source3/include/sam.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SAM structures
   4    Copyright (C) Kai Krueger 2002
   5    Copyright (C) Stefan (metze) Metzmacher 2002
   6    Copyright (C) Simo Sorce 2002
   7    Copyright (C) Andrew Bartlett 2002
   8    Copyright (C) Jelmer Vernooij 2002
   9
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 2 of the License, or
  13    (at your option) any later version.
  14
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19
  20    You should have received a copy of the GNU General Public License
  21    along with this program; if not, write to the Free Software
  22    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  23 */
  24
  25 #ifndef _SAM_H
  26 #define _SAM_H
  27
  28 /* We want to track down bugs early */
  29 #if 1
  30 #define SAM_ASSERT(x) SMB_ASSERT(x)
  31 #else
  32 #define SAM_ASSERT(x) while (0) { \
  33         if (!(x)) {
  34                 DEBUG(0, ("SAM_ASSERT failed!\n"))
  35                 return NT_STATUS_FAIL_CHECK;\
  36         } \
  37     }
  38 #endif
  39
  40
  41 /* let it be 0 until we have a stable interface --metze */
  42 #define SAM_INTERFACE_VERSION 0
  43
  44 /* use this inside a passdb module */
  45 #define SAM_MODULE_VERSIONING_MAGIC \
  46 int sam_version(void)\
  47 {\
  48         return SAM_INTERFACE_VERSION;\
  49 }
  50
  51 /* Backend to use by default when no backend was specified */
  52 #define SAM_DEFAULT_BACKEND "plugin"
  53
  54 typedef struct sam_domain_handle {
  55         TALLOC_CTX *mem_ctx;
  56         uint32 access_granted;
  57         const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
  58         void (*free_fn)(struct sam_domain_handle **);
  59         struct domain_data {
  60                 DOM_SID sid; /*SID of the domain. Should not be changed */
  61                 char *name; /* Name of the domain */
  62                 char *servername; /* */
  63                 NTTIME max_passwordage; /* time till next password expiration */
  64                 NTTIME min_passwordage; /* time till password can be changed again */
  65                 NTTIME lockout_duration; /* time till login is allowed again after lockout*/
  66                 NTTIME reset_count; /* time till bad login counter is reset */
  67                 uint16 min_passwordlength; /* minimum number of characters for a password */
  68                 uint16 password_history; /* number of passwords stored in history */
  69                 uint16 lockout_count; /* number of bad login attempts before lockout */
  70                 BOOL force_logoff; /* force logoff after logon hours have expired */
  71                 BOOL login_pwdchange; /* Users need to logon to change their password */
  72                 uint32 num_accounts; /* number of accounts in the domain */
  73                 uint32 num_groups; /* number of global groups */
  74                 uint32 num_aliases; /* number of local groups */
  75                 uint32 sam_sequence_number; /* global sequence number */
  76         } private;
  77 } SAM_DOMAIN_HANDLE;
  78
  79 typedef struct sam_account_handle {
  80         TALLOC_CTX *mem_ctx;
  81         uint32 access_granted;
  82         const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
  83         void (*free_fn)(struct sam_account_handle **);
  84         struct sam_account_data {
  85                 uint32 init_flag;
  86                 NTTIME logon_time; /* logon time */
  87                 NTTIME logoff_time; /* logoff time */
  88                 NTTIME kickoff_time; /* kickoff time */
  89                 NTTIME pass_last_set_time; /* password last set time */
  90                 NTTIME pass_can_change_time; /* password can change time */
  91                 NTTIME pass_must_change_time; /* password must change time */
  92                 char * account_name; /* account_name string */
  93                 SAM_DOMAIN_HANDLE * domain; /* domain of account */
  94                 char *full_name; /* account's full name string */
  95                 char *unix_home_dir; /* UNIX home directory string */
  96                 char *home_dir; /* home directory string */
  97                 char *dir_drive; /* home directory drive string */
  98                 char *logon_script; /* logon script string */
  99                 char *profile_path; /* profile path string */
 100                 char *acct_desc; /* account description string */
 101                 char *workstations; /* login from workstations string */
 102                 char *unknown_str; /* don't know what this is, yet. */
 103                 char *munged_dial; /* munged path name and dial-back tel number */
 104                 DOM_SID account_sid; /* Primary Account SID */
 105                 DOM_SID group_sid; /* Primary Group SID */
 106                 DATA_BLOB lm_pw; /* .data is Null if no password */
 107                 DATA_BLOB nt_pw; /* .data is Null if no password */
 108                 char *plaintext_pw; /* if Null not available */
 109                 uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
 110                 uint32 unknown_1; /* 0x00ff ffff */
 111                 uint16 logon_divs; /* 168 - number of hours in a week */
 112                 uint32 hours_len; /* normally 21 bytes */
 113                 uint8 hours[MAX_HOURS_LEN];
 114                 uint32 unknown_2; /* 0x0002 0000 */
 115                 uint32 unknown_3; /* 0x0000 04ec */
 116         } private;
 117 } SAM_ACCOUNT_HANDLE;
 118
 119 typedef struct sam_group_handle {
 120         TALLOC_CTX *mem_ctx;
 121         uint32 access_granted;
 122         const struct sam_methods *current_sam_methods; /* sam_methods creating this handle */
 123         void (*free_fn)(struct sam_group_handle **);
 124         struct sam_group_data {
 125                 char *group_name;
 126                 char *group_desc;
 127                 DOM_SID sid;
 128                 uint16 group_ctrl; /* specifies if the group is a local group or a global group */
 129                 uint32 num_members;
 130         } private;
 131 } SAM_GROUP_HANDLE;
 132
 133
 134 typedef struct sam_group_member {
 135         DOM_SID sid;
 136         BOOL group; /* specifies if it is a group or a account */
 137 } SAM_GROUP_MEMBER;
 138
 139 typedef struct sam_account_enum {
 140         DOM_SID sid;
 141         char *account_name;
 142         char *full_name;
 143         char *account_desc;
 144         uint16 acct_ctrl;
 145 } SAM_ACCOUNT_ENUM;
 146
 147 typedef struct sam_group_enum {
 148         DOM_SID sid;
 149         char *group_name;
 150         char *group_desc;
 151         uint16 group_ctrl;
 152 } SAM_GROUP_ENUM;
 153
 154
 155 /* bits for group_ctrl: to spezify if the group is global group or alias */
 156 #define GCB_LOCAL_GROUP         0x0001
 157 #define GCB_ALIAS_GROUP         (GCB_LOCAL_GROUP |GCB_BUILTIN)
 158 #define GCB_GLOBAL_GROUP        0x0002
 159 #define GCB_BUILTIN             0x1000
 160
 161 typedef struct sam_context
 162 {
 163         struct sam_methods *methods;
 164         TALLOC_CTX *mem_ctx;
 165
 166         void (*free_fn)(struct sam_context **);
 167 } SAM_CONTEXT;
 168
 169 typedef struct sam_methods
 170 {
 171         struct sam_context              *parent;
 172         struct sam_methods              *next;
 173         struct sam_methods              *prev;
 174         const char                      *backendname;
 175         const char                      *domain_name;
 176         DOM_SID                         domain_sid;
 177         void                            *private_data;
 178
 179         /* General API */
 180
 181         NTSTATUS (*sam_get_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd);
 182         NTSTATUS (*sam_set_sec_desc) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd);
 183
 184         NTSTATUS (*sam_lookup_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, TALLOC_CTX *mem_ctx, const DOM_SID *sid, char **name, uint32 *type);
 185         NTSTATUS (*sam_lookup_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const char *name, DOM_SID *sid, uint32 *type);
 186
 187         /* Domain API */
 188
 189         NTSTATUS (*sam_update_domain) (const struct sam_methods *, const SAM_DOMAIN_HANDLE *domain);
 190         NTSTATUS (*sam_get_domain_handle) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, SAM_DOMAIN_HANDLE **domain);
 191
 192         /* Account API */
 193
 194         NTSTATUS (*sam_create_account) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *account_name, uint16 acct_ctrl, SAM_ACCOUNT_HANDLE **account);
 195         NTSTATUS (*sam_add_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
 196         NTSTATUS (*sam_update_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
 197         NTSTATUS (*sam_delete_account) (const struct sam_methods *, const SAM_ACCOUNT_HANDLE *account);
 198         NTSTATUS (*sam_enum_accounts) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 acct_ctrl, uint32 *account_count, SAM_ACCOUNT_ENUM **accounts);
 199
 200         NTSTATUS (*sam_get_account_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *accountsid, SAM_ACCOUNT_HANDLE **account);
 201         NTSTATUS (*sam_get_account_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_ACCOUNT_HANDLE **account);
 202
 203         /* Group API */
 204
 205         NTSTATUS (*sam_create_group) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *group_name, uint16 group_ctrl, SAM_GROUP_HANDLE **group);
 206         NTSTATUS (*sam_add_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
 207         NTSTATUS (*sam_update_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
 208         NTSTATUS (*sam_delete_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group);
 209         NTSTATUS (*sam_enum_groups) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint16 group_ctrl, uint32 *groups_count, SAM_GROUP_ENUM **groups);
 210         NTSTATUS (*sam_get_group_by_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group);
 211         NTSTATUS (*sam_get_group_by_name) (const struct sam_methods *, const NT_USER_TOKEN *access_token, uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group);
 212
 213         NTSTATUS (*sam_add_member_to_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
 214         NTSTATUS (*sam_delete_member_from_group) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
 215         NTSTATUS (*sam_enum_groupmembers) (const struct sam_methods *, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members);
 216
 217         NTSTATUS (*sam_get_groups_of_sid) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID **sids, uint16 group_ctrl, uint32 *group_count, SAM_GROUP_ENUM **groups);
 218
 219         void (*free_private_data)(void **);
 220 } SAM_METHODS;
 221
 222 typedef NTSTATUS (*sam_init_function)(SAM_METHODS *, const char *);
 223
 224 struct sam_init_function_entry {
 225         char *module_name;
 226         /* Function to create a member of the sam_methods list */
 227         sam_init_function init;
 228 };
 229
 230 typedef struct sam_backend_entry {
 231         char    *module_name;
 232         char    *module_params;
 233         char    *domain_name;
 234         DOM_SID *domain_sid;
 235 } SAM_BACKEND_ENTRY;
 236
 237
 238 #endif /* _SAM_H */