summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJean-François Micouleau <jfm@samba.org>2001-12-03 17:14:23 +0000
committerJean-François Micouleau <jfm@samba.org>2001-12-03 17:14:23 +0000
commitcdf9b42754b7e97faa7fc4eb1ec69e32c0bfd1a0 (patch)
tree7af8817fc9a706d3152635395e1e689495f874b4 /source3/rpc_server
parentfc85a6096231d7e8c45c150f2beaa99c16e9227a (diff)
downloadsamba-cdf9b42754b7e97faa7fc4eb1ec69e32c0bfd1a0.tar.gz
samba-cdf9b42754b7e97faa7fc4eb1ec69e32c0bfd1a0.tar.bz2
samba-cdf9b42754b7e97faa7fc4eb1ec69e32c0bfd1a0.zip
added a tdb to store the account policy informations.
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_samr_nt.c255
1 files changed, 168 insertions, 87 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 8882b0801a..13340d0a60 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -1907,53 +1907,84 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SAMR_R_QUERY_DOMAIN_INFO *r_u)
{
- SAM_UNK_CTR *ctr;
+ SAM_UNK_CTR *ctr;
+ uint32 min_pass_len,pass_hist,flag;
+ time_t u_expire, u_min_age;
+ NTTIME nt_expire, nt_min_age;
+
+ time_t u_lock_duration, u_reset_time;
+ NTTIME nt_lock_duration, nt_reset_time;
+ uint32 lockout;
+
+ time_t u_logout;
+ NTTIME nt_logout;
+
if ((ctr = (SAM_UNK_CTR *)talloc_zero(p->mem_ctx, sizeof(SAM_UNK_CTR))) == NULL)
return NT_STATUS_NO_MEMORY;
- ZERO_STRUCTP(ctr);
+ ZERO_STRUCTP(ctr);
- r_u->status = NT_STATUS_OK;
+ r_u->status = NT_STATUS_OK;
- DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__));
+ DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__));
- /* find the policy handle. open a policy on it. */
- if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
- return NT_STATUS_INVALID_HANDLE;
+ /* find the policy handle. open a policy on it. */
+ if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
- switch (q_u->switch_value) {
- case 0x01:
- init_unk_info1(&ctr->info.inf1);
- break;
- case 0x02:
+ switch (q_u->switch_value) {
+ case 0x01:
+ account_policy_get(AP_MIN_PASSWORD_LEN, &min_pass_len);
+ account_policy_get(AP_PASSWORD_HISTORY, &pass_hist);
+ account_policy_get(AP_USER_MUST_LOGON_TO_CHG_PASS, &flag);
+ account_policy_get(AP_MAX_PASSWORD_AGE, (int *)&u_expire);
+ account_policy_get(AP_MIN_PASSWORD_AGE, (int *)&u_min_age);
+
+ unix_to_nt_time_abs(&nt_expire, u_expire);
+ unix_to_nt_time_abs(&nt_min_age, u_min_age);
+
+ init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist,
+ flag, nt_expire, nt_min_age);
+ break;
+ case 0x02:
/* The time call below is to get a sequence number for the sam. FIXME !!! JRA. */
- init_unk_info2(&ctr->info.inf2, global_myworkgroup, global_myname, (uint32) time(NULL));
- break;
- case 0x03:
- init_unk_info3(&ctr->info.inf3);
- break;
- case 0x05:
- init_unk_info5(&ctr->info.inf5, global_myname);
- break;
- case 0x06:
- init_unk_info6(&ctr->info.inf6);
- break;
- case 0x07:
- init_unk_info7(&ctr->info.inf7);
- break;
- case 0x0c:
- init_unk_info12(&ctr->info.inf12);
- break;
- default:
- return NT_STATUS_INVALID_INFO_CLASS;
- }
+ init_unk_info2(&ctr->info.inf2, global_myworkgroup, global_myname, (uint32) time(NULL));
+ break;
+ case 0x03:
+ account_policy_get(AP_TIME_TO_LOGOUT, (int *)&u_logout);
+ unix_to_nt_time_abs(&nt_logout, u_logout);
+
+ init_unk_info3(&ctr->info.inf3, nt_logout);
+ break;
+ case 0x05:
+ init_unk_info5(&ctr->info.inf5, global_myname);
+ break;
+ case 0x06:
+ init_unk_info6(&ctr->info.inf6);
+ break;
+ case 0x07:
+ init_unk_info7(&ctr->info.inf7);
+ break;
+ case 0x0c:
+ account_policy_get(AP_LOCK_ACCOUNT_DURATION, (int *)&u_lock_duration);
+ account_policy_get(AP_RESET_COUNT_TIME, (int *)&u_reset_time);
+ account_policy_get(AP_BAD_ATTEMPT_LOCKOUT, &lockout);
+
+ unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration);
+ unix_to_nt_time_abs(&nt_reset_time, u_reset_time);
+
+ init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout);
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
- init_samr_r_query_dom_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
+ init_samr_r_query_dom_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
- DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__));
+ DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__));
- return r_u->status;
+ return r_u->status;
}
/*******************************************************************
@@ -3460,53 +3491,83 @@ NTSTATUS _samr_unknown_2d(pipes_struct *p, SAMR_Q_UNKNOWN_2D *q_u, SAMR_R_UNKNOW
NTSTATUS _samr_unknown_2e(pipes_struct *p, SAMR_Q_UNKNOWN_2E *q_u, SAMR_R_UNKNOWN_2E *r_u)
{
- SAM_UNK_CTR *ctr;
+ SAM_UNK_CTR *ctr;
+ uint32 min_pass_len,pass_hist,flag;
+ time_t u_expire, u_min_age;
+ NTTIME nt_expire, nt_min_age;
+
+ time_t u_lock_duration, u_reset_time;
+ NTTIME nt_lock_duration, nt_reset_time;
+ uint32 lockout;
+
+ time_t u_logout;
+ NTTIME nt_logout;
if ((ctr = (SAM_UNK_CTR *)talloc_zero(p->mem_ctx, sizeof(SAM_UNK_CTR))) == NULL)
return NT_STATUS_NO_MEMORY;
- ZERO_STRUCTP(ctr);
+ ZERO_STRUCTP(ctr);
- r_u->status = NT_STATUS_OK;
+ r_u->status = NT_STATUS_OK;
- DEBUG(5,("_samr_unknown_2e: %d\n", __LINE__));
+ DEBUG(5,("_samr_unknown_2e: %d\n", __LINE__));
- /* find the policy handle. open a policy on it. */
- if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
- return NT_STATUS_INVALID_HANDLE;
+ /* find the policy handle. open a policy on it. */
+ if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
+ return NT_STATUS_INVALID_HANDLE;
- switch (q_u->switch_value) {
- case 0x01:
- init_unk_info1(&ctr->info.inf1);
- break;
- case 0x02:
+ switch (q_u->switch_value) {
+ case 0x01:
+ account_policy_get(AP_MIN_PASSWORD_LEN, &min_pass_len);
+ account_policy_get(AP_PASSWORD_HISTORY, &pass_hist);
+ account_policy_get(AP_USER_MUST_LOGON_TO_CHG_PASS, &flag);
+ account_policy_get(AP_MAX_PASSWORD_AGE, (int *)&u_expire);
+ account_policy_get(AP_MIN_PASSWORD_AGE, (int *)&u_min_age);
+
+ unix_to_nt_time_abs(&nt_expire, u_expire);
+ unix_to_nt_time_abs(&nt_min_age, u_min_age);
+
+ init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist,
+ flag, nt_expire, nt_min_age);
+ break;
+ case 0x02:
/* The time call below is to get a sequence number for the sam. FIXME !!! JRA. */
- init_unk_info2(&ctr->info.inf2, global_myworkgroup, global_myname, (uint32) time(NULL));
- break;
- case 0x03:
- init_unk_info3(&ctr->info.inf3);
- break;
- case 0x05:
- init_unk_info5(&ctr->info.inf5, global_myname);
- break;
- case 0x06:
- init_unk_info6(&ctr->info.inf6);
- break;
- case 0x07:
- init_unk_info7(&ctr->info.inf7);
- break;
- case 0x0c:
- init_unk_info12(&ctr->info.inf12);
- break;
- default:
- return NT_STATUS_INVALID_INFO_CLASS;
- }
+ init_unk_info2(&ctr->info.inf2, global_myworkgroup, global_myname, (uint32) time(NULL));
+ break;
+ case 0x03:
+ account_policy_get(AP_TIME_TO_LOGOUT, (int *)&u_logout);
+ unix_to_nt_time_abs(&nt_logout, u_logout);
+
+ init_unk_info3(&ctr->info.inf3, nt_logout);
+ break;
+ case 0x05:
+ init_unk_info5(&ctr->info.inf5, global_myname);
+ break;
+ case 0x06:
+ init_unk_info6(&ctr->info.inf6);
+ break;
+ case 0x07:
+ init_unk_info7(&ctr->info.inf7);
+ break;
+ case 0x0c:
+ account_policy_get(AP_LOCK_ACCOUNT_DURATION, (int *)&u_lock_duration);
+ account_policy_get(AP_RESET_COUNT_TIME, (int *)&u_reset_time);
+ account_policy_get(AP_BAD_ATTEMPT_LOCKOUT, &lockout);
+
+ unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration);
+ unix_to_nt_time_abs(&nt_reset_time, u_reset_time);
+
+ init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout);
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
- init_samr_r_samr_unknown_2e(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
+ init_samr_r_samr_unknown_2e(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
- DEBUG(5,("_samr_unknown_2e: %d\n", __LINE__));
+ DEBUG(5,("_samr_unknown_2e: %d\n", __LINE__));
- return r_u->status;
+ return r_u->status;
}
/*******************************************************************
@@ -3515,6 +3576,10 @@ NTSTATUS _samr_unknown_2e(pipes_struct *p, SAMR_Q_UNKNOWN_2E *q_u, SAMR_R_UNKNOW
NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R_SET_DOMAIN_INFO *r_u)
{
+ time_t u_expire, u_min_age;
+ time_t u_logout;
+ time_t u_lock_duration, u_reset_time;
+
r_u->status = NT_STATUS_OK;
DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__));
@@ -3523,25 +3588,41 @@ NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R
if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
return NT_STATUS_INVALID_HANDLE;
- DEBUG(0,("_samr_set_dom_info: switch_value: %d\n", q_u->switch_value));
+ DEBUG(5,("_samr_set_dom_info: switch_value: %d\n", q_u->switch_value));
switch (q_u->switch_value) {
- case 0x01:
- break;
- case 0x02:
- break;
- case 0x03:
- break;
- case 0x05:
- break;
- case 0x06:
- break;
- case 0x07:
- break;
- case 0x0c:
- break;
- default:
- return NT_STATUS_INVALID_INFO_CLASS;
+ case 0x01:
+ u_expire=nt_time_to_unix_abs(&q_u->ctr->info.inf1.expire);
+ u_min_age=nt_time_to_unix_abs(&q_u->ctr->info.inf1.min_passwordage);
+
+ account_policy_set(AP_MIN_PASSWORD_LEN, (uint32)q_u->ctr->info.inf1.min_length_password);
+ account_policy_set(AP_PASSWORD_HISTORY, (uint32)q_u->ctr->info.inf1.password_history);
+ account_policy_set(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)q_u->ctr->info.inf1.flag);
+ account_policy_set(AP_MAX_PASSWORD_AGE, (int)u_expire);
+ account_policy_set(AP_MIN_PASSWORD_AGE, (int)u_min_age);
+ break;
+ case 0x02:
+ break;
+ case 0x03:
+ u_logout=nt_time_to_unix_abs(&q_u->ctr->info.inf3.logout);
+ account_policy_set(AP_TIME_TO_LOGOUT, (int)u_logout);
+ break;
+ case 0x05:
+ break;
+ case 0x06:
+ break;
+ case 0x07:
+ break;
+ case 0x0c:
+ u_lock_duration=nt_time_to_unix_abs(&q_u->ctr->info.inf12.duration);
+ u_reset_time=nt_time_to_unix_abs(&q_u->ctr->info.inf12.reset_count);
+
+ account_policy_set(AP_LOCK_ACCOUNT_DURATION, (int)u_lock_duration);
+ account_policy_set(AP_RESET_COUNT_TIME, (int)u_reset_time);
+ account_policy_set(AP_BAD_ATTEMPT_LOCKOUT, (uint32)q_u->ctr->info.inf12.bad_attempt_lockout);
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
}
init_samr_r_set_domain_info(r_u, NT_STATUS_OK);
generated by cgit (git 2.34.1) at 2025-02-18 17:26:18 +0000