search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
if we are adding a new sambaAccount, make sure that we add a
[Samba.git] / source / passdb / passdb.c
bloba79522d5e580bb97bfe2a1e9640b7f577191b83f
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 Password and authentication handling
5 Copyright (C) Jeremy Allison 1996-2001
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
7 Copyright (C) Gerald (Jerry) Carter 2000-2001
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 2 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24 #include "includes.h"
25
26 /*
27 * This is set on startup - it defines the SID for this
28 * machine, and therefore the SAM database for which it is
29 * responsible.
30 */
31
32 extern DOM_SID global_sam_sid;
33
34 struct passdb_ops *pdb_ops;
35
36 #if 0 /* JERRY */
37 static void* pdb_handle = NULL;
38 #endif
39
40 /***************************************************************
41 Initialize the password db operations.
42 ***************************************************************/
43
44 BOOL initialize_password_db(BOOL reload)
45 {
46 /*
47 * This function is unfinished right now, so just
48 * ignore the details and always return True. It
49 * is here only as a placeholder --jerry
50 */
51 return True;
52
53 }
54
55 /*************************************************************
56 Initialises a struct sam_disp_info.
57 **************************************************************/
58
59 static void pdb_init_dispinfo(struct sam_disp_info *user)
60 {
61 if (user == NULL)
62 return;
63 ZERO_STRUCTP(user);
64 }
65
66
67 /************************************************************
68 Fill the SAM_ACCOUNT with default values.
69 ***********************************************************/
70
71 static BOOL pdb_fill_default_sam(SAM_ACCOUNT *user)
72 {
73 if (user == NULL) {
74 DEBUG(0,("pdb_fill_default_sam: SAM_ACCOUNT was NULL\n"));
75 return False;
76 }
77
78 ZERO_STRUCTP(user);
79
80 user->init_flag = FLAG_SAM_UNINIT;
81 user->uid = user->gid = -1;
82 user->logon_time = (time_t)0;
83 user->pass_last_set_time = (time_t)0;
84 user->pass_can_change_time = (time_t)0;
85 user->logoff_time =
86 user->kickoff_time =
87 user->pass_must_change_time = get_time_t_max(); /* Password never expires. */
88
89 user->unknown_3 = 0x00ffffff; /* don't know */
90 user->logon_divs = 168; /* hours per week */
91 user->hours_len = 21; /* 21 times 8 bits = 168 */
92 memset(user->hours, 0xff, user->hours_len); /* available at all hours */
93 user->unknown_5 = 0x00000000; /* don't know */
94 user->unknown_6 = 0x000004ec; /* don't know */
95 return True;
96 }
97
98
99 /*************************************************************
100 Alloc memory and initialises a struct sam_passwd.
101 ************************************************************/
102
103 BOOL pdb_init_sam(SAM_ACCOUNT **user)
104 {
105 if (*user != NULL) {
106 DEBUG(0,("pdb_init_sam: SAM_ACCOUNT was non NULL\n"));
107 #if 0
108 smb_panic("NULL pointer passed to pdb_init_sam\n");
109 #endif
110 return False;
111 }
112
113 *user=(SAM_ACCOUNT *)malloc(sizeof(SAM_ACCOUNT));
114
115 if (*user==NULL) {
116 DEBUG(0,("pdb_init_sam: error while allocating memory\n"));
117 return False;
118 }
119
120 pdb_fill_default_sam(*user);
121
122 return True;
123 }
124
125
126 /*************************************************************
127 Initialises a struct sam_passwd with sane values.
128 ************************************************************/
129
130 BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, struct passwd *pwd)
131 {
132 if (!pwd) {
133 new_sam_acct = NULL;
134 return False;
135 }
136
137 if (!pdb_init_sam(new_sam_acct)) {
138 new_sam_acct = NULL;
139 return False;
140 }
141
142
143 pdb_set_username(*new_sam_acct, pwd->pw_name);
144 pdb_set_fullname(*new_sam_acct, pwd->pw_gecos);
145 pdb_set_uid(*new_sam_acct, pwd->pw_uid);
146 pdb_set_gid(*new_sam_acct, pwd->pw_gid);
147 pdb_set_profile_path(*new_sam_acct, lp_logon_path(), False);
148 pdb_set_homedir(*new_sam_acct, lp_logon_home(), False);
149 pdb_set_dir_drive(*new_sam_acct, lp_logon_drive(), False);
150 pdb_set_logon_script(*new_sam_acct, lp_logon_script(), False);
151 return True;
152 }
153
154
155 /************************************************************
156 Free the NT/LM hashes only.
157 ***********************************************************/
158
159 static BOOL pdb_free_sam_contents(SAM_ACCOUNT *user)
160 {
161 if (user == NULL) {
162 DEBUG(0,("pdb_free_sam_contents: SAM_ACCOUNT was NULL\n"));
163 #if 0
164 smb_panic("NULL pointer passed to pdb_free_sam\n");
165 #endif
166 return False;
167 }
168
169 /* As we start mallocing more strings this is where
170 we should free them. */
171
172 SAFE_FREE(user->nt_pw);
173 SAFE_FREE(user->lm_pw);
174
175 return True;
176 }
177
178
179 /************************************************************
180 Reset the SAM_ACCOUNT and free the NT/LM hashes.
181 - note: they are not zero'ed out however.
182 ***********************************************************/
183
184 BOOL pdb_reset_sam(SAM_ACCOUNT *user)
185 {
186 if (user == NULL) {
187 DEBUG(0,("pdb_reset_sam: SAM_ACCOUNT was NULL\n"));
188 return False;
189 }
190
191 if (!pdb_free_sam_contents(user)) {
192 return False;
193 }
194
195 if (!pdb_fill_default_sam(user)) {
196 return False;
197 }
198
199 return True;
200 }
201
202
203 /************************************************************
204 Free the SAM_ACCOUNT and the NT/LM hashes.
205 ***********************************************************/
206
207 BOOL pdb_free_sam(SAM_ACCOUNT *user)
208 {
209 if (user == NULL) {
210 DEBUG(0,("pdb_free_sam: SAM_ACCOUNT was NULL\n"));
211 #if 0
212 smb_panic("NULL pointer passed to pdb_free_sam\n");
213 #endif
214 return False;
215 }
216
217 if (!pdb_free_sam_contents(user)) {
218 return False;
219 }
220
221 SAFE_FREE(user);
222
223 return True;
224 }
225
226
227 /*************************************************************************
228 Routine to return the next entry in the sam passwd list.
229 *************************************************************************/
230
231 struct sam_disp_info *pdb_sam_to_dispinfo(SAM_ACCOUNT *user)
232 {
233 static struct sam_disp_info disp_info;
234
235 if (user == NULL)
236 return NULL;
237
238 pdb_init_dispinfo(&disp_info);
239
240 disp_info.smb_name = user->username;
241 disp_info.full_name = user->full_name;
242 disp_info.user_rid = user->user_rid;
243
244 return &disp_info;
245 }
246
247 /**********************************************************
248 Encode the account control bits into a string.
249 length = length of string to encode into (including terminating
250 null). length *MUST BE MORE THAN 2* !
