2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
27 /****************************************************************
28 ****************************************************************/
30 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX,
31 struct samr_UserInfo21 *info21)
33 uint32_t fields_present = 0;
34 struct samr_LogonHours zero_logon_hours;
35 struct lsa_BinaryString zero_parameters;
39 ZERO_STRUCT(zero_logon_hours);
40 ZERO_STRUCT(zero_parameters);
42 if (infoX->usriX_flags) {
43 fields_present |= SAMR_FIELD_ACCT_FLAGS;
45 if (infoX->usriX_name) {
46 fields_present |= SAMR_FIELD_ACCOUNT_NAME;
48 if (infoX->usriX_password) {
49 fields_present |= SAMR_FIELD_PASSWORD;
51 if (infoX->usriX_flags) {
52 fields_present |= SAMR_FIELD_ACCT_FLAGS;
54 if (infoX->usriX_name) {
55 fields_present |= SAMR_FIELD_FULL_NAME;
57 if (infoX->usriX_home_dir) {
58 fields_present |= SAMR_FIELD_HOME_DIRECTORY;
60 if (infoX->usriX_script_path) {
61 fields_present |= SAMR_FIELD_LOGON_SCRIPT;
63 if (infoX->usriX_comment) {
64 fields_present |= SAMR_FIELD_DESCRIPTION;
66 if (infoX->usriX_password_age) {
67 fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
69 if (infoX->usriX_full_name) {
70 fields_present |= SAMR_FIELD_FULL_NAME;
72 if (infoX->usriX_usr_comment) {
73 fields_present |= SAMR_FIELD_COMMENT;
76 unix_to_nt_time_abs(&password_age, infoX->usriX_password_age);
78 /* TODO: infoX->usriX_priv */
79 init_samr_user_info21(info21,
87 infoX->usriX_full_name,
88 infoX->usriX_home_dir,
90 infoX->usriX_script_path,
94 infoX->usriX_usr_comment,
110 /****************************************************************
111 ****************************************************************/
113 static NTSTATUS construct_USER_INFO_X(uint32_t level,
115 struct USER_INFO_X *uX)
117 struct USER_INFO_0 *u0 = NULL;
118 struct USER_INFO_1 *u1 = NULL;
119 struct USER_INFO_2 *u2 = NULL;
120 struct USER_INFO_1003 *u1003 = NULL;
121 struct USER_INFO_1007 *u1007 = NULL;
122 struct USER_INFO_1009 *u1009 = NULL;
123 struct USER_INFO_1011 *u1011 = NULL;
124 struct USER_INFO_1012 *u1012 = NULL;
126 if (!buffer || !uX) {
127 return NT_STATUS_INVALID_PARAMETER;
134 u0 = (struct USER_INFO_0 *)buffer;
135 uX->usriX_name = u0->usri0_name;
138 u1 = (struct USER_INFO_1 *)buffer;
139 uX->usriX_name = u1->usri1_name;
140 uX->usriX_password = u1->usri1_password;
141 uX->usriX_password_age = u1->usri1_password_age;
142 uX->usriX_priv = u1->usri1_priv;
143 uX->usriX_home_dir = u1->usri1_home_dir;
144 uX->usriX_comment = u1->usri1_comment;
145 uX->usriX_flags = u1->usri1_flags;
146 uX->usriX_script_path = u1->usri1_script_path;
149 u2 = (struct USER_INFO_2 *)buffer;
150 uX->usriX_name = u2->usri2_name;
151 uX->usriX_password = u2->usri2_password;
152 uX->usriX_password_age = u2->usri2_password_age;
153 uX->usriX_priv = u2->usri2_priv;
154 uX->usriX_home_dir = u2->usri2_home_dir;
155 uX->usriX_comment = u2->usri2_comment;
156 uX->usriX_flags = u2->usri2_flags;
157 uX->usriX_script_path = u2->usri2_script_path;
158 uX->usriX_auth_flags = u2->usri2_auth_flags;
159 uX->usriX_full_name = u2->usri2_full_name;
160 uX->usriX_usr_comment = u2->usri2_usr_comment;
161 uX->usriX_parms = u2->usri2_parms;
162 uX->usriX_workstations = u2->usri2_workstations;
163 uX->usriX_last_logon = u2->usri2_last_logon;
164 uX->usriX_last_logoff = u2->usri2_last_logoff;
165 uX->usriX_acct_expires = u2->usri2_acct_expires;
166 uX->usriX_max_storage = u2->usri2_max_storage;
167 uX->usriX_units_per_week= u2->usri2_units_per_week;
168 uX->usriX_logon_hours = u2->usri2_logon_hours;
169 uX->usriX_bad_pw_count = u2->usri2_bad_pw_count;
170 uX->usriX_num_logons = u2->usri2_num_logons;
171 uX->usriX_logon_server = u2->usri2_logon_server;
172 uX->usriX_country_code = u2->usri2_country_code;
173 uX->usriX_code_page = u2->usri2_code_page;
176 u1003 = (struct USER_INFO_1003 *)buffer;
177 uX->usriX_password = u1003->usri1003_password;
180 u1007 = (struct USER_INFO_1007 *)buffer;
181 uX->usriX_comment = u1007->usri1007_comment;
184 u1009 = (struct USER_INFO_1009 *)buffer;
185 uX->usriX_script_path = u1009->usri1009_script_path;
188 u1011 = (struct USER_INFO_1011 *)buffer;
189 uX->usriX_full_name = u1011->usri1011_full_name;
192 u1012 = (struct USER_INFO_1012 *)buffer;
193 uX->usriX_usr_comment = u1012->usri1012_usr_comment;
198 return NT_STATUS_INVALID_INFO_CLASS;
204 /****************************************************************
205 ****************************************************************/
207 static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx,
208 struct rpc_pipe_client *pipe_cli,
209 DATA_BLOB *session_key,
210 struct policy_handle *user_handle,
211 struct USER_INFO_X *uX)
213 union samr_UserInfo user_info;
214 struct samr_UserInfo21 info21;
218 return NT_STATUS_INVALID_PARAMETER;
221 convert_USER_INFO_X_to_samr_user_info21(uX, &info21);
223 ZERO_STRUCT(user_info);
225 if (uX->usriX_password) {
227 user_info.info25.info = info21;
229 init_samr_CryptPasswordEx(uX->usriX_password,
231 &user_info.info25.password);
233 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
238 if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
240 user_info.info23.info = info21;
242 init_samr_CryptPassword(uX->usriX_password,
244 &user_info.info23.password);
246 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
253 user_info.info21 = info21;
255 status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
264 /****************************************************************
265 ****************************************************************/
267 WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
268 struct NetUserAdd *r)
270 struct cli_state *cli = NULL;
271 struct rpc_pipe_client *pipe_cli = NULL;
274 POLICY_HND connect_handle, domain_handle, user_handle;
275 struct lsa_String lsa_account_name;
276 struct dom_sid2 *domain_sid = NULL;
277 union samr_UserInfo *user_info = NULL;
278 struct samr_PwInfo pw_info;
279 uint32_t access_granted = 0;
281 struct USER_INFO_X uX;
283 ZERO_STRUCT(connect_handle);
284 ZERO_STRUCT(domain_handle);
285 ZERO_STRUCT(user_handle);
288 return WERR_INVALID_PARAM;
291 switch (r->in.level) {
298 werr = WERR_NOT_SUPPORTED;
302 werr = libnetapi_open_pipe(ctx, r->in.server_name,
303 &ndr_table_samr.syntax_id,
306 if (!W_ERROR_IS_OK(werr)) {
310 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
311 if (!NT_STATUS_IS_OK(status)) {
312 werr = ntstatus_to_werror(status);
316 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
317 SAMR_ACCESS_ENUM_DOMAINS |
318 SAMR_ACCESS_OPEN_DOMAIN,
319 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
320 SAMR_DOMAIN_ACCESS_CREATE_USER |
321 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
325 if (!W_ERROR_IS_OK(werr)) {
329 init_lsa_String(&lsa_account_name, uX.usriX_name);
331 status = rpccli_samr_CreateUser2(pipe_cli, ctx,
337 SAMR_USER_ACCESS_SET_PASSWORD |
338 SAMR_USER_ACCESS_SET_ATTRIBUTES |
339 SAMR_USER_ACCESS_GET_ATTRIBUTES,
343 if (!NT_STATUS_IS_OK(status)) {
344 werr = ntstatus_to_werror(status);
348 status = rpccli_samr_QueryUserInfo(pipe_cli, ctx,
352 if (!NT_STATUS_IS_OK(status)) {
353 werr = ntstatus_to_werror(status);
357 if (!(user_info->info16.acct_flags & ACB_NORMAL)) {
358 werr = WERR_INVALID_PARAM;
362 status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx,
365 if (!NT_STATUS_IS_OK(status)) {
366 werr = ntstatus_to_werror(status);
370 uX.usriX_flags |= ACB_NORMAL;
372 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
373 &cli->user_session_key,
376 if (!NT_STATUS_IS_OK(status)) {
377 werr = ntstatus_to_werror(status);
385 rpccli_samr_DeleteUser(pipe_cli, ctx,
393 if (is_valid_policy_hnd(&user_handle)) {
394 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
397 if (ctx->disable_policy_handle_cache) {
398 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
399 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
405 /****************************************************************
406 ****************************************************************/
408 WERROR NetUserAdd_l(struct libnetapi_ctx *ctx,
409 struct NetUserAdd *r)
411 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserAdd);
414 /****************************************************************
415 ****************************************************************/
417 WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
418 struct NetUserDel *r)
420 struct cli_state *cli = NULL;
421 struct rpc_pipe_client *pipe_cli = NULL;
424 POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle;
425 struct lsa_String lsa_account_name;
426 struct samr_Ids user_rids, name_types;
427 struct dom_sid2 *domain_sid = NULL;
428 struct dom_sid2 user_sid;
430 ZERO_STRUCT(connect_handle);
431 ZERO_STRUCT(builtin_handle);
432 ZERO_STRUCT(domain_handle);
433 ZERO_STRUCT(user_handle);
435 werr = libnetapi_open_pipe(ctx, r->in.server_name,
436 &ndr_table_samr.syntax_id,
440 if (!W_ERROR_IS_OK(werr)) {
444 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
445 SAMR_ACCESS_ENUM_DOMAINS |
446 SAMR_ACCESS_OPEN_DOMAIN,
447 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
451 if (!W_ERROR_IS_OK(werr)) {
455 status = rpccli_samr_OpenDomain(pipe_cli, ctx,
457 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
458 CONST_DISCARD(DOM_SID *, &global_sid_Builtin),
460 if (!NT_STATUS_IS_OK(status)) {
461 werr = ntstatus_to_werror(status);
465 init_lsa_String(&lsa_account_name, r->in.user_name);
467 status = rpccli_samr_LookupNames(pipe_cli, ctx,
473 if (!NT_STATUS_IS_OK(status)) {
474 werr = ntstatus_to_werror(status);
478 status = rpccli_samr_OpenUser(pipe_cli, ctx,
480 STD_RIGHT_DELETE_ACCESS,
483 if (!NT_STATUS_IS_OK(status)) {
484 werr = ntstatus_to_werror(status);
488 sid_compose(&user_sid, domain_sid, user_rids.ids[0]);
490 status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx,
493 if (!NT_STATUS_IS_OK(status)) {
494 werr = ntstatus_to_werror(status);
498 status = rpccli_samr_DeleteUser(pipe_cli, ctx,
500 if (!NT_STATUS_IS_OK(status)) {
501 werr = ntstatus_to_werror(status);
512 if (is_valid_policy_hnd(&user_handle)) {
513 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
516 if (ctx->disable_policy_handle_cache) {
517 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
518 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
519 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
525 /****************************************************************
526 ****************************************************************/
528 WERROR NetUserDel_l(struct libnetapi_ctx *ctx,
529 struct NetUserDel *r)
531 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserDel);
534 /****************************************************************
535 ****************************************************************/
537 static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
538 struct rpc_pipe_client *pipe_cli,
539 struct policy_handle *domain_handle,
540 struct policy_handle *builtin_handle,
541 const char *user_name,
544 struct samr_UserInfo21 **info21,
545 struct sec_desc_buf **sec_desc)
549 struct policy_handle user_handle;
550 union samr_UserInfo *user_info = NULL;
551 struct samr_RidWithAttributeArray *rid_array = NULL;
552 uint32_t access_mask = SEC_STD_READ_CONTROL |
553 SAMR_USER_ACCESS_GET_ATTRIBUTES |
554 SAMR_USER_ACCESS_GET_NAME_ETC;
556 ZERO_STRUCT(user_handle);
569 return NT_STATUS_INVALID_LEVEL;
576 status = rpccli_samr_OpenUser(pipe_cli, mem_ctx,
581 if (!NT_STATUS_IS_OK(status)) {
585 status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx,
589 if (!NT_STATUS_IS_OK(status)) {
593 status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx,
597 if (!NT_STATUS_IS_OK(status)) {
602 status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx,
605 if (!NT_STATUS_IS_OK(status)) {
610 status = rpccli_samr_GetAliasMembership(pipe_cli, ctx,
614 if (!NT_STATUS_IS_OK(status)) {
620 *info21 = &user_info->info21;
623 if (is_valid_policy_hnd(&user_handle)) {
624 rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle);
630 /****************************************************************
631 ****************************************************************/
633 static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx,
634 struct rpc_pipe_client *pipe_cli,
635 struct dom_sid *domain_sid,
636 struct policy_handle *domain_handle,
637 struct policy_handle *builtin_handle,
638 const char *user_name,
642 uint32_t *num_entries)
646 struct samr_UserInfo21 *info21 = NULL;
647 struct sec_desc_buf *sec_desc = NULL;
650 struct USER_INFO_0 info0;
651 struct USER_INFO_10 info10;
652 struct USER_INFO_20 info20;
653 struct USER_INFO_23 info23;
666 return NT_STATUS_INVALID_LEVEL;
670 info0.usri0_name = talloc_strdup(mem_ctx, user_name);
671 NT_STATUS_HAVE_NO_MEMORY(info0.usri0_name);
673 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, info0,
674 (struct USER_INFO_0 **)buffer, num_entries);
679 status = libnetapi_samr_lookup_user(mem_ctx, pipe_cli,
688 if (!NT_STATUS_IS_OK(status)) {
694 info10.usri10_name = talloc_strdup(mem_ctx, user_name);
695 NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name);
697 info10.usri10_comment = talloc_strdup(mem_ctx,
698 info21->description.string);
700 info10.usri10_full_name = talloc_strdup(mem_ctx,
701 info21->full_name.string);
703 info10.usri10_usr_comment = talloc_strdup(mem_ctx,
704 info21->comment.string);
706 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10,
707 (struct USER_INFO_10 **)buffer, num_entries);
712 info20.usri20_name = talloc_strdup(mem_ctx, user_name);
713 NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name);
715 info20.usri20_comment = talloc_strdup(mem_ctx,
716 info21->description.string);
718 info20.usri20_full_name = talloc_strdup(mem_ctx,
719 info21->full_name.string);
721 info20.usri20_flags = info21->acct_flags;
722 info20.usri20_user_id = rid;
724 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20,
725 (struct USER_INFO_20 **)buffer, num_entries);
729 info23.usri23_name = talloc_strdup(mem_ctx, user_name);
730 NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name);
732 info23.usri23_comment = talloc_strdup(mem_ctx,
733 info21->description.string);
735 info23.usri23_full_name = talloc_strdup(mem_ctx,
736 info21->full_name.string);
738 info23.usri23_flags = info21->acct_flags;
740 if (!sid_compose(&sid, domain_sid, rid)) {
741 return NT_STATUS_NO_MEMORY;
744 info23.usri23_user_sid =
745 (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
747 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23,
748 (struct USER_INFO_23 **)buffer, num_entries);
756 /****************************************************************
757 ****************************************************************/
759 WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
760 struct NetUserEnum *r)
762 struct cli_state *cli = NULL;
763 struct rpc_pipe_client *pipe_cli = NULL;
764 struct policy_handle connect_handle;
765 struct dom_sid2 *domain_sid = NULL;
766 struct policy_handle domain_handle;
767 struct samr_SamArray *sam = NULL;
768 uint32_t filter = ACB_NORMAL;
770 uint32_t entries_read = 0;
772 NTSTATUS status = NT_STATUS_OK;
775 ZERO_STRUCT(connect_handle);
776 ZERO_STRUCT(domain_handle);
778 if (!r->out.buffer) {
779 return WERR_INVALID_PARAM;
782 *r->out.buffer = NULL;
783 *r->out.entries_read = 0;
785 switch (r->in.level) {
796 return WERR_NOT_SUPPORTED;
799 werr = libnetapi_open_pipe(ctx, r->in.server_name,
800 &ndr_table_samr.syntax_id,
803 if (!W_ERROR_IS_OK(werr)) {
807 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
808 SAMR_ACCESS_ENUM_DOMAINS |
809 SAMR_ACCESS_OPEN_DOMAIN,
810 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
811 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
812 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
816 if (!W_ERROR_IS_OK(werr)) {
820 switch (r->in.filter) {
821 case FILTER_NORMAL_ACCOUNT:
824 case FILTER_TEMP_DUPLICATE_ACCOUNT:
825 filter = ACB_TEMPDUP;
827 case FILTER_INTERDOMAIN_TRUST_ACCOUNT:
828 filter = ACB_DOMTRUST;
830 case FILTER_WORKSTATION_TRUST_ACCOUNT:
831 filter = ACB_WSTRUST;
833 case FILTER_SERVER_TRUST_ACCOUNT:
834 filter = ACB_SVRTRUST;
840 status = rpccli_samr_EnumDomainUsers(pipe_cli,
848 werr = ntstatus_to_werror(status);
849 if (NT_STATUS_IS_ERR(status)) {
853 for (i=0; i < sam->count; i++) {
855 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
858 NULL, /*&builtin_handle, */
859 sam->entries[i].name.string,
863 r->out.entries_read);
864 if (!NT_STATUS_IS_OK(status)) {
865 werr = ntstatus_to_werror(status);
876 if (NT_STATUS_IS_OK(status) ||
877 NT_STATUS_IS_ERR(status)) {
879 if (ctx->disable_policy_handle_cache) {
880 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
881 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
888 /****************************************************************
889 ****************************************************************/
891 WERROR NetUserEnum_l(struct libnetapi_ctx *ctx,
892 struct NetUserEnum *r)
894 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserEnum);
897 /****************************************************************
898 ****************************************************************/
900 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx,
901 struct samr_DispInfoGeneral *info,
902 uint32_t *entries_read,
905 struct NET_DISPLAY_USER *user = NULL;
908 user = TALLOC_ZERO_ARRAY(mem_ctx,
909 struct NET_DISPLAY_USER,
911 W_ERROR_HAVE_NO_MEMORY(user);
913 for (i = 0; i < info->count; i++) {
914 user[i].usri1_name = talloc_strdup(mem_ctx,
915 info->entries[i].account_name.string);
916 user[i].usri1_comment = talloc_strdup(mem_ctx,
917 info->entries[i].description.string);
918 user[i].usri1_flags =
919 info->entries[i].acct_flags;
920 user[i].usri1_full_name = talloc_strdup(mem_ctx,
921 info->entries[i].full_name.string);
922 user[i].usri1_user_id =
923 info->entries[i].rid;
924 user[i].usri1_next_index =
925 info->entries[i].idx;
927 if (!user[i].usri1_name) {
932 *buffer = talloc_memdup(mem_ctx, user,
933 sizeof(struct NET_DISPLAY_USER) * info->count);
934 W_ERROR_HAVE_NO_MEMORY(*buffer);
936 *entries_read = info->count;
941 /****************************************************************
942 ****************************************************************/
944 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx,
945 struct samr_DispInfoFull *info,
946 uint32_t *entries_read,
949 struct NET_DISPLAY_MACHINE *machine = NULL;
952 machine = TALLOC_ZERO_ARRAY(mem_ctx,
953 struct NET_DISPLAY_MACHINE,
955 W_ERROR_HAVE_NO_MEMORY(machine);
957 for (i = 0; i < info->count; i++) {
958 machine[i].usri2_name = talloc_strdup(mem_ctx,
959 info->entries[i].account_name.string);
960 machine[i].usri2_comment = talloc_strdup(mem_ctx,
961 info->entries[i].description.string);
962 machine[i].usri2_flags =
963 info->entries[i].acct_flags;
964 machine[i].usri2_user_id =
965 info->entries[i].rid;
966 machine[i].usri2_next_index =
967 info->entries[i].idx;
969 if (!machine[i].usri2_name) {
974 *buffer = talloc_memdup(mem_ctx, machine,
975 sizeof(struct NET_DISPLAY_MACHINE) * info->count);
976 W_ERROR_HAVE_NO_MEMORY(*buffer);
978 *entries_read = info->count;
983 /****************************************************************
984 ****************************************************************/
986 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx,
987 struct samr_DispInfoFullGroups *info,
988 uint32_t *entries_read,
991 struct NET_DISPLAY_GROUP *group = NULL;
994 group = TALLOC_ZERO_ARRAY(mem_ctx,
995 struct NET_DISPLAY_GROUP,
997 W_ERROR_HAVE_NO_MEMORY(group);
999 for (i = 0; i < info->count; i++) {
1000 group[i].grpi3_name = talloc_strdup(mem_ctx,
1001 info->entries[i].account_name.string);
1002 group[i].grpi3_comment = talloc_strdup(mem_ctx,
1003 info->entries[i].description.string);
1004 group[i].grpi3_group_id =
1005 info->entries[i].rid;
1006 group[i].grpi3_attributes =
1007 info->entries[i].acct_flags;
1008 group[i].grpi3_next_index =
1009 info->entries[i].idx;
1011 if (!group[i].grpi3_name) {
1016 *buffer = talloc_memdup(mem_ctx, group,
1017 sizeof(struct NET_DISPLAY_GROUP) * info->count);
1018 W_ERROR_HAVE_NO_MEMORY(*buffer);
1020 *entries_read = info->count;
1026 /****************************************************************
1027 ****************************************************************/
1029 static WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx,
1030 union samr_DispInfo *info,
1032 uint32_t *entries_read,
1037 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx,
1042 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx,
1047 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx,
1052 return WERR_UNKNOWN_LEVEL;
1058 /****************************************************************
1059 ****************************************************************/
1061 WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
1062 struct NetQueryDisplayInformation *r)
1064 struct cli_state *cli = NULL;
1065 struct rpc_pipe_client *pipe_cli = NULL;
1066 struct policy_handle connect_handle;
1067 struct dom_sid2 *domain_sid = NULL;
1068 struct policy_handle domain_handle;
1069 union samr_DispInfo info;
1071 uint32_t total_size = 0;
1072 uint32_t returned_size = 0;
1074 NTSTATUS status = NT_STATUS_OK;
1077 ZERO_STRUCT(connect_handle);
1078 ZERO_STRUCT(domain_handle);
1080 switch (r->in.level) {
1086 return WERR_UNKNOWN_LEVEL;
1089 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1090 &ndr_table_samr.syntax_id,
1093 if (!W_ERROR_IS_OK(werr)) {
1097 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1098 SAMR_ACCESS_ENUM_DOMAINS |
1099 SAMR_ACCESS_OPEN_DOMAIN,
1100 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1101 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1102 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1106 if (!W_ERROR_IS_OK(werr)) {
1110 status = rpccli_samr_QueryDisplayInfo2(pipe_cli,
1115 r->in.entries_requested,
1120 if (!NT_STATUS_IS_OK(status)) {
1121 werr = ntstatus_to_werror(status);
1125 werr = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
1127 r->out.entries_read,
1135 if (NT_STATUS_IS_OK(status) ||
1136 NT_STATUS_IS_ERR(status)) {
1138 if (ctx->disable_policy_handle_cache) {
1139 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1140 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1148 /****************************************************************
1149 ****************************************************************/
1152 WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx,
1153 struct NetQueryDisplayInformation *r)
1155 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetQueryDisplayInformation);
1158 /****************************************************************
1159 ****************************************************************/
1161 WERROR NetUserChangePassword_r(struct libnetapi_ctx *ctx,
1162 struct NetUserChangePassword *r)
1164 return WERR_NOT_SUPPORTED;
1167 /****************************************************************
1168 ****************************************************************/
1170 WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx,
1171 struct NetUserChangePassword *r)
1173 return WERR_NOT_SUPPORTED;
1176 /****************************************************************
1177 ****************************************************************/
1179 WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
1180 struct NetUserGetInfo *r)
1182 struct cli_state *cli = NULL;
1183 struct rpc_pipe_client *pipe_cli = NULL;
1187 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1188 struct lsa_String lsa_account_name;
1189 struct dom_sid2 *domain_sid = NULL;
1190 struct samr_Ids user_rids, name_types;
1191 uint32_t num_entries = 0;
1193 ZERO_STRUCT(connect_handle);
1194 ZERO_STRUCT(domain_handle);
1195 ZERO_STRUCT(builtin_handle);
1196 ZERO_STRUCT(user_handle);
1198 if (!r->out.buffer) {
1199 return WERR_INVALID_PARAM;
1202 switch (r->in.level) {
1210 werr = WERR_NOT_SUPPORTED;
1214 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1215 &ndr_table_samr.syntax_id,
1218 if (!W_ERROR_IS_OK(werr)) {
1222 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1223 SAMR_ACCESS_ENUM_DOMAINS |
1224 SAMR_ACCESS_OPEN_DOMAIN,
1225 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1229 if (!W_ERROR_IS_OK(werr)) {
1233 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1234 SAMR_ACCESS_ENUM_DOMAINS |
1235 SAMR_ACCESS_OPEN_DOMAIN,
1236 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1237 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1240 if (!W_ERROR_IS_OK(werr)) {
1244 init_lsa_String(&lsa_account_name, r->in.user_name);
1246 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1252 if (!NT_STATUS_IS_OK(status)) {
1253 werr = ntstatus_to_werror(status);
1257 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1266 if (!NT_STATUS_IS_OK(status)) {
1267 werr = ntstatus_to_werror(status);
1276 if (is_valid_policy_hnd(&user_handle)) {
1277 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1280 if (ctx->disable_policy_handle_cache) {
1281 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1282 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1288 /****************************************************************
1289 ****************************************************************/
1291 WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx,
1292 struct NetUserGetInfo *r)
1294 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetInfo);
1297 /****************************************************************
1298 ****************************************************************/
1300 WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
1301 struct NetUserSetInfo *r)
1303 struct cli_state *cli = NULL;
1304 struct rpc_pipe_client *pipe_cli = NULL;
1308 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1309 struct lsa_String lsa_account_name;
1310 struct dom_sid2 *domain_sid = NULL;
1311 struct samr_Ids user_rids, name_types;
1312 uint32_t user_mask = 0;
1314 struct USER_INFO_X uX;
1316 ZERO_STRUCT(connect_handle);
1317 ZERO_STRUCT(domain_handle);
1318 ZERO_STRUCT(builtin_handle);
1319 ZERO_STRUCT(user_handle);
1321 if (!r->in.buffer) {
1322 return WERR_INVALID_PARAM;
1325 switch (r->in.level) {
1328 user_mask = SAMR_USER_ACCESS_SET_PASSWORD;
1333 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES;
1336 user_mask = SAMR_USER_ACCESS_SET_LOC_COM;
1339 werr = WERR_NOT_SUPPORTED;
1343 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1344 &ndr_table_samr.syntax_id,
1347 if (!W_ERROR_IS_OK(werr)) {
1351 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1352 SAMR_ACCESS_ENUM_DOMAINS |
1353 SAMR_ACCESS_OPEN_DOMAIN,
1354 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1355 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1359 if (!W_ERROR_IS_OK(werr)) {
1363 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1364 SAMR_ACCESS_ENUM_DOMAINS |
1365 SAMR_ACCESS_OPEN_DOMAIN,
1366 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1367 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1370 if (!W_ERROR_IS_OK(werr)) {
1374 init_lsa_String(&lsa_account_name, r->in.user_name);
1376 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1382 if (!NT_STATUS_IS_OK(status)) {
1383 werr = ntstatus_to_werror(status);
1387 status = rpccli_samr_OpenUser(pipe_cli, ctx,
1392 if (!NT_STATUS_IS_OK(status)) {
1393 werr = ntstatus_to_werror(status);
1397 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
1398 if (!NT_STATUS_IS_OK(status)) {
1399 werr = ntstatus_to_werror(status);
1403 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
1404 &cli->user_session_key,
1407 if (!NT_STATUS_IS_OK(status)) {
1408 werr = ntstatus_to_werror(status);
1419 if (is_valid_policy_hnd(&user_handle)) {
1420 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1423 if (ctx->disable_policy_handle_cache) {
1424 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1425 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1426 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1432 /****************************************************************
1433 ****************************************************************/
1435 WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx,
1436 struct NetUserSetInfo *r)
1438 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetInfo);
1441 /****************************************************************
1442 ****************************************************************/
1444 static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1445 struct rpc_pipe_client *pipe_cli,
1446 struct policy_handle *domain_handle,
1447 struct samr_DomInfo1 *info1,
1448 struct samr_DomInfo3 *info3,
1449 struct samr_DomInfo5 *info5,
1450 struct samr_DomInfo6 *info6,
1451 struct samr_DomInfo7 *info7,
1452 struct samr_DomInfo12 *info12)
1455 union samr_DomainInfo *dom_info = NULL;
1458 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1462 NT_STATUS_NOT_OK_RETURN(status);
1464 *info1 = dom_info->info1;
1468 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1472 NT_STATUS_NOT_OK_RETURN(status);
1474 *info3 = dom_info->info3;
1478 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1482 NT_STATUS_NOT_OK_RETURN(status);
1484 *info5 = dom_info->info5;
1488 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1492 NT_STATUS_NOT_OK_RETURN(status);
1494 *info6 = dom_info->info6;
1498 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1502 NT_STATUS_NOT_OK_RETURN(status);
1504 *info7 = dom_info->info7;
1508 status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx,
1512 NT_STATUS_NOT_OK_RETURN(status);
1514 *info12 = dom_info->info12;
1517 return NT_STATUS_OK;
1520 /****************************************************************
1521 ****************************************************************/
1523 static NTSTATUS query_USER_MODALS_INFO_0(TALLOC_CTX *mem_ctx,
1524 struct rpc_pipe_client *pipe_cli,
1525 struct policy_handle *domain_handle,
1526 struct USER_MODALS_INFO_0 *info0)
1529 struct samr_DomInfo1 dom_info1;
1530 struct samr_DomInfo3 dom_info3;
1532 ZERO_STRUCTP(info0);
1534 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1543 NT_STATUS_NOT_OK_RETURN(status);
1545 info0->usrmod0_min_passwd_len =
1546 dom_info1.min_password_length;
1547 info0->usrmod0_max_passwd_age =
1548 nt_time_to_unix_abs((NTTIME *)&dom_info1.max_password_age);
1549 info0->usrmod0_min_passwd_age =
1550 nt_time_to_unix_abs((NTTIME *)&dom_info1.min_password_age);
1551 info0->usrmod0_password_hist_len =
1552 dom_info1.password_history_length;
1554 info0->usrmod0_force_logoff =
1555 nt_time_to_unix_abs(&dom_info3.force_logoff_time);
1557 return NT_STATUS_OK;
1560 /****************************************************************
1561 ****************************************************************/
1563 static NTSTATUS query_USER_MODALS_INFO_1(TALLOC_CTX *mem_ctx,
1564 struct rpc_pipe_client *pipe_cli,
1565 struct policy_handle *domain_handle,
1566 struct USER_MODALS_INFO_1 *info1)
1569 struct samr_DomInfo6 dom_info6;
1570 struct samr_DomInfo7 dom_info7;
1572 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1581 NT_STATUS_NOT_OK_RETURN(status);
1583 info1->usrmod1_primary =
1584 talloc_strdup(mem_ctx, dom_info6.primary.string);
1586 info1->usrmod1_role = dom_info7.role;
1588 return NT_STATUS_OK;
1591 /****************************************************************
1592 ****************************************************************/
1594 static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
1595 struct rpc_pipe_client *pipe_cli,
1596 struct policy_handle *domain_handle,
1597 struct dom_sid *domain_sid,
1598 struct USER_MODALS_INFO_2 *info2)
1601 struct samr_DomInfo5 dom_info5;
1603 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1612 NT_STATUS_NOT_OK_RETURN(status);
1614 info2->usrmod2_domain_name =
1615 talloc_strdup(mem_ctx, dom_info5.domain_name.string);
1616 info2->usrmod2_domain_id =
1617 (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
1619 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
1620 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
1622 return NT_STATUS_OK;
1625 /****************************************************************
1626 ****************************************************************/
1628 static NTSTATUS query_USER_MODALS_INFO_3(TALLOC_CTX *mem_ctx,
1629 struct rpc_pipe_client *pipe_cli,
1630 struct policy_handle *domain_handle,
1631 struct USER_MODALS_INFO_3 *info3)
1634 struct samr_DomInfo12 dom_info12;
1636 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1645 NT_STATUS_NOT_OK_RETURN(status);
1647 info3->usrmod3_lockout_duration =
1648 nt_time_to_unix_abs(&dom_info12.lockout_duration);
1649 info3->usrmod3_lockout_observation_window =
1650 nt_time_to_unix_abs(&dom_info12.lockout_window);
1651 info3->usrmod3_lockout_threshold =
1652 dom_info12.lockout_threshold;
1654 return NT_STATUS_OK;
1657 /****************************************************************
1658 ****************************************************************/
1660 static NTSTATUS query_USER_MODALS_INFO_to_buffer(TALLOC_CTX *mem_ctx,
1661 struct rpc_pipe_client *pipe_cli,
1663 struct policy_handle *domain_handle,
1664 struct dom_sid *domain_sid,
1669 struct USER_MODALS_INFO_0 info0;
1670 struct USER_MODALS_INFO_1 info1;
1671 struct USER_MODALS_INFO_2 info2;
1672 struct USER_MODALS_INFO_3 info3;
1675 return ERROR_INSUFFICIENT_BUFFER;
1680 status = query_USER_MODALS_INFO_0(mem_ctx,
1684 NT_STATUS_NOT_OK_RETURN(status);
1686 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0,
1691 status = query_USER_MODALS_INFO_1(mem_ctx,
1695 NT_STATUS_NOT_OK_RETURN(status);
1697 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1,
1701 status = query_USER_MODALS_INFO_2(mem_ctx,
1706 NT_STATUS_NOT_OK_RETURN(status);
1708 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2,
1712 status = query_USER_MODALS_INFO_3(mem_ctx,
1716 NT_STATUS_NOT_OK_RETURN(status);
1718 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3,
1725 NT_STATUS_HAVE_NO_MEMORY(*buffer);
1727 return NT_STATUS_OK;
1730 /****************************************************************
1731 ****************************************************************/
1733 WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx,
1734 struct NetUserModalsGet *r)
1736 struct cli_state *cli = NULL;
1737 struct rpc_pipe_client *pipe_cli = NULL;
1741 struct policy_handle connect_handle, domain_handle;
1742 struct dom_sid2 *domain_sid = NULL;
1743 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
1745 ZERO_STRUCT(connect_handle);
1746 ZERO_STRUCT(domain_handle);
1748 if (!r->out.buffer) {
1749 return WERR_INVALID_PARAM;
1752 switch (r->in.level) {
1754 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1755 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
1759 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
1762 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1;
1765 werr = WERR_UNKNOWN_LEVEL;
1769 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1770 &ndr_table_samr.syntax_id,
1773 if (!W_ERROR_IS_OK(werr)) {
1777 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1778 SAMR_ACCESS_ENUM_DOMAINS |
1779 SAMR_ACCESS_OPEN_DOMAIN,
1784 if (!W_ERROR_IS_OK(werr)) {
1791 /* 3: 12 (DomainInfo2) */
1793 status = query_USER_MODALS_INFO_to_buffer(ctx,
1799 if (!NT_STATUS_IS_OK(status)) {
1800 werr = ntstatus_to_werror(status);
1809 if (ctx->disable_policy_handle_cache) {
1810 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1811 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1817 /****************************************************************
1818 ****************************************************************/
1820 WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx,
1821 struct NetUserModalsGet *r)
1823 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsGet);
1826 /****************************************************************
1827 ****************************************************************/
1829 static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1830 struct rpc_pipe_client *pipe_cli,
1831 struct policy_handle *domain_handle,
1832 struct samr_DomInfo1 *info1,
1833 struct samr_DomInfo3 *info3,
1834 struct samr_DomInfo12 *info12)
1837 union samr_DomainInfo dom_info;
1841 ZERO_STRUCT(dom_info);
1843 dom_info.info1 = *info1;
1845 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1849 NT_STATUS_NOT_OK_RETURN(status);
1854 ZERO_STRUCT(dom_info);
1856 dom_info.info3 = *info3;
1858 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1863 NT_STATUS_NOT_OK_RETURN(status);
1868 ZERO_STRUCT(dom_info);
1870 dom_info.info12 = *info12;
1872 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1877 NT_STATUS_NOT_OK_RETURN(status);
1880 return NT_STATUS_OK;
1883 /****************************************************************
1884 ****************************************************************/
1886 static NTSTATUS set_USER_MODALS_INFO_0_buffer(TALLOC_CTX *mem_ctx,
1887 struct rpc_pipe_client *pipe_cli,
1888 struct policy_handle *domain_handle,
1889 struct USER_MODALS_INFO_0 *info0)
1892 struct samr_DomInfo1 dom_info_1;
1893 struct samr_DomInfo3 dom_info_3;
1895 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1904 NT_STATUS_NOT_OK_RETURN(status);
1906 dom_info_1.min_password_length =
1907 info0->usrmod0_min_passwd_len;
1908 dom_info_1.password_history_length =
1909 info0->usrmod0_password_hist_len;
1911 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
1912 info0->usrmod0_max_passwd_age);
1913 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
1914 info0->usrmod0_min_passwd_age);
1916 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
1917 info0->usrmod0_force_logoff);
1919 return set_USER_MODALS_INFO_rpc(mem_ctx,
1927 /****************************************************************
1928 ****************************************************************/
1930 static NTSTATUS set_USER_MODALS_INFO_3_buffer(TALLOC_CTX *mem_ctx,
1931 struct rpc_pipe_client *pipe_cli,
1932 struct policy_handle *domain_handle,
1933 struct USER_MODALS_INFO_3 *info3)
1936 struct samr_DomInfo12 dom_info_12;
1938 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1947 NT_STATUS_NOT_OK_RETURN(status);
1949 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_duration,
1950 info3->usrmod3_lockout_duration);
1951 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_window,
1952 info3->usrmod3_lockout_observation_window);
1953 dom_info_12.lockout_threshold = info3->usrmod3_lockout_threshold;
1955 return set_USER_MODALS_INFO_rpc(mem_ctx,
1963 /****************************************************************
1964 ****************************************************************/
1966 static NTSTATUS set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX *mem_ctx,
1967 struct rpc_pipe_client *pipe_cli,
1968 struct policy_handle *domain_handle,
1969 struct USER_MODALS_INFO_1001 *info1001)
1972 struct samr_DomInfo1 dom_info_1;
1974 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1983 NT_STATUS_NOT_OK_RETURN(status);
1985 dom_info_1.min_password_length =
1986 info1001->usrmod1001_min_passwd_len;
1988 return set_USER_MODALS_INFO_rpc(mem_ctx,
1996 /****************************************************************
1997 ****************************************************************/
1999 static NTSTATUS set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX *mem_ctx,
2000 struct rpc_pipe_client *pipe_cli,
2001 struct policy_handle *domain_handle,
2002 struct USER_MODALS_INFO_1002 *info1002)
2005 struct samr_DomInfo1 dom_info_1;
2007 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2016 NT_STATUS_NOT_OK_RETURN(status);
2018 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2019 info1002->usrmod1002_max_passwd_age);
2021 return set_USER_MODALS_INFO_rpc(mem_ctx,
2029 /****************************************************************
2030 ****************************************************************/
2032 static NTSTATUS set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX *mem_ctx,
2033 struct rpc_pipe_client *pipe_cli,
2034 struct policy_handle *domain_handle,
2035 struct USER_MODALS_INFO_1003 *info1003)
2038 struct samr_DomInfo1 dom_info_1;
2040 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2049 NT_STATUS_NOT_OK_RETURN(status);
2051 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2052 info1003->usrmod1003_min_passwd_age);
2054 return set_USER_MODALS_INFO_rpc(mem_ctx,
2062 /****************************************************************
2063 ****************************************************************/
2065 static NTSTATUS set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX *mem_ctx,
2066 struct rpc_pipe_client *pipe_cli,
2067 struct policy_handle *domain_handle,
2068 struct USER_MODALS_INFO_1004 *info1004)
2071 struct samr_DomInfo3 dom_info_3;
2073 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2082 NT_STATUS_NOT_OK_RETURN(status);
2084 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2085 info1004->usrmod1004_force_logoff);
2087 return set_USER_MODALS_INFO_rpc(mem_ctx,
2095 /****************************************************************
2096 ****************************************************************/
2098 static NTSTATUS set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX *mem_ctx,
2099 struct rpc_pipe_client *pipe_cli,
2100 struct policy_handle *domain_handle,
2101 struct USER_MODALS_INFO_1005 *info1005)
2104 struct samr_DomInfo1 dom_info_1;
2106 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2115 NT_STATUS_NOT_OK_RETURN(status);
2117 dom_info_1.password_history_length =
2118 info1005->usrmod1005_password_hist_len;
2120 return set_USER_MODALS_INFO_rpc(mem_ctx,
2128 /****************************************************************
2129 ****************************************************************/
2131 static NTSTATUS set_USER_MODALS_INFO_buffer(TALLOC_CTX *mem_ctx,
2132 struct rpc_pipe_client *pipe_cli,
2134 struct policy_handle *domain_handle,
2135 struct dom_sid *domain_sid,
2138 struct USER_MODALS_INFO_0 *info0;
2139 struct USER_MODALS_INFO_3 *info3;
2140 struct USER_MODALS_INFO_1001 *info1001;
2141 struct USER_MODALS_INFO_1002 *info1002;
2142 struct USER_MODALS_INFO_1003 *info1003;
2143 struct USER_MODALS_INFO_1004 *info1004;
2144 struct USER_MODALS_INFO_1005 *info1005;
2147 return ERROR_INSUFFICIENT_BUFFER;
2152 info0 = (struct USER_MODALS_INFO_0 *)buffer;
2153 return set_USER_MODALS_INFO_0_buffer(mem_ctx,
2158 info3 = (struct USER_MODALS_INFO_3 *)buffer;
2159 return set_USER_MODALS_INFO_3_buffer(mem_ctx,
2164 info1001 = (struct USER_MODALS_INFO_1001 *)buffer;
2165 return set_USER_MODALS_INFO_1001_buffer(mem_ctx,
2170 info1002 = (struct USER_MODALS_INFO_1002 *)buffer;
2171 return set_USER_MODALS_INFO_1002_buffer(mem_ctx,
2176 info1003 = (struct USER_MODALS_INFO_1003 *)buffer;
2177 return set_USER_MODALS_INFO_1003_buffer(mem_ctx,
2182 info1004 = (struct USER_MODALS_INFO_1004 *)buffer;
2183 return set_USER_MODALS_INFO_1004_buffer(mem_ctx,
2188 info1005 = (struct USER_MODALS_INFO_1005 *)buffer;
2189 return set_USER_MODALS_INFO_1005_buffer(mem_ctx,
2198 return NT_STATUS_OK;
2201 /****************************************************************
2202 ****************************************************************/
2204 WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx,
2205 struct NetUserModalsSet *r)
2207 struct cli_state *cli = NULL;
2208 struct rpc_pipe_client *pipe_cli = NULL;
2212 struct policy_handle connect_handle, domain_handle;
2213 struct dom_sid2 *domain_sid = NULL;
2214 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2216 ZERO_STRUCT(connect_handle);
2217 ZERO_STRUCT(domain_handle);
2219 if (!r->in.buffer) {
2220 return WERR_INVALID_PARAM;
2223 switch (r->in.level) {
2225 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2226 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2227 SAMR_DOMAIN_ACCESS_SET_INFO_1 |
2228 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2235 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2236 SAMR_DOMAIN_ACCESS_SET_INFO_1;
2239 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2240 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2246 werr = WERR_NOT_SUPPORTED;
2249 werr = WERR_UNKNOWN_LEVEL;
2253 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2254 &ndr_table_samr.syntax_id,
2257 if (!W_ERROR_IS_OK(werr)) {
2261 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2262 SAMR_ACCESS_ENUM_DOMAINS |
2263 SAMR_ACCESS_OPEN_DOMAIN,
2268 if (!W_ERROR_IS_OK(werr)) {
2272 status = set_USER_MODALS_INFO_buffer(ctx,
2278 if (!NT_STATUS_IS_OK(status)) {
2279 werr = ntstatus_to_werror(status);
2288 if (ctx->disable_policy_handle_cache) {
2289 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2290 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2296 /****************************************************************
2297 ****************************************************************/
2299 WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx,
2300 struct NetUserModalsSet *r)
2302 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet);