2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
27 /****************************************************************
28 ****************************************************************/
30 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X
*infoX
,
31 struct samr_UserInfo21
*info21
)
33 uint32_t fields_present
= SAMR_FIELD_ACCT_FLAGS
;
34 struct samr_LogonHours zero_logon_hours
;
35 struct lsa_BinaryString zero_parameters
;
36 uint32_t acct_flags
= 0;
40 ZERO_STRUCT(zero_logon_hours
);
41 ZERO_STRUCT(zero_parameters
);
43 if (infoX
->usriX_name
) {
44 fields_present
|= SAMR_FIELD_FULL_NAME
;
46 if (infoX
->usriX_password
) {
47 fields_present
|= SAMR_FIELD_PASSWORD
;
49 if (infoX
->usriX_flags
) {
50 fields_present
|= SAMR_FIELD_ACCT_FLAGS
;
52 if (infoX
->usriX_name
) {
53 fields_present
|= SAMR_FIELD_FULL_NAME
;
55 if (infoX
->usriX_home_dir
) {
56 fields_present
|= SAMR_FIELD_HOME_DIRECTORY
;
58 if (infoX
->usriX_script_path
) {
59 fields_present
|= SAMR_FIELD_LOGON_SCRIPT
;
61 if (infoX
->usriX_comment
) {
62 fields_present
|= SAMR_FIELD_DESCRIPTION
;
64 if (infoX
->usriX_password_age
) {
65 fields_present
|= SAMR_FIELD_FORCE_PWD_CHANGE
;
68 acct_flags
|= infoX
->usriX_flags
| ACB_NORMAL
;
70 unix_to_nt_time_abs(&password_age
, infoX
->usriX_password_age
);
72 /* TODO: infoX->usriX_priv */
73 init_samr_user_info21(info21
,
82 infoX
->usriX_home_dir
,
84 infoX
->usriX_script_path
,
104 /****************************************************************
105 ****************************************************************/
107 static NTSTATUS
construct_USER_INFO_X(uint32_t level
,
109 struct USER_INFO_X
*uX
)
111 struct USER_INFO_0
*u0
= NULL
;
112 struct USER_INFO_1
*u1
= NULL
;
113 struct USER_INFO_2
*u2
= NULL
;
114 struct USER_INFO_1007
*u1007
= NULL
;
116 if (!buffer
|| !uX
) {
117 return NT_STATUS_INVALID_PARAMETER
;
124 u0
= (struct USER_INFO_0
*)buffer
;
125 uX
->usriX_name
= u0
->usri0_name
;
128 u1
= (struct USER_INFO_1
*)buffer
;
129 uX
->usriX_name
= u1
->usri1_name
;
130 uX
->usriX_password
= u1
->usri1_password
;
131 uX
->usriX_password_age
= u1
->usri1_password_age
;
132 uX
->usriX_priv
= u1
->usri1_priv
;
133 uX
->usriX_home_dir
= u1
->usri1_home_dir
;
134 uX
->usriX_comment
= u1
->usri1_comment
;
135 uX
->usriX_flags
= u1
->usri1_flags
;
136 uX
->usriX_script_path
= u1
->usri1_script_path
;
139 u2
= (struct USER_INFO_2
*)buffer
;
140 uX
->usriX_name
= u2
->usri2_name
;
141 uX
->usriX_password
= u2
->usri2_password
;
142 uX
->usriX_password_age
= u2
->usri2_password_age
;
143 uX
->usriX_priv
= u2
->usri2_priv
;
144 uX
->usriX_home_dir
= u2
->usri2_home_dir
;
145 uX
->usriX_comment
= u2
->usri2_comment
;
146 uX
->usriX_flags
= u2
->usri2_flags
;
147 uX
->usriX_script_path
= u2
->usri2_script_path
;
148 uX
->usriX_auth_flags
= u2
->usri2_auth_flags
;
149 uX
->usriX_full_name
= u2
->usri2_full_name
;
150 uX
->usriX_usr_comment
= u2
->usri2_usr_comment
;
151 uX
->usriX_parms
= u2
->usri2_parms
;
152 uX
->usriX_workstations
= u2
->usri2_workstations
;
153 uX
->usriX_last_logon
= u2
->usri2_last_logon
;
154 uX
->usriX_last_logoff
= u2
->usri2_last_logoff
;
155 uX
->usriX_acct_expires
= u2
->usri2_acct_expires
;
156 uX
->usriX_max_storage
= u2
->usri2_max_storage
;
157 uX
->usriX_units_per_week
= u2
->usri2_units_per_week
;
158 uX
->usriX_logon_hours
= u2
->usri2_logon_hours
;
159 uX
->usriX_bad_pw_count
= u2
->usri2_bad_pw_count
;
160 uX
->usriX_num_logons
= u2
->usri2_num_logons
;
161 uX
->usriX_logon_server
= u2
->usri2_logon_server
;
162 uX
->usriX_country_code
= u2
->usri2_country_code
;
163 uX
->usriX_code_page
= u2
->usri2_code_page
;
166 u1007
= (struct USER_INFO_1007
*)buffer
;
167 uX
->usriX_comment
= u1007
->usri1007_comment
;
172 return NT_STATUS_INVALID_INFO_CLASS
;
178 /****************************************************************
179 ****************************************************************/
181 WERROR
NetUserAdd_r(struct libnetapi_ctx
*ctx
,
182 struct NetUserAdd
*r
)
184 struct cli_state
*cli
= NULL
;
185 struct rpc_pipe_client
*pipe_cli
= NULL
;
188 POLICY_HND connect_handle
, domain_handle
, user_handle
;
189 struct lsa_String lsa_account_name
;
190 struct dom_sid2
*domain_sid
= NULL
;
191 struct samr_UserInfo21 info21
;
192 union samr_UserInfo
*user_info
= NULL
;
193 struct samr_PwInfo pw_info
;
194 uint32_t access_granted
= 0;
196 struct USER_INFO_X uX
;
198 ZERO_STRUCT(connect_handle
);
199 ZERO_STRUCT(domain_handle
);
200 ZERO_STRUCT(user_handle
);
203 return WERR_INVALID_PARAM
;
206 switch (r
->in
.level
) {
213 werr
= WERR_NOT_SUPPORTED
;
217 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
218 if (!W_ERROR_IS_OK(werr
)) {
222 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
224 if (!W_ERROR_IS_OK(werr
)) {
228 status
= construct_USER_INFO_X(r
->in
.level
, r
->in
.buffer
, &uX
);
229 if (!NT_STATUS_IS_OK(status
)) {
230 werr
= ntstatus_to_werror(status
);
234 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
235 SAMR_ACCESS_ENUM_DOMAINS
|
236 SAMR_ACCESS_OPEN_DOMAIN
,
237 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
238 SAMR_DOMAIN_ACCESS_CREATE_USER
|
239 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
243 if (!W_ERROR_IS_OK(werr
)) {
247 init_lsa_String(&lsa_account_name
, uX
.usriX_name
);
249 status
= rpccli_samr_CreateUser2(pipe_cli
, ctx
,
255 SAMR_USER_ACCESS_SET_PASSWORD
|
256 SAMR_USER_ACCESS_SET_ATTRIBUTES
|
257 SAMR_USER_ACCESS_GET_ATTRIBUTES
,
261 if (!NT_STATUS_IS_OK(status
)) {
262 werr
= ntstatus_to_werror(status
);
266 status
= rpccli_samr_QueryUserInfo(pipe_cli
, ctx
,
270 if (!NT_STATUS_IS_OK(status
)) {
271 werr
= ntstatus_to_werror(status
);
275 if (!(user_info
->info16
.acct_flags
& ACB_NORMAL
)) {
276 werr
= WERR_INVALID_PARAM
