Logo Search packages:      
Sourcecode: samba-doc-ja version File versions

BOOL fetch_domain_sid ( char *  domain,
char *  remote_machine,
DOM_SID *  psid 
)

Fetch a DOMAIN sid. Does complete cli setup / teardown anonymously.

Definition at line 1063 of file cli_lsarpc.c.

References cli_lsa_open_policy(), and cli_lsa_query_info_policy().

{
      extern pstring global_myname;
      struct cli_state cli;
      NTSTATUS result;
      POLICY_HND lsa_pol;
      BOOL ret = False;
 
      ZERO_STRUCT(cli);
      if(cli_initialise(&cli) == False) {
            DEBUG(0,("fetch_domain_sid: unable to initialize client connection.\n"));
            return False;
      }
 
      if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
            DEBUG(0,("fetch_domain_sid: Can't resolve address for %s\n", remote_machine));
            goto done;
      }
 
      if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
            DEBUG(0,("fetch_domain_sid: unable to connect to SMB server on \
machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
            goto done;
      }

      if (!attempt_netbios_session_request(&cli, global_myname, remote_machine, &cli.dest_ip)) {
            DEBUG(0,("fetch_domain_sid: machine %s rejected the NetBIOS session request.\n", 
                  remote_machine));
            goto done;
      }
 
      cli.protocol = PROTOCOL_NT1;
 
      if (!cli_negprot(&cli)) {
            DEBUG(0,("fetch_domain_sid: machine %s rejected the negotiate protocol. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
            goto done;
      }
 
      if (cli.protocol != PROTOCOL_NT1) {
            DEBUG(0,("fetch_domain_sid: machine %s didn't negotiate NT protocol.\n",
                  remote_machine));
            goto done;
      }
 
      /*
       * Do an anonymous session setup.
       */
 
      if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
            DEBUG(0,("fetch_domain_sid: machine %s rejected the session setup. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
            goto done;
      }
 
      if (!(cli.sec_mode & 1)) {
            DEBUG(0,("fetch_domain_sid: machine %s isn't in user level security mode\n",
                  remote_machine));
            goto done;
      }

      if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
            DEBUG(0,("fetch_domain_sid: machine %s rejected the tconX on the IPC$ share. \
Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
            goto done;
      }

      /* Fetch domain sid */
 
      if (!cli_nt_session_open(&cli, PIPE_LSARPC)) {
            DEBUG(0, ("fetch_domain_sid: Error connecting to SAM pipe\n"));
            goto done;
      }
 
      result = cli_lsa_open_policy(&cli, cli.mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, &lsa_pol);
      if (!NT_STATUS_IS_OK(result)) {
            DEBUG(0, ("fetch_domain_sid: Error opening lsa policy handle. %s\n",
                  get_nt_error_msg(result) ));
            goto done;
      }
 
      result = cli_lsa_query_info_policy(&cli, cli.mem_ctx, &lsa_pol, 5, domain, psid);
      if (!NT_STATUS_IS_OK(result)) {
            DEBUG(0, ("fetch_domain_sid: Error querying lsa policy handle. %s\n",
                  get_nt_error_msg(result) ));
            goto done;
      }
 
      ret = True;

  done:

      cli_shutdown(&cli);
      return ret;
}


Generated by  Doxygen 1.6.0   Back to index