @param op Initialized parameters 2672 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2673 * @return CAC_SUCCESS - the operation was successful 2674 */ 2675int cac_SamLookupDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamLookupDomain *op); 2676 2677struct SamGetSecurityObject { 2678 struct { 2679 /**An open handle (SAM, domain or user)*/ 2680 POLICY_HND *pol; 2681 } in; 2682 2683 struct { 2684 SEC_DESC_BUF *sec; 2685 } out; 2686}; 2687 2688/** 2689 * Retrievies Security descriptor information for a SAM/Domain/user 2690 * @param hnd Initialized and connected server handle 2691 * @param mem_ctx Context for memory allocation 2692 * @param op Initialized parameters 2693 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2694 * @return CAC_SUCCESS - the operation was successful 2695 */ 2696int cac_SamGetSecurityObject(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamGetSecurityObject *op); 2697 2698struct SamFlush { 2699 struct { 2700 /**Open handle to the domain SAM*/ 2701 POLICY_HND *dom_hnd; 2702 2703 /**(Optional)Domain SID. If NULL, the domain in hnd->domain will be opened*/ 2704 DOM_SID *sid; 2705 2706 /**(Optional)Desired access to re-open the domain with. If 0, MAXIMUM_ALLOWED_ACCESS is used.*/ 2707 uint32 access; 2708 } in; 2709}; 2710 2711/** 2712 * Closes the domain handle, then re-opens it - effectively flushing any changes made. 2713 * WARNING: if this fails you will no longer have an open handle to the domain SAM. 2714 * @param hnd Initialized and connected server handle 2715 * @param mem_ctx Context for memory allocation 2716 * @param op Initialized Parameters 2717 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2718 * @return CAC_SUCCESS - the operation was successful 2719 */ 2720int cac_SamFlush(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SamFlush *op); 2721 2722/**@}*/ /*SAM_Functions*/ 2723 2724/**@addtogroup SCM_Functions 2725 * @{ 2726 */ 2727 2728struct SvcOpenScm { 2729 struct { 2730 /**Desired access to open the Handle with. See SC_RIGHT_MGR_* or SC_MANAGER_* in include/rpc_secdes.h*/ 2731 uint32 access; 2732 } in; 2733 2734 struct { 2735 /**Handle to the SCM*/ 2736 POLICY_HND *scm_hnd; 2737 } out; 2738}; 2739 2740/** 2741 * Opens a handle to the SCM on the remote machine. 2742 * @param hnd Initialized and connected server handle 2743 * @param mem_ctx Context for memory allocation 2744 * @param op Initialized parameters 2745 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2746 * @return CAC_SUCCESS - the operation was successful 2747 */ 2748int cac_SvcOpenScm(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenScm *op); 2749 2750/** 2751 * Closes an Svc handle (SCM or Service) 2752 * @param hnd Initialized and connected server handle 2753 * @param mem_ctx Context for memory allocation 2754 * @param scm_hnd The handle to close 2755 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2756 * @return CAC_SUCCESS - the operation was successful 2757 */ 2758int cac_SvcClose(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *scm_hnd); 2759 2760struct SvcEnumServices { 2761 struct { 2762 /**Open handle to the SCM*/ 2763 POLICY_HND *scm_hnd; 2764 2765 /**(Optional)Type of service to enumerate. Possible values: 2766 * - SVCCTL_TYPE_WIN32 2767 * - SVCCTL_TYPE_DRIVER 2768 * If this is 0, (SVCCTL_TYPE_DRIVER | SVCCTL_TYPE_WIN32) is assumed. 2769 */ 2770 uint32 type; 2771 2772 /**(Optional)State of service to enumerate. Possible values: 2773 * - SVCCTL_STATE_ACTIVE 2774 * - SVCCTL_STATE_INACTIVE 2775 * - SVCCTL_STATE_ALL 2776 * If this is 0, SVCCTL_STATE_ALL is assumed. 2777 */ 2778 uint32 state; 2779 } in; 2780 2781 struct { 2782 /**Number of services returned*/ 2783 uint32 num_services; 2784 2785 /**Array of service structures*/ 2786 CacService *services; 2787 } out; 2788}; 2789 2790/** 2791 * Enumerates services on the remote machine. 