From 6b2ae8e9ffabfa61f48397bf27966fd87a39aff9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 9 Apr 2008 12:38:22 +0200 Subject: Add NetUserAdd to libnetapi. Guenther (This used to be commit cb98996ed2ac93a0e15838048405772d2043021a) --- source3/lib/netapi/user.c | 358 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 358 insertions(+) create mode 100644 source3/lib/netapi/user.c (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c new file mode 100644 index 0000000000..71f08c2b21 --- /dev/null +++ b/source3/lib/netapi/user.c @@ -0,0 +1,358 @@ +/* + * Unix SMB/CIFS implementation. + * NetApi User Support + * Copyright (C) Guenther Deschner 2008 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include "includes.h" + +#include "librpc/gen_ndr/libnetapi.h" +#include "lib/netapi/netapi.h" +#include "lib/netapi/libnetapi.h" + +/**************************************************************** +****************************************************************/ + +WERROR NetUserAdd_l(struct libnetapi_ctx *ctx, + struct NetUserAdd *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, + DATA_BLOB *user_session_key, + struct samr_UserInfo25 *info25) +{ + uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; + struct samr_LogonHours zero_logon_hours; + struct lsa_BinaryString zero_parameters; + uint32_t acct_flags = 0; + NTTIME password_age; + + ZERO_STRUCTP(info25); + ZERO_STRUCT(zero_logon_hours); + ZERO_STRUCT(zero_parameters); + + if (info1->usri1_name) { + fields_present |= SAMR_FIELD_FULL_NAME; + } + if (info1->usri1_password) { + fields_present |= SAMR_FIELD_PASSWORD; + } + if (info1->usri1_flags) { + fields_present |= SAMR_FIELD_ACCT_FLAGS; + } + if (info1->usri1_name) { + fields_present |= SAMR_FIELD_FULL_NAME; + } + if (info1->usri1_home_dir) { + fields_present |= SAMR_FIELD_HOME_DIRECTORY; + } + if (info1->usri1_script_path) { + fields_present |= SAMR_FIELD_LOGON_SCRIPT; + } + if (info1->usri1_comment) { + fields_present |= SAMR_FIELD_DESCRIPTION; + } + if (info1->usri1_password_age) { + fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; + } + + acct_flags |= info1->usri1_flags | ACB_NORMAL; + + unix_to_nt_time_abs(&password_age, info1->usri1_password_age); + + /* TODO: info1->usri1_priv */ + init_samr_user_info21(&info25->info, + 0, + 0, + 0, + 0, + 0, + password_age, + NULL, + info1->usri1_name, + info1->usri1_home_dir, + NULL, + info1->usri1_script_path, + NULL, + info1->usri1_comment, + NULL, + NULL, + &zero_parameters, + 0, + 0, + acct_flags, + fields_present, + zero_logon_hours, + 0, + 0, + 0, + 0, + 0, + 0, + 0); + + if (info1->usri1_password) { + uchar pwbuf[532]; + struct MD5Context ctx; + uint8_t confounder[16]; + DATA_BLOB confounded_session_key = data_blob(NULL, 16); + + encode_pw_buffer(pwbuf, info1->usri1_password, STR_UNICODE); + + generate_random_buffer((uint8_t *)confounder, 16); + + MD5Init(&ctx); + MD5Update(&ctx, confounder, 16); + MD5Update(&ctx, user_session_key->data, + user_session_key->length); + MD5Final(confounded_session_key.data, &ctx); + + SamOEMhashBlob(pwbuf, 516, &confounded_session_key); + memcpy(&pwbuf[516], confounder, 16); + + memcpy(info25->password.data, pwbuf, sizeof(pwbuf)); + data_blob_free(&confounded_session_key); + } +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, + struct NetUserAdd *r) +{ + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, domain_handle, user_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_UserInfo25 info25; + union samr_UserInfo *user_info = NULL; + struct samr_PwInfo pw_info; + uint32_t access_granted = 0; + uint32_t rid = 0; + bool domain_found = true; + int i; + struct USER_INFO_1 *info1; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(user_handle); + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 1: + info1 = (struct USER_INFO_1 *)r->in.buffer; + break; + case 2: + case 3: + case 4: + default: + werr = WERR_NOT_SUPPORTED; + goto done; + } + + status = cli_full_connection(&cli, NULL, r->in.server_name, + NULL, 0, + "IPC$", "IPC", + ctx->username, + ctx->workgroup, + ctx->password, + CLI_FULL_CONNECTION_USE_KERBEROS | + CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, + Undefined, NULL); + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); + if (!pipe_cli) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_CREATE_USER | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_account_name, info1->usri1_name); + + status = rpccli_samr_CreateUser2(pipe_cli, ctx, + &domain_handle, + &lsa_account_name, + ACB_NORMAL, + SEC_STD_WRITE_DAC | + SEC_STD_DELETE | + SAMR_USER_ACCESS_SET_PASSWORD | + SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_ATTRIBUTES, + &user_handle, + &access_granted, + &rid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryUserInfo(pipe_cli, ctx, + &user_handle, + 16, + &user_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (!(user_info->info16.acct_flags & ACB_NORMAL)) { + werr = WERR_INVALID_PARAM; + goto done; + } + + status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx, + &user_handle, + &pw_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + ZERO_STRUCTP(user_info); + + convert_USER_INFO_1_to_samr_user_info25(info1, + &cli->user_session_key, + &info25); + + if (info1->usri1_password) { + user_info->info25 = info25; + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + &user_handle, + 25, + user_info); + } else { + user_info->info21 = info25.info; + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, + &user_handle, + 21, + user_info); + + } + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto failed; + } + + werr = WERR_OK; + goto done; + + failed: + status = rpccli_samr_DeleteUser(pipe_cli, ctx, + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&user_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &user_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + cli_shutdown(cli); + + return werr; +} -- cgit From fb538ad641842b69e83709cc7588cbef80d6544b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 9 Apr 2008 13:35:49 +0200 Subject: Add NetUserDel to libnetapi. Guenther (This used to be commit 92ba18fcd0816fb85846c6e788ea4a04c71e02a8) --- source3/lib/netapi/user.c | 190 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 190 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 71f08c2b21..f5bdc27fd8 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -356,3 +356,193 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, return werr; } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserDel_r(struct libnetapi_ctx *ctx, + struct NetUserDel *r) +{ + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + uint32_t resume_handle = 0; + uint32_t num_entries = 0; + POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle; + struct samr_SamArray *sam = NULL; + const char *domain_name = NULL; + struct lsa_String lsa_domain_name, lsa_account_name; + struct samr_Ids user_rids, name_types; + struct dom_sid2 *domain_sid = NULL; + struct dom_sid2 user_sid; + bool domain_found = true; + int i; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(builtin_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(user_handle); + + status = cli_full_connection(&cli, NULL, r->in.server_name, + NULL, 0, + "IPC$", "IPC", + ctx->username, + ctx->workgroup, + ctx->password, + CLI_FULL_CONNECTION_USE_KERBEROS | + CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, + Undefined, NULL); + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); + if (!pipe_cli) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + CONST_DISCARD(DOM_SID *, &global_sid_Builtin), + &builtin_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + STD_RIGHT_DELETE_ACCESS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + sid_compose(&user_sid, domain_sid, user_rids.ids[0]); + + status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx, + &builtin_handle, + &user_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_DeleteUser(pipe_cli, ctx, + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&user_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &user_handle); + } + if (is_valid_policy_hnd(&builtin_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &builtin_handle); + } + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + cli_shutdown(cli); + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserDel_l(struct libnetapi_ctx *ctx, + struct NetUserDel *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 4801d0c6f3cd08cbbfc0d68d36632044356e9d12 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 9 Apr 2008 13:47:51 +0200 Subject: Add NetUserEnum to libnetapi. Guenther (This used to be commit 6c933d0b3838808aeee7f4b29ee89aab8d203538) --- source3/lib/netapi/user.c | 197 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 197 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f5bdc27fd8..8dcc159c9e 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -546,3 +546,200 @@ WERROR NetUserDel_l(struct libnetapi_ctx *ctx, { return WERR_NOT_SUPPORTED; } + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_samarray_to_USER_INFO_buffer(TALLOC_CTX *mem_ctx, + struct samr_SamArray *sam_array, + uint32_t level, + uint8_t **buffer) +{ + struct USER_INFO_0 *info0 = NULL; + int i; + + switch (level) { + case 0: + info0 = TALLOC_ZERO_ARRAY(mem_ctx, struct USER_INFO_0, + sam_array->count); + W_ERROR_HAVE_NO_MEMORY(info0); + + for (i=0; icount; i++) { + info0[i].usri0_name = talloc_strdup(mem_ctx, + sam_array->entries[i].name.string); + W_ERROR_HAVE_NO_MEMORY(info0[i].usri0_name); + } + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, info0, + sizeof(struct USER_INFO_0) * sam_array->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + break; + default: + return WERR_NOT_SUPPORTED; + } + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, + struct NetUserEnum *r) +{ + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle; + struct dom_sid2 *domain_sid = NULL; + struct policy_handle domain_handle; + struct samr_SamArray *sam = NULL; + uint32_t num_entries = 0; + int i; + const char *domain_name = NULL; + bool domain_found = true; + uint32_t dom_resume_handle = 0; + struct lsa_String lsa_domain_name; + + NTSTATUS status; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + switch (r->in.level) { + case 0: + break; + case 1: + case 2: + case 3: + case 10: + case 11: + case 20: + case 23: + default: + return WERR_NOT_SUPPORTED; + } + + status = cli_full_connection(&cli, NULL, r->in.server_name, + NULL, 0, + "IPC$", "IPC", + ctx->username, + ctx->workgroup, + ctx->password, + CLI_FULL_CONNECTION_USE_KERBEROS | + CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, + Undefined, NULL); + + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); + if (!pipe_cli) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_ENUM_DOMAINS, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &dom_resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, + ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomainUsers(pipe_cli, + ctx, + &domain_handle, + r->in.resume_handle, + r->in.filter, + &sam, + r->in.prefmaxlen, + r->out.entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = convert_samr_samarray_to_USER_INFO_buffer(ctx, sam, + r->in.level, + r->out.buffer); + + done: + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + if (cli) { + cli_shutdown(cli); + } + + return werr; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserEnum_l(struct libnetapi_ctx *ctx, + struct NetUserEnum *r) +{ + return WERR_NOT_SUPPORTED; +} + -- cgit From 8ab9696bfb5e127a35ab31e7e7746388a8f8a365 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 10 Apr 2008 21:52:03 +0200 Subject: Split out private headers in libnetapi. Guenther (This used to be commit dd6251d51472a96bfc5ba3d62ea788c8924d4c6b) --- source3/lib/netapi/user.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8dcc159c9e..54157a8f82 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -21,6 +21,7 @@ #include "librpc/gen_ndr/libnetapi.h" #include "lib/netapi/netapi.h" +#include "lib/netapi/netapi_private.h" #include "lib/netapi/libnetapi.h" /**************************************************************** -- cgit From aeb7f7db4014695eb6510cc7a713db4c6228bd1f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 10 Apr 2008 22:04:04 +0200 Subject: Use libnetapi_open_ipc_connection in libnetapi. Guenther (This used to be commit d9f19fc61586d606393368799dee9757c169d602) --- source3/lib/netapi/user.c | 54 +++++++++-------------------------------------- 1 file changed, 10 insertions(+), 44 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 54157a8f82..d9505bc067 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -180,18 +180,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - status = cli_full_connection(&cli, NULL, r->in.server_name, - NULL, 0, - "IPC$", "IPC", - ctx->username, - ctx->workgroup, - ctx->password, - CLI_FULL_CONNECTION_USE_KERBEROS | - CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, - Undefined, NULL); - - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -353,8 +343,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, rpccli_samr_Close(pipe_cli, ctx, &connect_handle); } - cli_shutdown(cli); - return werr; } @@ -385,18 +373,8 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(domain_handle); ZERO_STRUCT(user_handle); - status = cli_full_connection(&cli, NULL, r->in.server_name, - NULL, 0, - "IPC$", "IPC", - ctx->username, - ctx->workgroup, - ctx->password, - CLI_FULL_CONNECTION_USE_KERBEROS | - CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, - Undefined, NULL); - - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -534,8 +512,6 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, rpccli_samr_Close(pipe_cli, ctx, &connect_handle); } - cli_shutdown(cli); - return werr; } @@ -621,18 +597,8 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } - status = cli_full_connection(&cli, NULL, r->in.server_name, - NULL, 0, - "IPC$", "IPC", - ctx->username, - ctx->workgroup, - ctx->password, - CLI_FULL_CONNECTION_USE_KERBEROS | - CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS, - Undefined, NULL); - - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -721,6 +687,10 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, r->out.buffer); done: + if (!cli) { + return werr; + } + if (is_valid_policy_hnd(&domain_handle)) { rpccli_samr_Close(pipe_cli, ctx, &domain_handle); } @@ -728,10 +698,6 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, rpccli_samr_Close(pipe_cli, ctx, &connect_handle); } - if (cli) { - cli_shutdown(cli); - } - return werr; } -- cgit From ef6ed54765b1d8ccaabfb3268f8427cc791b738b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 10 Apr 2008 22:44:00 +0200 Subject: Use libnetapi_open_pipe in netapi functions. Guenther (This used to be commit 5804d8b112e1da022988c635284eb4799974d4c7) --- source3/lib/netapi/user.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index d9505bc067..31e5faa594 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -185,9 +185,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); - if (!pipe_cli) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -378,9 +377,8 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } - pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); - if (!pipe_cli) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -602,9 +600,8 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } - pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &status); - if (!pipe_cli) { - werr = ntstatus_to_werror(status); + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From 5647deccb1372b4ea478b34814e304ae8962f282 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sun, 13 Apr 2008 19:04:18 +0200 Subject: libnetapi: add NetQueryDisplayInformation skeleton. Guenther (This used to be commit 6ec4a62b6d584f6745c3285474372f235614b598) --- source3/lib/netapi/user.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 31e5faa594..f0ce26bdf8 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -707,3 +707,22 @@ WERROR NetUserEnum_l(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } +/**************************************************************** +****************************************************************/ + + +WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, + struct NetQueryDisplayInformation *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + + +WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx, + struct NetQueryDisplayInformation *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From dcb9264edf2ca9f08fafaeb0633d90e5ba0da2f3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sun, 13 Apr 2008 19:11:01 +0200 Subject: libnetapi: don't reset the error code in NetUserAdd_r if the operation failed. Guenther (This used to be commit 9edb067f62b1e36f1da461b3eb09cb123d2089dd) --- source3/lib/netapi/user.