extern BOOL sam_logon_in_ssb;
extern pstring samlogon_user;
+extern DOM_SID global_machine_sid;
+
extern rid_name domain_group_rids[];
extern rid_name domain_alias_rids[];
dynamically returns the correct user info..... JRA.
********************************************************************/
-static BOOL get_smbpwd_entries(SAM_USER_INFO_21 *pw_buf,
+static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf,
int *total_entries, int *num_entries,
int max_num_entries,
uint16 acb_mask)
vp = startsmbpwent(False);
if (!vp)
{
- DEBUG(0, ("get_smbpwd_entries: Unable to open SMB password file.\n"));
+ DEBUG(0, ("get_sampwd_entries: Unable to open SMB password database.\n"));
return False;
}
SAMR_R_CLOSE_HND r_u;
/* set up the SAMR unknown_1 response */
- bzero(&(r_u.pol.data), POL_HND_SIZE);
+ bzero(r_u.pol.data, POL_HND_SIZE);
/* close the policy handle */
if (close_lsa_policy_hnd(&(q_u->pol)))
{
SAMR_R_UNKNOWN_3 r_u;
DOM_SID3 sid[MAX_SAM_SIDS];
- fstring user_sid;
- fstring user_rid;
int pol_idx;
uint32 rid;
uint32 status;
if (status == 0x0)
{
- strcpy(user_sid, lp_domain_sid());
- sprintf(user_rid, "-%x", rid);
- strcat(user_sid, user_rid);
+ DOM_SID user_sid;
+ DOM_SID other_sid;
+
+ user_sid = global_machine_sid;
+ /*
+ * Add the user RID.
+ */
+ user_sid.sub_auths[user_sid.num_auths++] = rid;
+
+ string_to_sid(&other_sid, "S-1-1");
/* maybe need another 1 or 2 (S-1-5-20-0x220 and S-1-5-20-0x224) */
/* these two are DOMAIN_ADMIN and DOMAIN_ACCT_OP group RIDs */
- make_dom_sid3(&(sid[0]), 0x035b, 0x0002, "S-1-1");
- make_dom_sid3(&(sid[1]), 0x0044, 0x0002, user_sid);
+ make_dom_sid3(&(sid[0]), 0x035b, 0x0002, &other_sid);
+ make_dom_sid3(&(sid[1]), 0x0044, 0x0002, &user_sid);
}
make_samr_r_unknown_3(&r_u,
DEBUG(5,("samr_reply_enum_dom_users: %d\n", __LINE__));
become_root(True);
- got_pwds = get_smbpwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
+ got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask);
unbecome_root(True);
make_samr_r_enum_dom_users(&r_e, total_entries,
DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
-#ifndef USE_LDAP
become_root(True);
-
- got_pwds = get_smbpwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
-
+ got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0);
unbecome_root(True);
-#endif
switch (q_u->switch_level)
{
/* query disp info is for users */
switch_level = 0x1;
-#ifdef USE_LDAP
- got_pwds = get_ldap_entries(pass,
- &total_entries,
- &num_entries,
- MAX_SAM_ENTRIES,
- 0,
- switch_level);
-#endif
make_sam_info_1(&info1, ACB_NORMAL,
q_u->start_idx, num_entries, pass);
{
/* query disp info is for servers */
switch_level = 0x2;
-#ifdef USE_LDAP
- got_pwds = get_ldap_entries(pass,
- &total_entries,
- &num_entries,
- MAX_SAM_ENTRIES,
- 0,
- switch_level);
-#endif
make_sam_info_2(&info2, ACB_WSTRUST,
q_u->start_idx, num_entries, pass);
/* find the user account */
become_root(True);
- smb_pass = get_smbpwd_entry(user_name, 0);
+ smb_pass = get_sampwd_entry(user_name, 0);
unbecome_root(True);
if (smb_pass == NULL)
BOOL pol_open = False;
/* set up the SAMR open_user response */
- bzero(&(r_u.user_pol.data), POL_HND_SIZE);
+ bzero(r_u.user_pol.data, POL_HND_SIZE);
r_u.status = 0x0;
/*************************************************************************
get_user_info_21
*************************************************************************/
-static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
+static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
{
NTTIME dummy_time;
-
- pstring logon_script;
- pstring profile_path;
- pstring home_drive;
- pstring home_dir;
- pstring description;
- pstring workstations;
- pstring full_name;
- pstring munged_dialin;
- pstring unknown_str;
-
- uint32 r_uid;
- uint32 r_gid;
-
+ struct sam_passwd *sam_pass;
LOGON_HRS hrs;
int i;
- struct smb_passwd *smb_pass;
+ if (!pdb_rid_is_user(user_rid))
+ {
+ return False;
+ }
become_root(True);
- smb_pass = getsmbpwuid(rid);
+ sam_pass = getsam21pwrid(user_rid);
unbecome_root(True);
- if (smb_pass == NULL)
+ if (sam_pass == NULL)
{
return False;
}
- DEBUG(3,("User:[%s]\n", smb_pass->smb_name));
+ DEBUG(3,("User:[%s]\n", sam_pass->smb_name));
dummy_time.low = 0xffffffff;
dummy_time.high = 0x7fffffff;
- pstrcpy(samlogon_user, smb_pass->smb_name);
+ DEBUG(0,("get_user_info_21 - TODO: convert unix times to NTTIMEs\n"));
- if (samlogon_user[strlen(samlogon_user)-1] != '$')
- {
- if (!name_to_rid(samlogon_user, &r_uid, &r_gid))
- {
- return False;
- }
-
- /* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
- sam_logon_in_ssb = True;
-
- pstrcpy(full_name , "<Full Name>");
- pstrcpy(logon_script , lp_logon_script ());
- pstrcpy(profile_path , lp_logon_path ());
- pstrcpy(home_drive , lp_logon_drive ());
- pstrcpy(home_dir , lp_logon_home ());
- pstrcpy(description , "<Description>");
- pstrcpy(workstations , "");
- pstrcpy(unknown_str , "");
- pstrcpy(munged_dialin, "");
-
- sam_logon_in_ssb = False;
- }
- else
- {
- r_uid = smb_pass->smb_userid;
- r_gid = DOMAIN_GROUP_RID_USERS;
-
- pstrcpy(samlogon_user, smb_pass->smb_name);
-
- pstrcpy(full_name , "");
- pstrcpy(logon_script , "");
- pstrcpy(profile_path , "");
- pstrcpy(home_drive , "");
- pstrcpy(home_dir , "");
- pstrcpy(description , "");
- pstrcpy(workstations , "");
- pstrcpy(unknown_str , "");
- pstrcpy(munged_dialin, "");
- }
-
- hrs.len = 21;
+ /* create a LOGON_HRS structure */
+ hrs.len = sam_pass->hours_len;
for (i = 0; i < hrs.len; i++)
{
- hrs.hours[i] = 0xff;
+ hrs.hours[i] = sam_pass->hours[i];
}
+
make_sam_user_info21(id21,
&dummy_time, /* logon_time */
&dummy_time, /* pass_can_change_time */
&dummy_time, /* pass_must_change_time */
- samlogon_user, /* user_name */
- full_name, /* full_name */
- home_dir, /* home_dir */
- home_drive, /* dir_drive */
- logon_script, /* logon_script */
- profile_path, /* profile_path */
- description, /* description */
- workstations, /* workstations user can log in from */
- unknown_str, /* don't know, yet */
- munged_dialin, /* dialin info. contains dialin path and tel no */
-
- r_uid, /* RID user_id */
- r_gid, /* RID group_id */
- smb_pass->acct_ctrl,
-
- 0x00ffffff, /* unknown_3 */
- 168, /* divisions per week */
+ sam_pass->smb_name, /* user_name */
+ sam_pass->full_name, /* full_name */
+ sam_pass->home_dir, /* home_dir */
+ sam_pass->dir_drive, /* dir_drive */
+ sam_pass->logon_script, /* logon_script */
+ sam_pass->profile_path, /* profile_path */
+ sam_pass->acct_desc, /* description */
+ sam_pass->workstations, /* workstations user can log in from */
+ sam_pass->unknown_str, /* don't know, yet */
+ sam_pass->munged_dial, /* dialin info. contains dialin path and tel no */
+
+ sam_pass->user_rid, /* RID user_id */
+ sam_pass->group_rid, /* RID group_id */
+ sam_pass->acct_ctrl,
+
+ sam_pass->unknown_3, /* unknown_3 */
+ sam_pass->logon_divs, /* divisions per week */
&hrs, /* logon hours */
- 0x00020000,
- 0x000004ec);
+ sam_pass->unknown_5,
+ sam_pass->unknown_6);
return True;
}
case 21:
{
info = (void*)&id21;
-#ifdef USE_LDAP
- status = ldap_get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
-#else
status = get_user_info_21(&id21, rid) ? 0 : NT_STATUS_NO_SUCH_USER;
-#endif
break;
}
uint32 status = 0x0;
struct smb_passwd *smb_pass;
- DOM_GID gids[LSA_MAX_GROUPS];
+ DOM_GID *gids = NULL;
int num_groups = 0;
int pol_idx;
uint32 rid;
{
pstring groups;
get_domain_user_groups(groups, smb_pass->smb_name);
- num_groups = make_dom_gids(groups, gids);
+ gids = NULL;
+ num_groups = make_dom_gids(groups, &gids);
}
/* construct the response. lkclXXXX: gids are not copied! */
/* store the response in the SMB stream */
samr_io_r_query_usergroups("", &r_u, rdata, 0);
+ if(gids)
+ free((char *)gids);
DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
}
SAMR_R_UNKNOWN_32 r_u;
/* set up the SAMR unknown_32 response */
- bzero(&(r_u.pol.data), POL_HND_SIZE);
+ bzero(r_u.pol.data, POL_HND_SIZE);
if (status == 0)
{
for (i = 4; i < POL_HND_SIZE; i++)