3 files changed, 141 insertions, 66 deletions
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
index a61ddb5db1..0e22e77b65 100644
--- a/source3/rpc_client/init_samr.c
+++ b/source3/rpc_client/init_samr.c
@@ -385,3 +385,86 @@ void init_samr_user_info21(struct samr_UserInfo21 *r,
 	r->lm_password_set = lm_password_set;
 	r->password_expired = password_expired;
 }
+
+/*************************************************************************
+ init_samr_user_info23
+ *************************************************************************/
+
+void init_samr_user_info23(struct samr_UserInfo23 *r,
+			   NTTIME last_logon,
+			   NTTIME last_logoff,
+			   NTTIME last_password_change,
+			   NTTIME acct_expiry,
+			   NTTIME allow_password_change,
+			   NTTIME force_password_change,
+			   const char *account_name,
+			   const char *full_name,
+			   const char *home_directory,
+			   const char *home_drive,
+			   const char *logon_script,
+			   const char *profile_path,
+			   const char *description,
+			   const char *workstations,
+			   const char *comment,
+			   const char *parameters,
+			   uint32_t rid,
+			   uint32_t primary_gid,
+			   uint32_t acct_flags,
+			   uint32_t fields_present,
+			   struct samr_LogonHours logon_hours,
+			   uint16_t bad_password_count,
+			   uint16_t logon_count,
+			   uint16_t country_code,
+			   uint16_t code_page,
+			   uint8_t nt_password_set,
+			   uint8_t lm_password_set,
+			   uint8_t password_expired,
+			   uint8_t data[516],
+			   uint8_t pw_len)
+{
+	init_samr_user_info21(&r->info,
+			      last_logon,
+			      last_logoff,
+			      last_password_change,
+			      acct_expiry,
+			      allow_password_change,
+			      force_password_change,
+			      account_name,
+			      full_name,
+			      home_directory,
+			      home_drive,
+			      logon_script,
+			      profile_path,
+			      description,
+			      workstations,
+			      comment,
+			      parameters,
+			      rid,
+			      primary_gid,
+			      acct_flags,
+			      fields_present,
+			      logon_hours,
+			      bad_password_count,
+			      logon_count,
+			      country_code,
+			      code_page,
+			      nt_password_set,
+			      lm_password_set,
+			      password_expired);
+
+	memcpy(r->password.data, data, sizeof(r->password.data));
+}
+
+/*************************************************************************
+ init_samr_user_info24
+ *************************************************************************/
+
+void init_samr_user_info24(struct samr_UserInfo24 *r,
+			   uint8_t data[516],
+			   uint8_t pw_len)
+{
+	DEBUG(10, ("init_samr_user_info24:\n"));
+
+	memcpy(r->password.data, data, sizeof(r->password.data));
+	r->pw_len = pw_len;
+}
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 4e3eedc681..968ae9d9b5 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -660,8 +660,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
 
 	if (argc == 2) {
 
-		SAM_USERINFO_CTR ctr;
-		SAM_USER_INFO_24 p24;
+		union samr_UserInfo info;
 		uchar pwbuf[516];
 
 		result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
@@ -687,18 +686,17 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
 
 		/* Set password on account */
 
-		ZERO_STRUCT(ctr);
-		ZERO_STRUCT(p24);
-
 		encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
 
-		init_sam_user_info24(&p24, (char *)pwbuf,24);
+		init_samr_user_info24(&info.info24, pwbuf, 24);
 
-		ctr.switch_value = 24;
-		ctr.info.id24 = &p24;
+		SamOEMhashBlob(info.info24.password.data, 516,
+			       &cli->user_session_key);
 
-		result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, 
-					       &cli->user_session_key, &ctr);
+		result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+						  &user_pol,
+						  24,
+						  &info);
 
 		if (!NT_STATUS_IS_OK(result)) {
 			d_fprintf(stderr, "Failed to set password for user %s - %s\n", 
@@ -876,9 +874,6 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	uint32 info_level = 7;
 	const char *old_name, *new_name;
-	SAM_USERINFO_CTR *user_ctr;
-	SAM_USERINFO_CTR ctr;
-	SAM_USER_INFO_7 info7;
 	struct samr_Ids user_rids, name_types;
 	struct lsa_String lsa_acct_name;
 	union samr_UserInfo *info = NULL;
@@ -892,9 +887,6 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
 	old_name = argv[0];
 	new_name = argv[1];
 
-	ZERO_STRUCT(ctr);
-	ZERO_STRUCT(user_ctr);
-
 	/* Get sam policy handle */
 
 	result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
@@ -950,14 +942,13 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
 		goto done;
 	}
 
-	ctr.switch_value = info_level;
-	ctr.info.id7 = &info7;
-
-	init_sam_user_info7(&info7, new_name);
+	init_samr_user_info7(&info->info7, new_name);
 
 	/* Set new name */
-	result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol,
-				       info_level, &cli->user_session_key, &ctr);
+	result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+					  &user_pol,
+					  info_level,
+					  info);
 
 	if (!NT_STATUS_IS_OK(result)) {
 		goto done;
@@ -1031,12 +1022,11 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
 {
 	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 	POLICY_HND connect_pol, domain_pol, user_pol;
-	SAM_USERINFO_CTR ctr;
-	SAM_USER_INFO_24 p24;
 	uchar pwbuf[516];
 	const char *user;
 	const char *new_password;
 	char *prompt = NULL;
+	union samr_UserInfo info;
 
 	if (argc < 1) {
 		d_printf("User must be specified\n");
@@ -1106,18 +1096,17 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
 
 	/* Set password on account */
 
-	ZERO_STRUCT(ctr);
-	ZERO_STRUCT(p24);
-
 	encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
 
-	init_sam_user_info24(&p24, (char *)pwbuf,24);
+	init_samr_user_info24(&info.info24, pwbuf, 24);
 
-	ctr.switch_value = 24;
-	ctr.info.id24 = &p24;
+	SamOEMhashBlob(info.info24.password.data, 516,
+		       &cli->user_session_key);
 
-	result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, 
-				       &cli->user_session_key, &ctr);
+	result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+					  &user_pol,
+					  24,
+					  &info);
 
 	if (!NT_STATUS_IS_OK(result)) {
 		goto done;
@@ -5600,6 +5589,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 	uint32 acct_flags=0;
 	uint32 user_rid;
 	uint32_t access_granted = 0;
+	union samr_UserInfo info;
 
 	if (argc != 2) {
 		d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
@@ -5658,36 +5648,41 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 	}
 
 	{
-		SAM_USERINFO_CTR ctr;
-		SAM_USER_INFO_23 p23;
 		NTTIME notime;
-		char nostr[] = "";
-		LOGON_HRS hrs;
+		struct samr_LogonHours hours;
+		const int units_per_week = 168;
 		uchar pwbuf[516];
 
 		encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
 
-		ZERO_STRUCT(ctr);
-		ZERO_STRUCT(p23);
 		ZERO_STRUCT(notime);
-		hrs.max_len = 1260;
-		hrs.offset = 0;
-		hrs.len = 21;
-		memset(hrs.hours, 0xFF, sizeof(hrs.hours));
-		acb_info = ACB_DOMTRUST;
-
-		init_sam_user_info23A(&p23, &notime, &notime, &notime,
-				      &notime, &notime, &notime,
-				      nostr, nostr, nostr, nostr, nostr,
-				      nostr, nostr, nostr, nostr, nostr,
-				      0, 0, acb_info, SAMR_FIELD_ACCT_FLAGS, 168, &hrs,
-				      0, 0, (char *)pwbuf);
-		ctr.switch_value = 23;
-		ctr.info.id23 = &p23;
-		p23.passmustchange = 0;
-
-		result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 23,
-					       &cli->user_session_key, &ctr);
+
+		ZERO_STRUCT(hours);
+		hours.bits = talloc_array(mem_ctx, uint8_t, units_per_week);
+		if (!hours.bits) {
+			result = NT_STATUS_NO_MEMORY;
+			goto done;
+		}
+		hours.units_per_week = units_per_week;
+		memset(hours.bits, 0xFF, units_per_week);
+
+		init_samr_user_info23(&info.info23,
+				      notime, notime, notime,
+				      notime, notime, notime,
+				      NULL, NULL, NULL, NULL, NULL,
+				      NULL, NULL, NULL, NULL, NULL,
+				      0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
+				      hours,
+				      0, 0, 0, 0, 0, 0, 0,
+				      pwbuf, 24);
+
+		SamOEMhashBlob(info.info23.password.data, 516,
+			       &cli->user_session_key);
+
+		result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+						  &user_pol,
+						  23,
+						  &info);
 
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(0,("Could not set trust account password: %s\n",
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index f94e08edef..a20dc9a0c4 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -152,8 +152,6 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 
 	char *clear_trust_password = NULL;
 	uchar pwbuf[516];
-	SAM_USERINFO_CTR ctr;
-	SAM_USER_INFO_24 p24;
 	uchar md4_trust_password[16];
 	union samr_UserInfo set_info;
 
@@ -344,16 +342,15 @@ int net_rpc_join_newstyle(int argc, const char **argv)
 
 	/* Set password on machine account */
 
-	ZERO_STRUCT(ctr);
-	ZERO_STRUCT(p24);
+	init_samr_user_info24(&set_info.info24, pwbuf, 24);
 
-	init_sam_user_info24(&p24, (char *)pwbuf,24);
+	SamOEMhashBlob(set_info.info24.password.data, 516,
+		       &cli->user_session_key);
 
-	ctr.switch_value = 24;
-	ctr.info.id24 = &p24;
-
-	CHECK_RPC_ERR(rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24, 
-					    &cli->user_session_key, &ctr),
+	CHECK_RPC_ERR(rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+					       &user_pol,
+					       24,
+					       &set_info),
 		      "error setting trust account password");
 
 	/* Why do we have to try to (re-)set the ACB to be the same as what