r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.

* Fix a couple of related parsing issues.
* in the info3 reply in a samlogon, return the ACB-flags (instead of
  returning zero)

Guenther
(This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)

diff --git a/examples/libmsrpc/test/sam/samenum.c b/examples/libmsrpc/test/sam/samenum.c
index 5b10475aacffa1f12240bce6a86b3204e6beabb9..f1b9ebdf84268258f412c1cb25b8910fd01275b7 100644 (file)
--- a/examples/libmsrpc/test/sam/samenum.c
+++ b/examples/libmsrpc/test/sam/samenum.c
@@ -51,7 +51,7 @@ int main(int argc, char **argv) {
             eu.in.dom_hnd = sod.out.dom_hnd;
             
             printf("ACB mask (can be 0): ");
-            scanf("%hx", &eu.in.acb_mask);
+            scanf("%x", &eu.in.acb_mask);
 
             while(cac_SamEnumUsers(hnd, mem_ctx, &eu)) {
                printf("Enumerated %d users:\n", eu.out.num_users);

diff --git a/examples/pdb/test.c b/examples/pdb/test.c
index 63eb1eaaf9714adc63780bce0bc2daaabb885eb4..68b5b9a3e5ada0e372cecc84e332a30a0ab30790 100644 (file)
--- a/examples/pdb/test.c
+++ b/examples/pdb/test.c
@@ -29,7 +29,7 @@ static int testsam_debug_level = DBGC_ALL;
  Start enumeration of the passwd list.
 ****************************************************************/
 
-static NTSTATUS testsam_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
+static NTSTATUS testsam_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
 {
        DEBUG(10, ("testsam_setsampwent called\n"));
        return NT_STATUS_NOT_IMPLEMENTED;

diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index f06eb83ba1a2983eb4560a39a838ce98368aee53..740170d73d028736131429346de6abc08e836144 100644 (file)
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -40,7 +40,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
                                DATA_BLOB *user_sess_key, 
                                DATA_BLOB *lm_sess_key)
 {
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        const uint8 *lm_pw, *nt_pw;
        const char *username = pdb_get_username(sampass);
 
@@ -116,7 +116,7 @@ static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx,
                               struct samu *sampass, 
                               const auth_usersupplied_info *user_info)
 {
-       uint16  acct_ctrl = pdb_get_acct_ctrl(sampass);
+       uint32  acct_ctrl = pdb_get_acct_ctrl(sampass);
        char *workstation_list;
        time_t kickoff_time;
        

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2de362cabeabef8e339ed407754e3be3740f1345..1f853e5eb90d1bf7fb6ca1819b5ff35f18dc0df4 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1598,6 +1598,11 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
                return NT_STATUS_NO_MEMORY;
        }
 
+       if (!pdb_set_acct_ctrl(sam_account, info3->acct_flags, PDB_CHANGED)) {
+               TALLOC_FREE(sam_account);
+               return NT_STATUS_NO_MEMORY;
+       }
+
        result = make_server_info(NULL);
        if (result == NULL) {
                DEBUG(4, ("make_server_info failed!\n"));

diff --git a/source3/include/libmsrpc.h b/source3/include/libmsrpc.h
index 9fbd57a8d3202374f61049fca510e82413bb3b7c..36bae44177574a441f3dd766a9e65d144c9579b1 100644 (file)
--- a/source3/include/libmsrpc.h
+++ b/source3/include/libmsrpc.h
@@ -1761,7 +1761,7 @@ struct SamEnumUsers {
       POLICY_HND *dom_hnd;
 
       /**Enumerate users with specific ACB. If 0, all users will be enumerated*/
-      uint16 acb_mask;
+      uint32 acb_mask;
    } in;
 
    struct {

diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 0e64653fe6b3fbf633217713ca130a7ec36e0cb5..a9688c6f81834bb39ccd52f71f7bf3659e5b566f 100644 (file)
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -130,7 +130,7 @@ enum pdb_value_state {
 /* cache for bad password lockout data, to be used on replicated SAMs */
 typedef struct logon_cache_struct {
        time_t entry_timestamp;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        uint16 bad_password_count;
        time_t bad_password_time;
 } LOGIN_CACHE;
@@ -171,7 +171,7 @@ struct samu {
        DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
        char* plaintext_pw; /* is Null if not available */
                
-       uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
+       uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
        uint32 fields_present; /* 0x00ff ffff */
                
        uint16 logon_divs; /* 168 - number of hours in a week */
@@ -204,7 +204,7 @@ struct acct_info {
 struct samr_displayentry {
        uint32 idx;
        uint32 rid;
-       uint16 acct_flags;
+       uint32 acct_flags;
        const char *account_name;
        const char *fullname;
        const char *description;
@@ -248,7 +248,7 @@ struct pdb_methods
 {
        const char *name; /* What name got this module */
 
-       NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint16 acb_mask);
+       NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint32 acb_mask);
        
        void (*endsampwent)(struct pdb_methods *);
        
@@ -382,7 +382,7 @@ struct pdb_methods
 
        BOOL (*search_users)(struct pdb_methods *methods,
                             struct pdb_search *search,
-                            uint16 acct_flags);
+                            uint32 acct_flags);
        BOOL (*search_groups)(struct pdb_methods *methods,
                              struct pdb_search *search);
        BOOL (*search_aliases)(struct pdb_methods *methods,

diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index a9e3e0a08d91766898e63aa21e12d7640d45d34b..ccb4fc9e4405d8af232d20e9219376b4711493d4 100644 (file)
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -743,8 +743,7 @@ typedef struct q_samr_enum_dom_users_info
        POLICY_HND pol;          /* policy handle */
 
        uint32 start_idx;   /* number of values (0 indicates unlimited?) */
-       uint16 acb_mask;          /* 0x0000 indicates all */
-       uint16 unknown_1;         /* 0x0000 */
+       uint32 acb_mask;          /* 0x0000 indicates all */
 
        uint32 max_size;              /* 0x0000 ffff */
 
@@ -847,7 +846,7 @@ typedef struct samr_entry_info1
        uint32 user_idx;
 
        uint32 rid_user;
-       uint16 acb_info;
+       uint32 acb_info;
 
        UNIHDR hdr_acct_name;
        UNIHDR hdr_user_name;
@@ -878,7 +877,7 @@ typedef struct samr_entry_info2
        uint32 user_idx;
 
        uint32 rid_user;
-       uint16 acb_info;
+       uint32 acb_info;
 
