3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1997,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
8 * Copyright (C) Paul Ashton 1997.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 extern int DEBUGLEVEL;
31 extern BOOL sam_logon_in_ssb;
32 extern pstring samlogon_user;
33 extern pstring global_myworkgroup;
34 extern pstring global_myname;
35 extern DOM_SID global_machine_sid;
37 extern rid_name domain_group_rids[];
38 extern rid_name domain_alias_rids[];
40 /*******************************************************************
41 This next function should be replaced with something that
42 dynamically returns the correct user info..... JRA.
43 ********************************************************************/
45 static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
47 int *total_entries, int *num_entries,
52 struct sam_passwd *pwd = NULL;
57 if (pw_buf == NULL) return False;
59 vp = startsmbpwent(False);
62 DEBUG(0, ("get_sampwd_entries: Unable to open SMB password database.\n"));
66 while (((pwd = getsam21pwent(vp)) != NULL) && (*num_entries) < max_num_entries)
72 /* skip the requested number of entries.
73 not very efficient, but hey...
79 user_name_len = strlen(pwd->smb_name);
80 make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len-1);
81 make_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len-1,
83 pw_buf[(*num_entries)].user_rid = pwd->user_rid;
84 bzero( pw_buf[(*num_entries)].nt_pwd , 16);
86 /* Now check if the NT compatible password is available. */
87 if (pwd->smb_nt_passwd != NULL)
89 memcpy( pw_buf[(*num_entries)].nt_pwd , pwd->smb_nt_passwd, 16);
92 pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl;
94 DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x",
95 (*num_entries), pwd->smb_name,
96 pwd->user_rid, pwd->acct_ctrl));
98 if (acb_mask == 0 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask))
100 DEBUG(5,(" acb_mask %x accepts\n", acb_mask));
105 DEBUG(5,(" acb_mask %x rejects\n", acb_mask));
113 return (*num_entries) > 0;
116 /*******************************************************************
118 ********************************************************************/
119 static void samr_reply_close_hnd(SAMR_Q_CLOSE_HND *q_u,
122 SAMR_R_CLOSE_HND r_u;
124 /* set up the SAMR unknown_1 response */
125 bzero(r_u.pol.data, POL_HND_SIZE);
127 /* close the policy handle */
128 if (close_lsa_policy_hnd(&(q_u->pol)))
134 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_INVALID;
137 DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
139 /* store the response in the SMB stream */
140 samr_io_r_close_hnd("", &r_u, rdata, 0);
142 DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
146 /*******************************************************************
148 ********************************************************************/
149 static void api_samr_close_hnd( uint16 vuid, prs_struct *data, prs_struct *rdata)
151 SAMR_Q_CLOSE_HND q_u;
153 /* grab the samr unknown 1 */
154 samr_io_q_close_hnd("", &q_u, data, 0);
156 /* construct reply. always indicate success */
157 samr_reply_close_hnd(&q_u, rdata);
161 /*******************************************************************
162 samr_reply_open_domain
163 ********************************************************************/
164 static void samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u,
167 SAMR_R_OPEN_DOMAIN r_u;
168 BOOL pol_open = False;
172 /* find the connection policy handle. */
173 if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->connect_pol)) == -1))
175 r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
178 /* get a (unique) handle. open a policy on it. */
179 if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.domain_pol))))
181 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
184 /* associate the domain SID with the (unique) handle. */
185 if (r_u.status == 0x0 && !set_lsa_policy_samr_sid(&(r_u.domain_pol), &(q_u->dom_sid.sid)))
187 /* oh, whoops. don't know what error message to return, here */
188 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
191 if (r_u.status != 0 && pol_open)
193 close_lsa_policy_hnd(&(r_u.domain_pol));
196 DEBUG(5,("samr_open_domain: %d\n", __LINE__));
198 /* store the response in the SMB stream */
199 samr_io_r_open_domain("", &r_u, rdata, 0);
201 DEBUG(5,("samr_open_domain: %d\n", __LINE__));
205 /*******************************************************************
207 ********************************************************************/
208 static void api_samr_open_domain( uint16 vuid, prs_struct *data, prs_struct *rdata)
210 SAMR_Q_OPEN_DOMAIN q_u;
212 /* grab the samr open */
213 samr_io_q_open_domain("", &q_u, data, 0);
215 /* construct reply. always indicate success */
216 samr_reply_open_domain(&q_u, rdata);
220 /*******************************************************************
221 samr_reply_unknown_2c
222 ********************************************************************/
223 static void samr_reply_unknown_2c(SAMR_Q_UNKNOWN_2C *q_u,
226 SAMR_R_UNKNOWN_2C r_u;
230 /* find the policy handle. open a policy on it. */
231 if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
233 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
236 /* find the user's rid */
237 if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->user_pol))) == 0xffffffff)
239 status = NT_STATUS_OBJECT_TYPE_MISMATCH;
242 make_samr_r_unknown_2c(&r_u, status);
244 DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
246 /* store the response in the SMB stream */
247 samr_io_r_unknown_2c("", &r_u, rdata, 0);
249 DEBUG(5,("samr_unknown_2c: %d\n", __LINE__));
253 /*******************************************************************
255 ********************************************************************/
256 static void api_samr_unknown_2c( uint16 vuid, prs_struct *data, prs_struct *rdata)
258 SAMR_Q_UNKNOWN_2C q_u;
260 /* grab the samr open */
261 samr_io_q_unknown_2c("", &q_u, data, 0);
263 /* construct reply. always indicate success */
264 samr_reply_unknown_2c(&q_u, rdata);
268 /*******************************************************************
270 ********************************************************************/
271 static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u,
274 SAMR_R_UNKNOWN_3 r_u;
275 DOM_SID3 sid[MAX_SAM_SIDS];
281 /* find the policy handle. open a policy on it. */
282 if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->user_pol)) == -1))
284 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
287 /* find the user's rid */
288 if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->user_pol))) == 0xffffffff)
290 status = NT_STATUS_OBJECT_TYPE_MISMATCH;
296 DOM_SID everyone_sid;
298 user_sid = global_machine_sid;
300 SMB_ASSERT_ARRAY(user_sid.sub_auths, user_sid.num_auths+1);
305 user_sid.sub_auths[user_sid.num_auths++] = rid;
307 string_to_sid(&everyone_sid, "S-1-1");
309 /* maybe need another 1 or 2 (S-1-5-20-0x220 and S-1-5-20-0x224) */
310 /* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
311 make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &everyone_sid);
312 make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &user_sid);
315 make_samr_r_unknown_3(&r_u,
317 0x00000014, 0x0002, 0x0070,
320 DEBUG(5,("samr_unknown_3: %d\n", __LINE__));
322 /* store the response in the SMB stream */
323 samr_io_r_unknown_3("", &r_u, rdata, 0);
325 DEBUG(5,("samr_unknown_3: %d\n", __LINE__));
329 /*******************************************************************
331 ********************************************************************/
332 static void api_samr_unknown_3( uint16 vuid, prs_struct *data, prs_struct *rdata)
334 SAMR_Q_UNKNOWN_3 q_u;
336 /* grab the samr open */
337 samr_io_q_unknown_3("", &q_u, data, 0);
339 /* construct reply. always indicate success */
340 samr_reply_unknown_3(&q_u, rdata);
344 /*******************************************************************
345 samr_reply_enum_dom_users
346 ********************************************************************/
347 static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u,
350 SAMR_R_ENUM_DOM_USERS r_e;
351 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
356 r_e.total_num_entries = 0;
358 /* find the policy handle. open a policy on it. */
359 if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
361 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
364 DEBUG(5,("samr_reply_enum_dom_users: %d\n", __LINE__));
367 get_sampwd_entries(pass, 0, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
370 make_samr_r_enum_dom_users(&r_e, total_entries,
371 q_u->unknown_0, num_entries,
374 /* store the response in the SMB stream */
375 samr_io_r_enum_dom_users("", &r_e, rdata, 0);
377 DEBUG(5,("samr_enum_dom_users: %d\n", __LINE__));
381 /*******************************************************************
382 api_samr_enum_dom_users
383 ********************************************************************/
384 static void api_samr_enum_dom_users( uint16 vuid, prs_struct *data, prs_struct *rdata)
386 SAMR_Q_ENUM_DOM_USERS q_e;
388 /* grab the samr open */
389 samr_io_q_enum_dom_users("", &q_e, data, 0);
391 /* construct reply. */
392 samr_reply_enum_dom_users(&q_e, rdata);
396 /*******************************************************************
397 samr_reply_enum_dom_groups
398 ********************************************************************/
399 static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u,
402 SAMR_R_ENUM_DOM_GROUPS r_e;
403 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
406 char *dummy_group = "Domain Admins";
411 /* find the policy handle. open a policy on it. */
412 if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
414 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
417 DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
421 make_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group));
422 pass[0].user_rid = DOMAIN_GROUP_RID_ADMINS;
424 if (r_e.status == 0 && got_grps)
426 make_samr_r_enum_dom_groups(&r_e, q_u->start_idx, num_entries, pass, r_e.status);
429 /* store the response in the SMB stream */
430 samr_io_r_enum_dom_groups("", &r_e, rdata, 0);
432 DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
436 /*******************************************************************
437 api_samr_enum_dom_groups
438 ********************************************************************/
439 static void api_samr_enum_dom_groups( uint16 vuid, prs_struct *data, prs_struct *rdata)
441 SAMR_Q_ENUM_DOM_GROUPS q_e;
443 /* grab the samr open */
444 samr_io_q_enum_dom_groups("", &q_e, data, 0);
446 /* construct reply. */
447 samr_reply_enum_dom_groups(&q_e, rdata);
451 /*******************************************************************
452 samr_reply_enum_dom_aliases
453 ********************************************************************/
454 static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u,
457 SAMR_R_ENUM_DOM_ALIASES r_e;
458 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
461 char *dummy_alias = "admins";
466 /* find the policy handle. open a policy on it. */
467 if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
469 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
472 DEBUG(5,("samr_reply_enum_dom_aliases: %d\n", __LINE__));
476 make_unistr2(&(pass[0].uni_user_name), dummy_alias, strlen(dummy_alias));
477 pass[0].user_rid = BUILTIN_ALIAS_RID_ADMINS;
479 if (r_e.status == 0 && got_aliases)
481 make_samr_r_enum_dom_aliases(&r_e, num_entries, pass, r_e.status);
484 /* store the response in the SMB stream */
485 samr_io_r_enum_dom_aliases("", &r_e, rdata, 0);
487 DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
491 /*******************************************************************
492 api_samr_enum_dom_aliases
493 ********************************************************************/
494 static void api_samr_enum_dom_aliases( uint16 vuid, prs_struct *data, prs_struct *rdata)
496 SAMR_Q_ENUM_DOM_ALIASES q_e;
498 /* grab the samr open */
499 samr_io_q_enum_dom_aliases("", &q_e, data, 0);
501 /* construct reply. */
502 samr_reply_enum_dom_aliases(&q_e, rdata);
506 /*******************************************************************
507 samr_reply_query_dispinfo
508 ********************************************************************/
509 static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u,
512 SAMR_R_QUERY_DISPINFO r_e;
516 SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES];
518 int total_entries = 0;
520 uint16 switch_level = 0x0;
526 DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
528 /* find the policy handle. open a policy on it. */
529 if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
531 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
532 DEBUG(5,("samr_reply_query_dispinfo: invalid handle\n"));
535 if (r_e.status == 0x0)
538 got_pwds = get_sampwd_entries(pass, q_u->start_idx, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
541 switch (q_u->switch_level)
546 /* query disp info is for users */
548 make_sam_info_1(&info1, ACB_NORMAL,
549 q_u->start_idx, num_entries, pass);
551 ctr.sam.info1 = &info1;
557 /* query disp info is for servers */
559 make_sam_info_2(&info2, ACB_WSTRUST,
560 q_u->start_idx, num_entries, pass);
562 ctr.sam.info2 = &info2;
569 if (r_e.status == 0 && got_pwds)
571 make_samr_r_query_dispinfo(&r_e, switch_level, &ctr, r_e.status);
574 /* store the response in the SMB stream */
575 samr_io_r_query_dispinfo("", &r_e, rdata, 0);
577 DEBUG(5,("samr_query_dispinfo: %d\n", __LINE__));
581 /*******************************************************************
582 api_samr_query_dispinfo
583 ********************************************************************/
584 static void api_samr_query_dispinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
586 SAMR_Q_QUERY_DISPINFO q_e;
588 /* grab the samr open */
589 samr_io_q_query_dispinfo("", &q_e, data, 0);
591 /* construct reply. */
592 samr_reply_query_dispinfo(&q_e, rdata);
596 /*******************************************************************
597 samr_reply_query_aliasinfo
598 ********************************************************************/
599 static void samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u,
602 SAMR_R_QUERY_ALIASINFO r_e;
607 /* find the policy handle. open a policy on it. */
608 if (r_e.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
610 r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
613 DEBUG(5,("samr_reply_query_aliasinfo: %d\n", __LINE__));
615 if (r_e.status == 0x0)
617 if (q_u->switch_level != 3)
619 r_e.status = NT_STATUS_INVALID_INFO_CLASS;
623 make_samr_r_query_aliasinfo(&r_e, q_u->switch_level,
624 "<account description>",
627 /* store the response in the SMB stream */
628 samr_io_r_query_aliasinfo("", &r_e, rdata, 0);
630 DEBUG(5,("samr_query_aliasinfo: %d\n", __LINE__));
634 /*******************************************************************
635 api_samr_query_aliasinfo
636 ********************************************************************/
637 static void api_samr_query_aliasinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
639 SAMR_Q_QUERY_ALIASINFO q_e;
641 /* grab the samr open */
642 samr_io_q_query_aliasinfo("", &q_e, data, 0);
644 /* construct reply. */
645 samr_reply_query_aliasinfo(&q_e, rdata);
649 /*******************************************************************
650 samr_reply_lookup_ids
651 ********************************************************************/
652 static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u,
655 uint32 rid[MAX_SAM_ENTRIES];
657 int num_rids = q_u->num_sids1;
659 SAMR_R_LOOKUP_IDS r_u;
661 DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
663 if (num_rids > MAX_SAM_ENTRIES)
665 num_rids = MAX_SAM_ENTRIES;
666 DEBUG(5,("samr_lookup_ids: truncating entries to %d\n", num_rids));
671 SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
673 for (i = 0; i < num_rids && status == 0; i++)
675 struct sam_passwd *sam_pass;
679 fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
680 q_u->uni_user_name[i].uni_str_len));
682 /* find the user account */
684 sam_pass = get_smb21pwd_entry(user_name, 0);
687 if (sam_pass == NULL)
689 status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
694 rid[i] = sam_pass->user_rid;
700 rid[0] = BUILTIN_ALIAS_RID_USERS;
702 make_samr_r_lookup_ids(&r_u, num_rids, rid, status);
704 /* store the response in the SMB stream */
705 samr_io_r_lookup_ids("", &r_u, rdata, 0);
707 DEBUG(5,("samr_lookup_ids: %d\n", __LINE__));
711 /*******************************************************************
713 ********************************************************************/
714 static void api_samr_lookup_ids( uint16 vuid, prs_struct *data, prs_struct *rdata)
716 SAMR_Q_LOOKUP_IDS q_u;
718 /* grab the samr 0x10 */
719 samr_io_q_lookup_ids("", &q_u, data, 0);
721 /* construct reply. always indicate success */
722 samr_reply_lookup_ids(&q_u, rdata);
725 /*******************************************************************
726 samr_reply_lookup_names
727 ********************************************************************/
728 static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u,
731 uint32 rid[MAX_SAM_ENTRIES];
734 int num_rids = q_u->num_rids1;
736 SAMR_R_LOOKUP_NAMES r_u;
738 DEBUG(5,("samr_lookup_names: %d\n", __LINE__));
740 if (num_rids > MAX_SAM_ENTRIES)
742 num_rids = MAX_SAM_ENTRIES;
743 DEBUG(5,("samr_lookup_names: truncating entries to %d\n", num_rids));
746 SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
748 for (i = 0; i < num_rids && status == 0; i++)
752 status = 0xC0000000 | NT_STATUS_NONE_MAPPED;
754 fstrcpy(name, unistrn2(q_u->uni_user_name[i].buffer, q_u->uni_user_name[i].uni_str_len));
756 status = (status != 0x0) ? lookup_user_rid (name, &(rid[i])) : status;
757 status = (status != 0x0) ? lookup_group_rid(name, &(rid[i])) : status;
758 status = (status != 0x0) ? lookup_alias_rid(name, &(rid[i])) : status;
761 make_samr_r_lookup_names(&r_u, num_rids, rid, status);
763 /* store the response in the SMB stream */
764 samr_io_r_lookup_names("", &r_u, rdata, 0);
766 DEBUG(5,("samr_lookup_names: %d\n", __LINE__));
770 /*******************************************************************
771 api_samr_lookup_names
772 ********************************************************************/
773 static void api_samr_lookup_names( uint16 vuid, prs_struct *data, prs_struct *rdata)
775 SAMR_Q_LOOKUP_NAMES q_u;
777 /* grab the samr lookup names */
778 samr_io_q_lookup_names("", &q_u, data, 0);
780 /* construct reply. always indicate success */
781 samr_reply_lookup_names(&q_u, rdata);
784 /*******************************************************************
785 samr_reply_chgpasswd_user
786 ********************************************************************/
787 static void samr_reply_chgpasswd_user(SAMR_Q_CHGPASSWD_USER *q_u,
790 SAMR_R_CHGPASSWD_USER r_u;
795 fstrcpy(user_name, unistrn2(q_u->uni_user_name.buffer, q_u->uni_user_name.uni_str_len));
796 fstrcpy(wks , unistrn2(q_u->uni_dest_host.buffer, q_u->uni_dest_host.uni_str_len));
798 DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
800 if (!pass_oem_change(user_name,
801 q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
802 q_u->nt_newpass.pass, q_u->nt_oldhash.hash))
804 status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
807 make_samr_r_chgpasswd_user(&r_u, status);
809 /* store the response in the SMB stream */
810 samr_io_r_chgpasswd_user("", &r_u, rdata, 0);
812 DEBUG(5,("samr_chgpasswd_user: %d\n", __LINE__));
815 /*******************************************************************
816 api_samr_chgpasswd_user
817 ********************************************************************/
818 static void api_samr_chgpasswd_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
820 SAMR_Q_CHGPASSWD_USER q_u;
822 /* unknown 38 command */
823 samr_io_q_chgpasswd_user("", &q_u, data, 0);
825 /* construct reply. */
826 samr_reply_chgpasswd_user(&q_u, rdata);
830 /*******************************************************************
831 samr_reply_unknown_38
832 ********************************************************************/
833 static void samr_reply_unknown_38(SAMR_Q_UNKNOWN_38 *q_u,
836 SAMR_R_UNKNOWN_38 r_u;
838 DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
840 make_samr_r_unknown_38(&r_u);
842 /* store the response in the SMB stream */
843 samr_io_r_unknown_38("", &r_u, rdata, 0);
845 DEBUG(5,("samr_unknown_38: %d\n", __LINE__));
848 /*******************************************************************
850 ********************************************************************/
851 static void api_samr_unknown_38( uint16 vuid, prs_struct *data, prs_struct *rdata)
853 SAMR_Q_UNKNOWN_38 q_u;
855 /* unknown 38 command */
856 samr_io_q_unknown_38("", &q_u, data, 0);
858 /* construct reply. always indicate success */
859 samr_reply_unknown_38(&q_u, rdata);
863 /*******************************************************************
864 samr_reply_unknown_12
865 ********************************************************************/
866 static void samr_reply_unknown_12(SAMR_Q_UNKNOWN_12 *q_u,
869 fstring group_names[MAX_SAM_ENTRIES];
870 uint32 group_attrs[MAX_SAM_ENTRIES];
872 int num_gids = q_u->num_gids1;
874 SAMR_R_UNKNOWN_12 r_u;
876 DEBUG(5,("samr_unknown_12: %d\n", __LINE__));
878 /* find the policy handle. open a policy on it. */
879 if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
881 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
887 if (num_gids > MAX_SAM_ENTRIES)
889 num_gids = MAX_SAM_ENTRIES;
890 DEBUG(5,("samr_unknown_12: truncating entries to %d\n", num_gids));
893 for (i = 0; i < num_gids && status == 0; i++)
895 fstrcpy(group_names[i], "dummy group");
896 group_attrs[i] = 0x2;
900 make_samr_r_unknown_12(&r_u, num_gids, group_names, group_attrs, status);
902 /* store the response in the SMB stream */
903 samr_io_r_unknown_12("", &r_u, rdata, 0);
905 DEBUG(5,("samr_unknown_12: %d\n", __LINE__));
909 /*******************************************************************
911 ********************************************************************/
912 static void api_samr_unknown_12( uint16 vuid, prs_struct *data, prs_struct *rdata)
914 SAMR_Q_UNKNOWN_12 q_u;
916 /* grab the samr lookup names */
917 samr_io_q_unknown_12("", &q_u, data, 0);
919 /* construct reply. always indicate success */
920 samr_reply_unknown_12(&q_u, rdata);
924 /*******************************************************************
926 ********************************************************************/
927 static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u,
931 SAMR_R_OPEN_USER r_u;
932 struct sam_passwd *sam_pass;
933 BOOL pol_open = False;
935 /* set up the SAMR open_user response */
936 bzero(r_u.user_pol.data, POL_HND_SIZE);
940 /* find the policy handle. open a policy on it. */
941 if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
943 r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
946 /* get a (unique) handle. open a policy on it. */
947 if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.user_pol))))
949 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
953 sam_pass = getsam21pwrid(q_u->user_rid);
956 /* check that the RID exists in our domain. */
957 if (r_u.status == 0x0 && sam_pass == NULL)
959 r_u.status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
962 /* associate the RID with the (unique) handle. */
963 if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.user_pol), q_u->user_rid))
965 /* oh, whoops. don't know what error message to return, here */
966 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
969 if (r_u.status != 0 && pol_open)
971 close_lsa_policy_hnd(&(r_u.user_pol));
974 DEBUG(5,("samr_open_user: %d\n", __LINE__));
976 /* store the response in the SMB stream */
977 samr_io_r_open_user("", &r_u, rdata, 0);
979 DEBUG(5,("samr_open_user: %d\n", __LINE__));
983 /*******************************************************************
985 ********************************************************************/
986 static void api_samr_open_user( uint16 vuid, prs_struct *data, prs_struct *rdata)
988 SAMR_Q_OPEN_USER q_u;
990 /* grab the samr unknown 22 */
991 samr_io_q_open_user("", &q_u, data, 0);
993 /* construct reply. always indicate success */
994 samr_reply_open_user(&q_u, rdata, 0x0);
998 /*************************************************************************
1000 *************************************************************************/
1001 static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
1003 struct smb_passwd *smb_pass;
1005 if (!pdb_rid_is_user(user_rid))
1007 DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
1012 smb_pass = getsmbpwrid(user_rid);
1013 unbecome_root(True);
1015 if (smb_pass == NULL)
1017 DEBUG(4,("User 0x%x not found\n", user_rid));
1021 DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
1023 make_sam_user_info10(id10, smb_pass->acct_ctrl);
1028 /*************************************************************************
1030 *************************************************************************/
1031 static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
1034 struct sam_passwd *sam_pass;
1038 if (!pdb_rid_is_user(user_rid))
1040 DEBUG(4,("RID 0x%x is not a user RID\n", user_rid));
1045 sam_pass = getsam21pwrid(user_rid);
1046 unbecome_root(True);
1048 if (sam_pass == NULL)
1050 DEBUG(4,("User 0x%x not found\n", user_rid));
1054 DEBUG(3,("User:[%s]\n", sam_pass->smb_name));
1056 dummy_time.low = 0xffffffff;
1057 dummy_time.high = 0x7fffffff;
1059 DEBUG(0,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n"));
1061 /* create a LOGON_HRS structure */
1062 hrs.len = sam_pass->hours_len;
1063 SMB_ASSERT_ARRAY(hrs.hours, hrs.len);
1064 for (i = 0; i < hrs.len; i++)
1066 hrs.hours[i] = sam_pass->hours[i];
1069 make_sam_user_info21(id21,
1071 &dummy_time, /* logon_time */
1072 &dummy_time, /* logoff_time */
1073 &dummy_time, /* kickoff_time */
1074 &dummy_time, /* pass_last_set_time */
1075 &dummy_time, /* pass_can_change_time */
1076 &dummy_time, /* pass_must_change_time */
1078 sam_pass->smb_name, /* user_name */
1079 sam_pass->full_name, /* full_name */
1080 sam_pass->home_dir, /* home_dir */
1081 sam_pass->dir_drive, /* dir_drive */
1082 sam_pass->logon_script, /* logon_script */
1083 sam_pass->profile_path, /* profile_path */
1084 sam_pass->acct_desc, /* description */
1085 sam_pass->workstations, /* workstations user can log in from */
1086 sam_pass->unknown_str, /* don't know, yet */
1087 sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */
1089 sam_pass->user_rid, /* RID user_id */
1090 sam_pass->group_rid, /* RID group_id */
1091 sam_pass->acct_ctrl,
1093 sam_pass->unknown_3, /* unknown_3 */
1094 sam_pass->logon_divs, /* divisions per week */
1095 &hrs, /* logon hours */
1096 sam_pass->unknown_5,
1097 sam_pass->unknown_6);
1102 /*******************************************************************
1103 samr_reply_query_userinfo
1104 ********************************************************************/
1105 static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
1108 SAMR_R_QUERY_USERINFO r_u;
1110 SAM_USER_INFO_11 id11;
1112 SAM_USER_INFO_10 id10;
1113 SAM_USER_INFO_21 id21;
1116 uint32 status = 0x0;
1119 DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__));
1121 /* search for the handle */
1122 if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
1124 status = NT_STATUS_INVALID_HANDLE;
1127 /* find the user's rid */
1128 if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->pol))) == 0xffffffff)
1130 status = NT_STATUS_OBJECT_TYPE_MISMATCH;
1133 DEBUG(5,("samr_reply_query_userinfo: rid:0x%x\n", rid));
1135 /* ok! user info levels (there are lots: see MSDEV help), off we go... */
1138 switch (q_u->switch_value)
1142 info = (void*)&id10;
1143 status = get_user_info_10(&id10, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
1147 /* whoops - got this wrong. i think. or don't understand what's happening. */
1151 info = (void*)&id11;
1153 expire.low = 0xffffffff;
1154 expire.high = 0x7fffffff;
1156 make_sam_user_info11(&id11, &expire, "BROOKFIELDS$", 0x03ef, 0x201, 0x0080);
1163 info = (void*)&id21;
1164 status = get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
1170 status = NT_STATUS_INVALID_INFO_CLASS;
1177 make_samr_r_query_userinfo(&r_u, q_u->switch_value, info, status);
1179 /* store the response in the SMB stream */
1180 samr_io_r_query_userinfo("", &r_u, rdata, 0);
1182 DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__));
1186 /*******************************************************************
1187 api_samr_query_userinfo
1188 ********************************************************************/
1189 static void api_samr_query_userinfo( uint16 vuid, prs_struct *data, prs_struct *rdata)
1191 SAMR_Q_QUERY_USERINFO q_u;
1193 /* grab the samr unknown 24 */
1194 samr_io_q_query_userinfo("", &q_u, data, 0);
1196 /* construct reply. always indicate success */
1197 samr_reply_query_userinfo(&q_u, rdata);
1201 /*******************************************************************
1202 samr_reply_query_usergroups
1203 ********************************************************************/
1204 static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u,
1207 SAMR_R_QUERY_USERGROUPS r_u;
1208 uint32 status = 0x0;
1210 struct sam_passwd *sam_pass;
1211 DOM_GID *gids = NULL;
1215 DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
1217 /* find the policy handle. open a policy on it. */
1218 if (status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->pol)) == -1))
1220 status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
1223 /* find the user's rid */
1224 if (status == 0x0 && (rid = get_lsa_policy_samr_rid(&(q_u->pol))) == 0xffffffff)
1226 status = NT_STATUS_OBJECT_TYPE_MISMATCH;
1232 sam_pass = getsam21pwrid(rid);
1233 unbecome_root(True);
1235 if (sam_pass == NULL)
1237 status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
1244 get_domain_user_groups(groups, sam_pass->smb_name);
1246 num_groups = make_dom_gids(groups, &gids);
1249 /* construct the response. lkclXXXX: gids are not copied! */
1250 make_samr_r_query_usergroups(&r_u, num_groups, gids, status);
1252 /* store the response in the SMB stream */
1253 samr_io_r_query_usergroups("", &r_u, rdata, 0);
1260 DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
1264 /*******************************************************************
1265 api_samr_query_usergroups
1266 ********************************************************************/
1267 static void api_samr_query_usergroups( uint16 vuid, prs_struct *data, prs_struct *rdata)
1269 SAMR_Q_QUERY_USERGROUPS q_u;
1270 /* grab the samr unknown 32 */
1271 samr_io_q_query_usergroups("", &q_u, data, 0);
1273 /* construct reply. */
1274 samr_reply_query_usergroups(&q_u, rdata);
1278 /*******************************************************************
1279 samr_reply_unknown_8
1280 ********************************************************************/
1281 static void samr_reply_unknown_8(SAMR_Q_UNKNOWN_8 *q_u,
1284 SAMR_R_UNKNOWN_8 r_u;
1286 uint16 switch_value = 0x0;
1287 uint32 status = 0x0;
1294 DEBUG(5,("samr_reply_unknown_8: %d\n", __LINE__));
1296 /* find the policy handle. open a policy on it. */
1297 if (r_u.status == 0x0 && (find_lsa_policy_by_hnd(&(q_u->domain_pol)) == -1))
1299 r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE;
1300 DEBUG(5,("samr_reply_unknown_8: invalid handle\n"));
1305 switch (q_u->switch_value)
1310 make_unk_info2(&ctr.info.inf2, global_myworkgroup, global_myname);
1316 status = 0xC0000000 | NT_STATUS_INVALID_INFO_CLASS;
1322 make_samr_r_unknown_8(&r_u, switch_value, &ctr, status);
1324 /* store the response in the SMB stream */
1325 samr_io_r_unknown_8("", &r_u, rdata, 0);
1327 DEBUG(5,("samr_unknown_8: %d\n", __LINE__));
1331 /*******************************************************************
1333 ********************************************************************/
1334 static void api_samr_unknown_8( uint16 vuid, prs_struct *data, prs_struct *rdata)
1336 SAMR_Q_UNKNOWN_8 q_e;
1338 /* grab the samr unknown 8 command */
1339 samr_io_q_unknown_8("", &q_e, data, 0);
1341 /* construct reply. */
1342 samr_reply_unknown_8(&q_e, rdata);
1347 /*******************************************************************
1348 samr_reply_unknown_32
1349 ********************************************************************/
1350 static void samr_reply_unknown_32(SAMR_Q_UNKNOWN_32 *q_u,
1355 SAMR_R_UNKNOWN_32 r_u;
1357 /* set up the SAMR unknown_32 response */
1358 bzero(r_u.pol.data, POL_HND_SIZE);
1361 for (i = 4; i < POL_HND_SIZE; i++)
1363 r_u.pol.data[i] = i+1;
1367 make_dom_rid4(&(r_u.rid4), 0x0030, 0, 0);
1368 r_u.status = status;
1370 DEBUG(5,("samr_unknown_32: %d\n", __LINE__));
1372 /* store the response in the SMB stream */
1373 samr_io_r_unknown_32("", &r_u, rdata, 0);
1375 DEBUG(5,("samr_unknown_32: %d\n", __LINE__));
1379 /*******************************************************************
1381 ********************************************************************/
1382 static void api_samr_unknown_32( uint16 vuid, prs_struct *data, prs_struct *rdata)
1385 struct sam_passwd *sam_pass;
1388 SAMR_Q_UNKNOWN_32 q_u;
1390 /* grab the samr unknown 32 */
1391 samr_io_q_unknown_32("", &q_u, data, 0);
1393 /* find the machine account: tell the caller if it exists.
1394 lkclXXXX i have *no* idea if this is a problem or not
1395 or even if you are supposed to construct a different
1396 reply if the account already exists...
1399 fstrcpy(mach_acct, unistrn2(q_u.uni_mach_acct.buffer,
1400 q_u.uni_mach_acct.uni_str_len));
1403 sam_pass = getsam21pwnam(mach_acct);
1404 unbecome_root(True);
1406 if (sam_pass != NULL)
1408 /* machine account exists: say so */
1409 status = 0xC0000000 | NT_STATUS_USER_EXISTS;
1413 /* this could cause trouble... */
1414 DEBUG(0,("trouble!\n"));
1418 /* construct reply. */
1419 samr_reply_unknown_32(&q_u, rdata, status);
1423 /*******************************************************************
1424 samr_reply_connect_anon
1425 ********************************************************************/
1426 static void samr_reply_connect_anon(SAMR_Q_CONNECT_ANON *q_u,
1429 SAMR_R_CONNECT_ANON r_u;
1430 BOOL pol_open = False;
1432 /* set up the SAMR connect_anon response */
1435 /* get a (unique) handle. open a policy on it. */
1436 if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.connect_pol))))
1438 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1441 /* associate the domain SID with the (unique) handle. */
1442 if (r_u.status == 0x0 && !set_lsa_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0))
1444 /* oh, whoops. don't know what error message to return, here */
1445 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1448 if (r_u.status != 0 && pol_open)
1450 close_lsa_policy_hnd(&(r_u.connect_pol));
1453 DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
1455 /* store the response in the SMB stream */
1456 samr_io_r_connect_anon("", &r_u, rdata, 0);
1458 DEBUG(5,("samr_connect_anon: %d\n", __LINE__));
1462 /*******************************************************************
1463 api_samr_connect_anon
1464 ********************************************************************/
1465 static void api_samr_connect_anon( uint16 vuid, prs_struct *data, prs_struct *rdata)
1467 SAMR_Q_CONNECT_ANON q_u;
1469 /* grab the samr open policy */
1470 samr_io_q_connect_anon("", &q_u, data, 0);
1472 /* construct reply. always indicate success */
1473 samr_reply_connect_anon(&q_u, rdata);
1476 /*******************************************************************
1478 ********************************************************************/
1479 static void samr_reply_connect(SAMR_Q_CONNECT *q_u,
1483 BOOL pol_open = False;
1485 /* set up the SAMR connect response */
1488 /* get a (unique) handle. open a policy on it. */
1489 if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.connect_pol))))
1491 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1494 /* associate the domain SID with the (unique) handle. */
1495 if (r_u.status == 0x0 && !set_lsa_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0))
1497 /* oh, whoops. don't know what error message to return, here */
1498 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1501 if (r_u.status != 0 && pol_open)
1503 close_lsa_policy_hnd(&(r_u.connect_pol));
1506 DEBUG(5,("samr_connect: %d\n", __LINE__));
1508 /* store the response in the SMB stream */
1509 samr_io_r_connect("", &r_u, rdata, 0);
1511 DEBUG(5,("samr_connect: %d\n", __LINE__));
1515 /*******************************************************************
1517 ********************************************************************/
1518 static void api_samr_connect( uint16 vuid, prs_struct *data, prs_struct *rdata)
1522 /* grab the samr open policy */
1523 samr_io_q_connect("", &q_u, data, 0);
1525 /* construct reply. always indicate success */
1526 samr_reply_connect(&q_u, rdata);
1529 /*******************************************************************
1530 samr_reply_open_alias
1531 ********************************************************************/
1532 static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u,
1535 SAMR_R_OPEN_ALIAS r_u;
1536 BOOL pol_open = False;
1538 /* set up the SAMR open_alias response */
1541 /* get a (unique) handle. open a policy on it. */
1542 if (r_u.status == 0x0 && !(pol_open = open_lsa_policy_hnd(&(r_u.pol))))
1544 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1547 /* associate a RID with the (unique) handle. */
1548 if (r_u.status == 0x0 && !set_lsa_policy_samr_rid(&(r_u.pol), q_u->rid_alias))
1550 /* oh, whoops. don't know what error message to return, here */
1551 r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND;
1554 if (r_u.status != 0 && pol_open)
1556 close_lsa_policy_hnd(&(r_u.pol));
1559 DEBUG(5,("samr_open_alias: %d\n", __LINE__));
1561 /* store the response in the SMB stream */
1562 samr_io_r_open_alias("", &r_u, rdata, 0);
1564 DEBUG(5,("samr_open_alias: %d\n", __LINE__));
1568 /*******************************************************************
1570 ********************************************************************/
1571 static void api_samr_open_alias( uint16 vuid, prs_struct *data, prs_struct *rdata)
1574 SAMR_Q_OPEN_ALIAS q_u;
1576 /* grab the samr open policy */
1577 samr_io_q_open_alias("", &q_u, data, 0);
1579 /* construct reply. always indicate success */
1580 samr_reply_open_alias(&q_u, rdata);
1583 /*******************************************************************
1584 array of \PIPE\samr operations
1585 ********************************************************************/
1586 static struct api_struct api_samr_cmds [] =
1588 { "SAMR_CLOSE_HND" , SAMR_CLOSE_HND , api_samr_close_hnd },
1589 { "SAMR_CONNECT" , SAMR_CONNECT , api_samr_connect },
1590 { "SAMR_CONNECT_ANON" , SAMR_CONNECT_ANON , api_samr_connect_anon },
1591 { "SAMR_ENUM_DOM_USERS" , SAMR_ENUM_DOM_USERS , api_samr_enum_dom_users },
1592 { "SAMR_ENUM_DOM_GROUPS" , SAMR_ENUM_DOM_GROUPS , api_samr_enum_dom_groups },
1593 { "SAMR_ENUM_DOM_ALIASES" , SAMR_ENUM_DOM_ALIASES , api_samr_enum_dom_aliases },
1594 { "SAMR_LOOKUP_IDS" , SAMR_LOOKUP_IDS , api_samr_lookup_ids },
1595 { "SAMR_LOOKUP_NAMES" , SAMR_LOOKUP_NAMES , api_samr_lookup_names },
1596 { "SAMR_OPEN_USER" , SAMR_OPEN_USER , api_samr_open_user },
1597 { "SAMR_QUERY_USERINFO" , SAMR_QUERY_USERINFO , api_samr_query_userinfo },
1598 { "SAMR_UNKNOWN_8" , SAMR_UNKNOWN_8 , api_samr_unknown_8 },
1599 { "SAMR_QUERY_USERGROUPS" , SAMR_QUERY_USERGROUPS , api_samr_query_usergroups },
1600 { "SAMR_QUERY_DISPINFO" , SAMR_QUERY_DISPINFO , api_samr_query_dispinfo },
1601 { "SAMR_QUERY_ALIASINFO" , SAMR_QUERY_ALIASINFO , api_samr_query_aliasinfo },
1602 { "SAMR_0x32" , 0x32 , api_samr_unknown_32 },
1603 { "SAMR_UNKNOWN_12" , SAMR_UNKNOWN_12 , api_samr_unknown_12 },
1604 { "SAMR_UNKNOWN_38" , SAMR_UNKNOWN_38 , api_samr_unknown_38 },
1605 { "SAMR_CHGPASSWD_USER" , SAMR_CHGPASSWD_USER , api_samr_chgpasswd_user },
1606 { "SAMR_OPEN_ALIAS" , SAMR_OPEN_ALIAS , api_samr_open_alias },
1607 { "SAMR_OPEN_DOMAIN" , SAMR_OPEN_DOMAIN , api_samr_open_domain },
1608 { "SAMR_UNKNOWN_3" , SAMR_UNKNOWN_3 , api_samr_unknown_3 },
1609 { "SAMR_UNKNOWN_2C" , SAMR_UNKNOWN_2C , api_samr_unknown_2c },
1613 /*******************************************************************
1614 receives a samr pipe and responds.
1615 ********************************************************************/
1616 BOOL api_samr_rpc(pipes_struct *p, prs_struct *data)
1618 return api_rpcTNP(p, "api_samr_rpc", api_samr_cmds, data);