The branch, master has been updated via 023558a s3-passdb: make pdb_password_change_time_max static. via 158f6d8 s3-rpcclient: add tool to call lsa_SetInformationTrustedDomain. from 165d5bf s3: Remove some false/superfluous translations
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 023558aa90e51d4a0c37fff272213bd26343f901 Author: Günther Deschner <g...@samba.org> Date: Tue Nov 29 13:38:59 2011 +0100 s3-passdb: make pdb_password_change_time_max static. Guenther Autobuild-User: Günther Deschner <g...@samba.org> Autobuild-Date: Tue Nov 29 15:16:51 CET 2011 on sn-devel-104 commit 158f6d8f6818dd4d32fd49482caa8c6cbd38421f Author: Günther Deschner <g...@samba.org> Date: Tue Nov 22 18:38:52 2011 +0100 s3-rpcclient: add tool to call lsa_SetInformationTrustedDomain. "lsasettrustdominfo S-1-5-21-123456-123456-123456 13 1" currently you only can set the encryption type field. Guenther ----------------------------------------------------------------------- Summary of changes: source3/passdb/pdb_get_set.c | 2 +- source3/rpcclient/cmd_lsarpc.c | 71 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 540435f..7575af2 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -64,7 +64,7 @@ bool pdb_is_password_change_time_max(time_t test_time) Return an unchanging version of max password change time - 0x7FFFFFFF. ********************************************************************/ -time_t pdb_password_change_time_max(void) +static time_t pdb_password_change_time_max(void) { return 0x7FFFFFFF; } diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index 8325a61..ed55c45 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -1312,6 +1312,76 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, return status; } +static NTSTATUS cmd_lsa_set_trustdominfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + struct policy_handle pol, trustdom_pol; + NTSTATUS status, result; + uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + union lsa_TrustedDomainInfo info; + struct dom_sid dom_sid; + enum lsa_TrustDomInfoEnum info_class = 1; + struct dcerpc_binding_handle *b = cli->binding_handle; + + if (argc > 4 || argc < 3) { + printf("Usage: %s [sid] [info_class] [value]\n", argv[0]); + return NT_STATUS_OK; + } + + if (!string_to_sid(&dom_sid, argv[1])) { + return NT_STATUS_NO_MEMORY; + } + + + info_class = atoi(argv[2]); + + switch (info_class) { + case 13: /* LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES */ + info.enc_types.enc_types = atoi(argv[3]); + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx, + &pol, + &dom_sid, + access_mask, + &trustdom_pol, + &result); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } + + status = dcerpc_lsa_SetInformationTrustedDomain(b, mem_ctx, + &trustdom_pol, + info_class, + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + if (!NT_STATUS_IS_OK(result)) { + status = result; + goto done; + } + done: + dcerpc_lsa_Close(b, mem_ctx, &trustdom_pol, &result); + dcerpc_lsa_Close(b, mem_ctx, &pol, &result); + + return status; +} + static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -2224,6 +2294,7 @@ struct cmd_set lsarpc_commands[] = { { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" }, { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" }, { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" }, + { "lsasettrustdominfo", RPC_RTYPE_NTSTATUS, cmd_lsa_set_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Set LSA trusted domain info", "" }, { "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get username", "" }, { "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Secret", "" }, { "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Secret", "" }, -- Samba Shared Repository