summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/rpc_samr.h14
-rw-r--r--source3/rpc_client/cli_samr.c10
-rw-r--r--source3/rpc_parse/parse_samr.c8
-rw-r--r--source3/rpcclient/cmd_samr.c27
4 files changed, 39 insertions, 20 deletions
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index eff3cd6d4c..ae8bb7a2be 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -1750,14 +1750,18 @@ typedef struct q_samr_get_dom_pwinfo
} SAMR_Q_GET_DOM_PWINFO;
+#define DOMAIN_PASSWORD_COMPLEX 0x00000001
+#define DOMAIN_PASSWORD_NO_ANON_CHANGE 0x00000002
+#define DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0x00000004
+#define DOMAIN_LOCKOUT_ADMINS 0x00000008
+#define DOMAIN_PASSWORD_STORE_CLEARTEXT 0x00000010
+#define DOMAIN_REFUSE_PASSWORD_CHANGE 0x00000020
+
/* SAMR_R_GET_DOM_PWINFO */
typedef struct r_samr_get_dom_pwinfo
{
- /*
- * See Samba4 IDL
- */
- uint16 unk_0;
- uint32 unk_1;
+ uint16 min_pwd_length;
+ uint32 password_properties;
NTSTATUS status;
} SAMR_R_GET_DOM_PWINFO;
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index d68c72e20c..047d0a1f95 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -1723,7 +1723,7 @@ NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_
/* Get domain password info */
NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- uint16 *unk_0, uint16 *unk_1)
+ uint16 *min_pwd_length, uint32 *password_properties)
{
prs_struct qbuf, rbuf;
SAMR_Q_GET_DOM_PWINFO q;
@@ -1751,10 +1751,10 @@ NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem
result = r.status;
if (NT_STATUS_IS_OK(result)) {
- if (unk_0)
- *unk_0 = r.unk_0;
- if (unk_1)
- *unk_1 = r.unk_1;
+ if (min_pwd_length)
+ *min_pwd_length = r.min_pwd_length;
+ if (password_properties)
+ *password_properties = r.password_properties;
}
return result;
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 817244a2b2..e0efb72aab 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -7038,15 +7038,11 @@ BOOL samr_io_r_get_dom_pwinfo(const char *desc, SAMR_R_GET_DOM_PWINFO * r_u,
if(!prs_align(ps))
return False;
- /*
- * see the Samba4 IDL for what these actually are.
- */
-
- if(!prs_uint16("unk_0", ps, depth, &r_u->unk_0))
+ if(!prs_uint16("min_pwd_length", ps, depth, &r_u->min_pwd_length))
return False;
if(!prs_align(ps))
return False;
- if(!prs_uint32("unk_1", ps, depth, &r_u->unk_1))
+ if(!prs_uint32("password_properties", ps, depth, &r_u->password_properties))
return False;
if(!prs_ntstatus("status", ps, depth, &r_u->status))
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 665fe34226..a761ea3163 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1650,18 +1650,37 @@ static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
int argc, const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint16 unk_0, unk_1;
+ uint16 min_pwd_length;
+ uint32 password_properties;
if (argc != 1) {
printf("Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
- result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &unk_0, &unk_1) ;
+ result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &min_pwd_length, &password_properties) ;
if (NT_STATUS_IS_OK(result)) {
- printf("unk_0 = 0x%08x\n", unk_0);
- printf("unk_1 = 0x%08x\n", unk_1);
+ printf("min_pwd_length: %d\n", min_pwd_length);
+ printf("password_properties: 0x%08x\n", password_properties);
+
+ if (password_properties & DOMAIN_PASSWORD_COMPLEX)
+ printf("\tDOMAIN_PASSWORD_COMPLEX\n");
+
+ if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
+ printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
+
+ if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
+ printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
+
+ if (password_properties & DOMAIN_LOCKOUT_ADMINS)
+ printf("\tDOMAIN_LOCKOUT_ADMINS\n");
+
+ if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
+ printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
+
+ if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
+ printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
}
return result;