2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
27 /****************************************************************
28 ****************************************************************/
30 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX,
31 struct samr_UserInfo21 *info21)
33 uint32_t fields_present = 0;
34 struct samr_LogonHours zero_logon_hours;
35 struct lsa_BinaryString zero_parameters;
39 ZERO_STRUCT(zero_logon_hours);
40 ZERO_STRUCT(zero_parameters);
42 if (infoX->usriX_flags) {
43 fields_present |= SAMR_FIELD_ACCT_FLAGS;
45 if (infoX->usriX_name) {
46 fields_present |= SAMR_FIELD_ACCOUNT_NAME;
48 if (infoX->usriX_password) {
49 fields_present |= SAMR_FIELD_PASSWORD;
51 if (infoX->usriX_flags) {
52 fields_present |= SAMR_FIELD_ACCT_FLAGS;
54 if (infoX->usriX_name) {
55 fields_present |= SAMR_FIELD_FULL_NAME;
57 if (infoX->usriX_home_dir) {
58 fields_present |= SAMR_FIELD_HOME_DIRECTORY;
60 if (infoX->usriX_script_path) {
61 fields_present |= SAMR_FIELD_LOGON_SCRIPT;
63 if (infoX->usriX_comment) {
64 fields_present |= SAMR_FIELD_DESCRIPTION;
66 if (infoX->usriX_password_age) {
67 fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
69 if (infoX->usriX_full_name) {
70 fields_present |= SAMR_FIELD_FULL_NAME;
72 if (infoX->usriX_usr_comment) {
73 fields_present |= SAMR_FIELD_COMMENT;
75 if (infoX->usriX_profile) {
76 fields_present |= SAMR_FIELD_PROFILE_PATH;
78 if (infoX->usriX_home_dir_drive) {
79 fields_present |= SAMR_FIELD_HOME_DRIVE;
81 if (infoX->usriX_primary_group_id) {
82 fields_present |= SAMR_FIELD_PRIMARY_GID;
84 if (infoX->usriX_country_code) {
85 fields_present |= SAMR_FIELD_COUNTRY_CODE;
87 if (infoX->usriX_workstations) {
88 fields_present |= SAMR_FIELD_WORKSTATIONS;
91 unix_to_nt_time_abs(&password_age, infoX->usriX_password_age);
93 /* TODO: infoX->usriX_priv */
94 init_samr_user_info21(info21,
102 infoX->usriX_full_name,
103 infoX->usriX_home_dir,
104 infoX->usriX_home_dir_drive,
105 infoX->usriX_script_path,
106 infoX->usriX_profile,
107 infoX->usriX_comment,
108 infoX->usriX_workstations,
109 infoX->usriX_usr_comment,
112 infoX->usriX_primary_group_id,
118 infoX->usriX_country_code,
125 /****************************************************************
126 ****************************************************************/
128 static NTSTATUS construct_USER_INFO_X(uint32_t level,
130 struct USER_INFO_X *uX)
132 struct USER_INFO_0 *u0 = NULL;
133 struct USER_INFO_1 *u1 = NULL;
134 struct USER_INFO_2 *u2 = NULL;
135 struct USER_INFO_1003 *u1003 = NULL;
136 struct USER_INFO_1006 *u1006 = NULL;
137 struct USER_INFO_1007 *u1007 = NULL;
138 struct USER_INFO_1009 *u1009 = NULL;
139 struct USER_INFO_1011 *u1011 = NULL;
140 struct USER_INFO_1012 *u1012 = NULL;
141 struct USER_INFO_1014 *u1014 = NULL;
142 struct USER_INFO_1024 *u1024 = NULL;
143 struct USER_INFO_1051 *u1051 = NULL;
144 struct USER_INFO_1052 *u1052 = NULL;
145 struct USER_INFO_1053 *u1053 = NULL;
147 if (!buffer || !uX) {
148 return NT_STATUS_INVALID_PARAMETER;
155 u0 = (struct USER_INFO_0 *)buffer;
156 uX->usriX_name = u0->usri0_name;
159 u1 = (struct USER_INFO_1 *)buffer;
160 uX->usriX_name = u1->usri1_name;
161 uX->usriX_password = u1->usri1_password;
162 uX->usriX_password_age = u1->usri1_password_age;
163 uX->usriX_priv = u1->usri1_priv;
164 uX->usriX_home_dir = u1->usri1_home_dir;
165 uX->usriX_comment = u1->usri1_comment;
166 uX->usriX_flags = u1->usri1_flags;
167 uX->usriX_script_path = u1->usri1_script_path;
170 u2 = (struct USER_INFO_2 *)buffer;
171 uX->usriX_name = u2->usri2_name;
172 uX->usriX_password = u2->usri2_password;
173 uX->usriX_password_age = u2->usri2_password_age;
174 uX->usriX_priv = u2->usri2_priv;
175 uX->usriX_home_dir = u2->usri2_home_dir;
176 uX->usriX_comment = u2->usri2_comment;
177 uX->usriX_flags = u2->usri2_flags;
178 uX->usriX_script_path = u2->usri2_script_path;
179 uX->usriX_auth_flags = u2->usri2_auth_flags;
180 uX->usriX_full_name = u2->usri2_full_name;
181 uX->usriX_usr_comment = u2->usri2_usr_comment;
182 uX->usriX_parms = u2->usri2_parms;
183 uX->usriX_workstations = u2->usri2_workstations;
184 uX->usriX_last_logon = u2->usri2_last_logon;
185 uX->usriX_last_logoff = u2->usri2_last_logoff;
186 uX->usriX_acct_expires = u2->usri2_acct_expires;
187 uX->usriX_max_storage = u2->usri2_max_storage;
188 uX->usriX_units_per_week= u2->usri2_units_per_week;
189 uX->usriX_logon_hours = u2->usri2_logon_hours;
190 uX->usriX_bad_pw_count = u2->usri2_bad_pw_count;
191 uX->usriX_num_logons = u2->usri2_num_logons;
192 uX->usriX_logon_server = u2->usri2_logon_server;
193 uX->usriX_country_code = u2->usri2_country_code;
194 uX->usriX_code_page = u2->usri2_code_page;
197 u1003 = (struct USER_INFO_1003 *)buffer;
198 uX->usriX_password = u1003->usri1003_password;
201 u1006 = (struct USER_INFO_1006 *)buffer;
202 uX->usriX_home_dir = u1006->usri1006_home_dir;
205 u1007 = (struct USER_INFO_1007 *)buffer;
206 uX->usriX_comment = u1007->usri1007_comment;
209 u1009 = (struct USER_INFO_1009 *)buffer;
210 uX->usriX_script_path = u1009->usri1009_script_path;
213 u1011 = (struct USER_INFO_1011 *)buffer;
214 uX->usriX_full_name = u1011->usri1011_full_name;
217 u1012 = (struct USER_INFO_1012 *)buffer;
218 uX->usriX_usr_comment = u1012->usri1012_usr_comment;
221 u1014 = (struct USER_INFO_1014 *)buffer;
222 uX->usriX_workstations = u1014->usri1014_workstations;
225 u1024 = (struct USER_INFO_1024 *)buffer;
226 uX->usriX_country_code = u1024->usri1024_country_code;
229 u1051 = (struct USER_INFO_1051 *)buffer;
230 uX->usriX_primary_group_id = u1051->usri1051_primary_group_id;
233 u1052 = (struct USER_INFO_1052 *)buffer;
234 uX->usriX_profile = u1052->usri1052_profile;
237 u1053 = (struct USER_INFO_1053 *)buffer;
238 uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive;
243 return NT_STATUS_INVALID_INFO_CLASS;
249 /****************************************************************
250 ****************************************************************/
252 static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx,
253 struct rpc_pipe_client *pipe_cli,
254 DATA_BLOB *session_key,
255 struct policy_handle *user_handle,
256 struct USER_INFO_X *uX)
258 union samr_UserInfo user_info;
259 struct samr_UserInfo21 info21;
263 return NT_STATUS_INVALID_PARAMETER;
266 convert_USER_INFO_X_to_samr_user_info21(uX, &info21);
268 ZERO_STRUCT(user_info);
270 if (uX->usriX_password) {
272 user_info.info25.info = info21;
274 init_samr_CryptPasswordEx(uX->usriX_password,
276 &user_info.info25.password);
278 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
283 if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
285 user_info.info23.info = info21;
287 init_samr_CryptPassword(uX->usriX_password,
289 &user_info.info23.password);
291 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
298 user_info.info21 = info21;
300 status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
309 /****************************************************************
310 ****************************************************************/
312 WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
313 struct NetUserAdd *r)
315 struct cli_state *cli = NULL;
316 struct rpc_pipe_client *pipe_cli = NULL;
319 POLICY_HND connect_handle, domain_handle, user_handle;
320 struct lsa_String lsa_account_name;
321 struct dom_sid2 *domain_sid = NULL;
322 union samr_UserInfo *user_info = NULL;
323 struct samr_PwInfo pw_info;
324 uint32_t access_granted = 0;
326 struct USER_INFO_X uX;
328 ZERO_STRUCT(connect_handle);
329 ZERO_STRUCT(domain_handle);
330 ZERO_STRUCT(user_handle);
333 return WERR_INVALID_PARAM;
336 switch (r->in.level) {
343 werr = WERR_NOT_SUPPORTED;
347 werr = libnetapi_open_pipe(ctx, r->in.server_name,
348 &ndr_table_samr.syntax_id,
351 if (!W_ERROR_IS_OK(werr)) {
355 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
356 if (!NT_STATUS_IS_OK(status)) {
357 werr = ntstatus_to_werror(status);
361 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
362 SAMR_ACCESS_ENUM_DOMAINS |
363 SAMR_ACCESS_OPEN_DOMAIN,
364 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
365 SAMR_DOMAIN_ACCESS_CREATE_USER |
366 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
370 if (!W_ERROR_IS_OK(werr)) {
374 init_lsa_String(&lsa_account_name, uX.usriX_name);
376 status = rpccli_samr_CreateUser2(pipe_cli, ctx,
382 SAMR_USER_ACCESS_SET_PASSWORD |
383 SAMR_USER_ACCESS_SET_ATTRIBUTES |
384 SAMR_USER_ACCESS_GET_ATTRIBUTES,
388 if (!NT_STATUS_IS_OK(status)) {
389 werr = ntstatus_to_werror(status);
393 status = rpccli_samr_QueryUserInfo(pipe_cli, ctx,
397 if (!NT_STATUS_IS_OK(status)) {
398 werr = ntstatus_to_werror(status);
402 if (!(user_info->info16.acct_flags & ACB_NORMAL)) {
403 werr = WERR_INVALID_PARAM;
407 status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx,
410 if (!NT_STATUS_IS_OK(status)) {
411 werr = ntstatus_to_werror(status);
415 uX.usriX_flags |= ACB_NORMAL;
417 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
418 &cli->user_session_key,
421 if (!NT_STATUS_IS_OK(status)) {
422 werr = ntstatus_to_werror(status);
430 rpccli_samr_DeleteUser(pipe_cli, ctx,
438 if (is_valid_policy_hnd(&user_handle)) {
439 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
442 if (ctx->disable_policy_handle_cache) {
443 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
444 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
450 /****************************************************************
451 ****************************************************************/
453 WERROR NetUserAdd_l(struct libnetapi_ctx *ctx,
454 struct NetUserAdd *r)
456 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserAdd);
459 /****************************************************************
460 ****************************************************************/
462 WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
463 struct NetUserDel *r)
465 struct cli_state *cli = NULL;
466 struct rpc_pipe_client *pipe_cli = NULL;
469 POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle;
470 struct lsa_String lsa_account_name;
471 struct samr_Ids user_rids, name_types;
472 struct dom_sid2 *domain_sid = NULL;
473 struct dom_sid2 user_sid;
475 ZERO_STRUCT(connect_handle);
476 ZERO_STRUCT(builtin_handle);
477 ZERO_STRUCT(domain_handle);
478 ZERO_STRUCT(user_handle);
480 werr = libnetapi_open_pipe(ctx, r->in.server_name,
481 &ndr_table_samr.syntax_id,
485 if (!W_ERROR_IS_OK(werr)) {
489 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
490 SAMR_ACCESS_ENUM_DOMAINS |
491 SAMR_ACCESS_OPEN_DOMAIN,
492 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
496 if (!W_ERROR_IS_OK(werr)) {
500 status = rpccli_samr_OpenDomain(pipe_cli, ctx,
502 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
503 CONST_DISCARD(DOM_SID *, &global_sid_Builtin),
505 if (!NT_STATUS_IS_OK(status)) {
506 werr = ntstatus_to_werror(status);
510 init_lsa_String(&lsa_account_name, r->in.user_name);
512 status = rpccli_samr_LookupNames(pipe_cli, ctx,
518 if (!NT_STATUS_IS_OK(status)) {
519 werr = ntstatus_to_werror(status);
523 status = rpccli_samr_OpenUser(pipe_cli, ctx,
525 STD_RIGHT_DELETE_ACCESS,
528 if (!NT_STATUS_IS_OK(status)) {
529 werr = ntstatus_to_werror(status);
533 sid_compose(&user_sid, domain_sid, user_rids.ids[0]);
535 status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx,
538 if (!NT_STATUS_IS_OK(status)) {
539 werr = ntstatus_to_werror(status);
543 status = rpccli_samr_DeleteUser(pipe_cli, ctx,
545 if (!NT_STATUS_IS_OK(status)) {
546 werr = ntstatus_to_werror(status);
557 if (is_valid_policy_hnd(&user_handle)) {
558 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
561 if (ctx->disable_policy_handle_cache) {
562 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
563 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
564 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
570 /****************************************************************
571 ****************************************************************/
573 WERROR NetUserDel_l(struct libnetapi_ctx *ctx,
574 struct NetUserDel *r)
576 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserDel);
579 /****************************************************************
580 ****************************************************************/
582 static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
583 struct rpc_pipe_client *pipe_cli,
584 struct policy_handle *domain_handle,
585 struct policy_handle *builtin_handle,
586 const char *user_name,
587 const struct dom_sid *domain_sid,
590 struct samr_UserInfo21 **info21,
591 struct sec_desc_buf **sec_desc,
592 uint32_t *auth_flag_p)
596 struct policy_handle user_handle;
597 union samr_UserInfo *user_info = NULL;
598 struct samr_RidWithAttributeArray *rid_array = NULL;
599 uint32_t access_mask = SEC_STD_READ_CONTROL |
600 SAMR_USER_ACCESS_GET_ATTRIBUTES |
601 SAMR_USER_ACCESS_GET_NAME_ETC;
603 ZERO_STRUCT(user_handle);
609 access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO |
610 SAMR_USER_ACCESS_GET_GROUPS;
616 access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO |
617 SAMR_USER_ACCESS_GET_GROUPS |
618 SAMR_USER_ACCESS_GET_LOCALE;
625 return NT_STATUS_INVALID_LEVEL;
632 status = rpccli_samr_OpenUser(pipe_cli, mem_ctx,
637 if (!NT_STATUS_IS_OK(status)) {
641 status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx,
645 if (!NT_STATUS_IS_OK(status)) {
649 status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx,
653 if (!NT_STATUS_IS_OK(status)) {
657 if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) {
659 struct lsa_SidArray sid_array;
660 struct samr_Ids alias_rids;
662 uint32_t auth_flag = 0;
665 status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx,
668 if (!NT_STATUS_IS_OK(status)) {
672 sid_array.num_sids = rid_array->count + 1;
673 sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr,
675 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids);
677 for (i=0; i<rid_array->count; i++) {
678 sid_compose(&sid, domain_sid, rid_array->rids[i].rid);
679 sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
680 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
683 sid_compose(&sid, domain_sid, rid);
684 sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
685 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
687 status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx,
691 if (!NT_STATUS_IS_OK(status)) {
695 for (i=0; i<alias_rids.count; i++) {
696 switch (alias_rids.ids[i]) {
697 case 550: /* Print Operators */
698 auth_flag |= AF_OP_PRINT;
700 case 549: /* Server Operators */
701 auth_flag |= AF_OP_SERVER;
703 case 548: /* Account Operators */
704 auth_flag |= AF_OP_ACCOUNTS;
712 *auth_flag_p = auth_flag;
716 *info21 = &user_info->info21;
719 if (is_valid_policy_hnd(&user_handle)) {
720 rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle);
726 /****************************************************************
727 ****************************************************************/
729 static uint32_t samr_rid_to_priv_level(uint32_t rid)
732 case DOMAIN_RID_ADMINISTRATOR:
733 return USER_PRIV_ADMIN;
734 case DOMAIN_RID_GUEST:
735 return USER_PRIV_GUEST;
737 return USER_PRIV_USER;
741 /****************************************************************
742 ****************************************************************/
744 static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb)
746 uint32_t fl = UF_SCRIPT; /* god knows why */
748 fl |= ads_acb2uf(acb);
753 /****************************************************************
754 ****************************************************************/
756 static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx,
757 const struct samr_UserInfo21 *i21,
758 struct USER_INFO_1 *i)
761 i->usri1_name = talloc_strdup(mem_ctx, i21->account_name.string);
762 NT_STATUS_HAVE_NO_MEMORY(i->usri1_name);
763 i->usri1_password = NULL;
764 i->usri1_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
765 i->usri1_priv = samr_rid_to_priv_level(i21->rid);
766 i->usri1_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
767 i->usri1_comment = talloc_strdup(mem_ctx, i21->description.string);
768 i->usri1_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
769 i->usri1_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
774 /****************************************************************
775 ****************************************************************/
777 static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx,
778 const struct samr_UserInfo21 *i21,
780 struct USER_INFO_2 *i)
784 i->usri2_name = talloc_strdup(mem_ctx, i21->account_name.string);
785 NT_STATUS_HAVE_NO_MEMORY(i->usri2_name);
786 i->usri2_password = NULL;
787 i->usri2_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
788 i->usri2_priv = samr_rid_to_priv_level(i21->rid);
789 i->usri2_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
790 i->usri2_comment = talloc_strdup(mem_ctx, i21->description.string);
791 i->usri2_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
792 i->usri2_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
793 i->usri2_auth_flags = auth_flag;
794 i->usri2_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
795 i->usri2_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
796 i->usri2_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
797 i->usri2_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
798 i->usri2_last_logon = nt_time_to_unix(i21->last_logon);
799 i->usri2_last_logoff = nt_time_to_unix(i21->last_logoff);
800 i->usri2_acct_expires = nt_time_to_unix(i21->acct_expiry);
801 i->usri2_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
802 i->usri2_units_per_week = i21->logon_hours.units_per_week;
803 i->usri2_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
804 i->usri2_bad_pw_count = i21->bad_password_count;
805 i->usri2_num_logons = i21->logon_count;
806 i->usri2_logon_server = talloc_strdup(mem_ctx, "\\\\*");
807 i->usri2_country_code = i21->country_code;
808 i->usri2_code_page = i21->code_page;
813 /****************************************************************
814 ****************************************************************/
816 static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx,
817 const struct samr_UserInfo21 *i21,
819 struct USER_INFO_3 *i)
823 i->usri3_name = talloc_strdup(mem_ctx, i21->account_name.string);
824 NT_STATUS_HAVE_NO_MEMORY(i->usri3_name);
825 i->usri3_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
826 i->usri3_priv = samr_rid_to_priv_level(i21->rid);
827 i->usri3_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
828 i->usri3_comment = talloc_strdup(mem_ctx, i21->description.string);
829 i->usri3_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
830 i->usri3_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
831 i->usri3_auth_flags = auth_flag;
832 i->usri3_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
833 i->usri3_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
834 i->usri3_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
835 i->usri3_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
836 i->usri3_last_logon = nt_time_to_unix(i21->last_logon);
837 i->usri3_last_logoff = nt_time_to_unix(i21->last_logoff);
838 i->usri3_acct_expires = nt_time_to_unix(i21->acct_expiry);
839 i->usri3_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
840 i->usri3_units_per_week = i21->logon_hours.units_per_week;
841 i->usri3_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
842 i->usri3_bad_pw_count = i21->bad_password_count;
843 i->usri3_num_logons = i21->logon_count;
844 i->usri3_logon_server = talloc_strdup(mem_ctx, "\\\\*");
845 i->usri3_country_code = i21->country_code;
846 i->usri3_code_page = i21->code_page;
847 i->usri3_user_id = i21->rid;
848 i->usri3_primary_group_id = i21->primary_gid;
849 i->usri3_profile = talloc_strdup(mem_ctx, i21->profile_path.string);
850 i->usri3_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
851 i->usri3_password_expired = i21->password_expired;
856 /****************************************************************
857 ****************************************************************/
859 static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx,
860 const struct samr_UserInfo21 *i21,
862 struct dom_sid *domain_sid,
863 struct USER_INFO_4 *i)
869 i->usri4_name = talloc_strdup(mem_ctx, i21->account_name.string);
870 NT_STATUS_HAVE_NO_MEMORY(i->usri4_name);
871 i->usri4_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
872 i->usri4_password = NULL;
873 i->usri4_priv = samr_rid_to_priv_level(i21->rid);
874 i->usri4_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
875 i->usri4_comment = talloc_strdup(mem_ctx, i21->description.string);
876 i->usri4_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
877 i->usri4_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
878 i->usri4_auth_flags = auth_flag;
879 i->usri4_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
880 i->usri4_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
881 i->usri4_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
882 i->usri4_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
883 i->usri4_last_logon = nt_time_to_unix(i21->last_logon);
884 i->usri4_last_logoff = nt_time_to_unix(i21->last_logoff);
885 i->usri4_acct_expires = nt_time_to_unix(i21->acct_expiry);
886 i->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
887 i->usri4_units_per_week = i21->logon_hours.units_per_week;
888 i->usri4_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
889 i->usri4_bad_pw_count = i21->bad_password_count;
890 i->usri4_num_logons = i21->logon_count;
891 i->usri4_logon_server = talloc_strdup(mem_ctx, "\\\\*");
892 i->usri4_country_code = i21->country_code;
893 i->usri4_code_page = i21->code_page;
894 if (!sid_compose(&sid, domain_sid, i21->rid)) {
895 return NT_STATUS_NO_MEMORY;
897 i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
898 i->usri4_primary_group_id = i21->primary_gid;
899 i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string);
900 i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
901 i->usri4_password_expired = i21->password_expired;
906 /****************************************************************
907 ****************************************************************/
909 static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx,
910 const struct samr_UserInfo21 *i21,
911 struct USER_INFO_10 *i)
915 i->usri10_name = talloc_strdup(mem_ctx, i21->account_name.string);
916 NT_STATUS_HAVE_NO_MEMORY(i->usri10_name);
917 i->usri10_comment = talloc_strdup(mem_ctx, i21->description.string);
918 i->usri10_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
919 i->usri10_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
924 /****************************************************************
925 ****************************************************************/
927 static NTSTATUS info21_to_USER_INFO_11(TALLOC_CTX *mem_ctx,
928 const struct samr_UserInfo21 *i21,
930 struct USER_INFO_11 *i)
934 i->usri11_name = talloc_strdup(mem_ctx, i21->account_name.string);
935 NT_STATUS_HAVE_NO_MEMORY(i->usri11_name);
936 i->usri11_comment = talloc_strdup(mem_ctx, i21->description.string);
937 i->usri11_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
938 i->usri11_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
939 i->usri11_priv = samr_rid_to_priv_level(i21->rid);
940 i->usri11_auth_flags = auth_flag;
941 i->usri11_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
942 i->usri11_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
943 i->usri11_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
944 i->usri11_last_logon = nt_time_to_unix(i21->last_logon);
945 i->usri11_last_logoff = nt_time_to_unix(i21->last_logoff);
946 i->usri11_bad_pw_count = i21->bad_password_count;
947 i->usri11_num_logons = i21->logon_count;
948 i->usri11_logon_server = talloc_strdup(mem_ctx, "\\\\*");
949 i->usri11_country_code = i21->country_code;
950 i->usri11_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
951 i->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
952 i->usri11_units_per_week = i21->logon_hours.units_per_week;
953 i->usri11_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
954 i->usri11_code_page = i21->code_page;
959 /****************************************************************
960 ****************************************************************/
962 static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx,
963 const struct samr_UserInfo21 *i21,
964 struct USER_INFO_20 *i)
968 i->usri20_name = talloc_strdup(mem_ctx, i21->account_name.string);
969 NT_STATUS_HAVE_NO_MEMORY(i->usri20_name);
970 i->usri20_comment = talloc_strdup(mem_ctx, i21->description.string);
971 i->usri20_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
972 i->usri20_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
973 i->usri20_user_id = i21->rid;
978 /****************************************************************
979 ****************************************************************/
981 static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx,
982 const struct samr_UserInfo21 *i21,
983 struct dom_sid *domain_sid,
984 struct USER_INFO_23 *i)
990 i->usri23_name = talloc_strdup(mem_ctx, i21->account_name.string);
991 NT_STATUS_HAVE_NO_MEMORY(i->usri23_name);
992 i->usri23_comment = talloc_strdup(mem_ctx, i21->description.string);
993 i->usri23_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
994 i->usri23_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
995 if (!sid_compose(&sid, domain_sid, i21->rid)) {
996 return NT_STATUS_NO_MEMORY;
998 i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
1000 return NT_STATUS_OK;
1003 /****************************************************************
1004 ****************************************************************/
1006 static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx,
1007 struct rpc_pipe_client *pipe_cli,
1008 struct dom_sid *domain_sid,
1009 struct policy_handle *domain_handle,
1010 struct policy_handle *builtin_handle,
1011 const char *user_name,
1015 uint32_t *num_entries)
1019 struct samr_UserInfo21 *info21 = NULL;
1020 struct sec_desc_buf *sec_desc = NULL;
1021 uint32_t auth_flag = 0;
1023 struct USER_INFO_0 info0;
1024 struct USER_INFO_1 info1;
1025 struct USER_INFO_2 info2;
1026 struct USER_INFO_3 info3;
1027 struct USER_INFO_4 info4;
1028 struct USER_INFO_10 info10;
1029 struct USER_INFO_11 info11;
1030 struct USER_INFO_20 info20;
1031 struct USER_INFO_23 info23;
1045 return NT_STATUS_INVALID_LEVEL;
1049 info0.usri0_name = talloc_strdup(mem_ctx, user_name);
1050 NT_STATUS_HAVE_NO_MEMORY(info0.usri0_name);
1052 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, info0,
1053 (struct USER_INFO_0 **)buffer, num_entries);
1055 return NT_STATUS_OK;
1058 status = libnetapi_samr_lookup_user(mem_ctx, pipe_cli,
1069 if (!NT_STATUS_IS_OK(status)) {
1075 /* already returned above */
1078 status = info21_to_USER_INFO_1(mem_ctx, info21, &info1);
1079 NT_STATUS_NOT_OK_RETURN(status);
1081 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1,
1082 (struct USER_INFO_1 **)buffer, num_entries);
1086 status = info21_to_USER_INFO_2(mem_ctx, info21, auth_flag, &info2);
1087 NT_STATUS_NOT_OK_RETURN(status);
1089 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2,
1090 (struct USER_INFO_2 **)buffer, num_entries);
1094 status = info21_to_USER_INFO_3(mem_ctx, info21, auth_flag, &info3);
1095 NT_STATUS_NOT_OK_RETURN(status);
1097 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3,
1098 (struct USER_INFO_3 **)buffer, num_entries);
1102 status = info21_to_USER_INFO_4(mem_ctx, info21, auth_flag, domain_sid, &info4);
1103 NT_STATUS_NOT_OK_RETURN(status);
1105 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_4, info4,
1106 (struct USER_INFO_4 **)buffer, num_entries);
1110 status = info21_to_USER_INFO_10(mem_ctx, info21, &info10);
1111 NT_STATUS_NOT_OK_RETURN(status);
1113 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10,
1114 (struct USER_INFO_10 **)buffer, num_entries);
1118 status = info21_to_USER_INFO_11(mem_ctx, info21, auth_flag, &info11);
1119 NT_STATUS_NOT_OK_RETURN(status);
1121 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_11, info11,
1122 (struct USER_INFO_11 **)buffer, num_entries);
1126 status = info21_to_USER_INFO_20(mem_ctx, info21, &info20);
1127 NT_STATUS_NOT_OK_RETURN(status);
1129 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20,
1130 (struct USER_INFO_20 **)buffer, num_entries);
1134 status = info21_to_USER_INFO_23(mem_ctx, info21, domain_sid, &info23);
1135 NT_STATUS_NOT_OK_RETURN(status);
1137 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23,
1138 (struct USER_INFO_23 **)buffer, num_entries);
1141 return NT_STATUS_INVALID_LEVEL;
1148 /****************************************************************
1149 ****************************************************************/
1151 WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
1152 struct NetUserEnum *r)
1154 struct cli_state *cli = NULL;
1155 struct rpc_pipe_client *pipe_cli = NULL;
1156 struct policy_handle connect_handle;
1157 struct dom_sid2 *domain_sid = NULL;
1158 struct policy_handle domain_handle, builtin_handle;
1159 struct samr_SamArray *sam = NULL;
1160 uint32_t filter = ACB_NORMAL;
1162 uint32_t entries_read = 0;
1164 NTSTATUS status = NT_STATUS_OK;
1167 ZERO_STRUCT(connect_handle);
1168 ZERO_STRUCT(domain_handle);
1169 ZERO_STRUCT(builtin_handle);
1171 if (!r->out.buffer) {
1172 return WERR_INVALID_PARAM;
1175 *r->out.buffer = NULL;
1176 *r->out.entries_read = 0;
1178 switch (r->in.level) {
1190 return WERR_UNKNOWN_LEVEL;
1193 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1194 &ndr_table_samr.syntax_id,
1197 if (!W_ERROR_IS_OK(werr)) {
1201 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1202 SAMR_ACCESS_ENUM_DOMAINS |
1203 SAMR_ACCESS_OPEN_DOMAIN,
1204 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1205 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1208 if (!W_ERROR_IS_OK(werr)) {
1212 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1213 SAMR_ACCESS_ENUM_DOMAINS |
1214 SAMR_ACCESS_OPEN_DOMAIN,
1215 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1216 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1217 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1221 if (!W_ERROR_IS_OK(werr)) {
1225 switch (r->in.filter) {
1226 case FILTER_NORMAL_ACCOUNT:
1227 filter = ACB_NORMAL;
1229 case FILTER_TEMP_DUPLICATE_ACCOUNT:
1230 filter = ACB_TEMPDUP;
1232 case FILTER_INTERDOMAIN_TRUST_ACCOUNT:
1233 filter = ACB_DOMTRUST;
1235 case FILTER_WORKSTATION_TRUST_ACCOUNT:
1236 filter = ACB_WSTRUST;
1238 case FILTER_SERVER_TRUST_ACCOUNT:
1239 filter = ACB_SVRTRUST;
1245 status = rpccli_samr_EnumDomainUsers(pipe_cli,
1248 r->in.resume_handle,
1253 werr = ntstatus_to_werror(status);
1254 if (NT_STATUS_IS_ERR(status)) {
1258 for (i=0; i < sam->count; i++) {
1260 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1264 sam->entries[i].name.string,
1265 sam->entries[i].idx,
1268 r->out.entries_read);
1269 if (!NT_STATUS_IS_OK(status)) {
1270 werr = ntstatus_to_werror(status);
1281 if (NT_STATUS_IS_OK(status) ||
1282 NT_STATUS_IS_ERR(status)) {
1284 if (ctx->disable_policy_handle_cache) {
1285 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1286 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1287 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1294 /****************************************************************
1295 ****************************************************************/
1297 WERROR NetUserEnum_l(struct libnetapi_ctx *ctx,
1298 struct NetUserEnum *r)
1300 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserEnum);
1303 /****************************************************************
1304 ****************************************************************/
1306 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx,
1307 struct samr_DispInfoGeneral *info,
1308 uint32_t *entries_read,
1311 struct NET_DISPLAY_USER *user = NULL;
1314 user = TALLOC_ZERO_ARRAY(mem_ctx,
1315 struct NET_DISPLAY_USER,
1317 W_ERROR_HAVE_NO_MEMORY(user);
1319 for (i = 0; i < info->count; i++) {
1320 user[i].usri1_name = talloc_strdup(mem_ctx,
1321 info->entries[i].account_name.string);
1322 user[i].usri1_comment = talloc_strdup(mem_ctx,
1323 info->entries[i].description.string);
1324 user[i].usri1_flags =
1325 info->entries[i].acct_flags;
1326 user[i].usri1_full_name = talloc_strdup(mem_ctx,
1327 info->entries[i].full_name.string);
1328 user[i].usri1_user_id =
1329 info->entries[i].rid;
1330 user[i].usri1_next_index =
1331 info->entries[i].idx;
1333 if (!user[i].usri1_name) {
1338 *buffer = talloc_memdup(mem_ctx, user,
1339 sizeof(struct NET_DISPLAY_USER) * info->count);
1340 W_ERROR_HAVE_NO_MEMORY(*buffer);
1342 *entries_read = info->count;
1347 /****************************************************************
1348 ****************************************************************/
1350 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx,
1351 struct samr_DispInfoFull *info,
1352 uint32_t *entries_read,
1355 struct NET_DISPLAY_MACHINE *machine = NULL;
1358 machine = TALLOC_ZERO_ARRAY(mem_ctx,
1359 struct NET_DISPLAY_MACHINE,
1361 W_ERROR_HAVE_NO_MEMORY(machine);
1363 for (i = 0; i < info->count; i++) {
1364 machine[i].usri2_name = talloc_strdup(mem_ctx,
1365 info->entries[i].account_name.string);
1366 machine[i].usri2_comment = talloc_strdup(mem_ctx,
1367 info->entries[i].description.string);
1368 machine[i].usri2_flags =
1369 info->entries[i].acct_flags;
1370 machine[i].usri2_user_id =
1371 info->entries[i].rid;
1372 machine[i].usri2_next_index =
1373 info->entries[i].idx;
1375 if (!machine[i].usri2_name) {
1380 *buffer = talloc_memdup(mem_ctx, machine,
1381 sizeof(struct NET_DISPLAY_MACHINE) * info->count);
1382 W_ERROR_HAVE_NO_MEMORY(*buffer);
1384 *entries_read = info->count;
1389 /****************************************************************
1390 ****************************************************************/
1392 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx,
1393 struct samr_DispInfoFullGroups *info,
1394 uint32_t *entries_read,
1397 struct NET_DISPLAY_GROUP *group = NULL;
1400 group = TALLOC_ZERO_ARRAY(mem_ctx,
1401 struct NET_DISPLAY_GROUP,
1403 W_ERROR_HAVE_NO_MEMORY(group);
1405 for (i = 0; i < info->count; i++) {
1406 group[i].grpi3_name = talloc_strdup(mem_ctx,
1407 info->entries[i].account_name.string);
1408 group[i].grpi3_comment = talloc_strdup(mem_ctx,
1409 info->entries[i].description.string);
1410 group[i].grpi3_group_id =
1411 info->entries[i].rid;
1412 group[i].grpi3_attributes =
1413 info->entries[i].acct_flags;
1414 group[i].grpi3_next_index =
1415 info->entries[i].idx;
1417 if (!group[i].grpi3_name) {
1422 *buffer = talloc_memdup(mem_ctx, group,
1423 sizeof(struct NET_DISPLAY_GROUP) * info->count);
1424 W_ERROR_HAVE_NO_MEMORY(*buffer);
1426 *entries_read = info->count;
1432 /****************************************************************
1433 ****************************************************************/
1435 static WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx,
1436 union samr_DispInfo *info,
1438 uint32_t *entries_read,
1443 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx,
1448 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx,
1453 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx,
1458 return WERR_UNKNOWN_LEVEL;
1464 /****************************************************************
1465 ****************************************************************/
1467 WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
1468 struct NetQueryDisplayInformation *r)
1470 struct cli_state *cli = NULL;
1471 struct rpc_pipe_client *pipe_cli = NULL;
1472 struct policy_handle connect_handle;
1473 struct dom_sid2 *domain_sid = NULL;
1474 struct policy_handle domain_handle;
1475 union samr_DispInfo info;
1477 uint32_t total_size = 0;
1478 uint32_t returned_size = 0;
1480 NTSTATUS status = NT_STATUS_OK;
1483 ZERO_STRUCT(connect_handle);
1484 ZERO_STRUCT(domain_handle);
1486 switch (r->in.level) {
1492 return WERR_UNKNOWN_LEVEL;
1495 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1496 &ndr_table_samr.syntax_id,
1499 if (!W_ERROR_IS_OK(werr)) {
1503 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1504 SAMR_ACCESS_ENUM_DOMAINS |
1505 SAMR_ACCESS_OPEN_DOMAIN,
1506 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1507 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1508 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1512 if (!W_ERROR_IS_OK(werr)) {
1516 status = rpccli_samr_QueryDisplayInfo2(pipe_cli,
1521 r->in.entries_requested,
1526 if (!NT_STATUS_IS_OK(status)) {
1527 werr = ntstatus_to_werror(status);
1531 werr = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
1533 r->out.entries_read,
1541 if (NT_STATUS_IS_OK(status) ||
1542 NT_STATUS_IS_ERR(status)) {
1544 if (ctx->disable_policy_handle_cache) {
1545 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1546 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1554 /****************************************************************
1555 ****************************************************************/
1558 WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx,
1559 struct NetQueryDisplayInformation *r)
1561 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetQueryDisplayInformation);
1564 /****************************************************************
1565 ****************************************************************/
1567 WERROR NetUserChangePassword_r(struct libnetapi_ctx *ctx,
1568 struct NetUserChangePassword *r)
1570 return WERR_NOT_SUPPORTED;
1573 /****************************************************************
1574 ****************************************************************/
1576 WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx,
1577 struct NetUserChangePassword *r)
1579 return WERR_NOT_SUPPORTED;
1582 /****************************************************************
1583 ****************************************************************/
1585 WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
1586 struct NetUserGetInfo *r)
1588 struct cli_state *cli = NULL;
1589 struct rpc_pipe_client *pipe_cli = NULL;
1593 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1594 struct lsa_String lsa_account_name;
1595 struct dom_sid2 *domain_sid = NULL;
1596 struct samr_Ids user_rids, name_types;
1597 uint32_t num_entries = 0;
1599 ZERO_STRUCT(connect_handle);
1600 ZERO_STRUCT(domain_handle);
1601 ZERO_STRUCT(builtin_handle);
1602 ZERO_STRUCT(user_handle);
1604 if (!r->out.buffer) {
1605 return WERR_INVALID_PARAM;
1608 switch (r->in.level) {
1620 werr = WERR_UNKNOWN_LEVEL;
1624 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1625 &ndr_table_samr.syntax_id,
1628 if (!W_ERROR_IS_OK(werr)) {
1632 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1633 SAMR_ACCESS_ENUM_DOMAINS |
1634 SAMR_ACCESS_OPEN_DOMAIN,
1635 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1639 if (!W_ERROR_IS_OK(werr)) {
1643 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1644 SAMR_ACCESS_ENUM_DOMAINS |
1645 SAMR_ACCESS_OPEN_DOMAIN,
1646 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1647 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1650 if (!W_ERROR_IS_OK(werr)) {
1654 init_lsa_String(&lsa_account_name, r->in.user_name);
1656 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1662 if (!NT_STATUS_IS_OK(status)) {
1663 werr = ntstatus_to_werror(status);
1667 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1676 if (!NT_STATUS_IS_OK(status)) {
1677 werr = ntstatus_to_werror(status);
1686 if (is_valid_policy_hnd(&user_handle)) {
1687 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1690 if (ctx->disable_policy_handle_cache) {
1691 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1692 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1698 /****************************************************************
1699 ****************************************************************/
1701 WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx,
1702 struct NetUserGetInfo *r)
1704 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetInfo);
1707 /****************************************************************
1708 ****************************************************************/
1710 WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
1711 struct NetUserSetInfo *r)
1713 struct cli_state *cli = NULL;
1714 struct rpc_pipe_client *pipe_cli = NULL;
1718 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1719 struct lsa_String lsa_account_name;
1720 struct dom_sid2 *domain_sid = NULL;
1721 struct samr_Ids user_rids, name_types;
1722 uint32_t user_mask = 0;
1724 struct USER_INFO_X uX;
1726 ZERO_STRUCT(connect_handle);
1727 ZERO_STRUCT(domain_handle);
1728 ZERO_STRUCT(builtin_handle);
1729 ZERO_STRUCT(user_handle);
1731 if (!r->in.buffer) {
1732 return WERR_INVALID_PARAM;
1735 switch (r->in.level) {
1738 user_mask = SAMR_USER_ACCESS_SET_PASSWORD;
1747 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES;
1751 user_mask = SAMR_USER_ACCESS_SET_LOC_COM;
1753 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES |
1754 SAMR_USER_ACCESS_GET_GROUPS;
1767 werr = WERR_NOT_SUPPORTED;
1770 werr = WERR_UNKNOWN_LEVEL;
1774 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1775 &ndr_table_samr.syntax_id,
1778 if (!W_ERROR_IS_OK(werr)) {
1782 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1783 SAMR_ACCESS_ENUM_DOMAINS |
1784 SAMR_ACCESS_OPEN_DOMAIN,
1785 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1786 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1790 if (!W_ERROR_IS_OK(werr)) {
1794 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1795 SAMR_ACCESS_ENUM_DOMAINS |
1796 SAMR_ACCESS_OPEN_DOMAIN,
1797 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1798 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1801 if (!W_ERROR_IS_OK(werr)) {
1805 init_lsa_String(&lsa_account_name, r->in.user_name);
1807 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1813 if (!NT_STATUS_IS_OK(status)) {
1814 werr = ntstatus_to_werror(status);
1818 status = rpccli_samr_OpenUser(pipe_cli, ctx,
1823 if (!NT_STATUS_IS_OK(status)) {
1824 werr = ntstatus_to_werror(status);
1828 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
1829 if (!NT_STATUS_IS_OK(status)) {
1830 werr = ntstatus_to_werror(status);
1834 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
1835 &cli->user_session_key,
1838 if (!NT_STATUS_IS_OK(status)) {
1839 werr = ntstatus_to_werror(status);
1850 if (is_valid_policy_hnd(&user_handle)) {
1851 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1854 if (ctx->disable_policy_handle_cache) {
1855 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1856 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1857 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1863 /****************************************************************
1864 ****************************************************************/
1866 WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx,
1867 struct NetUserSetInfo *r)
1869 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetInfo);
1872 /****************************************************************
1873 ****************************************************************/
1875 static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1876 struct rpc_pipe_client *pipe_cli,
1877 struct policy_handle *domain_handle,
1878 struct samr_DomInfo1 *info1,
1879 struct samr_DomInfo3 *info3,
1880 struct samr_DomInfo5 *info5,
1881 struct samr_DomInfo6 *info6,
1882 struct samr_DomInfo7 *info7,
1883 struct samr_DomInfo12 *info12)
1886 union samr_DomainInfo *dom_info = NULL;
1889 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1893 NT_STATUS_NOT_OK_RETURN(status);
1895 *info1 = dom_info->info1;
1899 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1903 NT_STATUS_NOT_OK_RETURN(status);
1905 *info3 = dom_info->info3;
1909 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1913 NT_STATUS_NOT_OK_RETURN(status);
1915 *info5 = dom_info->info5;
1919 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1923 NT_STATUS_NOT_OK_RETURN(status);
1925 *info6 = dom_info->info6;
1929 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1933 NT_STATUS_NOT_OK_RETURN(status);
1935 *info7 = dom_info->info7;
1939 status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx,
1943 NT_STATUS_NOT_OK_RETURN(status);
1945 *info12 = dom_info->info12;
1948 return NT_STATUS_OK;
1951 /****************************************************************
1952 ****************************************************************/
1954 static NTSTATUS query_USER_MODALS_INFO_0(TALLOC_CTX *mem_ctx,
1955 struct rpc_pipe_client *pipe_cli,
1956 struct policy_handle *domain_handle,
1957 struct USER_MODALS_INFO_0 *info0)
1960 struct samr_DomInfo1 dom_info1;
1961 struct samr_DomInfo3 dom_info3;
1963 ZERO_STRUCTP(info0);
1965 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1974 NT_STATUS_NOT_OK_RETURN(status);
1976 info0->usrmod0_min_passwd_len =
1977 dom_info1.min_password_length;
1978 info0->usrmod0_max_passwd_age =
1979 nt_time_to_unix_abs((NTTIME *)&dom_info1.max_password_age);
1980 info0->usrmod0_min_passwd_age =
1981 nt_time_to_unix_abs((NTTIME *)&dom_info1.min_password_age);
1982 info0->usrmod0_password_hist_len =
1983 dom_info1.password_history_length;
1985 info0->usrmod0_force_logoff =
1986 nt_time_to_unix_abs(&dom_info3.force_logoff_time);
1988 return NT_STATUS_OK;
1991 /****************************************************************
1992 ****************************************************************/
1994 static NTSTATUS query_USER_MODALS_INFO_1(TALLOC_CTX *mem_ctx,
1995 struct rpc_pipe_client *pipe_cli,
1996 struct policy_handle *domain_handle,
1997 struct USER_MODALS_INFO_1 *info1)
2000 struct samr_DomInfo6 dom_info6;
2001 struct samr_DomInfo7 dom_info7;
2003 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2012 NT_STATUS_NOT_OK_RETURN(status);
2014 info1->usrmod1_primary =
2015 talloc_strdup(mem_ctx, dom_info6.primary.string);
2017 info1->usrmod1_role = dom_info7.role;
2019 return NT_STATUS_OK;
2022 /****************************************************************
2023 ****************************************************************/
2025 static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
2026 struct rpc_pipe_client *pipe_cli,
2027 struct policy_handle *domain_handle,
2028 struct dom_sid *domain_sid,
2029 struct USER_MODALS_INFO_2 *info2)
2032 struct samr_DomInfo5 dom_info5;
2034 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2043 NT_STATUS_NOT_OK_RETURN(status);
2045 info2->usrmod2_domain_name =
2046 talloc_strdup(mem_ctx, dom_info5.domain_name.string);
2047 info2->usrmod2_domain_id =
2048 (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
2050 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
2051 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
2053 return NT_STATUS_OK;
2056 /****************************************************************
2057 ****************************************************************/
2059 static NTSTATUS query_USER_MODALS_INFO_3(TALLOC_CTX *mem_ctx,
2060 struct rpc_pipe_client *pipe_cli,
2061 struct policy_handle *domain_handle,
2062 struct USER_MODALS_INFO_3 *info3)
2065 struct samr_DomInfo12 dom_info12;
2067 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2076 NT_STATUS_NOT_OK_RETURN(status);
2078 info3->usrmod3_lockout_duration =
2079 nt_time_to_unix_abs(&dom_info12.lockout_duration);
2080 info3->usrmod3_lockout_observation_window =
2081 nt_time_to_unix_abs(&dom_info12.lockout_window);
2082 info3->usrmod3_lockout_threshold =
2083 dom_info12.lockout_threshold;
2085 return NT_STATUS_OK;
2088 /****************************************************************
2089 ****************************************************************/
2091 static NTSTATUS query_USER_MODALS_INFO_to_buffer(TALLOC_CTX *mem_ctx,
2092 struct rpc_pipe_client *pipe_cli,
2094 struct policy_handle *domain_handle,
2095 struct dom_sid *domain_sid,
2100 struct USER_MODALS_INFO_0 info0;
2101 struct USER_MODALS_INFO_1 info1;
2102 struct USER_MODALS_INFO_2 info2;
2103 struct USER_MODALS_INFO_3 info3;
2106 return ERROR_INSUFFICIENT_BUFFER;
2111 status = query_USER_MODALS_INFO_0(mem_ctx,
2115 NT_STATUS_NOT_OK_RETURN(status);
2117 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0,
2122 status = query_USER_MODALS_INFO_1(mem_ctx,
2126 NT_STATUS_NOT_OK_RETURN(status);
2128 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1,
2132 status = query_USER_MODALS_INFO_2(mem_ctx,
2137 NT_STATUS_NOT_OK_RETURN(status);
2139 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2,
2143 status = query_USER_MODALS_INFO_3(mem_ctx,
2147 NT_STATUS_NOT_OK_RETURN(status);
2149 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3,
2156 NT_STATUS_HAVE_NO_MEMORY(*buffer);
2158 return NT_STATUS_OK;
2161 /****************************************************************
2162 ****************************************************************/
2164 WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx,
2165 struct NetUserModalsGet *r)
2167 struct cli_state *cli = NULL;
2168 struct rpc_pipe_client *pipe_cli = NULL;
2172 struct policy_handle connect_handle, domain_handle;
2173 struct dom_sid2 *domain_sid = NULL;
2174 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2176 ZERO_STRUCT(connect_handle);
2177 ZERO_STRUCT(domain_handle);
2179 if (!r->out.buffer) {
2180 return WERR_INVALID_PARAM;
2183 switch (r->in.level) {
2185 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2186 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
2190 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
2193 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1;
2196 werr = WERR_UNKNOWN_LEVEL;
2200 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2201 &ndr_table_samr.syntax_id,
2204 if (!W_ERROR_IS_OK(werr)) {
2208 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2209 SAMR_ACCESS_ENUM_DOMAINS |
2210 SAMR_ACCESS_OPEN_DOMAIN,
2215 if (!W_ERROR_IS_OK(werr)) {
2222 /* 3: 12 (DomainInfo2) */
2224 status = query_USER_MODALS_INFO_to_buffer(ctx,
2230 if (!NT_STATUS_IS_OK(status)) {
2231 werr = ntstatus_to_werror(status);
2240 if (ctx->disable_policy_handle_cache) {
2241 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2242 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2248 /****************************************************************
2249 ****************************************************************/
2251 WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx,
2252 struct NetUserModalsGet *r)
2254 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsGet);
2257 /****************************************************************
2258 ****************************************************************/
2260 static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
2261 struct rpc_pipe_client *pipe_cli,
2262 struct policy_handle *domain_handle,
2263 struct samr_DomInfo1 *info1,
2264 struct samr_DomInfo3 *info3,
2265 struct samr_DomInfo12 *info12)
2268 union samr_DomainInfo dom_info;
2272 ZERO_STRUCT(dom_info);
2274 dom_info.info1 = *info1;
2276 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2280 NT_STATUS_NOT_OK_RETURN(status);
2285 ZERO_STRUCT(dom_info);
2287 dom_info.info3 = *info3;
2289 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2294 NT_STATUS_NOT_OK_RETURN(status);
2299 ZERO_STRUCT(dom_info);
2301 dom_info.info12 = *info12;
2303 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2308 NT_STATUS_NOT_OK_RETURN(status);
2311 return NT_STATUS_OK;
2314 /****************************************************************
2315 ****************************************************************/
2317 static NTSTATUS set_USER_MODALS_INFO_0_buffer(TALLOC_CTX *mem_ctx,
2318 struct rpc_pipe_client *pipe_cli,
2319 struct policy_handle *domain_handle,
2320 struct USER_MODALS_INFO_0 *info0)
2323 struct samr_DomInfo1 dom_info_1;
2324 struct samr_DomInfo3 dom_info_3;
2326 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2335 NT_STATUS_NOT_OK_RETURN(status);
2337 dom_info_1.min_password_length =
2338 info0->usrmod0_min_passwd_len;
2339 dom_info_1.password_history_length =
2340 info0->usrmod0_password_hist_len;
2342 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2343 info0->usrmod0_max_passwd_age);
2344 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2345 info0->usrmod0_min_passwd_age);
2347 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2348 info0->usrmod0_force_logoff);
2350 return set_USER_MODALS_INFO_rpc(mem_ctx,
2358 /****************************************************************
2359 ****************************************************************/
2361 static NTSTATUS set_USER_MODALS_INFO_3_buffer(TALLOC_CTX *mem_ctx,
2362 struct rpc_pipe_client *pipe_cli,
2363 struct policy_handle *domain_handle,
2364 struct USER_MODALS_INFO_3 *info3)
2367 struct samr_DomInfo12 dom_info_12;
2369 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2378 NT_STATUS_NOT_OK_RETURN(status);
2380 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_duration,
2381 info3->usrmod3_lockout_duration);
2382 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_window,
2383 info3->usrmod3_lockout_observation_window);
2384 dom_info_12.lockout_threshold = info3->usrmod3_lockout_threshold;
2386 return set_USER_MODALS_INFO_rpc(mem_ctx,
2394 /****************************************************************
2395 ****************************************************************/
2397 static NTSTATUS set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX *mem_ctx,
2398 struct rpc_pipe_client *pipe_cli,
2399 struct policy_handle *domain_handle,
2400 struct USER_MODALS_INFO_1001 *info1001)
2403 struct samr_DomInfo1 dom_info_1;
2405 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2414 NT_STATUS_NOT_OK_RETURN(status);
2416 dom_info_1.min_password_length =
2417 info1001->usrmod1001_min_passwd_len;
2419 return set_USER_MODALS_INFO_rpc(mem_ctx,
2427 /****************************************************************
2428 ****************************************************************/
2430 static NTSTATUS set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX *mem_ctx,
2431 struct rpc_pipe_client *pipe_cli,
2432 struct policy_handle *domain_handle,
2433 struct USER_MODALS_INFO_1002 *info1002)
2436 struct samr_DomInfo1 dom_info_1;
2438 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2447 NT_STATUS_NOT_OK_RETURN(status);
2449 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2450 info1002->usrmod1002_max_passwd_age);
2452 return set_USER_MODALS_INFO_rpc(mem_ctx,
2460 /****************************************************************
2461 ****************************************************************/
2463 static NTSTATUS set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX *mem_ctx,
2464 struct rpc_pipe_client *pipe_cli,
2465 struct policy_handle *domain_handle,
2466 struct USER_MODALS_INFO_1003 *info1003)
2469 struct samr_DomInfo1 dom_info_1;
2471 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2480 NT_STATUS_NOT_OK_RETURN(status);
2482 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2483 info1003->usrmod1003_min_passwd_age);
2485 return set_USER_MODALS_INFO_rpc(mem_ctx,
2493 /****************************************************************
2494 ****************************************************************/
2496 static NTSTATUS set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX *mem_ctx,
2497 struct rpc_pipe_client *pipe_cli,
2498 struct policy_handle *domain_handle,
2499 struct USER_MODALS_INFO_1004 *info1004)
2502 struct samr_DomInfo3 dom_info_3;
2504 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2513 NT_STATUS_NOT_OK_RETURN(status);
2515 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2516 info1004->usrmod1004_force_logoff);
2518 return set_USER_MODALS_INFO_rpc(mem_ctx,
2526 /****************************************************************
2527 ****************************************************************/
2529 static NTSTATUS set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX *mem_ctx,
2530 struct rpc_pipe_client *pipe_cli,
2531 struct policy_handle *domain_handle,
2532 struct USER_MODALS_INFO_1005 *info1005)
2535 struct samr_DomInfo1 dom_info_1;
2537 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2546 NT_STATUS_NOT_OK_RETURN(status);
2548 dom_info_1.password_history_length =
2549 info1005->usrmod1005_password_hist_len;
2551 return set_USER_MODALS_INFO_rpc(mem_ctx,
2559 /****************************************************************
2560 ****************************************************************/
2562 static NTSTATUS set_USER_MODALS_INFO_buffer(TALLOC_CTX *mem_ctx,
2563 struct rpc_pipe_client *pipe_cli,
2565 struct policy_handle *domain_handle,
2566 struct dom_sid *domain_sid,
2569 struct USER_MODALS_INFO_0 *info0;
2570 struct USER_MODALS_INFO_3 *info3;
2571 struct USER_MODALS_INFO_1001 *info1001;
2572 struct USER_MODALS_INFO_1002 *info1002;
2573 struct USER_MODALS_INFO_1003 *info1003;
2574 struct USER_MODALS_INFO_1004 *info1004;
2575 struct USER_MODALS_INFO_1005 *info1005;
2578 return ERROR_INSUFFICIENT_BUFFER;
2583 info0 = (struct USER_MODALS_INFO_0 *)buffer;
2584 return set_USER_MODALS_INFO_0_buffer(mem_ctx,
2589 info3 = (struct USER_MODALS_INFO_3 *)buffer;
2590 return set_USER_MODALS_INFO_3_buffer(mem_ctx,
2595 info1001 = (struct USER_MODALS_INFO_1001 *)buffer;
2596 return set_USER_MODALS_INFO_1001_buffer(mem_ctx,
2601 info1002 = (struct USER_MODALS_INFO_1002 *)buffer;
2602 return set_USER_MODALS_INFO_1002_buffer(mem_ctx,
2607 info1003 = (struct USER_MODALS_INFO_1003 *)buffer;
2608 return set_USER_MODALS_INFO_1003_buffer(mem_ctx,
2613 info1004 = (struct USER_MODALS_INFO_1004 *)buffer;
2614 return set_USER_MODALS_INFO_1004_buffer(mem_ctx,
2619 info1005 = (struct USER_MODALS_INFO_1005 *)buffer;
2620 return set_USER_MODALS_INFO_1005_buffer(mem_ctx,
2629 return NT_STATUS_OK;
2632 /****************************************************************
2633 ****************************************************************/
2635 WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx,
2636 struct NetUserModalsSet *r)
2638 struct cli_state *cli = NULL;
2639 struct rpc_pipe_client *pipe_cli = NULL;
2643 struct policy_handle connect_handle, domain_handle;
2644 struct dom_sid2 *domain_sid = NULL;
2645 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2647 ZERO_STRUCT(connect_handle);
2648 ZERO_STRUCT(domain_handle);
2650 if (!r->in.buffer) {
2651 return WERR_INVALID_PARAM;
2654 switch (r->in.level) {
2656 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2657 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2658 SAMR_DOMAIN_ACCESS_SET_INFO_1 |
2659 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2666 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2667 SAMR_DOMAIN_ACCESS_SET_INFO_1;
2670 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2671 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2677 werr = WERR_NOT_SUPPORTED;
2680 werr = WERR_UNKNOWN_LEVEL;
2684 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2685 &ndr_table_samr.syntax_id,
2688 if (!W_ERROR_IS_OK(werr)) {
2692 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2693 SAMR_ACCESS_ENUM_DOMAINS |
2694 SAMR_ACCESS_OPEN_DOMAIN,
2699 if (!W_ERROR_IS_OK(werr)) {
2703 status = set_USER_MODALS_INFO_buffer(ctx,
2709 if (!NT_STATUS_IS_OK(status)) {
2710 werr = ntstatus_to_werror(status);
2719 if (ctx->disable_policy_handle_cache) {
2720 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2721 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2727 /****************************************************************
2728 ****************************************************************/
2730 WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx,
2731 struct NetUserModalsSet *r)
2733 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet);
2736 /****************************************************************
2737 ****************************************************************/
2739 static NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx,
2741 const char *group_name,
2742 uint32_t attributes,
2744 uint32_t *num_entries)
2746 struct GROUP_USERS_INFO_0 u0;
2747 struct GROUP_USERS_INFO_1 u1;
2751 u0.grui0_name = talloc_strdup(mem_ctx, group_name);
2752 NT_STATUS_HAVE_NO_MEMORY(u0.grui0_name);
2754 ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_0, u0,
2755 (struct GROUP_USERS_INFO_0 **)buffer, num_entries);
2758 u1.grui1_name = talloc_strdup(mem_ctx, group_name);
2759 NT_STATUS_HAVE_NO_MEMORY(u1.grui1_name);
2761 u1.grui1_attributes = attributes;
2763 ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_1, u1,
2764 (struct GROUP_USERS_INFO_1 **)buffer, num_entries);
2767 return NT_STATUS_INVALID_INFO_CLASS;
2770 return NT_STATUS_OK;
2773 /****************************************************************
2774 ****************************************************************/
2776 WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx,
2777 struct NetUserGetGroups *r)
2779 struct cli_state *cli = NULL;
2780 struct rpc_pipe_client *pipe_cli = NULL;
2781 struct policy_handle connect_handle, domain_handle, user_handle;
2782 struct lsa_String lsa_account_name;
2783 struct dom_sid2 *domain_sid = NULL;
2784 struct samr_Ids user_rids, name_types;
2785 struct samr_RidWithAttributeArray *rid_array = NULL;
2786 struct lsa_Strings names;
2787 struct samr_Ids types;
2788 uint32_t *rids = NULL;
2791 uint32_t entries_read = 0;
2793 NTSTATUS status = NT_STATUS_OK;
2796 ZERO_STRUCT(connect_handle);
2797 ZERO_STRUCT(domain_handle);
2799 if (!r->out.buffer) {
2800 return WERR_INVALID_PARAM;
2803 *r->out.buffer = NULL;
2804 *r->out.entries_read = 0;
2806 switch (r->in.level) {
2811 return WERR_UNKNOWN_LEVEL;
2814 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2815 &ndr_table_samr.syntax_id,
2818 if (!W_ERROR_IS_OK(werr)) {
2822 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2823 SAMR_ACCESS_ENUM_DOMAINS |
2824 SAMR_ACCESS_OPEN_DOMAIN,
2825 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2829 if (!W_ERROR_IS_OK(werr)) {
2833 init_lsa_String(&lsa_account_name, r->in.user_name);
2835 status = rpccli_samr_LookupNames(pipe_cli, ctx,
2841 if (!NT_STATUS_IS_OK(status)) {
2842 werr = ntstatus_to_werror(status);
2846 status = rpccli_samr_OpenUser(pipe_cli, ctx,
2848 SAMR_USER_ACCESS_GET_GROUPS,
2851 if (!NT_STATUS_IS_OK(status)) {
2852 werr = ntstatus_to_werror(status);
2856 status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx,
2859 if (!NT_STATUS_IS_OK(status)) {
2860 werr = ntstatus_to_werror(status);
2864 rids = talloc_array(ctx, uint32_t, rid_array->count);
2870 for (i=0; i < rid_array->count; i++) {
2871 rids[i] = rid_array->rids[i].rid;
2874 status = rpccli_samr_LookupRids(pipe_cli, ctx,
2880 if (!NT_STATUS_IS_OK(status)) {
2881 werr = ntstatus_to_werror(status);
2885 for (i=0; i < rid_array->count; i++) {
2886 status = add_GROUP_USERS_INFO_X_buffer(ctx,
2888 names.names[i].string,
2889 rid_array->rids[i].attributes,
2892 if (!NT_STATUS_IS_OK(status)) {
2893 werr = ntstatus_to_werror(status);
2898 if (r->out.entries_read) {
2899 *r->out.entries_read = entries_read;
2901 if (r->out.total_entries) {
2902 *r->out.total_entries = entries_read;
2910 if (ctx->disable_policy_handle_cache) {
2911 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2912 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2918 /****************************************************************
2919 ****************************************************************/
2921 WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx,
2922 struct NetUserGetGroups *r)
2924 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups);
git.samba.org / ira / wip.git / blob