2792 * @param hnd Initialized and connected server handle 2793 * @param mem_ctx Context for memory allocation 2794 * @param op Initialized parameters 2795 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2796 * @return CAC_SUCCESS - the operation was successful 2797 */ 2798int cac_SvcEnumServices(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcEnumServices *op); 2799 2800struct SvcOpenService { 2801 struct { 2802 /**Handle to the Service Control Manager*/ 2803 POLICY_HND *scm_hnd; 2804 2805 /**Access mask to open service with see SERVICE_* or SC_RIGHT_SVC_* in include/rpc_secdes.h*/ 2806 uint32 access; 2807 2808 /**The name of the service. _not_ the display name*/ 2809 char *name; 2810 } in; 2811 2812 struct { 2813 /**Handle to the open service*/ 2814 POLICY_HND *svc_hnd; 2815 } out; 2816}; 2817 2818/** 2819 * Opens a handle to a service. 2820 * @param hnd Initialized and connected server handle 2821 * @param mem_ctx Context for memory allocation 2822 * @param op Initialized Parameters 2823 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2824 * @return CAC_SUCCESS - the operation was successful 2825 */ 2826 2827int cac_SvcOpenService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcOpenService *op); 2828 2829struct SvcGetStatus { 2830 struct { 2831 /**Open handle to the service to query*/ 2832 POLICY_HND *svc_hnd; 2833 } in; 2834 2835 struct { 2836 /**The status of the service. See include/rpc_svcctl.h for SERVICE_STATUS definition.*/ 2837 SERVICE_STATUS status; 2838 } out; 2839}; 2840 2841/** 2842 * Retrieves the status of a service. 2843 * @param hnd Initialized and connected server handle 2844 * @param mem_ctx Context for memory allocation 2845 * @param op Initialized Parameters 2846 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2847 * @return CAC_SUCCESS - the operation was successful 2848 */ 2849int cac_SvcGetStatus(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetStatus *op); 2850 2851struct SvcStartService { 2852 struct { 2853 /**open handle to the service*/ 2854 POLICY_HND *svc_hnd; 2855 2856 /**Array of parameters to start the service with. Can be NULL if num_parms is 0*/ 2857 char **parms; 2858 2859 /**Number of parameters in the parms array*/ 2860 uint32 num_parms; 2861 2862 /**Number of seconds to wait for the service to actually start. If this is 0, then the status will not be checked after the initial call*/ 2863 uint32 timeout; 2864 } in; 2865}; 2866 2867/** 2868 * Attempts to start a service. 2869 * @param hnd Initialized and connected server handle 2870 * @param mem_ctx Context for memory allocation 2871 * @param op Initialized Parameters 2872 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2873 * @return CAC_SUCCESS - the operation was successful 2874 */ 2875 2876int cac_SvcStartService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStartService *op); 2877 2878struct SvcControlService { 2879 struct { 2880 /**Open handle to the service to control*/ 2881 POLICY_HND *svc_hnd; 2882 2883 /**The control operation to perform. Possible values (from include/rpc_svcctl.h): 2884 * - SVCCTL_CONTROL_STOP 2885 * - SVCCTL_CONTROL_PAUSE 2886 * - SVCCTL_CONTROL_CONTINUE 2887 * - SVCCTL_CONTROL_SHUTDOWN 2888 */ 2889 uint32 control; 2890 } in; 2891 2892 struct { 2893 /**The returned status of the service, _immediately_ after the call*/ 2894 SERVICE_STATUS *status; 2895 } out; 2896}; 2897 2898/** 2899 * Performs a control operation on a service and _immediately_ returns. 2900 * @see cac_SvcStopService() 2901 * @see cac_SvcPauseService() 2902 * @see cac_SvcContinueService() 2903 * @see cac_SvcShutdownService() 2904 * @param hnd Initialized and connected server handle 2905 * @param mem_ctx Context for memory allocation 2906 * @param op Initialized Parameters 2907 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 2908 * @return CAC_SUCCESS - the operation was successful 2909 */ 2910int cac_SvcControlService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcControlService *op); 2911 2912struct SvcStopService { 2913 struct { 2914 /**Open handle to the service*/ 2915 POLICY_HND *svc_hnd; 2916 2917 /**Number of seconds to wait for the service to actually start. 