2 Unix SMB/CIFS implementation.
4 Copyright (C) Rafal Szczesniak 2005
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 a composite functions for user management operations (add/del/chg)
26 #include "libcli/raw/libcliraw.h"
27 #include "libcli/composite/composite.h"
28 #include "libcli/composite/monitor.h"
29 #include "librpc/gen_ndr/ndr_samr.h"
30 #include "libnet/composite.h"
33 * Composite user add function
36 static void useradd_handler(struct rpc_request*);
38 enum useradd_stage { USERADD_CREATE };
40 struct useradd_state {
41 enum useradd_stage stage;
42 struct dcerpc_pipe *pipe;
43 struct rpc_request *req;
44 struct policy_handle domain_handle;
45 struct samr_CreateUser createuser;
46 struct policy_handle user_handle;
52 * Stage 1 (and the only one for now): Create user account.
54 static NTSTATUS useradd_create(struct composite_context *c,
55 struct useradd_state *s)
57 c->status = dcerpc_ndr_request_recv(s->req);
58 NT_STATUS_NOT_OK_RETURN(c->status);
60 c->state = SMBCLI_REQUEST_DONE;
66 * Event handler for asynchronous request. Handles transition through
67 * intermediate stages of the call.
69 * @param req rpc call context
71 static void useradd_handler(struct rpc_request *req)
73 struct composite_context *c = req->async.private;
74 struct useradd_state *s = talloc_get_type(c->private, struct useradd_state);
75 struct monitor_msg msg;
79 c->status = useradd_create(c, s);
80 msg.type = rpc_create_user;
81 msg.data.rpc_create_user.rid = *s->createuser.out.rid;
85 if (!NT_STATUS_IS_OK(c->status)) {
86 c->state = SMBCLI_REQUEST_ERROR;
93 if (c->state >= SMBCLI_REQUEST_DONE &&
101 * Sends asynchronous useradd request
103 * @param p dce/rpc call pipe
104 * @param io arguments and results of the call
107 struct composite_context *libnet_rpc_useradd_send(struct dcerpc_pipe *p,
108 struct libnet_rpc_useradd *io,
109 void (*monitor)(struct monitor_msg*))
111 struct composite_context *c;
112 struct useradd_state *s;
114 c = talloc_zero(p, struct composite_context);
115 if (c == NULL) goto failure;
117 s = talloc_zero(c, struct useradd_state);
118 if (s == NULL) goto failure;
120 s->domain_handle = io->in.domain_handle;
123 c->state = SMBCLI_REQUEST_SEND;
125 c->event_ctx = dcerpc_event_context(p);
126 c->monitor_fn = monitor;
128 /* preparing parameters to send rpc request */
129 s->createuser.in.domain_handle = &io->in.domain_handle;
130 s->createuser.in.account_name = talloc_zero(c, struct lsa_String);
131 s->createuser.in.account_name->string = talloc_strdup(c, io->in.username);
132 s->createuser.out.user_handle = &s->user_handle;
133 s->createuser.out.rid = &s->user_rid;
136 s->req = dcerpc_samr_CreateUser_send(p, c, &s->createuser);
138 /* callback handler */
139 s->req->async.callback = useradd_handler;
140 s->req->async.private = c;
141 s->stage = USERADD_CREATE;
152 * Waits for and receives result of asynchronous useradd call
154 * @param c composite context returned by asynchronous useradd call
155 * @param mem_ctx memory context of the call
156 * @param io pointer to results (and arguments) of the call
157 * @return nt status code of execution
160 NTSTATUS libnet_rpc_useradd_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
161 struct libnet_rpc_useradd *io)
164 struct useradd_state *s;
166 status = composite_wait(c);
168 if (NT_STATUS_IS_OK(status) && io) {
169 /* get and return result of the call */
170 s = talloc_get_type(c->private, struct useradd_state);
171 io->out.user_handle = s->user_handle;
180 * Synchronous version of useradd call
182 * @param pipe dce/rpc call pipe
183 * @param mem_ctx memory context for the call
184 * @param io arguments and results of the call
185 * @return nt status code of execution
188 NTSTATUS libnet_rpc_useradd(struct dcerpc_pipe *pipe,
190 struct libnet_rpc_useradd *io)
192 struct composite_context *c = libnet_rpc_useradd_send(pipe, io, NULL);
193 return libnet_rpc_useradd_recv(c, mem_ctx, io);
198 * Composite user delete function
201 static void userdel_handler(struct rpc_request*);
203 enum userdel_stage { USERDEL_LOOKUP, USERDEL_OPEN, USERDEL_DELETE };
205 struct userdel_state {
206 enum userdel_stage stage;
207 struct dcerpc_pipe *pipe;
208 struct rpc_request *req;
209 struct policy_handle domain_handle;
210 struct policy_handle user_handle;
211 struct samr_LookupNames lookupname;
212 struct samr_OpenUser openuser;
213 struct samr_DeleteUser deleteuser;
218 * Stage 1: Lookup the user name and resolve it to rid
220 static NTSTATUS userdel_lookup(struct composite_context *c,
221 struct userdel_state *s)
223 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
225 c->status = dcerpc_ndr_request_recv(s->req);
226 NT_STATUS_NOT_OK_RETURN(c->status);
228 if (!s->lookupname.out.rids.count) {
229 /* TODO: no such user */
230 status = NT_STATUS_NO_SUCH_USER;
232 } else if (!s->lookupname.out.rids.count > 1) {
233 /* TODO: ambiguous username */
234 status = NT_STATUS_INVALID_ACCOUNT_NAME;
237 s->openuser.in.domain_handle = &s->domain_handle;
238 s->openuser.in.rid = s->lookupname.out.rids.ids[0];
239 s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
240 s->openuser.out.user_handle = &s->user_handle;
242 s->req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
244 s->req->async.callback = userdel_handler;
245 s->req->async.private = c;
246 s->stage = USERDEL_OPEN;
253 * Stage 2: Open user account.
255 static NTSTATUS userdel_open(struct composite_context *c,
256 struct userdel_state *s)
258 c->status = dcerpc_ndr_request_recv(s->req);
259 NT_STATUS_NOT_OK_RETURN(c->status);
261 s->deleteuser.in.user_handle = &s->user_handle;
262 s->deleteuser.out.user_handle = &s->user_handle;
264 s->req = dcerpc_samr_DeleteUser_send(s->pipe, c, &s->deleteuser);
266 s->req->async.callback = userdel_handler;
267 s->req->async.private = c;
268 s->stage = USERDEL_DELETE;
275 * Stage 3: Delete user account
277 static NTSTATUS userdel_delete(struct composite_context *c,
278 struct userdel_state *s)
280 c->status = dcerpc_ndr_request_recv(s->req);
281 NT_STATUS_NOT_OK_RETURN(c->status);
283 c->state = SMBCLI_REQUEST_DONE;
290 * Event handler for asynchronous request. Handles transition through
291 * intermediate stages of the call.
293 * @param req rpc call context
295 static void userdel_handler(struct rpc_request *req)
297 struct composite_context *c = req->async.private;
298 struct userdel_state *s = talloc_get_type(c->private, struct userdel_state);
299 struct monitor_msg msg;
303 c->status = userdel_lookup(c, s);
306 c->status = userdel_open(c, s);
309 c->status = userdel_delete(c, s);
313 if (!NT_STATUS_IS_OK(c->status)) {
314 c->state = SMBCLI_REQUEST_ERROR;
321 if (c->state >= SMBCLI_REQUEST_DONE &&
329 * Sends asynchronous userdel request
331 * @param p dce/rpc call pipe
332 * @param io arguments and results of the call
335 struct composite_context *libnet_rpc_userdel_send(struct dcerpc_pipe *p,
336 struct libnet_rpc_userdel *io)
338 struct composite_context *c;
339 struct userdel_state *s;
341 c = talloc_zero(p, struct composite_context);
342 if (c == NULL) goto failure;
344 s = talloc_zero(c, struct userdel_state);
345 if (s == NULL) goto failure;
347 c->state = SMBCLI_REQUEST_SEND;
