2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
27 /****************************************************************
28 ****************************************************************/
30 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X
*infoX
,
31 struct samr_UserInfo21
*info21
)
33 uint32_t fields_present
= 0;
34 struct samr_LogonHours zero_logon_hours
;
35 struct lsa_BinaryString zero_parameters
;
39 ZERO_STRUCT(zero_logon_hours
);
40 ZERO_STRUCT(zero_parameters
);
42 if (infoX
->usriX_flags
) {
43 fields_present
|= SAMR_FIELD_ACCT_FLAGS
;
45 if (infoX
->usriX_name
) {
46 fields_present
|= SAMR_FIELD_ACCOUNT_NAME
;
48 if (infoX
->usriX_password
) {
49 fields_present
|= SAMR_FIELD_PASSWORD
;
51 if (infoX
->usriX_flags
) {
52 fields_present
|= SAMR_FIELD_ACCT_FLAGS
;
54 if (infoX
->usriX_name
) {
55 fields_present
|= SAMR_FIELD_FULL_NAME
;
57 if (infoX
->usriX_home_dir
) {
58 fields_present
|= SAMR_FIELD_HOME_DIRECTORY
;
60 if (infoX
->usriX_script_path
) {
61 fields_present
|= SAMR_FIELD_LOGON_SCRIPT
;
63 if (infoX
->usriX_comment
) {
64 fields_present
|= SAMR_FIELD_DESCRIPTION
;
66 if (infoX
->usriX_password_age
) {
67 fields_present
|= SAMR_FIELD_FORCE_PWD_CHANGE
;
69 if (infoX
->usriX_full_name
) {
70 fields_present
|= SAMR_FIELD_FULL_NAME
;
72 if (infoX
->usriX_usr_comment
) {
73 fields_present
|= SAMR_FIELD_COMMENT
;
75 if (infoX
->usriX_profile
) {
76 fields_present
|= SAMR_FIELD_PROFILE_PATH
;
78 if (infoX
->usriX_home_dir_drive
) {
79 fields_present
|= SAMR_FIELD_HOME_DRIVE
;
81 if (infoX
->usriX_primary_group_id
) {
82 fields_present
|= SAMR_FIELD_PRIMARY_GID
;
84 if (infoX
->usriX_country_code
) {
85 fields_present
|= SAMR_FIELD_COUNTRY_CODE
;
87 if (infoX
->usriX_workstations
) {
88 fields_present
|= SAMR_FIELD_WORKSTATIONS
;
91 unix_to_nt_time_abs(&password_age
, infoX
->usriX_password_age
);
93 /* TODO: infoX->usriX_priv */
94 init_samr_user_info21(info21
,
102 infoX
->usriX_full_name
,
103 infoX
->usriX_home_dir
,
104 infoX
->usriX_home_dir_drive
,
105 infoX
->usriX_script_path
,
106 infoX
->usriX_profile
,
107 infoX
->usriX_comment
,
108 infoX
->usriX_workstations
,
109 infoX
->usriX_usr_comment
,
112 infoX
->usriX_primary_group_id
,
118 infoX
->usriX_country_code
,
125 /****************************************************************
126 ****************************************************************/
128 static NTSTATUS
construct_USER_INFO_X(uint32_t level
,
130 struct USER_INFO_X
*uX
)
132 struct USER_INFO_0
*u0
= NULL
;
133 struct USER_INFO_1
*u1
= NULL
;
134 struct USER_INFO_2
*u2
= NULL
;
135 struct USER_INFO_1003
*u1003
= NULL
;
136 struct USER_INFO_1006
*u1006
= NULL
;
137 struct USER_INFO_1007
*u1007
= NULL
;
138 struct USER_INFO_1009
*u1009
= NULL
;
139 struct USER_INFO_1011
*u1011
= NULL
;
140 struct USER_INFO_1012
*u1012
= NULL
;
141 struct USER_INFO_1014
*u1014
= NULL
;
142 struct USER_INFO_1024
*u1024
= NULL
;
143 struct USER_INFO_1051
*u1051
= NULL
;
144 struct USER_INFO_1052
*u1052
= NULL
;
145 struct USER_INFO_1053
*u1053
= NULL
;
147 if (!buffer
|| !uX
) {
148 return NT_STATUS_INVALID_PARAMETER
;
155 u0
= (struct USER_INFO_0
*)buffer
;
156 uX
->usriX_name
= u0
->usri0_name
;
159 u1
= (struct USER_INFO_1
*)buffer
;
160 uX
->usriX_name
= u1
->usri1_name
;
161 uX
->usriX_password
= u1
->usri1_password
;
162 uX
->usriX_password_age
= u1
->usri1_password_age
;
163 uX
->usriX_priv
= u1
->usri1_priv
;
164 uX
->usriX_home_dir
= u1
->usri1_home_dir
;
165 uX
->usriX_comment
= u1
->usri1_comment
;
166 uX
->usriX_flags
= u1
->usri1_flags
;
167 uX
->usriX_script_path
= u1
->usri1_script_path
;
170 u2
= (struct USER_INFO_2
*)buffer
;
171 uX
->usriX_name
= u2
->usri2_name
;
172 uX
->usriX_password
= u2
->usri2_password
;
173 uX
->usriX_password_age
= u2
->usri2_password_age
;
174 uX
->usriX_priv
= u2
->usri2_priv
;
175 uX
->usriX_home_dir
= u2
->usri2_home_dir
;
176 uX
->usriX_comment
= u2
->usri2_comment
;
177 uX
->usriX_flags
= u2
->usri2_flags
;
178 uX
->usriX_script_path
= u2
->usri2_script_path
;
179 uX
->usriX_auth_flags
= u2
->usri2_auth_flags
;
180 uX
->usriX_full_name
= u2
->usri2_full_name
;
181 uX
->usriX_usr_comment
= u2
->usri2_usr_comment
;
182 uX
->usriX_parms
= u2
->usri2_parms
;
183 uX
->usriX_workstations
= u2
->usri2_workstations
;
184 uX
->usriX_last_logon
= u2
->usri2_last_logon
;
185 uX
->usriX_last_logoff
= u2
->usri2_last_logoff
;
186 uX
->usriX_acct_expires
= u2
->usri2_acct_expires
;
187 uX
->usriX_max_storage
= u2
->usri2_max_storage
;
188 uX
->usriX_units_per_week
= u2
->usri2_units_per_week
;
189 uX
->usriX_logon_hours
= u2
->usri2_logon_hours
;
190 uX
->usriX_bad_pw_count
= u2
->usri2_bad_pw_count
;
191 uX
->usriX_num_logons
= u2
->usri2_num_logons
;
192 uX
->usriX_logon_server
= u2
->usri2_logon_server
;
193 uX
->usriX_country_code
= u2
->usri2_country_code
;
194 uX
->usriX_code_page
= u2
->usri2_code_page
;
197 u1003
= (struct USER_INFO_1003
*)buffer
;
198 uX
->usriX_password
= u1003
->usri1003_password
;
201 u1006
= (struct USER_INFO_1006
*)buffer
;
202 uX
->usriX_home_dir
= u1006
->usri1006_home_dir
;
205 u1007
= (struct USER_INFO_1007
*)buffer
;
206 uX
->usriX_comment
= u1007
->usri1007_comment
;
209 u1009
= (struct USER_INFO_1009
*)buffer
;
210 uX
->usriX_script_path
= u1009
->usri1009_script_path
;
213 u1011
= (struct USER_INFO_1011
*)buffer
;
214 uX
->usriX_full_name
= u1011
->usri1011_full_name
;
217 u1012
= (struct USER_INFO_1012
*)buffer
;
218 uX
->usriX_usr_comment
= u1012
->usri1012_usr_comment
;
221 u1014
= (struct USER_INFO_1014
*)buffer
;
222 uX
->usriX_workstations
= u1014
->usri1014_workstations
;
225 u1024
= (struct USER_INFO_1024
*)buffer
;
226 uX
->usriX_country_code
= u1024
->usri1024_country_code
;
229 u1051
= (struct USER_INFO_1051
*)buffer
;
230 uX
->usriX_primary_group_id
= u1051
->usri1051_primary_group_id
;
233 u1052
= (struct USER_INFO_1052
*)buffer
;
234 uX
->usriX_profile
= u1052
->usri1052_profile
;
237 u1053
= (struct USER_INFO_1053
*)buffer
;
238 uX
->usriX_home_dir_drive
= u1053
->usri1053_home_dir_drive
;
243 return NT_STATUS_INVALID_INFO_CLASS
;
249 /****************************************************************
250 ****************************************************************/
252 static NTSTATUS
set_user_info_USER_INFO_X(TALLOC_CTX
*ctx
,
253 struct rpc_pipe_client
*pipe_cli
,
254 DATA_BLOB
*session_key
,
255 struct policy_handle
*user_handle
,
256 struct USER_INFO_X
*uX
)
258 union samr_UserInfo user_info
;
259 struct samr_UserInfo21 info21
;
263 return NT_STATUS_INVALID_PARAMETER
;
266 convert_USER_INFO_X_to_samr_user_info21(uX
, &info21
);
268 ZERO_STRUCT(user_info
);
270 if (uX
->usriX_password
) {
272 user_info
.info25
.info
= info21
;
274 init_samr_CryptPasswordEx(uX
->usriX_password
,
276 &user_info
.info25
.password
);
278 status
= rpccli_samr_SetUserInfo2(pipe_cli
, ctx
,
283 if (NT_STATUS_EQUAL(status
, NT_STATUS(DCERPC_FAULT_INVALID_TAG
))) {
285 user_info
.info23
.info
= info21
;
287 init_samr_CryptPassword(uX
->usriX_password
,
289 &user_info
.info23
.password
);
291 status
= rpccli_samr_SetUserInfo2(pipe_cli
, ctx
,
298 user_info
.info21
= info21
;
300 status
= rpccli_samr_SetUserInfo(pipe_cli
, ctx
,
309 /****************************************************************
310 ****************************************************************/
312 WERROR
NetUserAdd_r(struct libnetapi_ctx
*ctx
,
313 struct NetUserAdd
*r
)
315 struct cli_state
*cli
= NULL
;
316 struct rpc_pipe_client
*pipe_cli
= NULL
;
319 POLICY_HND connect_handle
, domain_handle
, user_handle
;
320 struct lsa_String lsa_account_name
;
321 struct dom_sid2
*domain_sid
= NULL
;
322 union samr_UserInfo
*user_info
= NULL
;
323 struct samr_PwInfo pw_info
;
324 uint32_t access_granted
= 0;
326 struct USER_INFO_X uX
;
328 ZERO_STRUCT(connect_handle
);
329 ZERO_STRUCT(domain_handle
);
330 ZERO_STRUCT(user_handle
);
333 return WERR_INVALID_PARAM
;
336 switch (r
->in
.level
) {
343 werr
= WERR_NOT_SUPPORTED
;
347 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
348 &ndr_table_samr
.syntax_id
,
351 if (!W_ERROR_IS_OK(werr
)) {
355 status
= construct_USER_INFO_X(r
->in
.level
, r
->in
.buffer
, &uX
);
356 if (!NT_STATUS_IS_OK(status
)) {
357 werr
= ntstatus_to_werror(status
);
361 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
362 SAMR_ACCESS_ENUM_DOMAINS
|
363 SAMR_ACCESS_OPEN_DOMAIN
,
364 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
365 SAMR_DOMAIN_ACCESS_CREATE_USER
|
366 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
370 if (!W_ERROR_IS_OK(werr
)) {
374 init_lsa_String(&lsa_account_name
, uX
.usriX_name
);
376 status
= rpccli_samr_CreateUser2(pipe_cli
, ctx
,
382 SAMR_USER_ACCESS_SET_PASSWORD
|
383 SAMR_USER_ACCESS_SET_ATTRIBUTES
|
384 SAMR_USER_ACCESS_GET_ATTRIBUTES
,
388 if (!NT_STATUS_IS_OK(status
)) {
389 werr
= ntstatus_to_werror(status
);
393 status
= rpccli_samr_QueryUserInfo(pipe_cli
, ctx
,
397 if (!NT_STATUS_IS_OK(status
)) {
398 werr
= ntstatus_to_werror(status
);
402 if (!(user_info
->info16
.acct_flags
& ACB_NORMAL
)) {
403 werr
= WERR_INVALID_PARAM
;
407 status
= rpccli_samr_GetUserPwInfo(pipe_cli
, ctx
,
410 if (!NT_STATUS_IS_OK(status
)) {
411 werr
= ntstatus_to_werror(status
);
415 uX
.usriX_flags
|= ACB_NORMAL
;
417 status
= set_user_info_USER_INFO_X(ctx
, pipe_cli
,
418 &cli
->user_session_key
,
421 if (!NT_STATUS_IS_OK(status
)) {
422 werr
= ntstatus_to_werror(status
);
430 rpccli_samr_DeleteUser(pipe_cli
, ctx
,
438 if (is_valid_policy_hnd(&user_handle
)) {
439 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
442 if (ctx
->disable_policy_handle_cache
) {
443 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
444 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
450 /****************************************************************
451 ****************************************************************/
453 WERROR
NetUserAdd_l(struct libnetapi_ctx
*ctx
,
454 struct NetUserAdd
*r
)
456 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserAdd
);
459 /****************************************************************
460 ****************************************************************/
462 WERROR
NetUserDel_r(struct libnetapi_ctx
*ctx
,
463 struct NetUserDel
*r
)
465 struct cli_state
*cli
= NULL
;
466 struct rpc_pipe_client
*pipe_cli
= NULL
;
469 POLICY_HND connect_handle
, builtin_handle
, domain_handle
, user_handle
;
470 struct lsa_String lsa_account_name
;
471 struct samr_Ids user_rids
, name_types
;
472 struct dom_sid2
*domain_sid
= NULL
;
473 struct dom_sid2 user_sid
;
475 ZERO_STRUCT(connect_handle
);
476 ZERO_STRUCT(builtin_handle
);
477 ZERO_STRUCT(domain_handle
);
478 ZERO_STRUCT(user_handle
);
480 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
481 &ndr_table_samr
.syntax_id
,
485 if (!W_ERROR_IS_OK(werr
)) {
489 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
490 SAMR_ACCESS_ENUM_DOMAINS
|
491 SAMR_ACCESS_OPEN_DOMAIN
,
492 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
496 if (!W_ERROR_IS_OK(werr
)) {
500 status
= rpccli_samr_OpenDomain(pipe_cli
, ctx
,
502 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
503 CONST_DISCARD(DOM_SID
*, &global_sid_Builtin
),
505 if (!NT_STATUS_IS_OK(status
)) {
506 werr
= ntstatus_to_werror(status
);
510 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
512 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
518 if (!NT_STATUS_IS_OK(status
)) {
519 werr
= ntstatus_to_werror(status
);
523 status
= rpccli_samr_OpenUser(pipe_cli
, ctx
,
525 STD_RIGHT_DELETE_ACCESS
,
528 if (!NT_STATUS_IS_OK(status
)) {
529 werr
= ntstatus_to_werror(status
);
533 sid_compose(&user_sid
, domain_sid
, user_rids
.ids
[0]);
535 status
= rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli
, ctx
,
538 if (!NT_STATUS_IS_OK(status
)) {
539 werr
= ntstatus_to_werror(status
);
543 status
= rpccli_samr_DeleteUser(pipe_cli
, ctx
,
545 if (!NT_STATUS_IS_OK(status
)) {
546 werr
= ntstatus_to_werror(status
);
557 if (is_valid_policy_hnd(&user_handle
)) {
558 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
561 if (ctx
->disable_policy_handle_cache
) {
562 libnetapi_samr_close_builtin_handle(ctx
, &builtin_handle
);
563 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
564 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
570 /****************************************************************
571 ****************************************************************/
573 WERROR
NetUserDel_l(struct libnetapi_ctx
*ctx
,
574 struct NetUserDel
*r
)
576 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserDel
);
579 /****************************************************************
580 ****************************************************************/
582 static NTSTATUS
libnetapi_samr_lookup_user(TALLOC_CTX
*mem_ctx
,
583 struct rpc_pipe_client
*pipe_cli
,
584 struct policy_handle
*domain_handle
,
585 struct policy_handle
*builtin_handle
,
586 const char *user_name
,
587 const struct dom_sid
*domain_sid
,
590 struct samr_UserInfo21
**info21
,
591 struct sec_desc_buf
**sec_desc
,
592 uint32_t *auth_flag_p
)
596 struct policy_handle user_handle
;
597 union samr_UserInfo
*user_info
= NULL
;
598 struct samr_RidWithAttributeArray
*rid_array
= NULL
;
599 uint32_t access_mask
= SEC_STD_READ_CONTROL
|
600 SAMR_USER_ACCESS_GET_ATTRIBUTES
|
601 SAMR_USER_ACCESS_GET_NAME_ETC
;
603 ZERO_STRUCT(user_handle
);
609 access_mask
|= SAMR_USER_ACCESS_GET_LOGONINFO
|
610 SAMR_USER_ACCESS_GET_GROUPS
;
616 access_mask
|= SAMR_USER_ACCESS_GET_LOGONINFO
|
617 SAMR_USER_ACCESS_GET_GROUPS
|
618 SAMR_USER_ACCESS_GET_LOCALE
;
625 return NT_STATUS_INVALID_LEVEL
;
632 status
= rpccli_samr_OpenUser(pipe_cli
, mem_ctx
,
637 if (!NT_STATUS_IS_OK(status
)) {
641 status
= rpccli_samr_QueryUserInfo(pipe_cli
, mem_ctx
,
645 if (!NT_STATUS_IS_OK(status
)) {
649 status
= rpccli_samr_QuerySecurity(pipe_cli
, mem_ctx
,
653 if (!NT_STATUS_IS_OK(status
)) {
657 if (access_mask
& SAMR_USER_ACCESS_GET_GROUPS
) {
659 struct lsa_SidArray sid_array
;
660 struct samr_Ids alias_rids
;
662 uint32_t auth_flag
= 0;
665 status
= rpccli_samr_GetGroupsForUser(pipe_cli
, mem_ctx
,
668 if (!NT_STATUS_IS_OK(status
)) {
672 sid_array
.num_sids
= rid_array
->count
+ 1;
673 sid_array
.sids
= talloc_array(mem_ctx
, struct lsa_SidPtr
,
675 NT_STATUS_HAVE_NO_MEMORY(sid_array
.sids
);
677 for (i
=0; i
<rid_array
->count
; i
++) {
678 sid_compose(&sid
, domain_sid
, rid_array
->rids
[i
].rid
);
679 sid_array
.sids
[i
].sid
= sid_dup_talloc(mem_ctx
, &sid
);
680 NT_STATUS_HAVE_NO_MEMORY(sid_array
.sids
[i
].sid
);
683 sid_compose(&sid
, domain_sid
, rid
);
684 sid_array
.sids
[i
].sid
= sid_dup_talloc(mem_ctx
, &sid
);
685 NT_STATUS_HAVE_NO_MEMORY(sid_array
.sids
[i
].sid
);
687 status
= rpccli_samr_GetAliasMembership(pipe_cli
, mem_ctx
,
691 if (!NT_STATUS_IS_OK(status
)) {
695 for (i
=0; i
<alias_rids
.count
; i
++) {
696 switch (alias_rids
.ids
[i
]) {
697 case 550: /* Print Operators */
698 auth_flag
|= AF_OP_PRINT
;
700 case 549: /* Server Operators */
701 auth_flag
|= AF_OP_SERVER
;
703 case 548: /* Account Operators */
704 auth_flag
|= AF_OP_ACCOUNTS
;
712 *auth_flag_p
= auth_flag
;
716 *info21
= &user_info
->info21
;
719 if (is_valid_policy_hnd(&user_handle
)) {
720 rpccli_samr_Close(pipe_cli
, mem_ctx
, &user_handle
);
726 /****************************************************************
727 ****************************************************************/
729 static uint32_t samr_rid_to_priv_level(uint32_t rid
)
732 case DOMAIN_RID_ADMINISTRATOR
:
733 return USER_PRIV_ADMIN
;
734 case DOMAIN_RID_GUEST
:
735 return USER_PRIV_GUEST
;
737 return USER_PRIV_USER
;
741 /****************************************************************
742 ****************************************************************/
744 static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb
)
746 uint32_t fl
= UF_SCRIPT
; /* god knows why */
748 fl
|= ads_acb2uf(acb
);
753 /****************************************************************
754 ****************************************************************/
756 static NTSTATUS
info21_to_USER_INFO_1(TALLOC_CTX
*mem_ctx
,
757 const struct samr_UserInfo21
*i21
,
758 struct USER_INFO_1
*i
)
761 i
->usri1_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
762 NT_STATUS_HAVE_NO_MEMORY(i
->usri1_name
);
763 i
->usri1_password
= NULL
;
764 i
->usri1_password_age
= time(NULL
) - nt_time_to_unix(i21
->last_password_change
);
765 i
->usri1_priv
= samr_rid_to_priv_level(i21
->rid
);
766 i
->usri1_home_dir
= talloc_strdup(mem_ctx
, i21
->home_directory
.string
);
767 i
->usri1_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
768 i
->usri1_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
769 i
->usri1_script_path
= talloc_strdup(mem_ctx
, i21
->logon_script
.string
);
774 /****************************************************************
775 ****************************************************************/
777 static NTSTATUS
info21_to_USER_INFO_2(TALLOC_CTX
*mem_ctx
,
778 const struct samr_UserInfo21
*i21
,
780 struct USER_INFO_2
*i
)
784 i
->usri2_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
785 NT_STATUS_HAVE_NO_MEMORY(i
->usri2_name
);
786 i
->usri2_password
= NULL
;
787 i
->usri2_password_age
= time(NULL
) - nt_time_to_unix(i21
->last_password_change
);
788 i
->usri2_priv
= samr_rid_to_priv_level(i21
->rid
);
789 i
->usri2_home_dir
= talloc_strdup(mem_ctx
, i21
->home_directory
.string
);
790 i
->usri2_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
791 i
->usri2_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
792 i
->usri2_script_path
= talloc_strdup(mem_ctx
, i21
->logon_script
.string
);
793 i
->usri2_auth_flags
= auth_flag
;
794 i
->usri2_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
795 i
->usri2_usr_comment
= talloc_strdup(mem_ctx
, i21
->comment
.string
);
796 i
->usri2_parms
= talloc_strndup(mem_ctx
, (const char *)i21
->parameters
.array
, i21
->parameters
.size
/2);
797 i
->usri2_workstations
= talloc_strdup(mem_ctx
, i21
->workstations
.string
);
798 i
->usri2_last_logon
= nt_time_to_unix(i21
->last_logon
);
799 i
->usri2_last_logoff
= nt_time_to_unix(i21
->last_logoff
);
800 i
->usri2_acct_expires
= nt_time_to_unix(i21
->acct_expiry
);
801 i
->usri2_max_storage
= USER_MAXSTORAGE_UNLIMITED
; /* FIXME */
802 i
->usri2_units_per_week
= i21
->logon_hours
.units_per_week
;
803 i
->usri2_logon_hours
= (uint8_t *)talloc_memdup(mem_ctx
, i21
->logon_hours
.bits
, 21);
804 i
->usri2_bad_pw_count
= i21
->bad_password_count
;
805 i
->usri2_num_logons
= i21
->logon_count
;
806 i
->usri2_logon_server
= talloc_strdup(mem_ctx
, "\\\\*");
807 i
->usri2_country_code
= i21
->country_code
;
808 i
->usri2_code_page
= i21
->code_page
;
813 /****************************************************************
814 ****************************************************************/
816 static NTSTATUS
info21_to_USER_INFO_3(TALLOC_CTX
*mem_ctx
,
817 const struct samr_UserInfo21
*i21
,
819 struct USER_INFO_3
*i
)
823 i
->usri3_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
824 NT_STATUS_HAVE_NO_MEMORY(i
->usri3_name
);
825 i
->usri3_password_age
= time(NULL
) - nt_time_to_unix(i21
->last_password_change
);
826 i
->usri3_priv
= samr_rid_to_priv_level(i21
->rid
);
827 i
->usri3_home_dir
= talloc_strdup(mem_ctx
, i21
->home_directory
.string
);
828 i
->usri3_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
829 i
->usri3_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
830 i
->usri3_script_path
= talloc_strdup(mem_ctx
, i21
->logon_script
.string
);
831 i
->usri3_auth_flags
= auth_flag
;
832 i
->usri3_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
833 i
->usri3_usr_comment
= talloc_strdup(mem_ctx
, i21
->comment
.string
);
834 i
->usri3_parms
= talloc_strndup(mem_ctx
, (const char *)i21
->parameters
.array
, i21
->parameters
.size
/2);
835 i
->usri3_workstations
= talloc_strdup(mem_ctx
, i21
->workstations
.string
);
836 i
->usri3_last_logon
= nt_time_to_unix(i21
->last_logon
);
837 i
->usri3_last_logoff
= nt_time_to_unix(i21
->last_logoff
);
838 i
->usri3_acct_expires
= nt_time_to_unix(i21
->acct_expiry
);
839 i
->usri3_max_storage
= USER_MAXSTORAGE_UNLIMITED
; /* FIXME */
840 i
->usri3_units_per_week
= i21
->logon_hours
.units_per_week
;
841 i
->usri3_logon_hours
= (uint8_t *)talloc_memdup(mem_ctx
, i21
->logon_hours
.bits
, 21);
842 i
->usri3_bad_pw_count
= i21
->bad_password_count
;
843 i
->usri3_num_logons
= i21
->logon_count
;
844 i
->usri3_logon_server
= talloc_strdup(mem_ctx
, "\\\\*");
845 i
->usri3_country_code
= i21
->country_code
;
846 i
->usri3_code_page
= i21
->code_page
;
847 i
->usri3_user_id
= i21
->rid
;
848 i
->usri3_primary_group_id
= i21
->primary_gid
;
849 i
->usri3_profile
= talloc_strdup(mem_ctx
, i21
->profile_path
.string
);
850 i
->usri3_home_dir_drive
= talloc_strdup(mem_ctx
, i21
->home_drive
.string
);
851 i
->usri3_password_expired
= i21
->password_expired
;
856 /****************************************************************
857 ****************************************************************/
859 static NTSTATUS
info21_to_USER_INFO_4(TALLOC_CTX
*mem_ctx
,
860 const struct samr_UserInfo21
*i21
,
862 struct dom_sid
*domain_sid
,
863 struct USER_INFO_4
*i
)
869 i
->usri4_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
870 NT_STATUS_HAVE_NO_MEMORY(i
->usri4_name
);
871 i
->usri4_password_age
= time(NULL
) - nt_time_to_unix(i21
->last_password_change
);
872 i
->usri4_password
= NULL
;
873 i
->usri4_priv
= samr_rid_to_priv_level(i21
->rid
);
874 i
->usri4_home_dir
= talloc_strdup(mem_ctx
, i21
->home_directory
.string
);
875 i
->usri4_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
876 i
->usri4_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
877 i
->usri4_script_path
= talloc_strdup(mem_ctx
, i21
->logon_script
.string
);
878 i
->usri4_auth_flags
= auth_flag
;
879 i
->usri4_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
880 i
->usri4_usr_comment
= talloc_strdup(mem_ctx
, i21
->comment
.string
);
881 i
->usri4_parms
= talloc_strndup(mem_ctx
, (const char *)i21
->parameters
.array
, i21
->parameters
.size
/2);
882 i
->usri4_workstations
= talloc_strdup(mem_ctx
, i21
->workstations
.string
);
883 i
->usri4_last_logon
= nt_time_to_unix(i21
->last_logon
);
884 i
->usri4_last_logoff
= nt_time_to_unix(i21
->last_logoff
);
885 i
->usri4_acct_expires
= nt_time_to_unix(i21
->acct_expiry
);
886 i
->usri4_max_storage
= USER_MAXSTORAGE_UNLIMITED
; /* FIXME */
887 i
->usri4_units_per_week
= i21
->logon_hours
.units_per_week
;
888 i
->usri4_logon_hours
= (uint8_t *)talloc_memdup(mem_ctx
, i21
->logon_hours
.bits
, 21);
889 i
->usri4_bad_pw_count
= i21
->bad_password_count
;
890 i
->usri4_num_logons
= i21
->logon_count
;
891 i
->usri4_logon_server
= talloc_strdup(mem_ctx
, "\\\\*");
892 i
->usri4_country_code
= i21
->country_code
;
893 i
->usri4_code_page
= i21
->code_page
;
894 if (!sid_compose(&sid
, domain_sid
, i21
->rid
)) {
895 return NT_STATUS_NO_MEMORY
;
897 i
->usri4_user_sid
= (struct domsid
*)sid_dup_talloc(mem_ctx
, &sid
);
898 i
->usri4_primary_group_id
= i21
->primary_gid
;
899 i
->usri4_profile
= talloc_strdup(mem_ctx
, i21
->profile_path
.string
);
900 i
->usri4_home_dir_drive
= talloc_strdup(mem_ctx
, i21
->home_drive
.string
);
901 i
->usri4_password_expired
= i21
->password_expired
;
906 /****************************************************************
907 ****************************************************************/
909 static NTSTATUS
info21_to_USER_INFO_10(TALLOC_CTX
*mem_ctx
,
910 const struct samr_UserInfo21
*i21
,
911 struct USER_INFO_10
*i
)
915 i
->usri10_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
916 NT_STATUS_HAVE_NO_MEMORY(i
->usri10_name
);
917 i
->usri10_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
918 i
->usri10_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
919 i
->usri10_usr_comment
= talloc_strdup(mem_ctx
, i21
->comment
.string
);
924 /****************************************************************
925 ****************************************************************/
927 static NTSTATUS
info21_to_USER_INFO_20(TALLOC_CTX
*mem_ctx
,
928 const struct samr_UserInfo21
*i21
,
929 struct USER_INFO_20
*i
)
933 i
->usri20_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
934 NT_STATUS_HAVE_NO_MEMORY(i
->usri20_name
);
935 i
->usri20_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
936 i
->usri20_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
937 i
->usri20_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
938 i
->usri20_user_id
= i21
->rid
;
943 /****************************************************************
944 ****************************************************************/
946 static NTSTATUS
info21_to_USER_INFO_23(TALLOC_CTX
*mem_ctx
,
947 const struct samr_UserInfo21
*i21
,
948 struct dom_sid
*domain_sid
,
949 struct USER_INFO_23
*i
)
955 i
->usri23_name
= talloc_strdup(mem_ctx
, i21
->account_name
.string
);
956 NT_STATUS_HAVE_NO_MEMORY(i
->usri23_name
);
957 i
->usri23_comment
= talloc_strdup(mem_ctx
, i21
->description
.string
);
958 i
->usri23_full_name
= talloc_strdup(mem_ctx
, i21
->full_name
.string
);
959 i
->usri23_flags
= samr_acb_flags_to_netapi_flags(i21
->acct_flags
);
960 if (!sid_compose(&sid
, domain_sid
, i21
->rid
)) {
961 return NT_STATUS_NO_MEMORY
;
963 i
->usri23_user_sid
= (struct domsid
*)sid_dup_talloc(mem_ctx
, &sid
);
968 /****************************************************************
969 ****************************************************************/
971 static NTSTATUS
libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX
*mem_ctx
,
972 struct rpc_pipe_client
*pipe_cli
,
973 struct dom_sid
*domain_sid
,
974 struct policy_handle
*domain_handle
,
975 struct policy_handle
*builtin_handle
,
976 const char *user_name
,
980 uint32_t *num_entries
)
984 struct samr_UserInfo21
*info21
= NULL
;
985 struct sec_desc_buf
*sec_desc
= NULL
;
986 uint32_t auth_flag
= 0;
988 struct USER_INFO_0 info0
;
989 struct USER_INFO_1 info1
;
990 struct USER_INFO_2 info2
;
991 struct USER_INFO_3 info3
;
992 struct USER_INFO_4 info4
;
993 struct USER_INFO_10 info10
;
994 struct USER_INFO_20 info20
;
995 struct USER_INFO_23 info23
;
1009 return NT_STATUS_INVALID_LEVEL
;
1013 info0
.usri0_name
= talloc_strdup(mem_ctx
, user_name
);
1014 NT_STATUS_HAVE_NO_MEMORY(info0
.usri0_name
);
1016 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_0
, info0
,
1017 (struct USER_INFO_0
**)buffer
, num_entries
);
1019 return NT_STATUS_OK
;
1022 status
= libnetapi_samr_lookup_user(mem_ctx
, pipe_cli
,
1033 if (!NT_STATUS_IS_OK(status
)) {
1039 /* already returned above */
1042 status
= info21_to_USER_INFO_1(mem_ctx
, info21
, &info1
);
1043 NT_STATUS_NOT_OK_RETURN(status
);
1045 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_1
, info1
,
1046 (struct USER_INFO_1
**)buffer
, num_entries
);
1050 status
= info21_to_USER_INFO_2(mem_ctx
, info21
, auth_flag
, &info2
);
1051 NT_STATUS_NOT_OK_RETURN(status
);
1053 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_2
, info2
,
1054 (struct USER_INFO_2
**)buffer
, num_entries
);
1058 status
= info21_to_USER_INFO_3(mem_ctx
, info21
, auth_flag
, &info3
);
1059 NT_STATUS_NOT_OK_RETURN(status
);
1061 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_3
, info3
,
1062 (struct USER_INFO_3
**)buffer
, num_entries
);
1066 status
= info21_to_USER_INFO_4(mem_ctx
, info21
, auth_flag
, domain_sid
, &info4
);
1067 NT_STATUS_NOT_OK_RETURN(status
);
1069 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_4
, info4
,
1070 (struct USER_INFO_4
**)buffer
, num_entries
);
1074 status
= info21_to_USER_INFO_10(mem_ctx
, info21
, &info10
);
1075 NT_STATUS_NOT_OK_RETURN(status
);
1077 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_10
, info10
,
1078 (struct USER_INFO_10
**)buffer
, num_entries
);
1083 status
= info21_to_USER_INFO_20(mem_ctx
, info21
, &info20
);
1084 NT_STATUS_NOT_OK_RETURN(status
);
1086 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_20
, info20
,
1087 (struct USER_INFO_20
**)buffer
, num_entries
);
1091 status
= info21_to_USER_INFO_23(mem_ctx
, info21
, domain_sid
, &info23
);
1092 NT_STATUS_NOT_OK_RETURN(status
);
1094 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_23
, info23
,
1095 (struct USER_INFO_23
**)buffer
, num_entries
);
1098 return NT_STATUS_INVALID_LEVEL
;
1105 /****************************************************************
1106 ****************************************************************/
1108 WERROR
NetUserEnum_r(struct libnetapi_ctx
*ctx
,
1109 struct NetUserEnum
*r
)
1111 struct cli_state
*cli
= NULL
;
1112 struct rpc_pipe_client
*pipe_cli
= NULL
;
1113 struct policy_handle connect_handle
;
1114 struct dom_sid2
*domain_sid
= NULL
;
1115 struct policy_handle domain_handle
, builtin_handle
;
1116 struct samr_SamArray
*sam
= NULL
;
1117 uint32_t filter
= ACB_NORMAL
;
1119 uint32_t entries_read
= 0;
1121 NTSTATUS status
= NT_STATUS_OK
;
1124 ZERO_STRUCT(connect_handle
);
1125 ZERO_STRUCT(domain_handle
);
1126 ZERO_STRUCT(builtin_handle
);
1128 if (!r
->out
.buffer
) {
1129 return WERR_INVALID_PARAM
;
1132 *r
->out
.buffer
= NULL
;
1133 *r
->out
.entries_read
= 0;
1135 switch (r
->in
.level
) {
1146 return WERR_NOT_SUPPORTED
;
1148 return WERR_UNKNOWN_LEVEL
;
1151 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
1152 &ndr_table_samr
.syntax_id
,
1155 if (!W_ERROR_IS_OK(werr
)) {
1159 werr
= libnetapi_samr_open_builtin_domain(ctx
, pipe_cli
,
1160 SAMR_ACCESS_ENUM_DOMAINS
|
1161 SAMR_ACCESS_OPEN_DOMAIN
,
1162 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
|
1163 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
,
1166 if (!W_ERROR_IS_OK(werr
)) {
1170 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1171 SAMR_ACCESS_ENUM_DOMAINS
|
1172 SAMR_ACCESS_OPEN_DOMAIN
,
1173 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
1174 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
|
1175 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1179 if (!W_ERROR_IS_OK(werr
)) {
1183 switch (r
->in
.filter
) {
1184 case FILTER_NORMAL_ACCOUNT
:
1185 filter
= ACB_NORMAL
;
1187 case FILTER_TEMP_DUPLICATE_ACCOUNT
:
1188 filter
= ACB_TEMPDUP
;
1190 case FILTER_INTERDOMAIN_TRUST_ACCOUNT
:
1191 filter
= ACB_DOMTRUST
;
1193 case FILTER_WORKSTATION_TRUST_ACCOUNT
:
1194 filter
= ACB_WSTRUST
;
1196 case FILTER_SERVER_TRUST_ACCOUNT
:
1197 filter
= ACB_SVRTRUST
;
1203 status
= rpccli_samr_EnumDomainUsers(pipe_cli
,
1206 r
->in
.resume_handle
,
1211 werr
= ntstatus_to_werror(status
);
1212 if (NT_STATUS_IS_ERR(status
)) {
1216 for (i
=0; i
< sam
->count
; i
++) {
1218 status
= libnetapi_samr_lookup_user_map_USER_INFO(ctx
, pipe_cli
,
1222 sam
->entries
[i
].name
.string
,
1223 sam
->entries
[i
].idx
,
1226 r
->out
.entries_read
);
1227 if (!NT_STATUS_IS_OK(status
)) {
1228 werr
= ntstatus_to_werror(status
);
1239 if (NT_STATUS_IS_OK(status
) ||
1240 NT_STATUS_IS_ERR(status
)) {
1242 if (ctx
->disable_policy_handle_cache
) {
1243 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1244 libnetapi_samr_close_builtin_handle(ctx
, &builtin_handle
);
1245 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1252 /****************************************************************
1253 ****************************************************************/
1255 WERROR
NetUserEnum_l(struct libnetapi_ctx
*ctx
,
1256 struct NetUserEnum
*r
)
1258 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserEnum
);
1261 /****************************************************************
1262 ****************************************************************/
1264 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX
*mem_ctx
,
1265 struct samr_DispInfoGeneral
*info
,
1266 uint32_t *entries_read
,
1269 struct NET_DISPLAY_USER
*user
= NULL
;
1272 user
= TALLOC_ZERO_ARRAY(mem_ctx
,
1273 struct NET_DISPLAY_USER
,
1275 W_ERROR_HAVE_NO_MEMORY(user
);
1277 for (i
= 0; i
< info
->count
; i
++) {
1278 user
[i
].usri1_name
= talloc_strdup(mem_ctx
,
1279 info
->entries
[i
].account_name
.string
);
1280 user
[i
].usri1_comment
= talloc_strdup(mem_ctx
,
1281 info
->entries
[i
].description
.string
);
1282 user
[i
].usri1_flags
=
1283 info
->entries
[i
].acct_flags
;
1284 user
[i
].usri1_full_name
= talloc_strdup(mem_ctx
,
1285 info
->entries
[i
].full_name
.string
);
1286 user
[i
].usri1_user_id
=
1287 info
->entries
[i
].rid
;
1288 user
[i
].usri1_next_index
=
1289 info
->entries
[i
].idx
;
1291 if (!user
[i
].usri1_name
) {
1296 *buffer
= talloc_memdup(mem_ctx
, user
,
1297 sizeof(struct NET_DISPLAY_USER
) * info
->count
);
1298 W_ERROR_HAVE_NO_MEMORY(*buffer
);
1300 *entries_read
= info
->count
;
1305 /****************************************************************
1306 ****************************************************************/
1308 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX
*mem_ctx
,
1309 struct samr_DispInfoFull
*info
,
1310 uint32_t *entries_read
,
1313 struct NET_DISPLAY_MACHINE
*machine
= NULL
;
1316 machine
= TALLOC_ZERO_ARRAY(mem_ctx
,
1317 struct NET_DISPLAY_MACHINE
,
1319 W_ERROR_HAVE_NO_MEMORY(machine
);
1321 for (i
= 0; i
< info
->count
; i
++) {
1322 machine
[i
].usri2_name
= talloc_strdup(mem_ctx
,
1323 info
->entries
[i
].account_name
.string
);
1324 machine
[i
].usri2_comment
= talloc_strdup(mem_ctx
,
1325 info
->entries
[i
].description
.string
);
1326 machine
[i
].usri2_flags
=
1327 info
->entries
[i
].acct_flags
;
1328 machine
[i
].usri2_user_id
=
1329 info
->entries
[i
].rid
;
1330 machine
[i
].usri2_next_index
=
1331 info
->entries
[i
].idx
;
1333 if (!machine
[i
].usri2_name
) {
1338 *buffer
= talloc_memdup(mem_ctx
, machine
,
1339 sizeof(struct NET_DISPLAY_MACHINE
) * info
->count
);
1340 W_ERROR_HAVE_NO_MEMORY(*buffer
);
1342 *entries_read
= info
->count
;
1347 /****************************************************************
1348 ****************************************************************/
1350 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX
*mem_ctx
,
1351 struct samr_DispInfoFullGroups
*info
,
1352 uint32_t *entries_read
,
1355 struct NET_DISPLAY_GROUP
*group
= NULL
;
1358 group
= TALLOC_ZERO_ARRAY(mem_ctx
,
1359 struct NET_DISPLAY_GROUP
,
1361 W_ERROR_HAVE_NO_MEMORY(group
);
1363 for (i
= 0; i
< info
->count
; i
++) {
1364 group
[i
].grpi3_name
= talloc_strdup(mem_ctx
,
1365 info
->entries
[i
].account_name
.string
);
1366 group
[i
].grpi3_comment
= talloc_strdup(mem_ctx
,
1367 info
->entries
[i
].description
.string
);
1368 group
[i
].grpi3_group_id
=
1369 info
->entries
[i
].rid
;
1370 group
[i
].grpi3_attributes
=
1371 info
->entries
[i
].acct_flags
;
1372 group
[i
].grpi3_next_index
=
1373 info
->entries
[i
].idx
;
1375 if (!group
[i
].grpi3_name
) {
1380 *buffer
= talloc_memdup(mem_ctx
, group
,
1381 sizeof(struct NET_DISPLAY_GROUP
) * info
->count
);
1382 W_ERROR_HAVE_NO_MEMORY(*buffer
);
1384 *entries_read
= info
->count
;
1390 /****************************************************************
1391 ****************************************************************/
1393 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX
*mem_ctx
,
1394 union samr_DispInfo
*info
,
1396 uint32_t *entries_read
,
1401 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx
,
1406 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx
,
1411 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx
,
1416 return WERR_UNKNOWN_LEVEL
;
1422 /****************************************************************
1423 ****************************************************************/
1425 WERROR
NetQueryDisplayInformation_r(struct libnetapi_ctx
*ctx
,
1426 struct NetQueryDisplayInformation
*r
)
1428 struct cli_state
*cli
= NULL
;
1429 struct rpc_pipe_client
*pipe_cli
= NULL
;
1430 struct policy_handle connect_handle
;
1431 struct dom_sid2
*domain_sid
= NULL
;
1432 struct policy_handle domain_handle
;
1433 union samr_DispInfo info
;
1435 uint32_t total_size
= 0;
1436 uint32_t returned_size
= 0;
1438 NTSTATUS status
= NT_STATUS_OK
;
1441 ZERO_STRUCT(connect_handle
);
1442 ZERO_STRUCT(domain_handle
);
1444 switch (r
->in
.level
) {
1450 return WERR_UNKNOWN_LEVEL
;
1453 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
1454 &ndr_table_samr
.syntax_id
,
1457 if (!W_ERROR_IS_OK(werr
)) {
1461 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1462 SAMR_ACCESS_ENUM_DOMAINS
|
1463 SAMR_ACCESS_OPEN_DOMAIN
,
1464 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
1465 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
|
1466 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1470 if (!W_ERROR_IS_OK(werr
)) {
1474 status
= rpccli_samr_QueryDisplayInfo2(pipe_cli
,
1479 r
->in
.entries_requested
,
1484 if (!NT_STATUS_IS_OK(status
)) {
1485 werr
= ntstatus_to_werror(status
);
1489 werr
= convert_samr_dispinfo_to_NET_DISPLAY(ctx
, &info
,
1491 r
->out
.entries_read
,
1499 if (NT_STATUS_IS_OK(status
) ||
1500 NT_STATUS_IS_ERR(status
)) {
1502 if (ctx
->disable_policy_handle_cache
) {
1503 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1504 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1512 /****************************************************************
1513 ****************************************************************/
1516 WERROR
NetQueryDisplayInformation_l(struct libnetapi_ctx
*ctx
,
1517 struct NetQueryDisplayInformation
*r
)
1519 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetQueryDisplayInformation
);
1522 /****************************************************************
1523 ****************************************************************/
1525 WERROR
NetUserChangePassword_r(struct libnetapi_ctx
*ctx
,
1526 struct NetUserChangePassword
*r
)
1528 return WERR_NOT_SUPPORTED
;
1531 /****************************************************************
1532 ****************************************************************/
1534 WERROR
NetUserChangePassword_l(struct libnetapi_ctx
*ctx
,
1535 struct NetUserChangePassword
*r
)
1537 return WERR_NOT_SUPPORTED
;
1540 /****************************************************************
1541 ****************************************************************/
1543 WERROR
NetUserGetInfo_r(struct libnetapi_ctx
*ctx
,
1544 struct NetUserGetInfo
*r
)
1546 struct cli_state
*cli
= NULL
;
1547 struct rpc_pipe_client
*pipe_cli
= NULL
;
1551 struct policy_handle connect_handle
, domain_handle
, builtin_handle
, user_handle
;
1552 struct lsa_String lsa_account_name
;
1553 struct dom_sid2
*domain_sid
= NULL
;
1554 struct samr_Ids user_rids
, name_types
;
1555 uint32_t num_entries
= 0;
1557 ZERO_STRUCT(connect_handle
);
1558 ZERO_STRUCT(domain_handle
);
1559 ZERO_STRUCT(builtin_handle
);
1560 ZERO_STRUCT(user_handle
);
1562 if (!r
->out
.buffer
) {
1563 return WERR_INVALID_PARAM
;
1566 switch (r
->in
.level
) {
1577 werr
= WERR_NOT_SUPPORTED
;
1580 werr
= WERR_UNKNOWN_LEVEL
;
1584 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
1585 &ndr_table_samr
.syntax_id
,
1588 if (!W_ERROR_IS_OK(werr
)) {
1592 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1593 SAMR_ACCESS_ENUM_DOMAINS
|
1594 SAMR_ACCESS_OPEN_DOMAIN
,
1595 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1599 if (!W_ERROR_IS_OK(werr
)) {
1603 werr
= libnetapi_samr_open_builtin_domain(ctx
, pipe_cli
,
1604 SAMR_ACCESS_ENUM_DOMAINS
|
1605 SAMR_ACCESS_OPEN_DOMAIN
,
1606 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
|
1607 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
,
1610 if (!W_ERROR_IS_OK(werr
)) {
1614 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
1616 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
1622 if (!NT_STATUS_IS_OK(status
)) {
1623 werr
= ntstatus_to_werror(status
);
1627 status
= libnetapi_samr_lookup_user_map_USER_INFO(ctx
, pipe_cli
,
1636 if (!NT_STATUS_IS_OK(status
)) {
1637 werr
= ntstatus_to_werror(status
);
1646 if (is_valid_policy_hnd(&user_handle
)) {
1647 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
1650 if (ctx
->disable_policy_handle_cache
) {
1651 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1652 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1658 /****************************************************************
1659 ****************************************************************/
1661 WERROR
NetUserGetInfo_l(struct libnetapi_ctx
*ctx
,
1662 struct NetUserGetInfo
*r
)
1664 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserGetInfo
);
1667 /****************************************************************
1668 ****************************************************************/
1670 WERROR
NetUserSetInfo_r(struct libnetapi_ctx
*ctx
,
1671 struct NetUserSetInfo
*r
)
1673 struct cli_state
*cli
= NULL
;
1674 struct rpc_pipe_client
*pipe_cli
= NULL
;
1678 struct policy_handle connect_handle
, domain_handle
, builtin_handle
, user_handle
;
1679 struct lsa_String lsa_account_name
;
1680 struct dom_sid2
*domain_sid
= NULL
;
1681 struct samr_Ids user_rids
, name_types
;
1682 uint32_t user_mask
= 0;
1684 struct USER_INFO_X uX
;
1686 ZERO_STRUCT(connect_handle
);
1687 ZERO_STRUCT(domain_handle
);
1688 ZERO_STRUCT(builtin_handle
);
1689 ZERO_STRUCT(user_handle
);
1691 if (!r
->in
.buffer
) {
1692 return WERR_INVALID_PARAM
;
1695 switch (r
->in
.level
) {
1698 user_mask
= SAMR_USER_ACCESS_SET_PASSWORD
;
1707 user_mask
= SAMR_USER_ACCESS_SET_ATTRIBUTES
;
1711 user_mask
= SAMR_USER_ACCESS_SET_LOC_COM
;
1713 user_mask
= SAMR_USER_ACCESS_SET_ATTRIBUTES
|
1714 SAMR_USER_ACCESS_GET_GROUPS
;
1727 werr
= WERR_NOT_SUPPORTED
;
1730 werr
= WERR_UNKNOWN_LEVEL
;
1734 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
1735 &ndr_table_samr
.syntax_id
,
1738 if (!W_ERROR_IS_OK(werr
)) {
1742 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1743 SAMR_ACCESS_ENUM_DOMAINS
|
1744 SAMR_ACCESS_OPEN_DOMAIN
,
1745 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
1746 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1750 if (!W_ERROR_IS_OK(werr
)) {
1754 werr
= libnetapi_samr_open_builtin_domain(ctx
, pipe_cli
,
1755 SAMR_ACCESS_ENUM_DOMAINS
|
1756 SAMR_ACCESS_OPEN_DOMAIN
,
1757 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
|
1758 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
,
1761 if (!W_ERROR_IS_OK(werr
)) {
1765 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
1767 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
1773 if (!NT_STATUS_IS_OK(status
)) {
1774 werr
= ntstatus_to_werror(status
);
1778 status
= rpccli_samr_OpenUser(pipe_cli
, ctx
,
1783 if (!NT_STATUS_IS_OK(status
)) {
1784 werr
= ntstatus_to_werror(status
);
1788 status
= construct_USER_INFO_X(r
->in
.level
, r
->in
.buffer
, &uX
);
1789 if (!NT_STATUS_IS_OK(status
)) {
1790 werr
= ntstatus_to_werror(status
);
1794 status
= set_user_info_USER_INFO_X(ctx
, pipe_cli
,
1795 &cli
->user_session_key
,
1798 if (!NT_STATUS_IS_OK(status
)) {
1799 werr
= ntstatus_to_werror(status
);
1810 if (is_valid_policy_hnd(&user_handle
)) {
1811 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
1814 if (ctx
->disable_policy_handle_cache
) {
1815 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1816 libnetapi_samr_close_builtin_handle(ctx
, &builtin_handle
);
1817 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1823 /****************************************************************
1824 ****************************************************************/
1826 WERROR
NetUserSetInfo_l(struct libnetapi_ctx
*ctx
,
1827 struct NetUserSetInfo
*r
)
1829 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserSetInfo
);
1832 /****************************************************************
1833 ****************************************************************/
1835 static NTSTATUS
query_USER_MODALS_INFO_rpc(TALLOC_CTX
*mem_ctx
,
1836 struct rpc_pipe_client
*pipe_cli
,
1837 struct policy_handle
*domain_handle
,
1838 struct samr_DomInfo1
*info1
,
1839 struct samr_DomInfo3
*info3
,
1840 struct samr_DomInfo5
*info5
,
1841 struct samr_DomInfo6
*info6
,
1842 struct samr_DomInfo7
*info7
,
1843 struct samr_DomInfo12
*info12
)
1846 union samr_DomainInfo
*dom_info
= NULL
;
1849 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1853 NT_STATUS_NOT_OK_RETURN(status
);
1855 *info1
= dom_info
->info1
;
1859 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1863 NT_STATUS_NOT_OK_RETURN(status
);
1865 *info3
= dom_info
->info3
;
1869 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1873 NT_STATUS_NOT_OK_RETURN(status
);
1875 *info5
= dom_info
->info5
;
1879 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1883 NT_STATUS_NOT_OK_RETURN(status
);
1885 *info6
= dom_info
->info6
;
1889 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1893 NT_STATUS_NOT_OK_RETURN(status
);
1895 *info7
= dom_info
->info7
;
1899 status
= rpccli_samr_QueryDomainInfo2(pipe_cli
, mem_ctx
,
1903 NT_STATUS_NOT_OK_RETURN(status
);
1905 *info12
= dom_info
->info12
;
1908 return NT_STATUS_OK
;
1911 /****************************************************************
1912 ****************************************************************/
1914 static NTSTATUS
query_USER_MODALS_INFO_0(TALLOC_CTX
*mem_ctx
,
1915 struct rpc_pipe_client
*pipe_cli
,
1916 struct policy_handle
*domain_handle
,
1917 struct USER_MODALS_INFO_0
*info0
)
1920 struct samr_DomInfo1 dom_info1
;
1921 struct samr_DomInfo3 dom_info3
;
1923 ZERO_STRUCTP(info0
);
1925 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1934 NT_STATUS_NOT_OK_RETURN(status
);
1936 info0
->usrmod0_min_passwd_len
=
1937 dom_info1
.min_password_length
;
1938 info0
->usrmod0_max_passwd_age
=
1939 nt_time_to_unix_abs((NTTIME
*)&dom_info1
.max_password_age
);
1940 info0
->usrmod0_min_passwd_age
=
1941 nt_time_to_unix_abs((NTTIME
*)&dom_info1
.min_password_age
);
1942 info0
->usrmod0_password_hist_len
=
1943 dom_info1
.password_history_length
;
1945 info0
->usrmod0_force_logoff
=
1946 nt_time_to_unix_abs(&dom_info3
.force_logoff_time
);
1948 return NT_STATUS_OK
;
1951 /****************************************************************
1952 ****************************************************************/
1954 static NTSTATUS
query_USER_MODALS_INFO_1(TALLOC_CTX
*mem_ctx
,
1955 struct rpc_pipe_client
*pipe_cli
,
1956 struct policy_handle
*domain_handle
,
1957 struct USER_MODALS_INFO_1
*info1
)
1960 struct samr_DomInfo6 dom_info6
;
1961 struct samr_DomInfo7 dom_info7
;
1963 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1972 NT_STATUS_NOT_OK_RETURN(status
);
1974 info1
->usrmod1_primary
=
1975 talloc_strdup(mem_ctx
, dom_info6
.primary
.string
);
1977 info1
->usrmod1_role
= dom_info7
.role
;
1979 return NT_STATUS_OK
;
1982 /****************************************************************
1983 ****************************************************************/
1985 static NTSTATUS
query_USER_MODALS_INFO_2(TALLOC_CTX
*mem_ctx
,
1986 struct rpc_pipe_client
*pipe_cli
,
1987 struct policy_handle
*domain_handle
,
1988 struct dom_sid
*domain_sid
,
1989 struct USER_MODALS_INFO_2
*info2
)
1992 struct samr_DomInfo5 dom_info5
;
1994 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2003 NT_STATUS_NOT_OK_RETURN(status
);
2005 info2
->usrmod2_domain_name
=
2006 talloc_strdup(mem_ctx
, dom_info5
.domain_name
.string
);
2007 info2
->usrmod2_domain_id
=
2008 (struct domsid
*)sid_dup_talloc(mem_ctx
, domain_sid
);
2010 NT_STATUS_HAVE_NO_MEMORY(info2
->usrmod2_domain_name
);
2011 NT_STATUS_HAVE_NO_MEMORY(info2
->usrmod2_domain_id
);
2013 return NT_STATUS_OK
;
2016 /****************************************************************
2017 ****************************************************************/
2019 static NTSTATUS
query_USER_MODALS_INFO_3(TALLOC_CTX
*mem_ctx
,
2020 struct rpc_pipe_client
*pipe_cli
,
2021 struct policy_handle
*domain_handle
,
2022 struct USER_MODALS_INFO_3
*info3
)
2025 struct samr_DomInfo12 dom_info12
;
2027 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2036 NT_STATUS_NOT_OK_RETURN(status
);
2038 info3
->usrmod3_lockout_duration
=
2039 nt_time_to_unix_abs(&dom_info12
.lockout_duration
);
2040 info3
->usrmod3_lockout_observation_window
=
2041 nt_time_to_unix_abs(&dom_info12
.lockout_window
);
2042 info3
->usrmod3_lockout_threshold
=
2043 dom_info12
.lockout_threshold
;
2045 return NT_STATUS_OK
;
2048 /****************************************************************
2049 ****************************************************************/
2051 static NTSTATUS
query_USER_MODALS_INFO_to_buffer(TALLOC_CTX
*mem_ctx
,
2052 struct rpc_pipe_client
*pipe_cli
,
2054 struct policy_handle
*domain_handle
,
2055 struct dom_sid
*domain_sid
,
2060 struct USER_MODALS_INFO_0 info0
;
2061 struct USER_MODALS_INFO_1 info1
;
2062 struct USER_MODALS_INFO_2 info2
;
2063 struct USER_MODALS_INFO_3 info3
;
2066 return ERROR_INSUFFICIENT_BUFFER
;
2071 status
= query_USER_MODALS_INFO_0(mem_ctx
,
2075 NT_STATUS_NOT_OK_RETURN(status
);
2077 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info0
,
2082 status
= query_USER_MODALS_INFO_1(mem_ctx
,
2086 NT_STATUS_NOT_OK_RETURN(status
);
2088 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info1
,
2092 status
= query_USER_MODALS_INFO_2(mem_ctx
,
2097 NT_STATUS_NOT_OK_RETURN(status
);
2099 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info2
,
2103 status
= query_USER_MODALS_INFO_3(mem_ctx
,
2107 NT_STATUS_NOT_OK_RETURN(status
);
2109 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info3
,
2116 NT_STATUS_HAVE_NO_MEMORY(*buffer
);
2118 return NT_STATUS_OK
;
2121 /****************************************************************
2122 ****************************************************************/
2124 WERROR
NetUserModalsGet_r(struct libnetapi_ctx
*ctx
,
2125 struct NetUserModalsGet
*r
)
2127 struct cli_state
*cli
= NULL
;
2128 struct rpc_pipe_client
*pipe_cli
= NULL
;
2132 struct policy_handle connect_handle
, domain_handle
;
2133 struct dom_sid2
*domain_sid
= NULL
;
2134 uint32_t access_mask
= SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
;
2136 ZERO_STRUCT(connect_handle
);
2137 ZERO_STRUCT(domain_handle
);
2139 if (!r
->out
.buffer
) {
2140 return WERR_INVALID_PARAM
;
2143 switch (r
->in
.level
) {
2145 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
2146 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
;
2150 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
;
2153 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
;
2156 werr
= WERR_UNKNOWN_LEVEL
;
2160 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
2161 &ndr_table_samr
.syntax_id
,
2164 if (!W_ERROR_IS_OK(werr
)) {
2168 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
2169 SAMR_ACCESS_ENUM_DOMAINS
|
2170 SAMR_ACCESS_OPEN_DOMAIN
,
2175 if (!W_ERROR_IS_OK(werr
)) {
2182 /* 3: 12 (DomainInfo2) */
2184 status
= query_USER_MODALS_INFO_to_buffer(ctx
,
2190 if (!NT_STATUS_IS_OK(status
)) {
2191 werr
= ntstatus_to_werror(status
);
2200 if (ctx
->disable_policy_handle_cache
) {
2201 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
2202 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
2208 /****************************************************************
2209 ****************************************************************/
2211 WERROR
NetUserModalsGet_l(struct libnetapi_ctx
*ctx
,
2212 struct NetUserModalsGet
*r
)
2214 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserModalsGet
);
2217 /****************************************************************
2218 ****************************************************************/
2220 static NTSTATUS
set_USER_MODALS_INFO_rpc(TALLOC_CTX
*mem_ctx
,
2221 struct rpc_pipe_client
*pipe_cli
,
2222 struct policy_handle
*domain_handle
,
2223 struct samr_DomInfo1
*info1
,
2224 struct samr_DomInfo3
*info3
,
2225 struct samr_DomInfo12
*info12
)
2228 union samr_DomainInfo dom_info
;
2232 ZERO_STRUCT(dom_info
);
2234 dom_info
.info1
= *info1
;
2236 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
2240 NT_STATUS_NOT_OK_RETURN(status
);
2245 ZERO_STRUCT(dom_info
);
2247 dom_info
.info3
= *info3
;
2249 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
2254 NT_STATUS_NOT_OK_RETURN(status
);
2259 ZERO_STRUCT(dom_info
);
2261 dom_info
.info12
= *info12
;
2263 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
2268 NT_STATUS_NOT_OK_RETURN(status
);
2271 return NT_STATUS_OK
;
2274 /****************************************************************
2275 ****************************************************************/
2277 static NTSTATUS
set_USER_MODALS_INFO_0_buffer(TALLOC_CTX
*mem_ctx
,
2278 struct rpc_pipe_client
*pipe_cli
,
2279 struct policy_handle
*domain_handle
,
2280 struct USER_MODALS_INFO_0
*info0
)
2283 struct samr_DomInfo1 dom_info_1
;
2284 struct samr_DomInfo3 dom_info_3
;
2286 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2295 NT_STATUS_NOT_OK_RETURN(status
);
2297 dom_info_1
.min_password_length
=
2298 info0
->usrmod0_min_passwd_len
;
2299 dom_info_1
.password_history_length
=
2300 info0
->usrmod0_password_hist_len
;
2302 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.max_password_age
,
2303 info0
->usrmod0_max_passwd_age
);
2304 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.min_password_age
,
2305 info0
->usrmod0_min_passwd_age
);
2307 unix_to_nt_time_abs(&dom_info_3
.force_logoff_time
,
2308 info0
->usrmod0_force_logoff
);
2310 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2318 /****************************************************************
2319 ****************************************************************/
2321 static NTSTATUS
set_USER_MODALS_INFO_3_buffer(TALLOC_CTX
*mem_ctx
,
2322 struct rpc_pipe_client
*pipe_cli
,
2323 struct policy_handle
*domain_handle
,
2324 struct USER_MODALS_INFO_3
*info3
)
2327 struct samr_DomInfo12 dom_info_12
;
2329 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2338 NT_STATUS_NOT_OK_RETURN(status
);
2340 unix_to_nt_time_abs((NTTIME
*)&dom_info_12
.lockout_duration
,
2341 info3
->usrmod3_lockout_duration
);
2342 unix_to_nt_time_abs((NTTIME
*)&dom_info_12
.lockout_window
,
2343 info3
->usrmod3_lockout_observation_window
);
2344 dom_info_12
.lockout_threshold
= info3
->usrmod3_lockout_threshold
;
2346 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2354 /****************************************************************
2355 ****************************************************************/
2357 static NTSTATUS
set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX
*mem_ctx
,
2358 struct rpc_pipe_client
*pipe_cli
,
2359 struct policy_handle
*domain_handle
,
2360 struct USER_MODALS_INFO_1001
*info1001
)
2363 struct samr_DomInfo1 dom_info_1
;
2365 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2374 NT_STATUS_NOT_OK_RETURN(status
);
2376 dom_info_1
.min_password_length
=
2377 info1001
->usrmod1001_min_passwd_len
;
2379 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2387 /****************************************************************
2388 ****************************************************************/
2390 static NTSTATUS
set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX
*mem_ctx
,
2391 struct rpc_pipe_client
*pipe_cli
,
2392 struct policy_handle
*domain_handle
,
2393 struct USER_MODALS_INFO_1002
*info1002
)
2396 struct samr_DomInfo1 dom_info_1
;
2398 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2407 NT_STATUS_NOT_OK_RETURN(status
);
2409 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.max_password_age
,
2410 info1002
->usrmod1002_max_passwd_age
);
2412 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2420 /****************************************************************
2421 ****************************************************************/
2423 static NTSTATUS
set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX
*mem_ctx
,
2424 struct rpc_pipe_client
*pipe_cli
,
2425 struct policy_handle
*domain_handle
,
2426 struct USER_MODALS_INFO_1003
*info1003
)
2429 struct samr_DomInfo1 dom_info_1
;
2431 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2440 NT_STATUS_NOT_OK_RETURN(status
);
2442 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.min_password_age
,
2443 info1003
->usrmod1003_min_passwd_age
);
2445 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2453 /****************************************************************
2454 ****************************************************************/
2456 static NTSTATUS
set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX
*mem_ctx
,
2457 struct rpc_pipe_client
*pipe_cli
,
2458 struct policy_handle
*domain_handle
,
2459 struct USER_MODALS_INFO_1004
*info1004
)
2462 struct samr_DomInfo3 dom_info_3
;
2464 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2473 NT_STATUS_NOT_OK_RETURN(status
);
2475 unix_to_nt_time_abs(&dom_info_3
.force_logoff_time
,
2476 info1004
->usrmod1004_force_logoff
);
2478 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2486 /****************************************************************
2487 ****************************************************************/
2489 static NTSTATUS
set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX
*mem_ctx
,
2490 struct rpc_pipe_client
*pipe_cli
,
2491 struct policy_handle
*domain_handle
,
2492 struct USER_MODALS_INFO_1005
*info1005
)
2495 struct samr_DomInfo1 dom_info_1
;
2497 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2506 NT_STATUS_NOT_OK_RETURN(status
);
2508 dom_info_1
.password_history_length
=
2509 info1005
->usrmod1005_password_hist_len
;
2511 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2519 /****************************************************************
2520 ****************************************************************/
2522 static NTSTATUS
set_USER_MODALS_INFO_buffer(TALLOC_CTX
*mem_ctx
,
2523 struct rpc_pipe_client
*pipe_cli
,
2525 struct policy_handle
*domain_handle
,
2526 struct dom_sid
*domain_sid
,
2529 struct USER_MODALS_INFO_0
*info0
;
2530 struct USER_MODALS_INFO_3
*info3
;
2531 struct USER_MODALS_INFO_1001
*info1001
;
2532 struct USER_MODALS_INFO_1002
*info1002
;
2533 struct USER_MODALS_INFO_1003
*info1003
;
2534 struct USER_MODALS_INFO_1004
*info1004
;
2535 struct USER_MODALS_INFO_1005
*info1005
;
2538 return ERROR_INSUFFICIENT_BUFFER
;
2543 info0
= (struct USER_MODALS_INFO_0
*)buffer
;
2544 return set_USER_MODALS_INFO_0_buffer(mem_ctx
,
2549 info3
= (struct USER_MODALS_INFO_3
*)buffer
;
2550 return set_USER_MODALS_INFO_3_buffer(mem_ctx
,
2555 info1001
= (struct USER_MODALS_INFO_1001
*)buffer
;
2556 return set_USER_MODALS_INFO_1001_buffer(mem_ctx
,
2561 info1002
= (struct USER_MODALS_INFO_1002
*)buffer
;
2562 return set_USER_MODALS_INFO_1002_buffer(mem_ctx
,
2567 info1003
= (struct USER_MODALS_INFO_1003
*)buffer
;
2568 return set_USER_MODALS_INFO_1003_buffer(mem_ctx
,
2573 info1004
= (struct USER_MODALS_INFO_1004
*)buffer
;
2574 return set_USER_MODALS_INFO_1004_buffer(mem_ctx
,
2579 info1005
= (struct USER_MODALS_INFO_1005
*)buffer
;
2580 return set_USER_MODALS_INFO_1005_buffer(mem_ctx
,
2589 return NT_STATUS_OK
;
2592 /****************************************************************
2593 ****************************************************************/
2595 WERROR
NetUserModalsSet_r(struct libnetapi_ctx
*ctx
,
2596 struct NetUserModalsSet
*r
)
2598 struct cli_state
*cli
= NULL
;
2599 struct rpc_pipe_client
*pipe_cli
= NULL
;
2603 struct policy_handle connect_handle
, domain_handle
;
2604 struct dom_sid2
*domain_sid
= NULL
;
2605 uint32_t access_mask
= SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
;
2607 ZERO_STRUCT(connect_handle
);
2608 ZERO_STRUCT(domain_handle
);
2610 if (!r
->in
.buffer
) {
2611 return WERR_INVALID_PARAM
;
2614 switch (r
->in
.level
) {
2616 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
2617 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
2618 SAMR_DOMAIN_ACCESS_SET_INFO_1
|
2619 SAMR_DOMAIN_ACCESS_SET_INFO_2
;
2626 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
2627 SAMR_DOMAIN_ACCESS_SET_INFO_1
;
2630 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
2631 SAMR_DOMAIN_ACCESS_SET_INFO_2
;
2637 werr
= WERR_NOT_SUPPORTED
;
2640 werr
= WERR_UNKNOWN_LEVEL
;
2644 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
2645 &ndr_table_samr
.syntax_id
,
2648 if (!W_ERROR_IS_OK(werr
)) {
2652 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
2653 SAMR_ACCESS_ENUM_DOMAINS
|
2654 SAMR_ACCESS_OPEN_DOMAIN
,
2659 if (!W_ERROR_IS_OK(werr
)) {
2663 status
= set_USER_MODALS_INFO_buffer(ctx
,
2669 if (!NT_STATUS_IS_OK(status
)) {
2670 werr
= ntstatus_to_werror(status
);
2679 if (ctx
->disable_policy_handle_cache
) {
2680 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
2681 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
2687 /****************************************************************
2688 ****************************************************************/
2690 WERROR
NetUserModalsSet_l(struct libnetapi_ctx
*ctx
,
2691 struct NetUserModalsSet
*r
)
2693 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserModalsSet
);
2696 /****************************************************************
2697 ****************************************************************/
2699 static NTSTATUS
add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX
*mem_ctx
,
2701 const char *group_name
,
2702 uint32_t attributes
,
2704 uint32_t *num_entries
)
2706 struct GROUP_USERS_INFO_0 u0
;
2707 struct GROUP_USERS_INFO_1 u1
;
2711 u0
.grui0_name
= talloc_strdup(mem_ctx
, group_name
);
2712 NT_STATUS_HAVE_NO_MEMORY(u0
.grui0_name
);
2714 ADD_TO_ARRAY(mem_ctx
, struct GROUP_USERS_INFO_0
, u0
,
2715 (struct GROUP_USERS_INFO_0
**)buffer
, num_entries
);
2718 u1
.grui1_name
= talloc_strdup(mem_ctx
, group_name
);
2719 NT_STATUS_HAVE_NO_MEMORY(u1
.grui1_name
);
2721 u1
.grui1_attributes
= attributes
;
2723 ADD_TO_ARRAY(mem_ctx
, struct GROUP_USERS_INFO_1
, u1
,
2724 (struct GROUP_USERS_INFO_1
**)buffer
, num_entries
);
2727 return NT_STATUS_INVALID_INFO_CLASS
;
2730 return NT_STATUS_OK
;
2733 /****************************************************************
2734 ****************************************************************/
2736 WERROR
NetUserGetGroups_r(struct libnetapi_ctx
*ctx
,
2737 struct NetUserGetGroups
*r
)
2739 struct cli_state
*cli
= NULL
;
2740 struct rpc_pipe_client
*pipe_cli
= NULL
;
2741 struct policy_handle connect_handle
, domain_handle
, user_handle
;
2742 struct lsa_String lsa_account_name
;
2743 struct dom_sid2
*domain_sid
= NULL
;
2744 struct samr_Ids user_rids
, name_types
;
2745 struct samr_RidWithAttributeArray
*rid_array
= NULL
;
2746 struct lsa_Strings names
;
2747 struct samr_Ids types
;
2748 uint32_t *rids
= NULL
;
2751 uint32_t entries_read
= 0;
2753 NTSTATUS status
= NT_STATUS_OK
;
2756 ZERO_STRUCT(connect_handle
);
2757 ZERO_STRUCT(domain_handle
);
2759 if (!r
->out
.buffer
) {
2760 return WERR_INVALID_PARAM
;
2763 *r
->out
.buffer
= NULL
;
2764 *r
->out
.entries_read
= 0;
2766 switch (r
->in
.level
) {
2771 return WERR_UNKNOWN_LEVEL
;
2774 werr
= libnetapi_open_pipe(ctx
, r
->in
.server_name
,
2775 &ndr_table_samr
.syntax_id
,
2778 if (!W_ERROR_IS_OK(werr
)) {
2782 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
2783 SAMR_ACCESS_ENUM_DOMAINS
|
2784 SAMR_ACCESS_OPEN_DOMAIN
,
2785 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
2789 if (!W_ERROR_IS_OK(werr
)) {
2793 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
2795 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
2801 if (!NT_STATUS_IS_OK(status
)) {
2802 werr
= ntstatus_to_werror(status
);
2806 status
= rpccli_samr_OpenUser(pipe_cli
, ctx
,
2808 SAMR_USER_ACCESS_GET_GROUPS
,
2811 if (!NT_STATUS_IS_OK(status
)) {
2812 werr
= ntstatus_to_werror(status
);
2816 status
= rpccli_samr_GetGroupsForUser(pipe_cli
, ctx
,
2819 if (!NT_STATUS_IS_OK(status
)) {
2820 werr
= ntstatus_to_werror(status
);
2824 rids
= talloc_array(ctx
, uint32_t, rid_array
->count
);
2830 for (i
=0; i
< rid_array
->count
; i
++) {
2831 rids
[i
] = rid_array
->rids
[i
].rid
;
2834 status
= rpccli_samr_LookupRids(pipe_cli
, ctx
,
2840 if (!NT_STATUS_IS_OK(status
)) {
2841 werr
= ntstatus_to_werror(status
);
2845 for (i
=0; i
< rid_array
->count
; i
++) {
2846 status
= add_GROUP_USERS_INFO_X_buffer(ctx
,
2848 names
.names
[i
].string
,
2849 rid_array
->rids
[i
].attributes
,
2852 if (!NT_STATUS_IS_OK(status
)) {
2853 werr
= ntstatus_to_werror(status
);
2858 if (r
->out
.entries_read
) {
2859 *r
->out
.entries_read
= entries_read
;
2861 if (r
->out
.total_entries
) {
2862 *r
->out
.total_entries
= entries_read
;
2870 if (ctx
->disable_policy_handle_cache
) {
2871 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
2872 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
2878 /****************************************************************
2879 ****************************************************************/
2881 WERROR
NetUserGetGroups_l(struct libnetapi_ctx
*ctx
,
2882 struct NetUserGetGroups
*r
)
2884 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserGetGroups
);