        UNIHDR hdr_srv_name;
        UNIHDR hdr_srv_desc;

diff --git a/source3/include/smb.h b/source3/include/smb.h
index fd3c23e57560f802c4e50e63372d3097a9f19d26..832f91f9bd123f46708a034b95d19c859a60faed 100644 (file)
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -243,6 +243,7 @@ typedef struct nttime_info {
 #define ACB_NOT_DELEGATED              0x00004000  /* 1 = Not delegated */
 #define ACB_USE_DES_KEY_ONLY           0x00008000  /* 1 = Use DES key only */
 #define ACB_DONT_REQUIRE_PREAUTH       0x00010000  /* 1 = Preauth not required */
+#define ACB_NO_AUTH_DATA_REQD          0x00080000  /* 1 = No authorization data required */
 
 #define MAX_HOURS_LEN 32
 

diff --git a/source3/libads/ads_utils.c b/source3/libads/ads_utils.c
index 1aad0bed547ed553ebc2541eae76e00c344e9ecc..0cbf235989efcf308ef5ddd948058779c98b12bf 100644 (file)
--- a/source3/libads/ads_utils.c
+++ b/source3/libads/ads_utils.c
@@ -25,21 +25,28 @@
 /* 
 translated the ACB_CTRL Flags to UserFlags (userAccountControl) 
 */ 
-uint32 ads_acb2uf(uint16 acb)
+uint32 ads_acb2uf(uint32 acb)
 {
        uint32 uf = 0x00000000;
        
-       if (acb & ACB_DISABLED)         uf |= UF_ACCOUNTDISABLE;
-       if (acb & ACB_HOMDIRREQ)        uf |= UF_HOMEDIR_REQUIRED;
-       if (acb & ACB_PWNOTREQ)         uf |= UF_PASSWD_NOTREQD;        
-       if (acb & ACB_TEMPDUP)          uf |= UF_TEMP_DUPLICATE_ACCOUNT;        
-       if (acb & ACB_NORMAL)           uf |= UF_NORMAL_ACCOUNT;
-       if (acb & ACB_MNS)              uf |= UF_MNS_LOGON_ACCOUNT;
-       if (acb & ACB_DOMTRUST)         uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
-       if (acb & ACB_WSTRUST)          uf |= UF_WORKSTATION_TRUST_ACCOUNT;
-       if (acb & ACB_SVRTRUST)         uf |= UF_SERVER_TRUST_ACCOUNT;
-       if (acb & ACB_PWNOEXP)          uf |= UF_DONT_EXPIRE_PASSWD;
-       if (acb & ACB_AUTOLOCK)         uf |= UF_LOCKOUT;
+       if (acb & ACB_DISABLED)                 uf |= UF_ACCOUNTDISABLE;
+       if (acb & ACB_HOMDIRREQ)                uf |= UF_HOMEDIR_REQUIRED;
+       if (acb & ACB_PWNOTREQ)                 uf |= UF_PASSWD_NOTREQD;        
+       if (acb & ACB_TEMPDUP)                  uf |= UF_TEMP_DUPLICATE_ACCOUNT;        
+       if (acb & ACB_NORMAL)                   uf |= UF_NORMAL_ACCOUNT;
+       if (acb & ACB_MNS)                      uf |= UF_MNS_LOGON_ACCOUNT;
+       if (acb & ACB_DOMTRUST)                 uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
+       if (acb & ACB_WSTRUST)                  uf |= UF_WORKSTATION_TRUST_ACCOUNT;
+       if (acb & ACB_SVRTRUST)                 uf |= UF_SERVER_TRUST_ACCOUNT;
+       if (acb & ACB_PWNOEXP)                  uf |= UF_DONT_EXPIRE_PASSWD;
+       if (acb & ACB_AUTOLOCK)                 uf |= UF_LOCKOUT;
+       if (acb & ACB_USE_DES_KEY_ONLY)         uf |= UF_USE_DES_KEY_ONLY;
+       if (acb & ACB_SMARTCARD_REQUIRED)       uf |= UF_SMARTCARD_REQUIRED;
+       if (acb & ACB_TRUSTED_FOR_DELEGATION)   uf |= UF_TRUSTED_FOR_DELEGATION;
+       if (acb & ACB_DONT_REQUIRE_PREAUTH)     uf |= UF_DONT_REQUIRE_PREAUTH;
+       if (acb & ACB_NO_AUTH_DATA_REQD)        uf |= UF_NO_AUTH_DATA_REQUIRED;
+       if (acb & ACB_NOT_DELEGATED)            uf |= UF_NOT_DELEGATED;
+       if (acb & ACB_ENC_TXT_PWD_ALLOWED)      uf |= UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED;
 
        return uf;
 }
@@ -47,9 +54,9 @@ uint32 ads_acb2uf(uint16 acb)
 /*
 translated the UserFlags (userAccountControl) to ACB_CTRL Flags
 */
-uint16 ads_uf2acb(uint32 uf)
+uint32 ads_uf2acb(uint32 uf)
 {
-       uint16 acb = 0x0000;
+       uint32 acb = 0x00000000;
        
        if (uf & UF_ACCOUNTDISABLE)             acb |= ACB_DISABLED;
        if (uf & UF_HOMEDIR_REQUIRED)           acb |= ACB_HOMDIRREQ;
@@ -57,6 +64,13 @@ uint16 ads_uf2acb(uint32 uf)
        if (uf & UF_MNS_LOGON_ACCOUNT)          acb |= ACB_MNS;
        if (uf & UF_DONT_EXPIRE_PASSWD)         acb |= ACB_PWNOEXP;
        if (uf & UF_LOCKOUT)                    acb |= ACB_AUTOLOCK;
+       if (uf & UF_USE_DES_KEY_ONLY)           acb |= ACB_USE_DES_KEY_ONLY;
+       if (uf & UF_SMARTCARD_REQUIRED)         acb |= ACB_SMARTCARD_REQUIRED;
+       if (uf & UF_TRUSTED_FOR_DELEGATION)     acb |= ACB_TRUSTED_FOR_DELEGATION;
+       if (uf & UF_DONT_REQUIRE_PREAUTH)       acb |= ACB_DONT_REQUIRE_PREAUTH;
+       if (uf & UF_NO_AUTH_DATA_REQUIRED)      acb |= ACB_NO_AUTH_DATA_REQD;
+       if (uf & UF_NOT_DELEGATED)              acb |= ACB_NOT_DELEGATED;
+       if (uf & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED) acb |= ACB_ENC_TXT_PWD_ALLOWED;
        
        switch (uf & UF_ACCOUNT_TYPE_MASK)
        {

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index c0cf3f2a23a83a8baf5a81b8b81d1b5274ff9b57..130d6ba8f629dcb029a8c07d6092b28d899d9755 100644 (file)
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -253,7 +253,7 @@ NTSTATUS samu_alloc_rid_unix(struct samu *user, const struct passwd *pwd)
  null). length *MUST BE MORE THAN 2* !
  **********************************************************/
 
-char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
+char *pdb_encode_acct_ctrl(uint32 acct_ctrl, size_t length)
 {
        static fstring acct_str;
 
@@ -289,9 +289,9 @@ char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
  Decode the account control bits from a string.
  **********************************************************/
 
-uint16 pdb_decode_acct_ctrl(const char *p)
+uint32 pdb_decode_acct_ctrl(const char *p)
 {
-       uint16 acct_ctrl = 0;
+       uint32 acct_ctrl = 0;
        BOOL finished = False;
 
        /*
@@ -331,7 +331,7 @@ uint16 pdb_decode_acct_ctrl(const char *p)
  Routine to set 32 hex password characters from a 16 byte array.
 **************************************************************/
 
-void pdb_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl)
+void pdb_sethexpwd(char *p, const unsigned char *pwd, uint32 acct_ctrl)
 {
        if (pwd != NULL) {
                int i;
@@ -620,7 +620,7 @@ NTSTATUS local_password_change(const char *user_name, int local_flags,
                           char *msg_str, size_t msg_str_len)
 {
        struct samu     *sam_pass=NULL;
-       uint16 other_acb;
+       uint32 other_acb;
        NTSTATUS result;
 
        *err_str = '\0';
@@ -799,12 +799,12 @@ NTSTATUS local_password_change(const char *user_name, int local_flags,
  Marshall/unmarshall struct samu structs.
  *********************************************************************/
 
-#define TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
+#define TDB_FORMAT_STRING_V3       "dddddddBBBBBBBBBBBBddBBBdwdBwwd"
 
 /*********************************************************************
 *********************************************************************/
 
-BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
+BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen)
 {
 
        /* times are stored as 32bit integer
@@ -834,8 +834,8 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
                fullname_len, homedir_len, logon_script_len,
                profile_path_len, acct_desc_len, workstations_len;
                
-       uint32  user_rid, group_rid, hours_len, unknown_6;
-       uint16  acct_ctrl, logon_divs;
+       uint32  user_rid, group_rid, hours_len, unknown_6, acct_ctrl;
+       uint16  logon_divs;
        uint16  bad_password_count, logon_count;
        uint8   *hours = NULL;
        uint8   *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
@@ -847,14 +847,14 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
        BOOL expand_explicit = lp_passdb_expand_explicit();
        
        if(sampass == NULL || buf == NULL) {
-               DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
+               DEBUG(0, ("init_sam_from_buffer_v3: NULL parameters found!\n"));
                return False;
        }
                                                                        
-/* TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+/* TDB_FORMAT_STRING_V3       "dddddddBBBBBBBBBBBBddBBBdwdBwwd" */
 
        /* unpack the buffer into variables */
-       len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
+       len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V3,
                &logon_time,                                            /* d */
                &logoff_time,                                           /* d */
                &kickoff_time,                                          /* d */
@@ -880,7 +880,8 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
                &nt_pw_len, &nt_pw_ptr,                                 /* B */
                /* Change from V1 is addition of password history field. */
                &nt_pw_hist_len, &nt_pw_hist_ptr,                       /* B */
-               &acct_ctrl,                                             /* w */
+               /* Change from V2 is the uint32 acb_mask */
+               &acct_ctrl,                                             /* d */
                /* Also "remove_me" field was removed. */
                &logon_divs,                                            /* w */
                &hours_len,                                             /* d */
@@ -972,7 +973,6 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
                }
        }
 
-       /* Change from V1 is addition of password history field. */
        pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
        if (pwHistLen) {
                uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
@@ -1006,6 +1006,7 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
        pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
        pdb_set_logon_count(sampass, logon_count, PDB_SET);
        pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
+       /* Change from V2 is the uint32 acct_ctrl */
        pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
        pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
        pdb_set_hours(sampass, hours, PDB_SET);
@@ -1035,7 +1036,7 @@ done:
 /*********************************************************************
 *********************************************************************/
 
-uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_only)
+uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_only)
 {
        size_t len, buflen;
 
@@ -1215,10 +1216,10 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
                munged_dial_len = 0;    
        }
 
-/* TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+/* TDB_FORMAT_STRING_V3       "dddddddBBBBBBBBBBBBddBBBdwdBwwd" */
 
        /* one time to get the size needed */
-       len = tdb_pack(NULL, 0,  TDB_FORMAT_STRING_V2,
+       len = tdb_pack(NULL, 0,  TDB_FORMAT_STRING_V3,
                logon_time,                             /* d */
                logoff_time,                            /* d */
                kickoff_time,                           /* d */
@@ -1243,7 +1244,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
                lm_pw_len, lm_pw,                       /* B */
                nt_pw_len, nt_pw,                       /* B */
                nt_pw_hist_len, nt_pw_hist,             /* B */
-               pdb_get_acct_ctrl(sampass),             /* w */
+               pdb_get_acct_ctrl(sampass),             /* d */
                pdb_get_logon_divs(sampass),            /* w */
                pdb_get_hours_len(sampass),             /* d */
                MAX_HOURS_LEN, pdb_get_hours(sampass),  /* B */
@@ -1257,12 +1258,12 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
 
        /* malloc the space needed */
        if ( (*buf=(uint8*)SMB_MALLOC(len)) == NULL) {
-               DEBUG(0,("init_buffer_from_sam_v2: Unable to malloc() memory for buffer!\n"));
+               DEBUG(0,("init_buffer_from_sam_v3: Unable to malloc() memory for buffer!\n"));
                return (-1);
        }
        
