summaryrefslogtreecommitdiff
path: root/source3/include/rpc_samr.h
AgeCommit message (Collapse)AuthorFilesLines
2002-01-02Make user enumeration work for w2k and win9x.Jeremy Allison1-1/+4
This means different return sizes depending on client bugs. This sucks :-(. Jeremy. (This used to be commit f6592628eb526c487069bb3fcd809aca930e668e)
2001-12-31Fixed enumeration of a large (<1500) users from a Samba PDC to a W2kJeremy Allison1-1/+1
member server. Firstly, use the same max enumeration size (0x400) as W2K uses, otherwise W2K won't ask for any more. Secondly, if a enumeration request with a non-zero offset comes in on a handle that hasn't started an enumeration, don't bitch about it (return NT_STATUS_UNSUCCESSFUL), just load the db on that handle and return at that offset. Jeremy. (This used to be commit 0b7da4a50ea02e28ab23e71de1e5f8b9194a9af3)
2001-12-21added a copyright notice.Jean-François Micouleau1-0/+1
J.F. (This used to be commit 87928c4d91940447191af4fe83a2be7ac3477361)
2001-12-21doesn't keep track of the struct's size we enumerate. W2K doesn'tJean-François Micouleau1-2/+0
calculate them and always reply a size of 32 bytes whereas NT4 did the maths. Anyway, it looks like the clients don't complain. in query_dom_info() at level 2, return the real number of users and groups. That's the fix to the W95/98 userlist bug ! as W95/98 does a query_dom_info(2) followed by a query_disp_info(4) on the SAME context handle (err we call it an lsa policy handle ! plain wrong name), I was tempted to keep the snapshoot in memory, to prevent 2 full user db enumerations in a row and just have one shared. But if some client does the 2 calls on two different handles, we would have 2 copies in memory not free'ed before the samr_close(). We still have too many fixed constant and too many magic values in that code. And btw, I really hates how the sequence number is generated ! J.F. (This used to be commit c0178e1a03f8225e5b350feb8fcbfb02f43327b4)
2001-12-21re-done all of samr_query_disp_info()Jean-François Micouleau1-2/+10
instead of enumerating the whole user db or group db every time, we store a in memory copy linked to the handle. that's much faster for large enumeration where the db can't fit in a single rpc packet. And as it's a copy, it's constant between enumeration. still some stuff to clean. But now I can fix the W95 userlist bug, as I've finally found it. J.F. (This used to be commit 3ab45215369e8e93d750f4687e9c1f7d47782590)
2001-12-19added info level 1 to samr_query_alias()Jean-François Micouleau1-0/+11
(This used to be commit 589aa4fe226ee5bdae0a244631193714b0b556ac)
2001-12-10added info level 3 to samrgetgroupinfo. I don't know what the value is.Jean-François Micouleau1-3/+8
It's just to keep usermanager happy ;-) clean up a bit samr_query_aliasinfo to return the group description added: samr_del_aliasmem, samr_del_groupmem and samr_del_domuser with the correct scripts, you can now entirely manage the users from usermanager ! Closer to full PDC every day ;-) J.F. (This used to be commit 0a727afc669704cda9b44d44dbac9e989e906ae3)
2001-12-03added a tdb to store the account policy informations.Jean-François Micouleau1-4/+1
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
2001-11-28added samr_set_domain_info and samr_unknown_2E.Jean-François Micouleau1-30/+27
We now get the full account policy window in usermanager, and the framework to store all those values. I plan to add a TDB file to store them. oh, and found that the last value in a sam_unknown_info_12_inf struct is an uint16 and not a uint32. andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it to a value setable in usermanager. J.F. (This used to be commit 99471d25693f6672d433b90a060378f6faad867f)
2001-11-21samr_querydom_info level 1: found the meaning of the unknow fields. AndJean-François Micouleau1-4/+48
discovered that our reply is short by 4 bytes since day 1 of this code. Added a decode function to rpcclient too. splitted the STRING2 fields filling while trying to understand the win9x userlist bug. (didn't fix the bug, but the reply looks closer to NT). J.F. (This used to be commit bfbe7f377e5fcb09e87bfc866196dfc51a8fe64d)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-42/+42
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-02Allow smbpasswd to join a W2K hosted AD domain.Jeremy Allison1-0/+1
Jeremy. (This used to be commit c51cfc7f0d3ad1614ca1e0330c8707f7b263b8e6)
2001-07-09add query user info level 20 (for RAS)Jean-François Micouleau1-0/+18
add query dominfo level 5 some cleanup, don't free talloced memory. implement delete domain and local groups. J.F. (This used to be commit 3f14dda2a21850edfd540be2624867e5f70a382c)
2001-07-05Fix for enumerating large numbers of users.Jeremy Allison1-1/+1
Jeremy. (This used to be commit c8c138c1fbb49799a2dd4c6e781bd89f51c0c0c5)
2001-06-29From JF....Jeremy Allison1-8/+8
hi jeremy, can you commit the following patch against HEAD. I can't do it right now Thanks Tim for me. He changed the SAM_DISPINFO_1 array without checking if he didn't break the server code. And he did. So on my way I cleaned info_1, 2, .. 5 it may break winbind. I leave to tim the pleasure to fix it ;-) jf. I added some talloc changes and checks for alloc fails. Jeremy. (This used to be commit 001e9b7b540f04c80ba65c879aaa41acddc86f3e)
2001-06-29Removed another silly static array.Tim Potter1-2/+2
(This used to be commit 008628fb8ac9f92d984218f37fffdfa3cb9e3d62)
2001-06-20Fixed W2K SP2 joining a Samba PDC hosted domain.Jeremy Allison1-0/+53
Jermey. (This used to be commit 05a2911403a0710d994a618e72743205a3b0b87a)
2001-06-19INFO_24 sometimes has a 2 byte length, sometimes doesn't. Safer to notJeremy Allison1-1/+0
depend on it... Jeremy. (This used to be commit 0fe11c329f7b379299be65795031e4f1b14e0bec)
2001-06-15Add password length field to SAM_USER_INFO24 structure and fix initTim Potter1-0/+1
and parse function. (This used to be commit d2eafa7483a53958b6c930ca05da6e6a6c21b785)
2001-06-06Converted SAMR_Q_LOOKUP_NAMES structure to tallocated memory instead ofTim Potter1-2/+2
static arrays. (This used to be commit d122568b35f63e3da7bb1fad6a4e72922cf6bca3)
2001-05-04renamed unknown field to access mask in open alias structures.Tim Potter1-2/+2
(This used to be commit 4d0ac3c71d930ab9cf88bd688c23c72ce5a53179)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-9/+21
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2001-01-15New proto and some small changes to rpc_samr.hTim Potter1-17/+4
(This used to be commit 7f31d4ab1da72fe1dd52c7ecc1c758e210b6d38d)
2001-01-11Merge of various fixes from the tng headers.Tim Potter1-1/+1
(This used to be commit a6d4aad391d2a9e38cbb28d9ddc3e4ff454a759d)
2000-05-09the beginnings of a new scheme I've working on to allow an easierAndrew Tridgell1-285/+900
head/tng merge. It goes something like this: - headers from tng get copied over one at a time - the old headers get renamed to *_old.h - server side code that used the old headers gets a #define OLD_NTDOMAIN 1 #undef OLD_NTDOMAIN at the start and end of the code - mkproto.awk recognises these special defines and does magic stuff so that each .c file sees the right headers - we start moving the rpc client libraries from tng to head. if this goes OK then, in theory, we should be able to move the client side rpc code from tng to head without disturbing the existing head server side code. Then when that works we can consider merging the server side. it remains to be seen if this scheme will work. So far I've moved rpc_samr.h and don't seem to have broken anything. Note this this is still a very delicate operation, as at every step of the way I want to keep head fully functional. Please don't take part unless you discuss it with me first. (This used to be commit f76c037255a6a79d11bec65e863e009a41a4f0fd)
2000-01-17SAMR_R_UNKNOWN_38 is 3 uint16 params (4-byte aligned) followed by status code.Luke Leighton1-1/+0
(This used to be commit 55035b8984c135ddd2c4e3be18caf8833975841d)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-790/+187
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-18added samuserset2 rpcclient command to test ACB_XXX bit-setting onLuke Leighton1-2/+33
samr opcode 0x25. _yet_ another failed attempt to get nt5rc2 to join a samba domain. what _is_ it with this stuff, dammit? (This used to be commit c3913f8ae272c496fc4519141accf01ee9f1e49e)
1999-11-15added rpcclient "enumdomains" command. enumerates names of domainsLuke Leighton1-1/+31
for which a PDC is responsible. typical answers are: <Name of Domain> plus <Builtin>. against a hierarchical, down-level-compatible NT5 PDC, there's likely to be more than these two entries!!!!! (This used to be commit 3146aa6b6049a0d996e9abbe7dbee8526550e7e0)
1999-11-04samuserset <username> -p password. YESSSSS :)Luke Leighton1-0/+1
you have to use "ntlmv1" at the moment (i.e set client ntlmv2 = no). (This used to be commit f52504c553becc64b89d546a57b1bd9cf1bc5b5c)
1999-11-02dynamic mem allocation in enum dom groups and enum dom aliasesLuke Leighton1-4/+4
(This used to be commit baa789fabc45e62889755802fd8ec8c9191fe767)
1999-10-29more reshuffling of enum groups code. more higher order functions.Luke Leighton1-1/+1
(This used to be commit 497d4231723576390b10f5ea8704bd0af88d76ab)
1999-10-25one of those wonderful moments when running against a different MSRPCLuke Leighton1-6/+6
implementation (NT5) when you discover that your code is trash. samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups() all take a HANDLE for multiple-call enumeration purposes. (This used to be commit 19490d8b4fb8a103f3df4e6104f6f22937b0c518)
1999-10-21turning some of the rpcclient functions dynamic. this is likely toLuke Leighton1-2/+2
break a few things... (This used to be commit 4b06f303235d36903b6e9f55ee45b987d98256b0)
1999-10-21various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.Luke Leighton1-4/+4
samr_lookup_rids() moved to a dynamic memory structure not a static one limited to 32 RIDs. cli_pipe.c reading wasn't checking ERRmoredata when DOS error codes negotiated (this terminates MSRPC code with prejudice). (This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
1999-09-21testing for attempts to get more info levels into samr_query_userinfoLuke Leighton1-0/+2
(This used to be commit cc19d5cc5c20665beb3b7c5fcf7787d54e37ea71)
1999-08-31matthew chapman identified 4 previously unknown samr functions.Luke Leighton1-4/+4
(This used to be commit 001b53866c819045bc52330cad5746e1a2f7a4b1)
1999-05-07the times in sam_user_info_23 may not be in the right orderLuke Leighton1-0/+1
(This used to be commit 34e623d607b45bce09ab2f98f3735cfbf5538dbf)
1999-03-29added SamrQueryDomainInfo call info level 0x3 for kix32.exe supportLuke Leighton1-1/+8
(This used to be commit ac070dfd39bfa9b60680855585155ce528ab7691)
1999-03-25added SAMR_USER_INFO_24 info level to samr_set_userinfo. this is usedLuke Leighton1-0/+8
by "Welcome to SAMBA Domain". (This used to be commit 4aed18b5e1e2309c0f6931fbfdd604b01cb9498a)
1999-03-25SAM database "set user info".Luke Leighton1-31/+99
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1999-03-23dynamic memory allocation in samr enum dom users. works with 849 entries now.Luke Leighton1-2/+2
(This used to be commit 103557e26b071bf1e65e025ef5a52ccdbf483d02)
1999-03-19added a "createuser" command.Luke Leighton1-2/+29
(This used to be commit fefb4bf19181714cb73414febd6ee2ec10356cbe)
1999-02-24Win9x user level security.Matthew Chapman1-67/+158
* Added SAMR_LOOKUP_DOMAIN (-> SamrLookupDomainInSamServer) * Added real SAMR_ENUM_DOM_GROUPS (corresponding to SamrEnumerateGroupsInDomain). The existing one is just an alias for SamrQueryDisplayInformation (see below). * Added three extra info levels to SAMR_QUERY_DISPINFO. Info level 3 is what was previously SAMR_ENUM_DOM_GROUPS; info levels 4 and 5 are simple user/group list requests used by Win9x and I suspect (haven't checked) the "low speed connection" User Manager. * Added another two aliases for SAMR_QUERY_DISPINFO, opcodes 0x30 and 0x33. Usually the first is with info level 3 and the second 4 but there is some overlap so indeed these should be implemented as just aliases. * Return ERRDOS/ERRmoredata on extra data instead of STATUS_BUFFER_OVERFLOW for Win95's benefit. On a named pipe this results in an SMBreadX as usual. Still need to fix SAMR_QUERY_DOMAIN_INFO which has a hard-coded number of users and groups - which Win95 proceeds to truncate at. (This used to be commit 7d03e6e21908f3a759a4e65c5edd850622335e3e)
1999-01-29fix for enumerate domain users (bug spotted by sean matthews).Luke Leighton1-4/+3
also needed to use start index properly and generate next index. both client and server code need to recognise error code 0x105 when there's not enough room to store all the users in one call. sort this out another time. (This used to be commit ad58cdfac6b85d9431216e32e532ad4d60f9c6dd)
1998-12-08adding srvsvc pipe.Luke Leighton1-1/+18
(This used to be commit d06d6369942828ec89e90f99bd0d0d3f91d61d13)
1998-12-07bugs in rpcclient. add_aliasmem uses a DOM_SID2 not a DOM_SID.Luke Leighton1-1/+1
(This used to be commit 8a85d7abed317fd06e3e0026d4b9e088311eede4)
1998-12-07- lib/unix_sec_ctxt.cLuke Leighton1-18/+20
attempt at taking lib/uid.c and getting a unix security context change module that is independent of "cnums" and "snums". a security context is needed for pipes, not just IPC$ or other services. - group database API added add_group/alias_member, del_group/alias_member, del_group/alias_entry functions. del_builtin_entry() is deliberately set to NULL to cause an exception, you cannot delete builtin aliases. - parse_lsa.c srv_lsa.c fixed lookup_names code, it was a load of trash and didn't do anything. - cmd_samr.c rpcclient.c srv_samr.c added "deletegroup", "deletealias", "delaliasmem", "delgroupmem", "addgroupmem", "addaliasmem", "createalias", "creategroup", to both client and server code. server code calls into unix stubs right now, which don't actually do anything. the only instance where they are expected to do anything is in appliance mode NOT even in the ldap code or anything. client code modified to call samr_lookup_names() for group code (because we can) and lsa_lookup_names() for alias code (because we have to). - srv_lookup.c oops, lookup on unsplit name, we got lookup on DOMAIN, DOMAIN\name instead of DOMAIN, name. (This used to be commit b8175702ef61b8b37b078f38e81452c00a5e2986)
1998-12-04added delete domain group and local group and delete domain group member.Luke Leighton1-0/+37
(This used to be commit bf15343def5b95ce4387ac4357674aff31431194)
1998-12-04- oops, i got "add alias member" and "delete alias member" swapped.Luke Leighton1-16/+15
- samr_enum_dom_users, the first 4 bytes is some sort of garbage, nt5-beta2 clears them out to zeros whereas nt4 does not. fixed bug where we were assuming that the first 4 bytes of a response _had_ to be non-zero. - cli_lsarpc.c: forgot to append the rid on the lsa_lookup_names() client call. - added in "addaliasmem" and "addgroupmem" commands. the addaliasmem command actually turned out to be a "delaliasmem" :-) :-) - parse_lsa.c: moved assert array check to after the size of useable array space is set... (This used to be commit 165b15a8cacc4bc7cf8cc0b9aaabb6b92cef7fdb)