251 **********************************************************/
252
253 char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
254 {
255 static fstring acct_str;
256 size_t i = 0;
257
258 acct_str[i++] = '[';
259
260 if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
261 if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
262 if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
263 if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
264 if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
265 if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
266 if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
267 if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
268 if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
269 if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
270 if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
271
272 for ( ; i < length - 2 ; i++ )
273 acct_str[i] = ' ';
274
275 i = length - 2;
276 acct_str[i++] = ']';
277 acct_str[i++] = '\0';
278
279 return acct_str;
280 }
281
282 /**********************************************************
283 Decode the account control bits from a string.
284 **********************************************************/
285
286 uint16 pdb_decode_acct_ctrl(const char *p)
287 {
288 uint16 acct_ctrl = 0;
289 BOOL finished = False;
290
291 /*
292 * Check if the account type bits have been encoded after the
293 * NT password (in the form [NDHTUWSLXI]).
294 */
295
296 if (*p != '[')
297 return 0;
298
299 for (p++; *p && !finished; p++) {
300 switch (*p) {
301 case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
302 case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
303 case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
304 case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
305 case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
306 case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
307 case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
308 case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
309 case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
310 case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
311 case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
312 case ' ': { break; }
313 case ':':
314 case '\n':
315 case '\0':
316 case ']':
317 default: { finished = True; }
318 }
319 }
320
321 return acct_ctrl;
322 }
323
324 /*************************************************************
325 Routine to set 32 hex password characters from a 16 byte array.
326 **************************************************************/
327
328 void pdb_sethexpwd(char *p, unsigned char *pwd, uint16 acct_ctrl)
329 {
330 if (pwd != NULL) {
331 int i;
332 for (i = 0; i < 16; i++)
333 slprintf(&p[i*2], 3, "%02X", pwd[i]);
334 } else {
335 if (acct_ctrl & ACB_PWNOTREQ)
336 safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
337 else
338 safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
339 }
340 }
341
342 /*************************************************************
343 Routine to get the 32 hex characters and turn them
344 into a 16 byte array.
345 **************************************************************/
346
347 BOOL pdb_gethexpwd(char *p, unsigned char *pwd)
348 {
349 int i;
350 unsigned char lonybble, hinybble;
351 char *hexchars = "0123456789ABCDEF";
352 char *p1, *p2;
353
354 if (!p)
355 return (False);
356
357 for (i = 0; i < 32; i += 2) {
358 hinybble = toupper(p[i]);
359 lonybble = toupper(p[i + 1]);
360
361 p1 = strchr(hexchars, hinybble);
362 p2 = strchr(hexchars, lonybble);
363
364 if (!p1 || !p2)
365 return (False);
366
367 hinybble = PTR_DIFF(p1, hexchars);
368 lonybble = PTR_DIFF(p2, hexchars);
369
370 pwd[i / 2] = (hinybble << 4) | lonybble;
371 }
372 return (True);
373 }
374
375 /*******************************************************************
376 Group and User RID username mapping function
377 ********************************************************************/
378
379 BOOL pdb_name_to_rid(char *user_name, uint32 *u_rid, uint32 *g_rid)
380 {
381 struct passwd *pw = Get_Pwnam(user_name, False);
382
383 if (u_rid == NULL || g_rid == NULL || user_name == NULL)
384 return False;
385
386 if (!pw) {
387 DEBUG(1,("Username %s is invalid on this system\n", user_name));
388 return False;
389 }
390
391 /* turn the unix UID into a Domain RID. this is what the posix
392 sub-system does (adds 1000 to the uid) */
393 *u_rid = pdb_uid_to_user_rid(pw->pw_uid);
394
395 /* absolutely no idea what to do about the unix GID to Domain RID mapping */
396 *g_rid = pdb_gid_to_group_rid(pw->pw_gid);
397
398 return True;
399 }
400
401 /*******************************************************************
402 Converts NT user RID to a UNIX uid.
403 ********************************************************************/
404
405 uid_t pdb_user_rid_to_uid(uint32 user_rid)
406 {
407 return (uid_t)(((user_rid & (~USER_RID_TYPE))- 1000)/RID_MULTIPLIER);
408 }
409
410 /*******************************************************************
411 Converts NT user RID to a UNIX gid.
412 ********************************************************************/
413
414 gid_t pdb_user_rid_to_gid(uint32 user_rid)
415 {
416 return (uid_t)(((user_rid & (~GROUP_RID_TYPE))- 1000)/RID_MULTIPLIER);
417 }
418
419 /*******************************************************************
420 converts UNIX uid to an NT User RID.
421 ********************************************************************/
422
423 uint32 pdb_uid_to_user_rid(uid_t uid)
424 {
425 return (((((uint32)uid)*RID_MULTIPLIER) + 1000) | USER_RID_TYPE);
426 }
427
428 /*******************************************************************
429 converts NT Group RID to a UNIX uid.
430 ********************************************************************/
431
432 uint32 pdb_gid_to_group_rid(gid_t gid)
433 {
434 return (((((uint32)gid)*RID_MULTIPLIER) + 1000) | GROUP_RID_TYPE);
435 }
436
437 /*******************************************************************
438 Decides if a RID is a well known RID.
439 ********************************************************************/
440
441 static BOOL pdb_rid_is_well_known(uint32 rid)
442 {
443 return (rid < 1000);
444 }
445
446 /*******************************************************************
447 Decides if a RID is a user or group RID.
448 ********************************************************************/
449
450 BOOL pdb_rid_is_user(uint32 rid)
451 {
452 /* lkcl i understand that NT attaches an enumeration to a RID
453 * such that it can be identified as either a user, group etc
454 * type. there are 5 such categories, and they are documented.
455 */
456 if(pdb_rid_is_well_known(rid)) {
457 /*
458 * The only well known user RIDs are DOMAIN_USER_RID_ADMIN
459 * and DOMAIN_USER_RID_GUEST.
460 */
461 if(rid == DOMAIN_USER_RID_ADMIN || rid == DOMAIN_USER_RID_GUEST)
462 return True;
463 } else if((rid & RID_TYPE_MASK) == USER_RID_TYPE) {
464 return True;
465 }
466 return False;
467 }
468
469 /*******************************************************************
470 Convert a rid into a name. Used in the lookup SID rpc.
471 ********************************************************************/
472
473 BOOL local_lookup_rid(uint32 rid, char *name, enum SID_NAME_USE *psid_name_use)
474 {
475 BOOL is_user = pdb_rid_is_user(rid);
476
477 *psid_name_use = SID_NAME_UNKNOWN;
478
479 DEBUG(5,("local_lookup_rid: looking up %s RID %u.\n", is_user ? "user" :
480 "group", (unsigned int)rid));
481
482 if(is_user) {
483 if(rid == DOMAIN_USER_RID_ADMIN) {
484 char *p = lp_admin_users(-1);
485 *psid_name_use = SID_NAME_USER;
486 if(!next_token(&p, name, NULL, sizeof(fstring)))
487 fstrcpy(name, "Administrator");
488 } else if (rid == DOMAIN_USER_RID_GUEST) {
489 char *p = lp_guestaccount(-1);
490 *psid_name_use = SID_NAME_USER;
491 if(!next_token(&p, name, NULL, sizeof(fstring)))
492 fstrcpy(name, "Guest");
493 } else {
494 uid_t uid;
495 struct passwd *pass;
496
497 /*
498 * Don't try to convert the rid to a name if
499 * running in appliance mode
500 */
501 if (lp_hide_local_users())
502 return False;
503
504 uid = pdb_user_rid_to_uid(rid);
505 pass = sys_getpwuid(uid);
506
507 *psid_name_use = SID_NAME_USER;
508
509 DEBUG(5,("local_lookup_rid: looking up uid %u %s\n", (unsigned int)uid,
510 pass ? "succeeded" : "failed" ));
511
512 if(!pass) {
513 slprintf(name, sizeof(fstring)-1, "unix_user.%u", (unsigned int)uid);
514 return True;
515 }
516
517 fstrcpy(name, pass->pw_name);
518
519 DEBUG(5,("local_lookup_rid: found user %s for rid %u\n", name,
520 (unsigned int)rid ));
521 }
522
523 } else {
524 gid_t gid;
525 struct group *gr;
526
527 /*
528 * Don't try to convert the rid to a name if running
529 * in appliance mode
530 */
531
532 if (lp_hide_local_users())
533 return False;
534
535 gid = pdb_user_rid_to_gid(rid);
536 gr = getgrgid(gid);
537
538 *psid_name_use = SID_NAME_ALIAS;
539
540 DEBUG(5,("local_local_rid: looking up gid %u %s\n", (unsigned int)gid,
541 gr ? "succeeded" : "failed" ));
542
543 if(!gr) {
544 switch (rid) {
545 case DOMAIN_GROUP_RID_ADMINS:
546 fstrcpy(name, "Domain Admins");
547 return True;
548 case DOMAIN_GROUP_RID_USERS:
549 fstrcpy(name, "Domain Users");
550 return True;
551 case DOMAIN_GROUP_RID_GUESTS:
552 fstrcpy(name, "Domain Guests");
553 return True;
554 case BUILTIN_ALIAS_RID_USERS:
555 fstrcpy(name, "Users");
556 return True;
557 }
558 slprintf(name, sizeof(fstring)-1, "unix_group.%u", (unsigned int)gid);
559 return True;
560 }
561
562 fstrcpy( name, gr->gr_name);
563
564 DEBUG(5,("local_lookup_rid: found group %s for rid %u\n", name,
565 (unsigned int)rid ));
566 }
567
568 return True;
569 }
570
571 /*******************************************************************
572 Convert a name into a SID. Used in the lookup name rpc.
573 ********************************************************************/
574
575 BOOL local_lookup_name(const char *c_domain, const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psid_name_use)
576 {
577 extern DOM_SID global_sid_World_Domain;
578 struct passwd *pass = NULL;
579 DOM_SID local_sid;
580 fstring user;
581 fstring domain;
582
583 *psid_name_use = SID_NAME_UNKNOWN;
584
585 /*
586 * domain and user may be quoted const strings, and map_username and
587 * friends can modify them. Make a modifiable copy. JRA.
588 */
589
590 fstrcpy(domain, c_domain);
591 fstrcpy(user, c_user);
592
593 sid_copy(&local_sid, &global_sam_sid);
594
595 /*
596 * Special case for MACHINE\Everyone. Map to the world_sid.
597 */
598
599 if(strequal(user, "Everyone")) {
600 sid_copy( psid, &global_sid_World_Domain);
601 sid_append_rid(psid, 0);
602 *psid_name_use = SID_NAME_ALIAS;
603 return True;
604 }
605
606 /*
607 * Don't lookup local unix users if running in appliance mode
608 */
609 if (lp_hide_local_users())
610 return False;
611
612 (void)map_username(user);
613
614 if((pass = Get_Pwnam(user, False))) {
615 sid_append_rid( &local_sid, pdb_uid_to_user_rid(pass->pw_uid));
616 *psid_name_use = SID_NAME_USER;
617 } else {
618 /*
619 * Maybe it was a group ?
620 */
621 struct group *grp = getgrnam(user);
622
623 if(!grp)
624 return False;
625
626 sid_append_rid( &local_sid, pdb_gid_to_group_rid(grp->gr_gid));
627 *psid_name_use = SID_NAME_ALIAS;
628 }
629
630 sid_copy( psid, &local_sid);
631
632 return True;
633 }
634
635 /****************************************************************************
636 Convert a uid to SID - locally.
637 ****************************************************************************/
638
639 DOM_SID *local_uid_to_sid(DOM_SID *psid, uid_t uid)
640 {
641 extern DOM_SID global_sam_sid;
642
643 sid_copy(psid, &global_sam_sid);
644 sid_append_rid(psid, pdb_uid_to_user_rid(uid));
645
646 return psid;
647 }
648
649 /****************************************************************************
650 Convert a SID to uid - locally.
651 ****************************************************************************/
652
653 BOOL local_sid_to_uid(uid_t *puid, DOM_SID *psid, enum SID_NAME_USE *name_type)
654 {
655 extern DOM_SID global_sam_sid;
656
657 DOM_SID dom_sid;
658 uint32 rid;
659 fstring str;
660 struct passwd *pass;
661
662 *name_type = SID_NAME_UNKNOWN;
663
664 sid_copy(&dom_sid, psid);
665 sid_split_rid(&dom_sid, &rid);
666
667 if (!pdb_rid_is_user(rid))
668 return False;
669
670 /*
671 * We can only convert to a uid if this is our local
672 * Domain SID (ie. we are the controling authority).
673 */
674 if (!sid_equal(&global_sam_sid, &dom_sid))
675 return False;
676
677 *puid = pdb_user_rid_to_uid(rid);
678
679 /*
680 * Ensure this uid really does exist.
681 */
682 if(!(pass = sys_getpwuid(*puid)))
683 return False;
684
685 DEBUG(10,("local_sid_to_uid: SID %s -> uid (%u) (%s).\n", sid_to_string( str, psid),
686 (unsigned int)*puid, pass->pw_name ));
687
688 *name_type = SID_NAME_USER;
689 return True;
690 }
691
692 /****************************************************************************
693 Convert a gid to SID - locally.
694 ****************************************************************************/
695
696 DOM_SID *local_gid_to_sid(DOM_SID *psid, gid_t gid)
697 {
698 extern DOM_SID global_sam_sid;
699
700 sid_copy(psid, &global_sam_sid);
701 sid_append_rid(psid, pdb_gid_to_group_rid(gid));
702
703 return psid;
704 }
705
706 /****************************************************************************
707 Convert a SID to gid - locally.
708 ****************************************************************************/
709
710 BOOL local_sid_to_gid(gid_t *pgid, DOM_SID *psid, enum SID_NAME_USE *name_type)
711 {
712 extern DOM_SID global_sam_sid;
713 DOM_SID dom_sid;
714 uint32 rid;
715 fstring str;
716 struct group *grp;
717
718 *name_type = SID_NAME_UNKNOWN;
719
720 sid_copy(&dom_sid, psid);
721 sid_split_rid(&dom_sid, &rid);
722
723 /*
724 * We can only convert to a gid if this is our local
725 * Domain SID (ie. we are the controling authority).
726 */
727
728 if (!sid_equal(&global_sam_sid, &dom_sid))
729 return False;
730
731 if (pdb_rid_is_user(rid))
732 return False;
733
734 *pgid = pdb_user_rid_to_gid(rid);
735
736 /*
737 * Ensure this gid really does exist.
738 */
739
740 if(!(grp = getgrgid(*pgid)))
741 return False;
742
743 *name_type = SID_NAME_ALIAS;
744
745 DEBUG(10,("local_sid_to_gid: SID %s -> gid (%u) (%s).\n", sid_to_string( str, psid),
746 (unsigned int)*pgid, grp->gr_name ));
747
748 return True;
749 }
750
751 static void select_name(pstring string, const UNISTR2 *from)
752 {
753 if (from->buffer != 0)
754 unistr2_to_dos(string, from, sizeof(pstring));
755 }
756
757 /*************************************************************
758 Copies a SAM_USER_INFO_23 to a SAM_ACCOUNT
759 **************************************************************/
760
761 void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from)
762 {
763
764 if (from == NULL || to == NULL)
765 return;
766
767 to->logon_time = nt_time_to_unix(&from->logon_time);
768 to->logoff_time = nt_time_to_unix(&from->logoff_time);
769 to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
770 to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
771 to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
772 to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
773
774 select_name(to->username , &from->uni_user_name );
775 select_name(to->full_name , &from->uni_full_name );
776 select_name(to->home_dir , &from->uni_home_dir );
777 select_name(to->dir_drive , &from->uni_dir_drive );
778 select_name(to->logon_script, &from->uni_logon_script);
779 select_name(to->profile_path, &from->uni_profile_path);
780 select_name(to->acct_desc , &from->uni_acct_desc );
781 select_name(to->workstations, &from->uni_workstations);
782 select_name(to->unknown_str , &from->uni_unknown_str );
783 select_name(to->munged_dial , &from->uni_munged_dial );
784
785 to->user_rid = from->user_rid;
786 to->group_rid = from->group_rid;
787
788 to->acct_ctrl = from->acb_info;
789 to->unknown_3 = from->unknown_3;
790
791 to->logon_divs = from->logon_divs;
792 to->hours_len = from->logon_hrs.len;
793 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
794
795 to->unknown_5 = from->unknown_5;
796 to->unknown_6 = from->unknown_6;
797 }
798
799 /*************************************************************
800 Copies a sam passwd.
801 **************************************************************/
802
803 void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from)
804 {
805 if (from == NULL || to == NULL)
806 return;
807
808 to->logon_time = nt_time_to_unix(&from->logon_time);
809 to->logoff_time = nt_time_to_unix(&from->logoff_time);
810 to->kickoff_time = nt_time_to_unix(&from->kickoff_time);
811 to->pass_last_set_time = nt_time_to_unix(&from->pass_last_set_time);
812 to->pass_can_change_time = nt_time_to_unix(&from->pass_can_change_time);
813 to->pass_must_change_time = nt_time_to_unix(&from->pass_must_change_time);
814
815 select_name(to->username , &from->uni_user_name );
816 select_name(to->full_name , &from->uni_full_name );
817 select_name(to->home_dir , &from->uni_home_dir );
818 select_name(to->dir_drive , &from->uni_dir_drive );
819 select_name(to->logon_script, &from->uni_logon_script);
820 select_name(to->profile_path, &from->uni_profile_path);
821 select_name(to->acct_desc , &from->uni_acct_desc );
822 select_name(to->workstations, &from->uni_workstations);
823 select_name(to->unknown_str , &from->uni_unknown_str );
824 select_name(to->munged_dial , &from->uni_munged_dial );
825
826 to->user_rid = from->user_rid;
827 to->group_rid = from->group_rid;
828
829 /* FIXME!! Do we need to copy the passwords here as well?
830 I don't know. Need to figure this out --jerry */
831
832 to->acct_ctrl = from->acb_info;
833 to->unknown_3 = from->unknown_3;
834
835 to->logon_divs = from->logon_divs;
836 to->hours_len = from->logon_hrs.len;
837 memcpy(to->hours, from->logon_hrs.hours, MAX_HOURS_LEN);
838
839 to->unknown_5 = from->unknown_5;
840 to->unknown_6 = from->unknown_6;
841 }
842
843 #if 0 /* JERRY */
844 /*************************************************************
845 Copies a SAM_ACCOUNT.
846 FIXME!!!! This is broken as SAM_ACCOUNT contains two
847 pointers. --jerry
848 **************************************************************/
849
850 void copy_sam_passwd(SAM_ACCOUNT *to, const SAM_ACCOUNT *from)
851 {
852 if (!from || !to)
853 return;
854
855 memcpy(to, from, sizeof(SAM_ACCOUNT));
856
857
858 }
859 #endif
860
861 /*************************************************************
862 Change a password entry in the local smbpasswd file.
863
864 FIXME!! The function needs to be abstracted into the
865 passdb interface or something. It is currently being called
866 by _api_samr_create_user() in rpc_server/srv_samr.c
867
868 --jerry
869 *************************************************************/
870
871 BOOL local_password_change(char *user_name, int local_flags,
872 char *new_passwd,
873 char *err_str, size_t err_str_len,
874 char *msg_str, size_t msg_str_len)
875 {
876 struct passwd *pwd = NULL;
877 SAM_ACCOUNT *sam_pass=NULL;
878
879 *err_str = '\0';
880 *msg_str = '\0';
881
882 if (local_flags & LOCAL_ADD_USER) {
883
884 /*
885 * Check for a local account - if we're adding only.
886 */
887
888 if(!(pwd = sys_getpwnam(user_name))) {
889 slprintf(err_str, err_str_len - 1, "User %s does not \
890 exist in system password file (usually /etc/passwd). Cannot add \
891 account without a valid local system user.\n", user_name);
892 return False;
893 }
894 }
895
896 /* Get the smb passwd entry for this user */
897 pdb_init_sam(&sam_pass);
898 if(local_flags & LOCAL_DELETE_USER) {
899 if (!pdb_delete_sam_account(user_name)) {
900 slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
901 pdb_free_sam(sam_pass);
902 return False;
903 }
904 slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
905 pdb_free_sam(sam_pass);
906 return True;
907 }
908 if(!pdb_getsampwnam(sam_pass, user_name)) {
909 pdb_free_sam(sam_pass);
910
911 if(!(local_flags & LOCAL_ADD_USER)) {
912 slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
913 return False;
914 }
915
916 sam_pass = NULL;
917 if (!pdb_init_sam_pw(&sam_pass, sys_getpwnam(user_name))) {
918 return False;
919 }
920
921 /* Set account flags. Note that the default is non-expiring accounts */
922 pdb_set_acct_ctrl(sam_pass,(local_flags & LOCAL_TRUST_ACCOUNT) ? ACB_WSTRUST : ACB_NORMAL|ACB_PWNOEXP);
923
924 if (local_flags & LOCAL_DISABLE_USER)
925 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED);
926
927 if (local_flags & LOCAL_SET_NO_PASSWORD) {
928 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
929 } else {
930 /* set the passwords here. if we get to here it means
931 we have a valid, active account */
932 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
933 pdb_free_sam(sam_pass);
934 return False;
935 }
936 }
937
938 /* Remember to set the "last changed time". */
939 pdb_set_pass_last_set_time(sam_pass, time(NULL));
940
941 if (pdb_add_sam_account(sam_pass)) {
942 slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
943 pdb_free_sam(sam_pass);
944 return True;
945 } else {
946 slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
947 pdb_free_sam(sam_pass);
948 return False;
949 }
950 } else {
951 /* the entry already existed */
952 local_flags &= ~LOCAL_ADD_USER;
953 slprintf(msg_str, msg_str_len-1, "Password changed for user %s.\n", user_name );
954 }
955
956 /*
957 * We are root - just write the new password
958 * and the valid last change time.
959 */
960
961 if(local_flags & LOCAL_DISABLE_USER) {
962 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_DISABLED);
963 } else if (local_flags & LOCAL_ENABLE_USER) {
964 if(pdb_get_lanman_passwd(sam_pass) == NULL) {
965 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
966 pdb_free_sam(sam_pass);
967 return False;
968 }
969 }
970 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
971 } else if (local_flags & LOCAL_SET_NO_PASSWORD) {
972 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
973 /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
974 if (!pdb_set_lanman_passwd (sam_pass, NULL)) {
975 pdb_free_sam(sam_pass);
976 return False;
977 }
978 if (!pdb_set_nt_passwd(sam_pass, NULL)) {
979 pdb_free_sam(sam_pass);
980 return False;
981 }
982 } else {
983 /*
984 * If we're dealing with setting a completely empty user account
985 * ie. One with a password of 'XXXX', but not set disabled (like
986 * an account created from scratch) then if the old password was
987 * 'XX's then getsmbpwent will have set the ACB_DISABLED flag.
988 * We remove that as we're giving this user their first password
989 * and the decision hasn't really been made to disable them (ie.
990 * don't create them disabled). JRA.
991 */
992 if ((pdb_get_lanman_passwd(sam_pass)==NULL) && (pdb_get_acct_ctrl(sam_pass)&ACB_DISABLED))
993 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
994 pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_PWNOTREQ));
995 if (!pdb_set_plaintext_passwd (sam_pass, new_passwd)) {
996 pdb_free_sam(sam_pass);
997 return False;
998 }
999 }
1000
1001 if(!pdb_update_sam_account(sam_pass, True)) {
1002 slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
1003 pdb_free_sam(sam_pass);
1004 return False;
1005 }
1006 if(local_flags & LOCAL_DISABLE_USER)
1007 slprintf(msg_str, msg_str_len-1, "Disabled user %s.\n", user_name);
1008 else if (local_flags & LOCAL_ENABLE_USER)
1009 slprintf(msg_str, msg_str_len-1, "Enabled user %s.\n", user_name);
1010 else if (local_flags & LOCAL_SET_NO_PASSWORD)
1011 slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
1012
1013 pdb_free_sam(sam_pass);
1014 return True;
1015 }
1016
1017 /*********************************************************************
1018 Collection of get...() functions for SAM_ACCOUNT_INFO.
1019 ********************************************************************/
1020
1021 uint16 pdb_get_acct_ctrl (SAM_ACCOUNT *sampass)
1022 {
1023 if (sampass)
1024 return (sampass->acct_ctrl);
1025 else
1026 return (ACB_DISABLED);
1027 }
1028
1029 time_t pdb_get_logon_time (SAM_ACCOUNT *sampass)
1030 {
1031 if (sampass)
1032 return (sampass->logon_time);
1033 else
1034 return (0);
1035 }
1036
1037 time_t pdb_get_logoff_time (SAM_ACCOUNT *sampass)
1038 {
1039 if (sampass)
1040 return (sampass->logoff_time);
1041 else
1042 return (-1);
1043 }
1044
1045 time_t pdb_get_kickoff_time (SAM_ACCOUNT *sampass)
1046 {
1047 if (sampass)
1048 return (sampass->kickoff_time);
1049 else
1050 return (-1);
1051 }
1052
1053 time_t pdb_get_pass_last_set_time (SAM_ACCOUNT *sampass)
1054 {
1055 if (sampass)
1056 return (sampass->pass_last_set_time);
1057 else
1058 return (-1);
1059 }
1060
1061 time_t pdb_get_pass_can_change_time (SAM_ACCOUNT *sampass)
1062 {
1063 if (sampass)
1064 return (sampass->pass_can_change_time);
1065 else
1066 return (-1);
1067 }
1068
1069 time_t pdb_get_pass_must_change_time (SAM_ACCOUNT *sampass)
1070 {
1071 if (sampass)
1072 return (sampass->pass_must_change_time);
1073 else
1074 return (-1);
1075 }
1076
1077 uint16 pdb_get_logon_divs (SAM_ACCOUNT *sampass)
1078 {
1079 if (sampass)
1080 return (sampass->logon_divs);
1081 else
1082 return (-1);
1083 }
1084
1085 uint32 pdb_get_hours_len (SAM_ACCOUNT *sampass)
1086 {
1087 if (sampass)
1088 return (sampass->hours_len);
1089 else
1090 return (-1);
1091 }
1092
1093 uint8* pdb_get_hours (SAM_ACCOUNT *sampass)
1094 {
1095 if (sampass)
1096 return (sampass->hours);
1097 else
1098 return (NULL);
1099 }
1100
1101 uint8* pdb_get_nt_passwd (SAM_ACCOUNT *sampass)
1102 {
1103 if (sampass)
1104 return (sampass->nt_pw);
1105 else
1106 return (NULL);
1107 }
1108
1109 uint8* pdb_get_lanman_passwd (SAM_ACCOUNT *sampass)
1110 {
1111 if (sampass)
1112 return (sampass->lm_pw);
1113 else
1114 return (NULL);
1115 }
1116
1117 uint32 pdb_get_user_rid (SAM_ACCOUNT *sampass)
1118 {
1119 if (sampass)
1120 return (sampass->user_rid);
1121 else
1122 return (-1);
1123 }
1124
1125 uint32 pdb_get_group_rid (SAM_ACCOUNT *sampass)
1126 {
1127 if (sampass)
1128 return (sampass->group_rid);
1129 else
1130 return (-1);
1131 }
1132
1133 uid_t pdb_get_uid (SAM_ACCOUNT *sampass)
1134 {
1135 if (sampass)
1136 return (sampass->uid);
1137 else
1138 return ((uid_t)-1);
1139 }
1140
1141 gid_t pdb_get_gid (SAM_ACCOUNT *sampass)
1142 {
1143 if (sampass)
1144 return (sampass->gid);
1145 else
1146 return ((gid_t)-1);
1147 }
1148
1149 char* pdb_get_username (SAM_ACCOUNT *sampass)
1150 {
1151 if (sampass)
1152 return (sampass->username);
1153 else
1154 return (NULL);
1155 }
1156
1157 char* pdb_get_domain (SAM_ACCOUNT *sampass)
1158 {
1159 if (sampass)
1160 return (sampass->domain);
1161 else
1162 return (NULL);
1163 }
1164
1165 char* pdb_get_nt_username (SAM_ACCOUNT *sampass)
1166 {
1167 if (sampass)
1168 return (sampass->nt_username);
1169 else
1170 return (NULL);
1171 }
1172
1173 char* pdb_get_fullname (SAM_ACCOUNT *sampass)
1174 {
1175 if (sampass)
1176 return (sampass->full_name);
1177 else
1178 return (NULL);
1179 }
1180
1181 char* pdb_get_homedir (SAM_ACCOUNT *sampass)
1182 {
1183 if (sampass)
1184 return (sampass->home_dir);
1185 else
1186 return (NULL);
1187 }
1188
1189 char* pdb_get_dirdrive (SAM_ACCOUNT *sampass)
1190 {
1191 if (sampass)
1192 return (sampass->dir_drive);
1193 else
1194 return (NULL);
1195 }
1196
1197 char* pdb_get_logon_script (SAM_ACCOUNT *sampass)
1198 {
1199 if (sampass)
1200 return (sampass->logon_script);
1201 else
1202 return (NULL);
1203 }
1204
1205 char* pdb_get_profile_path (SAM_ACCOUNT *sampass)
1206 {
1207 if (sampass)
1208 return (sampass->profile_path);
1209 else
1210 return (NULL);
1211 }
1212
1213 char* pdb_get_acct_desc (SAM_ACCOUNT *sampass)
1214 {
1215 if (sampass)
1216 return (sampass->acct_desc);
1217 else
1218 return (NULL);
1219 }
1220
1221 char* pdb_get_workstations (SAM_ACCOUNT *sampass)
1222 {
1223 if (sampass)
1224 return (sampass->workstations);
1225 else
1226 return (NULL);
1227 }
1228
1229 char* pdb_get_munged_dial (SAM_ACCOUNT *sampass)
1230 {
1231 if (sampass)
1232 return (sampass->munged_dial);
1233 else
1234 return (NULL);
1235 }
1236
1237 uint32 pdb_get_unknown3 (SAM_ACCOUNT *sampass)
1238 {
1239 if (sampass)
1240 return (sampass->unknown_3);
1241 else
1242 return (-1);
1243 }
1244
1245 uint32 pdb_get_unknown5 (SAM_ACCOUNT *sampass)
1246 {
1247 if (sampass)
1248 return (sampass->unknown_5);
1249 else
1250 return (-1);
1251 }
1252
1253 uint32 pdb_get_unknown6 (SAM_ACCOUNT *sampass)
1254 {
1255 if (sampass)
1256 return (sampass->unknown_6);
1257 else
1258 return (-1);
1259 }
1260
1261 /*********************************************************************
1262 Collection of set...() functions for SAM_ACCOUNT_INFO.
1263 ********************************************************************/
1264
1265 BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 flags)
1266 {
1267 if (!sampass)
1268 return False;
1269
1270 if (sampass) {
1271 sampass->acct_ctrl = flags;
1272 return True;
1273 }
1274
1275 return False;
1276 }
1277
1278 BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime)
1279 {
1280 if (!sampass)
1281 return False;
1282
1283 sampass->logon_time = mytime;
1284 return True;
1285 }
1286
1287 BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime)
1288 {
1289 if (!sampass)
1290 return False;
1291
1292 sampass->logoff_time = mytime;
1293 return True;
1294 }
1295
1296 BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime)
1297 {
1298 if (!sampass)
1299 return False;
1300
1301 sampass->kickoff_time = mytime;
1302 return True;
1303 }
1304
1305 BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime)
1306 {
1307 if (!sampass)
1308 return False;
1309
1310 sampass->pass_can_change_time = mytime;
1311 return True;
1312 }
1313
1314 BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime)
1315 {
1316 if (!sampass)
1317 return False;
1318
1319 sampass->pass_must_change_time = mytime;
1320 return True;
1321 }
1322
1323 BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime)
1324 {
1325 if (!sampass)
1326 return False;
1327
1328 sampass->pass_last_set_time = mytime;
1329 return True;
1330 }
1331
1332 BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len)
1333 {
1334 if (!sampass)
1335 return False;
1336
1337 sampass->hours_len = len;
1338 return True;
1339 }
1340
1341 BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours)
1342 {
1343 if (!sampass)
1344 return False;
1345
1346 sampass->logon_divs = hours;
1347 return True;
1348 }
1349
1350 BOOL pdb_set_init_flag (SAM_ACCOUNT *sampass, uint32 flag)
1351 {
1352 if (!sampass)
1353 return False;
1354
1355 sampass->init_flag |= flag;
1356
1357 return True;
1358 }
1359
1360 BOOL pdb_set_uid (SAM_ACCOUNT *sampass, uid_t uid)
1361 {
1362 if (!sampass)
1363 return False;
1364
1365 sampass->uid = uid;
1366 sampass->init_flag |= FLAG_SAM_UID;
1367
1368 return True;
1369 }
1370
1371 BOOL pdb_set_gid (SAM_ACCOUNT *sampass, gid_t gid)
1372 {
1373 if (!sampass)
1374 return False;
1375
1376 sampass->gid = gid;
1377 sampass->init_flag |= FLAG_SAM_GID;
1378
1379 return True;
1380 }
1381
1382 BOOL pdb_set_user_rid (SAM_ACCOUNT *sampass, uint32 rid)
1383 {
1384 if (!sampass)
1385 return False;
1386
1387 sampass->user_rid = rid;
1388 return True;
1389 }
1390
1391 BOOL pdb_set_group_rid (SAM_ACCOUNT *sampass, uint32 grid)
1392 {
1393 if (!sampass)
1394 return False;
1395
1396 sampass->group_rid = grid;
1397 return True;
1398 }
1399
1400 /*********************************************************************
1401 Set the user's UNIX name.
1402 ********************************************************************/
1403
1404 BOOL pdb_set_username(SAM_ACCOUNT *sampass, char *username)
1405 {
1406 if (!sampass)
1407 return False;
1408 *sampass->username = '\0';
1409 if (!username)
1410 return False;
1411
1412 StrnCpy (sampass->username, username, sizeof(sampass->username)-1);
1413
1414 return True;
1415 }
1416
1417 /*********************************************************************
1418 Set the domain name.
1419 ********************************************************************/
1420
1421 BOOL pdb_set_domain(SAM_ACCOUNT *sampass, char *domain)
1422 {
1423 if (!sampass)
1424 return False;
1425 *sampass->domain = '\0';
1426 if (!domain)
1427 return False;
1428
1429 StrnCpy (sampass->domain, domain, sizeof(sampass->domain)-1);
1430
1431 return True;
1432 }
1433
1434 /*********************************************************************
1435 Set the user's NT name.
1436 ********************************************************************/
1437
1438 BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, char *nt_username)
1439 {
1440 if (!sampass)
1441 return False;
1442 *sampass->nt_username = '\0';
1443 if (!nt_username)
1444 return False;
1445
1446 StrnCpy (sampass->nt_username, nt_username, sizeof(sampass->nt_username) -1);
1447
1448 return True;
1449 }
1450
1451 /*********************************************************************
1452 Set the user's full name.
1453 ********************************************************************/
1454
1455 BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, char *fullname)
1456 {
1457 if (!sampass)
1458 return False;
1459 *sampass->full_name = '\0';
1460 if (!fullname)
1461 return False;
1462
1463 StrnCpy (sampass->full_name, fullname, sizeof(sampass->full_name)-1);
1464
1465 return True;
1466 }
1467
1468 /*********************************************************************
1469 Set the user's logon script.
1470 ********************************************************************/
1471
1472 BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, char *logon_script, BOOL store)
1473 {
1474 if (!sampass)
1475 return False;
1476 *sampass->logon_script = '\0';
1477 if (!logon_script)
1478 return False;
1479
1480 StrnCpy (sampass->logon_script, logon_script, sizeof(sampass->logon_script)-1);
1481
1482 if (store)
1483 pdb_set_init_flag(sampass, FLAG_SAM_LOGONSCRIPT);
1484
1485 return True;
1486 }
1487
1488 /*********************************************************************
1489 Set the user's profile path.
1490 ********************************************************************/
1491
1492 BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, char *profile_path, BOOL store)
1493 {
1494 if (!sampass)
1495 return False;
1496 *sampass->profile_path = '\0';
1497 if (!profile_path)
1498 return False;
1499
1500 StrnCpy (sampass->profile_path, profile_path, sizeof(sampass->profile_path)-1);
1501
1502 if (store)
1503 pdb_set_init_flag(sampass, FLAG_SAM_PROFILE);
1504
1505 return True;
1506 }
1507
1508 /*********************************************************************
1509 Set the user's directory drive.
1510 ********************************************************************/
1511
1512 BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, char *dir_drive, BOOL store)
1513 {
1514 if (!sampass)
1515 return False;
1516 *sampass->dir_drive = '\0';
1517 if (!dir_drive)
1518 return False;
1519
1520 StrnCpy (sampass->dir_drive, dir_drive, sizeof(sampass->dir_drive)-1);
1521
1522 if (store)
1523 pdb_set_init_flag(sampass, FLAG_SAM_DRIVE);
1524
1525 return True;
1526 }
1527
1528 /*********************************************************************
1529 Set the user's home directory.
1530 ********************************************************************/
1531
1532 BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, char *homedir, BOOL store)
1533 {
1534 if (!sampass)
1535 return False;
1536 *sampass->home_dir = '\0';
1537 if (!homedir)
1538 return False;
1539
1540 StrnCpy (sampass->home_dir, homedir, sizeof(sampass->home_dir)-1);
1541
1542 if (store)
1543 pdb_set_init_flag(sampass, FLAG_SAM_SMBHOME);
1544
1545 return True;
1546 }
1547
1548 /*********************************************************************
1549 Set the user's account description.
1550 ********************************************************************/
1551
1552 BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, char *acct_desc)
1553 {
1554 if (!sampass)
1555 return False;
1556 *sampass->acct_desc = '\0';
1557 if (!acct_desc)
1558 return False;
1559
1560 StrnCpy (sampass->acct_desc, acct_desc, sizeof(sampass->acct_desc)-1);
1561
1562 return True;
1563 }
1564
1565 /*********************************************************************
1566 Set the user's workstation allowed list.
1567 ********************************************************************/
1568
1569 BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, char *workstations)
1570 {
1571 if (!sampass)
1572 return False;
1573 *sampass->workstations = '\0';
1574 if (!workstations)
1575 return False;
1576
1577 StrnCpy (sampass->workstations, workstations, sizeof(sampass->workstations)-1);
1578
1579 return True;
1580 }
1581
1582 /*********************************************************************
1583 Set the user's dial string.
1584 ********************************************************************/
1585
1586 BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, char *munged_dial)
1587 {
1588 if (!sampass)
1589 return False;
1590 *sampass->munged_dial = '\0';
1591 if (!munged_dial)
1592 return False;
1593
1594 StrnCpy (sampass->munged_dial, munged_dial, sizeof(sampass->munged_dial)-1);
1595
1596 return True;
1597 }
1598
1599 /*********************************************************************
1600 Set the user's NT hash.
1601 ********************************************************************/
1602
1603 BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, uint8 *pwd)
1604 {
1605 if (!sampass)
1606 return False;
1607
1608 /* Remember to set the "last changed time". */
1609 pdb_set_pass_last_set_time(sampass, time(NULL));
1610
1611 if (!pwd) {
1612 /* Allow setting to NULL */
1613 SAFE_FREE(sampass->nt_pw);
1614 return True;
1615 }
1616
1617 if (sampass->nt_pw!=NULL)
1618 DEBUG(4,("pdb_set_nt_passwd: NT hash non NULL overwritting ?\n"));
1619 else
1620 sampass->nt_pw=(unsigned char *)malloc(sizeof(unsigned char)*16);
1621
1622 if (sampass->nt_pw==NULL)
1623 return False;
1624
1625 memcpy (sampass->nt_pw, pwd, 16);
1626
1627 return True;
1628 }
1629
1630 /*********************************************************************
1631 Set the user's LM hash.
1632 ********************************************************************/
1633
1634 BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, uint8 *pwd)
1635 {
1636 if (!sampass)
1637 return False;
1638
1639 /* Remember to set the "last changed time". */
1640 pdb_set_pass_last_set_time(sampass, time(NULL));
1641
1642 if (!pwd) {
1643 /* Allow setting to NULL */
1644 SAFE_FREE(sampass->lm_pw);
1645 return True;
1646 }
1647
1648 if (sampass->lm_pw!=NULL)
1649 DEBUG(4,("pdb_set_lanman_passwd: LM hash non NULL overwritting ?\n"));
1650 else
1651 sampass->lm_pw=(unsigned char *)malloc(sizeof(unsigned char)*16);
1652
1653 if (sampass->lm_pw==NULL)
1654 return False;
1655
1656 memcpy (sampass->lm_pw, pwd, 16);
1657
1658 return True;
1659 }
1660
1661 /*********************************************************************
1662 Set the user's PLAINTEXT password. Used as an interface to the above.
1663 ********************************************************************/
1664
1665 BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, char *plaintext)
1666 {
1667 uchar new_lanman_p16[16];
1668 uchar new_nt_p16[16];
1669
1670 if (!sampass || !plaintext)
1671 return False;
1672
1673 nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
1674
1675 if (!pdb_set_nt_passwd (sampass, new_nt_p16))
1676 return False;
1677
1678 if (!pdb_set_lanman_passwd (sampass, new_lanman_p16))
1679 return False;
1680
1681 return True;
1682 }
1683
1684 BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn)
1685 {
1686 if (!sampass)
1687 return False;
1688
1689 sampass->unknown_3 = unkn;
1690 return True;
1691 }
1692
1693 BOOL pdb_set_unknown_5 (SAM_ACCOUNT *sampass, uint32 unkn)
1694 {
1695 if (!sampass)
1696 return False;
1697
1698 sampass->unknown_5 = unkn;
1699 return True;
1700 }
1701
1702 BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn)
1703 {
1704 if (!sampass)
1705 return False;
1706
1707 sampass->unknown_6 = unkn;
1708 return True;
1709 }
1710
1711 BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours)
1712 {
1713 if (!sampass)
1714 return False;
1715
1716 if (!hours) {
1717 memset ((char *)sampass->hours, 0, MAX_HOURS_LEN);
1718 return True;
1719 }
1720
1721 memcpy (sampass->hours, hours, MAX_HOURS_LEN);
1722
1723 return True;
1724 }
1725
1726 /***************************************************************************
1727 Search by uid. Wrapper around pdb_getsampwnam()
1728 **************************************************************************/
1729
1730 BOOL pdb_getsampwuid (SAM_ACCOUNT* user, uid_t uid)
1731 {
1732 struct passwd *pw;
1733 fstring name;
1734
1735 if (user==NULL) {
1736 DEBUG(0,("pdb_getsampwuid: SAM_ACCOUNT is NULL.\n"));
1737 return False;
1738 }
1739
1740 /*
1741 * Never trust the uid in the passdb. Lookup the username first
1742 * and then lokup the user by name in the sam.
1743 */
1744
1745 if ((pw=sys_getpwuid(uid)) == NULL) {
1746 DEBUG(0,("pdb_getsampwuid: getpwuid(%u) return NULL. User does not exist in Unix accounts!\n",
1747 (unsigned int)uid));
1748 return False;
1749 }
1750
1751 fstrcpy (name, pw->pw_name);
1752
1753 return pdb_getsampwnam (user, name);
1754
1755 }
1756
Samba GIT mirror