summaryrefslogtreecommitdiff
path: root/source3/rpc_parse/parse_samr.c
AgeCommit message (Collapse)AuthorFilesLines
1999-10-21turning some of the rpcclient functions dynamic. this is likely toLuke Leighton1-26/+94
break a few things... (This used to be commit 4b06f303235d36903b6e9f55ee45b987d98256b0)
1999-10-21various. debug levels changed. nmbd doesn't need libsmb/clienttrust.c.Luke Leighton1-9/+77
samr_lookup_rids() moved to a dynamic memory structure not a static one limited to 32 RIDs. cli_pipe.c reading wasn't checking ERRmoredata when DOS error codes negotiated (this terminates MSRPC code with prejudice). (This used to be commit 8976eca2db43576c32069dcda017e8777048e007)
1999-10-18initialising enum dom users mem and account name ptrs to NULL.Luke Leighton1-0/+3
(This used to be commit 6f933fb359e7efc7b685e537b95bdadd6e131727)
1999-10-15return results on prs_xxxxx() and all xxx_io_xxx() routines.Luke Leighton1-423/+838
the whole task is not complete, yet. xxx_io_xxx() routines that _call_ xxx_io_xxx() routines not done. prs_xxxx() covered by macros. considering doing xxx_io_xxxx in the same way. (This used to be commit 3b583f7be51434af98bc52b48dfa42c4602a3094)
1999-10-01splitting dom info into sam_query_dominfo functionLuke Leighton1-2/+3
(This used to be commit 39c367b8e9932f64fa774b807e14416f97254312)
1999-09-21testing for attempts to get more info levels into samr_query_userinfoLuke Leighton1-4/+46
(This used to be commit cc19d5cc5c20665beb3b7c5fcf7787d54e37ea71)
1999-05-06alignment needed after unicode string names in password change.Luke Leighton1-0/+3
(This used to be commit e66b6afc699593789e7a8372ddaa407c320cd15d)
1999-03-29added SamrQueryDomainInfo call info level 0x3 for kix32.exe supportLuke Leighton1-4/+37
(This used to be commit ac070dfd39bfa9b60680855585155ce528ab7691)
1999-03-25added SAMR_USER_INFO_24 info level to samr_set_userinfo. this is usedLuke Leighton1-0/+49
by "Welcome to SAMBA Domain". (This used to be commit 4aed18b5e1e2309c0f6931fbfdd604b01cb9498a)
1999-03-25SAM database "set user info".Luke Leighton1-13/+313
---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)
1999-03-24removed 2 unnecessary args from make_uni_hdr.Luke Leighton1-34/+34
(This used to be commit f84dede27e16a5f02ee6d02fe2d16f2661c65470)
1999-03-23dynamic memory allocation in samr enum dom users. works with 849 entries now.Luke Leighton1-12/+21
(This used to be commit 103557e26b071bf1e65e025ef5a52ccdbf483d02)
1999-03-23If a buffer pointer is NULL then its length_is() attribute should not beMatthew Chapman1-4/+19
transmitted. Such a problem was crashing Server Manager. (This used to be commit 402ed18188dd058ebed2ffc2af9840c04533dc8f)
1999-03-21Ensuring return status is aligned in SAMR_QUERY_DISPINFO response.Matthew Chapman1-0/+1
(This used to be commit 1e17c2529c5162ea79fe2331ca2162ffb98bd6c2)
1999-03-19added a "createuser" command.Luke Leighton1-0/+69
(This used to be commit fefb4bf19181714cb73414febd6ee2ec10356cbe)
1999-03-18Changed hard-coded number of users/groups in SAMR_QUERY_DOMAIN_INFOMatthew Chapman1-3/+3
to MAX_SAM_ENTRIES to prevent truncation of user lists. A proper implementation is not important right now. (This used to be commit 900238a66153c276d63780e3264651089291d185)
1999-03-08- todd sabin spotted bugs in samr enum dom users / groups / aliases code:Luke Leighton1-5/+3
last count (probably an ENUM / resume handle) should always be returned even if there are no items being returned. - got fed up of seven intendation levels in cmd_samr.c, maximum recommended in *any* code is three! made some sub-fns instead. (This used to be commit 1c330d568225759950401cfb98fe9e99db81419c)
1999-02-24Win9x user level security.Matthew Chapman1-249/+553
* Added SAMR_LOOKUP_DOMAIN (-> SamrLookupDomainInSamServer) * Added real SAMR_ENUM_DOM_GROUPS (corresponding to SamrEnumerateGroupsInDomain). The existing one is just an alias for SamrQueryDisplayInformation (see below). * Added three extra info levels to SAMR_QUERY_DISPINFO. Info level 3 is what was previously SAMR_ENUM_DOM_GROUPS; info levels 4 and 5 are simple user/group list requests used by Win9x and I suspect (haven't checked) the "low speed connection" User Manager. * Added another two aliases for SAMR_QUERY_DISPINFO, opcodes 0x30 and 0x33. Usually the first is with info level 3 and the second 4 but there is some overlap so indeed these should be implemented as just aliases. * Return ERRDOS/ERRmoredata on extra data instead of STATUS_BUFFER_OVERFLOW for Win95's benefit. On a named pipe this results in an SMBreadX as usual. Still need to fix SAMR_QUERY_DOMAIN_INFO which has a hard-coded number of users and groups - which Win95 proceeds to truncate at. (This used to be commit 7d03e6e21908f3a759a4e65c5edd850622335e3e)
1999-02-19samr_lookup_names "none found" error needed corrections with empty lists.Luke Leighton1-2/+2
(This used to be commit e164b5080ca966de4227277f7ac031bc96d056ad)
1999-02-03cache unix groups so that two-level getgrent calls don't occur.Luke Leighton1-2/+2
(This used to be commit f7dfa55a2e191ae780d399026bce48f68cda4bf0)
1999-01-29fix for enumerate domain users (bug spotted by sean matthews).Luke Leighton1-12/+9
also needed to use start index properly and generate next index. both client and server code need to recognise error code 0x105 when there's not enough room to store all the users in one call. sort this out another time. (This used to be commit ad58cdfac6b85d9431216e32e532ad4d60f9c6dd)
1998-12-08adding srvsvc pipe.Luke Leighton1-0/+65
(This used to be commit d06d6369942828ec89e90f99bd0d0d3f91d61d13)
1998-12-07bugs in rpcclient. add_aliasmem uses a DOM_SID2 not a DOM_SID.Luke Leighton1-3/+3
(This used to be commit 8a85d7abed317fd06e3e0026d4b9e088311eede4)
1998-12-07- lib/unix_sec_ctxt.cLuke Leighton1-26/+91
attempt at taking lib/uid.c and getting a unix security context change module that is independent of "cnums" and "snums". a security context is needed for pipes, not just IPC$ or other services. - group database API added add_group/alias_member, del_group/alias_member, del_group/alias_entry functions. del_builtin_entry() is deliberately set to NULL to cause an exception, you cannot delete builtin aliases. - parse_lsa.c srv_lsa.c fixed lookup_names code, it was a load of trash and didn't do anything. - cmd_samr.c rpcclient.c srv_samr.c added "deletegroup", "deletealias", "delaliasmem", "delgroupmem", "addgroupmem", "addaliasmem", "createalias", "creategroup", to both client and server code. server code calls into unix stubs right now, which don't actually do anything. the only instance where they are expected to do anything is in appliance mode NOT even in the ldap code or anything. client code modified to call samr_lookup_names() for group code (because we can) and lsa_lookup_names() for alias code (because we have to). - srv_lookup.c oops, lookup on unsplit name, we got lookup on DOMAIN, DOMAIN\name instead of DOMAIN, name. (This used to be commit b8175702ef61b8b37b078f38e81452c00a5e2986)