2918 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 2919 */ 2920 uint32 timeout; 2921 } in; 2922 2923 struct { 2924 /**Status of the service after the operation*/ 2925 SERVICE_STATUS status; 2926 } out; 2927}; 2928 2929/** 2930 * Attempts to stop a service. 2931 * @see cacSvcControlService() 2932 * @param hnd Initialized and connected server handle 2933 * @param mem_ctx Context for memory allocation 2934 * @param op Initialized Parameters 2935 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 2936 * @return CAC_SUCCESS - the operation was successful 2937 */ 2938int cac_SvcStopService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcStopService *op); 2939 2940struct SvcPauseService { 2941 struct { 2942 /**Open handle to the service*/ 2943 POLICY_HND *svc_hnd; 2944 2945 /**Number of seconds to wait for the service to actually start. 2946 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 2947 */ 2948 uint32 timeout; 2949 } in; 2950 2951 struct { 2952 /**Status of the service after the operation*/ 2953 SERVICE_STATUS status; 2954 } out; 2955}; 2956 2957/** 2958 * Attempts to pause a service. 2959 * @see cacSvcControlService() 2960 * @param hnd Initialized and connected server handle 2961 * @param mem_ctx Context for memory allocation 2962 * @param op Initialized Parameters 2963 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 2964 * @return CAC_SUCCESS - the operation was successful 2965 */ 2966int cac_SvcPauseService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcPauseService *op); 2967 2968struct SvcContinueService { 2969 struct { 2970 /**Open handle to the service*/ 2971 POLICY_HND *svc_hnd; 2972 2973 /**Number of seconds to wait for the service to actually start. 2974 * If this is 0, then the status will not be checked after the initial call and CAC_SUCCESS might be returned if the status isn't actually started 2975 */ 2976 uint32 timeout; 2977 } in; 2978 2979 struct { 2980 /**Status of the service after the operation*/ 2981 SERVICE_STATUS status; 2982 } out; 2983}; 2984 2985/** 2986 * Attempts to continue a paused service. 2987 * @see cacSvcControlService() 2988 * @param hnd Initialized and connected server handle 2989 * @param mem_ctx Context for memory allocation 2990 * @param op Initialized Parameters 2991 * @return CAC_FAILURE - the operation was not successful. If hnd->status is NT_STATUS_OK, then a timeout occured. 2992 * @return CAC_SUCCESS - the operation was successful 2993 */ 2994int cac_SvcContinueService(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcContinueService *op); 2995 2996struct SvcGetDisplayName { 2997 struct { 2998 /**Open handle to the service*/ 2999 POLICY_HND *svc_hnd; 3000 } in; 3001 3002 struct { 3003 /**The returned display name of the service*/ 3004 char *display_name; 3005 } out; 3006}; 3007 3008/** 3009 * Retrieves the display name of a service _not currently working_ 3010 * @param hnd Initialized and connected server handle 3011 * @param mem_ctx Context for memory allocation 3012 * @param op Initialized Parameters 3013 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 3014 * @return CAC_SUCCESS - the operation was successful 3015 */ 3016int cac_SvcGetDisplayName(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetDisplayName *op); 3017 3018struct SvcGetServiceConfig { 3019 struct { 3020 /**Open handle to the service*/ 3021 POLICY_HND *svc_hnd; 3022 } in; 3023 3024 struct { 3025 /**Returned Configuration information*/ 3026 CacServiceConfig config; 3027 } out; 3028}; 3029 3030/** 3031 * Retrieves configuration information about a service. 3032 * @param hnd Initialized and connected server handle 3033 * @param mem_ctx Context for memory allocation 3034 * @param op Initialized Parameters 3035 * @return CAC_FAILURE - the operation was not successful hnd->status is set appropriately 3036 * @return CAC_SUCCESS - the operation was successful 3037 */ 3038int cac_SvcGetServiceConfig(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct SvcGetServiceConfig *op); 3039 3040/**@}*/ /*SCM_Functions*/ 3041 3042struct rpc_pipe_client *cac_GetPipe(CacServerHandle *hnd, int pi_idx); 3043 3044#endif /* LIBMSRPC_H */ 3045 3046 3047