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f0ce26bdf8..7b7cb9db05 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -320,12 +320,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; failed: - status = rpccli_samr_DeleteUser(pipe_cli, ctx, - &user_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } + rpccli_samr_DeleteUser(pipe_cli, ctx, + &user_handle); done: if (!cli) { -- cgit From b3367c9e353e947c6b0641418cbb66ae64db2ed3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sun, 13 Apr 2008 19:12:31 +0200 Subject: libnetapi: fill in NetQueryDisplayInformation_r. Guenther (This used to be commit 7fb9991b4c54fd0b9629e47afc1e5bbc2cfc1088) --- source3/lib/netapi/user.c | 296 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 295 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7b7cb9db05..55d9795f2d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -706,11 +706,305 @@ WERROR NetUserEnum_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx, + struct samr_DispInfoGeneral *info, + uint32_t *entries_read, + void **buffer) +{ + struct NET_DISPLAY_USER *user = NULL; + int i; + + user = TALLOC_ZERO_ARRAY(mem_ctx, + struct NET_DISPLAY_USER, + info->count); + W_ERROR_HAVE_NO_MEMORY(user); + + for (i = 0; i < info->count; i++) { + user[i].usri1_name = talloc_strdup(mem_ctx, + info->entries[i].account_name.string); + user[i].usri1_comment = talloc_strdup(mem_ctx, + info->entries[i].description.string); + user[i].usri1_flags = + info->entries[i].acct_flags; + user[i].usri1_full_name = talloc_strdup(mem_ctx, + info->entries[i].full_name.string); + user[i].usri1_user_id = + info->entries[i].rid; + user[i].usri1_next_index = + info->entries[i].idx; + + if (!user[i].usri1_name) { + return WERR_NOMEM; + } + } + + *buffer = talloc_memdup(mem_ctx, user, + sizeof(struct NET_DISPLAY_USER) * info->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + *entries_read = info->count; + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFull *info, + uint32_t *entries_read, + void **buffer) +{ + struct NET_DISPLAY_MACHINE *machine = NULL; + int i; + + machine = TALLOC_ZERO_ARRAY(mem_ctx, + struct NET_DISPLAY_MACHINE, + info->count); + W_ERROR_HAVE_NO_MEMORY(machine); + + for (i = 0; i < info->count; i++) { + machine[i].usri2_name = talloc_strdup(mem_ctx, + info->entries[i].account_name.string); + machine[i].usri2_comment = talloc_strdup(mem_ctx, + info->entries[i].description.string); + machine[i].usri2_flags = + info->entries[i].acct_flags; + machine[i].usri2_user_id = + info->entries[i].rid; + machine[i].usri2_next_index = + info->entries[i].idx; + + if (!machine[i].usri2_name) { + return WERR_NOMEM; + } + } + + *buffer = talloc_memdup(mem_ctx, machine, + sizeof(struct NET_DISPLAY_MACHINE) * info->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + *entries_read = info->count; + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + +static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx, + struct samr_DispInfoFullGroups *info, + uint32_t *entries_read, + void **buffer) +{ + struct NET_DISPLAY_GROUP *group = NULL; + int i; + + group = TALLOC_ZERO_ARRAY(mem_ctx, + struct NET_DISPLAY_GROUP, + info->count); + W_ERROR_HAVE_NO_MEMORY(group); + + for (i = 0; i < info->count; i++) { + group[i].grpi3_name = talloc_strdup(mem_ctx, + info->entries[i].account_name.string); + group[i].grpi3_comment = talloc_strdup(mem_ctx, + info->entries[i].description.string); + group[i].grpi3_group_id = + info->entries[i].rid; + group[i].grpi3_attributes = + info->entries[i].acct_flags; + group[i].grpi3_next_index = + info->entries[i].idx; + + if (!group[i].grpi3_name) { + return WERR_NOMEM; + } + } + + *buffer = talloc_memdup(mem_ctx, group, + sizeof(struct NET_DISPLAY_GROUP) * info->count); + W_ERROR_HAVE_NO_MEMORY(*buffer); + + *entries_read = info->count; + + return WERR_OK; + +} + +/**************************************************************** +****************************************************************/ + +WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx, + union samr_DispInfo *info, + uint32_t level, + uint32_t *entries_read, + void **buffer) +{ + switch (level) { + case 1: + return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx, + &info->info1, + entries_read, + buffer); + case 2: + return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx, + &info->info2, + entries_read, + buffer); + case 3: + return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx, + &info->info3, + entries_read, + buffer); + default: + return WERR_UNKNOWN_LEVEL; + } + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, struct NetQueryDisplayInformation *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle; + struct dom_sid2 *domain_sid = NULL; + struct policy_handle domain_handle; + union samr_DispInfo info; + struct samr_SamArray *sam = NULL; + uint32_t num_entries = 0; + int i; + const char *domain_name = NULL; + bool domain_found = true; + uint32_t dom_resume_handle = 0; + struct lsa_String lsa_domain_name; + + uint32_t total_size = 0; + uint32_t returned_size = 0; + + NTSTATUS status; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + switch (r->in.level) { + case 1: + case 2: + case 3: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = rpccli_try_samr_connects(pipe_cli, ctx, + SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_ENUM_DOMAINS, + &connect_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_EnumDomains(pipe_cli, ctx, + &connect_handle, + &dom_resume_handle, + &sam, + 0xffffffff, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; ientries[i].name.string; + + if (strequal(domain_name, builtin_domain_name())) { + continue; + } + + domain_found = true; + break; + } + + if (!domain_found) { + werr = WERR_NO_SUCH_DOMAIN; + goto done; + } + + init_lsa_String(&lsa_domain_name, domain_name); + + status = rpccli_samr_LookupDomain(pipe_cli, ctx, + &connect_handle, + &lsa_domain_name, + &domain_sid); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenDomain(pipe_cli, + ctx, + &connect_handle, + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + domain_sid, + &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_QueryDisplayInfo2(pipe_cli, + ctx, + &domain_handle, + r->in.level, + r->in.idx, + r->in.entries_requested, + r->in.prefmaxlen, + &total_size, + &returned_size, + &info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info, + r->in.level, + r->out.entries_read, + r->out.buffer); + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&domain_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &domain_handle); + } + if (is_valid_policy_hnd(&connect_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + } + + return werr; + } /**************************************************************** -- cgit From 3455702721c0888a475afe3e0fe2e8469aa8cdd3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 16 Apr 2008 02:38:13 +0200 Subject: libnetapi: Let NetUserAdd_l/NetUserDel_l talk to the local RPC server. Guenther (This used to be commit 9bbb6cea0b21d98ae13f7a41226b437515bd5a2f) --- source3/lib/netapi/user.c | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 55d9795f2d..05a051067a 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -27,15 +27,6 @@ /**************************************************************** ****************************************************************/ -WERROR NetUserAdd_l(struct libnetapi_ctx *ctx, - struct NetUserAdd *r) -{ - return WERR_NOT_SUPPORTED; -} - -/**************************************************************** -****************************************************************/ - static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, DATA_BLOB *user_session_key, struct samr_UserInfo25 *info25) @@ -344,6 +335,20 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +WERROR NetUserAdd_l(struct libnetapi_ctx *ctx, + struct NetUserAdd *r) +{ + /* for now just talk to local RPC server */ + if (!r->in.server_name) { + r->in.server_name = "localhost"; + } + + return NetUserAdd_r(ctx, r); +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserDel_r(struct libnetapi_ctx *ctx, struct NetUserDel *r) { @@ -515,7 +520,12 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, WERROR NetUserDel_l(struct libnetapi_ctx *ctx, struct NetUserDel *r) { - return WERR_NOT_SUPPORTED; + /* for now just talk to local RPC server */ + if (!r->in.server_name) { + r->in.server_name = "localhost"; + } + + return NetUserDel_r(ctx, r); } /**************************************************************** -- cgit From cee268b5cb32076cc09cbfa429a0e2553ba5be4d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Apr 2008 14:07:38 +0200 Subject: Make convert_samr_dispinfo_to_NET_DISPLAY() static (This used to be commit a30a26d471a572167ee13bf10be1a275a6592851) --- source3/lib/netapi/user.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 05a051067a..f2dc785a36 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -845,11 +845,11 @@ static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ -WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx, - union samr_DispInfo *info, - uint32_t level, - uint32_t *entries_read, - void **buffer) +static WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx, + union samr_DispInfo *info, + uint32_t level, + uint32_t *entries_read, + void **buffer) { switch (level) { case 1: -- cgit From 2997e2868cbff93e6ff3b1f59a8997871c946ca1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 17:31:00 +0200 Subject: netapi: use libnetapi_samr_open_domain(). Guenther (This used to be commit b07445e86f43d6e9e45b7c502ab7998bca4db14f) --- source3/lib/netapi/user.c | 282 ++++++---------------------------------------- 1 file changed, 36 insertions(+), 246 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f2dc785a36..de4f9164ce 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -135,20 +135,14 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, domain_handle, user_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_account_name; + struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; struct samr_UserInfo25 info25; union samr_UserInfo *user_info = NULL; struct samr_PwInfo pw_info; uint32_t access_granted = 0; uint32_t rid = 0; - bool domain_found = true; - int i; struct USER_INFO_1 *info1; ZERO_STRUCT(connect_handle); @@ -181,61 +175,15 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | - SAMR_DOMAIN_ACCESS_CREATE_USER | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_CREATE_USER | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -356,17 +304,11 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; NTSTATUS status; WERROR werr; - uint32_t resume_handle = 0; - uint32_t num_entries = 0; POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle; - struct samr_SamArray *sam = NULL; - const char *domain_name = NULL; - struct lsa_String lsa_domain_name, lsa_account_name; + struct lsa_String lsa_account_name; struct samr_Ids user_rids, name_types; struct dom_sid2 *domain_sid = NULL; struct dom_sid2 user_sid; - bool domain_found = true; - int i; ZERO_STRUCT(connect_handle); ZERO_STRUCT(builtin_handle); @@ -383,59 +325,13 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -574,12 +470,6 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; struct policy_handle domain_handle; struct samr_SamArray *sam = NULL; - uint32_t num_entries = 0; - int i; - const char *domain_name = NULL; - bool domain_found = true; - uint32_t dom_resume_handle = 0; - struct lsa_String lsa_domain_name; NTSTATUS status; WERROR werr; @@ -611,62 +501,15 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_OPEN_DOMAIN | - SAMR_ACCESS_ENUM_DOMAINS, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &dom_resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, - ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; @@ -886,13 +729,6 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; struct policy_handle domain_handle; union samr_DispInfo info; - struct samr_SamArray *sam = NULL; - uint32_t num_entries = 0; - int i; - const char *domain_name = NULL; - bool domain_found = true; - uint32_t dom_resume_handle = 0; - struct lsa_String lsa_domain_name; uint32_t total_size = 0; uint32_t returned_size = 0; @@ -922,61 +758,15 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, goto done; } - status = rpccli_try_samr_connects(pipe_cli, ctx, - SAMR_ACCESS_OPEN_DOMAIN | - SAMR_ACCESS_ENUM_DOMAINS, - &connect_handle); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_EnumDomains(pipe_cli, ctx, - &connect_handle, - &dom_resume_handle, - &sam, - 0xffffffff, - &num_entries); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - for (i=0; ientries[i].name.string; - - if (strequal(domain_name, builtin_domain_name())) { - continue; - } - - domain_found = true; - break; - } - - if (!domain_found) { - werr = WERR_NO_SUCH_DOMAIN; - goto done; - } - - init_lsa_String(&lsa_domain_name, domain_name); - - status = rpccli_samr_LookupDomain(pipe_cli, ctx, - &connect_handle, - &lsa_domain_name, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - status = rpccli_samr_OpenDomain(pipe_cli, - ctx, - &connect_handle, - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - domain_sid, - &domain_handle); + status = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; -- cgit From b652e5b4753afd8916d347d5c8ef6f54ca140097 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 2 Jun 2008 23:55:45 +0200 Subject: netapi: let libnetapi_samr_open_domain return WERROR. Guenther (This used to be commit 3d037a07e015a3af75dde054cef4c0bb7795fbb5) --- source3/lib/netapi/user.c | 80 ++++++++++++++++++++++------------------------- 1 file changed, 38 insertions(+), 42 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index de4f9164ce..f053732ac9 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -175,17 +175,16 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | - SAMR_DOMAIN_ACCESS_CREATE_USER | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_CREATE_USER | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -325,15 +324,14 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -501,17 +499,16 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -758,17 +755,16 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, goto done; } - status = libnetapi_samr_open_domain(ctx, pipe_cli, - SAMR_ACCESS_ENUM_DOMAINS | - SAMR_ACCESS_OPEN_DOMAIN, - SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | - SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | - SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, - &connect_handle, - &domain_handle, - &domain_sid); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From d0b7bccf6d7ce8b5f053a73a722d388d2483d8e8 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 9 Jun 2008 11:01:59 +0200 Subject: netapi: implement NetUserEnum filters. Guenther (This used to be commit 0bd69df7704789888eba2a07aba505dce037c4eb) --- source3/lib/netapi/user.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f053732ac9..53a307a6aa 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -468,6 +468,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct dom_sid2 *domain_sid = NULL; struct policy_handle domain_handle; struct samr_SamArray *sam = NULL; + uint32_t filter = ACB_NORMAL; NTSTATUS status; WERROR werr; @@ -512,11 +513,31 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } + switch (r->in.filter) { + case FILTER_NORMAL_ACCOUNT: + filter = ACB_NORMAL; + break; + case FILTER_TEMP_DUPLICATE_ACCOUNT: + filter = ACB_TEMPDUP; + break; + case FILTER_INTERDOMAIN_TRUST_ACCOUNT: + filter = ACB_DOMTRUST; + break; + case FILTER_WORKSTATION_TRUST_ACCOUNT: + filter = ACB_WSTRUST; + break; + case FILTER_SERVER_TRUST_ACCOUNT: + filter = ACB_SVRTRUST; + break; + default: + break; + } + status = rpccli_samr_EnumDomainUsers(pipe_cli, ctx, &domain_handle, r->in.resume_handle, - r->in.filter, + filter, &sam, r->in.prefmaxlen, r->out.entries_read); -- cgit From 6fa8ac6ab4e99f16c5e47e78343266d77cc646c0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 25 Jun 2008 00:32:02 +0200 Subject: netapi: add NetUserChangePassword skeleton. Guenther (This used to be commit f4ce6887103d0f50bf9a91251e2aceb77674604f) --- source3/lib/netapi/user.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 53a307a6aa..0d8065dd7f 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -833,3 +833,21 @@ WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx, { return WERR_NOT_SUPPORTED; } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserChangePassword_r(struct libnetapi_ctx *ctx, + struct NetUserChangePassword *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx, + struct NetUserChangePassword *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From d711db5811ccd8a56df5600770689b3c8fbc00e1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 01:10:31 +0200 Subject: netapi: fix NetUserAdd() against NT4. Guenther (This used to be commit 42c44d18eeb4d37e7c2e1209c421b3ec3a07ae28) --- source3/lib/netapi/user.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 0d8065dd7f..382704769d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -241,6 +241,21 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, &user_handle, 25, user_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { + + user_info->info23.info = info25.info; + + encode_pw_buffer(user_info->info23.password.data, + info1->usri1_password, STR_UNICODE); + SamOEMhashBlob(user_info->info23.password.data, 516, + &cli->user_session_key); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + &user_handle, + 23, + user_info); + } } else { user_info->info21 = info25.info; status = rpccli_samr_SetUserInfo(pipe_cli, ctx, -- cgit From b6caa0de4cffb5ce2ea4aa6144901832ddbb9667 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 1 Jul 2008 20:19:10 +0200 Subject: netapi: support more infolevels in NetUserEnum. Guenther (This used to be commit 22bd3d401e47ffedf1169c0c74a329e9fdcac561) --- source3/lib/netapi/user.c | 274 +++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 245 insertions(+), 29 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 382704769d..8b1287e300 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -440,35 +440,229 @@ WERROR NetUserDel_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ -static WERROR convert_samr_samarray_to_USER_INFO_buffer(TALLOC_CTX *mem_ctx, - struct samr_SamArray *sam_array, - uint32_t level, - uint8_t **buffer) +static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct policy_handle *builtin_handle, + const char *user_name, + uint32_t rid, + uint32_t level, + struct samr_UserInfo21 **info21, + struct sec_desc_buf **sec_desc) { + NTSTATUS status; + + struct policy_handle user_handle; + union samr_UserInfo *user_info = NULL; + struct samr_RidWithAttributeArray *rid_array = NULL; + uint32_t access_mask = SEC_STD_READ_CONTROL | + SAMR_USER_ACCESS_GET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_NAME_ETC; + + ZERO_STRUCT(user_handle); + + switch (level) { + case 0: + case 1: + case 2: + case 3: + case 10: + case 11: + case 20: + case 23: + break; + default: + return NT_STATUS_INVALID_LEVEL; + } + + if (level == 0) { + return NT_STATUS_OK; + } + + status = rpccli_samr_OpenUser(pipe_cli, mem_ctx, + domain_handle, + access_mask, + rid, + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx, + &user_handle, + 21, + &user_info); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx, + &user_handle, + SECINFO_DACL, + sec_desc); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (level == 1) { + status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + +#if 0 + status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, + &builtin_handle, + &sids, + &rids); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } +#endif + } + + *info21 = &user_info->info21; + + done: + if (is_valid_policy_hnd(&user_handle)) { + rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle); + } + + return status; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct dom_sid *domain_sid, + struct policy_handle *domain_handle, + struct policy_handle *builtin_handle, + const char *user_name, + uint32_t rid, + uint32_t level, + uint8_t **buffer, + uint32_t *num_entries) +{ + NTSTATUS status; + + struct samr_UserInfo21 *info21 = NULL; + struct sec_desc_buf *sec_desc = NULL; + struct dom_sid sid; + struct USER_INFO_0 *info0 = NULL; - int i; + struct USER_INFO_10 *info10 = NULL; + struct USER_INFO_20 *info20 = NULL; + struct USER_INFO_23 *info23 = NULL; switch (level) { case 0: - info0 = TALLOC_ZERO_ARRAY(mem_ctx, struct USER_INFO_0, - sam_array->count); - W_ERROR_HAVE_NO_MEMORY(info0); - - for (i=0; icount; i++) { - info0[i].usri0_name = talloc_strdup(mem_ctx, - sam_array->entries[i].name.string); - W_ERROR_HAVE_NO_MEMORY(info0[i].usri0_name); + case 1: + case 2: + case 3: + case 10: + case 11: + case 20: + case 23: + break; + default: + return NT_STATUS_INVALID_LEVEL; + } + + if (level == 0) { + info0 = TALLOC_P(mem_ctx, struct USER_INFO_0); + NT_STATUS_HAVE_NO_MEMORY(info0); + + info0->usri0_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info0->usri0_name); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, *info0, + (struct USER_INFO_0 **)buffer, num_entries); + + return NT_STATUS_OK; + } + + status = libnetapi_samr_lookup_user(mem_ctx, pipe_cli, + domain_handle, + builtin_handle, + user_name, + rid, + level, + &info21, + &sec_desc); + + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + switch (level) { + case 10: + info10 = TALLOC_P(mem_ctx, struct USER_INFO_10); + NT_STATUS_HAVE_NO_MEMORY(info10); + + info10->usri10_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info10->usri10_name); + + info10->usri10_comment = talloc_strdup(mem_ctx, + info21->description.string); + + info10->usri10_full_name = talloc_strdup(mem_ctx, + info21->full_name.string); + + info10->usri10_usr_comment = talloc_strdup(mem_ctx, + info21->comment.string); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, *info10, + (struct USER_INFO_10 **)buffer, num_entries); + + break; + + case 20: + info20 = TALLOC_P(mem_ctx, struct USER_INFO_20); + NT_STATUS_HAVE_NO_MEMORY(info20); + + info20->usri20_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info20->usri20_name); + + info20->usri20_comment = talloc_strdup(mem_ctx, + info21->description.string); + + info20->usri20_flags = info21->acct_flags; + info20->usri20_user_id = rid; + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, *info20, + (struct USER_INFO_20 **)buffer, num_entries); + + break; + case 23: + info23 = TALLOC_P(mem_ctx, struct USER_INFO_23); + NT_STATUS_HAVE_NO_MEMORY(info23); + + info23->usri23_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info23->usri23_name); + + info23->usri23_comment = talloc_strdup(mem_ctx, + info21->description.string); + + info23->usri23_flags = info21->acct_flags; + + if (!sid_compose(&sid, domain_sid, rid)) { + return NT_STATUS_NO_MEMORY; } - *buffer = (uint8_t *)talloc_memdup(mem_ctx, info0, - sizeof(struct USER_INFO_0) * sam_array->count); - W_ERROR_HAVE_NO_MEMORY(*buffer); + info23->usri23_user_sid = + (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, *info23, + (struct USER_INFO_23 **)buffer, num_entries); break; - default: - return WERR_NOT_SUPPORTED; } - return WERR_OK; + done: + return status; } /**************************************************************** @@ -484,23 +678,32 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct policy_handle domain_handle; struct samr_SamArray *sam = NULL; uint32_t filter = ACB_NORMAL; + int i; + uint32_t entries_read = 0; - NTSTATUS status; + NTSTATUS status = NT_STATUS_OK; WERROR werr; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + switch (r->in.level) { case 0: + case 10: + case 20: + case 23: break; case 1: case 2: case 3: - case 10: case 11: - case 20: - case 23: default: return WERR_NOT_SUPPORTED; } @@ -555,15 +758,28 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, filter, &sam, r->in.prefmaxlen, - r->out.entries_read); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); + &entries_read); + werr = ntstatus_to_werror(status); + if (NT_STATUS_IS_ERR(status)) { goto done; } - werr = convert_samr_samarray_to_USER_INFO_buffer(ctx, sam, - r->in.level, - r->out.buffer); + for (i=0; i < sam->count; i++) { + + status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, + domain_sid, + &domain_handle, + NULL, /*&builtin_handle, */ + sam->entries[i].name.string, + sam->entries[i].idx, + r->in.level, + r->out.buffer, + r->out.entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } done: if (!cli) { -- cgit From 668ce210ce8f280771625208e105f90e6375aee6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 16 Jul 2008 10:47:38 +0200 Subject: netapi: add skeleton for NetUserGetInfo(). Guenther (This used to be commit 84962bf50d2c3265c0134481f24f6fa34f1dfc99) --- source3/lib/netapi/user.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8b1287e300..b5e64fb67d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1082,3 +1082,22 @@ WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx, { return WERR_NOT_SUPPORTED; } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, + struct NetUserGetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx, + struct NetUserGetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + -- cgit From 99b8d914303961b3d735898e6737468a4f4047d6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Jul 2008 22:45:09 +0200 Subject: netapi: fill in NetUserGetInfo_r(). Guenther (This used to be commit d282e5eca298c4c45cbe91a93350273d1417a050) --- source3/lib/netapi/user.c | 105 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 104 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b5e64fb67d..b318aa66dc 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1089,7 +1089,110 @@ WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx, WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, struct NetUserGetInfo *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + + struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + uint32_t num_entries = 0; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(builtin_handle); + ZERO_STRUCT(user_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + /* case 1: */ + case 10: + case 20: + case 23: + break; + default: + werr = WERR_NOT_SUPPORTED; + goto done; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, + domain_sid, + &domain_handle, + &builtin_handle, + r->in.user_name, + user_rids.ids[0], + r->in.level, + r->out.buffer, + &num_entries); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&user_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &user_handle); + } + + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + + return werr; } /**************************************************************** -- cgit From c7b151e78c704ff878d11894c2e22aa2454dcff0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Jul 2008 01:00:33 +0200 Subject: netapi: add skeleton for NetUserSetInfo. Guenther (This used to be commit 8cc555602f53f6afaded2eff58ed57f87b915c64) --- source3/lib/netapi/user.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b318aa66dc..2c18cd0282 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1204,3 +1204,21 @@ WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } +/**************************************************************** +****************************************************************/ + +WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, + struct NetUserSetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, + struct NetUserSetInfo *r) +{ + return WERR_NOT_SUPPORTED; +} + -- cgit From c703304f557021c78ba0ad24e9b2e7b42147b8fd Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 17 Jul 2008 22:44:24 +0200 Subject: netapi: add caching of samr policy handles. Guenther (This used to be commit bf8453da9af1be788955204cc581c5143a854072) --- source3/lib/netapi/user.c | 56 +++++++++++++++++++++++++---------------------- 1 file changed, 30 insertions(+), 26 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 2c18cd0282..8d69536848 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -284,11 +284,10 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&user_handle)) { rpccli_samr_Close(pipe_cli, ctx, &user_handle); } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -410,14 +409,11 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, if (is_valid_policy_hnd(&user_handle)) { rpccli_samr_Close(pipe_cli, ctx, &user_handle); } - if (is_valid_policy_hnd(&builtin_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &builtin_handle); - } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_builtin_handle(ctx, &builtin_handle); + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); } return werr; @@ -786,11 +782,14 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, return werr; } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + /* if last query */ + if (NT_STATUS_IS_OK(status) || + NT_STATUS_IS_ERR(status)) { + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } } return werr; @@ -982,7 +981,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, uint32_t total_size = 0; uint32_t returned_size = 0; - NTSTATUS status; + NTSTATUS status = NT_STATUS_OK; WERROR werr; ZERO_STRUCT(connect_handle); @@ -1044,11 +1043,14 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, return werr; } - if (is_valid_policy_hnd(&domain_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &domain_handle); - } - if (is_valid_policy_hnd(&connect_handle)) { - rpccli_samr_Close(pipe_cli, ctx, &connect_handle); + /* if last query */ + if (NT_STATUS_IS_OK(status) || + NT_STATUS_IS_ERR(status)) { + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } } return werr; @@ -1189,8 +1191,10 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, rpccli_samr_Close(pipe_cli, ctx, &user_handle); } - libnetapi_samr_close_domain_handle(ctx, &domain_handle); - libnetapi_samr_close_connect_handle(ctx, &connect_handle); + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } return werr; } -- cgit From 798b56edaec88206b0d61d2852af41777d53aef2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jul 2008 17:59:30 +0200 Subject: Refactoring: libnetapi_open_pipe takes an interface instead of pipe_idx (This used to be commit 726e56c72fdb685ab5eddefd2fd8b043dc38d6ad) --- source3/lib/netapi/user.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8d69536848..f896dde3aa 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -170,7 +170,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -333,7 +334,8 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -709,7 +711,8 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -1001,7 +1004,8 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -1128,7 +1132,8 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli); + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } -- cgit From bcc944b21d5799d37d3e796e61265506fd45b17a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 20:12:13 +0200 Subject: netapi: add convert_USER_INFO_X_to_samr_user_info21 fn and use it NetUserAdd. Guenther (This used to be commit c3e4c7cb5f2728a8219789aeb2344bff368713d5) --- source3/lib/netapi/user.c | 175 +++++++++++++++++++++++++++++++++------------- 1 file changed, 126 insertions(+), 49 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f896dde3aa..faf1a6d65c 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -27,9 +27,8 @@ /**************************************************************** ****************************************************************/ -static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, - DATA_BLOB *user_session_key, - struct samr_UserInfo25 *info25) +static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, + struct samr_UserInfo21 *info21) { uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; struct samr_LogonHours zero_logon_hours; @@ -37,41 +36,41 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, uint32_t acct_flags = 0; NTTIME password_age; - ZERO_STRUCTP(info25); + ZERO_STRUCTP(info21); ZERO_STRUCT(zero_logon_hours); ZERO_STRUCT(zero_parameters); - if (info1->usri1_name) { + if (infoX->usriX_name) { fields_present |= SAMR_FIELD_FULL_NAME; } - if (info1->usri1_password) { + if (infoX->usriX_password) { fields_present |= SAMR_FIELD_PASSWORD; } - if (info1->usri1_flags) { + if (infoX->usriX_flags) { fields_present |= SAMR_FIELD_ACCT_FLAGS; } - if (info1->usri1_name) { + if (infoX->usriX_name) { fields_present |= SAMR_FIELD_FULL_NAME; } - if (info1->usri1_home_dir) { + if (infoX->usriX_home_dir) { fields_present |= SAMR_FIELD_HOME_DIRECTORY; } - if (info1->usri1_script_path) { + if (infoX->usriX_script_path) { fields_present |= SAMR_FIELD_LOGON_SCRIPT; } - if (info1->usri1_comment) { + if (infoX->usriX_comment) { fields_present |= SAMR_FIELD_DESCRIPTION; } - if (info1->usri1_password_age) { + if (infoX->usriX_password_age) { fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; } - acct_flags |= info1->usri1_flags | ACB_NORMAL; + acct_flags |= infoX->usriX_flags | ACB_NORMAL; - unix_to_nt_time_abs(&password_age, info1->usri1_password_age); + unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); - /* TODO: info1->usri1_priv */ - init_samr_user_info21(&info25->info, + /* TODO: infoX->usriX_priv */ + init_samr_user_info21(info21, 0, 0, 0, @@ -79,12 +78,12 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, 0, password_age, NULL, - info1->usri1_name, - info1->usri1_home_dir, + infoX->usriX_name, + infoX->usriX_home_dir, NULL, - info1->usri1_script_path, + infoX->usriX_script_path, NULL, - info1->usri1_comment, + infoX->usriX_comment, NULL, NULL, &zero_parameters, @@ -100,29 +99,80 @@ static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1, 0, 0, 0); +} - if (info1->usri1_password) { - uchar pwbuf[532]; - struct MD5Context ctx; - uint8_t confounder[16]; - DATA_BLOB confounded_session_key = data_blob(NULL, 16); - - encode_pw_buffer(pwbuf, info1->usri1_password, STR_UNICODE); +/**************************************************************** +****************************************************************/ - generate_random_buffer((uint8_t *)confounder, 16); +static NTSTATUS construct_USER_INFO_X(uint32_t level, + uint8_t *buffer, + struct USER_INFO_X *uX) +{ + struct USER_INFO_0 *u0 = NULL; + struct USER_INFO_1 *u1 = NULL; + struct USER_INFO_2 *u2 = NULL; + struct USER_INFO_1007 *u1007 = NULL; - MD5Init(&ctx); - MD5Update(&ctx, confounder, 16); - MD5Update(&ctx, user_session_key->data, - user_session_key->length); - MD5Final(confounded_session_key.data, &ctx); + if (!buffer || !uX) { + return NT_STATUS_INVALID_PARAMETER; + } - SamOEMhashBlob(pwbuf, 516, &confounded_session_key); - memcpy(&pwbuf[516], confounder, 16); + ZERO_STRUCTP(uX); - memcpy(info25->password.data, pwbuf, sizeof(pwbuf)); - data_blob_free(&confounded_session_key); + switch (level) { + case 0: + u0 = (struct USER_INFO_0 *)buffer; + uX->usriX_name = u0->usri0_name; + break; + case 1: + u1 = (struct USER_INFO_1 *)buffer; + uX->usriX_name = u1->usri1_name; + uX->usriX_password = u1->usri1_password; + uX->usriX_password_age = u1->usri1_password_age; + uX->usriX_priv = u1->usri1_priv; + uX->usriX_home_dir = u1->usri1_home_dir; + uX->usriX_comment = u1->usri1_comment; + uX->usriX_flags = u1->usri1_flags; + uX->usriX_script_path = u1->usri1_script_path; + break; + case 2: + u2 = (struct USER_INFO_2 *)buffer; + uX->usriX_name = u2->usri2_name; + uX->usriX_password = u2->usri2_password; + uX->usriX_password_age = u2->usri2_password_age; + uX->usriX_priv = u2->usri2_priv; + uX->usriX_home_dir = u2->usri2_home_dir; + uX->usriX_comment = u2->usri2_comment; + uX->usriX_flags = u2->usri2_flags; + uX->usriX_script_path = u2->usri2_script_path; + uX->usriX_auth_flags = u2->usri2_auth_flags; + uX->usriX_full_name = u2->usri2_full_name; + uX->usriX_usr_comment = u2->usri2_usr_comment; + uX->usriX_parms = u2->usri2_parms; + uX->usriX_workstations = u2->usri2_workstations; + uX->usriX_last_logon = u2->usri2_last_logon; + uX->usriX_last_logoff = u2->usri2_last_logoff; + uX->usriX_acct_expires = u2->usri2_acct_expires; + uX->usriX_max_storage = u2->usri2_max_storage; + uX->usriX_units_per_week= u2->usri2_units_per_week; + uX->usriX_logon_hours = u2->usri2_logon_hours; + uX->usriX_bad_pw_count = u2->usri2_bad_pw_count; + uX->usriX_num_logons = u2->usri2_num_logons; + uX->usriX_logon_server = u2->usri2_logon_server; + uX->usriX_country_code = u2->usri2_country_code; + uX->usriX_code_page = u2->usri2_code_page; + break; + case 1007: + u1007 = (struct USER_INFO_1007 *)buffer; + uX->usriX_comment = u1007->usri1007_comment; + break; + case 3: + case 4: + default: + return NT_STATUS_INVALID_INFO_CLASS; } + + return NT_STATUS_OK; } /**************************************************************** @@ -138,12 +188,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, POLICY_HND connect_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; - struct samr_UserInfo25 info25; + struct samr_UserInfo21 info21; union samr_UserInfo *user_info = NULL; struct samr_PwInfo pw_info; uint32_t access_granted = 0; uint32_t rid = 0; - struct USER_INFO_1 *info1; + struct USER_INFO_X uX; ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); @@ -155,7 +205,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 1: - info1 = (struct USER_INFO_1 *)r->in.buffer; break; case 2: case 3: @@ -176,6 +225,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } + status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_OPEN_DOMAIN, @@ -189,7 +244,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - init_lsa_String(&lsa_account_name, info1->usri1_name); + init_lsa_String(&lsa_account_name, uX.usriX_name); status = rpccli_samr_CreateUser2(pipe_cli, ctx, &domain_handle, @@ -230,14 +285,36 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } + convert_USER_INFO_X_to_samr_user_info21(&uX, + &info21); + ZERO_STRUCTP(user_info); - convert_USER_INFO_1_to_samr_user_info25(info1, - &cli->user_session_key, - &info25); + if (uX.usriX_password) { + + uchar pwbuf[532]; + struct MD5Context md5_ctx; + uint8_t confounder[16]; + DATA_BLOB confounded_session_key = data_blob(NULL, 16); + + encode_pw_buffer(pwbuf, uX.usriX_password, STR_UNICODE); + + generate_random_buffer((uint8_t *)confounder, 16); + + MD5Init(&md5_ctx); + MD5Update(&md5_ctx, confounder, 16); + MD5Update(&md5_ctx, cli->user_session_key.data, + cli->user_session_key.length); + MD5Final(confounded_session_key.data, &md5_ctx); + + SamOEMhashBlob(pwbuf, 516, &confounded_session_key); + memcpy(&pwbuf[516], confounder, 16); + + memcpy(user_info->info25.password.data, pwbuf, sizeof(pwbuf)); + data_blob_free(&confounded_session_key); + + user_info->info25.info = info21; - if (info1->usri1_password) { - user_info->info25 = info25; status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, &user_handle, 25, @@ -245,10 +322,10 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { - user_info->info23.info = info25.info; + user_info->info23.info = info21; encode_pw_buffer(user_info->info23.password.data, - info1->usri1_password, STR_UNICODE); + uX.usriX_password, STR_UNICODE); SamOEMhashBlob(user_info->info23.password.data, 516, &cli->user_session_key); @@ -258,7 +335,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, user_info); } } else { - user_info->info21 = info25.info; + user_info->info21 = info21; status = rpccli_samr_SetUserInfo(pipe_cli, ctx, &user_handle, 21, -- cgit From b15d2dea75f9d1104285bd1fad01f6872efb6ac3 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 20:12:45 +0200 Subject: netapi: implement NetUserSetInfo_r() for at least level 1007. Guenther (This used to be commit ff9bcd57738aa04c5e18e0e21dd0e788127317c4) --- source3/lib/netapi/user.c | 124 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 123 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index faf1a6d65c..fe30b14d77 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1296,7 +1296,129 @@ WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx, WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + + struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + union samr_UserInfo user_info; + + struct USER_INFO_X uX; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + ZERO_STRUCT(builtin_handle); + ZERO_STRUCT(user_handle); + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + case 1007: + break; + default: + werr = WERR_NOT_SUPPORTED; + goto done; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_SET_ATTRIBUTES, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + convert_USER_INFO_X_to_samr_user_info21(&uX, &user_info.info21); + + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, + &user_handle, + 21, + &user_info); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&user_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &user_handle); + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_builtin_handle(ctx, &builtin_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From 3076cc4257d2673d4ecc2734682d45d1736fd462 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 20:43:14 +0200 Subject: netapi: use init_samr_CryptPasswordEx and init_samr_CryptPassword. Guenther (This used to be commit 97106199f1a2add886a14523aa7b402667d2cd89) --- source3/lib/netapi/user.c | 34 +++++++++------------------------- 1 file changed, 9 insertions(+), 25 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index fe30b14d77..e36274bfad 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -292,29 +292,12 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, if (uX.usriX_password) { - uchar pwbuf[532]; - struct MD5Context md5_ctx; - uint8_t confounder[16]; - DATA_BLOB confounded_session_key = data_blob(NULL, 16); - - encode_pw_buffer(pwbuf, uX.usriX_password, STR_UNICODE); - - generate_random_buffer((uint8_t *)confounder, 16); - - MD5Init(&md5_ctx); - MD5Update(&md5_ctx, confounder, 16); - MD5Update(&md5_ctx, cli->user_session_key.data, - cli->user_session_key.length); - MD5Final(confounded_session_key.data, &md5_ctx); - - SamOEMhashBlob(pwbuf, 516, &confounded_session_key); - memcpy(&pwbuf[516], confounder, 16); - - memcpy(user_info->info25.password.data, pwbuf, sizeof(pwbuf)); - data_blob_free(&confounded_session_key); - user_info->info25.info = info21; + init_samr_CryptPasswordEx(uX.usriX_password, + &cli->user_session_key, + &user_info->info25.password); + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, &user_handle, 25, @@ -324,10 +307,9 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, user_info->info23.info = info21; - encode_pw_buffer(user_info->info23.password.data, - uX.usriX_password, STR_UNICODE); - SamOEMhashBlob(user_info->info23.password.data, 516, - &cli->user_session_key); + init_samr_CryptPassword(uX.usriX_password, + &cli->user_session_key, + &user_info->info23.password); status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, &user_handle, @@ -335,7 +317,9 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, user_info); } } else { + user_info->info21 = info21; + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, &user_handle, 21, -- cgit From 603688f4ab1296f65240eeacb2fc5a81db897955 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 18 Jul 2008 23:35:33 +0200 Subject: netapi: fix libnetapi_samr_lookup_user_map_USER_INFO. Guenther (This used to be commit 52218506d6ad51c4f340206d035f79272ba15e3b) --- source3/lib/netapi/user.c | 68 +++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 37 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index e36274bfad..4bcab4c372 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -612,10 +612,10 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct sec_desc_buf *sec_desc = NULL; struct dom_sid sid; - struct USER_INFO_0 *info0 = NULL; - struct USER_INFO_10 *info10 = NULL; - struct USER_INFO_20 *info20 = NULL; - struct USER_INFO_23 *info23 = NULL; + struct USER_INFO_0 info0; + struct USER_INFO_10 info10; + struct USER_INFO_20 info20; + struct USER_INFO_23 info23; switch (level) { case 0: @@ -632,13 +632,10 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, } if (level == 0) { - info0 = TALLOC_P(mem_ctx, struct USER_INFO_0); - NT_STATUS_HAVE_NO_MEMORY(info0); + info0.usri0_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info0.usri0_name); - info0->usri0_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info0->usri0_name); - - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, *info0, + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, info0, (struct USER_INFO_0 **)buffer, num_entries); return NT_STATUS_OK; @@ -659,63 +656,60 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, switch (level) { case 10: - info10 = TALLOC_P(mem_ctx, struct USER_INFO_10); - NT_STATUS_HAVE_NO_MEMORY(info10); - - info10->usri10_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info10->usri10_name); + info10.usri10_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); - info10->usri10_comment = talloc_strdup(mem_ctx, + info10.usri10_comment = talloc_strdup(mem_ctx, info21->description.string); - info10->usri10_full_name = talloc_strdup(mem_ctx, + info10.usri10_full_name = talloc_strdup(mem_ctx, info21->full_name.string); - info10->usri10_usr_comment = talloc_strdup(mem_ctx, + info10.usri10_usr_comment = talloc_strdup(mem_ctx, info21->comment.string); - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, *info10, + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10, (struct USER_INFO_10 **)buffer, num_entries); break; case 20: - info20 = TALLOC_P(mem_ctx, struct USER_INFO_20); - NT_STATUS_HAVE_NO_MEMORY(info20); + info20.usri20_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); - info20->usri20_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info20->usri20_name); - - info20->usri20_comment = talloc_strdup(mem_ctx, + info20.usri20_comment = talloc_strdup(mem_ctx, info21->description.string); - info20->usri20_flags = info21->acct_flags; - info20->usri20_user_id = rid; + info20.usri20_full_name = talloc_strdup(mem_ctx, + info21->full_name.string); + + info20.usri20_flags = info21->acct_flags; + info20.usri20_user_id = rid; - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, *info20, + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, (struct USER_INFO_20 **)buffer, num_entries); break; case 23: - info23 = TALLOC_P(mem_ctx, struct USER_INFO_23); - NT_STATUS_HAVE_NO_MEMORY(info23); - - info23->usri23_name = talloc_strdup(mem_ctx, user_name); - NT_STATUS_HAVE_NO_MEMORY(info23->usri23_name); + info23.usri23_name = talloc_strdup(mem_ctx, user_name); + NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); - info23->usri23_comment = talloc_strdup(mem_ctx, + info23.usri23_comment = talloc_strdup(mem_ctx, info21->description.string); - info23->usri23_flags = info21->acct_flags; + info23.usri23_full_name = talloc_strdup(mem_ctx, + info21->full_name.string); + + info23.usri23_flags = info21->acct_flags; if (!sid_compose(&sid, domain_sid, rid)) { return NT_STATUS_NO_MEMORY; } - info23->usri23_user_sid = + info23.usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); - ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, *info23, + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23, (struct USER_INFO_23 **)buffer, num_entries); break; } -- cgit From 974250cd03410cfcd72b8539565061dde33e79c9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 31 Jul 2008 16:43:27 +0200 Subject: netapi: add skeleton for NetUserModalsGet and NetUserModalsSet. Guenther (This used to be commit 5648145bec3bd24ecedea24a8834ac6768bfc640) --- source3/lib/netapi/user.c | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 4bcab4c372..f52941235b 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1408,3 +1408,38 @@ WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } +/**************************************************************** +****************************************************************/ + +WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, + struct NetUserModalsGet *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx, + struct NetUserModalsGet *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, + struct NetUserModalsSet *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, + struct NetUserModalsSet *r) +{ + return WERR_NOT_SUPPORTED; +} -- cgit From 005fb1fb11897d9338d7aae472278d5a6eb8cd8e Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 31 Jul 2008 19:26:29 +0200 Subject: netapi: implement NetUserModalsGet_r. Guenther (This used to be commit 7f7e6ca9091101aa7a3dc275c1d0258d97743f4b) --- source3/lib/netapi/user.c | 374 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 372 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index f52941235b..6a6cb6c42b 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1411,10 +1411,380 @@ WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct samr_DomInfo1 *info1, + struct samr_DomInfo3 *info3, + struct samr_DomInfo5 *info5, + struct samr_DomInfo6 *info6, + struct samr_DomInfo7 *info7, + struct samr_DomInfo12 *info12) +{ + NTSTATUS status; + union samr_DomainInfo *dom_info = NULL; + + if (info1) { + status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 1, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info1 = dom_info->info1; + } + + if (info3) { + status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 3, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info3 = dom_info->info3; + } + + if (info5) { + status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 5, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info5 = dom_info->info5; + } + + if (info6) { + status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 6, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info6 = dom_info->info6; + } + + if (info7) { + status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 7, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info7 = dom_info->info7; + } + + if (info12) { + status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx, + domain_handle, + 12, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + + *info12 = dom_info->info12; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS query_USER_MODALS_INFO_0(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_0 *info0) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info1; + struct samr_DomInfo3 dom_info3; + + ZERO_STRUCTP(info0); + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info1, + &dom_info3, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + info0->usrmod0_min_passwd_len = + dom_info1.min_password_length; + info0->usrmod0_max_passwd_age = + nt_time_to_unix_abs((NTTIME *)&dom_info1.max_password_age); + info0->usrmod0_min_passwd_age = + nt_time_to_unix_abs((NTTIME *)&dom_info1.min_password_age); + info0->usrmod0_password_hist_len = + dom_info1.password_history_length; + + info0->usrmod0_force_logoff = + nt_time_to_unix_abs(&dom_info3.force_logoff_time); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS query_USER_MODALS_INFO_1(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1 *info1) +{ + NTSTATUS status; + struct samr_DomInfo6 dom_info6; + struct samr_DomInfo7 dom_info7; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + NULL, + NULL, + &dom_info6, + &dom_info7, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + info1->usrmod1_primary = + talloc_strdup(mem_ctx, dom_info6.primary.string); + + info1->usrmod1_role = dom_info7.role; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct dom_sid *domain_sid, + struct USER_MODALS_INFO_2 *info2) +{ + NTSTATUS status; + struct samr_DomInfo5 dom_info5; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + NULL, + &dom_info5, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + info2->usrmod2_domain_name = + talloc_strdup(mem_ctx, dom_info5.domain_name.string); + info2->usrmod2_domain_id = + (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid); + + NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name); + NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS query_USER_MODALS_INFO_3(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_3 *info3) +{ + NTSTATUS status; + struct samr_DomInfo12 dom_info12; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + NULL, + NULL, + NULL, + NULL, + &dom_info12); + NT_STATUS_NOT_OK_RETURN(status); + + info3->usrmod3_lockout_duration = + nt_time_to_unix_abs(&dom_info12.lockout_duration); + info3->usrmod3_lockout_observation_window = + nt_time_to_unix_abs(&dom_info12.lockout_window); + info3->usrmod3_lockout_threshold = + dom_info12.lockout_threshold; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS query_USER_MODALS_INFO_to_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + uint32_t level, + struct policy_handle *domain_handle, + struct dom_sid *domain_sid, + uint8_t **buffer) +{ + NTSTATUS status; + + struct USER_MODALS_INFO_0 info0; + struct USER_MODALS_INFO_1 info1; + struct USER_MODALS_INFO_2 info2; + struct USER_MODALS_INFO_3 info3; + + if (!buffer) { + return ERROR_INSUFFICIENT_BUFFER; + } + + switch (level) { + case 0: + status = query_USER_MODALS_INFO_0(mem_ctx, + pipe_cli, + domain_handle, + &info0); + NT_STATUS_NOT_OK_RETURN(status); + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0, + sizeof(info0)); + break; + + case 1: + status = query_USER_MODALS_INFO_1(mem_ctx, + pipe_cli, + domain_handle, + &info1); + NT_STATUS_NOT_OK_RETURN(status); + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1, + sizeof(info1)); + break; + case 2: + status = query_USER_MODALS_INFO_2(mem_ctx, + pipe_cli, + domain_handle, + domain_sid, + &info2); + NT_STATUS_NOT_OK_RETURN(status); + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2, + sizeof(info2)); + break; + case 3: + status = query_USER_MODALS_INFO_3(mem_ctx, + pipe_cli, + domain_handle, + &info3); + NT_STATUS_NOT_OK_RETURN(status); + + *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3, + sizeof(info3)); + break; + default: + break; + } + + NT_STATUS_HAVE_NO_MEMORY(*buffer); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, struct NetUserModalsGet *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + + struct policy_handle connect_handle, domain_handle; + struct dom_sid2 *domain_sid = NULL; + uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2; + break; + case 1: + case 2: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2; + break; + case 3: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1; + break; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + access_mask, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + /* 0: 1 + 3 */ + /* 1: 6 + 7 */ + /* 2: 5 */ + /* 3: 12 (DomainInfo2) */ + + status = query_USER_MODALS_INFO_to_buffer(ctx, + pipe_cli, + r->in.level, + &domain_handle, + domain_sid, + r->out.buffer); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -1423,7 +1793,7 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx, struct NetUserModalsGet *r) { - return WERR_NOT_SUPPORTED; + return NetUserModalsGet_r(ctx, r); } /**************************************************************** -- cgit From cd1a1e3490ab7ba441f3f5caaad86dce88c2f57d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 31 Jul 2008 21:08:31 +0200 Subject: netapi: implement NetUserModalsSet_r. Guenther (This used to be commit bb345187b7c62e9ad214037120545addd87a666d) --- source3/lib/netapi/user.c | 468 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 466 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 6a6cb6c42b..ff807997ae 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1799,10 +1799,474 @@ WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct samr_DomInfo1 *info1, + struct samr_DomInfo3 *info3, + struct samr_DomInfo12 *info12) +{ + NTSTATUS status; + union samr_DomainInfo dom_info; + + if (info1) { + + ZERO_STRUCT(dom_info); + + dom_info.info1 = *info1; + + status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 1, + &dom_info); + NT_STATUS_NOT_OK_RETURN(status); + } + + if (info3) { + + ZERO_STRUCT(dom_info); + + dom_info.info3 = *info3; + + status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 3, + &dom_info); + + NT_STATUS_NOT_OK_RETURN(status); + } + + if (info12) { + + ZERO_STRUCT(dom_info); + + dom_info.info12 = *info12; + + status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx, + domain_handle, + 12, + &dom_info); + + NT_STATUS_NOT_OK_RETURN(status); + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_0_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_0 *info0) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info_1; + struct samr_DomInfo3 dom_info_3; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + &dom_info_3, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + dom_info_1.min_password_length = + info0->usrmod0_min_passwd_len; + dom_info_1.password_history_length = + info0->usrmod0_password_hist_len; + + unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age, + info0->usrmod0_max_passwd_age); + unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age, + info0->usrmod0_min_passwd_age); + + unix_to_nt_time_abs(&dom_info_3.force_logoff_time, + info0->usrmod0_force_logoff); + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + &dom_info_3, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_3_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_3 *info3) +{ + NTSTATUS status; + struct samr_DomInfo12 dom_info_12; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + NULL, + NULL, + NULL, + NULL, + &dom_info_12); + NT_STATUS_NOT_OK_RETURN(status); + + unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_duration, + info3->usrmod3_lockout_duration); + unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_window, + info3->usrmod3_lockout_observation_window); + dom_info_12.lockout_threshold = info3->usrmod3_lockout_threshold; + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + NULL, + &dom_info_12); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1001 *info1001) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info_1; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + dom_info_1.min_password_length = + info1001->usrmod1001_min_passwd_len; + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1002 *info1002) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info_1; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age, + info1002->usrmod1002_max_passwd_age); + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1003 *info1003) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info_1; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age, + info1003->usrmod1003_min_passwd_age); + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1004 *info1004) +{ + NTSTATUS status; + struct samr_DomInfo3 dom_info_3; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + &dom_info_3, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + unix_to_nt_time_abs(&dom_info_3.force_logoff_time, + info1004->usrmod1004_force_logoff); + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + NULL, + &dom_info_3, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + struct policy_handle *domain_handle, + struct USER_MODALS_INFO_1005 *info1005) +{ + NTSTATUS status; + struct samr_DomInfo1 dom_info_1; + + status = query_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL, + NULL, + NULL, + NULL); + NT_STATUS_NOT_OK_RETURN(status); + + dom_info_1.password_history_length = + info1005->usrmod1005_password_hist_len; + + return set_USER_MODALS_INFO_rpc(mem_ctx, + pipe_cli, + domain_handle, + &dom_info_1, + NULL, + NULL); +} + +/**************************************************************** +****************************************************************/ + +static NTSTATUS set_USER_MODALS_INFO_buffer(TALLOC_CTX *mem_ctx, + struct rpc_pipe_client *pipe_cli, + uint32_t level, + struct policy_handle *domain_handle, + struct dom_sid *domain_sid, + uint8_t *buffer) +{ + struct USER_MODALS_INFO_0 *info0; + struct USER_MODALS_INFO_3 *info3; + struct USER_MODALS_INFO_1001 *info1001; + struct USER_MODALS_INFO_1002 *info1002; + struct USER_MODALS_INFO_1003 *info1003; + struct USER_MODALS_INFO_1004 *info1004; + struct USER_MODALS_INFO_1005 *info1005; + + if (!buffer) { + return ERROR_INSUFFICIENT_BUFFER; + } + + switch (level) { + case 0: + info0 = (struct USER_MODALS_INFO_0 *)buffer; + return set_USER_MODALS_INFO_0_buffer(mem_ctx, + pipe_cli, + domain_handle, + info0); + case 3: + info3 = (struct USER_MODALS_INFO_3 *)buffer; + return set_USER_MODALS_INFO_3_buffer(mem_ctx, + pipe_cli, + domain_handle, + info3); + case 1001: + info1001 = (struct USER_MODALS_INFO_1001 *)buffer; + return set_USER_MODALS_INFO_1001_buffer(mem_ctx, + pipe_cli, + domain_handle, + info1001); + case 1002: + info1002 = (struct USER_MODALS_INFO_1002 *)buffer; + return set_USER_MODALS_INFO_1002_buffer(mem_ctx, + pipe_cli, + domain_handle, + info1002); + case 1003: + info1003 = (struct USER_MODALS_INFO_1003 *)buffer; + return set_USER_MODALS_INFO_1003_buffer(mem_ctx, + pipe_cli, + domain_handle, + info1003); + case 1004: + info1004 = (struct USER_MODALS_INFO_1004 *)buffer; + return set_USER_MODALS_INFO_1004_buffer(mem_ctx, + pipe_cli, + domain_handle, + info1004); + case 1005: + info1005 = (struct USER_MODALS_INFO_1005 *)buffer; + return set_USER_MODALS_INFO_1005_buffer(mem_ctx, + pipe_cli, + domain_handle, + info1005); + + default: + break; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, struct NetUserModalsSet *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + NTSTATUS status; + WERROR werr; + + struct policy_handle connect_handle, domain_handle; + struct dom_sid2 *domain_sid = NULL; + uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_SET_INFO_1 | + SAMR_DOMAIN_ACCESS_SET_INFO_2; + break; + case 3: + case 1001: + case 1002: + case 1003: + case 1005: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 | + SAMR_DOMAIN_ACCESS_SET_INFO_1; + break; + case 1004: + access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 | + SAMR_DOMAIN_ACCESS_SET_INFO_2; + break; + case 1: + case 2: + case 1006: + case 1007: + werr = WERR_NOT_SUPPORTED; + break; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; + } + + werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + access_mask, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + status = set_USER_MODALS_INFO_buffer(ctx, + pipe_cli, + r->in.level, + &domain_handle, + domain_sid, + r->in.buffer); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** @@ -1811,5 +2275,5 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, struct NetUserModalsSet *r) { - return WERR_NOT_SUPPORTED; + return NetUserModalsSet_r(ctx, r); } -- cgit From 87b9c9ade21a68d4428ff4aadd32f02f86e78a40 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 12 Aug 2008 15:25:06 +0200 Subject: netapi: make non-implemented local calls default to remote "localhost" calls. Guenther (cherry picked from commit aa70e588803e3767796dc958b139f4ee464d8626) (This used to be commit 9927ac6eec9fe1fecfedb97b61c4f93379fc8722) --- source3/lib/netapi/user.c | 26 ++++++++------------------ 1 file changed, 8 insertions(+), 18 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index ff807997ae..c02dfb9dc9 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -361,12 +361,7 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, WERROR NetUserAdd_l(struct libnetapi_ctx *ctx, struct NetUserAdd *r) { - /* for now just talk to local RPC server */ - if (!r->in.server_name) { - r->in.server_name = "localhost"; - } - - return NetUserAdd_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserAdd); } /**************************************************************** @@ -488,12 +483,7 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, WERROR NetUserDel_l(struct libnetapi_ctx *ctx, struct NetUserDel *r) { - /* for now just talk to local RPC server */ - if (!r->in.server_name) { - r->in.server_name = "localhost"; - } - - return NetUserDel_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserDel); } /**************************************************************** @@ -859,7 +849,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, WERROR NetUserEnum_l(struct libnetapi_ctx *ctx, struct NetUserEnum *r) { - return WERR_NOT_SUPPORTED; + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserEnum); } /**************************************************************** @@ -1123,7 +1113,7 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx, struct NetQueryDisplayInformation *r) { - return WERR_NOT_SUPPORTED; + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetQueryDisplayInformation); } /**************************************************************** @@ -1265,7 +1255,7 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx, struct NetUserGetInfo *r) { - return WERR_NOT_SUPPORTED; + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetInfo); } /**************************************************************** @@ -1405,7 +1395,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx, struct NetUserSetInfo *r) { - return WERR_NOT_SUPPORTED; + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetInfo); } /**************************************************************** @@ -1793,7 +1783,7 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx, struct NetUserModalsGet *r) { - return NetUserModalsGet_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsGet); } /**************************************************************** @@ -2275,5 +2265,5 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, struct NetUserModalsSet *r) { - return NetUserModalsSet_r(ctx, r); + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet); } -- cgit From fcd10d26a407bef323cb8beda39a21aeb1e5b144 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 12 Aug 2008 17:59:23 +0200 Subject: netapi: make libnetapi_open_ipc_connection static. Guenther (cherry picked from commit 0259914f8ff04514a8395d8e1af61aadd50c5efb) (This used to be commit 7edc671cc1007ae216e7efdbcdb9cfa1e547dca5) --- source3/lib/netapi/user.c | 73 ++++++++++++++++------------------------------- 1 file changed, 25 insertions(+), 48 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index c02dfb9dc9..7b530f4308 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -214,12 +214,9 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -385,13 +382,11 @@ WERROR NetUserDel_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(domain_handle); ZERO_STRUCT(user_handle); - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { goto done; } @@ -751,12 +746,9 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, return WERR_NOT_SUPPORTED; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -1044,12 +1036,9 @@ WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx, return WERR_UNKNOWN_LEVEL; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -1172,12 +1161,9 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -1295,12 +1281,9 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -1726,12 +1709,9 @@ WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; @@ -2213,12 +2193,9 @@ WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx, goto done; } - werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli); - if (!W_ERROR_IS_OK(werr)) { - goto done; - } - - werr = libnetapi_open_pipe(ctx, cli, &ndr_table_samr.syntax_id, + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; -- cgit From 64d06eadb762948b2361f66f41c2995804060190 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:32:08 +0200 Subject: netapi: make set_user_info_USER_INFO_X a separate function. Guenther (This used to be commit 529dd675bde3ac944ca69e4dbe2fc4beeeb9aab8) --- source3/lib/netapi/user.c | 106 ++++++++++++++++++++++++++++------------------ 1 file changed, 64 insertions(+), 42 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7b530f4308..608c1a1d8d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -178,6 +178,66 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, /**************************************************************** ****************************************************************/ +static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx, + struct rpc_pipe_client *pipe_cli, + DATA_BLOB *session_key, + struct policy_handle *user_handle, + struct USER_INFO_X *uX) +{ + union samr_UserInfo user_info; + struct samr_UserInfo21 info21; + NTSTATUS status; + + if (!uX) { + return NT_STATUS_INVALID_PARAMETER; + } + + convert_USER_INFO_X_to_samr_user_info21(uX, &info21); + + ZERO_STRUCT(user_info); + + if (uX->usriX_password) { + + user_info.info25.info = info21; + + init_samr_CryptPasswordEx(uX->usriX_password, + session_key, + &user_info.info25.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 25, + &user_info); + + if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { + + user_info.info23.info = info21; + + init_samr_CryptPassword(uX->usriX_password, + session_key, + &user_info.info23.password); + + status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, + user_handle, + 23, + &user_info); + } + } else { + + user_info.info21 = info21; + + status = rpccli_samr_SetUserInfo(pipe_cli, ctx, + user_handle, + 21, + &user_info); + } + + return status; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, struct NetUserAdd *r) { @@ -188,7 +248,6 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, POLICY_HND connect_handle, domain_handle, user_handle; struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; - struct samr_UserInfo21 info21; union samr_UserInfo *user_info = NULL; struct samr_PwInfo pw_info; uint32_t access_granted = 0; @@ -282,47 +341,10 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, - &info21); - - ZERO_STRUCTP(user_info); - - if (uX.usriX_password) { - - user_info->info25.info = info21; - - init_samr_CryptPasswordEx(uX.usriX_password, - &cli->user_session_key, - &user_info->info25.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 25, - user_info); - - if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) { - - user_info->info23.info = info21; - - init_samr_CryptPassword(uX.usriX_password, - &cli->user_session_key, - &user_info->info23.password); - - status = rpccli_samr_SetUserInfo2(pipe_cli, ctx, - &user_handle, - 23, - user_info); - } - } else { - - user_info->info21 = info21; - - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - user_info); - - } + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto failed; -- cgit From 870944ca970f2b9484f0a36575b76f3eaeed66ee Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:33:16 +0200 Subject: netapi: process level 1003 in construct_USER_INFO_X as well. Guenther (This used to be commit cf381b9f08cae32b62d7bd6f7dfe5210e732eeb2) --- source3/lib/netapi/user.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 608c1a1d8d..97eb9d8002 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -111,6 +111,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_0 *u0 = NULL; struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; + struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; if (!buffer || !uX) { @@ -162,6 +163,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, uX->usriX_country_code = u2->usri2_country_code; uX->usriX_code_page = u2->usri2_code_page; break; + case 1003: + u1003 = (struct USER_INFO_1003 *)buffer; + uX->usriX_password = u1003->usri1003_password; + break; case 1007: u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; -- cgit From a5fc8ee45736b39def94a2192a9b7899e60af205 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:33:49 +0200 Subject: netapi: support level 1003 in NetUserSetInfo. Guenther (This used to be commit 863827eb2d5210350011055dda4319070bd1c520) --- source3/lib/netapi/user.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 97eb9d8002..045491c541 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1286,7 +1286,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, struct lsa_String lsa_account_name; struct dom_sid2 *domain_sid = NULL; struct samr_Ids user_rids, name_types; - union samr_UserInfo user_info; + uint32_t user_mask = 0; struct USER_INFO_X uX; @@ -1301,7 +1301,11 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1003: + user_mask = SAMR_USER_ACCESS_SET_PASSWORD; + break; case 1007: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; default: werr = WERR_NOT_SUPPORTED; @@ -1354,7 +1358,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, status = rpccli_samr_OpenUser(pipe_cli, ctx, &domain_handle, - SAMR_USER_ACCESS_SET_ATTRIBUTES, + user_mask, user_rids.ids[0], &user_handle); if (!NT_STATUS_IS_OK(status)) { @@ -1368,12 +1372,10 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, goto done; } - convert_USER_INFO_X_to_samr_user_info21(&uX, &user_info.info21); - - status = rpccli_samr_SetUserInfo(pipe_cli, ctx, - &user_handle, - 21, - &user_info); + status = set_user_info_USER_INFO_X(ctx, pipe_cli, + &cli->user_session_key, + &user_handle, + &uX); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; -- cgit From 41fa94363fe1e22b4b7fc3360e9b130607b1dc12 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 00:57:07 +0200 Subject: netapi: fix convert_USER_INFO_X_to_samr_user_info21. Guenther (This used to be commit 3f726952eb9a1fed0f4a990c82a2c47a5c0775be) --- source3/lib/netapi/user.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 045491c541..d70a790b81 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -41,7 +41,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, ZERO_STRUCT(zero_parameters); if (infoX->usriX_name) { - fields_present |= SAMR_FIELD_FULL_NAME; + fields_present |= SAMR_FIELD_ACCOUNT_NAME; } if (infoX->usriX_password) { fields_present |= SAMR_FIELD_PASSWORD; @@ -77,8 +77,8 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, 0, 0, password_age, - NULL, infoX->usriX_name, + NULL, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, -- cgit From fac81ffb42245d274e5f44cacf9e1d5b245f7516 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:04:21 +0200 Subject: netapi: support level 1011 in NetUserSetInfo. Guenther (This used to be commit b3680c0482ae05b32e9cf9fbddea57f0dd6e2bd3) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index d70a790b81..6737012ed0 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -64,6 +64,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_password_age) { fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE; } + if (infoX->usriX_full_name) { + fields_present |= SAMR_FIELD_FULL_NAME; + } acct_flags |= infoX->usriX_flags | ACB_NORMAL; @@ -78,7 +81,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, 0, password_age, infoX->usriX_name, - NULL, + infoX->usriX_full_name, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, @@ -113,6 +116,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; + struct USER_INFO_1011 *u1011 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -171,6 +175,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; break; + case 1011: + u1011 = (struct USER_INFO_1011 *)buffer; + uX->usriX_full_name = u1011->usri1011_full_name; + break; case 3: case 4: default: @@ -1305,6 +1313,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; case 1007: + case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; default: -- cgit From bd450a7c3a0cd20a940ce631fdb2a7724c0cdd68 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:15:21 +0200 Subject: netapi: support level 1009 in NetUserSetInfo. Guenther (This used to be commit 3a6c784284c8eb7e2b05afa6db16b27ee26ff352) --- source3/lib/netapi/user.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 6737012ed0..70bb353317 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -116,6 +116,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; struct USER_INFO_1007 *u1007 = NULL; + struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; if (!buffer || !uX) { @@ -175,6 +176,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; break; + case 1009: + u1009 = (struct USER_INFO_1009 *)buffer; + uX->usriX_script_path = u1009->usri1009_script_path; + break; case 1011: u1011 = (struct USER_INFO_1011 *)buffer; uX->usriX_full_name = u1011->usri1011_full_name; @@ -1313,6 +1318,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; case 1007: + case 1009: case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; -- cgit From f1ce72a80bb48210c2fbdc62a93578a6b5c4b5b6 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:36:06 +0200 Subject: netapi: fix acct_flags handling in convert_USER_INFO_X_to_samr_user_info21. Guenther (This used to be commit d3625b321f666bd506603b7c58ee89cd6b902d86) --- source3/lib/netapi/user.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 70bb353317..8fa0710dc1 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -30,16 +30,18 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, struct samr_UserInfo21 *info21) { - uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS; + uint32_t fields_present = 0; struct samr_LogonHours zero_logon_hours; struct lsa_BinaryString zero_parameters; - uint32_t acct_flags = 0; NTTIME password_age; ZERO_STRUCTP(info21); ZERO_STRUCT(zero_logon_hours); ZERO_STRUCT(zero_parameters); + if (infoX->usriX_flags) { + fields_present |= SAMR_FIELD_ACCT_FLAGS; + } if (infoX->usriX_name) { fields_present |= SAMR_FIELD_ACCOUNT_NAME; } @@ -68,8 +70,6 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, fields_present |= SAMR_FIELD_FULL_NAME; } - acct_flags |= infoX->usriX_flags | ACB_NORMAL; - unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); /* TODO: infoX->usriX_priv */ @@ -92,7 +92,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, &zero_parameters, 0, 0, - acct_flags, + infoX->usriX_flags, fields_present, zero_logon_hours, 0, @@ -359,6 +359,8 @@ WERROR NetUserAdd_r(struct libnetapi_ctx *ctx, goto done; } + uX.usriX_flags |= ACB_NORMAL; + status = set_user_info_USER_INFO_X(ctx, pipe_cli, &cli->user_session_key, &user_handle, -- cgit From 3029122f5e20671de5c440962c2a3aee3f661674 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:36:49 +0200 Subject: netapi: support level 1012 in NetUserSetInfo. Guenther (This used to be commit db650e9b6ead70152b2640415477bb26d0b16097) --- source3/lib/netapi/user.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8fa0710dc1..b7581957c4 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -69,6 +69,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_full_name) { fields_present |= SAMR_FIELD_FULL_NAME; } + if (infoX->usriX_usr_comment) { + fields_present |= SAMR_FIELD_COMMENT; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -88,7 +91,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, NULL, infoX->usriX_comment, NULL, - NULL, + infoX->usriX_usr_comment, &zero_parameters, 0, 0, @@ -118,6 +121,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1007 *u1007 = NULL; struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; + struct USER_INFO_1012 *u1012 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -184,6 +188,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1011 = (struct USER_INFO_1011 *)buffer; uX->usriX_full_name = u1011->usri1011_full_name; break; + case 1012: + u1012 = (struct USER_INFO_1012 *)buffer; + uX->usriX_usr_comment = u1012->usri1012_usr_comment; + break; case 3: case 4: default: @@ -1324,6 +1332,9 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1011: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; + case 1012: + user_mask = SAMR_USER_ACCESS_SET_LOC_COM; + break; default: werr = WERR_NOT_SUPPORTED; goto done; -- cgit From daf162ce0cb6ee1d6bb859918ad2a90bf2a51f13 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:40:46 +0200 Subject: netapi: support level 1006 in NetUserSetInfo. Guenther (This used to be commit 9c5ea4e8e8deb0a2be5f894fb5de96f0dea48120) --- source3/lib/netapi/user.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b7581957c4..35e4d7a9a9 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -118,6 +118,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1 *u1 = NULL; struct USER_INFO_2 *u2 = NULL; struct USER_INFO_1003 *u1003 = NULL; + struct USER_INFO_1006 *u1006 = NULL; struct USER_INFO_1007 *u1007 = NULL; struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; @@ -176,6 +177,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1003 = (struct USER_INFO_1003 *)buffer; uX->usriX_password = u1003->usri1003_password; break; + case 1006: + u1006 = (struct USER_INFO_1006 *)buffer; + uX->usriX_home_dir = u1006->usri1006_home_dir; + break; case 1007: u1007 = (struct USER_INFO_1007 *)buffer; uX->usriX_comment = u1007->usri1007_comment; @@ -1327,6 +1332,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1003: user_mask = SAMR_USER_ACCESS_SET_PASSWORD; break; + case 1006: case 1007: case 1009: case 1011: -- cgit From 49db2e0ae18b9aac34faa00ef9f2a84461d13678 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:47:33 +0200 Subject: netapi: support level 1052 in NetUserSetInfo. Guenther (This used to be commit ff8dede3b369d39ec5638eec8a73bd6397e3d94b) --- source3/lib/netapi/user.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 35e4d7a9a9..c68fe37344 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -72,6 +72,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_usr_comment) { fields_present |= SAMR_FIELD_COMMENT; } + if (infoX->usriX_profile) { + fields_present |= SAMR_FIELD_PROFILE_PATH; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -88,7 +91,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_home_dir, NULL, infoX->usriX_script_path, - NULL, + infoX->usriX_profile, infoX->usriX_comment, NULL, infoX->usriX_usr_comment, @@ -123,6 +126,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1052 *u1052 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -197,6 +201,11 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1052: + u1052 = (struct USER_INFO_1052 *)buffer; + uX->usriX_profile = u1052->usri1052_profile; + break; + case 3: case 4: default: @@ -1336,6 +1345,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1007: case 1009: case 1011: + case 1052: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: -- cgit From 3077047a17f2d852f3d6908cd1e48783df954448 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 01:53:10 +0200 Subject: netapi: support level 1053 in NetUserSetInfo. Guenther (This used to be commit 039904f601755678fcbdef7d6bdc1c6da0082b83) --- source3/lib/netapi/user.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index c68fe37344..5aff7f0d1e 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -75,6 +75,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_profile) { fields_present |= SAMR_FIELD_PROFILE_PATH; } + if (infoX->usriX_home_dir_drive) { + fields_present |= SAMR_FIELD_HOME_DRIVE; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -89,7 +92,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_name, infoX->usriX_full_name, infoX->usriX_home_dir, - NULL, + infoX->usriX_home_dir_drive, infoX->usriX_script_path, infoX->usriX_profile, infoX->usriX_comment, @@ -127,6 +130,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; struct USER_INFO_1052 *u1052 = NULL; + struct USER_INFO_1053 *u1053 = NULL; if (!buffer || !uX) { return NT_STATUS_INVALID_PARAMETER; @@ -205,7 +209,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1052 = (struct USER_INFO_1052 *)buffer; uX->usriX_profile = u1052->usri1052_profile; break; - + case 1053: + u1053 = (struct USER_INFO_1053 *)buffer; + uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive; + break; case 3: case 4: default: @@ -1346,6 +1353,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1009: case 1011: case 1052: + case 1053: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: -- cgit From 4874a8b3b8ce755eca62eb28a4416703db866606 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:02:30 +0200 Subject: netapi: support level 1051 in NetUserSetInfo. Guenther (This used to be commit 8da3b1cacb4ffa7ce8932dc0e9ceb78395d49b98) --- source3/lib/netapi/user.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 5aff7f0d1e..51c946bf6d 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -78,6 +78,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_home_dir_drive) { fields_present |= SAMR_FIELD_HOME_DRIVE; } + if (infoX->usriX_primary_group_id) { + fields_present |= SAMR_FIELD_PRIMARY_GID; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -100,7 +103,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_usr_comment, &zero_parameters, 0, - 0, + infoX->usriX_primary_group_id, infoX->usriX_flags, fields_present, zero_logon_hours, @@ -129,6 +132,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; struct USER_INFO_1053 *u1053 = NULL; @@ -205,6 +209,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1051: + u1051 = (struct USER_INFO_1051 *)buffer; + uX->usriX_primary_group_id = u1051->usri1051_primary_group_id; + break; case 1052: u1052 = (struct USER_INFO_1052 *)buffer; uX->usriX_profile = u1052->usri1052_profile; @@ -1358,6 +1366,9 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, break; case 1012: user_mask = SAMR_USER_ACCESS_SET_LOC_COM; + case 1051: + user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | + SAMR_USER_ACCESS_GET_GROUPS; break; default: werr = WERR_NOT_SUPPORTED; -- cgit From 502036e730902d26e384dc12faa517d1758f2925 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:11:54 +0200 Subject: netapi: support level 1024 in NetUserSetInfo. Guenther (This used to be commit 84bc7bf1adcde270ad20bba67345c0beed0b1d66) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 51c946bf6d..b67c5525d2 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -81,6 +81,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_primary_group_id) { fields_present |= SAMR_FIELD_PRIMARY_GID; } + if (infoX->usriX_country_code) { + fields_present |= SAMR_FIELD_COUNTRY_CODE; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -109,7 +112,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, zero_logon_hours, 0, 0, - 0, + infoX->usriX_country_code, 0, 0, 0, @@ -132,6 +135,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1024 *u1024 = NULL; struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; struct USER_INFO_1053 *u1053 = NULL; @@ -209,6 +213,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1024: + u1024 = (struct USER_INFO_1024 *)buffer; + uX->usriX_country_code = u1024->usri1024_country_code; + break; case 1051: u1051 = (struct USER_INFO_1051 *)buffer; uX->usriX_primary_group_id = u1051->usri1051_primary_group_id; @@ -1365,6 +1373,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; break; case 1012: + case 1024: user_mask = SAMR_USER_ACCESS_SET_LOC_COM; case 1051: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | -- cgit From da843841be1aa796ca4d7b27e867cd0f49edc7c7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 02:18:30 +0200 Subject: netapi: support level 1014 in NetUserSetInfo. Guenther (This used to be commit 38178965a2f641978b666452f86fdcd258e8709b) --- source3/lib/netapi/user.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index b67c5525d2..dba7542235 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -84,6 +84,9 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, if (infoX->usriX_country_code) { fields_present |= SAMR_FIELD_COUNTRY_CODE; } + if (infoX->usriX_workstations) { + fields_present |= SAMR_FIELD_WORKSTATIONS; + } unix_to_nt_time_abs(&password_age, infoX->usriX_password_age); @@ -102,7 +105,7 @@ static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX, infoX->usriX_script_path, infoX->usriX_profile, infoX->usriX_comment, - NULL, + infoX->usriX_workstations, infoX->usriX_usr_comment, &zero_parameters, 0, @@ -135,6 +138,7 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, struct USER_INFO_1009 *u1009 = NULL; struct USER_INFO_1011 *u1011 = NULL; struct USER_INFO_1012 *u1012 = NULL; + struct USER_INFO_1014 *u1014 = NULL; struct USER_INFO_1024 *u1024 = NULL; struct USER_INFO_1051 *u1051 = NULL; struct USER_INFO_1052 *u1052 = NULL; @@ -213,6 +217,10 @@ static NTSTATUS construct_USER_INFO_X(uint32_t level, u1012 = (struct USER_INFO_1012 *)buffer; uX->usriX_usr_comment = u1012->usri1012_usr_comment; break; + case 1014: + u1014 = (struct USER_INFO_1014 *)buffer; + uX->usriX_workstations = u1014->usri1014_workstations; + break; case 1024: u1024 = (struct USER_INFO_1024 *)buffer; uX->usriX_country_code = u1024->usri1024_country_code; @@ -1368,6 +1376,7 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, case 1007: case 1009: case 1011: + case 1014: case 1052: case 1053: user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES; -- cgit From 3967936a4b38252ee9821608da637bb309479201 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:49:55 +0200 Subject: netapi: add skeleton for NetUserGetGroups. Guenther (This used to be commit a21ec57b2887012777f9580959a37cd23a412029) --- source3/lib/netapi/user.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index dba7542235..78a95fd10b 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2354,3 +2354,21 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet); } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetGroups *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups); +} -- cgit From d304d17f2e21abdeb4adac15870026a6c3f86249 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 11:55:57 +0200 Subject: netapi: fix NetUserSetInfo return code for currently unsupported levels. Guenther (This used to be commit 10bd55d68a91b76e82c3ba1d113729f97830a46a) --- source3/lib/netapi/user.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 78a95fd10b..25871563ce 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1388,9 +1388,22 @@ WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx, user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES | SAMR_USER_ACCESS_GET_GROUPS; break; - default: + case 1: + case 2: + case 3: + case 4: + case 21: + case 22: + case 1005: + case 1008: + case 1010: + case 1017: + case 1020: werr = WERR_NOT_SUPPORTED; goto done; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From 77285ee6024c7379766589f816a0f67c0e4ea4ec Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 13:37:56 +0200 Subject: netapi: implement NetUserGetGroups_r. Guenther (This used to be commit 1ed8fefdae85e9b9f2794e502c8c1c41d9ba0615) --- source3/lib/netapi/user.c | 175 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 174 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 25871563ce..6e13a54528 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2371,10 +2371,183 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + const char *group_name, + uint32_t attributes, + uint8_t **buffer, + uint32_t *num_entries) +{ + struct GROUP_USERS_INFO_0 u0; + struct GROUP_USERS_INFO_1 u1; + + switch (level) { + case 0: + u0.grui0_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u0.grui0_name); + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_0, u0, + (struct GROUP_USERS_INFO_0 **)buffer, num_entries); + break; + case 1: + u1.grui1_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u1.grui1_name); + + u1.grui1_attributes = attributes; + + ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_1, u1, + (struct GROUP_USERS_INFO_1 **)buffer, num_entries); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx, struct NetUserGetGroups *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, user_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + struct samr_RidWithAttributeArray *rid_array = NULL; + struct lsa_Strings names; + struct samr_Ids types; + uint32_t *rids = NULL; + + int i; + uint32_t entries_read = 0; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_GET_GROUPS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + rids = talloc_array(ctx, uint32_t, rid_array->count); + if (!rids) { + werr = WERR_NOMEM; + goto done; + } + + for (i=0; i < rid_array->count; i++) { + rids[i] = rid_array->rids[i].rid; + } + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &domain_handle, + rid_array->count, + rids, + &names, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < rid_array->count; i++) { + status = add_GROUP_USERS_INFO_X_buffer(ctx, + r->in.level, + names.names[i].string, + rid_array->rids[i].attributes, + r->out.buffer, + &entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + if (r->out.entries_read) { + *r->out.entries_read = entries_read; + } + if (r->out.total_entries) { + *r->out.total_entries = entries_read; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From e96a99f3e2b33525cf87eff3d2a13118f21c5186 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:25:07 +0200 Subject: netapi: add samr_acb_flags_to_netapi_flags for NetUserEnum and NetUserGetInfo. Guenther (This used to be commit 2f2c60bf91e1e2b3b24c4bb39ac598cb3c704158) --- source3/lib/netapi/user.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 6e13a54528..3c42f8b931 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -675,6 +675,18 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) +{ + uint32_t fl = UF_SCRIPT; /* god knows why */ + + fl |= ads_acb2uf(acb); + + return fl; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -763,7 +775,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, info20.usri20_full_name = talloc_strdup(mem_ctx, info21->full_name.string); - info20.usri20_flags = info21->acct_flags; + info20.usri20_flags = + samr_acb_flags_to_netapi_flags(info21->acct_flags); info20.usri20_user_id = rid; ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, @@ -780,7 +793,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, info23.usri23_full_name = talloc_strdup(mem_ctx, info21->full_name.string); - info23.usri23_flags = info21->acct_flags; + info23.usri23_flags = + samr_acb_flags_to_netapi_flags(info21->acct_flags); if (!sid_compose(&sid, domain_sid, rid)) { return NT_STATUS_NO_MEMORY; -- cgit From fea81f9056558a73608acbf5170ace0b7d4c1a8f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:26:37 +0200 Subject: netapi: always return correct account name in NetUserGetInfo/NetUserEnum. Guenther (This used to be commit 47768bfb01815f7b6bf687fe04ca7d19385aea59) --- source3/lib/netapi/user.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 3c42f8b931..887ab94002 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -748,7 +748,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, switch (level) { case 10: - info10.usri10_name = talloc_strdup(mem_ctx, user_name); + info10.usri10_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); info10.usri10_comment = talloc_strdup(mem_ctx, @@ -766,7 +767,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 20: - info20.usri20_name = talloc_strdup(mem_ctx, user_name); + info20.usri20_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); info20.usri20_comment = talloc_strdup(mem_ctx, @@ -784,7 +786,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 23: - info23.usri23_name = talloc_strdup(mem_ctx, user_name); + info23.usri23_name = talloc_strdup(mem_ctx, + info21->account_name.string); NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); info23.usri23_comment = talloc_strdup(mem_ctx, -- cgit From 0f928eb2cc0b7fe383cea28eb833d80f69545659 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 27 Aug 2008 19:28:34 +0200 Subject: netapi: give more correct error code in NetUserGetInfo. Guenther (This used to be commit c66651b6fb023e5b0952fd135589eb955f51fa12) --- source3/lib/netapi/user.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 887ab94002..47053f29af 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -1263,14 +1263,20 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: - /* case 1: */ case 10: case 20: case 23: break; - default: + case 1: + case 2: + case 3: + case 4: + case 11: werr = WERR_NOT_SUPPORTED; goto done; + default: + werr = WERR_UNKNOWN_LEVEL; + goto done; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From ff21cceecc66c0aa86557e99fbcbd825e3d9454c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:23:51 +0200 Subject: netapi: better point out what levels are unknown in NetUserEnum. Guenther (This used to be commit d85182aa54b936f8c85c6dcd10d5df613de4bb21) --- source3/lib/netapi/user.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 47053f29af..593434f999 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -854,8 +854,9 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 2: case 3: case 11: - default: return WERR_NOT_SUPPORTED; + default: + return WERR_UNKNOWN_LEVEL; } werr = libnetapi_open_pipe(ctx, r->in.server_name, -- cgit From c750f8c40036f04ff0ae533aeb97d5948b31ed54 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 00:56:25 +0200 Subject: netapi: add samr_rid_to_priv_level(). Guenther (This used to be commit 51afae499974f3ad73a1c9bdfbc41e3130966ebc) --- source3/lib/netapi/user.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 593434f999..7f259195a5 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -675,6 +675,21 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static uint32_t samr_rid_to_priv_level(uint32_t rid) +{ + switch (rid) { + case DOMAIN_RID_ADMINISTRATOR: + return USER_PRIV_ADMIN; + case DOMAIN_RID_GUEST: + return USER_PRIV_GUEST; + default: + return USER_PRIV_USER; + } +} + +/**************************************************************** +****************************************************************/ + static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) { uint32_t fl = UF_SCRIPT; /* god knows why */ -- cgit From 8bab11088b337f6f02e221472e1d0381d531ccf1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 11:57:43 +0200 Subject: netapi: prepare libnetapi_samr_lookup_user to lookup priv levels. Guenther (This used to be commit f61bf5db5ff4a1d051999712dd76788d6a113545) --- source3/lib/netapi/user.c | 64 +++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 54 insertions(+), 10 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 7f259195a5..25fb085f44 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -584,10 +584,12 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, struct policy_handle *domain_handle, struct policy_handle *builtin_handle, const char *user_name, + const struct dom_sid *domain_sid, uint32_t rid, uint32_t level, struct samr_UserInfo21 **info21, - struct sec_desc_buf **sec_desc) + struct sec_desc_buf **sec_desc, + uint32_t *auth_flag_p) { NTSTATUS status; @@ -643,7 +645,14 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } - if (level == 1) { + if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) { + + struct lsa_SidArray sid_array; + struct samr_Ids alias_rids; + int i; + uint32_t auth_flag = 0; + struct dom_sid sid; + status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx, &user_handle, &rid_array); @@ -651,15 +660,48 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, goto done; } -#if 0 - status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, - &builtin_handle, - &sids, - &rids); + sid_array.num_sids = rid_array->count + 1; + sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr, + sid_array.num_sids); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids); + + for (i=0; icount; i++) { + sid_compose(&sid, domain_sid, rid_array->rids[i].rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + } + + sid_compose(&sid, domain_sid, rid); + sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid); + NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid); + + status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx, + builtin_handle, + &sid_array, + &alias_rids); if (!NT_STATUS_IS_OK(status)) { goto done; } -#endif + + for (i=0; iinfo21; @@ -717,7 +759,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct samr_UserInfo21 *info21 = NULL; struct sec_desc_buf *sec_desc = NULL; - struct dom_sid sid; + uint32_t auth_flag = 0; struct USER_INFO_0 info0; struct USER_INFO_10 info10; @@ -752,10 +794,12 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, domain_handle, builtin_handle, user_name, + domain_sid, rid, level, &info21, - &sec_desc); + &sec_desc, + &auth_flag); if (!NT_STATUS_IS_OK(status)) { goto done; -- cgit From 29b96a63f13dba707c430638a8f0ca34b5993321 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:00:07 +0200 Subject: netapi: add builtin handle to NetUserEnum. Guenther (This used to be commit f71b0808bec002f616fc451eddb7e19dd242a138) --- source3/lib/netapi/user.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 25fb085f44..4e31175ebc 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -884,7 +884,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, struct rpc_pipe_client *pipe_cli = NULL; struct policy_handle connect_handle; struct dom_sid2 *domain_sid = NULL; - struct policy_handle domain_handle; + struct policy_handle domain_handle, builtin_handle; struct samr_SamArray *sam = NULL; uint32_t filter = ACB_NORMAL; int i; @@ -895,6 +895,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, ZERO_STRUCT(connect_handle); ZERO_STRUCT(domain_handle); + ZERO_STRUCT(builtin_handle); if (!r->out.buffer) { return WERR_INVALID_PARAM; @@ -926,6 +927,17 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, goto done; } + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + werr = libnetapi_samr_open_domain(ctx, pipe_cli, SAMR_ACCESS_ENUM_DOMAINS | SAMR_ACCESS_OPEN_DOMAIN, @@ -977,7 +989,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli, domain_sid, &domain_handle, - NULL, /*&builtin_handle, */ + &builtin_handle, sam->entries[i].name.string, sam->entries[i].idx, r->in.level, @@ -1000,6 +1012,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, if (ctx->disable_policy_handle_cache) { libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_builtin_handle(ctx, &builtin_handle); libnetapi_samr_close_connect_handle(ctx, &connect_handle); } } -- cgit From ab627f40c092fa8b1254b590203f919c05ab13d7 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:05:43 +0200 Subject: netapi: add info21_to_USER_INFO_10. Guenther (This used to be commit 3e0c5d4154a730fd9e4430d3e64f9c7bb654dc54) --- source3/lib/netapi/user.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 4e31175ebc..8ce97bedcc 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -744,6 +744,24 @@ static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_10 *i) +{ + ZERO_STRUCTP(i); + + i->usri10_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri10_name); + i->usri10_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri10_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri10_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -807,18 +825,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, switch (level) { case 10: - info10.usri10_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name); - - info10.usri10_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info10.usri10_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info10.usri10_usr_comment = talloc_strdup(mem_ctx, - info21->comment.string); + status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10, (struct USER_INFO_10 **)buffer, num_entries); -- cgit From f14748ee45ad54751e732a9c384951dd755d7a2b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:07:25 +0200 Subject: netapi: add info21_to_USER_INFO_20. Guenther (This used to be commit 93a5844814714cf07341bc2962dfac5c3e51d788) --- source3/lib/netapi/user.c | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 8ce97bedcc..406d8fe6b5 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -762,6 +762,25 @@ static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_20 *i) +{ + ZERO_STRUCTP(i); + + i->usri20_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri20_name); + i->usri20_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri20_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri20_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri20_user_id = i21->rid; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -834,19 +853,8 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 20: - info20.usri20_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name); - - info20.usri20_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info20.usri20_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info20.usri20_flags = - samr_acb_flags_to_netapi_flags(info21->acct_flags); - info20.usri20_user_id = rid; + status = info21_to_USER_INFO_20(mem_ctx, info21, &info20); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20, (struct USER_INFO_20 **)buffer, num_entries); -- cgit From 2bf066b549d7b45c62b5a93776b6f5a3cd31aefe Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:08:31 +0200 Subject: netapi: add info21_to_USER_INFO_23. Guenther (This used to be commit 62871cb3829f5b9cd15211030fa409dbaf3b906f) --- source3/lib/netapi/user.c | 48 ++++++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 19 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 406d8fe6b5..03fea433ea 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -781,6 +781,31 @@ static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct dom_sid *domain_sid, + struct USER_INFO_23 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri23_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri23_name); + i->usri23_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri23_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri23_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct rpc_pipe_client *pipe_cli, struct dom_sid *domain_sid, @@ -861,29 +886,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, break; case 23: - info23.usri23_name = talloc_strdup(mem_ctx, - info21->account_name.string); - NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name); - - info23.usri23_comment = talloc_strdup(mem_ctx, - info21->description.string); - - info23.usri23_full_name = talloc_strdup(mem_ctx, - info21->full_name.string); - - info23.usri23_flags = - samr_acb_flags_to_netapi_flags(info21->acct_flags); - - if (!sid_compose(&sid, domain_sid, rid)) { - return NT_STATUS_NO_MEMORY; - } - - info23.usri23_user_sid = - (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + status = info21_to_USER_INFO_23(mem_ctx, info21, domain_sid, &info23); + NT_STATUS_NOT_OK_RETURN(status); ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23, (struct USER_INFO_23 **)buffer, num_entries); break; + default: + return NT_STATUS_INVALID_LEVEL; } done: -- cgit From d405b5061e7a4d7815b03c505434614f7dfec172 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:15:23 +0200 Subject: netapi: add info21_to_USER_INFO_1 and support level 1 NetUserEnum/GetInfo. Guenther (This used to be commit 391aaf16272aad09f8e2f1b1afb78a2535c0faaf) --- source3/lib/netapi/user.c | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 03fea433ea..77c74130b7 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -604,7 +604,11 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, switch (level) { case 0: + break; case 1: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS; + break; case 2: case 3: case 10: @@ -744,6 +748,27 @@ static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb) /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + struct USER_INFO_1 *i) +{ + ZERO_STRUCTP(i); + i->usri1_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri1_name); + i->usri1_password = NULL; + i->usri1_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri1_priv = samr_rid_to_priv_level(i21->rid); + i->usri1_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri1_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri1_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri1_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -824,6 +849,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, uint32_t auth_flag = 0; struct USER_INFO_0 info0; + struct USER_INFO_1 info1; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -868,6 +894,17 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, } switch (level) { + case 0: + /* already returned above */ + break; + case 1: + status = info21_to_USER_INFO_1(mem_ctx, info21, &info1); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1, + (struct USER_INFO_1 **)buffer, num_entries); + + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); NT_STATUS_NOT_OK_RETURN(status); @@ -932,11 +969,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1: case 10: case 20: case 23: break; - case 1: case 2: case 3: case 11: @@ -1362,11 +1399,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: + case 1: case 10: case 20: case 23: break; - case 1: case 2: case 3: case 4: -- cgit From 0018d14eedba213626200ef41cb29380bdbc7ef0 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:18:01 +0200 Subject: netapi: add info21_to_USER_INFO_2 and support level 2 in NetUserEnum/GetInfo. Guenther (This used to be commit 1f1587423b7e01be552ae7cfc89f1334b32b124a) --- source3/lib/netapi/user.c | 52 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 50 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 77c74130b7..d7ebba1215 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -769,6 +769,45 @@ static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_2 *i) +{ + ZERO_STRUCTP(i); + + i->usri2_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri2_name); + i->usri2_password = NULL; + i->usri2_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri2_priv = samr_rid_to_priv_level(i21->rid); + i->usri2_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri2_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri2_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri2_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri2_auth_flags = auth_flag; + i->usri2_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri2_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri2_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri2_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri2_last_logon = nt_time_to_unix(i21->last_logon); + i->usri2_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri2_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri2_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri2_units_per_week = i21->logon_hours.units_per_week; + i->usri2_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri2_bad_pw_count = i21->bad_password_count; + i->usri2_num_logons = i21->logon_count; + i->usri2_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri2_country_code = i21->country_code; + i->usri2_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -850,6 +889,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_0 info0; struct USER_INFO_1 info1; + struct USER_INFO_2 info2; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -904,6 +944,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1, (struct USER_INFO_1 **)buffer, num_entries); + break; + case 2: + status = info21_to_USER_INFO_2(mem_ctx, info21, auth_flag, &info2); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2, + (struct USER_INFO_2 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -970,11 +1018,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: case 1: + case 2: case 10: case 20: case 23: break; - case 2: case 3: case 11: return WERR_NOT_SUPPORTED; @@ -1400,11 +1448,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, switch (r->in.level) { case 0: case 1: + case 2: case 10: case 20: case 23: break; - case 2: case 3: case 4: case 11: -- cgit From 4c659b9340efd466c1398fb0637fc51766b09100 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:20:04 +0200 Subject: netapi: add info21_to_USER_INFO_3 and support level 3 in NetUserEnum/GetInfo. Guenther (This used to be commit 6b56b70a47823ab482f0c2a5fb55a759857b99f0) --- source3/lib/netapi/user.c | 56 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index d7ebba1215..acbd36c599 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -808,6 +808,49 @@ static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_3 *i) +{ + ZERO_STRUCTP(i); + + i->usri3_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri3_name); + i->usri3_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri3_priv = samr_rid_to_priv_level(i21->rid); + i->usri3_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri3_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri3_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri3_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri3_auth_flags = auth_flag; + i->usri3_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri3_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri3_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri3_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri3_last_logon = nt_time_to_unix(i21->last_logon); + i->usri3_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri3_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri3_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri3_units_per_week = i21->logon_hours.units_per_week; + i->usri3_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri3_bad_pw_count = i21->bad_password_count; + i->usri3_num_logons = i21->logon_count; + i->usri3_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri3_country_code = i21->country_code; + i->usri3_code_page = i21->code_page; + i->usri3_user_id = i21->rid; + i->usri3_primary_group_id = i21->primary_gid; + i->usri3_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri3_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri3_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -890,6 +933,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_0 info0; struct USER_INFO_1 info1; struct USER_INFO_2 info2; + struct USER_INFO_3 info3; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -952,6 +996,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2, (struct USER_INFO_2 **)buffer, num_entries); + break; + case 3: + status = info21_to_USER_INFO_3(mem_ctx, info21, auth_flag, &info3); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3, + (struct USER_INFO_3 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -1019,11 +1071,11 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 0: case 1: case 2: + case 3: case 10: case 20: case 23: break; - case 3: case 11: return WERR_NOT_SUPPORTED; default: @@ -1449,11 +1501,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 0: case 1: case 2: + case 3: case 10: case 20: case 23: break; - case 3: case 4: case 11: werr = WERR_NOT_SUPPORTED; -- cgit From 038404a2b5268586f11927d9be7b3b411a008165 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:21:13 +0200 Subject: netapi: add info21_to_USER_INFO_4 and support level 4 in NetUserEnum/GetInfo. Guenther (This used to be commit b3ccc9a447c380e2898606b8f392f8bec9f40dc9) --- source3/lib/netapi/user.c | 70 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index acbd36c599..1584a28be0 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -611,8 +611,13 @@ static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx, break; case 2: case 3: - case 10: + case 4: case 11: + access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO | + SAMR_USER_ACCESS_GET_GROUPS | + SAMR_USER_ACCESS_GET_LOCALE; + break; + case 10: case 20: case 23: break; @@ -851,6 +856,56 @@ static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct dom_sid *domain_sid, + struct USER_INFO_4 *i) +{ + struct dom_sid sid; + + ZERO_STRUCTP(i); + + i->usri4_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri4_name); + i->usri4_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri4_password = NULL; + i->usri4_priv = samr_rid_to_priv_level(i21->rid); + i->usri4_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri4_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri4_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags); + i->usri4_script_path = talloc_strdup(mem_ctx, i21->logon_script.string); + i->usri4_auth_flags = auth_flag; + i->usri4_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri4_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri4_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri4_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri4_last_logon = nt_time_to_unix(i21->last_logon); + i->usri4_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri4_acct_expires = nt_time_to_unix(i21->acct_expiry); + i->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri4_units_per_week = i21->logon_hours.units_per_week; + i->usri4_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri4_bad_pw_count = i21->bad_password_count; + i->usri4_num_logons = i21->logon_count; + i->usri4_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri4_country_code = i21->country_code; + i->usri4_code_page = i21->code_page; + if (!sid_compose(&sid, domain_sid, i21->rid)) { + return NT_STATUS_NO_MEMORY; + } + i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid); + i->usri4_primary_group_id = i21->primary_gid; + i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string); + i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string); + i->usri4_password_expired = i21->password_expired; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_10 *i) @@ -934,6 +989,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_1 info1; struct USER_INFO_2 info2; struct USER_INFO_3 info3; + struct USER_INFO_4 info4; struct USER_INFO_10 info10; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -943,6 +999,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, case 1: case 2: case 3: + case 4: case 10: case 11: case 20: @@ -1004,6 +1061,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3, (struct USER_INFO_3 **)buffer, num_entries); + break; + case 4: + status = info21_to_USER_INFO_4(mem_ctx, info21, auth_flag, domain_sid, &info4); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_4, info4, + (struct USER_INFO_4 **)buffer, num_entries); + break; case 10: status = info21_to_USER_INFO_10(mem_ctx, info21, &info10); @@ -1072,6 +1137,7 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 1: case 2: case 3: + case 4: case 10: case 20: case 23: @@ -1502,11 +1568,11 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 1: case 2: case 3: + case 4: case 10: case 20: case 23: break; - case 4: case 11: werr = WERR_NOT_SUPPORTED; goto done; -- cgit From 5dd07500635f399b117389238d226a521a224ef9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Thu, 28 Aug 2008 12:22:19 +0200 Subject: netapi: add info21_to_USER_INFO_11 and support level 11 in NetUserEnum/GetInfo. Guenther (This used to be commit c022ec38521e7ff655fc12807fcfd0e4f056e18b) --- source3/lib/netapi/user.c | 50 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 45 insertions(+), 5 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 1584a28be0..ae8d2ecd89 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -924,6 +924,41 @@ static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS info21_to_USER_INFO_11(TALLOC_CTX *mem_ctx, + const struct samr_UserInfo21 *i21, + uint32_t auth_flag, + struct USER_INFO_11 *i) +{ + ZERO_STRUCTP(i); + + i->usri11_name = talloc_strdup(mem_ctx, i21->account_name.string); + NT_STATUS_HAVE_NO_MEMORY(i->usri11_name); + i->usri11_comment = talloc_strdup(mem_ctx, i21->description.string); + i->usri11_usr_comment = talloc_strdup(mem_ctx, i21->comment.string); + i->usri11_full_name = talloc_strdup(mem_ctx, i21->full_name.string); + i->usri11_priv = samr_rid_to_priv_level(i21->rid); + i->usri11_auth_flags = auth_flag; + i->usri11_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change); + i->usri11_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string); + i->usri11_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2); + i->usri11_last_logon = nt_time_to_unix(i21->last_logon); + i->usri11_last_logoff = nt_time_to_unix(i21->last_logoff); + i->usri11_bad_pw_count = i21->bad_password_count; + i->usri11_num_logons = i21->logon_count; + i->usri11_logon_server = talloc_strdup(mem_ctx, "\\\\*"); + i->usri11_country_code = i21->country_code; + i->usri11_workstations = talloc_strdup(mem_ctx, i21->workstations.string); + i->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */ + i->usri11_units_per_week = i21->logon_hours.units_per_week; + i->usri11_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21); + i->usri11_code_page = i21->code_page; + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx, const struct samr_UserInfo21 *i21, struct USER_INFO_20 *i) @@ -991,6 +1026,7 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, struct USER_INFO_3 info3; struct USER_INFO_4 info4; struct USER_INFO_10 info10; + struct USER_INFO_11 info11; struct USER_INFO_20 info20; struct USER_INFO_23 info23; @@ -1078,7 +1114,14 @@ static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx, (struct USER_INFO_10 **)buffer, num_entries); break; + case 11: + status = info21_to_USER_INFO_11(mem_ctx, info21, auth_flag, &info11); + NT_STATUS_NOT_OK_RETURN(status); + + ADD_TO_ARRAY(mem_ctx, struct USER_INFO_11, info11, + (struct USER_INFO_11 **)buffer, num_entries); + break; case 20: status = info21_to_USER_INFO_20(mem_ctx, info21, &info20); NT_STATUS_NOT_OK_RETURN(status); @@ -1139,11 +1182,10 @@ WERROR NetUserEnum_r(struct libnetapi_ctx *ctx, case 3: case 4: case 10: + case 11: case 20: case 23: break; - case 11: - return WERR_NOT_SUPPORTED; default: return WERR_UNKNOWN_LEVEL; } @@ -1570,12 +1612,10 @@ WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx, case 3: case 4: case 10: + case 11: case 20: case 23: break; - case 11: - werr = WERR_NOT_SUPPORTED; - goto done; default: werr = WERR_UNKNOWN_LEVEL; goto done; -- cgit From 35c96827b4b1a453919184b554ba8b66bf0d3b42 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 8 Sep 2008 16:42:10 +0200 Subject: netapi: make add_GROUP_USERS_INFO_X_buffer non-static. Guenther (This used to be commit 87fc15d9b52bbb15550015cb106062d24c5674ba) --- source3/lib/netapi/user.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index ae8d2ecd89..4fe0aa04ab 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2736,12 +2736,12 @@ WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ -static NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, - uint32_t level, - const char *group_name, - uint32_t attributes, - uint8_t **buffer, - uint32_t *num_entries) +NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + const char *group_name, + uint32_t attributes, + uint8_t **buffer, + uint32_t *num_entries) { struct GROUP_USERS_INFO_0 u0; struct GROUP_USERS_INFO_1 u1; -- cgit From cbcebf0f08395737b4d8fa8b7d1bcdc4384467d9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 5 Sep 2008 16:51:55 +0200 Subject: netapi: add skeleton for NetUserSetGroups. Guenther (This used to be commit 165be948fab1c64526421b44b08de700849bba25) --- source3/lib/netapi/user.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 4fe0aa04ab..bf3397b4eb 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2923,3 +2923,22 @@ WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups); } + +/**************************************************************** +****************************************************************/ + + +WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, + struct NetUserSetGroups *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserSetGroups_l(struct libnetapi_ctx *ctx, + struct NetUserSetGroups *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetGroups); +} -- cgit From d26bd64f958e6248b06da1d1c243d0b06bd6adc9 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 8 Sep 2008 19:10:00 +0200 Subject: netapi: implement NetUserSetGroups_r. Guenther (This used to be commit 2ddee7577de1d6d2b7a39b949ed6a925da2e9db8) --- source3/lib/netapi/user.c | 244 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 242 insertions(+), 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index bf3397b4eb..4fbc27f364 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2927,11 +2927,251 @@ WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ - WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, struct NetUserSetGroups *r) { - return WERR_NOT_SUPPORTED; + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, user_handle, group_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + struct samr_Ids group_rids; + struct samr_RidWithAttributeArray *rid_array = NULL; + + uint32_t *add_rids = NULL; + uint32_t *del_rids = NULL; + size_t num_add_rids = 0; + size_t num_del_rids = 0; + + uint32_t *member_rids = NULL; + size_t num_member_rids = 0; + + struct GROUP_USERS_INFO_0 *i0 = NULL; + struct GROUP_USERS_INFO_1 *i1 = NULL; + + int i, k; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->in.buffer) { + return WERR_INVALID_PARAM; + } + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_GET_GROUPS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + switch (r->in.level) { + case 0: + i0 = (struct GROUP_USERS_INFO_0 *)r->in.buffer; + break; + case 1: + i1 = (struct GROUP_USERS_INFO_1 *)r->in.buffer; + break; + } + + for (i=0; i < r->in.num_entries; i++) { + + switch (r->in.level) { + case 0: + init_lsa_String(&lsa_account_name, i0->grui0_name); + i0++; + break; + case 1: + init_lsa_String(&lsa_account_name, i1->grui1_name); + i1++; + break; + } + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &group_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (!add_rid_to_array_unique(ctx, + group_rids.ids[0], + &member_rids, + &num_member_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + /* add list */ + + for (i=0; i < r->in.num_entries; i++) { + bool already_member = false; + for (k=0; k < rid_array->count; k++) { + if (member_rids[i] == rid_array->rids[k].rid) { + already_member = true; + break; + } + } + if (!already_member) { + if (!add_rid_to_array_unique(ctx, + member_rids[i], + &add_rids, &num_add_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + } + + /* del list */ + + for (k=0; k < rid_array->count; k++) { + bool keep_member = false; + for (i=0; i < r->in.num_entries; i++) { + if (member_rids[i] == rid_array->rids[k].rid) { + keep_member = true; + break; + } + } + if (!keep_member) { + if (!add_rid_to_array_unique(ctx, + rid_array->rids[k].rid, + &del_rids, &num_del_rids)) { + werr = WERR_GENERAL_FAILURE; + goto done; + } + } + } + + /* add list */ + + for (i=0; i < num_add_rids; i++) { + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_ADD_MEMBER, + add_rids[i], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_AddGroupMember(pipe_cli, ctx, + &group_handle, + user_rids.ids[0], + 7 /* ? */); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + } + + /* del list */ + + for (i=0; i < num_del_rids; i++) { + status = rpccli_samr_OpenGroup(pipe_cli, ctx, + &domain_handle, + SAMR_GROUP_ACCESS_REMOVE_MEMBER, + del_rids[i], + &group_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx, + &group_handle, + user_rids.ids[0]); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + } + + werr = WERR_OK; + + done: + if (!cli) { + return werr; + } + + if (is_valid_policy_hnd(&group_handle)) { + rpccli_samr_Close(pipe_cli, ctx, &group_handle); + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; } /**************************************************************** -- cgit From 40e9ddd6e422f2fa6d0ffa43dc4c78bef5489b7a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Sep 2008 13:42:27 +0200 Subject: netapi: add NetUserGetLocalGroups skeleton. Guenther (This used to be commit b31209e4495de31140c57338a891569b3436d91e) --- source3/lib/netapi/user.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 4fbc27f364..80c7c53b37 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -3182,3 +3182,21 @@ WERROR NetUserSetGroups_l(struct libnetapi_ctx *ctx, { LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetGroups); } + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, + struct NetUserGetLocalGroups *r) +{ + return WERR_NOT_SUPPORTED; +} + +/**************************************************************** +****************************************************************/ + +WERROR NetUserGetLocalGroups_l(struct libnetapi_ctx *ctx, + struct NetUserGetLocalGroups *r) +{ + LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetLocalGroups); +} -- cgit From 2474026c003d216cc29805c8b56836b49fe7b2fb Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 Sep 2008 18:44:40 +0200 Subject: netapi: implement NetUserGetLocalGroups_r. Guenther (This used to be commit 969bc7ce3d3f266bf07784a980ea35ab458e6eae) --- source3/lib/netapi/user.c | 238 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 238 insertions(+) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 80c7c53b37..62df2f9da5 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -3186,9 +3186,247 @@ WERROR NetUserSetGroups_l(struct libnetapi_ctx *ctx, /**************************************************************** ****************************************************************/ +static NTSTATUS add_LOCALGROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx, + uint32_t level, + const char *group_name, + uint8_t **buffer, + uint32_t *num_entries) +{ + struct LOCALGROUP_USERS_INFO_0 u0; + + switch (level) { + case 0: + u0.lgrui0_name = talloc_strdup(mem_ctx, group_name); + NT_STATUS_HAVE_NO_MEMORY(u0.lgrui0_name); + + ADD_TO_ARRAY(mem_ctx, struct LOCALGROUP_USERS_INFO_0, u0, + (struct LOCALGROUP_USERS_INFO_0 **)buffer, num_entries); + break; + default: + return NT_STATUS_INVALID_INFO_CLASS; + } + + return NT_STATUS_OK; +} + +/**************************************************************** +****************************************************************/ + WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, struct NetUserGetLocalGroups *r) { + struct cli_state *cli = NULL; + struct rpc_pipe_client *pipe_cli = NULL; + struct policy_handle connect_handle, domain_handle, user_handle, + builtin_handle; + struct lsa_String lsa_account_name; + struct dom_sid2 *domain_sid = NULL; + struct samr_Ids user_rids, name_types; + struct samr_RidWithAttributeArray *rid_array = NULL; + struct lsa_Strings names; + struct samr_Ids types; + uint32_t *rids = NULL; + size_t num_rids = 0; + struct dom_sid user_sid; + struct lsa_SidArray sid_array; + struct samr_Ids domain_rids; + struct samr_Ids builtin_rids; + + int i; + uint32_t entries_read = 0; + + NTSTATUS status = NT_STATUS_OK; + WERROR werr; + + ZERO_STRUCT(connect_handle); + ZERO_STRUCT(domain_handle); + + if (!r->out.buffer) { + return WERR_INVALID_PARAM; + } + + *r->out.buffer = NULL; + *r->out.entries_read = 0; + + switch (r->in.level) { + case 0: + case 1: + break; + default: + return WERR_UNKNOWN_LEVEL; + } + + werr = libnetapi_open_pipe(ctx, r->in.server_name, + &ndr_table_samr.syntax_id, + &cli, + &pipe_cli); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &domain_handle, + &domain_sid); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli, + SAMR_ACCESS_ENUM_DOMAINS | + SAMR_ACCESS_OPEN_DOMAIN, + SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | + SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS, + &connect_handle, + &builtin_handle); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + + init_lsa_String(&lsa_account_name, r->in.user_name); + + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + 1, + &lsa_account_name, + &user_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_OpenUser(pipe_cli, ctx, + &domain_handle, + SAMR_USER_ACCESS_GET_GROUPS, + user_rids.ids[0], + &user_handle); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, + &user_handle, + &rid_array); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + if (!sid_compose(&user_sid, domain_sid, user_rids.ids[0])) { + werr = WERR_NOMEM; + goto done; + } + + sid_array.num_sids = rid_array->count + 1; + sid_array.sids = TALLOC_ARRAY(ctx, struct lsa_SidPtr, sid_array.num_sids); + if (!sid_array.sids) { + werr = WERR_NOMEM; + goto done; + } + + sid_array.sids[0].sid = sid_dup_talloc(ctx, &user_sid); + if (!sid_array.sids[0].sid) { + werr = WERR_NOMEM; + goto done; + } + + for (i=0; i < rid_array->count; i++) { + struct dom_sid sid; + + if (!sid_compose(&sid, domain_sid, rid_array->rids[i].rid)) { + werr = WERR_NOMEM; + goto done; + } + + sid_array.sids[i+1].sid = sid_dup_talloc(ctx, &sid); + if (!sid_array.sids[i+1].sid) { + werr = WERR_NOMEM; + goto done; + } + } + + status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, + &domain_handle, + &sid_array, + &domain_rids); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < domain_rids.count; i++) { + if (!add_rid_to_array_unique(ctx, domain_rids.ids[i], + &rids, &num_rids)) { + werr = WERR_NOMEM; + goto done; + } + } + + status = rpccli_samr_GetAliasMembership(pipe_cli, ctx, + &builtin_handle, + &sid_array, + &builtin_rids); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < builtin_rids.count; i++) { + if (!add_rid_to_array_unique(ctx, builtin_rids.ids[i], + &rids, &num_rids)) { + werr = WERR_NOMEM; + goto done; + } + } + + status = rpccli_samr_LookupRids(pipe_cli, ctx, + &builtin_handle, + num_rids, + rids, + &names, + &types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + + for (i=0; i < names.count; i++) { + status = add_LOCALGROUP_USERS_INFO_X_buffer(ctx, + r->in.level, + names.names[i].string, + r->out.buffer, + &entries_read); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; + } + } + + if (r->out.entries_read) { + *r->out.entries_read = entries_read; + } + if (r->out.total_entries) { + *r->out.total_entries = entries_read; + } + + done: + if (!cli) { + return werr; + } + + if (ctx->disable_policy_handle_cache) { + libnetapi_samr_close_domain_handle(ctx, &domain_handle); + libnetapi_samr_close_connect_handle(ctx, &connect_handle); + } + + return werr; + return WERR_NOT_SUPPORTED; } -- cgit From 47dbe6f7aef5cf3b7f2c0da90533fa2da2790cec Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 12 Sep 2008 11:28:03 +0200 Subject: netapi: fix NetUserSetGroups. Guenther (This used to be commit e8b27b69f33fb33c670026b3a24ed95a2f0099fe) --- source3/lib/netapi/user.c | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 62df2f9da5..986c32ad93 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -2938,6 +2938,7 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, struct samr_Ids user_rids, name_types; struct samr_Ids group_rids; struct samr_RidWithAttributeArray *rid_array = NULL; + struct lsa_String *lsa_names = NULL; uint32_t *add_rids = NULL; uint32_t *del_rids = NULL; @@ -3021,39 +3022,40 @@ WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx, break; } + lsa_names = talloc_array(ctx, struct lsa_String, r->in.num_entries); + if (!lsa_names) { + werr = WERR_NOMEM; + goto done; + } + for (i=0; i < r->in.num_entries; i++) { switch (r->in.level) { case 0: - init_lsa_String(&lsa_account_name, i0->grui0_name); + init_lsa_String(&lsa_names[i], i0->grui0_name); i0++; break; case 1: - init_lsa_String(&lsa_account_name, i1->grui1_name); + init_lsa_String(&lsa_names[i], i1->grui1_name); i1++; break; } + } - status = rpccli_samr_LookupNames(pipe_cli, ctx, - &domain_handle, - 1, - &lsa_account_name, - &group_rids, - &name_types); - if (!NT_STATUS_IS_OK(status)) { - werr = ntstatus_to_werror(status); - goto done; - } - - if (!add_rid_to_array_unique(ctx, - group_rids.ids[0], - &member_rids, - &num_member_rids)) { - werr = WERR_GENERAL_FAILURE; - goto done; - } + status = rpccli_samr_LookupNames(pipe_cli, ctx, + &domain_handle, + r->in.num_entries, + lsa_names, + &group_rids, + &name_types); + if (!NT_STATUS_IS_OK(status)) { + werr = ntstatus_to_werror(status); + goto done; } + member_rids = group_rids.ids; + num_member_rids = group_rids.count; + status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx, &user_handle, &rid_array); -- cgit From cf3d089afa55c3b3b21b2c48aa9941d1d2f3c043 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 12 Sep 2008 11:47:39 +0200 Subject: netapi: fix NetUserGetLocalGroups. Guenther (This used to be commit 5d91c9184c27def47f20fc089cc127d780387ed8) --- source3/lib/netapi/user.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/lib/netapi/user.c') diff --git a/source3/lib/netapi/user.c b/source3/lib/netapi/user.c index 986c32ad93..7d0c47f331 100644 --- a/source3/lib/netapi/user.c +++ b/source3/lib/netapi/user.c @@ -3428,8 +3428,6 @@ WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx, } return werr; - - return WERR_NOT_SUPPORTED; } /**************************************************************** -- cgit