source3/lib/ads_flags.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    ads (active directory) utility library
   4
   5    Copyright (C) Stefan (metze) Metzmacher 2002
   6    Copyright (C) Andrew Tridgell 2001
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21
  22 #include "includes.h"
  23
  24 /*
  25 translated the ACB_CTRL Flags to UserFlags (userAccountControl)
  26 */
  27 uint32 ads_acb2uf(uint32 acb)
  28 {
  29         uint32 uf = 0x00000000;
  30
  31         if (acb & ACB_DISABLED)                 uf |= UF_ACCOUNTDISABLE;
  32         if (acb & ACB_HOMDIRREQ)                uf |= UF_HOMEDIR_REQUIRED;
  33         if (acb & ACB_PWNOTREQ)                 uf |= UF_PASSWD_NOTREQD;
  34         if (acb & ACB_TEMPDUP)                  uf |= UF_TEMP_DUPLICATE_ACCOUNT;
  35         if (acb & ACB_NORMAL)                   uf |= UF_NORMAL_ACCOUNT;
  36         if (acb & ACB_MNS)                      uf |= UF_MNS_LOGON_ACCOUNT;
  37         if (acb & ACB_DOMTRUST)                 uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
  38         if (acb & ACB_WSTRUST)                  uf |= UF_WORKSTATION_TRUST_ACCOUNT;
  39         if (acb & ACB_SVRTRUST)                 uf |= UF_SERVER_TRUST_ACCOUNT;
  40         if (acb & ACB_PWNOEXP)                  uf |= UF_DONT_EXPIRE_PASSWD;
  41         if (acb & ACB_AUTOLOCK)                 uf |= UF_LOCKOUT;
  42         if (acb & ACB_USE_DES_KEY_ONLY)         uf |= UF_USE_DES_KEY_ONLY;
  43         if (acb & ACB_SMARTCARD_REQUIRED)       uf |= UF_SMARTCARD_REQUIRED;
  44         if (acb & ACB_TRUSTED_FOR_DELEGATION)   uf |= UF_TRUSTED_FOR_DELEGATION;
  45         if (acb & ACB_DONT_REQUIRE_PREAUTH)     uf |= UF_DONT_REQUIRE_PREAUTH;
  46         if (acb & ACB_NO_AUTH_DATA_REQD)        uf |= UF_NO_AUTH_DATA_REQUIRED;
  47         if (acb & ACB_NOT_DELEGATED)            uf |= UF_NOT_DELEGATED;
  48         if (acb & ACB_ENC_TXT_PWD_ALLOWED)      uf |= UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED;
  49
  50         return uf;
  51 }
  52
  53 /*
  54 translated the UserFlags (userAccountControl) to ACB_CTRL Flags
  55 */
  56 uint32 ads_uf2acb(uint32 uf)
  57 {
  58         uint32 acb = 0x00000000;
  59
  60         if (uf & UF_ACCOUNTDISABLE)             acb |= ACB_DISABLED;
  61         if (uf & UF_HOMEDIR_REQUIRED)           acb |= ACB_HOMDIRREQ;
  62         if (uf & UF_PASSWD_NOTREQD)             acb |= ACB_PWNOTREQ;
  63         if (uf & UF_MNS_LOGON_ACCOUNT)          acb |= ACB_MNS;
  64         if (uf & UF_DONT_EXPIRE_PASSWD)         acb |= ACB_PWNOEXP;
  65         if (uf & UF_LOCKOUT)                    acb |= ACB_AUTOLOCK;
  66         if (uf & UF_USE_DES_KEY_ONLY)           acb |= ACB_USE_DES_KEY_ONLY;
  67         if (uf & UF_SMARTCARD_REQUIRED)         acb |= ACB_SMARTCARD_REQUIRED;
  68         if (uf & UF_TRUSTED_FOR_DELEGATION)     acb |= ACB_TRUSTED_FOR_DELEGATION;
  69         if (uf & UF_DONT_REQUIRE_PREAUTH)       acb |= ACB_DONT_REQUIRE_PREAUTH;
  70         if (uf & UF_NO_AUTH_DATA_REQUIRED)      acb |= ACB_NO_AUTH_DATA_REQD;
  71         if (uf & UF_NOT_DELEGATED)              acb |= ACB_NOT_DELEGATED;
  72         if (uf & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED) acb |= ACB_ENC_TXT_PWD_ALLOWED;
  73
  74         switch (uf & UF_ACCOUNT_TYPE_MASK)
  75         {
  76                 case UF_TEMP_DUPLICATE_ACCOUNT:         acb |= ACB_TEMPDUP;break;
  77                 case UF_NORMAL_ACCOUNT:                 acb |= ACB_NORMAL;break;
  78                 case UF_INTERDOMAIN_TRUST_ACCOUNT:      acb |= ACB_DOMTRUST;break;
  79                 case UF_WORKSTATION_TRUST_ACCOUNT:      acb |= ACB_WSTRUST;break;
  80                 case UF_SERVER_TRUST_ACCOUNT:           acb |= ACB_SVRTRUST;break;
  81                 /*Fix Me: what should we do here? */
  82                 default:                                acb |= ACB_NORMAL;break;
  83         }
  84
  85         return acb;
  86 }
  87
  88 /*
  89 get the accountType from the UserFlags
  90 */
  91 uint32 ads_uf2atype(uint32 uf)
  92 {
  93         uint32 atype = 0x00000000;
  94
  95         if (uf & UF_NORMAL_ACCOUNT)                     atype = ATYPE_NORMAL_ACCOUNT;
  96         else if (uf & UF_TEMP_DUPLICATE_ACCOUNT)        atype = ATYPE_NORMAL_ACCOUNT;
  97         else if (uf & UF_SERVER_TRUST_ACCOUNT)          atype = ATYPE_WORKSTATION_TRUST;
  98         else if (uf & UF_WORKSTATION_TRUST_ACCOUNT)     atype = ATYPE_WORKSTATION_TRUST;
  99         else if (uf & UF_INTERDOMAIN_TRUST_ACCOUNT)     atype = ATYPE_INTERDOMAIN_TRUST;
 100
 101         return atype;
 102 }
 103
 104 /*
 105 get the accountType from the groupType
 106 */
 107 uint32 ads_gtype2atype(uint32 gtype)
 108 {
 109         uint32 atype = 0x00000000;
 110
 111         switch(gtype) {
 112                 case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
 113                         atype = ATYPE_SECURITY_LOCAL_GROUP;
 114                         break;
 115                 case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
 116                         atype = ATYPE_SECURITY_LOCAL_GROUP;
 117                         break;
 118                 case GTYPE_SECURITY_GLOBAL_GROUP:
 119                         atype = ATYPE_SECURITY_GLOBAL_GROUP;
 120                         break;
 121
 122                 case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
 123                         atype = ATYPE_DISTRIBUTION_GLOBAL_GROUP;
 124                         break;
 125                 case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
 126                         atype = ATYPE_DISTRIBUTION_UNIVERSAL_GROUP;
 127                         break;
 128                 case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
 129                         atype = ATYPE_DISTRIBUTION_LOCAL_GROUP;
 130                         break;
 131         }
 132
 133         return atype;
 134 }
 135
 136 /* turn a sAMAccountType into a SID_NAME_USE */
 137 enum lsa_SidType ads_atype_map(uint32 atype)
 138 {
 139         switch (atype & 0xF0000000) {
 140         case ATYPE_GLOBAL_GROUP:
 141                 return SID_NAME_DOM_GRP;
 142         case ATYPE_SECURITY_LOCAL_GROUP:
 143                 return SID_NAME_ALIAS;
 144         case ATYPE_ACCOUNT:
 145                 return SID_NAME_USER;
 146         default:
 147                 DEBUG(1,("hmm, need to map account type 0x%x\n", atype));
 148         }
 149         return SID_NAME_UNKNOWN;
 150 }