diff options
| author | Jeremy Allison <jra@samba.org> | 2008-08-29 09:29:21 -0700 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2008-08-29 09:29:21 -0700 |
| commit | 8f525afbd2f2a849086c60ee890218a070cecd34 (patch) | |
| tree | b4398adfa7e57dacf7f7d9b29b4a14f6596d6fe0 /source3/lib | |
| parent | b12c7dbb53023d1ea9e7df20137c0ad6ba21b9f0 (diff) | |
| parent | d2dc2e34be6f13956a91678bcb8dd098fb0e5c8b (diff) | |
| download | samba-8f525afbd2f2a849086c60ee890218a070cecd34.tar.gz samba-8f525afbd2f2a849086c60ee890218a070cecd34.tar.bz2 samba-8f525afbd2f2a849086c60ee890218a070cecd34.zip | |
Merge branch 'v3-devel' of ssh://jra@git.samba.org/data/git/samba into v3-devel
(This used to be commit 882297edc024c146f24fc9f847d2b0b813f93fc7)
Diffstat (limited to 'source3/lib')
| -rw-r--r-- | source3/lib/netapi/examples/Makefile.in | 14 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c | 43 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/netdomjoin/netdomjoin.c | 4 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/share/share_add.c | 110 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/user/user_getgroups.c | 133 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/user/user_getinfo.c | 149 | ||||
| -rw-r--r-- | source3/lib/netapi/examples/user/user_setinfo.c | 122 | ||||
| -rw-r--r-- | source3/lib/netapi/joindomain.c | 2 | ||||
| -rw-r--r-- | source3/lib/netapi/libnetapi.c | 98 | ||||
| -rw-r--r-- | source3/lib/netapi/libnetapi.h | 19 | ||||
| -rw-r--r-- | source3/lib/netapi/netapi.h | 194 | ||||
| -rw-r--r-- | source3/lib/netapi/share.c | 133 | ||||
| -rw-r--r-- | source3/lib/netapi/user.c | 919 |
13 files changed, 1792 insertions, 148 deletions
diff --git a/source3/lib/netapi/examples/Makefile.in b/source3/lib/netapi/examples/Makefile.in index 0b7553c389..d48457a694 100644 --- a/source3/lib/netapi/examples/Makefile.in +++ b/source3/lib/netapi/examples/Makefile.in @@ -31,6 +31,7 @@ PROGS = bin/getdc@EXEEXT@ \ bin/user_setinfo@EXEEXT@ \ bin/user_modalsget@EXEEXT@ \ bin/user_modalsset@EXEEXT@ \ + bin/user_getgroups@EXEEXT@ \ bin/group_add@EXEEXT@ \ bin/group_del@EXEEXT@ \ bin/group_enum@EXEEXT@ \ @@ -48,7 +49,8 @@ PROGS = bin/getdc@EXEEXT@ \ bin/localgroup_delmembers@EXEEXT@ \ bin/localgroup_setmembers@EXEEXT@ \ bin/localgroup_getmembers@EXEEXT@ \ - bin/remote_tod@EXEEXT@ + bin/remote_tod@EXEEXT@ \ + bin/share_add@EXEEXT@ all: $(PROGS) @@ -91,6 +93,7 @@ USERGETINFO_OBJ = user/user_getinfo.o $(CMDLINE_OBJ) USERSETINFO_OBJ = user/user_setinfo.o $(CMDLINE_OBJ) USERMODALSGET_OBJ = user/user_modalsget.o $(CMDLINE_OBJ) USERMODALSSET_OBJ = user/user_modalsset.o $(CMDLINE_OBJ) +USERGETGROUPS_OBJ = user/user_getgroups.o $(CMDLINE_OBJ) GROUPADD_OBJ = group/group_add.o $(CMDLINE_OBJ) GROUPDEL_OBJ = group/group_del.o $(CMDLINE_OBJ) GROUPENUM_OBJ = group/group_enum.o $(CMDLINE_OBJ) @@ -109,6 +112,7 @@ LOCALGROUPDELMEMBERS_OBJ = localgroup/localgroup_delmembers.o $(CMDLINE_OBJ) LOCALGROUPSETMEMBERS_OBJ = localgroup/localgroup_setmembers.o $(CMDLINE_OBJ) LOCALGROUPGETMEMBERS_OBJ = localgroup/localgroup_getmembers.o $(CMDLINE_OBJ) REMOTETOD_OBJ = server/remote_tod.o $(CMDLINE_OBJ) +SHAREADD_OBJ = share/share_add.o $(CMDLINE_OBJ) bin/getdc@EXEEXT@: $(BINARY_PREREQS) $(GETDC_OBJ) @echo Linking $@ @@ -166,6 +170,10 @@ bin/user_modalsset@EXEEXT@: $(BINARY_PREREQS) $(USERMODALSSET_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(USERMODALSSET_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) +bin/user_getgroups@EXEEXT@: $(BINARY_PREREQS) $(USERGETGROUPS_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(USERGETGROUPS_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + bin/group_add@EXEEXT@: $(BINARY_PREREQS) $(GROUPADD_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(GROUPADD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) @@ -238,6 +246,10 @@ bin/remote_tod@EXEEXT@: $(BINARY_PREREQS) $(REMOTETOD_OBJ) @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(REMOTETOD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) +bin/share_add@EXEEXT@: $(BINARY_PREREQS) $(SHAREADD_OBJ) + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(SHAREADD_OBJ) $(LDFLAGS) $(DYNEXP) $(CMDLINE_LIBS) + clean: -rm -f $(PROGS) -rm -f core */*~ *~ \ diff --git a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c index 418b9c8b8e..4e0488ed59 100644 --- a/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c +++ b/source3/lib/netapi/examples/netdomjoin-gui/netdomjoin-gui.c @@ -38,11 +38,6 @@ #define SAMBA_IMAGE_PATH "/usr/share/pixmaps/samba/logo.png" #define SAMBA_IMAGE_PATH_SMALL "/usr/share/pixmaps/samba/logo-small.png" -#define WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED ( 0x00000020 ) -#define WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE ( 0x00000004 ) -#define WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE ( 0x00000002 ) -#define WKSSVC_JOIN_FLAGS_JOIN_TYPE ( 0x00000001 ) - #define NetSetupWorkgroupName ( 2 ) #define NetSetupDomainName ( 3 ) @@ -631,9 +626,9 @@ static void callback_do_join(GtkWidget *widget, if (state->name_type_new == NetSetupDomainName) { domain_join = TRUE; join_creds_required = TRUE; - join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | - WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE | - WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED; /* for testing */ + join_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_CREATE | + NETSETUP_DOMAIN_JOIN_IF_JOINED; /* for testing */ } if ((state->name_type_initial == NetSetupDomainName) && @@ -641,8 +636,8 @@ static void callback_do_join(GtkWidget *widget, try_unjoin = TRUE; unjoin_creds_required = TRUE; join_creds_required = FALSE; - unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | - WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE; + unjoin_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_DELETE; } if (try_unjoin) { @@ -823,9 +818,13 @@ static void callback_enter_hostname_and_unlock(GtkWidget *widget, } state->hostname_changed = TRUE; if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain); + if (asprintf(&str, "%s.%s", entry_text, state->my_dnsdomain) == -1) { + return; + } } else { - asprintf(&str, "%s.", entry_text); + if (asprintf(&str, "%s.", entry_text) == -1) { + return; + } } gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str); free(str); @@ -1132,10 +1131,14 @@ static void callback_do_change(GtkWidget *widget, char *str = NULL; entry_text = gtk_entry_get_text(GTK_ENTRY(entry)); if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", entry_text, - state->my_dnsdomain); + if (asprintf(&str, "%s.%s", entry_text, + state->my_dnsdomain) == -1) { + return; + } } else { - asprintf(&str, "%s.", entry_text); + if (asprintf(&str, "%s.", entry_text) == -1) { + return; + } } gtk_label_set_text(GTK_LABEL(state->label_full_computer_name), str); @@ -1436,10 +1439,14 @@ static int draw_main_window(struct join_state *state) /* Label */ char *str = NULL; if (state->name_type_initial == NetSetupDomainName) { - asprintf(&str, "%s.%s", state->my_hostname, - state->my_dnsdomain); + if (asprintf(&str, "%s.%s", state->my_hostname, + state->my_dnsdomain) == -1) { + return -1; + } } else { - asprintf(&str, "%s.", state->my_hostname); + if (asprintf(&str, "%s.", state->my_hostname) == -1) { + return -1; + } } label = gtk_label_new(str); diff --git a/source3/lib/netapi/examples/netdomjoin/netdomjoin.c b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c index bd7c36382a..08ce71b938 100644 --- a/source3/lib/netapi/examples/netdomjoin/netdomjoin.c +++ b/source3/lib/netapi/examples/netdomjoin/netdomjoin.c @@ -39,7 +39,9 @@ int main(int argc, const char **argv) const char *account_ou = NULL; const char *account = NULL; const char *password = NULL; - uint32_t join_flags = 0x00000023; + uint32_t join_flags = NETSETUP_JOIN_DOMAIN | + NETSETUP_ACCT_CREATE | + NETSETUP_DOMAIN_JOIN_IF_JOINED; struct libnetapi_ctx *ctx = NULL; poptContext pc; diff --git a/source3/lib/netapi/examples/share/share_add.c b/source3/lib/netapi/examples/share/share_add.c new file mode 100644 index 0000000000..3d7948840d --- /dev/null +++ b/source3/lib/netapi/examples/share/share_add.c @@ -0,0 +1,110 @@ +/* + * Unix SMB/CIFS implementation. + * NetShareAdd query + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <sys/types.h> +#include <inttypes.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <netapi.h> + +#include "common.h" + +int main(int argc, const char **argv) +{ + NET_API_STATUS status; + struct libnetapi_ctx *ctx = NULL; + const char *hostname = NULL; + const char *sharename = NULL; + const char *path = NULL; + uint32_t level = 0; + uint32_t parm_err = 0; + + struct SHARE_INFO_2 i2; + + poptContext pc; + int opt; + + struct poptOption long_options[] = { + POPT_AUTOHELP + POPT_COMMON_LIBNETAPI_EXAMPLES + POPT_TABLEEND + }; + + status = libnetapi_init(&ctx); + if (status != 0) { + return status; + } + + pc = poptGetContext("share_add", argc, argv, long_options, 0); + + poptSetOtherOptionHelp(pc, "hostname sharename path"); + while((opt = poptGetNextOpt(pc)) != -1) { + } + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + hostname = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + sharename = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + path = poptGetArg(pc); + + if (poptPeekArg(pc)) { + level = atoi(poptGetArg(pc)); + } + + /* NetShareAdd */ + + i2.shi2_netname = sharename; + i2.shi2_type = 0; + i2.shi2_remark = "Test share created via NetApi"; + i2.shi2_permissions = 0; + i2.shi2_max_uses = (uint32_t)-1; + i2.shi2_current_uses = 0; + i2.shi2_path = path; + i2.shi2_passwd = NULL; + + status = NetShareAdd(hostname, + 2, + (uint8_t *)&i2, + &parm_err); + if (status != 0) { + printf("NetShareAdd failed with: %s\n", + libnetapi_get_error_string(ctx, status)); + goto out; + } + + out: + libnetapi_free(ctx); + poptFreeContext(pc); + + return status; +} diff --git a/source3/lib/netapi/examples/user/user_getgroups.c b/source3/lib/netapi/examples/user/user_getgroups.c new file mode 100644 index 0000000000..939415e0eb --- /dev/null +++ b/source3/lib/netapi/examples/user/user_getgroups.c @@ -0,0 +1,133 @@ +/* + * Unix SMB/CIFS implementation. + * NetUserGetGroups query + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include <sys/types.h> +#include <inttypes.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <netapi.h> + +#include "common.h" + +int main(int argc, const char **argv) +{ + NET_API_STATUS status; + struct libnetapi_ctx *ctx = NULL; + const char *hostname = NULL; + const char *username = NULL; + uint32_t level = 0; + uint8_t *buffer = NULL; + uint32_t entries_read = 0; + uint32_t total_entries = 0; + int i; + + struct GROUP_USERS_INFO_0 *info0 = NULL; + struct GROUP_USERS_INFO_1 *info1 = NULL; + + poptContext pc; + int opt; + + struct poptOption long_options[] = { + POPT_AUTOHELP + POPT_COMMON_LIBNETAPI_EXAMPLES + POPT_TABLEEND + }; + + status = libnetapi_init(&ctx); + if (status != 0) { + return status; + } + + pc = poptGetContext("user_getgroups", argc, argv, long_options, 0); + + poptSetOtherOptionHelp(pc, "hostname username level"); + while((opt = poptGetNextOpt(pc)) != -1) { + } + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + hostname = poptGetArg(pc); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + username = poptGetArg(pc); + + if (poptPeekArg(pc)) { + level = atoi(poptGetArg(pc)); + } + + /* NetUserGetGroups */ + + do { + status = NetUserGetGroups(hostname, + username, + level, + &buffer, + (uint32_t)-1, + &entries_read, + &total_entries); + if (status == 0 || status == ERROR_MORE_DATA) { + + switch (level) { + case 0: + info0 = (struct GROUP_USERS_INFO_0 *)buffer; + break; + case 1: + info1 = (struct GROUP_USERS_INFO_1 *)buffer; + break; + default: + break; + } + + for (i=0; i<entries_read; i++) { + switch (level) { + case 0: + printf("#%d group: %s\n", i, info0->grui0_name); + info0++; + break; + case 1: + printf("#%d group: %s\n", i, info1->grui1_name); + printf("#%d attributes: %d\n", i, info1->grui1_attributes); + info1++; + break; + default: + break; + } + } + NetApiBufferFree(buffer); + } + } while (status == ERROR_MORE_DATA); + + if (status != 0) { + printf("NetUserGetGroups failed with: %s\n", + libnetapi_get_error_string(ctx, status)); + } + + out: + libnetapi_free(ctx); + poptFreeContext(pc); + + return status; +} diff --git a/source3/lib/netapi/examples/user/user_getinfo.c b/source3/lib/netapi/examples/user/user_getinfo.c index 19234d0532..9e95260b5a 100644 --- a/source3/lib/netapi/examples/user/user_getinfo.c +++ b/source3/lib/netapi/examples/user/user_getinfo.c @@ -36,10 +36,15 @@ int main(int argc, const char **argv) uint8_t *buffer = NULL; uint32_t level = 0; char *sid_str = NULL; + int i; struct USER_INFO_0 *u0; struct USER_INFO_1 *u1; + struct USER_INFO_2 *u2; + struct USER_INFO_3 *u3; + struct USER_INFO_4 *u4; struct USER_INFO_10 *u10; + struct USER_INFO_11 *u11; struct USER_INFO_20 *u20; struct USER_INFO_23 *u23; @@ -107,6 +112,121 @@ int main(int argc, const char **argv) printf("flags: 0x%08x\n", u1->usri1_flags); printf("script: %s\n", u1->usri1_script_path); break; + case 2: + u2 = (struct USER_INFO_2 *)buffer; + printf("name: %s\n", u2->usri2_name); + printf("password: %s\n", u2->usri2_password); + printf("password_age: %d\n", u2->usri2_password_age); + printf("priv: %d\n", u2->usri2_priv); + printf("homedir: %s\n", u2->usri2_home_dir); + printf("comment: %s\n", u2->usri2_comment); + printf("flags: 0x%08x\n", u2->usri2_flags); + printf("script: %s\n", u2->usri2_script_path); + printf("auth flags: 0x%08x\n", u2->usri2_auth_flags); + printf("full name: %s\n", u2->usri2_full_name); + printf("user comment: %s\n", u2->usri2_usr_comment); + printf("user parameters: %s\n", u2->usri2_parms); + printf("workstations: %s\n", u2->usri2_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u2->usri2_acct_expires); + printf("max storage: %d\n", u2->usri2_max_storage); + printf("units per week: %d\n", u2->usri2_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u2->usri2_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u2->usri2_bad_pw_count); + printf("logon count: %d\n", u2->usri2_num_logons); + printf("logon server: %s\n", u2->usri2_logon_server); + printf("country code: %d\n", u2->usri2_country_code); + printf("code page: %d\n", u2->usri2_code_page); + break; + case 3: + u3 = (struct USER_INFO_3 *)buffer; + printf("name: %s\n", u3->usri3_name); + printf("password_age: %d\n", u3->usri3_password_age); + printf("priv: %d\n", u3->usri3_priv); + printf("homedir: %s\n", u3->usri3_home_dir); + printf("comment: %s\n", u3->usri3_comment); + printf("flags: 0x%08x\n", u3->usri3_flags); + printf("script: %s\n", u3->usri3_script_path); + printf("auth flags: 0x%08x\n", u3->usri3_auth_flags); + printf("full name: %s\n", u3->usri3_full_name); + printf("user comment: %s\n", u3->usri3_usr_comment); + printf("user parameters: %s\n", u3->usri3_parms); + printf("workstations: %s\n", u3->usri3_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u3->usri3_acct_expires); + printf("max storage: %d\n", u3->usri3_max_storage); + printf("units per week: %d\n", u3->usri3_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u3->usri3_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u3->usri3_bad_pw_count); + printf("logon count: %d\n", u3->usri3_num_logons); + printf("logon server: %s\n", u3->usri3_logon_server); + printf("country code: %d\n", u3->usri3_country_code); + printf("code page: %d\n", u3->usri3_code_page); + printf("user id: %d\n", u3->usri3_user_id); + printf("primary group id: %d\n", u3->usri3_primary_group_id); + printf("profile: %s\n", u3->usri3_profile); + printf("home dir drive: %s\n", u3->usri3_home_dir_drive); + printf("password expired: %d\n", u3->usri3_password_expired); + break; + case 4: + u4 = (struct USER_INFO_4 *)buffer; + printf("name: %s\n", u4->usri4_name); + printf("password: %s\n", u4->usri4_password); + printf("password_age: %d\n", u4->usri4_password_age); + printf("priv: %d\n", u4->usri4_priv); + printf("homedir: %s\n", u4->usri4_home_dir); + printf("comment: %s\n", u4->usri4_comment); + printf("flags: 0x%08x\n", u4->usri4_flags); + printf("script: %s\n", u4->usri4_script_path); + printf("auth flags: 0x%08x\n", u4->usri4_auth_flags); + printf("full name: %s\n", u4->usri4_full_name); + printf("user comment: %s\n", u4->usri4_usr_comment); + printf("user parameters: %s\n", u4->usri4_parms); + printf("workstations: %s\n", u4->usri4_workstations); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_last_logoff); + printf("account expires (seconds since jan. 1, 1970 GMT): %d\n", + u4->usri4_acct_expires); + printf("max storage: %d\n", u4->usri4_max_storage); + printf("units per week: %d\n", u4->usri4_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u4->usri4_logon_hours[i]); + } + printf("\n"); + printf("bad password count: %d\n", u4->usri4_bad_pw_count); + printf("logon count: %d\n", u4->usri4_num_logons); + printf("logon server: %s\n", u4->usri4_logon_server); + printf("country code: %d\n", u4->usri4_country_code); + printf("code page: %d\n", u4->usri4_code_page); + if (ConvertSidToStringSid(u4->usri4_user_sid, + &sid_str)) { + printf("user_sid: %s\n", sid_str); + free(sid_str); + } + printf("primary group id: %d\n", u4->usri4_primary_group_id); + printf("profile: %s\n", u4->usri4_profile); + printf("home dir drive: %s\n", u4->usri4_home_dir_drive); + printf("password expired: %d\n", u4->usri4_password_expired); + break; case 10: u10 = (struct USER_INFO_10 *)buffer; printf("name: %s\n", u10->usri10_name); @@ -114,6 +234,35 @@ int main(int argc, const char **argv) printf("usr_comment: %s\n", u10->usri10_usr_comment); printf("full_name: %s\n", u10->usri10_full_name); break; + case 11: + u11 = (struct USER_INFO_11 *)buffer; + printf("name: %s\n", u11->usri11_name); + printf("comment: %s\n", u11->usri11_comment); + printf("user comment: %s\n", u11->usri11_usr_comment); + printf("full name: %s\n", u11->usri11_full_name); + printf("priv: %d\n", u11->usri11_priv); + printf("auth flags: 0x%08x\n", u11->usri11_auth_flags); + printf("password_age: %d\n", u11->usri11_password_age); + printf("homedir: %s\n", u11->usri11_home_dir); + printf("user parameters: %s\n", u11->usri11_parms); + printf("last logon (seconds since jan. 1, 1970 GMT): %d\n", + u11->usri11_last_logon); + printf("last logoff (seconds since jan. 1, 1970 GMT): %d\n", + u11->usri11_last_logoff); + printf("bad password count: %d\n", u11->usri11_bad_pw_count); + printf("logon count: %d\n", u11->usri11_num_logons); + printf("logon server: %s\n", u11->usri11_logon_server); + printf("country code: %d\n", u11->usri11_country_code); + printf("workstations: %s\n", u11->usri11_workstations); + printf("max storage: %d\n", u11->usri11_max_storage); + printf("units per week: %d\n", u11->usri11_units_per_week); + printf("logon hours:"); + for (i=0; i<21; i++) { + printf(" %x", (uint8_t)u11->usri11_logon_hours[i]); + } + printf("\n"); + printf("code page: %d\n", u11->usri11_code_page); + break; case 20: u20 = (struct USER_INFO_20 *)buffer; printf("name: %s\n", u20->usri20_name); diff --git a/source3/lib/netapi/examples/user/user_setinfo.c b/source3/lib/netapi/examples/user/user_setinfo.c index ec464232e9..4f02ae7781 100644 --- a/source3/lib/netapi/examples/user/user_setinfo.c +++ b/source3/lib/netapi/examples/user/user_setinfo.c @@ -33,10 +33,34 @@ int main(int argc, const char **argv) struct libnetapi_ctx *ctx = NULL; const char *hostname = NULL; const char *username = NULL; - uint32_t level = 1007; + uint32_t level = 0; uint32_t parm_err = 0; - + uint8_t *buffer = NULL; + const char *val = NULL; + + struct USER_INFO_0 u0; + struct USER_INFO_1 u1; + struct USER_INFO_2 u2; + struct USER_INFO_3 u3; + struct USER_INFO_4 u4; + struct USER_INFO_21 u21; + struct USER_INFO_22 u22; + struct USER_INFO_1003 u1003; + struct USER_INFO_1005 u1005; + struct USER_INFO_1006 u1006; struct USER_INFO_1007 u1007; + struct USER_INFO_1008 u1008; + struct USER_INFO_1009 u1009; + struct USER_INFO_1010 u1010; + struct USER_INFO_1011 u1011; + struct USER_INFO_1012 u1012; + struct USER_INFO_1014 u1014; + struct USER_INFO_1017 u1017; + struct USER_INFO_1020 u1020; + struct USER_INFO_1024 u1024; + struct USER_INFO_1051 u1051; + struct USER_INFO_1052 u1052; + struct USER_INFO_1053 u1053; poptContext pc; int opt; @@ -70,18 +94,104 @@ int main(int argc, const char **argv) } username = poptGetArg(pc); - if (poptPeekArg(pc)) { - level = atoi(poptGetArg(pc)); + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; + } + level = atoi(poptGetArg(pc)); + + if (!poptPeekArg(pc)) { + poptPrintHelp(pc, stderr, 0); + goto out; } + val = poptGetArg(pc); /* NetUserSetInfo */ - u1007.usri1007_comment = "NetApi test comment"; + switch (level) { + case 0: + u0.usri0_name = val; + buffer = (uint8_t *)&u0; + break; + case 1: + case 2: + case 3: + case 4: + break; + case 21: + break; + case 22: + break; + case 1003: + u1003.usri1003_password = val; + buffer = (uint8_t *)&u1003; + break; + case 1005: + u1005.usri1005_priv = atoi(val); + buffer = (uint8_t *)&u1005; + break; + case 1006: + u1006.usri1006_home_dir = val; + buffer = (uint8_t *)&u1006; + break; + case 1007: + u1007.usri1007_comment = val; + buffer = (uint8_t *)&u1007; + break; + case 1008: + u1008.usri1008_flags = atoi(val); + buffer = (uint8_t *)&u1008; + break; + case 1009: + u1009.usri1009_script_path = val; + buffer = (uint8_t *)&u1009; + break; + case 1010: + u1010.usri1010_auth_flags = atoi(val); + buffer = (uint8_t *)&u1010; + break; + case 1011: + u1011.usri1011_full_name = val; + buffer = (uint8_t *)&u1011; + break; + case 1012: + u1012.usri1012_usr_comment = val; + buffer = (uint8_t *)&u1012; + break; + case 1014: + u1014.usri1014_workstations = val; + buffer = (uint8_t *)&u1014; + break; + case 1017: + u1017.usri1017_acct_expires = atoi(val); + buffer = (uint8_t *)&u1017; + break; + case 1020: + break; + case 1024: + u1024.usri1024_country_code = atoi(val); + buffer = (uint8_t *)&u1024; + break; + case 1051: + u1051.usri1051_primary_group_id = atoi(val); + buffer = (uint8_t *)&u1051; + break; + case 1052: + u1052.usri1052_profile = val; + buffer = (uint8_t *)&u1052; + break; + case 1053: + u1053.usri1053_home_dir_drive = val; + buffer = (uint8_t *)&u1053; + break; + default: + break; + } status = NetUserSetInfo(hostname, username, level, - (uint8_t *)&u1007, + buffer, &parm_err); if (status != 0) { printf("NetUserSetInfo failed with: %s\n", diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c index 2a6fc80ca3..17ea3923fe 100644 --- a/source3/lib/netapi/joindomain.c +++ b/source3/lib/netapi/joindomain.c @@ -364,7 +364,7 @@ WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx, dc = strip_hostname(info->dc_unc); - ads = ads_init(r->in.domain, r->in.domain, dc); + ads = ads_init(info->domain_name, info->domain_name, dc); if (!ads) { return WERR_GENERAL_FAILURE; } diff --git a/source3/lib/netapi/libnetapi.c b/source3/lib/netapi/libnetapi.c index 5fe48077a8..b4f2bb6ac2 100644 --- a/source3/lib/netapi/libnetapi.c +++ b/source3/lib/netapi/libnetapi.c @@ -726,6 +726,58 @@ NET_API_STATUS NetUserSetInfo(const char * server_name /* [in] */, } /**************************************************************** + NetUserGetGroups +****************************************************************/ + +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */) +{ + struct NetUserGetGroups r; + struct libnetapi_ctx *ctx = NULL; + NET_API_STATUS status; + WERROR werr; + + status = libnetapi_getctx(&ctx); + if (status != 0) { + return status; + } + + /* In parameters */ + r.in.server_name = server_name; + r.in.user_name = user_name; + r.in.level = level; + r.in.prefmaxlen = prefmaxlen; + + /* Out parameters */ + r.out.buffer = buffer; + r.out.entries_read = entries_read; + r.out.total_entries = total_entries; + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(NetUserGetGroups, &r); + } + + if (LIBNETAPI_LOCAL_SERVER(server_name)) { + werr = NetUserGetGroups_l(ctx, &r); + } else { + werr = NetUserGetGroups_r(ctx, &r); + } + + r.out.result = W_ERROR_V(werr); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(NetUserGetGroups, &r); + } + + return r.out.result; +} + +/**************************************************************** NetUserModalsGet ****************************************************************/ @@ -1721,3 +1773,49 @@ NET_API_STATUS NetRemoteTOD(const char * server_name /* [in] */, return r.out.result; } +/**************************************************************** + NetShareAdd +****************************************************************/ + +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */) +{ + struct NetShareAdd r; + struct libnetapi_ctx *ctx = NULL; + NET_API_STATUS status; + WERROR werr; + + status = libnetapi_getctx(&ctx); + if (status != 0) { + return status; + } + + /* In parameters */ + r.in.server_name = server_name; + r.in.level = level; + r.in.buffer = buffer; + + /* Out parameters */ + r.out.parm_err = parm_err; + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(NetShareAdd, &r); + } + + if (LIBNETAPI_LOCAL_SERVER(server_name)) { + werr = NetShareAdd_l(ctx, &r); + } else { + werr = NetShareAdd_r(ctx, &r); + } + + r.out.result = W_ERROR_V(werr); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(NetShareAdd, &r); + } + + return r.out.result; +} + diff --git a/source3/lib/netapi/libnetapi.h b/source3/lib/netapi/libnetapi.h index b0ff8e5baf..9a75b396fe 100644 --- a/source3/lib/netapi/libnetapi.h +++ b/source3/lib/netapi/libnetapi.h @@ -125,6 +125,17 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r); WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r); +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */); +WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r); +WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r); NET_API_STATUS NetUserModalsGet(const char * server_name /* [in] */, uint32_t level /* [in] */, uint8_t **buffer /* [out] [ref] */); @@ -306,4 +317,12 @@ WERROR NetRemoteTOD_r(struct libnetapi_ctx *ctx, struct NetRemoteTOD *r); WERROR NetRemoteTOD_l(struct libnetapi_ctx *ctx, struct NetRemoteTOD *r); +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */); +WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, + struct NetShareAdd *r); +WERROR NetShareAdd_l(struct libnetapi_ctx *ctx, + struct NetShareAdd *r); #endif /* __LIBNETAPI_LIBNETAPI__ */ diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h index f7bf1880cc..05c702cb3f 100644 --- a/source3/lib/netapi/netapi.h +++ b/source3/lib/netapi/netapi.h @@ -33,6 +33,8 @@ typedef enum { #define ERROR_MORE_DATA ( 234L ) +#define ENCRYPTED_PWLEN ( 16 ) + /**************************************************************** ****************************************************************/ @@ -73,6 +75,20 @@ struct DOMAIN_CONTROLLER_INFO { const char * client_site_name; }; +/* bitmap NetJoinFlags */ +#define NETSETUP_JOIN_DOMAIN ( 0x00000001 ) +#define NETSETUP_ACCT_CREATE ( 0x00000002 ) +#define NETSETUP_ACCT_DELETE ( 0x00000004 ) +#define NETSETUP_WIN9X_UPGRADE ( 0x00000010 ) +#define NETSETUP_DOMAIN_JOIN_IF_JOINED ( 0x00000020 ) +#define NETSETUP_JOIN_UNSECURE ( 0x00000040 ) +#define NETSETUP_MACHINE_PWD_PASSED ( 0x00000080 ) +#define NETSETUP_DEFER_SPN_SET ( 0x00000100 ) +#define NETSETUP_JOIN_DC_ACCOUNT ( 0x00000200 ) +#define NETSETUP_JOIN_WITH_NEW_NAME ( 0x00000400 ) +#define NETSETUP_INSTALL_INVOCATION ( 0x00040000 ) +#define NETSETUP_IGNORE_UNSUPPORTED_FLAGS ( 0x10000000 ) + #define FILTER_TEMP_DUPLICATE_ACCOUNT ( 0x0001 ) #define FILTER_NORMAL_ACCOUNT ( 0x0002 ) #define FILTER_INTERDOMAIN_TRUST_ACCOUNT ( 0x0008 ) @@ -89,6 +105,10 @@ struct USER_INFO_0 { const char * usri0_name; }; +#define USER_PRIV_GUEST ( 0 ) +#define USER_PRIV_USER ( 1 ) +#define USER_PRIV_ADMIN ( 2 ) + struct USER_INFO_1 { const char * usri1_name; const char * usri1_password; @@ -100,6 +120,11 @@ struct USER_INFO_1 { const char * usri1_script_path; }; +#define AF_OP_PRINT ( 0x1 ) +#define AF_OP_COMM ( 0x2 ) +#define AF_OP_SERVER ( 0x4 ) +#define AF_OP_ACCOUNTS ( 0x8 ) + struct USER_INFO_2 { const char * usri2_name; const char * usri2_password; @@ -183,7 +208,7 @@ struct USER_INFO_4 { const char * usri4_logon_server; uint32_t usri4_country_code; uint32_t usri4_code_page; - struct dom_sid *usri4_user_sid;/* [unique] */ + struct domsid *usri4_user_sid;/* [unique] */ uint32_t usri4_primary_group_id; const char * usri4_profile; const char * usri4_home_dir_drive; @@ -228,6 +253,37 @@ struct USER_INFO_20 { uint32_t usri20_user_id; }; +struct USER_INFO_21 { + uint8_t *usri21_password; +}; + +struct USER_INFO_22 { + const char * usri22_name; + uint8_t *usri22_password; + uint32_t usri22_password_age; + uint32_t usri22_priv; + const char * usri22_home_dir; + const char * usri22_comment; + uint32_t usri22_flags; + uint32_t usri22_script_path; + uint32_t usri22_auth_flags; + const char * usri22_full_name; + const char * usri22_usr_comment; + const char * usri22_parms; + const char * usri22_workstations; + uint32_t usri22_last_logon; + uint32_t usri22_last_logoff; + uint32_t usri22_acct_expires; + uint32_t usri22_max_storage; + uint32_t usri22_units_per_week; + uint8_t *usri22_logon_hours;/* [unique] */ + uint32_t usri22_bad_pw_count; + uint32_t usri22_num_logons; + const char * usri22_logon_server; + uint32_t usri22_country_code; + uint32_t usri22_code_page; +}; + struct USER_INFO_23 { const char * usri23_name; const char * usri23_full_name; @@ -236,10 +292,87 @@ struct USER_INFO_23 { struct domsid *usri23_user_sid;/* [unique] */ }; +struct USER_INFO_1003 { + const char * usri1003_password; +}; + +struct USER_INFO_1005 { + uint32_t usri1005_priv; +}; + +struct USER_INFO_1006 { + const char * usri1006_home_dir; +}; + struct USER_INFO_1007 { const char * usri1007_comment; }; +struct USER_INFO_1008 { + uint32_t usri1008_flags; +}; + +struct USER_INFO_1009 { + const char * usri1009_script_path; +}; + +struct USER_INFO_1010 { + uint32_t usri1010_auth_flags; +}; + +struct USER_INFO_1011 { + const char * usri1011_full_name; +}; + +struct USER_INFO_1012 { + const char * usri1012_usr_comment; +}; + +struct USER_INFO_1013 { + const char * usri1013_parms; +}; + +struct USER_INFO_1014 { + const char * usri1014_workstations; +}; + +struct USER_INFO_1017 { + uint32_t usri1017_acct_expires; +}; + +struct USER_INFO_1018 { + uint32_t usri1018_max_storage; +}; + +struct USER_INFO_1020 { + uint32_t usri1020_units_per_week; + uint8_t *usri1020_logon_hours;/* [unique] */ +}; + +struct USER_INFO_1023 { + const char * usri1023_logon_server; +}; + +struct USER_INFO_1024 { + uint32_t usri1024_country_code; +}; + +struct USER_INFO_1025 { + uint32_t usri1025_code_page; +}; + +struct USER_INFO_1051 { + uint32_t usri1051_primary_group_id; +}; + +struct USER_INFO_1052 { + const char * usri1052_profile; +}; + +struct USER_INFO_1053 { + const char * usri1053_home_dir_drive; +}; + struct USER_MODALS_INFO_0 { uint32_t usrmod0_min_passwd_len; uint32_t usrmod0_max_passwd_age; @@ -418,6 +551,17 @@ struct TIME_OF_DAY_INFO { uint32_t tod_weekday; }; +struct SHARE_INFO_2 { + const char * shi2_netname; + uint32_t shi2_type; + const char * shi2_remark; + uint32_t shi2_permissions; + uint32_t shi2_max_uses; + uint32_t shi2_current_uses; + const char * shi2_path; + const char * shi2_passwd; +}; + #endif /* _HEADER_libnetapi */ /**************************************************************** @@ -890,6 +1034,33 @@ NET_API_STATUS NetUserModalsSet(const char * server_name /* [in] */, /************************************************************//** * + * NetUserGetGroups + * + * @brief Enumerate grouplist of a user on a server + * + * @param[in] server_name The server name to connect to + * @param[in] user_name The user name to query + * @param[in] level The enumeration level used for the query (Currently only + * level 0 is supported) + * @param[out] buffer The returned enumeration buffer + * @param[in] prefmaxlen The requested maximal buffer size + * @param[out] entries_read The number of returned entries + * @param[out] total_entries The number of total entries + * @return NET_API_STATUS + * + * example user/user_getgroups.c + ***************************************************************/ + +NET_API_STATUS NetUserGetGroups(const char * server_name /* [in] */, + const char * user_name /* [in] */, + uint32_t level /* [in] */, + uint8_t **buffer /* [out] [ref] */, + uint32_t prefmaxlen /* [in] */, + uint32_t *entries_read /* [out] [ref] */, + uint32_t *total_entries /* [out] [ref] */); + +/************************************************************//** + * * NetQueryDisplayInformation * * @brief Enumerate accounts on a server @@ -1309,6 +1480,27 @@ NET_API_STATUS NetLocalGroupSetMembers(const char * server_name /* [in] */, NET_API_STATUS NetRemoteTOD(const char * server_name /* [in] */, uint8_t **buf /* [out] [ref] */); + +/************************************************************//** + * + * NetShareAdd + * + * @brief Add Share + * + * @param[in] server_name The server name to connect to + * @param[in] level The level defining the requested SHARE_INFO_X structure + * @param[in] buf The buffer containing a SHARE_INFO_X structure + * @param[out] parm_err The returned parameter error number if any + * @return NET_API_STATUS + * + * example share/share_add.c + ***************************************************************/ + +NET_API_STATUS NetShareAdd(const char * server_name /* [in] */, + uint32_t level /* [in] */, + uint8_t *buffer /* [in] [ref] */, + uint32_t *parm_err /* [out] [ref] */); + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/source3/lib/netapi/share.c b/source3/lib/netapi/share.c new file mode 100644 index 0000000000..3b99a8d291 --- /dev/null +++ b/source3/lib/netapi/share.c @@ -0,0 +1,133 @@ +/* + * Unix SMB/CIFS implementation. + * NetApi Share Support + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" + +#include "librpc/gen_ndr/libnetapi.h" +#include "lib/netapi/netapi.h" +#include "lib/netapi/netapi_private.h" +#include "lib/netapi/libnetapi.h" + +/**************************************************************** +****************************************************************/ + +static NTSTATUS map_SHARE_INFO_buffer_to_srvsvc_share_info(TALLOC_CTX *mem_ctx, + uint8_t *buffer, + uint32_t level, + union srvsvc_NetShareInfo *info) +{ + struct SHARE_INFO_2 *i2 = NULL; + struct srvsvc_NetShareInfo2 *s2 = NULL; + + if (!buffer) { + return NT_STATUS_INVALID_PARAMETER; + } + + switch (level) { + case 2: + i2 = (struct SHARE_INFO_2 *)buffer; + + s2 = TALLOC_P(mem_ctx, struct srvsvc_NetShareInfo2); + NT_STATUS_HAVE_NO_MEMORY(s2); + + s2->name = i2->shi2_netname; + s2->type = i2->shi2_type; + s2->comment = i2->shi2_remark; + s2->permissions = i2->shi2_permissions; + s2->max_users = i2->shi2_max_uses; + s2->current_users = i2->shi2_current_uses; + s2->path = i2->shi2_path; + s2->password = i2->shi2_passwd; + + info->info2 = s2; + + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetShareAdd_r(struct libnetapi_ctx *ctx, + struct NetShareAdd *r) +{ + WERROR werr; + NTSTATUS status; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + union srvsvc_NetShareInfo info; + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 2: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_srvsvc.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = map_SHARE_INFO_buffer_to_srvsvc_share_info(ctx, + r->in.buffer, + r->in.level, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_srvsvc_NetShareAdd(pipe_cli, ctx, + r->in.server_name, + r->in.level, + &info, + r->out.parm_err, + &werr); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + done: + if (!cli) { + return werr; + } + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetShareAdd_l(struct libnetapi_ctx *ctx, + struct NetShareAdd *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetShareAdd); +} diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7b530f4308..ae8d2ecd89 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -30,18 +30,20 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, struct samr_UserInfo21 *info21) { - uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; + uint32_t fields_present = 0; struct samr_LogonHours zero_logon_hours; struct lsa_BinaryString zero_parameters; - uint32_t acct_flags = 0; NTTIME password_age; ZERO_STRUCTP(info21); ZERO_STRUCT(zero_logon_hours); ZERO_STRUCT(zero_parameters); + if (infoX->usriX_flags) { + fields_present |= SAMR_FIELD_ACCT_FLAGS; + } if (infoX->usriX_name) { - fields_present |= SAMR_FIELD_FULL_NAME; + fields_present |= SAMR_FIELD_ACCOUNT_NAME; } if (infoX->usriX_password) { fields_present |= SAMR_FIELD_PASSWORD; @@ -64,8 +66,27 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_password_age) { fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; } - - acct_flags |= infoX->usriX_flags | ACB_NORMAL; + if (infoX->usriX_full_name) { + fields_present |= SAMR_FIELD_FULL_NAME; + } + if (infoX->usriX_usr_comment) { + fields_present |= SAMR_FIELD_COMMENT; + } + if (infoX->usriX_profile) { + fields_present |= SAMR_FIELD_PROFILE_PATH; + } + if (infoX->usriX_home_dir_drive) { + fields_present |= SAMR_FIELD_HOME_DRIVE; + } + if (infoX->usriX_primary_group_id) { + fields_present |= SAMR_FIELD_PRIMARY_GID; + } + if (infoX->usriX_country_code) { + fields_present |= SAMR_FIELD_COUNTRY_CODE; + } + if (infoX->usriX_workstations) { + fields_present |= SAMR_FIELD_WORKSTATIONS; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -77,24 +98,24 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, 0, 0, password_age, - NULL, infoX->usriX_name, + infoX->usriX_full_name, infoX->usriX_home_dir, - NULL, + infoX->usriX_home_dir_drive, infoX->usriX_script_path, - NULL, + infoX->usriX_profile, infoX->usriX_comment, - NULL, - NULL, + infoX->usriX_workstations, + infoX->usriX_usr_comment, &zero_parameters, 0, - 0, - acct_flags, + infoX->usriX_primary_group_id, + infoX->usriX_flags, fields_present, zero_logon_hours, 0, 0, - 0, + infoX->usriX_country_code, 0, 0, 0, @@ -111,7 +132,17 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_0 *u0 = NULL; struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; + struct USER_INFO_1003 *u1003 = NULL; + struct USER_INFO_1006 *u1006 = NULL; struct USER_INFO_1007 *u1007 = NULL; + struct USER_INFO_1009 *u1009 = NULL; + struct USER_INFO_1011 *u1011 = NULL; + struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1014 *u1014 = NULL; + struct USER_INFO_1024 *u1024 = NULL; + struct USER_INFO_1051 *u1051 = NULL; + struct USER_INFO_1052 *u1052 = NULL; + struct USER_INFO_1053 *u1053 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -162,10 +193,50 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, uX->usriX_country_code = u2->usri2_country_code; uX->usriX_code_page = u2->usri2_code_page; break; + case 1003: + u1003 = (struct USER_INFO_1003 *)buffer; + uX->usriX_password = u1003->usri1003_password; + break; + case 1006: + u1006 = (struct USER_INFO_1006 *)buffer; + uX->usriX_home_dir = u1006->usri1006_home_dir; + break; case 1007: u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; break; + case 1009: + u1009 = (struct USER_INFO_1009 *)buffer; + uX->usriX_script_path = u1009->usri1009_script_path; + break; + case 1011: + u1011 = (struct USER_INFO_1011 *)buffer; + uX->usriX_full_name = u1011->usri1011_full_name; + break; + case 1012: + u1012 = (struct USER_INFO_1012 *)buffer; + uX->usriX_usr_comment = u1012->usri1012_usr_comment; + break; + case 1014: + u1014 = (struct USER_INFO_1014 *)buffer; + uX->usriX_workstations = u1014->usri1014_workstations; + break; + case 1024: + u1024 = (struct USER_INFO_1024 *)buffer; + uX->usriX_country_code = u1024->usri1024_country_code; + break; + case 1051: + u1051 = (struct USER_INFO_1051 *)buffer; + uX->usriX_primary_group_id = u1051->usri1051_primary_group_id; + break; + case 1052: + u1052 = (struct USER_INFO_1052 *)buffer; + uX->usriX_profile = u1052->usri1052_profile; + break; + case 1053: + u1053 = (struct USER_INFO_1053 *)buffer; + uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive; + break; case 3: case 4: default: @@ -178,6 +249,66 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, /**************************************************************** ****************************************************************/ +static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, + struct rpc_pipe_client *pipe_cli, + DATA_BLOB *session_key, + struct policy_handle *user_handle, + struct USER_INFO_X *uX) +{ + union samr_UserInfo user_info; + struct samr_UserInfo21 info21; + NTSTATUS status; + + if (!uX) { + return NT_STATUS_INVALID_PARAMETER; + } + + convert_USER_INFO_X_to_samr_user_info21(uX, &info21); + + ZERO_STRUCT(user_info); + + if (uX->usriX_password) { + + user_info.info25.info = info21; + + init_samr_CryptPasswordEx(uX->usriX_password, + session_key, + &user_info.info25.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 25, + &user_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { + + user_info.info23.info = info21; + + init_samr_CryptPassword(uX->usriX_password, + session_key, + &user_info.info23.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 23, + &user_info); + } + } else { + + user_info.info21 = info21; + + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, + user_handle, + 21, + &user_info); + } + + return status; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, struct NetUserAdd *r) { @@ -188,7 +319,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, POLICY_HND connect_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; - struct samr_UserInfo21 info21; union samr_UserInfo *user_info = NULL; struct samr_PwInfo pw_info; uint32_t access_granted = 0; @@ -282,47 +412,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, - &info21); - - ZERO_STRUCTP(user_info); - - if (uX.usriX_password) { - - user_info->info25.info = info21; - - init_samr_CryptPasswordEx(uX.usriX_password, - &cli->user_session_key, - &user_info->info25.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 25, - user_info); - - if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { - - user_info->info23.info = info21; - - init_samr_CryptPassword(uX.usriX_password, - &cli->user_session_key, - &user_info->info23.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 23, - user_info); - } - } else { - - user_info->info21 = info21; + uX.usriX_flags |= ACB_NORMAL; - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - user_info); - - } + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto failed; @@ -489,10 +584,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, struct policy_handle *builtin_handle, const char *user_name, + const struct dom_sid *domain_sid, uint32_t rid, uint32_t level, struct samr_UserInfo21 **info21, - struct sec_desc_buf **sec_desc) + struct sec_desc_buf **sec_desc, + uint32_t *auth_flag_p) { NTSTATUS status; @@ -507,11 +604,20 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, switch (level) { case 0: + break; case 1: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS; + break; case 2: case 3: - case 10: + case 4: case 11: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_GET_LOCALE; + break; + case 10: case 20: case 23: break; @@ -548,7 +654,14 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } - if (level == 1) { + if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) { + + struct lsa_SidArray sid_array; + struct samr_Ids alias_rids; + int i; + uint32_t auth_flag = 0; + struct dom_sid sid; + status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx, &user_handle, &rid_array); @@ -556,15 +669,48 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } -#if 0 - status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, - &builtin_handle, - &sids, - &rids); + sid_array.num_sids = rid_array->count + 1; + sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr, + sid_array.num_sids); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids); + + for (i=0; i<rid_array->count; i++) { + sid_compose(&sid, domain_sid, rid_array->rids[i].rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + } + + sid_compose(&sid, domain_sid, rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + + status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx, + builtin_handle, + &sid_array, + &alias_rids); if (!NT_STATUS_IS_OK(status)) { goto done; } -#endif + + for (i=0; i<alias_rids.count; i++) { + switch (alias_rids.ids[i]) { + case 550: /* Print Operators */ + auth_flag |= AF_OP_PRINT; + break; + case 549: /* Server Operators */ + auth_flag |= AF_OP_SERVER; + break; + case 548: /* Account Operators */ + auth_flag |= AF_OP_ACCOUNTS; + break; + default: + break; + } + } + + if (auth_flag_p) { + *auth_flag_p = auth_flag; + } } *info21 = &user_info->info21; @@ -580,6 +726,283 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static uint32_t samr_rid_to_priv_level(uint32_t rid) +{ + switch (rid) { + case DOMAIN_RID_ADMINISTRATOR: + return USER_PRIV_ADMIN; + case DOMAIN_RID_GUEST: + return USER_PRIV_GUEST; + default: + return USER_PRIV_USER; + } +} + +/**************************************************************** +****************************************************************/ + +static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) +{ + uint32_t fl = UF_SCRIPT; /* god knows why */ + + fl |= ads_acb2uf(acb); + + return fl; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_1 *i) +{ + ZERO_STRUCTP(i); + i->usri1_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri1_name); + i->usri1_password = NULL; + i->usri1_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri1_priv = samr_rid_to_priv_level(i21->rid); + i->usri1_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri1_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri1_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri1_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_2 *i) +{ + ZERO_STRUCTP(i); + + i->usri2_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri2_name); + i->usri2_password = NULL; + i->usri2_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri2_priv = samr_rid_to_priv_level(i21->rid); + i->usri2_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri2_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri2_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri2_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri2_auth_flags = auth_flag; + i->usri2_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri2_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri2_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri2_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri2_last_logon = nt_time_to_unix(i21->last_logon); + i->usri2_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri2_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri2_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri2_units_per_week = i21->logon_hours.units_per_week; + i->usri2_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri2_bad_pw_count = i21->bad_password_count; + i->usri2_num_logons = i21->logon_count; + i->usri2_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri2_country_code = i21->country_code; + i->usri2_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_3 *i) +{ + ZERO_STRUCTP(i); + + i->usri3_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri3_name); + i->usri3_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri3_priv = samr_rid_to_priv_level(i21->rid); + i->usri3_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri3_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri3_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri3_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri3_auth_flags = auth_flag; + i->usri3_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri3_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri3_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri3_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri3_last_logon = nt_time_to_unix(i21->last_logon); + i->usri3_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri3_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri3_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri3_units_per_week = i21->logon_hours.units_per_week; + i->usri3_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri3_bad_pw_count = i21->bad_password_count; + i->usri3_num_logons = i21->logon_count; + i->usri3_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri3_country_code = i21->country_code; + i->usri3_code_page = i21->code_page; + i->usri3_user_id = i21->rid; + i->usri3_primary_group_id = i21->primary_gid; + i->usri3_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri3_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri3_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct dom_sid *domain_sid, + struct USER_INFO_4 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri4_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri4_name); + i->usri4_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri4_password = NULL; + i->usri4_priv = samr_rid_to_priv_level(i21->rid); + i->usri4_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri4_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri4_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri4_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri4_auth_flags = auth_flag; + i->usri4_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri4_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri4_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri4_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri4_last_logon = nt_time_to_unix(i21->last_logon); + i->usri4_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri4_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri4_units_per_week = i21->logon_hours.units_per_week; + i->usri4_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri4_bad_pw_count = i21->bad_password_count; + i->usri4_num_logons = i21->logon_count; + i->usri4_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri4_country_code = i21->country_code; + i->usri4_code_page = i21->code_page; + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + i->usri4_primary_group_id = i21->primary_gid; + i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri4_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_10 *i) +{ + ZERO_STRUCTP(i); + + i->usri10_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri10_name); + i->usri10_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri10_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri10_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_11(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_11 *i) +{ + ZERO_STRUCTP(i); + + i->usri11_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri11_name); + i->usri11_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri11_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri11_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri11_priv = samr_rid_to_priv_level(i21->rid); + i->usri11_auth_flags = auth_flag; + i->usri11_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri11_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri11_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri11_last_logon = nt_time_to_unix(i21->last_logon); + i->usri11_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri11_bad_pw_count = i21->bad_password_count; + i->usri11_num_logons = i21->logon_count; + i->usri11_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri11_country_code = i21->country_code; + i->usri11_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri11_units_per_week = i21->logon_hours.units_per_week; + i->usri11_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri11_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_20 *i) +{ + ZERO_STRUCTP(i); + + i->usri20_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri20_name); + i->usri20_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri20_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri20_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri20_user_id = i21->rid; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct dom_sid *domain_sid, + struct USER_INFO_23 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri23_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri23_name); + i->usri23_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri23_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri23_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -595,10 +1018,15 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct samr_UserInfo21 *info21 = NULL; struct sec_desc_buf *sec_desc = NULL; - struct dom_sid sid; + uint32_t auth_flag = 0; struct USER_INFO_0 info0; + struct USER_INFO_1 info1; + struct USER_INFO_2 info2; + struct USER_INFO_3 info3; + struct USER_INFO_4 info4; struct USER_INFO_10 info10; + struct USER_INFO_11 info11; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -607,6 +1035,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, case 1: case 2: case 3: + case 4: case 10: case 11: case 20: @@ -630,73 +1059,86 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, domain_handle, builtin_handle, user_name, + domain_sid, rid, level, &info21, - &sec_desc); + &sec_desc, + &auth_flag); if (!NT_STATUS_IS_OK(status)) { goto done; } switch (level) { - case 10: - info10.usri10_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); - - info10.usri10_comment = talloc_strdup(mem_ctx, - info21->description.string); + case 0: + /* already returned above */ + break; + case 1: + status = info21_to_USER_INFO_1(mem_ctx, info21, &info1); + NT_STATUS_NOT_OK_RETURN(status); - info10.usri10_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1, + (struct USER_INFO_1 **)buffer, num_entries); - info10.usri10_usr_comment = talloc_strdup(mem_ctx, - info21->comment.string); + break; + case 2: + status = info21_to_USER_INFO_2(mem_ctx, info21, auth_flag, &info2); + NT_STATUS_NOT_OK_RETURN(status); - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10, - (struct USER_INFO_10 **)buffer, num_entries); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2, + (struct USER_INFO_2 **)buffer, num_entries); break; + case 3: + status = info21_to_USER_INFO_3(mem_ctx, info21, auth_flag, &info3); + NT_STATUS_NOT_OK_RETURN(status); - case 20: - info20.usri20_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3, + (struct USER_INFO_3 **)buffer, num_entries); - info20.usri20_comment = talloc_strdup(mem_ctx, - info21->description.string); + break; + case 4: + status = info21_to_USER_INFO_4(mem_ctx, info21, auth_flag, domain_sid, &info4); + NT_STATUS_NOT_OK_RETURN(status); - info20.usri20_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_4, info4, + (struct USER_INFO_4 **)buffer, num_entries); - info20.usri20_flags = info21->acct_flags; - info20.usri20_user_id = rid; + break; + case 10: + status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); + NT_STATUS_NOT_OK_RETURN(status); - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, - (struct USER_INFO_20 **)buffer, num_entries); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10, + (struct USER_INFO_10 **)buffer, num_entries); break; - case 23: - info23.usri23_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); - - info23.usri23_comment = talloc_strdup(mem_ctx, - info21->description.string); + case 11: + status = info21_to_USER_INFO_11(mem_ctx, info21, auth_flag, &info11); + NT_STATUS_NOT_OK_RETURN(status); - info23.usri23_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_11, info11, + (struct USER_INFO_11 **)buffer, num_entries); - info23.usri23_flags = info21->acct_flags; + break; + case 20: + status = info21_to_USER_INFO_20(mem_ctx, info21, &info20); + NT_STATUS_NOT_OK_RETURN(status); - if (!sid_compose(&sid, domain_sid, rid)) { - return NT_STATUS_NO_MEMORY; - } + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, + (struct USER_INFO_20 **)buffer, num_entries); - info23.usri23_user_sid = - (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + break; + case 23: + status = info21_to_USER_INFO_23(mem_ctx, info21, domain_sid, &info23); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23, (struct USER_INFO_23 **)buffer, num_entries); break; + default: + return NT_STATUS_INVALID_LEVEL; } done: @@ -713,7 +1155,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; struct policy_handle connect_handle; struct dom_sid2 *domain_sid = NULL; - struct policy_handle domain_handle; + struct policy_handle domain_handle, builtin_handle; struct samr_SamArray *sam = NULL; uint32_t filter = ACB_NORMAL; int i; @@ -724,6 +1166,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); + ZERO_STRUCT(builtin_handle); if (!r->out.buffer) { return WERR_INVALID_PARAM; @@ -734,16 +1177,17 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: - case 10: - case 20: - case 23: - break; case 1: case 2: case 3: + case 4: + case 10: case 11: + case 20: + case 23: + break; default: - return WERR_NOT_SUPPORTED; + return WERR_UNKNOWN_LEVEL; } werr = libnetapi_open_pipe(ctx, r->in.server_name, @@ -754,6 +1198,17 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_OPEN_DOMAIN, @@ -805,7 +1260,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, domain_sid, &domain_handle, - NULL, /*&builtin_handle, */ + &builtin_handle, sam->entries[i].name.string, sam->entries[i].idx, r->in.level, @@ -828,6 +1283,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, if (ctx->disable_policy_handle_cache) { libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_builtin_handle(ctx, &builtin_handle); libnetapi_samr_close_connect_handle(ctx, &connect_handle); } } @@ -1151,13 +1607,17 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: - /* case 1: */ + case 1: + case 2: + case 3: + case 4: case 10: + case 11: case 20: case 23: break; default: - werr = WERR_NOT_SUPPORTED; + werr = WERR_UNKNOWN_LEVEL; goto done; } @@ -1259,7 +1719,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; struct samr_Ids user_rids, name_types; - union samr_UserInfo user_info; + uint32_t user_mask = 0; struct USER_INFO_X uX; @@ -1274,11 +1734,41 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1003: + user_mask = SAMR_USER_ACCESS_SET_PASSWORD; + break; + case 1006: case 1007: + case 1009: + case 1011: + case 1014: + case 1052: + case 1053: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; - default: + case 1012: + case 1024: + user_mask = SAMR_USER_ACCESS_SET_LOC_COM; + case 1051: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_GROUPS; + break; + case 1: + case 2: + case 3: + case 4: + case 21: + case 22: + case 1005: + case 1008: + case 1010: + case 1017: + case 1020: werr = WERR_NOT_SUPPORTED; goto done; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; } werr = libnetapi_open_pipe(ctx, r->in.server_name, @@ -1327,7 +1817,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, status = rpccli_samr_OpenUser(pipe_cli, ctx, &domain_handle, - SAMR_USER_ACCESS_SET_ATTRIBUTES, + user_mask, user_rids.ids[0], &user_handle); if (!NT_STATUS_IS_OK(status)) { @@ -1341,12 +1831,10 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, &user_info.info21); - - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - &user_info); + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -2244,3 +2732,194 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet); } + +/**************************************************************** +****************************************************************/ + +static NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + const char *group_name, + uint32_t attributes, + uint8_t **buffer, + uint32_t *num_entries) +{ + struct GROUP_USERS_INFO_0 u0; + struct GROUP_USERS_INFO_1 u1; + + switch (level) { + case 0: + u0.grui0_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u0.grui0_name); + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_0, u0, + (struct GROUP_USERS_INFO_0 **)buffer, num_entries); + break; + case 1: + u1.grui1_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u1.grui1_name); + + u1.grui1_attributes = attributes; + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_1, u1, + (struct GROUP_USERS_INFO_1 **)buffer, num_entries); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, user_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + struct samr_RidWithAttributeArray *rid_array = NULL; + struct lsa_Strings names; + struct samr_Ids types; + uint32_t *rids = NULL; + + int i; + uint32_t entries_read = 0; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_GET_GROUPS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + rids = talloc_array(ctx, uint32_t, rid_array->count); + if (!rids) { + werr = WERR_NOMEM; + goto done; + } + + for (i=0; i < rid_array->count; i++) { + rids[i] = rid_array->rids[i].rid; + } + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &domain_handle, + rid_array->count, + rids, + &names, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < rid_array->count; i++) { + status = add_GROUP_USERS_INFO_X_buffer(ctx, + r->in.level, + names.names[i].string, + rid_array->rids[i].attributes, + r->out.buffer, + &entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + if (r->out.entries_read) { + *r->out.entries_read = entries_read; + } + if (r->out.total_entries) { + *r->out.total_entries = entries_read; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups); +} |