2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
27 /****************************************************************
28 ****************************************************************/
30 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX,
31 struct samr_UserInfo21 *info21)
33 uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS;
34 struct samr_LogonHours zero_logon_hours;
35 struct lsa_BinaryString zero_parameters;
36 uint32_t acct_flags = 0;
40 ZERO_STRUCT(zero_logon_hours);
41 ZERO_STRUCT(zero_parameters);
43 if (infoX->usriX_name) {
44 fields_present |= SAMR_FIELD_ACCOUNT_NAME;
46 if (infoX->usriX_password) {
47 fields_present |= SAMR_FIELD_PASSWORD;
49 if (infoX->usriX_flags) {
50 fields_present |= SAMR_FIELD_ACCT_FLAGS;
52 if (infoX->usriX_name) {
53 fields_present |= SAMR_FIELD_FULL_NAME;
55 if (infoX->usriX_home_dir) {
56 fields_present |= SAMR_FIELD_HOME_DIRECTORY;
58 if (infoX->usriX_script_path) {
59 fields_present |= SAMR_FIELD_LOGON_SCRIPT;
61 if (infoX->usriX_comment) {
62 fields_present |= SAMR_FIELD_DESCRIPTION;
64 if (infoX->usriX_password_age) {
65 fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
67 if (infoX->usriX_full_name) {
68 fields_present |= SAMR_FIELD_FULL_NAME;
71 acct_flags |= infoX->usriX_flags | ACB_NORMAL;
73 unix_to_nt_time_abs(&password_age, infoX->usriX_password_age);
75 /* TODO: infoX->usriX_priv */
76 init_samr_user_info21(info21,
84 infoX->usriX_full_name,
85 infoX->usriX_home_dir,
87 infoX->usriX_script_path,
107 /****************************************************************
108 ****************************************************************/
110 static NTSTATUS construct_USER_INFO_X(uint32_t level,
112 struct USER_INFO_X *uX)
114 struct USER_INFO_0 *u0 = NULL;
115 struct USER_INFO_1 *u1 = NULL;
116 struct USER_INFO_2 *u2 = NULL;
117 struct USER_INFO_1003 *u1003 = NULL;
118 struct USER_INFO_1007 *u1007 = NULL;
119 struct USER_INFO_1009 *u1009 = NULL;
120 struct USER_INFO_1011 *u1011 = NULL;
122 if (!buffer || !uX) {
123 return NT_STATUS_INVALID_PARAMETER;
130 u0 = (struct USER_INFO_0 *)buffer;
131 uX->usriX_name = u0->usri0_name;
134 u1 = (struct USER_INFO_1 *)buffer;
135 uX->usriX_name = u1->usri1_name;
136 uX->usriX_password = u1->usri1_password;
137 uX->usriX_password_age = u1->usri1_password_age;
138 uX->usriX_priv = u1->usri1_priv;
139 uX->usriX_home_dir = u1->usri1_home_dir;
140 uX->usriX_comment = u1->usri1_comment;
141 uX->usriX_flags = u1->usri1_flags;
142 uX->usriX_script_path = u1->usri1_script_path;
145 u2 = (struct USER_INFO_2 *)buffer;
146 uX->usriX_name = u2->usri2_name;
147 uX->usriX_password = u2->usri2_password;
148 uX->usriX_password_age = u2->usri2_password_age;
149 uX->usriX_priv = u2->usri2_priv;
150 uX->usriX_home_dir = u2->usri2_home_dir;
151 uX->usriX_comment = u2->usri2_comment;
152 uX->usriX_flags = u2->usri2_flags;
153 uX->usriX_script_path = u2->usri2_script_path;
154 uX->usriX_auth_flags = u2->usri2_auth_flags;
155 uX->usriX_full_name = u2->usri2_full_name;
156 uX->usriX_usr_comment = u2->usri2_usr_comment;
157 uX->usriX_parms = u2->usri2_parms;
158 uX->usriX_workstations = u2->usri2_workstations;
159 uX->usriX_last_logon = u2->usri2_last_logon;
160 uX->usriX_last_logoff = u2->usri2_last_logoff;
161 uX->usriX_acct_expires = u2->usri2_acct_expires;
162 uX->usriX_max_storage = u2->usri2_max_storage;
163 uX->usriX_units_per_week= u2->usri2_units_per_week;
164 uX->usriX_logon_hours = u2->usri2_logon_hours;
165 uX->usriX_bad_pw_count = u2->usri2_bad_pw_count;
166 uX->usriX_num_logons = u2->usri2_num_logons;
167 uX->usriX_logon_server = u2->usri2_logon_server;
168 uX->usriX_country_code = u2->usri2_country_code;
169 uX->usriX_code_page = u2->usri2_code_page;
172 u1003 = (struct USER_INFO_1003 *)buffer;
173 uX->usriX_password = u1003->usri1003_password;
176 u1007 = (struct USER_INFO_1007 *)buffer;
177 uX->usriX_comment = u1007->usri1007_comment;
180 u1009 = (struct USER_INFO_1009 *)buffer;
181 uX->usriX_script_path = u1009->usri1009_script_path;
184 u1011 = (struct USER_INFO_1011 *)buffer;
185 uX->usriX_full_name = u1011->usri1011_full_name;
190 return NT_STATUS_INVALID_INFO_CLASS;
196 /****************************************************************
197 ****************************************************************/
199 static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx,
200 struct rpc_pipe_client *pipe_cli,
201 DATA_BLOB *session_key,
202 struct policy_handle *user_handle,
203 struct USER_INFO_X *uX)
205 union samr_UserInfo user_info;
206 struct samr_UserInfo21 info21;
210 return NT_STATUS_INVALID_PARAMETER;
213 convert_USER_INFO_X_to_samr_user_info21(uX, &info21);
215 ZERO_STRUCT(user_info);
217 if (uX->usriX_password) {
219 user_info.info25.info = info21;
221 init_samr_CryptPasswordEx(uX->usriX_password,
223 &user_info.info25.password);
225 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
230 if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
232 user_info.info23.info = info21;
234 init_samr_CryptPassword(uX->usriX_password,
236 &user_info.info23.password);
238 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
245 user_info.info21 = info21;
247 status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
256 /****************************************************************
257 ****************************************************************/
259 WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
260 struct NetUserAdd *r)
262 struct cli_state *cli = NULL;
263 struct rpc_pipe_client *pipe_cli = NULL;
266 POLICY_HND connect_handle, domain_handle, user_handle;
267 struct lsa_String lsa_account_name;