;
280 status
= rpccli_samr_GetUserPwInfo(pipe_cli
, ctx
,
283 if (!NT_STATUS_IS_OK(status
)) {
284 werr
= ntstatus_to_werror(status
);
288 convert_USER_INFO_X_to_samr_user_info21(&uX
,
291 ZERO_STRUCTP(user_info
);
293 if (uX
.usriX_password
) {
295 user_info
->info25
.info
= info21
;
297 init_samr_CryptPasswordEx(uX
.usriX_password
,
298 &cli
->user_session_key
,
299 &user_info
->info25
.password
);
301 status
= rpccli_samr_SetUserInfo2(pipe_cli
, ctx
,
306 if (NT_STATUS_EQUAL(status
, NT_STATUS(DCERPC_FAULT_INVALID_TAG
))) {
308 user_info
->info23
.info
= info21
;
310 init_samr_CryptPassword(uX
.usriX_password
,
311 &cli
->user_session_key
,
312 &user_info
->info23
.password
);
314 status
= rpccli_samr_SetUserInfo2(pipe_cli
, ctx
,
321 user_info
->info21
= info21
;
323 status
= rpccli_samr_SetUserInfo(pipe_cli
, ctx
,
329 if (!NT_STATUS_IS_OK(status
)) {
330 werr
= ntstatus_to_werror(status
);
338 rpccli_samr_DeleteUser(pipe_cli
, ctx
,
346 if (is_valid_policy_hnd(&user_handle
)) {
347 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
350 if (ctx
->disable_policy_handle_cache
) {
351 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
352 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
358 /****************************************************************
359 ****************************************************************/
361 WERROR
NetUserAdd_l(struct libnetapi_ctx
*ctx
,
362 struct NetUserAdd
*r
)
364 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserAdd
);
367 /****************************************************************
368 ****************************************************************/
370 WERROR
NetUserDel_r(struct libnetapi_ctx
*ctx
,
371 struct NetUserDel
*r
)
373 struct cli_state
*cli
= NULL
;
374 struct rpc_pipe_client
*pipe_cli
= NULL
;
377 POLICY_HND connect_handle
, builtin_handle
, domain_handle
, user_handle
;
378 struct lsa_String lsa_account_name
;
379 struct samr_Ids user_rids
, name_types
;
380 struct dom_sid2
*domain_sid
= NULL
;
381 struct dom_sid2 user_sid
;
383 ZERO_STRUCT(connect_handle
);
384 ZERO_STRUCT(builtin_handle
);
385 ZERO_STRUCT(domain_handle
);
386 ZERO_STRUCT(user_handle
);
388 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
389 if (!W_ERROR_IS_OK(werr
)) {
393 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
395 if (!W_ERROR_IS_OK(werr
)) {
399 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
400 SAMR_ACCESS_ENUM_DOMAINS
|
401 SAMR_ACCESS_OPEN_DOMAIN
,
402 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
406 if (!W_ERROR_IS_OK(werr
)) {
410 status
= rpccli_samr_OpenDomain(pipe_cli
, ctx
,
412 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
413 CONST_DISCARD(DOM_SID
*, &global_sid_Builtin
),
415 if (!NT_STATUS_IS_OK(status
)) {
416 werr
= ntstatus_to_werror(status
);
420 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
422 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
428 if (!NT_STATUS_IS_OK(status
)) {
429 werr
= ntstatus_to_werror(status
);
433 status
= rpccli_samr_OpenUser(pipe_cli
, ctx
,
435 STD_RIGHT_DELETE_ACCESS
,
438 if (!NT_STATUS_IS_OK(status
)) {
439 werr
= ntstatus_to_werror(status
);
443 sid_compose(&user_sid
, domain_sid
, user_rids
.ids
[0]);
445 status
= rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli
, ctx
,
448 if (!NT_STATUS_IS_OK(status
)) {
449 werr
= ntstatus_to_werror(status
);
453 status
= rpccli_samr_DeleteUser(pipe_cli
, ctx
,
455 if (!NT_STATUS_IS_OK(status
)) {
456 werr
= ntstatus_to_werror(status
);
467 if (is_valid_policy_hnd(&user_handle
)) {
468 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
471 if (ctx
->disable_policy_handle_cache
) {
472 libnetapi_samr_close_builtin_handle(ctx
, &builtin_handle
);
473 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
474 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
480 /****************************************************************
481 ****************************************************************/
483 WERROR
NetUserDel_l(struct libnetapi_ctx
*ctx
,
484 struct NetUserDel
*r
)
486 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserDel
);
489 /****************************************************************
490 ****************************************************************/
492 static NTSTATUS
libnetapi_samr_lookup_user(TALLOC_CTX
*mem_ctx
,
493 struct rpc_pipe_client
*pipe_cli
,
494 struct policy_handle
*domain_handle
,
495 struct policy_handle
*builtin_handle
,
496 const char *user_name
,
499 struct samr_UserInfo21
**info21
,
500 struct sec_desc_buf
**sec_desc
)
504 struct policy_handle user_handle
;
505 union samr_UserInfo
*user_info
= NULL
;
506 struct samr_RidWithAttributeArray
*rid_array
= NULL
;
507 uint32_t access_mask
= SEC_STD_READ_CONTROL
|
508 SAMR_USER_ACCESS_GET_ATTRIBUTES
|
509 SAMR_USER_ACCESS_GET_NAME_ETC
;
511 ZERO_STRUCT(user_handle
);
524 return NT_STATUS_INVALID_LEVEL
;
531 status
= rpccli_samr_OpenUser(pipe_cli
, mem_ctx
,
536 if (!NT_STATUS_IS_OK(status
)) {
540 status
= rpccli_samr_QueryUserInfo(pipe_cli
, mem_ctx
,
544 if (!NT_STATUS_IS_OK(status
)) {
548 status
= rpccli_samr_QuerySecurity(pipe_cli
, mem_ctx
,
552 if (!NT_STATUS_IS_OK(status
)) {
557 status
= rpccli_samr_GetGroupsForUser(pipe_cli
, mem_ctx
,
560 if (!NT_STATUS_IS_OK(status
)) {
565 status
= rpccli_samr_GetAliasMembership(pipe_cli
, ctx
,
569 if (!NT_STATUS_IS_OK(status
)) {
575 *info21
= &user_info
->info21
;
578 if (is_valid_policy_hnd(&user_handle
)) {
579 rpccli_samr_Close(pipe_cli
, mem_ctx
, &user_handle
);
585 /****************************************************************
586 ****************************************************************/
588 static NTSTATUS
libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX
*mem_ctx
,
589 struct rpc_pipe_client
*pipe_cli
,
590 struct dom_sid
*domain_sid
,
591 struct policy_handle
*domain_handle
,
592 struct policy_handle
*builtin_handle
,
593 const char *user_name
,
597 uint32_t *num_entries
)
601 struct samr_UserInfo21
*info21
= NULL
;
602 struct sec_desc_buf
*sec_desc
= NULL
;
605 struct USER_INFO_0 info0
;
606 struct USER_INFO_10 info10
;
607 struct USER_INFO_20 info20
;
608 struct USER_INFO_23 info23
;
621 return NT_STATUS_INVALID_LEVEL
;
625 info0
.usri0_name
= talloc_strdup(mem_ctx
, user_name
);
626 NT_STATUS_HAVE_NO_MEMORY(info0
.usri0_name
);
628 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_0
, info0
,
629 (struct USER_INFO_0
**)buffer
, num_entries
);
634 status
= libnetapi_samr_lookup_user(mem_ctx
, pipe_cli
,
643 if (!NT_STATUS_IS_OK(status
)) {
649 info10
.usri10_name
= talloc_strdup(mem_ctx
, user_name
);
650 NT_STATUS_HAVE_NO_MEMORY(info10
.usri10_name
);
652 info10
.usri10_comment
= talloc_strdup(mem_ctx
,
653 info21
->description
.string
);
655 info10
.usri10_full_name
= talloc_strdup(mem_ctx
,
656 info21
->full_name
.string
);
658 info10
.usri10_usr_comment
= talloc_strdup(mem_ctx
,
659 info21
->comment
.string
);
661 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_10
, info10
,
662 (struct USER_INFO_10
**)buffer
, num_entries
);
667 info20
.usri20_name
= talloc_strdup(mem_ctx
, user_name
);
668 NT_STATUS_HAVE_NO_MEMORY(info20
.usri20_name
);
670 info20
.usri20_comment
= talloc_strdup(mem_ctx
,
671 info21
->description
.string
);
673 info20
.usri20_full_name
= talloc_strdup(mem_ctx
,
674 info21
->full_name
.string
);
676 info20
.usri20_flags
= info21
->acct_flags
;
677 info20
.usri20_user_id
= rid
;
679 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_20
, info20
,
680 (struct USER_INFO_20
**)buffer
, num_entries
);
684 info23
.usri23_name
= talloc_strdup(mem_ctx
, user_name
);
685 NT_STATUS_HAVE_NO_MEMORY(info23
.usri23_name
);
687 info23
.usri23_comment
= talloc_strdup(mem_ctx
,
688 info21
->description
.string
);
690 info23
.usri23_full_name
= talloc_strdup(mem_ctx
,
691 info21
->full_name
.string
);
693 info23
.usri23_flags
= info21
->acct_flags
;
695 if (!sid_compose(&sid
, domain_sid
, rid
)) {
696 return NT_STATUS_NO_MEMORY
;
699 info23
.usri23_user_sid
=
700 (struct domsid
*)sid_dup_talloc(mem_ctx
, &sid
);
702 ADD_TO_ARRAY(mem_ctx
, struct USER_INFO_23
, info23
,
703 (struct USER_INFO_23
**)buffer
, num_entries
);
711 /****************************************************************
712 ****************************************************************/
714 WERROR
NetUserEnum_r(struct libnetapi_ctx
*ctx
,
715 struct NetUserEnum
*r
)
717 struct cli_state
*cli
= NULL
;
718 struct rpc_pipe_client
*pipe_cli
= NULL
;
719 struct policy_handle connect_handle
;
720 struct dom_sid2
*domain_sid
= NULL
;
721 struct policy_handle domain_handle
;
722 struct samr_SamArray
*sam
= NULL
;
723 uint32_t filter
= ACB_NORMAL
;
725 uint32_t entries_read
= 0;
727 NTSTATUS status
= NT_STATUS_OK
;
730 ZERO_STRUCT(connect_handle
);
731 ZERO_STRUCT(domain_handle
);
733 if (!r
->out
.buffer
) {
734 return WERR_INVALID_PARAM
;
737 *r
->out
.buffer
= NULL
;
738 *r
->out
.entries_read
= 0;
740 switch (r
->in
.level
) {
751 return WERR_NOT_SUPPORTED
;
754 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
755 if (!W_ERROR_IS_OK(werr
)) {
759 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
761 if (!W_ERROR_IS_OK(werr
)) {
765 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
766 SAMR_ACCESS_ENUM_DOMAINS
|
767 SAMR_ACCESS_OPEN_DOMAIN
,
768 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
769 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
|
770 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
774 if (!W_ERROR_IS_OK(werr
)) {
778 switch (r
->in
.filter
) {
779 case FILTER_NORMAL_ACCOUNT
:
782 case FILTER_TEMP_DUPLICATE_ACCOUNT
:
783 filter
= ACB_TEMPDUP
;
785 case FILTER_INTERDOMAIN_TRUST_ACCOUNT
:
786 filter
= ACB_DOMTRUST
;
788 case FILTER_WORKSTATION_TRUST_ACCOUNT
:
789 filter
= ACB_WSTRUST
;
791 case FILTER_SERVER_TRUST_ACCOUNT
:
792 filter
= ACB_SVRTRUST
;
798 status
= rpccli_samr_EnumDomainUsers(pipe_cli
,
806 werr
= ntstatus_to_werror(status
);
807 if (NT_STATUS_IS_ERR(status
)) {
811 for (i
=0; i
< sam
->count
; i
++) {
813 status
= libnetapi_samr_lookup_user_map_USER_INFO(ctx
, pipe_cli
,
816 NULL
, /*&builtin_handle, */
817 sam
->entries
[i
].name
.string
,
821 r
->out
.entries_read
);
822 if (!NT_STATUS_IS_OK(status
)) {
823 werr
= ntstatus_to_werror(status
);
834 if (NT_STATUS_IS_OK(status
) ||
835 NT_STATUS_IS_ERR(status
)) {
837 if (ctx
->disable_policy_handle_cache
) {
838 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
839 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
846 /****************************************************************
847 ****************************************************************/
849 WERROR
NetUserEnum_l(struct libnetapi_ctx
*ctx
,
850 struct NetUserEnum
*r
)
852 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserEnum
);
855 /****************************************************************
856 ****************************************************************/
858 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX
*mem_ctx
,
859 struct samr_DispInfoGeneral
*info
,
860 uint32_t *entries_read
,
863 struct NET_DISPLAY_USER
*user
= NULL
;
866 user
= TALLOC_ZERO_ARRAY(mem_ctx
,
867 struct NET_DISPLAY_USER
,
869 W_ERROR_HAVE_NO_MEMORY(user
);
871 for (i
= 0; i
< info
->count
; i
++) {
872 user
[i
].usri1_name
= talloc_strdup(mem_ctx
,
873 info
->entries
[i
].account_name
.string
);
874 user
[i
].usri1_comment
= talloc_strdup(mem_ctx
,
875 info
->entries
[i
].description
.string
);
876 user
[i
].usri1_flags
=
877 info
->entries
[i
].acct_flags
;
878 user
[i
].usri1_full_name
= talloc_strdup(mem_ctx
,
879 info
->entries
[i
].full_name
.string
);
880 user
[i
].usri1_user_id
=
881 info
->entries
[i
].rid
;
882 user
[i
].usri1_next_index
=
883 info
->entries
[i
].idx
;
885 if (!user
[i
].usri1_name
) {
890 *buffer
= talloc_memdup(mem_ctx
, user
,
891 sizeof(struct NET_DISPLAY_USER
) * info
->count
);
892 W_ERROR_HAVE_NO_MEMORY(*buffer
);
894 *entries_read
= info
->count
;
899 /****************************************************************
900 ****************************************************************/
902 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX
*mem_ctx
,
903 struct samr_DispInfoFull
*info
,
904 uint32_t *entries_read
,
907 struct NET_DISPLAY_MACHINE
*machine
= NULL
;
910 machine
= TALLOC_ZERO_ARRAY(mem_ctx
,
911 struct NET_DISPLAY_MACHINE
,
913 W_ERROR_HAVE_NO_MEMORY(machine
);
915 for (i
= 0; i
< info
->count
; i
++) {
916 machine
[i
].usri2_name
= talloc_strdup(mem_ctx
,
917 info
->entries
[i
].account_name
.string
);
918 machine
[i
].usri2_comment
= talloc_strdup(mem_ctx
,
919 info
->entries
[i
].description
.string
);
920 machine
[i
].usri2_flags
=
921 info
->entries
[i
].acct_flags
;
922 machine
[i
].usri2_user_id
=
923 info
->entries
[i
].rid
;
924 machine
[i
].usri2_next_index
=
925 info
->entries
[i
].idx
;
927 if (!machine
[i
].usri2_name
) {
932 *buffer
= talloc_memdup(mem_ctx
, machine
,
933 sizeof(struct NET_DISPLAY_MACHINE
) * info
->count
);
934 W_ERROR_HAVE_NO_MEMORY(*buffer
);
936 *entries_read
= info
->count
;
941 /****************************************************************
942 ****************************************************************/
944 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX
*mem_ctx
,
945 struct samr_DispInfoFullGroups
*info
,
946 uint32_t *entries_read
,
949 struct NET_DISPLAY_GROUP
*group
= NULL
;
952 group
= TALLOC_ZERO_ARRAY(mem_ctx
,
953 struct NET_DISPLAY_GROUP
,
955 W_ERROR_HAVE_NO_MEMORY(group
);
957 for (i
= 0; i
< info
->count
; i
++) {
958 group
[i
].grpi3_name
= talloc_strdup(mem_ctx
,
959 info
->entries
[i
].account_name
.string
);
960 group
[i
].grpi3_comment
= talloc_strdup(mem_ctx
,
961 info
->entries
[i
].description
.string
);
962 group
[i
].grpi3_group_id
=
963 info
->entries
[i
].rid
;
964 group
[i
].grpi3_attributes
=
965 info
->entries
[i
].acct_flags
;
966 group
[i
].grpi3_next_index
=
967 info
->entries
[i
].idx
;
969 if (!group
[i
].grpi3_name
) {
974 *buffer
= talloc_memdup(mem_ctx
, group
,
975 sizeof(struct NET_DISPLAY_GROUP
) * info
->count
);
976 W_ERROR_HAVE_NO_MEMORY(*buffer
);
978 *entries_read
= info
->count
;
984 /****************************************************************
985 ****************************************************************/
987 static WERROR
convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX
*mem_ctx
,
988 union samr_DispInfo
*info
,
990 uint32_t *entries_read
,
995 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx
,
1000 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx
,
1005 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx
,
1010 return WERR_UNKNOWN_LEVEL
;
1016 /****************************************************************
1017 ****************************************************************/
1019 WERROR
NetQueryDisplayInformation_r(struct libnetapi_ctx
*ctx
,
1020 struct NetQueryDisplayInformation
*r
)
1022 struct cli_state
*cli
= NULL
;
1023 struct rpc_pipe_client
*pipe_cli
= NULL
;
1024 struct policy_handle connect_handle
;
1025 struct dom_sid2
*domain_sid
= NULL
;
1026 struct policy_handle domain_handle
;
1027 union samr_DispInfo info
;
1029 uint32_t total_size
= 0;
1030 uint32_t returned_size
= 0;
1032 NTSTATUS status
= NT_STATUS_OK
;
1035 ZERO_STRUCT(connect_handle
);
1036 ZERO_STRUCT(domain_handle
);
1038 switch (r
->in
.level
) {
1044 return WERR_UNKNOWN_LEVEL
;
1047 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
1048 if (!W_ERROR_IS_OK(werr
)) {
1052 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
1054 if (!W_ERROR_IS_OK(werr
)) {
1058 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1059 SAMR_ACCESS_ENUM_DOMAINS
|
1060 SAMR_ACCESS_OPEN_DOMAIN
,
1061 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
1062 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
|
1063 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1067 if (!W_ERROR_IS_OK(werr
)) {
1071 status
= rpccli_samr_QueryDisplayInfo2(pipe_cli
,
1076 r
->in
.entries_requested
,
1081 if (!NT_STATUS_IS_OK(status
)) {
1082 werr
= ntstatus_to_werror(status
);
1086 werr
= convert_samr_dispinfo_to_NET_DISPLAY(ctx
, &info
,
1088 r
->out
.entries_read
,
1096 if (NT_STATUS_IS_OK(status
) ||
1097 NT_STATUS_IS_ERR(status
)) {
1099 if (ctx
->disable_policy_handle_cache
) {
1100 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1101 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1109 /****************************************************************
1110 ****************************************************************/
1113 WERROR
NetQueryDisplayInformation_l(struct libnetapi_ctx
*ctx
,
1114 struct NetQueryDisplayInformation
*r
)
1116 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetQueryDisplayInformation
);
1119 /****************************************************************
1120 ****************************************************************/
1122 WERROR
NetUserChangePassword_r(struct libnetapi_ctx
*ctx
,
1123 struct NetUserChangePassword
*r
)
1125 return WERR_NOT_SUPPORTED
;
1128 /****************************************************************
1129 ****************************************************************/
1131 WERROR
NetUserChangePassword_l(struct libnetapi_ctx
*ctx
,
1132 struct NetUserChangePassword
*r
)
1134 return WERR_NOT_SUPPORTED
;
1137 /****************************************************************
1138 ****************************************************************/
1140 WERROR
NetUserGetInfo_r(struct libnetapi_ctx
*ctx
,
1141 struct NetUserGetInfo
*r
)
1143 struct cli_state
*cli
= NULL
;
1144 struct rpc_pipe_client
*pipe_cli
= NULL
;
1148 struct policy_handle connect_handle
, domain_handle
, builtin_handle
, user_handle
;
1149 struct lsa_String lsa_account_name
;
1150 struct dom_sid2
*domain_sid
= NULL
;
1151 struct samr_Ids user_rids
, name_types
;
1152 uint32_t num_entries
= 0;
1154 ZERO_STRUCT(connect_handle
);
1155 ZERO_STRUCT(domain_handle
);
1156 ZERO_STRUCT(builtin_handle
);
1157 ZERO_STRUCT(user_handle
);
1159 if (!r
->out
.buffer
) {
1160 return WERR_INVALID_PARAM
;
1163 switch (r
->in
.level
) {
1171 werr
= WERR_NOT_SUPPORTED
;
1175 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
1176 if (!W_ERROR_IS_OK(werr
)) {
1180 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
1182 if (!W_ERROR_IS_OK(werr
)) {
1186 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1187 SAMR_ACCESS_ENUM_DOMAINS
|
1188 SAMR_ACCESS_OPEN_DOMAIN
,
1189 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1193 if (!W_ERROR_IS_OK(werr
)) {
1197 werr
= libnetapi_samr_open_builtin_domain(ctx
, pipe_cli
,
1198 SAMR_ACCESS_ENUM_DOMAINS
|
1199 SAMR_ACCESS_OPEN_DOMAIN
,
1200 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
|
1201 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
,
1204 if (!W_ERROR_IS_OK(werr
)) {
1208 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
1210 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
1216 if (!NT_STATUS_IS_OK(status
)) {
1217 werr
= ntstatus_to_werror(status
);
1221 status
= libnetapi_samr_lookup_user_map_USER_INFO(ctx
, pipe_cli
,
1230 if (!NT_STATUS_IS_OK(status
)) {
1231 werr
= ntstatus_to_werror(status
);
1240 if (is_valid_policy_hnd(&user_handle
)) {
1241 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
1244 if (ctx
->disable_policy_handle_cache
) {
1245 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1246 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1252 /****************************************************************
1253 ****************************************************************/
1255 WERROR
NetUserGetInfo_l(struct libnetapi_ctx
*ctx
,
1256 struct NetUserGetInfo
*r
)
1258 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserGetInfo
);
1261 /****************************************************************
1262 ****************************************************************/
1264 WERROR
NetUserSetInfo_r(struct libnetapi_ctx
*ctx
,
1265 struct NetUserSetInfo
*r
)
1267 struct cli_state
*cli
= NULL
;
1268 struct rpc_pipe_client
*pipe_cli
= NULL
;
1272 struct policy_handle connect_handle
, domain_handle
, builtin_handle
, user_handle
;
1273 struct lsa_String lsa_account_name
;
1274 struct dom_sid2
*domain_sid
= NULL
;
1275 struct samr_Ids user_rids
, name_types
;
1276 union samr_UserInfo user_info
;
1278 struct USER_INFO_X uX
;
1280 ZERO_STRUCT(connect_handle
);
1281 ZERO_STRUCT(domain_handle
);
1282 ZERO_STRUCT(builtin_handle
);
1283 ZERO_STRUCT(user_handle
);
1285 if (!r
->in
.buffer
) {
1286 return WERR_INVALID_PARAM
;
1289 switch (r
->in
.level
) {
1294 werr
= WERR_NOT_SUPPORTED
;
1298 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
1299 if (!W_ERROR_IS_OK(werr
)) {
1303 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
1305 if (!W_ERROR_IS_OK(werr
)) {
1309 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1310 SAMR_ACCESS_ENUM_DOMAINS
|
1311 SAMR_ACCESS_OPEN_DOMAIN
,
1312 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
1313 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
,
1317 if (!W_ERROR_IS_OK(werr
)) {
1321 werr
= libnetapi_samr_open_builtin_domain(ctx
, pipe_cli
,
1322 SAMR_ACCESS_ENUM_DOMAINS
|
1323 SAMR_ACCESS_OPEN_DOMAIN
,
1324 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
|
1325 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
,
1328 if (!W_ERROR_IS_OK(werr
)) {
1332 init_lsa_String(&lsa_account_name
, r
->in
.user_name
);
1334 status
= rpccli_samr_LookupNames(pipe_cli
, ctx
,
1340 if (!NT_STATUS_IS_OK(status
)) {
1341 werr
= ntstatus_to_werror(status
);
1345 status
= rpccli_samr_OpenUser(pipe_cli
, ctx
,
1347 SAMR_USER_ACCESS_SET_ATTRIBUTES
,
1350 if (!NT_STATUS_IS_OK(status
)) {
1351 werr
= ntstatus_to_werror(status
);
1355 status
= construct_USER_INFO_X(r
->in
.level
, r
->in
.buffer
, &uX
);
1356 if (!NT_STATUS_IS_OK(status
)) {
1357 werr
= ntstatus_to_werror(status
);
1361 convert_USER_INFO_X_to_samr_user_info21(&uX
, &user_info
.info21
);
1363 status
= rpccli_samr_SetUserInfo(pipe_cli
, ctx
,
1367 if (!NT_STATUS_IS_OK(status
)) {
1368 werr
= ntstatus_to_werror(status
);
1379 if (is_valid_policy_hnd(&user_handle
)) {
1380 rpccli_samr_Close(pipe_cli
, ctx
, &user_handle
);
1383 if (ctx
->disable_policy_handle_cache
) {
1384 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1385 libnetapi_samr_close_builtin_handle(ctx
, &builtin_handle
);
1386 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1392 /****************************************************************
1393 ****************************************************************/
1395 WERROR
NetUserSetInfo_l(struct libnetapi_ctx
*ctx
,
1396 struct NetUserSetInfo
*r
)
1398 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserSetInfo
);
1401 /****************************************************************
1402 ****************************************************************/
1404 static NTSTATUS
query_USER_MODALS_INFO_rpc(TALLOC_CTX
*mem_ctx
,
1405 struct rpc_pipe_client
*pipe_cli
,
1406 struct policy_handle
*domain_handle
,
1407 struct samr_DomInfo1
*info1
,
1408 struct samr_DomInfo3
*info3
,
1409 struct samr_DomInfo5
*info5
,
1410 struct samr_DomInfo6
*info6
,
1411 struct samr_DomInfo7
*info7
,
1412 struct samr_DomInfo12
*info12
)
1415 union samr_DomainInfo
*dom_info
= NULL
;
1418 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1422 NT_STATUS_NOT_OK_RETURN(status
);
1424 *info1
= dom_info
->info1
;
1428 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1432 NT_STATUS_NOT_OK_RETURN(status
);
1434 *info3
= dom_info
->info3
;
1438 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1442 NT_STATUS_NOT_OK_RETURN(status
);
1444 *info5
= dom_info
->info5
;
1448 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1452 NT_STATUS_NOT_OK_RETURN(status
);
1454 *info6
= dom_info
->info6
;
1458 status
= rpccli_samr_QueryDomainInfo(pipe_cli
, mem_ctx
,
1462 NT_STATUS_NOT_OK_RETURN(status
);
1464 *info7
= dom_info
->info7
;
1468 status
= rpccli_samr_QueryDomainInfo2(pipe_cli
, mem_ctx
,
1472 NT_STATUS_NOT_OK_RETURN(status
);
1474 *info12
= dom_info
->info12
;
1477 return NT_STATUS_OK
;
1480 /****************************************************************
1481 ****************************************************************/
1483 static NTSTATUS
query_USER_MODALS_INFO_0(TALLOC_CTX
*mem_ctx
,
1484 struct rpc_pipe_client
*pipe_cli
,
1485 struct policy_handle
*domain_handle
,
1486 struct USER_MODALS_INFO_0
*info0
)
1489 struct samr_DomInfo1 dom_info1
;
1490 struct samr_DomInfo3 dom_info3
;
1492 ZERO_STRUCTP(info0
);
1494 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1503 NT_STATUS_NOT_OK_RETURN(status
);
1505 info0
->usrmod0_min_passwd_len
=
1506 dom_info1
.min_password_length
;
1507 info0
->usrmod0_max_passwd_age
=
1508 nt_time_to_unix_abs((NTTIME
*)&dom_info1
.max_password_age
);
1509 info0
->usrmod0_min_passwd_age
=
1510 nt_time_to_unix_abs((NTTIME
*)&dom_info1
.min_password_age
);
1511 info0
->usrmod0_password_hist_len
=
1512 dom_info1
.password_history_length
;
1514 info0
->usrmod0_force_logoff
=
1515 nt_time_to_unix_abs(&dom_info3
.force_logoff_time
);
1517 return NT_STATUS_OK
;
1520 /****************************************************************
1521 ****************************************************************/
1523 static NTSTATUS
query_USER_MODALS_INFO_1(TALLOC_CTX
*mem_ctx
,
1524 struct rpc_pipe_client
*pipe_cli
,
1525 struct policy_handle
*domain_handle
,
1526 struct USER_MODALS_INFO_1
*info1
)
1529 struct samr_DomInfo6 dom_info6
;
1530 struct samr_DomInfo7 dom_info7
;
1532 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1541 NT_STATUS_NOT_OK_RETURN(status
);
1543 info1
->usrmod1_primary
=
1544 talloc_strdup(mem_ctx
, dom_info6
.primary
.string
);
1546 info1
->usrmod1_role
= dom_info7
.role
;
1548 return NT_STATUS_OK
;
1551 /****************************************************************
1552 ****************************************************************/
1554 static NTSTATUS
query_USER_MODALS_INFO_2(TALLOC_CTX
*mem_ctx
,
1555 struct rpc_pipe_client
*pipe_cli
,
1556 struct policy_handle
*domain_handle
,
1557 struct dom_sid
*domain_sid
,
1558 struct USER_MODALS_INFO_2
*info2
)
1561 struct samr_DomInfo5 dom_info5
;
1563 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1572 NT_STATUS_NOT_OK_RETURN(status
);
1574 info2
->usrmod2_domain_name
=
1575 talloc_strdup(mem_ctx
, dom_info5
.domain_name
.string
);
1576 info2
->usrmod2_domain_id
=
1577 (struct domsid
*)sid_dup_talloc(mem_ctx
, domain_sid
);
1579 NT_STATUS_HAVE_NO_MEMORY(info2
->usrmod2_domain_name
);
1580 NT_STATUS_HAVE_NO_MEMORY(info2
->usrmod2_domain_id
);
1582 return NT_STATUS_OK
;
1585 /****************************************************************
1586 ****************************************************************/
1588 static NTSTATUS
query_USER_MODALS_INFO_3(TALLOC_CTX
*mem_ctx
,
1589 struct rpc_pipe_client
*pipe_cli
,
1590 struct policy_handle
*domain_handle
,
1591 struct USER_MODALS_INFO_3
*info3
)
1594 struct samr_DomInfo12 dom_info12
;
1596 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1605 NT_STATUS_NOT_OK_RETURN(status
);
1607 info3
->usrmod3_lockout_duration
=
1608 nt_time_to_unix_abs(&dom_info12
.lockout_duration
);
1609 info3
->usrmod3_lockout_observation_window
=
1610 nt_time_to_unix_abs(&dom_info12
.lockout_window
);
1611 info3
->usrmod3_lockout_threshold
=
1612 dom_info12
.lockout_threshold
;
1614 return NT_STATUS_OK
;
1617 /****************************************************************
1618 ****************************************************************/
1620 static NTSTATUS
query_USER_MODALS_INFO_to_buffer(TALLOC_CTX
*mem_ctx
,
1621 struct rpc_pipe_client
*pipe_cli
,
1623 struct policy_handle
*domain_handle
,
1624 struct dom_sid
*domain_sid
,
1629 struct USER_MODALS_INFO_0 info0
;
1630 struct USER_MODALS_INFO_1 info1
;
1631 struct USER_MODALS_INFO_2 info2
;
1632 struct USER_MODALS_INFO_3 info3
;
1635 return ERROR_INSUFFICIENT_BUFFER
;
1640 status
= query_USER_MODALS_INFO_0(mem_ctx
,
1644 NT_STATUS_NOT_OK_RETURN(status
);
1646 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info0
,
1651 status
= query_USER_MODALS_INFO_1(mem_ctx
,
1655 NT_STATUS_NOT_OK_RETURN(status
);
1657 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info1
,
1661 status
= query_USER_MODALS_INFO_2(mem_ctx
,
1666 NT_STATUS_NOT_OK_RETURN(status
);
1668 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info2
,
1672 status
= query_USER_MODALS_INFO_3(mem_ctx
,
1676 NT_STATUS_NOT_OK_RETURN(status
);
1678 *buffer
= (uint8_t *)talloc_memdup(mem_ctx
, &info3
,
1685 NT_STATUS_HAVE_NO_MEMORY(*buffer
);
1687 return NT_STATUS_OK
;
1690 /****************************************************************
1691 ****************************************************************/
1693 WERROR
NetUserModalsGet_r(struct libnetapi_ctx
*ctx
,
1694 struct NetUserModalsGet
*r
)
1696 struct cli_state
*cli
= NULL
;
1697 struct rpc_pipe_client
*pipe_cli
= NULL
;
1701 struct policy_handle connect_handle
, domain_handle
;
1702 struct dom_sid2
*domain_sid
= NULL
;
1703 uint32_t access_mask
= SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
;
1705 ZERO_STRUCT(connect_handle
);
1706 ZERO_STRUCT(domain_handle
);
1708 if (!r
->out
.buffer
) {
1709 return WERR_INVALID_PARAM
;
1712 switch (r
->in
.level
) {
1714 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
1715 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
;
1719 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
;
1722 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
;
1725 werr
= WERR_UNKNOWN_LEVEL
;
1729 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
1730 if (!W_ERROR_IS_OK(werr
)) {
1734 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
1736 if (!W_ERROR_IS_OK(werr
)) {
1740 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
1741 SAMR_ACCESS_ENUM_DOMAINS
|
1742 SAMR_ACCESS_OPEN_DOMAIN
,
1747 if (!W_ERROR_IS_OK(werr
)) {
1754 /* 3: 12 (DomainInfo2) */
1756 status
= query_USER_MODALS_INFO_to_buffer(ctx
,
1762 if (!NT_STATUS_IS_OK(status
)) {
1763 werr
= ntstatus_to_werror(status
);
1772 if (ctx
->disable_policy_handle_cache
) {
1773 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
1774 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
1780 /****************************************************************
1781 ****************************************************************/
1783 WERROR
NetUserModalsGet_l(struct libnetapi_ctx
*ctx
,
1784 struct NetUserModalsGet
*r
)
1786 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserModalsGet
);
1789 /****************************************************************
1790 ****************************************************************/
1792 static NTSTATUS
set_USER_MODALS_INFO_rpc(TALLOC_CTX
*mem_ctx
,
1793 struct rpc_pipe_client
*pipe_cli
,
1794 struct policy_handle
*domain_handle
,
1795 struct samr_DomInfo1
*info1
,
1796 struct samr_DomInfo3
*info3
,
1797 struct samr_DomInfo12
*info12
)
1800 union samr_DomainInfo dom_info
;
1804 ZERO_STRUCT(dom_info
);
1806 dom_info
.info1
= *info1
;
1808 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
1812 NT_STATUS_NOT_OK_RETURN(status
);
1817 ZERO_STRUCT(dom_info
);
1819 dom_info
.info3
= *info3
;
1821 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
1826 NT_STATUS_NOT_OK_RETURN(status
);
1831 ZERO_STRUCT(dom_info
);
1833 dom_info
.info12
= *info12
;
1835 status
= rpccli_samr_SetDomainInfo(pipe_cli
, mem_ctx
,
1840 NT_STATUS_NOT_OK_RETURN(status
);
1843 return NT_STATUS_OK
;
1846 /****************************************************************
1847 ****************************************************************/
1849 static NTSTATUS
set_USER_MODALS_INFO_0_buffer(TALLOC_CTX
*mem_ctx
,
1850 struct rpc_pipe_client
*pipe_cli
,
1851 struct policy_handle
*domain_handle
,
1852 struct USER_MODALS_INFO_0
*info0
)
1855 struct samr_DomInfo1 dom_info_1
;
1856 struct samr_DomInfo3 dom_info_3
;
1858 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1867 NT_STATUS_NOT_OK_RETURN(status
);
1869 dom_info_1
.min_password_length
=
1870 info0
->usrmod0_min_passwd_len
;
1871 dom_info_1
.password_history_length
=
1872 info0
->usrmod0_password_hist_len
;
1874 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.max_password_age
,
1875 info0
->usrmod0_max_passwd_age
);
1876 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.min_password_age
,
1877 info0
->usrmod0_min_passwd_age
);
1879 unix_to_nt_time_abs(&dom_info_3
.force_logoff_time
,
1880 info0
->usrmod0_force_logoff
);
1882 return set_USER_MODALS_INFO_rpc(mem_ctx
,
1890 /****************************************************************
1891 ****************************************************************/
1893 static NTSTATUS
set_USER_MODALS_INFO_3_buffer(TALLOC_CTX
*mem_ctx
,
1894 struct rpc_pipe_client
*pipe_cli
,
1895 struct policy_handle
*domain_handle
,
1896 struct USER_MODALS_INFO_3
*info3
)
1899 struct samr_DomInfo12 dom_info_12
;
1901 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1910 NT_STATUS_NOT_OK_RETURN(status
);
1912 unix_to_nt_time_abs((NTTIME
*)&dom_info_12
.lockout_duration
,
1913 info3
->usrmod3_lockout_duration
);
1914 unix_to_nt_time_abs((NTTIME
*)&dom_info_12
.lockout_window
,
1915 info3
->usrmod3_lockout_observation_window
);
1916 dom_info_12
.lockout_threshold
= info3
->usrmod3_lockout_threshold
;
1918 return set_USER_MODALS_INFO_rpc(mem_ctx
,
1926 /****************************************************************
1927 ****************************************************************/
1929 static NTSTATUS
set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX
*mem_ctx
,
1930 struct rpc_pipe_client
*pipe_cli
,
1931 struct policy_handle
*domain_handle
,
1932 struct USER_MODALS_INFO_1001
*info1001
)
1935 struct samr_DomInfo1 dom_info_1
;
1937 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1946 NT_STATUS_NOT_OK_RETURN(status
);
1948 dom_info_1
.min_password_length
=
1949 info1001
->usrmod1001_min_passwd_len
;
1951 return set_USER_MODALS_INFO_rpc(mem_ctx
,
1959 /****************************************************************
1960 ****************************************************************/
1962 static NTSTATUS
set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX
*mem_ctx
,
1963 struct rpc_pipe_client
*pipe_cli
,
1964 struct policy_handle
*domain_handle
,
1965 struct USER_MODALS_INFO_1002
*info1002
)
1968 struct samr_DomInfo1 dom_info_1
;
1970 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
1979 NT_STATUS_NOT_OK_RETURN(status
);
1981 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.max_password_age
,
1982 info1002
->usrmod1002_max_passwd_age
);
1984 return set_USER_MODALS_INFO_rpc(mem_ctx
,
1992 /****************************************************************
1993 ****************************************************************/
1995 static NTSTATUS
set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX
*mem_ctx
,
1996 struct rpc_pipe_client
*pipe_cli
,
1997 struct policy_handle
*domain_handle
,
1998 struct USER_MODALS_INFO_1003
*info1003
)
2001 struct samr_DomInfo1 dom_info_1
;
2003 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2012 NT_STATUS_NOT_OK_RETURN(status
);
2014 unix_to_nt_time_abs((NTTIME
*)&dom_info_1
.min_password_age
,
2015 info1003
->usrmod1003_min_passwd_age
);
2017 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2025 /****************************************************************
2026 ****************************************************************/
2028 static NTSTATUS
set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX
*mem_ctx
,
2029 struct rpc_pipe_client
*pipe_cli
,
2030 struct policy_handle
*domain_handle
,
2031 struct USER_MODALS_INFO_1004
*info1004
)
2034 struct samr_DomInfo3 dom_info_3
;
2036 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2045 NT_STATUS_NOT_OK_RETURN(status
);
2047 unix_to_nt_time_abs(&dom_info_3
.force_logoff_time
,
2048 info1004
->usrmod1004_force_logoff
);
2050 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2058 /****************************************************************
2059 ****************************************************************/
2061 static NTSTATUS
set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX
*mem_ctx
,
2062 struct rpc_pipe_client
*pipe_cli
,
2063 struct policy_handle
*domain_handle
,
2064 struct USER_MODALS_INFO_1005
*info1005
)
2067 struct samr_DomInfo1 dom_info_1
;
2069 status
= query_USER_MODALS_INFO_rpc(mem_ctx
,
2078 NT_STATUS_NOT_OK_RETURN(status
);
2080 dom_info_1
.password_history_length
=
2081 info1005
->usrmod1005_password_hist_len
;
2083 return set_USER_MODALS_INFO_rpc(mem_ctx
,
2091 /****************************************************************
2092 ****************************************************************/
2094 static NTSTATUS
set_USER_MODALS_INFO_buffer(TALLOC_CTX
*mem_ctx
,
2095 struct rpc_pipe_client
*pipe_cli
,
2097 struct policy_handle
*domain_handle
,
2098 struct dom_sid
*domain_sid
,
2101 struct USER_MODALS_INFO_0
*info0
;
2102 struct USER_MODALS_INFO_3
*info3
;
2103 struct USER_MODALS_INFO_1001
*info1001
;
2104 struct USER_MODALS_INFO_1002
*info1002
;
2105 struct USER_MODALS_INFO_1003
*info1003
;
2106 struct USER_MODALS_INFO_1004
*info1004
;
2107 struct USER_MODALS_INFO_1005
*info1005
;
2110 return ERROR_INSUFFICIENT_BUFFER
;
2115 info0
= (struct USER_MODALS_INFO_0
*)buffer
;
2116 return set_USER_MODALS_INFO_0_buffer(mem_ctx
,
2121 info3
= (struct USER_MODALS_INFO_3
*)buffer
;
2122 return set_USER_MODALS_INFO_3_buffer(mem_ctx
,
2127 info1001
= (struct USER_MODALS_INFO_1001
*)buffer
;
2128 return set_USER_MODALS_INFO_1001_buffer(mem_ctx
,
2133 info1002
= (struct USER_MODALS_INFO_1002
*)buffer
;
2134 return set_USER_MODALS_INFO_1002_buffer(mem_ctx
,
2139 info1003
= (struct USER_MODALS_INFO_1003
*)buffer
;
2140 return set_USER_MODALS_INFO_1003_buffer(mem_ctx
,
2145 info1004
= (struct USER_MODALS_INFO_1004
*)buffer
;
2146 return set_USER_MODALS_INFO_1004_buffer(mem_ctx
,
2151 info1005
= (struct USER_MODALS_INFO_1005
*)buffer
;
2152 return set_USER_MODALS_INFO_1005_buffer(mem_ctx
,
2161 return NT_STATUS_OK
;
2164 /****************************************************************
2165 ****************************************************************/
2167 WERROR
NetUserModalsSet_r(struct libnetapi_ctx
*ctx
,
2168 struct NetUserModalsSet
*r
)
2170 struct cli_state
*cli
= NULL
;
2171 struct rpc_pipe_client
*pipe_cli
= NULL
;
2175 struct policy_handle connect_handle
, domain_handle
;
2176 struct dom_sid2
*domain_sid
= NULL
;
2177 uint32_t access_mask
= SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
;
2179 ZERO_STRUCT(connect_handle
);
2180 ZERO_STRUCT(domain_handle
);
2182 if (!r
->in
.buffer
) {
2183 return WERR_INVALID_PARAM
;
2186 switch (r
->in
.level
) {
2188 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
2189 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
2190 SAMR_DOMAIN_ACCESS_SET_INFO_1
|
2191 SAMR_DOMAIN_ACCESS_SET_INFO_2
;
2198 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
|
2199 SAMR_DOMAIN_ACCESS_SET_INFO_1
;
2202 access_mask
|= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
|
2203 SAMR_DOMAIN_ACCESS_SET_INFO_2
;
2209 werr
= WERR_NOT_SUPPORTED
;
2212 werr
= WERR_UNKNOWN_LEVEL
;
2216 werr
= libnetapi_open_ipc_connection(ctx
, r
->in
.server_name
, &cli
);
2217 if (!W_ERROR_IS_OK(werr
)) {
2221 werr
= libnetapi_open_pipe(ctx
, cli
, &ndr_table_samr
.syntax_id
,
2223 if (!W_ERROR_IS_OK(werr
)) {
2227 werr
= libnetapi_samr_open_domain(ctx
, pipe_cli
,
2228 SAMR_ACCESS_ENUM_DOMAINS
|
2229 SAMR_ACCESS_OPEN_DOMAIN
,
2234 if (!W_ERROR_IS_OK(werr
)) {
2238 status
= set_USER_MODALS_INFO_buffer(ctx
,
2244 if (!NT_STATUS_IS_OK(status
)) {
2245 werr
= ntstatus_to_werror(status
);
2254 if (ctx
->disable_policy_handle_cache
) {
2255 libnetapi_samr_close_domain_handle(ctx
, &domain_handle
);
2256 libnetapi_samr_close_connect_handle(ctx
, &connect_handle
);
2262 /****************************************************************
2263 ****************************************************************/
2265 WERROR
NetUserModalsSet_l(struct libnetapi_ctx
*ctx
,
2266 struct NetUserModalsSet
*r
)
2268 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx
, r
, NetUserModalsSet
);