        /* now for the real call to tdb_pack() */
-       buflen = tdb_pack((char *)*buf, len,  TDB_FORMAT_STRING_V2,
+       buflen = tdb_pack((char *)*buf, len,  TDB_FORMAT_STRING_V3,
                logon_time,                             /* d */
                logoff_time,                            /* d */
                kickoff_time,                           /* d */
@@ -1287,7 +1288,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
                lm_pw_len, lm_pw,                       /* B */
                nt_pw_len, nt_pw,                       /* B */
                nt_pw_hist_len, nt_pw_hist,             /* B */
-               pdb_get_acct_ctrl(sampass),             /* w */
+               pdb_get_acct_ctrl(sampass),             /* d */
                pdb_get_logon_divs(sampass),            /* w */
                pdb_get_hours_len(sampass),             /* d */
                MAX_HOURS_LEN, pdb_get_hours(sampass),  /* B */
@@ -1297,7 +1298,7 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, struct samu *sampass, BOOL size_onl
        
        /* check to make sure we got it correct */
        if (buflen != len) {
-               DEBUG(0, ("init_buffer_from_sam_v2: somthing odd is going on here: bufflen (%lu) != len (%lu) in tdb_pack operations!\n", 
+               DEBUG(0, ("init_buffer_from_sam_v3: somthing odd is going on here: bufflen (%lu) != len (%lu) in tdb_pack operations!\n", 
                          (unsigned long)buflen, (unsigned long)len));  
                /* error */
                SAFE_FREE (*buf);
@@ -1320,12 +1321,12 @@ BOOL pdb_copy_sam_account(struct samu *dst, struct samu *src )
        if ( !dst )
                return False;
 
-       len = init_buffer_from_sam_v2(&buf, src, False);
+       len = init_buffer_from_sam_v3(&buf, src, False);
 
        if (len == -1)
                return False;
 
-       result = init_sam_from_buffer_v2( dst, buf, len );
+       result = init_sam_from_buffer_v3( dst, buf, len );
        dst->methods = src->methods;
        
        if ( src->unix_pw )

diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 921e13a3d2142e5ce12b7672fca6b767ac2c5510..f704c5c4811b5c8e28043cf02626d52b6dc20b7d 100644 (file)
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -40,7 +40,7 @@
  Collection of get...() functions for struct samu.
  ********************************************************************/
 
-uint16 pdb_get_acct_ctrl (const struct samu *sampass)
+uint32 pdb_get_acct_ctrl (const struct samu *sampass)
 {
        if (sampass)
                return (sampass->acct_ctrl);
@@ -424,7 +424,7 @@ void *pdb_get_backend_private_data (const struct samu *sampass, const struct pdb
  Collection of set...() functions for struct samu.
  ********************************************************************/
 
-BOOL pdb_set_acct_ctrl (struct samu *sampass, uint16 acct_ctrl, enum pdb_value_state flag)
+BOOL pdb_set_acct_ctrl (struct samu *sampass, uint32 acct_ctrl, enum pdb_value_state flag)
 {
        if (!sampass)
                return False;

diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 2b5c53534d24e95026cb428df40134b388871cd0..c49e032389be1e9d92dbea8a18b14e6d9fed50ef 100644 (file)
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -1248,7 +1248,7 @@ static NTSTATUS pdb_default_update_login_attempts (struct pdb_methods *methods,
        return NT_STATUS_OK;
 }
 
-static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint16 acb_mask)
+static NTSTATUS pdb_default_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask)
 {
        return NT_STATUS_NOT_IMPLEMENTED;
 }
@@ -1854,7 +1854,7 @@ static void search_end_users(struct pdb_search *search)
 
 static BOOL pdb_default_search_users(struct pdb_methods *methods,
                                     struct pdb_search *search,
-                                    uint16 acct_flags)
+                                    uint32 acct_flags)
 {
        struct user_search *state;
 
@@ -1985,7 +1985,7 @@ static struct samr_displayentry *pdb_search_getentry(struct pdb_search *search,
        return (search->num_entries > idx) ? &search->cache[idx] : NULL;
 }
 
-struct pdb_search *pdb_search_users(uint16 acct_flags)
+struct pdb_search *pdb_search_users(uint32 acct_flags)
 {
        struct pdb_methods *pdb = pdb_get_methods();
        struct pdb_search *result;

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index f559dae71dbab29eec9f8d25bcce32ba4176fd56..f993ae96e01087eb0e3eca36a7b5e583ab830141 100644 (file)
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -488,8 +488,8 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state,
        uint8           smblmpwd[LM_HASH_LEN],
                        smbntpwd[NT_HASH_LEN];
        BOOL            use_samba_attrs = True;
-       uint16          acct_ctrl = 0, 
-                       logon_divs;
+       uint32          acct_ctrl = 0;
+       uint16          logon_divs;
        uint16          bad_password_count = 0, 
                        logon_count = 0;
        uint32 hours_len;
@@ -1236,7 +1236,7 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
  Connect to LDAP server for password enumeration.
 *********************************************************************/
 
-static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS ldapsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
 {
        struct ldapsam_privates *ldap_state = (struct ldapsam_privates *)my_methods->private_data;
        int rc;
@@ -3837,7 +3837,7 @@ const char **talloc_attrs(TALLOC_CTX *mem_ctx, ...)
 struct ldap_search_state {
        struct smbldap_state *connection;
 
-       uint16 acct_flags;
+       uint32 acct_flags;
        uint16 group_type;
 
        const char *base;
@@ -4008,7 +4008,7 @@ static BOOL ldapuser2displayentry(struct ldap_search_state *state,
 {
        char **vals;
        DOM_SID sid;
-       uint16 acct_flags;
+       uint32 acct_flags;
 
        vals = ldap_get_values(ld, entry, "sambaAcctFlags");
        if ((vals == NULL) || (vals[0] == NULL)) {
@@ -4087,7 +4087,7 @@ static BOOL ldapuser2displayentry(struct ldap_search_state *state,
 
 static BOOL ldapsam_search_users(struct pdb_methods *methods,
                                 struct pdb_search *search,
-                                uint16 acct_flags)
+                                uint32 acct_flags)
 {
        struct ldapsam_privates *ldap_state = methods->private_data;
        struct ldap_search_state *state;

diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c
index d4070b8d2fccf1584a934649e574ec73f90d996b..b976595008a5ef001b8c8f44b8f35e1ca84840b5 100644 (file)
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -1223,7 +1223,7 @@ static BOOL build_sam_account(struct smbpasswd_privates *smbpasswd_state,
  Functions to be implemented by the new passdb API 
  ****************************************************************/
 
-static NTSTATUS smbpasswd_setsampwent (struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS smbpasswd_setsampwent (struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
 {
        struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
        

diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index e905b026ec132f5b9cd4d5f95cf74883d08a8160..e33cd46d54c29d9e85683a221b0b06a0dc0e719b 100644 (file)
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -38,7 +38,7 @@ static int tdbsam_debug_level = DBGC_ALL;
 
 #endif
 
-#define TDBSAM_VERSION 2       /* Most recent TDBSAM version */
+#define TDBSAM_VERSION 3       /* Most recent TDBSAM version */
 #define TDBSAM_VERSION_STRING  "INFO/version"
 #define PASSDB_FILE_NAME       "passdb.tdb"
 #define USERPREFIX             "USER_"
@@ -64,6 +64,7 @@ static pstring tdbsam_filename;
 
 #define TDB_FORMAT_STRING_V0       "ddddddBBBBBBBBBBBBddBBwdwdBwwd"
 #define TDB_FORMAT_STRING_V1       "dddddddBBBBBBBBBBBBddBBwdwdBwwd"
+#define TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd"
 
 /*********************************************************************
 *********************************************************************/
@@ -432,13 +433,243 @@ done:
        return ret;
 }
 
+BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen)
+{
+
+       /* times are stored as 32bit integer
+          take care on system with 64bit wide time_t
+          --SSS */
+       uint32  logon_time,
+               logoff_time,
+               kickoff_time,
+               bad_password_time,
+               pass_last_set_time,
+               pass_can_change_time,
+               pass_must_change_time;
+       char *username = NULL;
+       char *domain = NULL;
+       char *nt_username = NULL;
+       char *dir_drive = NULL;
+       char *unknown_str = NULL;
+       char *munged_dial = NULL;
+       char *fullname = NULL;
+       char *homedir = NULL;
+       char *logon_script = NULL;
+       char *profile_path = NULL;
+       char *acct_desc = NULL;
+       char *workstations = NULL;
+       uint32  username_len, domain_len, nt_username_len,
+               dir_drive_len, unknown_str_len, munged_dial_len,
+               fullname_len, homedir_len, logon_script_len,
+               profile_path_len, acct_desc_len, workstations_len;
+               
+       uint32  user_rid, group_rid, hours_len, unknown_6;
+       uint16  acct_ctrl, logon_divs;
+       uint16  bad_password_count, logon_count;
+       uint8   *hours = NULL;
+       uint8   *lm_pw_ptr = NULL, *nt_pw_ptr = NULL, *nt_pw_hist_ptr = NULL;
+       uint32          len = 0;
+       uint32          lm_pw_len, nt_pw_len, nt_pw_hist_len, hourslen;
+       uint32 pwHistLen = 0;
+       BOOL ret = True;
+       fstring tmpstring;
+       BOOL expand_explicit = lp_passdb_expand_explicit();
+       
+       if(sampass == NULL || buf == NULL) {
+               DEBUG(0, ("init_sam_from_buffer_v2: NULL parameters found!\n"));
+               return False;
+       }
+                                                                       
+/* TDB_FORMAT_STRING_V2       "dddddddBBBBBBBBBBBBddBBBwwdBwwd" */
+
+       /* unpack the buffer into variables */
+       len = tdb_unpack ((char *)buf, buflen, TDB_FORMAT_STRING_V2,
+               &logon_time,                                            /* d */
+               &logoff_time,                                           /* d */
+               &kickoff_time,                                          /* d */
+               &bad_password_time,                                     /* d */
+               &pass_last_set_time,                                    /* d */
+               &pass_can_change_time,                                  /* d */
+               &pass_must_change_time,                                 /* d */
+               &username_len, &username,                               /* B */
+               &domain_len, &domain,                                   /* B */
+               &nt_username_len, &nt_username,                         /* B */
+               &fullname_len, &fullname,                               /* B */
+               &homedir_len, &homedir,                                 /* B */
+               &dir_drive_len, &dir_drive,                             /* B */
+               &logon_script_len, &logon_script,                       /* B */
+               &profile_path_len, &profile_path,                       /* B */
+               &acct_desc_len, &acct_desc,                             /* B */
+               &workstations_len, &workstations,                       /* B */
+               &unknown_str_len, &unknown_str,                         /* B */
+               &munged_dial_len, &munged_dial,                         /* B */
+               &user_rid,                                              /* d */
+               &group_rid,                                             /* d */
+               &lm_pw_len, &lm_pw_ptr,                                 /* B */
+               &nt_pw_len, &nt_pw_ptr,                                 /* B */
+               /* Change from V1 is addition of password history field. */
+               &nt_pw_hist_len, &nt_pw_hist_ptr,                       /* B */
+               &acct_ctrl,                                             /* w */
+               /* Also "remove_me" field was removed. */
+               &logon_divs,                                            /* w */
+               &hours_len,                                             /* d */
+               &hourslen, &hours,                                      /* B */
+               &bad_password_count,                                    /* w */
+               &logon_count,                                           /* w */
+               &unknown_6);                                            /* d */
+               
+       if (len == (uint32) -1)  {
+               ret = False;
+               goto done;
+       }
+
+       pdb_set_logon_time(sampass, logon_time, PDB_SET);
+       pdb_set_logoff_time(sampass, logoff_time, PDB_SET);
+       pdb_set_kickoff_time(sampass, kickoff_time, PDB_SET);
+       pdb_set_bad_password_time(sampass, bad_password_time, PDB_SET);
+       pdb_set_pass_can_change_time(sampass, pass_can_change_time, PDB_SET);
+       pdb_set_pass_must_change_time(sampass, pass_must_change_time, PDB_SET);
+       pdb_set_pass_last_set_time(sampass, pass_last_set_time, PDB_SET);
+
+       pdb_set_username(sampass, username, PDB_SET); 
+       pdb_set_domain(sampass, domain, PDB_SET);
+       pdb_set_nt_username(sampass, nt_username, PDB_SET);
+       pdb_set_fullname(sampass, fullname, PDB_SET);
+
+       if (homedir) {
+               fstrcpy( tmpstring, homedir );
+               if (expand_explicit) {
+                       standard_sub_basic( username, tmpstring,
+                                           sizeof(tmpstring) );
+               }
+               pdb_set_homedir(sampass, tmpstring, PDB_SET);
+       }
+       else {
+               pdb_set_homedir(sampass, 
+                       talloc_sub_basic(sampass, username, lp_logon_home()),
+                       PDB_DEFAULT);
+       }
+
+       if (dir_drive)  
+               pdb_set_dir_drive(sampass, dir_drive, PDB_SET);
+       else
+               pdb_set_dir_drive(sampass, lp_logon_drive(), PDB_DEFAULT );
+
+       if (logon_script) {
+               fstrcpy( tmpstring, logon_script );
+               if (expand_explicit) {
+                       standard_sub_basic( username, tmpstring,
+                                           sizeof(tmpstring) );
+               }
+               pdb_set_logon_script(sampass, tmpstring, PDB_SET);
+       }
+       else {
+               pdb_set_logon_script(sampass, 
+                       talloc_sub_basic(sampass, username, lp_logon_script()),
+                       PDB_DEFAULT);
+       }
+       
+       if (profile_path) {     
+               fstrcpy( tmpstring, profile_path );
+               if (expand_explicit) {
+                       standard_sub_basic( username, tmpstring,
+                                           sizeof(tmpstring) );
+               }
+               pdb_set_profile_path(sampass, tmpstring, PDB_SET);
+       } 
+       else {
+               pdb_set_profile_path(sampass, 
+                       talloc_sub_basic(sampass, username, lp_logon_path()),
+                       PDB_DEFAULT);
+       }
+
+       pdb_set_acct_desc(sampass, acct_desc, PDB_SET);
+       pdb_set_workstations(sampass, workstations, PDB_SET);
+       pdb_set_munged_dial(sampass, munged_dial, PDB_SET);
+
+       if (lm_pw_ptr && lm_pw_len == LM_HASH_LEN) {
+               if (!pdb_set_lanman_passwd(sampass, lm_pw_ptr, PDB_SET)) {
+                       ret = False;
+                       goto done;
+               }
+       }
+
+       if (nt_pw_ptr && nt_pw_len == NT_HASH_LEN) {
+               if (!pdb_set_nt_passwd(sampass, nt_pw_ptr, PDB_SET)) {
+                       ret = False;
+                       goto done;
+               }
+       }
+
+       /* Change from V1 is addition of password history field. */
+       pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen);
+       if (pwHistLen) {
+               uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN);
+               if (!pw_hist) {
+                       ret = False;
+                       goto done;
+               }
+               memset(pw_hist, '\0', pwHistLen * PW_HISTORY_ENTRY_LEN);
+               if (nt_pw_hist_ptr && nt_pw_hist_len) {
+                       int i;
+                       SMB_ASSERT((nt_pw_hist_len % PW_HISTORY_ENTRY_LEN) == 0);
+                       nt_pw_hist_len /= PW_HISTORY_ENTRY_LEN;
+                       for (i = 0; (i < pwHistLen) && (i < nt_pw_hist_len); i++) {
+                               memcpy(&pw_hist[i*PW_HISTORY_ENTRY_LEN],
+                                       &nt_pw_hist_ptr[i*PW_HISTORY_ENTRY_LEN],
+                                       PW_HISTORY_ENTRY_LEN);
+                       }
+               }
+               if (!pdb_set_pw_history(sampass, pw_hist, pwHistLen, PDB_SET)) {
+                       SAFE_FREE(pw_hist);
+                       ret = False;
+                       goto done;
+               }
+               SAFE_FREE(pw_hist);
+       } else {
+               pdb_set_pw_history(sampass, NULL, 0, PDB_SET);
+       }
+
+       pdb_set_user_sid_from_rid(sampass, user_rid, PDB_SET);
+       pdb_set_group_sid_from_rid(sampass, group_rid, PDB_SET);
+       pdb_set_hours_len(sampass, hours_len, PDB_SET);
+       pdb_set_bad_password_count(sampass, bad_password_count, PDB_SET);
+       pdb_set_logon_count(sampass, logon_count, PDB_SET);
+       pdb_set_unknown_6(sampass, unknown_6, PDB_SET);
+       pdb_set_acct_ctrl(sampass, acct_ctrl, PDB_SET);
+       pdb_set_logon_divs(sampass, logon_divs, PDB_SET);
+       pdb_set_hours(sampass, hours, PDB_SET);
+
+done:
+
+       SAFE_FREE(username);
+       SAFE_FREE(domain);
+       SAFE_FREE(nt_username);
+       SAFE_FREE(fullname);
+       SAFE_FREE(homedir);
+       SAFE_FREE(dir_drive);
+       SAFE_FREE(logon_script);
+       SAFE_FREE(profile_path);
+       SAFE_FREE(acct_desc);
+       SAFE_FREE(workstations);
+       SAFE_FREE(munged_dial);
+       SAFE_FREE(unknown_str);
+       SAFE_FREE(lm_pw_ptr);
+       SAFE_FREE(nt_pw_ptr);
+       SAFE_FREE(nt_pw_hist_ptr);
+       SAFE_FREE(hours);
+
+       return ret;
+}
+
+
 /**********************************************************************
  Intialize a struct samu struct from a BYTE buffer of size len
  *********************************************************************/
 
 static BOOL init_sam_from_buffer(struct samu *sampass, uint8 *buf, uint32 buflen)
 {
-       return init_sam_from_buffer_v2(sampass, buf, buflen);
+       return init_sam_from_buffer_v3(sampass, buf, buflen);
 }
 
 /**********************************************************************
@@ -447,7 +678,7 @@ static BOOL init_sam_from_buffer(struct samu *sampass, uint8 *buf, uint32 buflen
 
 static uint32 init_buffer_from_sam (uint8 **buf, struct samu *sampass, BOOL size_only)
 {
-       return init_buffer_from_sam_v2(buf, sampass, size_only);
+       return init_buffer_from_sam_v3(buf, sampass, size_only);
 }
 
 /**********************************************************************
@@ -505,6 +736,9 @@ static BOOL tdbsam_convert(int32 from)
                                case 2:
                                        ret = init_sam_from_buffer_v2(user, (uint8 *)data.dptr, data.dsize);
                                        break;
+                               case 3:
+                                       ret = init_sam_from_buffer_v3(user, (uint8 *)data.dptr, data.dsize);
+                                       break;
                                default:
                                        /* unknown tdbsam version */
                                        ret = False;
@@ -677,7 +911,7 @@ static int tdbsam_traverse_setpwent(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data,
  Save a list of user keys for iteration.
 ****************************************************************/
 
-static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint16 acb_mask)
+static NTSTATUS tdbsam_setsampwent(struct pdb_methods *my_methods, BOOL update, uint32 acb_mask)
 {
        if ( !tdbsam_open( tdbsam_filename ) ) {
                DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));

diff --git a/source3/python/py_samr.c b/source3/python/py_samr.c
index fc9f2a83ebe2ee886611669b1b2544a9cb9a7d74..a26cd8d132e3eb9a9ec020d0b1341c1804e3ba6b 100644 (file)
--- a/source3/python/py_samr.c
+++ b/source3/python/py_samr.c
@@ -467,7 +467,7 @@ static PyObject *samr_create_dom_user(PyObject *self, PyObject *args,
        uint32 user_rid;
        PyObject *result = NULL;
        TALLOC_CTX *mem_ctx;
-       uint16 acb_info = ACB_NORMAL;
+       uint32 acb_info = ACB_NORMAL;
        POLICY_HND user_pol;
        
        if (!PyArg_ParseTupleAndKeywords(

diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index dd9a4ce67e57ade0688eecd0fd5734df3ff139c5..adb61a48bb5cccd835b47aac4091150da12adf4b 100644 (file)
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -640,7 +640,7 @@ NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli,
  **/
 
 NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
-                                 POLICY_HND *pol, uint32 *start_idx, uint16 acb_mask,
+                                 POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
                                  uint32 size, char ***dom_users, uint32 **rids,
                                  uint32 *num_dom_users)
 {
@@ -661,7 +661,7 @@ NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem
        
        /* Fill query structure with parameters */
 
-       init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, 0, size);
+       init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
        
        CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
                q, r,

diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 3734ce26a69c4fba2f047aef040f53fc9c3913c5..745cf24b0fd272daf9d7c31624aed0489d0230a0 100644 (file)
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1424,7 +1424,8 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
                         
                         uint16 logon_count, uint16 bad_pw_count,
                         uint32 num_groups, const DOM_GID *gids,
-                        uint32 user_flgs, uchar user_session_key[16],
+                        uint32 user_flgs, uint32 acct_flags,
+                        uchar user_session_key[16],
                         uchar lm_session_key[16],
                         const char *logon_srv, const char *logon_dom,
                         const DOM_SID *dom_sid)
@@ -1466,6 +1467,7 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
 
        usr->buffer_groups = 1; /* indicates fill in groups, below, even if there are none */
        usr->user_flgs = user_flgs;
+       usr->acct_flags = acct_flags;
 
        if (user_session_key != NULL)
                memcpy(usr->user_sess_key, user_session_key, sizeof(usr->user_sess_key));
@@ -1475,7 +1477,6 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
        usr->buffer_dom_id = dom_sid ? 1 : 0; /* yes, we're bothering to put a domain SID in */
 
        memset((char *)usr->lm_sess_key, '\0', sizeof(usr->lm_sess_key));
-       memset(&usr->acct_flags, '\0', sizeof(usr->acct_flags));
 
        for (i=0; i<7; i++) {
                memset(&usr->unknown[i], '\0', sizeof(usr->unknown));
@@ -1526,19 +1527,22 @@ void init_net_user_info3(TALLOC_CTX *ctx, NET_USER_INFO_3 *usr,
        int lvl = 10;
        DEBUG(lvl,("dump_acct_flags\n"));
        if (acct_flags & ACB_NORMAL) {
-               DEBUGADD(lvl,("\taccount has UF_NORMAL_ACCOUNT\n"));
+               DEBUGADD(lvl,("\taccount has ACB_NORMAL\n"));
        }
        if (acct_flags & ACB_PWNOEXP) {
-               DEBUGADD(lvl,("\taccount has UF_DONT_EXPIRE_PASSWD\n"));
+               DEBUGADD(lvl,("\taccount has ACB_PWNOEXP\n"));
        }
        if (acct_flags & ACB_ENC_TXT_PWD_ALLOWED) {
-               DEBUGADD(lvl,("\taccount has UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED\n"));
+               DEBUGADD(lvl,("\taccount has ACB_ENC_TXT_PWD_ALLOWED\n"));
        }
        if (acct_flags & ACB_NOT_DELEGATED) {
-               DEBUGADD(lvl,("\taccount has UF_NOT_DELEGATED\n"));
+               DEBUGADD(lvl,("\taccount has ACB_NOT_DELEGATED\n"));
        }
        if (acct_flags & ACB_USE_DES_KEY_ONLY) {
-               DEBUGADD(lvl,("\taccount has UF_USE_DES_KEY_ONLY set, sig verify wont work\n"));
+               DEBUGADD(lvl,("\taccount has ACB_USE_DES_KEY_ONLY set, sig verify wont work\n"));
+       }
+       if (acct_flags & ACB_NO_AUTH_DATA_REQD) {
+               DEBUGADD(lvl,("\taccount has ACB_NO_AUTH_DATA_REQD set\n"));
        }
 }
 

diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index fc4d7a3ab36dd67ea283d17541dad552afe931e2..49d0fb7d720e2d042f995568e7b085bf1dee089d 100644 (file)
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -1004,7 +1004,7 @@ inits a SAM_ENTRY1 structure.
 static void init_sam_entry1(SAM_ENTRY1 *sam, uint32 user_idx,
                            UNISTR2 *sam_name, UNISTR2 *sam_full,
                            UNISTR2 *sam_desc, uint32 rid_user,
-                           uint16 acb_info)
+                           uint32 acb_info)
 {
        DEBUG(5, ("init_sam_entry1\n"));
 
@@ -1040,10 +1040,7 @@ static BOOL sam_io_sam_entry1(const char *desc, SAM_ENTRY1 * sam,
 
        if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
                return False;
-       if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
-               return False;
-
-       if(!prs_align(ps))
+       if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
                return False;
 
        if (!smb_io_unihdr("hdr_acct_name", &sam->hdr_acct_name, ps, depth))
@@ -1085,7 +1082,7 @@ inits a SAM_ENTRY2 structure.
 ********************************************************************/
 static void init_sam_entry2(SAM_ENTRY2 * sam, uint32 user_idx,
                            UNISTR2 *sam_name, UNISTR2 *sam_desc,
-                           uint32 rid_user, uint16 acb_info)
+                           uint32 rid_user, uint32 acb_info)
 {
        DEBUG(5, ("init_sam_entry2\n"));
 
@@ -1118,10 +1115,7 @@ static BOOL sam_io_sam_entry2(const char *desc, SAM_ENTRY2 * sam,
 
        if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
                return False;
-       if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
-               return False;
-
-       if(!prs_align(ps))
+       if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
                return False;
 
        if(!smb_io_unihdr("unihdr", &sam->hdr_srv_name, ps, depth))     /* account name unicode string header */
@@ -1322,7 +1316,7 @@ inits a SAMR_Q_ENUM_DOM_USERS structure.
 
 void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
                                uint32 start_idx,
-                               uint16 acb_mask, uint16 unk_1, uint32 size)
+                               uint32 acb_mask, uint32 size)
 {
        DEBUG(5, ("init_samr_q_enum_dom_users\n"));
 
@@ -1330,7 +1324,6 @@ void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
 
        q_e->start_idx = start_idx;     /* zero indicates lots */
        q_e->acb_mask = acb_mask;
-       q_e->unknown_1 = unk_1;
        q_e->max_size = size;
 }
 
@@ -1355,9 +1348,7 @@ BOOL samr_io_q_enum_dom_users(const char *desc, SAMR_Q_ENUM_DOM_USERS * q_e,
 
        if(!prs_uint32("start_idx", ps, depth, &q_e->start_idx))
                return False;
-       if(!prs_uint16("acb_mask ", ps, depth, &q_e->acb_mask))
-               return False;
-       if(!prs_uint16("unknown_1", ps, depth, &q_e->unknown_1))
+       if(!prs_uint32("acb_mask ", ps, depth, &q_e->acb_mask))
                return False;
 
        if(!prs_uint32("max_size ", ps, depth, &q_e->max_size))

diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index a71d97ada783864ea8d96d75a4f06aefcdf865e5..8dbd4ff33f33c49bc5dcbd28f0e17618874903a6 100644 (file)
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -1016,12 +1016,12 @@ static NTSTATUS _net_sam_logon_internal(pipes_struct *p,
                                    pdb_get_pass_last_set_time(sampw),
                                    pdb_get_pass_can_change_time(sampw),
                                    pdb_get_pass_must_change_time(sampw),
-                                   
                                    0, /* logon_count */
                                    0, /* bad_pw_count */
                                    num_gids,    /* uint32 num_groups */
                                    gids    , /* DOM_GID *gids */
-                                   0x20    , /* uint32 user_flgs (?) */
+                                   LOGON_EXTRA_SIDS, /* uint32 user_flgs (?) */
+                                   pdb_get_acct_ctrl(sampw),
                                    server_info->user_session_key.length ? user_session_key : NULL,
                                    server_info->lm_session_key.length ? lm_session_key : NULL,
                                    my_name     , /* char *logon_srv */

diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 47e1a31535e48420e7fe21840ccea1144ca38423..fa5b080634402d986c96b565a5655f078a078980 100644 (file)
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -482,7 +482,7 @@ static void samr_clear_sam_passwd(struct samu *sam_pass)
        pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
 }
 
-static uint32 count_sam_users(struct disp_info *info, uint16 acct_flags)
+static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
 {
        struct samr_displayentry *entry;
 
@@ -3218,7 +3218,7 @@ static BOOL set_user_info_pw(uint8 *pass, struct samu *pwd)
 {
        uint32 len;
        pstring plaintext_buf;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
  
        DEBUG(5, ("Attempting administrator password change for user %s\n",
                  pdb_get_username(pwd)));

diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 13da71a7fd9bff8906a581abfdf46f23b384583a..82194c84c7378e0ba7b81300cae5a4a75da30f73 100644 (file)
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -100,7 +100,7 @@ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
        
        printf("\tuser_rid :\t0x%x\n"  , usr->user_rid ); /* User ID */
        printf("\tgroup_rid:\t0x%x\n"  , usr->group_rid); /* Group ID */
-       printf("\tacb_info :\t0x%04x\n", usr->acb_info ); /* Account Control Info */
+       printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
        
        printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
        printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
@@ -776,7 +776,7 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
        char **dom_users;
        uint32 *dom_rids;
        uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
-       uint16 acb_mask = ACB_NORMAL;
+       uint32 acb_mask = ACB_NORMAL;
        BOOL got_connect_pol = False, got_domain_pol = False;
 
        if ((argc < 1) || (argc > 3)) {
@@ -788,7 +788,7 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
                sscanf(argv[1], "%x", &access_mask);
 
        if (argc > 2)
-               sscanf(argv[2], "%hx", &acb_mask);
+               sscanf(argv[2], "%x", &acb_mask);
 
        /* Get sam policy handle */
 
@@ -1367,7 +1367,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
        POLICY_HND connect_pol, domain_pol, user_pol;
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
        const char *acct_name;
-       uint16 acb_info;
+       uint32 acb_info;
        uint32 unknown, user_rid;
        uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
 

diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 8df824a323e1f311ae5ee4b8816f27c2a52a0110..224ae3d763e08234b1dfad5c957b2c53a22d91b4 100644 (file)
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -575,7 +575,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
        uchar unenc_new_pw[16];
        uchar unenc_old_pw[16];
        struct samu *sampass = NULL;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        const uint8 *lanman_pw;
        BOOL ret;
        
@@ -641,7 +641,7 @@ BOOL change_lanman_password(struct samu *sampass, uchar *pass2)
        static uchar null_pw[16];
        uchar unenc_new_pw[16];
        BOOL ret;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        const uint8 *pwd;
 
        if (sampass == NULL) {
@@ -755,7 +755,7 @@ static NTSTATUS check_oem_password(const char *user,
        uint8 *password_encrypted;
        const uint8 *encryption_key;
        const uint8 *lanman_pw, *nt_pw;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        uint32 new_pw_len;
        uchar new_nt_hash[16];
        uchar new_lm_hash[16];

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 85b09f9e07c11b72b4d86c02b5efaf925f30458b..0cedbd78abc9f0bfb253db9d2672227cdc1d6866 100644 (file)
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -566,7 +566,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
        POLICY_HND connect_pol, domain_pol, user_pol;
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
        const char *acct_name;
-       uint16 acb_info;
+       uint32 acb_info;
        uint32 unknown, user_rid;
 
        if (argc != 1) {
@@ -5230,7 +5230,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
        POLICY_HND connect_pol, domain_pol, user_pol;
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
        char *acct_name;
-       uint16 acb_info;
+       uint32 acb_info;
        uint32 unknown, user_rid;
 
        if (argc != 2) {