summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libnet/libnet.h8
-rw-r--r--source4/libnet/libnet_passwd.c226
2 files changed, 134 insertions, 100 deletions
diff --git a/source4/libnet/libnet.h b/source4/libnet/libnet.h
index 72c2fecdad..f527a4ed82 100644
--- a/source4/libnet/libnet.h
+++ b/source4/libnet/libnet.h
@@ -79,7 +79,7 @@ union libnet_rpc_connect {
/* struct and enum for doing a remote password change */
enum libnet_ChangePassword_level {
LIBNET_CHANGE_PASSWORD_GENERIC,
- LIBNET_CHANGE_PASSWORD_RPC,
+ LIBNET_CHANGE_PASSWORD_SAMR,
LIBNET_CHANGE_PASSWORD_KRB5,
LIBNET_CHANGE_PASSWORD_LDAP,
LIBNET_CHANGE_PASSWORD_RAP
@@ -105,7 +105,7 @@ union libnet_ChangePassword {
enum libnet_ChangePassword_level level;
struct _libnet_ChangePassword_in in;
struct _libnet_ChangePassword_out out;
- } rpc;
+ } samr;
struct {
enum libnet_ChangePassword_level level;
@@ -129,7 +129,7 @@ union libnet_ChangePassword {
/* struct and enum for doing a remote password set */
enum libnet_SetPassword_level {
LIBNET_SET_PASSWORD_GENERIC,
- LIBNET_SET_PASSWORD_RPC,
+ LIBNET_SET_PASSWORD_SAMR,
LIBNET_SET_PASSWORD_KRB5,
LIBNET_SET_PASSWORD_LDAP,
LIBNET_SET_PASSWORD_RAP
@@ -154,7 +154,7 @@ union libnet_SetPassword {
enum libnet_SetPassword_level level;
struct _libnet_SetPassword_in in;
struct _libnet_SetPassword_out out;
- } rpc;
+ } samr;
struct {
enum libnet_SetPassword_level level;
diff --git a/source4/libnet/libnet_passwd.c b/source4/libnet/libnet_passwd.c
index b1ff12fef2..98005b9f41 100644
--- a/source4/libnet/libnet_passwd.c
+++ b/source4/libnet/libnet_passwd.c
@@ -23,9 +23,12 @@
/*
* do a password change using DCERPC/SAMR calls
* 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation)
- * 2. try samr_ChangePassword3
+ * 2. try samr_ChangePasswordUser3
+ * 3. try samr_ChangePasswordUser2
+ * 4. try samr_OemChangePasswordUser2
+ * (not yet: 5. try samr_ChangePasswordUser)
*/
-static NTSTATUS libnet_ChangePassword_rpc(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_ChangePassword *r)
+static NTSTATUS libnet_ChangePassword_samr(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_ChangePassword *r)
{
NTSTATUS status;
union libnet_rpc_connect c;
@@ -44,37 +47,38 @@ static NTSTATUS libnet_ChangePassword_rpc(struct libnet_context *ctx, TALLOC_CTX
uint8_t old_nt_hash[16], new_nt_hash[16];
uint8_t old_lm_hash[16], new_lm_hash[16];
- /* prepare connect to the SAMR pipe of the */
+ /* prepare connect to the SAMR pipe of the users domain PDC */
c.pdc.level = LIBNET_RPC_CONNECT_PDC;
- c.pdc.in.domain_name = r->rpc.in.domain_name;
+ c.pdc.in.domain_name = r->samr.in.domain_name;
c.pdc.in.dcerpc_iface_name = DCERPC_SAMR_NAME;
c.pdc.in.dcerpc_iface_uuid = DCERPC_SAMR_UUID;
c.pdc.in.dcerpc_iface_version = DCERPC_SAMR_VERSION;
- /* do connect to the SAMR pipe of the */
+ /* 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation) */
status = libnet_rpc_connect(ctx, mem_ctx, &c);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"Connection to SAMR pipe of PDC of domain '%s' failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(status));
+ r->samr.in.domain_name, nt_errstr(status));
return status;
}
/* prepare password change for account */
server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(c.pdc.out.dcerpc_pipe));
- account.name = r->rpc.in.account_name;
+ account.name = r->samr.in.account_name;
- E_md4hash(r->rpc.in.oldpassword, old_nt_hash);
- E_md4hash(r->rpc.in.newpassword, new_nt_hash);
+ E_md4hash(r->samr.in.oldpassword, old_nt_hash);
+ E_md4hash(r->samr.in.newpassword, new_nt_hash);
- E_deshash(r->rpc.in.oldpassword, old_lm_hash);
- E_deshash(r->rpc.in.newpassword, new_lm_hash);
+ E_deshash(r->samr.in.oldpassword, old_lm_hash);
+ E_deshash(r->samr.in.newpassword, new_lm_hash);
- encode_pw_buffer(lm_pass.data, r->rpc.in.newpassword, STR_UNICODE);
+ /* prepare samr_ChangePasswordUser3 */
+ encode_pw_buffer(lm_pass.data, r->samr.in.newpassword, STR_UNICODE);
arcfour_crypt(lm_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
- encode_pw_buffer(nt_pass.data, r->rpc.in.newpassword, STR_UNICODE);
+ encode_pw_buffer(nt_pass.data, r->samr.in.newpassword, STR_UNICODE);
arcfour_crypt(nt_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
@@ -87,20 +91,20 @@ static NTSTATUS libnet_ChangePassword_rpc(struct libnet_context *ctx, TALLOC_CTX
pw3.in.lm_verifier = &lm_verifier;
pw3.in.password3 = NULL;
- /* do password change for account */
+ /* 2. try samr_ChangePasswordUser3 */
status = dcerpc_samr_ChangePasswordUser3(c.pdc.out.dcerpc_pipe, mem_ctx, &pw3);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser3 failed: %s\n",
nt_errstr(status));
goto ChangePasswordUser2;
}
- /* check result of password change */
+ /* check result of samr_ChangePasswordUser3 */
if (!NT_STATUS_IS_OK(pw3.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser3 for '%s\\%s' failed: %s\n",
- r->rpc.in.domain_name, r->rpc.in.account_name,
+ r->samr.in.domain_name, r->samr.in.account_name,
nt_errstr(pw3.out.result));
/* TODO: give the reason of the reject */
if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION)) {
@@ -112,12 +116,12 @@ static NTSTATUS libnet_ChangePassword_rpc(struct libnet_context *ctx, TALLOC_CTX
goto disconnect;
ChangePasswordUser2:
-
- encode_pw_buffer(lm_pass.data, r->rpc.in.newpassword, STR_ASCII|STR_TERMINATE);
+ /* prepare samr_ChangePasswordUser2 */
+ encode_pw_buffer(lm_pass.data, r->samr.in.newpassword, STR_ASCII|STR_TERMINATE);
arcfour_crypt(lm_pass.data, old_lm_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
- encode_pw_buffer(nt_pass.data, r->rpc.in.newpassword, STR_UNICODE);
+ encode_pw_buffer(nt_pass.data, r->samr.in.newpassword, STR_UNICODE);
arcfour_crypt(nt_pass.data, old_nt_hash, 516);
E_old_pw_hash(new_nt_hash, old_nt_hash, nt_verifier.hash);
@@ -129,19 +133,20 @@ ChangePasswordUser2:
pw2.in.lm_password = &lm_pass;
pw2.in.lm_verifier = &lm_verifier;
+ /* 3. try samr_ChangePasswordUser2 */
status = dcerpc_samr_ChangePasswordUser2(c.pdc.out.dcerpc_pipe, mem_ctx, &pw2);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser2 failed: %s\n",
nt_errstr(status));
goto OemChangePasswordUser2;
}
- /* check result of password change */
+ /* check result of samr_ChangePasswordUser2 */
if (!NT_STATUS_IS_OK(pw2.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser2 for '%s\\%s' failed: %s\n",
- r->rpc.in.domain_name, r->rpc.in.account_name,
+ r->samr.in.domain_name, r->samr.in.account_name,
nt_errstr(pw2.out.result));
goto OemChangePasswordUser2;
}
@@ -149,11 +154,11 @@ ChangePasswordUser2:
goto disconnect;
OemChangePasswordUser2:
-
+ /* prepare samr_OemChangePasswordUser2 */
a_server.name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(c.pdc.out.dcerpc_pipe));
- a_account.name = r->rpc.in.account_name;
+ a_account.name = r->samr.in.account_name;
- encode_pw_buffer(lm_pass.data, r->rpc.in.newpassword, STR_ASCII);
+ encode_pw_buffer(lm_pass.data, r->samr.in.newpassword, STR_ASCII);
arcfour_crypt(lm_pass.data, old_lm_hash, 516);
E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash);
@@ -162,19 +167,20 @@ OemChangePasswordUser2:
oe2.in.password = &lm_pass;
oe2.in.hash = &lm_verifier;
+ /* 4. try samr_OemChangePasswordUser2 */
status = dcerpc_samr_OemChangePasswordUser2(c.pdc.out.dcerpc_pipe, mem_ctx, &oe2);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_OemChangePasswordUser2 failed: %s\n",
nt_errstr(status));
goto ChangePasswordUser;
}
- /* check result of password change */
+ /* check result of samr_OemChangePasswordUser2 */
if (!NT_STATUS_IS_OK(oe2.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_OemChangePasswordUser2 for '%s\\%s' failed: %s\n",
- r->rpc.in.domain_name, r->rpc.in.account_name,
+ r->samr.in.domain_name, r->samr.in.account_name,
nt_errstr(oe2.out.result));
goto ChangePasswordUser;
}
@@ -183,6 +189,7 @@ OemChangePasswordUser2:
ChangePasswordUser:
#if 0
+ /* prepare samr_ChangePasswordUser */
E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
@@ -203,19 +210,20 @@ ChangePasswordUser:
pw.in.cross2_present = 1;
pw.in.lm_cross = &hash6;
+ /* 5. try samr_ChangePasswordUser */
status = dcerpc_samr_ChangePasswordUser(c.pdc.out.dcerpc_pipe, mem_ctx, &pw);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser failed: %s\n",
nt_errstr(status));
goto disconnect;
}
- /* check result of password change */
+ /* check result of samr_ChangePasswordUser */
if (!NT_STATUS_IS_OK(pw.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_ChangePasswordUser for '%s\\%s' failed: %s\n",
- r->rpc.in.domain_name, r->rpc.in.account_name,
+ r->samr.in.domain_name, r->samr.in.account_name,
nt_errstr(pw.out.result));
goto disconnect;
}
@@ -232,15 +240,15 @@ static NTSTATUS libnet_ChangePassword_generic(struct libnet_context *ctx, TALLOC
NTSTATUS status;
union libnet_ChangePassword r2;
- r2.rpc.level = LIBNET_CHANGE_PASSWORD_RPC;
- r2.rpc.in.account_name = r->generic.in.account_name;
- r2.rpc.in.domain_name = r->generic.in.domain_name;
- r2.rpc.in.oldpassword = r->generic.in.oldpassword;
- r2.rpc.in.newpassword = r->generic.in.newpassword;
+ r2.samr.level = LIBNET_CHANGE_PASSWORD_SAMR;
+ r2.samr.in.account_name = r->generic.in.account_name;
+ r2.samr.in.domain_name = r->generic.in.domain_name;
+ r2.samr.in.oldpassword = r->generic.in.oldpassword;
+ r2.samr.in.newpassword = r->generic.in.newpassword;
status = libnet_ChangePassword(ctx, mem_ctx, &r2);
- r->generic.out.error_string = r2.rpc.out.error_string;
+ r->generic.out.error_string = r2.samr.out.error_string;
return status;
}
@@ -250,8 +258,8 @@ NTSTATUS libnet_ChangePassword(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
switch (r->generic.level) {
case LIBNET_CHANGE_PASSWORD_GENERIC:
return libnet_ChangePassword_generic(ctx, mem_ctx, r);
- case LIBNET_CHANGE_PASSWORD_RPC:
- return libnet_ChangePassword_rpc(ctx, mem_ctx, r);
+ case LIBNET_CHANGE_PASSWORD_SAMR:
+ return libnet_ChangePassword_samr(ctx, mem_ctx, r);
case LIBNET_CHANGE_PASSWORD_KRB5:
return NT_STATUS_NOT_IMPLEMENTED;
case LIBNET_CHANGE_PASSWORD_LDAP:
@@ -265,10 +273,16 @@ NTSTATUS libnet_ChangePassword(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
/*
* set a password with DCERPC/SAMR calls
- *
- * is it correct to contact the the pdc of the domain of the user who's password should be set?
+ * 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation)
+ * is it correct to contact the the pdc of the domain of the user who's password should be set?
+ * 2. do a samr_Connect to get a policy handle
+ * 3. do a samr_LookupDomain to get the domain sid
+ * 4. do a samr_OpenDomain to get a domain handle
+ * 5. do a samr_LookupNames to get the users rid
+ * 6. do a samr_OpenUser to get a user handle
+ * 7. try samr_SetUserInfo level 26 to set the password
*/
-static NTSTATUS libnet_SetPassword_rpc(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_SetPassword *r)
+static NTSTATUS libnet_SetPassword_samr(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_SetPassword *r)
{
NTSTATUS status;
union libnet_rpc_connect c;
@@ -288,138 +302,157 @@ static NTSTATUS libnet_SetPassword_rpc(struct libnet_context *ctx, TALLOC_CTX *m
uint8_t confounder[16];
struct MD5Context md5;
- /* prepare connect to the SAMR pipe of the */
+ /* prepare connect to the SAMR pipe of users domain PDC */
c.pdc.level = LIBNET_RPC_CONNECT_PDC;
- c.pdc.in.domain_name = r->rpc.in.domain_name;
+ c.pdc.in.domain_name = r->samr.in.domain_name;
c.pdc.in.dcerpc_iface_name = DCERPC_SAMR_NAME;
c.pdc.in.dcerpc_iface_uuid = DCERPC_SAMR_UUID;
c.pdc.in.dcerpc_iface_version = DCERPC_SAMR_VERSION;
- /* do connect to the SAMR pipe of the */
+ /* 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation) */
status = libnet_rpc_connect(ctx, mem_ctx, &c);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"Connection to SAMR pipe of PDC of domain '%s' failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(status));
+ r->samr.in.domain_name, nt_errstr(status));
return status;
}
- /* do a samr_Connect to get a policy handle */
+ /* prepare samr_Connect */
ZERO_STRUCT(p_handle);
sc.in.system_name = 0;
sc.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
sc.out.handle = &p_handle;
+ /* 2. do a samr_Connect to get a policy handle */
status = dcerpc_samr_Connect(c.pdc.out.dcerpc_pipe, mem_ctx, &sc);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_Connect failed: %s\n",
nt_errstr(status));
goto disconnect;
}
- /* check result of samr_connect */
+ /* check result of samr_Connect */
if (!NT_STATUS_IS_OK(sc.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_Connect failed: %s\n",
nt_errstr(sc.out.result));
goto disconnect;
}
- /* do a samr_LookupDomain */
- d_name.name = r->rpc.in.domain_name;
+ /* prepare samr_LookupDomain */
+ d_name.name = r->samr.in.domain_name;
ld.in.handle = &p_handle;
ld.in.domain = &d_name;
+ /* 3. do a samr_LookupDomain to get the domain sid */
status = dcerpc_samr_LookupDomain(c.pdc.out.dcerpc_pipe, mem_ctx, &ld);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupDomain for [%s] failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(status));
+ r->samr.in.domain_name, nt_errstr(status));
goto disconnect;
}
/* check result of samr_LookupDomain */
if (!NT_STATUS_IS_OK(ld.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupDomain for [%s] failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(ld.out.result));
+ r->samr.in.domain_name, nt_errstr(ld.out.result));
goto disconnect;
}
- /* do a samr_OpenDomain to get a domain handle */
+ /* prepare samr_OpenDomain */
ZERO_STRUCT(d_handle);
od.in.handle = &p_handle;
od.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
od.in.sid = ld.out.sid;
od.out.domain_handle = &d_handle;
+ /* 4. do a samr_OpenDomain to get a domain handle */
status = dcerpc_samr_OpenDomain(c.pdc.out.dcerpc_pipe, mem_ctx, &od);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_OpenDomain for [%s] failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(status));
+ r->samr.in.domain_name, nt_errstr(status));
goto disconnect;
}
- /* check result of samr_LookupDomain */
+ /* check result of samr_OpenDomain */
if (!NT_STATUS_IS_OK(od.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_OpenDomain for [%s] failed: %s\n",
- r->rpc.in.domain_name, nt_errstr(od.out.result));
+ r->samr.in.domain_name, nt_errstr(od.out.result));
goto disconnect;
}
- /* do a samr_LookupNames for the account_name to get the RID */
+ /* prepare samr_LookupNames */
ln.in.handle = &d_handle;
ln.in.num_names = 1;
ln.in.names = talloc_array_p(mem_ctx, struct samr_Name, 1);
if (!ln.in.names) {
- r->rpc.out.error_string = "Out of Memory";
+ r->samr.out.error_string = "Out of Memory";
return NT_STATUS_NO_MEMORY;
}
- ln.in.names[0].name = r->rpc.in.account_name;
+ ln.in.names[0].name = r->samr.in.account_name;
+ /* 5. do a samr_LookupNames to get the users rid */
status = dcerpc_samr_LookupNames(c.pdc.out.dcerpc_pipe, mem_ctx, &ln);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupNames for [%s] failed: %s\n",
- r->rpc.in.account_name, nt_errstr(status));
+ r->samr.in.account_name, nt_errstr(status));
goto disconnect;
}
- /* check result of samr_LookupDomain */
+ /* check result of samr_LookupNames */
if (!NT_STATUS_IS_OK(ln.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupNames for [%s] failed: %s\n",
- r->rpc.in.account_name, nt_errstr(ln.out.result));
+ r->samr.in.account_name, nt_errstr(ln.out.result));
goto disconnect;
}
/* check if we got one RID for the user */
if (ln.out.rids.count != 1) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"samr_LookupNames for [%s] returns %d RIDs\n",
- r->rpc.in.account_name, ln.out.rids.count);
+ r->samr.in.account_name, ln.out.rids.count);
goto disconnect;
}
- /* do samr_OpenUser to get the user handle */
+ /* prepare samr_OpenUser */
ZERO_STRUCT(u_handle);
ou.in.handle = &d_handle;
ou.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
ou.in.rid = ln.out.rids.ids[0];
ou.out.acct_handle = &u_handle;
+ /* 6. do a samr_OpenUser to get a user handle */
status = dcerpc_samr_OpenUser(c.pdc.out.dcerpc_pipe, mem_ctx, &ou);
+ if (!NT_STATUS_IS_OK(status)) {
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
+ "samr_OpenUser for [%s] failed: %s\n",
+ r->samr.in.account_name, nt_errstr(status));
+ goto disconnect;
+ }
+
+ /* check result of samr_OpenUser */
+ if (!NT_STATUS_IS_OK(ou.out.result)) {
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
+ "samr_OpenUser for [%s] failed: %s\n",
+ r->samr.in.account_name, nt_errstr(ou.out.result));
+ goto disconnect;
+ }
- /* prepare password set with samr_UserInfo26 */
- encode_pw_buffer(u_info.info26.password.data, r->rpc.in.newpassword, STR_UNICODE);
- u_info.info26.pw_len = strlen(r->rpc.in.newpassword);
+ /* prepare samr_SetUserInfo level 26 */
+ encode_pw_buffer(u_info.info26.password.data, r->samr.in.newpassword, STR_UNICODE);
+ u_info.info26.pw_len = strlen(r->samr.in.newpassword);
status = dcerpc_fetch_session_key(c.pdc.out.dcerpc_pipe, &session_key);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"dcerpc_fetch_session_key failed: %s\n",
nt_errstr(status));
goto disconnect;
@@ -439,19 +472,20 @@ static NTSTATUS libnet_SetPassword_rpc(struct libnet_context *ctx, TALLOC_CTX *m
sui.in.info = &u_info;
sui.in.level = 26;
+ /* 7. try samr_SetUserInfo level 26 to set the password */
status = dcerpc_samr_SetUserInfo(c.pdc.out.dcerpc_pipe, mem_ctx, &sui);
if (!NT_STATUS_IS_OK(status)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"SetUserInfo level 26 for [%s] failed: %s\n",
- r->rpc.in.account_name, nt_errstr(status));
+ r->samr.in.account_name, nt_errstr(status));
goto UserInfo25;
}
- /* check result of samr_LookupDomain */
+ /* check result of samr_SetUserInfo level 26 */
if (!NT_STATUS_IS_OK(sui.out.result)) {
- r->rpc.out.error_string = talloc_asprintf(mem_ctx,
+ r->samr.out.error_string = talloc_asprintf(mem_ctx,
"SetUserInfo level 26 for [%s] failed: %s\n",
- r->rpc.in.account_name, nt_errstr(sui.out.result));
+ r->samr.in.account_name, nt_errstr(sui.out.result));
goto UserInfo25;
}
@@ -469,14 +503,14 @@ static NTSTATUS libnet_SetPassword_generic(struct libnet_context *ctx, TALLOC_CT
NTSTATUS status;
union libnet_SetPassword r2;
- r2.rpc.level = LIBNET_SET_PASSWORD_RPC;
- r2.rpc.in.account_name = r->generic.in.account_name;
- r2.rpc.in.domain_name = r->generic.in.domain_name;
- r2.rpc.in.newpassword = r->generic.in.newpassword;
+ r2.samr.level = LIBNET_SET_PASSWORD_SAMR;
+ r2.samr.in.account_name = r->generic.in.account_name;
+ r2.samr.in.domain_name = r->generic.in.domain_name;
+ r2.samr.in.newpassword = r->generic.in.newpassword;
status = libnet_SetPassword(ctx, mem_ctx, &r2);
- r->generic.out.error_string = r2.rpc.out.error_string;
+ r->generic.out.error_string = r2.samr.out.error_string;
return status;
}
@@ -486,8 +520,8 @@ NTSTATUS libnet_SetPassword(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, uni
switch (r->generic.level) {
case LIBNET_SET_PASSWORD_GENERIC:
return libnet_SetPassword_generic(ctx, mem_ctx, r);
- case LIBNET_SET_PASSWORD_RPC:
- return libnet_SetPassword_rpc(ctx, mem_ctx, r);
+ case LIBNET_SET_PASSWORD_SAMR:
+ return libnet_SetPassword_samr(ctx, mem_ctx, r);
case LIBNET_SET_PASSWORD_KRB5:
return NT_STATUS_NOT_IMPLEMENTED;
case LIBNET_SET_PASSWORD_LDAP: