Replace sid_string_static by sid_string_dbg in DEBUGs
[amitay/samba.git] / source3 / rpc_server / srv_samr_nt.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell                   1992-1997,
5  *  Copyright (C) Luke Kenneth Casson Leighton      1996-1997,
6  *  Copyright (C) Paul Ashton                       1997,
7  *  Copyright (C) Marc Jacobsen                     1999,
8  *  Copyright (C) Jeremy Allison                    2001-2005,
9  *  Copyright (C) Jean Fran├žois Micouleau           1998-2001,
10  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002,
11  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
12  *  Copyright (C) Simo Sorce                        2003.
13  *  Copyright (C) Volker Lendecke                   2005.
14  *
15  *  This program is free software; you can redistribute it and/or modify
16  *  it under the terms of the GNU General Public License as published by
17  *  the Free Software Foundation; either version 3 of the License, or
18  *  (at your option) any later version.
19  *
20  *  This program is distributed in the hope that it will be useful,
21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
23  *  GNU General Public License for more details.
24  *
25  *  You should have received a copy of the GNU General Public License
26  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
27  */
28
29 /*
30  * This is the implementation of the SAMR code.
31  */
32
33 #include "includes.h"
34
35 #undef DBGC_CLASS
36 #define DBGC_CLASS DBGC_RPC_SRV
37
38 #define SAMR_USR_RIGHTS_WRITE_PW \
39                 ( READ_CONTROL_ACCESS           | \
40                   SA_RIGHT_USER_CHANGE_PASSWORD | \
41                   SA_RIGHT_USER_SET_LOC_COM )
42 #define SAMR_USR_RIGHTS_CANT_WRITE_PW \
43                 ( READ_CONTROL_ACCESS | SA_RIGHT_USER_SET_LOC_COM )
44
45 #define DISP_INFO_CACHE_TIMEOUT 10
46
47 typedef struct disp_info {
48         DOM_SID sid; /* identify which domain this is. */
49         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
50         struct pdb_search *users; /* querydispinfo 1 and 4 */
51         struct pdb_search *machines; /* querydispinfo 2 */
52         struct pdb_search *groups; /* querydispinfo 3 and 5, enumgroups */
53         struct pdb_search *aliases; /* enumaliases */
54
55         uint16 enum_acb_mask;
56         struct pdb_search *enum_users; /* enumusers with a mask */
57
58         struct timed_event *cache_timeout_event; /* cache idle timeout
59                                                   * handler. */
60 } DISP_INFO;
61
62 /* We keep a static list of these by SID as modern clients close down
63    all resources between each request in a complete enumeration. */
64
65 struct samr_info {
66         /* for use by the \PIPE\samr policy */
67         DOM_SID sid;
68         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
69         uint32 status; /* some sort of flag.  best to record it.  comes from opnum 0x39 */
70         uint32 acc_granted;
71         DISP_INFO *disp_info;
72         TALLOC_CTX *mem_ctx;
73 };
74
75 static const struct generic_mapping sam_generic_mapping = {
76         GENERIC_RIGHTS_SAM_READ,
77         GENERIC_RIGHTS_SAM_WRITE,
78         GENERIC_RIGHTS_SAM_EXECUTE,
79         GENERIC_RIGHTS_SAM_ALL_ACCESS};
80 static const struct generic_mapping dom_generic_mapping = {
81         GENERIC_RIGHTS_DOMAIN_READ,
82         GENERIC_RIGHTS_DOMAIN_WRITE,
83         GENERIC_RIGHTS_DOMAIN_EXECUTE,
84         GENERIC_RIGHTS_DOMAIN_ALL_ACCESS};
85 static const struct generic_mapping usr_generic_mapping = {
86         GENERIC_RIGHTS_USER_READ,
87         GENERIC_RIGHTS_USER_WRITE,
88         GENERIC_RIGHTS_USER_EXECUTE,
89         GENERIC_RIGHTS_USER_ALL_ACCESS};
90 static const struct generic_mapping usr_nopwchange_generic_mapping = {
91         GENERIC_RIGHTS_USER_READ,
92         GENERIC_RIGHTS_USER_WRITE,
93         GENERIC_RIGHTS_USER_EXECUTE & ~SA_RIGHT_USER_CHANGE_PASSWORD,
94         GENERIC_RIGHTS_USER_ALL_ACCESS};
95 static const struct generic_mapping grp_generic_mapping = {
96         GENERIC_RIGHTS_GROUP_READ,
97         GENERIC_RIGHTS_GROUP_WRITE,
98         GENERIC_RIGHTS_GROUP_EXECUTE,
99         GENERIC_RIGHTS_GROUP_ALL_ACCESS};
100 static const struct generic_mapping ali_generic_mapping = {
101         GENERIC_RIGHTS_ALIAS_READ,
102         GENERIC_RIGHTS_ALIAS_WRITE,
103         GENERIC_RIGHTS_ALIAS_EXECUTE,
104         GENERIC_RIGHTS_ALIAS_ALL_ACCESS};
105
106 /*******************************************************************
107 *******************************************************************/
108
109 static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
110                                      const struct generic_mapping *map,
111                                      DOM_SID *sid, uint32 sid_access )
112 {
113         DOM_SID domadmin_sid;
114         SEC_ACE ace[5];         /* at most 5 entries */
115         SEC_ACCESS mask;
116         size_t i = 0;
117
118         SEC_ACL *psa = NULL;
119
120         /* basic access for Everyone */
121
122         init_sec_access(&mask, map->generic_execute | map->generic_read );
123         init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
124
125         /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
126
127         init_sec_access(&mask, map->generic_all);
128         
129         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
130         init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
131
132         /* Add Full Access for Domain Admins if we are a DC */
133         
134         if ( IS_DC ) {
135                 sid_copy( &domadmin_sid, get_global_sam_sid() );
136                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
137                 init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
138         }
139
140         /* if we have a sid, give it some special access */
141
142         if ( sid ) {
143                 init_sec_access( &mask, sid_access );
144                 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
145         }
146
147         /* create the security descriptor */
148
149         if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
150                 return NT_STATUS_NO_MEMORY;
151
152         if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL)
153                 return NT_STATUS_NO_MEMORY;
154
155         return NT_STATUS_OK;
156 }
157
158 /*******************************************************************
159  Checks if access to an object should be granted, and returns that
160  level of access for further checks.
161 ********************************************************************/
162
163 static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token, 
164                                           SE_PRIV *rights, uint32 rights_mask,
165                                           uint32 des_access, uint32 *acc_granted, 
166                                           const char *debug )
167 {
168         NTSTATUS status = NT_STATUS_ACCESS_DENIED;
169         uint32 saved_mask = 0;
170
171         /* check privileges; certain SAM access bits should be overridden 
172            by privileges (mostly having to do with creating/modifying/deleting 
173            users and groups) */
174         
175         if ( rights && user_has_any_privilege( token, rights ) ) {
176         
177                 saved_mask = (des_access & rights_mask);
178                 des_access &= ~saved_mask;
179                 
180                 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n",
181                         rights_mask));
182         }
183                 
184         
185         /* check the security descriptor first */
186         
187         if ( se_access_check(psd, token, des_access, acc_granted, &status) )
188                 goto done;
189         
190         /* give root a free pass */
191         
192         if ( geteuid() == sec_initial_uid() ) {
193         
194                 DEBUG(4,("%s: ACCESS should be DENIED  (requested: %#010x)\n", debug, des_access));
195                 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n"));
196                 
197                 *acc_granted = des_access;
198                 
199                 status = NT_STATUS_OK;
200                 goto done;
201         }
202         
203         
204 done:
205         /* add in any bits saved during the privilege check (only 
206            matters is status is ok) */
207         
208         *acc_granted |= rights_mask;
209
210         DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n", 
211                 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED", 
212                 des_access, *acc_granted));
213         
214         return status;
215 }
216
217 /*******************************************************************
218  Checks if access to a function can be granted
219 ********************************************************************/
220
221 static NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug)
222 {
223         DEBUG(5,("%s: access check ((granted: %#010x;  required: %#010x)\n",  
224                 debug, acc_granted, acc_required));
225
226         /* check the security descriptor first */
227         
228         if ( (acc_granted&acc_required) == acc_required )
229                 return NT_STATUS_OK;
230                 
231         /* give root a free pass */
232
233         if (geteuid() == sec_initial_uid()) {
234         
235                 DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x;  required: %#010x)\n",
236                         debug, acc_granted, acc_required));
237                 DEBUGADD(4,("but overwritten by euid == 0\n"));
238                 
239                 return NT_STATUS_OK;
240         }
241         
242         DEBUG(2,("%s: ACCESS DENIED (granted: %#010x;  required: %#010x)\n", 
243                 debug, acc_granted, acc_required));
244                 
245         return NT_STATUS_ACCESS_DENIED;
246 }
247
248 /*******************************************************************
249  Fetch or create a dispinfo struct.
250 ********************************************************************/
251
252 static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid)
253 {
254         /*
255          * We do a static cache for DISP_INFO's here. Explanation can be found
256          * in Jeremy's checkin message to r11793:
257          *
258          * Fix the SAMR cache so it works across completely insane
259          * client behaviour (ie.:
260          * open pipe/open SAMR handle/enumerate 0 - 1024
261          * close SAMR handle, close pipe.
262          * open pipe/open SAMR handle/enumerate 1024 - 2048...
263          * close SAMR handle, close pipe.
264          * And on ad-nausium. Amazing.... probably object-oriented
265          * client side programming in action yet again.
266          * This change should *massively* improve performance when
267          * enumerating users from an LDAP database.
268          * Jeremy.
269          *
270          * "Our" and the builtin domain are the only ones where we ever
271          * enumerate stuff, so just cache 2 entries.
272          */
273
274         static struct disp_info builtin_dispinfo;
275         static struct disp_info domain_dispinfo;
276
277         /* There are two cases to consider here:
278            1) The SID is a domain SID and we look for an equality match, or
279            2) This is an account SID and so we return the DISP_INFO* for our 
280               domain */
281
282         if (psid == NULL) {
283                 return NULL;
284         }
285
286         if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) {
287                 /*
288                  * Necessary only once, but it does not really hurt.
289                  */
290                 sid_copy(&builtin_dispinfo.sid, &global_sid_Builtin);
291
292                 return &builtin_dispinfo;
293         }
294                 
295         if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
296                 /*
297                  * Necessary only once, but it does not really hurt.
298                  */
299                 sid_copy(&domain_dispinfo.sid, get_global_sam_sid());
300
301                 return &domain_dispinfo;
302         }
303
304         return NULL;
305 }
306
307 /*******************************************************************
308  Create a samr_info struct.
309 ********************************************************************/
310
311 static struct samr_info *get_samr_info_by_sid(DOM_SID *psid)
312 {
313         struct samr_info *info;
314         fstring sid_str;
315         TALLOC_CTX *mem_ctx;
316         
317         if (psid) {
318                 sid_to_string(sid_str, psid);
319         } else {
320                 fstrcpy(sid_str,"(NULL)");
321         }
322
323         mem_ctx = talloc_init("samr_info for domain sid %s", sid_str);
324
325         if ((info = TALLOC_ZERO_P(mem_ctx, struct samr_info)) == NULL)
326                 return NULL;
327
328         DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str));
329         if (psid) {
330                 sid_copy( &info->sid, psid);
331                 info->builtin_domain = sid_check_is_builtin(psid);
332         } else {
333                 DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n"));
334                 info->builtin_domain = False;
335         }
336         info->mem_ctx = mem_ctx;
337
338         info->disp_info = get_samr_dispinfo_by_sid(psid);
339
340         return info;
341 }
342
343 /*******************************************************************
344  Function to free the per SID data.
345  ********************************************************************/
346
347 static void free_samr_cache(DISP_INFO *disp_info)
348 {
349         DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
350                    sid_string_dbg(&disp_info->sid)));
351
352         /* We need to become root here because the paged search might have to
353          * tell the LDAP server we're not interested in the rest anymore. */
354
355         become_root();
356
357         if (disp_info->users) {
358                 DEBUG(10,("free_samr_cache: deleting users cache\n"));
359                 pdb_search_destroy(disp_info->users);
360                 disp_info->users = NULL;
361         }
362         if (disp_info->machines) {
363                 DEBUG(10,("free_samr_cache: deleting machines cache\n"));
364                 pdb_search_destroy(disp_info->machines);
365                 disp_info->machines = NULL;
366         }
367         if (disp_info->groups) {
368                 DEBUG(10,("free_samr_cache: deleting groups cache\n"));
369                 pdb_search_destroy(disp_info->groups);
370                 disp_info->groups = NULL;
371         }
372         if (disp_info->aliases) {
373                 DEBUG(10,("free_samr_cache: deleting aliases cache\n"));
374                 pdb_search_destroy(disp_info->aliases);
375                 disp_info->aliases = NULL;
376         }
377         if (disp_info->enum_users) {
378                 DEBUG(10,("free_samr_cache: deleting enum_users cache\n"));
379                 pdb_search_destroy(disp_info->enum_users);
380                 disp_info->enum_users = NULL;
381         }
382         disp_info->enum_acb_mask = 0;
383
384         unbecome_root();
385 }
386
387 /*******************************************************************
388  Function to free the per handle data.
389  ********************************************************************/
390
391 static void free_samr_info(void *ptr)
392 {
393         struct samr_info *info=(struct samr_info *) ptr;
394
395         /* Only free the dispinfo cache if no one bothered to set up
396            a timeout. */
397
398         if (info->disp_info && info->disp_info->cache_timeout_event == NULL) {
399                 free_samr_cache(info->disp_info);
400         }
401
402         talloc_destroy(info->mem_ctx);
403 }
404
405 /*******************************************************************
406  Idle event handler. Throw away the disp info cache.
407  ********************************************************************/
408
409 static void disp_info_cache_idle_timeout_handler(struct event_context *ev_ctx,
410                                                  struct timed_event *te,
411                                                  const struct timeval *now,
412                                                  void *private_data)
413 {
414         DISP_INFO *disp_info = (DISP_INFO *)private_data;
415
416         TALLOC_FREE(disp_info->cache_timeout_event);
417
418         DEBUG(10, ("disp_info_cache_idle_timeout_handler: caching timed "
419                    "out\n"));
420         free_samr_cache(disp_info);
421 }
422
423 /*******************************************************************
424  Setup cache removal idle event handler.
425  ********************************************************************/
426
427 static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
428 {
429         /* Remove any pending timeout and update. */
430
431         TALLOC_FREE(disp_info->cache_timeout_event);
432
433         DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
434                   "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
435                   (unsigned int)secs_fromnow ));
436
437         disp_info->cache_timeout_event = event_add_timed(
438                 smbd_event_context(), NULL,
439                 timeval_current_ofs(secs_fromnow, 0),
440                 "disp_info_cache_idle_timeout_handler",
441                 disp_info_cache_idle_timeout_handler, (void *)disp_info);
442 }
443
444 /*******************************************************************
445  Force flush any cache. We do this on any samr_set_xxx call.
446  We must also remove the timeout handler.
447  ********************************************************************/
448
449 static void force_flush_samr_cache(DISP_INFO *disp_info)
450 {
451         if ((disp_info == NULL) || (disp_info->cache_timeout_event == NULL)) {
452                 return;
453         }
454
455         DEBUG(10,("force_flush_samr_cache: clearing idle event\n"));
456         TALLOC_FREE(disp_info->cache_timeout_event);
457         free_samr_cache(disp_info);
458 }
459
460 /*******************************************************************
461  Ensure password info is never given out. Paranioa... JRA.
462  ********************************************************************/
463
464 static void samr_clear_sam_passwd(struct samu *sam_pass)
465 {
466         
467         if (!sam_pass)
468                 return;
469
470         /* These now zero out the old password */
471
472         pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
473         pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
474 }
475
476 static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
477 {
478         struct samr_displayentry *entry;
479
480         if (info->builtin_domain) {
481                 /* No users in builtin. */
482                 return 0;
483         }
484
485         if (info->users == NULL) {
486                 info->users = pdb_search_users(acct_flags);
487                 if (info->users == NULL) {
488                         return 0;
489                 }
490         }
491         /* Fetch the last possible entry, thus trigger an enumeration */
492         pdb_search_entries(info->users, 0xffffffff, 1, &entry);
493
494         /* Ensure we cache this enumeration. */
495         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
496
497         return info->users->num_entries;
498 }
499
500 static uint32 count_sam_groups(struct disp_info *info)
501 {
502         struct samr_displayentry *entry;
503
504         if (info->builtin_domain) {
505                 /* No groups in builtin. */
506                 return 0;
507         }
508
509         if (info->groups == NULL) {
510                 info->groups = pdb_search_groups();
511                 if (info->groups == NULL) {
512                         return 0;
513                 }
514         }
515         /* Fetch the last possible entry, thus trigger an enumeration */
516         pdb_search_entries(info->groups, 0xffffffff, 1, &entry);
517
518         /* Ensure we cache this enumeration. */
519         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
520
521         return info->groups->num_entries;
522 }
523
524 static uint32 count_sam_aliases(struct disp_info *info)
525 {
526         struct samr_displayentry *entry;
527
528         if (info->aliases == NULL) {
529                 info->aliases = pdb_search_aliases(&info->sid);
530                 if (info->aliases == NULL) {
531                         return 0;
532                 }
533         }
534         /* Fetch the last possible entry, thus trigger an enumeration */
535         pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
536
537         /* Ensure we cache this enumeration. */
538         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
539
540         return info->aliases->num_entries;
541 }
542
543 /*******************************************************************
544  _samr_close_hnd
545  ********************************************************************/
546
547 NTSTATUS _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND *r_u)
548 {
549         r_u->status = NT_STATUS_OK;
550
551         /* close the policy handle */
552         if (!close_policy_hnd(p, &q_u->pol))
553                 return NT_STATUS_OBJECT_NAME_INVALID;
554
555         DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
556
557         return r_u->status;
558 }
559
560 /*******************************************************************
561  samr_reply_open_domain
562  ********************************************************************/
563
564 NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u)
565 {
566         struct    samr_info *info;
567         SEC_DESC *psd = NULL;
568         uint32    acc_granted;
569         uint32    des_access = q_u->flags;
570         NTSTATUS  status;
571         size_t    sd_size;
572         SE_PRIV se_rights;
573
574         r_u->status = NT_STATUS_OK;
575
576         /* find the connection policy handle. */
577         
578         if ( !find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info) )
579                 return NT_STATUS_INVALID_HANDLE;
580
581         status = access_check_samr_function( info->acc_granted, 
582                 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_open_domain" );
583                 
584         if ( !NT_STATUS_IS_OK(status) )
585                 return status;
586
587         /*check if access can be granted as requested by client. */
588         
589         make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 );
590         se_map_generic( &des_access, &dom_generic_mapping );
591         
592         se_priv_copy( &se_rights, &se_machine_account );
593         se_priv_add( &se_rights, &se_add_users );
594
595         status = access_check_samr_object( psd, p->pipe_user.nt_user_token, 
596                 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access, 
597                 &acc_granted, "_samr_open_domain" );
598                 
599         if ( !NT_STATUS_IS_OK(status) )
600                 return status;
601
602         if (!sid_check_is_domain(&q_u->dom_sid.sid) &&
603             !sid_check_is_builtin(&q_u->dom_sid.sid)) {
604                 return NT_STATUS_NO_SUCH_DOMAIN;
605         }
606
607         /* associate the domain SID with the (unique) handle. */
608         if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL)
609                 return NT_STATUS_NO_MEMORY;
610         info->acc_granted = acc_granted;
611
612         /* get a (unique) handle.  open a policy on it. */
613         if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info))
614                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
615
616         DEBUG(5,("samr_open_domain: %d\n", __LINE__));
617
618         return r_u->status;
619 }
620
621 /*******************************************************************
622  _samr_get_usrdom_pwinfo
623  ********************************************************************/
624
625 NTSTATUS _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, SAMR_R_GET_USRDOM_PWINFO *r_u)
626 {
627         struct samr_info *info = NULL;
628
629         r_u->status = NT_STATUS_OK;
630
631         /* find the policy handle.  open a policy on it. */
632         if (!find_policy_by_hnd(p, &q_u->user_pol, (void **)(void *)&info))
633                 return NT_STATUS_INVALID_HANDLE;
634
635         if (!sid_check_is_in_our_domain(&info->sid))
636                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
637
638         init_samr_r_get_usrdom_pwinfo(r_u, NT_STATUS_OK);
639
640         DEBUG(5,("_samr_get_usrdom_pwinfo: %d\n", __LINE__));
641
642         /* 
643          * NT sometimes return NT_STATUS_ACCESS_DENIED
644          * I don't know yet why.
645          */
646
647         return r_u->status;
648 }
649
650 /*******************************************************************
651 ********************************************************************/
652
653 static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol, 
654                                         DOM_SID *sid, uint32 *acc_granted,
655                                         DISP_INFO **ppdisp_info)
656 {
657         struct samr_info *info = NULL;
658
659         /* find the policy handle.  open a policy on it. */
660         if (!find_policy_by_hnd(p, pol, (void **)(void *)&info))
661                 return False;
662
663         if (!info)
664                 return False;
665
666         *sid = info->sid;
667         *acc_granted = info->acc_granted;
668         if (ppdisp_info) {
669                 *ppdisp_info = info->disp_info;
670         }
671
672         return True;
673 }
674
675 /*******************************************************************
676  _samr_set_sec_obj
677  ********************************************************************/
678
679 NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u)
680 {
681         DOM_SID pol_sid;
682         uint32 acc_granted, i;
683         SEC_ACL *dacl;
684         bool ret;
685         struct samu *sampass=NULL;
686         NTSTATUS status;
687
688         r_u->status = NT_STATUS_OK;
689
690         if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL))
691                 return NT_STATUS_INVALID_HANDLE;
692
693         if (!(sampass = samu_new( p->mem_ctx))) {
694                 DEBUG(0,("No memory!\n"));
695                 return NT_STATUS_NO_MEMORY;
696         }
697
698         /* get the user record */
699         become_root();
700         ret = pdb_getsampwsid(sampass, &pol_sid);
701         unbecome_root();
702
703         if (!ret) {
704                 DEBUG(4, ("User %s not found\n", sid_string_dbg(&pol_sid)));
705                 TALLOC_FREE(sampass);
706                 return NT_STATUS_INVALID_HANDLE;
707         }
708
709         dacl = q_u->buf->sd->dacl;
710         for (i=0; i < dacl->num_aces; i++) {
711                 if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
712                         ret = pdb_set_pass_can_change(sampass, 
713                                 (dacl->aces[i].access_mask & 
714                                  SA_RIGHT_USER_CHANGE_PASSWORD) ? 
715                                                       True: False);
716                         break;
717                 }
718         }
719
720         if (!ret) {
721                 TALLOC_FREE(sampass);
722                 return NT_STATUS_ACCESS_DENIED;
723         }
724
725         status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj");
726         if (NT_STATUS_IS_OK(status)) {
727                 become_root();
728                 status = pdb_update_sam_account(sampass);
729                 unbecome_root();
730         }
731
732         TALLOC_FREE(sampass);
733
734         return status;
735 }
736
737 /*******************************************************************
738   build correct perms based on policies and password times for _samr_query_sec_obj
739 *******************************************************************/
740 static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
741 {
742         struct samu *sampass=NULL;
743         bool ret;
744
745         if ( !(sampass = samu_new( mem_ctx )) ) {
746                 DEBUG(0,("No memory!\n"));
747                 return False;
748         }
749
750         become_root();
751         ret = pdb_getsampwsid(sampass, user_sid);
752         unbecome_root();
753
754         if (ret == False) {
755                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
756                 TALLOC_FREE(sampass);
757                 return False;
758         }
759
760         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
761
762         if (pdb_get_pass_can_change(sampass)) {
763                 TALLOC_FREE(sampass);
764                 return True;
765         }
766         TALLOC_FREE(sampass);
767         return False;
768 }
769
770
771 /*******************************************************************
772  _samr_query_sec_obj
773  ********************************************************************/
774
775 NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QUERY_SEC_OBJ *r_u)
776 {
777         DOM_SID pol_sid;
778         SEC_DESC * psd = NULL;
779         uint32 acc_granted;
780         size_t sd_size;
781
782         r_u->status = NT_STATUS_OK;
783
784         /* Get the SID. */
785         if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL))
786                 return NT_STATUS_INVALID_HANDLE;
787
788         DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n",
789                   sid_string_dbg(&pol_sid)));
790
791         /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
792
793         /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */
794         if (pol_sid.sid_rev_num == 0) {
795                 DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n"));
796                 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
797         } else if (sid_equal(&pol_sid,get_global_sam_sid())) { 
798                 /* check if it is our domain SID */
799                 DEBUG(5,("_samr_query_sec_obj: querying security on Domain "
800                          "with SID: %s\n", sid_string_dbg(&pol_sid)));
801                 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
802         } else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
803                 /* check if it is the Builtin  Domain */
804                 /* TODO: Builtin probably needs a different SD with restricted write access*/
805                 DEBUG(5,("_samr_query_sec_obj: querying security on Builtin "
806                          "Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
807                 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
808         } else if (sid_check_is_in_our_domain(&pol_sid) ||
809                  sid_check_is_in_builtin(&pol_sid)) {
810                 /* TODO: different SDs have to be generated for aliases groups and users.
811                          Currently all three get a default user SD  */
812                 DEBUG(10,("_samr_query_sec_obj: querying security on Object "
813                           "with SID: %s\n", sid_string_dbg(&pol_sid)));
814                 if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
815                         r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, 
816                                                           &pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
817                 } else {
818                         r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping, 
819                                                           &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
820                 }
821         } else {
822                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
823         }
824
825         if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
826                 return NT_STATUS_NO_MEMORY;
827
828         if (NT_STATUS_IS_OK(r_u->status))
829                 r_u->ptr = 1;
830
831         return r_u->status;
832 }
833
834 /*******************************************************************
835 makes a SAM_ENTRY / UNISTR2* structure from a user list.
836 ********************************************************************/
837
838 static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp,
839                                          UNISTR2 **uni_name_pp,
840                                          uint32 num_entries, uint32 start_idx,
841                                          struct samr_displayentry *entries)
842 {
843         uint32 i;
844         SAM_ENTRY *sam;
845         UNISTR2 *uni_name;
846         
847         *sam_pp = NULL;
848         *uni_name_pp = NULL;
849
850         if (num_entries == 0)
851                 return NT_STATUS_OK;
852
853         sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_entries);
854
855         uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_entries);
856
857         if (sam == NULL || uni_name == NULL) {
858                 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n"));
859                 return NT_STATUS_NO_MEMORY;
860         }
861
862         for (i = 0; i < num_entries; i++) {
863                 UNISTR2 uni_temp_name;
864                 /*
865                  * usrmgr expects a non-NULL terminated string with
866                  * trust relationships
867                  */
868                 if (entries[i].acct_flags & ACB_DOMTRUST) {
869                         init_unistr2(&uni_temp_name, entries[i].account_name,
870                                      UNI_FLAGS_NONE);
871                 } else {
872                         init_unistr2(&uni_temp_name, entries[i].account_name,
873                                      UNI_STR_TERMINATE);
874                 }
875
876                 init_sam_entry(&sam[i], &uni_temp_name, entries[i].rid);
877                 copy_unistr2(&uni_name[i], &uni_temp_name);
878         }
879
880         *sam_pp = sam;
881         *uni_name_pp = uni_name;
882         return NT_STATUS_OK;
883 }
884
885 /*******************************************************************
886  samr_reply_enum_dom_users
887  ********************************************************************/
888
889 NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, 
890                               SAMR_R_ENUM_DOM_USERS *r_u)
891 {
892         struct samr_info *info = NULL;
893         int num_account;
894         uint32 enum_context=q_u->start_idx;
895         enum remote_arch_types ra_type = get_remote_arch();
896         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
897         uint32 max_entries = max_sam_entries;
898         struct samr_displayentry *entries = NULL;
899         
900         r_u->status = NT_STATUS_OK;
901
902         /* find the policy handle.  open a policy on it. */
903         if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
904                 return NT_STATUS_INVALID_HANDLE;
905
906         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, 
907                                         SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, 
908                                         "_samr_enum_dom_users"))) {
909                 return r_u->status;
910         }
911         
912         DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__));
913
914         if (info->builtin_domain) {
915                 /* No users in builtin. */
916                 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0);
917                 DEBUG(5,("_samr_enum_dom_users: No users in BUILTIN\n"));
918                 return r_u->status;
919         }
920
921         become_root();
922
923         /* AS ROOT !!!! */
924
925         if ((info->disp_info->enum_users != NULL) &&
926             (info->disp_info->enum_acb_mask != q_u->acb_mask)) {
927                 pdb_search_destroy(info->disp_info->enum_users);
928                 info->disp_info->enum_users = NULL;
929         }
930
931         if (info->disp_info->enum_users == NULL) {
932                 info->disp_info->enum_users = pdb_search_users(q_u->acb_mask);
933                 info->disp_info->enum_acb_mask = q_u->acb_mask;
934         }
935
936         if (info->disp_info->enum_users == NULL) {
937                 /* END AS ROOT !!!! */
938                 unbecome_root();
939                 return NT_STATUS_ACCESS_DENIED;
940         }
941
942         num_account = pdb_search_entries(info->disp_info->enum_users,
943                                          enum_context, max_entries,
944                                          &entries);
945
946         /* END AS ROOT !!!! */
947
948         unbecome_root();
949
950         if (num_account == 0) {
951                 DEBUG(5, ("_samr_enum_dom_users: enumeration handle over "
952                           "total entries\n"));
953                 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0);
954                 return NT_STATUS_OK;
955         }
956
957         r_u->status = make_user_sam_entry_list(p->mem_ctx, &r_u->sam,
958                                                &r_u->uni_acct_name, 
959                                                num_account, enum_context,
960                                                entries);
961
962         if (!NT_STATUS_IS_OK(r_u->status))
963                 return r_u->status;
964
965         if (max_entries <= num_account) {
966                 r_u->status = STATUS_MORE_ENTRIES;
967         } else {
968                 r_u->status = NT_STATUS_OK;
969         }
970
971         /* Ensure we cache this enumeration. */
972         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
973
974         DEBUG(5, ("_samr_enum_dom_users: %d\n", __LINE__));
975
976         init_samr_r_enum_dom_users(r_u, q_u->start_idx + num_account,
977                                    num_account);
978
979         DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__));
980
981         return r_u->status;
982 }
983
984 /*******************************************************************
985 makes a SAM_ENTRY / UNISTR2* structure from a group list.
986 ********************************************************************/
987
988 static void make_group_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp,
989                                       UNISTR2 **uni_name_pp,
990                                       uint32 num_sam_entries,
991                                       struct samr_displayentry *entries)
992 {
993         uint32 i;
994         SAM_ENTRY *sam;
995         UNISTR2 *uni_name;
996
997         *sam_pp = NULL;
998         *uni_name_pp = NULL;
999
1000         if (num_sam_entries == 0)
1001                 return;
1002
1003         sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries);
1004         uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries);
1005
1006         if (sam == NULL || uni_name == NULL) {
1007                 DEBUG(0, ("NULL pointers in SAMR_R_QUERY_DISPINFO\n"));
1008                 return;
1009         }
1010
1011         for (i = 0; i < num_sam_entries; i++) {
1012                 /*
1013                  * JRA. I think this should include the null. TNG does not.
1014                  */
1015                 init_unistr2(&uni_name[i], entries[i].account_name,
1016                              UNI_STR_TERMINATE);
1017                 init_sam_entry(&sam[i], &uni_name[i], entries[i].rid);
1018         }
1019
1020         *sam_pp = sam;
1021         *uni_name_pp = uni_name;
1022 }
1023
1024 /*******************************************************************
1025  samr_reply_enum_dom_groups
1026  ********************************************************************/
1027
1028 NTSTATUS _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAMR_R_ENUM_DOM_GROUPS *r_u)
1029 {
1030         struct samr_info *info = NULL;
1031         struct samr_displayentry *groups;
1032         uint32 num_groups;
1033
1034         r_u->status = NT_STATUS_OK;
1035
1036         /* find the policy handle.  open a policy on it. */
1037         if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
1038                 return NT_STATUS_INVALID_HANDLE;
1039
1040         r_u->status = access_check_samr_function(info->acc_granted,
1041                                                  SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
1042                                                  "_samr_enum_dom_groups");
1043         if (!NT_STATUS_IS_OK(r_u->status))
1044                 return r_u->status;
1045
1046         DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
1047
1048         if (info->builtin_domain) {
1049                 /* No groups in builtin. */
1050                 init_samr_r_enum_dom_groups(r_u, q_u->start_idx, 0);
1051                 DEBUG(5,("_samr_enum_dom_users: No groups in BUILTIN\n"));
1052                 return r_u->status;
1053         }
1054
1055         /* the domain group array is being allocated in the function below */
1056
1057         become_root();
1058
1059         if (info->disp_info->groups == NULL) {
1060                 info->disp_info->groups = pdb_search_groups();
1061
1062                 if (info->disp_info->groups == NULL) {
1063                         unbecome_root();
1064                         return NT_STATUS_ACCESS_DENIED;
1065                 }
1066         }
1067
1068         num_groups = pdb_search_entries(info->disp_info->groups, q_u->start_idx,
1069                                         MAX_SAM_ENTRIES, &groups);
1070         unbecome_root();
1071         
1072         /* Ensure we cache this enumeration. */
1073         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1074
1075         make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name,
1076                                   num_groups, groups);
1077
1078         init_samr_r_enum_dom_groups(r_u, q_u->start_idx, num_groups);
1079
1080         DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
1081
1082         return r_u->status;
1083 }
1084
1085 /*******************************************************************
1086  samr_reply_enum_dom_aliases
1087  ********************************************************************/
1088
1089 NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, SAMR_R_ENUM_DOM_ALIASES *r_u)
1090 {
1091         struct samr_info *info;
1092         struct samr_displayentry *aliases;
1093         uint32 num_aliases = 0;
1094
1095         /* find the policy handle.  open a policy on it. */
1096         if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
1097                 return NT_STATUS_INVALID_HANDLE;
1098
1099         r_u->status = access_check_samr_function(info->acc_granted,
1100                                                  SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
1101                                                  "_samr_enum_dom_aliases");
1102         if (!NT_STATUS_IS_OK(r_u->status))
1103                 return r_u->status;
1104
1105         DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n",
1106                  sid_string_dbg(&info->sid)));
1107
1108         become_root();
1109
1110         if (info->disp_info->aliases == NULL) {
1111                 info->disp_info->aliases = pdb_search_aliases(&info->sid);
1112                 if (info->disp_info->aliases == NULL) {
1113                         unbecome_root();
1114                         return NT_STATUS_ACCESS_DENIED;
1115                 }
1116         }
1117
1118         num_aliases = pdb_search_entries(info->disp_info->aliases, q_u->start_idx,
1119                                          MAX_SAM_ENTRIES, &aliases);
1120         unbecome_root();
1121         
1122         /* Ensure we cache this enumeration. */
1123         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1124
1125         make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name,
1126                                   num_aliases, aliases);
1127
1128         init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_aliases,
1129                                      num_aliases);
1130
1131         DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
1132
1133         return r_u->status;
1134 }
1135
1136 /*******************************************************************
1137  samr_reply_query_dispinfo
1138  ********************************************************************/
1139
1140 NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, 
1141                               SAMR_R_QUERY_DISPINFO *r_u)
1142 {
1143         struct samr_info *info = NULL;
1144         uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */
1145         
1146         uint32 max_entries=q_u->max_entries;
1147         uint32 enum_context=q_u->start_idx;
1148         uint32 max_size=q_u->max_size;
1149
1150         SAM_DISPINFO_CTR *ctr;
1151         uint32 temp_size=0, total_data_size=0;
1152         NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL;
1153         uint32 num_account = 0;
1154         enum remote_arch_types ra_type = get_remote_arch();
1155         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
1156         struct samr_displayentry *entries = NULL;
1157
1158         DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
1159         r_u->status = NT_STATUS_UNSUCCESSFUL;
1160
1161         /* find the policy handle.  open a policy on it. */
1162         if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info))
1163                 return NT_STATUS_INVALID_HANDLE;
1164
1165         /*
1166          * calculate how many entries we will return.
1167          * based on 
1168          * - the number of entries the client asked
1169          * - our limit on that
1170          * - the starting point (enumeration context)
1171          * - the buffer size the client will accept
1172          */
1173
1174         /*
1175          * We are a lot more like W2K. Instead of reading the SAM
1176          * each time to find the records we need to send back,
1177          * we read it once and link that copy to the sam handle.
1178          * For large user list (over the MAX_SAM_ENTRIES)
1179          * it's a definitive win.
1180          * second point to notice: between enumerations
1181          * our sam is now the same as it's a snapshoot.
1182          * third point: got rid of the static SAM_USER_21 struct
1183          * no more intermediate.
1184          * con: it uses much more memory, as a full copy is stored
1185          * in memory.
1186          *
1187          * If you want to change it, think twice and think
1188          * of the second point , that's really important.
1189          *
1190          * JFM, 12/20/2001
1191          */
1192
1193         if ((q_u->switch_level < 1) || (q_u->switch_level > 5)) {
1194                 DEBUG(0,("_samr_query_dispinfo: Unknown info level (%u)\n",
1195                          (unsigned int)q_u->switch_level ));
1196                 return NT_STATUS_INVALID_INFO_CLASS;
1197         }
1198
1199         /* first limit the number of entries we will return */
1200         if(max_entries > max_sam_entries) {
1201                 DEBUG(5, ("samr_reply_query_dispinfo: client requested %d "
1202                           "entries, limiting to %d\n", max_entries,
1203                           max_sam_entries));
1204                 max_entries = max_sam_entries;
1205         }
1206
1207         /* calculate the size and limit on the number of entries we will
1208          * return */
1209
1210         temp_size=max_entries*struct_size;
1211         
1212         if (temp_size>max_size) {
1213                 max_entries=MIN((max_size/struct_size),max_entries);;
1214                 DEBUG(5, ("samr_reply_query_dispinfo: buffer size limits to "
1215                           "only %d entries\n", max_entries));
1216         }
1217
1218         if (!(ctr = TALLOC_ZERO_P(p->mem_ctx,SAM_DISPINFO_CTR)))
1219                 return NT_STATUS_NO_MEMORY;
1220
1221         ZERO_STRUCTP(ctr);
1222
1223         become_root();
1224
1225         /* THe following done as ROOT. Don't return without unbecome_root(). */
1226
1227         switch (q_u->switch_level) {
1228         case 0x1:
1229         case 0x4:
1230                 if (info->disp_info->users == NULL) {
1231                         info->disp_info->users = pdb_search_users(ACB_NORMAL);
1232                         if (info->disp_info->users == NULL) {
1233                                 unbecome_root();
1234                                 return NT_STATUS_ACCESS_DENIED;
1235                         }
1236                         DEBUG(10,("samr_reply_query_dispinfo: starting user enumeration at index %u\n",
1237                                 (unsigned  int)enum_context ));
1238                 } else {
1239                         DEBUG(10,("samr_reply_query_dispinfo: using cached user enumeration at index %u\n",
1240                                 (unsigned  int)enum_context ));
1241                 }
1242
1243                 num_account = pdb_search_entries(info->disp_info->users,
1244                                                  enum_context, max_entries,
1245                                                  &entries);
1246                 break;
1247         case 0x2:
1248                 if (info->disp_info->machines == NULL) {
1249                         info->disp_info->machines =
1250                                 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST);
1251                         if (info->disp_info->machines == NULL) {
1252                                 unbecome_root();
1253                                 return NT_STATUS_ACCESS_DENIED;
1254                         }
1255                         DEBUG(10,("samr_reply_query_dispinfo: starting machine enumeration at index %u\n",
1256                                 (unsigned  int)enum_context ));
1257                 } else {
1258                         DEBUG(10,("samr_reply_query_dispinfo: using cached machine enumeration at index %u\n",
1259                                 (unsigned  int)enum_context ));
1260                 }
1261
1262                 num_account = pdb_search_entries(info->disp_info->machines,
1263                                                  enum_context, max_entries,
1264                                                  &entries);
1265                 break;
1266         case 0x3:
1267         case 0x5:
1268                 if (info->disp_info->groups == NULL) {
1269                         info->disp_info->groups = pdb_search_groups();
1270                         if (info->disp_info->groups == NULL) {
1271                                 unbecome_root();
1272                                 return NT_STATUS_ACCESS_DENIED;
1273                         }
1274                         DEBUG(10,("samr_reply_query_dispinfo: starting group enumeration at index %u\n",
1275                                 (unsigned  int)enum_context ));
1276                 } else {
1277                         DEBUG(10,("samr_reply_query_dispinfo: using cached group enumeration at index %u\n",
1278                                 (unsigned  int)enum_context ));
1279                 }
1280
1281                 num_account = pdb_search_entries(info->disp_info->groups,
1282                                                  enum_context, max_entries,
1283                                                  &entries);
1284                 break;
1285         default:
1286                 unbecome_root();
1287                 smb_panic("info class changed");
1288                 break;
1289         }
1290         unbecome_root();
1291
1292         /* Now create reply structure */
1293         switch (q_u->switch_level) {
1294         case 0x1:
1295                 disp_ret = init_sam_dispinfo_1(p->mem_ctx, &ctr->sam.info1,
1296                                                num_account, enum_context,
1297                                                entries);
1298                 break;
1299         case 0x2:
1300                 disp_ret = init_sam_dispinfo_2(p->mem_ctx, &ctr->sam.info2,
1301                                                num_account, enum_context,
1302                                                entries);
1303                 break;
1304         case 0x3:
1305                 disp_ret = init_sam_dispinfo_3(p->mem_ctx, &ctr->sam.info3,
1306                                                num_account, enum_context,
1307                                                entries);
1308                 break;
1309         case 0x4:
1310                 disp_ret = init_sam_dispinfo_4(p->mem_ctx, &ctr->sam.info4,
1311                                                num_account, enum_context,
1312                                                entries);
1313                 break;
1314         case 0x5:
1315                 disp_ret = init_sam_dispinfo_5(p->mem_ctx, &ctr->sam.info5,
1316                                                num_account, enum_context,
1317                                                entries);
1318                 break;
1319         default:
1320                 smb_panic("info class changed");
1321                 break;
1322         }
1323
1324         if (!NT_STATUS_IS_OK(disp_ret))
1325                 return disp_ret;
1326
1327         /* calculate the total size */
1328         total_data_size=num_account*struct_size;
1329
1330         if (num_account) {
1331                 r_u->status = STATUS_MORE_ENTRIES;
1332         } else {
1333                 r_u->status = NT_STATUS_OK;
1334         }
1335
1336         /* Ensure we cache this enumeration. */
1337         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1338
1339         DEBUG(5, ("_samr_query_dispinfo: %d\n", __LINE__));
1340
1341         init_samr_r_query_dispinfo(r_u, num_account, total_data_size,
1342                                    temp_size, q_u->switch_level, ctr,
1343                                    r_u->status);
1344
1345         return r_u->status;
1346
1347 }
1348
1349 /*******************************************************************
1350  samr_reply_query_aliasinfo
1351  ********************************************************************/
1352
1353 NTSTATUS _samr_query_aliasinfo(pipes_struct *p, SAMR_Q_QUERY_ALIASINFO *q_u, SAMR_R_QUERY_ALIASINFO *r_u)
1354 {
1355         DOM_SID   sid;
1356         struct acct_info info;
1357         uint32    acc_granted;
1358         NTSTATUS status;
1359
1360         r_u->status = NT_STATUS_OK;
1361
1362         DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__));
1363
1364         /* find the policy handle.  open a policy on it. */
1365         if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL))
1366                 return NT_STATUS_INVALID_HANDLE;
1367         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_LOOKUP_INFO, "_samr_query_aliasinfo"))) {
1368                 return r_u->status;
1369         }
1370
1371         become_root();
1372         status = pdb_get_aliasinfo(&sid, &info);
1373         unbecome_root();
1374         
1375         if ( !NT_STATUS_IS_OK(status))
1376                 return status;
1377
1378         if ( !(r_u->ctr = TALLOC_ZERO_P( p->mem_ctx, ALIAS_INFO_CTR )) ) 
1379                 return NT_STATUS_NO_MEMORY;
1380
1381
1382         switch (q_u->level ) {
1383         case 1:
1384                 r_u->ctr->level = 1;
1385                 init_samr_alias_info1(&r_u->ctr->alias.info1, info.acct_name, 1, info.acct_desc);
1386                 break;
1387         case 3:
1388                 r_u->ctr->level = 3;
1389                 init_samr_alias_info3(&r_u->ctr->alias.info3, info.acct_desc);
1390                 break;
1391         default:
1392                 return NT_STATUS_INVALID_INFO_CLASS;
1393         }
1394
1395         DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__));
1396
1397         return r_u->status;
1398 }
1399
1400 #if 0
1401 /*******************************************************************
1402  samr_reply_lookup_ids
1403  ********************************************************************/
1404
1405  uint32 _samr_lookup_ids(pipes_struct *p, SAMR_Q_LOOKUP_IDS *q_u, SAMR_R_LOOKUP_IDS *r_u)
1406 {
1407     uint32 rid[MAX_SAM_ENTRIES];
1408     int num_rids = q_u->num_sids1;
1409
1410     r_u->status = NT_STATUS_OK;
1411
1412     DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__));
1413
1414     if (num_rids > MAX_SAM_ENTRIES) {
1415         num_rids = MAX_SAM_ENTRIES;
1416         DEBUG(5,("_samr_lookup_ids: truncating entries to %d\n", num_rids));
1417     }
1418
1419 #if 0
1420     int i;
1421     SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
1422
1423     for (i = 0; i < num_rids && status == 0; i++)
1424     {
1425         struct sam_passwd *sam_pass;
1426         fstring user_name;
1427
1428
1429         fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
1430                                     q_u->uni_user_name[i].uni_str_len));
1431
1432         /* find the user account */
1433         become_root();
1434         sam_pass = get_smb21pwd_entry(user_name, 0);
1435         unbecome_root();
1436
1437         if (sam_pass == NULL)
1438         {
1439             status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
1440             rid[i] = 0;
1441         }
1442         else
1443         {
1444             rid[i] = sam_pass->user_rid;
1445         }
1446     }
1447 #endif
1448
1449     num_rids = 1;
1450     rid[0] = BUILTIN_ALIAS_RID_USERS;
1451
1452     init_samr_r_lookup_ids(&r_u, num_rids, rid, NT_STATUS_OK);
1453
1454     DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__));
1455
1456     return r_u->status;
1457 }
1458 #endif
1459
1460 /*******************************************************************
1461  _samr_lookup_names
1462  ********************************************************************/
1463
1464 NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LOOKUP_NAMES *r_u)
1465 {
1466         uint32 rid[MAX_SAM_ENTRIES];
1467         enum lsa_SidType type[MAX_SAM_ENTRIES];
1468         int i;
1469         int num_rids = q_u->num_names2;
1470         DOM_SID pol_sid;
1471         uint32  acc_granted;
1472
1473         r_u->status = NT_STATUS_OK;
1474
1475         DEBUG(5,("_samr_lookup_names: %d\n", __LINE__));
1476
1477         ZERO_ARRAY(rid);
1478         ZERO_ARRAY(type);
1479
1480         if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) {
1481                 init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH);
1482                 return r_u->status;
1483         }
1484         
1485         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, 0, "_samr_lookup_names"))) { /* Don't know the acc_bits yet */
1486                 return r_u->status;
1487         }
1488
1489         if (num_rids > MAX_SAM_ENTRIES) {
1490                 num_rids = MAX_SAM_ENTRIES;
1491                 DEBUG(5,("_samr_lookup_names: truncating entries to %d\n", num_rids));
1492         }
1493
1494         DEBUG(5,("_samr_lookup_names: looking name on SID %s\n",
1495                  sid_string_dbg(&pol_sid)));
1496         
1497         for (i = 0; i < num_rids; i++) {
1498                 fstring name;
1499                 int ret;
1500
1501                 r_u->status = NT_STATUS_NONE_MAPPED;
1502                 type[i] = SID_NAME_UNKNOWN;
1503
1504                 rid [i] = 0xffffffff;
1505
1506                 ret = rpcstr_pull(name, q_u->uni_name[i].buffer, sizeof(name), q_u->uni_name[i].uni_str_len*2, 0);
1507
1508                 if (ret <= 0) {
1509                         continue;
1510                 }
1511
1512                 if (sid_check_is_builtin(&pol_sid)) {
1513                         if (lookup_builtin_name(name, &rid[i])) {
1514                                 type[i] = SID_NAME_ALIAS;
1515                         }
1516                 } else {
1517                         lookup_global_sam_name(name, 0, &rid[i], &type[i]);
1518                 }
1519
1520                 if (type[i] != SID_NAME_UNKNOWN) {
1521                         r_u->status = NT_STATUS_OK;
1522                 }
1523         }
1524
1525         init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, type, r_u->status);
1526
1527         DEBUG(5,("_samr_lookup_names: %d\n", __LINE__));
1528
1529         return r_u->status;
1530 }
1531
1532 /*******************************************************************
1533  _samr_chgpasswd_user
1534  ********************************************************************/
1535
1536 NTSTATUS _samr_chgpasswd_user(pipes_struct *p, SAMR_Q_CHGPASSWD_USER *q_u, SAMR_R_CHGPASSWD_USER *r_u)
1537 {
1538         fstring user_name;
1539         fstring wks;
1540
1541         DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__));
1542
1543         r_u->status = NT_STATUS_OK;
1544
1545         rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0);
1546         rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0);
1547
1548         DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
1549
1550         /*
1551          * Pass the user through the NT -> unix user mapping
1552          * function.
1553          */
1554  
1555         (void)map_username(user_name);
1556  
1557         /*
1558          * UNIX username case mangling not required, pass_oem_change 
1559          * is case insensitive.
1560          */
1561
1562         r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
1563                                 q_u->nt_newpass.pass, q_u->nt_oldhash.hash, NULL);
1564
1565         init_samr_r_chgpasswd_user(r_u, r_u->status);
1566
1567         DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__));
1568
1569         return r_u->status;
1570 }
1571
1572 /*******************************************************************
1573  _samr_chgpasswd_user3
1574  ********************************************************************/
1575
1576 NTSTATUS _samr_chgpasswd_user3(pipes_struct *p, SAMR_Q_CHGPASSWD_USER3 *q_u, SAMR_R_CHGPASSWD_USER3 *r_u)
1577 {
1578         fstring user_name;
1579         fstring wks;
1580         uint32 reject_reason;
1581         SAM_UNK_INFO_1 *info = NULL;
1582         SAMR_CHANGE_REJECT *reject = NULL;
1583
1584         DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__));
1585
1586         rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0);
1587         rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0);
1588
1589         DEBUG(5,("_samr_chgpasswd_user3: user: %s wks: %s\n", user_name, wks));
1590
1591         /*
1592          * Pass the user through the NT -> unix user mapping
1593          * function.
1594          */
1595  
1596         (void)map_username(user_name);
1597  
1598         /*
1599          * UNIX username case mangling not required, pass_oem_change 
1600          * is case insensitive.
1601          */
1602
1603         r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
1604                                       q_u->nt_newpass.pass, q_u->nt_oldhash.hash, &reject_reason);
1605
1606         if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) || 
1607             NT_STATUS_EQUAL(r_u->status, NT_STATUS_ACCOUNT_RESTRICTION)) {
1608
1609                 uint32 min_pass_len,pass_hist,password_properties;
1610                 time_t u_expire, u_min_age;
1611                 NTTIME nt_expire, nt_min_age;
1612                 uint32 account_policy_temp;
1613
1614                 if ((info = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_INFO_1)) == NULL) {
1615                         return NT_STATUS_NO_MEMORY;
1616                 }
1617
1618                 if ((reject = TALLOC_ZERO_P(p->mem_ctx, SAMR_CHANGE_REJECT)) == NULL) {
1619                         return NT_STATUS_NO_MEMORY;
1620                 }
1621
1622                 ZERO_STRUCTP(info);
1623                 ZERO_STRUCTP(reject);
1624
1625                 become_root();
1626
1627                 /* AS ROOT !!! */
1628
1629                 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
1630                 min_pass_len = account_policy_temp;
1631
1632                 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
1633                 pass_hist = account_policy_temp;
1634
1635                 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
1636                 password_properties = account_policy_temp;
1637
1638                 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
1639                 u_expire = account_policy_temp;
1640
1641                 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
1642                 u_min_age = account_policy_temp;
1643
1644                 /* !AS ROOT */
1645                 
1646                 unbecome_root();
1647
1648                 unix_to_nt_time_abs(&nt_expire, u_expire);
1649                 unix_to_nt_time_abs(&nt_min_age, u_min_age);
1650
1651                 init_unk_info1(info, (uint16)min_pass_len, (uint16)pass_hist, 
1652                                password_properties, nt_expire, nt_min_age);
1653
1654                 reject->reject_reason = reject_reason;
1655         }
1656         
1657         init_samr_r_chgpasswd_user3(r_u, r_u->status, reject, info);
1658
1659         DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__));
1660
1661         return r_u->status;
1662 }
1663
1664 /*******************************************************************
1665 makes a SAMR_R_LOOKUP_RIDS structure.
1666 ********************************************************************/
1667
1668 static bool make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names,
1669                                   const char **names, UNIHDR **pp_hdr_name,
1670                                   UNISTR2 **pp_uni_name)
1671 {
1672         uint32 i;
1673         UNIHDR *hdr_name=NULL;
1674         UNISTR2 *uni_name=NULL;
1675
1676         *pp_uni_name = NULL;
1677         *pp_hdr_name = NULL;
1678
1679         if (num_names != 0) {
1680                 hdr_name = TALLOC_ZERO_ARRAY(ctx, UNIHDR, num_names);
1681                 if (hdr_name == NULL)
1682                         return False;
1683
1684                 uni_name = TALLOC_ZERO_ARRAY(ctx,UNISTR2, num_names);
1685                 if (uni_name == NULL)
1686                         return False;
1687         }
1688
1689         for (i = 0; i < num_names; i++) {
1690                 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : ""));
1691                 init_unistr2(&uni_name[i], names[i], UNI_FLAGS_NONE);
1692                 init_uni_hdr(&hdr_name[i], &uni_name[i]);
1693         }
1694
1695         *pp_uni_name = uni_name;
1696         *pp_hdr_name = hdr_name;
1697
1698         return True;
1699 }
1700
1701 /*******************************************************************
1702  _samr_lookup_rids
1703  ********************************************************************/
1704
1705 NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOKUP_RIDS *r_u)
1706 {
1707         const char **names;
1708         enum lsa_SidType *attrs = NULL;
1709         uint32 *wire_attrs = NULL;
1710         UNIHDR *hdr_name = NULL;
1711         UNISTR2 *uni_name = NULL;
1712         DOM_SID pol_sid;
1713         int num_rids = (int)q_u->num_rids1;
1714         uint32 acc_granted;
1715         int i;
1716
1717         r_u->status = NT_STATUS_OK;
1718
1719         DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__));
1720
1721         /* find the policy handle.  open a policy on it. */
1722         if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL))
1723                 return NT_STATUS_INVALID_HANDLE;
1724
1725         if (num_rids > 1000) {
1726                 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according "
1727                           "to samba4 idl this is not possible\n", num_rids));
1728                 return NT_STATUS_UNSUCCESSFUL;
1729         }
1730
1731         if (num_rids) {
1732                 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids);
1733                 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids);
1734                 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids);
1735
1736                 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))
1737                         return NT_STATUS_NO_MEMORY;
1738         } else {
1739                 names = NULL;
1740                 attrs = NULL;
1741                 wire_attrs = NULL;
1742         }
1743
1744         become_root();  /* lookup_sid can require root privs */
1745         r_u->status = pdb_lookup_rids(&pol_sid, num_rids, q_u->rid,
1746                                       names, attrs);
1747         unbecome_root();
1748
1749         if ( NT_STATUS_EQUAL(r_u->status, NT_STATUS_NONE_MAPPED) && (num_rids == 0) ) {
1750                 r_u->status = NT_STATUS_OK;
1751         }
1752
1753         if(!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
1754                                   &hdr_name, &uni_name))
1755                 return NT_STATUS_NO_MEMORY;
1756
1757         /* Convert from enum lsa_SidType to uint32 for wire format. */
1758         for (i = 0; i < num_rids; i++) {
1759                 wire_attrs[i] = (uint32)attrs[i];
1760         }
1761
1762         init_samr_r_lookup_rids(r_u, num_rids, hdr_name, uni_name, wire_attrs);
1763
1764         DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__));
1765
1766         return r_u->status;
1767 }
1768
1769 /*******************************************************************
1770  _samr_open_user. Safe - gives out no passwd info.
1771  ********************************************************************/
1772
1773 NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USER *r_u)
1774 {
1775         struct samu *sampass=NULL;
1776         DOM_SID sid;
1777         POLICY_HND domain_pol = q_u->domain_pol;
1778         POLICY_HND *user_pol = &r_u->user_pol;
1779         struct samr_info *info = NULL;
1780         SEC_DESC *psd = NULL;
1781         uint32    acc_granted;
1782         uint32    des_access = q_u->access_mask;
1783         size_t    sd_size;
1784         bool ret;
1785         NTSTATUS nt_status;
1786         SE_PRIV se_rights;
1787
1788         r_u->status = NT_STATUS_OK;
1789
1790         /* find the domain policy handle and get domain SID / access bits in the domain policy. */
1791         
1792         if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
1793                 return NT_STATUS_INVALID_HANDLE;
1794         
1795         nt_status = access_check_samr_function( acc_granted, 
1796                 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_user" );
1797                 
1798         if ( !NT_STATUS_IS_OK(nt_status) )
1799                 return nt_status;
1800
1801         if ( !(sampass = samu_new( p->mem_ctx )) ) {
1802                 return NT_STATUS_NO_MEMORY;
1803         }
1804
1805         /* append the user's RID to it */
1806         
1807         if (!sid_append_rid(&sid, q_u->user_rid))
1808                 return NT_STATUS_NO_SUCH_USER;
1809         
1810         /* check if access can be granted as requested by client. */
1811         
1812         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
1813         se_map_generic(&des_access, &usr_generic_mapping);
1814         
1815         se_priv_copy( &se_rights, &se_machine_account );
1816         se_priv_add( &se_rights, &se_add_users );
1817         
1818         nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
1819                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, 
1820                 &acc_granted, "_samr_open_user");
1821                 
1822         if ( !NT_STATUS_IS_OK(nt_status) )
1823                 return nt_status;
1824
1825         become_root();
1826         ret=pdb_getsampwsid(sampass, &sid);
1827         unbecome_root();
1828
1829         /* check that the SID exists in our domain. */
1830         if (ret == False) {
1831                 return NT_STATUS_NO_SUCH_USER;
1832         }
1833
1834         TALLOC_FREE(sampass);
1835
1836         /* associate the user's SID and access bits with the new handle. */
1837         if ((info = get_samr_info_by_sid(&sid)) == NULL)
1838                 return NT_STATUS_NO_MEMORY;
1839         info->acc_granted = acc_granted;
1840
1841         /* get a (unique) handle.  open a policy on it. */
1842         if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
1843                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1844
1845         return r_u->status;
1846 }
1847
1848 /*************************************************************************
1849  get_user_info_7. Safe. Only gives out account_name.
1850  *************************************************************************/
1851
1852 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_SID *user_sid)
1853 {
1854         struct samu *smbpass=NULL;
1855         bool ret;
1856
1857         if ( !(smbpass = samu_new( mem_ctx )) ) {
1858                 return NT_STATUS_NO_MEMORY;
1859         }
1860         
1861         become_root();
1862         ret = pdb_getsampwsid(smbpass, user_sid);
1863         unbecome_root();
1864
1865         if ( !ret ) {
1866                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
1867                 return NT_STATUS_NO_SUCH_USER;
1868         }
1869
1870         DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
1871
1872         ZERO_STRUCTP(id7);
1873         init_sam_user_info7(id7, pdb_get_username(smbpass) );
1874
1875         TALLOC_FREE(smbpass);
1876
1877         return NT_STATUS_OK;
1878 }
1879
1880 /*************************************************************************
1881  get_user_info_9. Only gives out primary group SID.
1882  *************************************************************************/
1883 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, SAM_USER_INFO_9 * id9, DOM_SID *user_sid)
1884 {
1885         struct samu *smbpass=NULL;
1886         bool ret;
1887
1888         if ( !(smbpass = samu_new( mem_ctx )) ) {
1889                 return NT_STATUS_NO_MEMORY;
1890         }
1891
1892         become_root();
1893         ret = pdb_getsampwsid(smbpass, user_sid);
1894         unbecome_root();
1895
1896         if (ret==False) {
1897                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
1898                 return NT_STATUS_NO_SUCH_USER;
1899         }
1900
1901         DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
1902
1903         ZERO_STRUCTP(id9);
1904         init_sam_user_info9(id9, pdb_get_group_rid(smbpass) );
1905
1906         TALLOC_FREE(smbpass);
1907
1908         return NT_STATUS_OK;
1909 }
1910
1911 /*************************************************************************
1912  get_user_info_16. Safe. Only gives out acb bits.
1913  *************************************************************************/
1914
1915 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DOM_SID *user_sid)
1916 {
1917         struct samu *smbpass=NULL;
1918         bool ret;
1919
1920         if ( !(smbpass = samu_new( mem_ctx )) ) {
1921                 return NT_STATUS_NO_MEMORY;
1922         }
1923
1924         become_root();
1925         ret = pdb_getsampwsid(smbpass, user_sid);
1926         unbecome_root();
1927
1928         if (ret==False) {
1929                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
1930                 return NT_STATUS_NO_SUCH_USER;
1931         }
1932
1933         DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
1934
1935         ZERO_STRUCTP(id16);
1936         init_sam_user_info16(id16, pdb_get_acct_ctrl(smbpass) );
1937
1938         TALLOC_FREE(smbpass);
1939
1940         return NT_STATUS_OK;
1941 }
1942
1943 /*************************************************************************
1944  get_user_info_18. OK - this is the killer as it gives out password info.
1945  Ensure that this is only allowed on an encrypted connection with a root
1946  user. JRA. 
1947  *************************************************************************/
1948
1949 static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_INFO_18 * id18, DOM_SID *user_sid)
1950 {
1951         struct samu *smbpass=NULL;
1952         bool ret;
1953
1954         if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
1955                 return NT_STATUS_ACCESS_DENIED;
1956         }
1957
1958         if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
1959                 return NT_STATUS_ACCESS_DENIED;
1960         }
1961
1962         /*
1963          * Do *NOT* do become_root()/unbecome_root() here ! JRA.
1964          */
1965
1966         if ( !(smbpass = samu_new( mem_ctx )) ) {
1967                 return NT_STATUS_NO_MEMORY;
1968         }
1969
1970         ret = pdb_getsampwsid(smbpass, user_sid);
1971
1972         if (ret == False) {
1973                 DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
1974                 TALLOC_FREE(smbpass);
1975                 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
1976         }
1977
1978         DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
1979
1980         if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
1981                 TALLOC_FREE(smbpass);
1982                 return NT_STATUS_ACCOUNT_DISABLED;
1983         }
1984
1985         ZERO_STRUCTP(id18);
1986         init_sam_user_info18(id18, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
1987         
1988         TALLOC_FREE(smbpass);
1989
1990         return NT_STATUS_OK;
1991 }
1992
1993 /*************************************************************************
1994  get_user_info_20
1995  *************************************************************************/
1996
1997 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DOM_SID *user_sid)
1998 {
1999         struct samu *sampass=NULL;
2000         bool ret;
2001
2002         if ( !(sampass = samu_new( mem_ctx )) ) {
2003                 return NT_STATUS_NO_MEMORY;
2004         }
2005
2006         become_root();
2007         ret = pdb_getsampwsid(sampass, user_sid);
2008         unbecome_root();
2009
2010         if (ret == False) {
2011                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2012                 return NT_STATUS_NO_SUCH_USER;
2013         }
2014
2015         samr_clear_sam_passwd(sampass);
2016
2017         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
2018
2019         ZERO_STRUCTP(id20);
2020         init_sam_user_info20A(id20, sampass);
2021         
2022         TALLOC_FREE(sampass);
2023
2024         return NT_STATUS_OK;
2025 }
2026
2027 /*************************************************************************
2028  get_user_info_21
2029  *************************************************************************/
2030
2031 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, 
2032                                  DOM_SID *user_sid, DOM_SID *domain_sid)
2033 {
2034         struct samu *sampass=NULL;
2035         bool ret;
2036         NTSTATUS nt_status;
2037
2038         if ( !(sampass = samu_new( mem_ctx )) ) {
2039                 return NT_STATUS_NO_MEMORY;
2040         }
2041
2042         become_root();
2043         ret = pdb_getsampwsid(sampass, user_sid);
2044         unbecome_root();
2045
2046         if (ret == False) {
2047                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2048                 return NT_STATUS_NO_SUCH_USER;
2049         }
2050
2051         samr_clear_sam_passwd(sampass);
2052
2053         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
2054
2055         ZERO_STRUCTP(id21);
2056         nt_status = init_sam_user_info21A(id21, sampass, domain_sid);
2057         
2058         TALLOC_FREE(sampass);
2059
2060         return nt_status;
2061 }
2062
2063 /*******************************************************************
2064  _samr_query_userinfo
2065  ********************************************************************/
2066
2067 NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_R_QUERY_USERINFO *r_u)
2068 {
2069         SAM_USERINFO_CTR *ctr;
2070         struct samr_info *info = NULL;
2071         DOM_SID domain_sid;
2072         uint32 rid;
2073         
2074         r_u->status=NT_STATUS_OK;
2075
2076         /* search for the handle */
2077         if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
2078                 return NT_STATUS_INVALID_HANDLE;
2079
2080         domain_sid = info->sid;
2081
2082         sid_split_rid(&domain_sid, &rid);
2083
2084         if (!sid_check_is_in_our_domain(&info->sid))
2085                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2086
2087         DEBUG(5,("_samr_query_userinfo: sid:%s\n",
2088                  sid_string_dbg(&info->sid)));
2089
2090         ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_USERINFO_CTR);
2091         if (!ctr)
2092                 return NT_STATUS_NO_MEMORY;
2093
2094         ZERO_STRUCTP(ctr);
2095
2096         /* ok!  user info levels (lots: see MSDEV help), off we go... */
2097         ctr->switch_value = q_u->switch_value;
2098
2099         DEBUG(5,("_samr_query_userinfo: user info level: %d\n", q_u->switch_value));
2100
2101         switch (q_u->switch_value) {
2102         case 7:
2103                 ctr->info.id7 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_7);
2104                 if (ctr->info.id7 == NULL)
2105                         return NT_STATUS_NO_MEMORY;
2106
2107                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_7(p->mem_ctx, ctr->info.id7, &info->sid)))
2108                         return r_u->status;
2109                 break;
2110         case 9:
2111                 ctr->info.id9 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_9);
2112                 if (ctr->info.id9 == NULL)
2113                         return NT_STATUS_NO_MEMORY;
2114
2115                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_9(p->mem_ctx, ctr->info.id9, &info->sid)))
2116                         return r_u->status;
2117                 break;
2118         case 16:
2119                 ctr->info.id16 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_16);
2120                 if (ctr->info.id16 == NULL)
2121                         return NT_STATUS_NO_MEMORY;
2122
2123                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_16(p->mem_ctx, ctr->info.id16, &info->sid)))
2124                         return r_u->status;
2125                 break;
2126
2127         case 18:
2128                 ctr->info.id18 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_18);
2129                 if (ctr->info.id18 == NULL)
2130                         return NT_STATUS_NO_MEMORY;
2131
2132                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_18(p, p->mem_ctx, ctr->info.id18, &info->sid)))
2133                         return r_u->status;
2134                 break;
2135                 
2136         case 20:
2137                 ctr->info.id20 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_20);
2138                 if (ctr->info.id20 == NULL)
2139                         return NT_STATUS_NO_MEMORY;
2140                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_20(p->mem_ctx, ctr->info.id20, &info->sid)))
2141                         return r_u->status;
2142                 break;
2143
2144         case 21:
2145                 ctr->info.id21 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_21);
2146                 if (ctr->info.id21 == NULL)
2147                         return NT_STATUS_NO_MEMORY;
2148                 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, 
2149                                                                     &info->sid, &domain_sid)))
2150                         return r_u->status;
2151                 break;
2152
2153         default:
2154                 return NT_STATUS_INVALID_INFO_CLASS;
2155         }
2156
2157         init_samr_r_query_userinfo(r_u, ctr, r_u->status);
2158
2159         DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__));
2160         
2161         return r_u->status;
2162 }
2163
2164 /*******************************************************************
2165  samr_reply_query_usergroups
2166  ********************************************************************/
2167
2168 NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u)
2169 {
2170         struct samu *sam_pass=NULL;
2171         DOM_SID  sid;
2172         DOM_SID *sids;
2173         DOM_GID dom_gid;
2174         DOM_GID *gids = NULL;
2175         uint32 primary_group_rid;
2176         size_t num_groups = 0;
2177         gid_t *unix_gids;
2178         size_t i, num_gids;
2179         uint32 acc_granted;
2180         bool ret;
2181         NTSTATUS result;
2182         bool success = False;
2183
2184         /*
2185          * from the SID in the request:
2186          * we should send back the list of DOMAIN GROUPS
2187          * the user is a member of
2188          *
2189          * and only the DOMAIN GROUPS
2190          * no ALIASES !!! neither aliases of the domain
2191          * nor aliases of the builtin SID
2192          *
2193          * JFM, 12/2/2001
2194          */
2195
2196         r_u->status = NT_STATUS_OK;
2197
2198         DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
2199
2200         /* find the policy handle.  open a policy on it. */
2201         if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL))
2202                 return NT_STATUS_INVALID_HANDLE;
2203         
2204         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) {
2205                 return r_u->status;
2206         }
2207
2208         if (!sid_check_is_in_our_domain(&sid))
2209                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2210
2211         if ( !(sam_pass = samu_new( p->mem_ctx )) ) {
2212                 return NT_STATUS_NO_MEMORY;
2213         }
2214
2215         become_root();
2216         ret = pdb_getsampwsid(sam_pass, &sid);
2217         unbecome_root();
2218
2219         if (!ret) {
2220                 DEBUG(10, ("pdb_getsampwsid failed for %s\n",
2221                            sid_string_dbg(&sid)));
2222                 return NT_STATUS_NO_SUCH_USER;
2223         }
2224
2225         sids = NULL;
2226
2227         /* make both calls inside the root block */
2228         become_root();
2229         result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
2230                                             &sids, &unix_gids, &num_groups);
2231         if ( NT_STATUS_IS_OK(result) ) {
2232                 success = sid_peek_check_rid(get_global_sam_sid(), 
2233                                              pdb_get_group_sid(sam_pass),
2234                                              &primary_group_rid);
2235         }
2236         unbecome_root();
2237
2238         if (!NT_STATUS_IS_OK(result)) {
2239                 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
2240                            sid_string_dbg(&sid)));
2241                 return result;
2242         }
2243
2244         if ( !success ) {
2245                 DEBUG(5, ("Group sid %s for user %s not in our domain\n",
2246                           sid_string_dbg(pdb_get_group_sid(sam_pass)),
2247                           pdb_get_username(sam_pass)));
2248                 TALLOC_FREE(sam_pass);
2249                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
2250         }
2251
2252         gids = NULL;
2253         num_gids = 0;
2254
2255         dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
2256                         SE_GROUP_ENABLED);
2257         dom_gid.g_rid = primary_group_rid;
2258         ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
2259
2260         for (i=0; i<num_groups; i++) {
2261
2262                 if (!sid_peek_check_rid(get_global_sam_sid(),
2263                                         &(sids[i]), &dom_gid.g_rid)) {
2264                         DEBUG(10, ("Found sid %s not in our domain\n",
2265                                    sid_string_dbg(&sids[i])));
2266                         continue;
2267                 }
2268
2269                 if (dom_gid.g_rid == primary_group_rid) {
2270                         /* We added the primary group directly from the
2271                          * sam_account. The other SIDs are unique from
2272                          * enum_group_memberships */
2273                         continue;
2274                 }
2275
2276                 ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
2277         }
2278         
2279         /* construct the response.  lkclXXXX: gids are not copied! */
2280         init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status);
2281         
2282         DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
2283         
2284         return r_u->status;
2285 }
2286
2287 /*******************************************************************
2288  _samr_query_domain_info
2289  ********************************************************************/
2290
2291 NTSTATUS _samr_query_domain_info(pipes_struct *p, 
2292                                  SAMR_Q_QUERY_DOMAIN_INFO *q_u, 
2293                                  SAMR_R_QUERY_DOMAIN_INFO *r_u)
2294 {
2295         struct samr_info *info = NULL;
2296         SAM_UNK_CTR *ctr;
2297         uint32 min_pass_len,pass_hist,password_properties;
2298         time_t u_expire, u_min_age;
2299         NTTIME nt_expire, nt_min_age;
2300
2301         time_t u_lock_duration, u_reset_time;
2302         NTTIME nt_lock_duration, nt_reset_time;
2303         uint32 lockout;
2304         time_t u_logout;
2305         NTTIME nt_logout;
2306
2307         uint32 account_policy_temp;
2308
2309         time_t seq_num;
2310         uint32 server_role;
2311
2312         uint32 num_users=0, num_groups=0, num_aliases=0;
2313
2314         if ((ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_CTR)) == NULL) {
2315                 return NT_STATUS_NO_MEMORY;
2316         }
2317
2318         ZERO_STRUCTP(ctr);
2319
2320         r_u->status = NT_STATUS_OK;
2321         
2322         DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__));
2323         
2324         /* find the policy handle.  open a policy on it. */
2325         if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) {
2326                 return NT_STATUS_INVALID_HANDLE;
2327         }
2328         
2329         switch (q_u->switch_value) {
2330                 case 0x01:
2331                         
2332                         become_root();
2333
2334                         /* AS ROOT !!! */
2335
2336                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
2337                         min_pass_len = account_policy_temp;
2338
2339                         pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
2340                         pass_hist = account_policy_temp;
2341
2342                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
2343                         password_properties = account_policy_temp;
2344
2345                         pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
2346                         u_expire = account_policy_temp;
2347
2348                         pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
2349                         u_min_age = account_policy_temp;
2350
2351                         /* !AS ROOT */
2352                         
2353                         unbecome_root();
2354
2355                         unix_to_nt_time_abs(&nt_expire, u_expire);
2356                         unix_to_nt_time_abs(&nt_min_age, u_min_age);
2357
2358                         init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist, 
2359                                        password_properties, nt_expire, nt_min_age);
2360                         break;
2361                 case 0x02:
2362
2363                         become_root();
2364
2365                         /* AS ROOT !!! */
2366
2367                         num_users = count_sam_users(info->disp_info, ACB_NORMAL);
2368                         num_groups = count_sam_groups(info->disp_info);
2369                         num_aliases = count_sam_aliases(info->disp_info);
2370
2371                         pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);
2372                         u_logout = account_policy_temp;
2373
2374                         unix_to_nt_time_abs(&nt_logout, u_logout);
2375
2376                         if (!pdb_get_seq_num(&seq_num))
2377                                 seq_num = time(NULL);
2378
2379                         /* !AS ROOT */
2380                         
2381                         unbecome_root();
2382
2383                         server_role = ROLE_DOMAIN_PDC;
2384                         if (lp_server_role() == ROLE_DOMAIN_BDC)
2385                                 server_role = ROLE_DOMAIN_BDC;
2386
2387                         init_unk_info2(&ctr->info.inf2, lp_serverstring(), lp_workgroup(), global_myname(), seq_num, 
2388                                        num_users, num_groups, num_aliases, nt_logout, server_role);
2389                         break;
2390                 case 0x03:
2391
2392                         become_root();
2393
2394                         /* AS ROOT !!! */
2395
2396                         {
2397                                 uint32 ul;
2398                                 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul);
2399                                 u_logout = (time_t)ul;
2400                         }
2401
2402                         /* !AS ROOT */
2403                         
2404                         unbecome_root();
2405
2406                         unix_to_nt_time_abs(&nt_logout, u_logout);
2407                         
2408                         init_unk_info3(&ctr->info.inf3, nt_logout);
2409                         break;
2410                 case 0x04:
2411                         init_unk_info4(&ctr->info.inf4, lp_serverstring());
2412                         break;
2413                 case 0x05:
2414                         init_unk_info5(&ctr->info.inf5, get_global_sam_name());
2415                         break;
2416                 case 0x06:
2417                         /* NT returns its own name when a PDC. win2k and later
2418                          * only the name of the PDC if itself is a BDC (samba4
2419                          * idl) */
2420                         init_unk_info6(&ctr->info.inf6, global_myname());
2421                         break;
2422                 case 0x07:
2423                         server_role = ROLE_DOMAIN_PDC;
2424                         if (lp_server_role() == ROLE_DOMAIN_BDC)
2425                                 server_role = ROLE_DOMAIN_BDC;
2426
2427                         init_unk_info7(&ctr->info.inf7, server_role);
2428                         break;
2429                 case 0x08:
2430
2431                         become_root();
2432
2433                         /* AS ROOT !!! */
2434
2435                         if (!pdb_get_seq_num(&seq_num)) {
2436                                 seq_num = time(NULL);
2437                         }
2438
2439                         /* !AS ROOT */
2440                         
2441                         unbecome_root();
2442
2443                         init_unk_info8(&ctr->info.inf8, (uint32) seq_num);
2444                         break;
2445                 case 0x0c:
2446
2447                         become_root();
2448
2449                         /* AS ROOT !!! */
2450
2451                         pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp);
2452                         u_lock_duration = account_policy_temp;
2453                         if (u_lock_duration != -1) {
2454                                 u_lock_duration *= 60;
2455                         }
2456
2457                         pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp);
2458                         u_reset_time = account_policy_temp * 60;
2459
2460                         pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_temp);
2461                         lockout = account_policy_temp;
2462
2463                         /* !AS ROOT */
2464                         
2465                         unbecome_root();
2466
2467                         unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration);
2468                         unix_to_nt_time_abs(&nt_reset_time, u_reset_time);
2469         
2470                         init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout);
2471                         break;
2472                 default:
2473                         return NT_STATUS_INVALID_INFO_CLASS;
2474                 }
2475         
2476
2477         init_samr_r_query_domain_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
2478         
2479         DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__));
2480         
2481         return r_u->status;
2482 }
2483
2484 /* W2k3 seems to use the same check for all 3 objects that can be created via
2485  * SAMR, if you try to create for example "Dialup" as an alias it says
2486  * "NT_STATUS_USER_EXISTS". This is racy, but we can't really lock the user
2487  * database. */
2488
2489 static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name)
2490 {
2491         enum lsa_SidType type;
2492         bool result;
2493
2494         DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
2495
2496         become_root();
2497         /* Lookup in our local databases (only LOOKUP_NAME_ISOLATED set)
2498          * whether the name already exists */
2499         result = lookup_name(mem_ctx, new_name, LOOKUP_NAME_ISOLATED,
2500                              NULL, NULL, NULL, &type);
2501         unbecome_root();
2502
2503         if (!result) {
2504                 DEBUG(10, ("%s does not exist, can create it\n", new_name));
2505                 return NT_STATUS_OK;
2506         }
2507
2508         DEBUG(5, ("trying to create %s, exists as %s\n",
2509                   new_name, sid_type_lookup(type)));
2510
2511         if (type == SID_NAME_DOM_GRP) {
2512                 return NT_STATUS_GROUP_EXISTS;
2513         }
2514         if (type == SID_NAME_ALIAS) {
2515                 return NT_STATUS_ALIAS_EXISTS;
2516         }
2517
2518         /* Yes, the default is NT_STATUS_USER_EXISTS */
2519         return NT_STATUS_USER_EXISTS;
2520 }
2521
2522 /*******************************************************************
2523  _samr_create_user
2524  Create an account, can be either a normal user or a machine.
2525  This funcion will need to be updated for bdc/domain trusts.
2526  ********************************************************************/
2527
2528 NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u,
2529                            SAMR_R_CREATE_USER *r_u)
2530 {
2531         char *account;
2532         DOM_SID sid;
2533         POLICY_HND dom_pol = q_u->domain_pol;
2534         uint16 acb_info = q_u->acb_info;
2535         POLICY_HND *user_pol = &r_u->user_pol;
2536         struct samr_info *info = NULL;
2537         NTSTATUS nt_status;
2538         uint32 acc_granted;
2539         SEC_DESC *psd;
2540         size_t    sd_size;
2541         /* check this, when giving away 'add computer to domain' privs */
2542         uint32    des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
2543         bool can_add_account = False;
2544         SE_PRIV se_rights;
2545         DISP_INFO *disp_info = NULL;
2546
2547         /* Get the domain SID stored in the domain policy */
2548         if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted,
2549                                      &disp_info))
2550                 return NT_STATUS_INVALID_HANDLE;
2551
2552         nt_status = access_check_samr_function(acc_granted,
2553                                                SA_RIGHT_DOMAIN_CREATE_USER,
2554                                                "_samr_create_user");
2555         if (!NT_STATUS_IS_OK(nt_status)) {
2556                 return nt_status;
2557         }
2558
2559         if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST ||
2560               acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) { 
2561                 /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if 
2562                    this parameter is not an account type */
2563                 return NT_STATUS_INVALID_PARAMETER;
2564         }
2565
2566         account = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_name);
2567         if (account == NULL) {
2568                 return NT_STATUS_NO_MEMORY;
2569         }
2570
2571         nt_status = can_create(p->mem_ctx, account);
2572         if (!NT_STATUS_IS_OK(nt_status)) {
2573                 return nt_status;
2574         }
2575
2576         /* determine which user right we need to check based on the acb_info */
2577         
2578         if ( acb_info & ACB_WSTRUST )
2579         {
2580                 se_priv_copy( &se_rights, &se_machine_account );
2581                 can_add_account = user_has_privileges(
2582                         p->pipe_user.nt_user_token, &se_rights );
2583         } 
2584         /* usrmgr.exe (and net rpc trustdom grant) creates a normal user 
2585            account for domain trusts and changes the ACB flags later */
2586         else if ( acb_info & ACB_NORMAL &&
2587                   (account[strlen(account)-1] != '$') )
2588         {
2589                 se_priv_copy( &se_rights, &se_add_users );
2590                 can_add_account = user_has_privileges(
2591                         p->pipe_user.nt_user_token, &se_rights );
2592         } 
2593         else    /* implicit assumption of a BDC or domain trust account here
2594                  * (we already check the flags earlier) */
2595         {
2596                 if ( lp_enable_privileges() ) {
2597                         /* only Domain Admins can add a BDC or domain trust */
2598                         se_priv_copy( &se_rights, &se_priv_none );
2599                         can_add_account = nt_token_check_domain_rid(
2600                                 p->pipe_user.nt_user_token,
2601                                 DOMAIN_GROUP_RID_ADMINS );
2602                 }
2603         }
2604                 
2605         DEBUG(5, ("_samr_create_user: %s can add this account : %s\n",
2606                   uidtoname(p->pipe_user.ut.uid),
2607                   can_add_account ? "True":"False" ));
2608                 
2609         /********** BEGIN Admin BLOCK **********/
2610
2611         if ( can_add_account )
2612                 become_root();
2613
2614         nt_status = pdb_create_user(p->mem_ctx, account, acb_info,
2615                                     &r_u->user_rid);
2616
2617         if ( can_add_account )
2618                 unbecome_root();
2619
2620         /********** END Admin BLOCK **********/
2621         
2622         /* now check for failure */
2623         
2624         if ( !NT_STATUS_IS_OK(nt_status) )
2625                 return nt_status;
2626                         
2627         /* Get the user's SID */
2628
2629         sid_compose(&sid, get_global_sam_sid(), r_u->user_rid);
2630         
2631         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
2632                             &sid, SAMR_USR_RIGHTS_WRITE_PW);
2633         se_map_generic(&des_access, &usr_generic_mapping);
2634         
2635         nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
2636                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, 
2637                 &acc_granted, "_samr_create_user");
2638                 
2639         if ( !NT_STATUS_IS_OK(nt_status) ) {
2640                 return nt_status;
2641         }
2642
2643         /* associate the user's SID with the new handle. */
2644         if ((info = get_samr_info_by_sid(&sid)) == NULL) {
2645                 return NT_STATUS_NO_MEMORY;
2646         }
2647
2648         ZERO_STRUCTP(info);
2649         info->sid = sid;
2650         info->acc_granted = acc_granted;
2651
2652         /* get a (unique) handle.  open a policy on it. */
2653         if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
2654                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2655         }
2656
2657         /* After a "set" ensure we have no cached display info. */
2658         force_flush_samr_cache(info->disp_info);
2659
2660         r_u->access_granted = acc_granted;
2661
2662         return NT_STATUS_OK;
2663 }
2664
2665 /*******************************************************************
2666  samr_reply_connect_anon
2667  ********************************************************************/
2668
2669 NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CONNECT_ANON *r_u)
2670 {
2671         struct samr_info *info = NULL;
2672         uint32    des_access = q_u->access_mask;
2673
2674         /* Access check */
2675
2676         if (!pipe_access_check(p)) {
2677                 DEBUG(3, ("access denied to samr_connect_anon\n"));
2678                 r_u->status = NT_STATUS_ACCESS_DENIED;
2679                 return r_u->status;
2680         }
2681
2682         /* set up the SAMR connect_anon response */
2683
2684         r_u->status = NT_STATUS_OK;
2685
2686         /* associate the user's SID with the new handle. */
2687         if ((info = get_samr_info_by_sid(NULL)) == NULL)
2688                 return NT_STATUS_NO_MEMORY;
2689
2690         /* don't give away the farm but this is probably ok.  The SA_RIGHT_SAM_ENUM_DOMAINS
2691            was observed from a win98 client trying to enumerate users (when configured  
2692            user level access control on shares)   --jerry */
2693            
2694         if (des_access == MAXIMUM_ALLOWED_ACCESS) {
2695                 /* Map to max possible knowing we're filtered below. */
2696                 des_access = GENERIC_ALL_ACCESS;
2697         }
2698
2699         se_map_generic( &des_access, &sam_generic_mapping );
2700         info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);
2701         
2702         info->status = q_u->unknown_0;
2703
2704         /* get a (unique) handle.  open a policy on it. */
2705         if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
2706                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2707
2708         return r_u->status;
2709 }
2710
2711 /*******************************************************************
2712  samr_reply_connect
2713  ********************************************************************/
2714
2715 NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u)
2716 {
2717         struct samr_info *info = NULL;
2718         SEC_DESC *psd = NULL;
2719         uint32    acc_granted;
2720         uint32    des_access = q_u->access_mask;
2721         NTSTATUS  nt_status;
2722         size_t    sd_size;
2723
2724
2725         DEBUG(5,("_samr_connect: %d\n", __LINE__));
2726
2727         /* Access check */
2728
2729         if (!pipe_access_check(p)) {
2730                 DEBUG(3, ("access denied to samr_connect\n"));
2731                 r_u->status = NT_STATUS_ACCESS_DENIED;
2732                 return r_u->status;
2733         }
2734
2735         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
2736         se_map_generic(&des_access, &sam_generic_mapping);
2737         
2738         nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
2739                 NULL, 0, des_access, &acc_granted, "_samr_connect");
2740         
2741         if ( !NT_STATUS_IS_OK(nt_status) ) 
2742                 return nt_status;
2743
2744         r_u->status = NT_STATUS_OK;
2745
2746         /* associate the user's SID and access granted with the new handle. */
2747         if ((info = get_samr_info_by_sid(NULL)) == NULL)
2748                 return NT_STATUS_NO_MEMORY;
2749
2750         info->acc_granted = acc_granted;
2751         info->status = q_u->access_mask;
2752
2753         /* get a (unique) handle.  open a policy on it. */
2754         if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
2755                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2756
2757         DEBUG(5,("_samr_connect: %d\n", __LINE__));
2758
2759         return r_u->status;
2760 }
2761
2762 /*******************************************************************
2763  samr_connect4
2764  ********************************************************************/
2765
2766 NTSTATUS _samr_connect4(pipes_struct *p, SAMR_Q_CONNECT4 *q_u, SAMR_R_CONNECT4 *r_u)
2767 {
2768         struct samr_info *info = NULL;
2769         SEC_DESC *psd = NULL;
2770         uint32    acc_granted;
2771         uint32    des_access = q_u->access_mask;
2772         NTSTATUS  nt_status;
2773         size_t    sd_size;
2774
2775
2776         DEBUG(5,("_samr_connect4: %d\n", __LINE__));
2777
2778         /* Access check */
2779
2780         if (!pipe_access_check(p)) {
2781                 DEBUG(3, ("access denied to samr_connect4\n"));
2782                 r_u->status = NT_STATUS_ACCESS_DENIED;
2783                 return r_u->status;
2784         }
2785
2786         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
2787         se_map_generic(&des_access, &sam_generic_mapping);
2788         
2789         nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
2790                 NULL, 0, des_access, &acc_granted, "_samr_connect4");
2791         
2792         if ( !NT_STATUS_IS_OK(nt_status) ) 
2793                 return nt_status;
2794
2795         r_u->status = NT_STATUS_OK;
2796
2797         /* associate the user's SID and access granted with the new handle. */
2798         if ((info = get_samr_info_by_sid(NULL)) == NULL)
2799                 return NT_STATUS_NO_MEMORY;
2800
2801         info->acc_granted = acc_granted;
2802         info->status = q_u->access_mask;
2803
2804         /* get a (unique) handle.  open a policy on it. */
2805         if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
2806                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2807
2808         DEBUG(5,("_samr_connect: %d\n", __LINE__));
2809
2810         return r_u->status;
2811 }
2812
2813 /*******************************************************************
2814  samr_connect5
2815  ********************************************************************/
2816
2817 NTSTATUS _samr_connect5(pipes_struct *p, SAMR_Q_CONNECT5 *q_u, SAMR_R_CONNECT5 *r_u)
2818 {
2819         struct samr_info *info = NULL;
2820         SEC_DESC *psd = NULL;
2821         uint32    acc_granted;
2822         uint32    des_access = q_u->access_mask;
2823         NTSTATUS  nt_status;
2824         POLICY_HND pol;
2825         size_t    sd_size;
2826
2827
2828         DEBUG(5,("_samr_connect5: %d\n", __LINE__));
2829
2830         ZERO_STRUCTP(r_u);
2831
2832         /* Access check */
2833
2834         if (!pipe_access_check(p)) {
2835                 DEBUG(3, ("access denied to samr_connect5\n"));
2836                 r_u->status = NT_STATUS_ACCESS_DENIED;
2837                 return r_u->status;
2838         }
2839
2840         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
2841         se_map_generic(&des_access, &sam_generic_mapping);
2842         
2843         nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
2844                 NULL, 0, des_access, &acc_granted, "_samr_connect5");
2845         
2846         if ( !NT_STATUS_IS_OK(nt_status) ) 
2847                 return nt_status;
2848
2849         /* associate the user's SID and access granted with the new handle. */
2850         if ((info = get_samr_info_by_sid(NULL)) == NULL)
2851                 return NT_STATUS_NO_MEMORY;
2852
2853         info->acc_granted = acc_granted;
2854         info->status = q_u->access_mask;
2855
2856         /* get a (unique) handle.  open a policy on it. */
2857         if (!create_policy_hnd(p, &pol, free_samr_info, (void *)info))
2858                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2859
2860         DEBUG(5,("_samr_connect: %d\n", __LINE__));
2861
2862         init_samr_r_connect5(r_u, &pol, NT_STATUS_OK);
2863
2864         return r_u->status;
2865 }
2866
2867 /**********************************************************************
2868  api_samr_lookup_domain
2869  **********************************************************************/
2870
2871 NTSTATUS _samr_lookup_domain(pipes_struct *p, SAMR_Q_LOOKUP_DOMAIN *q_u, SAMR_R_LOOKUP_DOMAIN *r_u)
2872 {
2873         struct samr_info *info;
2874         fstring domain_name;
2875         DOM_SID sid;
2876
2877         r_u->status = NT_STATUS_OK;
2878
2879         if (!find_policy_by_hnd(p, &q_u->connect_pol, (void**)(void *)&info))
2880                 return NT_STATUS_INVALID_HANDLE;
2881
2882         /* win9x user manager likes to use SA_RIGHT_SAM_ENUM_DOMAINS here.  
2883            Reverted that change so we will work with RAS servers again */
2884
2885         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, 
2886                 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_lookup_domain"))) 
2887         {
2888                 return r_u->status;
2889         }
2890
2891         rpcstr_pull(domain_name, q_u->uni_domain.buffer, sizeof(domain_name), q_u->uni_domain.uni_str_len*2, 0);
2892
2893         ZERO_STRUCT(sid);
2894
2895         if (strequal(domain_name, builtin_domain_name())) {
2896                 sid_copy(&sid, &global_sid_Builtin);
2897         } else {
2898                 if (!secrets_fetch_domain_sid(domain_name, &sid)) {
2899                         r_u->status = NT_STATUS_NO_SUCH_DOMAIN;
2900                 }
2901         }
2902
2903         DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name,
2904                  sid_string_dbg(&sid)));
2905
2906         init_samr_r_lookup_domain(r_u, &sid, r_u->status);
2907
2908         return r_u->status;
2909 }
2910
2911 /******************************************************************
2912 makes a SAMR_R_ENUM_DOMAINS structure.
2913 ********************************************************************/
2914
2915 static bool make_enum_domains(TALLOC_CTX *ctx, SAM_ENTRY **pp_sam,
2916                         UNISTR2 **pp_uni_name, uint32 num_sam_entries, fstring doms[])
2917 {
2918         uint32 i;
2919         SAM_ENTRY *sam;
2920         UNISTR2 *uni_name;
2921
2922         DEBUG(5, ("make_enum_domains\n"));
2923
2924         *pp_sam = NULL;
2925         *pp_uni_name = NULL;
2926
2927         if (num_sam_entries == 0)
2928                 return True;
2929
2930         sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries);
2931         uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries);
2932
2933         if (sam == NULL || uni_name == NULL)
2934                 return False;
2935
2936         for (i = 0; i < num_sam_entries; i++) {
2937                 init_unistr2(&uni_name[i], doms[i], UNI_FLAGS_NONE);
2938                 init_sam_entry(&sam[i], &uni_name[i], 0);
2939         }
2940
2941         *pp_sam = sam;
2942         *pp_uni_name = uni_name;
2943
2944         return True;
2945 }
2946
2947 /**********************************************************************
2948  api_samr_enum_domains
2949  **********************************************************************/
2950
2951 NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_ENUM_DOMAINS *r_u)
2952 {
2953         struct samr_info *info;
2954         uint32 num_entries = 2;
2955         fstring dom[2];
2956         const char *name;
2957
2958         r_u->status = NT_STATUS_OK;
2959         
2960         if (!find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info))
2961                 return NT_STATUS_INVALID_HANDLE;
2962         
2963         if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SA_RIGHT_SAM_ENUM_DOMAINS, "_samr_enum_domains"))) {
2964                 return r_u->status;
2965         }
2966
2967         name = get_global_sam_name();
2968
2969         fstrcpy(dom[0],name);
2970         strupper_m(dom[0]);
2971         fstrcpy(dom[1],"Builtin");
2972
2973         if (!make_enum_domains(p->mem_ctx, &r_u->sam, &r_u->uni_dom_name, num_entries, dom))
2974                 return NT_STATUS_NO_MEMORY;
2975
2976         init_samr_r_enum_domains(r_u, q_u->start_idx + num_entries, num_entries);
2977
2978         return r_u->status;
2979 }
2980
2981 /*******************************************************************
2982  api_samr_open_alias
2983  ********************************************************************/
2984
2985 NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_ALIAS *r_u)
2986 {
2987         DOM_SID sid;
2988         POLICY_HND domain_pol = q_u->dom_pol;
2989         uint32 alias_rid = q_u->rid_alias;
2990         POLICY_HND *alias_pol = &r_u->pol;
2991         struct    samr_info *info = NULL;
2992         SEC_DESC *psd = NULL;
2993         uint32    acc_granted;
2994         uint32    des_access = q_u->access_mask;
2995         size_t    sd_size;
2996         NTSTATUS  status;
2997         SE_PRIV se_rights;
2998
2999         r_u->status = NT_STATUS_OK;
3000
3001         /* find the domain policy and get the SID / access bits stored in the domain policy */
3002         
3003         if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
3004                 return NT_STATUS_INVALID_HANDLE;
3005         
3006         status = access_check_samr_function(acc_granted, 
3007                 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_alias");
3008                 
3009         if ( !NT_STATUS_IS_OK(status) ) 
3010                 return status;
3011
3012         /* append the alias' RID to it */
3013         
3014         if (!sid_append_rid(&sid, alias_rid))
3015                 return NT_STATUS_NO_SUCH_ALIAS;
3016                 
3017         /*check if access can be granted as requested by client. */
3018         
3019         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0);
3020         se_map_generic(&des_access,&ali_generic_mapping);
3021         
3022         se_priv_copy( &se_rights, &se_add_users );
3023         
3024         
3025         status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 
3026                 &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access, 
3027                 &acc_granted, "_samr_open_alias");
3028                 
3029         if ( !NT_STATUS_IS_OK(status) )
3030                 return status;
3031
3032         {
3033                 /* Check we actually have the requested alias */
3034                 enum lsa_SidType type;
3035                 bool result;
3036                 gid_t gid;
3037
3038                 become_root();
3039                 result = lookup_sid(NULL, &sid, NULL, NULL, &type);
3040                 unbecome_root();
3041
3042                 if (!result || (type != SID_NAME_ALIAS)) {
3043                         return NT_STATUS_NO_SUCH_ALIAS;
3044                 }
3045
3046                 /* make sure there is a mapping */
3047                 
3048                 if ( !sid_to_gid( &sid, &gid ) ) {
3049                         return NT_STATUS_NO_SUCH_ALIAS;
3050                 }
3051
3052         }
3053
3054         /* associate the alias SID with the new handle. */
3055         if ((info = get_samr_info_by_sid(&sid)) == NULL)
3056                 return NT_STATUS_NO_MEMORY;
3057                 
3058         info->acc_granted = acc_granted;
3059
3060         /* get a (unique) handle.  open a policy on it. */
3061         if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info))
3062                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
3063
3064         return r_u->status;
3065 }
3066
3067 /*******************************************************************
3068  set_user_info_7
3069  ********************************************************************/
3070 static NTSTATUS set_user_info_7(TALLOC_CTX *mem_ctx,
3071                                 const SAM_USER_INFO_7 *id7, struct samu *pwd)
3072 {
3073         fstring new_name;
3074         NTSTATUS rc;
3075
3076         if (id7 == NULL) {
3077                 DEBUG(5, ("set_user_info_7: NULL id7\n"));
3078                 TALLOC_FREE(pwd);
3079                 return NT_STATUS_ACCESS_DENIED;
3080         }
3081
3082         if(!rpcstr_pull(new_name, id7->uni_name.buffer, sizeof(new_name), id7->uni_name.uni_str_len*2, 0)) {
3083                 DEBUG(5, ("set_user_info_7: failed to get new username\n"));
3084                 TALLOC_FREE(pwd);
3085                 return NT_STATUS_ACCESS_DENIED;
3086         }
3087
3088         /* check to see if the new username already exists.  Note: we can't
3089            reliably lock all backends, so there is potentially the 
3090            possibility that a user can be created in between this check and
3091            the rename.  The rename should fail, but may not get the
3092            exact same failure status code.  I think this is small enough
3093            of a window for this type of operation and the results are
3094            simply that the rename fails with a slightly different status
3095            code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */
3096
3097         rc = can_create(mem_ctx, new_name);
3098         if (!NT_STATUS_IS_OK(rc)) {
3099                 return rc;
3100         }
3101
3102         rc = pdb_rename_sam_account(pwd, new_name);
3103
3104         TALLOC_FREE(pwd);
3105         return rc;
3106 }
3107
3108 /*******************************************************************
3109  set_user_info_16
3110  ********************************************************************/
3111
3112 static bool set_user_info_16(const SAM_USER_INFO_16 *id16, struct samu *pwd)
3113 {
3114         if (id16 == NULL) {
3115                 DEBUG(5, ("set_user_info_16: NULL id16\n"));
3116                 TALLOC_FREE(pwd);
3117                 return False;
3118         }
3119         
3120         /* FIX ME: check if the value is really changed --metze */
3121         if (!pdb_set_acct_ctrl(pwd, id16->acb_info, PDB_CHANGED)) {
3122                 TALLOC_FREE(pwd);
3123                 return False;
3124         }
3125
3126         if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
3127                 TALLOC_FREE(pwd);
3128                 return False;
3129         }
3130
3131         TALLOC_FREE(pwd);
3132
3133         return True;
3134 }
3135
3136 /*******************************************************************
3137  set_user_info_18
3138  ********************************************************************/
3139
3140 static bool set_user_info_18(SAM_USER_INFO_18 *id18, struct samu *pwd)
3141 {
3142
3143         if (id18 == NULL) {
3144                 DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
3145                 TALLOC_FREE(pwd);
3146                 return False;
3147         }
3148  
3149         if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd, PDB_CHANGED)) {
3150                 TALLOC_FREE(pwd);
3151                 return False;
3152         }
3153         if (!pdb_set_nt_passwd     (pwd, id18->nt_pwd, PDB_CHANGED)) {
3154                 TALLOC_FREE(pwd);
3155                 return False;
3156         }
3157         if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) {
3158                 TALLOC_FREE(pwd);
3159                 return False; 
3160         }
3161  
3162         if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
3163                 TALLOC_FREE(pwd);
3164                 return False;
3165         }
3166
3167         TALLOC_FREE(pwd);
3168         return True;
3169 }
3170
3171 /*******************************************************************
3172  set_user_info_20
3173  ********************************************************************/
3174
3175 static bool set_user_info_20(SAM_USER_INFO_20 *id20, struct samu *pwd)
3176 {
3177         if (id20 == NULL) {
3178                 DEBUG(5, ("set_user_info_20: NULL id20\n"));
3179                 return False;
3180         }
3181  
3182         copy_id20_to_sam_passwd(pwd, id20);
3183
3184         /* write the change out */
3185         if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
3186                 TALLOC_FREE(pwd);
3187                 return False;
3188         }
3189
3190         TALLOC_FREE(pwd);
3191
3192         return True;
3193 }
3194 /*******************************************************************
3195  set_user_info_21
3196  ********************************************************************/
3197
3198 static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21,
3199                                  struct samu *pwd)
3200 {
3201         fstring new_name;
3202         NTSTATUS status;
3203         
3204         if (id21 == NULL) {
3205                 DEBUG(5, ("set_user_info_21: NULL id21\n"));
3206                 return NT_STATUS_INVALID_PARAMETER;
3207         }
3208
3209         /* we need to separately check for an account rename first */
3210         
3211         if (rpcstr_pull(new_name, id21->uni_user_name.buffer, 
3212                 sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) 
3213                 && (!strequal(new_name, pdb_get_username(pwd)))) 
3214         {
3215
3216                 /* check to see if the new username already exists.  Note: we can't
3217                    reliably lock all backends, so there is potentially the 
3218                    possibility that a user can be created in between this check and
3219                    the rename.  The rename should fail, but may not get the
3220                    exact same failure status code.  I think this is small enough
3221                    of a window for this type of operation and the results are
3222                    simply that the rename fails with a slightly different status
3223                    code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */
3224
3225                 status = can_create(mem_ctx, new_name);
3226                 if (!NT_STATUS_IS_OK(status)) {
3227                         return status;
3228                 }
3229
3230                 status = pdb_rename_sam_account(pwd, new_name);
3231
3232                 if (!NT_STATUS_IS_OK(status)) {
3233                         DEBUG(0,("set_user_info_21: failed to rename account: %s\n", 
3234                                 nt_errstr(status)));
3235                         TALLOC_FREE(pwd);
3236                         return status;
3237                 }
3238
3239                 /* set the new username so that later 
3240                    functions can work on the new account */
3241                 pdb_set_username(pwd, new_name, PDB_SET);
3242         }
3243
3244         copy_id21_to_sam_passwd(pwd, id21);
3245  
3246         /*
3247          * The funny part about the previous two calls is
3248          * that pwd still has the password hashes from the
3249          * passdb entry.  These have not been updated from
3250          * id21.  I don't know if they need to be set.    --jerry
3251          */
3252  
3253         if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
3254                 status = pdb_set_unix_primary_group(mem_ctx, pwd);
3255                 if ( !NT_STATUS_IS_OK(status) ) {
3256                         return status;
3257                 }
3258         }
3259         
3260         /* Don't worry about writing out the user account since the
3261            primary group SID is generated solely from the user's Unix 
3262            primary group. */
3263
3264         /* write the change out */
3265         if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
3266                 TALLOC_FREE(pwd);
3267                 return status;
3268         }
3269
3270         TALLOC_FREE(pwd);
3271
3272         return NT_STATUS_OK;
3273 }
3274
3275 /*******************************************************************
3276  set_user_info_23
3277  ********************************************************************/
3278
3279 static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23,
3280                                  struct samu *pwd)
3281 {
3282         char *plaintext_buf = NULL;
3283         uint32 len = 0;
3284         uint16 acct_ctrl;
3285         NTSTATUS status;
3286
3287         if (id23 == NULL) {
3288                 DEBUG(5, ("set_user_info_23: NULL id23\n"));
3289                 return NT_STATUS_INVALID_PARAMETER;
3290         }
3291
3292         DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
3293                   pdb_get_username(pwd)));
3294
3295         acct_ctrl = pdb_get_acct_ctrl(pwd);
3296
3297         if (!decode_pw_buffer(mem_ctx,
3298                                 id23->pass,
3299                                 &plaintext_buf,
3300                                 &len,
3301                                 STR_UNICODE)) {
3302                 TALLOC_FREE(pwd);
3303                 return NT_STATUS_INVALID_PARAMETER;
3304         }
3305
3306         if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
3307                 TALLOC_FREE(pwd);
3308                 return NT_STATUS_ACCESS_DENIED;
3309         }
3310
3311         copy_id23_to_sam_passwd(pwd, id23);
3312
3313         /* if it's a trust account, don't update /etc/passwd */
3314         if (    ( (acct_ctrl &  ACB_DOMTRUST) == ACB_DOMTRUST ) ||
3315                 ( (acct_ctrl &  ACB_WSTRUST) ==  ACB_WSTRUST) ||