2 Unix SMB/CIFS implementation.
3 SAM_ACCOUNT access routines
4 Copyright (C) Jeremy Allison 1996-2001
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
6 Copyright (C) Gerald (Jerry) Carter 2000-2001
7 Copyright (C) Andrew Bartlett 2001-2002
8 Copyright (C) Stefan (metze) Metzmacher 2002
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 #define DBGC_CLASS DBGC_PASSDB
31 * @todo Redefine this to NULL, but this changes the API because
32 * much of samba assumes that the pdb_get...() funtions
33 * return pstrings. (ie not null-pointers).
34 * See also pdb_fill_default_sam().
37 #define PDB_NOT_QUITE_NULL ""
39 /*********************************************************************
40 Collection of get...() functions for SAM_ACCOUNT.
41 ********************************************************************/
43 uint16 pdb_get_acct_ctrl (const SAM_ACCOUNT *sampass)
46 return (sampass->private.acct_ctrl);
48 return (ACB_DISABLED);
51 time_t pdb_get_logon_time (const SAM_ACCOUNT *sampass)
54 return (sampass->private.logon_time);
59 time_t pdb_get_logoff_time (const SAM_ACCOUNT *sampass)
62 return (sampass->private.logoff_time);
67 time_t pdb_get_kickoff_time (const SAM_ACCOUNT *sampass)
70 return (sampass->private.kickoff_time);
75 time_t pdb_get_bad_password_time (const SAM_ACCOUNT *sampass)
78 return (sampass->private.bad_password_time);
83 time_t pdb_get_pass_last_set_time (const SAM_ACCOUNT *sampass)
86 return (sampass->private.pass_last_set_time);
91 time_t pdb_get_pass_can_change_time (const SAM_ACCOUNT *sampass)
94 return (sampass->private.pass_can_change_time);
99 time_t pdb_get_pass_must_change_time (const SAM_ACCOUNT *sampass)
102 return (sampass->private.pass_must_change_time);
107 uint16 pdb_get_logon_divs (const SAM_ACCOUNT *sampass)
110 return (sampass->private.logon_divs);
115 uint32 pdb_get_hours_len (const SAM_ACCOUNT *sampass)
118 return (sampass->private.hours_len);
123 const uint8* pdb_get_hours (const SAM_ACCOUNT *sampass)
126 return (sampass->private.hours);
131 const uint8* pdb_get_nt_passwd (const SAM_ACCOUNT *sampass)
134 SMB_ASSERT((!sampass->private.nt_pw.data)
135 || sampass->private.nt_pw.length == NT_HASH_LEN);
136 return ((uint8*)sampass->private.nt_pw.data);
142 const uint8* pdb_get_lanman_passwd (const SAM_ACCOUNT *sampass)
145 SMB_ASSERT((!sampass->private.lm_pw.data)
146 || sampass->private.lm_pw.length == LM_HASH_LEN);
147 return ((uint8*)sampass->private.lm_pw.data);
153 /* Return the plaintext password if known. Most of the time
154 it isn't, so don't assume anything magic about this function.
156 Used to pass the plaintext to passdb backends that might
157 want to store more than just the NTLM hashes.
159 const char* pdb_get_plaintext_passwd (const SAM_ACCOUNT *sampass)
162 return (sampass->private.plaintext_pw);
167 const DOM_SID *pdb_get_user_sid(const SAM_ACCOUNT *sampass)
170 return &sampass->private.user_sid;
175 const DOM_SID *pdb_get_group_sid(const SAM_ACCOUNT *sampass)
178 return &sampass->private.group_sid;
184 * Get flags showing what is initalised in the SAM_ACCOUNT
185 * @param sampass the SAM_ACCOUNT in question
186 * @return the flags indicating the members initialised in the struct.
189 enum pdb_value_state pdb_get_init_flags (const SAM_ACCOUNT *sampass, enum pdb_elements element)
191 enum pdb_value_state ret = PDB_DEFAULT;
193 if (!sampass || !sampass->private.change_flags || !sampass->private.set_flags)
196 if (bitmap_query(sampass->private.set_flags, element)) {
197 DEBUG(11, ("element %d: SET\n", element));
201 if (bitmap_query(sampass->private.change_flags, element)) {
202 DEBUG(11, ("element %d: CHANGED\n", element));
206 if (ret == PDB_DEFAULT) {
207 DEBUG(11, ("element %d: DEFAULT\n", element));
213 const char* pdb_get_username (const SAM_ACCOUNT *sampass)
216 return (sampass->private.username);
221 const char* pdb_get_domain (const SAM_ACCOUNT *sampass)
224 return (sampass->private.domain);
229 const char* pdb_get_nt_username (const SAM_ACCOUNT *sampass)
232 return (sampass->private.nt_username);
237 const char* pdb_get_fullname (const SAM_ACCOUNT *sampass)
240 return (sampass->private.full_name);
245 const char* pdb_get_homedir (const SAM_ACCOUNT *sampass)
248 return (sampass->private.home_dir);
253 const char* pdb_get_unix_homedir (const SAM_ACCOUNT *sampass)
256 return (sampass->private.unix_home_dir);
261 const char* pdb_get_dir_drive (const SAM_ACCOUNT *sampass)
264 return (sampass->private.dir_drive);
269 const char* pdb_get_logon_script (const SAM_ACCOUNT *sampass)
272 return (sampass->private.logon_script);
277 const char* pdb_get_profile_path (const SAM_ACCOUNT *sampass)
280 return (sampass->private.profile_path);
285 const char* pdb_get_acct_desc (const SAM_ACCOUNT *sampass)
288 return (sampass->private.acct_desc);
293 const char* pdb_get_workstations (const SAM_ACCOUNT *sampass)
296 return (sampass->private.workstations);
301 const char* pdb_get_unknown_str (const SAM_ACCOUNT *sampass)
304 return (sampass->private.unknown_str);
309 const char* pdb_get_munged_dial (const SAM_ACCOUNT *sampass)
312 return (sampass->private.munged_dial);
317 uint16 pdb_get_bad_password_count(const SAM_ACCOUNT *sampass)
320 return (sampass->private.bad_password_count);
325 uint16 pdb_get_logon_count(const SAM_ACCOUNT *sampass)
328 return (sampass->private.logon_count);
333 uint32 pdb_get_unknown_6 (const SAM_ACCOUNT *sampass)
336 return (sampass->private.unknown_6);
341 void *pdb_get_backend_private_data (const SAM_ACCOUNT *sampass, const struct pdb_methods *my_methods)
343 if (sampass && my_methods == sampass->private.backend_private_methods)
344 return sampass->private.backend_private_data;
349 /*********************************************************************
350 Collection of set...() functions for SAM_ACCOUNT.
351 ********************************************************************/
353 BOOL pdb_set_acct_ctrl (SAM_ACCOUNT *sampass, uint16 acct_ctrl, enum pdb_value_state flag)
358 sampass->private.acct_ctrl = acct_ctrl;
360 return pdb_set_init_flags(sampass, PDB_ACCTCTRL, flag);
363 BOOL pdb_set_logon_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
368 sampass->private.logon_time = mytime;
370 return pdb_set_init_flags(sampass, PDB_LOGONTIME, flag);
373 BOOL pdb_set_logoff_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
378 sampass->private.logoff_time = mytime;
380 return pdb_set_init_flags(sampass, PDB_LOGOFFTIME, flag);
383 BOOL pdb_set_kickoff_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
388 sampass->private.kickoff_time = mytime;
390 return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
393 BOOL pdb_set_bad_password_time (SAM_ACCOUNT *sampass, time_t mytime,
394 enum pdb_value_state flag)
399 sampass->private.bad_password_time = mytime;
401 return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_TIME, flag);
404 BOOL pdb_set_pass_can_change_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
409 sampass->private.pass_can_change_time = mytime;
411 return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
414 BOOL pdb_set_pass_must_change_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
419 sampass->private.pass_must_change_time = mytime;
421 return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
424 BOOL pdb_set_pass_last_set_time (SAM_ACCOUNT *sampass, time_t mytime, enum pdb_value_state flag)
429 sampass->private.pass_last_set_time = mytime;
431 return pdb_set_init_flags(sampass, PDB_PASSLASTSET, flag);
434 BOOL pdb_set_hours_len (SAM_ACCOUNT *sampass, uint32 len, enum pdb_value_state flag)
439 sampass->private.hours_len = len;
441 return pdb_set_init_flags(sampass, PDB_HOURSLEN, flag);
444 BOOL pdb_set_logon_divs (SAM_ACCOUNT *sampass, uint16 hours, enum pdb_value_state flag)
449 sampass->private.logon_divs = hours;
451 return pdb_set_init_flags(sampass, PDB_LOGONDIVS, flag);
455 * Set flags showing what is initalised in the SAM_ACCOUNT
456 * @param sampass the SAM_ACCOUNT in question
457 * @param flag The *new* flag to be set. Old flags preserved
458 * this flag is only added.
461 BOOL pdb_set_init_flags (SAM_ACCOUNT *sampass, enum pdb_elements element, enum pdb_value_state value_flag)
463 if (!sampass || !sampass->mem_ctx)
466 if (!sampass->private.set_flags) {
467 if ((sampass->private.set_flags =
468 bitmap_talloc(sampass->mem_ctx,
470 DEBUG(0,("bitmap_talloc failed\n"));
474 if (!sampass->private.change_flags) {
475 if ((sampass->private.change_flags =
476 bitmap_talloc(sampass->mem_ctx,
478 DEBUG(0,("bitmap_talloc failed\n"));
485 if (!bitmap_set(sampass->private.change_flags, element)) {
486 DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
489 if (!bitmap_set(sampass->private.set_flags, element)) {
490 DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
493 DEBUG(11, ("element %d -> now CHANGED\n", element));
496 if (!bitmap_clear(sampass->private.change_flags, element)) {
497 DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
500 if (!bitmap_set(sampass->private.set_flags, element)) {
501 DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
504 DEBUG(10, ("element %d -> now SET\n", element));
508 if (!bitmap_clear(sampass->private.change_flags, element)) {
509 DEBUG(0,("Can't set flag: %d in change_flags.\n",element));
512 if (!bitmap_clear(sampass->private.set_flags, element)) {
513 DEBUG(0,("Can't set flag: %d in set_flags.\n",element));
516 DEBUG(11, ("element %d -> now DEFAULT\n", element));
523 BOOL pdb_set_user_sid (SAM_ACCOUNT *sampass, const DOM_SID *u_sid, enum pdb_value_state flag)
525 if (!sampass || !u_sid)
528 sid_copy(&sampass->private.user_sid, u_sid);
530 DEBUG(10, ("pdb_set_user_sid: setting user sid %s\n",
531 sid_string_static(&sampass->private.user_sid)));
533 return pdb_set_init_flags(sampass, PDB_USERSID, flag);
536 BOOL pdb_set_user_sid_from_string (SAM_ACCOUNT *sampass, fstring u_sid, enum pdb_value_state flag)
540 if (!sampass || !u_sid)
543 DEBUG(10, ("pdb_set_user_sid_from_string: setting user sid %s\n",
546 if (!string_to_sid(&new_sid, u_sid)) {
547 DEBUG(1, ("pdb_set_user_sid_from_string: %s isn't a valid SID!\n", u_sid));
551 if (!pdb_set_user_sid(sampass, &new_sid, flag)) {
552 DEBUG(1, ("pdb_set_user_sid_from_string: could not set sid %s on SAM_ACCOUNT!\n", u_sid));
559 BOOL pdb_set_group_sid (SAM_ACCOUNT *sampass, const DOM_SID *g_sid, enum pdb_value_state flag)
561 if (!sampass || !g_sid)
564 sid_copy(&sampass->private.group_sid, g_sid);
566 DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n",
567 sid_string_static(&sampass->private.group_sid)));
569 return pdb_set_init_flags(sampass, PDB_GROUPSID, flag);
572 BOOL pdb_set_group_sid_from_string (SAM_ACCOUNT *sampass, fstring g_sid, enum pdb_value_state flag)
575 if (!sampass || !g_sid)
578 DEBUG(10, ("pdb_set_group_sid_from_string: setting group sid %s\n",
581 if (!string_to_sid(&new_sid, g_sid)) {
582 DEBUG(1, ("pdb_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid));
586 if (!pdb_set_group_sid(sampass, &new_sid, flag)) {
587 DEBUG(1, ("pdb_set_group_sid_from_string: could not set sid %s on SAM_ACCOUNT!\n", g_sid));
593 /*********************************************************************
594 Set the user's UNIX name.
595 ********************************************************************/
597 BOOL pdb_set_username(SAM_ACCOUNT *sampass, const char *username, enum pdb_value_state flag)
603 DEBUG(10, ("pdb_set_username: setting username %s, was %s\n", username,
604 (sampass->private.username)?(sampass->private.username):"NULL"));
606 sampass->private.username = talloc_strdup(sampass->mem_ctx, username);
608 if (!sampass->private.username) {
609 DEBUG(0, ("pdb_set_username: talloc_strdup() failed!\n"));
614 sampass->private.username = PDB_NOT_QUITE_NULL;
617 return pdb_set_init_flags(sampass, PDB_USERNAME, flag);
620 /*********************************************************************
622 ********************************************************************/
624 BOOL pdb_set_domain(SAM_ACCOUNT *sampass, const char *domain, enum pdb_value_state flag)
630 DEBUG(10, ("pdb_set_domain: setting domain %s, was %s\n", domain,
631 (sampass->private.domain)?(sampass->private.domain):"NULL"));
633 sampass->private.domain = talloc_strdup(sampass->mem_ctx, domain);
635 if (!sampass->private.domain) {
636 DEBUG(0, ("pdb_set_domain: talloc_strdup() failed!\n"));
641 sampass->private.domain = PDB_NOT_QUITE_NULL;
644 return pdb_set_init_flags(sampass, PDB_DOMAIN, flag);
647 /*********************************************************************
648 Set the user's NT name.
649 ********************************************************************/
651 BOOL pdb_set_nt_username(SAM_ACCOUNT *sampass, const char *nt_username, enum pdb_value_state flag)
657 DEBUG(10, ("pdb_set_nt_username: setting nt username %s, was %s\n", nt_username,
658 (sampass->private.nt_username)?(sampass->private.nt_username):"NULL"));
660 sampass->private.nt_username = talloc_strdup(sampass->mem_ctx, nt_username);
662 if (!sampass->private.nt_username) {
663 DEBUG(0, ("pdb_set_nt_username: talloc_strdup() failed!\n"));
668 sampass->private.nt_username = PDB_NOT_QUITE_NULL;
671 return pdb_set_init_flags(sampass, PDB_NTUSERNAME, flag);
674 /*********************************************************************
675 Set the user's full name.
676 ********************************************************************/
678 BOOL pdb_set_fullname(SAM_ACCOUNT *sampass, const char *full_name, enum pdb_value_state flag)
684 DEBUG(10, ("pdb_set_full_name: setting full name %s, was %s\n", full_name,
685 (sampass->private.full_name)?(sampass->private.full_name):"NULL"));
687 sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
689 if (!sampass->private.full_name) {
690 DEBUG(0, ("pdb_set_fullname: talloc_strdup() failed!\n"));
695 sampass->private.full_name = PDB_NOT_QUITE_NULL;
698 return pdb_set_init_flags(sampass, PDB_FULLNAME, flag);
701 /*********************************************************************
702 Set the user's logon script.
703 ********************************************************************/
705 BOOL pdb_set_logon_script(SAM_ACCOUNT *sampass, const char *logon_script, enum pdb_value_state flag)
711 DEBUG(10, ("pdb_set_logon_script: setting logon script %s, was %s\n", logon_script,
712 (sampass->private.logon_script)?(sampass->private.logon_script):"NULL"));
714 sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
716 if (!sampass->private.logon_script) {
717 DEBUG(0, ("pdb_set_logon_script: talloc_strdup() failed!\n"));
722 sampass->private.logon_script = PDB_NOT_QUITE_NULL;
725 return pdb_set_init_flags(sampass, PDB_LOGONSCRIPT, flag);
728 /*********************************************************************
729 Set the user's profile path.
730 ********************************************************************/
732 BOOL pdb_set_profile_path (SAM_ACCOUNT *sampass, const char *profile_path, enum pdb_value_state flag)
738 DEBUG(10, ("pdb_set_profile_path: setting profile path %s, was %s\n", profile_path,
739 (sampass->private.profile_path)?(sampass->private.profile_path):"NULL"));
741 sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
743 if (!sampass->private.profile_path) {
744 DEBUG(0, ("pdb_set_profile_path: talloc_strdup() failed!\n"));
749 sampass->private.profile_path = PDB_NOT_QUITE_NULL;
752 return pdb_set_init_flags(sampass, PDB_PROFILE, flag);
755 /*********************************************************************
756 Set the user's directory drive.
757 ********************************************************************/
759 BOOL pdb_set_dir_drive (SAM_ACCOUNT *sampass, const char *dir_drive, enum pdb_value_state flag)
765 DEBUG(10, ("pdb_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
766 (sampass->private.dir_drive)?(sampass->private.dir_drive):"NULL"));
768 sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
770 if (!sampass->private.dir_drive) {
771 DEBUG(0, ("pdb_set_dir_drive: talloc_strdup() failed!\n"));
776 sampass->private.dir_drive = PDB_NOT_QUITE_NULL;
779 return pdb_set_init_flags(sampass, PDB_DRIVE, flag);
782 /*********************************************************************
783 Set the user's home directory.
784 ********************************************************************/
786 BOOL pdb_set_homedir (SAM_ACCOUNT *sampass, const char *home_dir, enum pdb_value_state flag)
792 DEBUG(10, ("pdb_set_homedir: setting home dir %s, was %s\n", home_dir,
793 (sampass->private.home_dir)?(sampass->private.home_dir):"NULL"));
795 sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
797 if (!sampass->private.home_dir) {
798 DEBUG(0, ("pdb_set_home_dir: talloc_strdup() failed!\n"));
803 sampass->private.home_dir = PDB_NOT_QUITE_NULL;
806 return pdb_set_init_flags(sampass, PDB_SMBHOME, flag);
809 /*********************************************************************
810 Set the user's unix home directory.
811 ********************************************************************/
813 BOOL pdb_set_unix_homedir (SAM_ACCOUNT *sampass, const char *unix_home_dir, enum pdb_value_state flag)
819 DEBUG(10, ("pdb_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir,
820 (sampass->private.unix_home_dir)?(sampass->private.unix_home_dir):"NULL"));
822 sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx,
825 if (!sampass->private.unix_home_dir) {
826 DEBUG(0, ("pdb_set_unix_home_dir: talloc_strdup() failed!\n"));
831 sampass->private.unix_home_dir = PDB_NOT_QUITE_NULL;
834 return pdb_set_init_flags(sampass, PDB_UNIXHOMEDIR, flag);
837 /*********************************************************************
838 Set the user's account description.
839 ********************************************************************/
841 BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc, enum pdb_value_state flag)
847 sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
849 if (!sampass->private.acct_desc) {
850 DEBUG(0, ("pdb_set_acct_desc: talloc_strdup() failed!\n"));
855 sampass->private.acct_desc = PDB_NOT_QUITE_NULL;
858 return pdb_set_init_flags(sampass, PDB_ACCTDESC, flag);
861 /*********************************************************************
862 Set the user's workstation allowed list.
863 ********************************************************************/
865 BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations, enum pdb_value_state flag)
871 DEBUG(10, ("pdb_set_workstations: setting workstations %s, was %s\n", workstations,
872 (sampass->private.workstations)?(sampass->private.workstations):"NULL"));
874 sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
876 if (!sampass->private.workstations) {
877 DEBUG(0, ("pdb_set_workstations: talloc_strdup() failed!\n"));
882 sampass->private.workstations = PDB_NOT_QUITE_NULL;
885 return pdb_set_init_flags(sampass, PDB_WORKSTATIONS, flag);
888 /*********************************************************************
889 Set the user's 'unknown_str', whatever the heck this actually is...
890 ********************************************************************/
892 BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str, enum pdb_value_state flag)
898 sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
900 if (!sampass->private.unknown_str) {
901 DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
906 sampass->private.unknown_str = PDB_NOT_QUITE_NULL;
909 return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag);
912 /*********************************************************************
913 Set the user's dial string.
914 ********************************************************************/
916 BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial, enum pdb_value_state flag)
922 sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
924 if (!sampass->private.munged_dial) {
925 DEBUG(0, ("pdb_set_munged_dial: talloc_strdup() failed!\n"));
930 sampass->private.munged_dial = PDB_NOT_QUITE_NULL;
933 return pdb_set_init_flags(sampass, PDB_MUNGEDDIAL, flag);
936 /*********************************************************************
937 Set the user's NT hash.
938 ********************************************************************/
940 BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag)
945 data_blob_clear_free(&sampass->private.nt_pw);
948 sampass->private.nt_pw = data_blob(pwd, NT_HASH_LEN);
950 sampass->private.nt_pw = data_blob(NULL, 0);
953 return pdb_set_init_flags(sampass, PDB_NTPASSWD, flag);
956 /*********************************************************************
957 Set the user's LM hash.
958 ********************************************************************/
960 BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag)
965 data_blob_clear_free(&sampass->private.lm_pw);
968 sampass->private.lm_pw = data_blob(pwd, LM_HASH_LEN);
970 sampass->private.lm_pw = data_blob(NULL, 0);
973 return pdb_set_init_flags(sampass, PDB_LMPASSWD, flag);
976 /*********************************************************************
977 Set the user's plaintext password only (base procedure, see helper
979 ********************************************************************/
981 BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password, enum pdb_value_state flag)
987 if (sampass->private.plaintext_pw!=NULL)
988 memset(sampass->private.plaintext_pw,'\0',strlen(sampass->private.plaintext_pw)+1);
990 sampass->private.plaintext_pw = talloc_strdup(sampass->mem_ctx, password);
992 if (!sampass->private.plaintext_pw) {
993 DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n"));
998 sampass->private.plaintext_pw = NULL;
1001 return pdb_set_init_flags(sampass, PDB_PLAINTEXT_PW, flag);
1004 BOOL pdb_set_bad_password_count(SAM_ACCOUNT *sampass, uint16 bad_password_count, enum pdb_value_state flag)
1009 sampass->private.bad_password_count = bad_password_count;
1011 return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_COUNT, flag);
1014 BOOL pdb_set_logon_count(SAM_ACCOUNT *sampass, uint16 logon_count, enum pdb_value_state flag)
1019 sampass->private.logon_count = logon_count;
1021 return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);
1024 BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag)
1029 sampass->private.unknown_6 = unkn;
1031 return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);
1034 BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours, enum pdb_value_state flag)
1040 memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
1044 memcpy (sampass->private.hours, hours, MAX_HOURS_LEN);
1046 return pdb_set_init_flags(sampass, PDB_HOURS, flag);
1049 BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data,
1050 void (*free_fn)(void **),
1051 const struct pdb_methods *my_methods,
1052 enum pdb_value_state flag)
1057 if (sampass->private.backend_private_data && sampass->private.backend_private_data_free_fn) {
1058 sampass->private.backend_private_data_free_fn(&sampass->private.backend_private_data);
1061 sampass->private.backend_private_data = private_data;
1062 sampass->private.backend_private_data_free_fn = free_fn;
1063 sampass->private.backend_private_methods = my_methods;
1065 return pdb_set_init_flags(sampass, PDB_BACKEND_PRIVATE_DATA, flag);
1069 /* Helpful interfaces to the above */
1071 /*********************************************************************
1072 Sets the last changed times and must change times for a normal
1074 ********************************************************************/
1076 BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass)
1084 if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED))
1087 if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire)
1088 || (expire==(uint32)-1) || (expire == 0)) {
1089 if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), PDB_CHANGED))
1092 if (!pdb_set_pass_must_change_time (sampass,
1093 pdb_get_pass_last_set_time(sampass)
1094 + expire, PDB_CHANGED))
1098 if (!account_policy_get(AP_MIN_PASSWORD_AGE, &min_age)
1099 || (min_age==(uint32)-1)) {
1100 if (!pdb_set_pass_can_change_time (sampass, 0, PDB_CHANGED))
1103 if (!pdb_set_pass_can_change_time (sampass,
1104 pdb_get_pass_last_set_time(sampass)
1105 + min_age, PDB_CHANGED))
1111 /*********************************************************************
1112 Set the user's PLAINTEXT password. Used as an interface to the above.
1113 Also sets the last change time to NOW.
1114 ********************************************************************/
1116 BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext)
1118 uchar new_lanman_p16[16];
1119 uchar new_nt_p16[16];
1121 if (!sampass || !plaintext)
1124 /* Calculate the MD4 hash (NT compatible) of the password */
1125 E_md4hash(plaintext, new_nt_p16);
1127 if (!pdb_set_nt_passwd (sampass, new_nt_p16, PDB_CHANGED))
1130 if (!E_deshash(plaintext, new_lanman_p16)) {
1131 /* E_deshash returns false for 'long' passwords (> 14
1132 DOS chars). This allows us to match Win2k, which
1133 does not store a LM hash for these passwords (which
1134 would reduce the effective password length to 14 */
1136 if (!pdb_set_lanman_passwd (sampass, NULL, PDB_CHANGED))
1139 if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED))
1143 if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED))
1146 if (!pdb_set_pass_changed_now (sampass))
1152 /* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */
1153 uint32 pdb_build_fields_present (SAM_ACCOUNT *sampass)
1155 /* value set to all for testing */