268 struct dom_sid2 *domain_sid = NULL;
269 union samr_UserInfo *user_info = NULL;
270 struct samr_PwInfo pw_info;
271 uint32_t access_granted = 0;
273 struct USER_INFO_X uX;
275 ZERO_STRUCT(connect_handle);
276 ZERO_STRUCT(domain_handle);
277 ZERO_STRUCT(user_handle);
280 return WERR_INVALID_PARAM;
283 switch (r->in.level) {
290 werr = WERR_NOT_SUPPORTED;
294 werr = libnetapi_open_pipe(ctx, r->in.server_name,
295 &ndr_table_samr.syntax_id,
298 if (!W_ERROR_IS_OK(werr)) {
302 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
303 if (!NT_STATUS_IS_OK(status)) {
304 werr = ntstatus_to_werror(status);
308 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
309 SAMR_ACCESS_ENUM_DOMAINS |
310 SAMR_ACCESS_OPEN_DOMAIN,
311 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
312 SAMR_DOMAIN_ACCESS_CREATE_USER |
313 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
317 if (!W_ERROR_IS_OK(werr)) {
321 init_lsa_String(&lsa_account_name, uX.usriX_name);
323 status = rpccli_samr_CreateUser2(pipe_cli, ctx,
329 SAMR_USER_ACCESS_SET_PASSWORD |
330 SAMR_USER_ACCESS_SET_ATTRIBUTES |
331 SAMR_USER_ACCESS_GET_ATTRIBUTES,
335 if (!NT_STATUS_IS_OK(status)) {
336 werr = ntstatus_to_werror(status);
340 status = rpccli_samr_QueryUserInfo(pipe_cli, ctx,
344 if (!NT_STATUS_IS_OK(status)) {
345 werr = ntstatus_to_werror(status);
349 if (!(user_info->info16.acct_flags & ACB_NORMAL)) {
350 werr = WERR_INVALID_PARAM;
354 status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx,
357 if (!NT_STATUS_IS_OK(status)) {
358 werr = ntstatus_to_werror(status);
362 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
363 &cli->user_session_key,
366 if (!NT_STATUS_IS_OK(status)) {
367 werr = ntstatus_to_werror(status);
375 rpccli_samr_DeleteUser(pipe_cli, ctx,
383 if (is_valid_policy_hnd(&user_handle)) {
384 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
387 if (ctx->disable_policy_handle_cache) {
388 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
389 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
395 /****************************************************************
396 ****************************************************************/
398 WERROR NetUserAdd_l(struct libnetapi_ctx *ctx,
399 struct NetUserAdd *r)
401 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserAdd);
404 /****************************************************************
405 ****************************************************************/
407 WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
408 struct NetUserDel *r)
410 struct cli_state *cli = NULL;
411 struct rpc_pipe_client *pipe_cli = NULL;
414 POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle;
415 struct lsa_String lsa_account_name;
416 struct samr_Ids user_rids, name_types;
417 struct dom_sid2 *domain_sid = NULL;
418 struct dom_sid2 user_sid;
420 ZERO_STRUCT(connect_handle);
421 ZERO_STRUCT(builtin_handle);
422 ZERO_STRUCT(domain_handle);
423 ZERO_STRUCT(user_handle);
425 werr = libnetapi_open_pipe(ctx, r->in.server_name,
426 &ndr_table_samr.syntax_id,
430 if (!W_ERROR_IS_OK(werr)) {
434 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
435 SAMR_ACCESS_ENUM_DOMAINS |
436 SAMR_ACCESS_OPEN_DOMAIN,
437 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
441 if (!W_ERROR_IS_OK(werr)) {
445 status = rpccli_samr_OpenDomain(pipe_cli, ctx,
447 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
448 CONST_DISCARD(DOM_SID *, &global_sid_Builtin),
450 if (!NT_STATUS_IS_OK(status)) {
451 werr = ntstatus_to_werror(status);
455 init_lsa_String(&lsa_account_name, r->in.user_name);
457 status = rpccli_samr_LookupNames(pipe_cli, ctx,
463 if (!NT_STATUS_IS_OK(status)) {
464 werr = ntstatus_to_werror(status);
468 status = rpccli_samr_OpenUser(pipe_cli, ctx,
470 STD_RIGHT_DELETE_ACCESS,
473 if (!NT_STATUS_IS_OK(status)) {
474 werr = ntstatus_to_werror(status);
478 sid_compose(&user_sid, domain_sid, user_rids.ids[0]);
480 status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx,
483 if (!NT_STATUS_IS_OK(status)) {
484 werr = ntstatus_to_werror(status);
488 status = rpccli_samr_DeleteUser(pipe_cli, ctx,
490 if (!NT_STATUS_IS_OK(status)) {
491 werr = ntstatus_to_werror(status);
502 if (is_valid_policy_hnd(&user_handle)) {
503 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
506 if (ctx->disable_policy_handle_cache) {
507 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
508 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
509 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
515 /****************************************************************
516 ****************************************************************/
518 WERROR NetUserDel_l(struct libnetapi_ctx *ctx,
519 struct NetUserDel *r)
521 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserDel);
524 /****************************************************************
525 ****************************************************************/
527 static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
528 struct rpc_pipe_client *pipe_cli,
529 struct policy_handle *domain_handle,
530 struct policy_handle *builtin_handle,
531 const char *user_name,
534 struct samr_UserInfo21 **info21,
535 struct sec_desc_buf **sec_desc)
539 struct policy_handle user_handle;
540 union samr_UserInfo *user_info = NULL;
541 struct samr_RidWithAttributeArray *rid_array = NULL;
542 uint32_t access_mask = SEC_STD_READ_CONTROL |
543 SAMR_USER_ACCESS_GET_ATTRIBUTES |
544 SAMR_USER_ACCESS_GET_NAME_ETC;
546 ZERO_STRUCT(user_handle);
559 return NT_STATUS_INVALID_LEVEL;
566 status = rpccli_samr_OpenUser(pipe_cli, mem_ctx,
