diff options
author | Garming Sam <garming@catalyst.net.nz> | 2017-04-11 15:51:50 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-05-30 08:06:07 +0200 |
commit | fd29e28d5231a4e576979c0b116564b751be8831 (patch) | |
tree | 30b1dcba3607e5a502ab6335a5cebe665e04b979 /librpc/idl | |
parent | 8ae968193b7084af8bb0ccf7d624ff10e39d5715 (diff) | |
download | samba-fd29e28d5231a4e576979c0b116564b751be8831.tar.gz |
netlogon: Implement SendToSam along with its winbind forwarding
This allows you to forward bad password count resets to 0. Currently,
there is a missing access check for the RODC to ensure it only applies
to cached users (msDS-Allowed-Password-Replication-Group).
(further patches still need to address forcing a RWDC contact)
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'librpc/idl')
-rw-r--r-- | librpc/idl/netlogon.idl | 39 | ||||
-rw-r--r-- | librpc/idl/winbind.idl | 5 |
2 files changed, 43 insertions, 1 deletions
diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index e4b499fd85e..4d1a0ef237f 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -1466,9 +1466,46 @@ interface netlogon [out,ref] samr_Password *password ); + typedef [public] enum { + SendToSamUpdatePassword = 0, + SendToSamResetBadPasswordCount = 1, + SendToSamUpdatePasswordForward = 2, + SendToSamUpdateLastLogonTimestamp = 3, + SendToSamResetSmartCardPassword = 4 + } netr_SendToSamType; + + typedef struct { + GUID guid; + } netr_SendToSamResetBadPasswordCount; + + typedef [nodiscriminant, public,switch_type(netr_SendToSamType)] union { + /* TODO Implement other SendToSam message types + * [case(SendToSamUpdatePassword)] netr_SendToSamUpdatePassword ...; */ + [case(SendToSamResetBadPasswordCount)] netr_SendToSamResetBadPasswordCount reset_bad_password; + /* + * [case(SendToSamUpdatePasswordForward)] netrSendToSamUpdatePasswordForward ...; + * [case(SendToSamUpdateLastLogonTimestamp)] netrSendToSamUpdateLastLogonTimestamp ...; + * [case(SendToSamResetSmartCardPassword)] netrSendToSamResetSmartCardPassword ...; + */ + [default]; + } netr_SendToSamMessage; + + typedef [public] struct { + netr_SendToSamType message_type; + uint32 message_size; + [switch_is(message_type), subcontext(0), subcontext_size(message_size)] netr_SendToSamMessage message; + } netr_SendToSamBase; + /****************/ /* Function 0x20 */ - [todo] WERROR netr_NETRLOGONSENDTOSAM(); + NTSTATUS netr_NetrLogonSendToSam( + [in,unique] [string,charset(UTF16)] uint16 *server_name, + [in] [string,charset(UTF16)] uint16 *computer_name, + [in,ref] netr_Authenticator *credential, + [out,ref] netr_Authenticator *return_authenticator, + [in,ref] [size_is(buffer_len)] uint8 *opaque_buffer, + [in] uint32 buffer_len + ); /****************/ /* Function 0x21 */ diff --git a/librpc/idl/winbind.idl b/librpc/idl/winbind.idl index 05db6b96b81..737d66abe70 100644 --- a/librpc/idl/winbind.idl +++ b/librpc/idl/winbind.idl @@ -211,4 +211,9 @@ interface winbind [in] uint32 flags, [out,ref] lsa_ForestTrustInformation **forest_trust_info ); + + NTSTATUS winbind_SendToSam( + [in] netr_SendToSamBase message + ); + } |