summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2006-02-27 10:32:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:10:25 -0500
commite54786b53543b4667288c64abb55478fddd95061 (patch)
treec9641bd414989a72be6c425f9857f5731da74188
parentbd97e1a5eae982feda5e5bbd08e7f4e3b6473baf (diff)
downloadsamba-e54786b53543b4667288c64abb55478fddd95061.tar.gz
samba-e54786b53543b4667288c64abb55478fddd95061.tar.bz2
samba-e54786b53543b4667288c64abb55478fddd95061.zip
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
-rw-r--r--examples/libmsrpc/test/sam/samenum.c2
-rw-r--r--examples/pdb/test.c2
-rw-r--r--source3/auth/auth_sam.c4
-rw-r--r--source3/auth/auth_util.c5
-rw-r--r--source3/include/libmsrpc.h2
-rw-r--r--source3/include/passdb.h10
-rw-r--r--source3/include/rpc_samr.h7
-rw-r--r--source3/include/smb.h1
-rw-r--r--source3/libads/ads_utils.c42
-rw-r--r--source3/passdb/passdb.c49
-rw-r--r--source3/passdb/pdb_get_set.c4
-rw-r--r--source3/passdb/pdb_interface.c6
-rw-r--r--source3/passdb/pdb_ldap.c12
-rw-r--r--source3/passdb/pdb_smbpasswd.c2
-rw-r--r--source3/passdb/pdb_tdb.c242
-rw-r--r--source3/python/py_samr.c2
-rw-r--r--source3/rpc_client/cli_samr.c4
-rw-r--r--source3/rpc_parse/parse_net.c18
-rw-r--r--source3/rpc_parse/parse_samr.c21
-rw-r--r--source3/rpc_server/srv_netlog_nt.c4
-rw-r--r--source3/rpc_server/srv_samr_nt.c4
-rw-r--r--source3/rpcclient/cmd_samr.c8
-rw-r--r--source3/smbd/chgpasswd.c6
-rw-r--r--source3/utils/net_rpc.c4
24 files changed, 355 insertions, 106 deletions
diff --git a/examples/libmsrpc/test/sam/samenum.c b/examples/libmsrpc/test/sam/samenum.c
index 5b10475aac..f1b9ebdf84 100644
--- a/examples/libmsrpc/test/sam/samenum.c
+++ b/examples/libmsrpc/test/sam/samenum.c
@@ -51,7 +51,7 @@ int main(int argc, char **argv) {
eu.in.dom_hnd = sod.out.dom_hnd;
printf("ACB mask (can be 0): ");
- scanf("%hx", &eu.in.acb_mask);
+ scanf("%x", &eu.in.acb_mask);
while(cac_SamEnumUsers(hnd, mem_ctx, &eu)) {
printf("Enumerated %d users:\n", eu.out.num_users);
diff --git a/examples/pdb/test.c b/examples/pdb/test.c
index 63eb1eaaf9..68b5b9a3e5 100644
--- a/examples/pdb/test.c
+++ b/examples/pdb/test.c
@@ -29,7 +29,7 @@ static int testsam_debug_level = DBGC_ALL;
Start enumeration of the passwd list.
****************************************************************/
-static NTSTATUS testsam_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
+static NTSTATUS testsam_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
{
DEBUG(10, ("testsam_setsampwent called\n"));
return NT_STATUS_NOT_IMPLEMENTED;
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index f06eb83ba1..740170d73d 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -40,7 +40,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
DATA_BLOB *user_sess_key,
DATA_BLOB *lm_sess_key)
{
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
const uint8 *lm_pw, *nt_pw;
const char *username = pdb_get_username(sampass);
@@ -116,7 +116,7 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
struct samu *sampass,
const auth_usersupplied_info *user_info)
{
- uint16 acct_ctrl = pdb_get_acct_ctrl(sampass);
+ uint32 acct_ctrl = pdb_get_acct_ctrl(sampass);
char *workstation_list;
time_t kickoff_time;
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2de362cabe..1f853e5eb9 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1598,6 +1598,11 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
+ if (!pdb_set_acct_ctrl(sam_account, info3->acct_flags, PDB_CHANGED)) {
+ TALLOC_FREE(sam_account);
+ return NT_STATUS_NO_MEMORY;
+ }
+
result = make_server_info(NULL);
if (result == NULL) {
DEBUG(4, ("make_server_info failed!\n"));
diff --git a/source3/include/libmsrpc.h b/source3/include/libmsrpc.h
index 9fbd57a8d3..36bae44177 100644
--- a/source3/include/libmsrpc.h
+++ b/source3/include/libmsrpc.h
@@ -1761,7 +1761,7 @@ struct SamEnumUsers {
