summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/include/rpc_samr.h3
-rw-r--r--source3/rpc_parse/parse_samr.c4
-rw-r--r--source3/rpc_server/srv_samr_nt.c52
-rw-r--r--source3/rpc_server/srv_samr_util.c189
4 files changed, 246 insertions, 2 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index 49ea36f364..910ccee113 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -260,8 +260,9 @@ typedef struct sam_user_info_25
uint32 group_rid; /* Primary Group ID */
uint32 acb_info; /* account info (ACB_xxxx bit-mask) */
+ uint32 fields_present;
- uint32 unknown_6[6];
+ uint32 unknown_5[5];
uint8 pass[532];
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 027d5fba85..d661b225e0 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -6041,8 +6041,10 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str
return False;
if(!prs_uint32("acb_info ", ps, depth, &usr->acb_info))
return False;
+ if(!prs_uint32("fields_present ", ps, depth, &usr->fields_present))
+ return False;
- if(!prs_uint32s(False, "unknown_6 ", ps, depth, usr->unknown_6, 6))
+ if(!prs_uint32s(False, "unknown_5 ", ps, depth, usr->unknown_5, 5))
return False;
if(!prs_uint8s(False, "password ", ps, depth, usr->pass, sizeof(usr->pass)))
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index c9e6b552c8..7a06e562ef 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -3299,6 +3299,52 @@ static BOOL set_user_info_pw(uint8 *pass, struct samu *pwd)
}
/*******************************************************************
+ set_user_info_25
+ ********************************************************************/
+
+static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25,
+ struct samu *pwd)
+{
+ NTSTATUS status;
+
+ if (id25 == NULL) {
+ DEBUG(5, ("set_user_info_25: NULL id25\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ copy_id25_to_sam_passwd(pwd, id25);
+
+ /*
+ * The funny part about the previous two calls is
+ * that pwd still has the password hashes from the
+ * passdb entry. These have not been updated from
+ * id21. I don't know if they need to be set. --jerry
+ */
+
+ if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
+ status = pdb_set_unix_primary_group(mem_ctx, pwd);
+ if ( !NT_STATUS_IS_OK(status) ) {
+ return status;
+ }
+ }
+
+ /* Don't worry about writing out the user account since the
+ primary group SID is generated solely from the user's Unix
+ primary group. */
+
+ /* write the change out */
+ if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
+ TALLOC_FREE(pwd);
+ return status;
+ }
+
+ /* WARNING: No TALLOC_FREE(pwd), we are about to set the password
+ * hereafter! */
+
+ return NT_STATUS_OK;
+}
+
+/*******************************************************************
samr_reply_set_userinfo
********************************************************************/
@@ -3401,6 +3447,11 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
dump_data(100, (char *)ctr->info.id25->pass, 532);
+ r_u->status = set_user_info_25(p->mem_ctx,
+ ctr->info.id25, pwd);
+ if (!NT_STATUS_IS_OK(r_u->status)) {
+ goto done;
+ }
if (!set_user_info_pw(ctr->info.id25->pass, pwd))
r_u->status = NT_STATUS_ACCESS_DENIED;
break;
@@ -3433,6 +3484,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE
r_u->status = NT_STATUS_INVALID_INFO_CLASS;
}
+ done:
if ( has_enough_rights )
unbecome_root();
diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c
index 03a726dd92..2b65eb210f 100644
--- a/source3/rpc_server/srv_samr_util.c
+++ b/source3/rpc_server/srv_samr_util.c
@@ -549,3 +549,192 @@ void copy_id23_to_sam_passwd(struct samu *to, SAM_USER_INFO_23 *from)
DEBUG(10,("INFO_23 PADDING_2: %02X\n",from->padding2));
}
+
+/*************************************************************
+ Copies a SAM_USER_INFO_25 to a struct samu
+**************************************************************/
+
+void copy_id25_to_sam_passwd(struct samu *to, SAM_USER_INFO_25 *from)
+{
+ time_t unix_time, stored_time;
+ const char *old_string, *new_string;
+ DATA_BLOB mung;
+
+ if (from == NULL || to == NULL)
+ return;
+
+ if (from->fields_present & ACCT_LAST_LOGON) {
+ unix_time=nt_time_to_unix(&from->logon_time);
+ stored_time = pdb_get_logon_time(to);
+ DEBUG(10,("INFO_25 LOGON_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_logon_time(to, unix_time, PDB_CHANGED);
+ }
+
+ if (from->fields_present & ACCT_LAST_LOGOFF) {
+ unix_time=nt_time_to_unix(&from->logoff_time);
+ stored_time = pdb_get_logoff_time(to);
+ DEBUG(10,("INFO_25 LOGOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_logoff_time(to, unix_time, PDB_CHANGED);
+ }
+
+ if (from->fields_present & ACCT_EXPIRY) {
+ unix_time=nt_time_to_unix(&from->kickoff_time);
+ stored_time = pdb_get_kickoff_time(to);
+ DEBUG(10,("INFO_25 KICKOFF_TIME: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
+ }
+
+ if (from->fields_present & ACCT_ALLOW_PWD_CHANGE) {
+ unix_time=nt_time_to_unix(&from->pass_can_change_time);
+ stored_time = pdb_get_pass_can_change_time(to);
+ DEBUG(10,("INFO_25 PASS_CAN_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_pass_can_change_time(to, unix_time, PDB_CHANGED);
+ }
+
+ if (from->fields_present & ACCT_LAST_PWD_CHANGE) {
+ unix_time=nt_time_to_unix(&from->pass_last_set_time);
+ stored_time = pdb_get_pass_last_set_time(to);
+ DEBUG(10,("INFO_25 PASS_LAST_SET: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
+ }
+
+ if (from->fields_present & ACCT_FORCE_PWD_CHANGE) {
+ unix_time=nt_time_to_unix(&from->pass_must_change_time);
+ stored_time=pdb_get_pass_must_change_time(to);
+ DEBUG(10,("INFO_25 PASS_MUST_CH: %lu -> %lu\n",(long unsigned int)stored_time, (long unsigned int)unix_time));
+ if (stored_time != unix_time)
+ pdb_set_pass_must_change_time(to, unix_time, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_USERNAME) &&
+ (from->hdr_user_name.buffer)) {
+ old_string = pdb_get_username(to);
+ new_string = unistr2_static(&from->uni_user_name);
+ DEBUG(10,("INFO_25 UNI_USER_NAME: %s -> %s\n", old_string, new_string));
+ if (STRING_CHANGED)
+ pdb_set_username(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_FULL_NAME) &&
+ (from->hdr_full_name.buffer)) {
+ old_string = pdb_get_fullname(to);
+ new_string = unistr2_static(&from->uni_full_name);
+ DEBUG(10,("INFO_25 UNI_FULL_NAME: %s -> %s\n",old_string, new_string));
+ if (STRING_CHANGED)
+ pdb_set_fullname(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_HOME_DIR) &&
+ (from->hdr_home_dir.buffer)) {
+ old_string = pdb_get_homedir(to);
+ new_string = unistr2_static(&from->uni_home_dir);
+ DEBUG(10,("INFO_25 UNI_HOME_DIR: %s -> %s\n",old_string,new_string));
+ if (STRING_CHANGED)
+ pdb_set_homedir(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_HOME_DRIVE) &&
+ (from->hdr_dir_drive.buffer)) {
+ old_string = pdb_get_dir_drive(to);
+ new_string = unistr2_static(&from->uni_dir_drive);
+ DEBUG(10,("INFO_25 UNI_DIR_DRIVE: %s -> %s\n",old_string,new_string));
+ if (STRING_CHANGED)
+ pdb_set_dir_drive(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_LOGON_SCRIPT) &&
+ (from->hdr_logon_script.buffer)) {
+ old_string = pdb_get_logon_script(to);
+ new_string = unistr2_static(&from->uni_logon_script);
+ DEBUG(10,("INFO_25 UNI_LOGON_SCRIPT: %s -> %s\n",old_string,new_string));
+ if (STRING_CHANGED)
+ pdb_set_logon_script(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_PROFILE) &&
+ (from->hdr_profile_path.buffer)) {
+ old_string = pdb_get_profile_path(to);
+ new_string = unistr2_static(&from->uni_profile_path);
+ DEBUG(10,("INFO_25 UNI_PROFILE_PATH: %s -> %s\n",old_string, new_string));
+ if (STRING_CHANGED)
+ pdb_set_profile_path(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_DESCRIPTION) &&
+ (from->hdr_acct_desc.buffer)) {
+ old_string = pdb_get_acct_desc(to);
+ new_string = unistr2_static(&from->uni_acct_desc);
+ DEBUG(10,("INFO_25 UNI_ACCT_DESC: %s -> %s\n",old_string,new_string));
+ if (STRING_CHANGED)
+ pdb_set_acct_desc(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_WORKSTATIONS) &&
+ (from->hdr_workstations.buffer)) {
+ old_string = pdb_get_workstations(to);
+ new_string = unistr2_static(&from->uni_workstations);
+ DEBUG(10,("INFO_25 UNI_WORKSTATIONS: %s -> %s\n",old_string, new_string));
+ if (STRING_CHANGED)
+ pdb_set_workstations(to , new_string, PDB_CHANGED);
+ }
+
+ /* is this right? */
+ if ((from->fields_present & ACCT_ADMIN_DESC) &&
+ (from->hdr_unknown_str.buffer)) {
+ old_string = pdb_get_unknown_str(to);
+ new_string = unistr2_static(&from->uni_unknown_str);
+ DEBUG(10,("INFO_25 UNI_UNKNOWN_STR: %s -> %s\n",old_string, new_string));
+ if (STRING_CHANGED)
+ pdb_set_unknown_str(to , new_string, PDB_CHANGED);
+ }
+
+ if ((from->fields_present & ACCT_CALLBACK) &&
+ (from->hdr_munged_dial.buffer)) {
+ char *newstr;
+ old_string = pdb_get_munged_dial(to);
+ mung.length = from->hdr_munged_dial.uni_str_len;
+ mung.data = (uint8 *) from->uni_munged_dial.buffer;
+ newstr = (mung.length == 0) ?
+ NULL : base64_encode_data_blob(mung);
+ DEBUG(10,("INFO_25 UNI_MUNGED_DIAL: %s -> %s\n",old_string, newstr));
+ if (STRING_CHANGED_NC(old_string,newstr))
+ pdb_set_munged_dial(to , newstr, PDB_CHANGED);
+
+ SAFE_FREE(newstr);
+ }
+
+ if (from->fields_present & ACCT_RID) {
+ if (from->user_rid == 0) {
+ DEBUG(10, ("INFO_25: Asked to set User RID to 0 !? Skipping change!\n"));
+ } else if (from->user_rid != pdb_get_user_rid(to)) {
+ DEBUG(10,("INFO_25 USER_RID: %u -> %u NOT UPDATED!\n",pdb_get_user_rid(to),from->user_rid));
+ }
+ }
+
+ if (from->fields_present & ACCT_PRIMARY_GID) {
+ if (from->group_rid == 0) {
+ DEBUG(10, ("INFO_25: Asked to set Group RID to 0 !? Skipping change!\n"));
+ } else if (from->group_rid != pdb_get_group_rid(to)) {
+ DEBUG(10,("INFO_25 GROUP_RID: %u -> %u\n",pdb_get_group_rid(to),from->group_rid));
+ pdb_set_group_sid_from_rid(to, from->group_rid, PDB_CHANGED);
+ }
+ }
+
+ if (from->fields_present & ACCT_FLAGS) {
+ DEBUG(10,("INFO_25 ACCT_CTRL: %08X -> %08X\n",pdb_get_acct_ctrl(to),from->acb_info));
+ if (from->acb_info != pdb_get_acct_ctrl(to)) {
+ if (!(from->acb_info & ACB_AUTOLOCK) && (pdb_get_acct_ctrl(to) & ACB_AUTOLOCK)) {
+ /* We're unlocking a previously locked user. Reset bad password counts.
+ Patch from Jianliang Lu. <Jianliang.Lu@getronics.com> */
+ pdb_set_bad_password_count(to, 0, PDB_CHANGED);
+ pdb_set_bad_password_time(to, 0, PDB_CHANGED);
+ }
+ pdb_set_acct_ctrl(to, from->acb_info, PDB_CHANGED);
+ }
+ }
+}
generated by cgit (git 2.34.1) at 2024-07-13 20:54:08 +0000