The branch, master has been updated
via 023558a s3-passdb: make pdb_password_change_time_max static.
via 158f6d8 s3-rpcclient: add tool to call
lsa_SetInformationTrustedDomain.
from 165d5bf s3: Remove some false/superfluous translations
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 023558aa90e51d4a0c37fff272213bd26343f901
Author: Günther Deschner <g...@samba.org>
Date: Tue Nov 29 13:38:59 2011 +0100
s3-passdb: make pdb_password_change_time_max static.
Guenther
Autobuild-User: Günther Deschner <g...@samba.org>
Autobuild-Date: Tue Nov 29 15:16:51 CET 2011 on sn-devel-104
commit 158f6d8f6818dd4d32fd49482caa8c6cbd38421f
Author: Günther Deschner <g...@samba.org>
Date: Tue Nov 22 18:38:52 2011 +0100
s3-rpcclient: add tool to call lsa_SetInformationTrustedDomain.
"lsasettrustdominfo S-1-5-21-123456-123456-123456 13 1"
currently you only can set the encryption type field.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/passdb/pdb_get_set.c | 2 +-
source3/rpcclient/cmd_lsarpc.c | 71 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 72 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 540435f..7575af2 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -64,7 +64,7 @@ bool pdb_is_password_change_time_max(time_t test_time)
Return an unchanging version of max password change time - 0x7FFFFFFF.
********************************************************************/
-time_t pdb_password_change_time_max(void)
+static time_t pdb_password_change_time_max(void)
{
return 0x7FFFFFFF;
}
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c
index 8325a61..ed55c45 100644
--- a/source3/rpcclient/cmd_lsarpc.c
+++ b/source3/rpcclient/cmd_lsarpc.c
@@ -1312,6 +1312,76 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct
rpc_pipe_client *cli,
return status;
}
+static NTSTATUS cmd_lsa_set_trustdominfo(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx, int argc,
+ const char **argv)
+{
+ struct policy_handle pol, trustdom_pol;
+ NTSTATUS status, result;
+ uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
+ union lsa_TrustedDomainInfo info;
+ struct dom_sid dom_sid;
+ enum lsa_TrustDomInfoEnum info_class = 1;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
+
+ if (argc > 4 || argc < 3) {
+ printf("Usage: %s [sid] [info_class] [value]\n", argv[0]);
+ return NT_STATUS_OK;
+ }
+
+ if (!string_to_sid(&dom_sid, argv[1])) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+
+ info_class = atoi(argv[2]);
+
+ switch (info_class) {
+ case 13: /* LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES */
+ info.enc_types.enc_types = atoi(argv[3]);
+ break;
+ default:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx,
+ &pol,
+ &dom_sid,
+ access_mask,
+ &trustdom_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+
+ status = dcerpc_lsa_SetInformationTrustedDomain(b, mem_ctx,
+ &trustdom_pol,
+ info_class,
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+ done:
+ dcerpc_lsa_Close(b, mem_ctx, &trustdom_pol, &result);
+ dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
+
+ return status;
+}
+
static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
@@ -2224,6 +2294,7 @@ struct cmd_set lsarpc_commands[] = {
{ "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS,
cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA
trusted domains info (given a SID)", "" },
{ "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS,
cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc.syntax_id, NULL,
"Query LSA trusted domains info (given a name), only works for Windows > 2k",
"" },
{ "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS,
cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc.syntax_id, NULL,
"Query LSA trusted domains info (given a SID)", "" },
+ { "lsasettrustdominfo", RPC_RTYPE_NTSTATUS, cmd_lsa_set_trustdominfo,
NULL, &ndr_table_lsarpc.syntax_id, NULL, "Set LSA trusted domain info", "" },
{ "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username,
NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get username", "" },
{ "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret,
NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Secret", "" },
{ "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret,
NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Secret", "" },
--
Samba Shared Repository
