diff options
| -rw-r--r-- | source3/Makefile.in | 2 | ||||
| -rw-r--r-- | source3/include/gums.h | 92 | ||||
| -rw-r--r-- | source3/include/passdb.h | 38 | ||||
| -rw-r--r-- | source3/include/rpc_samr.h | 5 | ||||
| -rw-r--r-- | source3/include/tdbsam2.h | 150 | ||||
| -rw-r--r-- | source3/include/tdbsam2_parse_info.h | 225 | ||||
| -rw-r--r-- | source3/passdb/passdb.c | 20 | ||||
| -rw-r--r-- | source3/passdb/pdb_get_set.c | 26 | ||||
| -rw-r--r-- | source3/passdb/pdb_gums.c | 7 | ||||
| -rw-r--r-- | source3/passdb/pdb_ldap.c | 2 | ||||
| -rw-r--r-- | source3/passdb/pdb_mysql.c | 1 | ||||
| -rw-r--r-- | source3/passdb/pdb_pgsql.c | 1 | ||||
| -rw-r--r-- | source3/passdb/pdb_sql.c | 3 | ||||
| -rw-r--r-- | source3/passdb/pdb_xml.c | 6 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_samr.c | 36 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_util.c | 274 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_samr.c | 2 | ||||
| -rw-r--r-- | source3/sam/gums_api.c | 20 | ||||
| -rw-r--r-- | source3/sam/gums_helper.c | 6 | ||||
| -rw-r--r-- | source3/sam/gums_tdbsam2.c | 651 |
20 files changed, 673 insertions, 894 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 1bd3392f02..6d69e03e5f 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1423,7 +1423,7 @@ include/tdbsam2_parse_info.h: @if test -n "$(PERL)"; then \ cd $(srcdir) && @PERL@ -w script/genstruct.pl \ -o include/tdbsam2_parse_info.h $(CC) -E -O2 -g \ - include/tdbsam2.h; \ + include/gums.h; \ else \ echo Unable to build $@, continuing; \ fi diff --git a/source3/include/gums.h b/source3/include/gums.h index 9ce2ec4e56..d16a839bc4 100644 --- a/source3/include/gums.h +++ b/source3/include/gums.h @@ -24,13 +24,13 @@ #define GUMS_VERSION_MAJOR 0 #define GUMS_VERSION_MINOR 1 #define GUMS_OBJECT_VERSION 1 +#define GUMS_PRIVILEGE_VERSION 1 #define GUMS_INTERFACE_VERSION 1 #define GUMS_OBJ_DOMAIN 0x10 #define GUMS_OBJ_NORMAL_USER 0x20 #define GUMS_OBJ_GROUP 0x30 #define GUMS_OBJ_ALIAS 0x31 -#define GUMS_OBJ_PRIVILEGE 0x40 /* define value types */ #define GUMS_SET_PRIMARY_GROUP 0x1 @@ -79,7 +79,7 @@ #define GUMS_DEL_SID_LIST 0x61 #define GUMS_SET_SID_LIST 0x62 -typedef struct gums_user +GENSTRUCT struct gums_user { DOM_SID *group_sid; /* Primary Group SID */ @@ -90,14 +90,14 @@ typedef struct gums_user NTTIME pass_can_change_time; /* password can change time */ NTTIME pass_must_change_time; /* password must change time */ - char *full_name; /* user's full name string */ - char *home_dir; /* home directory string */ - char *dir_drive; /* home directory drive string */ - char *logon_script; /* logon script string */ - char *profile_path; /* profile path string */ - char *workstations; /* login from workstations string */ - char *unknown_str; /* don't know what this is, yet. */ - char *munged_dial; /* munged path name and dial-back tel number */ + char *full_name; _NULLTERM /* user's full name string */ + char *home_dir; _NULLTERM /* home directory string */ + char *dir_drive; _NULLTERM /* home directory drive string */ + char *logon_script; _NULLTERM /* logon script string */ + char *profile_path; _NULLTERM /* profile path string */ + char *workstations; _NULLTERM /* login from workstations string */ + char *unknown_str; _NULLTERM /* don't know what this is, yet. */ + char *munged_dial; _NULLTERM /* munged path name and dial-back tel number */ DATA_BLOB lm_pw; /* .data is Null if no password */ DATA_BLOB nt_pw; /* .data is Null if no password */ @@ -105,61 +105,70 @@ typedef struct gums_user uint16 acct_ctrl; /* account type & status flags */ uint16 logon_divs; /* 168 - number of hours in a week */ uint32 hours_len; /* normally 21 bytes */ - uint8 *hours; + uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */ uint16 bad_password_count; /* 0 */ uint16 logon_count; /* 0 */ uint32 unknown_3; /* 0x00ff ffff */ uint32 unknown_6; /* 0x0000 04ec */ -} GUMS_USER; +}; -typedef struct gums_group +GENSTRUCT struct gums_group { uint32 count; /* Number of SIDs */ - DOM_SID *members; /* SID array */ + DOM_SID *members; _LEN(count) /* SID array */ -} GUMS_GROUP; +}; -typedef struct gums_domain +GENSTRUCT struct gums_domain { uint32 next_rid; -} GUMS_DOMAIN; +}; -typedef struct gums_privilege +GENSTRUCT struct gums_object { - LUID_ATTR *privilege; /* Privilege Type */ + TALLOC_CTX *mem_ctx; - uint32 count; - DOM_SID *members; + uint32 type; /* Object Type */ + uint32 version; /* Object Version */ + uint32 seq_num; /* Object Sequence Number */ + + SEC_DESC *sec_desc; /* Security Descriptor */ + + DOM_SID *sid; /* Object Sid */ + char *name; _NULLTERM /* Object Name - it should be in DOMAIN\NAME format */ + char *description; _NULLTERM /* Object Description */ -} GUMS_PRIVILEGE; + struct gums_user *user; + struct gums_group *group; + struct gums_domain *domain; -union gums_obj_p { - GUMS_USER *user; - GUMS_GROUP *group; - GUMS_DOMAIN *domain; - GUMS_PRIVILEGE *priv; }; -typedef struct gums_object +GENSTRUCT struct gums_privilege { TALLOC_CTX *mem_ctx; - uint32 type; /* Object Type */ uint32 version; /* Object Version */ uint32 seq_num; /* Object Sequence Number */ - SEC_DESC *sec_desc; /* Security Descriptor */ + char *name; _NULLTERM /* Object Name */ + char *description; _NULLTERM /* Object Description */ - DOM_SID *sid; /* Object Sid */ - char *name; /* Object Name */ - char *description; /* Object Description */ + LUID_ATTR *privilege; /* Privilege Type */ - union gums_obj_p data; /* Object Specific data */ + uint32 count; + DOM_SID *members; _LEN(count) + +}; -} GUMS_OBJECT; +typedef struct gums_user GUMS_USER; +typedef struct gums_group GUMS_GROUP; +typedef struct gums_domain GUMS_DOMAIN; +typedef struct gums_object GUMS_OBJECT; +typedef struct gums_privilege GUMS_PRIVILEGE; typedef struct gums_data_set { @@ -210,7 +219,7 @@ typedef struct gums_functions NTSTATUS (*delete_object) (const DOM_SID *sid); NTSTATUS (*get_object_from_sid) (GUMS_OBJECT **object, const DOM_SID *sid, const int obj_type); - NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *name, const int obj_type); + NTSTATUS (*get_object_from_name) (GUMS_OBJECT **object, const char *domain, const char *name, const int obj_type); /* This function is used to get the list of all objects changed since b_time, it is used to support PDC<->BDC synchronization */ NTSTATUS (*get_updated_objects) (GUMS_OBJECT **objects, const NTTIME base_time); @@ -221,7 +230,7 @@ typedef struct gums_functions /* This function MUST be used ONLY by PDC<->BDC replication code or recovery tools. Never use this function to update an object in the database, use set_object_values() */ - NTSTATUS (*set_object) (const GUMS_OBJECT *object); + NTSTATUS (*set_object) (GUMS_OBJECT *object); /* set object values function */ NTSTATUS (*set_object_values) (DOM_SID *sid, uint32 count, GUMS_DATA_SET *data_set); @@ -238,10 +247,11 @@ typedef struct gums_functions /* privileges related functions */ - NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); - NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); - NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); + NTSTATUS (*get_privilege) (GUMS_OBJECT **object, const char *name); + NTSTATUS (*add_members_to_privilege) (const char *name, const DOM_SID **members); + NTSTATUS (*delete_members_from_privilege) (const char *name, const DOM_SID **members); + NTSTATUS (*enumerate_privilege_members) (const char *name, DOM_SID **members); + NTSTATUS (*get_sid_privileges) (const DOM_SID *sid, const char **privs); /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); diff --git a/source3/include/passdb.h b/source3/include/passdb.h index c12cf10cf2..add286816c 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -26,6 +26,42 @@ /* + * fields_present flags meanings + * same names as found in samba4 idl files + */ + +#define ACCT_USERNAME 0x00000001 +#define ACCT_FULL_NAME 0x00000002 +#define ACCT_RID 0x00000004 +#define ACCT_PRIMARY_GID 0x00000008 +#define ACCT_ADMIN_DESC 0x00000010 +#define ACCT_DESCRIPTION 0x00000020 +#define ACCT_HOME_DIR 0x00000040 +#define ACCT_HOME_DRIVE 0x00000080 +#define ACCT_LOGON_SCRIPT 0x00000100 +#define ACCT_PROFILE 0x00000200 +#define ACCT_WORKSTATIONS 0x00000400 +#define ACCT_LAST_LOGON 0x00000800 +#define ACCT_LAST_LOGOFF 0x00001000 +#define ACCT_LOGON_HOURS 0x00002000 +#define ACCT_BAD_PWD_COUNT 0x00004000 +#define ACCT_NUM_LOGONS 0x00008000 +#define ACCT_ALLOW_PWD_CHANGE 0x00010000 +#define ACCT_FORCE_PWD_CHANGE 0x00020000 +#define ACCT_LAST_PWD_CHANGE 0x00040000 +#define ACCT_EXPIRY 0x00080000 +#define ACCT_FLAGS 0x00100000 +#define ACCT_CALLBACK 0x00200001 +#define ACCT_COUNTRY_CODE 0x00400000 +#define ACCT_CODE_PAGE 0x00800000 +#define ACCT_NT_PWD_SET 0x01000000 +#define ACCT_LM_PWD_SET 0x02000000 +#define ACCT_PRIVATEDATA 0x04000000 +#define ACCT_EXPIRED_FLAG 0x08000000 +#define ACCT_SEC_DESC 0x10000000 +#define ACCT_OWF_PWD 0x20000000 + +/* * bit flags representing initialized fields in SAM_ACCOUNT */ enum pdb_elements { @@ -140,7 +176,7 @@ typedef struct sam_passwd char* plaintext_pw; /* is Null if not available */ uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_3; /* 0x00ff ffff */ + uint32 fields_present; /* 0x00ff ffff */ uint16 logon_divs; /* 168 - number of hours in a week */ uint32 hours_len; /* normally 21 bytes */ diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h index 787535d0e9..a8ca504c8f 100644 --- a/source3/include/rpc_samr.h +++ b/source3/include/rpc_samr.h @@ -183,7 +183,7 @@ typedef struct sam_user_info_23 uint32 acb_info; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_3; /* 0x09f8 27fa */ + uint32 fields_present; /* 0x09f8 27fa */ uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */ /* uint8 pad[2] */ @@ -308,7 +308,8 @@ typedef struct sam_user_info_21 uint32 acb_info; /* account info (ACB_xxxx bit-mask) */ - uint32 unknown_3; /* 0x00ff ffff */ + /* Was unknown_3 */ + uint32 fields_present; /* 0x00ff ffff */ uint16 logon_divs; /* 0x0000 00a8 which is 168 which is num hrs in a week */ /* uint8 pad[2] */ diff --git a/source3/include/tdbsam2.h b/source3/include/tdbsam2.h deleted file mode 100644 index b99e16586b..0000000000 --- a/source3/include/tdbsam2.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * tdbsam2 genstruct enabled header file - * Copyright (C) Simo Sorce 2002 - * - * This program is free software; you can redistribute it and/or modify it under - * the terms of the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 675 - * Mass Ave, Cambridge, MA 02139, USA. - */ - -/* ALL strings assumes UTF8 as encoding */ - -#ifndef TDBSAM2_H -#define TDBSAM2_H - -/* IMPORTANT: these structures must follow closely the GUMS_OBJECTs - * structures as they will be casted over !! - * the GUMS_OBJECT union is unrolled here into four tdbsam2 - * objects cause genstruct is not able to follow arbitrary unions */ - -GENSTRUCT struct domain_sub_structure -{ - uint32 next_rid; /* The Next free RID */ -}; - -GENSTRUCT struct tdbsam2_domain_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *dom_sid; /* The Domain SID */ - char *name; _NULLTERM /* NT Domain Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct domain_sub_structure *dss; -}; - -GENSTRUCT struct user_sub_structure -{ - DOM_SID *group_sid; /* The Primary Group SID */ - - NTTIME logon_time; - NTTIME logoff_time; - NTTIME kickoff_time; - NTTIME pass_last_set_time; - NTTIME pass_can_change_time; - NTTIME pass_must_change_time; - - char *full_name; _NULLTERM /* The Full Name */ - char *home_dir; _NULLTERM /* Home Directory */ - char *dir_drive; _NULLTERM /* Drive Letter the home should be mapped to */ - char *logon_script; _NULLTERM /* Logon script path */ - char *profile_path; _NULLTERM /* Profile is stored here */ - char *workstations; _NULLTERM /* List of Workstation names the user is allowed to LogIn */ - char *unknown_str; _NULLTERM /* Guess ... Unknown */ - char *munged_dial; _NULLTERM /* Callback Number */ - - DATA_BLOB lm_pw; /* .data is Null if no password */ - DATA_BLOB nt_pw; /* .data is Null if no password */ - - uint16 acct_ctrl; /* account flags */ - uint16 logon_divs; /* 168 - num of hours in a week */ - uint32 hours_len; /* normally 21 */ - uint8 *hours; _LEN(hours_len) /* normally 21 bytes (depends on hours_len) */ - - uint16 bad_password_count; /* 0 */ - uint16 logon_count; /* 0 */ - uint32 unknown_3; /* 0x00ff ffff */ - uint32 unknown_6; /* 0x0000 04ec */ -}; - -GENSTRUCT struct tdbsam2_user_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *user_sid; /* The User SID */ - char *name; _NULLTERM /* NT User Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct user_sub_structure *uss; -}; - -GENSTRUCT struct group_sub_structure -{ - uint32 count; /* number of sids */ - DOM_SID *members; _LEN(count) /* SID array */ -}; - -GENSTRUCT struct tdbsam2_group_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - SEC_DESC *sec_desc; /* Security Descriptor */ - - DOM_SID *group_sid; /* The Group SID */ - char *name; _NULLTERM /* NT Group Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct group_sub_structure *gss; -}; - -GENSTRUCT struct priv_sub_structure -{ - LUID_ATTR *privilege; /* Privilege */ - - uint32 count; /* number of sids */ - DOM_SID *members; _LEN(count) /* SID array */ -}; - -GENSTRUCT struct tdbsam2_priv_data -{ - TALLOC_CTX *mem_ctx; - - uint32 type; - uint32 version; - uint32 xcounter; /* counter to be updated at any change */ - - DOM_SID *null_sid; - char *name; _NULLTERM /* Privilege Name */ - char *description; _NULLTERM /* Descritpion (Gecos) */ - - struct priv_sub_structure *pss; -}; - -#endif /* TDBSAM2_H */ diff --git a/source3/include/tdbsam2_parse_info.h b/source3/include/tdbsam2_parse_info.h index f1b2936c47..abaa2b142a 100644 --- a/source3/include/tdbsam2_parse_info.h +++ b/source3/include/tdbsam2_parse_info.h @@ -1,164 +1,109 @@ /* This is an automatically generated file - DO NOT EDIT! */ -int gen_dump_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_domain_sub_structure[] = { -{"next_rid", 0, sizeof(uint32), offsetof(struct domain_sub_structure, next_rid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +int gen_dump_struct_gums_user(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); +int gen_parse_struct_gums_user(TALLOC_CTX *mem_ctx, char *, const char *); +static const struct parse_struct pinfo_gums_user[] = { +{"group_sid", 1, sizeof(DOM_SID), offsetof(struct gums_user, group_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, +{"logon_time", 0, sizeof(NTTIME), offsetof(struct gums_user, logon_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"logoff_time", 0, sizeof(NTTIME), offsetof(struct gums_user, logoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"kickoff_time", 0, sizeof(NTTIME), offsetof(struct gums_user, kickoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"pass_last_set_time", 0, sizeof(NTTIME), offsetof(struct gums_user, pass_last_set_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"pass_can_change_time", 0, sizeof(NTTIME), offsetof(struct gums_user, pass_can_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"pass_must_change_time", 0, sizeof(NTTIME), offsetof(struct gums_user, pass_must_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, +{"full_name", 1, sizeof(char), offsetof(struct gums_user, full_name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"home_dir", 1, sizeof(char), offsetof(struct gums_user, home_dir), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"dir_drive", 1, sizeof(char), offsetof(struct gums_user, dir_drive), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"logon_script", 1, sizeof(char), offsetof(struct gums_user, logon_script), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"profile_path", 1, sizeof(char), offsetof(struct gums_user, profile_path), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"workstations", 1, sizeof(char), offsetof(struct gums_user, workstations), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"unknown_str", 1, sizeof(char), offsetof(struct gums_user, unknown_str), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"munged_dial", 1, sizeof(char), offsetof(struct gums_user, munged_dial), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"lm_pw", 0, sizeof(DATA_BLOB), offsetof(struct gums_user, lm_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, +{"nt_pw", 0, sizeof(DATA_BLOB), offsetof(struct gums_user, nt_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, +{"acct_ctrl", 0, sizeof(uint16), offsetof(struct gums_user, acct_ctrl), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, +{"logon_divs", 0, sizeof(uint16), offsetof(struct gums_user, logon_divs), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, +{"hours_len", 0, sizeof(uint32), offsetof(struct gums_user, hours_len), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"hours", 1, sizeof(uint8), offsetof(struct gums_user, hours), 0, "hours_len", 0, gen_dump_uint8, gen_parse_uint8}, +{"bad_password_count", 0, sizeof(uint16), offsetof(struct gums_user, bad_password_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, +{"logon_count", 0, sizeof(uint16), offsetof(struct gums_user, logon_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, +{"unknown_3", 0, sizeof(uint32), offsetof(struct gums_user, unknown_3), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"unknown_6", 0, sizeof(uint32), offsetof(struct gums_user, unknown_6), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; -int gen_dump_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_domain_sub_structure, p, ptr, indent); +int gen_dump_struct_gums_user(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { + return gen_dump_struct(mem_ctx, pinfo_gums_user, p, ptr, indent); } -int gen_parse_struct_domain_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_domain_sub_structure, ptr, str); +int gen_parse_struct_gums_user(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { + return gen_parse_struct(mem_ctx, pinfo_gums_user, ptr, str); } -int gen_dump_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_domain_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_domain_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_domain_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_domain_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"dom_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_domain_data, dom_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_domain_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_domain_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"dss", 1, sizeof(struct domain_sub_structure), offsetof(struct tdbsam2_domain_data, dss), 0, NULL, 0, gen_dump_struct_domain_sub_structure, gen_parse_struct_domain_sub_structure}, +int gen_dump_struct_gums_group(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); +int gen_parse_struct_gums_group(TALLOC_CTX *mem_ctx, char *, const char *); +static const struct parse_struct pinfo_gums_group[] = { +{"count", 0, sizeof(uint32), offsetof(struct gums_group, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"members", 1, sizeof(DOM_SID), offsetof(struct gums_group, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; -int gen_dump_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_domain_data, p, ptr, indent); +int gen_dump_struct_gums_group(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { + return gen_dump_struct(mem_ctx, pinfo_gums_group, p, ptr, indent); } -int gen_parse_struct_tdbsam2_domain_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_domain_data, ptr, str); +int gen_parse_struct_gums_group(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { + return gen_parse_struct(mem_ctx, pinfo_gums_group, ptr, str); } -int gen_dump_struct_user_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_user_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_user_sub_structure[] = { -{"group_sid", 1, sizeof(DOM_SID), offsetof(struct user_sub_structure, group_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"logon_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, logon_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"logoff_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, logoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"kickoff_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, kickoff_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_last_set_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_last_set_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_can_change_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_can_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"pass_must_change_time", 0, sizeof(NTTIME), offsetof(struct user_sub_structure, pass_must_change_time), 0, NULL, 0, gen_dump_NTTIME, gen_parse_NTTIME}, -{"full_name", 1, sizeof(char), offsetof(struct user_sub_structure, full_name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"home_dir", 1, sizeof(char), offsetof(struct user_sub_structure, home_dir), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"dir_drive", 1, sizeof(char), offsetof(struct user_sub_structure, dir_drive), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"logon_script", 1, sizeof(char), offsetof(struct user_sub_structure, logon_script), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"profile_path", 1, sizeof(char), offsetof(struct user_sub_structure, profile_path), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"workstations", 1, sizeof(char), offsetof(struct user_sub_structure, workstations), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"unknown_str", 1, sizeof(char), offsetof(struct user_sub_structure, unknown_str), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"munged_dial", 1, sizeof(char), offsetof(struct user_sub_structure, munged_dial), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"lm_pw", 0, sizeof(DATA_BLOB), offsetof(struct user_sub_structure, lm_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, -{"nt_pw", 0, sizeof(DATA_BLOB), offsetof(struct user_sub_structure, nt_pw), 0, NULL, 0, gen_dump_DATA_BLOB, gen_parse_DATA_BLOB}, -{"acct_ctrl", 0, sizeof(uint16), offsetof(struct user_sub_structure, acct_ctrl), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"logon_divs", 0, sizeof(uint16), offsetof(struct user_sub_structure, logon_divs), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"hours_len", 0, sizeof(uint32), offsetof(struct user_sub_structure, hours_len), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"hours", 1, sizeof(uint8), offsetof(struct user_sub_structure, hours), 0, "hours_len", 0, gen_dump_uint8, gen_parse_uint8}, -{"bad_password_count", 0, sizeof(uint16), offsetof(struct user_sub_structure, bad_password_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"logon_count", 0, sizeof(uint16), offsetof(struct user_sub_structure, logon_count), 0, NULL, 0, gen_dump_uint16, gen_parse_uint16}, -{"unknown_3", 0, sizeof(uint32), offsetof(struct user_sub_structure, unknown_3), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"unknown_6", 0, sizeof(uint32), offsetof(struct user_sub_structure, unknown_6), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +int gen_dump_struct_gums_domain(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); +int gen_parse_struct_gums_domain(TALLOC_CTX *mem_ctx, char *, const char *); +static const struct parse_struct pinfo_gums_domain[] = { +{"next_rid", 0, sizeof(uint32), offsetof(struct gums_domain, next_rid), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; -int gen_dump_struct_user_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_user_sub_structure, p, ptr, indent); -} -int gen_parse_struct_user_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_user_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_user_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_user_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_user_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_user_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"user_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_user_data, user_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_user_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_user_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"uss", 1, sizeof(struct user_sub_structure), offsetof(struct tdbsam2_user_data, uss), 0, NULL, 0, gen_dump_struct_user_sub_structure, gen_parse_struct_user_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_user_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_user_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_user_data, ptr, str); -} - -int gen_dump_struct_group_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_group_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_group_sub_structure[] = { -{"count", 0, sizeof(uint32), offsetof(struct group_sub_structure, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"members", 1, sizeof(DOM_SID), offsetof(struct group_sub_structure, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_group_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_group_sub_structure, p, ptr, indent); -} -int