1998-12-04added delete domain group and local group and delete domain group member.Luke Leighton1-1/+179
(This used to be commit bf15343def5b95ce4387ac4357674aff31431194)
1998-12-04- oops, i got "add alias member" and "delete alias member" swapped.Luke Leighton1-22/+20
- samr_enum_dom_users, the first 4 bytes is some sort of garbage, nt5-beta2 clears them out to zeros whereas nt4 does not. fixed bug where we were assuming that the first 4 bytes of a response _had_ to be non-zero. - cli_lsarpc.c: forgot to append the rid on the lsa_lookup_names() client call. - added in "addaliasmem" and "addgroupmem" commands. the addaliasmem command actually turned out to be a "delaliasmem" :-) :-) - parse_lsa.c: moved assert array check to after the size of useable array space is set... (This used to be commit 165b15a8cacc4bc7cf8cc0b9aaabb6b92cef7fdb)
1998-12-04- renamed do_samr_xxx to samr_xxxLuke Leighton1-28/+28
- renamed do_lsa_xxx to lsa_xxx - added "enumgroups [-m]" command, enumerates groups, shows members. - added cmd_sam_add_groupmem(), need to call these in rpcclient.c - added cmd_sam_add_aliasmem(), need to call these in rpcclient.c - modified "enumaliases [-m]" command - improved "enumgroups" and "enumaliases" to display names not just RIDS/SIDs. - renamed "samr_unknown_12" to "samr_lookup_rids". - added the following client-side functions: get_samr_query_groupmem() get_samr_query_aliasmem() get_samr_query_groupinfo() samr_enum_dom_groups() samr_enum_dom_aliases() samr_add_aliasmem() samr_add_groupmem() - improved display output (display.c) (This used to be commit eacc5e581af2b4de24186b9be3238b352c54effe)
1998-12-03added createalias command to rpcclientLuke Leighton1-16/+13
(This used to be commit 4771d5451b49375cc2fd4246d7d746b0d03cd5ba)
1998-12-03create domain group command (creategroup) added to rpcclient.Luke Leighton1-5/+5
renamed do_samr_xxxx to samr_xxxx. (This used to be commit 1e5d81c154740349a2cda4c1892b33a21c0683a8)
1998-12-03adding group parsing: add/modify/delete/add members.Luke Leighton1-90/+217
(This used to be commit 13a656b0e5c73e157b222765fb57a1bdafc67b80)
1998-12-02spotted the mistake in group_info1 parsing.Luke Leighton1-2/+4
(This used to be commit e39c0c76ae52bbd4539f8f254e78566a5511efc1)
1998-12-02added rid and sid_name_use to DOMAIN_GRP_MEMBER, for use in group memberLuke Leighton1-60/+57
query. domain groups now work, hurrah! only thing is that the description is one character long, don't know why (which is wierd in itself). (This used to be commit 78a86c64960a7823b0db8b7bebfffabb4a5ba864)
1998-12-02adding group member code, made a start. found that the group members'Luke Leighton1-61/+342
rid is needed not the name (see DOMAIN_GRP_MEMBER) decided to go home. (This used to be commit 9337049dfc98becfa74522d418dae64a97c7a304)
1998-12-01query_aliasmem code. it works (hurrah).Luke Leighton1-8/+11
(This used to be commit f7f2516df46dde1671235f788f7689c93d9395ae)
1998-12-01rpc_samr.h parse_samr.c srv_samr.c :Luke Leighton1-17/+102
samr_query_aliasmembers (cool!) util_pwdb.c sids.c nmbd.c server.c smbpasswd.c swat.c : pwdb_initialise(BOOL is_server) now creates / reads DOMAIN_NAME.SID if is_server is True, and does LsaQueryInfoPolicy(levels 3 and 5) to obtain member and pdc sids. (This used to be commit 3e1eb4f26b67e484b05e1dde94fd4e4dae982631)
1998-12-01adding some samr parsing calls (group / alias adding / deleting)Luke Leighton1-423/+820
added code that moves MACHINE.SID to DOMAIN_NAME.SID if it exists. (This used to be commit 51c1c31768a92d9c57ee6c09b78419bcbc544f03)
1998-11-29weekend work. user / group database API.Luke Leighton1-9/+25
- split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1)
1998-11-25yeehaah got users to be included in S-1-5-xxx-yyy-zzz's local groups.Luke Leighton1-8/+8
now need search capability on S-1-5-20, which will need argh, a "group database API" on S-1-5-20, and the ability to add BUILTIN\Admins etc to "local group map" argh. (This used to be commit a24f6eb00ba7486479cbcf7fadf5456521c56179)
1998-11-23unix instance of group database APILuke Leighton1-1/+1
(This used to be commit e76f593b3572ac881f1aa1fb3326d8b7169b0078)
1998-11-20acconfig.h configure configure.in include/config.h.in: Added -lsec and ↵Jeremy Allison1-2/+2
-lsecurity checks in a more sane way. rpc_client/cli_netlogon.c: Removed correct bits check to see if this works with an NT3.51 PDC. rpc_parse/parse_samr.c: Fixed compile warnings. Jeremy. (This used to be commit 34d8f4b1c4d59ab3c009360fc67eef9361dd859b)
1998-11-17- group database API. oops and oh dear, the threat has been carried out:Luke Leighton1-13/+18
the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db)
1998-11-10rpcclient registry commands.Luke Leighton1-1/+1
(This used to be commit 36fcb4a6e643a05d06a2a273d74318fee7f2c647)
1998-10-27amazing. the improvements to NT continue, evidence for which shows upLuke Leighton1-1/+1
now as "RPC fault" if the UNIHDR structure lengths do not exactly match up to the length of the data stream. so, all versions of samba prior to this one have an off-by-one bug in unicode string lengths. all versions of NT prior to NT 5 beta 2 could possibly have buffer problems when receiving badly formatted UNICODE strings. (This used to be commit 161eb6f511e161b63c1fa90a08c562fcf208344a)
1998-10-21domain aliases added a bit better: does local aliases if you queryLuke Leighton1-24/+26
for sid S-1-5-20 and does (nothing at the moment) if you query for your own sid. (This used to be commit da40f26f4b2f7ce286076b4e39dffd76aa2ef8e6)
1998-10-21the next dialog: user-groups. it's not very sensible what appears, but hey:Luke Leighton1-3/+322
it appears! (This used to be commit 399035098f212e976cc0000a215e0705ebe78c05)
1998-10-21Fixed mainly signed/unsigned issues found by SGI cc in -fullwarn mode.Jeremy Allison1-3/+3
smbd/chgpasswd.c: Fixed (my) stupid bug where I was returning stack based variables. Doh ! smbd/trans2.c: Allows SETFILEINFO as well as QFILEINFO on directory handles. Jeremy. (This used to be commit 0b44d27d0b5cc3948a6c2d78370ccddf1a84cd80)
1998-10-21oops!Luke Leighton1-10/+10
(This used to be commit 500e5536bee8ea8e58d5991bfab2cff923068926)
1998-10-21signed / unsigned issuesLuke Leighton1-1/+1
(This used to be commit bd2fc6bb85739cb8e7ed2254e2a553486daed054)
1998-10-20calls to prs_grow() on array structures so that data construction doesn'tLuke Leighton1-3/+18
over-run buffers (This used to be commit 06cc6eaa50fa4b673d527e91740f9d2d2b16d367)
1998-10-16dce/rpcLuke Leighton1-0/+13
(This used to be commit 29434f496c18e816d864060d68f357aea6ef5de8)