summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_client/init_samr.c83
-rw-r--r--source3/utils/net_rpc.c107
-rw-r--r--source3/utils/net_rpc_join.c17
3 files changed, 141 insertions, 66 deletions
diff --git a/source3/rpc_client/init_samr.c b/source3/rpc_client/init_samr.c
index a61ddb5db1..0e22e77b65 100644
--- a/source3/rpc_client/init_samr.c
+++ b/source3/rpc_client/init_samr.c
@@ -385,3 +385,86 @@ void init_samr_user_info21(struct samr_UserInfo21 *r,
r->lm_password_set = lm_password_set;
r->password_expired = password_expired;
}
+
+/*************************************************************************
+ init_samr_user_info23
+ *************************************************************************/
+
+void init_samr_user_info23(struct samr_UserInfo23 *r,
+ NTTIME last_logon,
+ NTTIME last_logoff,
+ NTTIME last_password_change,
+ NTTIME acct_expiry,
+ NTTIME allow_password_change,
+ NTTIME force_password_change,
+ const char *account_name,
+ const char *full_name,
+ const char *home_directory,
+ const char *home_drive,
+ const char *logon_script,
+ const char *profile_path,
+ const char *description,
+ const char *workstations,
+ const char *comment,
+ const char *parameters,
+ uint32_t rid,
+ uint32_t primary_gid,
+ uint32_t acct_flags,
+ uint32_t fields_present,
+ struct samr_LogonHours logon_hours,
+ uint16_t bad_password_count,
+ uint16_t logon_count,
+ uint16_t country_code,
+ uint16_t code_page,
+ uint8_t nt_password_set,
+ uint8_t lm_password_set,
+ uint8_t password_expired,
+ uint8_t data[516],
+ uint8_t pw_len)
+{
+ init_samr_user_info21(&r->info,
+ last_logon,
+ last_logoff,
+ last_password_change,
+ acct_expiry,
+ allow_password_change,
+ force_password_change,
+ account_name,
+ full_name,
+ home_directory,
+ home_drive,
+ logon_script,
+ profile_path,
+ description,
+ workstations,
+ comment,
+ parameters,
+ rid,
+ primary_gid,
+ acct_flags,
+ fields_present,
+ logon_hours,
+ bad_password_count,
+ logon_count,
+ country_code,
+ code_page,
+ nt_password_set,
+ lm_password_set,
+ password_expired);
+
+ memcpy(r->password.data, data, sizeof(r->password.data));
+}
+
+/*************************************************************************
+ init_samr_user_info24
+ *************************************************************************/
+
+void init_samr_user_info24(struct samr_UserInfo24 *r,
+ uint8_t data[516],
+ uint8_t pw_len)
+{
+ DEBUG(10, ("init_samr_user_info24:\n"));
+
+ memcpy(r->password.data, data, sizeof(r->password.data));
+ r->pw_len = pw_len;
+}
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 4e3eedc681..968ae9d9b5 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -660,8 +660,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
if (argc == 2) {
- SAM_USERINFO_CTR ctr;
- SAM_USER_INFO_24 p24;
+ union samr_UserInfo info;
uchar pwbuf[516];
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
@@ -687,18 +686,17 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
/* Set password on account */
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(p24);
-
encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
- init_sam_user_info24(&p24, (char *)pwbuf,24);
+ init_samr_user_info24(&info.info24, pwbuf, 24);
- ctr.switch_value = 24;
- ctr.info.id24 = &p24;
+ SamOEMhashBlob(info.info24.password.data, 516,
+ &cli->user_session_key);
- result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24,
- &cli->user_session_key, &ctr);
+ result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ 24,
+ &info);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Failed to set password for user %s - %s\n",
@@ -876,9 +874,6 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 info_level = 7;
const char *old_name, *new_name;
- SAM_USERINFO_CTR *user_ctr;
- SAM_USERINFO_CTR ctr;
- SAM_USER_INFO_7 info7;
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
union samr_UserInfo *info = NULL;
@@ -892,9 +887,6 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
old_name = argv[0];
new_name = argv[1];
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(user_ctr);
-
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
@@ -950,14 +942,13 @@ static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
goto done;
}
- ctr.switch_value = info_level;
- ctr.info.id7 = &info7;
-
- init_sam_user_info7(&info7, new_name);
+ init_samr_user_info7(&info->info7, new_name);
/* Set new name */
- result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol,
- info_level, &cli->user_session_key, &ctr);
+ result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ info_level,
+ info);
if (!NT_STATUS_IS_OK(result)) {
goto done;
@@ -1031,12 +1022,11 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND connect_pol, domain_pol, user_pol;
- SAM_USERINFO_CTR ctr;
- SAM_USER_INFO_24 p24;
uchar pwbuf[516];
const char *user;
const char *new_password;
char *prompt = NULL;
+ union samr_UserInfo info;
if (argc < 1) {
d_printf("User must be specified\n");
@@ -1106,18 +1096,17 @@ static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
/* Set password on account */
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(p24);
-
encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
- init_sam_user_info24(&p24, (char *)pwbuf,24);
+ init_samr_user_info24(&info.info24, pwbuf, 24);
- ctr.switch_value = 24;
- ctr.info.id24 = &p24;
+ SamOEMhashBlob(info.info24.password.data, 516,
+ &cli->user_session_key);
- result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24,
- &cli->user_session_key, &ctr);
+ result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ 24,
+ &info);
if (!NT_STATUS_IS_OK(result)) {
goto done;
@@ -5600,6 +5589,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
uint32 acct_flags=0;
uint32 user_rid;
uint32_t access_granted = 0;
+ union samr_UserInfo info;
if (argc != 2) {
d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
@@ -5658,36 +5648,41 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
}
{
- SAM_USERINFO_CTR ctr;
- SAM_USER_INFO_23 p23;
NTTIME notime;
- char nostr[] = "";
- LOGON_HRS hrs;
+ struct samr_LogonHours hours;
+ const int units_per_week = 168;
uchar pwbuf[516];
encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(p23);
ZERO_STRUCT(notime);
- hrs.max_len = 1260;
- hrs.offset = 0;
- hrs.len = 21;
- memset(hrs.hours, 0xFF, sizeof(hrs.hours));
- acb_info = ACB_DOMTRUST;
-
- init_sam_user_info23A(&p23, &notime, &notime, &notime,
- &notime, &notime, &notime,
- nostr, nostr, nostr, nostr, nostr,
- nostr, nostr, nostr, nostr, nostr,
- 0, 0, acb_info, SAMR_FIELD_ACCT_FLAGS, 168, &hrs,
- 0, 0, (char *)pwbuf);
- ctr.switch_value = 23;
- ctr.info.id23 = &p23;
- p23.passmustchange = 0;
-
- result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 23,
- &cli->user_session_key, &ctr);
+
+ ZERO_STRUCT(hours);
+ hours.bits = talloc_array(mem_ctx, uint8_t, units_per_week);
+ if (!hours.bits) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ hours.units_per_week = units_per_week;
+ memset(hours.bits, 0xFF, units_per_week);
+
+ init_samr_user_info23(&info.info23,
+ notime, notime, notime,
+ notime, notime, notime,
+ NULL, NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL, NULL,
+ 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
+ hours,
+ 0, 0, 0, 0, 0, 0, 0,
+ pwbuf, 24);
+
+ SamOEMhashBlob(info.info23.password.data, 516,
+ &cli->user_session_key);
+
+ result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ 23,
+ &info);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0,("Could not set trust account password: %s\n",
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index f94e08edef..a20dc9a0c4 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -152,8 +152,6 @@ int net_rpc_join_newstyle(int argc, const char **argv)
char *clear_trust_password = NULL;
uchar pwbuf[516];
- SAM_USERINFO_CTR ctr;
- SAM_USER_INFO_24 p24;
uchar md4_trust_password[16];
union samr_UserInfo set_info;
@@ -344,16 +342,15 @@ int net_rpc_join_newstyle(int argc, const char **argv)
/* Set password on machine account */
- ZERO_STRUCT(ctr);
- ZERO_STRUCT(p24);
+ init_samr_user_info24(&set_info.info24, pwbuf, 24);
- init_sam_user_info24(&p24, (char *)pwbuf,24);
+ SamOEMhashBlob(set_info.info24.password.data, 516,
+ &cli->user_session_key);
- ctr.switch_value = 24;
- ctr.info.id24 = &p24;
-
- CHECK_RPC_ERR(rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24,
- &cli->user_session_key, &ctr),
+ CHECK_RPC_ERR(rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ &user_pol,
+ 24,
+ &set_info),
"error setting trust account password");
/* Why do we have to try to (re-)set the ACB to be the same as what