enum SID_NAME_USE sid_name_use;
fstring nt_name;
fstring comment;
+
+ /* Here we store SIDs that we can be sure of to be of type
+ * SID_NAME_DOM_GRP, so it's a Domain Group which can not be
+ * represented via /etc/group memberships. */
+
+ int num_member;
+ DOM_SID *alias_members;
} GROUP_MAP;
typedef struct samr_group_info4
{
+ uint16 level;
UNIHDR hdr_acct_desc;
UNISTR2 uni_acct_desc;
return result;
}
+/* Create domain group */
+
+NTSTATUS cli_samr_create_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *domain_pol,
+ const char *group_name,
+ uint32 access_mask, POLICY_HND *group_pol)
+{
+ prs_struct qbuf, rbuf;
+ SAMR_Q_CREATE_DOM_GROUP q;
+ SAMR_R_CREATE_DOM_GROUP r;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10,("cli_samr_create_dom_group\n"));
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask);
+
+ if (!samr_io_q_create_dom_group("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_CREATE_DOM_GROUP, &qbuf, &rbuf))
+ goto done;
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_create_dom_group("", &r, &rbuf, 0))
+ goto done;
+
+ /* Return output parameters */
+
+ result = r.status;
+
+ if (NT_STATUS_IS_OK(result))
+ *group_pol = r.pol;
+
+ done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
+ return result;
+}
+
/* Query user info */
NTSTATUS cli_samr_query_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return result;
}
+/* Set group info */
+
+NTSTATUS cli_samr_set_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
+{
+ prs_struct qbuf, rbuf;
+ SAMR_Q_SET_GROUPINFO q;
+ SAMR_R_SET_GROUPINFO r;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10,("cli_samr_set_groupinfo\n"));
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_set_groupinfo(&q, group_pol, ctr);
+
+ if (!samr_io_q_set_groupinfo("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_SET_GROUPINFO, &qbuf, &rbuf))
+ goto done;
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_set_groupinfo("", &r, &rbuf, 0))
+ goto done;
+
+ /* Return output parameters */
+
+ result = r.status;
+
+ done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
+ return result;
+}
+
/* Query group info */
NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
inits a GROUP_INFO4 structure.
********************************************************************/
-void init_samr_group_info4(GROUP_INFO4 * gr4, char *acct_desc)
+void init_samr_group_info4(GROUP_INFO4 * gr4, const char *acct_desc)
{
DEBUG(5, ("init_samr_group_info4\n"));
+ gr4->level = 4;
init_unistr2(&gr4->uni_acct_desc, acct_desc, UNI_FLAGS_NONE);
init_uni_hdr(&gr4->hdr_acct_desc, &gr4->uni_acct_desc);
}
prs_debug(ps, depth, desc, "samr_io_group_info4");
depth++;
- if(!prs_align(ps))
+ if(!prs_uint16("hdr_level", ps, depth, &gr4->level))
return False;
-
if(!smb_io_unihdr("hdr_acct_desc", &gr4->hdr_acct_desc, ps, depth))
return False;
if(!smb_io_unistr2("uni_acct_desc", &gr4->uni_acct_desc,
********************************************************************/
void init_samr_q_create_dom_group(SAMR_Q_CREATE_DOM_GROUP * q_e,
- POLICY_HND *pol, char *acct_desc,
+ POLICY_HND *pol, const char *acct_desc,
uint32 access_mask)
{
DEBUG(5, ("init_samr_q_create_dom_group\n"));
return net_help_group(argc, argv);
}
+static NTSTATUS
+rpc_group_add_internals(const DOM_SID *domain_sid, const char *domain_name,
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx, int argc, const char **argv)
+{
+ POLICY_HND connect_pol, domain_pol, group_pol;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ GROUP_INFO_CTR group_info;
+
+ if (argc != 1) {
+ d_printf("Group name must be specified\n");
+ rpc_group_usage(argc, argv);
+ return NT_STATUS_OK;
+ }
+
+ /* Get sam policy handle */
+
+ result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
+ &connect_pol);
+ if (!NT_STATUS_IS_OK(result)) goto done;
+
+ /* Get domain policy handle */
+
+ result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ domain_sid, &domain_pol);
+ if (!NT_STATUS_IS_OK(result)) goto done;
+
+ /* Create the group */
+
+ result = cli_samr_create_dom_group(cli, mem_ctx, &domain_pol,
+ argv[0], MAXIMUM_ALLOWED_ACCESS,
+ &group_pol);
+ if (!NT_STATUS_IS_OK(result)) goto done;
+
+ if (strlen(opt_comment) == 0) goto done;
+
+ /* We've got a comment to set */
+
+ group_info.switch_value1 = 4;
+ init_samr_group_info4(&group_info.group.info4, opt_comment);
+
+ result = cli_samr_set_groupinfo(cli, mem_ctx, &group_pol, &group_info);
+ if (!NT_STATUS_IS_OK(result)) goto done;
+
+ done:
+ if (NT_STATUS_IS_OK(result))
+ DEBUG(5, ("add group succeeded\n"));
+ else
+ d_printf("add group failed: %s\n", nt_errstr(result));
+
+ return result;
+}
+
+static int rpc_group_add(int argc, const char **argv)
+{
+ return run_rpc_command(NULL, PI_SAMR, 0,
+ rpc_group_add_internals,
+ argc, argv);
+}
+
/**
* List groups on a remote RPC server
*
int net_rpc_group(int argc, const char **argv)
{
struct functable func[] = {
-#if 0
{"add", rpc_group_add},
+#if 0
{"delete", rpc_group_delete},
#endif
{"list", rpc_group_list},
git.samba.org / samba.git / commitdiff