summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_samr_nt.c
AgeCommit message (Collapse)AuthorFilesLines
2002-07-05Remove C++ comments.Tim Potter1-2/+2
(This used to be commit 180374c4440765f3d08e5690967beb387ae3b54d)
2002-07-04More code from "Kai Krueger" <kai@kruegernetz.de>, this time starting to makeAndrew Bartlett1-0/+11
the 'user cannot change password' button work. Needs help from a future SAM backend, but at least this parses the data, and returns an error. Andrew Bartlett (This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1)
2002-07-04Patch to add security descriptors to the SAMR pipe.Andrew Bartlett1-121/+602
This is not the final solution, I think this will probably changed with the move to the new SAM subsystem, but it allows some research and gives us somthing to start with. It should also help with getting proper NT_TOKEN passing set-up. Original patch by "Kai Krueger" <kai@kruegernetz.de>, which I have modified to pass back NTSTATUS returns in more places and to use a little more common code. Andrew Bartlett (This used to be commit 43b72493708e74e089989db42a003a3862c793e6)
2002-07-03Break up the passdb objects (to allow RPC clients to link without brining inAndrew Bartlett1-148/+111
*.o) and implment new enum_dom_users code in the SAMR RPC subsystem. Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the eventual hope that we might one day support muliple domains off a single passdb. To extract the RID, we use sid_peek_check_rid(), and supply an 'expected' domain SID. The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to srv_samr_util.c, to ease linking in passdb users. Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in pdb_compat.c Andrew Bartlett (This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f)
2002-06-25I'm going to try and check this against Win2k shortly, but I'm certain thatAndrew Bartlett1-1/+1
'NT_STATUS_OK' is not the right answer here. Try NO_MORE_ENTRIES for now. Andrew Bartlett (This used to be commit c98b9a965905f1876b4884f932ff2e0237d85b03)
2002-06-18more debug classess activatedSimo Sorce1-0/+3
(This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e)
2002-06-14Add const, kill of useless casts and therefore eliminate warnings.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 29490f214750acd44cee6c4ab1354722d82d853a)
2002-06-13Latest patch from metze <metze@metzemix.de> to move most of samba acrossAndrew Bartlett1-12/+3
to using SIDs instead of RIDs. The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument. The idea here is to prevent mistakes where the SID is implict, but isn't the same one that we have in the struct. Andrew Bartlett (This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901)
2002-06-09This (hopefully) fixes a bug reported by Kai Krueger <kai@kruegernetz.de>Andrew Bartlett1-14/+6
involving the use of lp_winbind_gid() without checking if they have been set. Also revert the 'clashing user' check back to a Get_Pwnam() - I probably should never have changed it. Andrew Bartlett (This used to be commit 1d6ba405589cee4e1582bc91cf659b89564899d4)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett1-20/+19
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-06-04Update the SAMR pipe for more use of NTSTATUS and to talloc the stored list ofAndrew Bartlett1-96/+141
users/groups for better memory accounting. Andrew Bartlett (This used to be commit fe7c5efe91ab77784af9dbb56716170f4c6fd057)
2002-06-03Restrict anonymous checks for the SAMR pipe. This is done byTim Potter1-0/+27
returning access denied for a SAMR_CONNECT by an anonymous user which seems to be the way 2K does it rather than blocking individual RPC calls like NT. Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason doesn't require a policy handle to return information. No idea what it's actually used. (This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913)
2002-05-26change: pdb_getsampwrid() ->pdb_getsampwsid()Simo Sorce1-76/+59
passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions. srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one. (This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3)
2002-05-25Clean up a few unused functions, add a bit of static etc.Andrew Bartlett1-0/+18
Importantly: The removal of the silly 'delete user script' behaviour when secuity=domain. I have left the name the same - as it still does the (previously documented, but not in smb.conf(5)) sane behaviour of deleting users on request. When we decide what to do with the 'add user' functionality, we might rename it. Andrew Bartlett (This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc)
2002-05-22Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid.Andrew Bartlett1-2/+8