gen_parse_struct_group_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_group_sub_structure, ptr, str); -} - -int gen_dump_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_group_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_group_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_group_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct tdbsam2_group_data, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, -{"group_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_group_data, group_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_group_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_group_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"gss", 1, sizeof(struct group_sub_structure), offsetof(struct tdbsam2_group_data, gss), 0, NULL, 0, gen_dump_struct_group_sub_structure, gen_parse_struct_group_sub_structure}, -{NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; - -int gen_dump_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_group_data, p, ptr, indent); -} -int gen_parse_struct_tdbsam2_group_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_group_data, ptr, str); -} - -int gen_dump_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_priv_sub_structure[] = { -{"privilege", 1, sizeof(LUID_ATTR), offsetof(struct priv_sub_structure, privilege), 0, NULL, 0, gen_dump_LUID_ATTR, gen_parse_LUID_ATTR}, -{"count", 0, sizeof(uint32), offsetof(struct priv_sub_structure, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"members", 1, sizeof(DOM_SID), offsetof(struct priv_sub_structure, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, +int gen_dump_struct_gums_domain(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { + return gen_dump_struct(mem_ctx, pinfo_gums_domain, p, ptr, indent); +} +int gen_parse_struct_gums_domain(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { + return gen_parse_struct(mem_ctx, pinfo_gums_domain, ptr, str); +} + +int gen_dump_struct_gums_object(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); +int gen_parse_struct_gums_object(TALLOC_CTX *mem_ctx, char *, const char *); +static const struct parse_struct pinfo_gums_object[] = { +{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct gums_object, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, +{"type", 0, sizeof(uint32), offsetof(struct gums_object, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"version", 0, sizeof(uint32), offsetof(struct gums_object, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"seq_num", 0, sizeof(uint32), offsetof(struct gums_object, seq_num), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"sec_desc", 1, sizeof(SEC_DESC), offsetof(struct gums_object, sec_desc), 0, NULL, 0, gen_dump_SEC_DESC, gen_parse_SEC_DESC}, +{"sid", 1, sizeof(DOM_SID), offsetof(struct gums_object, sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, +{"name", 1, sizeof(char), offsetof(struct gums_object, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"description", 1, sizeof(char), offsetof(struct gums_object, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"user", 1, sizeof(struct gums_user), offsetof(struct gums_object, user), 0, NULL, 0, gen_dump_struct_gums_user, gen_parse_struct_gums_user}, +{"group", 1, sizeof(struct gums_group), offsetof(struct gums_object, group), 0, NULL, 0, gen_dump_struct_gums_group, gen_parse_struct_gums_group}, +{"domain", 1, sizeof(struct gums_domain), offsetof(struct gums_object, domain), 0, NULL, 0, gen_dump_struct_gums_domain, gen_parse_struct_gums_domain}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; -int gen_dump_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_priv_sub_structure, p, ptr, indent); +int gen_dump_struct_gums_object(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { + return gen_dump_struct(mem_ctx, pinfo_gums_object, p, ptr, indent); } -int gen_parse_struct_priv_sub_structure(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_priv_sub_structure, ptr, str); +int gen_parse_struct_gums_object(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { + return gen_parse_struct(mem_ctx, pinfo_gums_object, ptr, str); } -int gen_dump_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); -int gen_parse_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, char *, const char *); -static const struct parse_struct pinfo_tdbsam2_priv_data[] = { -{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct tdbsam2_priv_data, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, -{"type", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, type), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"version", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"xcounter", 0, sizeof(uint32), offsetof(struct tdbsam2_priv_data, xcounter), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, -{"null_sid", 1, sizeof(DOM_SID), offsetof(struct tdbsam2_priv_data, null_sid), 0, NULL, 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, -{"name", 1, sizeof(char), offsetof(struct tdbsam2_priv_data, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"description", 1, sizeof(char), offsetof(struct tdbsam2_priv_data, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, -{"pss", 1, sizeof(struct priv_sub_structure), offsetof(struct tdbsam2_priv_data, pss), 0, NULL, 0, gen_dump_struct_priv_sub_structure, gen_parse_struct_priv_sub_structure}, +int gen_dump_struct_gums_privilege(TALLOC_CTX *mem_ctx, struct parse_string *, const char *, unsigned); +int gen_parse_struct_gums_privilege(TALLOC_CTX *mem_ctx, char *, const char *); +static const struct parse_struct pinfo_gums_privilege[] = { +{"mem_ctx", 1, sizeof(TALLOC_CTX), offsetof(struct gums_privilege, mem_ctx), 0, NULL, 0, gen_dump_TALLOC_CTX, gen_parse_TALLOC_CTX}, +{"version", 0, sizeof(uint32), offsetof(struct gums_privilege, version), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"seq_num", 0, sizeof(uint32), offsetof(struct gums_privilege, seq_num), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"name", 1, sizeof(char), offsetof(struct gums_privilege, name), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"description", 1, sizeof(char), offsetof(struct gums_privilege, description), 0, NULL, FLAG_NULLTERM, gen_dump_char, gen_parse_char}, +{"privilege", 1, sizeof(LUID_ATTR), offsetof(struct gums_privilege, privilege), 0, NULL, 0, gen_dump_LUID_ATTR, gen_parse_LUID_ATTR}, +{"count", 0, sizeof(uint32), offsetof(struct gums_privilege, count), 0, NULL, 0, gen_dump_uint32, gen_parse_uint32}, +{"members", 1, sizeof(DOM_SID), offsetof(struct gums_privilege, members), 0, "count", 0, gen_dump_DOM_SID, gen_parse_DOM_SID}, {NULL, 0, 0, 0, 0, NULL, 0, NULL, NULL}}; -int gen_dump_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { - return gen_dump_struct(mem_ctx, pinfo_tdbsam2_priv_data, p, ptr, indent); +int gen_dump_struct_gums_privilege(TALLOC_CTX *mem_ctx, struct parse_string *p, const char *ptr, unsigned indent) { + return gen_dump_struct(mem_ctx, pinfo_gums_privilege, p, ptr, indent); } -int gen_parse_struct_tdbsam2_priv_data(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { - return gen_parse_struct(mem_ctx, pinfo_tdbsam2_priv_data, ptr, str); +int gen_parse_struct_gums_privilege(TALLOC_CTX *mem_ctx, char *ptr, const char *str) { + return gen_parse_struct(mem_ctx, pinfo_gums_privilege, ptr, str); } diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 8fbd8d4cdc..52dee801ad 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -79,7 +79,7 @@ void pdb_fill_default_sam(SAM_ACCOUNT *user) user->private.logoff_time = user->private.kickoff_time = user->private.pass_must_change_time = get_time_t_max(); - user->private.unknown_3 = 0x00ffffff; /* don't know */ + user->private.fields_present = 0x00ffffff; /* don't know */ user->private.logon_divs = 168; /* hours per week */ user->private.hours_len = 21; /* 21 times 8 bits = 168 */ memset(user->private.hours, 0xff, user->private.hours_len); /* available at all hours */ @@ -1346,7 +1346,7 @@ BOOL init_sam_from_buffer_v0(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) fullname_len, homedir_len, logon_script_len, profile_path_len, acct_desc_len, workstations_len; - uint32 user_rid, group_rid, unknown_3, hours_len, unknown_6; + uint32 user_rid, group_rid, remove_me, hours_len, unknown_6; uint16 acct_ctrl, logon_divs; uint16 bad_password_count, logon_count; uint8 *hours; @@ -1385,7 +1385,7 @@ BOOL init_sam_from_buffer_v0(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) &lm_pw_len, &lm_pw_ptr, &nt_pw_len, &nt_pw_ptr, &acct_ctrl, - &unknown_3, + &remove_me, /* remove on the next TDB_FORMAT upgarde */ &logon_divs, &hours_len, &hourslen, &hours, @@ -1463,7 +1463,6 @@ BOOL init_sam_from_buffer_v0(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET); pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET); - pdb_set_unknown_3(sampass, unknown_3, PDB_SET); pdb_set_hours_len(sampass, hours_len, PDB_SET); pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET); pdb_set_logon_count(sampass, logon_count, PDB_SET); @@ -1667,7 +1666,7 @@ uint32 init_buffer_from_sam_v0 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si lm_pw_len, lm_pw, nt_pw_len, nt_pw, pdb_get_acct_ctrl(sampass), - pdb_get_unknown_3(sampass), + 0, /* was: fileds_present, to be removed on format change */ pdb_get_logon_divs(sampass), pdb_get_hours_len(sampass), MAX_HOURS_LEN, pdb_get_hours(sampass), @@ -1710,7 +1709,7 @@ uint32 init_buffer_from_sam_v0 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si lm_pw_len, lm_pw, nt_pw_len, nt_pw, pdb_get_acct_ctrl(sampass), - pdb_get_unknown_3(sampass), + 0, /* was: fileds_present, to be removed on format change */ pdb_get_logon_divs(sampass), pdb_get_hours_len(sampass), MAX_HOURS_LEN, pdb_get_hours(sampass), @@ -1762,7 +1761,7 @@ BOOL init_sam_from_buffer_v1(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) fullname_len, homedir_len, logon_script_len, profile_path_len, acct_desc_len, workstations_len; - uint32 user_rid, group_rid, unknown_3, hours_len, unknown_6; + uint32 user_rid, group_rid, remove_me, hours_len, unknown_6; uint16 acct_ctrl, logon_divs; uint16 bad_password_count, logon_count; uint8 *hours; @@ -1802,7 +1801,7 @@ BOOL init_sam_from_buffer_v1(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) &lm_pw_len, &lm_pw_ptr, &nt_pw_len, &nt_pw_ptr, &acct_ctrl, - &unknown_3, + &remove_me, &logon_divs, &hours_len, &hourslen, &hours, @@ -1880,7 +1879,6 @@ BOOL init_sam_from_buffer_v1(SAM_ACCOUNT *sampass, uint8 *buf, uint32 buflen) pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET); pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET); - pdb_set_unknown_3(sampass, unknown_3, PDB_SET); pdb_set_hours_len(sampass, hours_len, PDB_SET); pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET); pdb_set_logon_count(sampass, logon_count, PDB_SET); @@ -2087,7 +2085,7 @@ uint32 init_buffer_from_sam_v1 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si lm_pw_len, lm_pw, nt_pw_len, nt_pw, pdb_get_acct_ctrl(sampass), - pdb_get_unknown_3(sampass), + 0, pdb_get_logon_divs(sampass), pdb_get_hours_len(sampass), MAX_HOURS_LEN, pdb_get_hours(sampass), @@ -2131,7 +2129,7 @@ uint32 init_buffer_from_sam_v1 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si lm_pw_len, lm_pw, nt_pw_len, nt_pw, pdb_get_acct_ctrl(sampass), - pdb_get_unknown_3(sampass), + 0, pdb_get_logon_divs(sampass), pdb_get_hours_len(sampass), MAX_HOURS_LEN, pdb_get_hours(sampass), diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 4a5a5759d4..11df0ad56d 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -306,14 +306,6 @@ const char* pdb_get_munged_dial (const SAM_ACCOUNT *sampass) return (NULL); } -uint32 pdb_get_unknown_3 (const SAM_ACCOUNT *sampass) -{ - if (sampass) - return (sampass->private.unknown_3); - else - return (-1); -} - uint16 pdb_get_bad_password_count(const SAM_ACCOUNT *sampass) { if (sampass) @@ -982,16 +974,6 @@ BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password, enum return pdb_set_init_flags(sampass, PDB_PLAINTEXT_PW, flag); } -BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag) -{ - if (!sampass) - return False; - - sampass->private.unknown_3 = unkn; - - return pdb_set_init_flags(sampass, PDB_UNKNOWN3, flag); -} - BOOL pdb_set_bad_password_count(SAM_ACCOUNT *sampass, uint16 bad_password_count, enum pdb_value_state flag) { if (!sampass) @@ -1128,3 +1110,11 @@ BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext) return True; } + +/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */ +uint32 pdb_build_fields_present (SAM_ACCOUNT *sampass) +{ + /* value set to all for testing */ + return 0x00ffffff; +} + diff --git a/source3/passdb/pdb_gums.c b/source3/passdb/pdb_gums.c index 25dc565253..c595a51e55 100644 --- a/source3/passdb/pdb_gums.c +++ b/source3/passdb/pdb_gums.c @@ -1,7 +1,12 @@ /* +<<<<<<< pdb_gums.c + * 'Gums' password backend for samba + * Copyright (C) Simo Sorce 2003 +======= * GUMS password backend for samba * Copyright (C) Jelmer Vernooij 2002 * Copyright (C) Andrew Bartlett 2003 +>>>>>>> 1.4 * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License as published by the Free @@ -95,7 +100,6 @@ static NTSTATUS gums_object_to_sam_account(SAM_ACCOUNT *sa, GUMS_OBJECT *go) } data_blob_clear_free(&pwd); - BOOL_SET_OR_FAIL(pdb_set_unknown_3(sa, gums_get_user_unknown_3(go), PDB_SET), error); BOOL_SET_OR_FAIL(pdb_set_bad_password_count(sa, gums_get_user_bad_password_count(go), PDB_SET), error); BOOL_SET_OR_FAIL(pdb_set_unknown_6(sa, gums_get_user_unknown_6(go), PDB_SET), error); BOOL_SET_OR_FAIL(pdb_set_hours(sa, gums_get_user_hours(go), PDB_SET), error); @@ -155,7 +159,6 @@ static NTSTATUS sam_account_to_gums_object(GUMS_OBJECT *go, SAM_ACCOUNT *sa) SET_OR_FAIL(gums_set_user_logon_divs(go, pdb_get_logon_divs(sa)), error); if (pdb_get_hours(sa)) SET_OR_FAIL(gums_set_user_hours(go, pdb_get_hours_len(sa), pdb_get_hours(sa)), error); - SET_OR_FAIL(gums_set_user_unknown_3(go, pdb_get_unknown_3(sa)), error); SET_OR_FAIL(gums_set_user_bad_password_count(go, pdb_get_bad_password_count(sa)), error); SET_OR_FAIL(gums_set_user_unknown_6(go, pdb_get_unknown_6(sa)), error); diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 6e8ff83507..ff2b5cf762 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -712,8 +712,6 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state, /* pdb_set_munged_dial(sampass, munged_dial, PDB_SET); */ - /* pdb_set_unknown_3(sampass, unknown3, PDB_SET); */ - if (!smbldap_get_single_attribute(ldap_state->smbldap_state->ldap_struct, entry, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_BAD_PASSWORD_COUNT), temp)) { /* leave as default */ diff --git a/source3/passdb/pdb_mysql.c b/source3/passdb/pdb_mysql.c index acc1eff829..deed27dbe4 100644 --- a/source3/passdb/pdb_mysql.c +++ b/source3/passdb/pdb_mysql.c @@ -111,7 +111,6 @@ static NTSTATUS row_to_sam_account(MYSQL_RES * r, SAM_ACCOUNT * u) pdb_set_plaintext_passwd(u, row[22]); pdb_set_acct_ctrl(u, xatol(row[23]), PDB_SET); - pdb_set_unknown_3(u, xatol(row[24]), PDB_SET); pdb_set_logon_divs(u, xatol(row[25]), PDB_SET); pdb_set_hours_len(u, xatol(row[26]), PDB_SET); pdb_set_bad_password_count(u, xatol(row[27]), PDB_SET); diff --git a/source3/passdb/pdb_pgsql.c b/source3/passdb/pdb_pgsql.c index 61c620e092..1731c720a2 100644 --- a/source3/passdb/pdb_pgsql.c +++ b/source3/passdb/pdb_pgsql.c @@ -98,7 +98,6 @@ static NTSTATUS row_to_sam_account ( PGresult *r, long row, SAM_ACCOUNT *u ) pdb_set_munged_dial ( u, PQgetvalue( r, row, 17 ), PDB_SET ) ; pdb_set_acct_ctrl ( u, PQgetlong ( r, row, 23 ), PDB_SET ) ; - pdb_set_unknown_3 ( u, PQgetlong ( r, row, 24 ), PDB_SET ) ; pdb_set_logon_divs ( u, PQgetlong ( r, row, 25 ), PDB_SET ) ; pdb_set_hours_len ( u, PQgetlong ( r, row, 26 ), PDB_SET ) ; pdb_set_logon_count ( u, PQgetlong ( r, row, 27 ), PDB_SET ) ; diff --git a/source3/passdb/pdb_sql.c b/source3/passdb/pdb_sql.c index b87004e019..d3e8b90a85 100644 --- a/source3/passdb/pdb_sql.c +++ b/source3/passdb/pdb_sql.c @@ -44,7 +44,6 @@ #define CONFIG_NT_PW_DEFAULT "nt_pw" #define CONFIG_PLAIN_PW_DEFAULT "NULL" #define CONFIG_ACCT_CTRL_DEFAULT "acct_ctrl" -#define CONFIG_UNKNOWN_3_DEFAULT "unknown_3" #define CONFIG_LOGON_DIVS_DEFAULT "logon_divs" #define CONFIG_HOURS_LEN_DEFAULT "hours_len" #define CONFIG_BAD_PASSWORD_COUNT_DEFAULT "bad_password_count" @@ -254,8 +253,6 @@ char *sql_account_query_select(const char *data, BOOL update, enum sql_search_fi CONFIG_PLAIN_PW_DEFAULT), config_value_read(data, "acct ctrl column", CONFIG_ACCT_CTRL_DEFAULT), - config_value_read(data, "unknown 3 column", - CONFIG_UNKNOWN_3_DEFAULT), config_value_read(data, "logon divs column", CONFIG_LOGON_DIVS_DEFAULT), config_value_read(data, "hours len column", diff --git a/source3/passdb/pdb_xml.c b/source3/passdb/pdb_xml.c index 19998a6655..2738ad40e2 100644 --- a/source3/passdb/pdb_xml.c +++ b/source3/passdb/pdb_xml.c @@ -154,11 +154,6 @@ static BOOL parseUser(xmlDocPtr doc, xmlNsPtr ns, xmlNodePtr cur, SAM_ACCOUNT * atol(xmlNodeListGetString (doc, cur->xmlChildrenNode, 1)), PDB_SET); - else if (!strcmp(cur->name, "unknown_3") && cur->ns == ns) - pdb_set_unknown_3(u, - atol(xmlNodeListGetString - (doc, cur->xmlChildrenNode, 1)), PDB_SET); - else if (!strcmp(cur->name, "bad_password_count") && cur->ns == ns) pdb_set_bad_password_count(u, atol(xmlNodeListGetString @@ -490,7 +485,6 @@ static NTSTATUS xmlsam_add_sam_account(struct pdb_methods *methods, SAM_ACCOUNT } xmlNewChild(user, data->ns, "acct_ctrl", iota(pdb_get_acct_ctrl(u))); - xmlNewChild(user, data->ns, "unknown_3", iota(pdb_get_unknown_3(u))); if (pdb_get_logon_divs(u)) xmlNewChild(user, data->ns, "logon_divs", diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index 607c9ecf64..e0eb2958b3 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -5315,11 +5315,6 @@ static BOOL sam_io_user_info11(const char *desc, SAM_USER_INFO_11 * usr, /************************************************************************* init_sam_user_infoa - - unknown_3 = 0x09f8 27fa - unknown_5 = 0x0001 0000 - unknown_6 = 0x0000 04ec - *************************************************************************/ void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516], uint16 pw_len) @@ -5362,7 +5357,6 @@ static BOOL sam_io_user_info24(const char *desc, SAM_USER_INFO_24 * usr, /************************************************************************* init_sam_user_info23 - unknown_3 = 0x09f8 27fa unknown_6 = 0x0000 04ec *************************************************************************/ @@ -5386,7 +5380,7 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z uint32 user_rid, /* 0x0000 0000 */ uint32 group_rid, uint32 acb_info, - uint32 unknown_3, + uint32 fields_present, uint16 logon_divs, LOGON_HRS * hrs, uint16 bad_password_count, @@ -5406,7 +5400,7 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z usr->user_rid = user_rid; /* 0x0000 0000 */ usr->group_rid = group_rid; usr->acb_info = acb_info; - usr->unknown_3 = unknown_3; /* 09f8 27fa */ + usr->fields_present = fields_present; /* 09f8 27fa */ usr->logon_divs = logon_divs; /* should be 168 (hours/week) */ usr->ptr_logon_hrs = hrs ? 1 : 0; @@ -5464,7 +5458,6 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z /************************************************************************* init_sam_user_info23 - unknown_3 = 0x09f8 27fa unknown_6 = 0x0000 04ec *************************************************************************/ @@ -5481,7 +5474,7 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z char *prof_path, const char *desc, char *wkstas, char *unk_str, char *mung_dial, uint32 user_rid, /* 0x0000 0000 */ uint32 group_rid, uint32 acb_info, - uint32 unknown_3, uint16 logon_divs, + uint32 fields_present, uint16 logon_divs, LOGON_HRS * hrs, uint16 bad_password_count, uint16 logon_count, char newpass[516], uint32 unknown_6) { @@ -5500,7 +5493,7 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z usr->user_rid = user_rid; /* 0x0000 0000 */ usr->group_rid = group_rid; usr->acb_info = acb_info; - usr->unknown_3 = unknown_3; /* 09f8 27fa */ + usr->fields_present = fields_present; /* 09f8 27fa */ usr->logon_divs = logon_divs; /* should be 168 (hours/week) */ usr->ptr_logon_hrs = hrs ? 1 : 0; @@ -5619,7 +5612,7 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr, if(!prs_uint32("acb_info ", ps, depth, &usr->acb_info)) return False; - if(!prs_uint32("unknown_3 ", ps, depth, &usr->unknown_3)) + if(!prs_uint32("fields_present ", ps, depth, &usr->fields_present)) return False; if(!prs_uint16("logon_divs ", ps, depth, &usr->logon_divs)) /* logon divisions per week */ return False; @@ -5816,7 +5809,6 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str /************************************************************************* init_sam_user_info21W - unknown_3 = 0x00ff ffff unknown_6 = 0x0000 04ec *************************************************************************/ @@ -5843,7 +5835,7 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr, uint32 user_rid, uint32 group_rid, uint32 acb_info, - uint32 unknown_3, + uint32 fields_present, uint16 logon_divs, LOGON_HRS * hrs, uint16 bad_password_count, @@ -5863,7 +5855,7 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr, usr->user_rid = user_rid; usr->group_rid = group_rid; usr->acb_info = acb_info; - usr->unknown_3 = unknown_3; /* 0x00ff ffff */ + usr->fields_present = fields_present; /* 0x00ff ffff */ usr->logon_divs = logon_divs; /* should be 168 (hours/week) */ usr->ptr_logon_hrs = hrs ? 1 : 0; @@ -5918,7 +5910,6 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr, /************************************************************************* init_sam_user_info21 - unknown_3 = 0x00ff ffff unknown_6 = 0x0000 04ec *************************************************************************/ @@ -6003,16 +5994,7 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID * usr->group_rid = group_rid; usr->acb_info = pdb_get_acct_ctrl(pw); - /* - Look at a user on a real NT4 PDC with usrmgr, press - 'ok'. Then you will see that unknown_3 is set to - 0x08f827fa. Look at the user immediately after that again, - and you will see that 0x00fffff is returned. This solves - the problem that you get access denied after having looked - at the user. - -- Volker - */ - usr->unknown_3 = 0x00ffffff; + usr->fields_present = pdb_build_fields_present(pw); usr->logon_divs = pdb_get_logon_divs(pw); usr->ptr_logon_hrs = pdb_get_hours(pw) ? 1 : 0; @@ -6133,7 +6115,7 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr, if(!prs_uint32("acb_info ", ps, depth, &usr->acb_info)) return False; - if(!prs_uint32("unknown_3 ", ps, depth, &usr->unknown_3)) + if(!prs_uint32("fields_present ", ps, depth, &usr->fields_present)) return False; if(!prs_uint16("logon_divs ", ps, depth, &usr->logon_divs)) /* logon divisions per week */ return False; diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c index 82f93a5b4c..d54a858878 100644 --- a/source3/rpc_server/srv_samr_util.c +++ b/source3/rpc_server/srv_samr_util.c @@ -73,22 +73,24 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) if (from == NULL || to == NULL) return; - if (!nt_time_is_zero(&from->logon_time)) { + + if (from->fields_present & ACCT_LAST_LOGON) { unix_time=nt_time_to_unix(&from->logon_time); stored_time = pdb_get_logon_time(to); DEBUG(10,("INFO_21 LOGON_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); if (stored_time != unix_time) pdb_set_logon_time(to, unix_time, PDB_CHANGED); - } - if (!nt_time_is_zero(&from->logoff_time)) { + } + + if (from->fields_present & ACCT_LAST_LOGOFF) { unix_time=nt_time_to_unix(&from->logoff_time); stored_time = pdb_get_logoff_time(to); DEBUG(10,("INFO_21 LOGOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); if (stored_time != unix_time) pdb_set_logoff_time(to, unix_time, PDB_CHANGED); } - - if (!nt_time_is_zero(&from->kickoff_time)) { + + if (from->fields_present & ACCT_EXPIRY) { unix_time=nt_time_to_unix(&from->kickoff_time); stored_time = pdb_get_kickoff_time(to); DEBUG(10,("INFO_21 KICKOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -96,14 +98,15 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_can_change_time)) { + if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_can_change_time); stored_time = pdb_get_pass_can_change_time(to); DEBUG(10,("INFO_21 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); if (stored_time != unix_time) pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_last_set_time)) { + + if (from->fields_present & ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); DEBUG(10,("INFO_21 PASS_LAST_SET: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -111,7 +114,7 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_must_change_time)) { + if (from->fields_present & ACCT_FORCE_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_must_change_time); stored_time=pdb_get_pass_must_change_time(to); DEBUG(10,("INFO_21 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -119,8 +122,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); } - /* Backend should check this for sainity */ - if (from->hdr_user_name.buffer) { + if ((from->fields_present & ACCT_USERNAME) && + (from->hdr_user_name.buffer)) { old_string = pdb_get_username(to); new_string = unistr2_static(&from->uni_user_name); DEBUG(10,("INFO_21 UNI_USER_NAME: %s -> %s\n", old_string, new_string)); @@ -128,7 +131,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_username(to , new_string, PDB_CHANGED); } - if (from->hdr_full_name.buffer) { + if ((from->fields_present & ACCT_FULL_NAME) && + (from->hdr_full_name.buffer)) { old_string = pdb_get_fullname(to); new_string = unistr2_static(&from->uni_full_name); DEBUG(10,("INFO_21 UNI_FULL_NAME: %s -> %s\n",old_string, new_string)); @@ -136,7 +140,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_fullname(to , new_string, PDB_CHANGED); } - if (from->hdr_home_dir.buffer) { + if ((from->fields_present & ACCT_HOME_DIR) && + (from->hdr_home_dir.buffer)) { old_string = pdb_get_homedir(to); new_string = unistr2_static(&from->uni_home_dir); DEBUG(10,("INFO_21 UNI_HOME_DIR: %s -> %s\n",old_string,new_string)); @@ -144,7 +149,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_homedir(to , new_string, PDB_CHANGED); } - if (from->hdr_dir_drive.buffer) { + if ((from->fields_present & ACCT_HOME_DRIVE) && + (from->hdr_dir_drive.buffer)) { old_string = pdb_get_dir_drive(to); new_string = unistr2_static(&from->uni_dir_drive); DEBUG(10,("INFO_21 UNI_DIR_DRIVE: %s -> %s\n",old_string,new_string)); @@ -152,7 +158,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_dir_drive(to , new_string, PDB_CHANGED); } - if (from->hdr_logon_script.buffer) { + if ((from->fields_present & ACCT_LOGON_SCRIPT) && + (from->hdr_logon_script.buffer)) { old_string = pdb_get_logon_script(to); new_string = unistr2_static(&from->uni_logon_script); DEBUG(10,("INFO_21 UNI_LOGON_SCRIPT: %s -> %s\n",old_string,new_string)); @@ -160,7 +167,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_logon_script(to , new_string, PDB_CHANGED); } - if (from->hdr_profile_path.buffer) { + if ((from->fields_present & ACCT_PROFILE) && + (from->hdr_profile_path.buffer)) { old_string = pdb_get_profile_path(to); new_string = unistr2_static(&from->uni_profile_path); DEBUG(10,("INFO_21 UNI_PROFILE_PATH: %s -> %s\n",old_string, new_string)); @@ -168,7 +176,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_profile_path(to , new_string, PDB_CHANGED); } - if (from->hdr_acct_desc.buffer) { + if ((from->fields_present & ACCT_DESCRIPTION) && + (from->hdr_acct_desc.buffer)) { old_string = pdb_get_acct_desc(to); new_string = unistr2_static(&from->uni_acct_desc); DEBUG(10,("INFO_21 UNI_ACCT_DESC: %s -> %s\n",old_string,new_string)); @@ -176,7 +185,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_acct_desc(to , new_string, PDB_CHANGED); } - if (from->hdr_workstations.buffer) { + if ((from->fields_present & ACCT_WORKSTATIONS) && + (from->hdr_workstations.buffer)) { old_string = pdb_get_workstations(to); new_string = unistr2_static(&from->uni_workstations); DEBUG(10,("INFO_21 UNI_WORKSTATIONS: %s -> %s\n",old_string, new_string)); @@ -184,7 +194,9 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_workstations(to , new_string, PDB_CHANGED); } - if (from->hdr_unknown_str.buffer) { + /* is this right? */ + if ((from->fields_present & ACCT_ADMIN_DESC) && + (from->hdr_unknown_str.buffer)) { old_string = pdb_get_unknown_str(to); new_string = unistr2_static(&from->uni_unknown_str); DEBUG(10,("INFO_21 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string)); @@ -192,7 +204,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) pdb_set_unknown_str(to , new_string, PDB_CHANGED); } - if (from->hdr_munged_dial.buffer) { + if ((from->fields_present & ACCT_CALLBACK) && + (from->hdr_munged_dial.buffer)) { char *newstr; old_string = pdb_get_munged_dial(to); mung.length = from->hdr_munged_dial.uni_str_len; @@ -205,7 +218,8 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) SAFE_FREE(newstr); } - if (from->user_rid == 0) { + if ((from->fields_present & ACCT_RID) && + (from->user_rid == 0)) { DEBUG(10, ("INFO_21: Asked to set User RID to 0 !? Skipping change!\n")); } else if (from->user_rid != pdb_get_user_rid(to)) { DEBUG(10,("INFO_21 USER_RID: %u -> %u NOT UPDATED!\n",pdb_get_user_rid(to),from->user_rid)); @@ -213,51 +227,57 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) /* pdb_set_user_sid_from_rid(to, from->user_rid, PDB_CHANGED);*/ } - if (from->group_rid == 0) { + if ((from->fields_present & ACCT_PRIMARY_GID) && + (from->group_rid == 0)) { DEBUG(10, ("INFO_21: Asked to set Group RID to 0 !? Skipping change!\n")); } else if (from->group_rid != pdb_get_group_rid(to)) { DEBUG(10,("INFO_21 GROUP_RID: %u -> %u\n",pdb_get_group_rid(to),from->group_rid)); pdb_set_group_sid_from_rid(to, from->group_rid, PDB_CHANGED); } - DEBUG(10,("INFO_21 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info)); - if (from->acb_info != pdb_get_acct_ctrl(to)) { - pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED); + if (from->fields_present & ACCT_FLAGS) { + DEBUG(10,("INFO_21 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info)); + if (from->acb_info != pdb_get_acct_ctrl(to)) { + pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED); + } } - DEBUG(10,("INFO_21 UNKNOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3)); - if (from->unknown_3 != pdb_get_unknown_3(to)) { - pdb_set_unknown_3(to, from->unknown_3, PDB_CHANGED); - } + if (from->fields_present & ACCT_LOGON_HOURS) { + DEBUG(15,("INFO_21 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs)); + if (from->logon_divs != pdb_get_logon_divs(to)) { + pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED); + } - DEBUG(15,("INFO_21 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs)); - if (from->logon_divs != pdb_get_logon_divs(to)) { - pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED); - } + DEBUG(15,("INFO_21 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len)); + if (from->logon_hrs.len != pdb_get_hours_len(to)) { + pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED); + } - DEBUG(15,("INFO_21 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len)); - if (from->logon_hrs.len != pdb_get_hours_len(to)) { - pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED); + DEBUG(15,("INFO_21 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours)); + /* Fix me: only update if it changes --metze */ + pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED); } - DEBUG(15,("INFO_21 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours)); -/* Fix me: only update if it changes --metze */ - pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED); - - DEBUG(10,("INFO_21 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count)); - if (from->bad_password_count != pdb_get_bad_password_count(to)) { - pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED); + if (from->fields_present & ACCT_BAD_PWD_COUNT) { + DEBUG(10,("INFO_21 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count)); + if (from->bad_password_count != pdb_get_bad_password_count(to)) { + pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED); + } } - DEBUG(10,("INFO_21 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count)); - if (from->logon_count != pdb_get_logon_count(to)) { - pdb_set_logon_count(to, from->logon_count, PDB_CHANGED); + if (from->fields_present & ACCT_NUM_LOGONS) { + DEBUG(10,("INFO_21 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count)); + if (from->logon_count != pdb_get_logon_count(to)) { + pdb_set_logon_count(to, from->logon_count, PDB_CHANGED); + } } - DEBUG(10,("INFO_21 UNKNOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6)); - if (from->unknown_6 != pdb_get_unknown_6(to)) { - pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED); - } + /* if (from->fields_present & ACCT_??) { */ + DEBUG(10,("INFO_21 UNKNOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6)); + if (from->unknown_6 != pdb_get_unknown_6(to)) { + pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED); + } + /* } */ DEBUG(10,("INFO_21 PADDING1 %02X %02X %02X %02X %02X %02X\n", from->padding1[0], @@ -269,7 +289,25 @@ void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) DEBUG(10,("INFO_21 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { - pdb_set_pass_must_change_time(to,0, PDB_CHANGED); + pdb_set_pass_must_change_time(to,0, PDB_CHANGED); + } else { + uint32 expire; + time_t new_time; + if (pdb_get_pass_must_change_time(to) == 0) { + if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) + || expire == (uint32)-1) { + new_time = get_time_t_max(); + } else { + time_t old_time = pdb_get_pass_last_set_time(to); + new_time = old_time + expire; + if ((new_time) < time(0)) { + new_time = time(0) + expire; + } + } + if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { + DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); + } + } } DEBUG(10,("INFO_21 PADDING_2: %02X\n",from->padding2)); @@ -290,14 +328,16 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) if (from == NULL || to == NULL) return; - if (!nt_time_is_zero(&from->logon_time)) { + + if (from->fields_present & ACCT_LAST_LOGON) { unix_time=nt_time_to_unix(&from->logon_time); stored_time = pdb_get_logon_time(to); DEBUG(10,("INFO_23 LOGON_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); if (stored_time != unix_time) pdb_set_logon_time(to, unix_time, PDB_CHANGED); - } - if (!nt_time_is_zero(&from->logoff_time)) { + } + + if (from->fields_present & ACCT_LAST_LOGOFF) { unix_time=nt_time_to_unix(&from->logoff_time); stored_time = pdb_get_logoff_time(to); DEBUG(10,("INFO_23 LOGOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -305,7 +345,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_logoff_time(to, unix_time, PDB_CHANGED); } - if (!nt_time_is_zero(&from->kickoff_time)) { + if (from->fields_present & ACCT_EXPIRY) { unix_time=nt_time_to_unix(&from->kickoff_time); stored_time = pdb_get_kickoff_time(to); DEBUG(10,("INFO_23 KICKOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -313,14 +353,15 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_kickoff_time(to, unix_time , PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_can_change_time)) { + if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_can_change_time); stored_time = pdb_get_pass_can_change_time(to); DEBUG(10,("INFO_23 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); if (stored_time != unix_time) pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_last_set_time)) { + + if (from->fields_present & ACCT_LAST_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_last_set_time); stored_time = pdb_get_pass_last_set_time(to); DEBUG(10,("INFO_23 PASS_LAST_SET: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -328,7 +369,7 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED); } - if (!nt_time_is_zero(&from->pass_must_change_time)) { + if (from->fields_present & ACCT_FORCE_PWD_CHANGE) { unix_time=nt_time_to_unix(&from->pass_must_change_time); stored_time=pdb_get_pass_must_change_time(to); DEBUG(10,("INFO_23 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time)); @@ -336,8 +377,9 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED); } - /* Backend should check this for sainity */ - if (from->hdr_user_name.buffer) { + /* Backend should check this for sanity */ + if ((from->fields_present & ACCT_USERNAME) && + (from->hdr_user_name.buffer)) { old_string = pdb_get_username(to); new_string = unistr2_static(&from->uni_user_name); DEBUG(10,("INFO_23 UNI_USER_NAME: %s -> %s\n", old_string, new_string)); @@ -345,7 +387,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_username(to , new_string, PDB_CHANGED); } - if (from->hdr_full_name.buffer) { + if ((from->fields_present & ACCT_FULL_NAME) && + (from->hdr_full_name.buffer)) { old_string = pdb_get_fullname(to); new_string = unistr2_static(&from->uni_full_name); DEBUG(10,("INFO_23 UNI_FULL_NAME: %s -> %s\n",old_string, new_string)); @@ -353,7 +396,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_fullname(to , new_string, PDB_CHANGED); } - if (from->hdr_home_dir.buffer) { + if ((from->fields_present & ACCT_HOME_DIR) && + (from->hdr_home_dir.buffer)) { old_string = pdb_get_homedir(to); new_string = unistr2_static(&from->uni_home_dir); DEBUG(10,("INFO_23 UNI_HOME_DIR: %s -> %s\n",old_string,new_string)); @@ -361,7 +405,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_homedir(to , new_string, PDB_CHANGED); } - if (from->hdr_dir_drive.buffer) { + if ((from->fields_present & ACCT_HOME_DRIVE) && + (from->hdr_dir_drive.buffer)) { old_string = pdb_get_dir_drive(to); new_string = unistr2_static(&from->uni_dir_drive); DEBUG(10,("INFO_23 UNI_DIR_DRIVE: %s -> %s\n",old_string,new_string)); @@ -369,7 +414,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_dir_drive(to , new_string, PDB_CHANGED); } - if (from->hdr_logon_script.buffer) { + if ((from->fields_present & ACCT_LOGON_SCRIPT) && + (from->hdr_logon_script.buffer)) { old_string = pdb_get_logon_script(to); new_string = unistr2_static(&from->uni_logon_script); DEBUG(10,("INFO_23 UNI_LOGON_SCRIPT: %s -> %s\n",old_string,new_string)); @@ -377,7 +423,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_logon_script(to , new_string, PDB_CHANGED); } - if (from->hdr_profile_path.buffer) { + if ((from->fields_present & ACCT_PROFILE) && + (from->hdr_profile_path.buffer)) { old_string = pdb_get_profile_path(to); new_string = unistr2_static(&from->uni_profile_path); DEBUG(10,("INFO_23 UNI_PROFILE_PATH: %s -> %s\n",old_string, new_string)); @@ -385,7 +432,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_profile_path(to , new_string, PDB_CHANGED); } - if (from->hdr_acct_desc.buffer) { + if ((from->fields_present & ACCT_DESCRIPTION) && + (from->hdr_acct_desc.buffer)) { old_string = pdb_get_acct_desc(to); new_string = unistr2_static(&from->uni_acct_desc); DEBUG(10,("INFO_23 UNI_ACCT_DESC: %s -> %s\n",old_string,new_string)); @@ -393,7 +441,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_acct_desc(to , new_string, PDB_CHANGED); } - if (from->hdr_workstations.buffer) { + if ((from->fields_present & ACCT_WORKSTATIONS) && + (from->hdr_workstations.buffer)) { old_string = pdb_get_workstations(to); new_string = unistr2_static(&from->uni_workstations); DEBUG(10,("INFO_23 UNI_WORKSTATIONS: %s -> %s\n",old_string, new_string)); @@ -401,7 +450,9 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_workstations(to , new_string, PDB_CHANGED); } - if (from->hdr_unknown_str.buffer) { + /* is this right? */ + if ((from->fields_present & ACCT_ADMIN_DESC) && + (from->hdr_unknown_str.buffer)) { old_string = pdb_get_unknown_str(to); new_string = unistr2_static(&from->uni_unknown_str); DEBUG(10,("INFO_23 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string)); @@ -409,7 +460,8 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) pdb_set_unknown_str(to , new_string, PDB_CHANGED); } - if (from->hdr_munged_dial.buffer) { + if ((from->fields_present & ACCT_CALLBACK) && + (from->hdr_munged_dial.buffer)) { char *newstr; old_string = pdb_get_munged_dial(to); mung.length = from->hdr_munged_dial.uni_str_len; @@ -422,58 +474,66 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) SAFE_FREE(newstr); } - if (from->user_rid == 0) { + if ((from->fields_present & ACCT_RID) && + (from->user_rid == 0)) { DEBUG(10, ("INFO_23: Asked to set User RID to 0 !? Skipping change!\n")); } else if (from->user_rid != pdb_get_user_rid(to)) { DEBUG(10,("INFO_23 USER_RID: %u -> %u NOT UPDATED!\n",pdb_get_user_rid(to),from->user_rid)); /* we really allow this ??? metze */ /* pdb_set_user_sid_from_rid(to, from->user_rid, PDB_CHANGED);*/ } - if (from->group_rid == 0) { + + if ((from->fields_present & ACCT_PRIMARY_GID) && + (from->group_rid == 0)) { DEBUG(10, ("INFO_23: Asked to set Group RID to 0 !? Skipping change!\n")); } else if (from->group_rid != pdb_get_group_rid(to)) { DEBUG(10,("INFO_23 GROUP_RID: %u -> %u\n",pdb_get_group_rid(to),from->group_rid)); pdb_set_group_sid_from_rid(to, from->group_rid, PDB_CHANGED); } - DEBUG(10,("INFO_23 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info)); - if (from->acb_info != pdb_get_acct_ctrl(to)) { - pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED); + if (from->fields_present & ACCT_FLAGS) { + DEBUG(10,("INFO_23 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info)); + if (from->acb_info != pdb_get_acct_ctrl(to)) { + pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED); + } } - DEBUG(10,("INFO_23 UNKOWN_3: %08X -> %08X\n",pdb_get_unknown_3(to),from->unknown_3)); - if (from->unknown_3 != pdb_get_unknown_3(to)) { - pdb_set_unknown_3(to, from->unknown_3, PDB_CHANGED); - } + if (from->fields_present & ACCT_LOGON_HOURS) { + DEBUG(15,("INFO_23 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs)); + if (from->logon_divs != pdb_get_logon_divs(to)) { + pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED); + } - DEBUG(15,("INFO_23 LOGON_DIVS: %08X -> %08X\n",pdb_get_logon_divs(to),from->logon_divs)); - if (from->logon_divs != pdb_get_logon_divs(to)) { - pdb_set_logon_divs(to, from->logon_divs, PDB_CHANGED); - } + DEBUG(15,("INFO_23 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len)); + if (from->logon_hrs.len != pdb_get_hours_len(to)) { + pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED); + } - DEBUG(15,("INFO_23 LOGON_HRS.LEN: %08X -> %08X\n",pdb_get_hours_len(to),from->logon_hrs.len)); - if (from->logon_hrs.len != pdb_get_hours_len(to)) { - pdb_set_hours_len(to, from->logon_hrs.len, PDB_CHANGED); + DEBUG(15,("INFO_23 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours)); + /* Fix me: only update if it changes --metze */ + pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED); } - DEBUG(15,("INFO_23 LOGON_HRS.HOURS: %s -> %s\n",pdb_get_hours(to),from->logon_hrs.hours)); -/* Fix me: only update if it changes --metze */ - pdb_set_hours(to, from->logon_hrs.hours, PDB_CHANGED); - - DEBUG(10,("INFO_23 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count)); - if (from->bad_password_count != pdb_get_bad_password_count(to)) { - pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED); + if (from->fields_present & ACCT_BAD_PWD_COUNT) { + DEBUG(10,("INFO_23 BAD_PASSWORD_COUNT: %08X -> %08X\n",pdb_get_bad_password_count(to),from->bad_password_count)); + if (from->bad_password_count != pdb_get_bad_password_count(to)) { + pdb_set_bad_password_count(to, from->bad_password_count, PDB_CHANGED); + } } - DEBUG(10,("INFO_23 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count)); - if (from->logon_count != pdb_get_logon_count(to)) { - pdb_set_logon_count(to, from->logon_count, PDB_CHANGED); + if (from->fields_present & ACCT_NUM_LOGONS) { + DEBUG(10,("INFO_23 LOGON_COUNT: %08X -> %08X\n",pdb_get_logon_count(to),from->logon_count)); + if (from->logon_count != pdb_get_logon_count(to)) { + pdb_set_logon_count(to, from->logon_count, PDB_CHANGED); + } } - DEBUG(10,("INFO_23 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6)); - if (from->unknown_6 != pdb_get_unknown_6(to)) { - pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED); - } + /* if (from->fields_present & ACCT_??) { */ + DEBUG(10,("INFO_23 UNKOWN_6: %08X -> %08X\n",pdb_get_unknown_6(to),from->unknown_6)); + if (from->unknown_6 != pdb_get_unknown_6(to)) { + pdb_set_unknown_6(to, from->unknown_6, PDB_CHANGED); + } + /* } */ DEBUG(10,("INFO_23 PADDING1 %02X %02X %02X %02X %02X %02X\n", from->padding1[0], @@ -486,6 +546,24 @@ void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) DEBUG(10,("INFO_23 PASS_MUST_CHANGE_AT_NEXT_LOGON: %02X\n",from->passmustchange)); if (from->passmustchange==PASS_MUST_CHANGE_AT_NEXT_LOGON) { pdb_set_pass_must_change_time(to,0, PDB_CHANGED); + } else { + uint32 expire; + time_t new_time; + if (pdb_get_pass_must_change_time(to) == 0) { + if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire) + || expire == (uint32)-1) { + new_time = get_time_t_max(); + } else { + time_t old_time = pdb_get_pass_last_set_time(to); + new_time = old_time + expire; + if ((new_time) < time(0)) { + new_time = time(0) + expire; + } + } + if (!pdb_set_pass_must_change_time (to, new_time, PDB_CHANGED)) { + DEBUG (0, ("pdb_set_pass_must_change_time failed!\n")); + } + } } DEBUG(10,("INFO_23 PADDING_2: %02X\n",from->padding2)); diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 34c6fc35ab..455e5a89fc 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -83,7 +83,7 @@ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr) printf("\tgroup_rid:\t0x%x\n" , usr->group_rid); /* Group ID */ printf("\tacb_info :\t0x%04x\n", usr->acb_info ); /* Account Control Info */ - printf("\tunknown_3:\t0x%08x\n", usr->unknown_3); /* 0x00ff ffff */ + printf("\tfileds_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */ printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */ printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count); printf("\tlogon_count:\t0x%08x\n", usr->logon_count); diff --git a/source3/sam/gums_api.c b/source3/sam/gums_api.c index 17f7d33baa..a76aed18fd 100644 --- a/source3/sam/gums_api.c +++ b/source3/sam/gums_api.c @@ -474,14 +474,6 @@ const uint8 *gums_get_user_hours(const GUMS_OBJECT *obj) return obj->data.user->hours; } -uint32 gums_get_user_unknown_3(const GUMS_OBJECT *obj) -{ - if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) - return 0; - - return obj->data.user->unknown_3; -} - uint16 gums_get_user_bad_password_count(const GUMS_OBJECT *obj) { if (!obj || obj->type != GUMS_OBJ_NORMAL_USER) @@ -780,18 +772,6 @@ NTSTATUS gums_set_user_hours(GUMS_OBJECT *obj, uint32 hours_len, const uint8 *ho return NT_STATUS_OK; } -NTSTATUS gums_set_user_unknown_3(GUMS_OBJECT *obj, uint32 unknown_3) -{ - if (!obj) - return NT_STATUS_INVALID_PARAMETER; - - if (obj->type != GUMS_OBJ_NORMAL_USER) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - obj->data.user->unknown_3 = unknown_3; - return NT_STATUS_OK; -} - NTSTATUS gums_set_user_bad_password_count(GUMS_OBJECT *obj, uint16 bad_password_count) { if (!obj) diff --git a/source3/sam/gums_helper.c b/source3/sam/gums_helper.c index 5bbd054be1..fcb9366cda 100644 --- a/source3/sam/gums_helper.c +++ b/source3/sam/gums_helper.c @@ -211,7 +211,7 @@ NTSTATUS gums_make_alias(DOM_SID *sid, const char *name, const char *description return ret; } -NTSTATUS gums_init_domain(DOM_SID *sid, const char *name) +NTSTATUS gums_init_domain(DOM_SID *sid, const char *name, const char * description) { NTSTATUS ret; @@ -219,7 +219,7 @@ NTSTATUS gums_init_domain(DOM_SID *sid, const char *name) if (!NT_STATUS_IS_OK(ret = gums_make_domain( sid, name, - NULL + description ))) { return ret; } @@ -331,7 +331,7 @@ NTSTATUS gums_init_builtin_domain(void) if (!NT_STATUS_IS_OK(ret = gums_make_alias( &global_sid_Builtin_Backup_Operators, "Backup Operators", - "Members can bypass file security to backup files" + "Members can bypass file security to backup files" ))) { return ret; } diff --git a/source3/sam/gums_tdbsam2.c b/source3/sam/gums_tdbsam2.c index 217cf6f34e..7fb9a1a997 100644 --- a/source3/sam/gums_tdbsam2.c +++ b/source3/sam/gums_tdbsam2.c @@ -19,7 +19,6 @@ */ #include "includes.h" -#include "tdbsam2.h" #include "tdbsam2_parse_info.h" #if 0 @@ -36,7 +35,9 @@ static int gums_tdbsam2_debug_class = DBGC_ALL; #define SIDPREFIX "SID_" #define PRIVILEGEPREFIX "PRIV_" -#define TDB_FORMAT_STRING "ddB" +#define TDB_BASIC_OBJ_STRING "ddd" +#define TDB_FORMAT_STRING "dddB" +#define TDB_PRIV_FORMAT_STRING "ddB" #define TALLOC_CHECK(ptr, err, label) do { if ((ptr) == NULL) { DEBUG(0, ("%s: Out of memory!\n", FUNCTION_MACRO)); err = NT_STATUS_NO_MEMORY; goto label; } } while(0) #define SET_OR_FAIL(func, label) do { if (!NT_STATUS_IS_OK(func)) { DEBUG(0, ("%s: Setting gums object data failed!\n", FUNCTION_MACRO)); goto label; } } while(0) @@ -51,19 +52,6 @@ struct tdbsam2_enum_objs { struct tdbsam2_enum_objs *next; }; -union tdbsam2_data { - struct tdbsam2_domain_data *domain; - struct tdbsam2_user_data *user; - struct tdbsam2_group_data *group; - struct tdbsam2_priv_data *priv; -}; - -struct tdbsam2_object { - uint32 type; - uint32 version; - union tdbsam2_data data; -}; - struct tdbsam2_private_data { const char *storage; @@ -72,7 +60,6 @@ struct tdbsam2_private_data { static struct tdbsam2_private_data *ts2_privs; - static NTSTATUS init_object_from_buffer(GUMS_OBJECT **go, char *buffer, int size) { @@ -81,7 +68,7 @@ static NTSTATUS init_object_from_buffer(GUMS_OBJECT **go, char *buffer, int size int iret; char *obj_data = NULL; int data_size = 0; - int version, type; + int version, type, seqnum; int len; mem_ctx = talloc_init("init_object_from_buffer"); @@ -93,16 +80,17 @@ static NTSTATUS init_object_from_buffer(GUMS_OBJECT **go, char *buffer, int size len = tdb_unpack (buffer, size, TDB_FORMAT_STRING, &version, &type, + &seqnum, &data_size, &obj_data); if (len == -1 || data_size <= 0) goto done; - /* version is checked inside this function so that backward compatibility code can be - called eventually. - this way we can easily handle database format upgrades */ + /* version is checked inside this function so that backward + compatibility code can be called eventually. + This way we can easily handle database format upgrades */ if (version != TDBSAM_VERSION) { - DEBUG(3,("init_tdbsam2_object_from_buffer: Error, db object has wrong tdbsam version!\n")); + DEBUG(3,("init_object_from_buffer: Error, db object has wrong tdbsam version!\n")); goto done; } @@ -116,20 +104,16 @@ static NTSTATUS init_object_from_buffer(GUMS_OBJECT **go, char *buffer, int size switch (type) { case GUMS_OBJ_DOMAIN: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_domain_data, (char *)(*go), obj_data); + iret = gen_parse(mem_ctx, pinfo_gums_domain, (char *)(*go), obj_data); break; case GUMS_OBJ_GROUP: case GUMS_OBJ_ALIAS: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_group_data, (char *)(*go), obj_data); + iret = gen_parse(mem_ctx, pinfo_gums_group, (char *)(*go), obj_data); break; case GUMS_OBJ_NORMAL_USER: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_user_data, (char *)(*go), obj_data); - break; - - case GUMS_OBJ_PRIVILEGE: - iret = gen_parse(mem_ctx, pinfo_tdbsam2_priv_data, (char *)(*go), obj_data); + iret = gen_parse(mem_ctx, pinfo_gums_user, (char *)(*go), obj_data); break; default: @@ -151,6 +135,62 @@ done: return ret; } +static NTSTATUS init_privilege_from_buffer(GUMS_PRIVILEGE **priv, char *buffer, int size) +{ + + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; + TALLOC_CTX *mem_ctx; + int iret; + char *obj_data = NULL; + int data_size = 0; + int version, seqnum; + int len; + + mem_ctx = talloc_init("init_privilege_from_buffer"); + if (!mem_ctx) { + DEBUG(0, ("init_privilege_from_buffer: Out of memory!\n")); + return NT_STATUS_NO_MEMORY; + } + + len = tdb_unpack (buffer, size, TDB_PRIV_FORMAT_STRING, + &version, + &seqnum, + &data_size, &obj_data); + + if (len == -1 || data_size <= 0) + goto done; + + /* version is checked inside this function so that backward + compatibility code can be called eventually. + This way we can easily handle database format upgrades */ + if (version != TDBSAM_VERSION) { + DEBUG(3,("init_privilege_from_buffer: Error, db object has wrong tdbsam version!\n")); + goto done; + } + + /* be sure the string is terminated before trying to parse it */ + if (obj_data[data_size - 1] != '\0') + obj_data[data_size - 1] = '\0'; + + *priv = (GUMS_PRIVILEGE *)talloc_zero(mem_ctx, sizeof(GUMS_PRIVILEGE)); + TALLOC_CHECK(*priv, ret, done); + + iret = gen_parse(mem_ctx, pinfo_gums_privilege, (char *)(*priv), obj_data); + + if (iret != 0) { + DEBUG(0, ("init_privilege_from_buffer: Fatal Error! Unable to parse object!\n")); + DEBUG(0, ("init_privilege_from_buffer: DB Corrupt ?")); + goto done; + } + + (*priv)->mem_ctx = mem_ctx; + + ret = NT_STATUS_OK; +done: + SAFE_FREE(obj_data); + return ret; +} + static NTSTATUS init_buffer_from_object(char **buffer, size_t *len, TALLOC_CTX *mem_ctx, GUMS_OBJECT *object) { @@ -164,20 +204,16 @@ static NTSTATUS init_buffer_from_object(char **buffer, size_t *len, TALLOC_CTX * switch (gums_get_object_type(object)) { case GUMS_OBJ_DOMAIN: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_domain_data, (char *)object, 0); + genbuf = gen_dump(mem_ctx, pinfo_gums_domain, (char *)object, 0); break; case GUMS_OBJ_GROUP: case GUMS_OBJ_ALIAS: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_group_data, (char *)object, 0); + genbuf = gen_dump(mem_ctx, pinfo_gums_group, (char *)object, 0); break; case GUMS_OBJ_NORMAL_USER: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_user_data, (char *)object, 0); - break; - - case GUMS_OBJ_PRIVILEGE: - genbuf = gen_dump(mem_ctx, pinfo_tdbsam2_priv_data, (char *)object, 0); + genbuf = gen_dump(mem_ctx, pinfo_gums_user, (char *)object, 0); break; default: @@ -193,6 +229,7 @@ static NTSTATUS init_buffer_from_object(char **buffer, size_t *len, TALLOC_CTX * buflen = tdb_pack(NULL, 0, TDB_FORMAT_STRING, TDBSAM_VERSION, object->type, + object->seq_num, strlen(genbuf) + 1, genbuf); *buffer = talloc(mem_ctx, buflen); @@ -201,6 +238,7 @@ static NTSTATUS init_buffer_from_object(char **buffer, size_t *len, TALLOC_CTX * *len = tdb_pack(*buffer, buflen, TDB_FORMAT_STRING, TDBSAM_VERSION, object->type, + object->seq_num, strlen(genbuf) + 1, genbuf); if (*len != buflen) { @@ -216,6 +254,49 @@ done: return ret; } +static NTSTATUS init_buffer_from_privilege(char **buffer, size_t *len, TALLOC_CTX *mem_ctx, GUMS_PRIVILEGE *priv) +{ + + NTSTATUS ret; + char *genbuf = NULL; + size_t buflen; + + if (!buffer || !len || !mem_ctx || !priv) + return NT_STATUS_INVALID_PARAMETER; + + genbuf = gen_dump(mem_ctx, pinfo_gums_privilege, (char *)priv, 0); + + if (genbuf == NULL) { + DEBUG(0, ("init_buffer_from_privilege: Fatal Error! Unable to dump object!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + buflen = tdb_pack(NULL, 0, TDB_PRIV_FORMAT_STRING, + TDBSAM_VERSION, + priv->seq_num, + strlen(genbuf) + 1, genbuf); + + *buffer = talloc(mem_ctx, buflen); + TALLOC_CHECK(*buffer, ret, done); + + *len = tdb_pack(*buffer, buflen, TDB_PRIV_FORMAT_STRING, + TDBSAM_VERSION, + priv->seq_num, + strlen(genbuf) + 1, genbuf); + + if (*len != buflen) { + DEBUG(0, ("init_buffer_from_privilege: something odd is going on here: bufflen (%d) != len (%d) in tdb_pack operations!\n", + buflen, *len)); + *buffer = NULL; + ret = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + ret = NT_STATUS_OK; +done: + return ret; +} + static NTSTATUS opentdb(TDB_CONTEXT **tdb, BOOL readonly) { if (!tdb) @@ -266,7 +347,46 @@ done: return ret; } -static NTSTATUS get_object_by_name(TDB_CONTEXT *tdb, GUMS_OBJECT **obj, const char* name) +static NTSTATUS make_full_object_name(TDB_CONTEXT *tdb, fstring objname, GUMS_OBJECT *object) +{ + NTSTATUS ret; + + objname[0] = '\0'; + + if (gums_get_object_type(object) == GUMS_OBJ_DOMAIN) { + + fstrcpy(objname, gums_get_object_name(object)); + + } else { + GUMS_OBJECT *domain_object; + DOM_SID domain_sid; + uint32 *discard_rid; + + sid_copy(&domain_sid, gums_get_object_sid(object)); + sid_split_rid(&domain_sid, discard_rid); + + if (!NT_STATUS_IS_OK(get_object_by_sid(tdb, + &domain_object, + &domain_sid))) { + + DEBUG(3, ("Object's domain not found!\n")); + ret = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + fstrcpy(objname, gums_get_object_name(domain_object)); + fstrcat(objname, "\\"); + fstrcat(objname, gums_get_object_name(object)); + } + + ret = NT_STATUS_OK; + +done: + return ret; +} + +/* name should be in DOMAIN\NAME format */ +static NTSTATUS get_object_by_name(TDB_CONTEXT *tdb, GUMS_OBJECT **obj, const char *fullname) { NTSTATUS ret = NT_STATUS_OK; @@ -277,14 +397,15 @@ static NTSTATUS get_object_by_name(TDB_CONTEXT *tdb, GUMS_OBJECT **obj, const ch fstring sidstr; int sidstr_len; - if (!obj || !name) + if (!obj || !fullname) return NT_STATUS_INVALID_PARAMETER; /* Data is stored in all lower-case */ - fstrcpy(objname, name); + fstrcpy(objname, fullname); strlower_m(objname); slprintf(keystr, sizeof(keystr)-1, "%s%s", NAMEPREFIX, objname); + key.dptr = keystr; key.dsize = strlen(keystr) + 1; @@ -320,13 +441,52 @@ done: return ret; } -/* store a tdbsam2_object +/* Get object's sequence number */ + +static NTSTATUS get_object_seq_num(TDB_CONTEXT *tdb, GUMS_OBJECT *object, int *seq_num) +{ + + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; + TDB_DATA data, key; + fstring keystr; + fstring sidstr; + int version, type, seqnum; + + if (!object || !seq_num) + return NT_STATUS_INVALID_PARAMETER; + + fstrcpy(sidstr, sid_string_static(gums_get_object_sid(object))); + slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sidstr); + + key.dptr = keystr; + key.dsize = strlen(keystr) + 1; + + data = tdb_fetch(tdb, key); + if (!data.dptr) { + DEBUG(5, ("get_object_seq_num: Entry not found!\n")); + DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdb))); + DEBUGADD(5, (" Key: %s\n", keystr)); + ret = NT_STATUS_NOT_FOUND; + goto done; + } + + if (tdb_unpack (data.dptr, data.dsize, TDB_BASIC_OBJ_STRING, &version, &type, &seqnum) == -1) + goto done; + + *seq_num = seqnum; + ret = NT_STATUS_OK; + +done: + SAFE_FREE(data.dptr); + return ret; +} + +/* store a gums object * flag: TDB_REPLACE or TDB_MODIFY or TDB_INSERT */ -static NTSTATUS store_object(TDB_CONTEXT *tdb, const GUMS_OBJECT *object, int flag) +static NTSTATUS store_object(TDB_CONTEXT *tdb, GUMS_OBJECT *object, int flag) { - NTSTATUS ret = NT_STATUS_OK; TDB_DATA data, data2, key, key2; TALLOC_CTX *mem_ctx; @@ -346,308 +506,65 @@ static NTSTATUS store_object(TDB_CONTEXT *tdb, const GUMS_OBJECT *object, int fl return NT_STATUS_NO_MEMORY; } - if (!NT_STATUS_IS_OK(ret = init_buffer_from_object(&(data.dptr), &(data.dsize), mem_ctx, object))) - goto done; - - switch (object->type) { - - case GUMS_OBJ_DOMAIN: - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - case GUMS_OBJ_NORMAL_USER: - - fstrcpy(sidstr, sid_string_static(gums_get_object_sid(object))); - slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sidstr); - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - goto done; - } + make_full_object_name(tdb, objname, object); /* Data is stored in all lower-case */ - fstrcpy(objname, gums_get_object_name(object)); strlower_m(objname); - slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, objname); - - if (object->type != GUMS_OBJ_PRIVILEGE) { - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - if ((r = tdb_store(tdb, key, data, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing sid record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - - data2.dptr = sidstr; - data2.dsize = strlen(sidstr) + 1; - key2.dptr = namestr; - key2.dsize = strlen(namestr) + 1; - - if ((r = tdb_store(tdb, key2, data2, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing name record (%s)\n", keystr)); - DEBUGADD(0, (" attempting rollback operation.\n")); - if ((tdb_delete(tdb, key)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to rollback! Check database consitency!\n")); - } - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; - goto done; - } - } else { - key.dptr = namestr; - key.dsize = strlen(keystr) + 1; - - if ((r = tdb_store(tdb, key, data, flag)) != TDB_SUCCESS) { - DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); - DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); - DEBUGADD(0, (" occured while storing sid record (%s)\n", keystr)); - if (r == TDB_ERR_EXISTS) - ret = NT_STATUS_UNSUCCESSFUL; - else - ret = NT_STATUS_INTERNAL_DB_ERROR; + if (flag == TDB_MODIFY) { + if (!NT_STATUS_IS_OK(ret = get_object_seq_num(tdb, object, &(object->seq_num)))) goto done; - } - } - -/* TODO: update the general database counter */ -/* TODO: update this entry counter too */ - -done: - talloc_destroy(mem_ctx); - return ret; -} - -#if 0 -static NTSTATUS user_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_user_data *userdata) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - DATA_BLOB pwd; - - if (!object || !userdata) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; - } - - /* userdata->xcounter */ - /* userdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, userdata->user_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, userdata->name), error); - - SET_OR_FAIL(gums_set_user_pri_group(*object, userdata->group_sid), error); - - if (userdata->description) - SET_OR_FAIL(gums_set_object_description(*object, userdata->description), error); - - if (userdata->full_name) - SET_OR_FAIL(gums_set_user_fullname(*object, userdata->full_name), error); - - if (userdata->home_dir) - SET_OR_FAIL(gums_set_user_homedir(*object, userdata->home_dir), error); - - if (userdata->dir_drive) - SET_OR_FAIL(gums_set_user_dir_drive(*object, userdata->dir_drive), error); - - if (userdata->logon_script) - SET_OR_FAIL(gums_set_user_logon_script(*object, userdata->logon_script), error); - - if (userdata->profile_path) - SET_OR_FAIL(gums_set_user_profile_path(*object, userdata->profile_path), error); - - if (userdata->workstations) - SET_OR_FAIL(gums_set_user_workstations(*object, userdata->workstations), error); - - if (userdata->unknown_str) - SET_OR_FAIL(gums_set_user_unknown_str(*object, userdata->unknown_str), error); - - if (userdata->munged_dial) - SET_OR_FAIL(gums_set_user_munged_dial(*object, userdata->munged_dial), error); - - SET_OR_FAIL(gums_set_user_logon_divs(*object, userdata->logon_divs), error); - - if (userdata->hours) - SET_OR_FAIL(gums_set_user_hours(*object, userdata->hours_len, userdata->hours), error); - - SET_OR_FAIL(gums_set_user_unknown_3(*object, userdata->unknown_3), error); - SET_OR_FAIL(gums_set_user_unknown_5(*object, userdata->unknown_5), error); - SET_OR_FAIL(gums_set_user_unknown_6(*object, userdata->unknown_6), error); - - SET_OR_FAIL(gums_set_user_logon_time(*object, *(userdata->logon_time)), error); - SET_OR_FAIL(gums_set_user_logoff_time(*object, *(userdata->logoff_time)), error); - SET_OR_FAIL(gums_set_user_kickoff_time(*object, *(userdata->kickoff_time)), error); - SET_OR_FAIL(gums_set_user_pass_last_set_time(*object, *(userdata->pass_last_set_time)), error); - SET_OR_FAIL(gums_set_user_pass_can_change_time(*object, *(userdata->pass_can_change_time)), error); - SET_OR_FAIL(gums_set_user_pass_must_change_time(*object, *(userdata->pass_must_change_time)), error); - - pwd = data_blob(userdata->nt_pw_ptr, NT_HASH_LEN); - ret = gums_set_user_nt_pwd(*object, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("user_data_to_gums_object: failed to set nt password!\n")); - goto error; - } - pwd = data_blob(userdata->lm_pw_ptr, LM_HASH_LEN); - ret = gums_set_user_lm_pwd(*object, pwd); - data_blob_clear_free(&pwd); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("user_data_to_gums_object: failed to set lanman password!\n")); - goto error; - } - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS group_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_group_data *groupdata) -{ - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !groupdata) { - DEBUG(0, ("tdbsam2_group_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; + object->seq_num += 1; } - /* groupdata->xcounter */ - /* groupdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, groupdata->group_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, groupdata->name), error); - - if (groupdata->description) - SET_OR_FAIL(gums_set_object_description(*object, groupdata->description), error); - - if (groupdata->count) - SET_OR_FAIL(gums_set_group_members(*object, groupdata->count, groupdata->members), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS domain_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_domain_data *domdata) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !*object || !domdata) { - DEBUG(0, ("tdbsam2_domain_data_to_gums_object: no NULL pointers are accepted here!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - /* domdata->xcounter */ - /* domdata->sec_desc */ - - SET_OR_FAIL(gums_set_object_sid(*object, domdata->dom_sid), error); - SET_OR_FAIL(gums_set_object_name(*object, domdata->name), error); - - if (domdata->description) - SET_OR_FAIL(gums_set_object_description(*object, domdata->description), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} - -static NTSTATUS priv_data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_priv_data *privdata) -{ - - NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; - - if (!object || !*object || !privdata) { - DEBUG(0, ("tdbsam2_priv_data_to_gums_object: no NULL pointers are accepted here!\n")); - return ret; - } - - /* domdata->xcounter */ - /* domdata->sec_desc */ - - SET_OR_FAIL(gums_set_priv_luid_attr(*object, privdata->privilege), error); - SET_OR_FAIL(gums_set_object_name(*object, privdata->name), error); - - if (privdata->description) - SET_OR_FAIL(gums_set_object_description(*object, privdata->description), error); - - if (privdata->count) - SET_OR_FAIL(gums_set_priv_members(*object, privdata->count, privdata->members), error); - - ret = NT_STATUS_OK; - return ret; - -error: - talloc_destroy((*object)->mem_ctx); - *object = NULL; - return ret; -} + if (!NT_STATUS_IS_OK(ret = init_buffer_from_object(&(data.dptr), &(data.dsize), mem_ctx, object))) + goto done; -static NTSTATUS data_to_gums_object(GUMS_OBJECT **object, struct tdbsam2_object *data) -{ + fstrcpy(sidstr, sid_string_static(gums_get_object_sid(object))); + slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sidstr); + slprintf(namestr, sizeof(namestr) - 1, "%s%s", NAMEPREFIX, objname); - NTSTATUS ret; + key.dptr = keystr; + key.dsize = strlen(keystr) + 1; - if (!object || !data) { - DEBUG(0, ("tdbsam2_user_data_to_gums_object: no NULL structure pointers are accepted here!\n")); - ret = NT_STATUS_INVALID_PARAMETER; + if ((r = tdb_store(tdb, key, data, flag)) != TDB_SUCCESS) { + DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); + DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); + DEBUGADD(0, (" occured while storing sid record (%s)\n", keystr)); + if (r == TDB_ERR_EXISTS) + ret = NT_STATUS_UNSUCCESSFUL; + else + ret = NT_STATUS_INTERNAL_DB_ERROR; goto done; } - ret = gums_create_object(object, data->type); - if (!NT_STATUS_IS_OK(ret)) { - DEBUG(5, ("tdbsam2_user_data_to_gums_object: error creating gums object!\n")); + data2.dptr = sidstr; + data2.dsize = strlen(sidstr) + 1; + key2.dptr = namestr; + key2.dsize = strlen(namestr) + 1; + + if ((r = tdb_store(tdb, key2, data2, flag)) != TDB_SUCCESS) { + DEBUG(0, ("store_object: Unable to modify TDBSAM!\n")); + DEBUGADD(0, (" Error: %s", tdb_errorstr(tdb))); + DEBUGADD(0, (" occured while storing name record (%s)\n", keystr)); + DEBUGADD(0, (" attempting rollback operation.\n")); + if ((tdb_delete(tdb, key)) != TDB_SUCCESS) { + DEBUG(0, ("store_object: Unable to rollback! Check database consitency!\n")); + } + if (r == TDB_ERR_EXISTS) + ret = NT_STATUS_UNSUCCESSFUL; + else + ret = NT_STATUS_INTERNAL_DB_ERROR; goto done; } - switch (data->type) { - - case GUMS_OBJ_DOMAIN: - ret = domain_data_to_gums_object(object, data->data.domain); - break; - - case GUMS_OBJ_NORMAL_USER: - ret = user_data_to_gums_object(object, data->data.user); - break; - - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - ret = group_data_to_gums_object(object, data->data.group); - break; - - case GUMS_OBJ_PRIVILEGE: - ret = priv_data_to_gums_object(object, data->data.priv); - break; - - default: - ret = NT_STATUS_UNSUCCESSFUL; - } +/* TODO: update the general database counter */ +/* TODO: update this entry counter too */ done: + talloc_destroy(mem_ctx); return ret; } -#endif /* GUMM object functions */ @@ -788,26 +705,18 @@ static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj goto done; } - if (obj_type != GUMS_OBJ_PRIVILEGE) { - if (!sid) { - ret = NT_STATUS_INVALID_PARAMETER; + if (obj_type == GUMS_OBJ_DOMAIN) { + sid_copy(sid, get_global_sam_sid()); + } else { + if (!NT_STATUS_IS_OK(ret = get_next_sid(tdb, sid))) goto done; - } - - if (obj_type == GUMS_OBJ_DOMAIN) { - sid_copy(sid, get_global_sam_sid()); - } else { - if (!NT_STATUS_IS_OK(ret = get_next_sid(tdb, sid))) - goto done; - } - - gums_set_object_sid(go, sid); } + gums_set_object_sid(go, sid); gums_set_object_name(go, name); gums_set_object_seq_num(go, 1); - /*obj.data.domain->sec_desc*/ + /*obj.domain->sec_desc*/ switch (obj_type) { case GUMS_OBJ_NORMAL_USER: @@ -829,7 +738,6 @@ static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj gums_set_user_logon_divs(go, 168); gums_set_user_hours(go, 21, defhours); - gums_set_user_unknown_3(go, 0x00ffffff); gums_set_user_bad_password_count(go, 0); gums_set_user_logon_count(go, 0); gums_set_user_unknown_6(go, 0x000004ec); @@ -846,10 +754,6 @@ static NTSTATUS tdbsam2_new_object(DOM_SID *sid, const char *name, const int obj break; - case GUMS_OBJ_PRIVILEGE: - - break; - default: ret = NT_STATUS_OBJECT_TYPE_MISMATCH; goto done; @@ -864,6 +768,8 @@ done: return ret; } +/* TODO: handle privileges objects */ + static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid) { /* TODO: need to address privilege deletion */ @@ -882,7 +788,7 @@ static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid) return ret; } - slprintf(keystr, sizeof(keystr)-1, "%s%s", SIDPREFIX, sid_string_static(sid)); + slprintf(keystr, sizeof(keystr) - 1, "%s%s", SIDPREFIX, sid_string_static(sid)); key.dptr = keystr; key.dsize = strlen(keystr) + 1; @@ -909,18 +815,7 @@ static NTSTATUS tdbsam2_delete_object(const DOM_SID *sid) goto done; } - switch (go->type) { - case GUMS_OBJ_DOMAIN: - /* FIXME: SHOULD WE ALLOW TO DELETE DOMAINS ? */ - case GUMS_OBJ_GROUP: - case GUMS_OBJ_ALIAS: - case GUMS_OBJ_NORMAL_USER: - slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, gums_get_object_name(go)); - break; - default: - ret = NT_STATUS_OBJECT_TYPE_MISMATCH; - goto done; - } + slprintf(keystr, sizeof(keystr) - 1, "%s%s", NAMEPREFIX, gums_get_object_name(go)); key.dptr = keystr; key.dsize = strlen(keystr) + 1; @@ -956,10 +851,14 @@ static NTSTATUS tdbsam2_get_object_from_sid(GUMS_OBJECT **object, const DOM_SID } ret = get_object_by_sid(tdb, object, sid); - if (!NT_STATUS_IS_OK(ret) || (obj_type && gums_get_object_type(*object) != obj_type)) { + if (!NT_STATUS_IS_OK(ret)) { DEBUG(0, ("tdbsam2_get_object_from_sid: %s\n", nt_errstr(ret))); goto error; } + if (obj_type && gums_get_object_type(*object) != obj_type) { + DEBUG(0, ("tdbsam2_get_object_from_sid: the object is not of the rerquested type!\n")); + goto error; + } tdb_close(tdb); return NT_STATUS_OK; @@ -970,10 +869,11 @@ error: return ret; } -static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *name, const int obj_type) +static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *domain, const char *name, const int obj_type) { NTSTATUS ret; TDB_CONTEXT *tdb; + fstring objname; if (!object || !name) { DEBUG(0, ("tdbsam2_get_object_from_name: no NULL pointers are accepted here!\n")); @@ -984,12 +884,27 @@ static NTSTATUS tdbsam2_get_object_from_name(GUMS_OBJECT **object, const char *n return ret; } + if (obj_type == GUMS_OBJ_DOMAIN) { + fstrcpy(objname, name); + } else { + if (!domain) { + domain = global_myname(); + } + fstrcpy(objname, domain); + fstrcat(objname, "\\"); + fstrcat(objname, name); + } + *object = NULL; ret = get_object_by_name(tdb, object, name); - if (!NT_STATUS_IS_OK(ret) || (obj_type && gums_get_object_type(*object) != obj_type)) { + if (!NT_STATUS_IS_OK(ret)) { DEBUG(0, ("tdbsam2_get_object_from_name: %s\n", nt_errstr(ret))); goto error; } + if (obj_type && gums_get_object_type(*object) != obj_type) { + DEBUG(0, ("tdbsam2_get_object_from_name: the object is not of the rerquested type!\n")); + goto error; + } tdb_close(tdb); return NT_STATUS_OK; @@ -1072,7 +987,7 @@ static NTSTATUS tdbsam2_enumerate_objects_get_next(GUMS_OBJECT **object, void *h } while ((teo->key.dptr != NULL)) { - int len, version, type, size; + int len, version, type, size, seqnum; char *ptr; if (strncmp(teo->key.dptr, prefix, preflen)) { @@ -1099,6 +1014,7 @@ static NTSTATUS tdbsam2_enumerate_objects_get_next(GUMS_OBJECT **object, void *h len = tdb_unpack (data.dptr, data.dsize, TDB_FORMAT_STRING, &version, &type, + &seqnum, &size, &ptr); if (len == -1) { @@ -1166,7 +1082,7 @@ static NTSTATUS tdbsam2_enumerate_objects_stop(void *handle) return NT_STATUS_OK; } -static NTSTATUS tdbsam2_set_object(const GUMS_OBJECT *go) +static NTSTATUS tdbsam2_set_object(GUMS_OBJECT *go) { NTSTATUS ret; TDB_CONTEXT *tdb; @@ -1200,12 +1116,14 @@ static NTSTATUS (*unlock_sid) (const DOM_SID *sid); /* privileges related functions */ -static NTSTATUS (*add_members_to_privilege) (const LUID_ATTR *priv, const DOM_SID **members); -static NTSTATUS (*delete_members_from_privilege) (const LUID_ATTR *priv, const DOM_SID **members); -static NTSTATUS (*enumerate_privilege_members) (DOM_SID **members, const LUID_ATTR *priv); -static NTSTATUS (*get_sid_privileges) (DOM_SID **privs, const DOM_SID *sid); +static NTSTATUS (*get_privilege) (GUMS_OBJECT **object, const char *name); +static NTSTATUS (*add_members_to_privilege) (const char *name, const DOM_SID **members); +static NTSTATUS (*delete_members_from_privilege) (const char *name, const DOM_SID **members); +static NTSTATUS (*enumerate_privilege_members) (const char *name, DOM_SID **members); +static NTSTATUS (*get_sid_privileges) (const DOM_SID *sid, const char **privs); + /* warning!: set_privilege will overwrite a prior existing privilege if such exist */ -static NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); +static NTSTATUS (*set_privilege) (GUMS_PRIVILEGE *priv); #endif static void free_tdbsam2_private_data(void **vp) @@ -1243,6 +1161,7 @@ static NTSTATUS init_tdbsam2(GUMS_FUNCTIONS *fns, const char *storage) fns->get_sid_groups = tdbsam2_get_sid_groups; fns->lock_sid = tdbsam2_lock_sid; fns->unlock_sid = tdbsam2_unlock_sid; + fns->get_privilege = tdbsam2_get_privilege; fns->add_members_to_privilege = tdbsam2_add_members_to_privilege; fns->delete_members_from_privilege = tdbsam2_delete_members_from_privilege; fns->enumerate_privilege_members = tdbsam2_enumerate_privilege_members; @@ -1280,7 +1199,7 @@ static NTSTATUS init_tdbsam2(GUMS_FUNCTIONS *fns, const char *storage) gums_init_builtin_domain(); } - gums_init_domain(get_global_sam_sid(), global_myname()); + gums_init_domain(get_global_sam_sid(), global_myname(), "The Domain"); } fns->private_data = &ts2_privs; |