571 if (!NT_STATUS_IS_OK(status)) {
575 status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx,
579 if (!NT_STATUS_IS_OK(status)) {
583 status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx,
587 if (!NT_STATUS_IS_OK(status)) {
592 status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx,
595 if (!NT_STATUS_IS_OK(status)) {
600 status = rpccli_samr_GetAliasMembership(pipe_cli, ctx,
604 if (!NT_STATUS_IS_OK(status)) {
610 *info21 = &user_info->info21;
613 if (is_valid_policy_hnd(&user_handle)) {
614 rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle);
620 /****************************************************************
621 ****************************************************************/
623 static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx,
624 struct rpc_pipe_client *pipe_cli,
625 struct dom_sid *domain_sid,
626 struct policy_handle *domain_handle,
627 struct policy_handle *builtin_handle,
628 const char *user_name,
632 uint32_t *num_entries)
636 struct samr_UserInfo21 *info21 = NULL;
637 struct sec_desc_buf *sec_desc = NULL;
640 struct USER_INFO_0 info0;
641 struct USER_INFO_10 info10;
642 struct USER_INFO_20 info20;
643 struct USER_INFO_23 info23;
656 return NT_STATUS_INVALID_LEVEL;
660 info0.usri0_name = talloc_strdup(mem_ctx, user_name);
661 NT_STATUS_HAVE_NO_MEMORY(info0.usri0_name);
663 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, info0,
664 (struct USER_INFO_0 **)buffer, num_entries);
669 status = libnetapi_samr_lookup_user(mem_ctx, pipe_cli,
678 if (!NT_STATUS_IS_OK(status)) {
684 info10.usri10_name = talloc_strdup(mem_ctx, user_name);
685 NT_STATUS_HAVE_NO_MEMORY(info10.usri10_name);
687 info10.usri10_comment = talloc_strdup(mem_ctx,
688 info21->description.string);
690 info10.usri10_full_name = talloc_strdup(mem_ctx,
691 info21->full_name.string);
693 info10.usri10_usr_comment = talloc_strdup(mem_ctx,
694 info21->comment.string);
696 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10,
697 (struct USER_INFO_10 **)buffer, num_entries);
702 info20.usri20_name = talloc_strdup(mem_ctx, user_name);
703 NT_STATUS_HAVE_NO_MEMORY(info20.usri20_name);
705 info20.usri20_comment = talloc_strdup(mem_ctx,
706 info21->description.string);
708 info20.usri20_full_name = talloc_strdup(mem_ctx,
709 info21->full_name.string);
711 info20.usri20_flags = info21->acct_flags;
712 info20.usri20_user_id = rid;
714 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20,
715 (struct USER_INFO_20 **)buffer, num_entries);
719 info23.usri23_name = talloc_strdup(mem_ctx, user_name);
720 NT_STATUS_HAVE_NO_MEMORY(info23.usri23_name);
722 info23.usri23_comment = talloc_strdup(mem_ctx,
723 info21->description.string);
725 info23.usri23_full_name = talloc_strdup(mem_ctx,
726 info21->full_name.string);
728 info23.usri23_flags = info21->acct_flags;
730 if (!sid_compose(&sid, domain_sid, rid)) {
731 return NT_STATUS_NO_MEMORY;
734 info23.usri23_user_sid =
735 (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
737 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23,
738 (struct USER_INFO_23 **)buffer, num_entries);
746 /****************************************************************
747 ****************************************************************/
749 WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
750 struct NetUserEnum *r)
752 struct cli_state *cli = NULL;
753 struct rpc_pipe_client *pipe_cli = NULL;
754 struct policy_handle connect_handle;
755 struct dom_sid2 *domain_sid = NULL;
756 struct policy_handle domain_handle;
757 struct samr_SamArray *sam = NULL;
758 uint32_t filter = ACB_NORMAL;
760 uint32_t entries_read = 0;
762 NTSTATUS status = NT_STATUS_OK;
765 ZERO_STRUCT(connect_handle);
766 ZERO_STRUCT(domain_handle);
768 if (!r->out.buffer) {
769 return WERR_INVALID_PARAM;
772 *r->out.buffer = NULL;
773 *r->out.entries_read = 0;
775 switch (r->in.level) {
786 return WERR_NOT_SUPPORTED;
789 werr = libnetapi_open_pipe(ctx, r->in.server_name,
790 &ndr_table_samr.syntax_id,
793 if (!W_ERROR_IS_OK(werr)) {
797 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
798 SAMR_ACCESS_ENUM_DOMAINS |
799 SAMR_ACCESS_OPEN_DOMAIN,
800 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
801 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
802 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
806 if (!W_ERROR_IS_OK(werr)) {
810 switch (r->in.filter) {
811 case FILTER_NORMAL_ACCOUNT:
814 case FILTER_TEMP_DUPLICATE_ACCOUNT:
815 filter = ACB_TEMPDUP;
817 case FILTER_INTERDOMAIN_TRUST_ACCOUNT:
818 filter = ACB_DOMTRUST;
820 case FILTER_WORKSTATION_TRUST_ACCOUNT:
821 filter = ACB_WSTRUST;
823 case FILTER_SERVER_TRUST_ACCOUNT:
824 filter = ACB_SVRTRUST;
830 status = rpccli_samr_EnumDomainUsers(pipe_cli,
838 werr = ntstatus_to_werror(status);
839 if (NT_STATUS_IS_ERR(status)) {
843 for (i=0; i < sam->count; i++) {
845 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
848 NULL, /*&builtin_handle, */
849 sam->entries[i].name.string,
853 r->out.entries_read);
854 if (!NT_STATUS_IS_OK(status)) {
855 werr = ntstatus_to_werror(status);
866 if (NT_STATUS_IS_OK(status) ||
867 NT_STATUS_IS_ERR(status)) {
869 if (ctx->disable_policy_handle_cache) {
870 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
871 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
878 /****************************************************************
879 ****************************************************************/
881 WERROR NetUserEnum_l(struct libnetapi_ctx *ctx,
882 struct NetUserEnum *r)
884 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserEnum);
887 /****************************************************************