POLICY_HND *dom_hnd;
/**Enumerate users with specific ACB. If 0, all users will be enumerated*/
- uint16 acb_mask;
+ uint32 acb_mask;
} in;
struct {
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 0e64653fe6..a9688c6f81 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -130,7 +130,7 @@ enum pdb_value_state {
/* cache for bad password lockout data, to be used on replicated SAMs */
typedef struct logon_cache_struct {
time_t entry_timestamp;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
uint16 bad_password_count;
time_t bad_password_time;
} LOGIN_CACHE;
@@ -171,7 +171,7 @@ struct samu {
DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
char* plaintext_pw; /* is Null if not available */
- uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
+ uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
uint32 fields_present; /* 0x00ff ffff */
uint16 logon_divs; /* 168 - number of hours in a week */
@@ -204,7 +204,7 @@ struct acct_info {
struct samr_displayentry {
uint32 idx;
uint32 rid;
- uint16 acct_flags;
+ uint32 acct_flags;
const char *account_name;
const char *fullname;
const char *description;
@@ -248,7 +248,7 @@ struct pdb_methods
{
const char *name; /* What name got this module */
- NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint16 acb_mask);
+ NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint32 acb_mask);
void (*endsampwent)(struct pdb_methods *);
@@ -382,7 +382,7 @@ struct pdb_methods
BOOL (*search_users)(struct pdb_methods *methods,
struct pdb_search *search,
- uint16 acct_flags);
+ uint32 acct_flags);
BOOL (*search_groups)(struct pdb_methods *methods,
struct pdb_search *search);
BOOL (*search_aliases)(struct pdb_methods *methods,
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index a9e3e0a08d..ccb4fc9e44 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -743,8 +743,7 @@ typedef struct q_samr_enum_dom_users_info
POLICY_HND pol; /* policy handle */
uint32 start_idx; /* number of values (0 indicates unlimited?) */
- uint16 acb_mask; /* 0x0000 indicates all */
- uint16 unknown_1; /* 0x0000 */
+ uint32 acb_mask; /* 0x0000 indicates all */
uint32 max_size; /* 0x0000 ffff */
@@ -847,7 +846,7 @@ typedef struct samr_entry_info1
uint32 user_idx;
uint32 rid_user;
- uint16 acb_info;
+ uint32 acb_info;
UNIHDR hdr_acct_name;
UNIHDR hdr_user_name;
@@ -878,7 +877,7 @@ typedef struct samr_entry_info2
uint32 user_idx;
uint32 rid_user;
- uint16 acb_info;
+ uint32 acb_info;
UNIHDR hdr_srv_name;
UNIHDR hdr_srv_desc;
diff --git a/source3/include/smb.h b/source3/include/smb.h
index fd3c23e575..832f91f9bd 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -243,6 +243,7 @@ typedef struct nttime_info {
#define ACB_NOT_DELEGATED 0x00004000 /* 1 = Not delegated */
#define ACB_USE_DES_KEY_ONLY 0x00008000 /* 1 = Use DES key only */
#define ACB_DONT_REQUIRE_PREAUTH 0x00010000 /* 1 = Preauth not required */
+#define ACB_NO_AUTH_DATA_REQD 0x00080000 /* 1 = No authorization data required */
#define MAX_HOURS_LEN 32
diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c
index 1aad0bed54..0cbf235989 100644
--- a/source3/libads/ads_utils.c
+++ b/source3/libads/ads_utils.c
@@ -25,21 +25,28 @@
/*
translated the ACB_CTRL Flags to UserFlags (userAccountControl)
*/
-uint32 ads_acb2uf(uint16 acb)
+uint32 ads_acb2uf(uint32 acb)
{
uint32 uf = 0x00000000;
- if (acb & ACB_DISABLED) uf |= UF_ACCOUNTDISABLE;
- if (acb & ACB_HOMDIRREQ) uf |= UF_HOMEDIR_REQUIRED;
- if (acb & ACB_PWNOTREQ) uf |= UF_PASSWD_NOTREQD;
- if (acb & ACB_TEMPDUP) uf |= UF_TEMP_DUPLICATE_ACCOUNT;
- if (acb & ACB_NORMAL) uf |= UF_NORMAL_ACCOUNT;
- if (acb & ACB_MNS) uf |= UF_MNS_LOGON_ACCOUNT;
- if (acb & ACB_DOMTRUST) uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
- if (acb & ACB_WSTRUST) uf |= UF_WORKSTATION_TRUST_ACCOUNT;
- if (acb & ACB_SVRTRUST) uf |= UF_SERVER_TRUST_ACCOUNT;
- if (acb & ACB_PWNOEXP) uf |= UF_DONT_EXPIRE_PASSWD;
- if (acb & ACB_AUTOLOCK) uf |= UF_LOCKOUT;
+ if (acb & ACB_DISABLED) uf |= UF_ACCOUNTDISABLE;
+ if (acb & ACB_HOMDIRREQ) uf |= UF_HOMEDIR_REQUIRED;
+ if (acb & ACB_PWNOTREQ) uf |= UF_PASSWD_NOTREQD;
+ if (acb & ACB_TEMPDUP) uf |= UF_TEMP_DUPLICATE_ACCOUNT;
+ if (acb & ACB_NORMAL) uf |= UF_NORMAL_ACCOUNT;
+ if (acb & ACB_MNS) uf |= UF_MNS_LOGON_ACCOUNT;
+ if (acb & ACB_DOMTRUST) uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
+ if (acb & ACB_WSTRUST) uf |= UF_WORKSTATION_TRUST_ACCOUNT;
+ if (acb & ACB_SVRTRUST) uf |= UF_SERVER_TRUST_ACCOUNT;
+ if (acb & ACB_PWNOEXP) uf |= UF_DONT_EXPIRE_PASSWD;
+ if (acb & ACB_AUTOLOCK) uf |= UF_LOCKOUT;
+ if (acb & ACB_USE_DES_KEY_ONLY) uf |= UF_USE_DES_KEY_ONLY;
+ if (acb & ACB_SMARTCARD_REQUIRED) uf |= UF_SMARTCARD_REQUIRED;
+ if (acb & ACB_TRUSTED_FOR_DELEGATION) uf |= UF_TRUSTED_FOR_DELEGATION;
+ if (acb & ACB_DONT_REQUIRE_PREAUTH) uf |= UF_DONT_REQUIRE_PREAUTH;
+ if (acb & ACB_NO_AUTH_DATA_REQD) uf |= UF_NO_AUTH_DATA_REQUIRED;
+ if (acb & ACB_NOT_DELEGATED) uf |= UF_NOT_DELEGATED;
+ if (acb & ACB_ENC_TXT_PWD_ALLOWED) uf |= UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED;
return uf;
}
@@ -47,9 +54,9 @@ uint32 ads_acb2uf(uint16 acb)
/*
translated the UserFlags (userAccountControl) to ACB_CTRL Flags
*/
-uint16 ads_uf2acb(uint32 uf)
+uint32 ads_uf2acb(uint32 uf)
{
- uint16 acb = 0x0000;
+ uint32 acb = 0x00000000;
if (uf & UF_ACCOUNTDISABLE) acb |= ACB_DISABLED;
if (uf & UF_HOMEDIR_REQUIRED) acb |= ACB_HOMDIRREQ;
@@ -57,6 +64,13 @@ uint16 ads_uf2acb(uint32 uf)
if (uf & UF_MNS_LOGON_ACCOUNT) acb |= ACB_MNS;
if (uf & UF_DONT_EXPIRE_PASSWD) acb |= ACB_PWNOEXP;
if (uf & UF_LOCKOUT) acb |= ACB_AUTOLOCK;
+ if (uf & UF_USE_DES_KEY_ONLY) acb |= ACB_USE_DES_KEY_ONLY;
+ if (uf & UF_SMARTCARD_REQUIRED) acb |= ACB_SMARTCARD_REQUIRED;
+ if (uf & UF_TRUSTED_FOR_DELEGATION) acb |= ACB_TRUSTED_FOR_DELEGATION;
+ if (uf & UF_DONT_REQUIRE_PREAUTH) acb |= ACB_DONT_REQUIRE_PREAUTH;
+ if (uf & UF_NO_AUTH_DATA_REQUIRED) acb |= ACB_NO_AUTH_DATA_REQD;
+ if (uf & UF_NOT_DELEGATED) acb |= ACB_NOT_DELEGATED;
+ if (uf & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED) acb |= ACB_ENC_TXT_PWD_ALLOWED;
switch (uf & UF_ACCOUNT_TYPE_MASK)
{
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index c0cf3f2a23..130d6ba8f6 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -253,7 +253,7 @@ NTSTATUS samu_alloc_rid_unix(struct samu *user, const struct passwd *pwd)
null). length *MUST BE MORE THAN 2* !
**********************************************************/
-char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
+char *pdb_encode_acct_ctrl(uint32 acct_ctrl, size_t length)
{
static fstring acct_str;
@@ -289,9 +289,9 @@ char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
Decode the account control bits from a string.
**********************************************************/
-uint16 pdb_decode_acct_ctrl(const char *p)
+uint32 pdb_decode_acct_ctrl(const char *p)
{
- uint16 acct_ctrl = 0;
+ uint32 acct_ctrl = 0;
BOOL finished = False;
/*
@@ -331,7 +331,7 @@ uint16 pdb_decode_acct_ctrl(const char *p)
Routine to set 32 hex password characters from a 16 byte array.
**************************************************************/
-void pdb_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl)
+void pdb_sethexpwd(char *p, const unsigned char *pwd, uint32 acct_ctrl)
{
if (pwd != NULL) {
int i;
@@ -620,7 +620,7 @@ NTSTATUS local_password_change(const char *user_name, int local_flags,
char *msg_str, size_t msg_str_len)
{
struct samu *sam_pass=NULL;
- uint16 other_acb;
+ uint32 other_acb;
NTSTATUS result;
*err_str = '\0';
@@ -799,12 +799,12 @@ NTSTATUS local_password_change(const char *user_name, int local_flags,
Marshall/unmarshall struct samu structs.
*********************************************************************/
-#define TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
+#define TDB_FORMAT_STRING_V3 "dddddddBBBBBBBBBBBBddBBBdwdBwwd"
/*********************************************************************
*********************************************************************/
-BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
+BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen)
{
/* times are stored as 32bit integer
@@ -834,8 +834,8 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
fullname_len, homedir_len, logon_script_len,
profile_path_len, acct_desc_len, workstations_len;
- uint32 user_rid, group_rid, hours_len, unknown_6;
- uint16 acct_ctrl, logon_divs;
+ uint32 user_rid, group_rid, hours_len, unknown_6, acct_ctrl;
+ uint16 logon_divs;
uint16 bad_password_count, logon_count;
uint8 *hours = NULL;
uint8 *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
@@ -847,14 +847,14 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
BOOL expand_explicit = lp_passdb_expand_explicit();
if(sampass == NULL || buf == NULL) {
- DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
+ DEBUG(0, ("init_sam_from_buffer_v3: NULL parameters found!\n"));
return False;
}
-/* TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+/* TDB_FORMAT_STRING_V3 "dddddddBBBBBBBBBBBBddBBBdwdBwwd" */
/* unpack the buffer into variables */
- len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
+ len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V3,
&logon_time, /* d */
&logoff_time, /* d */
&kickoff_time, /* d */
@@ -880,7 +880,8 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
&nt_pw_len, &nt_pw_ptr, /* B */
/* Change from V1 is addition of password history field. */
&nt_pw_hist_len, &nt_pw_hist_ptr, /* B */
- &acct_ctrl, /* w */
+ /* Change from V2 is the uint32 acb_mask */
+ &acct_ctrl, /* d */
/* Also "remove_me" field was removed. */
&logon_divs, /* w */
&hours_len, /* d */
@@ -972,7 +973,6 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
}
}
- /* Change from V1 is addition of password history field. */
pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
if (pwHistLen) {
uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
@@ -1006,6 +1006,7 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
pdb_set_logon_count(sampass, logon_count, PDB_SET);
pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
+ /* Change from V2 is the uint32 acct_ctrl */
pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
pdb_set_hours(sampass, hours, PDB_SET);
@@ -1035,7 +1036,7 @@ done:
/*********************************************************************
*********************************************************************/
-uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_only)
+uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_only)
{
size_t len, buflen;
@@ -1215,10 +1216,10 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
munged_dial_len = 0;
}
-/* TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+/* TDB_FORMAT_STRING_V3 "dddddddBBBBBBBBBBBBddBBBdwdBwwd" */
/* one time to get the size needed */
- len = tdb_pack(NULL, 0, TDB_FORMAT_STRING_V2,
+ len = tdb_pack(NULL, 0, TDB_FORMAT_STRING_V3,
logon_time, /* d */
logoff_time, /* d */
kickoff_time, /* d */
@@ -1243,7 +1244,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
lm_pw_len, lm_pw, /* B */
nt_pw_len, nt_pw, /* B */
nt_pw_hist_len, nt_pw_hist, /* B */
- pdb_get_acct_ctrl(sampass), /* w */
+ pdb_get_acct_ctrl(sampass), /* d */
pdb_get_logon_divs(sampass), /* w */
pdb_get_hours_len(sampass), /* d */
MAX_HOURS_LEN, pdb_get_hours(sampass), /* B */
@@ -1257,12 +1258,12 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
/* malloc the space needed */
if ( (*buf=(uint8*)SMB_MALLOC(len)) == NULL) {
- DEBUG(0,("init_buffer_from_sam_v2: Unable to malloc() memory for buffer!\n"));
+ DEBUG(0,("init_buffer_from_sam_v3: Unable to malloc() memory for buffer!\n"));
return (-1);
}
/* now for the real call to tdb_pack() */
- buflen = tdb_pack((char *)*buf, len, TDB_FORMAT_STRING_V2,
+ buflen = tdb_pack((char *)*buf, len, TDB_FORMAT_STRING_V3,
logon_time, /* d */
logoff_time, /* d */
kickoff_time, /* d */
@@ -1287,7 +1288,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
lm_pw_len, lm_pw, /* B */
nt_pw_len, nt_pw, /* B */
nt_pw_hist_len, nt_pw_hist, /* B */
- pdb_get_acct_ctrl(sampass), /* w */
+ pdb_get_acct_ctrl(sampass), /* d */
pdb_get_logon_divs(sampass), /* w */
pdb_get_hours_len(sampass), /* d */
MAX_HOURS_LEN, pdb_get_hours(sampass), /* B */
@@ -1297,7 +1298,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
/* check to make sure we got it correct */
if (buflen != len) {
- DEBUG(0, ("init_buffer_from_sam_v2: somthing odd is going on here: bufflen (%lu) != len (%lu) in tdb_pack operations!\n",
+ DEBUG(0, ("init_buffer_from_sam_v3: somthing odd is going on here: bufflen (%lu) != len (%lu) in tdb_pack operations!\n",
(unsigned long)buflen, (unsigned long)len));
/* error */
SAFE_FREE (*buf);
@@ -1320,12 +1321,12 @@ BOOL pdb_copy_sam_account(struct samu *dst, struct samu *src )
if ( !dst )
return False;
- len = init_buffer_from_sam_v2(&buf, src, False);
+ len = init_buffer_from_sam_v3(&buf, src, False);
if (len == -1)
return False;
- result = init_sam_from_buffer_v2( dst, buf, len );
+ result = init_sam_from_buffer_v3( dst, buf, len );
dst->methods = src->methods;
if ( src->unix_pw )
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 921e13a3d2..f704c5c481 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -40,7 +40,7 @@
Collection of get...() functions for struct samu.
********************************************************************/
-uint16 pdb_get_acct_ctrl (const struct samu *sampass)
+uint32 pdb_get_acct_ctrl (const struct samu *sampass)
{
if (sampass)
return (sampass->acct_ctrl);
@@ -424,7 +424,7 @@ void *pdb_get_backend_private_data (const struct samu *sampass, const struct pdb
Collection of set...() functions for struct samu.
********************************************************************/
-BOOL pdb_set_acct_ctrl (struct samu *sampass, uint16 acct_ctrl, enum pdb_value_state flag)
+BOOL pdb_set_acct_ctrl (struct samu *sampass, uint32 acct_ctrl, enum pdb_value_state flag)
{
if (!sampass)
return False;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2b5c53534d..c49e032389 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1248,7 +1248,7 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods,
return NT_STATUS_OK;
}
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
@@ -1854,7 +1854,7 @@ static void search_end_users(struct pdb_search *search)
static BOOL pdb_default_search_users(struct pdb_methods *methods,
struct pdb_search *search,
- uint16 acct_flags)
+ uint32 acct_flags)
{
struct user_search *state;
@@ -1985,7 +1985,7 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
return (search->num_entries > idx) ? &search->cache[idx] : NULL;
}
-struct pdb_search *pdb_search_users(uint16 acct_flags)
+struct pdb_search *pdb_search_users(uint32 acct_flags)
{
struct pdb_methods *pdb = pdb_get_methods();
struct pdb_search *result;
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index f559dae71d..f993ae96e0 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -488,8 +488,8 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
uint8 smblmpwd[LM_HASH_LEN],
smbntpwd[NT_HASH_LEN];
BOOL use_samba_attrs = True;
- uint16 acct_ctrl = 0,
- logon_divs;
+ uint32 acct_ctrl = 0;
+ uint16 logon_divs;
uint16 bad_password_count = 0,
logon_count = 0;
uint32 hours_len;
@@ -1236,7 +1236,7 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
Connect to LDAP server for password enumeration.
*********************************************************************/
-static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
{
struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
int rc;
@@ -3837,7 +3837,7 @@ const char **talloc_attrs(TALLOC_CTX *mem_ctx, ...)
struct ldap_search_state {
struct smbldap_state *connection;
- uint16 acct_flags;
+ uint32 acct_flags;
uint16 group_type;
const char *base;
@@ -4008,7 +4008,7 @@ static BOOL ldapuser2displayentry(struct ldap_search_state *state,
{
char **vals;
DOM_SID sid;
- uint16 acct_flags;
+ uint32 acct_flags;
vals = ldap_get_values(ld, entry, "sambaAcctFlags");
if ((vals == NULL) || (vals[0] == NULL)) {
@@ -4087,7 +4087,7 @@ static BOOL ldapuser2displayentry(struct ldap_search_state *state,
static BOOL ldapsam_search_users(struct pdb_methods *methods,
struct pdb_search *search,
- uint16 acct_flags)
+ uint32 acct_flags)
{
struct ldapsam_privates *ldap_state = methods->private_data;
struct ldap_search_state *state;
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index d4070b8d2f..b976595008 100644
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1223,7 +1223,7 @@ static BOOL build_sam_account(struct smbpasswd_privates *smbpasswd_state,
Functions to be implemented by the new passdb API
****************************************************************/
-static NTSTATUS smbpasswd_setsampwent (struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS smbpasswd_setsampwent (struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
{
struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index e905b026ec..e33cd46d54 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -38,7 +38,7 @@ static int tdbsam_debug_level = DBGC_ALL;
#endif
-#define TDBSAM_VERSION 2 /* Most recent TDBSAM version */
+#define TDBSAM_VERSION 3 /* Most recent TDBSAM version */
#define TDBSAM_VERSION_STRING "INFO/version"
#define PASSDB_FILE_NAME "passdb.tdb"
#define USERPREFIX "USER_"
@@ -64,6 +64,7 @@ static pstring tdbsam_filename;
#define TDB_FORMAT_STRING_V0 "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
#define TDB_FORMAT_STRING_V1 "dddddddBBBBBBBBBBBBddBBwdwdBwwd"
+#define TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
/*********************************************************************
*********************************************************************/
@@ -432,13 +433,243 @@ done:
return ret;
}
+BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
+{
+
+ /* times are stored as 32bit integer
+ take care on system with 64bit wide time_t
+ --SSS */
+ uint32 logon_time,
+ logoff_time,
+ kickoff_time,
+ bad_password_time,
+ pass_last_set_time,
+ pass_can_change_time,
+ pass_must_change_time;
+ char *username = NULL;
+ char *domain = NULL;
+ char *nt_username = NULL;
+ char *dir_drive = NULL;
+ char *unknown_str = NULL;
+ char *munged_dial = NULL;
+ char *fullname = NULL;
+ char *homedir = NULL;
+ char *logon_script = NULL;
+ char *profile_path = NULL;
+ char *acct_desc = NULL;
+ char *workstations = NULL;
+ uint32 username_len, domain_len, nt_username_len,
+ dir_drive_len, unknown_str_len, munged_dial_len,
+ fullname_len, homedir_len, logon_script_len,
+ profile_path_len, acct_desc_len, workstations_len;
+
+ uint32 user_rid, group_rid, hours_len, unknown_6;
+ uint16 acct_ctrl, logon_divs;
+ uint16 bad_password_count, logon_count;
+ uint8 *hours = NULL;
+ uint8 *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
+ uint32 len = 0;
+ uint32 lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
+ uint32 pwHistLen = 0;
+ BOOL ret = True;
+ fstring tmpstring;
+ BOOL expand_explicit = lp_passdb_expand_explicit();
+
+ if(sampass == NULL || buf == NULL) {
+ DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
+ return False;
+ }
+
+/* TDB_FORMAT_STRING_V2 "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+
+ /* unpack the buffer into variables */
+ len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
+ &logon_time, /* d */
+ &logoff_time, /* d */
+ &kickoff_time, /* d */
+ &bad_password_time, /* d */
+ &pass_last_set_time, /* d */
+ &pass_can_change_time, /* d */
+ &pass_must_change_time, /* d */
+ &username_len, &username, /* B */
+ &domain_len, &domain, /* B */
+ &nt_username_len, &nt_username, /* B */
+ &fullname_len, &fullname, /* B */
+ &homedir_len, &homedir, /* B */
+ &dir_drive_len, &dir_drive, /* B */
+ &logon_script_len, &logon_script, /* B */
+ &profile_path_len, &profile_path, /* B */
+ &acct_desc_len, &acct_desc, /* B */
+ &workstations_len, &workstations, /* B */
+ &unknown_str_len, &unknown_str, /* B */
+ &munged_dial_len, &munged_dial, /* B */
+ &user_rid, /* d */
+ &group_rid, /* d */
+ &lm_pw_len, &lm_pw_ptr, /* B */
+ &nt_pw_len, &nt_pw_ptr, /* B */
+ /* Change from V1 is addition of password history field. */
+ &nt_pw_hist_len, &nt_pw_hist_ptr, /* B */
+ &acct_ctrl, /* w */
+ /* Also "remove_me" field was removed. */
+ &logon_divs, /* w */
+ &hours_len, /* d */
+ &hourslen, &hours, /* B */
+ &bad_password_count, /* w */
+ &logon_count, /* w */
+ &unknown_6); /* d */
+
+ if (len == (uint32) -1) {
+ ret = False;
+ goto done;
+ }
+
+ pdb_set_logon_time(sampass, logon_time, PDB_SET);
+ pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
+ pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
+ pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
+ pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
+ pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
+ pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
+
+ pdb_set_username(sampass, username, PDB_SET);
+ pdb_set_domain(sampass, domain, PDB_SET);
+ pdb_set_nt_username(sampass, nt_username, PDB_SET);
+ pdb_set_fullname(sampass, fullname, PDB_SET);
+
+ if (homedir) {
+ fstrcpy( tmpstring, homedir );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
+ pdb_set_homedir(sampass, tmpstring, PDB_SET);
+ }
+ else {
+ pdb_set_homedir(sampass,
+ talloc_sub_basic(sampass, username, lp_logon_home()),
+ PDB_DEFAULT);
+ }
+
+ if (dir_drive)
+ pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
+ else
+ pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
+
+ if (logon_script) {
+ fstrcpy( tmpstring, logon_script );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
+ pdb_set_logon_script(sampass, tmpstring, PDB_SET);
+ }
+ else {
+ pdb_set_logon_script(sampass,
+ talloc_sub_basic(sampass, username, lp_logon_script()),
+ PDB_DEFAULT);
+ }
+
+ if (profile_path) {
+ fstrcpy( tmpstring, profile_path );
+ if (expand_explicit) {
+ standard_sub_basic( username, tmpstring,
+ sizeof(tmpstring) );
+ }
+ pdb_set_profile_path(sampass, tmpstring, PDB_SET);
+ }
+ else {
+ pdb_set_profile_path(sampass,
+ talloc_sub_basic(sampass, username, lp_logon_path()),
+ PDB_DEFAULT);
+ }
+
+ pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
+ pdb_set_workstations(sampass, workstations, PDB_SET);
+ pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
+
+ if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
+ if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
+ ret = False;
+ goto done;
+ }
+ }
+
+ if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
+ if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
+ ret = False;
+ goto done;
+ }
+ }
+
+ /* Change from V1 is addition of password history field. */
+ pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+ if (pwHistLen) {
+ uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
+ if (!pw_hist) {
+ ret = False;
+ goto done;
+ }
+ memset(pw_hist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN);
+ if (nt_pw_hist_ptr && nt_pw_hist_len) {
+ int i;
+ SMB_ASSERT((nt_pw_hist_len % PW_HISTORY_ENTRY_LEN) == 0);
+ nt_pw_hist_len /= PW_HISTORY_ENTRY_LEN;
+ for (i = 0; (i < pwHistLen) && (i < nt_pw_hist_len); i++) {
+ memcpy(&pw_hist[i*PW_HISTORY_ENTRY_LEN],
+ &nt_pw_hist_ptr[i*PW_HISTORY_ENTRY_LEN],
+ PW_HISTORY_ENTRY_LEN);
+ }
+ }
+ if (!pdb_set_pw_history(sampass, pw_hist, pwHistLen, PDB_SET)) {
+ SAFE_FREE(pw_hist);
+ ret = False;
+ goto done;
+ }
+ SAFE_FREE(pw_hist);
+ } else {
+ pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
+ }
+
+ pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
+ pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
+ pdb_set_hours_len(sampass, hours_len, PDB_SET);
+ pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
+ pdb_set_logon_count(sampass, logon_count, PDB_SET);
+ pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
+ pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
+ pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
+ pdb_set_hours(sampass, hours, PDB_SET);
+
+done:
+
+ SAFE_FREE(username);
+ SAFE_FREE(domain);
+ SAFE_FREE(nt_username);
+ SAFE_FREE(fullname);
+ SAFE_FREE(homedir);
+ SAFE_FREE(dir_drive);
+ SAFE_FREE(logon_script);
+ SAFE_FREE(profile_path);
+ SAFE_FREE(acct_desc);
+ SAFE_FREE(workstations);
+ SAFE_FREE(munged_dial);
+ SAFE_FREE(unknown_str);
+ SAFE_FREE(lm_pw_ptr);
+ SAFE_FREE(nt_pw_ptr);
+ SAFE_FREE(nt_pw_hist_ptr);
+ SAFE_FREE(hours);
+
+ return ret;
+}
+
+
/**********************************************************************
Intialize a struct samu struct from a BYTE buffer of size len
*********************************************************************/
static BOOL init_sam_from_buffer(struct samu *sampass, uint8 *buf, uint32 buflen)
{
- return init_sam_from_buffer_v2(sampass, buf, buflen);
+ return init_sam_from_buffer_v3(sampass, buf, buflen);
}
/**********************************************************************
@@ -447,7 +678,7 @@ static BOOL init_sam_from_buffer(struct samu *sampass, uint8 *buf, uint32 buflen
static uint32 init_buffer_from_sam (uint8 **buf, struct samu *sampass, BOOL size_only)
{
- return init_buffer_from_sam_v2(buf, sampass, size_only);
+ return init_buffer_from_sam_v3(buf, sampass, size_only);
}
/**********************************************************************
@@ -505,6 +736,9 @@ static BOOL tdbsam_convert(int32 from)
case 2:
ret = init_sam_from_buffer_v2(user, (uint8 *)data.dptr, data.dsize);
break;
+ case 3:
+ ret = init_sam_from_buffer_v3(user, (uint8 *)data.dptr, data.dsize);
+ break;
default:
/* unknown tdbsam version */
ret = False;
@@ -677,7 +911,7 @@ static int tdbsam_traverse_setpwent(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data,
Save a list of user keys for iteration.
****************************************************************/
-static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
{
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
diff --git a/source3/python/py_samr.c b/source3/python/py_samr.c
index fc9f2a83eb..a26cd8d132 100644
--- a/source3/python/py_samr.c
+++ b/source3/python/py_samr.c
@@ -467,7 +467,7 @@ static PyObject *samr_create_dom_user(PyObject *self, PyObject *args,
uint32 user_rid;
PyObject *result = NULL;
TALLOC_CTX *mem_ctx;
- uint16 acb_info = ACB_NORMAL;
+ uint32 acb_info = ACB_NORMAL;
POLICY_HND user_pol;
if (!PyArg_ParseTupleAndKeywords(
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index dd9a4ce67e..adb61a48bb 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -640,7 +640,7 @@ NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli,
**/
NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx, uint16 acb_mask,
+ POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
uint32 size, char ***dom_users, uint32 **rids,
uint32 *num_dom_users)
{
@@ -661,7 +661,7 @@ NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem
/* Fill query structure with parameters */
- init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, 0, size);
+ init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
q, r,
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 3734ce26a6..745cf24b0f 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1424,7 +1424,8 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
uint16 logon_count, uint16 bad_pw_count,
uint32 num_groups, const DOM_GID *gids,
- uint32 user_flgs, uchar user_session_key[16],
+ uint32 user_flgs, uint32 acct_flags,
+ uchar user_session_key[16],
uchar lm_session_key[16],
const char *logon_srv, const char *logon_dom,
const DOM_SID *dom_sid)
@@ -1466,6 +1467,7 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
usr->buffer_groups = 1; /* indicates fill in groups, below, even if there are none */
usr->user_flgs = user_flgs;
+ usr->acct_flags = acct_flags;
if (user_session_key != NULL)
memcpy(usr->user_sess_key, user_session_key, sizeof(usr->user_sess_key));
@@ -1475,7 +1477,6 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
usr->buffer_dom_id = dom_sid ? 1 : 0; /* yes, we're bothering to put a domain SID in */
memset((char *)usr->lm_sess_key, '\0', sizeof(usr->lm_sess_key));
- memset(&usr->acct_flags, '\0', sizeof(usr->acct_flags));
for (i=0; i<7; i++) {
memset(&usr->unknown[i], '\0', sizeof(usr->unknown));
@@ -1526,19 +1527,22 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
int lvl = 10;
DEBUG(lvl,("dump_acct_flags\n"));
if (acct_flags & ACB_NORMAL) {
- DEBUGADD(lvl,("\taccount has UF_NORMAL_ACCOUNT\n"));
+ DEBUGADD(lvl,("\taccount has ACB_NORMAL\n"));
}
if (acct_flags & ACB_PWNOEXP) {
- DEBUGADD(lvl,("\taccount has UF_DONT_EXPIRE_PASSWD\n"));
+ DEBUGADD(lvl,("\taccount has ACB_PWNOEXP\n"));
}
if (acct_flags & ACB_ENC_TXT_PWD_ALLOWED) {
- DEBUGADD(lvl,("\taccount has UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED\n"));
+ DEBUGADD(lvl,("\taccount has ACB_ENC_TXT_PWD_ALLOWED\n"));
}
if (acct_flags & ACB_NOT_DELEGATED) {
- DEBUGADD(lvl,("\taccount has UF_NOT_DELEGATED\n"));
+ DEBUGADD(lvl,("\taccount has ACB_NOT_DELEGATED\n"));
}
if (acct_flags & ACB_USE_DES_KEY_ONLY) {
- DEBUGADD(lvl,("\taccount has UF_USE_DES_KEY_ONLY set, sig verify wont work\n"));
+ DEBUGADD(lvl,("\taccount has ACB_USE_DES_KEY_ONLY set, sig verify wont work\n"));
+ }
+ if (acct_flags & ACB_NO_AUTH_DATA_REQD) {
+ DEBUGADD(lvl,("\taccount has ACB_NO_AUTH_DATA_REQD set\n"));
}
}
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index fc4d7a3ab3..49d0fb7d72 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -1004,7 +1004,7 @@ inits a SAM_ENTRY1 structure.
static void init_sam_entry1(SAM_ENTRY1 *sam, uint32 user_idx,
UNISTR2 *sam_name, UNISTR2 *sam_full,
UNISTR2 *sam_desc, uint32 rid_user,
- uint16 acb_info)
+ uint32 acb_info)
{
DEBUG(5, ("init_sam_entry1\n"));
@@ -1040,10 +1040,7 @@ static BOOL sam_io_sam_entry1(const char *desc, SAM_ENTRY1 * sam,
if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
return False;
- if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
- return False;
-
- if(!prs_align(ps))
+ if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
return False;
if (!smb_io_unihdr("hdr_acct_name", &sam->hdr_acct_name, ps, depth))
@@ -1085,7 +1082,7 @@ inits a SAM_ENTRY2 structure.
********************************************************************/
static void init_sam_entry2(SAM_ENTRY2 * sam, uint32 user_idx,
UNISTR2 *sam_name, UNISTR2 *sam_desc,
- uint32 rid_user, uint16 acb_info)
+ uint32 rid_user, uint32 acb_info)
{
DEBUG(5, ("init_sam_entry2\n"));
@@ -1118,10 +1115,7 @@ static BOOL sam_io_sam_entry2(const char *desc, SAM_ENTRY2 * sam,
if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
return False;
- if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
- return False;
-
- if(!prs_align(ps))
+ if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
return False;
if(!smb_io_unihdr("unihdr", &sam->hdr_srv_name, ps, depth)) /* account name unicode string header */
@@ -1322,7 +1316,7 @@ inits a SAMR_Q_ENUM_DOM_USERS structure.
void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
uint32 start_idx,
- uint16 acb_mask, uint16 unk_1, uint32 size)
+ uint32 acb_mask, uint32 size)
{
DEBUG(5, ("init_samr_q_enum_dom_users\n"));
@@ -1330,7 +1324,6 @@ void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
q_e->start_idx = start_idx; /* zero indicates lots */
q_e->acb_mask = acb_mask;
- q_e->unknown_1 = unk_1;
q_e->max_size = size;
}
@@ -1355,9 +1348,7 @@ BOOL samr_io_q_enum_dom_users(const char *desc, SAMR_Q_ENUM_DOM_USERS * q_e,
if(!prs_uint32("start_idx", ps, depth, &q_e->start_idx))
return False;
- if(!prs_uint16("acb_mask ", ps, depth, &q_e->acb_mask))
- return False;
- if(!prs_uint16("unknown_1", ps, depth, &q_e->unknown_1))
+ if(!prs_uint32("acb_mask ", ps, depth, &q_e->acb_mask))
return False;
if(!prs_uint32("max_size ", ps, depth, &q_e->max_size))
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index a71d97ada7..8dbd4ff33f 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -1016,12 +1016,12 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p,
pdb_get_pass_last_set_time(sampw),
pdb_get_pass_can_change_time(sampw),
pdb_get_pass_must_change_time(sampw),
-
0, /* logon_count */
0, /* bad_pw_count */
num_gids, /* uint32 num_groups */
gids , /* DOM_GID *gids */
- 0x20 , /* uint32 user_flgs (?) */
+ LOGON_EXTRA_SIDS, /* uint32 user_flgs (?) */
+ pdb_get_acct_ctrl(sampw),
server_info->user_session_key.length ? user_session_key : NULL,
server_info->lm_session_key.length ? lm_session_key : NULL,
my_name , /* char *logon_srv */
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 47e1a31535..fa5b080634 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -482,7 +482,7 @@ static void samr_clear_sam_passwd(struct samu *sam_pass)
pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
}
-static uint32 count_sam_users(struct disp_info *info, uint16 acct_flags)
+static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
{
struct samr_displayentry *entry;
@@ -3218,7 +3218,7 @@ static BOOL set_user_info_pw(uint8 *pass, struct samu *pwd)
{
uint32 len;
pstring plaintext_buf;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
DEBUG(5, ("Attempting administrator password change for user %s\n",
pdb_get_username(pwd)));
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 13da71a7fd..82194c84c7 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -100,7 +100,7 @@ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
printf("\tuser_rid :\t0x%x\n" , usr->user_rid ); /* User ID */
printf("\tgroup_rid:\t0x%x\n" , usr->group_rid); /* Group ID */
- printf("\tacb_info :\t0x%04x\n", usr->acb_info ); /* Account Control Info */
+ printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
@@ -776,7 +776,7 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
char **dom_users;
uint32 *dom_rids;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
- uint16 acb_mask = ACB_NORMAL;
+ uint32 acb_mask = ACB_NORMAL;
BOOL got_connect_pol = False, got_domain_pol = False;
if ((argc < 1) || (argc > 3)) {
@@ -788,7 +788,7 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
sscanf(argv[1], "%x", &access_mask);
if (argc > 2)
- sscanf(argv[2], "%hx", &acb_mask);
+ sscanf(argv[2], "%x", &acb_mask);
/* Get sam policy handle */
@@ -1367,7 +1367,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
- uint16 acb_info;
+ uint32 acb_info;
uint32 unknown, user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 8df824a323..224ae3d763 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -575,7 +575,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
uchar unenc_new_pw[16];
uchar unenc_old_pw[16];
struct samu *sampass = NULL;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
const uint8 *lanman_pw;
BOOL ret;
@@ -641,7 +641,7 @@ BOOL change_lanman_password(struct samu *sampass, uchar *pass2)
static uchar null_pw[16];
uchar unenc_new_pw[16];
BOOL ret;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
const uint8 *pwd;
if (sampass == NULL) {
@@ -755,7 +755,7 @@ static NTSTATUS check_oem_password(const char *user,
uint8 *password_encrypted;
const uint8 *encryption_key;
const uint8 *lanman_pw, *nt_pw;
- uint16 acct_ctrl;
+ uint32 acct_ctrl;
uint32 new_pw_len;
uchar new_nt_hash[16];
uchar new_lm_hash[16];
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 85b09f9e07..0cedbd78ab 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -566,7 +566,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
- uint16 acb_info;
+ uint32 acb_info;
uint32 unknown, user_rid;
if (argc != 1) {
@@ -5230,7 +5230,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
- uint16 acb_info;
+ uint32 acb_info;
uint32 unknown, user_rid;
if (argc != 2) {