These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett (This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f)
2002-04-11Much better support for both non-algorithic RIDs (where the RID is stored inAndrew Bartlett1-15/+0
the passdb) and RIDs not in the passdb, due to being NIS users etc. The main fix here is to add become_root()/unbecome_root() at critical places. This (finally) fixes the bug where you could not see local users's names in a file's security properties as non-root. Tested. The similar bug in uid_to_sid is also fixed, but is not (yet) Tested. Andrew Bartlett (This used to be commit 79327a305e20d78ab5ca21d01c39b5f49dc0d632)
2002-03-29Don't core dump listing thousands of users in usrmgr.Jeremy Allison1-2/+2
Jeremy. (This used to be commit c6566fa5fadf37a2b133e7be1f13c0de93efab34)
2002-03-21Make sure to initaliase SAM_ACCOUNT pointers to NULL, otherwise pdb_init_sam()Andrew Bartlett1-3/+3
fails. Andrew Bartlett (This used to be commit 56009ffbaa00259d15f286248a7ab73c55371819)
2002-03-19second step to gain free uid<->rid mappingSimo Sorce1-10/+82
we still need to free gid<->rid mapping and few other stuff (This used to be commit aa4b6f8181f34196a28951264dd8b631a5deef7f)
2002-03-18more verbose checking in talloc and util_pwSimo Sorce1-2/+42
fixed tdbsam memory corruption (and segfault) reducing calls to pdb_uid_to_user_rid and countrary to 0 to move to a non alghoritmic rid allocation with some passdb modules. (This used to be commit 9836af7cd623357feaec07bc49cfb78f0aa01fc3)
2002-03-10return the correct SID and domain name for the samr enum_domain andAndrew Tridgell1-8/+30
lookup_domain calls. We were incorrectly returning the PDCs domain nameand SID when we are a domain member. We should only do that when we are the DC (This used to be commit f56d689497eaa670cbfb214486ba88d5972129db)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Add the become_root()/unbecome_root() wrapper around the lookup_name() call,Andrew Bartlett1-1/+9
and its new args. (This used to be commit e7b3d64f6055b5d3b036f525f0ece3c9479d4f7a)
2002-01-20This is another *BIG* change...Andrew Bartlett1-44/+72
Samba now features a pluggable passdb interface, along the same lines as the one in use in the auth subsystem. In this case, only one backend may be active at a time by the 'normal' interface, and only one backend per passdb_context is permitted outside that. This pluggable interface is designed to allow any number of passdb backends to be compiled in, with the selection at runtime. The 'passdb backend' paramater has been created (and documented!) to support this. As such, configure has been modfied to allow (for example) --with-ldap and the old smbpasswd to be selected at the same time. This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua. These two backends accept 'non unix accounts', where the user does *not* exist in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to avoid conflicts in the algroitmic mapping of RIDs, they use the values specified in the 'non unix account range' paramter - in the same way as the winbind ranges are specifed. While I was at it, I cleaned up some of the code in pdb_tdb (code copied directly from smbpasswd and not really considered properly). Most of this was to do with % macro expansion on stored data. It isn't easy to get the macros into the tdb, and the first password change will 'expand' them. tdbsam needs to use a similar system to pdb_ldap in this regard. This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I don't have the test facilities for these. I plan to incoroprate at least pdb_ldap into this scheme after consultation with Jerry. Each (converted) passdb module now no longer has any 'static' variables, and only exports 1 init function outside its .c file. The non-unix-account support in this patch has been proven! It is now possible to join a win2k machine to a Samba PDC without an account in /etc/passwd! Other changes: Minor interface adjustments: pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*. pdb_update_sam_account() no longer takes the 'override' argument that was being ignored so often (every other passdb backend). Extra checks have been added in some places. Minor code changes: smbpasswd no longer attempts to initialise the passdb at startup, this is now done on first use. pdbedit has lost some of its 'machine account' logic, as this behaviour is now controlled by the passdb subsystem directly. The samr subsystem no longer calls 'local password change', but does the pdb interactions directly. This allow the ACB_ flags specifed to be transferred direct to the backend, without interference. Doco: I've updated the doco to reflect some of the changes, and removed some paramters no longer applicable to HEAD. (This used to be commit ff354c99c585068af6dc1ff35a1f109a806b326b)
2002-01-20Kill off another ugly wart from the side of the passdb subsystem.Andrew Bartlett1-36/+3
This time its the pdb_getsampwuid() function - which was only being used by the SAMR rpc subsystem to gain a 'user session key'. This 'user session key' is actually generated at login time, and the other changes here simply move that data around. This also means that (when I check some details) we will be able to use the user session key, even when we are not actually the DC, becouse its one of the components of the info3 struct returned on logon. Andrew Bartlett (This used to be commit 799ac01fe08a338e4e94289f5d6767ebf905c1fa)
2002-01-20This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett1-3/+3
smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett (This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-3/+14
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2002-01-02Actually enforce the passdb API.Andrew Bartlett1-25/+21
Thou shalt not reference SAM_ACCOUNT members directly - always use pdb_get/pdb_set. This is achived by making the whole of SAM_ACCOUNT have a .private member, where the real members live. This caught a pile of examples, and these have beeen fixed. The pdb_get..() functions are 'const' (have been for some time) and this required a few small changes to constify other functions. I've also added some debugs to the pdb get and set, they can be removed if requested. I've rewritten the copy_id2x_to_sam_pass() functions to use the new passdb interface, but I need the flags info to do it properly. The pdb_free_sam() funciton now blanks out the LM and NT hashes, and as such I have removed many extra 'samr_clear_sam_passwd(smbpass)' calls as a result. Finally, any and all testing is always appriciated - but the basics seem to work. Andrew Bartlett (This used to be commit d3dd28f6c443187b8d820d5a39c7c5b3be2fa95c)
2002-01-02Make user enumeration work for w2k and win9x.Jeremy Allison1-71/+85
This means different return sizes depending on client bugs. This sucks :-(. Jeremy. (This used to be commit f6592628eb526c487069bb3fcd809aca930e668e)
2001-12-31last_enum not used.Jeremy Allison1-4/+0
Jeremy. (This used to be commit efbec935fe727d5d5bd852c7bae9baf92df18686)
2001-12-31Fixed enumeration of a large (<1500) users from a Samba PDC to a W2kJeremy Allison1-6/+0
member server. Firstly, use the same max enumeration size (0x400) as W2K uses, otherwise W2K won't ask for any more. Secondly, if a enumeration request with a non-zero offset comes in on a handle that hasn't started an enumeration, don't bitch about it (return NT_STATUS_UNSUCCESSFUL), just load the db on that handle and return at that offset. Jeremy. (This used to be commit 0b7da4a50ea02e28ab23e71de1e5f8b9194a9af3)
2001-12-21Removed unused variables.Jeremy Allison1-2/+0
Jeremy. (This used to be commit 621fa227bdf6af15daa13f62287978dc2310c04c)
2001-12-21The jf_get_sampasswd_entries() is not used anymore.Jeremy Allison1-335/+0
Jeremy. (This used to be commit bf1816099707b816c9b62ad5ab794dc49b833181)
2001-12-21added a copyright notice.Jean-François Micouleau1-1/+1
J.F. (This used to be commit 87928c4d91940447191af4fe83a2be7ac3477361)
2001-12-21doesn't keep track of the struct's size we enumerate. W2K doesn'tJean-François Micouleau1-71/+76
calculate them and always reply a size of 32 bytes whereas NT4 did the maths. Anyway, it looks like the clients don't complain. in query_dom_info() at level 2, return the real number of users and groups. That's the fix to the W95/98 userlist bug ! as W95/98 does a query_dom_info(2) followed by a query_disp_info(4) on the SAME context handle (err we call it an lsa policy handle ! plain wrong name), I was tempted to keep the snapshoot in memory, to prevent 2 full user db enumerations in a row and just have one shared. But if some client does the 2 calls on two different handles, we would have 2 copies in memory not free'ed before the samr_close(). We still have too many fixed constant and too many magic values in that code. And btw, I really hates how the sequence number is generated ! J.F. (This used to be commit c0178e1a03f8225e5b350feb8fcbfb02f43327b4)
2001-12-21Fixup some DEBUG statements (0 -> 10).Jeremy Allison1-3/+3
Jeremy. (This used to be commit bf65331cb49299189d35ad5834167ec24b3a1ecb)
2001-12-21Use pdb_free_sam() to free a SAM_ACCOUNT struct, not safe_free(). ThereJeremy Allison1-1/+1
are pointers withing the SAM_ACCOUNT struct that also need freeing. Jeremy. (This used to be commit a7d099cc75f813b4010a5f313c3fa6e6e8284b6d)
2001-12-21re-done all of samr_query_disp_info()Jean-François Micouleau1-86/+310
instead of enumerating the whole user db or group db every time, we store a in memory copy linked to the handle. that's much faster for large enumeration where the db can't fit in a single rpc packet. And as it's a copy, it's constant between enumeration. still some stuff to clean. But now I can fix the W95 userlist bug, as I've finally found it. J.F. (This used to be commit 3ab45215369e8e93d750f4687e9c1f7d47782590)
2001-12-19added info level 1 to samr_query_alias()Jean-François Micouleau1-0/+5
(This used to be commit 589aa4fe226ee5bdae0a244631193714b0b556ac)
2001-12-18Fixed bad args to debug statements.Tim Potter1-3/+3
(This used to be commit 5e0f0716ca9826de110fd9eeaf231970e7c19b42)
2001-12-10added info level 3 to samrgetgroupinfo. I don't know what the value is.Jean-François Micouleau1-12/+164
It's just to keep usermanager happy ;-) clean up a bit samr_query_aliasinfo to return the group description added: samr_del_aliasmem, samr_del_groupmem and samr_del_domuser with the correct scripts, you can now entirely manage the users from usermanager ! Closer to full PDC every day ;-) J.F. (This used to be commit 0a727afc669704cda9b44d44dbac9e989e906ae3)
2001-12-08small comment I don't want to loose.Jean-François Micouleau1-0/+5
J.F. (This used to be commit a0b5ae58228d01ff5099180f16ffba4353bd28a7)
2001-12-06again an intrusive patch:Jean-François Micouleau1-2/+5
- removed the ugly as hell sam_logon_in_ssb variable, I changed a bit the definition of standard_sub_basic() to cope with that. - removed the smb.conf: 'domain admin group' and 'domain guest group' parameters ! We're not playing anymore with the user's group RIDs ! - in get_domain_user_groups(), if the user's gid is a group, put it first in the group RID list. I just have to write an HOWTO now ;-) J.F. (This used to be commit fef52c4b96c987115fb1818c00c2352c67790e50)
2001-12-05added samr_queryuseralias(). instead of returning BUILTIN_ALIAS_RID_USERS,Jean-François Micouleau1-16/+48
now return the alias correctly. time to look at the netlogon case. J.F. (This used to be commit 72ee1791084d09e73d8057e37ced4a79cecffb35)
2001-12-04added a boolean to the group mapping functions to specify if we need orJean-François Micouleau1-84/+40
not the privileges. Usually we don't need them, so the memory is free early. lib/util_sid.c: added some helper functions to check an SID. passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass an RID all the way. If the group doesn't exist on the domain SID, don't return a faked one as it can collide with a builtin one. Some rpc structures have been badly designed, they return only rids and force the client to do subsequent lsa_lookup_sid() on the domain sid and the builtin sid ! rpc_server/srv_util.c: wrote a new version of get_domain_user_groups(). Only the samr code uses it atm. It uses the group mapping code instead of a bloody hard coded crap. The netlogon code will use it too, but I have to do some test first. J.F. (This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
2001-12-03added a tdb to store the account policy informations.Jean-François Micouleau1-87/+168
You can change them with either usermanager->policies->account or from a command prompt on NT/W2K: net accounts /domain we can add a rpc accounts to the net command. As the net_rpc.c is still empty, I did not start. How should I add command to it ? Should I take the rpcclient/cmd_xxx functions and call them from there ? alse changed the SAM_UNK_INFO_3 parser, it's an NTTIME. This one is more for jeremy ;-) J.F. (This used to be commit bc28a8eebd9245ce3004ae4b1a359db51f77bf21)
2001-12-02added queryuseraliases to rpcclientJean-François Micouleau1-0/+33
and some comments to the samr server code, to explain what we should return here. J.F. (This used to be commit 06cb20a46d9d9f8abf0d92ba4cfa4d23187ad715)
2001-12-02there was a bug in samr_lookup_names (my fault)Jean-François Micouleau1-42/+77
and added comments and some debugs. J.F. (This used to be commit 114eba496fa020a7f491eb549c91fb38ca34dabb)
2001-11-29Changed again how the privilege list is handled in the group mapping code.Jean-François Micouleau1-7/+56
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
2001-11-28added samr_set_domain_info and samr_unknown_2E.Jean-François Micouleau1-0/+98
We now get the full account policy window in usermanager, and the framework to store all those values. I plan to add a TDB file to store them. oh, and found that the last value in a sam_unknown_info_12_inf struct is an uint16 and not a uint32. andrewb: you hardcoded the MAX_PASSWORD_AGE to 21 days. We can now turn it to a value setable in usermanager. J.F. (This used to be commit 99471d25693f6672d433b90a060378f6faad867f)