888 ****************************************************************/
890 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx,
891 struct samr_DispInfoGeneral *info,
892 uint32_t *entries_read,
895 struct NET_DISPLAY_USER *user = NULL;
898 user = TALLOC_ZERO_ARRAY(mem_ctx,
899 struct NET_DISPLAY_USER,
901 W_ERROR_HAVE_NO_MEMORY(user);
903 for (i = 0; i < info->count; i++) {
904 user[i].usri1_name = talloc_strdup(mem_ctx,
905 info->entries[i].account_name.string);
906 user[i].usri1_comment = talloc_strdup(mem_ctx,
907 info->entries[i].description.string);
908 user[i].usri1_flags =
909 info->entries[i].acct_flags;
910 user[i].usri1_full_name = talloc_strdup(mem_ctx,
911 info->entries[i].full_name.string);
912 user[i].usri1_user_id =
913 info->entries[i].rid;
914 user[i].usri1_next_index =
915 info->entries[i].idx;
917 if (!user[i].usri1_name) {
922 *buffer = talloc_memdup(mem_ctx, user,
923 sizeof(struct NET_DISPLAY_USER) * info->count);
924 W_ERROR_HAVE_NO_MEMORY(*buffer);
926 *entries_read = info->count;
931 /****************************************************************
932 ****************************************************************/
934 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx,
935 struct samr_DispInfoFull *info,
936 uint32_t *entries_read,
939 struct NET_DISPLAY_MACHINE *machine = NULL;
942 machine = TALLOC_ZERO_ARRAY(mem_ctx,
943 struct NET_DISPLAY_MACHINE,
945 W_ERROR_HAVE_NO_MEMORY(machine);
947 for (i = 0; i < info->count; i++) {
948 machine[i].usri2_name = talloc_strdup(mem_ctx,
949 info->entries[i].account_name.string);
950 machine[i].usri2_comment = talloc_strdup(mem_ctx,
951 info->entries[i].description.string);
952 machine[i].usri2_flags =
953 info->entries[i].acct_flags;
954 machine[i].usri2_user_id =
955 info->entries[i].rid;
956 machine[i].usri2_next_index =
957 info->entries[i].idx;
959 if (!machine[i].usri2_name) {
964 *buffer = talloc_memdup(mem_ctx, machine,
965 sizeof(struct NET_DISPLAY_MACHINE) * info->count);
966 W_ERROR_HAVE_NO_MEMORY(*buffer);
968 *entries_read = info->count;
973 /****************************************************************
974 ****************************************************************/
976 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx,
977 struct samr_DispInfoFullGroups *info,
978 uint32_t *entries_read,
981 struct NET_DISPLAY_GROUP *group = NULL;
984 group = TALLOC_ZERO_ARRAY(mem_ctx,
985 struct NET_DISPLAY_GROUP,
987 W_ERROR_HAVE_NO_MEMORY(group);
989 for (i = 0; i < info->count; i++) {
990 group[i].grpi3_name = talloc_strdup(mem_ctx,
991 info->entries[i].account_name.string);
992 group[i].grpi3_comment = talloc_strdup(mem_ctx,
993 info->entries[i].description.string);
994 group[i].grpi3_group_id =
995 info->entries[i].rid;
996 group[i].grpi3_attributes =
997 info->entries[i].acct_flags;
998 group[i].grpi3_next_index =
999 info->entries[i].idx;
1001 if (!group[i].grpi3_name) {
1006 *buffer = talloc_memdup(mem_ctx, group,
1007 sizeof(struct NET_DISPLAY_GROUP) * info->count);
1008 W_ERROR_HAVE_NO_MEMORY(*buffer);
1010 *entries_read = info->count;
1016 /****************************************************************
1017 ****************************************************************/
1019 static WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx,
1020 union samr_DispInfo *info,
1022 uint32_t *entries_read,
1027 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx,
1032 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx,
1037 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx,
1042 return WERR_UNKNOWN_LEVEL;
1048 /****************************************************************
1049 ****************************************************************/
1051 WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
1052 struct NetQueryDisplayInformation *r)
1054 struct cli_state *cli = NULL;
1055 struct rpc_pipe_client *pipe_cli = NULL;
1056 struct policy_handle connect_handle;
1057 struct dom_sid2 *domain_sid = NULL;
1058 struct policy_handle domain_handle;
1059 union samr_DispInfo info;
1061 uint32_t total_size = 0;
1062 uint32_t returned_size = 0;
1064 NTSTATUS status = NT_STATUS_OK;
1067 ZERO_STRUCT(connect_handle);
1068 ZERO_STRUCT(domain_handle);
1070 switch (r->in.level) {
1076 return WERR_UNKNOWN_LEVEL;
1079 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1080 &ndr_table_samr.syntax_id,
1083 if (!W_ERROR_IS_OK(werr)) {
1087 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1088 SAMR_ACCESS_ENUM_DOMAINS |
1089 SAMR_ACCESS_OPEN_DOMAIN,
1090 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1091 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1092 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1096 if (!W_ERROR_IS_OK(werr)) {
1100 status = rpccli_samr_QueryDisplayInfo2(pipe_cli,
1105 r->in.entries_requested,
1110 if (!NT_STATUS_IS_OK(status)) {
1111 werr = ntstatus_to_werror(status);
1115 werr = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
1117 r->out.entries_read,
1125 if (NT_STATUS_IS_OK(status) ||
1126 NT_STATUS_IS_ERR(status)) {
1128 if (ctx->disable_policy_handle_cache) {
1129 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1130 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1138 /****************************************************************
1139 ****************************************************************/
1142 WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx,
1143 struct NetQueryDisplayInformation *r)
1145 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetQueryDisplayInformation);
1148 /****************************************************************
1149 ****************************************************************/
1151 WERROR NetUserChangePassword_r(struct libnetapi_ctx *ctx,
1152 struct NetUserChangePassword *r)
1154 return WERR_NOT_SUPPORTED;
1157 /****************************************************************
1158 ****************************************************************/
1160 WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx,
1161 struct NetUserChangePassword *r)
1163 return WERR_NOT_SUPPORTED;
1166 /****************************************************************
1167 ****************************************************************/
1169 WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
1170 struct NetUserGetInfo *r)
1172 struct cli_state *cli = NULL;
1173 struct rpc_pipe_client *pipe_cli = NULL;
1177 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1178 struct lsa_String lsa_account_name;
1179 struct dom_sid2 *domain_sid = NULL;
1180 struct samr_Ids user_rids, name_types;
1181 uint32_t num_entries = 0;
1183 ZERO_STRUCT(connect_handle);
1184 ZERO_STRUCT(domain_handle);
1185 ZERO_STRUCT(builtin_handle);
1186 ZERO_STRUCT(user_handle);
1188 if (!r->out.buffer) {
1189 return WERR_INVALID_PARAM;
1192 switch (r->in.level) {
1200 werr = WERR_NOT_SUPPORTED;
1204 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1205 &ndr_table_samr.syntax_id,
1208 if (!W_ERROR_IS_OK(werr)) {
1212 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1213 SAMR_ACCESS_ENUM_DOMAINS |
1214 SAMR_ACCESS_OPEN_DOMAIN,
1215 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1219 if (!W_ERROR_IS_OK(werr)) {
1223 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1224 SAMR_ACCESS_ENUM_DOMAINS |
1225 SAMR_ACCESS_OPEN_DOMAIN,
1226 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1227 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1230 if (!W_ERROR_IS_OK(werr)) {
1234 init_lsa_String(&lsa_account_name, r->in.user_name);
1236 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1242 if (!NT_STATUS_IS_OK(status)) {
1243 werr = ntstatus_to_werror(status);
1247 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1256 if (!NT_STATUS_IS_OK(status)) {
1257 werr = ntstatus_to_werror(status);
1266 if (is_valid_policy_hnd(&user_handle)) {
1267 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1270 if (ctx->disable_policy_handle_cache) {
1271 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1272 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1278 /****************************************************************
1279 ****************************************************************/
1281 WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx,
1282 struct NetUserGetInfo *r)
1284 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetInfo);
1287 /****************************************************************
1288 ****************************************************************/
1290 WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
1291 struct NetUserSetInfo *r)
1293 struct cli_state *cli = NULL;
1294 struct rpc_pipe_client *pipe_cli = NULL;
1298 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1299 struct lsa_String lsa_account_name;
1300 struct dom_sid2 *domain_sid = NULL;
1301 struct samr_Ids user_rids, name_types;
1302 uint32_t user_mask = 0;
1304 struct USER_INFO_X uX;
1306 ZERO_STRUCT(connect_handle);
1307 ZERO_STRUCT(domain_handle);
1308 ZERO_STRUCT(builtin_handle);
1309 ZERO_STRUCT(user_handle);
1311 if (!r->in.buffer) {
1312 return WERR_INVALID_PARAM;
1315 switch (r->in.level) {
1318 user_mask = SAMR_USER_ACCESS_SET_PASSWORD;
1323 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES;
1326 werr = WERR_NOT_SUPPORTED;
1330 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1331 &ndr_table_samr.syntax_id,
1334 if (!W_ERROR_IS_OK(werr)) {
1338 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1339 SAMR_ACCESS_ENUM_DOMAINS |
1340 SAMR_ACCESS_OPEN_DOMAIN,
1341 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1342 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1346 if (!W_ERROR_IS_OK(werr)) {
1350 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1351 SAMR_ACCESS_ENUM_DOMAINS |
1352 SAMR_ACCESS_OPEN_DOMAIN,
1353 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1354 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1357 if (!W_ERROR_IS_OK(werr)) {
1361 init_lsa_String(&lsa_account_name, r->in.user_name);
1363 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1369 if (!NT_STATUS_IS_OK(status)) {
1370 werr = ntstatus_to_werror(status);
1374 status = rpccli_samr_OpenUser(pipe_cli, ctx,
1379 if (!NT_STATUS_IS_OK(status)) {
1380 werr = ntstatus_to_werror(status);
1384 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
1385 if (!NT_STATUS_IS_OK(status)) {
1386 werr = ntstatus_to_werror(status);
1390 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
1391 &cli->user_session_key,
1394 if (!NT_STATUS_IS_OK(status)) {
1395 werr = ntstatus_to_werror(status);
1406 if (is_valid_policy_hnd(&user_handle)) {
1407 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1410 if (ctx->disable_policy_handle_cache) {
1411 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1412 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1413 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1419 /****************************************************************
1420 ****************************************************************/
1422 WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx,
1423 struct NetUserSetInfo *r)
1425 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetInfo);
1428 /****************************************************************
1429 ****************************************************************/
1431 static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1432 struct rpc_pipe_client *pipe_cli,
1433 struct policy_handle *domain_handle,
1434 struct samr_DomInfo1 *info1,
1435 struct samr_DomInfo3 *info3,
1436 struct samr_DomInfo5 *info5,
1437 struct samr_DomInfo6 *info6,
1438 struct samr_DomInfo7 *info7,
1439 struct samr_DomInfo12 *info12)
1442 union samr_DomainInfo *dom_info = NULL;
1445 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1449 NT_STATUS_NOT_OK_RETURN(status);
1451 *info1 = dom_info->info1;
1455 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1459 NT_STATUS_NOT_OK_RETURN(status);
1461 *info3 = dom_info->info3;
1465 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1469 NT_STATUS_NOT_OK_RETURN(status);
1471 *info5 = dom_info->info5;
1475 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1479 NT_STATUS_NOT_OK_RETURN(status);
1481 *info6 = dom_info->info6;
1485 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1489 NT_STATUS_NOT_OK_RETURN(status);
1491 *info7 = dom_info->info7;
1495 status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx,
1499 NT_STATUS_NOT_OK_RETURN(status);
1501 *info12 = dom_info->info12;
1504 return NT_STATUS_OK;
1507 /****************************************************************
1508 ****************************************************************/
1510 static NTSTATUS query_USER_MODALS_INFO_0(TALLOC_CTX *mem_ctx,
1511 struct rpc_pipe_client *pipe_cli,
1512 struct policy_handle *domain_handle,
1513 struct USER_MODALS_INFO_0 *info0)
1516 struct samr_DomInfo1 dom_info1;
1517 struct samr_DomInfo3 dom_info3;
1519 ZERO_STRUCTP(info0);
1521 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1530 NT_STATUS_NOT_OK_RETURN(status);
1532 info0->usrmod0_min_passwd_len =
1533 dom_info1.min_password_length;
1534 info0->usrmod0_max_passwd_age =
1535 nt_time_to_unix_abs((NTTIME *)&dom_info1.max_password_age);
1536 info0->usrmod0_min_passwd_age =
1537 nt_time_to_unix_abs((NTTIME *)&dom_info1.min_password_age);
1538 info0->usrmod0_password_hist_len =
1539 dom_info1.password_history_length;
1541 info0->usrmod0_force_logoff =
1542 nt_time_to_unix_abs(&dom_info3.force_logoff_time);
1544 return NT_STATUS_OK;
1547 /****************************************************************
1548 ****************************************************************/
1550 static NTSTATUS query_USER_MODALS_INFO_1(TALLOC_CTX *mem_ctx,
1551 struct rpc_pipe_client *pipe_cli,
1552 struct policy_handle *domain_handle,
1553 struct USER_MODALS_INFO_1 *info1)
1556 struct samr_DomInfo6 dom_info6;
1557 struct samr_DomInfo7 dom_info7;
1559 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1568 NT_STATUS_NOT_OK_RETURN(status);
1570 info1->usrmod1_primary =
1571 talloc_strdup(mem_ctx, dom_info6.primary.string);
1573 info1->usrmod1_role = dom_info7.role;
1575 return NT_STATUS_OK;
1578 /****************************************************************
1579 ****************************************************************/
1581 static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
1582 struct rpc_pipe_client *pipe_cli,
1583 struct policy_handle *domain_handle,
1584 struct dom_sid *domain_sid,
1585 struct USER_MODALS_INFO_2 *info2)
1588 struct samr_DomInfo5 dom_info5;
1590 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1599 NT_STATUS_NOT_OK_RETURN(status);
1601 info2->usrmod2_domain_name =
1602 talloc_strdup(mem_ctx, dom_info5.domain_name.string);
1603 info2->usrmod2_domain_id =
1604 (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
1606 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
1607 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
1609 return NT_STATUS_OK;
1612 /****************************************************************
1613 ****************************************************************/
1615 static NTSTATUS query_USER_MODALS_INFO_3(TALLOC_CTX *mem_ctx,
1616 struct rpc_pipe_client *pipe_cli,
1617 struct policy_handle *domain_handle,
1618 struct USER_MODALS_INFO_3 *info3)
1621 struct samr_DomInfo12 dom_info12;
1623 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1632 NT_STATUS_NOT_OK_RETURN(status);
1634 info3->usrmod3_lockout_duration =
1635 nt_time_to_unix_abs(&dom_info12.lockout_duration);
1636 info3->usrmod3_lockout_observation_window =
1637 nt_time_to_unix_abs(&dom_info12.lockout_window);
1638 info3->usrmod3_lockout_threshold =
1639 dom_info12.lockout_threshold;
1641 return NT_STATUS_OK;
1644 /****************************************************************
1645 ****************************************************************/
1647 static NTSTATUS query_USER_MODALS_INFO_to_buffer(TALLOC_CTX *mem_ctx,
1648 struct rpc_pipe_client *pipe_cli,
1650 struct policy_handle *domain_handle,
1651 struct dom_sid *domain_sid,
1656 struct USER_MODALS_INFO_0 info0;
1657 struct USER_MODALS_INFO_1 info1;
1658 struct USER_MODALS_INFO_2 info2;
1659 struct USER_MODALS_INFO_3 info3;
1662 return ERROR_INSUFFICIENT_BUFFER;
1667 status = query_USER_MODALS_INFO_0(mem_ctx,
1671 NT_STATUS_NOT_OK_RETURN(status);
1673 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0,
1678 status = query_USER_MODALS_INFO_1(mem_ctx,
1682 NT_STATUS_NOT_OK_RETURN(status);
1684 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1,
1688 status = query_USER_MODALS_INFO_2(mem_ctx,
1693 NT_STATUS_NOT_OK_RETURN(status);
1695 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2,
1699 status = query_USER_MODALS_INFO_3(mem_ctx,
1703 NT_STATUS_NOT_OK_RETURN(status);
