search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* sync'd up function name with HEAD (pdb_set_logon_div()).
[Samba.git] / source / passdb / passdb.c
blobf5458c74ab3a8b6652561882808265bba1de498d
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 Password and authentication handling
5 Copyright (C) Jeremy Allison 1996-2001
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
7 Copyright (C) Gerald (Jerry) Carter 2000-2001
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 /*
27 * This is set on startup - it defines the SID for this
28 * machine, and therefore the SAM database for which it is
29 * responsible.
30 */
31
32 extern DOM_SID global_sam_sid;
33
34 struct passdb_ops *pdb_ops;
35
36 #if 0 /* JERRY */
37 static void* pdb_handle = NULL;
38 #endif
39
40 /***************************************************************
41 Initialize the password db operations.
42 ***************************************************************/
43
44 BOOL initialize_password_db(BOOL reload)
45 {
46 /*
47 * This function is unfinished right now, so just
48 * ignore the details and always return True. It
49 * is here only as a placeholder --jerry
50 */
51 return True;
52
53 }
54
55 /*************************************************************
56 Initialises a struct sam_disp_info.
57 **************************************************************/
58
59 static void pdb_init_dispinfo(struct sam_disp_info *user)
60 {
61 if (user == NULL)
62 return;
63 ZERO_STRUCTP(user);
64 }
65
66
67 /************************************************************
68 Fill the SAM_ACCOUNT with default values.
69 ***********************************************************/
70
71 static BOOL pdb_fill_default_sam(SAM_ACCOUNT *user)
72 {
73 if (user == NULL) {
74 DEBUG(0,("pdb_fill_default_sam: SAM_ACCOUNT was NULL\n"));
75 return False;
76 }
77
78 ZERO_STRUCTP(user);
79
80 user->init_flag = FLAG_SAM_UNINIT;
81 user->uid = user->gid = -1;
82 user->logon_time = (time_t)0;
83 user->pass_last_set_time = (time_t)0;
84 user->pass_can_change_time = (time_t)0;
85 user->logoff_time =
86 user->kickoff_time =
87 user->pass_must_change_time = get_time_t_max(); /* Password never expires. */
88
89 user->unknown_3 = 0x00ffffff; /* don't know */
90 user->logon_divs = 168; /* hours per week */
91 user->hours_len = 21; /* 21 times 8 bits = 168 */
92 memset(user->hours, 0xff, user->hours_len); /* available at all hours */
93 user->unknown_5 = 0x00000000; /* don't know */
94 user->unknown_6 = 0x000004ec; /* don't know */
95 return True;
96 }
97
98
99 /*************************************************************
100 Alloc memory and initialises a struct sam_passwd.
101 ************************************************************/
102
103 BOOL pdb_init_sam(SAM_ACCOUNT **user)
104 {
105 if (*user != NULL) {
106 DEBUG(0,("pdb_init_sam: SAM_ACCOUNT was non NULL\n"));
107 #if 0
108 smb_panic("NULL pointer passed to pdb_init_sam\n");
109 #endif
110 return False;
111 }
112
113 *user=(SAM_ACCOUNT *)malloc(sizeof(SAM_ACCOUNT));
114
115 if (*user==NULL) {
116 DEBUG(0,("pdb_init_sam: error while allocating memory\n"));
117 return False;
118 }
119
120 pdb_fill_default_sam(*user);
121
122 return True;
123 }
124
125
126 /*************************************************************
127 Initialises a struct sam_passwd with sane values.
128 ************************************************************/
129
130 BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, struct passwd *pwd)
131 {
132 if (!pwd) {
133 new_sam_acct = NULL;
134 return False;
135 }
136
137 if (!pdb_init_sam(new_sam_acct)) {
138 new_sam_acct = NULL;
139 return False;
140 }
141
142
143 pdb_set_username(*new_sam_acct, pwd->pw_name);
144 pdb_set_fullname(*new_sam_acct, pwd->pw_gecos);
145 pdb_set_uid(*new_sam_acct, pwd->pw_uid);
146 pdb_set_gid(*new_sam_acct, pwd->pw_gid);
147 pdb_set_profile_path(*new_sam_acct, lp_logon_path(), False);
148 pdb_set_homedir(*new_sam_acct, lp_logon_home(), False);
149 pdb_set_dir_drive(*new_sam_acct, lp_logon_drive(), False);
150 pdb_set_logon_script(*new_sam_acct, lp_logon_script(), False);
151 return True;
152 }
153
154
155 /************************************************************
156 Free the NT/LM hashes only.
157 ***********************************************************/
158
159 static BOOL pdb_free_sam_contents(SAM_ACCOUNT *user)
160 {
161 if (user == NULL) {
162 DEBUG(0,("pdb_free_sam_contents: SAM_ACCOUNT was NULL\n"));
163 #if 0
164 smb_panic("NULL pointer passed to pdb_free_sam\n");
165 #endif
166 return False;
167 }
168
169 /* As we start mallocing more strings this is where
170 we should free them. */
171
172 SAFE_FREE(user->nt_pw);
173 SAFE_FREE(user->lm_pw);
174
175 return True;
176 }
177
178
179 /************************************************************
180 Reset the SAM_ACCOUNT and free the NT/LM hashes.
181 - note: they are not zero'ed out however.
182 ***********************************************************/
183
184 BOOL pdb_reset_sam(SAM_ACCOUNT *user)
185 {
186 if (user == NULL) {
187 DEBUG(0,("pdb_reset_sam: SAM_ACCOUNT was NULL\n"));
188 return False;
189 }
190
191 if (!pdb_free_sam_contents(user)) {
192 return False;
193 }
194
195 if (!pdb_fill_default_sam(user)) {
196 return False;
197 }
198
199 return True;
200 }
201
202
203 /************************************************************
204 Free the SAM_ACCOUNT and the NT/LM hashes.
205 ***********************************************************/
206
207 BOOL pdb_free_sam(SAM_ACCOUNT *user)
208 {
209 if (user == NULL) {
210 DEBUG(0,("pdb_free_sam: SAM_ACCOUNT was NULL\n"));
211 #if 0
212 smb_panic("NULL pointer passed to pdb_free_sam\n");
213 #endif
214 return False;
215 }
216
217 if (!pdb_free_sam_contents(user)) {
218 return False;
219 }
220
221 SAFE_FREE(user);
222
223 return True;
224 }
225
226
227 /*************************************************************************
228 Routine to return the next entry in the sam passwd list.
229 *************************************************************************/
230
231 struct sam_disp_info *pdb_sam_to_dispinfo(SAM_ACCOUNT *user)
232 {
233 static struct sam_disp_info disp_info;
234
235 if (user == NULL)
236 return NULL;
237
238 pdb_init_dispinfo(&disp_info);
239
240 disp_info.smb_name = user->username;
241 disp_info.full_name = user->full_name;
242 disp_info.user_rid = user->user_rid;
243
244 return &disp_info;
245 }
246
247 /**********************************************************
248 Encode the account control bits into a string.
249 length = length of string to encode into (including terminating
250 null). length *MUST BE MORE THAN 2* !
251 **********************************************************/
252
253 char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
254 {
255 static fstring acct_str;
256 size_t i = 0;
257
258 acct_str[i++] = '[';
259
260 if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
261 if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
262 if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
263 if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
264 if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
265 if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
266 if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
267 if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
268 if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
269 if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
270 if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
271
272 for ( ; i < length - 2 ; i++ )
273 acct_str[i] = ' ';
274
275 i = length - 2;
276 acct_str[i++] = ']';
277 acct_str[i++] = '\0';
278
279 return acct_str;
280 }
281
282 /**********************************************************
283 Decode the account control bits from a string.
284 **********************************************************/
285
286 uint16 pdb_decode_acct_ctrl(const char *p)
287 {
288 uint16 acct_ctrl = 0;
289 BOOL finished = False;
290
291 /*
292 * Check if the account type bits have been encoded after the
293 * NT password (in the form [NDHTUWSLXI]).
294 */
295
296 if (*p != '[')
297 return 0;
298
299 for (p++; *p && !finished; p++) {
300 switch (*p) {
301 case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
302 case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
303 case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
304 case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
305 case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
306 case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
307 case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
308 case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
309 case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
310 case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
311 case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
312 case ' ': { break; }
313 case ':':
314 case '\n':
315 case '\0':
316 case ']':
317 default: { finished = True; }
318 }
319 }
320
321 return acct_ctrl;
322 }
323
324 /*************************************************************
325 Routine to set 32 hex password characters from a 16 byte array.
326 **************************************************************/
327
328 void pdb_sethexpwd(char *p, unsigned char *pwd, uint16 acct_ctrl)
329 {
330 if (pwd != NULL) {
331 int i;
332 for (i = 0; i < 16; i++)
333 slprintf(&p[i*2], 3, "%02X", pwd[i]);
334 } else {
335 if (acct_ctrl & ACB_PWNOTREQ)
336 safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
337 else
338 safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
339 }
340 }
341
342 /*************************************************************
343 Routine to get the 32 hex characters and turn them
344 into a 16 byte array.
345 **************************************************************/
346
347 BOOL pdb_gethexpwd(char *p, unsigned char *pwd)
348 {
349 int i;
350 unsigned char lonybble, hinybble;
351 char *hexchars = "0123456789ABCDEF";
352 char *p1, *p2;
353
354 if (!p)
355 return (False);
356
357 for (i = 0; i < 32; i += 2) {
358 hinybble = toupper(p[i]);
359 lonybble = toupper(p[i + 1]);
360
361 p1 = strchr(hexchars, hinybble);
362 p2 = strchr(hexchars, lonybble);
363
364 if (!p1 || !p2)
365 return (False);
366
367 hinybble = PTR_DIFF(p1, hexchars);
368 lonybble = PTR_DIFF(p2, hexchars);
369
370 pwd[i / 2] = (hinybble << 4) | lonybble;
371 }
372 return (True);
373 }
374
375 /*******************************************************************
376 Group and User RID username mapping function
377 ********************************************************************/
378
379 BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
380 {
381 struct passwd *pw = Get_Pwnam(user_name, False);
382
383 if (u_rid == NULL || g_rid == NULL || user_name == NULL)
384 return False;
385
386 if (!pw) {
387 DEBUG(1,("Username %s is invalid on this system\n", user_name));
388 return False;
389 }
390
391 /* turn the unix UID into a Domain RID. this is what the posix
392 sub-system does (adds 1000 to the uid) */
393 *u_rid = pdb_uid_to_user_rid(pw->pw_uid);
394
395 /* absolutely no idea what to do about the unix GID to Domain RID mapping */
396 *g_rid = pdb_gid_to_group_rid(pw->pw_gid);
397
398 return True;
399 }
400
401 /*******************************************************************
402 Converts NT user RID to a UNIX uid.
403 ********************************************************************/
404
405 uid_t pdb_user_rid_to_uid(uint32 user_rid)
406 {
407 return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER);
408 }
409
410 /*******************************************************************
411 Converts NT user RID to a UNIX gid.
412 ********************************************************************/
413
414 gid_t pdb_user_rid_to_gid(uint32 user_rid)
415 {
416 return (uid_t)(((user_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER);
417 }
418
419 /*******************************************************************
420 converts UNIX uid to an NT User RID.
421 ********************************************************************/
422
423 uint32 pdb_uid_to_user_rid(uid_t uid)
424 {
425 return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE);
426 }
427
428 /*******************************************************************
429 converts NT Group RID to a UNIX uid.
430 ********************************************************************/
431
432 uint32 pdb_gid_to_group_rid(gid_t gid)
433 {
434 return (((((uint32)gid)*RID_MULTIPLIER) + 1000) | GROUP_RID_TYPE);
435 }
436
437 /*******************************************************************
438 Decides if a RID is a well known RID.
439 ********************************************************************/
440
441 static BOOL pdb_rid_is_well_known(uint32 rid)
442 {
443 return (rid < 1000);
444 }
445
446 /*******************************************************************
447 Decides if a RID is a user or group RID.
448 ********************************************************************/
449
450 BOOL pdb_rid_is_user(uint32 rid)
451 {
452 /* lkcl i understand that NT attaches an enumeration to a RID
453 * such that it can be identified as either a user, group etc
454 * type. there are 5 such categories, and they are documented.
455 */
456 if(pdb_rid_is_well_known(rid)) {
457 /*
458 * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
459 * and DOMAIN_USER_RID_GUEST.
460 */
461 if(rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
462 return True;
463 } else if((rid & RID_TYPE_MASK) == USER_RID_TYPE) {
464 return True;
465 }
466 return False;
467 }
468
469 /*******************************************************************
470 Convert a rid into a name. Used in the lookup SID rpc.
471 ********************************************************************/
472
473 BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
474 {
475 BOOL is_user = pdb_rid_is_user(rid);
476
477 *psid_name_use = SID_NAME_UNKNOWN;
478
479 DEBUG(5,("local_lookup_rid: looking up %s RID %u.\n", is_user ? "user" :
480 "group", (unsigned int)rid));
481
482 if(is_user) {
483 if(rid == DOMAIN_USER_RID_ADMIN) {
484 pstring admin_users;
485 char *p = admin_users;
486 *psid_name_use = SID_NAME_USER;
487 if(!next_token(&p, name, NULL, sizeof(fstring)))
488 fstrcpy(name, "Administrator");
489 } else if (rid == DOMAIN_USER_RID_GUEST) {
490 pstring guest_users;
491 char *p = guest_users;
492 *psid_name_use = SID_NAME_USER;
493 if(!next_token(&p, name, NULL, sizeof(fstring)))
494 fstrcpy(name, "Guest");
495 } else {
496 uid_t uid;
497 struct passwd *pass;
498
499 /*
500 * Don't try to convert the rid to a name if
501 * running in appliance mode
502 */
503 if (lp_hide_local_users())
504 return False;
505
506 uid = pdb_user_rid_to_uid(rid);
507 pass = sys_getpwuid(uid);
508
509 *psid_name_use = SID_NAME_USER;
510
511 DEBUG(5,("local_lookup_rid: looking up uid %u %s\n", (unsigned int)uid,
512 pass ? "succeeded" : "failed" ));
513
514 if(!pass) {
515 slprintf(name, sizeof(fstring)-1, "unix_user.%u", (unsigned int)uid);
516 return True;
517 }
518
519 fstrcpy(name, pass->pw_name);
520
521 DEBUG(5,("local_lookup_rid: found user %s for rid %u\n", name,
522 (unsigned int)rid ));
523 }
524
525 } else {
526 gid_t gid;
527 struct group *gr;
528
529 /*
530 * Don't try to convert the rid to a name if running
531 * in appliance mode
532 */
533
534 if (lp_hide_local_users())
535 return False;
536
537 gid = pdb_user_rid_to_gid(rid);
538 gr = getgrgid(gid);
539
540 *psid_name_use = SID_NAME_ALIAS;
541
542 DEBUG(5,("local_local_rid: looking up gid %u %s\n", (unsigned int)gid,
543 gr ? "succeeded" : "failed" ));
544
545 if(!gr) {
546 slprintf(name, sizeof(fstring)-1, "unix_group.%u", (unsigned int)gid);
547 return True;
548 }
549
550 fstrcpy( name, gr->gr_name);
551
552 DEBUG(5,("local_lookup_rid: found group %s for rid %u\n", name,
553 (unsigned int)rid ));
554 }
555
556 return True;
557 }
558
559 /*******************************************************************
560 Convert a name into a SID. Used in the lookup name rpc.
561 ********************************************************************/
562
563 BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use)
564 {
565 extern DOM_SID global_sid_World_Domain;
566 struct passwd *pass = NULL;
567 DOM_SID local_sid;
568 fstring user;
569 fstring domain;
570
571 *psid_name_use = SID_NAME_UNKNOWN;
572
573 /*
574 * domain and user may be quoted const strings, and map_username and
575 * friends can modify them. Make a modifiable copy. JRA.
576 */
577
578 fstrcpy(domain, c_domain);
579 fstrcpy(user, c_user);
580
581 sid_copy(&local_sid, &global_sam_sid);
582
583 /*
584 * Special case for MACHINE\Everyone. Map to the world_sid.
585 */
586
587 if(strequal(user, "Everyone")) {
588 sid_copy( psid, &global_sid_World_Domain);
589 sid_append_rid(psid, 0);
590 *psid_name_use = SID_NAME_ALIAS;
591 return True;
592 }
593
594 /*
595 * Don't lookup local unix users if running in appliance mode
596 */
597 if (lp_hide_local_users())
598 return False;
599
600 (void)map_username(user);
601
602 if((pass = Get_Pwnam(user, False))) {
603 sid_append_rid( &local_sid, pdb_uid_to_user_rid(pass->pw_uid));
604 *psid_name_use = SID_NAME_USER;
605 } else {
606 /*
607 * Maybe it was a group ?
608 */
609 struct group *grp = getgrnam(user);
610
611 if(!grp)
612 return False;
613
614 sid_append_rid( &local_sid, pdb_gid_to_group_rid(grp->gr_gid));
615 *psid_name_use = SID_NAME_ALIAS;
616 }
617
618 sid_copy( psid, &local_sid);
619
620 return True;
621 }
622
623 /****************************************************************************
624 Convert a uid to SID - locally.
625 ****************************************************************************/
626
627 DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid)
628 {
629 extern DOM_SID global_sam_sid;
630
631 sid_copy(psid, &global_sam_sid);
632 sid_append_rid(psid, pdb_uid_to_user_rid(uid));
633
634 return psid;
635 }
636
637 /****************************************************************************
638 Convert a SID to uid - locally.
639 ****************************************************************************/
640
641 BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
642 {
643 extern DOM_SID global_sam_sid;
644
645 DOM_SID dom_sid;
646 uint32 rid;
647 fstring str;
648 struct passwd *pass;
649
650 *name_type = SID_NAME_UNKNOWN;
651
652 sid_copy(&dom_sid, psid);
653 sid_split_rid(&dom_sid, &rid);
654
655 if (!pdb_rid_is_user(rid))
656 return False;
657
658 /*
659 * We can only convert to a uid if this is our local
660 * Domain SID (ie. we are the controling authority).
661 */
662 if (!sid_equal(&global_sam_sid, &dom_sid))
663 return False;
664
665 *puid = pdb_user_rid_to_uid(rid);
666
667 /*
668 * Ensure this uid really does exist.
669 */
670 if(!(pass = sys_getpwuid(*puid)))
671 return False;
672
673 DEBUG(10,("local_sid_to_uid: SID %s -> uid (%u) (%s).\n", sid_to_string( str, psid),
674 (unsigned int)*puid, pass->pw_name ));
675
676 *name_type = SID_NAME_USER;
677 return True;
678 }
679
680 /****************************************************************************
681 Convert a gid to SID - locally.
682 ****************************************************************************/
683
684 DOM_SID *local_gid_to_sid(DOM_SID *psid, gid_t gid)
685 {
686 extern DOM_SID global_sam_sid;
687
688 sid_copy(psid, &global_sam_sid);
689 sid_append_rid(psid, pdb_gid_to_group_rid(gid));
690
691 return psid;
692 }
693
694 /****************************************************************************
695 Convert a SID to gid - locally.
696 ****************************************************************************/
697
698 BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type)
699 {
700 extern DOM_SID global_sam_sid;
701 DOM_SID dom_sid;
702 uint32 rid;
703 fstring str;
704 struct group *grp;
705
706 *name_type = SID_NAME_UNKNOWN;
707
708 sid_copy(&dom_sid, psid);
709 sid_split_rid(&dom_sid, &rid);
710
711 /*
712 * We can only convert to a gid if this is our local
713 * Domain SID (ie. we are the controling authority).
714 */
715
716 if (!sid_equal(&global_sam_sid, &dom_sid))
717 return False;
718
719 if (pdb_rid_is_user(rid))
720 return False;
721
722 *pgid = pdb_user_rid_to_gid(rid);
723
724 /*
725 * Ensure this gid really does exist.
726 */
727
728 if(!(grp = getgrgid(*pgid)))
729 return False;
730
731 *name_type = SID_NAME_ALIAS;
732
733 DEBUG(10,("local_sid_to_gid: SID %s -> gid (%u) (%s).\n", sid_to_string( str, psid),
734 (unsigned int)*pgid, grp->gr_name ));
735
736 return True;
737 }
738
739 static void select_name(pstring string, const UNISTR2 *from)
740 {
741 if (from->buffer != 0)
742 unistr2_to_ascii(string, from, sizeof(pstring));
743 }
744
745 /*************************************************************
746 Copies a SAM_USER_INFO_23 to a SAM_ACCOUNT
747 **************************************************************/
748
749 void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
750 {
751
752 if (from == NULL || to == NULL)
753 return;
754
755 to->logon_time = nt_time_to_unix(&from->logon_time);
756 to->logoff_time = nt_time_to_unix(&from->logoff_time);
757 to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
758 to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
759 to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
760 to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
761
762 select_name(to->username , &from->uni_user_name );
763 select_name(to->full_name , &from->uni_full_name );
764 select_name(to->home_dir , &from->uni_home_dir );
765 select_name(to->dir_drive , &from->uni_dir_drive );
766 select_name(to->logon_script, &from->uni_logon_script);
767 select_name(to->profile_path, &from->uni_profile_path);
768 select_name(to->acct_desc , &from->uni_acct_desc );
769 select_name(to->workstations, &from->uni_workstations);
770 select_name(to->unknown_str , &from->uni_unknown_str );
771 select_name(to->munged_dial , &from->uni_munged_dial );
772
773 to->user_rid = from->user_rid;
774 to->group_rid = from->group_rid;
775
776 to->acct_ctrl = from->acb_info;
777 to->unknown_3 = from->unknown_3;
778
779 to->logon_divs = from->logon_divs;
780 to->hours_len = from->logon_hrs.len;
781 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
782
783 to->unknown_5 = from->unknown_5;
784 to->unknown_6 = from->unknown_6;
785 }
786
787 /*************************************************************
788 Copies a sam passwd.
789 **************************************************************/
790
791 void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
792 {
793 if (from == NULL || to == NULL)
794 return;
795
796 to->logon_time = nt_time_to_unix(&from->logon_time);
797 to->logoff_time = nt_time_to_unix(&from->logoff_time);
798 to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
799 to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
800 to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
801 to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
802
803 select_name(to->username , &from->uni_user_name );
804 select_name(to->full_name , &from->uni_full_name );
805 select_name(to->home_dir , &from->uni_home_dir );
806 select_name(to->dir_drive , &from->uni_dir_drive );
807 select_name(to->logon_script, &from->uni_logon_script);
808 select_name(to->profile_path, &from->uni_profile_path);
809 select_name(to->acct_desc , &from->uni_acct_desc );
810 select_name(to->workstations, &from->uni_workstations);
811 select_name(to->unknown_str , &from->uni_unknown_str );
812 select_name(to->munged_dial , &from->uni_munged_dial );
813
814 to->user_rid = from->user_rid;
815 to->group_rid = from->group_rid;
816
817 /* FIXME!! Do we need to copy the passwords here as well?
818 I don't know. Need to figure this out --jerry */
819
820 to->acct_ctrl = from->acb_info;
821 to->unknown_3 = from->unknown_3;
822
823 to->logon_divs = from->logon_divs;
824 to->hours_len = from->logon_hrs.len;
825 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
826
827 to->unknown_5 = from->unknown_5;
828 to->unknown_6 = from->unknown_6;
829 }
830
831 #if 0 /* JERRY */
832 /*************************************************************
833 Copies a SAM_ACCOUNT.
834 FIXME!!!! This is broken as SAM_ACCOUNT contains two
835 pointers. --jerry
836 **************************************************************/
837
838 void copy_sam_passwd(SAM_ACCOUNT *to, const SAM_ACCOUNT *from)
839 {
840 if (!from || !to)
841 return;
842
843 memcpy(to, from, sizeof(SAM_ACCOUNT));
844
845
846 }
847 #endif
848
849 /*************************************************************
850 Change a password entry in the local smbpasswd file.
851
852 FIXME!! The function needs to be abstracted into the
853 passdb interface or something. It is currently being called
854 by _api_samr_create_user() in rpc_server/srv_samr.c
855
856 --jerry
857 *************************************************************/
858
859 BOOL local_password_change(char *user_name, int local_flags,
860 char *new_passwd,
861 char *err_str, size_t err_str_len,
862 char *msg_str, size_t msg_str_len)
863 {
864 struct passwd *pwd = NULL;
865 SAM_ACCOUNT *sam_pass=NULL;
866
867 *err_str = '\0';
868 *msg_str = '\0';
869
870 if (local_flags & LOCAL_ADD_USER) {
871
872 /*
873 * Check for a local account - if we're adding only.
874 */
875
876 if(!(pwd = sys_getpwnam(user_name))) {
877 slprintf(err_str, err_str_len - 1, "User %s does not \
878 exist in system password file (usually /etc/passwd). Cannot add \
879 account without a valid local system user.\n", user_name);
880 return False;
881 }
882 }
883
884 /* Get the smb passwd entry for this user */
885 pdb_init_sam(&sam_pass);
886 if(!pdb_getsampwnam(sam_pass, user_name)) {
887 pdb_free_sam(sam_pass);
888
889 if(!(local_flags & LOCAL_ADD_USER)) {
890 slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
891 return False;
892 }
893
894 sam_pass = NULL;
895 if (!pdb_init_sam_pw(&sam_pass, pwd)) {
896 return False;
897 }
898
899 /* Set account flags. Note that the default is non-expiring accounts */
900 pdb_set_acct_ctrl(sam_pass,(local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL|ACB_PWNOEXP);
901
902 if (local_flags & LOCAL_DISABLE_USER)
903 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED);
904
905 if (local_flags & LOCAL_SET_NO_PASSWORD) {
906 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
907 } else {
908 /* set the passwords here. if we get to here it means
909 we have a valid, active account */
910 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
911 pdb_free_sam(sam_pass);
912 return False;
913 }
914 }
915
916 /* Remember to set the "last changed time". */
917 pdb_set_pass_last_set_time(sam_pass, time(NULL));
918
919 if (pdb_add_sam_account(sam_pass)) {
920 slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
921 pdb_free_sam(sam_pass);
922 return True;
923 } else {
924 slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
925 pdb_free_sam(sam_pass);
926 return False;
927 }
928 } else {
929 /* the entry already existed */
930 local_flags &= ~LOCAL_ADD_USER;
931 }
932
933 /*
934 * We are root - just write the new password
935 * and the valid last change time.
936 */
937
938 if(local_flags & LOCAL_DISABLE_USER) {
939 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED);
940 } else if (local_flags & LOCAL_ENABLE_USER) {
941 if(pdb_get_lanman_passwd(sam_pass) == NULL) {
942 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
943 pdb_free_sam(sam_pass);
944 return False;
945 }
946 }
947 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
948 } else if (local_flags & LOCAL_SET_NO_PASSWORD) {
949 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
950 /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
951 if (!pdb_set_lanman_passwd (sam_pass, NULL)) {
952 pdb_free_sam(sam_pass);
953 return False;
954 }
955 if (!pdb_set_nt_passwd(sam_pass, NULL)) {
956 pdb_free_sam(sam_pass);
957 return False;
958 }
959 } else {
960 /*
961 * If we're dealing with setting a completely empty user account
962 * ie. One with a password of 'XXXX', but not set disabled (like
963 * an account created from scratch) then if the old password was
964 * 'XX's then getsmbpwent will have set the ACB_DISABLED flag.
965 * We remove that as we're giving this user their first password
966 * and the decision hasn't really been made to disable them (ie.
967 * don't create them disabled). JRA.
968 */
969 if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED))
970 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
971 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ));
972 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
973 pdb_free_sam(sam_pass);
974 return False;
975 }
976 }
977
978 if(local_flags & LOCAL_DELETE_USER) {
979 if (!pdb_delete_sam_account(user_name)) {
980 slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
981 pdb_free_sam(sam_pass);
982 return False;
983 }
984 slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
985 } else {
986 if(!pdb_update_sam_account(sam_pass, True)) {
987 slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
988 pdb_free_sam(sam_pass);
989 return False;
990 }
991 if(local_flags & LOCAL_DISABLE_USER)
992 slprintf(msg_str, msg_str_len-1, "Disabled user %s.\n", user_name);
993 else if (local_flags & LOCAL_ENABLE_USER)
994 slprintf(msg_str, msg_str_len-1, "Enabled user %s.\n", user_name);
995 else if (local_flags & LOCAL_SET_NO_PASSWORD)
996 slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
997 }
998
999 pdb_free_sam(sam_pass);
1000 return True;
1001 }
1002
1003 /*********************************************************************
1004 Collection of get...() functions for SAM_ACCOUNT_INFO.
1005 ********************************************************************/
1006
1007 uint16 pdb_get_acct_ctrl (SAM_ACCOUNT *sampass)
1008 {
1009 if (sampass)
1010 return (sampass->acct_ctrl);
1011 else
1012 return (ACB_DISABLED);
1013 }
1014
1015 time_t pdb_get_logon_time (SAM_ACCOUNT *sampass)
1016 {
1017 if (sampass)
1018 return (sampass->logon_time);
1019 else
1020 return (0);
1021 }
1022
1023 time_t pdb_get_logoff_time (SAM_ACCOUNT *sampass)
1024 {
1025 if (sampass)
1026 return (sampass->logoff_time);
1027 else
1028 return (-1);
1029 }
1030
1031 time_t pdb_get_kickoff_time (SAM_ACCOUNT *sampass)
1032 {
1033 if (sampass)
1034 return (sampass->kickoff_time);
1035 else
1036 return (-1);
1037 }
1038
1039 time_t pdb_get_pass_last_set_time (SAM_ACCOUNT *sampass)
1040 {
1041 if (sampass)
1042 return (sampass->pass_last_set_time);
1043 else
1044 return (-1);
1045 }
1046
1047 time_t pdb_get_pass_can_change_time (SAM_ACCOUNT *sampass)
1048 {
1049 if (sampass)
1050 return (sampass->pass_can_change_time);
1051 else
1052 return (-1);
1053 }
1054
1055 time_t pdb_get_pass_must_change_time (SAM_ACCOUNT *sampass)
1056 {
1057 if (sampass)
1058 return (sampass->pass_must_change_time);
1059 else
1060 return (-1);
1061 }
1062
1063 uint16 pdb_get_logon_divs (SAM_ACCOUNT *sampass)
1064 {
1065 if (sampass)
1066 return (sampass->logon_divs);
1067 else
1068 return (-1);
1069 }
1070
1071 uint32 pdb_get_hours_len (SAM_ACCOUNT *sampass)
1072 {
1073 if (sampass)
1074 return (sampass->hours_len);
1075 else
1076 return (-1);
1077 }
1078
1079 uint8* pdb_get_hours (SAM_ACCOUNT *sampass)
1080 {
1081 if (sampass)
1082 return (sampass->hours);
1083 else
1084 return (NULL);
1085 }
1086
1087 uint8* pdb_get_nt_passwd (SAM_ACCOUNT *sampass)
1088 {
1089 if (sampass)
1090 return (sampass->nt_pw);
1091 else
1092 return (NULL);
1093 }
1094
1095 uint8* pdb_get_lanman_passwd (SAM_ACCOUNT *sampass)
1096 {
1097 if (sampass)
1098 return (sampass->lm_pw);
1099 else
1100 return (NULL);
1101 }
1102
1103 uint32 pdb_get_user_rid (SAM_ACCOUNT *sampass)
1104 {
1105 if (sampass)
1106 return (sampass->user_rid);
1107 else
1108 return (-1);
1109 }
1110
1111 uint32 pdb_get_group_rid (SAM_ACCOUNT *sampass)
1112 {
1113 if (sampass)
1114 return (sampass->group_rid);
1115 else
1116 return (-1);
1117 }
1118
1119 uid_t pdb_get_uid (SAM_ACCOUNT *sampass)
1120 {
1121 if (sampass)
1122 return (sampass->uid);
1123 else
1124 return ((uid_t)-1);
1125 }
1126
1127 gid_t pdb_get_gid (SAM_ACCOUNT *sampass)
1128 {
1129 if (sampass)
1130 return (sampass->gid);
1131 else
1132 return ((gid_t)-1);
1133 }
1134
1135 char* pdb_get_username (SAM_ACCOUNT *sampass)
1136 {
1137 if (sampass)
1138 return (sampass->username);
1139 else
1140 return (NULL);
1141 }
1142
1143 char* pdb_get_domain (SAM_ACCOUNT *sampass)
1144 {
1145 if (sampass)
1146 return (sampass->domain);
1147 else
1148 return (NULL);
1149 }
1150
1151 char* pdb_get_nt_username (SAM_ACCOUNT *sampass)
1152 {
1153 if (sampass)
1154 return (sampass->nt_username);
1155 else
1156 return (NULL);
1157 }
1158
1159 char* pdb_get_fullname (SAM_ACCOUNT *sampass)
1160 {
1161 if (sampass)
1162 return (sampass->full_name);
1163 else
1164 return (NULL);
1165 }
1166
1167 char* pdb_get_homedir (SAM_ACCOUNT *sampass)
1168 {
1169 if (sampass)
1170 return (sampass->home_dir);
1171 else
1172 return (NULL);
1173 }
1174
1175 char* pdb_get_dirdrive (SAM_ACCOUNT *sampass)
1176 {
1177 if (sampass)
1178 return (sampass->dir_drive);
1179 else
1180 return (NULL);
1181 }
1182
1183 char* pdb_get_logon_script (SAM_ACCOUNT *sampass)
1184 {
1185 if (sampass)
1186 return (sampass->logon_script);
1187 else
1188 return (NULL);
1189 }
1190
1191 char* pdb_get_profile_path (SAM_ACCOUNT *sampass)
1192 {
1193 if (sampass)
1194 return (sampass->profile_path);
1195 else
1196 return (NULL);
1197 }
1198
1199 char* pdb_get_acct_desc (SAM_ACCOUNT *sampass)
1200 {
1201 if (sampass)
1202 return (sampass->acct_desc);
1203 else
1204 return (NULL);
1205 }
1206
1207 char* pdb_get_workstations (SAM_ACCOUNT *sampass)
1208 {
1209 if (sampass)
1210 return (sampass->workstations);
1211 else
1212 return (NULL);
1213 }
1214
1215 char* pdb_get_munged_dial (SAM_ACCOUNT *sampass)
1216 {
1217 if (sampass)
1218 return (sampass->munged_dial);
1219 else
1220 return (NULL);
1221 }
1222
1223 uint32 pdb_get_unknown3 (SAM_ACCOUNT *sampass)
1224 {
1225 if (sampass)
1226 return (sampass->unknown_3);
1227 else
1228 return (-1);
1229 }
1230
1231 uint32 pdb_get_unknown5 (SAM_ACCOUNT *sampass)
1232 {
1233 if (sampass)
1234 return (sampass->unknown_5);
1235 else
1236 return (-1);
1237 }
1238
1239 uint32 pdb_get_unknown6 (SAM_ACCOUNT *sampass)
1240 {
1241 if (sampass)
1242 return (sampass->unknown_6);
1243 else
1244 return (-1);
1245 }
1246
1247 /*********************************************************************
1248 Collection of set...() functions for SAM_ACCOUNT_INFO.
1249 ********************************************************************/
1250
1251 BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
1252 {
1253 if (!sampass)
1254 return False;
1255
1256 if (sampass) {
1257 sampass->acct_ctrl = flags;
1258 return True;
1259 }
1260
1261 return False;
1262 }
1263
1264 BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime)
1265 {
1266 if (!sampass)
1267 return False;
1268
1269 sampass->logon_time = mytime;
1270 return True;
1271 }
1272
1273 BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime)
1274 {
1275 if (!sampass)
1276 return False;
1277
1278 sampass->logoff_time = mytime;
1279 return True;
1280 }
1281
1282 BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime)
1283 {
1284 if (!sampass)
1285 return False;
1286
1287 sampass->kickoff_time = mytime;
1288 return True;
1289 }
1290
1291 BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime)
1292 {
1293 if (!sampass)
1294 return False;
1295
1296 sampass->pass_can_change_time = mytime;
1297 return True;
1298 }
1299
1300 BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime)
1301 {
1302 if (!sampass)
1303 return False;
1304
1305 sampass->pass_must_change_time = mytime;
1306 return True;
1307 }
1308
1309 BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime)
1310 {
1311 if (!sampass)
1312 return False;
1313
1314 sampass->pass_last_set_time = mytime;
1315 return True;
1316 }
1317
1318 BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len)
1319 {
1320 if (!sampass)
1321 return False;
1322
1323 sampass->hours_len = len;
1324 return True;
1325 }
1326
1327 BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours)
1328 {
1329 if (!sampass)
1330 return False;
1331
1332 sampass->logon_divs = hours;
1333 return True;
1334 }
1335
1336 BOOL pdb_set_init_flag (SAM_ACCOUNT *sampass, uint32 flag)
1337 {
1338 if (!sampass)
1339 return False;
1340
1341 sampass->init_flag |= flag;
1342
1343 return True;
1344 }
1345
1346 BOOL pdb_set_uid (SAM_ACCOUNT *sampass, uid_t uid)
1347 {
1348 if (!sampass)
1349 return False;
1350
1351 sampass->uid = uid;
1352 sampass->init_flag |= FLAG_SAM_UID;
1353
1354 return True;
1355 }
1356
1357 BOOL pdb_set_gid (SAM_ACCOUNT *sampass, gid_t gid)
1358 {
1359 if (!sampass)
1360 return False;
1361
1362 sampass->gid = gid;
1363 sampass->init_flag |= FLAG_SAM_GID;
1364
1365 return True;
1366 }
1367
1368 BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
1369 {
1370 if (!sampass)
1371 return False;
1372
1373 sampass->user_rid = rid;
1374 return True;
1375 }
1376
1377 BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
1378 {
1379 if (!sampass)
1380 return False;
1381
1382 sampass->group_rid = grid;
1383 return True;
1384 }
1385
1386 /*********************************************************************
1387 Set the user's UNIX name.
1388 ********************************************************************/
1389
1390 BOOL pdb_set_username(SAM_ACCOUNT *sampass, char *username)
1391 {
1392 if (!sampass)
1393 return False;
1394 *sampass->username = '\0';
1395 if (!username)
1396 return False;
1397
1398 StrnCpy (sampass->username, username, strlen(username));
1399
1400 return True;
1401 }
1402
1403 /*********************************************************************
1404 Set the domain name.
1405 ********************************************************************/
1406
1407 BOOL pdb_set_domain(SAM_ACCOUNT *sampass, char *domain)
1408 {
1409 if (!sampass)
1410 return False;
1411 *sampass->domain = '\0';
1412 if (!domain)
1413 return False;
1414
1415 StrnCpy (sampass->domain, domain, strlen(domain));
1416
1417 return True;
1418 }
1419
1420 /*********************************************************************
1421 Set the user's NT name.
1422 ********************************************************************/
1423
1424 BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, char *nt_username)
1425 {
1426 if (!sampass)
1427 return False;
1428 *sampass->nt_username = '\0';
1429 if (!nt_username)
1430 return False;
1431
1432 StrnCpy (sampass->nt_username, nt_username, strlen(nt_username));
1433
1434 return True;
1435 }
1436
1437 /*********************************************************************
1438 Set the user's full name.
1439 ********************************************************************/
1440
1441 BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, char *fullname)
1442 {
1443 if (!sampass)
1444 return False;
1445 *sampass->full_name = '\0';
1446 if (!fullname)
1447 return False;
1448
1449 StrnCpy (sampass->full_name, fullname, strlen(fullname));
1450
1451 return True;
1452 }
1453
1454 /*********************************************************************
1455 Set the user's logon script.
1456 ********************************************************************/
1457
1458 BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, char *logon_script, BOOL store)
1459 {
1460 if (!sampass)
1461 return False;
1462 *sampass->logon_script = '\0';
1463 if (!logon_script)
1464 return False;
1465
1466 StrnCpy (sampass->logon_script, logon_script, strlen(logon_script));
1467
1468 if (store)
1469 pdb_set_init_flag(sampass, FLAG_SAM_LOGONSCRIPT);
1470
1471 return True;
1472 }
1473
1474 /*********************************************************************
1475 Set the user's profile path.
1476 ********************************************************************/
1477
1478 BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, char *profile_path, BOOL store)
1479 {
1480 if (!sampass)
1481 return False;
1482 *sampass->profile_path = '\0';
1483 if (!profile_path)
1484 return False;
1485
1486 StrnCpy (sampass->profile_path, profile_path, strlen(profile_path));
1487
1488 if (store)
1489 pdb_set_init_flag(sampass, FLAG_SAM_PROFILE);
1490
1491 return True;
1492 }
1493
1494 /*********************************************************************
1495 Set the user's directory drive.
1496 ********************************************************************/
1497
1498 BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, char *dir_drive, BOOL store)
1499 {
1500 if (!sampass)
1501 return False;
1502 *sampass->dir_drive = '\0';
1503 if (!dir_drive)
1504 return False;
1505
1506 StrnCpy (sampass->dir_drive, dir_drive, strlen(dir_drive));
1507
1508 if (store)
1509 pdb_set_init_flag(sampass, FLAG_SAM_DRIVE);
1510
1511 return True;
1512 }
1513
1514 /*********************************************************************
1515 Set the user's home directory.
1516 ********************************************************************/
1517
1518 BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, char *homedir, BOOL store)
1519 {
1520 if (!sampass)
1521 return False;
1522 *sampass->home_dir = '\0';
1523 if (!homedir)
1524 return False;
1525
1526 StrnCpy (sampass->home_dir, homedir, strlen(homedir));
1527
1528 if (store)
1529 pdb_set_init_flag(sampass, FLAG_SAM_SMBHOME);
1530
1531 return True;
1532 }
1533
1534 /*********************************************************************
1535 Set the user's account description.
1536 ********************************************************************/
1537
1538 BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, char *acct_desc)
1539 {
1540 if (!sampass)
1541 return False;
1542 *sampass->acct_desc = '\0';
1543 if (!acct_desc)
1544 return False;
1545
1546 StrnCpy (sampass->acct_desc, acct_desc, strlen(acct_desc));
1547
1548 return True;
1549 }
1550
1551 /*********************************************************************
1552 Set the user's workstation allowed list.
1553 ********************************************************************/
1554
1555 BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, char *workstations)
1556 {
1557 if (!sampass)
1558 return False;
1559 *sampass->workstations = '\0';
1560 if (!workstations)
1561 return False;
1562
1563 StrnCpy (sampass->workstations, workstations, strlen(workstations));
1564
1565 return True;
1566 }
1567
1568 /*********************************************************************
1569 Set the user's dial string.
1570 ********************************************************************/
1571
1572 BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, char *munged_dial)
1573 {
1574 if (!sampass)
1575 return False;
1576 *sampass->munged_dial = '\0';
1577 if (!munged_dial)
1578 return False;
1579
1580 StrnCpy (sampass->munged_dial, munged_dial, strlen(munged_dial));
1581
1582 return True;
1583 }
1584
1585 /*********************************************************************
1586 Set the user's NT hash.
1587 ********************************************************************/
1588
1589 BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, uint8 *pwd)
1590 {
1591 if (!sampass)
1592 return False;
1593
1594 /* Remember to set the "last changed time". */
1595 pdb_set_pass_last_set_time(sampass, time(NULL));
1596
1597 if (!pwd) {
1598 /* Allow setting to NULL */
1599 SAFE_FREE(sampass->nt_pw);
1600 return True;
1601 }
1602
1603 if (sampass->nt_pw!=NULL)
1604 DEBUG(4,("pdb_set_nt_passwd: NT hash non NULL overwritting ?\n"));
1605 else
1606 sampass->nt_pw=(unsigned char *)malloc(sizeof(unsigned char)*16);
1607
1608 if (sampass->nt_pw==NULL)
1609 return False;
1610
1611 memcpy (sampass->nt_pw, pwd, 16);
1612
1613 return True;
1614 }
1615
1616 /*********************************************************************
1617 Set the user's LM hash.
1618 ********************************************************************/
1619
1620 BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, uint8 *pwd)
1621 {
1622 if (!sampass)
1623 return False;
1624
1625 /* Remember to set the "last changed time". */
1626 pdb_set_pass_last_set_time(sampass, time(NULL));
1627
1628 if (!pwd) {
1629 /* Allow setting to NULL */
1630 SAFE_FREE(sampass->lm_pw);
1631 return True;
1632 }
1633
1634 if (sampass->lm_pw!=NULL)
1635 DEBUG(4,("pdb_set_lanman_passwd: LM hash non NULL overwritting ?\n"));
1636 else
1637 sampass->lm_pw=(unsigned char *)malloc(sizeof(unsigned char)*16);
1638
1639 if (sampass->lm_pw==NULL)
1640 return False;
1641
1642 memcpy (sampass->lm_pw, pwd, 16);
1643
1644 return True;
1645 }
1646
1647 /*********************************************************************
1648 Set the user's PLAINTEXT password. Used as an interface to the above.
1649 ********************************************************************/
1650
1651 BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, char *plaintext)
1652 {
1653 uchar new_lanman_p16[16];
1654 uchar new_nt_p16[16];
1655
1656 if (!sampass || !plaintext)
1657 return False;
1658
1659 nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
1660
1661 if (!pdb_set_nt_passwd (sampass, new_nt_p16))
1662 return False;
1663
1664 if (!pdb_set_lanman_passwd (sampass, new_lanman_p16))
1665 return False;
1666
1667 return True;
1668 }
1669
1670 BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
1671 {
1672 if (!sampass)
1673 return False;
1674
1675 sampass->unknown_3 = unkn;
1676 return True;
1677 }
1678
1679 BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn)
1680 {
1681 if (!sampass)
1682 return False;
1683
1684 sampass->unknown_5 = unkn;
1685 return True;
1686 }
1687
1688 BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn)
1689 {
1690 if (!sampass)
1691 return False;
1692
1693 sampass->unknown_6 = unkn;
1694 return True;
1695 }
1696
1697 BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours)
1698 {
1699 if (!sampass)
1700 return False;
1701
1702 if (!hours) {
1703 memset ((char *)sampass->hours, 0, MAX_HOURS_LEN);
1704 return True;
1705 }
1706
1707 memcpy (sampass->hours, hours, MAX_HOURS_LEN);
1708
1709 return True;
1710 }
1711
1712 /***************************************************************************
1713 Search by uid. Wrapper around pdb_getsampwnam()
1714 **************************************************************************/
1715
1716 BOOL pdb_getsampwuid (SAM_ACCOUNT* user, uid_t uid)
1717 {
1718 struct passwd *pw;
1719 fstring name;
1720
1721 if (user==NULL) {
1722 DEBUG(0,("pdb_getsampwuid: SAM_ACCOUNT is NULL.\n"));
1723 return False;
1724 }
1725
1726 /*
1727 * Never trust the uid in the passdb. Lookup the username first
1728 * and then lokup the user by name in the sam.
1729 */
1730
1731 if ((pw=sys_getpwuid(uid)) == NULL) {
1732 DEBUG(0,("pdb_getsampwuid: getpwuid(%d) return NULL. User does not exist in Unix accounts!\n", uid));
1733 return False;
1734 }
1735
1736 fstrcpy (name, pw->pw_name);
1737
1738 return pdb_getsampwnam (user, name);
1739
1740 }
1741
Samba GIT mirror