summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Chapman <matty@samba.org>1999-06-02 03:19:20 +0000
committerMatthew Chapman <matty@samba.org>1999-06-02 03:19:20 +0000
commit99e42c0656d3e1e3b8e06437a8a9082c12df22d2 (patch)
treedb75fd259f749760beca37872888246158438ca9
parentc2919e499a755014ade1381552f4d808f443d89f (diff)
downloadsamba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.tar.gz
samba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.tar.bz2
samba-99e42c0656d3e1e3b8e06437a8a9082c12df22d2.zip
Some more BDC-related fixes, mainly to the NET_SAM_SYNC RPC with respect
to alignment, missing fields, etc. - it should now work correctly. There is still the problem of decoding the private data field. (This used to be commit c3c25e762fbc30d5663323f23449c913f2ce4b0e)
-rw-r--r--source3/include/proto.h3
-rw-r--r--source3/include/rpc_netlogon.h50
-rw-r--r--source3/rpc_client/cli_netlogon.c89
-rw-r--r--source3/rpc_parse/parse_net.c97
-rw-r--r--source3/rpc_server/srv_netlog.c2
-rw-r--r--source3/rpcclient/cmd_netlogon.c23
6 files changed, 186 insertions, 78 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 12958baa3a..4efc7f803c 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1708,9 +1708,10 @@ BOOL cli_net_srv_pwset(struct cli_state *cli, uint16 nt_pipe_fnum,
BOOL cli_net_sam_logon(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr,
NET_USER_INFO_3 *user_info3);
BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_CTR *ctr);
-BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id);
+BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas);
BOOL change_trust_account_password(char *domain, char *remote_machine_list,
uint16 sec_chan);
+BOOL do_sam_sync(struct cli_state *cli);
/*The following definitions come from rpc_client/cli_pipe.c */
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 2d8f5ae1b7..2c02e96d18 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -460,30 +460,38 @@ typedef struct sam_account_info_info
UNIHDR hdr_dir_drive;
UNIHDR hdr_logon_script;
UNIHDR hdr_acct_desc;
+ UNIHDR hdr_workstations;
- NTTIME time_1;
- NTTIME time_2;
- NTTIME time_3;
+ NTTIME logon_time;
+ NTTIME logoff_time;
uint32 logon_divs; /* 0xA8 */
uint32 ptr_logon_hrs;
- /* N.B. 8-byte alignment */
- NTTIME time_4;
- NTTIME time_5;
+ uint16 bad_pwd_count;
+ uint16 logon_count;
+ NTTIME pwd_last_set_time;
+ NTTIME acct_expiry_time;
+
uint32 acb_info;
- char reserved[36];
+ uint8 nt_pwd[16];
+ uint8 lm_pwd[16];
+ uint8 nt_pwd_present;
+ uint8 lm_pwd_present;
+ uint8 pwd_expired;
UNIHDR hdr_comment;
- char unknown1[12];
+ UNIHDR hdr_parameters;
+ uint16 country;
+ uint16 codepage;
- BUFHDR2 hdr_pwd_info;
+ BUFHDR2 hdr_priv_data;
BUFHDR2 hdr_sec_desc; /* security descriptor */
- UNIHDR hdr_profile;
- char unknown2[24];
- NTTIME time_6; /* *** HIGH/LOW DWORDS THE WRONG WAY!!! *** */
- char unknown3[8];
+ UNIHDR hdr_profile;
+ UNIHDR hdr_reserved[3]; /* space for more strings */
+ uint32 dw_reserved[4]; /* space for more data - first two seem to
+ be an NTTIME */
UNISTR2 uni_acct_name;
UNISTR2 uni_full_name;
@@ -491,13 +499,15 @@ typedef struct sam_account_info_info
UNISTR2 uni_dir_drive;
UNISTR2 uni_logon_script;
UNISTR2 uni_acct_desc;
+ UNISTR2 uni_workstations;
- uint32 unknown4; /* 0x4EC */
- uint32 unknown5; /* 0 */
+ uint32 unknown1; /* 0x4EC */
+ uint32 unknown2; /* 0 */
BUFFER4 buf_logon_hrs;
UNISTR2 uni_comment;
- BUFFER4 buf_pwd_info;
+ UNISTR2 uni_parameters;
+ BUFFER4 buf_priv_data;
BUFFER4 buf_sec_desc;
UNISTR2 uni_profile;
@@ -571,8 +581,8 @@ typedef struct net_r_sam_sync_info
uint32 ptr_deltas2;
uint32 num_deltas2;
- SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS];
- SAM_DELTA_CTR deltas[MAX_SAM_DELTAS];
+ SAM_DELTA_HDR *hdr_deltas;
+ SAM_DELTA_CTR *deltas;
uint32 status;
@@ -605,8 +615,8 @@ typedef struct net_r_sam_deltas_info
uint32 ptr_deltas;
uint32 num_deltas2;
- SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS];
- SAM_DELTA_CTR deltas[MAX_SAM_DELTAS];
+ SAM_DELTA_HDR *hdr_deltas;
+ SAM_DELTA_CTR *deltas;
uint32 status;
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 9bd7d695d2..e9a8582d10 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -476,7 +476,7 @@ password ?).\n", cli->desthost ));
/***************************************************************************
Synchronise SAM Database (requires SEC_CHAN_BDC).
****************************************************************************/
-BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id)
+BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas)
{
NET_Q_SAM_SYNC q_s;
prs_struct rbuf;
@@ -501,11 +501,14 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
if (rpc_api_pipe_req(cli, nt_pipe_fnum, NET_SAM_SYNC, &buf, &rbuf))
{
NET_R_SAM_SYNC r_s;
-
+
+ r_s.hdr_deltas = hdr_deltas;
+ r_s.deltas = deltas;
+
net_io_r_sam_sync("", &r_s, &rbuf, 0);
ok = (rbuf.offset != 0);
-
- if (ok && r_s.status != 0)
+
+ if (ok && r_s.status != 0 && r_s.status != NT_STATUS_MORE_ENTRIES)
{
/* report error code */
DEBUG(0,("cli_net_sam_sync: %s\n", get_nt_error_msg(r_s.status)));
@@ -519,6 +522,16 @@ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 databas
DEBUG(0,("cli_net_sam_sync: server %s replied with bad credential (bad machine password ?).\n", cli->desthost));
ok = False;
}
+
+ if (ok)
+ {
+ *num_deltas = r_s.num_deltas2;
+
+ if (r_s.status == NT_STATUS_MORE_ENTRIES)
+ {
+ DEBUG(2, ("(More entries)\n"));
+ }
+ }
}
prs_mem_free(&rbuf);
@@ -708,3 +721,71 @@ domain %s.\n", timestring(), domain));
domain %s.\n", timestring(), domain));
return False;
}
+
+BOOL do_sam_sync(struct cli_state *cli)
+{
+ uint16 nt_pipe_fnum;
+ BOOL res = True;
+ unsigned char trust_passwd[16];
+ int i, j;
+
+ SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS];
+ SAM_DELTA_CTR deltas[MAX_SAM_DELTAS];
+ uint32 num_deltas;
+ fstring name;
+ char *data;
+
+ DEBUG(2,("Attempting SAM synchronisation with PDC\n"));
+
+ res = res ? trust_get_passwd(trust_passwd, cli->domain, global_myname) : False;
+
+ /* open NETLOGON session. negotiate credentials */
+ res = res ? cli_nt_session_open(cli, PIPE_NETLOGON, &nt_pipe_fnum) : False;
+
+ res = res ? cli_nt_setup_creds(cli, nt_pipe_fnum, cli->mach_acct,
+ trust_passwd, SEC_CHAN_BDC) : False;
+
+ res = res ? cli_net_sam_sync(cli, nt_pipe_fnum, 0, &num_deltas, hdr_deltas, deltas) : False;
+
+ memset(trust_passwd, 0, 16);
+
+ /* close the session */
+ cli_nt_session_close(cli, nt_pipe_fnum);
+
+ if (!res)
+ {
+ DEBUG(0, ("SAM synchronisation FAILED\n"));
+ return False;
+ }
+
+ DEBUG(0, ("SAM synchronisation returned %d entries\n", num_deltas));
+
+ for (i = 0; i < num_deltas; i++)
+ {
+ switch (hdr_deltas[i].type)
+ {
+ case 1:
+ unistr2_to_ascii(name, &(deltas[i].domain_info.uni_dom_name), sizeof(fstring)-1);
+ DEBUG(0, ("Domain: %s\n", name));
+ break;
+
+ case 2:
+ unistr2_to_ascii(name, &(deltas[i].group_info.uni_grp_name), sizeof(fstring)-1);
+ DEBUG(0, ("Group: %s\n", name));
+ break;
+
+ case 5:
+ unistr2_to_ascii(name, &(deltas[i].account_info.uni_acct_name), sizeof(fstring)-1);
+ DEBUG(0, ("Account: %s\n", name));
+
+ data = deltas[i].account_info.buf_priv_data.buffer;
+ for (j = 0; j < deltas[i].account_info.buf_priv_data.buf_len; j++)
+ {
+ snprintf(&name[2*j], 3, "%02X", data[j]);
+ }
+ DEBUG(0, ("Private Data: %s\n", name));
+ }
+ }
+
+ return True;
+}
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 083816771f..271ac3afeb 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1221,6 +1221,7 @@ static void net_io_sam_domain_info(char *desc, SAM_DOMAIN_INFO *info, prs_struct
smb_io_bufhdr2("hdr_sec_desc", &(info->hdr_sec_desc) , ps, depth);
smb_io_unihdr ("hdr_unknown" , &(info->hdr_unknown) , ps, depth);
+ ps->offset += 40;
smb_io_unistr2("uni_dom_name", &(info->uni_dom_name),
info->hdr_dom_name.buffer, ps, depth);
@@ -1252,7 +1253,7 @@ static void net_io_sam_group_info(char *desc, SAM_GROUP_INFO *info, prs_struct *
smb_io_unistr2("uni_grp_name", &(info->uni_grp_name),
info->hdr_grp_name.buffer, ps, depth);
smb_io_unistr2("uni_grp_desc", &(info->uni_grp_desc),
- info->hdr_grp_name.buffer, ps, depth);
+ info->hdr_grp_desc.buffer, ps, depth);
smb_io_buffer4("buf_sec_desc", &(info->buf_sec_desc),
info->hdr_sec_desc.buffer, ps, depth);
}
@@ -1284,25 +1285,34 @@ void make_sam_account_info(SAM_ACCOUNT_INFO *info, char *user_name,
make_uni_hdr(&(info->hdr_profile ), len_profile );
/* not present */
+ make_uni_hdr(&(info->hdr_workstations), 0);
make_uni_hdr(&(info->hdr_comment), 0);
- make_bufhdr2(&(info->hdr_pwd_info), 0, 0, 0);
+ make_uni_hdr(&(info->hdr_parameters), 0);
+ make_bufhdr2(&(info->hdr_priv_data), 0, 0, 0);
make_bufhdr2(&(info->hdr_sec_desc), 0, 0, 0);
info->user_rid = user_rid;
info->group_rid = group_rid;
- init_nt_time(&(info->time_1));
- init_nt_time(&(info->time_2));
- init_nt_time(&(info->time_3));
- init_nt_time(&(info->time_4));
- init_nt_time(&(info->time_5));
+ init_nt_time(&(info->logon_time));
+ init_nt_time(&(info->logoff_time));
+ init_nt_time(&(info->pwd_last_set_time));
+ init_nt_time(&(info->acct_expiry_time));
info->logon_divs = 0xA8;
info->ptr_logon_hrs = 0; /* Don't care right now */
+ info->bad_pwd_count = 0;
+ info->logon_count = 0;
info->acb_info = acb_info;
- info->unknown4 = 0x4EC;
- info->unknown5 = 0;
+ info->nt_pwd_present = 0;
+ info->lm_pwd_present = 0;
+ info->pwd_expired = 0;
+ info->country = 0;
+ info->codepage = 0;
+
+ info->unknown1 = 0x4EC;
+ info->unknown2 = 0;
make_unistr2(&(info->uni_acct_name), user_name, len_user_name+1);
make_unistr2(&(info->uni_full_name), full_name, len_full_name+1);
@@ -1318,6 +1328,8 @@ reads or writes a structure.
********************************************************************/
static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_struct *ps, int depth)
{
+ int i;
+
if (info == NULL) return;
prs_debug(ps, depth, desc, "net_io_sam_account_info");
@@ -1333,26 +1345,44 @@ static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_stru
smb_io_unihdr("hdr_dir_drive" , &(info->hdr_dir_drive), ps, depth);
smb_io_unihdr("hdr_logon_script", &(info->hdr_logon_script), ps, depth);
smb_io_unihdr("hdr_acct_desc" , &(info->hdr_acct_desc), ps, depth);
+ smb_io_unihdr("hdr_workstations", &(info->hdr_workstations), ps, depth);
- smb_io_time("time_1", &(info->time_1), ps, depth);
- smb_io_time("time_2", &(info->time_2), ps, depth);
- smb_io_time("time_3", &(info->time_3), ps, depth);
+ smb_io_time("logon_time" , &(info->logon_time ), ps, depth);
+ smb_io_time("logoff_time", &(info->logoff_time), ps, depth);
prs_uint32("logon_divs ", ps, depth, &(info->logon_divs ));
prs_uint32("ptr_logon_hrs", ps, depth, &(info->ptr_logon_hrs));
- smb_io_time("time_4", &(info->time_4), ps, depth);
- smb_io_time("time_5", &(info->time_5), ps, depth);
- prs_uint32("acb_info", ps, depth, &(info->acb_info));
- ps->offset += 36;
+ prs_uint16("bad_pwd_count", ps, depth, &(info->bad_pwd_count));
+ prs_uint16("logon_count" , ps, depth, &(info->logon_count ));
+ smb_io_time("pwd_last_set_time", &(info->pwd_last_set_time), ps, depth);
+ smb_io_time("acct_expiry_time" , &(info->acct_expiry_time ), ps, depth);
- smb_io_unihdr("hdr_comment", &(info->hdr_comment), ps, depth);
- ps->offset += 12;
+ prs_uint32("acb_info", ps, depth, &(info->acb_info));
+ prs_uint8s(False, "nt_pwd", ps, depth, info->nt_pwd, 16);
+ prs_uint8s(False, "lm_pwd", ps, depth, info->lm_pwd, 16);
+ prs_uint8("lm_pwd_present", ps, depth, &(info->lm_pwd_present));
+ prs_uint8("nt_pwd_present", ps, depth, &(info->nt_pwd_present));
+ prs_uint8("pwd_expired" , ps, depth, &(info->pwd_expired ));
+
+ smb_io_unihdr("hdr_comment" , &(info->hdr_comment ), ps, depth);
+ smb_io_unihdr("hdr_parameters", &(info->hdr_parameters), ps, depth);
+ prs_uint16("country" , ps, depth, &(info->country ));
+ prs_uint16("codepage", ps, depth, &(info->codepage));
+
+ smb_io_bufhdr2("hdr_priv_data", &(info->hdr_priv_data), ps, depth);
+ smb_io_bufhdr2("hdr_sec_desc" , &(info->hdr_sec_desc) , ps, depth);
+ smb_io_unihdr ("hdr_profile" , &(info->hdr_profile) , ps, depth);
+
+ for (i = 0; i < 3; i++)
+ {
+ smb_io_unihdr("hdr_reserved", &(info->hdr_reserved[i]), ps, depth);
+ }
- smb_io_bufhdr2("hdr_pwd_info", &(info->hdr_pwd_info), ps, depth);
- smb_io_bufhdr2("hdr_sec_desc", &(info->hdr_sec_desc), ps, depth);
- smb_io_unihdr ("hdr_profile ", &(info->hdr_profile) , ps, depth);
- ps->offset += 36; /* includes that stupid NTTIME, ignore for now */
+ for (i = 0; i < 4; i++)
+ {
+ prs_uint32("dw_reserved", ps, depth, &(info->dw_reserved[i]));
+ }
smb_io_unistr2("uni_acct_name", &(info->uni_acct_name),
info->hdr_acct_name.buffer, ps, depth);
@@ -1366,19 +1396,23 @@ static void net_io_sam_account_info(char *desc, SAM_ACCOUNT_INFO *info, prs_stru
info->hdr_logon_script.buffer, ps, depth);
smb_io_unistr2("uni_acct_desc", &(info->uni_acct_desc),
info->hdr_acct_desc.buffer, ps, depth);
+ smb_io_unistr2("uni_workstations", &(info->uni_workstations),
+ info->hdr_workstations.buffer, ps, depth);
- prs_uint32("unknown4", ps, depth, &(info->unknown4));
- prs_uint32("unknown5", ps, depth, &(info->unknown5));
+ prs_uint32("unknown1", ps, depth, &(info->unknown1));
+ prs_uint32("unknown2", ps, depth, &(info->unknown2));
- smb_io_buffer4("buf_logon_hrs", &(info->buf_logon_hrs),
+ smb_io_buffer4("buf_logon_hrs" , &(info->buf_logon_hrs ),
info->ptr_logon_hrs, ps, depth);
- smb_io_unistr2("uni_comment" , &(info->uni_comment ),
+ smb_io_unistr2("uni_comment" , &(info->uni_comment ),
info->hdr_comment.buffer, ps, depth);
- smb_io_buffer4("buf_pwd_info" , &(info->buf_pwd_info ),
- info->hdr_pwd_info.buffer, ps, depth);
- smb_io_buffer4("buf_sec_desc" , &(info->buf_sec_desc ),
+ smb_io_unistr2("uni_parameters", &(info->uni_parameters),
+ info->hdr_parameters.buffer, ps, depth);
+ smb_io_buffer4("buf_priv_data" , &(info->buf_priv_data ),
+ info->hdr_priv_data.buffer, ps, depth);
+ smb_io_buffer4("buf_sec_desc" , &(info->buf_sec_desc ),
info->hdr_sec_desc.buffer, ps, depth);
- smb_io_unistr2("uni_profile" , &(info->uni_profile ),
+ smb_io_unistr2("uni_profile" , &(info->uni_profile ),
info->hdr_profile.buffer, ps, depth);
}
@@ -1517,7 +1551,7 @@ static void net_io_sam_alias_mem_info(char *desc, SAM_ALIAS_MEM_INFO *info, prs_
/*******************************************************************
reads or writes a structure.
********************************************************************/
-static void net_io_sam_delta_ctr(char *desc, SAM_DELTA_CTR *delta, uint32 type, prs_struct *ps, int depth)
+static void net_io_sam_delta_ctr(char *desc, SAM_DELTA_CTR *delta, uint16 type, prs_struct *ps, int depth)
{
if (delta == NULL) return;
@@ -1592,5 +1626,6 @@ void net_io_r_sam_sync(char *desc, NET_R_SAM_SYNC *r_s, prs_struct *ps, int dept
}
}
+ prs_align(ps);
prs_uint32("status", ps, depth, &(r_s->status));
}
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 44ad4fd064..7ee45ada16 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -251,6 +251,8 @@ static void net_reply_sam_sync(NET_Q_SAM_SYNC *q_s, prs_struct *rdata,
pwd->group_rid, pwd->home_dir, pwd->dir_drive,
pwd->logon_script, pwd->acct_desc,
pwd->acct_ctrl, pwd->profile_path);
+
+ i++;
}
endsmbpwent(vp);
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index be5bf8596a..def5dba297 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -179,26 +179,5 @@ experimental SAM synchronisation.
****************************************************************************/
void cmd_sam_sync(struct client_info *info)
{
- uint16 nt_pipe_fnum;
- BOOL res = True;
- unsigned char trust_passwd[16];
-
- DEBUG(5,("Attempting SAM Synchronisation with PDC\n"));
-
- res = res ? trust_get_passwd(trust_passwd, smb_cli->domain, info->myhostname) : False;
-
- /* open NETLOGON session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_NETLOGON, &nt_pipe_fnum) : False;
-
- res = res ? cli_nt_setup_creds(smb_cli, nt_pipe_fnum, smb_cli->mach_acct,
- trust_passwd, SEC_CHAN_BDC) : False;
-
- res = res ? cli_net_sam_sync(smb_cli, nt_pipe_fnum, 0) : False;
-
- memset(trust_passwd, 0, 16);
-
- /* close the session */
- cli_nt_session_close(smb_cli, nt_pipe_fnum);
-
- fprintf(out_hnd,"cmd_sam_sync: test succeeded: %s\n", BOOLSTR(res));
+ do_sam_sync(smb_cli);
}