349 c->event_ctx = dcerpc_event_context(p);
352 s->domain_handle = io->in.domain_handle;
354 /* preparing parameters to send rpc request */
355 s->lookupname.in.domain_handle = &io->in.domain_handle;
356 s->lookupname.in.num_names = 1;
357 s->lookupname.in.names = talloc_zero(s, struct lsa_String);
358 s->lookupname.in.names->string = io->in.username;
360 /* send the request */
361 s->req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
363 /* callback handler */
364 s->req->async.callback = userdel_handler;
365 s->req->async.private = c;
366 s->stage = USERDEL_LOOKUP;
377 * Waits for and receives results of asynchronous userdel call
379 * @param c composite context returned by asynchronous userdel call
380 * @param mem_ctx memory context of the call
381 * @param io pointer to results (and arguments) of the call
382 * @return nt status code of execution
385 NTSTATUS libnet_rpc_userdel_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
386 struct libnet_rpc_userdel *io)
389 struct userdel_state *s;
391 status = composite_wait(c);
393 if (NT_STATUS_IS_OK(status) && io) {
394 s = talloc_get_type(c->private, struct userdel_state);
395 io->out.user_handle = s->user_handle;
404 * Synchronous version of userdel call
406 * @param pipe dce/rpc call pipe
407 * @param mem_ctx memory context for the call
408 * @param io arguments and results of the call
409 * @return nt status code of execution
412 NTSTATUS libnet_rpc_userdel(struct dcerpc_pipe *pipe,
414 struct libnet_rpc_userdel *io)
416 struct composite_context *c = libnet_rpc_userdel_send(pipe, io);
417 return libnet_rpc_userdel_recv(c, mem_ctx, io);
421 static void usermod_handler(struct rpc_request*);
423 enum usermod_stage { USERMOD_LOOKUP, USERMOD_OPEN, USERMOD_MODIFY };
425 struct usermod_state {
426 enum usermod_stage stage;
427 struct dcerpc_pipe *pipe;
428 struct rpc_request *req;
429 struct policy_handle domain_handle;
430 struct policy_handle user_handle;
431 struct usermod_change change;
432 union samr_UserInfo info;
433 struct samr_LookupNames lookupname;
434 struct samr_OpenUser openuser;
435 struct samr_SetUserInfo setuser;
439 static NTSTATUS usermod_lookup(struct composite_context *c,
440 struct usermod_state *s)
444 c->status = dcerpc_ndr_request_recv(s->req);
445 NT_STATUS_NOT_OK_RETURN(c->status);
447 if (!s->lookupname.out.rids.count) {
448 /* TODO: no such user */
449 status = NT_STATUS_NO_SUCH_USER;
451 } else if (!s->lookupname.out.rids.count > 1) {
452 /* TODO: ambiguous username */
453 status = NT_STATUS_INVALID_ACCOUNT_NAME;
456 s->openuser.in.domain_handle = &s->domain_handle;
457 s->openuser.in.rid = s->lookupname.out.rids.ids[0];
458 s->openuser.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
459 s->openuser.out.user_handle = &s->user_handle;
461 s->req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
463 s->req->async.callback = usermod_handler;
464 s->req->async.private = c;
465 s->stage = USERMOD_OPEN;
471 static NTSTATUS usermod_open(struct composite_context *c,
472 struct usermod_state *s)
474 union samr_UserInfo *i = &s->info;
477 c->status = dcerpc_ndr_request_recv(s->req);
478 NT_STATUS_NOT_OK_RETURN(c->status);
480 s->setuser.in.user_handle = &s->user_handle;
482 /* Prepare UserInfo level and data based on bitmask field */
483 if (s->change.fields) {
484 if (s->change.fields & USERMOD_FIELD_ACCOUNT_NAME) {
486 i->info7.account_name.length = 2*strlen_m(s->change.account_name);
487 i->info7.account_name.size = 2*strlen_m(s->change.account_name);
488 i->info7.account_name.string = s->change.account_name;
490 s->change.fields ^= USERMOD_FIELD_ACCOUNT_NAME;
492 } else if (s->change.fields & USERMOD_FIELD_FULL_NAME) {
494 i->info8.full_name.length = 2*strlen_m(s->change.full_name);
495 i->info8.full_name.size = 2*strlen_m(s->change.full_name);
496 i->info8.full_name.string = s->change.full_name;
498 s->change.fields ^= USERMOD_FIELD_FULL_NAME;
500 } else if (s->change.fields & USERMOD_FIELD_DESCRIPTION) {
502 i->info13.description.length = 2*strlen_m(s->change.description);
503 i->info13.description.size = 2*strlen_m(s->change.description);
504 i->info13.description.string = s->change.description;
506 s->change.fields ^= USERMOD_FIELD_DESCRIPTION;
508 } else if (s->change.fields & USERMOD_FIELD_LOGON_SCRIPT) {
510 i->info11.logon_script.length = 2*strlen_m(s->change.logon_script);
511 i->info11.logon_script.size = 2*strlen_m(s->change.logon_script);
512 i->info11.logon_script.string = s->change.logon_script;
514 s->change.fields ^= USERMOD_FIELD_LOGON_SCRIPT;
516 } else if (s->change.fields & USERMOD_FIELD_PROFILE_PATH) {
518 i->info12.profile_path.length = 2*strlen_m(s->change.profile_path);
519 i->info12.profile_path.size = 2*strlen_m(s->change.profile_path);
520 i->info12.profile_path.string = s->change.profile_path;
522 s->change.fields ^= USERMOD_FIELD_PROFILE_PATH;
526 s->setuser.in.level = level;
527 s->setuser.in.info = i;
529 s->req = dcerpc_samr_SetUserInfo_send(s->pipe, c, &s->setuser);
531 s->req->async.callback = usermod_handler;
532 s->req->async.private = c;
534 /* Get back here again unless all fields have been set */
535 if (s->change.fields) {
536 s->stage = USERMOD_OPEN;
538 s->stage = USERMOD_MODIFY;
545 static NTSTATUS usermod_modify(struct composite_context *c,
546 struct usermod_state *s)
548 c->status = dcerpc_ndr_request_recv(s->req);
549 NT_STATUS_NOT_OK_RETURN(c->status);
551 c->state = SMBCLI_REQUEST_DONE;
557 static void usermod_handler(struct rpc_request *req)
559 struct composite_context *c = req->async.private;
560 struct usermod_state *s = talloc_get_type(c->private, struct usermod_state);
561 struct monitor_msg msg;
565 c->status = usermod_lookup(c, s);
568 c->status = usermod_open(c, s);
571 c->status = usermod_modify(c, s);
575 if (!NT_STATUS_IS_OK(c->status)) {
576 c->state = SMBCLI_REQUEST_ERROR;
583 if (c->state >= SMBCLI_REQUEST_DONE &&
590 struct composite_context *libnet_rpc_usermod_send(struct dcerpc_pipe *p,
591 struct libnet_rpc_usermod *io)
593 struct composite_context *c;
594 struct usermod_state *s;
596 c = talloc_zero(p, struct composite_context);
597 if (c == NULL) goto failure;
599 s = talloc_zero(c, struct usermod_state);
600 if (s == NULL) goto failure;
602 c->state = SMBCLI_REQUEST_SEND;
604 c->event_ctx = dcerpc_event_context(p);
607 s->domain_handle = io->in.domain_handle;
608 s->change = io->in.change;
610 s->lookupname.in.domain_handle = &io->in.domain_handle;
611 s->lookupname.in.num_names = 1;
612 s->lookupname.in.names = talloc_zero(s, struct lsa_String);
613 s->lookupname.in.names->string = io->in.username;
615 s->req = dcerpc_samr_LookupNames_send(p, c, &s->lookupname);
617 s->req->async.callback = usermod_handler;
618 s->req->async.private = c;
619 s->stage = USERMOD_LOOKUP;
629 NTSTATUS libnet_rpc_usermod_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
630 struct libnet_rpc_usermod *io)
633 struct usermod_state *s;
635 status = composite_wait(c);
642 NTSTATUS libnet_rpc_usermod(struct dcerpc_pipe *pipe,
644 struct libnet_rpc_usermod *io)
646 struct composite_context *c = libnet_rpc_usermod_send(pipe, io);
647 return libnet_rpc_usermod_recv(c, mem_ctx, io);