search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
This commit was manufactured by cvs2svn to create tag
[Samba.git] / source / samrd / srv_samr_passdb.c
blob3caf6f820ee8749cecd3ed198b9f7554e4bfe429
1 /*
2 * Unix SMB/Netbios implementation.
3 * Version 1.9.
4 * RPC Pipe client / server routines
5 * Copyright (C) Andrew Tridgell 1992-2000,
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 * Copyright (C) Sander Striker 2000
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 */
23
24
25 #include "includes.h"
26 #include "rpc_parse.h"
27 #include "nterr.h"
28 #include "sids.h"
29
30 extern int DEBUGLEVEL;
31
32
33 /****************************************************************************
34 set samr sid
35 ****************************************************************************/
36 static BOOL set_policy_samr_sid(struct policy_cache *cache, POLICY_HND * hnd,
37 const DOM_SID * sid)
38 {
39 pstring sidstr;
40 DOM_SID *dev = sid_dup(sid);
41
42 DEBUG(3, ("Setting policy sid=%s\n", sid_to_string(sidstr, sid)));
43
44 if (dev != NULL)
45 {
46 if (set_policy_state(cache, hnd, NULL, (void *)dev))
47 {
48 DEBUG(3, ("Service setting policy sid=%s\n", sidstr));
49 return True;
50 }
51 free(dev);
52 return True;
53 }
54 DEBUG(3, ("Error setting policy sid\n"));
55 return False;
56 }
57
58 /****************************************************************************
59 get samr sid
60 ****************************************************************************/
61 static BOOL get_policy_samr_sid(struct policy_cache *cache,
62 const POLICY_HND * hnd, DOM_SID * sid)
63 {
64 DOM_SID *dev = (DOM_SID *) get_policy_state_info(cache, hnd);
65
66 if (dev != NULL)
67 {
68 pstring tmp;
69 sid_copy(sid, dev);
70 DEBUG(3, ("Getting policy sid=%s\n",
71 sid_to_string(tmp, sid)));
72 return True;
73 }
74
75 DEBUG(3, ("Error getting policy sid\n"));
76 return False;
77 }
78
79 /*******************************************************************
80 This next function should be replaced with something that
81 dynamically returns the correct user info..... JRA.
82 ********************************************************************/
83
84 static BOOL get_sampwd_entries(SAM_USER_INFO_21 * pw_buf,
85 int start_idx,
86 int *total_entries, int *num_entries,
87 int max_num_entries, uint16 acb_mask)
88 {
89 void *vp = NULL;
90 struct sam_passwd *pwd = NULL;
91
92 (*num_entries) = 0;
93 (*total_entries) = 0;
94
95 if (pw_buf == NULL)
96 return False;
97
98 vp = startsmbpwent(False);
99 if (!vp)
100 {
101 DEBUG(0,
102 ("get_sampwd_entries: Unable to open SMB password database.\n"));
103 return False;
104 }
105
106 while (((pwd = getsam21pwent(vp)) != NULL)
107 && (*num_entries) < max_num_entries)
108 {
109 int user_name_len;
110
111 if (start_idx > 0)
112 {
113 /* skip the requested number of entries.
114 not very efficient, but hey...
115 */
116 if (acb_mask == 0
117 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask))
118 {
119 start_idx--;
120 }
121 continue;
122 }
123
124 user_name_len = strlen(pwd->nt_name);
125 make_unistr2(&(pw_buf[(*num_entries)].uni_user_name),
126 pwd->nt_name, user_name_len);
127 make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name),
128 user_name_len);
129 pw_buf[(*num_entries)].user_rid = pwd->user_rid;
130 memset(pw_buf[(*num_entries)].nt_pwd, 0, 16);
131
132 /* Now check if the NT compatible password is available. */
133 if (pwd->smb_nt_passwd != NULL)
134 {
135 memcpy(pw_buf[(*num_entries)].nt_pwd,
136 pwd->smb_nt_passwd, 16);
137 }
138
139 pw_buf[(*num_entries)].acb_info = (uint16) pwd->acct_ctrl;
140
141 DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
142 (*num_entries), pwd->nt_name,
143 pwd->user_rid, pwd->acct_ctrl));
144
145 if (acb_mask == 0
146 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask))
147 {
148 DEBUG(5, (" acb_mask %x accepts\n", acb_mask));
149 (*num_entries)++;
150 }
151 else
152 {
153 DEBUG(5, (" acb_mask %x rejects\n", acb_mask));
154 }
155
156 (*total_entries)++;
157 }
158
159 endsmbpwent(vp);
160
161 return (*total_entries) >= 0;
162 }
163
164 /*******************************************************************
165 opens a samr group by rid, returns a policy handle.
166 ********************************************************************/
167 static uint32 samr_open_by_sid(const POLICY_HND * parent_pol,
168 const DOM_SID * dom_sid,
169 POLICY_HND * pol,
170 uint32 access_mask, uint32 rid)
171 {
172 DOM_SID sid;
173
174 /* get a (unique) handle. open a policy on it. */
175 if (!open_policy_hnd_link(get_global_hnd_cache(),
176 parent_pol, pol, access_mask))
177 {
178 return NT_STATUS_ACCESS_DENIED;
179 }
180
181 DEBUG(0, ("TODO: verify that the rid exists\n"));
182
183 /* associate a SID with the (unique) handle. */
184 sid_copy(&sid, dom_sid);
185 sid_append_rid(&sid, rid);
186
187 /* associate an group SID with the (unique) handle. */
188 if (!set_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
189 {
190 /* close the policy in case we can't associate a group SID */
191 close_policy_hnd(get_global_hnd_cache(), pol);
192 return NT_STATUS_ACCESS_DENIED;
193 }
194
195 return NT_STATUS_NOPROBLEMO;
196 }
197
198 /*******************************************************************
199 _samr_close
200 ********************************************************************/
201 uint32 _samr_close(POLICY_HND * hnd)
202 {
203 /* close the policy handle */
204 if (close_policy_hnd(get_global_hnd_cache(), hnd))
205 {
206 return NT_STATUS_NOPROBLEMO;
207 }
208 return NT_STATUS_OBJECT_NAME_INVALID;
209 }
210
211 /*******************************************************************
212 samr_reply_unknown_2d
213 ********************************************************************/
214 uint32 _samr_unknown_2d(const POLICY_HND * domain_pol, const DOM_SID * sid)
215 {
216 DOM_SID dom_sid;
217
218 /* associate the domain SID with the (unique) handle. */
219 if (!get_policy_samr_sid(get_global_hnd_cache(),
220 domain_pol, &dom_sid))
221 {
222 return NT_STATUS_ACCESS_DENIED;
223 }
224
225 DEBUG(0, ("_samr_unknown_2d: not implemented, returning OK\n"));
226 DEBUG(5, ("_samr_unknown_2d: %d\n", __LINE__));
227
228 return NT_STATUS_NOPROBLEMO;
229 }
230
231 /*******************************************************************
232 samr_reply_open_domain
233 ********************************************************************/
234 uint32 _samr_open_domain(const POLICY_HND * connect_pol,
235 uint32 ace_perms,
236 const DOM_SID * sid, POLICY_HND * domain_pol)
237 {
238 /* find the connection policy handle. */
239 if (find_policy_by_hnd(get_global_hnd_cache(), connect_pol) == -1)
240 {
241 return NT_STATUS_INVALID_HANDLE;
242 }
243
244 /* get a (unique) handle. open a policy on it. */
245 if (!open_policy_hnd_link(get_global_hnd_cache(),
246 connect_pol, domain_pol, ace_perms))
247 {
248 return NT_STATUS_ACCESS_DENIED;
249 }
250
251 policy_hnd_set_name(get_global_hnd_cache(), domain_pol, "sam_domain");
252
253 /* associate the domain SID with the (unique) handle. */
254 if (!set_policy_samr_sid(get_global_hnd_cache(), domain_pol, sid))
255 {
256 close_policy_hnd(get_global_hnd_cache(), domain_pol);
257 return NT_STATUS_ACCESS_DENIED;
258 }
259
260 DEBUG(5, ("_samr_open_domain: %d\n", __LINE__));
261
262 return NT_STATUS_NOPROBLEMO;
263 }
264
265 /*******************************************************************
266 samr_reply_get_usrdom_pwinfo
267 ********************************************************************/
268 uint32 _samr_get_usrdom_pwinfo(const POLICY_HND * user_pol,
269 uint16 * unknown_0,
270 uint16 * unknown_1, uint32 * unknown_2)
271 {
272 uint32 rid;
273 DOM_SID sid;
274
275 /* find the policy handle. open a policy on it. */
276 if (!get_policy_samr_sid(get_global_hnd_cache(), user_pol, &sid))
277 {
278 return NT_STATUS_INVALID_HANDLE;
279 }
280
281 sid_split_rid(&sid, &rid);
282
283 *unknown_0 = 0x0000;
284 *unknown_1 = 0x0015;
285 *unknown_2 = 0x00000000;
286
287 DEBUG(5, ("samr_get_usrdom_pwinfo: %d\n", __LINE__));
288
289 return NT_STATUS_NOPROBLEMO;
290 }
291
292 /*******************************************************************
293 samr_reply_query_sec_obj
294 ********************************************************************/
295 uint32 _samr_query_sec_obj(const POLICY_HND * user_pol, SEC_DESC_BUF * buf)
296 {
297 DOM_SID usr_sid;
298
299 /* find the policy handle. open a policy on it. */
300 if (!get_policy_samr_sid(get_global_hnd_cache(), user_pol, &usr_sid))
301 {
302 return NT_STATUS_INVALID_HANDLE;
303 }
304
305 SMB_ASSERT_ARRAY(usr_sid.sub_auths, usr_sid.num_auths + 1);
306
307 #if 0
308 /* maybe need another 1 or 2 (S-1-5-0x20-0x220 and S-1-5-20-0x224) */
309 /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
310 make_dom_sid3(&sid_stuff->sid[0], 0x035b, 0x0002, &global_sid_S_1_1);
311 make_dom_sid3(&sid_stuff->sid[1], 0x0044, 0x0002, &usr_sid);
312
313 make_sam_sid_stuff(sid_stuff,
314 0x0001, 0x8004, 0x00000014, 0x0002, 0x0070, 2);
315
316 #endif
317 DEBUG(5, ("samr_query_sec_obj: %d\n", __LINE__));
318
319 return samr_make_usr_obj_sd(buf, &usr_sid);
320 }
321
322 /*******************************************************************
323 makes a SAM_ENTRY / UNISTR2* structure.
324 ********************************************************************/
325 static void make_samr_dom_users(SAM_ENTRY ** sam, UNISTR2 ** uni_acct_name,
326 uint32 num_sam_entries,
327 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES])
328 {
329 uint32 i;
330
331 *sam = NULL;
332 *uni_acct_name = NULL;
333
334 if (num_sam_entries == 0)
335 {
336 return;
337 }
338
339 (*sam) = g_new(SAM_ENTRY, num_sam_entries);
340
341 (*uni_acct_name) = g_new(UNISTR2, num_sam_entries);
342
343 if ((*sam) == NULL || (*uni_acct_name) == NULL)
344 {
345 DEBUG(0, ("NULL pointers in SAMR_R_QUERY_DISPINFO\n"));
346 return;
347 }
348
349 for (i = 0; i < num_sam_entries; i++)
350 {
351 make_sam_entry(&((*sam)[i]),
352 pass[i].uni_user_name.uni_str_len,
353 pass[i].user_rid);
354
355 copy_unistr2(&((*uni_acct_name)[i]),
356 &(pass[i].uni_user_name));
357 }
358 }
359
360 /*******************************************************************
361 samr_reply_enum_dom_users
362 ********************************************************************/
363 uint32 _samr_enum_dom_users(const POLICY_HND * pol, uint32 * start_idx,
364 uint16 acb_mask, uint16 unk_1, uint32 size,
365 SAM_ENTRY ** sam,
366 UNISTR2 ** uni_acct_name, uint32 * num_sam_users)
367 {
368 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
369 int total_entries;
370 BOOL ret;
371
372 /* find the policy handle. open a policy on it. */
373 if (find_policy_by_hnd(get_global_hnd_cache(), pol) == -1)
374 {
375 return NT_STATUS_INVALID_HANDLE;
376 }
377
378 DEBUG(5, ("samr_reply_enum_dom_users: %d\n", __LINE__));
379
380 become_root(True);
381 ret = get_sampwd_entries(pass, (*start_idx), &total_entries,
382 num_sam_users, MAX_SAM_ENTRIES, acb_mask);
383 unbecome_root(True);
384 if (!ret)
385 {
386 return NT_STATUS_ACCESS_DENIED;
387 }
388
389 (*start_idx) += (*num_sam_users);
390 make_samr_dom_users(sam, uni_acct_name, (*num_sam_users), pass);
391
392 DEBUG(5, ("samr_enum_dom_users: %d\n", __LINE__));
393
394 return NT_STATUS_NOPROBLEMO;
395 }
396
397 /*******************************************************************
398 samr_reply_add_groupmem
399 ********************************************************************/
400 uint32 _samr_add_groupmem(const POLICY_HND * pol, uint32 rid, uint32 unknown)
401 {
402 DOM_SID group_sid;
403 uint32 group_rid;
404 fstring group_sid_str;
405
406 /* find the policy handle. open a policy on it. */
407 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &group_sid))
408 {
409 return NT_STATUS_INVALID_HANDLE;
410 }
411
412 sid_to_string(group_sid_str, &group_sid);
413 sid_split_rid(&group_sid, &group_rid);
414
415 DEBUG(10, ("sid is %s\n", group_sid_str));
416
417 if (!sid_equal(&group_sid, &global_sam_sid))
418 {
419 return NT_STATUS_NO_SUCH_GROUP;
420 }
421
422 DEBUG(10, ("lookup on Domain SID\n"));
423
424 if (!add_group_member(group_rid, rid))
425 {
426 return NT_STATUS_ACCESS_DENIED;
427 }
428
429 return NT_STATUS_NOPROBLEMO;
430 }
431
432 /*******************************************************************
433 samr_reply_del_groupmem
434 ********************************************************************/
435 uint32 _samr_del_groupmem(const POLICY_HND * pol, uint32 rid)
436 {
437 DOM_SID group_sid;
438 uint32 group_rid;
439 fstring group_sid_str;
440
441 /* find the policy handle. open a policy on it. */
442 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &group_sid))
443 {
444 return NT_STATUS_INVALID_HANDLE;
445 }
446
447 sid_to_string(group_sid_str, &group_sid);
448 sid_split_rid(&group_sid, &group_rid);
449
450 DEBUG(10, ("sid is %s\n", group_sid_str));
451
452 if (!sid_equal(&group_sid, &global_sam_sid))
453 {
454 return NT_STATUS_NO_SUCH_GROUP;
455 }
456 DEBUG(10, ("lookup on Domain SID\n"));
457
458 if (!del_group_member(group_rid, rid))
459 {
460 return NT_STATUS_ACCESS_DENIED;
461 }
462
463 return NT_STATUS_NOPROBLEMO;
464 }
465
466 /*******************************************************************
467 samr_reply_add_aliasmem
468 ********************************************************************/
469 uint32 _samr_add_aliasmem(const POLICY_HND * alias_pol, const DOM_SID * sid)
470 {
471 DOM_SID alias_sid;
472 uint32 alias_rid;
473 fstring alias_sid_str;
474
475 /* find the policy handle. open a policy on it. */
476 if (!get_policy_samr_sid(get_global_hnd_cache(),
477 alias_pol, &alias_sid))
478 {
479 return NT_STATUS_INVALID_HANDLE;
480 }
481 sid_to_string(alias_sid_str, &alias_sid);
482 sid_split_rid(&alias_sid, &alias_rid);
483
484 DEBUG(10, ("sid is %s\n", alias_sid_str));
485
486 if (sid_equal(&alias_sid, &global_sam_sid))
487 {
488 DEBUG(10, ("add member on Domain SID\n"));
489
490 if (!add_alias_member(alias_rid, sid))
491 {
492 return NT_STATUS_ACCESS_DENIED;
493 }
494 }
495 else if (sid_equal(&alias_sid, global_sid_builtin))
496 {
497 DEBUG(10, ("add member on BUILTIN SID\n"));
498
499 if (!add_builtin_member(alias_rid, sid))
500 {
501 return NT_STATUS_ACCESS_DENIED;
502 }
503 }
504 else
505 {
506 return NT_STATUS_NO_SUCH_ALIAS;
507 }
508
509 return NT_STATUS_NOPROBLEMO;
510 }
511
512 /*******************************************************************
513 samr_reply_del_aliasmem
514 ********************************************************************/
515 uint32 _samr_del_aliasmem(const POLICY_HND * alias_pol, const DOM_SID * sid)
516 {
517 DOM_SID alias_sid;
518 uint32 alias_rid;
519 fstring alias_sid_str;
520
521 /* find the policy handle. open a policy on it. */
522 if (!get_policy_samr_sid(get_global_hnd_cache(),
523 alias_pol, &alias_sid))
524 {
525 return NT_STATUS_INVALID_HANDLE;
526 }
527 sid_to_string(alias_sid_str, &alias_sid);
528 sid_split_rid(&alias_sid, &alias_rid);
529
530 DEBUG(10, ("sid is %s\n", alias_sid_str));
531
532 if (sid_equal(&alias_sid, &global_sam_sid))
533 {
534 DEBUG(10, ("del member on Domain SID\n"));
535
536 if (!del_alias_member(alias_rid, sid))
537 {
538 return NT_STATUS_ACCESS_DENIED;
539 }
540 }
541 else if (sid_equal(&alias_sid, global_sid_builtin))
542 {
543 DEBUG(10, ("del member on BUILTIN SID\n"));
544
545 if (!del_builtin_member(alias_rid, sid))
546 {
547 return NT_STATUS_ACCESS_DENIED;
548 }
549 }
550 else
551 {
552 return NT_STATUS_NO_SUCH_ALIAS;
553 }
554
555 return NT_STATUS_NOPROBLEMO;
556 }
557
558 /******************************************************************
559 makes a SAMR_R_ENUM_DOMAINS structure.
560 ********************************************************************/
561 static void make_enum_domains(SAM_ENTRY ** sam, UNISTR2 ** uni_dom_name,
562 uint32 num_sam_entries, char **doms)
563 {
564 uint32 i;
565
566 DEBUG(5, ("make_enum_domains\n"));
567
568 (*sam) = NULL;
569 (*uni_dom_name) = NULL;
570
571 if (num_sam_entries == 0)
572 {
573 return;
574 }
575
576 (*sam) = g_new(SAM_ENTRY, num_sam_entries);
577
578 (*uni_dom_name) = g_new(UNISTR2, num_sam_entries);
579
580 if ((*sam) == NULL || (*uni_dom_name) == NULL)
581 {
582 DEBUG(0, ("NULL pointers in make_enum_domains\n"));
583 return;
584 }
585
586 for (i = 0; i < num_sam_entries; i++)
587 {
588 int len = doms[i] != NULL ? strlen(doms[i]) : 0;
589
590 make_sam_entry(&((*sam)[i]), len, 0);
591 make_unistr2(&((*uni_dom_name)[i]), doms[i], len);
592 }
593 }
594
595
596 /**************************************************************************
597 enumerates all domains for which the SAM server is responsible
598 ***************************************************************************/
599 static BOOL enumdomains(char ***doms, uint32 * num_entries)
600 {
601 add_chars_to_array(num_entries, doms, global_sam_name);
602 add_chars_to_array(num_entries, doms, "Builtin");
603
604 return True;
605 }
606
607 /*******************************************************************
608 samr_reply_enum_domains
609 ********************************************************************/
610 uint32 _samr_enum_domains(const POLICY_HND * pol, uint32 * start_idx,
611 uint32 size,
612 SAM_ENTRY ** sam,
613 UNISTR2 ** uni_acct_name, uint32 * num_sam_users)
614 {
615 char **doms = NULL;
616 uint32 num_entries = 0;
617
618 /* find the connection policy handle. */
619 if (find_policy_by_hnd(get_global_hnd_cache(), pol) == -1)
620 {
621 return NT_STATUS_INVALID_HANDLE;
622 }
623
624 DEBUG(5, ("samr_reply_enum_domains:\n"));
625
626 if (!enumdomains(&doms, &num_entries))
627 {
628 return NT_STATUS_NO_MEMORY;
629 }
630
631 make_enum_domains(sam, uni_acct_name, num_entries, doms);
632
633 (*start_idx) += num_entries;
634 (*num_sam_users) = num_entries;
635
636 free_char_array(num_entries, doms);
637
638 return NT_STATUS_NOPROBLEMO;
639 }
640
641 /*******************************************************************
642 makes a SAMR_R_ENUM_DOM_GROUPS structure.
643 ********************************************************************/
644 static void make_samr_dom_groups(SAM_ENTRY ** sam, UNISTR2 ** uni_grp_name,
645 uint32 num_sam_entries, DOMAIN_GRP * grps)
646 {
647 uint32 i;
648
649 DEBUG(5, ("make_samr_dom_groups\n"));
650
651 (*sam) = NULL;
652 (*uni_grp_name) = NULL;
653
654 if (num_sam_entries == 0)
655 {
656 return;
657 }
658
659 (*sam) = g_new(SAM_ENTRY, num_sam_entries);
660
661 (*uni_grp_name) = g_new(UNISTR2, num_sam_entries);
662
663 if ((*sam) == NULL || (*uni_grp_name) == NULL)
664 {
665 DEBUG(0, ("NULL pointers in SAMR_R_ENUM_DOM_GROUPS\n"));
666 return;
667 }
668
669 for (i = 0; i < num_sam_entries; i++)
670 {
671 int len = strlen(grps[i].name);
672
673 make_sam_entry(&((*sam)[i]), len, grps[i].rid);
674 make_unistr2(&((*uni_grp_name)[i]), grps[i].name, len);
675 }
676 }
677
678 /*******************************************************************
679 samr_reply_enum_dom_groups
680 ********************************************************************/
681 uint32 _samr_enum_dom_groups(const POLICY_HND * pol,
682 uint32 * start_idx, uint32 size,
683 SAM_ENTRY ** sam,
684 UNISTR2 ** uni_acct_name,
685 uint32 * num_sam_groups)
686 {
687 DOMAIN_GRP *grps = NULL;
688 int num_entries = 0;
689 DOM_SID sid;
690 fstring sid_str;
691 BOOL ret;
692
693 /* find the policy handle. open a policy on it. */
694 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
695 {
696 return NT_STATUS_INVALID_HANDLE;
697 }
698
699 sid_to_string(sid_str, &sid);
700
701 DEBUG(5, ("samr_reply_enum_dom_groups: sid %s\n", sid_str));
702
703 if (!sid_equal(&sid, &global_sam_sid))
704 {
705 return NT_STATUS_ACCESS_DENIED;
706 }
707
708 become_root(True);
709 ret = enumdomgroups(&grps, &num_entries);
710 unbecome_root(True);
711 if (!ret)
712 {
713 return NT_STATUS_ACCESS_DENIED;
714 }
715
716 (*start_idx) += num_entries;
717 (*num_sam_groups) = num_entries;
718
719 make_samr_dom_groups(sam, uni_acct_name, num_entries, grps);
720
721 safe_free(grps);
722
723 return NT_STATUS_NOPROBLEMO;
724 }
725
726 /*******************************************************************
727 makes a SAMR_R_ENUM_DOM_ALIASES structure.
728 ********************************************************************/
729 static void make_samr_dom_aliases(SAM_ENTRY ** sam, UNISTR2 ** uni_grp_name,
730 uint32 num_sam_entries, LOCAL_GRP * alss)
731 {
732 uint32 i;
733
734 DEBUG(5, ("make_samr_r_enum_dom_aliases\n"));
735
736 (*sam) = NULL;
737 (*uni_grp_name) = NULL;
738
739 if (num_sam_entries == 0)
740 {
741 return;
742 }
743
744 (*sam) = g_new(SAM_ENTRY, num_sam_entries);
745
746 (*uni_grp_name) = g_new(UNISTR2, num_sam_entries);
747
748 if ((*sam) == NULL || (*uni_grp_name) == NULL)
749 {
750 DEBUG(0, ("NULL pointers in SAMR_R_ENUM_DOM_ALIASES\n"));
751 return;
752 }
753
754 for (i = 0; i < num_sam_entries; i++)
755 {
756 int len = strlen(alss[i].name);
757
758 make_sam_entry(&((*sam)[i]), len, alss[i].rid);
759 make_unistr2(&((*uni_grp_name)[i]), alss[i].name, len);
760 }
761 }
762
763 /*******************************************************************
764 samr_reply_enum_dom_aliases
765 ********************************************************************/
766 uint32 _samr_enum_dom_aliases(const POLICY_HND * pol,
767 uint32 * start_idx, uint32 size,
768 SAM_ENTRY ** sam,
769 UNISTR2 ** uni_acct_name,
770 uint32 * num_sam_aliases)
771 {
772 LOCAL_GRP *alss = NULL;
773 int num_entries = 0;
774 DOM_SID sid;
775 fstring sid_str;
776
777 /* find the policy handle. open a policy on it. */
778 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
779 {
780 return NT_STATUS_INVALID_HANDLE;
781 }
782
783 sid_to_string(sid_str, &sid);
784
785 DEBUG(5, ("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
786
787 /* well-known aliases */
788 if (sid_equal(&sid, global_sid_builtin))
789 {
790 BOOL ret;
791 /* builtin aliases */
792
793 become_root(True);
794 ret = enumdombuiltins(&alss, &num_entries);
795 unbecome_root(True);
796 if (!ret)
797 {
798 return NT_STATUS_ACCESS_DENIED;
799 }
800 }
801 else if (sid_equal(&sid, &global_sam_sid))
802 {
803 BOOL ret;
804 /* local aliases */
805
806 become_root(True);
807 ret = enumdomaliases(&alss, &num_entries);
808 unbecome_root(True);
809 if (!ret)
810 {
811 return NT_STATUS_ACCESS_DENIED;
812 }
813 }
814
815 (*start_idx) += num_entries;
816 (*num_sam_aliases) = num_entries;
817
818 make_samr_dom_aliases(sam, uni_acct_name, num_entries, alss);
819
820 safe_free(alss);
821
822 return NT_STATUS_NOPROBLEMO;
823 }
824
825 /*******************************************************************
826 samr_reply_query_dispinfo
827 ********************************************************************/
828 uint32 _samr_query_dispinfo(const POLICY_HND * domain_pol, uint16 level,
829 uint32 start_idx,
830 uint32 max_entries,
831 uint32 max_size,
832 uint32 * data_size,
833 uint32 * num_entries, SAM_DISPINFO_CTR * ctr)
834 {
835 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
836 DOMAIN_GRP *grps = NULL;
837 DOMAIN_GRP *sam_grps = NULL;
838 uint16 acb_mask = ACB_NORMAL;
839 int num_sam_entries = 0;
840 int total_entries = 0;
841
842 DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
843
844 (*num_entries) = 0;
845 (*data_size) = 0;
846
847 /* find the policy handle. open a policy on it. */
848 if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
849 {
850 DEBUG(5, ("samr_reply_query_dispinfo: invalid handle\n"));
851 return NT_STATUS_INVALID_HANDLE;
852 }
853
854 /* Get what we need from the password database */
855 switch (level)
856 {
857 case 0x2:
858 {
859 acb_mask = ACB_WSTRUST;
860 /* Fall through */
861 }
862 case 0x1:
863 case 0x4:
864 {
865 BOOL ret;
866
867 become_root(True);
868 ret = get_sampwd_entries(pass, start_idx,
869 &total_entries,
870 &num_sam_entries,
871 MAX_SAM_ENTRIES, acb_mask);
872 unbecome_root(True);
873 if (!ret)
874 {
875 DEBUG(5, ("get_sampwd_entries: failed\n"));
876 return NT_STATUS_ACCESS_DENIED;
877 }
878 break;
879 }
880 case 0x3:
881 case 0x5:
882 {
883 BOOL ret;
884
885 become_root(True);
886 ret = enumdomgroups(&sam_grps, &num_sam_entries);
887 unbecome_root(True);
888 if (!ret)
889 {
890 return NT_STATUS_ACCESS_DENIED;
891 }
892
893 if (start_idx < num_sam_entries)
894 {
895 grps = sam_grps + start_idx;
896 num_sam_entries -= start_idx;
897 }
898 else
899 {
900 num_sam_entries = 0;
901 }
902 break;
903 }
904 }
905
906
907 (*num_entries) = num_sam_entries;
908
909 if ((*num_entries) > max_entries)
910 {
911 (*num_entries) = max_entries;
912 }
913
914 if ((*num_entries) > MAX_SAM_ENTRIES)
915 {
916 (*num_entries) = MAX_SAM_ENTRIES;
917 DEBUG(5, ("limiting number of entries to %d\n",
918 (*num_entries)));
919 }
920
921 (*data_size) = max_size;
922
923 /* Now create reply structure */
924 switch (level)
925 {
926 case 0x1:
927 {
928 ctr->sam.info1 = malloc(sizeof(SAM_DISPINFO_1));
929 make_sam_dispinfo_1(ctr->sam.info1,
930 num_entries, data_size,
931 start_idx, pass);
932 break;
933 }
934 case 0x2:
935 {
936 ctr->sam.info2 = malloc(sizeof(SAM_DISPINFO_2));
937 make_sam_dispinfo_2(ctr->sam.info2,
938 num_entries, data_size,
939 start_idx, pass);
940 break;
941 }
942 case 0x3:
943 {
944 ctr->sam.info3 = malloc(sizeof(SAM_DISPINFO_3));
945 make_sam_dispinfo_3(ctr->sam.info3,
946 num_entries, data_size,
947 start_idx, grps);
948 break;
949 }
950 case 0x4:
951 {
952 ctr->sam.info4 = malloc(sizeof(SAM_DISPINFO_4));
953 make_sam_dispinfo_4(ctr->sam.info4,
954 num_entries, data_size,
955 start_idx, pass);
956 break;
957 }
958 case 0x5:
959 {
960 ctr->sam.info5 = malloc(sizeof(SAM_DISPINFO_5));
961 make_sam_dispinfo_5(ctr->sam.info5,
962 num_entries, data_size,
963 start_idx, grps);
964 break;
965 }
966 default:
967 {
968 ctr->sam.info = NULL;
969 safe_free(sam_grps);
970 return NT_STATUS_INVALID_INFO_CLASS;
971 }
972 }
973
974 DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
975
976 safe_free(sam_grps);
977
978 if ((*num_entries) < num_sam_entries)
979 {
980 return STATUS_MORE_ENTRIES;
981 }
982
983 return NT_STATUS_NOPROBLEMO;
984 }
985
986
987 /*******************************************************************
988 samr_delete_dom_user
989 ********************************************************************/
990 uint32 _samr_delete_dom_user(POLICY_HND *user_pol)
991 {
992 uint32 user_rid = 0x0;
993 DOM_SID user_sid;
994
995 /* find the policy handle. open a policy on it. */
996 if (!get_policy_samr_sid(get_global_hnd_cache(), user_pol, &user_sid))
997 {
998 return NT_STATUS_INVALID_HANDLE;
999 }
1000 sid_split_rid(&user_sid, &user_rid);
1001
1002 DEBUG(0, ("_samr_delete_dom_user: user_rid:0x%x\n", user_rid));
1003
1004 if (!del_smbpwd_entry(user_rid))
1005 {
1006 return NT_STATUS_ACCESS_DENIED;
1007 }
1008
1009 return NT_STATUS_NOPROBLEMO;
1010 }
1011
1012 /*******************************************************************
1013 samr_reply_delete_dom_group
1014 ********************************************************************/
1015 uint32 _samr_delete_dom_group(POLICY_HND * group_pol)
1016 {
1017 DOM_SID group_sid;
1018 uint32 group_rid;
1019 fstring group_sid_str;
1020
1021 DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__));
1022
1023 /* find the policy handle. open a policy on it. */
1024 if (!get_policy_samr_sid(get_global_hnd_cache(),
1025 group_pol, &group_sid))
1026 {
1027 return NT_STATUS_INVALID_HANDLE;
1028 }
1029 sid_to_string(group_sid_str, &group_sid);
1030 sid_split_rid(&group_sid, &group_rid);
1031
1032 DEBUG(10, ("sid is %s\n", group_sid_str));
1033
1034 if (!sid_equal(&group_sid, &global_sam_sid))
1035 {
1036 return NT_STATUS_NO_SUCH_GROUP;
1037 }
1038
1039 DEBUG(10, ("lookup on Domain SID\n"));
1040
1041 if (!del_group_entry(group_rid))
1042 {
1043 return NT_STATUS_ACCESS_DENIED;
1044 }
1045
1046 return _samr_close(group_pol);
1047 }
1048
1049
1050 /*******************************************************************
1051 samr_reply_query_groupmem
1052 ********************************************************************/
1053 uint32 _samr_query_groupmem(const POLICY_HND * group_pol,
1054 uint32 * num_mem, uint32 ** rid, uint32 ** attr)
1055 {
1056 DOMAIN_GRP_MEMBER *mem_grp = NULL;
1057 DOMAIN_GRP *grp = NULL;
1058 int num_rids = 0;
1059 DOM_SID group_sid;
1060 uint32 group_rid;
1061 fstring group_sid_str;
1062
1063 DEBUG(5, ("samr_query_groupmem: %d\n", __LINE__));
1064
1065 (*rid) = NULL;
1066 (*attr) = NULL;
1067 (*num_mem) = 0;
1068
1069 /* find the policy handle. open a policy on it. */
1070 if (!get_policy_samr_sid(get_global_hnd_cache(),
1071 group_pol, &group_sid))
1072 {
1073 return NT_STATUS_INVALID_HANDLE;
1074 }
1075 sid_to_string(group_sid_str, &group_sid);
1076 sid_split_rid(&group_sid, &group_rid);
1077
1078 DEBUG(10, ("sid is %s\n", group_sid_str));
1079
1080 if (!sid_equal(&group_sid, &global_sam_sid))
1081 {
1082 return NT_STATUS_NO_SUCH_GROUP;
1083 }
1084
1085 DEBUG(10, ("lookup on Domain SID\n"));
1086
1087 become_root(True);
1088 grp = getgrouprid(group_rid, &mem_grp, &num_rids);
1089 unbecome_root(True);
1090
1091 if (grp == NULL)
1092 {
1093 return NT_STATUS_NO_SUCH_GROUP;
1094 }
1095
1096 if (num_rids > 0)
1097 {
1098 (*rid) = g_new(uint32, num_rids);
1099 (*attr) = g_new(uint32, num_rids);
1100 if (mem_grp != NULL && (*rid) != NULL && (*attr) != NULL)
1101 {
1102 int i;
1103 for (i = 0; i < num_rids; i++)
1104 {
1105 (*rid)[i] = mem_grp[i].rid;
1106 (*attr)[i] = mem_grp[i].attr;
1107 }
1108 }
1109 }
1110
1111 safe_free(mem_grp);
1112
1113 (*num_mem) = num_rids;
1114
1115 return NT_STATUS_NOPROBLEMO;
1116 }
1117
1118 /*******************************************************************
1119 samr_set_groupinfo
1120 ********************************************************************/
1121 uint32 _samr_set_groupinfo(const POLICY_HND * pol,
1122 uint16 switch_level, const GROUP_INFO_CTR * ctr)
1123 {
1124 return NT_STATUS_ACCESS_DENIED;
1125 }
1126
1127 /*******************************************************************
1128 samr_reply_query_groupinfo
1129 ********************************************************************/
1130 uint32 _samr_query_groupinfo(const POLICY_HND * pol,
1131 uint16 switch_level, GROUP_INFO_CTR * ctr)
1132 {
1133 /* find the policy handle. open a policy on it. */
1134 if ((find_policy_by_hnd(get_global_hnd_cache(), pol) == -1))
1135 {
1136 return NT_STATUS_INVALID_HANDLE;
1137 }
1138
1139 switch (switch_level)
1140 {
1141 case 1:
1142 {
1143 ctr->switch_value1 = 1;
1144 make_samr_group_info1(&ctr->group.info1,
1145 "fake account name",
1146 "fake account description", 2);
1147 break;
1148 }
1149 case 4:
1150 {
1151 ctr->switch_value1 = 4;
1152 make_samr_group_info4(&ctr->group.info4,
1153 "fake account description");
1154 break;
1155 }
1156 default:
1157 {
1158 return NT_STATUS_INVALID_INFO_CLASS;
1159 }
1160 }
1161
1162 return NT_STATUS_NOPROBLEMO;
1163 }
1164
1165
1166 /*******************************************************************
1167 samr_reply_query_aliasinfo
1168 ********************************************************************/
1169 uint32 _samr_query_aliasinfo(const POLICY_HND * alias_pol,
1170 uint16 switch_level, ALIAS_INFO_CTR * ctr)
1171 {
1172 /* find the policy handle. open a policy on it. */
1173 if ((find_policy_by_hnd(get_global_hnd_cache(), alias_pol) == -1))
1174 {
1175 return NT_STATUS_INVALID_HANDLE;
1176 }
1177
1178 switch (switch_level)
1179 {
1180 case 3:
1181 {
1182 ctr->switch_value1 = 3;
1183 make_samr_alias_info3(&ctr->alias.info3,
1184 "<fake account description>");
1185 break;
1186 }
1187 default:
1188 {
1189 return NT_STATUS_INVALID_INFO_CLASS;
1190 }
1191 }
1192
1193 return NT_STATUS_NOPROBLEMO;
1194 }
1195
1196
1197 /*******************************************************************
1198 samr_reply_query_useraliases
1199 ********************************************************************/
1200 uint32 _samr_query_useraliases(const POLICY_HND * pol,
1201 const uint32 * ptr_sid, const DOM_SID2 * sid,
1202 uint32 * num_aliases, uint32 ** rid)
1203 {
1204 LOCAL_GRP *mem_grp = NULL;
1205 int num_rids = 0;
1206 struct sam_passwd *sam_pass;
1207 DOM_SID usr_sid;
1208 DOM_SID dom_sid;
1209 uint32 user_rid;
1210 fstring sam_sid_str;
1211 fstring dom_sid_str;
1212 fstring usr_sid_str;
1213
1214 DEBUG(5, ("samr_query_useraliases: %d\n", __LINE__));
1215
1216 (*rid) = NULL;
1217 (*num_aliases) = 0;
1218
1219 /* find the policy handle. open a policy on it. */
1220 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &dom_sid))
1221 {
1222 return NT_STATUS_INVALID_HANDLE;
1223 }
1224 sid_to_string(dom_sid_str, &dom_sid);
1225 sid_to_string(sam_sid_str, &global_sam_sid);
1226
1227 usr_sid = sid[0].sid;
1228 sid_split_rid(&usr_sid, &user_rid);
1229 sid_to_string(usr_sid_str, &usr_sid);
1230
1231 /* find the user account */
1232 become_root(True);
1233 sam_pass = getsam21pwrid(user_rid);
1234 unbecome_root(True);
1235
1236 if (sam_pass == NULL)
1237 {
1238 return NT_STATUS_NO_SUCH_USER;
1239 }
1240
1241 DEBUG(10, ("sid is %s\n", dom_sid_str));
1242
1243 if (sid_equal(&dom_sid, global_sid_builtin))
1244 {
1245 BOOL ret;
1246 DEBUG(10, ("lookup on S-1-5-20\n"));
1247
1248 become_root(True);
1249 ret = getuserbuiltinntnam(sam_pass->nt_name, &mem_grp,
1250 &num_rids);
1251 unbecome_root(True);
1252
1253 if (!ret)
1254 {
1255 return NT_STATUS_ACCESS_DENIED;
1256 }
1257 }
1258 else if (sid_equal(&dom_sid, &usr_sid))
1259 {
1260 BOOL ret;
1261 DEBUG(10, ("lookup on Domain SID\n"));
1262
1263 become_root(True);
1264 ret = getuseraliasntnam(sam_pass->nt_name, &mem_grp,
1265 &num_rids);
1266 unbecome_root(True);
1267
1268 if (!ret)
1269 {
1270 return NT_STATUS_ACCESS_DENIED;
1271 }
1272 }
1273 else
1274 {
1275 return NT_STATUS_NO_SUCH_USER; /* no user (in domain) */
1276 }
1277
1278 if (num_rids > 0)
1279 {
1280 (*rid) = g_new(uint32, num_rids);
1281 if (mem_grp != NULL && (*rid) != NULL)
1282 {
1283 int i;
1284 for (i = 0; i < num_rids; i++)
1285 {
1286 (*rid)[i] = mem_grp[i].rid;
1287 }
1288 }
1289 }
1290
1291 (*num_aliases) = num_rids;
1292 safe_free(mem_grp);
1293
1294 return NT_STATUS_NOPROBLEMO;
1295 }
1296
1297 /*******************************************************************
1298 samr_reply_delete_dom_alias
1299 ********************************************************************/
1300 uint32 _samr_delete_dom_alias(POLICY_HND * alias_pol)
1301 {
1302 DOM_SID alias_sid;
1303 uint32 alias_rid;
1304 fstring alias_sid_str;
1305
1306 DEBUG(5, ("samr_delete_dom_alias: %d\n", __LINE__));
1307
1308 /* find the policy handle. open a policy on it. */
1309 if (!get_policy_samr_sid(get_global_hnd_cache(),
1310 alias_pol, &alias_sid))
1311 {
1312 return NT_STATUS_INVALID_HANDLE;
1313 }
1314
1315 sid_to_string(alias_sid_str, &alias_sid);
1316 sid_split_rid(&alias_sid, &alias_rid);
1317
1318 DEBUG(10, ("sid is %s\n", alias_sid_str));
1319
1320 if (!sid_equal(&alias_sid, &global_sam_sid))
1321 {
1322 return NT_STATUS_NO_SUCH_ALIAS;
1323 }
1324
1325 DEBUG(10, ("lookup on Domain SID\n"));
1326
1327 if (!del_alias_entry(alias_rid))
1328 {
1329 return NT_STATUS_NO_SUCH_ALIAS;
1330 }
1331
1332 return _samr_close(alias_pol);
1333 }
1334
1335
1336 /*******************************************************************
1337 samr_reply_query_aliasmem
1338 ********************************************************************/
1339 uint32 _samr_query_aliasmem(const POLICY_HND * alias_pol,
1340 uint32 * num_mem, DOM_SID2 ** sid)
1341 {
1342 LOCAL_GRP_MEMBER *mem_grp = NULL;
1343 LOCAL_GRP *grp = NULL;
1344 int num_sids = 0;
1345 DOM_SID alias_sid;
1346 uint32 alias_rid;
1347 fstring alias_sid_str;
1348
1349 DEBUG(5, ("samr_query_aliasmem: %d\n", __LINE__));
1350
1351 (*sid) = NULL;
1352 (*num_mem) = 0;
1353
1354 /* find the policy handle. open a policy on it. */
1355 if (!get_policy_samr_sid(get_global_hnd_cache(),
1356 alias_pol, &alias_sid))
1357 {
1358 return NT_STATUS_INVALID_HANDLE;
1359 }
1360 sid_to_string(alias_sid_str, &alias_sid);
1361 sid_split_rid(&alias_sid, &alias_rid);
1362
1363 DEBUG(10, ("sid is %s\n", alias_sid_str));
1364
1365 if (sid_equal(&alias_sid, global_sid_builtin))
1366 {
1367 DEBUG(10, ("lookup on S-1-5-20\n"));
1368
1369 become_root(True);
1370 grp = getbuiltinrid(alias_rid, &mem_grp, &num_sids);
1371 unbecome_root(True);
1372 }
1373 else if (sid_equal(&alias_sid, &global_sam_sid))
1374 {
1375 DEBUG(10, ("lookup on Domain SID\n"));
1376
1377 become_root(True);
1378 grp = getaliasrid(alias_rid, &mem_grp, &num_sids);
1379 unbecome_root(True);
1380 }
1381 else
1382 {
1383 return NT_STATUS_NO_SUCH_ALIAS;
1384 }
1385
1386 if (grp == NULL)
1387 {
1388 return NT_STATUS_NO_SUCH_ALIAS;
1389 }
1390
1391 if (num_sids > 0)
1392 {
1393 (*sid) = g_new(DOM_SID2, num_sids);
1394 if (mem_grp != NULL && sid != NULL)
1395 {
1396 int i;
1397 for (i = 0; i < num_sids; i++)
1398 {
1399 make_dom_sid2(&(*sid)[i], &mem_grp[i].sid);
1400 }
1401 }
1402 }
1403
1404 (*num_mem) = num_sids;
1405
1406 if (mem_grp != NULL)
1407 {
1408 free(mem_grp);
1409 }
1410
1411 return NT_STATUS_NOPROBLEMO;
1412 }
1413
1414 /*******************************************************************
1415 samr_reply_lookup_names
1416 ********************************************************************/
1417 uint32 _samr_lookup_names(const POLICY_HND * pol,
1418 uint32 num_names1,
1419 uint32 flags,
1420 uint32 ptr,
1421 const UNISTR2 * uni_name,
1422 uint32 * num_rids1,
1423 uint32 rid[MAX_SAM_ENTRIES],
1424 uint32 * num_types1, uint32 type[MAX_SAM_ENTRIES])
1425 {
1426 int i;
1427 int num_rids = num_names1;
1428 DOM_SID pol_sid;
1429 fstring tmp;
1430 BOOL found_one = False;
1431
1432 DEBUG(5, ("samr_lookup_names: %d\n", __LINE__));
1433
1434 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &pol_sid))
1435 {
1436 return NT_STATUS_OBJECT_TYPE_MISMATCH;
1437 }
1438
1439 sid_to_string(tmp, &pol_sid);
1440 DEBUG(5, ("pol_sid: %s\n", tmp));
1441
1442 if (num_rids > MAX_SAM_ENTRIES)
1443 {
1444 num_rids = MAX_SAM_ENTRIES;
1445 DEBUG(5,
1446 ("samr_lookup_names: truncating entries to %d\n",
1447 num_rids));
1448 }
1449
1450 for (i = 0; i < num_rids; i++)
1451 {
1452 DOM_SID sid;
1453 fstring name;
1454 uint32 status1;
1455 unistr2_to_ascii(name, &uni_name[i], sizeof(name) - 1);
1456 ZERO_STRUCT(sid);
1457
1458 status1 = lookup_name(name, &sid, &(type[i]));
1459 if (status1 == 0x0)
1460 {
1461 found_one = True;
1462 sid_split_rid(&sid, &rid[i]);
1463 sid_to_string(tmp, &sid);
1464 }
1465 if ((status1 != 0x0) || !sid_equal(&pol_sid, &sid))
1466 {
1467 rid[i] = 0xffffffff;
1468 type[i] = SID_NAME_UNKNOWN;
1469 }
1470
1471 DEBUG(10, ("name: %s sid: %s rid: %x type: %d\n",
1472 name, tmp, rid[i], type[i]));
1473 }
1474
1475 if (!found_one)
1476 {
1477 return NT_STATUS_NONE_MAPPED;
1478 }
1479
1480 (*num_rids1) = num_rids;
1481 (*num_types1) = num_rids;
1482
1483 return NT_STATUS_NOPROBLEMO;
1484 }
1485
1486 /*******************************************************************
1487 samr_reply_chgpasswd_user
1488 ********************************************************************/
1489 uint32 _samr_chgpasswd_user(const UNISTR2 * uni_dest_host,
1490 const UNISTR2 * uni_user_name,
1491 const char nt_newpass[516],
1492 const uchar nt_oldhash[16],
1493 const char lm_newpass[516],
1494 const uchar lm_oldhash[16])
1495 {
1496 fstring user_name;
1497 fstring wks;
1498
1499 unistr2_to_ascii(user_name, uni_user_name, sizeof(user_name) - 1);
1500 unistr2_to_ascii(wks, uni_dest_host, sizeof(wks) - 1);
1501
1502 DEBUG(5, ("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
1503
1504 if (!pass_oem_change(user_name,
1505 lm_newpass, lm_oldhash, nt_newpass, nt_oldhash))
1506 {
1507 return NT_STATUS_WRONG_PASSWORD;
1508 }
1509
1510 return NT_STATUS_NOPROBLEMO;
1511 }
1512
1513
1514 /*******************************************************************
1515 samr_reply_get_dom_pwinfo
1516 ********************************************************************/
1517 uint32 _samr_get_dom_pwinfo(const UNISTR2 * uni_srv_name,
1518 uint16 * unk_0, uint16 * unk_1, uint16 * unk_2)
1519 {
1520 /* absolutely no idea what to do, here */
1521 *unk_0 = 0;
1522 *unk_1 = 0;
1523 *unk_2 = 0;
1524
1525 return NT_STATUS_NOPROBLEMO;
1526 }
1527
1528 /*******************************************************************
1529 makes a SAMR_R_LOOKUP_RIDS structure.
1530 ********************************************************************/
1531 static BOOL make_samr_lookup_rids(uint32 num_names, char *const *name,
1532 UNIHDR ** hdr_name, UNISTR2 ** uni_name)
1533 {
1534 uint32 i;
1535 if (name == NULL)
1536 return False;
1537
1538 *uni_name = NULL;
1539 *hdr_name = NULL;
1540
1541 if (num_names != 0)
1542 {
1543 (*hdr_name) = g_new(UNIHDR, num_names);
1544 if ((*hdr_name) == NULL)
1545 {
1546 return False;
1547 }
1548
1549 (*uni_name) = g_new(UNISTR2, num_names);
1550 if ((*uni_name) == NULL)
1551 {
1552 free(*uni_name);
1553 *uni_name = NULL;
1554 return False;
1555 }
1556 }
1557
1558 for (i = 0; i < num_names; i++)
1559 {
1560 int len = name[i] != NULL ? strlen(name[i]) : 0;
1561 DEBUG(10, ("name[%d]:%s\n", i, name[i]));
1562 make_uni_hdr(&((*hdr_name)[i]), len);
1563 make_unistr2(&((*uni_name)[i]), name[i], len);
1564 }
1565
1566 return True;
1567 }
1568
1569 /*******************************************************************
1570 samr_reply_lookup_rids
1571 ********************************************************************/
1572 uint32 _samr_lookup_rids(const POLICY_HND * pol,
1573 uint32 num_rids, uint32 flags,
1574 const uint32 * rids,
1575 uint32 * num_names,
1576 UNIHDR ** hdr_name, UNISTR2 ** uni_name,
1577 uint32 ** types)
1578 {
1579 char **grp_names = NULL;
1580 DOM_SID pol_sid;
1581 BOOL found_one = False;
1582 int i;
1583
1584 DEBUG(5, ("samr_lookup_rids: %d\n", __LINE__));
1585
1586 /* find the policy handle. open a policy on it. */
1587 if (find_policy_by_hnd(get_global_hnd_cache(), pol) == -1)
1588 {
1589 return NT_STATUS_INVALID_HANDLE;
1590 }
1591
1592 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &pol_sid))
1593 {
1594 return NT_STATUS_OBJECT_TYPE_MISMATCH;
1595 }
1596
1597 (*types) = g_new(uint32, num_rids);
1598
1599 if ((*types) == NULL)
1600 {
1601 return NT_STATUS_NO_MEMORY;
1602 }
1603
1604 grp_names = g_new(char *, num_rids);
1605 if (grp_names == NULL)
1606 {
1607 free(*types);
1608 (*types) = NULL;
1609 return NT_STATUS_NO_MEMORY;
1610 }
1611
1612
1613 for (i = 0; i < num_rids; i++)
1614 {
1615 uint32 status1;
1616 DOM_SID sid;
1617 fstring tmpname;
1618
1619 sid_copy(&sid, &pol_sid);
1620 sid_append_rid(&sid, rids[i]);
1621
1622 status1 = lookup_sid(&sid, tmpname, &(*types)[i]);
1623
1624 if (status1 == 0)
1625 {
1626 found_one = True;
1627 grp_names[i] = strdup(tmpname);
1628 }
1629 else
1630 {
1631 (*types)[i] = SID_NAME_UNKNOWN;
1632 grp_names[i] = NULL;
1633 }
1634 }
1635
1636 if (!found_one)
1637 {
1638 return NT_STATUS_NONE_MAPPED;
1639 }
1640
1641 (*num_names) = num_rids;
1642 make_samr_lookup_rids(num_rids, grp_names, hdr_name, uni_name);
1643
1644 free_char_array(num_rids, grp_names);
1645 return NT_STATUS_NOPROBLEMO;
1646 }
1647
1648 /*******************************************************************
1649 samr_reply_open_user
1650 ********************************************************************/
1651 uint32 _samr_open_user(const POLICY_HND * domain_pol,
1652 uint32 access_mask, uint32 user_rid,
1653 POLICY_HND * user_pol)
1654 {
1655 struct sam_passwd *sam_pass;
1656 DOM_SID sid;
1657
1658 /* set up the SAMR open_user response */
1659 ZERO_STRUCTP(user_pol);
1660
1661 /* find the policy handle. open a policy on it. */
1662 if (!get_policy_samr_sid(get_global_hnd_cache(), domain_pol, &sid))
1663 {
1664 return NT_STATUS_INVALID_HANDLE;
1665 }
1666
1667 /* this should not be hard-coded like this */
1668 if (!sid_equal(&sid, &global_sam_sid))
1669 {
1670 return NT_STATUS_ACCESS_DENIED;
1671 }
1672
1673 become_root(True);
1674 sam_pass = getsam21pwrid(user_rid);
1675 unbecome_root(True);
1676
1677 /* check that the RID exists in our domain. */
1678 if (sam_pass == NULL)
1679 {
1680 close_policy_hnd(get_global_hnd_cache(), user_pol);
1681 return NT_STATUS_NO_SUCH_USER;
1682 }
1683
1684 return samr_open_by_sid(domain_pol, &sid, user_pol,
1685 access_mask, user_rid);
1686 }
1687
1688
1689 /*************************************************************************
1690 get_user_info_10
1691 *************************************************************************/
1692 static BOOL get_user_info_10(SAM_USER_INFO_10 * id10, uint32 user_rid)
1693 {
1694 struct sam_passwd *sam_pass;
1695
1696 become_root(True);
1697 sam_pass = getsam21pwrid(user_rid);
1698 unbecome_root(True);
1699
1700 if (sam_pass == NULL)
1701 {
1702 DEBUG(4, ("User 0x%x not found\n", user_rid));
1703 return False;
1704 }
1705
1706 DEBUG(3, ("User:[%s]\n", sam_pass->nt_name));
1707
1708 make_sam_user_info10(id10, sam_pass->acct_ctrl);
1709
1710 return True;
1711 }
1712
1713 /*************************************************************************
1714 get_user_info_21
1715 *************************************************************************/
1716 static BOOL get_user_info_12(SAM_USER_INFO_12 * id12, uint32 user_rid)
1717 {
1718 struct sam_passwd *sam_pass;
1719
1720 become_root(True);
1721 sam_pass = getsam21pwrid(user_rid);
1722 unbecome_root(True);
1723
1724 if (sam_pass == NULL)
1725 {
1726 DEBUG(4, ("User 0x%x not found\n", user_rid));
1727 return False;
1728 }
1729
1730 DEBUG(3, ("User:[%s] %x\n", sam_pass->nt_name, sam_pass->acct_ctrl));
1731
1732 if (IS_BITS_SET_ALL(sam_pass->acct_ctrl, ACB_DISABLED))
1733 {
1734 return False;
1735 }
1736
1737 make_sam_user_info12(id12, sam_pass->smb_passwd,
1738 sam_pass->smb_nt_passwd);
1739
1740 return True;
1741 }
1742
1743 /*************************************************************************
1744 get_user_info_21
1745 *************************************************************************/
1746 static BOOL get_user_info_21(SAM_USER_INFO_21 * id21, uint32 user_rid)
1747 {
1748 struct sam_passwd *sam_pass;
1749 LOGON_HRS hrs;
1750 int i;
1751
1752 become_root(True);
1753 sam_pass = getsam21pwrid(user_rid);
1754 unbecome_root(True);
1755
1756 if (sam_pass == NULL)
1757 {
1758 DEBUG(4, ("User 0x%x not found\n", user_rid));
1759 return False;
1760 }
1761
1762 DEBUG(3, ("User:[%s]\n", sam_pass->nt_name));
1763
1764 /* create a LOGON_HRS structure */
1765 hrs.len = sam_pass->hours_len;
1766 SMB_ASSERT_ARRAY(hrs.hours, hrs.len);
1767 for (i = 0; i < hrs.len; i++)
1768 {
1769 hrs.hours[i] = sam_pass->hours[i];
1770 }
1771
1772 make_sam_user_info21A(id21, &sam_pass->logon_time,
1773 &sam_pass->logoff_time,
1774 &sam_pass->kickoff_time,
1775 &sam_pass->pass_last_set_time,
1776 &sam_pass->pass_can_change_time,
1777 &sam_pass->pass_must_change_time,
1778 sam_pass->nt_name, /* user_name */
1779 sam_pass->full_name, /* full_name */
1780 sam_pass->home_dir, /* home_dir */
1781 sam_pass->dir_drive, /* dir_drive */
1782 sam_pass->logon_script, /* logon_script */
1783 sam_pass->profile_path, /* profile_path */
1784 sam_pass->acct_desc, /* description */
1785 sam_pass->workstations, /* workstations user can log in from */
1786 sam_pass->unknown_str, /* don't know, yet */
1787 sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */
1788 sam_pass->user_rid, /* RID user_id */
1789 sam_pass->group_rid, /* RID group_id */
1790 sam_pass->acct_ctrl, sam_pass->unknown_3, /* unknown_3 */
1791 sam_pass->logon_divs, /* divisions per week */
1792 &hrs, /* logon hours */
1793 sam_pass->unknown_5, sam_pass->unknown_6);
1794
1795 return True;
1796 }
1797
1798 /*******************************************************************
1799 samr_reply_query_userinfo
1800 ********************************************************************/
1801 uint32 _samr_query_userinfo(const POLICY_HND * pol, uint16 switch_value,
1802 SAM_USERINFO_CTR * ctr)
1803 {
1804 uint32 rid = 0x0;
1805 DOM_SID group_sid;
1806
1807 /* find the policy handle. open a policy on it. */
1808 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &group_sid))
1809 {
1810 return NT_STATUS_INVALID_HANDLE;
1811 }
1812 sid_split_rid(&group_sid, &rid);
1813
1814 DEBUG(5, ("samr_reply_query_userinfo: rid:0x%x\n", rid));
1815
1816 /* ok! user info levels (lots: see MSDEV help), off we go... */
1817 ctr->switch_value = switch_value;
1818 switch (switch_value)
1819 {
1820 case 0x10:
1821 {
1822 ctr->info.id10 = g_new(SAM_USER_INFO_10, 1);
1823 if (ctr->info.id10 == NULL)
1824 {
1825 return NT_STATUS_NO_MEMORY;
1826 }
1827 if (!get_user_info_10(ctr->info.id10, rid))
1828 {
1829 return NT_STATUS_NO_SUCH_USER;
1830 }
1831 break;
1832 }
1833 #if 0
1834 /* whoops - got this wrong. i think. or don't understand what's happening. */
1835 case 0x11:
1836 {
1837 NTTIME expire;
1838 info = (void *)&id11;
1839
1840 expire.low = 0xffffffff;
1841 expire.high = 0x7fffffff;
1842
1843 ctr->info.id = (SAM_USER_INFO_11 *) Realloc(NULL,
1844 sizeof
1845 (*ctr->
1846 info.
1847 id11));
1848 make_sam_user_info11(ctr->info.id11, &expire,
1849 "BROOKFIELDS$", /* name */
1850 0x03ef, /* user rid */
1851 0x201, /* group rid */
1852 0x0080); /* acb info */
1853
1854 break;
1855 }
1856 #endif
1857 case 0x12:
1858 {
1859 ctr->info.id12 = g_new(SAM_USER_INFO_12, 1);
1860 if (ctr->info.id12 == NULL)
1861 {
1862 return NT_STATUS_NO_MEMORY;
1863 }
1864 if (!get_user_info_12(ctr->info.id12, rid))
1865 {
1866 return NT_STATUS_NO_SUCH_USER;
1867 }
1868 break;
1869 }
1870 case 21:
1871 {
1872 ctr->info.id21 = g_new(SAM_USER_INFO_21, 1);
1873 if (ctr->info.id21 == NULL)
1874 {
1875 return NT_STATUS_NO_MEMORY;
1876 }
1877 if (!get_user_info_21(ctr->info.id21, rid))
1878 {
1879 return NT_STATUS_NO_SUCH_USER;
1880 }
1881 break;
1882 }
1883
1884 default:
1885 {
1886 return NT_STATUS_INVALID_INFO_CLASS;
1887 }
1888 }
1889
1890 return NT_STATUS_NOPROBLEMO;
1891 }
1892
1893 /*******************************************************************
1894 set_user_info_12
1895 ********************************************************************/
1896 static BOOL set_user_info_12(const SAM_USER_INFO_12 * id12, uint32 rid)
1897 {
1898 struct sam_passwd *pwd = getsam21pwrid(rid);
1899 struct sam_passwd new_pwd;
1900 static uchar nt_hash[16];
1901 static uchar lm_hash[16];
1902
1903 if (pwd == NULL)
1904 {
1905 return False;
1906 }
1907 if (id12 == NULL)
1908 {
1909 DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
1910 return False;
1911 }
1912
1913 pwdb_init_sam(&new_pwd);
1914 copy_sam_passwd(&new_pwd, pwd);
1915
1916 memcpy(nt_hash, id12->nt_pwd, sizeof(nt_hash));
1917 memcpy(lm_hash, id12->lm_pwd, sizeof(lm_hash));
1918
1919 new_pwd.smb_passwd = lm_hash;
1920 new_pwd.smb_nt_passwd = nt_hash;
1921
1922 return mod_sam21pwd_entry(&new_pwd, True);
1923 }
1924
1925 /*******************************************************************
1926 set_user_info_24
1927 ********************************************************************/
1928 static BOOL set_user_info_24(const SAM_USER_INFO_24 * id24, uint32 rid)
1929 {
1930 struct sam_passwd *pwd = getsam21pwrid(rid);
1931 struct sam_passwd new_pwd;
1932 static uchar nt_hash[16];
1933 static uchar lm_hash[16];
1934 UNISTR2 new_pw;
1935 uint32 len;
1936 pstring buf;
1937 int i;
1938
1939 if (pwd == NULL)
1940 {
1941 return False;
1942 }
1943
1944 pwdb_init_sam(&new_pwd);
1945 copy_sam_passwd(&new_pwd, pwd);
1946
1947 if (!decode_pw_buffer(id24->pass, buf, 256, &len))
1948 {
1949 return False;
1950 }
1951
1952 dump_data_pw("decoded password buffer:\n", buf, 516);
1953
1954 new_pw.uni_max_len = len / 2;
1955 new_pw.uni_str_len = len / 2;
1956
1957 for (i = 0; i < new_pw.uni_str_len; i++)
1958 {
1959 new_pw.buffer[i] = SVAL(buf, i * 2);
1960 }
1961
1962 dump_data_pw("unicode password:\n", (char*)new_pw.buffer, len);
1963
1964 nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
1965
1966 dump_data_pw("nt#:\n", nt_hash, 16);
1967 dump_data_pw("lm#:\n", lm_hash, 16);
1968
1969 new_pwd.smb_passwd = lm_hash;
1970 new_pwd.smb_nt_passwd = nt_hash;
1971
1972 return mod_sam21pwd_entry(&new_pwd, True);
1973 }
1974
1975 /*******************************************************************
1976 set_user_info_21
1977 ********************************************************************/
1978 static BOOL set_user_info_21(const SAM_USER_INFO_21 * id21, uint32 rid)
1979 {
1980 struct sam_passwd *pwd = getsam21pwrid(rid);
1981 struct sam_passwd new_pwd;
1982 static uchar nt_hash[16];
1983 static uchar lm_hash[16];
1984
1985 if (id21 == NULL)
1986 {
1987 DEBUG(5, ("set_user_info_21: NULL id21\n"));
1988 return False;
1989 }
1990 if (pwd == NULL)
1991 {
1992 return False;
1993 }
1994
1995 pwdb_init_sam(&new_pwd);
1996 copy_sam_passwd(&new_pwd, pwd);
1997 copy_id21_to_sam_passwd(&new_pwd, id21);
1998
1999 if (pwd->smb_nt_passwd != NULL)
2000 {
2001 memcpy(nt_hash, pwd->smb_nt_passwd, 16);
2002 new_pwd.smb_nt_passwd = nt_hash;
2003 }
2004 else
2005 {
2006 new_pwd.smb_nt_passwd = NULL;
2007 }
2008 if (pwd->smb_nt_passwd != NULL)
2009 {
2010 memcpy(lm_hash, pwd->smb_passwd, 16);
2011 new_pwd.smb_passwd = lm_hash;
2012 }
2013 else
2014 {
2015 new_pwd.smb_passwd = NULL;
2016 }
2017
2018 return mod_sam21pwd_entry(&new_pwd, True);
2019 }
2020
2021 /*******************************************************************
2022 set_user_info_23
2023 ********************************************************************/
2024 static BOOL set_user_info_23(const SAM_USER_INFO_23 * id23, uint32 rid)
2025 {
2026 struct sam_passwd *pwd = getsam21pwrid(rid);
2027 struct sam_passwd new_pwd;
2028 static uchar nt_hash[16];
2029 static uchar lm_hash[16];
2030 UNISTR2 new_pw;
2031 pstring buf;
2032 uint32 len;
2033 int i;
2034
2035 if (id23 == NULL)
2036 {
2037 DEBUG(5, ("set_user_info_23: NULL id23\n"));
2038 return False;
2039 }
2040 if (pwd == NULL)
2041 {
2042 return False;
2043 }
2044
2045 pwdb_init_sam(&new_pwd);
2046 copy_sam_passwd(&new_pwd, pwd);
2047 copy_id23_to_sam_passwd(&new_pwd, id23);
2048
2049 if (!decode_pw_buffer(id23->pass, buf, 256, &len))
2050 {
2051 return False;
2052 }
2053
2054 new_pw.uni_max_len = len / 2;
2055 new_pw.uni_str_len = len / 2;
2056
2057 for (i = 0; i < new_pw.uni_str_len; i++)
2058 {
2059 new_pw.buffer[i] = SVAL(buf, i * 2);
2060 }
2061
2062 nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
2063
2064 new_pwd.smb_passwd = lm_hash;
2065 new_pwd.smb_nt_passwd = nt_hash;
2066
2067 return mod_sam21pwd_entry(&new_pwd, True);
2068 }
2069
2070 /*******************************************************************
2071 samr_reply_set_userinfo
2072 ********************************************************************/
2073 uint32 _samr_set_userinfo(const POLICY_HND * pol, uint16 switch_value,
2074 SAM_USERINFO_CTR * ctr)
2075 {
2076 uchar user_sess_key[16];
2077 uint32 rid = 0x0;
2078 DOM_SID sid;
2079
2080 DEBUG(5, ("samr_reply_set_userinfo: %d\n", __LINE__));
2081
2082 /* search for the handle */
2083 if (find_policy_by_hnd(get_global_hnd_cache(), pol) == -1)
2084 {
2085 return NT_STATUS_INVALID_HANDLE;
2086 }
2087
2088 if (!pol_get_usr_sesskey(get_global_hnd_cache(), pol, user_sess_key))
2089 {
2090 return NT_STATUS_INVALID_HANDLE;
2091 }
2092
2093 /* find the policy handle. open a policy on it. */
2094 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
2095 {
2096 return NT_STATUS_INVALID_HANDLE;
2097 }
2098
2099 sid_split_rid(&sid, &rid);
2100
2101 DEBUG(5, ("samr_reply_set_userinfo: rid:0x%x\n", rid));
2102
2103 if (ctr == NULL)
2104 {
2105 DEBUG(5, ("samr_reply_set_userinfo: NULL info level\n"));
2106 return NT_STATUS_INVALID_INFO_CLASS;
2107 }
2108
2109 /* ok! user info levels (lots: see MSDEV help), off we go... */
2110 switch (switch_value)
2111 {
2112 case 0x12:
2113 {
2114 SAM_USER_INFO_12 *id12 = ctr->info.id12;
2115 if (!set_user_info_12(id12, rid))
2116 {
2117 return NT_STATUS_ACCESS_DENIED;
2118 }
2119 break;
2120 }
2121
2122 case 24:
2123 {
2124 SAM_USER_INFO_24 *id24 = ctr->info.id24;
2125 SamOEMhash(id24->pass, user_sess_key, True);
2126 if (!set_user_info_24(id24, rid))
2127 {
2128 return NT_STATUS_ACCESS_DENIED;
2129 }
2130 break;
2131 }
2132
2133 case 23:
2134 {
2135 SAM_USER_INFO_23 *id23 = ctr->info.id23;
2136 SamOEMhash(id23->pass, user_sess_key, 1);
2137 dump_data_pw("pass buff:\n", id23->pass,
2138 sizeof(id23->pass));
2139 dbgflush();
2140
2141 if (!set_user_info_23(id23, rid))
2142 {
2143 return NT_STATUS_ACCESS_DENIED;
2144 }
2145 break;
2146 }
2147
2148 default:
2149 {
2150 return NT_STATUS_INVALID_INFO_CLASS;
2151 }
2152 }
2153
2154 return NT_STATUS_NOPROBLEMO;
2155 }
2156
2157 /*******************************************************************
2158 set_user_info_10
2159 ********************************************************************/
2160 static BOOL set_user_info_10(const SAM_USER_INFO_10 * id10, uint32 rid)
2161 {
2162 struct sam_passwd *pwd = getsam21pwrid(rid);
2163 struct sam_passwd new_pwd;
2164
2165 if (id10 == NULL)
2166 {
2167 DEBUG(5, ("set_user_info_10: NULL id10\n"));
2168 return False;
2169 }
2170 if (pwd == NULL)
2171 {
2172 return False;
2173 }
2174
2175 copy_sam_passwd(&new_pwd, pwd);
2176
2177 new_pwd.acct_ctrl = id10->acb_info;
2178
2179 return mod_sam21pwd_entry(&new_pwd, True);
2180 }
2181
2182 /*******************************************************************
2183 samr_reply_set_userinfo2
2184 ********************************************************************/
2185 uint32 _samr_set_userinfo2(const POLICY_HND * pol, uint16 switch_value,
2186 SAM_USERINFO_CTR * ctr)
2187 {
2188 DOM_SID sid;
2189 uint32 rid = 0x0;
2190
2191 DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__));
2192
2193 /* find the policy handle. open a policy on it. */
2194 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
2195 {
2196 return NT_STATUS_INVALID_HANDLE;
2197 }
2198
2199 sid_split_rid(&sid, &rid);
2200
2201 DEBUG(5, ("samr_reply_set_userinfo2: rid:0x%x\n", rid));
2202
2203 if (ctr == NULL)
2204 {
2205 DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
2206 return NT_STATUS_INVALID_INFO_CLASS;
2207 }
2208
2209 ctr->switch_value = switch_value;
2210
2211 /* ok! user info levels (lots: see MSDEV help), off we go... */
2212 switch (switch_value)
2213 {
2214 case 21:
2215 {
2216 SAM_USER_INFO_21 *id21 = ctr->info.id21;
2217 if (!set_user_info_21(id21, rid))
2218 {
2219 return NT_STATUS_ACCESS_DENIED;
2220 }
2221 break;
2222 }
2223 case 16:
2224 {
2225 SAM_USER_INFO_10 *id10 = ctr->info.id10;
2226 if (!set_user_info_10(id10, rid))
2227 {
2228 return NT_STATUS_ACCESS_DENIED;
2229 }
2230 break;
2231 }
2232 default:
2233 {
2234 return NT_STATUS_INVALID_INFO_CLASS;
2235 }
2236 }
2237
2238 return NT_STATUS_NOPROBLEMO;
2239 }
2240
2241
2242
2243 /*******************************************************************
2244 samr_reply_query_usergroups
2245 ********************************************************************/
2246 uint32 _samr_query_usergroups(const POLICY_HND * pol,
2247 uint32 * num_groups, DOM_GID ** gids)
2248 {
2249 DOMAIN_GRP *mem_grp = NULL;
2250 struct sam_passwd *sam_pass;
2251 DOM_SID sid;
2252 uint32 rid;
2253 BOOL ret;
2254
2255 DEBUG(5, ("samr_query_usergroups: %d\n", __LINE__));
2256
2257 /* find the policy handle. open a policy on it. */
2258 if (!get_policy_samr_sid(get_global_hnd_cache(), pol, &sid))
2259 {
2260 return NT_STATUS_INVALID_HANDLE;
2261 }
2262
2263 sid_split_rid(&sid, &rid);
2264
2265 become_root(True);
2266 sam_pass = getsam21pwrid(rid);
2267 unbecome_root(True);
2268
2269 if (sam_pass == NULL)
2270 {
2271 return NT_STATUS_NO_SUCH_USER;
2272 }
2273
2274 become_root(True);
2275 ret = getusergroupsntnam(sam_pass->nt_name, &mem_grp, num_groups);
2276 unbecome_root(True);
2277
2278 if (!ret)
2279 {
2280 return NT_STATUS_ACCESS_DENIED;
2281 }
2282
2283 (*gids) = NULL;
2284 (*num_groups) = make_dom_gids(mem_grp, *num_groups, gids);
2285
2286 if (mem_grp != NULL)
2287 {
2288 free(mem_grp);
2289 }
2290
2291 return NT_STATUS_NOPROBLEMO;
2292 }
2293
2294 /*******************************************************************
2295 _samr_create_dom_alias
2296 ********************************************************************/
2297 uint32 _samr_create_dom_alias(const POLICY_HND * domain_pol,
2298 const UNISTR2 * uni_acct_name,
2299 uint32 access_mask,
2300 POLICY_HND * alias_pol, uint32 * rid)
2301 {
2302 uint32 status;
2303 DOM_SID dom_sid;
2304 LOCAL_GRP grp;
2305
2306 ZERO_STRUCTP(alias_pol);
2307
2308 /* find the policy handle. open a policy on it. */
2309 if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
2310 {
2311 return NT_STATUS_INVALID_HANDLE;
2312 }
2313
2314 /* find the domain sid */
2315 if (!get_policy_samr_sid(get_global_hnd_cache(),
2316 domain_pol, &dom_sid))
2317 {
2318 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2319 }
2320
2321 if (!sid_equal(&dom_sid, &global_sam_sid))
2322 {
2323 return NT_STATUS_ACCESS_DENIED;
2324 }
2325
2326 unistr2_to_ascii(grp.name, uni_acct_name, sizeof(grp.name) - 1);
2327 fstrcpy(grp.comment, "");
2328 *rid = grp.rid = 0xffffffff;
2329
2330 *rid = grp.rid;
2331 status = samr_open_by_sid(domain_pol, &dom_sid, alias_pol,
2332 access_mask, grp.rid);
2333
2334 if (status != 0x0)
2335 {
2336 return status;
2337 }
2338
2339 if (!add_alias_entry(&grp))
2340 {
2341 return NT_STATUS_ACCESS_DENIED;
2342 }
2343
2344 return NT_STATUS_NOPROBLEMO;
2345 }
2346
2347 /*******************************************************************
2348 _samr_create_dom_group
2349 ********************************************************************/
2350 uint32 _samr_create_dom_group(const POLICY_HND * domain_pol,
2351 const UNISTR2 * uni_acct_name,
2352 uint32 access_mask,
2353 POLICY_HND * group_pol, uint32 * rid)
2354 {
2355 uint32 status;
2356 DOM_SID dom_sid;
2357 DOMAIN_GRP grp;
2358
2359 ZERO_STRUCTP(group_pol);
2360
2361 /* find the policy handle. open a policy on it. */
2362 if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
2363 {
2364 return NT_STATUS_INVALID_HANDLE;
2365 }
2366
2367 /* find the domain sid */
2368 if (!get_policy_samr_sid(get_global_hnd_cache(),
2369 domain_pol, &dom_sid))
2370 {
2371 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2372 }
2373
2374 if (!sid_equal(&dom_sid, &global_sam_sid))
2375 {
2376 return NT_STATUS_ACCESS_DENIED;
2377 }
2378
2379 unistr2_to_ascii(grp.name, uni_acct_name, sizeof(grp.name) - 1);
2380 fstrcpy(grp.comment, "");
2381 *rid = grp.rid = 0xffffffff;
2382 grp.attr = 0x07;
2383
2384 *rid = grp.rid;
2385 status = samr_open_by_sid(domain_pol, &dom_sid, group_pol,
2386 access_mask, grp.rid);
2387 if (status != 0x0)
2388 {
2389 return status;
2390 }
2391
2392 if (!add_group_entry(&grp))
2393 {
2394 return NT_STATUS_ACCESS_DENIED;
2395 }
2396
2397 return NT_STATUS_NOPROBLEMO;
2398 }
2399
2400 /*******************************************************************
2401 _samr_query_dom_info
2402 ********************************************************************/
2403 uint32 _samr_query_dom_info(const POLICY_HND * domain_pol,
2404 uint16 switch_value, SAM_UNK_CTR * ctr)
2405 {
2406 /* find the policy handle. open a policy on it. */
2407 if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
2408 {
2409 DEBUG(5, ("samr_reply_query_dom_info: invalid handle\n"));
2410 return NT_STATUS_INVALID_HANDLE;
2411 }
2412
2413 switch (switch_value)
2414 {
2415 case 0x0c:
2416 {
2417 make_unk_info12(&(ctr->info.inf12));
2418 break;
2419 }
2420 case 0x07:
2421 {
2422 make_unk_info7(&(ctr->info.inf7));
2423 break;
2424 }
2425 case 0x06:
2426 {
2427 make_unk_info6(&(ctr->info.inf6));
2428 break;
2429 }
2430 case 0x03:
2431 {
2432 make_unk_info3(&(ctr->info.inf3));
2433 break;
2434 }
2435 case 0x02:
2436 {
2437 extern fstring global_sam_name;
2438 extern pstring global_myname;
2439 make_unk_info2(&(ctr->info.inf2), global_sam_name,
2440 global_myname);
2441 break;
2442 }
2443 case 0x01:
2444 {
2445 make_unk_info1(&(ctr->info.inf1));
2446 break;
2447 }
2448 default:
2449 {
2450 return NT_STATUS_INVALID_INFO_CLASS;
2451 }
2452 }
2453
2454 return NT_STATUS_NOPROBLEMO;
2455 }
2456
2457 /*******************************************************************
2458 _samr_create_user
2459 ********************************************************************/
2460 uint32 _samr_create_user(const POLICY_HND * domain_pol,
2461 const UNISTR2 * uni_username,
2462 uint16 acb_info, uint32 access_mask,
2463 POLICY_HND * user_pol,
2464 uint32 * unknown_0, uint32 * user_rid)
2465 {
2466 DOM_SID sid;
2467
2468 struct sam_passwd *sam_pass;
2469 fstring user_name;
2470 pstring err_str;
2471 pstring msg_str;
2472
2473 (*unknown_0) = 0x30;
2474 (*user_rid) = 0x0;
2475
2476 /* find the machine account: tell the caller if it exists.
2477 lkclXXXX i have *no* idea if this is a problem or not
2478 or even if you are supposed to construct a different
2479 reply if the account already exists...
2480 */
2481
2482 /* find the domain sid associated with the policy handle */
2483 if (!get_policy_samr_sid(get_global_hnd_cache(), domain_pol, &sid))
2484 {
2485 return NT_STATUS_INVALID_HANDLE;
2486 }
2487 if (!sid_equal(&sid, &global_sam_sid))
2488 {
2489 return NT_STATUS_ACCESS_DENIED;
2490 }
2491
2492 unistr2_to_ascii(user_name, uni_username, sizeof(user_name) - 1);
2493
2494 sam_pass = getsam21pwntnam(user_name);
2495
2496 if (sam_pass != NULL)
2497 {
2498 /* account exists: say so */
2499 return NT_STATUS_USER_EXISTS;
2500 }
2501
2502 if (!local_password_change(user_name, True,
2503 acb_info | ACB_DISABLED | ACB_PWNOTREQ,
2504 0xffff, NULL, err_str, sizeof(err_str),
2505 msg_str, sizeof(msg_str)))
2506 {
2507 DEBUG(0, ("%s\n", err_str));
2508 return NT_STATUS_ACCESS_DENIED;
2509 }
2510
2511 sam_pass = getsam21pwntnam(user_name);
2512 if (sam_pass == NULL)
2513 {
2514 /* account doesn't exist: say so */
2515 return NT_STATUS_ACCESS_DENIED;
2516 }
2517
2518 *unknown_0 = 0x000703ff;
2519 *user_rid = sam_pass->user_rid;
2520
2521 return samr_open_by_sid(domain_pol, &sid, user_pol,
2522 access_mask, *user_rid);
2523 }
2524
2525 /*******************************************************************
2526 _samr_connect_anon
2527 ********************************************************************/
2528 uint32 _samr_connect_anon(const UNISTR2 * srv_name, uint32 access_mask,
2529 POLICY_HND * connect_pol)
2530 {
2531 /* get a (unique) handle. open a policy on it. */
2532 if (!open_policy_hnd(get_global_hnd_cache(),
2533 get_sec_ctx(), connect_pol, access_mask))
2534 {
2535 return NT_STATUS_ACCESS_DENIED;
2536 }
2537
2538 policy_hnd_set_name(get_global_hnd_cache(),
2539 connect_pol, "sam_connect_anon");
2540
2541 return NT_STATUS_NOPROBLEMO;
2542 }
2543
2544 /*******************************************************************
2545 _samr_connect
2546 ********************************************************************/
2547 uint32 _samr_connect(const UNISTR2 * srv_name, uint32 access_mask,
2548 POLICY_HND * connect_pol)
2549 {
2550 /* get a (unique) handle. open a policy on it. */
2551 if (!open_policy_hnd(get_global_hnd_cache(),
2552 get_sec_ctx(), connect_pol, access_mask))
2553 {
2554 return NT_STATUS_ACCESS_DENIED;
2555 }
2556
2557 policy_hnd_set_name(get_global_hnd_cache(),
2558 connect_pol, "sam_connect");
2559
2560 return NT_STATUS_NOPROBLEMO;
2561 }
2562
2563 /*******************************************************************
2564 _samr_open_alias
2565 ********************************************************************/
2566 uint32 _samr_open_alias(const POLICY_HND * domain_pol,
2567 uint32 access_mask, uint32 alias_rid,
2568 POLICY_HND * alias_pol)
2569 {
2570 DOM_SID sid;
2571
2572 /* find the domain sid associated with the policy handle */
2573 if (!get_policy_samr_sid(get_global_hnd_cache(), domain_pol, &sid))
2574 {
2575 return NT_STATUS_INVALID_HANDLE;
2576 }
2577
2578 /* this should not be hard-coded like this */
2579 if (!sid_equal(&sid, &global_sam_sid) &&
2580 !sid_equal(&sid, global_sid_builtin))
2581 {
2582 return NT_STATUS_ACCESS_DENIED;
2583 }
2584
2585 return samr_open_by_sid(domain_pol, &sid, alias_pol, access_mask,
2586 alias_rid);
2587 }
2588
2589 /*******************************************************************
2590 _samr_open_group
2591 ********************************************************************/
2592 uint32 _samr_open_group(const POLICY_HND * domain_pol, uint32 access_mask,
2593 uint32 group_rid, POLICY_HND * group_pol)
2594 {
2595 DOM_SID sid;
2596
2597 /* find the domain sid associated with the policy handle */
2598 if (!get_policy_samr_sid(get_global_hnd_cache(), domain_pol, &sid))
2599 {
2600 return NT_STATUS_INVALID_HANDLE;
2601 }
2602
2603 /* this should not be hard-coded like this */
2604 if (!sid_equal(&sid, &global_sam_sid))
2605 {
2606 return NT_STATUS_ACCESS_DENIED;
2607 }
2608
2609 return samr_open_by_sid(domain_pol, &sid, group_pol, access_mask,
2610 group_rid);
2611 }
2612
2613 /*******************************************************************
2614 _samr_lookup_domain
2615 ********************************************************************/
2616 uint32 _samr_lookup_domain(const POLICY_HND * connect_pol,
2617 const UNISTR2 * uni_domain, DOM_SID * dom_sid)
2618 {
2619 fstring domain;
2620
2621 /* find the connection policy handle */
2622 if (find_policy_by_hnd(get_global_hnd_cache(), connect_pol) == -1)
2623 {
2624 return NT_STATUS_INVALID_HANDLE;
2625 }
2626
2627 unistr2_to_ascii(domain, uni_domain, sizeof(domain));
2628 DEBUG(5, ("Lookup Domain: %s\n", domain));
2629
2630 /* check it's one of ours */
2631 if (strequal(domain, global_sam_name))
2632 {
2633 sid_copy(dom_sid, &global_sam_sid);
2634 return 0x0;
2635 }
2636 else if (strequal(domain, "BUILTIN"))
2637 {
2638 sid_copy(dom_sid, global_sid_builtin);
2639 return NT_STATUS_NOPROBLEMO;
2640 }
2641
2642 return NT_STATUS_NO_SUCH_DOMAIN;
2643 }
2644
2645 BOOL pwdbsam_initialise(void)
2646 {
2647 return initialise_password_db() &&
2648 initialise_sam_password_db() &&
2649 initialise_passgrp_db() &&
2650 initialise_group_db() &&
2651 initialise_alias_db() && initialise_builtin_db();
2652 }
Samba GIT mirror