lsalib.c revision 2
2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 2007, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A * This module provides the high level interface to the LSA RPC functions. 2N/A/*LINTED E_STATIC_UNUSED*/ 2N/A * Lookup the given account and returns the account information 2N/A * in the passed smb_account_t structure. 2N/A * The lookup is performed in the following order: 2N/A * well known accounts 2N/A * If it's established the given account is well know or local 2N/A * but the lookup fails for some reason, the next step(s) won't be 2N/A * If the name is a domain account, it may refer to a user, group or 2N/A * alias. If it is a local account, its type should be specified 2N/A * in the sid_type parameter. In case the account type is unknown 2N/A * sid_type should be set to SidTypeUnknown. 2N/A * account argument could be either [domain\]name or [domain/]name. 2N/A * NT_STATUS_SUCCESS Account is successfully translated 2N/A * NT_STATUS_NONE_MAPPED Couldn't translate the account 2N/A * Retries for DC failover 2N/A * --------------------------- 2N/A * Required by the called function: lsa_lookup_name_domain(). 2N/A * Retries for DC failover 2N/A * --------------------------- 2N/A * Required by the called function: lsa_lookup_sid_domain(). 2N/A * Obtains the primary domain SID and name from the specified server 2N/A * (domain controller). 2N/A * The requested information will be returned via 'info' argument. 2N/A * Returns NT status codes. 2N/A * Obtains the account domain SID and name from the current server 2N/A * (domain controller). 2N/A * The requested information will be returned via 'info' argument. 2N/A * Returns NT status codes. 2N/A * lsa_query_dns_domain_info 2N/A * Obtains the DNS domain info from the specified server 2N/A * (domain controller). 2N/A * The requested information will be returned via 'info' argument. 2N/A * Returns NT status codes. 2N/A * Enumerate the trusted domains of the primary domain. 2N/A * Try the extended enumaration call, which returns the FQDN and 2N/A * trust information in addition to the trusted domain's NetBIOS 2N/A * If the extended call fails, we fall back to the original enum 2N/A * The requested information will be returned via the info pointer. 2N/A * Returns NT status codes. 2N/A * STATUS_NO_MORE_ENTRIES indicates that we have all of the available 2N/A * information, which we can translate to NT_STATUS_SUCCESS. 2N/A * Lookup well known accounts table 2N/A * NT_STATUS_SUCCESS Account is translated successfully 2N/A * NT_STATUS_NOT_FOUND This is not a well known account 2N/A * NT_STATUS_NONE_MAPPED Account is found but domains don't match 2N/A * NT_STATUS_NO_MEMORY Memory shortage 2N/A * Lookup the given account in domain. 2N/A * The information is returned in the user_info structure. 2N/A * The caller is responsible for allocating and releasing 2N/A * Retries for DC failover 2N/A * --------------------------- 2N/A * Handled by the called function: lsar_lookup(). 2N/A * lsa_lookup_privs (NOT IMPLEMENTED) 2N/A * Request the privileges associated with the specified account. In 2N/A * order to get the privileges, we first have to lookup the name on 2N/A * the specified domain controller and obtain the appropriate SID. 2N/A * The SID can then be used to open the account and obtain the 2N/A * account privileges. The results from both the name lookup and the 2N/A * privileges are returned in the user_info structure. The caller is 2N/A * responsible for allocating and releasing this structure. 2N/A * On success 0 is returned. Otherwise a -ve error code. 2N/A * Retries for DC failover 2N/A * --------------------------- 2N/A * Handled by the called function: lsar_lookup(). 2N/A * List the privileges supported by the specified server. 2N/A * This function is only intended for diagnostics. 2N/A * Returns NT status codes. 2N/A for (i = 0; i <
30; ++i) {
2N/A * This function can be used to list the accounts in the specified 2N/A * domain. For now the SIDs are just listed in the system log. 2N/A * On success 0 is returned. Otherwise a -ve error code. 2N/A * Lookup well known accounts table for the given SID 2N/A * NT_STATUS_SUCCESS Account is translated successfully 2N/A * NT_STATUS_NOT_FOUND This is not a well known account 2N/A * NT_STATUS_NO_MEMORY Memory shortage 2N/A * Retries for DC failover 2N/A * --------------------------- 2N/A * Handled by the called function: lsar_lookup().