s3-samr: Fix _samr_Connect5(). In error case it still needs to return empty info1.
[samba.git] / source3 / rpc_server / srv_samr_nt.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell                   1992-1997,
5  *  Copyright (C) Luke Kenneth Casson Leighton      1996-1997,
6  *  Copyright (C) Paul Ashton                       1997,
7  *  Copyright (C) Marc Jacobsen                     1999,
8  *  Copyright (C) Jeremy Allison                    2001-2008,
9  *  Copyright (C) Jean François Micouleau           1998-2001,
10  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002,
11  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
12  *  Copyright (C) Simo Sorce                        2003.
13  *  Copyright (C) Volker Lendecke                   2005.
14  *  Copyright (C) Guenther Deschner                 2008.
15  *
16  *  This program is free software; you can redistribute it and/or modify
17  *  it under the terms of the GNU General Public License as published by
18  *  the Free Software Foundation; either version 3 of the License, or
19  *  (at your option) any later version.
20  *
21  *  This program is distributed in the hope that it will be useful,
22  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  *  GNU General Public License for more details.
25  *
26  *  You should have received a copy of the GNU General Public License
27  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
28  */
29
30 /*
31  * This is the implementation of the SAMR code.
32  */
33
34 #include "includes.h"
35 #include "../libcli/auth/libcli_auth.h"
36
37 #undef DBGC_CLASS
38 #define DBGC_CLASS DBGC_RPC_SRV
39
40 #define SAMR_USR_RIGHTS_WRITE_PW \
41                 ( READ_CONTROL_ACCESS           | \
42                   SAMR_USER_ACCESS_CHANGE_PASSWORD      | \
43                   SAMR_USER_ACCESS_SET_LOC_COM)
44 #define SAMR_USR_RIGHTS_CANT_WRITE_PW \
45                 ( READ_CONTROL_ACCESS | SAMR_USER_ACCESS_SET_LOC_COM )
46
47 #define DISP_INFO_CACHE_TIMEOUT 10
48
49 #define MAX_SAM_ENTRIES_W2K 0x400 /* 1024 */
50 #define MAX_SAM_ENTRIES_W95 50
51
52 struct samr_connect_info {
53         uint8_t dummy;
54 };
55
56 struct samr_domain_info {
57         struct dom_sid sid;
58         struct disp_info *disp_info;
59 };
60
61 struct samr_user_info {
62         struct dom_sid sid;
63 };
64
65 struct samr_group_info {
66         struct dom_sid sid;
67 };
68
69 struct samr_alias_info {
70         struct dom_sid sid;
71 };
72
73 typedef struct disp_info {
74         DOM_SID sid; /* identify which domain this is. */
75         struct pdb_search *users; /* querydispinfo 1 and 4 */
76         struct pdb_search *machines; /* querydispinfo 2 */
77         struct pdb_search *groups; /* querydispinfo 3 and 5, enumgroups */
78         struct pdb_search *aliases; /* enumaliases */
79
80         uint16 enum_acb_mask;
81         struct pdb_search *enum_users; /* enumusers with a mask */
82
83         struct timed_event *cache_timeout_event; /* cache idle timeout
84                                                   * handler. */
85 } DISP_INFO;
86
87 static const struct generic_mapping sam_generic_mapping = {
88         GENERIC_RIGHTS_SAM_READ,
89         GENERIC_RIGHTS_SAM_WRITE,
90         GENERIC_RIGHTS_SAM_EXECUTE,
91         GENERIC_RIGHTS_SAM_ALL_ACCESS};
92 static const struct generic_mapping dom_generic_mapping = {
93         GENERIC_RIGHTS_DOMAIN_READ,
94         GENERIC_RIGHTS_DOMAIN_WRITE,
95         GENERIC_RIGHTS_DOMAIN_EXECUTE,
96         GENERIC_RIGHTS_DOMAIN_ALL_ACCESS};
97 static const struct generic_mapping usr_generic_mapping = {
98         GENERIC_RIGHTS_USER_READ,
99         GENERIC_RIGHTS_USER_WRITE,
100         GENERIC_RIGHTS_USER_EXECUTE,
101         GENERIC_RIGHTS_USER_ALL_ACCESS};
102 static const struct generic_mapping usr_nopwchange_generic_mapping = {
103         GENERIC_RIGHTS_USER_READ,
104         GENERIC_RIGHTS_USER_WRITE,
105         GENERIC_RIGHTS_USER_EXECUTE & ~SAMR_USER_ACCESS_CHANGE_PASSWORD,
106         GENERIC_RIGHTS_USER_ALL_ACCESS};
107 static const struct generic_mapping grp_generic_mapping = {
108         GENERIC_RIGHTS_GROUP_READ,
109         GENERIC_RIGHTS_GROUP_WRITE,
110         GENERIC_RIGHTS_GROUP_EXECUTE,
111         GENERIC_RIGHTS_GROUP_ALL_ACCESS};
112 static const struct generic_mapping ali_generic_mapping = {
113         GENERIC_RIGHTS_ALIAS_READ,
114         GENERIC_RIGHTS_ALIAS_WRITE,
115         GENERIC_RIGHTS_ALIAS_EXECUTE,
116         GENERIC_RIGHTS_ALIAS_ALL_ACCESS};
117
118 /*******************************************************************
119 *******************************************************************/
120
121 static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
122                                      const struct generic_mapping *map,
123                                      DOM_SID *sid, uint32 sid_access )
124 {
125         DOM_SID domadmin_sid;
126         SEC_ACE ace[5];         /* at most 5 entries */
127         size_t i = 0;
128
129         SEC_ACL *psa = NULL;
130
131         /* basic access for Everyone */
132
133         init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED,
134                         map->generic_execute | map->generic_read, 0);
135
136         /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
137
138         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
139                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
140         init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators,
141                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
142
143         /* Add Full Access for Domain Admins if we are a DC */
144
145         if ( IS_DC ) {
146                 sid_copy( &domadmin_sid, get_global_sam_sid() );
147                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
148                 init_sec_ace(&ace[i++], &domadmin_sid,
149                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
150         }
151
152         /* if we have a sid, give it some special access */
153
154         if ( sid ) {
155                 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sid_access, 0);
156         }
157
158         /* create the security descriptor */
159
160         if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
161                 return NT_STATUS_NO_MEMORY;
162
163         if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
164                                   SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
165                                   psa, sd_size)) == NULL)
166                 return NT_STATUS_NO_MEMORY;
167
168         return NT_STATUS_OK;
169 }
170
171 /*******************************************************************
172  Checks if access to an object should be granted, and returns that
173  level of access for further checks.
174 ********************************************************************/
175
176 static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token,
177                                           SE_PRIV *rights, uint32 rights_mask,
178                                           uint32 des_access, uint32 *acc_granted,
179                                           const char *debug )
180 {
181         NTSTATUS status = NT_STATUS_ACCESS_DENIED;
182         uint32 saved_mask = 0;
183
184         /* check privileges; certain SAM access bits should be overridden
185            by privileges (mostly having to do with creating/modifying/deleting
186            users and groups) */
187
188         if ( rights && user_has_any_privilege( token, rights ) ) {
189
190                 saved_mask = (des_access & rights_mask);
191                 des_access &= ~saved_mask;
192
193                 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n",
194                         rights_mask));
195         }
196
197
198         /* check the security descriptor first */
199
200         status = se_access_check(psd, token, des_access, acc_granted);
201         if (NT_STATUS_IS_OK(status)) {
202                 goto done;
203         }
204
205         /* give root a free pass */
206
207         if ( geteuid() == sec_initial_uid() ) {
208
209                 DEBUG(4,("%s: ACCESS should be DENIED  (requested: %#010x)\n", debug, des_access));
210                 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n"));
211
212                 *acc_granted = des_access;
213
214                 status = NT_STATUS_OK;
215                 goto done;
216         }
217
218
219 done:
220         /* add in any bits saved during the privilege check (only
221            matters is status is ok) */
222
223         *acc_granted |= rights_mask;
224
225         DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n",
226                 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED",
227                 des_access, *acc_granted));
228
229         return status;
230 }
231
232
233 /*******************************************************************
234  Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
235 ********************************************************************/
236
237 static void map_max_allowed_access(const NT_USER_TOKEN *token,
238                                         uint32_t *pacc_requested)
239 {
240         if (!((*pacc_requested) & MAXIMUM_ALLOWED_ACCESS)) {
241                 return;
242         }
243         *pacc_requested &= ~MAXIMUM_ALLOWED_ACCESS;
244
245         /* At least try for generic read. */
246         *pacc_requested = GENERIC_READ_ACCESS;
247
248         /* root gets anything. */
249         if (geteuid() == sec_initial_uid()) {
250                 *pacc_requested |= GENERIC_ALL_ACCESS;
251                 return;
252         }
253
254         /* Full Access for 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
255
256         if (is_sid_in_token(token, &global_sid_Builtin_Administrators) ||
257                         is_sid_in_token(token, &global_sid_Builtin_Account_Operators)) {
258                 *pacc_requested |= GENERIC_ALL_ACCESS;
259                 return;
260         }
261
262         /* Full access for DOMAIN\Domain Admins. */
263         if ( IS_DC ) {
264                 DOM_SID domadmin_sid;
265                 sid_copy( &domadmin_sid, get_global_sam_sid() );
266                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
267                 if (is_sid_in_token(token, &domadmin_sid)) {
268                         *pacc_requested |= GENERIC_ALL_ACCESS;
269                         return;
270                 }
271         }
272         /* TODO ! Check privileges. */
273 }
274
275 /*******************************************************************
276  Fetch or create a dispinfo struct.
277 ********************************************************************/
278
279 static DISP_INFO *get_samr_dispinfo_by_sid(const struct dom_sid *psid)
280 {
281         /*
282          * We do a static cache for DISP_INFO's here. Explanation can be found
283          * in Jeremy's checkin message to r11793:
284          *
285          * Fix the SAMR cache so it works across completely insane
286          * client behaviour (ie.:
287          * open pipe/open SAMR handle/enumerate 0 - 1024
288          * close SAMR handle, close pipe.
289          * open pipe/open SAMR handle/enumerate 1024 - 2048...
290          * close SAMR handle, close pipe.
291          * And on ad-nausium. Amazing.... probably object-oriented
292          * client side programming in action yet again.
293          * This change should *massively* improve performance when
294          * enumerating users from an LDAP database.
295          * Jeremy.
296          *
297          * "Our" and the builtin domain are the only ones where we ever
298          * enumerate stuff, so just cache 2 entries.
299          */
300
301         static struct disp_info *builtin_dispinfo;
302         static struct disp_info *domain_dispinfo;
303
304         /* There are two cases to consider here:
305            1) The SID is a domain SID and we look for an equality match, or
306            2) This is an account SID and so we return the DISP_INFO* for our
307               domain */
308
309         if (psid == NULL) {
310                 return NULL;
311         }
312
313         if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) {
314                 /*
315                  * Necessary only once, but it does not really hurt.
316                  */
317                 if (builtin_dispinfo == NULL) {
318                         builtin_dispinfo = talloc_zero(
319                                 talloc_autofree_context(), struct disp_info);
320                         if (builtin_dispinfo == NULL) {
321                                 return NULL;
322                         }
323                 }
324                 sid_copy(&builtin_dispinfo->sid, &global_sid_Builtin);
325
326                 return builtin_dispinfo;
327         }
328
329         if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
330                 /*
331                  * Necessary only once, but it does not really hurt.
332                  */
333                 if (domain_dispinfo == NULL) {
334                         domain_dispinfo = talloc_zero(
335                                 talloc_autofree_context(), struct disp_info);
336                         if (domain_dispinfo == NULL) {
337                                 return NULL;
338                         }
339                 }
340                 sid_copy(&domain_dispinfo->sid, get_global_sam_sid());
341
342                 return domain_dispinfo;
343         }
344
345         return NULL;
346 }
347
348 /*******************************************************************
349  Function to free the per SID data.
350  ********************************************************************/
351
352 static void free_samr_cache(DISP_INFO *disp_info)
353 {
354         DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
355                    sid_string_dbg(&disp_info->sid)));
356
357         /* We need to become root here because the paged search might have to
358          * tell the LDAP server we're not interested in the rest anymore. */
359
360         become_root();
361
362         TALLOC_FREE(disp_info->users);
363         TALLOC_FREE(disp_info->machines);
364         TALLOC_FREE(disp_info->groups);
365         TALLOC_FREE(disp_info->aliases);
366         TALLOC_FREE(disp_info->enum_users);
367
368         unbecome_root();
369 }
370
371 /*******************************************************************
372  Idle event handler. Throw away the disp info cache.
373  ********************************************************************/
374
375 static void disp_info_cache_idle_timeout_handler(struct event_context *ev_ctx,
376                                                  struct timed_event *te,
377                                                  struct timeval now,
378                                                  void *private_data)
379 {
380         DISP_INFO *disp_info = (DISP_INFO *)private_data;
381
382         TALLOC_FREE(disp_info->cache_timeout_event);
383
384         DEBUG(10, ("disp_info_cache_idle_timeout_handler: caching timed "
385                    "out\n"));
386         free_samr_cache(disp_info);
387 }
388
389 /*******************************************************************
390  Setup cache removal idle event handler.
391  ********************************************************************/
392
393 static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
394 {
395         /* Remove any pending timeout and update. */
396
397         TALLOC_FREE(disp_info->cache_timeout_event);
398
399         DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
400                   "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
401                   (unsigned int)secs_fromnow ));
402
403         disp_info->cache_timeout_event = event_add_timed(
404                 smbd_event_context(), NULL,
405                 timeval_current_ofs(secs_fromnow, 0),
406                 disp_info_cache_idle_timeout_handler, (void *)disp_info);
407 }
408
409 /*******************************************************************
410  Force flush any cache. We do this on any samr_set_xxx call.
411  We must also remove the timeout handler.
412  ********************************************************************/
413
414 static void force_flush_samr_cache(const struct dom_sid *sid)
415 {
416         struct disp_info *disp_info = get_samr_dispinfo_by_sid(sid);
417
418         if ((disp_info == NULL) || (disp_info->cache_timeout_event == NULL)) {
419                 return;
420         }
421
422         DEBUG(10,("force_flush_samr_cache: clearing idle event\n"));
423         TALLOC_FREE(disp_info->cache_timeout_event);
424         free_samr_cache(disp_info);
425 }
426
427 /*******************************************************************
428  Ensure password info is never given out. Paranioa... JRA.
429  ********************************************************************/
430
431 static void samr_clear_sam_passwd(struct samu *sam_pass)
432 {
433
434         if (!sam_pass)
435                 return;
436
437         /* These now zero out the old password */
438
439         pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
440         pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
441 }
442
443 static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
444 {
445         struct samr_displayentry *entry;
446
447         if (sid_check_is_builtin(&info->sid)) {
448                 /* No users in builtin. */
449                 return 0;
450         }
451
452         if (info->users == NULL) {
453                 info->users = pdb_search_users(info, acct_flags);
454                 if (info->users == NULL) {
455                         return 0;
456                 }
457         }
458         /* Fetch the last possible entry, thus trigger an enumeration */
459         pdb_search_entries(info->users, 0xffffffff, 1, &entry);
460
461         /* Ensure we cache this enumeration. */
462         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
463
464         return info->users->num_entries;
465 }
466
467 static uint32 count_sam_groups(struct disp_info *info)
468 {
469         struct samr_displayentry *entry;
470
471         if (sid_check_is_builtin(&info->sid)) {
472                 /* No groups in builtin. */
473                 return 0;
474         }
475
476         if (info->groups == NULL) {
477                 info->groups = pdb_search_groups(info);
478                 if (info->groups == NULL) {
479                         return 0;
480                 }
481         }
482         /* Fetch the last possible entry, thus trigger an enumeration */
483         pdb_search_entries(info->groups, 0xffffffff, 1, &entry);
484
485         /* Ensure we cache this enumeration. */
486         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
487
488         return info->groups->num_entries;
489 }
490
491 static uint32 count_sam_aliases(struct disp_info *info)
492 {
493         struct samr_displayentry *entry;
494
495         if (info->aliases == NULL) {
496                 info->aliases = pdb_search_aliases(info, &info->sid);
497                 if (info->aliases == NULL) {
498                         return 0;
499                 }
500         }
501         /* Fetch the last possible entry, thus trigger an enumeration */
502         pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
503
504         /* Ensure we cache this enumeration. */
505         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
506
507         return info->aliases->num_entries;
508 }
509
510 /*******************************************************************
511  _samr_Close
512  ********************************************************************/
513
514 NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r)
515 {
516         if (!close_policy_hnd(p, r->in.handle)) {
517                 return NT_STATUS_INVALID_HANDLE;
518         }
519
520         ZERO_STRUCTP(r->out.handle);
521
522         return NT_STATUS_OK;
523 }
524
525 /*******************************************************************
526  _samr_OpenDomain
527  ********************************************************************/
528
529 NTSTATUS _samr_OpenDomain(pipes_struct *p,
530                           struct samr_OpenDomain *r)
531 {
532         struct samr_connect_info *cinfo;
533         struct samr_domain_info *dinfo;
534         SEC_DESC *psd = NULL;
535         uint32    acc_granted;
536         uint32    des_access = r->in.access_mask;
537         NTSTATUS  status;
538         size_t    sd_size;
539         SE_PRIV se_rights;
540
541         /* find the connection policy handle. */
542
543         cinfo = policy_handle_find(p, r->in.connect_handle, 0, NULL,
544                                    struct samr_connect_info, &status);
545         if (!NT_STATUS_IS_OK(status)) {
546                 return status;
547         }
548
549         /*check if access can be granted as requested by client. */
550         map_max_allowed_access(p->server_info->ptok, &des_access);
551
552         make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 );
553         se_map_generic( &des_access, &dom_generic_mapping );
554
555         se_priv_copy( &se_rights, &se_machine_account );
556         se_priv_add( &se_rights, &se_add_users );
557
558         status = access_check_samr_object( psd, p->server_info->ptok,
559                 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access,
560                 &acc_granted, "_samr_OpenDomain" );
561
562         if ( !NT_STATUS_IS_OK(status) )
563                 return status;
564
565         if (!sid_check_is_domain(r->in.sid) &&
566             !sid_check_is_builtin(r->in.sid)) {
567                 return NT_STATUS_NO_SUCH_DOMAIN;
568         }
569
570         dinfo = policy_handle_create(p, r->out.domain_handle, acc_granted,
571                                      struct samr_domain_info, &status);
572         if (!NT_STATUS_IS_OK(status)) {
573                 return status;
574         }
575         dinfo->sid = *r->in.sid;
576         dinfo->disp_info = get_samr_dispinfo_by_sid(r->in.sid);
577
578         DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__));
579
580         return NT_STATUS_OK;
581 }
582
583 /*******************************************************************
584  _samr_GetUserPwInfo
585  ********************************************************************/
586
587 NTSTATUS _samr_GetUserPwInfo(pipes_struct *p,
588                              struct samr_GetUserPwInfo *r)
589 {
590         struct samr_user_info *uinfo;
591         enum lsa_SidType sid_type;
592         uint32_t min_password_length = 0;
593         uint32_t password_properties = 0;
594         bool ret = false;
595         NTSTATUS status;
596
597         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
598
599         uinfo = policy_handle_find(p, r->in.user_handle,
600                                    SAMR_USER_ACCESS_GET_ATTRIBUTES, NULL,
601                                    struct samr_user_info, &status);
602         if (!NT_STATUS_IS_OK(status)) {
603                 return status;
604         }
605
606         if (!sid_check_is_in_our_domain(&uinfo->sid)) {
607                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
608         }
609
610         become_root();
611         ret = lookup_sid(p->mem_ctx, &uinfo->sid, NULL, NULL, &sid_type);
612         unbecome_root();
613         if (ret == false) {
614                 return NT_STATUS_NO_SUCH_USER;
615         }
616
617         switch (sid_type) {
618                 case SID_NAME_USER:
619                         become_root();
620                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
621                                                &min_password_length);
622                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
623                                                &password_properties);
624                         unbecome_root();
625
626                         if (lp_check_password_script() && *lp_check_password_script()) {
627                                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
628                         }
629
630                         break;
631                 default:
632                         break;
633         }
634
635         r->out.info->min_password_length = min_password_length;
636         r->out.info->password_properties = password_properties;
637
638         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
639
640         return NT_STATUS_OK;
641 }
642
643 /*******************************************************************
644  _samr_SetSecurity
645  ********************************************************************/
646
647 NTSTATUS _samr_SetSecurity(pipes_struct *p,
648                            struct samr_SetSecurity *r)
649 {
650         struct samr_user_info *uinfo;
651         uint32 i;
652         SEC_ACL *dacl;
653         bool ret;
654         struct samu *sampass=NULL;
655         NTSTATUS status;
656
657         uinfo = policy_handle_find(p, r->in.handle,
658                                    SAMR_USER_ACCESS_SET_ATTRIBUTES, NULL,
659                                    struct samr_user_info, &status);
660         if (!NT_STATUS_IS_OK(status)) {
661                 return status;
662         }
663
664         if (!(sampass = samu_new( p->mem_ctx))) {
665                 DEBUG(0,("No memory!\n"));
666                 return NT_STATUS_NO_MEMORY;
667         }
668
669         /* get the user record */
670         become_root();
671         ret = pdb_getsampwsid(sampass, &uinfo->sid);
672         unbecome_root();
673
674         if (!ret) {
675                 DEBUG(4, ("User %s not found\n",
676                           sid_string_dbg(&uinfo->sid)));
677                 TALLOC_FREE(sampass);
678                 return NT_STATUS_INVALID_HANDLE;
679         }
680
681         dacl = r->in.sdbuf->sd->dacl;
682         for (i=0; i < dacl->num_aces; i++) {
683                 if (sid_equal(&uinfo->sid, &dacl->aces[i].trustee)) {
684                         ret = pdb_set_pass_can_change(sampass,
685                                 (dacl->aces[i].access_mask &
686                                  SAMR_USER_ACCESS_CHANGE_PASSWORD) ?
687                                                       True: False);
688                         break;
689                 }
690         }
691
692         if (!ret) {
693                 TALLOC_FREE(sampass);
694                 return NT_STATUS_ACCESS_DENIED;
695         }
696
697         become_root();
698         status = pdb_update_sam_account(sampass);
699         unbecome_root();
700
701         TALLOC_FREE(sampass);
702
703         return status;
704 }
705
706 /*******************************************************************
707   build correct perms based on policies and password times for _samr_query_sec_obj
708 *******************************************************************/
709 static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
710 {
711         struct samu *sampass=NULL;
712         bool ret;
713
714         if ( !(sampass = samu_new( mem_ctx )) ) {
715                 DEBUG(0,("No memory!\n"));
716                 return False;
717         }
718
719         become_root();
720         ret = pdb_getsampwsid(sampass, user_sid);
721         unbecome_root();
722
723         if (ret == False) {
724                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
725                 TALLOC_FREE(sampass);
726                 return False;
727         }
728
729         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
730
731         if (pdb_get_pass_can_change(sampass)) {
732                 TALLOC_FREE(sampass);
733                 return True;
734         }
735         TALLOC_FREE(sampass);
736         return False;
737 }
738
739
740 /*******************************************************************
741  _samr_QuerySecurity
742  ********************************************************************/
743
744 NTSTATUS _samr_QuerySecurity(pipes_struct *p,
745                              struct samr_QuerySecurity *r)
746 {
747         struct samr_connect_info *cinfo;
748         struct samr_domain_info *dinfo;
749         struct samr_user_info *uinfo;
750         struct samr_group_info *ginfo;
751         struct samr_alias_info *ainfo;
752         NTSTATUS status;
753         SEC_DESC * psd = NULL;
754         size_t sd_size;
755
756         cinfo = policy_handle_find(p, r->in.handle,
757                                    STD_RIGHT_READ_CONTROL_ACCESS, NULL,
758                                    struct samr_connect_info, &status);
759         if (NT_STATUS_IS_OK(status)) {
760                 DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
761                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size,
762                                              &sam_generic_mapping, NULL, 0);
763                 goto done;
764         }
765
766         dinfo = policy_handle_find(p, r->in.handle,
767                                    STD_RIGHT_READ_CONTROL_ACCESS, NULL,
768                                    struct samr_domain_info, &status);
769         if (NT_STATUS_IS_OK(status)) {
770                 DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
771                          "with SID: %s\n", sid_string_dbg(&dinfo->sid)));
772                 /*
773                  * TODO: Builtin probably needs a different SD with restricted
774                  * write access
775                  */
776                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size,
777                                              &dom_generic_mapping, NULL, 0);
778                 goto done;
779         }
780
781         uinfo = policy_handle_find(p, r->in.handle,
782                                    STD_RIGHT_READ_CONTROL_ACCESS, NULL,
783                                    struct samr_user_info, &status);
784         if (NT_STATUS_IS_OK(status)) {
785                 DEBUG(10,("_samr_QuerySecurity: querying security on user "
786                           "Object with SID: %s\n",
787                           sid_string_dbg(&uinfo->sid)));
788                 if (check_change_pw_access(p->mem_ctx, &uinfo->sid)) {
789                         status = make_samr_object_sd(
790                                 p->mem_ctx, &psd, &sd_size,
791                                 &usr_generic_mapping,
792                                 &uinfo->sid, SAMR_USR_RIGHTS_WRITE_PW);
793                 } else {
794                         status = make_samr_object_sd(
795                                 p->mem_ctx, &psd, &sd_size,
796                                 &usr_nopwchange_generic_mapping,
797                                 &uinfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
798                 }
799                 goto done;
800         }
801
802         ginfo = policy_handle_find(p, r->in.handle,
803                                    STD_RIGHT_READ_CONTROL_ACCESS, NULL,
804                                    struct samr_group_info, &status);
805         if (NT_STATUS_IS_OK(status)) {
806                 /*
807                  * TODO: different SDs have to be generated for aliases groups
808                  * and users.  Currently all three get a default user SD
809                  */
810                 DEBUG(10,("_samr_QuerySecurity: querying security on group "
811                           "Object with SID: %s\n",
812                           sid_string_dbg(&ginfo->sid)));
813                 status = make_samr_object_sd(
814                         p->mem_ctx, &psd, &sd_size,
815                         &usr_nopwchange_generic_mapping,
816                         &ginfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
817                 goto done;
818         }
819
820         ainfo = policy_handle_find(p, r->in.handle,
821                                    STD_RIGHT_READ_CONTROL_ACCESS, NULL,
822                                    struct samr_alias_info, &status);
823         if (NT_STATUS_IS_OK(status)) {
824                 /*
825                  * TODO: different SDs have to be generated for aliases groups
826                  * and users.  Currently all three get a default user SD
827                  */
828                 DEBUG(10,("_samr_QuerySecurity: querying security on alias "
829                           "Object with SID: %s\n",
830                           sid_string_dbg(&ainfo->sid)));
831                 status = make_samr_object_sd(
832                         p->mem_ctx, &psd, &sd_size,
833                         &usr_nopwchange_generic_mapping,
834                         &ainfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
835                 goto done;
836         }
837
838         return NT_STATUS_OBJECT_TYPE_MISMATCH;
839 done:
840         if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
841                 return NT_STATUS_NO_MEMORY;
842
843         return status;
844 }
845
846 /*******************************************************************
847 makes a SAM_ENTRY / UNISTR2* structure from a user list.
848 ********************************************************************/
849
850 static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx,
851                                          struct samr_SamEntry **sam_pp,
852                                          uint32_t num_entries,
853                                          uint32_t start_idx,
854                                          struct samr_displayentry *entries)
855 {
856         uint32_t i;
857         struct samr_SamEntry *sam;
858
859         *sam_pp = NULL;
860
861         if (num_entries == 0) {
862                 return NT_STATUS_OK;
863         }
864
865         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_entries);
866         if (sam == NULL) {
867                 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n"));
868                 return NT_STATUS_NO_MEMORY;
869         }
870
871         for (i = 0; i < num_entries; i++) {
872 #if 0
873                 /*
874                  * usrmgr expects a non-NULL terminated string with
875                  * trust relationships
876                  */
877                 if (entries[i].acct_flags & ACB_DOMTRUST) {
878                         init_unistr2(&uni_temp_name, entries[i].account_name,
879                                      UNI_FLAGS_NONE);
880                 } else {
881                         init_unistr2(&uni_temp_name, entries[i].account_name,
882                                      UNI_STR_TERMINATE);
883                 }
884 #endif
885                 init_lsa_String(&sam[i].name, entries[i].account_name);
886                 sam[i].idx = entries[i].rid;
887         }
888
889         *sam_pp = sam;
890
891         return NT_STATUS_OK;
892 }
893
894 #define MAX_SAM_ENTRIES MAX_SAM_ENTRIES_W2K
895
896 /*******************************************************************
897  _samr_EnumDomainUsers
898  ********************************************************************/
899
900 NTSTATUS _samr_EnumDomainUsers(pipes_struct *p,
901                                struct samr_EnumDomainUsers *r)
902 {
903         NTSTATUS status;
904         struct samr_domain_info *dinfo;
905         int num_account;
906         uint32 enum_context = *r->in.resume_handle;
907         enum remote_arch_types ra_type = get_remote_arch();
908         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
909         uint32 max_entries = max_sam_entries;
910         struct samr_displayentry *entries = NULL;
911         struct samr_SamArray *samr_array = NULL;
912         struct samr_SamEntry *samr_entries = NULL;
913
914         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
915
916         dinfo = policy_handle_find(p, r->in.domain_handle,
917                                    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
918                                    struct samr_domain_info, &status);
919         if (!NT_STATUS_IS_OK(status)) {
920                 return status;
921         }
922
923         if (sid_check_is_builtin(&dinfo->sid)) {
924                 /* No users in builtin. */
925                 *r->out.resume_handle = *r->in.resume_handle;
926                 DEBUG(5,("_samr_EnumDomainUsers: No users in BUILTIN\n"));
927                 return status;
928         }
929
930         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
931         if (!samr_array) {
932                 return NT_STATUS_NO_MEMORY;
933         }
934         *r->out.sam = samr_array;
935
936         become_root();
937
938         /* AS ROOT !!!! */
939
940         if ((dinfo->disp_info->enum_users != NULL) &&
941             (dinfo->disp_info->enum_acb_mask != r->in.acct_flags)) {
942                 TALLOC_FREE(dinfo->disp_info->enum_users);
943         }
944
945         if (dinfo->disp_info->enum_users == NULL) {
946                 dinfo->disp_info->enum_users = pdb_search_users(
947                         dinfo->disp_info, r->in.acct_flags);
948                 dinfo->disp_info->enum_acb_mask = r->in.acct_flags;
949         }
950
951         if (dinfo->disp_info->enum_users == NULL) {
952                 /* END AS ROOT !!!! */
953                 unbecome_root();
954                 return NT_STATUS_ACCESS_DENIED;
955         }
956
957         num_account = pdb_search_entries(dinfo->disp_info->enum_users,
958                                          enum_context, max_entries,
959                                          &entries);
960
961         /* END AS ROOT !!!! */
962
963         unbecome_root();
964
965         if (num_account == 0) {
966                 DEBUG(5, ("_samr_EnumDomainUsers: enumeration handle over "
967                           "total entries\n"));
968                 *r->out.resume_handle = *r->in.resume_handle;
969                 return NT_STATUS_OK;
970         }
971
972         status = make_user_sam_entry_list(p->mem_ctx, &samr_entries,
973                                           num_account, enum_context,
974                                           entries);
975         if (!NT_STATUS_IS_OK(status)) {
976                 return status;
977         }
978
979         if (max_entries <= num_account) {
980                 status = STATUS_MORE_ENTRIES;
981         } else {
982                 status = NT_STATUS_OK;
983         }
984
985         /* Ensure we cache this enumeration. */
986         set_disp_info_cache_timeout(dinfo->disp_info, DISP_INFO_CACHE_TIMEOUT);
987
988         DEBUG(5, ("_samr_EnumDomainUsers: %d\n", __LINE__));
989
990         samr_array->count = num_account;
991         samr_array->entries = samr_entries;
992
993         *r->out.resume_handle = *r->in.resume_handle + num_account;
994         *r->out.num_entries = num_account;
995
996         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
997
998         return status;
999 }
1000
1001 /*******************************************************************
1002 makes a SAM_ENTRY / UNISTR2* structure from a group list.
1003 ********************************************************************/
1004
1005 static void make_group_sam_entry_list(TALLOC_CTX *ctx,
1006                                       struct samr_SamEntry **sam_pp,
1007                                       uint32_t num_sam_entries,
1008                                       struct samr_displayentry *entries)
1009 {
1010         struct samr_SamEntry *sam;
1011         uint32_t i;
1012
1013         *sam_pp = NULL;
1014
1015         if (num_sam_entries == 0) {
1016                 return;
1017         }
1018
1019         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_sam_entries);
1020         if (sam == NULL) {
1021                 return;
1022         }
1023
1024         for (i = 0; i < num_sam_entries; i++) {
1025                 /*
1026                  * JRA. I think this should include the null. TNG does not.
1027                  */
1028                 init_lsa_String(&sam[i].name, entries[i].account_name);
1029                 sam[i].idx = entries[i].rid;
1030         }
1031
1032         *sam_pp = sam;
1033 }
1034
1035 /*******************************************************************
1036  _samr_EnumDomainGroups
1037  ********************************************************************/
1038
1039 NTSTATUS _samr_EnumDomainGroups(pipes_struct *p,
1040                                 struct samr_EnumDomainGroups *r)
1041 {
1042         NTSTATUS status;
1043         struct samr_domain_info *dinfo;
1044         struct samr_displayentry *groups;
1045         uint32 num_groups;
1046         struct samr_SamArray *samr_array = NULL;
1047         struct samr_SamEntry *samr_entries = NULL;
1048
1049         dinfo = policy_handle_find(p, r->in.domain_handle,
1050                                    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
1051                                    struct samr_domain_info, &status);
1052         if (!NT_STATUS_IS_OK(status)) {
1053                 return status;
1054         }
1055
1056         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1057
1058         if (sid_check_is_builtin(&dinfo->sid)) {
1059                 /* No groups in builtin. */
1060                 *r->out.resume_handle = *r->in.resume_handle;
1061                 DEBUG(5,("_samr_EnumDomainGroups: No groups in BUILTIN\n"));
1062                 return status;
1063         }
1064
1065         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1066         if (!samr_array) {
1067                 return NT_STATUS_NO_MEMORY;
1068         }
1069
1070         /* the domain group array is being allocated in the function below */
1071
1072         become_root();
1073
1074         if (dinfo->disp_info->groups == NULL) {
1075                 dinfo->disp_info->groups = pdb_search_groups(dinfo->disp_info);
1076
1077                 if (dinfo->disp_info->groups == NULL) {
1078                         unbecome_root();
1079                         return NT_STATUS_ACCESS_DENIED;
1080                 }
1081         }
1082
1083         num_groups = pdb_search_entries(dinfo->disp_info->groups,
1084                                         *r->in.resume_handle,
1085                                         MAX_SAM_ENTRIES, &groups);
1086         unbecome_root();
1087
1088         /* Ensure we cache this enumeration. */
1089         set_disp_info_cache_timeout(dinfo->disp_info, DISP_INFO_CACHE_TIMEOUT);
1090
1091         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1092                                   num_groups, groups);
1093
1094         samr_array->count = num_groups;
1095         samr_array->entries = samr_entries;
1096
1097         *r->out.sam = samr_array;
1098         *r->out.num_entries = num_groups;
1099         *r->out.resume_handle = num_groups + *r->in.resume_handle;
1100
1101         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1102
1103         return status;
1104 }
1105
1106 /*******************************************************************
1107  _samr_EnumDomainAliases
1108  ********************************************************************/
1109
1110 NTSTATUS _samr_EnumDomainAliases(pipes_struct *p,
1111                                  struct samr_EnumDomainAliases *r)
1112 {
1113         NTSTATUS status;
1114         struct samr_domain_info *dinfo;
1115         struct samr_displayentry *aliases;
1116         uint32 num_aliases = 0;
1117         struct samr_SamArray *samr_array = NULL;
1118         struct samr_SamEntry *samr_entries = NULL;
1119
1120         dinfo = policy_handle_find(p, r->in.domain_handle,
1121                                    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
1122                                    struct samr_domain_info, &status);
1123         if (!NT_STATUS_IS_OK(status)) {
1124                 return status;
1125         }
1126
1127         DEBUG(5,("_samr_EnumDomainAliases: sid %s\n",
1128                  sid_string_dbg(&dinfo->sid)));
1129
1130         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1131         if (!samr_array) {
1132                 return NT_STATUS_NO_MEMORY;
1133         }
1134
1135         become_root();
1136
1137         if (dinfo->disp_info->aliases == NULL) {
1138                 dinfo->disp_info->aliases = pdb_search_aliases(
1139                         dinfo->disp_info, &dinfo->sid);
1140                 if (dinfo->disp_info->aliases == NULL) {
1141                         unbecome_root();
1142                         return NT_STATUS_ACCESS_DENIED;
1143                 }
1144         }
1145
1146         num_aliases = pdb_search_entries(dinfo->disp_info->aliases,
1147                                          *r->in.resume_handle,
1148                                          MAX_SAM_ENTRIES, &aliases);
1149         unbecome_root();
1150
1151         /* Ensure we cache this enumeration. */
1152         set_disp_info_cache_timeout(dinfo->disp_info, DISP_INFO_CACHE_TIMEOUT);
1153
1154         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1155                                   num_aliases, aliases);
1156
1157         DEBUG(5,("_samr_EnumDomainAliases: %d\n", __LINE__));
1158
1159         samr_array->count = num_aliases;
1160         samr_array->entries = samr_entries;
1161
1162         *r->out.sam = samr_array;
1163         *r->out.num_entries = num_aliases;
1164         *r->out.resume_handle = num_aliases + *r->in.resume_handle;
1165
1166         return status;
1167 }
1168
1169 /*******************************************************************
1170  inits a samr_DispInfoGeneral structure.
1171 ********************************************************************/
1172
1173 static NTSTATUS init_samr_dispinfo_1(TALLOC_CTX *ctx,
1174                                      struct samr_DispInfoGeneral *r,
1175                                      uint32_t num_entries,
1176                                      uint32_t start_idx,
1177                                      struct samr_displayentry *entries)
1178 {
1179         uint32 i;
1180
1181         DEBUG(10, ("init_samr_dispinfo_1: num_entries: %d\n", num_entries));
1182
1183         if (num_entries == 0) {
1184                 return NT_STATUS_OK;
1185         }
1186
1187         r->count = num_entries;
1188
1189         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryGeneral, num_entries);
1190         if (!r->entries) {
1191                 return NT_STATUS_NO_MEMORY;
1192         }
1193
1194         for (i = 0; i < num_entries ; i++) {
1195
1196                 init_lsa_String(&r->entries[i].account_name,
1197                                 entries[i].account_name);
1198
1199                 init_lsa_String(&r->entries[i].description,
1200                                 entries[i].description);
1201
1202                 init_lsa_String(&r->entries[i].full_name,
1203                                 entries[i].fullname);
1204
1205                 r->entries[i].rid = entries[i].rid;
1206                 r->entries[i].acct_flags = entries[i].acct_flags;
1207                 r->entries[i].idx = start_idx+i+1;
1208         }
1209
1210         return NT_STATUS_OK;
1211 }
1212
1213 /*******************************************************************
1214  inits a samr_DispInfoFull structure.
1215 ********************************************************************/
1216
1217 static NTSTATUS init_samr_dispinfo_2(TALLOC_CTX *ctx,
1218                                      struct samr_DispInfoFull *r,
1219                                      uint32_t num_entries,
1220                                      uint32_t start_idx,
1221                                      struct samr_displayentry *entries)
1222 {
1223         uint32_t i;
1224
1225         DEBUG(10, ("init_samr_dispinfo_2: num_entries: %d\n", num_entries));
1226
1227         if (num_entries == 0) {
1228                 return NT_STATUS_OK;
1229         }
1230
1231         r->count = num_entries;
1232
1233         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFull, num_entries);
1234         if (!r->entries) {
1235                 return NT_STATUS_NO_MEMORY;
1236         }
1237
1238         for (i = 0; i < num_entries ; i++) {
1239
1240                 init_lsa_String(&r->entries[i].account_name,
1241                                 entries[i].account_name);
1242
1243                 init_lsa_String(&r->entries[i].description,
1244                                 entries[i].description);
1245
1246                 r->entries[i].rid = entries[i].rid;
1247                 r->entries[i].acct_flags = entries[i].acct_flags;
1248                 r->entries[i].idx = start_idx+i+1;
1249         }
1250
1251         return NT_STATUS_OK;
1252 }
1253
1254 /*******************************************************************
1255  inits a samr_DispInfoFullGroups structure.
1256 ********************************************************************/
1257
1258 static NTSTATUS init_samr_dispinfo_3(TALLOC_CTX *ctx,
1259                                      struct samr_DispInfoFullGroups *r,
1260                                      uint32_t num_entries,
1261                                      uint32_t start_idx,
1262                                      struct samr_displayentry *entries)
1263 {
1264         uint32_t i;
1265
1266         DEBUG(5, ("init_samr_dispinfo_3: num_entries: %d\n", num_entries));
1267
1268         if (num_entries == 0) {
1269                 return NT_STATUS_OK;
1270         }
1271
1272         r->count = num_entries;
1273
1274         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFullGroup, num_entries);
1275         if (!r->entries) {
1276                 return NT_STATUS_NO_MEMORY;
1277         }
1278
1279         for (i = 0; i < num_entries ; i++) {
1280
1281                 init_lsa_String(&r->entries[i].account_name,
1282                                 entries[i].account_name);
1283
1284                 init_lsa_String(&r->entries[i].description,
1285                                 entries[i].description);
1286
1287                 r->entries[i].rid = entries[i].rid;
1288                 r->entries[i].acct_flags = entries[i].acct_flags;
1289                 r->entries[i].idx = start_idx+i+1;
1290         }
1291
1292         return NT_STATUS_OK;
1293 }
1294
1295 /*******************************************************************
1296  inits a samr_DispInfoAscii structure.
1297 ********************************************************************/
1298
1299 static NTSTATUS init_samr_dispinfo_4(TALLOC_CTX *ctx,
1300                                      struct samr_DispInfoAscii *r,
1301                                      uint32_t num_entries,
1302                                      uint32_t start_idx,
1303                                      struct samr_displayentry *entries)
1304 {
1305         uint32_t i;
1306
1307         DEBUG(5, ("init_samr_dispinfo_4: num_entries: %d\n", num_entries));
1308
1309         if (num_entries == 0) {
1310                 return NT_STATUS_OK;
1311         }
1312
1313         r->count = num_entries;
1314
1315         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1316         if (!r->entries) {
1317                 return NT_STATUS_NO_MEMORY;
1318         }
1319
1320         for (i = 0; i < num_entries ; i++) {
1321
1322                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1323                                           entries[i].account_name);
1324
1325                 r->entries[i].idx = start_idx+i+1;
1326         }
1327
1328         return NT_STATUS_OK;
1329 }
1330
1331 /*******************************************************************
1332  inits a samr_DispInfoAscii structure.
1333 ********************************************************************/
1334
1335 static NTSTATUS init_samr_dispinfo_5(TALLOC_CTX *ctx,
1336                                      struct samr_DispInfoAscii *r,
1337                                      uint32_t num_entries,
1338                                      uint32_t start_idx,
1339                                      struct samr_displayentry *entries)
1340 {
1341         uint32_t i;
1342
1343         DEBUG(5, ("init_samr_dispinfo_5: num_entries: %d\n", num_entries));
1344
1345         if (num_entries == 0) {
1346                 return NT_STATUS_OK;
1347         }
1348
1349         r->count = num_entries;
1350
1351         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1352         if (!r->entries) {
1353                 return NT_STATUS_NO_MEMORY;
1354         }
1355
1356         for (i = 0; i < num_entries ; i++) {
1357
1358                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1359                                           entries[i].account_name);
1360
1361                 r->entries[i].idx = start_idx+i+1;
1362         }
1363
1364         return NT_STATUS_OK;
1365 }
1366
1367 /*******************************************************************
1368  _samr_QueryDisplayInfo
1369  ********************************************************************/
1370
1371 NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
1372                                 struct samr_QueryDisplayInfo *r)
1373 {
1374         NTSTATUS status;
1375         struct samr_domain_info *dinfo;
1376         uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */
1377
1378         uint32 max_entries = r->in.max_entries;
1379         uint32 enum_context = r->in.start_idx;
1380         uint32 max_size = r->in.buf_size;
1381
1382         union samr_DispInfo *disp_info = r->out.info;
1383
1384         uint32 temp_size=0, total_data_size=0;
1385         NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL;
1386         uint32 num_account = 0;
1387         enum remote_arch_types ra_type = get_remote_arch();
1388         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
1389         struct samr_displayentry *entries = NULL;
1390
1391         DEBUG(5,("_samr_QueryDisplayInfo: %d\n", __LINE__));
1392
1393         dinfo = policy_handle_find(p, r->in.domain_handle,
1394                                    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
1395                                    struct samr_domain_info, &status);
1396         if (!NT_STATUS_IS_OK(status)) {
1397                 return status;
1398         }
1399
1400         /*
1401          * calculate how many entries we will return.
1402          * based on
1403          * - the number of entries the client asked
1404          * - our limit on that
1405          * - the starting point (enumeration context)
1406          * - the buffer size the client will accept
1407          */
1408
1409         /*
1410          * We are a lot more like W2K. Instead of reading the SAM
1411          * each time to find the records we need to send back,
1412          * we read it once and link that copy to the sam handle.
1413          * For large user list (over the MAX_SAM_ENTRIES)
1414          * it's a definitive win.
1415          * second point to notice: between enumerations
1416          * our sam is now the same as it's a snapshoot.
1417          * third point: got rid of the static SAM_USER_21 struct
1418          * no more intermediate.
1419          * con: it uses much more memory, as a full copy is stored
1420          * in memory.
1421          *
1422          * If you want to change it, think twice and think
1423          * of the second point , that's really important.
1424          *
1425          * JFM, 12/20/2001
1426          */
1427
1428         if ((r->in.level < 1) || (r->in.level > 5)) {
1429                 DEBUG(0,("_samr_QueryDisplayInfo: Unknown info level (%u)\n",
1430                          (unsigned int)r->in.level ));
1431                 return NT_STATUS_INVALID_INFO_CLASS;
1432         }
1433
1434         /* first limit the number of entries we will return */
1435         if(max_entries > max_sam_entries) {
1436                 DEBUG(5, ("_samr_QueryDisplayInfo: client requested %d "
1437                           "entries, limiting to %d\n", max_entries,
1438                           max_sam_entries));
1439                 max_entries = max_sam_entries;
1440         }
1441
1442         /* calculate the size and limit on the number of entries we will
1443          * return */
1444
1445         temp_size=max_entries*struct_size;
1446
1447         if (temp_size>max_size) {
1448                 max_entries=MIN((max_size/struct_size),max_entries);;
1449                 DEBUG(5, ("_samr_QueryDisplayInfo: buffer size limits to "
1450                           "only %d entries\n", max_entries));
1451         }
1452
1453         become_root();
1454
1455         /* THe following done as ROOT. Don't return without unbecome_root(). */
1456
1457         switch (r->in.level) {
1458         case 0x1:
1459         case 0x4:
1460                 if (dinfo->disp_info->users == NULL) {
1461                         dinfo->disp_info->users = pdb_search_users(
1462                                 dinfo->disp_info, ACB_NORMAL);
1463                         if (dinfo->disp_info->users == NULL) {
1464                                 unbecome_root();
1465                                 return NT_STATUS_ACCESS_DENIED;
1466                         }
1467                         DEBUG(10,("_samr_QueryDisplayInfo: starting user enumeration at index %u\n",
1468                                 (unsigned  int)enum_context ));
1469                 } else {
1470                         DEBUG(10,("_samr_QueryDisplayInfo: using cached user enumeration at index %u\n",
1471                                 (unsigned  int)enum_context ));
1472                 }
1473
1474                 num_account = pdb_search_entries(dinfo->disp_info->users,
1475                                                  enum_context, max_entries,
1476                                                  &entries);
1477                 break;
1478         case 0x2:
1479                 if (dinfo->disp_info->machines == NULL) {
1480                         dinfo->disp_info->machines = pdb_search_users(
1481                                 dinfo->disp_info, ACB_WSTRUST|ACB_SVRTRUST);
1482                         if (dinfo->disp_info->machines == NULL) {
1483                                 unbecome_root();
1484                                 return NT_STATUS_ACCESS_DENIED;
1485                         }
1486                         DEBUG(10,("_samr_QueryDisplayInfo: starting machine enumeration at index %u\n",
1487                                 (unsigned  int)enum_context ));
1488                 } else {
1489                         DEBUG(10,("_samr_QueryDisplayInfo: using cached machine enumeration at index %u\n",
1490                                 (unsigned  int)enum_context ));
1491                 }
1492
1493                 num_account = pdb_search_entries(dinfo->disp_info->machines,
1494                                                  enum_context, max_entries,
1495                                                  &entries);
1496                 break;
1497         case 0x3:
1498         case 0x5:
1499                 if (dinfo->disp_info->groups == NULL) {
1500                         dinfo->disp_info->groups = pdb_search_groups(
1501                                 dinfo->disp_info);
1502                         if (dinfo->disp_info->groups == NULL) {
1503                                 unbecome_root();
1504                                 return NT_STATUS_ACCESS_DENIED;
1505                         }
1506                         DEBUG(10,("_samr_QueryDisplayInfo: starting group enumeration at index %u\n",
1507                                 (unsigned  int)enum_context ));
1508                 } else {
1509                         DEBUG(10,("_samr_QueryDisplayInfo: using cached group enumeration at index %u\n",
1510                                 (unsigned  int)enum_context ));
1511                 }
1512
1513                 num_account = pdb_search_entries(dinfo->disp_info->groups,
1514                                                  enum_context, max_entries,
1515                                                  &entries);
1516                 break;
1517         default:
1518                 unbecome_root();
1519                 smb_panic("info class changed");
1520                 break;
1521         }
1522         unbecome_root();
1523
1524
1525         /* Now create reply structure */
1526         switch (r->in.level) {
1527         case 0x1:
1528                 disp_ret = init_samr_dispinfo_1(p->mem_ctx, &disp_info->info1,
1529                                                 num_account, enum_context,
1530                                                 entries);
1531                 break;
1532         case 0x2:
1533                 disp_ret = init_samr_dispinfo_2(p->mem_ctx, &disp_info->info2,
1534                                                 num_account, enum_context,
1535                                                 entries);
1536                 break;
1537         case 0x3:
1538                 disp_ret = init_samr_dispinfo_3(p->mem_ctx, &disp_info->info3,
1539                                                 num_account, enum_context,
1540                                                 entries);
1541                 break;
1542         case 0x4:
1543                 disp_ret = init_samr_dispinfo_4(p->mem_ctx, &disp_info->info4,
1544                                                 num_account, enum_context,
1545                                                 entries);
1546                 break;
1547         case 0x5:
1548                 disp_ret = init_samr_dispinfo_5(p->mem_ctx, &disp_info->info5,
1549                                                 num_account, enum_context,
1550                                                 entries);
1551                 break;
1552         default:
1553                 smb_panic("info class changed");
1554                 break;
1555         }
1556
1557         if (!NT_STATUS_IS_OK(disp_ret))
1558                 return disp_ret;
1559
1560         /* calculate the total size */
1561         total_data_size=num_account*struct_size;
1562
1563         if (max_entries <= num_account) {
1564                 status = STATUS_MORE_ENTRIES;
1565         } else {
1566                 status = NT_STATUS_OK;
1567         }
1568
1569         /* Ensure we cache this enumeration. */
1570         set_disp_info_cache_timeout(dinfo->disp_info, DISP_INFO_CACHE_TIMEOUT);
1571
1572         DEBUG(5, ("_samr_QueryDisplayInfo: %d\n", __LINE__));
1573
1574         *r->out.total_size = total_data_size;
1575         *r->out.returned_size = temp_size;
1576
1577         return status;
1578 }
1579
1580 /****************************************************************
1581  _samr_QueryDisplayInfo2
1582 ****************************************************************/
1583
1584 NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p,
1585                                  struct samr_QueryDisplayInfo2 *r)
1586 {
1587         struct samr_QueryDisplayInfo q;
1588
1589         q.in.domain_handle      = r->in.domain_handle;
1590         q.in.level              = r->in.level;
1591         q.in.start_idx          = r->in.start_idx;
1592         q.in.max_entries        = r->in.max_entries;
1593         q.in.buf_size           = r->in.buf_size;
1594
1595         q.out.total_size        = r->out.total_size;
1596         q.out.returned_size     = r->out.returned_size;
1597         q.out.info              = r->out.info;
1598
1599         return _samr_QueryDisplayInfo(p, &q);
1600 }
1601
1602 /****************************************************************
1603  _samr_QueryDisplayInfo3
1604 ****************************************************************/
1605
1606 NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p,
1607                                  struct samr_QueryDisplayInfo3 *r)
1608 {
1609         struct samr_QueryDisplayInfo q;
1610
1611         q.in.domain_handle      = r->in.domain_handle;
1612         q.in.level              = r->in.level;
1613         q.in.start_idx          = r->in.start_idx;
1614         q.in.max_entries        = r->in.max_entries;
1615         q.in.buf_size           = r->in.buf_size;
1616
1617         q.out.total_size        = r->out.total_size;
1618         q.out.returned_size     = r->out.returned_size;
1619         q.out.info              = r->out.info;
1620
1621         return _samr_QueryDisplayInfo(p, &q);
1622 }
1623
1624 /*******************************************************************
1625  _samr_QueryAliasInfo
1626  ********************************************************************/
1627
1628 NTSTATUS _samr_QueryAliasInfo(pipes_struct *p,
1629                               struct samr_QueryAliasInfo *r)
1630 {
1631         struct samr_alias_info *ainfo;
1632         struct acct_info info;
1633         NTSTATUS status;
1634         union samr_AliasInfo *alias_info = NULL;
1635         const char *alias_name = NULL;
1636         const char *alias_description = NULL;
1637
1638         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1639
1640         ainfo = policy_handle_find(p, r->in.alias_handle,
1641                                    SAMR_ALIAS_ACCESS_LOOKUP_INFO, NULL,
1642                                    struct samr_alias_info, &status);
1643         if (!NT_STATUS_IS_OK(status)) {
1644                 return status;
1645         }
1646
1647         alias_info = TALLOC_ZERO_P(p->mem_ctx, union samr_AliasInfo);
1648         if (!alias_info) {
1649                 return NT_STATUS_NO_MEMORY;
1650         }
1651
1652         become_root();
1653         status = pdb_get_aliasinfo(&ainfo->sid, &info);
1654         unbecome_root();
1655
1656         if ( !NT_STATUS_IS_OK(status))
1657                 return status;
1658
1659         /* FIXME: info contains fstrings */
1660         alias_name = talloc_strdup(r, info.acct_name);
1661         alias_description = talloc_strdup(r, info.acct_desc);
1662
1663         switch (r->in.level) {
1664         case ALIASINFOALL:
1665                 alias_info->all.name.string             = alias_name;
1666                 alias_info->all.num_members             = 1; /* ??? */
1667                 alias_info->all.description.string      = alias_description;
1668                 break;
1669         case ALIASINFODESCRIPTION:
1670                 alias_info->description.string          = alias_description;
1671                 break;
1672         default:
1673                 return NT_STATUS_INVALID_INFO_CLASS;
1674         }
1675
1676         *r->out.info = alias_info;
1677
1678         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1679
1680         return NT_STATUS_OK;
1681 }
1682
1683 /*******************************************************************
1684  _samr_LookupNames
1685  ********************************************************************/
1686
1687 NTSTATUS _samr_LookupNames(pipes_struct *p,
1688                            struct samr_LookupNames *r)
1689 {
1690         struct samr_domain_info *dinfo;
1691         NTSTATUS status;
1692         uint32 *rid;
1693         enum lsa_SidType *type;
1694         int i;
1695         int num_rids = r->in.num_names;
1696         struct samr_Ids rids, types;
1697         uint32_t num_mapped = 0;
1698
1699         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1700
1701         dinfo = policy_handle_find(p, r->in.domain_handle,
1702                                    0 /* Don't know the acc_bits yet */, NULL,
1703                                    struct samr_domain_info, &status);
1704         if (!NT_STATUS_IS_OK(status)) {
1705                 return status;
1706         }
1707
1708         if (num_rids > MAX_SAM_ENTRIES) {
1709                 num_rids = MAX_SAM_ENTRIES;
1710                 DEBUG(5,("_samr_LookupNames: truncating entries to %d\n", num_rids));
1711         }
1712
1713         rid = talloc_array(p->mem_ctx, uint32, num_rids);
1714         NT_STATUS_HAVE_NO_MEMORY(rid);
1715
1716         type = talloc_array(p->mem_ctx, enum lsa_SidType, num_rids);
1717         NT_STATUS_HAVE_NO_MEMORY(type);
1718
1719         DEBUG(5,("_samr_LookupNames: looking name on SID %s\n",
1720                  sid_string_dbg(&dinfo->sid)));
1721
1722         for (i = 0; i < num_rids; i++) {
1723
1724                 status = NT_STATUS_NONE_MAPPED;
1725                 type[i] = SID_NAME_UNKNOWN;
1726
1727                 rid[i] = 0xffffffff;
1728
1729                 if (sid_check_is_builtin(&dinfo->sid)) {
1730                         if (lookup_builtin_name(r->in.names[i].string,
1731                                                 &rid[i]))
1732                         {
1733                                 type[i] = SID_NAME_ALIAS;
1734                         }
1735                 } else {
1736                         lookup_global_sam_name(r->in.names[i].string, 0,
1737                                                &rid[i], &type[i]);
1738                 }
1739
1740                 if (type[i] != SID_NAME_UNKNOWN) {
1741                         num_mapped++;
1742                 }
1743         }
1744
1745         if (num_mapped == num_rids) {
1746                 status = NT_STATUS_OK;
1747         } else if (num_mapped == 0) {
1748                 status = NT_STATUS_NONE_MAPPED;
1749         } else {
1750                 status = STATUS_SOME_UNMAPPED;
1751         }
1752
1753         rids.count = num_rids;
1754         rids.ids = rid;
1755
1756         types.count = num_rids;
1757         types.ids = type;
1758
1759         *r->out.rids = rids;
1760         *r->out.types = types;
1761
1762         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1763
1764         return status;
1765 }
1766
1767 /*******************************************************************
1768  _samr_ChangePasswordUser2
1769  ********************************************************************/
1770
1771 NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
1772                                    struct samr_ChangePasswordUser2 *r)
1773 {
1774         NTSTATUS status;
1775         fstring user_name;
1776         fstring wks;
1777
1778         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1779
1780         fstrcpy(user_name, r->in.account->string);
1781         fstrcpy(wks, r->in.server->string);
1782
1783         DEBUG(5,("_samr_ChangePasswordUser2: user: %s wks: %s\n", user_name, wks));
1784
1785         /*
1786          * Pass the user through the NT -> unix user mapping
1787          * function.
1788          */
1789
1790         (void)map_username(user_name);
1791
1792         /*
1793          * UNIX username case mangling not required, pass_oem_change
1794          * is case insensitive.
1795          */
1796
1797         status = pass_oem_change(user_name,
1798                                  r->in.lm_password->data,
1799                                  r->in.lm_verifier->hash,
1800                                  r->in.nt_password->data,
1801                                  r->in.nt_verifier->hash,
1802                                  NULL);
1803
1804         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1805
1806         return status;
1807 }
1808
1809 /*******************************************************************
1810  _samr_ChangePasswordUser3
1811  ********************************************************************/
1812
1813 NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p,
1814                                    struct samr_ChangePasswordUser3 *r)
1815 {
1816         NTSTATUS status;
1817         fstring user_name;
1818         const char *wks = NULL;
1819         uint32 reject_reason;
1820         struct samr_DomInfo1 *dominfo = NULL;
1821         struct samr_ChangeReject *reject = NULL;
1822         uint32_t tmp;
1823
1824         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
1825
1826         fstrcpy(user_name, r->in.account->string);
1827         if (r->in.server && r->in.server->string) {
1828                 wks = r->in.server->string;
1829         }
1830
1831         DEBUG(5,("_samr_ChangePasswordUser3: user: %s wks: %s\n", user_name, wks));
1832
1833         /*
1834          * Pass the user through the NT -> unix user mapping
1835          * function.
1836          */
1837
1838         (void)map_username(user_name);
1839
1840         /*
1841          * UNIX username case mangling not required, pass_oem_change
1842          * is case insensitive.
1843          */
1844
1845         status = pass_oem_change(user_name,
1846                                  r->in.lm_password->data,
1847                                  r->in.lm_verifier->hash,
1848                                  r->in.nt_password->data,
1849                                  r->in.nt_verifier->hash,
1850                                  &reject_reason);
1851
1852         if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) ||
1853             NT_STATUS_EQUAL(status, NT_STATUS_ACCOUNT_RESTRICTION)) {
1854
1855                 time_t u_expire, u_min_age;
1856                 uint32 account_policy_temp;
1857
1858                 dominfo = TALLOC_ZERO_P(p->mem_ctx, struct samr_DomInfo1);
1859                 if (!dominfo) {
1860                         return NT_STATUS_NO_MEMORY;
1861                 }
1862
1863                 reject = TALLOC_ZERO_P(p->mem_ctx, struct samr_ChangeReject);
1864                 if (!reject) {
1865                         return NT_STATUS_NO_MEMORY;
1866                 }
1867
1868                 become_root();
1869
1870                 /* AS ROOT !!! */
1871
1872                 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &tmp);
1873                 dominfo->min_password_length = tmp;
1874
1875                 pdb_get_account_policy(AP_PASSWORD_HISTORY, &tmp);
1876                 dominfo->password_history_length = tmp;
1877
1878                 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
1879                                        &dominfo->password_properties);
1880
1881                 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
1882                 u_expire = account_policy_temp;
1883
1884                 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
1885                 u_min_age = account_policy_temp;
1886
1887                 /* !AS ROOT */
1888
1889                 unbecome_root();
1890
1891                 unix_to_nt_time_abs((NTTIME *)&dominfo->max_password_age, u_expire);
1892                 unix_to_nt_time_abs((NTTIME *)&dominfo->min_password_age, u_min_age);
1893
1894                 if (lp_check_password_script() && *lp_check_password_script()) {
1895                         dominfo->password_properties |= DOMAIN_PASSWORD_COMPLEX;
1896                 }
1897
1898                 reject->reason = reject_reason;
1899
1900                 *r->out.dominfo = dominfo;
1901                 *r->out.reject = reject;
1902         }
1903
1904         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
1905
1906         return status;
1907 }
1908
1909 /*******************************************************************
1910 makes a SAMR_R_LOOKUP_RIDS structure.
1911 ********************************************************************/
1912
1913 static bool make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names,
1914                                   const char **names,
1915                                   struct lsa_String **lsa_name_array_p)
1916 {
1917         struct lsa_String *lsa_name_array = NULL;
1918         uint32_t i;
1919
1920         *lsa_name_array_p = NULL;
1921
1922         if (num_names != 0) {
1923                 lsa_name_array = TALLOC_ZERO_ARRAY(ctx, struct lsa_String, num_names);
1924                 if (!lsa_name_array) {
1925                         return false;
1926                 }
1927         }
1928
1929         for (i = 0; i < num_names; i++) {
1930                 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : ""));
1931                 init_lsa_String(&lsa_name_array[i], names[i]);
1932         }
1933
1934         *lsa_name_array_p = lsa_name_array;
1935
1936         return true;
1937 }
1938
1939 /*******************************************************************
1940  _samr_LookupRids
1941  ********************************************************************/
1942
1943 NTSTATUS _samr_LookupRids(pipes_struct *p,
1944                           struct samr_LookupRids *r)
1945 {
1946         struct samr_domain_info *dinfo;
1947         NTSTATUS status;
1948         const char **names;
1949         enum lsa_SidType *attrs = NULL;
1950         uint32 *wire_attrs = NULL;
1951         int num_rids = (int)r->in.num_rids;
1952         int i;
1953         struct lsa_Strings names_array;
1954         struct samr_Ids types_array;
1955         struct lsa_String *lsa_names = NULL;
1956
1957         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
1958
1959         dinfo = policy_handle_find(p, r->in.domain_handle,
1960                                    0 /* Don't know the acc_bits yet */, NULL,
1961                                    struct samr_domain_info, &status);
1962         if (!NT_STATUS_IS_OK(status)) {
1963                 return status;
1964         }
1965
1966         if (num_rids > 1000) {
1967                 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according "
1968                           "to samba4 idl this is not possible\n", num_rids));
1969                 return NT_STATUS_UNSUCCESSFUL;
1970         }
1971
1972         if (num_rids) {
1973                 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids);
1974                 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids);
1975                 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids);
1976
1977                 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))
1978                         return NT_STATUS_NO_MEMORY;
1979         } else {
1980                 names = NULL;
1981                 attrs = NULL;
1982                 wire_attrs = NULL;
1983         }
1984
1985         become_root();  /* lookup_sid can require root privs */
1986         status = pdb_lookup_rids(&dinfo->sid, num_rids, r->in.rids,
1987                                  names, attrs);
1988         unbecome_root();
1989
1990         if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED) && (num_rids == 0)) {
1991                 status = NT_STATUS_OK;
1992         }
1993
1994         if (!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
1995                                    &lsa_names)) {
1996                 return NT_STATUS_NO_MEMORY;
1997         }
1998
1999         /* Convert from enum lsa_SidType to uint32 for wire format. */
2000         for (i = 0; i < num_rids; i++) {
2001                 wire_attrs[i] = (uint32)attrs[i];
2002         }
2003
2004         names_array.count = num_rids;
2005         names_array.names = lsa_names;
2006
2007         types_array.count = num_rids;
2008         types_array.ids = wire_attrs;
2009
2010         *r->out.names = names_array;
2011         *r->out.types = types_array;
2012
2013         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
2014
2015         return status;
2016 }
2017
2018 /*******************************************************************
2019  _samr_OpenUser
2020 ********************************************************************/
2021
2022 NTSTATUS _samr_OpenUser(pipes_struct *p,
2023                         struct samr_OpenUser *r)
2024 {
2025         struct samu *sampass=NULL;
2026         DOM_SID sid;
2027         struct samr_domain_info *dinfo;
2028         struct samr_user_info *uinfo;
2029         SEC_DESC *psd = NULL;
2030         uint32    acc_granted;
2031         uint32    des_access = r->in.access_mask;
2032         size_t    sd_size;
2033         bool ret;
2034         NTSTATUS nt_status;
2035         SE_PRIV se_rights;
2036         NTSTATUS status;
2037
2038         dinfo = policy_handle_find(p, r->in.domain_handle,
2039                                    SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
2040                                    struct samr_domain_info, &status);
2041         if (!NT_STATUS_IS_OK(status)) {
2042                 return status;
2043         }
2044
2045         if ( !(sampass = samu_new( p->mem_ctx )) ) {
2046                 return NT_STATUS_NO_MEMORY;
2047         }
2048
2049         /* append the user's RID to it */
2050
2051         if (!sid_compose(&sid, &dinfo->sid, r->in.rid))
2052                 return NT_STATUS_NO_SUCH_USER;
2053
2054         /* check if access can be granted as requested by client. */
2055
2056         map_max_allowed_access(p->server_info->ptok, &des_access);
2057
2058         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
2059         se_map_generic(&des_access, &usr_generic_mapping);
2060
2061         se_priv_copy( &se_rights, &se_machine_account );
2062         se_priv_add( &se_rights, &se_add_users );
2063
2064         nt_status = access_check_samr_object(psd, p->server_info->ptok,
2065                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
2066                 &acc_granted, "_samr_OpenUser");
2067
2068         if ( !NT_STATUS_IS_OK(nt_status) )
2069                 return nt_status;
2070
2071         become_root();
2072         ret=pdb_getsampwsid(sampass, &sid);
2073         unbecome_root();
2074
2075         /* check that the SID exists in our domain. */
2076         if (ret == False) {
2077                 return NT_STATUS_NO_SUCH_USER;
2078         }
2079
2080         TALLOC_FREE(sampass);
2081
2082         uinfo = policy_handle_create(p, r->out.user_handle, acc_granted,
2083                                      struct samr_user_info, &nt_status);
2084         if (!NT_STATUS_IS_OK(nt_status)) {
2085                 return nt_status;
2086         }
2087         uinfo->sid = sid;
2088
2089         return NT_STATUS_OK;
2090 }
2091
2092 /*************************************************************************
2093  *************************************************************************/
2094
2095 static NTSTATUS init_samr_parameters_string(TALLOC_CTX *mem_ctx,
2096                                             DATA_BLOB *blob,
2097                                             struct lsa_BinaryString **_r)
2098 {
2099         struct lsa_BinaryString *r;
2100
2101         if (!blob || !_r) {
2102                 return NT_STATUS_INVALID_PARAMETER;
2103         }
2104
2105         r = TALLOC_ZERO_P(mem_ctx, struct lsa_BinaryString);
2106         if (!r) {
2107                 return NT_STATUS_NO_MEMORY;
2108         }
2109
2110         r->array = TALLOC_ZERO_ARRAY(mem_ctx, uint16_t, blob->length/2);
2111         if (!r->array) {
2112                 return NT_STATUS_NO_MEMORY;
2113         }
2114         memcpy(r->array, blob->data, blob->length);
2115         r->size = blob->length;
2116         r->length = blob->length;
2117
2118         if (!r->array) {
2119                 return NT_STATUS_NO_MEMORY;
2120         }
2121
2122         *_r = r;
2123
2124         return NT_STATUS_OK;
2125 }
2126
2127 static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
2128                                 struct samr_UserInfo5 *r,
2129                                 struct samu *pw,
2130                                 DOM_SID *domain_sid)
2131 {
2132         const DOM_SID *sid_user, *sid_group;
2133         uint32_t rid, primary_gid;
2134
2135         sid_user = pdb_get_user_sid(pw);
2136
2137         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2138                 DEBUG(0, ("get_user_info_5: User %s has SID %s, \nwhich conflicts with "
2139                           "the domain sid %s.  Failing operation.\n",
2140                           pdb_get_username(pw), sid_string_dbg(sid_user),
2141                           sid_string_dbg(domain_sid)));
2142                 return NT_STATUS_UNSUCCESSFUL;
2143         }
2144
2145         become_root();
2146         sid_group = pdb_get_group_sid(pw);
2147         unbecome_root();
2148
2149         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2150                 DEBUG(0, ("get_user_info_5: User %s has Primary Group SID %s, \n"
2151                           "which conflicts with the domain sid %s.  Failing operation.\n",
2152                           pdb_get_username(pw), sid_string_dbg(sid_group),
2153                           sid_string_dbg(domain_sid)));
2154                 return NT_STATUS_UNSUCCESSFUL;
2155         }
2156
2157         unix_to_nt_time(&r->last_logon, pdb_get_logon_time(pw));
2158         unix_to_nt_time(&r->last_logoff, pdb_get_logoff_time(pw));
2159         unix_to_nt_time(&r->acct_expiry, pdb_get_kickoff_time(pw));
2160         unix_to_nt_time(&r->last_password_change, pdb_get_pass_last_set_time(pw));
2161
2162         r->account_name.string  = talloc_strdup(mem_ctx, pdb_get_username(pw));
2163         r->full_name.string     = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2164         r->home_directory.string= talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2165         r->home_drive.string    = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2166         r->logon_script.string  = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2167         r->profile_path.string  = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2168         r->description.string   = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2169         r->workstations.string  = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2170
2171         r->logon_hours          = get_logon_hours_from_pdb(mem_ctx, pw);
2172         r->rid                  = rid;
2173         r->primary_gid          = primary_gid;
2174         r->acct_flags           = pdb_get_acct_ctrl(pw);
2175         r->bad_password_count   = pdb_get_bad_password_count(pw);
2176         r->logon_count          = pdb_get_logon_count(pw);
2177
2178         return NT_STATUS_OK;
2179 }
2180
2181 /*************************************************************************
2182  get_user_info_7. Safe. Only gives out account_name.
2183  *************************************************************************/
2184
2185 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
2186                                 struct samr_UserInfo7 *r,
2187                                 struct samu *smbpass)
2188 {
2189         r->account_name.string = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
2190         if (!r->account_name.string) {
2191                 return NT_STATUS_NO_MEMORY;
2192         }
2193
2194         return NT_STATUS_OK;
2195 }
2196
2197 /*************************************************************************
2198  get_user_info_9. Only gives out primary group SID.
2199  *************************************************************************/
2200
2201 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
2202                                 struct samr_UserInfo9 *r,
2203                                 struct samu *smbpass)
2204 {
2205         r->primary_gid = pdb_get_group_rid(smbpass);
2206
2207         return NT_STATUS_OK;
2208 }
2209
2210 /*************************************************************************
2211  get_user_info_16. Safe. Only gives out acb bits.
2212  *************************************************************************/
2213
2214 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
2215                                  struct samr_UserInfo16 *r,
2216                                  struct samu *smbpass)
2217 {
2218         r->acct_flags = pdb_get_acct_ctrl(smbpass);
2219
2220         return NT_STATUS_OK;
2221 }
2222
2223 /*************************************************************************
2224  get_user_info_18. OK - this is the killer as it gives out password info.
2225  Ensure that this is only allowed on an encrypted connection with a root
2226  user. JRA.
2227  *************************************************************************/
2228
2229 static NTSTATUS get_user_info_18(pipes_struct *p,
2230                                  TALLOC_CTX *mem_ctx,
2231                                  struct samr_UserInfo18 *r,
2232                                  DOM_SID *user_sid)
2233 {
2234         struct samu *smbpass=NULL;
2235         bool ret;
2236
2237         ZERO_STRUCTP(r);
2238
2239         if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
2240                 return NT_STATUS_ACCESS_DENIED;
2241         }
2242
2243         if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
2244                 return NT_STATUS_ACCESS_DENIED;
2245         }
2246
2247         /*
2248          * Do *NOT* do become_root()/unbecome_root() here ! JRA.
2249          */
2250
2251         if ( !(smbpass = samu_new( mem_ctx )) ) {
2252                 return NT_STATUS_NO_MEMORY;
2253         }
2254
2255         ret = pdb_getsampwsid(smbpass, user_sid);
2256
2257         if (ret == False) {
2258                 DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
2259                 TALLOC_FREE(smbpass);
2260                 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
2261         }
2262
2263         DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
2264
2265         if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
2266                 TALLOC_FREE(smbpass);
2267                 return NT_STATUS_ACCOUNT_DISABLED;
2268         }
2269
2270         r->lm_pwd_active = true;
2271         r->nt_pwd_active = true;
2272         memcpy(r->lm_pwd.hash, pdb_get_lanman_passwd(smbpass), 16);
2273         memcpy(r->nt_pwd.hash, pdb_get_nt_passwd(smbpass), 16);
2274         r->password_expired = 0; /* FIXME */
2275
2276         TALLOC_FREE(smbpass);
2277
2278         return NT_STATUS_OK;
2279 }
2280
2281 /*************************************************************************
2282  get_user_info_20
2283  *************************************************************************/
2284
2285 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
2286                                  struct samr_UserInfo20 *r,
2287                                  struct samu *sampass)
2288 {
2289         const char *munged_dial = NULL;
2290         DATA_BLOB blob;
2291         NTSTATUS status;
2292         struct lsa_BinaryString *parameters = NULL;
2293
2294         ZERO_STRUCTP(r);
2295
2296         munged_dial = pdb_get_munged_dial(sampass);
2297
2298         DEBUG(3,("User:[%s] has [%s] (length: %d)\n", pdb_get_username(sampass),
2299                 munged_dial, (int)strlen(munged_dial)));
2300
2301         if (munged_dial) {
2302                 blob = base64_decode_data_blob(munged_dial);
2303         } else {
2304                 blob = data_blob_string_const_null("");
2305         }
2306
2307         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2308         data_blob_free(&blob);
2309         if (!NT_STATUS_IS_OK(status)) {
2310                 return status;
2311         }
2312
2313         r->parameters = *parameters;
2314
2315         return NT_STATUS_OK;
2316 }
2317
2318
2319 /*************************************************************************
2320  get_user_info_21
2321  *************************************************************************/
2322
2323 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
2324                                  struct samr_UserInfo21 *r,
2325                                  struct samu *pw,
2326                                  DOM_SID *domain_sid)
2327 {
2328         NTSTATUS status;
2329         const DOM_SID *sid_user, *sid_group;
2330         uint32_t rid, primary_gid;
2331         NTTIME force_password_change;
2332         time_t must_change_time;
2333         struct lsa_BinaryString *parameters = NULL;
2334         const char *munged_dial = NULL;
2335         DATA_BLOB blob;
2336
2337         ZERO_STRUCTP(r);
2338
2339         sid_user = pdb_get_user_sid(pw);
2340
2341         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2342                 DEBUG(0, ("get_user_info_21: User %s has SID %s, \nwhich conflicts with "
2343                           "the domain sid %s.  Failing operation.\n",
2344                           pdb_get_username(pw), sid_string_dbg(sid_user),
2345                           sid_string_dbg(domain_sid)));
2346                 return NT_STATUS_UNSUCCESSFUL;
2347         }
2348
2349         become_root();
2350         sid_group = pdb_get_group_sid(pw);
2351         unbecome_root();
2352
2353         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2354                 DEBUG(0, ("get_user_info_21: User %s has Primary Group SID %s, \n"
2355                           "which conflicts with the domain sid %s.  Failing operation.\n",
2356                           pdb_get_username(pw), sid_string_dbg(sid_group),
2357                           sid_string_dbg(domain_sid)));
2358                 return NT_STATUS_UNSUCCESSFUL;
2359         }
2360
2361         unix_to_nt_time(&r->last_logon, pdb_get_logon_time(pw));
2362         unix_to_nt_time(&r->last_logoff, pdb_get_logoff_time(pw));
2363         unix_to_nt_time(&r->acct_expiry, pdb_get_kickoff_time(pw));
2364         unix_to_nt_time(&r->last_password_change, pdb_get_pass_last_set_time(pw));
2365         unix_to_nt_time(&r->allow_password_change, pdb_get_pass_can_change_time(pw));
2366
2367         must_change_time = pdb_get_pass_must_change_time(pw);
2368         if (must_change_time == get_time_t_max()) {
2369                 unix_to_nt_time_abs(&force_password_change, must_change_time);
2370         } else {
2371                 unix_to_nt_time(&force_password_change, must_change_time);
2372         }
2373
2374         munged_dial = pdb_get_munged_dial(pw);
2375         if (munged_dial) {
2376                 blob = base64_decode_data_blob(munged_dial);
2377         } else {
2378                 blob = data_blob_string_const_null("");
2379         }
2380
2381         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2382         data_blob_free(&blob);
2383         if (!NT_STATUS_IS_OK(status)) {
2384                 return status;
2385         }
2386
2387         r->force_password_change        = force_password_change;
2388
2389         r->account_name.string          = talloc_strdup(mem_ctx, pdb_get_username(pw));
2390         r->full_name.string             = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2391         r->home_directory.string        = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2392         r->home_drive.string            = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2393         r->logon_script.string          = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2394         r->profile_path.string          = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2395         r->description.string           = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2396         r->workstations.string          = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2397         r->comment.string               = talloc_strdup(mem_ctx, pdb_get_comment(pw));
2398
2399         r->logon_hours                  = get_logon_hours_from_pdb(mem_ctx, pw);
2400         r->parameters                   = *parameters;
2401         r->rid                          = rid;
2402         r->primary_gid                  = primary_gid;
2403         r->acct_flags                   = pdb_get_acct_ctrl(pw);
2404         r->bad_password_count           = pdb_get_bad_password_count(pw);
2405         r->logon_count                  = pdb_get_logon_count(pw);
2406         r->fields_present               = pdb_build_fields_present(pw);
2407         r->password_expired             = (pdb_get_pass_must_change_time(pw) == 0) ?
2408                                                 PASS_MUST_CHANGE_AT_NEXT_LOGON : 0;
2409         r->country_code                 = 0;
2410         r->code_page                    = 0;
2411         r->lm_password_set              = 0;
2412         r->nt_password_set              = 0;
2413
2414 #if 0
2415
2416         /*
2417           Look at a user on a real NT4 PDC with usrmgr, press
2418           'ok'. Then you will see that fields_present is set to
2419           0x08f827fa. Look at the user immediately after that again,
2420           and you will see that 0x00fffff is returned. This solves
2421           the problem that you get access denied after having looked
2422           at the user.
2423           -- Volker
2424         */
2425
2426 #endif
2427
2428
2429         return NT_STATUS_OK;
2430 }
2431
2432 /*******************************************************************
2433  _samr_QueryUserInfo
2434  ********************************************************************/
2435
2436 NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
2437                              struct samr_QueryUserInfo *r)
2438 {
2439         NTSTATUS status;
2440         union samr_UserInfo *user_info = NULL;
2441         struct samr_user_info *uinfo;
2442         DOM_SID domain_sid;
2443         uint32 rid;
2444         bool ret = false;
2445         struct samu *pwd = NULL;
2446
2447         uinfo = policy_handle_find(p, r->in.user_handle,
2448                                    SAMR_USER_ACCESS_GET_ATTRIBUTES, NULL,
2449                                    struct samr_user_info, &status);
2450         if (!NT_STATUS_IS_OK(status)) {
2451                 return status;
2452         }
2453
2454         domain_sid = uinfo->sid;
2455
2456         sid_split_rid(&domain_sid, &rid);
2457
2458         if (!sid_check_is_in_our_domain(&uinfo->sid))
2459                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2460
2461         DEBUG(5,("_samr_QueryUserInfo: sid:%s\n",
2462                  sid_string_dbg(&uinfo->sid)));
2463
2464         user_info = TALLOC_ZERO_P(p->mem_ctx, union samr_UserInfo);
2465         if (!user_info) {
2466                 return NT_STATUS_NO_MEMORY;
2467         }
2468
2469         DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
2470
2471         if (!(pwd = samu_new(p->mem_ctx))) {
2472                 return NT_STATUS_NO_MEMORY;
2473         }
2474
2475         become_root();
2476         ret = pdb_getsampwsid(pwd, &uinfo->sid);
2477         unbecome_root();
2478
2479         if (ret == false) {
2480                 DEBUG(4,("User %s not found\n", sid_string_dbg(&uinfo->sid)));
2481                 TALLOC_FREE(pwd);
2482                 return NT_STATUS_NO_SUCH_USER;
2483         }
2484
2485         DEBUG(3,("User:[%s]\n", pdb_get_username(pwd)));
2486
2487         samr_clear_sam_passwd(pwd);
2488
2489         switch (r->in.level) {
2490         case 5:
2491                 status = get_user_info_5(p->mem_ctx, &user_info->info5, pwd, &domain_sid);
2492                 break;
2493         case 7:
2494                 status = get_user_info_7(p->mem_ctx, &user_info->info7, pwd);
2495                 break;
2496         case 9:
2497                 status = get_user_info_9(p->mem_ctx, &user_info->info9, pwd);
2498                 break;
2499         case 16:
2500                 status = get_user_info_16(p->mem_ctx, &user_info->info16, pwd);
2501                 break;
2502         case 18:
2503                 /* level 18 is special */
2504                 status = get_user_info_18(p, p->mem_ctx, &user_info->info18,
2505                                           &uinfo->sid);
2506                 break;
2507         case 20:
2508                 status = get_user_info_20(p->mem_ctx, &user_info->info20, pwd);
2509                 break;
2510         case 21:
2511                 status = get_user_info_21(p->mem_ctx, &user_info->info21, pwd, &domain_sid);
2512                 break;
2513         default:
2514                 status = NT_STATUS_INVALID_INFO_CLASS;
2515                 break;
2516         }
2517
2518         TALLOC_FREE(pwd);
2519
2520         *r->out.info = user_info;
2521
2522         DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));
2523
2524         return status;
2525 }
2526
2527 /****************************************************************
2528 ****************************************************************/
2529
2530 NTSTATUS _samr_QueryUserInfo2(pipes_struct *p,
2531                               struct samr_QueryUserInfo2 *r)
2532 {
2533         struct samr_QueryUserInfo u;
2534
2535         u.in.user_handle        = r->in.user_handle;
2536         u.in.level              = r->in.level;
2537         u.out.info              = r->out.info;
2538
2539         return _samr_QueryUserInfo(p, &u);
2540 }
2541
2542 /*******************************************************************
2543  _samr_GetGroupsForUser
2544  ********************************************************************/
2545
2546 NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
2547                                 struct samr_GetGroupsForUser *r)
2548 {
2549         struct samr_user_info *uinfo;
2550         struct samu *sam_pass=NULL;
2551         DOM_SID *sids;
2552         struct samr_RidWithAttribute dom_gid;
2553         struct samr_RidWithAttribute *gids = NULL;
2554         uint32 primary_group_rid;
2555         size_t num_groups = 0;
2556         gid_t *unix_gids;
2557         size_t i, num_gids;
2558         bool ret;
2559         NTSTATUS result;
2560         bool success = False;
2561
2562         struct samr_RidWithAttributeArray *rids = NULL;
2563
2564         /*
2565          * from the SID in the request:
2566          * we should send back the list of DOMAIN GROUPS
2567          * the user is a member of
2568          *
2569          * and only the DOMAIN GROUPS
2570          * no ALIASES !!! neither aliases of the domain
2571          * nor aliases of the builtin SID
2572          *
2573          * JFM, 12/2/2001
2574          */
2575
2576         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2577
2578         uinfo = policy_handle_find(p, r->in.user_handle,
2579                                    SAMR_USER_ACCESS_GET_GROUPS, NULL,
2580                                    struct samr_user_info, &result);
2581         if (!NT_STATUS_IS_OK(result)) {
2582                 return result;
2583         }
2584
2585         rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidWithAttributeArray);
2586         if (!rids) {
2587                 return NT_STATUS_NO_MEMORY;
2588         }
2589
2590         if (!sid_check_is_in_our_domain(&uinfo->sid))
2591                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2592
2593         if ( !(sam_pass = samu_new( p->mem_ctx )) ) {
2594                 return NT_STATUS_NO_MEMORY;
2595         }
2596
2597         become_root();
2598         ret = pdb_getsampwsid(sam_pass, &uinfo->sid);
2599         unbecome_root();
2600
2601         if (!ret) {
2602                 DEBUG(10, ("pdb_getsampwsid failed for %s\n",
2603                            sid_string_dbg(&uinfo->sid)));
2604                 return NT_STATUS_NO_SUCH_USER;
2605         }
2606
2607         sids = NULL;
2608
2609         /* make both calls inside the root block */
2610         become_root();
2611         result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
2612                                             &sids, &unix_gids, &num_groups);
2613         if ( NT_STATUS_IS_OK(result) ) {
2614                 success = sid_peek_check_rid(get_global_sam_sid(),
2615                                              pdb_get_group_sid(sam_pass),
2616                                              &primary_group_rid);
2617         }
2618         unbecome_root();
2619
2620         if (!NT_STATUS_IS_OK(result)) {
2621                 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
2622                            sid_string_dbg(&uinfo->sid)));
2623                 return result;
2624         }
2625
2626         if ( !success ) {
2627                 DEBUG(5, ("Group sid %s for user %s not in our domain\n",
2628                           sid_string_dbg(pdb_get_group_sid(sam_pass)),
2629                           pdb_get_username(sam_pass)));
2630                 TALLOC_FREE(sam_pass);
2631                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
2632         }
2633
2634         gids = NULL;
2635         num_gids = 0;
2636
2637         dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
2638                               SE_GROUP_ENABLED);
2639         dom_gid.rid = primary_group_rid;
2640         ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2641
2642         for (i=0; i<num_groups; i++) {
2643
2644                 if (!sid_peek_check_rid(get_global_sam_sid(),
2645                                         &(sids[i]), &dom_gid.rid)) {
2646                         DEBUG(10, ("Found sid %s not in our domain\n",
2647                                    sid_string_dbg(&sids[i])));
2648                         continue;
2649                 }
2650
2651                 if (dom_gid.rid == primary_group_rid) {
2652                         /* We added the primary group directly from the
2653                          * sam_account. The other SIDs are unique from
2654                          * enum_group_memberships */
2655                         continue;
2656                 }
2657
2658                 ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2659         }
2660
2661         rids->count = num_gids;
2662         rids->rids = gids;
2663
2664         *r->out.rids = rids;
2665
2666         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2667
2668         return result;
2669 }
2670
2671 /*******************************************************************
2672  _samr_QueryDomainInfo
2673  ********************************************************************/
2674
2675 NTSTATUS _samr_QueryDomainInfo(pipes_struct *p,
2676                                struct samr_QueryDomainInfo *r)
2677 {
2678         NTSTATUS status = NT_STATUS_OK;
2679         struct samr_domain_info *dinfo;
2680         union samr_DomainInfo *dom_info;
2681         time_t u_expire, u_min_age;
2682
2683         time_t u_lock_duration, u_reset_time;
2684         uint32_t u_logout;
2685
2686         uint32 account_policy_temp;
2687
2688         time_t seq_num;
2689         uint32 server_role;
2690
2691         DEBUG(5,("_samr_QueryDomainInfo: %d\n", __LINE__));
2692
2693         dinfo = policy_handle_find(p, r->in.domain_handle,
2694                                    SAMR_ACCESS_LOOKUP_DOMAIN, NULL,
2695                                    struct samr_domain_info, &status);
2696         if (!NT_STATUS_IS_OK(status)) {
2697                 return status;
2698         }
2699
2700         dom_info = TALLOC_ZERO_P(p->mem_ctx, union samr_DomainInfo);
2701         if (!dom_info) {
2702                 return NT_STATUS_NO_MEMORY;
2703         }
2704
2705         switch (r->in.level) {
2706                 case 0x01:
2707
2708                         become_root();
2709
2710                         /* AS ROOT !!! */
2711
2712                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
2713                                                &account_policy_temp);
2714                         dom_info->info1.min_password_length = account_policy_temp;
2715
2716                         pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
2717                         dom_info->info1.password_history_length = account_policy_temp;
2718
2719                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
2720                                 &dom_info->info1.password_properties);
2721
2722                         pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
2723                         u_expire = account_policy_temp;
2724
2725                         pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
2726                         u_min_age = account_policy_temp;
2727
2728                         /* !AS ROOT */
2729
2730                         unbecome_root();
2731
2732                         unix_to_nt_time_abs((NTTIME *)&dom_info->info1.max_password_age, u_expire);
2733                         unix_to_nt_time_abs((NTTIME *)&dom_info->info1.min_password_age, u_min_age);
2734
2735                         if (lp_check_password_script() && *lp_check_password_script()) {
2736                                 dom_info->info1.password_properties |= DOMAIN_PASSWORD_COMPLEX;
2737                         }
2738
2739                         break;
2740                 case 0x02:
2741
2742                         become_root();
2743
2744                         /* AS ROOT !!! */
2745
2746                         dom_info->general.num_users     = count_sam_users(
2747                                 dinfo->disp_info, ACB_NORMAL);
2748                         dom_info->general.num_groups    = count_sam_groups(
2749                                 dinfo->disp_info);
2750                         dom_info->general.num_aliases   = count_sam_aliases(
2751                                 dinfo->disp_info);
2752
2753                         pdb_get_account_policy(AP_TIME_TO_LOGOUT, &u_logout);
2754
2755                         unix_to_nt_time_abs(&dom_info->general.force_logoff_time, u_logout);
2756
2757                         if (!pdb_get_seq_num(&seq_num))
2758                                 seq_num = time(NULL);
2759
2760                         /* !AS ROOT */
2761
2762                         unbecome_root();
2763
2764                         server_role = ROLE_DOMAIN_PDC;
2765                         if (lp_server_role() == ROLE_DOMAIN_BDC)
2766                                 server_role = ROLE_DOMAIN_BDC;
2767
2768                         dom_info->general.oem_information.string        = lp_serverstring();
2769                         dom_info->general.domain_name.string            = lp_workgroup();
2770                         dom_info->general.primary.string                = global_myname();
2771                         dom_info->general.sequence_num                  = seq_num;
2772                         dom_info->general.domain_server_state           = DOMAIN_SERVER_ENABLED;
2773                         dom_info->general.role                          = server_role;
2774                         dom_info->general.unknown3                      = 1;
2775
2776                         break;
2777                 case 0x03:
2778
2779                         become_root();
2780
2781                         /* AS ROOT !!! */
2782
2783                         {
2784                                 uint32 ul;
2785                                 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul);
2786                                 u_logout = (time_t)ul;
2787                         }
2788
2789                         /* !AS ROOT */
2790
2791                         unbecome_root();
2792
2793                         unix_to_nt_time_abs(&dom_info->info3.force_logoff_time, u_logout);
2794
2795                         break;
2796                 case 0x04:
2797                         dom_info->oem.oem_information.string = lp_serverstring();
2798                         break;
2799                 case 0x05:
2800                         dom_info->info5.domain_name.string = get_global_sam_name();
2801                         break;
2802                 case 0x06:
2803                         /* NT returns its own name when a PDC. win2k and later
2804                          * only the name of the PDC if itself is a BDC (samba4
2805                          * idl) */
2806                         dom_info->info6.primary.string = global_myname();
2807                         break;
2808                 case 0x07:
2809                         server_role = ROLE_DOMAIN_PDC;
2810                         if (lp_server_role() == ROLE_DOMAIN_BDC)
2811                                 server_role = ROLE_DOMAIN_BDC;
2812
2813                         dom_info->info7.role = server_role;
2814                         break;
2815                 case 0x08:
2816
2817                         become_root();
2818
2819                         /* AS ROOT !!! */
2820
2821                         if (!pdb_get_seq_num(&seq_num)) {
2822                                 seq_num = time(NULL);
2823                         }
2824
2825                         /* !AS ROOT */
2826
2827                         unbecome_root();
2828
2829                         dom_info->info8.sequence_num = seq_num;
2830                         dom_info->info8.domain_create_time = 0;
2831
2832                         break;
2833                 case 0x0c:
2834
2835                         become_root();
2836
2837                         /* AS ROOT !!! */
2838
2839                         pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp);
2840                         u_lock_duration = account_policy_temp;
2841                         if (u_lock_duration != -1) {
2842                                 u_lock_duration *= 60;
2843                         }
2844
2845                         pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp);
2846                         u_reset_time = account_policy_temp * 60;
2847
2848                         pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT,
2849                                                &account_policy_temp);
2850                         dom_info->info12.lockout_threshold = account_policy_temp;
2851
2852                         /* !AS ROOT */
2853
2854                         unbecome_root();
2855
2856                         unix_to_nt_time_abs(&dom_info->info12.lockout_duration,
2857                                             u_lock_duration);
2858                         unix_to_nt_time_abs(&dom_info->info12.lockout_window,
2859                                             u_reset_time);
2860
2861                         break;
2862                 default:
2863                         return NT_STATUS_INVALID_INFO_CLASS;
2864         }
2865
2866         *r->out.info = dom_info;
2867
2868         DEBUG(5,("_samr_QueryDomainInfo: %d\n", __LINE__));
2869
2870         return status;
2871 }
2872
2873 /* W2k3 seems to use the same check for all 3 objects that can be created via
2874  * SAMR, if you try to create for example "Dialup" as an alias it says
2875  * "NT_STATUS_USER_EXISTS". This is racy, but we can't really lock the user
2876  * database. */
2877
2878 static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name)
2879 {
2880         enum lsa_SidType type;
2881         bool result;
2882
2883         DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
2884
2885         become_root();
2886         /* Lookup in our local databases (LOOKUP_NAME_REMOTE not set)
2887          * whether the name already exists */
2888         result = lookup_name(mem_ctx, new_name, LOOKUP_NAME_LOCAL,
2889                              NULL, NULL, NULL, &type);
2890         unbecome_root();
2891
2892         if (!result) {
2893                 DEBUG(10, ("%s does not exist, can create it\n", new_name));
2894                 return NT_STATUS_OK;
2895         }
2896
2897         DEBUG(5, ("trying to create %s, exists as %s\n",
2898                   new_name, sid_type_lookup(type)));
2899
2900         if (type == SID_NAME_DOM_GRP) {
2901                 return NT_STATUS_GROUP_EXISTS;
2902         }
2903         if (type == SID_NAME_ALIAS) {
2904                 return NT_STATUS_ALIAS_EXISTS;
2905         }
2906
2907         /* Yes, the default is NT_STATUS_USER_EXISTS */
2908         return NT_STATUS_USER_EXISTS;
2909 }
2910
2911 /*******************************************************************
2912  _samr_CreateUser2
2913  ********************************************************************/
2914
2915 NTSTATUS _samr_CreateUser2(pipes_struct *p,
2916                            struct samr_CreateUser2 *r)
2917 {
2918         const char *account = NULL;
2919         DOM_SID sid;
2920         uint32_t acb_info = r->in.acct_flags;
2921         struct samr_domain_info *dinfo;
2922         struct samr_user_info *uinfo;
2923         NTSTATUS nt_status;
2924         uint32 acc_granted;
2925         SEC_DESC *psd;
2926         size_t    sd_size;
2927         /* check this, when giving away 'add computer to domain' privs */
2928         uint32    des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
2929         bool can_add_account = False;
2930         SE_PRIV se_rights;
2931
2932         dinfo = policy_handle_find(p, r->in.domain_handle,
2933                                    SAMR_DOMAIN_ACCESS_CREATE_USER, NULL,
2934                                    struct samr_domain_info, &nt_status);
2935         if (!NT_STATUS_IS_OK(nt_status)) {
2936                 return nt_status;
2937         }
2938
2939         if (sid_check_is_builtin(&dinfo->sid)) {
2940                 DEBUG(5,("_samr_CreateUser2: Refusing user create in BUILTIN\n"));
2941                 return NT_STATUS_ACCESS_DENIED;
2942         }
2943
2944         if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST ||
2945               acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) {
2946                 /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if
2947                    this parameter is not an account type */
2948                 return NT_STATUS_INVALID_PARAMETER;
2949         }
2950
2951         account = r->in.account_name->string;
2952         if (account == NULL) {
2953                 return NT_STATUS_NO_MEMORY;
2954         }
2955
2956         nt_status = can_create(p->mem_ctx, account);
2957         if (!NT_STATUS_IS_OK(nt_status)) {
2958                 return nt_status;
2959         }
2960
2961         /* determine which user right we need to check based on the acb_info */
2962
2963         if ( acb_info & ACB_WSTRUST )
2964         {
2965                 se_priv_copy( &se_rights, &se_machine_account );
2966                 can_add_account = user_has_privileges(
2967                         p->server_info->ptok, &se_rights );
2968         }
2969         /* usrmgr.exe (and net rpc trustdom grant) creates a normal user
2970            account for domain trusts and changes the ACB flags later */
2971         else if ( acb_info & ACB_NORMAL &&
2972                   (account[strlen(account)-1] != '$') )
2973         {
2974                 se_priv_copy( &se_rights, &se_add_users );
2975                 can_add_account = user_has_privileges(
2976                         p->server_info->ptok, &se_rights );
2977         }
2978         else    /* implicit assumption of a BDC or domain trust account here
2979                  * (we already check the flags earlier) */
2980         {
2981                 if ( lp_enable_privileges() ) {
2982                         /* only Domain Admins can add a BDC or domain trust */
2983                         se_priv_copy( &se_rights, &se_priv_none );
2984                         can_add_account = nt_token_check_domain_rid(
2985                                 p->server_info->ptok,
2986                                 DOMAIN_GROUP_RID_ADMINS );
2987                 }
2988         }
2989
2990         DEBUG(5, ("_samr_CreateUser2: %s can add this account : %s\n",
2991                   uidtoname(p->server_info->utok.uid),
2992                   can_add_account ? "True":"False" ));
2993
2994         /********** BEGIN Admin BLOCK **********/
2995
2996         if ( can_add_account )
2997                 become_root();
2998
2999         nt_status = pdb_create_user(p->mem_ctx, account, acb_info,
3000                                     r->out.rid);
3001
3002         if ( can_add_account )
3003                 unbecome_root();
3004
3005         /********** END Admin BLOCK **********/
3006
3007         /* now check for failure */
3008
3009         if ( !NT_STATUS_IS_OK(nt_status) )
3010                 return nt_status;
3011
3012         /* Get the user's SID */
3013
3014         sid_compose(&sid, get_global_sam_sid(), *r->out.rid);
3015
3016         map_max_allowed_access(p->server_info->ptok, &des_access);
3017
3018         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
3019                             &sid, SAMR_USR_RIGHTS_WRITE_PW);
3020         se_map_generic(&des_access, &usr_generic_mapping);
3021
3022         nt_status = access_check_samr_object(psd, p->server_info->ptok,
3023                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
3024                 &acc_granted, "_samr_CreateUser2");
3025
3026         if ( !NT_STATUS_IS_OK(nt_status) ) {
3027                 return nt_status;
3028         }
3029
3030         uinfo = policy_handle_create(p, r->out.user_handle, acc_granted,
3031                                      struct samr_user_info, &nt_status);
3032         if (!NT_STATUS_IS_OK(nt_status)) {
3033                 return nt_status;
3034         }
3035         uinfo->sid = sid;
3036
3037         /* After a "set" ensure we have no cached display info. */
3038         force_flush_samr_cache(&sid);
3039
3040         *r->out.access_granted = acc_granted;
3041
3042         return NT_STATUS_OK;
3043 }
3044
3045 /****************************************************************
3046 ****************************************************************/
3047
3048 NTSTATUS _samr_CreateUser(pipes_struct *p,
3049                           struct samr_CreateUser *r)
3050 {
3051         struct samr_CreateUser2 c;
3052         uint32_t access_granted;
3053
3054         c.in.domain_handle      = r->in.domain_handle;
3055         c.in.account_name       = r->in.account_name;
3056         c.in.acct_flags         = ACB_NORMAL;
3057         c.in.access_mask        = r->in.access_mask;
3058         c.out.user_handle       = r->out.user_handle;
3059         c.out.access_granted    = &access_granted;
3060         c.out.rid               = r->out.rid;
3061
3062         return _samr_CreateUser2(p, &c);
3063 }
3064
3065 /*******************************************************************
3066  _samr_Connect
3067  ********************************************************************/
3068
3069 NTSTATUS _samr_Connect(pipes_struct *p,
3070                        struct samr_Connect *r)
3071 {
3072         struct samr_connect_info *info;
3073         uint32_t acc_granted;
3074         struct policy_handle hnd;
3075         uint32    des_access = r->in.access_mask;
3076         NTSTATUS status;
3077
3078         /* Access check */
3079
3080         if (!pipe_access_check(p)) {
3081                 DEBUG(3, ("access denied to _samr_Connect\n"));
3082                 return NT_STATUS_ACCESS_DENIED;
3083         }
3084
3085         /* don't give away the farm but this is probably ok.  The SAMR_ACCESS_ENUM_DOMAINS
3086            was observed from a win98 client trying to enumerate users (when configured
3087            user level access control on shares)   --jerry */
3088
3089         map_max_allowed_access(p->server_info->ptok, &des_access);
3090
3091         se_map_generic( &des_access, &sam_generic_mapping );
3092
3093         acc_granted = des_access & (SAMR_ACCESS_ENUM_DOMAINS
3094                                     |SAMR_ACCESS_LOOKUP_DOMAIN);
3095
3096         /* set up the SAMR connect_anon response */
3097
3098         info = policy_handle_create(p, &hnd, acc_granted,
3099                                     struct samr_connect_info,
3100                                     &status);
3101         if (!NT_STATUS_IS_OK(status)) {
3102                 return status;
3103         }
3104
3105         *r->out.connect_handle = hnd;
3106         return NT_STATUS_OK;
3107 }
3108
3109 /*******************************************************************
3110  _samr_Connect2
3111  ********************************************************************/
3112
3113 NTSTATUS _samr_Connect2(pipes_struct *p,
3114                         struct samr_Connect2 *r)
3115 {
3116         struct samr_connect_info *info = NULL;
3117         struct policy_handle hnd;
3118         SEC_DESC *psd = NULL;
3119         uint32    acc_granted;
3120         uint32    des_access = r->in.access_mask;
3121         NTSTATUS  nt_status;
3122         size_t    sd_size;
3123         const char *fn = "_samr_Connect2";
3124
3125         switch (p->hdr_req.opnum) {
3126         case NDR_SAMR_CONNECT2:
3127                 fn = "_samr_Connect2";
3128                 break;
3129         case NDR_SAMR_CONNECT3:
3130                 fn = "_samr_Connect3";
3131                 break;
3132         case NDR_SAMR_CONNECT4:
3133                 fn = "_samr_Connect4";
3134                 break;
3135         case NDR_SAMR_CONNECT5:
3136                 fn = "_samr_Connect5";
3137                 break;
3138         }
3139
3140         DEBUG(5,("%s: %d\n", fn, __LINE__));
3141
3142         /* Access check */
3143
3144         if (!pipe_access_check(p)) {
3145                 DEBUG(3, ("access denied to %s\n", fn));
3146                 return NT_STATUS_ACCESS_DENIED;
3147         }
3148
3149         map_max_allowed_access(p->server_info->ptok, &des_access);
3150
3151         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
3152         se_map_generic(&des_access, &sam_generic_mapping);
3153
3154         nt_status = access_check_samr_object(psd, p->server_info->ptok,
3155                 NULL, 0, des_access, &acc_granted, fn);
3156
3157         if ( !NT_STATUS_IS_OK(nt_status) )
3158                 return nt_status;
3159
3160         info = policy_handle_create(p, &hnd, acc_granted,
3161                                     struct samr_connect_info, &nt_status);
3162         if (!NT_STATUS_IS_OK(nt_status)) {
3163                 return nt_status;
3164         }
3165
3166         DEBUG(5,("%s: %d\n", fn, __LINE__));
3167
3168         *r->out.connect_handle = hnd;
3169         return NT_STATUS_OK;
3170 }
3171
3172 /****************************************************************
3173  _samr_Connect3
3174 ****************************************************************/
3175
3176 NTSTATUS _samr_Connect3(pipes_struct *p,
3177                         struct samr_Connect3 *r)
3178 {
3179         struct samr_Connect2 c;
3180
3181         c.in.system_name        = r->in.system_name;
3182         c.in.access_mask        = r->in.access_mask;
3183         c.out.connect_handle    = r->out.connect_handle;
3184
3185         return _samr_Connect2(p, &c);
3186 }
3187
3188 /*******************************************************************
3189  _samr_Connect4
3190  ********************************************************************/
3191
3192 NTSTATUS _samr_Connect4(pipes_struct *p,
3193                         struct samr_Connect4 *r)
3194 {
3195         struct samr_Connect2 c;
3196
3197         c.in.system_name        = r->in.system_name;
3198         c.in.access_mask        = r->in.access_mask;
3199         c.out.connect_handle    = r->out.connect_handle;
3200
3201         return _samr_Connect2(p, &c);
3202 }
3203
3204 /*******************************************************************
3205  _samr_Connect5
3206  ********************************************************************/
3207
3208 NTSTATUS _samr_Connect5(pipes_struct *p,
3209                         struct samr_Connect5 *r)
3210 {
3211         NTSTATUS status;
3212         struct samr_Connect2 c;
3213         struct samr_ConnectInfo1 info1;
3214
3215         info1.client_version = SAMR_CONNECT_AFTER_W2K;
3216         info1.unknown2 = 0;
3217
3218         c.in.system_name        = r->in.system_name;
3219         c.in.access_mask        = r->in.access_mask;
3220         c.out.connect_handle    = r->out.connect_handle;
3221
3222         *r->out.level_out = 1;
3223
3224         status = _samr_Connect2(p, &c);
3225         if (!NT_STATUS_IS_OK(status)) {
3226                 return status;
3227         }
3228
3229         r->out.info_out->info1 = info1;
3230
3231         return NT_STATUS_OK;
3232 }
3233
3234 /**********************************************************************
3235  _samr_LookupDomain
3236  **********************************************************************/
3237
3238 NTSTATUS _samr_LookupDomain(pipes_struct *p,
3239                             struct samr_LookupDomain *r)
3240 {
3241         NTSTATUS status;
3242         struct samr_connect_info *info;
3243         const char *domain_name;
3244         DOM_SID *sid = NULL;
3245
3246         /* win9x user manager likes to use SAMR_ACCESS_ENUM_DOMAINS here.
3247            Reverted that change so we will work with RAS servers again */
3248
3249         info = policy_handle_find(p, r->in.connect_handle,
3250                                   SAMR_ACCESS_LOOKUP_DOMAIN, NULL,
3251                                   struct samr_connect_info,
3252                                   &status);
3253         if (!NT_STATUS_IS_OK(status)) {
3254                 return status;
3255         }
3256
3257         domain_name = r->in.domain_name->string;
3258         if (!domain_name) {
3259                 return NT_STATUS_INVALID_PARAMETER;
3260         }
3261
3262         sid = TALLOC_ZERO_P(p->mem_ctx, struct dom_sid2);
3263         if (!sid) {
3264                 return NT_STATUS_NO_MEMORY;
3265         }
3266
3267         if (strequal(domain_name, builtin_domain_name())) {
3268                 sid_copy(sid, &global_sid_Builtin);
3269         } else {
3270                 if (!secrets_fetch_domain_sid(domain_name, sid)) {
3271                         status = NT_STATUS_NO_SUCH_DOMAIN;
3272                 }
3273         }
3274
3275         DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name,
3276                  sid_string_dbg(sid)));
3277
3278         *r->out.sid = sid;
3279
3280         return status;
3281 }
3282
3283 /**********************************************************************
3284  _samr_EnumDomains
3285  **********************************************************************/
3286
3287 NTSTATUS _samr_EnumDomains(pipes_struct *p,
3288                            struct samr_EnumDomains *r)
3289 {
3290         NTSTATUS status;
3291         struct samr_connect_info *info;
3292         uint32_t num_entries = 2;
3293         struct samr_SamEntry *entry_array = NULL;
3294         struct samr_SamArray *sam;
3295
3296         info = policy_handle_find(p, r->in.connect_handle,
3297                                   SAMR_ACCESS_ENUM_DOMAINS, NULL,
3298                                   struct samr_connect_info, &status);
3299         if (!NT_STATUS_IS_OK(status)) {
3300                 return status;
3301         }
3302
3303         sam = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
3304         if (!sam) {
3305                 return NT_STATUS_NO_MEMORY;
3306         }
3307
3308         entry_array = TALLOC_ZERO_ARRAY(p->mem_ctx,
3309                                         struct samr_SamEntry,
3310                                         num_entries);
3311         if (!entry_array) {
3312                 return NT_STATUS_NO_MEMORY;
3313         }
3314
3315         entry_array[0].idx = 0;
3316         init_lsa_String(&entry_array[0].name, get_global_sam_name());
3317
3318         entry_array[1].idx = 1;
3319         init_lsa_String(&entry_array[1].name, "Builtin");
3320
3321         sam->count = num_entries;
3322         sam->entries = entry_array;
3323
3324         *r->out.sam = sam;
3325         *r->out.num_entries = num_entries;
3326
3327         return status;
3328 }
3329
3330 /*******************************************************************
3331  _samr_OpenAlias
3332  ********************************************************************/
3333
3334 NTSTATUS _samr_OpenAlias(pipes_struct *p,
3335                          struct samr_OpenAlias *r)
3336 {
3337         DOM_SID sid;
3338         uint32 alias_rid = r->in.rid;
3339         struct samr_alias_info *ainfo;
3340         struct samr_domain_info *dinfo;
3341         SEC_DESC *psd = NULL;
3342         uint32    acc_granted;
3343         uint32    des_access = r->in.access_mask;
3344         size_t    sd_size;
3345         NTSTATUS  status;
3346         SE_PRIV se_rights;
3347
3348         dinfo = policy_handle_find(p, r->in.domain_handle,
3349                                    SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
3350                                    struct samr_domain_info, &status);
3351         if (!NT_STATUS_IS_OK(status)) {
3352                 return status;
3353         }
3354
3355         /* append the alias' RID to it */
3356
3357         if (!sid_compose(&sid, &dinfo->sid, alias_rid))
3358                 return NT_STATUS_NO_SUCH_ALIAS;
3359
3360         /*check if access can be granted as requested by client. */
3361
3362         map_max_allowed_access(p->server_info->ptok, &des_access);
3363
3364         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0);
3365         se_map_generic(&des_access,&ali_generic_mapping);
3366
3367         se_priv_copy( &se_rights, &se_add_users );
3368
3369
3370         status = access_check_samr_object(psd, p->server_info->ptok,
3371                 &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access,
3372                 &acc_granted, "_samr_OpenAlias");
3373
3374         if ( !NT_STATUS_IS_OK(status) )
3375                 return status;
3376
3377         {
3378                 /* Check we actually have the requested alias */
3379                 enum lsa_SidType type;
3380                 bool result;
3381                 gid_t gid;
3382
3383                 become_root();
3384                 result = lookup_sid(NULL, &sid, NULL, NULL, &type);
3385                 unbecome_root();
3386
3387                 if (!result || (type != SID_NAME_ALIAS)) {
3388                         return NT_STATUS_NO_SUCH_ALIAS;
3389                 }
3390
3391                 /* make sure there is a mapping */
3392
3393                 if ( !sid_to_gid( &sid, &gid ) ) {
3394                         return NT_STATUS_NO_SUCH_ALIAS;
3395                 }
3396
3397         }
3398
3399         ainfo = policy_handle_create(p, r->out.alias_handle, acc_granted,
3400                                      struct samr_alias_info, &status);
3401         if (!NT_STATUS_IS_OK(status)) {
3402                 return status;
3403         }
3404         ainfo->sid = sid;
3405
3406         return NT_STATUS_OK;
3407 }
3408
3409 /*******************************************************************
3410  set_user_info_7
3411  ********************************************************************/
3412
3413 static NTSTATUS set_user_info_7(TALLOC_CTX *mem_ctx,
3414                                 struct samr_UserInfo7 *id7,
3415                                 struct samu *pwd)
3416 {
3417         NTSTATUS rc;
3418
3419         if (id7 == NULL) {
3420                 DEBUG(5, ("set_user_info_7: NULL id7\n"));
3421                 return NT_STATUS_ACCESS_DENIED;
3422         }
3423
3424         if (!id7->account_name.string) {
3425                 DEBUG(5, ("set_user_info_7: failed to get new username\n"));
3426                 return NT_STATUS_ACCESS_DENIED;
3427         }
3428
3429         /* check to see if the new username already exists.  Note: we can't
3430            reliably lock all backends, so there is potentially the
3431            possibility that a user can be created in between this check and
3432            the rename.  The rename should fail, but may not get the
3433            exact same failure status code.  I think this is small enough
3434            of a window for this type of operation and the results are
3435            simply that the rename fails with a slightly different status
3436            code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */
3437
3438         rc = can_create(mem_ctx, id7->account_name.string);
3439         if (!NT_STATUS_IS_OK(rc)) {
3440                 return rc;
3441         }
3442
3443         rc = pdb_rename_sam_account(pwd, id7->account_name.string);
3444
3445         return rc;
3446 }
3447
3448 /*******************************************************************
3449  set_user_info_16
3450  ********************************************************************/
3451
3452 static bool set_user_info_16(struct samr_UserInfo16 *id16,
3453                              struct samu *pwd)
3454 {
3455         if (id16 == NULL) {
3456                 DEBUG(5, ("set_user_info_16: NULL id16\n"));
3457                 return False;
3458         }
3459
3460         /* FIX ME: check if the value is really changed --metze */
3461         if (!pdb_set_acct_ctrl(pwd, id16->acct_flags, PDB_CHANGED)) {
3462                 return False;
3463         }
3464
3465         if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
3466                 return False;
3467         }
3468
3469         return True;
3470 }
3471
3472 /*******************************************************************
3473  set_user_info_18
3474  ********************************************************************/
3475
3476 static NTSTATUS set_user_info_18(struct samr_UserInfo18 *id18,
3477                                  TALLOC_CTX *mem_ctx,
3478                                  DATA_BLOB *session_key,
3479                                  struct samu *pwd)
3480 {
3481         if (id18 == NULL) {
3482                 DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
3483                 return NT_STATUS_INVALID_PARAMETER;
3484         }
3485
3486         if (id18->nt_pwd_active || id18->lm_pwd_active) {
3487                 if (!session_key->length) {
3488                         return NT_STATUS_NO_USER_SESSION_KEY;
3489                 }
3490         }
3491
3492         if (id18->nt_pwd_active) {
3493
3494                 DATA_BLOB in, out;
3495
3496                 in = data_blob_const(id18->nt_pwd.hash, 16);
3497                 out = data_blob_talloc_zero(mem_ctx, 16);
3498
3499                 sess_crypt_blob(&out, &in, session_key, false);
3500
3501                 if (!pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED)) {
3502                         return NT_STATUS_ACCESS_DENIED;
3503                 }
3504
3505                 pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
3506         }
3507
3508         if (id18->lm_pwd_active) {
3509
3510                 DATA_BLOB in, out;
3511
3512                 in = data_blob_const(id18->lm_pwd.hash, 16);
3513                 out = data_blob_talloc_zero(mem_ctx, 16);
3514
3515                 sess_crypt_blob(&out, &in, session_key, false);
3516
3517                 if (!pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED)) {
3518                         return NT_STATUS_ACCESS_DENIED;
3519                 }
3520
3521                 pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
3522         }
3523
3524         copy_id18_to_sam_passwd(pwd, id18);
3525
3526         return pdb_update_sam_account(pwd);
3527 }
3528
3529 /*******************************************************************
3530  set_user_info_20
3531  ********************************************************************/
3532
3533 static bool set_user_info_20(struct samr_UserInfo20 *id20,
3534                              struct samu *pwd)
3535 {
3536         if (id20 == NULL) {
3537                 DEBUG(5, ("set_user_info_20: NULL id20\n"));
3538                 return False;
3539         }
3540
3541         copy_id20_to_sam_passwd(pwd, id20);
3542
3543         /* write the change out */
3544         if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
3545                 return False;
3546         }
3547
3548         return True;
3549 }
3550
3551 /*******************************************************************
3552  set_user_info_21
3553  ********************************************************************/
3554
3555 static NTSTATUS set_user_info_21(struct samr_UserInfo21 *id21,
3556                                  TALLOC_CTX *mem_ctx,
3557                                  DATA_BLOB *session_key,
3558                                  struct samu *pwd)
3559 {
3560         NTSTATUS status;
3561
3562         if (id21 == NULL) {
3563                 DEBUG(5, ("set_user_info_21: NULL id21\n"));
3564                 return NT_STATUS_INVALID_PARAMETER;
3565         }
3566
3567         if (id21->fields_present == 0) {
3568                 return NT_STATUS_INVALID_PARAMETER;
3569         }
3570
3571         if (id21->fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
3572                 return NT_STATUS_ACCESS_DENIED;
3573         }
3574
3575         if (id21->fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) {
3576                 if (id21->nt_password_set) {
3577                         DATA_BLOB in, out;
3578
3579                         if ((id21->nt_owf_password.length != 16) ||
3580                             (id21->nt_owf_password.size != 16)) {
3581                                 return NT_STATUS_INVALID_PARAMETER;
3582                         }
3583
3584                         if (!session_key->length) {
3585                                 return NT_STATUS_NO_USER_SESSION_KEY;
3586                         }
3587
3588                         in = data_blob_const(id21->nt_owf_password.array, 16);
3589                         out = data_blob_talloc_zero(mem_ctx, 16);
3590
3591                         sess_crypt_blob(&out, &in, session_key, false);
3592
3593                         pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED);
3594                         pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
3595                 }
3596         }
3597
3598         if (id21->fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) {
3599                 if (id21->lm_password_set) {
3600                         DATA_BLOB in, out;
3601
3602                         if ((id21->lm_owf_password.length != 16) ||
3603                             (id21->lm_owf_password.size != 16)) {
3604                                 return NT_STATUS_INVALID_PARAMETER;
3605                         }
3606
3607                         if (!session_key->length) {
3608                                 return NT_STATUS_NO_USER_SESSION_KEY;
3609                         }
3610
3611                         in = data_blob_const(id21->lm_owf_password.array, 16);
3612                         out = data_blob_talloc_zero(mem_ctx, 16);
3613
3614                         sess_crypt_blob(&out, &in, session_key, false);
3615
3616                         pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED);
3617                         pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
3618                 }
3619         }
3620
3621         /* we need to separately check for an account rename first */
3622
3623         if (id21->account_name.string &&
3624             (!strequal(id21->account_name.string, pdb_get_username(pwd))))
3625         {
3626
3627                 /* check to see if the new username already exists.  Note: we can't
3628                    reliably lock all backends, so there is potentially the
3629                    possibility that a user can be created in between this check and
3630                    the rename.  The rename should fail, but may not get the
3631                    exact same failure status code.  I think this is small enough
3632                    of a window for this type of operation and the results are
3633                    simply that the rename fails with a slightly different status
3634                    code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */
3635
3636                 status = can_create(mem_ctx, id21->account_name.string);
3637                 if (!NT_STATUS_IS_OK(status)) {
3638                         return status;
3639                 }
3640
3641                 status = pdb_rename_sam_account(pwd, id21->account_name.string);
3642
3643                 if (!NT_STATUS_IS_OK(status)) {
3644                         DEBUG(0,("set_user_info_21: failed to rename account: %s\n",
3645                                 nt_errstr(status)));
3646                         return status;
3647                 }
3648
3649                 /* set the new username so that later
3650                    functions can work on the new account */
3651                 pdb_set_username(pwd, id21->account_name.string, PDB_SET);
3652         }
3653
3654         copy_id21_to_sam_passwd("INFO_21", pwd, id21);
3655
3656         /*
3657          * The funny part about the previous two calls is
3658          * that pwd still has the password hashes from the
3659          * passdb entry.  These have not been updated from
3660          * id21.  I don't know if they need to be set.    --jerry
3661          */
3662
3663         if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
3664                 status = pdb_set_unix_primary_group(mem_ctx, pwd);
3665                 if ( !NT_STATUS_IS_OK(status) ) {
3666                         return status;
3667                 }
3668         }
3669
3670         /* Don't worry about writing out the user account since the
3671            primary group SID is generated solely from the user's Unix
3672            primary group. */
3673
3674         /* write the change out */
3675         if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
3676                 return status;
3677         }
3678
3679         return NT_STATUS_OK;
3680 }
3681
3682 /*******************************************************************
3683  set_user_info_23
3684  ********************************************************************/
3685
3686 static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx,
3687                                  struct samr_UserInfo23 *id23,
3688                                  struct samu *pwd)
3689 {
3690         char *plaintext_buf = NULL;
3691         size_t len = 0;
3692         uint32_t acct_ctrl;
3693         NTSTATUS status;
3694
3695         if (id23 == NULL) {
3696                 DEBUG(5, ("set_user_info_23: NULL id23\n"));
3697                 return NT_STATUS_INVALID_PARAMETER;
3698         }
3699
3700         if (id23->info.fields_present == 0) {
3701                 return NT_STATUS_INVALID_PARAMETER;
3702         }
3703
3704         if (id23->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
3705                 return NT_STATUS_ACCESS_DENIED;
3706         }
3707
3708         if ((id23->info.fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
3709             (id23->info.fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)) {
3710
3711                 DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
3712                           pdb_get_username(pwd)));
3713
3714                 if (!decode_pw_buffer(mem_ctx,
3715                                       id23->password.data,
3716                                       &plaintext_buf,
3717                                       &len,
3718                                       CH_UTF16)) {
3719                         return NT_STATUS_WRONG_PASSWORD;
3720                 }
3721
3722                 if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
3723                         return NT_STATUS_ACCESS_DENIED;
3724                 }
3725         }
3726
3727         copy_id23_to_sam_passwd(pwd, id23);
3728
3729         acct_ctrl = pdb_get_acct_ctrl(pwd);
3730
3731         /* if it's a trust account, don't update /etc/passwd */
3732         if (    ( (acct_ctrl &  ACB_DOMTRUST) == ACB_DOMTRUST ) ||
3733                 ( (acct_ctrl &  ACB_WSTRUST) ==  ACB_WSTRUST) ||
3734                 ( (acct_ctrl &  ACB_SVRTRUST) ==  ACB_SVRTRUST) ) {
3735                 DEBUG(5, ("Changing trust account.  Not updating /etc/passwd\n"));
3736         } else if (plaintext_buf) {
3737                 /* update the UNIX password */
3738                 if (lp_unix_password_sync() ) {
3739                         struct passwd *passwd;
3740                         if (pdb_get_username(pwd) == NULL) {
3741                                 DEBUG(1, ("chgpasswd: User without name???\n"));
3742                                 return NT_STATUS_ACCESS_DENIED;
3743                         }
3744
3745                         passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd));
3746                         if (passwd == NULL) {
3747                                 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
3748                         }
3749
3750                         if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) {
3751                                 return NT_STATUS_ACCESS_DENIED;
3752                         }
3753                         TALLOC_FREE(passwd);
3754                 }
3755         }
3756
3757         if (plaintext_buf) {
3758                 memset(plaintext_buf, '\0', strlen(plaintext_buf));
3759         }
3760
3761         if (IS_SAM_CHANGED(pwd, PDB_GROUPSID) &&
3762             (!NT_STATUS_IS_OK(status =  pdb_set_unix_primary_group(mem_ctx,
3763                                                                    pwd)))) {
3764                 return status;
3765         }
3766
3767         if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
3768                 return status;
3769         }
3770
3771         return NT_STATUS_OK;
3772 }
3773
3774 /*******************************************************************
3775  set_user_info_pw
3776  ********************************************************************/
3777
3778 static bool set_user_info_pw(uint8 *pass, struct samu *pwd)
3779 {
3780         size_t len = 0;
3781         char *plaintext_buf = NULL;
3782         uint32 acct_ctrl;
3783
3784         DEBUG(5, ("Attempting administrator password change for user %s\n",
3785                   pdb_get_username(pwd)));
3786
3787         acct_ctrl = pdb_get_acct_ctrl(pwd);
3788
3789         if (!decode_pw_buffer(talloc_tos(),
3790                                 pass,
3791                                 &plaintext_buf,
3792                                 &len,
3793                                 CH_UTF16)) {
3794                 return False;
3795         }
3796
3797         if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
3798                 return False;
3799         }
3800
3801         /* if it's a trust account, don't update /etc/passwd */
3802         if ( ( (acct_ctrl &  ACB_DOMTRUST) == ACB_DOMTRUST ) ||
3803                 ( (acct_ctrl &  ACB_WSTRUST) ==  ACB_WSTRUST) ||
3804                 ( (acct_ctrl &  ACB_SVRTRUST) ==  ACB_SVRTRUST) ) {
3805                 DEBUG(5, ("Changing trust account or non-unix-user password, not updating /etc/passwd\n"));
3806         } else {
3807                 /* update the UNIX password */
3808                 if (lp_unix_password_sync()) {
3809                         struct passwd *passwd;
3810
3811                         if (pdb_get_username(pwd) == NULL) {
3812                                 DEBUG(1, ("chgpasswd: User without name???\n"));
3813                                 return False;
3814                         }
3815
3816                         passwd = Get_Pwnam_alloc(pwd, pdb_get_username(pwd));
3817                         if (passwd == NULL) {
3818                                 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
3819                         }
3820
3821                         if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) {
3822                                 return False;
3823                         }
3824                         TALLOC_FREE(passwd);
3825                 }
3826         }
3827
3828         memset(plaintext_buf, '\0', strlen(plaintext_buf));
3829
3830         DEBUG(5,("set_user_info_pw: pdb_update_pwd()\n"));
3831
3832         return True;
3833 }
3834
3835 /*******************************************************************
3836  set_user_info_24
3837  ********************************************************************/
3838
3839 static NTSTATUS set_user_info_24(TALLOC_CTX *mem_ctx,
3840                                  struct samr_UserInfo24 *id24,
3841                                  struct samu *pwd)
3842 {
3843         NTSTATUS status;
3844
3845         if (id24 == NULL) {
3846                 DEBUG(5, ("set_user_info_24: NULL id24\n"));
3847                 return NT_STATUS_INVALID_PARAMETER;
3848         }
3849
3850         if (!set_user_info_pw(id24->password.data, pwd)) {
3851                 return NT_STATUS_WRONG_PASSWORD;
3852         }
3853
3854         copy_id24_to_sam_passwd(pwd, id24);
3855
3856         status = pdb_update_sam_account(pwd);
3857         if (!NT_STATUS_IS_OK(status)) {
3858                 return status;
3859         }
3860
3861         return NT_STATUS_OK;
3862 }
3863
3864 /*******************************************************************
3865  set_user_info_25
3866  ********************************************************************/
3867
3868 static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx,
3869                                  struct samr_UserInfo25 *id25,
3870                                  struct samu *pwd)
3871 {
3872         NTSTATUS status;
3873
3874         if (id25 == NULL) {
3875                 DEBUG(5, ("set_user_info_25: NULL id25\n"));
3876                 return NT_STATUS_INVALID_PARAMETER;
3877         }
3878
3879         if (id25->info.fields_present == 0) {
3880                 return NT_STATUS_INVALID_PARAMETER;
3881         }
3882
3883         if (id25->info.fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
3884                 return NT_STATUS_ACCESS_DENIED;
3885         }
3886
3887         if ((id25->info.fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) ||
3888             (id25->info.fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT)) {
3889
3890                 if (!set_user_info_pw(id25->password.data, pwd)) {
3891                         return NT_STATUS_WRONG_PASSWORD;
3892                 }
3893         }
3894
3895         copy_id25_to_sam_passwd(pwd, id25);
3896
3897         /* write the change out */
3898         if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
3899                 return status;
3900         }
3901
3902         /*
3903          * We need to "pdb_update_sam_account" before the unix primary group
3904          * is set, because the idealx scripts would also change the
3905          * sambaPrimaryGroupSid using the ldap replace method. pdb_ldap uses
3906          * the delete explicit / add explicit, which would then fail to find
3907          * the previous primaryGroupSid value.
3908          */
3909
3910         if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
3911                 status = pdb_set_unix_primary_group(mem_ctx, pwd);
3912                 if ( !NT_STATUS_IS_OK(status) ) {
3913                         return status;
3914                 }
3915         }
3916
3917         return NT_STATUS_OK;
3918 }
3919
3920 /*******************************************************************
3921  set_user_info_26
3922  ********************************************************************/
3923
3924 static NTSTATUS set_user_info_26(TALLOC_CTX *mem_ctx,
3925                                  struct samr_UserInfo26 *id26,
3926                                  struct samu *pwd)
3927 {
3928         NTSTATUS status;
3929
3930         if (id26 == NULL) {
3931                 DEBUG(5, ("set_user_info_26: NULL id26\n"));
3932                 return NT_STATUS_INVALID_PARAMETER;
3933         }
3934
3935         if (!set_user_info_pw(id26->password.data, pwd)) {
3936                 return NT_STATUS_WRONG_PASSWORD;
3937         }
3938
3939         copy_id26_to_sam_passwd(pwd, id26);
3940
3941         status = pdb_update_sam_account(pwd);
3942         if (!NT_STATUS_IS_OK(status)) {
3943                 return status;
3944         }
3945
3946         return NT_STATUS_OK;
3947 }
3948
3949
3950 /*******************************************************************
3951  samr_SetUserInfo
3952  ********************************************************************/
3953
3954 NTSTATUS _samr_SetUserInfo(pipes_struct *p,
3955                            struct samr_SetUserInfo *r)
3956 {
3957         struct samr_user_info *uinfo;
3958         NTSTATUS status;
3959         struct samu *pwd = NULL;
3960         union samr_UserInfo *info = r->in.info;
3961         uint16_t switch_value = r->in.level;
3962         uint32_t acc_required;
3963         bool ret;
3964         bool has_enough_rights = False;
3965         uint32_t acb_info;
3966
3967         DEBUG(5,("_samr_SetUserInfo: %d\n", __LINE__));
3968
3969         /* This is tricky.  A WinXP domain join sets
3970           (SAMR_USER_ACCESS_SET_PASSWORD|SAMR_USER_ACCESS_SET_ATTRIBUTES|SAMR_USER_ACCESS_GET_ATTRIBUTES)
3971           The MMC lusrmgr plugin includes these perms and more in the SamrOpenUser().  But the
3972           standard Win32 API calls just ask for SAMR_USER_ACCESS_SET_PASSWORD in the SamrOpenUser().
3973           This should be enough for levels 18, 24, 25,& 26.  Info level 23 can set more so
3974           we'll use the set from the WinXP join as the basis. */
3975
3976         switch (switch_value) {
3977         case 18:
3978         case 24:
3979         case 25:
3980         case 26:
3981                 acc_required = SAMR_USER_ACCESS_SET_PASSWORD;
3982                 break;
3983         default:
3984                 acc_required = SAMR_USER_ACCESS_SET_PASSWORD |
3985                                SAMR_USER_ACCESS_SET_ATTRIBUTES |
3986                                SAMR_USER_ACCESS_GET_ATTRIBUTES;
3987                 break;
3988         }
3989
3990         uinfo = policy_handle_find(p, r->in.user_handle, acc_required, NULL,
3991                                    struct samr_user_info, &status);
3992         if (!NT_STATUS_IS_OK(status)) {
3993                 return status;
3994         }
3995
3996         DEBUG(5, ("_samr_SetUserInfo: sid:%s, level:%d\n",
3997                   sid_string_dbg(&uinfo->sid), switch_value));
3998
3999         if (info == NULL) {
4000                 DEBUG(5, ("_samr_SetUserInfo: NULL info level\n"));
4001                 return NT_STATUS_INVALID_INFO_CLASS;
4002         }
4003
4004         if (!(pwd = samu_new(NULL))) {
4005                 return NT_STATUS_NO_MEMORY;
4006         }
4007
4008         become_root();
4009         ret = pdb_getsampwsid(pwd, &uinfo->sid);
4010         unbecome_root();
4011
4012         if (!ret) {
4013                 TALLOC_FREE(pwd);
4014                 return NT_STATUS_NO_SUCH_USER;
4015         }
4016
4017         /* deal with machine password changes differently from userinfo changes */
4018         /* check to see if we have the sufficient rights */
4019
4020         acb_info = pdb_get_acct_ctrl(pwd);
4021         if (acb_info & ACB_WSTRUST)
4022                 has_enough_rights = user_has_privileges(p->server_info->ptok,
4023                                                         &se_machine_account);
4024         else if (acb_info & ACB_NORMAL)
4025                 has_enough_rights = user_has_privileges(p->server_info->ptok,
4026                                                         &se_add_users);
4027         else if (acb_info & (ACB_SVRTRUST|ACB_DOMTRUST)) {
4028                 if (lp_enable_privileges()) {
4029                         has_enough_rights = nt_token_check_domain_rid(p->server_info->ptok,
4030                                                                       DOMAIN_GROUP_RID_ADMINS);
4031                 }
4032         }
4033
4034         DEBUG(5, ("_samr_SetUserInfo: %s does%s possess sufficient rights\n",
4035                   uidtoname(p->server_info->utok.uid),
4036                   has_enough_rights ? "" : " not"));
4037
4038         /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */
4039
4040         if (has_enough_rights) {
4041                 become_root();
4042         }
4043
4044         /* ok!  user info levels (lots: see MSDEV help), off we go... */
4045
4046         switch (switch_value) {
4047
4048                 case 7:
4049                         status = set_user_info_7(p->mem_ctx,
4050                                                  &info->info7, pwd);
4051                         break;
4052
4053                 case 16:
4054                         if (!set_user_info_16(&info->info16, pwd)) {
4055                                 status = NT_STATUS_ACCESS_DENIED;
4056                         }
4057                         break;
4058
4059                 case 18:
4060                         /* Used by AS/U JRA. */
4061                         status = set_user_info_18(&info->info18,
4062                                                   p->mem_ctx,
4063                                                   &p->server_info->user_session_key,
4064                                                   pwd);
4065                         break;
4066
4067                 case 20:
4068                         if (!set_user_info_20(&info->info20, pwd)) {
4069                                 status = NT_STATUS_ACCESS_DENIED;
4070                         }
4071                         break;
4072
4073                 case 21:
4074                         status = set_user_info_21(&info->info21,
4075                                                   p->mem_ctx,
4076                                                   &p->server_info->user_session_key,
4077                                                   pwd);
4078                         break;
4079
4080                 case 23:
4081                         if (!p->server_info->user_session_key.length) {
4082                                 status = NT_STATUS_NO_USER_SESSION_KEY;
4083                         }
4084                         arcfour_crypt_blob(info->info23.password.data, 516,
4085                                            &p->server_info->user_session_key);
4086
4087                         dump_data(100, info->info23.password.data, 516);
4088
4089                         status = set_user_info_23(p->mem_ctx,
4090                                                   &info->info23, pwd);
4091                         break;
4092
4093                 case 24:
4094                         if (!p->server_info->user_session_key.length) {
4095                                 status = NT_STATUS_NO_USER_SESSION_KEY;
4096                         }
4097                         arcfour_crypt_blob(info->info24.password.data,
4098                                            516,
4099                                            &p->server_info->user_session_key);
4100
4101                         dump_data(100, info->info24.password.data, 516);
4102
4103                         status = set_user_info_24(p->mem_ctx,
4104                                                   &info->info24, pwd);
4105                         break;
4106
4107                 case 25:
4108                         if (!p->server_info->user_session_key.length) {
4109                                 status = NT_STATUS_NO_USER_SESSION_KEY;
4110                         }
4111                         encode_or_decode_arc4_passwd_buffer(
4112                                 info->info25.password.data,
4113                                 &p->server_info->user_session_key);
4114
4115                         dump_data(100, info->info25.password.data, 532);
4116
4117                         status = set_user_info_25(p->mem_ctx,
4118                                                   &info->info25, pwd);
4119                         break;
4120
4121                 case 26:
4122                         if (!p->server_info->user_session_key.length) {
4123                                 status = NT_STATUS_NO_USER_SESSION_KEY;
4124                         }
4125                         encode_or_decode_arc4_passwd_buffer(
4126                                 info->info26.password.data,
4127                                 &p->server_info->user_session_key);
4128
4129                         dump_data(100, info->info26.password.data, 516);
4130
4131                         status = set_user_info_26(p->mem_ctx,
4132                                                   &info->info26, pwd);
4133                         break;
4134
4135                 default:
4136                         status = NT_STATUS_INVALID_INFO_CLASS;
4137         }
4138
4139         TALLOC_FREE(pwd);
4140
4141         if (has_enough_rights) {
4142                 unbecome_root();
4143         }
4144
4145         /* ================ END SeMachineAccountPrivilege BLOCK ================ */
4146
4147         if (NT_STATUS_IS_OK(status)) {
4148                 force_flush_samr_cache(&uinfo->sid);
4149         }
4150
4151         return status;
4152 }
4153
4154 /*******************************************************************
4155  _samr_SetUserInfo2
4156  ********************************************************************/
4157
4158 NTSTATUS _samr_SetUserInfo2(pipes_struct *p,
4159                             struct samr_SetUserInfo2 *r)
4160 {
4161         struct samr_SetUserInfo q;
4162
4163         q.in.user_handle        = r->in.user_handle;
4164         q.in.level              = r->in.level;
4165         q.in.info               = r->in.info;
4166
4167         return _samr_SetUserInfo(p, &q);
4168 }
4169
4170 /*********************************************************************
4171  _samr_GetAliasMembership
4172 *********************************************************************/
4173
4174 NTSTATUS _samr_GetAliasMembership(pipes_struct *p,
4175                                   struct samr_GetAliasMembership *r)
4176 {
4177         size_t num_alias_rids;
4178         uint32 *alias_rids;
4179         struct samr_domain_info *dinfo;
4180         size_t i;
4181
4182         NTSTATUS status;
4183
4184         DOM_SID *members;
4185
4186         DEBUG(5,("_samr_GetAliasMembership: %d\n", __LINE__));
4187
4188         dinfo = policy_handle_find(p, r->in.domain_handle,
4189                                    SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
4190                                    | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
4191                                    struct samr_domain_info, &status);
4192         if (!NT_STATUS_IS_OK(status)) {
4193                 return status;
4194         }
4195
4196         if (!sid_check_is_domain(&dinfo->sid) &&
4197             !sid_check_is_builtin(&dinfo->sid))
4198                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
4199
4200         if (r->in.sids->num_sids) {
4201                 members = TALLOC_ARRAY(p->mem_ctx, DOM_SID, r->in.sids->num_sids);
4202
4203                 if (members == NULL)
4204                         return NT_STATUS_NO_MEMORY;
4205         } else {
4206                 members = NULL;
4207         }
4208
4209         for (i=0; i<r->in.sids->num_sids; i++)
4210                 sid_copy(&members[i], r->in.sids->sids[i].sid);
4211
4212         alias_rids = NULL;
4213         num_alias_rids = 0;
4214
4215         become_root();
4216         status = pdb_enum_alias_memberships(p->mem_ctx, &dinfo->sid, members,
4217                                             r->in.sids->num_sids,
4218                                             &alias_rids, &num_alias_rids);
4219         unbecome_root();
4220
4221         if (!NT_STATUS_IS_OK(status)) {
4222                 return status;
4223         }
4224
4225         r->out.rids->count = num_alias_rids;
4226         r->out.rids->ids = alias_rids;
4227
4228         return NT_STATUS_OK;
4229 }
4230
4231 /*********************************************************************
4232  _samr_GetMembersInAlias
4233 *********************************************************************/
4234
4235 NTSTATUS _samr_GetMembersInAlias(pipes_struct *p,
4236                                  struct samr_GetMembersInAlias *r)
4237 {
4238         struct samr_alias_info *ainfo;
4239         NTSTATUS status;
4240         size_t i;
4241         size_t num_sids = 0;
4242         struct lsa_SidPtr *sids = NULL;
4243         DOM_SID *pdb_sids = NULL;
4244
4245         ainfo = policy_handle_find(p, r->in.alias_handle,
4246                                    SAMR_ALIAS_ACCESS_GET_MEMBERS, NULL,
4247                                    struct samr_alias_info, &status);
4248         if (!NT_STATUS_IS_OK(status)) {
4249                 return status;
4250         }
4251
4252         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
4253
4254         become_root();
4255         status = pdb_enum_aliasmem(&ainfo->sid, &pdb_sids, &num_sids);
4256         unbecome_root();
4257
4258         if (!NT_STATUS_IS_OK(status)) {
4259                 return status;
4260         }
4261
4262         if (num_sids) {
4263                 sids = TALLOC_ZERO_ARRAY(p->mem_ctx, struct lsa_SidPtr, num_sids);
4264                 if (sids == NULL) {
4265                         TALLOC_FREE(pdb_sids);
4266                         return NT_STATUS_NO_MEMORY;
4267                 }
4268         }
4269
4270         for (i = 0; i < num_sids; i++) {
4271                 sids[i].sid = sid_dup_talloc(p->mem_ctx, &pdb_sids[i]);
4272                 if (!sids[i].sid) {
4273                         TALLOC_FREE(pdb_sids);
4274                         return NT_STATUS_NO_MEMORY;
4275                 }
4276         }
4277
4278         r->out.sids->num_sids = num_sids;
4279         r->out.sids->sids = sids;
4280
4281         TALLOC_FREE(pdb_sids);
4282
4283         return NT_STATUS_OK;
4284 }
4285
4286 /*********************************************************************
4287  _samr_QueryGroupMember
4288 *********************************************************************/
4289
4290 NTSTATUS _samr_QueryGroupMember(pipes_struct *p,
4291                                 struct samr_QueryGroupMember *r)
4292 {
4293         struct samr_group_info *ginfo;
4294         size_t i, num_members;
4295
4296         uint32 *rid=NULL;
4297         uint32 *attr=NULL;
4298
4299         NTSTATUS status;
4300         struct samr_RidTypeArray *rids = NULL;
4301
4302         ginfo = policy_handle_find(p, r->in.group_handle,
4303                                    SAMR_GROUP_ACCESS_GET_MEMBERS, NULL,
4304                                    struct samr_group_info, &status);
4305         if (!NT_STATUS_IS_OK(status)) {
4306                 return status;
4307         }
4308
4309         rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidTypeArray);
4310         if (!rids) {
4311                 return NT_STATUS_NO_MEMORY;
4312         }
4313
4314         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
4315
4316         if (!sid_check_is_in_our_domain(&ginfo->sid)) {
4317                 DEBUG(3, ("sid %s is not in our domain\n",
4318                           sid_string_dbg(&ginfo->sid)));
4319                 return NT_STATUS_NO_SUCH_GROUP;
4320         }
4321
4322         DEBUG(10, ("lookup on Domain SID\n"));
4323
4324         become_root();
4325         status = pdb_enum_group_members(p->mem_ctx, &ginfo->sid,
4326                                         &rid, &num_members);
4327         unbecome_root();
4328
4329         if (!NT_STATUS_IS_OK(status))
4330                 return status;
4331
4332         if (num_members) {
4333                 attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members);
4334                 if (attr == NULL) {
4335                         return NT_STATUS_NO_MEMORY;
4336                 }
4337         } else {
4338                 attr = NULL;
4339         }
4340
4341         for (i=0; i<num_members; i++)
4342                 attr[i] = SID_NAME_USER;
4343
4344         rids->count = num_members;
4345         rids->types = attr;
4346         rids->rids = rid;
4347
4348         *r->out.rids = rids;
4349
4350         return NT_STATUS_OK;
4351 }
4352
4353 /*********************************************************************
4354  _samr_AddAliasMember
4355 *********************************************************************/
4356
4357 NTSTATUS _samr_AddAliasMember(pipes_struct *p,
4358                               struct samr_AddAliasMember *r)
4359 {
4360         struct samr_alias_info *ainfo;
4361         SE_PRIV se_rights;
4362         bool can_add_accounts;
4363         NTSTATUS status;
4364
4365         ainfo = policy_handle_find(p, r->in.alias_handle,
4366                                    SAMR_ALIAS_ACCESS_ADD_MEMBER, NULL,
4367                                    struct samr_alias_info, &status);
4368         if (!NT_STATUS_IS_OK(status)) {
4369                 return status;
4370         }
4371
4372         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
4373
4374         se_priv_copy( &se_rights, &se_add_users );
4375         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4376
4377         /******** BEGIN SeAddUsers BLOCK *********/
4378
4379         if ( can_add_accounts )
4380                 become_root();
4381
4382         status = pdb_add_aliasmem(&ainfo->sid, r->in.sid);
4383
4384         if ( can_add_accounts )
4385                 unbecome_root();
4386
4387         /******** END SeAddUsers BLOCK *********/
4388
4389         if (NT_STATUS_IS_OK(status)) {
4390                 force_flush_samr_cache(&ainfo->sid);
4391         }
4392
4393         return status;
4394 }
4395
4396 /*********************************************************************
4397  _samr_DeleteAliasMember
4398 *********************************************************************/
4399
4400 NTSTATUS _samr_DeleteAliasMember(pipes_struct *p,
4401                                  struct samr_DeleteAliasMember *r)
4402 {
4403         struct samr_alias_info *ainfo;
4404         SE_PRIV se_rights;
4405         bool can_add_accounts;
4406         NTSTATUS status;
4407
4408         ainfo = policy_handle_find(p, r->in.alias_handle,
4409                                    SAMR_ALIAS_ACCESS_REMOVE_MEMBER, NULL,
4410                                    struct samr_alias_info, &status);
4411         if (!NT_STATUS_IS_OK(status)) {
4412                 return status;
4413         }
4414
4415         DEBUG(10, ("_samr_del_aliasmem:sid is %s\n",
4416                    sid_string_dbg(&ainfo->sid)));
4417
4418         se_priv_copy( &se_rights, &se_add_users );
4419         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4420
4421         /******** BEGIN SeAddUsers BLOCK *********/
4422
4423         if ( can_add_accounts )
4424                 become_root();
4425
4426         status = pdb_del_aliasmem(&ainfo->sid, r->in.sid);
4427
4428         if ( can_add_accounts )
4429                 unbecome_root();
4430
4431         /******** END SeAddUsers BLOCK *********/
4432
4433         if (NT_STATUS_IS_OK(status)) {
4434                 force_flush_samr_cache(&ainfo->sid);
4435         }
4436
4437         return status;
4438 }
4439
4440 /*********************************************************************
4441  _samr_AddGroupMember
4442 *********************************************************************/
4443
4444 NTSTATUS _samr_AddGroupMember(pipes_struct *p,
4445                               struct samr_AddGroupMember *r)
4446 {
4447         struct samr_group_info *ginfo;
4448         NTSTATUS status;
4449         uint32 group_rid;
4450         SE_PRIV se_rights;
4451         bool can_add_accounts;
4452
4453         ginfo = policy_handle_find(p, r->in.group_handle,
4454                                    SAMR_GROUP_ACCESS_ADD_MEMBER, NULL,
4455                                    struct samr_group_info, &status);
4456         if (!NT_STATUS_IS_OK(status)) {
4457                 return status;
4458         }
4459
4460         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
4461
4462         if (!sid_peek_check_rid(get_global_sam_sid(), &ginfo->sid,
4463                                 &group_rid)) {
4464                 return NT_STATUS_INVALID_HANDLE;
4465         }
4466
4467         se_priv_copy( &se_rights, &se_add_users );
4468         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4469
4470         /******** BEGIN SeAddUsers BLOCK *********/
4471
4472         if ( can_add_accounts )
4473                 become_root();
4474
4475         status = pdb_add_groupmem(p->mem_ctx, group_rid, r->in.rid);
4476
4477         if ( can_add_accounts )
4478                 unbecome_root();
4479
4480         /******** END SeAddUsers BLOCK *********/
4481
4482         force_flush_samr_cache(&ginfo->sid);
4483
4484         return status;
4485 }
4486
4487 /*********************************************************************
4488  _samr_DeleteGroupMember
4489 *********************************************************************/
4490
4491 NTSTATUS _samr_DeleteGroupMember(pipes_struct *p,
4492                                  struct samr_DeleteGroupMember *r)
4493
4494 {
4495         struct samr_group_info *ginfo;
4496         NTSTATUS status;
4497         uint32 group_rid;
4498         SE_PRIV se_rights;
4499         bool can_add_accounts;
4500
4501         /*
4502          * delete the group member named r->in.rid
4503          * who is a member of the sid associated with the handle
4504          * the rid is a user's rid as the group is a domain group.
4505          */
4506
4507         ginfo = policy_handle_find(p, r->in.group_handle,
4508                                    SAMR_GROUP_ACCESS_REMOVE_MEMBER, NULL,
4509                                    struct samr_group_info, &status);
4510         if (!NT_STATUS_IS_OK(status)) {
4511                 return status;
4512         }
4513
4514         if (!sid_peek_check_rid(get_global_sam_sid(), &ginfo->sid,
4515                                 &group_rid)) {
4516                 return NT_STATUS_INVALID_HANDLE;
4517         }
4518
4519         se_priv_copy( &se_rights, &se_add_users );
4520         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4521
4522         /******** BEGIN SeAddUsers BLOCK *********/
4523
4524         if ( can_add_accounts )
4525                 become_root();
4526
4527         status = pdb_del_groupmem(p->mem_ctx, group_rid, r->in.rid);
4528
4529         if ( can_add_accounts )
4530                 unbecome_root();
4531
4532         /******** END SeAddUsers BLOCK *********/
4533
4534         force_flush_samr_cache(&ginfo->sid);
4535
4536         return status;
4537 }
4538
4539 /*********************************************************************
4540  _samr_DeleteUser
4541 *********************************************************************/
4542
4543 NTSTATUS _samr_DeleteUser(pipes_struct *p,
4544                           struct samr_DeleteUser *r)
4545 {
4546         struct samr_user_info *uinfo;
4547         NTSTATUS status;
4548         struct samu *sam_pass=NULL;
4549         bool can_add_accounts;
4550         uint32 acb_info;
4551         bool ret;
4552
4553         DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__));
4554
4555         uinfo = policy_handle_find(p, r->in.user_handle,
4556                                    STD_RIGHT_DELETE_ACCESS, NULL,
4557                                    struct samr_user_info, &status);
4558         if (!NT_STATUS_IS_OK(status)) {
4559                 return status;
4560         }
4561
4562         if (!sid_check_is_in_our_domain(&uinfo->sid))
4563                 return NT_STATUS_CANNOT_DELETE;
4564
4565         /* check if the user exists before trying to delete */
4566         if ( !(sam_pass = samu_new( NULL )) ) {
4567                 return NT_STATUS_NO_MEMORY;
4568         }
4569
4570         become_root();
4571         ret = pdb_getsampwsid(sam_pass, &uinfo->sid);
4572         unbecome_root();
4573
4574         if( !ret ) {
4575                 DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n",
4576                         sid_string_dbg(&uinfo->sid)));
4577                 TALLOC_FREE(sam_pass);
4578                 return NT_STATUS_NO_SUCH_USER;
4579         }
4580
4581         acb_info = pdb_get_acct_ctrl(sam_pass);
4582
4583         /* For machine accounts it's the SeMachineAccountPrivilege that counts. */
4584         if ( acb_info & ACB_WSTRUST ) {
4585                 can_add_accounts = user_has_privileges( p->server_info->ptok, &se_machine_account );
4586         } else {
4587                 can_add_accounts = user_has_privileges( p->server_info->ptok, &se_add_users );
4588         }
4589
4590         /******** BEGIN SeAddUsers BLOCK *********/
4591
4592         if ( can_add_accounts )
4593                 become_root();
4594
4595         status = pdb_delete_user(p->mem_ctx, sam_pass);
4596
4597         if ( can_add_accounts )
4598                 unbecome_root();
4599
4600         /******** END SeAddUsers BLOCK *********/
4601
4602         if ( !NT_STATUS_IS_OK(status) ) {
4603                 DEBUG(5,("_samr_DeleteUser: Failed to delete entry for "
4604                          "user %s: %s.\n", pdb_get_username(sam_pass),
4605                          nt_errstr(status)));
4606                 TALLOC_FREE(sam_pass);
4607                 return status;
4608         }
4609
4610
4611         TALLOC_FREE(sam_pass);
4612
4613         if (!close_policy_hnd(p, r->in.user_handle))
4614                 return NT_STATUS_OBJECT_NAME_INVALID;
4615
4616         ZERO_STRUCTP(r->out.user_handle);
4617
4618         force_flush_samr_cache(&uinfo->sid);
4619
4620         return NT_STATUS_OK;
4621 }
4622
4623 /*********************************************************************
4624  _samr_DeleteDomainGroup
4625 *********************************************************************/
4626
4627 NTSTATUS _samr_DeleteDomainGroup(pipes_struct *p,
4628                                  struct samr_DeleteDomainGroup *r)
4629 {
4630         struct samr_group_info *ginfo;
4631         NTSTATUS status;
4632         uint32 group_rid;
4633         SE_PRIV se_rights;
4634         bool can_add_accounts;
4635
4636         DEBUG(5, ("samr_DeleteDomainGroup: %d\n", __LINE__));
4637
4638         ginfo = policy_handle_find(p, r->in.group_handle,
4639                                    STD_RIGHT_DELETE_ACCESS, NULL,
4640                                    struct samr_group_info, &status);
4641         if (!NT_STATUS_IS_OK(status)) {
4642                 return status;
4643         }
4644
4645         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ginfo->sid)));
4646
4647         if (!sid_peek_check_rid(get_global_sam_sid(), &ginfo->sid,
4648                                 &group_rid)) {
4649                 return NT_STATUS_NO_SUCH_GROUP;
4650         }
4651
4652         se_priv_copy( &se_rights, &se_add_users );
4653         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4654
4655         /******** BEGIN SeAddUsers BLOCK *********/
4656
4657         if ( can_add_accounts )
4658                 become_root();
4659
4660         status = pdb_delete_dom_group(p->mem_ctx, group_rid);
4661
4662         if ( can_add_accounts )
4663                 unbecome_root();
4664
4665         /******** END SeAddUsers BLOCK *********/
4666
4667         if ( !NT_STATUS_IS_OK(status) ) {
4668                 DEBUG(5,("_samr_DeleteDomainGroup: Failed to delete mapping "
4669                          "entry for group %s: %s\n",
4670                          sid_string_dbg(&ginfo->sid),
4671                          nt_errstr(status)));
4672                 return status;
4673         }
4674
4675         if (!close_policy_hnd(p, r->in.group_handle))
4676                 return NT_STATUS_OBJECT_NAME_INVALID;
4677
4678         force_flush_samr_cache(&ginfo->sid);
4679
4680         return NT_STATUS_OK;
4681 }
4682
4683 /*********************************************************************
4684  _samr_DeleteDomAlias
4685 *********************************************************************/
4686
4687 NTSTATUS _samr_DeleteDomAlias(pipes_struct *p,
4688                               struct samr_DeleteDomAlias *r)
4689 {
4690         struct samr_alias_info *ainfo;
4691         SE_PRIV se_rights;
4692         bool can_add_accounts;
4693         NTSTATUS status;
4694
4695         DEBUG(5, ("_samr_DeleteDomAlias: %d\n", __LINE__));
4696
4697         ainfo = policy_handle_find(p, r->in.alias_handle,
4698                                    STD_RIGHT_DELETE_ACCESS, NULL,
4699                                    struct samr_alias_info, &status);
4700         if (!NT_STATUS_IS_OK(status)) {
4701                 return status;
4702         }
4703
4704         DEBUG(10, ("sid is %s\n", sid_string_dbg(&ainfo->sid)));
4705
4706         /* Don't let Windows delete builtin groups */
4707
4708         if ( sid_check_is_in_builtin( &ainfo->sid ) ) {
4709                 return NT_STATUS_SPECIAL_ACCOUNT;
4710         }
4711
4712         if (!sid_check_is_in_our_domain(&ainfo->sid))
4713                 return NT_STATUS_NO_SUCH_ALIAS;
4714
4715         DEBUG(10, ("lookup on Local SID\n"));
4716
4717         se_priv_copy( &se_rights, &se_add_users );
4718         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4719
4720         /******** BEGIN SeAddUsers BLOCK *********/
4721
4722         if ( can_add_accounts )
4723                 become_root();
4724
4725         /* Have passdb delete the alias */
4726         status = pdb_delete_alias(&ainfo->sid);
4727
4728         if ( can_add_accounts )
4729                 unbecome_root();
4730
4731         /******** END SeAddUsers BLOCK *********/
4732
4733         if ( !NT_STATUS_IS_OK(status))
4734                 return status;
4735
4736         if (!close_policy_hnd(p, r->in.alias_handle))
4737                 return NT_STATUS_OBJECT_NAME_INVALID;
4738
4739         force_flush_samr_cache(&ainfo->sid);
4740
4741         return NT_STATUS_OK;
4742 }
4743
4744 /*********************************************************************
4745  _samr_CreateDomainGroup
4746 *********************************************************************/
4747
4748 NTSTATUS _samr_CreateDomainGroup(pipes_struct *p,
4749                                  struct samr_CreateDomainGroup *r)
4750
4751 {
4752         NTSTATUS status;
4753         const char *name;
4754         struct samr_domain_info *dinfo;
4755         struct samr_group_info *ginfo;
4756         SE_PRIV se_rights;
4757         bool can_add_accounts;
4758
4759         dinfo = policy_handle_find(p, r->in.domain_handle,
4760                                    SAMR_DOMAIN_ACCESS_CREATE_GROUP, NULL,
4761                                    struct samr_domain_info, &status);
4762         if (!NT_STATUS_IS_OK(status)) {
4763                 return status;
4764         }
4765
4766         if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
4767                 return NT_STATUS_ACCESS_DENIED;
4768
4769         name = r->in.name->string;
4770         if (name == NULL) {
4771                 return NT_STATUS_NO_MEMORY;
4772         }
4773
4774         status = can_create(p->mem_ctx, name);
4775         if (!NT_STATUS_IS_OK(status)) {
4776                 return status;
4777         }
4778
4779         se_priv_copy( &se_rights, &se_add_users );
4780         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4781
4782         /******** BEGIN SeAddUsers BLOCK *********/
4783
4784         if ( can_add_accounts )
4785                 become_root();
4786
4787         /* check that we successfully create the UNIX group */
4788
4789         status = pdb_create_dom_group(p->mem_ctx, name, r->out.rid);
4790
4791         if ( can_add_accounts )
4792                 unbecome_root();
4793
4794         /******** END SeAddUsers BLOCK *********/
4795
4796         /* check if we should bail out here */
4797
4798         if ( !NT_STATUS_IS_OK(status) )
4799                 return status;
4800
4801         ginfo = policy_handle_create(p, r->out.group_handle,
4802                                      GENERIC_RIGHTS_GROUP_ALL_ACCESS,
4803                                      struct samr_group_info, &status);
4804         if (!NT_STATUS_IS_OK(status)) {
4805                 return status;
4806         }
4807         sid_compose(&ginfo->sid, &dinfo->sid, *r->out.rid);
4808
4809         force_flush_samr_cache(&dinfo->sid);
4810
4811         return NT_STATUS_OK;
4812 }
4813
4814 /*********************************************************************
4815  _samr_CreateDomAlias
4816 *********************************************************************/
4817
4818 NTSTATUS _samr_CreateDomAlias(pipes_struct *p,
4819                               struct samr_CreateDomAlias *r)
4820 {
4821         DOM_SID info_sid;
4822         const char *name = NULL;
4823         struct samr_domain_info *dinfo;
4824         struct samr_alias_info *ainfo;
4825         gid_t gid;
4826         NTSTATUS result;
4827         SE_PRIV se_rights;
4828         bool can_add_accounts;
4829
4830         dinfo = policy_handle_find(p, r->in.domain_handle,
4831                                    SAMR_DOMAIN_ACCESS_CREATE_ALIAS, NULL,
4832                                    struct samr_domain_info, &result);
4833         if (!NT_STATUS_IS_OK(result)) {
4834                 return result;
4835         }
4836
4837         if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
4838                 return NT_STATUS_ACCESS_DENIED;
4839
4840         name = r->in.alias_name->string;
4841
4842         se_priv_copy( &se_rights, &se_add_users );
4843         can_add_accounts = user_has_privileges( p->server_info->ptok, &se_rights );
4844
4845         result = can_create(p->mem_ctx, name);
4846         if (!NT_STATUS_IS_OK(result)) {
4847                 return result;
4848         }
4849
4850         /******** BEGIN SeAddUsers BLOCK *********/
4851
4852         if ( can_add_accounts )
4853                 become_root();
4854
4855         /* Have passdb create the alias */
4856         result = pdb_create_alias(name, r->out.rid);
4857
4858         if ( can_add_accounts )
4859                 unbecome_root();
4860
4861         /******** END SeAddUsers BLOCK *********/
4862
4863         if (!NT_STATUS_IS_OK(result)) {
4864                 DEBUG(10, ("pdb_create_alias failed: %s\n",
4865                            nt_errstr(result)));
4866                 return result;
4867         }
4868
4869         sid_compose(&info_sid, &dinfo->sid, *r->out.rid);
4870
4871         if (!sid_to_gid(&info_sid, &gid)) {
4872                 DEBUG(10, ("Could not find alias just created\n"));
4873                 return NT_STATUS_ACCESS_DENIED;
4874         }
4875
4876         /* check if the group has been successfully created */
4877         if ( getgrgid(gid) == NULL ) {
4878                 DEBUG(10, ("getgrgid(%d) of just created alias failed\n",
4879                            gid));
4880                 return NT_STATUS_ACCESS_DENIED;
4881         }
4882
4883         ainfo = policy_handle_create(p, r->out.alias_handle,
4884                                      GENERIC_RIGHTS_ALIAS_ALL_ACCESS,
4885                                      struct samr_alias_info, &result);
4886         if (!NT_STATUS_IS_OK(result)) {
4887                 return result;
4888         }
4889         ainfo->sid = info_sid;
4890
4891         force_flush_samr_cache(&info_sid);
4892
4893         return NT_STATUS_OK;
4894 }
4895
4896 /*********************************************************************
4897  _samr_QueryGroupInfo
4898 *********************************************************************/
4899
4900 NTSTATUS _samr_QueryGroupInfo(pipes_struct *p,
4901                               struct samr_QueryGroupInfo *r)
4902 {
4903         struct samr_group_info *ginfo;
4904         NTSTATUS status;
4905         GROUP_MAP map;
4906         union samr_GroupInfo *info = NULL;
4907         bool ret;
4908         uint32_t attributes = SE_GROUP_MANDATORY |
4909                               SE_GROUP_ENABLED_BY_DEFAULT |
4910                               SE_GROUP_ENABLED;
4911         const char *group_name = NULL;
4912         const char *group_description = NULL;
4913
4914         ginfo = policy_handle_find(p, r->in.group_handle,
4915                                    SAMR_GROUP_ACCESS_LOOKUP_INFO, NULL,
4916                                    struct samr_group_info, &status);
4917         if (!NT_STATUS_IS_OK(status)) {
4918                 return status;
4919         }
4920
4921         become_root();
4922         ret = get_domain_group_from_sid(ginfo->sid, &map);
4923         unbecome_root();
4924         if (!ret)
4925                 return NT_STATUS_INVALID_HANDLE;
4926
4927         /* FIXME: map contains fstrings */
4928         group_name = talloc_strdup(r, map.nt_name);
4929         group_description = talloc_strdup(r, map.comment);
4930
4931         info = TALLOC_ZERO_P(p->mem_ctx, union samr_GroupInfo);
4932         if (!info) {
4933                 return NT_STATUS_NO_MEMORY;
4934         }
4935
4936         switch (r->in.level) {
4937                 case 1: {
4938                         uint32 *members;
4939                         size_t num_members;
4940
4941                         become_root();
4942                         status = pdb_enum_group_members(
4943                                 p->mem_ctx, &ginfo->sid, &members,
4944                                 &num_members);
4945                         unbecome_root();
4946
4947                         if (!NT_STATUS_IS_OK(status)) {
4948                                 return status;
4949                         }
4950
4951                         info->all.name.string           = group_name;
4952                         info->all.attributes            = attributes;
4953                         info->all.num_members           = num_members;
4954                         info->all.description.string    = group_description;
4955                         break;
4956                 }
4957                 case 2:
4958                         info->name.string = group_name;
4959                         break;
4960                 case 3:
4961                         info->attributes.attributes = attributes;
4962                         break;
4963                 case 4:
4964                         info->description.string = group_description;
4965                         break;
4966                 case 5: {
4967                         /*
4968                         uint32 *members;
4969                         size_t num_members;
4970                         */
4971
4972                         /*
4973                         become_root();
4974                         status = pdb_enum_group_members(
4975                                 p->mem_ctx, &ginfo->sid, &members,
4976                                 &num_members);
4977                         unbecome_root();
4978
4979                         if (!NT_STATUS_IS_OK(status)) {
4980                                 return status;
4981                         }
4982                         */
4983                         info->all2.name.string          = group_name;
4984                         info->all2.attributes           = attributes;
4985                         info->all2.num_members          = 0; /* num_members - in w2k3 this is always 0 */
4986                         info->all2.description.string   = group_description;
4987
4988                         break;
4989                 }
4990                 default:
4991                         return NT_STATUS_INVALID_INFO_CLASS;
4992         }
4993
4994         *r->out.info = info;
4995
4996         return NT_STATUS_OK;
4997 }
4998
4999 /*********************************************************************
5000  _samr_SetGroupInfo
5001 *********************************************************************/
5002
5003 NTSTATUS _samr_SetGroupInfo(pipes_struct *p,
5004                             struct samr_SetGroupInfo *r)
5005 {
5006         struct samr_group_info *ginfo;
5007         GROUP_MAP map;
5008         NTSTATUS status;
5009         bool ret;
5010         bool can_mod_accounts;
5011
5012         ginfo = policy_handle_find(p, r->in.group_handle,
5013                                    SAMR_GROUP_ACCESS_SET_INFO, NULL,
5014                                    struct samr_group_info, &status);
5015         if (!NT_STATUS_IS_OK(status)) {
5016                 return status;
5017         }
5018
5019         become_root();
5020         ret = get_domain_group_from_sid(ginfo->sid, &map);
5021         unbecome_root();
5022         if (!ret)
5023                 return NT_STATUS_NO_SUCH_GROUP;
5024
5025         switch (r->in.level) {
5026                 case 1:
5027                         fstrcpy(map.comment, r->in.info->all.description.string);
5028                         break;
5029                 case 2:
5030                         /* group rename is not supported yet */
5031                         return NT_STATUS_NOT_SUPPORTED;
5032                 case 4:
5033                         fstrcpy(map.comment, r->in.info->description.string);
5034                         break;
5035                 default:
5036                         return NT_STATUS_INVALID_INFO_CLASS;
5037         }
5038
5039         can_mod_accounts = user_has_privileges( p->server_info->ptok, &se_add_users );
5040
5041         /******** BEGIN SeAddUsers BLOCK *********/
5042
5043         if ( can_mod_accounts )
5044                 become_root();
5045
5046         status = pdb_update_group_mapping_entry(&map);
5047
5048         if ( can_mod_accounts )
5049                 unbecome_root();
5050
5051         /******** End SeAddUsers BLOCK *********/
5052
5053         if (NT_STATUS_IS_OK(status)) {
5054                 force_flush_samr_cache(&ginfo->sid);
5055         }
5056
5057         return status;
5058 }
5059
5060 /*********************************************************************
5061  _samr_SetAliasInfo
5062 *********************************************************************/
5063
5064 NTSTATUS _samr_SetAliasInfo(pipes_struct *p,
5065                             struct samr_SetAliasInfo *r)
5066 {
5067         struct samr_alias_info *ainfo;
5068         struct acct_info info;
5069         bool can_mod_accounts;
5070         NTSTATUS status;
5071
5072         ainfo = policy_handle_find(p, r->in.alias_handle,
5073                                    SAMR_ALIAS_ACCESS_SET_INFO, NULL,
5074                                    struct samr_alias_info, &status);
5075         if (!NT_STATUS_IS_OK(status)) {
5076                 return status;
5077         }
5078
5079         /* get the current group information */
5080
5081         become_root();
5082         status = pdb_get_aliasinfo( &ainfo->sid, &info );
5083         unbecome_root();
5084
5085         if ( !NT_STATUS_IS_OK(status))
5086                 return status;
5087
5088         switch (r->in.level) {
5089                 case ALIASINFONAME:
5090                 {
5091                         fstring group_name;
5092
5093                         /* We currently do not support renaming groups in the
5094                            the BUILTIN domain.  Refer to util_builtin.c to understand
5095                            why.  The eventually needs to be fixed to be like Windows
5096                            where you can rename builtin groups, just not delete them */
5097
5098                         if ( sid_check_is_in_builtin( &ainfo->sid ) ) {
5099                                 return NT_STATUS_SPECIAL_ACCOUNT;
5100                         }
5101
5102                         /* There has to be a valid name (and it has to be different) */
5103
5104                         if ( !r->in.info->name.string )
5105                                 return NT_STATUS_INVALID_PARAMETER;
5106
5107                         /* If the name is the same just reply "ok".  Yes this
5108                            doesn't allow you to change the case of a group name. */
5109
5110                         if ( strequal( r->in.info->name.string, info.acct_name ) )
5111                                 return NT_STATUS_OK;
5112
5113                         fstrcpy( info.acct_name, r->in.info->name.string);
5114
5115                         /* make sure the name doesn't already exist as a user
5116                            or local group */
5117
5118                         fstr_sprintf( group_name, "%s\\%s", global_myname(), info.acct_name );
5119                         status = can_create( p->mem_ctx, group_name );
5120                         if ( !NT_STATUS_IS_OK( status ) )
5121                                 return status;
5122                         break;
5123                 }
5124                 case ALIASINFODESCRIPTION:
5125                         if (r->in.info->description.string) {
5126                                 fstrcpy(info.acct_desc,
5127                                         r->in.info->description.string);
5128                         } else {
5129                                 fstrcpy( info.acct_desc, "" );
5130                         }
5131                         break;
5132                 default:
5133                         return NT_STATUS_INVALID_INFO_CLASS;
5134         }
5135
5136         can_mod_accounts = user_has_privileges( p->server_info->ptok, &se_add_users );
5137
5138         /******** BEGIN SeAddUsers BLOCK *********/
5139
5140         if ( can_mod_accounts )
5141                 become_root();
5142
5143         status = pdb_set_aliasinfo( &ainfo->sid, &info );
5144
5145         if ( can_mod_accounts )
5146                 unbecome_root();
5147
5148         /******** End SeAddUsers BLOCK *********/
5149
5150         if (NT_STATUS_IS_OK(status))
5151                 force_flush_samr_cache(&ainfo->sid);
5152
5153         return status;
5154 }
5155
5156 /****************************************************************
5157  _samr_GetDomPwInfo
5158 ****************************************************************/
5159
5160 NTSTATUS _samr_GetDomPwInfo(pipes_struct *p,
5161                             struct samr_GetDomPwInfo *r)
5162 {
5163         uint32_t min_password_length = 0;
5164         uint32_t password_properties = 0;
5165
5166         /* Perform access check.  Since this rpc does not require a
5167            policy handle it will not be caught by the access checks on
5168            SAMR_CONNECT or SAMR_CONNECT_ANON. */
5169
5170         if (!pipe_access_check(p)) {
5171                 DEBUG(3, ("access denied to _samr_GetDomPwInfo\n"));
5172                 return NT_STATUS_ACCESS_DENIED;
5173         }
5174
5175         become_root();
5176         pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
5177                                &min_password_length);
5178         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
5179                                &password_properties);
5180         unbecome_root();
5181
5182         if (lp_check_password_script() && *lp_check_password_script()) {
5183                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
5184         }
5185
5186         r->out.info->min_password_length = min_password_length;
5187         r->out.info->password_properties = password_properties;
5188
5189         return NT_STATUS_OK;
5190 }
5191
5192 /*********************************************************************
5193  _samr_OpenGroup
5194 *********************************************************************/
5195
5196 NTSTATUS _samr_OpenGroup(pipes_struct *p,
5197                          struct samr_OpenGroup *r)
5198
5199 {
5200         DOM_SID info_sid;
5201         GROUP_MAP map;
5202         struct samr_domain_info *dinfo;
5203         struct samr_group_info *ginfo;
5204         SEC_DESC         *psd = NULL;
5205         uint32            acc_granted;
5206         uint32            des_access = r->in.access_mask;
5207         size_t            sd_size;
5208         NTSTATUS          status;
5209         bool ret;
5210         SE_PRIV se_rights;
5211
5212         dinfo = policy_handle_find(p, r->in.domain_handle,
5213                                    SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, NULL,
5214                                    struct samr_domain_info, &status);
5215         if (!NT_STATUS_IS_OK(status)) {
5216                 return status;
5217         }
5218
5219         /*check if access can be granted as requested by client. */
5220         map_max_allowed_access(p->server_info->ptok, &des_access);
5221
5222         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &grp_generic_mapping, NULL, 0);
5223         se_map_generic(&des_access,&grp_generic_mapping);
5224
5225         se_priv_copy( &se_rights, &se_add_users );
5226
5227         status = access_check_samr_object(psd, p->server_info->ptok,
5228                 &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access,
5229                 &acc_granted, "_samr_OpenGroup");
5230
5231         if ( !NT_STATUS_IS_OK(status) )
5232                 return status;
5233
5234         /* this should not be hard-coded like this */
5235
5236         if (!sid_equal(&dinfo->sid, get_global_sam_sid()))
5237                 return NT_STATUS_ACCESS_DENIED;
5238
5239         sid_compose(&info_sid, &dinfo->sid, r->in.rid);
5240
5241         DEBUG(10, ("_samr_OpenGroup:Opening SID: %s\n",
5242                    sid_string_dbg(&info_sid)));
5243
5244         /* check if that group really exists */
5245         become_root();
5246         ret = get_domain_group_from_sid(info_sid, &map);
5247         unbecome_root();
5248         if (!ret)
5249                 return NT_STATUS_NO_SUCH_GROUP;
5250
5251         ginfo = policy_handle_create(p, r->out.group_handle,
5252                                      GENERIC_RIGHTS_GROUP_ALL_ACCESS,
5253                                      struct samr_group_info, &status);
5254         if (!NT_STATUS_IS_OK(status)) {
5255                 return status;
5256         }
5257         ginfo->sid = info_sid;
5258
5259         return NT_STATUS_OK;
5260 }
5261
5262 /*********************************************************************
5263  _samr_RemoveMemberFromForeignDomain
5264 *********************************************************************/
5265
5266 NTSTATUS _samr_RemoveMemberFromForeignDomain(pipes_struct *p,
5267                                              struct samr_RemoveMemberFromForeignDomain *r)
5268 {
5269         struct samr_domain_info *dinfo;
5270         NTSTATUS                result;
5271
5272         DEBUG(5,("_samr_RemoveMemberFromForeignDomain: removing SID [%s]\n",
5273                  sid_string_dbg(r->in.sid)));
5274
5275         /* Find the policy handle. Open a policy on it. */
5276
5277         dinfo = policy_handle_find(p, r->in.domain_handle,
5278                                    STD_RIGHT_DELETE_ACCESS, NULL,
5279                                    struct samr_domain_info, &result);
5280         if (!NT_STATUS_IS_OK(result)) {
5281                 return result;
5282         }
5283
5284         DEBUG(8, ("_samr_RemoveMemberFromForeignDomain: sid is %s\n",
5285                   sid_string_dbg(&dinfo->sid)));
5286
5287         /* we can only delete a user from a group since we don't have
5288            nested groups anyways.  So in the latter case, just say OK */
5289
5290         /* TODO: The above comment nowadays is bogus. Since we have nested
5291          * groups now, and aliases members are never reported out of the unix
5292          * group membership, the "just say OK" makes this call a no-op. For
5293          * us. This needs fixing however. */
5294
5295         /* I've only ever seen this in the wild when deleting a user from
5296          * usrmgr.exe. domain_sid is the builtin domain, and the sid to delete
5297          * is the user about to be deleted. I very much suspect this is the
5298          * only application of this call. To verify this, let people report
5299          * other cases. */
5300
5301         if (!sid_check_is_builtin(&dinfo->sid)) {
5302                 DEBUG(1,("_samr_RemoveMemberFromForeignDomain: domain_sid = %s, "
5303                          "global_sam_sid() = %s\n",
5304                          sid_string_dbg(&dinfo->sid),
5305                          sid_string_dbg(get_global_sam_sid())));
5306                 DEBUGADD(1,("please report to samba-technical@samba.org!\n"));
5307                 return NT_STATUS_OK;
5308         }
5309
5310         force_flush_samr_cache(&dinfo->sid);
5311
5312         result = NT_STATUS_OK;
5313
5314         return result;
5315 }
5316
5317 /*******************************************************************
5318  _samr_QueryDomainInfo2
5319  ********************************************************************/
5320
5321 NTSTATUS _samr_QueryDomainInfo2(pipes_struct *p,
5322                                 struct samr_QueryDomainInfo2 *r)
5323 {
5324         struct samr_QueryDomainInfo q;
5325
5326         q.in.domain_handle      = r->in.domain_handle;
5327         q.in.level              = r->in.level;
5328
5329         q.out.info              = r->out.info;
5330
5331         return _samr_QueryDomainInfo(p, &q);
5332 }
5333
5334 /*******************************************************************
5335  _samr_SetDomainInfo
5336  ********************************************************************/
5337
5338 NTSTATUS _samr_SetDomainInfo(pipes_struct *p,
5339                              struct samr_SetDomainInfo *r)
5340 {
5341         struct samr_domain_info *dinfo;
5342         time_t u_expire, u_min_age;
5343         time_t u_logout;
5344         time_t u_lock_duration, u_reset_time;
5345         NTSTATUS result;
5346
5347         DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__));
5348
5349         /* We do have different access bits for info
5350          * levels here, but we're really just looking for
5351          * GENERIC_RIGHTS_DOMAIN_WRITE access. Unfortunately
5352          * this maps to different specific bits. So
5353          * assume if we have SAMR_DOMAIN_ACCESS_SET_INFO_1
5354          * set we are ok. */
5355
5356         dinfo = policy_handle_find(p, r->in.domain_handle,
5357                                    SAMR_DOMAIN_ACCESS_SET_INFO_1, NULL,
5358                                    struct samr_domain_info, &result);
5359         if (!NT_STATUS_IS_OK(result)) {
5360                 return result;
5361         }
5362
5363         DEBUG(5,("_samr_SetDomainInfo: level: %d\n", r->in.level));
5364
5365         switch (r->in.level) {
5366                 case 0x01:
5367                         u_expire=nt_time_to_unix_abs((NTTIME *)&r->in.info->info1.max_password_age);
5368                         u_min_age=nt_time_to_unix_abs((NTTIME *)&r->in.info->info1.min_password_age);
5369                         pdb_set_account_policy(AP_MIN_PASSWORD_LEN, (uint32)r->in.info->info1.min_password_length);
5370                         pdb_set_account_policy(AP_PASSWORD_HISTORY, (uint32)r->in.info->info1.password_history_length);
5371                         pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)r->in.info->info1.password_properties);
5372                         pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (int)u_expire);
5373                         pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (int)u_min_age);
5374                         break;
5375                 case 0x02:
5376                         break;
5377                 case 0x03:
5378                         u_logout=nt_time_to_unix_abs((NTTIME *)&r->in.info->info3.force_logoff_time);
5379                         pdb_set_account_policy(AP_TIME_TO_LOGOUT, (int)u_logout);
5380                         break;
5381                 case 0x05:
5382                         break;
5383                 case 0x06:
5384                         break;
5385                 case 0x07:
5386                         break;
5387                 case 0x0c:
5388                         u_lock_duration=nt_time_to_unix_abs((NTTIME *)&r->in.info->info12.lockout_duration);
5389                         if (u_lock_duration != -1)
5390                                 u_lock_duration /= 60;
5391
5392                         u_reset_time=nt_time_to_unix_abs((NTTIME *)&r->in.info->info12.lockout_window)/60;
5393
5394                         pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (int)u_lock_duration);
5395                         pdb_set_account_policy(AP_RESET_COUNT_TIME, (int)u_reset_time);
5396                         pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, (uint32)r->in.info->info12.lockout_threshold);
5397                         break;
5398                 default:
5399                         return NT_STATUS_INVALID_INFO_CLASS;
5400         }
5401
5402         DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__));
5403
5404         return NT_STATUS_OK;
5405 }
5406
5407 /****************************************************************
5408  _samr_GetDisplayEnumerationIndex
5409 ****************************************************************/
5410
5411 NTSTATUS _samr_GetDisplayEnumerationIndex(pipes_struct *p,
5412                                           struct samr_GetDisplayEnumerationIndex *r)
5413 {
5414         struct samr_domain_info *dinfo;
5415         uint32_t max_entries = (uint32_t) -1;
5416         uint32_t enum_context = 0;
5417         int i;
5418         uint32_t num_account = 0;
5419         struct samr_displayentry *entries = NULL;
5420         NTSTATUS status;
5421
5422         DEBUG(5,("_samr_GetDisplayEnumerationIndex: %d\n", __LINE__));
5423
5424         dinfo = policy_handle_find(p, r->in.domain_handle,
5425                                    SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, NULL,
5426                                    struct samr_domain_info, &status);
5427         if (!NT_STATUS_IS_OK(status)) {
5428                 return status;
5429         }
5430
5431         if ((r->in.level < 1) || (r->in.level > 3)) {
5432                 DEBUG(0,("_samr_GetDisplayEnumerationIndex: "
5433                         "Unknown info level (%u)\n",
5434                         r->in.level));
5435                 return NT_STATUS_INVALID_INFO_CLASS;
5436         }
5437
5438         become_root();
5439
5440         /* The following done as ROOT. Don't return without unbecome_root(). */
5441
5442         switch (r->in.level) {
5443         case 1:
5444                 if (dinfo->disp_info->users == NULL) {
5445                         dinfo->disp_info->users = pdb_search_users(
5446                                 dinfo->disp_info, ACB_NORMAL);
5447                         if (dinfo->disp_info->users == NULL) {
5448                                 unbecome_root();
5449                                 return NT_STATUS_ACCESS_DENIED;
5450                         }
5451                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5452                                 "starting user enumeration at index %u\n",
5453                                 (unsigned int)enum_context));
5454                 } else {
5455                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5456                                 "using cached user enumeration at index %u\n",
5457                                 (unsigned int)enum_context));
5458                 }
5459                 num_account = pdb_search_entries(dinfo->disp_info->users,
5460                                                  enum_context, max_entries,
5461                                                  &entries);
5462                 break;
5463         case 2:
5464                 if (dinfo->disp_info->machines == NULL) {
5465                         dinfo->disp_info->machines = pdb_search_users(
5466                                 dinfo->disp_info, ACB_WSTRUST|ACB_SVRTRUST);
5467                         if (dinfo->disp_info->machines == NULL) {
5468                                 unbecome_root();
5469                                 return NT_STATUS_ACCESS_DENIED;
5470                         }
5471                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5472                                 "starting machine enumeration at index %u\n",
5473                                 (unsigned int)enum_context));
5474                 } else {
5475                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5476                                 "using cached machine enumeration at index %u\n",
5477                                 (unsigned int)enum_context));
5478                 }
5479                 num_account = pdb_search_entries(dinfo->disp_info->machines,
5480                                                  enum_context, max_entries,
5481                                                  &entries);
5482                 break;
5483         case 3:
5484                 if (dinfo->disp_info->groups == NULL) {
5485                         dinfo->disp_info->groups = pdb_search_groups(
5486                                 dinfo->disp_info);
5487                         if (dinfo->disp_info->groups == NULL) {
5488                                 unbecome_root();
5489                                 return NT_STATUS_ACCESS_DENIED;
5490                         }
5491                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5492                                 "starting group enumeration at index %u\n",
5493                                 (unsigned int)enum_context));
5494                 } else {
5495                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5496                                 "using cached group enumeration at index %u\n",
5497                                 (unsigned int)enum_context));
5498                 }
5499                 num_account = pdb_search_entries(dinfo->disp_info->groups,
5500                                                  enum_context, max_entries,
5501                                                  &entries);
5502                 break;
5503         default:
5504                 unbecome_root();
5505                 smb_panic("info class changed");
5506                 break;
5507         }
5508
5509         unbecome_root();
5510
5511         /* Ensure we cache this enumeration. */
5512         set_disp_info_cache_timeout(dinfo->disp_info, DISP_INFO_CACHE_TIMEOUT);
5513
5514         DEBUG(10,("_samr_GetDisplayEnumerationIndex: looking for :%s\n",
5515                 r->in.name->string));
5516
5517         for (i=0; i<num_account; i++) {
5518                 if (strequal(entries[i].account_name, r->in.name->string)) {
5519                         DEBUG(10,("_samr_GetDisplayEnumerationIndex: "
5520                                 "found %s at idx %d\n",
5521                                 r->in.name->string, i));
5522                         *r->out.idx = i;
5523                         return NT_STATUS_OK;
5524                 }
5525         }
5526
5527         /* assuming account_name lives at the very end */
5528         *r->out.idx = num_account;
5529
5530         return NT_STATUS_NO_MORE_ENTRIES;
5531 }
5532
5533 /****************************************************************
5534  _samr_GetDisplayEnumerationIndex2
5535 ****************************************************************/
5536
5537 NTSTATUS _samr_GetDisplayEnumerationIndex2(pipes_struct *p,
5538                                            struct samr_GetDisplayEnumerationIndex2 *r)
5539 {
5540         struct samr_GetDisplayEnumerationIndex q;
5541
5542         q.in.domain_handle      = r->in.domain_handle;
5543         q.in.level              = r->in.level;
5544         q.in.name               = r->in.name;
5545
5546         q.out.idx               = r->out.idx;
5547
5548         return _samr_GetDisplayEnumerationIndex(p, &q);
5549 }
5550
5551 /****************************************************************
5552 ****************************************************************/
5553
5554 NTSTATUS _samr_Shutdown(pipes_struct *p,
5555                         struct samr_Shutdown *r)
5556 {
5557         p->rng_fault_state = true;
5558         return NT_STATUS_NOT_IMPLEMENTED;
5559 }
5560
5561 /****************************************************************
5562 ****************************************************************/
5563
5564 NTSTATUS _samr_SetMemberAttributesOfGroup(pipes_struct *p,
5565                                           struct samr_SetMemberAttributesOfGroup *r)
5566 {
5567         p->rng_fault_state = true;
5568         return NT_STATUS_NOT_IMPLEMENTED;
5569 }
5570
5571 /****************************************************************
5572 ****************************************************************/
5573
5574 NTSTATUS _samr_ChangePasswordUser(pipes_struct *p,
5575                                   struct samr_ChangePasswordUser *r)
5576 {
5577         p->rng_fault_state = true;
5578         return NT_STATUS_NOT_IMPLEMENTED;
5579 }
5580
5581 /****************************************************************
5582 ****************************************************************/
5583
5584 NTSTATUS _samr_TestPrivateFunctionsDomain(pipes_struct *p,
5585                                           struct samr_TestPrivateFunctionsDomain *r)
5586 {
5587         p->rng_fault_state = true;
5588         return NT_STATUS_NOT_IMPLEMENTED;
5589 }
5590
5591 /****************************************************************
5592 ****************************************************************/
5593
5594 NTSTATUS _samr_TestPrivateFunctionsUser(pipes_struct *p,
5595                                         struct samr_TestPrivateFunctionsUser *r)
5596 {
5597         p->rng_fault_state = true;
5598         return NT_STATUS_NOT_IMPLEMENTED;
5599 }
5600
5601 /****************************************************************
5602 ****************************************************************/
5603
5604 NTSTATUS _samr_AddMultipleMembersToAlias(pipes_struct *p,
5605                                          struct samr_AddMultipleMembersToAlias *r)
5606 {
5607         p->rng_fault_state = true;
5608         return NT_STATUS_NOT_IMPLEMENTED;
5609 }
5610
5611 /****************************************************************
5612 ****************************************************************/
5613
5614 NTSTATUS _samr_RemoveMultipleMembersFromAlias(pipes_struct *p,
5615                                               struct samr_RemoveMultipleMembersFromAlias *r)
5616 {
5617         p->rng_fault_state = true;
5618         return NT_STATUS_NOT_IMPLEMENTED;
5619 }
5620
5621 /****************************************************************
5622 ****************************************************************/
5623
5624 NTSTATUS _samr_OemChangePasswordUser2(pipes_struct *p,
5625                                       struct samr_OemChangePasswordUser2 *r)
5626 {
5627         p->rng_fault_state = true;
5628         return NT_STATUS_NOT_IMPLEMENTED;
5629 }
5630
5631 /****************************************************************
5632 ****************************************************************/
5633
5634 NTSTATUS _samr_SetBootKeyInformation(pipes_struct *p,
5635                                      struct samr_SetBootKeyInformation *r)
5636 {
5637         p->rng_fault_state = true;
5638         return NT_STATUS_NOT_IMPLEMENTED;
5639 }
5640
5641 /****************************************************************
5642 ****************************************************************/
5643
5644 NTSTATUS _samr_GetBootKeyInformation(pipes_struct *p,
5645                                      struct samr_GetBootKeyInformation *r)
5646 {
5647         p->rng_fault_state = true;
5648         return NT_STATUS_NOT_IMPLEMENTED;
5649 }
5650
5651 /****************************************************************
5652 ****************************************************************/
5653
5654 NTSTATUS _samr_RidToSid(pipes_struct *p,
5655                         struct samr_RidToSid *r)
5656 {
5657         p->rng_fault_state = true;
5658         return NT_STATUS_NOT_IMPLEMENTED;
5659 }
5660
5661 /****************************************************************
5662 ****************************************************************/
5663
5664 NTSTATUS _samr_SetDsrmPassword(pipes_struct *p,
5665                                struct samr_SetDsrmPassword *r)
5666 {
5667         p->rng_fault_state = true;
5668         return NT_STATUS_NOT_IMPLEMENTED;
5669 }
5670
5671 /****************************************************************
5672 ****************************************************************/
5673
5674 NTSTATUS _samr_ValidatePassword(pipes_struct *p,
5675                                 struct samr_ValidatePassword *r)
5676 {
5677         p->rng_fault_state = true;
5678         return NT_STATUS_NOT_IMPLEMENTED;
5679 }