1705 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3,
1712 NT_STATUS_HAVE_NO_MEMORY(*buffer);
1714 return NT_STATUS_OK;
1717 /****************************************************************
1718 ****************************************************************/
1720 WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx,
1721 struct NetUserModalsGet *r)
1723 struct cli_state *cli = NULL;
1724 struct rpc_pipe_client *pipe_cli = NULL;
1728 struct policy_handle connect_handle, domain_handle;
1729 struct dom_sid2 *domain_sid = NULL;
1730 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
1732 ZERO_STRUCT(connect_handle);
1733 ZERO_STRUCT(domain_handle);
1735 if (!r->out.buffer) {
1736 return WERR_INVALID_PARAM;
1739 switch (r->in.level) {
1741 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1742 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
1746 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
1749 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1;
1752 werr = WERR_UNKNOWN_LEVEL;
1756 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1757 &ndr_table_samr.syntax_id,
1760 if (!W_ERROR_IS_OK(werr)) {
1764 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1765 SAMR_ACCESS_ENUM_DOMAINS |
1766 SAMR_ACCESS_OPEN_DOMAIN,
1771 if (!W_ERROR_IS_OK(werr)) {
1778 /* 3: 12 (DomainInfo2) */
1780 status = query_USER_MODALS_INFO_to_buffer(ctx,
1786 if (!NT_STATUS_IS_OK(status)) {
1787 werr = ntstatus_to_werror(status);
1796 if (ctx->disable_policy_handle_cache) {
1797 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1798 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1804 /****************************************************************
1805 ****************************************************************/
1807 WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx,
1808 struct NetUserModalsGet *r)
1810 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsGet);
1813 /****************************************************************
1814 ****************************************************************/
1816 static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1817 struct rpc_pipe_client *pipe_cli,
1818 struct policy_handle *domain_handle,
1819 struct samr_DomInfo1 *info1,
1820 struct samr_DomInfo3 *info3,
1821 struct samr_DomInfo12 *info12)
1824 union samr_DomainInfo dom_info;
1828 ZERO_STRUCT(dom_info);
1830 dom_info.info1 = *info1;
1832 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1836 NT_STATUS_NOT_OK_RETURN(status);
1841 ZERO_STRUCT(dom_info);
1843 dom_info.info3 = *info3;
1845 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1850 NT_STATUS_NOT_OK_RETURN(status);
1855 ZERO_STRUCT(dom_info);
1857 dom_info.info12 = *info12;
1859 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
1864 NT_STATUS_NOT_OK_RETURN(status);
1867 return NT_STATUS_OK;
1870 /****************************************************************
1871 ****************************************************************/
1873 static NTSTATUS set_USER_MODALS_INFO_0_buffer(TALLOC_CTX *mem_ctx,
1874 struct rpc_pipe_client *pipe_cli,
1875 struct policy_handle *domain_handle,
1876 struct USER_MODALS_INFO_0 *info0)
1879 struct samr_DomInfo1 dom_info_1;
1880 struct samr_DomInfo3 dom_info_3;
1882 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1891 NT_STATUS_NOT_OK_RETURN(status);
1893 dom_info_1.min_password_length =
1894 info0->usrmod0_min_passwd_len;
1895 dom_info_1.password_history_length =
1896 info0->usrmod0_password_hist_len;
1898 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
1899 info0->usrmod0_max_passwd_age);
1900 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
1901 info0->usrmod0_min_passwd_age);
1903 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
1904 info0->usrmod0_force_logoff);
1906 return set_USER_MODALS_INFO_rpc(mem_ctx,
1914 /****************************************************************
1915 ****************************************************************/
1917 static NTSTATUS set_USER_MODALS_INFO_3_buffer(TALLOC_CTX *mem_ctx,
1918 struct rpc_pipe_client *pipe_cli,
1919 struct policy_handle *domain_handle,
1920 struct USER_MODALS_INFO_3 *info3)
1923 struct samr_DomInfo12 dom_info_12;
1925 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1934 NT_STATUS_NOT_OK_RETURN(status);
1936 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_duration,
1937 info3->usrmod3_lockout_duration);
1938 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_window,
1939 info3->usrmod3_lockout_observation_window);
1940 dom_info_12.lockout_threshold = info3->usrmod3_lockout_threshold;
1942 return set_USER_MODALS_INFO_rpc(mem_ctx,
1950 /****************************************************************
1951 ****************************************************************/
1953 static NTSTATUS set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX *mem_ctx,
1954 struct rpc_pipe_client *pipe_cli,
1955 struct policy_handle *domain_handle,
1956 struct USER_MODALS_INFO_1001 *info1001)
1959 struct samr_DomInfo1 dom_info_1;
1961 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1970 NT_STATUS_NOT_OK_RETURN(status);
1972 dom_info_1.min_password_length =
1973 info1001->usrmod1001_min_passwd_len;
1975 return set_USER_MODALS_INFO_rpc(mem_ctx,
1983 /****************************************************************
1984 ****************************************************************/
1986 static NTSTATUS set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX *mem_ctx,
1987 struct rpc_pipe_client *pipe_cli,
1988 struct policy_handle *domain_handle,
1989 struct USER_MODALS_INFO_1002 *info1002)
1992 struct samr_DomInfo1 dom_info_1;
1994 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2003 NT_STATUS_NOT_OK_RETURN(status);
2005 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2006 info1002->usrmod1002_max_passwd_age);
2008 return set_USER_MODALS_INFO_rpc(mem_ctx,
2016 /****************************************************************
2017 ****************************************************************/
2019 static NTSTATUS set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX *mem_ctx,
2020 struct rpc_pipe_client *pipe_cli,
2021 struct policy_handle *domain_handle,
2022 struct USER_MODALS_INFO_1003 *info1003)
2025 struct samr_DomInfo1 dom_info_1;
2027 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2036 NT_STATUS_NOT_OK_RETURN(status);
2038 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2039 info1003->usrmod1003_min_passwd_age);
2041 return set_USER_MODALS_INFO_rpc(mem_ctx,
2049 /****************************************************************
2050 ****************************************************************/
2052 static NTSTATUS set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX *mem_ctx,
2053 struct rpc_pipe_client *pipe_cli,
2054 struct policy_handle *domain_handle,
2055 struct USER_MODALS_INFO_1004 *info1004)
2058 struct samr_DomInfo3 dom_info_3;
2060 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2069 NT_STATUS_NOT_OK_RETURN(status);
2071 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2072 info1004->usrmod1004_force_logoff);
2074 return set_USER_MODALS_INFO_rpc(mem_ctx,
2082 /****************************************************************
2083 ****************************************************************/
2085 static NTSTATUS set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX *mem_ctx,
2086 struct rpc_pipe_client *pipe_cli,
2087 struct policy_handle *domain_handle,
2088 struct USER_MODALS_INFO_1005 *info1005)
2091 struct samr_DomInfo1 dom_info_1;
2093 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2102 NT_STATUS_NOT_OK_RETURN(status);
2104 dom_info_1.password_history_length =
2105 info1005->usrmod1005_password_hist_len;
2107 return set_USER_MODALS_INFO_rpc(mem_ctx,
2115 /****************************************************************
2116 ****************************************************************/
2118 static NTSTATUS set_USER_MODALS_INFO_buffer(TALLOC_CTX *mem_ctx,
2119 struct rpc_pipe_client *pipe_cli,
2121 struct policy_handle *domain_handle,
2122 struct dom_sid *domain_sid,
2125 struct USER_MODALS_INFO_0 *info0;
2126 struct USER_MODALS_INFO_3 *info3;
2127 struct USER_MODALS_INFO_1001 *info1001;
2128 struct USER_MODALS_INFO_1002 *info1002;
2129 struct USER_MODALS_INFO_1003 *info1003;
2130 struct USER_MODALS_INFO_1004 *info1004;
2131 struct USER_MODALS_INFO_1005 *info1005;
2134 return ERROR_INSUFFICIENT_BUFFER;
2139 info0 = (struct USER_MODALS_INFO_0 *)buffer;
2140 return set_USER_MODALS_INFO_0_buffer(mem_ctx,
2145 info3 = (struct USER_MODALS_INFO_3 *)buffer;
2146 return set_USER_MODALS_INFO_3_buffer(mem_ctx,
2151 info1001 = (struct USER_MODALS_INFO_1001 *)buffer;
2152 return set_USER_MODALS_INFO_1001_buffer(mem_ctx,
2157 info1002 = (struct USER_MODALS_INFO_1002 *)buffer;
2158 return set_USER_MODALS_INFO_1002_buffer(mem_ctx,
2163 info1003 = (struct USER_MODALS_INFO_1003 *)buffer;
2164 return set_USER_MODALS_INFO_1003_buffer(mem_ctx,
2169 info1004 = (struct USER_MODALS_INFO_1004 *)buffer;
2170 return set_USER_MODALS_INFO_1004_buffer(mem_ctx,
2175 info1005 = (struct USER_MODALS_INFO_1005 *)buffer;
2176 return set_USER_MODALS_INFO_1005_buffer(mem_ctx,
2185 return NT_STATUS_OK;
2188 /****************************************************************
2189 ****************************************************************/
2191 WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx,
2192 struct NetUserModalsSet *r)
2194 struct cli_state *cli = NULL;
2195 struct rpc_pipe_client *pipe_cli = NULL;
2199 struct policy_handle connect_handle, domain_handle;
2200 struct dom_sid2 *domain_sid = NULL;
2201 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2203 ZERO_STRUCT(connect_handle);
2204 ZERO_STRUCT(domain_handle);
2206 if (!r->in.buffer) {
2207 return WERR_INVALID_PARAM;
2210 switch (r->in.level) {
2212 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2213 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2214 SAMR_DOMAIN_ACCESS_SET_INFO_1 |
2215 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2222 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2223 SAMR_DOMAIN_ACCESS_SET_INFO_1;
2226 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2227 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2233 werr = WERR_NOT_SUPPORTED;
2236 werr = WERR_UNKNOWN_LEVEL;
2240 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2241 &ndr_table_samr.syntax_id,
2244 if (!W_ERROR_IS_OK(werr)) {
2248 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2249 SAMR_ACCESS_ENUM_DOMAINS |
2250 SAMR_ACCESS_OPEN_DOMAIN,
2255 if (!W_ERROR_IS_OK(werr)) {
2259 status = set_USER_MODALS_INFO_buffer(ctx,
2265 if (!NT_STATUS_IS_OK(status)) {
2266 werr = ntstatus_to_werror(status);
2275 if (ctx->disable_policy_handle_cache) {
2276 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2277 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2283 /****************************************************************
2284 ****************************************************************/
2286 WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx,
2287 struct NetUserModalsSet *r)
2289 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet);