summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--auth/auth_sam_reply.c25
-rw-r--r--librpc/idl/netlogon.idl14
-rw-r--r--source3/auth/auth_util.c4
-rw-r--r--source3/auth/server_info.c20
-rw-r--r--source3/auth/user_krb5.c6
-rw-r--r--source3/rpc_client/util_netlogon.c2
-rw-r--r--source3/rpc_server/rpc_server.c2
-rw-r--r--source3/winbindd/winbindd_pam.c14
-rw-r--r--source4/auth/ntlm/auth_winbind.c14
-rw-r--r--source4/torture/rpc/samsync.c8
-rw-r--r--source4/winbind/wb_pam_auth.c6
-rw-r--r--source4/winbind/wb_samba3_cmd.c8
12 files changed, 67 insertions, 56 deletions
diff --git a/auth/auth_sam_reply.c b/auth/auth_sam_reply.c
index 59fcf7ad5d..00e04b941e 100644
--- a/auth/auth_sam_reply.c
+++ b/auth/auth_sam_reply.c
@@ -59,9 +59,9 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
info = user_info_dc->info;
- sam->last_logon = info->last_logon;
- sam->last_logoff = info->last_logoff;
- sam->acct_expiry = info->acct_expiry;
+ sam->logon_time = info->last_logon;
+ sam->logoff_time = info->last_logoff;
+ sam->kickoff_time = info->acct_expiry;
sam->last_password_change = info->last_password_change;
sam->allow_password_change = info->allow_password_change;
sam->force_password_change = info->force_password_change;
@@ -107,9 +107,12 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
}
sam->acct_flags = user_info_dc->info->acct_flags;
sam->logon_server.string = user_info_dc->info->logon_server;
- sam->domain.string = user_info_dc->info->domain_name;
-
- ZERO_STRUCT(sam->unknown);
+ sam->logon_domain.string = user_info_dc->info->domain_name;
+ sam->sub_auth_status = 0;
+ sam->last_successful_logon = 0;
+ sam->last_failed_logon = 0;
+ sam->failed_logon_count = 0;
+ sam->reserved = 0;
ZERO_STRUCT(sam->key);
if (user_info_dc->user_session_key.length == sizeof(sam->key.key)) {
@@ -198,8 +201,8 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
}
NT_STATUS_HAVE_NO_MEMORY(info->account_name);
- if (base->domain.string) {
- info->domain_name = talloc_strdup(info, base->domain.string);
+ if (base->logon_domain.string) {
+ info->domain_name = talloc_strdup(info, base->logon_domain.string);
NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
}
@@ -227,9 +230,9 @@ NTSTATUS make_user_info_SamBaseInfo(TALLOC_CTX *mem_ctx,
info->logon_server = talloc_strdup(info, base->logon_server.string);
NT_STATUS_HAVE_NO_MEMORY(info->logon_server);
}
- info->last_logon = base->last_logon;
- info->last_logoff = base->last_logoff;
- info->acct_expiry = base->acct_expiry;
+ info->last_logon = base->logon_time;
+ info->last_logoff = base->logoff_time;
+ info->acct_expiry = base->kickoff_time;
info->last_password_change = base->last_password_change;
info->allow_password_change = base->allow_password_change;
info->force_password_change = base->force_password_change;
diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl
index 813421eef9..24bab8030d 100644
--- a/librpc/idl/netlogon.idl
+++ b/librpc/idl/netlogon.idl
@@ -207,9 +207,9 @@ interface netlogon
} netr_UserFlags;
typedef struct {
- NTTIME last_logon;
- NTTIME last_logoff;
- NTTIME acct_expiry;
+ NTTIME logon_time;
+ NTTIME logoff_time;
+ NTTIME kickoff_time;
NTTIME last_password_change;
NTTIME allow_password_change;
NTTIME force_password_change;
@@ -227,11 +227,15 @@ interface netlogon
netr_UserFlags user_flags;
netr_UserSessionKey key;
lsa_StringLarge logon_server;
- lsa_StringLarge domain;
+ lsa_StringLarge logon_domain;
dom_sid2 *domain_sid;
netr_LMSessionKey LMSessKey;
samr_AcctFlags acct_flags;
- uint32 unknown[7];
+ uint32 sub_auth_status;
+ NTTIME last_successful_logon;
+ NTTIME last_failed_logon;
+ uint32 failed_logon_count;
+ uint32 reserved;
} netr_SamBaseInfo;
typedef struct {
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2c26414b27..fcfed834e5 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -797,7 +797,7 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
if (tmp == NULL) {
return NT_STATUS_NO_MEMORY;
}
- init_lsa_StringLarge(&info3->base.domain, tmp);
+ init_lsa_StringLarge(&info3->base.logon_domain, tmp);
/* Domain sid */
sid_copy(&domain_sid, get_global_sam_sid());
@@ -1372,7 +1372,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
nt_username = sent_nt_username;
}
- nt_domain = talloc_strdup(mem_ctx, info3->base.domain.string);
+ nt_domain = talloc_strdup(mem_ctx, info3->base.logon_domain.string);
if (!nt_domain) {
/* If the server didn't give us one, just use the one we sent
* them */
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index 5b2706a28a..6c2723d699 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -384,9 +384,9 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
}
}
- unix_to_nt_time(&info3->base.last_logon, pdb_get_logon_time(samu));
- unix_to_nt_time(&info3->base.last_logoff, get_time_t_max());
- unix_to_nt_time(&info3->base.acct_expiry, get_time_t_max());
+ unix_to_nt_time(&info3->base.logon_time, pdb_get_logon_time(samu));
+ unix_to_nt_time(&info3->base.logoff_time, get_time_t_max());
+ unix_to_nt_time(&info3->base.kickoff_time, get_time_t_max());
unix_to_nt_time(&info3->base.last_password_change,
pdb_get_pass_last_set_time(samu));
unix_to_nt_time(&info3->base.allow_password_change,
@@ -428,9 +428,9 @@ NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx,
info3->base.logon_count = pdb_get_logon_count(samu);
info3->base.bad_password_count = pdb_get_bad_password_count(samu);
- info3->base.domain.string = talloc_strdup(info3,
+ info3->base.logon_domain.string = talloc_strdup(info3,
pdb_get_domain(samu));
- RET_NOMEM(info3->base.domain.string);
+ RET_NOMEM(info3->base.logon_domain.string);
info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
RET_NOMEM(info3->base.domain_sid);
@@ -560,9 +560,9 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
info3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
if (!info3) return NULL;
- info3->base.last_logon = info->logon_time;
- info3->base.last_logoff = info->logoff_time;
- info3->base.acct_expiry = info->kickoff_time;
+ info3->base.logon_time = info->logon_time;
+ info3->base.logoff_time = info->logoff_time;
+ info3->base.kickoff_time = info->kickoff_time;
unix_to_nt_time(&info3->base.last_password_change, info->pass_last_set_time);
unix_to_nt_time(&info3->base.allow_password_change,
info->pass_can_change_time);
@@ -635,9 +635,9 @@ struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
RET_NOMEM(info3->base.logon_server.string);
}
if (info->domain_name) {
- info3->base.domain.string =
+ info3->base.logon_domain.string =
talloc_strdup(info3, info->domain_name);
- RET_NOMEM(info3->base.domain.string);
+ RET_NOMEM(info3->base.logon_domain.string);
}
info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
index b106e45973..f90ef6c158 100644
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -73,9 +73,9 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
}
}
- if (logon_info && logon_info->info3.base.domain.string) {
+ if (logon_info && logon_info->info3.base.logon_domain.string) {
domain = talloc_strdup(mem_ctx,
- logon_info->info3.base.domain.string);
+ logon_info->info3.base.logon_domain.string);
if (!domain) {
return NT_STATUS_NO_MEMORY;
}
@@ -259,7 +259,7 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx,
* %D. */
if (server_info->info3 != NULL) {
- server_info->info3->base.domain.string =
+ server_info->info3->base.logon_domain.string =
talloc_strdup(server_info->info3, ntdomain);
}
}
diff --git a/source3/rpc_client/util_netlogon.c b/source3/rpc_client/util_netlogon.c
index 558a4dae03..d22078be33 100644
--- a/source3/rpc_client/util_netlogon.c
+++ b/source3/rpc_client/util_netlogon.c
@@ -52,7 +52,7 @@ NTSTATUS copy_netr_SamBaseInfo(TALLOC_CTX *mem_ctx,
}
COPY_LSA_STRING(mem_ctx, in, out, logon_server);
- COPY_LSA_STRING(mem_ctx, in, out, domain);
+ COPY_LSA_STRING(mem_ctx, in, out, logon_domain);
if (in->domain_sid) {
out->domain_sid = dom_sid_dup(mem_ctx, in->domain_sid);
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c
index 5270b72fbd..89885b9230 100644
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -111,7 +111,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
status = make_server_info_info3(p,
info3->base.account_name.string,
- info3->base.domain.string,
+ info3->base.logon_domain.string,
&server_info, info3);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to init server info\n"));
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 7417bf42cb..999cb156ed 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -52,11 +52,11 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
uint32_t i;
resp->data.auth.info3.logon_time =
- nt_time_to_unix(info3->base.last_logon);
+ nt_time_to_unix(info3->base.logon_time);
resp->data.auth.info3.logoff_time =
- nt_time_to_unix(info3->base.last_logoff);
+ nt_time_to_unix(info3->base.logoff_time);
resp->data.auth.info3.kickoff_time =
- nt_time_to_unix(info3->base.acct_expiry);
+ nt_time_to_unix(info3->base.kickoff_time);
resp->data.auth.info3.pass_last_set_time =
nt_time_to_unix(info3->base.last_password_change);
resp->data.auth.info3.pass_can_change_time =
@@ -93,7 +93,7 @@ static NTSTATUS append_info3_as_txt(TALLOC_CTX *mem_ctx,
fstrcpy(resp->data.auth.info3.logon_srv,
info3->base.logon_server.string);
fstrcpy(resp->data.auth.info3.logon_dom,
- info3->base.domain.string);
+ info3->base.logon_domain.string);
ex = talloc_strdup(mem_ctx, "");
NT_STATUS_HAVE_NO_MEMORY(ex);
@@ -156,7 +156,7 @@ static NTSTATUS append_unix_username(TALLOC_CTX *mem_ctx,
const char *nt_username, *nt_domain;
- nt_domain = talloc_strdup(mem_ctx, info3->base.domain.string);
+ nt_domain = talloc_strdup(mem_ctx, info3->base.logon_domain.string);
if (!nt_domain) {
/* If the server didn't give us one, just use the one
* we sent them */
@@ -895,7 +895,7 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
return NT_STATUS_LOGON_FAILURE;
}
- kickoff_time = nt_time_to_unix(my_info3->base.acct_expiry);
+ kickoff_time = nt_time_to_unix(my_info3->base.kickoff_time);
if (kickoff_time != 0 && time(NULL) > kickoff_time) {
return NT_STATUS_ACCOUNT_EXPIRED;
}
@@ -977,7 +977,7 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
/* FIXME: we possibly should handle logon hours as well (does xp when
* offline?) see auth/auth_sam.c:sam_account_ok for details */
- unix_to_nt_time(&my_info3->base.last_logon, time(NULL));
+ unix_to_nt_time(&my_info3->base.logon_time, time(NULL));
my_info3->base.bad_password_count = 0;
result = winbindd_update_creds_by_info3(domain,
diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c
index 63827ef755..34fe6f870c 100644
--- a/source4/auth/ntlm/auth_winbind.c
+++ b/source4/auth/ntlm/auth_winbind.c
@@ -45,9 +45,9 @@ static NTSTATUS get_info3_from_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
user_sid = (struct dom_sid *)(void *)&info->sids[0].sid;
group_sid = (struct dom_sid *)(void *)&info->sids[1].sid;
- info3->base.last_logon = info->logon_time;
- info3->base.last_logoff = info->logoff_time;
- info3->base.acct_expiry = info->kickoff_time;
+ info3->base.logon_time = info->logon_time;
+ info3->base.logoff_time = info->logoff_time;
+ info3->base.kickoff_time = info->kickoff_time;
info3->base.last_password_change = info->pass_last_set_time;
info3->base.allow_password_change = info->pass_can_change_time;
info3->base.force_password_change = info->pass_must_change_time;
@@ -66,7 +66,7 @@ static NTSTATUS get_info3_from_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
info->home_drive);
info3->base.logon_server.string = talloc_strdup(mem_ctx,
info->logon_server);
- info3->base.domain.string = talloc_strdup(mem_ctx,
+ info3->base.logon_domain.string = talloc_strdup(mem_ctx,
info->domain_name);
info3->base.logon_count = info->logon_count;
@@ -77,7 +77,11 @@ static NTSTATUS get_info3_from_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
memcpy(info3->base.LMSessKey.key, info->lm_session_key,
sizeof(info3->base.LMSessKey.key));
info3->base.acct_flags = info->acct_flags;
- memset(info3->base.unknown, 0, sizeof(info3->base.unknown));
+ info3->base.sub_auth_status = 0;
+ info3->base.last_successful_logon = 0;
+ info3->base.last_failed_logon = 0;
+ info3->base.failed_logon_count = 0;
+ info3->base.reserved = 0;
if (info->num_sids < 2) {
return NT_STATUS_INVALID_PARAMETER;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index fd1fbbff1f..b92eb21985 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -684,8 +684,8 @@ static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ct
TEST_STRING_EQUAL(user->logon_script, info3->base.logon_script);
- TEST_TIME_EQUAL(user->last_logon, info3->base.last_logon);
- TEST_TIME_EQUAL(user->acct_expiry, info3->base.acct_expiry);
+ TEST_TIME_EQUAL(user->last_logon, info3->base.logon_time);
+ TEST_TIME_EQUAL(user->acct_expiry, info3->base.kickoff_time);
TEST_TIME_EQUAL(user->last_password_change, info3->base.last_password_change);
TEST_TIME_EQUAL(info->info21.force_password_change, info3->base.force_password_change);
@@ -696,8 +696,8 @@ static bool samsync_handle_user(struct torture_context *tctx, TALLOC_CTX *mem_ct
/* This copes with the two different versions of 0 I see */
/* with NT4 sp6 we have the || case */
if (!((user->last_logoff == 0)
- || (info3->base.last_logoff == 0x7fffffffffffffffLL))) {
- TEST_TIME_EQUAL(user->last_logoff, info3->base.last_logoff);
+ || (info3->base.logoff_time == 0x7fffffffffffffffLL))) {
+ TEST_TIME_EQUAL(user->last_logoff, info3->base.logoff_time);
}
TEST_INT_EQUAL(rids->count, info3->base.groups.count);
diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index e09addac73..bcbc6286b5 100644
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -170,9 +170,9 @@ static void pam_auth_crap_recv_logon(struct composite_context *ctx)
state->user_name = base->account_name.string;
talloc_steal(state, base->account_name.string);
}
- if (base->domain.string) {
- state->domain_name = base->domain.string;
- talloc_steal(state, base->domain.string);
+ if (base->logon_domain.string) {
+ state->domain_name = base->logon_domain.string;
+ talloc_steal(state, base->logon_domain.string);
}
state->unix_username = talloc_asprintf(state, "%s%s%s",
diff --git a/source4/winbind/wb_samba3_cmd.c b/source4/winbind/wb_samba3_cmd.c
index 679a2a2335..54b1dcc39c 100644
--- a/source4/winbind/wb_samba3_cmd.c
+++ b/source4/winbind/wb_samba3_cmd.c
@@ -61,11 +61,11 @@ static NTSTATUS wb_samba3_append_info3_as_txt(TALLOC_CTX *mem_ctx,
}
s3call->response->data.auth.info3.logon_time =
- nt_time_to_unix(info3->base.last_logon);
+ nt_time_to_unix(info3->base.logon_time);
s3call->response->data.auth.info3.logoff_time =
- nt_time_to_unix(info3->base.last_logoff);
+ nt_time_to_unix(info3->base.logoff_time);
s3call->response->data.auth.info3.kickoff_time =
- nt_time_to_unix(info3->base.acct_expiry);
+ nt_time_to_unix(info3->base.kickoff_time);
s3call->response->data.auth.info3.pass_last_set_time =
nt_time_to_unix(info3->base.last_password_change);
s3call->response->data.auth.info3.pass_can_change_time =
@@ -102,7 +102,7 @@ static NTSTATUS wb_samba3_append_info3_as_txt(TALLOC_CTX *mem_ctx,
fstrcpy(s3call->response->data.auth.info3.logon_srv,
info3->base.logon_server.string);
fstrcpy(s3call->response->data.auth.info3.logon_dom,
- info3->base.domain.string);
+ info3->base.logon_domain.string);
ex = talloc_strdup(mem_ctx, "");
NT_STATUS_HAVE_NO_MEMORY(ex);