4b913bace1a9143a55f48b1e5ae18b21ba99eecf
[kai/samba.git] / source3 / rpc_server / srv_samr_nt.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell                   1992-1997,
5  *  Copyright (C) Luke Kenneth Casson Leighton      1996-1997,
6  *  Copyright (C) Paul Ashton                       1997,
7  *  Copyright (C) Marc Jacobsen                     1999,
8  *  Copyright (C) Jeremy Allison                    2001-2008,
9  *  Copyright (C) Jean Fran├žois Micouleau           1998-2001,
10  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002,
11  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
12  *  Copyright (C) Simo Sorce                        2003.
13  *  Copyright (C) Volker Lendecke                   2005.
14  *  Copyright (C) Guenther Deschner                 2008.
15  *
16  *  This program is free software; you can redistribute it and/or modify
17  *  it under the terms of the GNU General Public License as published by
18  *  the Free Software Foundation; either version 3 of the License, or
19  *  (at your option) any later version.
20  *
21  *  This program is distributed in the hope that it will be useful,
22  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  *  GNU General Public License for more details.
25  *
26  *  You should have received a copy of the GNU General Public License
27  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
28  */
29
30 /*
31  * This is the implementation of the SAMR code.
32  */
33
34 #include "includes.h"
35
36 #undef DBGC_CLASS
37 #define DBGC_CLASS DBGC_RPC_SRV
38
39 #define SAMR_USR_RIGHTS_WRITE_PW \
40                 ( READ_CONTROL_ACCESS           | \
41                   SAMR_USER_ACCESS_CHANGE_PASSWORD      | \
42                   SAMR_USER_ACCESS_SET_LOC_COM)
43 #define SAMR_USR_RIGHTS_CANT_WRITE_PW \
44                 ( READ_CONTROL_ACCESS | SAMR_USER_ACCESS_SET_LOC_COM )
45
46 #define DISP_INFO_CACHE_TIMEOUT 10
47
48 #define MAX_SAM_ENTRIES_W2K 0x400 /* 1024 */
49 #define MAX_SAM_ENTRIES_W95 50
50
51 typedef struct disp_info {
52         DOM_SID sid; /* identify which domain this is. */
53         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
54         struct pdb_search *users; /* querydispinfo 1 and 4 */
55         struct pdb_search *machines; /* querydispinfo 2 */
56         struct pdb_search *groups; /* querydispinfo 3 and 5, enumgroups */
57         struct pdb_search *aliases; /* enumaliases */
58
59         uint16 enum_acb_mask;
60         struct pdb_search *enum_users; /* enumusers with a mask */
61
62         struct timed_event *cache_timeout_event; /* cache idle timeout
63                                                   * handler. */
64 } DISP_INFO;
65
66 /* We keep a static list of these by SID as modern clients close down
67    all resources between each request in a complete enumeration. */
68
69 struct samr_info {
70         /* for use by the \PIPE\samr policy */
71         DOM_SID sid;
72         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
73         uint32 status; /* some sort of flag.  best to record it.  comes from opnum 0x39 */
74         uint32 acc_granted;
75         DISP_INFO *disp_info;
76         TALLOC_CTX *mem_ctx;
77 };
78
79 static const struct generic_mapping sam_generic_mapping = {
80         GENERIC_RIGHTS_SAM_READ,
81         GENERIC_RIGHTS_SAM_WRITE,
82         GENERIC_RIGHTS_SAM_EXECUTE,
83         GENERIC_RIGHTS_SAM_ALL_ACCESS};
84 static const struct generic_mapping dom_generic_mapping = {
85         GENERIC_RIGHTS_DOMAIN_READ,
86         GENERIC_RIGHTS_DOMAIN_WRITE,
87         GENERIC_RIGHTS_DOMAIN_EXECUTE,
88         GENERIC_RIGHTS_DOMAIN_ALL_ACCESS};
89 static const struct generic_mapping usr_generic_mapping = {
90         GENERIC_RIGHTS_USER_READ,
91         GENERIC_RIGHTS_USER_WRITE,
92         GENERIC_RIGHTS_USER_EXECUTE,
93         GENERIC_RIGHTS_USER_ALL_ACCESS};
94 static const struct generic_mapping usr_nopwchange_generic_mapping = {
95         GENERIC_RIGHTS_USER_READ,
96         GENERIC_RIGHTS_USER_WRITE,
97         GENERIC_RIGHTS_USER_EXECUTE & ~SAMR_USER_ACCESS_CHANGE_PASSWORD,
98         GENERIC_RIGHTS_USER_ALL_ACCESS};
99 static const struct generic_mapping grp_generic_mapping = {
100         GENERIC_RIGHTS_GROUP_READ,
101         GENERIC_RIGHTS_GROUP_WRITE,
102         GENERIC_RIGHTS_GROUP_EXECUTE,
103         GENERIC_RIGHTS_GROUP_ALL_ACCESS};
104 static const struct generic_mapping ali_generic_mapping = {
105         GENERIC_RIGHTS_ALIAS_READ,
106         GENERIC_RIGHTS_ALIAS_WRITE,
107         GENERIC_RIGHTS_ALIAS_EXECUTE,
108         GENERIC_RIGHTS_ALIAS_ALL_ACCESS};
109
110 /*******************************************************************
111 *******************************************************************/
112
113 static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
114                                      const struct generic_mapping *map,
115                                      DOM_SID *sid, uint32 sid_access )
116 {
117         DOM_SID domadmin_sid;
118         SEC_ACE ace[5];         /* at most 5 entries */
119         size_t i = 0;
120
121         SEC_ACL *psa = NULL;
122
123         /* basic access for Everyone */
124
125         init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED,
126                         map->generic_execute | map->generic_read, 0);
127
128         /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
129
130         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
131                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
132         init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators,
133                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
134
135         /* Add Full Access for Domain Admins if we are a DC */
136
137         if ( IS_DC ) {
138                 sid_copy( &domadmin_sid, get_global_sam_sid() );
139                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
140                 init_sec_ace(&ace[i++], &domadmin_sid,
141                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
142         }
143
144         /* if we have a sid, give it some special access */
145
146         if ( sid ) {
147                 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sid_access, 0);
148         }
149
150         /* create the security descriptor */
151
152         if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
153                 return NT_STATUS_NO_MEMORY;
154
155         if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
156                                   SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
157                                   psa, sd_size)) == NULL)
158                 return NT_STATUS_NO_MEMORY;
159
160         return NT_STATUS_OK;
161 }
162
163 /*******************************************************************
164  Checks if access to an object should be granted, and returns that
165  level of access for further checks.
166 ********************************************************************/
167
168 static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token,
169                                           SE_PRIV *rights, uint32 rights_mask,
170                                           uint32 des_access, uint32 *acc_granted,
171                                           const char *debug )
172 {
173         NTSTATUS status = NT_STATUS_ACCESS_DENIED;
174         uint32 saved_mask = 0;
175
176         /* check privileges; certain SAM access bits should be overridden
177            by privileges (mostly having to do with creating/modifying/deleting
178            users and groups) */
179
180         if ( rights && user_has_any_privilege( token, rights ) ) {
181
182                 saved_mask = (des_access & rights_mask);
183                 des_access &= ~saved_mask;
184
185                 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n",
186                         rights_mask));
187         }
188
189
190         /* check the security descriptor first */
191
192         status = se_access_check(psd, token, des_access, acc_granted);
193         if (NT_STATUS_IS_OK(status)) {
194                 goto done;
195         }
196
197         /* give root a free pass */
198
199         if ( geteuid() == sec_initial_uid() ) {
200
201                 DEBUG(4,("%s: ACCESS should be DENIED  (requested: %#010x)\n", debug, des_access));
202                 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n"));
203
204                 *acc_granted = des_access;
205
206                 status = NT_STATUS_OK;
207                 goto done;
208         }
209
210
211 done:
212         /* add in any bits saved during the privilege check (only
213            matters is status is ok) */
214
215         *acc_granted |= rights_mask;
216
217         DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n",
218                 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED",
219                 des_access, *acc_granted));
220
221         return status;
222 }
223
224 /*******************************************************************
225  Checks if access to a function can be granted
226 ********************************************************************/
227
228 static NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug)
229 {
230         DEBUG(5,("%s: access check ((granted: %#010x;  required: %#010x)\n",
231                 debug, acc_granted, acc_required));
232
233         /* check the security descriptor first */
234
235         if ( (acc_granted&acc_required) == acc_required )
236                 return NT_STATUS_OK;
237
238         /* give root a free pass */
239
240         if (geteuid() == sec_initial_uid()) {
241
242                 DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x;  required: %#010x)\n",
243                         debug, acc_granted, acc_required));
244                 DEBUGADD(4,("but overwritten by euid == 0\n"));
245
246                 return NT_STATUS_OK;
247         }
248
249         DEBUG(2,("%s: ACCESS DENIED (granted: %#010x;  required: %#010x)\n",
250                 debug, acc_granted, acc_required));
251
252         return NT_STATUS_ACCESS_DENIED;
253 }
254
255 /*******************************************************************
256  Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
257 ********************************************************************/
258
259 static void map_max_allowed_access(const NT_USER_TOKEN *token,
260                                         uint32_t *pacc_requested)
261 {
262         if (!((*pacc_requested) & MAXIMUM_ALLOWED_ACCESS)) {
263                 return;
264         }
265         *pacc_requested &= ~MAXIMUM_ALLOWED_ACCESS;
266
267         /* At least try for generic read. */
268         *pacc_requested = GENERIC_READ_ACCESS;
269
270         /* root gets anything. */
271         if (geteuid() == sec_initial_uid()) {
272                 *pacc_requested |= GENERIC_ALL_ACCESS;
273                 return;
274         }
275
276         /* Full Access for 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
277
278         if (is_sid_in_token(token, &global_sid_Builtin_Administrators) ||
279                         is_sid_in_token(token, &global_sid_Builtin_Account_Operators)) {
280                 *pacc_requested |= GENERIC_ALL_ACCESS;
281                 return;
282         }
283
284         /* Full access for DOMAIN\Domain Admins. */
285         if ( IS_DC ) {
286                 DOM_SID domadmin_sid;
287                 sid_copy( &domadmin_sid, get_global_sam_sid() );
288                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
289                 if (is_sid_in_token(token, &domadmin_sid)) {
290                         *pacc_requested |= GENERIC_ALL_ACCESS;
291                         return;
292                 }
293         }
294         /* TODO ! Check privileges. */
295 }
296
297 /*******************************************************************
298  Fetch or create a dispinfo struct.
299 ********************************************************************/
300
301 static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid)
302 {
303         /*
304          * We do a static cache for DISP_INFO's here. Explanation can be found
305          * in Jeremy's checkin message to r11793:
306          *
307          * Fix the SAMR cache so it works across completely insane
308          * client behaviour (ie.:
309          * open pipe/open SAMR handle/enumerate 0 - 1024
310          * close SAMR handle, close pipe.
311          * open pipe/open SAMR handle/enumerate 1024 - 2048...
312          * close SAMR handle, close pipe.
313          * And on ad-nausium. Amazing.... probably object-oriented
314          * client side programming in action yet again.
315          * This change should *massively* improve performance when
316          * enumerating users from an LDAP database.
317          * Jeremy.
318          *
319          * "Our" and the builtin domain are the only ones where we ever
320          * enumerate stuff, so just cache 2 entries.
321          */
322
323         static struct disp_info builtin_dispinfo;
324         static struct disp_info domain_dispinfo;
325
326         /* There are two cases to consider here:
327            1) The SID is a domain SID and we look for an equality match, or
328            2) This is an account SID and so we return the DISP_INFO* for our
329               domain */
330
331         if (psid == NULL) {
332                 return NULL;
333         }
334
335         if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) {
336                 /*
337                  * Necessary only once, but it does not really hurt.
338                  */
339                 sid_copy(&builtin_dispinfo.sid, &global_sid_Builtin);
340
341                 return &builtin_dispinfo;
342         }
343
344         if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
345                 /*
346                  * Necessary only once, but it does not really hurt.
347                  */
348                 sid_copy(&domain_dispinfo.sid, get_global_sam_sid());
349
350                 return &domain_dispinfo;
351         }
352
353         return NULL;
354 }
355
356 /*******************************************************************
357  Create a samr_info struct.
358 ********************************************************************/
359
360 static struct samr_info *get_samr_info_by_sid(DOM_SID *psid)
361 {
362         struct samr_info *info;
363         fstring sid_str;
364         TALLOC_CTX *mem_ctx;
365
366         if (psid) {
367                 sid_to_fstring(sid_str, psid);
368         } else {
369                 fstrcpy(sid_str,"(NULL)");
370         }
371
372         mem_ctx = talloc_init("samr_info for domain sid %s", sid_str);
373
374         if ((info = TALLOC_ZERO_P(mem_ctx, struct samr_info)) == NULL)
375                 return NULL;
376
377         DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str));
378         if (psid) {
379                 sid_copy( &info->sid, psid);
380                 info->builtin_domain = sid_check_is_builtin(psid);
381         } else {
382                 DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n"));
383                 info->builtin_domain = False;
384         }
385         info->mem_ctx = mem_ctx;
386
387         info->disp_info = get_samr_dispinfo_by_sid(psid);
388
389         return info;
390 }
391
392 /*******************************************************************
393  Function to free the per SID data.
394  ********************************************************************/
395
396 static void free_samr_cache(DISP_INFO *disp_info)
397 {
398         DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
399                    sid_string_dbg(&disp_info->sid)));
400
401         /* We need to become root here because the paged search might have to
402          * tell the LDAP server we're not interested in the rest anymore. */
403
404         become_root();
405
406         if (disp_info->users) {
407                 DEBUG(10,("free_samr_cache: deleting users cache\n"));
408                 pdb_search_destroy(disp_info->users);
409                 disp_info->users = NULL;
410         }
411         if (disp_info->machines) {
412                 DEBUG(10,("free_samr_cache: deleting machines cache\n"));
413                 pdb_search_destroy(disp_info->machines);
414                 disp_info->machines = NULL;
415         }
416         if (disp_info->groups) {
417                 DEBUG(10,("free_samr_cache: deleting groups cache\n"));
418                 pdb_search_destroy(disp_info->groups);
419                 disp_info->groups = NULL;
420         }
421         if (disp_info->aliases) {
422                 DEBUG(10,("free_samr_cache: deleting aliases cache\n"));
423                 pdb_search_destroy(disp_info->aliases);
424                 disp_info->aliases = NULL;
425         }
426         if (disp_info->enum_users) {
427                 DEBUG(10,("free_samr_cache: deleting enum_users cache\n"));
428                 pdb_search_destroy(disp_info->enum_users);
429                 disp_info->enum_users = NULL;
430         }
431         disp_info->enum_acb_mask = 0;
432
433         unbecome_root();
434 }
435
436 /*******************************************************************
437  Function to free the per handle data.
438  ********************************************************************/
439
440 static void free_samr_info(void *ptr)
441 {
442         struct samr_info *info=(struct samr_info *) ptr;
443
444         /* Only free the dispinfo cache if no one bothered to set up
445            a timeout. */
446
447         if (info->disp_info && info->disp_info->cache_timeout_event == NULL) {
448                 free_samr_cache(info->disp_info);
449         }
450
451         talloc_destroy(info->mem_ctx);
452 }
453
454 /*******************************************************************
455  Idle event handler. Throw away the disp info cache.
456  ********************************************************************/
457
458 static void disp_info_cache_idle_timeout_handler(struct event_context *ev_ctx,
459                                                  struct timed_event *te,
460                                                  const struct timeval *now,
461                                                  void *private_data)
462 {
463         DISP_INFO *disp_info = (DISP_INFO *)private_data;
464
465         TALLOC_FREE(disp_info->cache_timeout_event);
466
467         DEBUG(10, ("disp_info_cache_idle_timeout_handler: caching timed "
468                    "out\n"));
469         free_samr_cache(disp_info);
470 }
471
472 /*******************************************************************
473  Setup cache removal idle event handler.
474  ********************************************************************/
475
476 static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
477 {
478         /* Remove any pending timeout and update. */
479
480         TALLOC_FREE(disp_info->cache_timeout_event);
481
482         DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
483                   "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
484                   (unsigned int)secs_fromnow ));
485
486         disp_info->cache_timeout_event = event_add_timed(
487                 smbd_event_context(), NULL,
488                 timeval_current_ofs(secs_fromnow, 0),
489                 "disp_info_cache_idle_timeout_handler",
490                 disp_info_cache_idle_timeout_handler, (void *)disp_info);
491 }
492
493 /*******************************************************************
494  Force flush any cache. We do this on any samr_set_xxx call.
495  We must also remove the timeout handler.
496  ********************************************************************/
497
498 static void force_flush_samr_cache(DISP_INFO *disp_info)
499 {
500         if ((disp_info == NULL) || (disp_info->cache_timeout_event == NULL)) {
501                 return;
502         }
503
504         DEBUG(10,("force_flush_samr_cache: clearing idle event\n"));
505         TALLOC_FREE(disp_info->cache_timeout_event);
506         free_samr_cache(disp_info);
507 }
508
509 /*******************************************************************
510  Ensure password info is never given out. Paranioa... JRA.
511  ********************************************************************/
512
513 static void samr_clear_sam_passwd(struct samu *sam_pass)
514 {
515
516         if (!sam_pass)
517                 return;
518
519         /* These now zero out the old password */
520
521         pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
522         pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
523 }
524
525 static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
526 {
527         struct samr_displayentry *entry;
528
529         if (info->builtin_domain) {
530                 /* No users in builtin. */
531                 return 0;
532         }
533
534         if (info->users == NULL) {
535                 info->users = pdb_search_users(acct_flags);
536                 if (info->users == NULL) {
537                         return 0;
538                 }
539         }
540         /* Fetch the last possible entry, thus trigger an enumeration */
541         pdb_search_entries(info->users, 0xffffffff, 1, &entry);
542
543         /* Ensure we cache this enumeration. */
544         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
545
546         return info->users->num_entries;
547 }
548
549 static uint32 count_sam_groups(struct disp_info *info)
550 {
551         struct samr_displayentry *entry;
552
553         if (info->builtin_domain) {
554                 /* No groups in builtin. */
555                 return 0;
556         }
557
558         if (info->groups == NULL) {
559                 info->groups = pdb_search_groups();
560                 if (info->groups == NULL) {
561                         return 0;
562                 }
563         }
564         /* Fetch the last possible entry, thus trigger an enumeration */
565         pdb_search_entries(info->groups, 0xffffffff, 1, &entry);
566
567         /* Ensure we cache this enumeration. */
568         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
569
570         return info->groups->num_entries;
571 }
572
573 static uint32 count_sam_aliases(struct disp_info *info)
574 {
575         struct samr_displayentry *entry;
576
577         if (info->aliases == NULL) {
578                 info->aliases = pdb_search_aliases(&info->sid);
579                 if (info->aliases == NULL) {
580                         return 0;
581                 }
582         }
583         /* Fetch the last possible entry, thus trigger an enumeration */
584         pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
585
586         /* Ensure we cache this enumeration. */
587         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
588
589         return info->aliases->num_entries;
590 }
591
592 /*******************************************************************
593  _samr_Close
594  ********************************************************************/
595
596 NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r)
597 {
598         if (!close_policy_hnd(p, r->in.handle)) {
599                 return NT_STATUS_INVALID_HANDLE;
600         }
601
602         ZERO_STRUCTP(r->out.handle);
603
604         return NT_STATUS_OK;
605 }
606
607 /*******************************************************************
608  _samr_OpenDomain
609  ********************************************************************/
610
611 NTSTATUS _samr_OpenDomain(pipes_struct *p,
612                           struct samr_OpenDomain *r)
613 {
614         struct    samr_info *info;
615         SEC_DESC *psd = NULL;
616         uint32    acc_granted;
617         uint32    des_access = r->in.access_mask;
618         NTSTATUS  status;
619         size_t    sd_size;
620         SE_PRIV se_rights;
621
622         /* find the connection policy handle. */
623
624         if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) )
625                 return NT_STATUS_INVALID_HANDLE;
626
627         status = access_check_samr_function(info->acc_granted,
628                                             SAMR_ACCESS_OPEN_DOMAIN,
629                                             "_samr_OpenDomain" );
630
631         if ( !NT_STATUS_IS_OK(status) )
632                 return status;
633
634         /*check if access can be granted as requested by client. */
635         map_max_allowed_access(p->server_info->ptok, &des_access);
636
637         make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 );
638         se_map_generic( &des_access, &dom_generic_mapping );
639
640         se_priv_copy( &se_rights, &se_machine_account );
641         se_priv_add( &se_rights, &se_add_users );
642
643         status = access_check_samr_object( psd, p->server_info->ptok,
644                 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access,
645                 &acc_granted, "_samr_OpenDomain" );
646
647         if ( !NT_STATUS_IS_OK(status) )
648                 return status;
649
650         if (!sid_check_is_domain(r->in.sid) &&
651             !sid_check_is_builtin(r->in.sid)) {
652                 return NT_STATUS_NO_SUCH_DOMAIN;
653         }
654
655         /* associate the domain SID with the (unique) handle. */
656         if ((info = get_samr_info_by_sid(r->in.sid))==NULL)
657                 return NT_STATUS_NO_MEMORY;
658         info->acc_granted = acc_granted;
659
660         /* get a (unique) handle.  open a policy on it. */
661         if (!create_policy_hnd(p, r->out.domain_handle, free_samr_info, (void *)info))
662                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
663
664         DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__));
665
666         return NT_STATUS_OK;
667 }
668
669 /*******************************************************************
670  _samr_GetUserPwInfo
671  ********************************************************************/
672
673 NTSTATUS _samr_GetUserPwInfo(pipes_struct *p,
674                              struct samr_GetUserPwInfo *r)
675 {
676         struct samr_info *info = NULL;
677         enum lsa_SidType sid_type;
678         uint32_t min_password_length = 0;
679         uint32_t password_properties = 0;
680         bool ret = false;
681         NTSTATUS status;
682
683         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
684
685         /* find the policy handle.  open a policy on it. */
686         if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info)) {
687                 return NT_STATUS_INVALID_HANDLE;
688         }
689
690         status = access_check_samr_function(info->acc_granted,
691                                             SAMR_USER_ACCESS_GET_ATTRIBUTES,
692                                             "_samr_GetUserPwInfo" );
693         if (!NT_STATUS_IS_OK(status)) {
694                 return status;
695         }
696
697         if (!sid_check_is_in_our_domain(&info->sid)) {
698                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
699         }
700
701         become_root();
702         ret = lookup_sid(p->mem_ctx, &info->sid, NULL, NULL, &sid_type);
703         unbecome_root();
704         if (ret == false) {
705                 return NT_STATUS_NO_SUCH_USER;
706         }
707
708         switch (sid_type) {
709                 case SID_NAME_USER:
710                         become_root();
711                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
712                                                &min_password_length);
713                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
714                                                &password_properties);
715                         unbecome_root();
716
717                         if (lp_check_password_script() && *lp_check_password_script()) {
718                                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
719                         }
720
721                         break;
722                 default:
723                         break;
724         }
725
726         r->out.info->min_password_length = min_password_length;
727         r->out.info->password_properties = password_properties;
728
729         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
730
731         return NT_STATUS_OK;
732 }
733
734 /*******************************************************************
735 ********************************************************************/
736
737 static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol,
738                                         DOM_SID *sid, uint32 *acc_granted,
739                                         DISP_INFO **ppdisp_info)
740 {
741         struct samr_info *info = NULL;
742
743         /* find the policy handle.  open a policy on it. */
744         if (!find_policy_by_hnd(p, pol, (void **)(void *)&info))
745                 return False;
746
747         if (!info)
748                 return False;
749
750         *sid = info->sid;
751         *acc_granted = info->acc_granted;
752         if (ppdisp_info) {
753                 *ppdisp_info = info->disp_info;
754         }
755
756         return True;
757 }
758
759 /*******************************************************************
760  _samr_SetSecurity
761  ********************************************************************/
762
763 NTSTATUS _samr_SetSecurity(pipes_struct *p,
764                            struct samr_SetSecurity *r)
765 {
766         DOM_SID pol_sid;
767         uint32 acc_granted, i;
768         SEC_ACL *dacl;
769         bool ret;
770         struct samu *sampass=NULL;
771         NTSTATUS status;
772
773         if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
774                 return NT_STATUS_INVALID_HANDLE;
775
776         if (!(sampass = samu_new( p->mem_ctx))) {
777                 DEBUG(0,("No memory!\n"));
778                 return NT_STATUS_NO_MEMORY;
779         }
780
781         /* get the user record */
782         become_root();
783         ret = pdb_getsampwsid(sampass, &pol_sid);
784         unbecome_root();
785
786         if (!ret) {
787                 DEBUG(4, ("User %s not found\n", sid_string_dbg(&pol_sid)));
788                 TALLOC_FREE(sampass);
789                 return NT_STATUS_INVALID_HANDLE;
790         }
791
792         dacl = r->in.sdbuf->sd->dacl;
793         for (i=0; i < dacl->num_aces; i++) {
794                 if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
795                         ret = pdb_set_pass_can_change(sampass,
796                                 (dacl->aces[i].access_mask &
797                                  SAMR_USER_ACCESS_CHANGE_PASSWORD) ?
798                                                       True: False);
799                         break;
800                 }
801         }
802
803         if (!ret) {
804                 TALLOC_FREE(sampass);
805                 return NT_STATUS_ACCESS_DENIED;
806         }
807
808         status = access_check_samr_function(acc_granted,
809                                             SAMR_USER_ACCESS_SET_ATTRIBUTES,
810                                             "_samr_SetSecurity");
811         if (NT_STATUS_IS_OK(status)) {
812                 become_root();
813                 status = pdb_update_sam_account(sampass);
814                 unbecome_root();
815         }
816
817         TALLOC_FREE(sampass);
818
819         return status;
820 }
821
822 /*******************************************************************
823   build correct perms based on policies and password times for _samr_query_sec_obj
824 *******************************************************************/
825 static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
826 {
827         struct samu *sampass=NULL;
828         bool ret;
829
830         if ( !(sampass = samu_new( mem_ctx )) ) {
831                 DEBUG(0,("No memory!\n"));
832                 return False;
833         }
834
835         become_root();
836         ret = pdb_getsampwsid(sampass, user_sid);
837         unbecome_root();
838
839         if (ret == False) {
840                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
841                 TALLOC_FREE(sampass);
842                 return False;
843         }
844
845         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
846
847         if (pdb_get_pass_can_change(sampass)) {
848                 TALLOC_FREE(sampass);
849                 return True;
850         }
851         TALLOC_FREE(sampass);
852         return False;
853 }
854
855
856 /*******************************************************************
857  _samr_QuerySecurity
858  ********************************************************************/
859
860 NTSTATUS _samr_QuerySecurity(pipes_struct *p,
861                              struct samr_QuerySecurity *r)
862 {
863         NTSTATUS status;
864         DOM_SID pol_sid;
865         SEC_DESC * psd = NULL;
866         uint32 acc_granted;
867         size_t sd_size;
868
869         /* Get the SID. */
870         if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
871                 return NT_STATUS_INVALID_HANDLE;
872
873         DEBUG(10,("_samr_QuerySecurity: querying security on SID: %s\n",
874                   sid_string_dbg(&pol_sid)));
875
876         status = access_check_samr_function(acc_granted,
877                                             STD_RIGHT_READ_CONTROL_ACCESS,
878                                             "_samr_QuerySecurity");
879         if (!NT_STATUS_IS_OK(status)) {
880                 return status;
881         }
882
883         /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
884
885         /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */
886         if (pol_sid.sid_rev_num == 0) {
887                 DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
888                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
889         } else if (sid_equal(&pol_sid,get_global_sam_sid())) {
890                 /* check if it is our domain SID */
891                 DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
892                          "with SID: %s\n", sid_string_dbg(&pol_sid)));
893                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
894         } else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
895                 /* check if it is the Builtin  Domain */
896                 /* TODO: Builtin probably needs a different SD with restricted write access*/
897                 DEBUG(5,("_samr_QuerySecurity: querying security on Builtin "
898                          "Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
899                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
900         } else if (sid_check_is_in_our_domain(&pol_sid) ||
901                  sid_check_is_in_builtin(&pol_sid)) {
902                 /* TODO: different SDs have to be generated for aliases groups and users.
903                          Currently all three get a default user SD  */
904                 DEBUG(10,("_samr_QuerySecurity: querying security on Object "
905                           "with SID: %s\n", sid_string_dbg(&pol_sid)));
906                 if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
907                         status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
908                                                           &pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
909                 } else {
910                         status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
911                                                           &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
912                 }
913         } else {
914                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
915         }
916
917         if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
918                 return NT_STATUS_NO_MEMORY;
919
920         return status;
921 }
922
923 /*******************************************************************
924 makes a SAM_ENTRY / UNISTR2* structure from a user list.
925 ********************************************************************/
926
927 static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx,
928                                          struct samr_SamEntry **sam_pp,
929                                          uint32_t num_entries,
930                                          uint32_t start_idx,
931                                          struct samr_displayentry *entries)
932 {
933         uint32_t i;
934         struct samr_SamEntry *sam;
935
936         *sam_pp = NULL;
937
938         if (num_entries == 0) {
939                 return NT_STATUS_OK;
940         }
941
942         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_entries);
943         if (sam == NULL) {
944                 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n"));
945                 return NT_STATUS_NO_MEMORY;
946         }
947
948         for (i = 0; i < num_entries; i++) {
949 #if 0
950                 /*
951                  * usrmgr expects a non-NULL terminated string with
952                  * trust relationships
953                  */
954                 if (entries[i].acct_flags & ACB_DOMTRUST) {
955                         init_unistr2(&uni_temp_name, entries[i].account_name,
956                                      UNI_FLAGS_NONE);
957                 } else {
958                         init_unistr2(&uni_temp_name, entries[i].account_name,
959                                      UNI_STR_TERMINATE);
960                 }
961 #endif
962                 init_lsa_String(&sam[i].name, entries[i].account_name);
963                 sam[i].idx = entries[i].rid;
964         }
965
966         *sam_pp = sam;
967
968         return NT_STATUS_OK;
969 }
970
971 #define MAX_SAM_ENTRIES MAX_SAM_ENTRIES_W2K
972
973 /*******************************************************************
974  _samr_EnumDomainUsers
975  ********************************************************************/
976
977 NTSTATUS _samr_EnumDomainUsers(pipes_struct *p,
978                                struct samr_EnumDomainUsers *r)
979 {
980         NTSTATUS status;
981         struct samr_info *info = NULL;
982         int num_account;
983         uint32 enum_context = *r->in.resume_handle;
984         enum remote_arch_types ra_type = get_remote_arch();
985         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
986         uint32 max_entries = max_sam_entries;
987         struct samr_displayentry *entries = NULL;
988         struct samr_SamArray *samr_array = NULL;
989         struct samr_SamEntry *samr_entries = NULL;
990
991         /* find the policy handle.  open a policy on it. */
992         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
993                 return NT_STATUS_INVALID_HANDLE;
994
995         status = access_check_samr_function(info->acc_granted,
996                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
997                                             "_samr_EnumDomainUsers");
998         if (!NT_STATUS_IS_OK(status)) {
999                 return status;
1000         }
1001
1002         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
1003
1004         if (info->builtin_domain) {
1005                 /* No users in builtin. */
1006                 *r->out.resume_handle = *r->in.resume_handle;
1007                 DEBUG(5,("_samr_EnumDomainUsers: No users in BUILTIN\n"));
1008                 return status;
1009         }
1010
1011         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1012         if (!samr_array) {
1013                 return NT_STATUS_NO_MEMORY;
1014         }
1015
1016         become_root();
1017
1018         /* AS ROOT !!!! */
1019
1020         if ((info->disp_info->enum_users != NULL) &&
1021             (info->disp_info->enum_acb_mask != r->in.acct_flags)) {
1022                 pdb_search_destroy(info->disp_info->enum_users);
1023                 info->disp_info->enum_users = NULL;
1024         }
1025
1026         if (info->disp_info->enum_users == NULL) {
1027                 info->disp_info->enum_users = pdb_search_users(r->in.acct_flags);
1028                 info->disp_info->enum_acb_mask = r->in.acct_flags;
1029         }
1030
1031         if (info->disp_info->enum_users == NULL) {
1032                 /* END AS ROOT !!!! */
1033                 unbecome_root();
1034                 return NT_STATUS_ACCESS_DENIED;
1035         }
1036
1037         num_account = pdb_search_entries(info->disp_info->enum_users,
1038                                          enum_context, max_entries,
1039                                          &entries);
1040
1041         /* END AS ROOT !!!! */
1042
1043         unbecome_root();
1044
1045         if (num_account == 0) {
1046                 DEBUG(5, ("_samr_EnumDomainUsers: enumeration handle over "
1047                           "total entries\n"));
1048                 *r->out.resume_handle = *r->in.resume_handle;
1049                 return NT_STATUS_OK;
1050         }
1051
1052         status = make_user_sam_entry_list(p->mem_ctx, &samr_entries,
1053                                           num_account, enum_context,
1054                                           entries);
1055         if (!NT_STATUS_IS_OK(status)) {
1056                 return status;
1057         }
1058
1059         if (max_entries <= num_account) {
1060                 status = STATUS_MORE_ENTRIES;
1061         } else {
1062                 status = NT_STATUS_OK;
1063         }
1064
1065         /* Ensure we cache this enumeration. */
1066         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1067
1068         DEBUG(5, ("_samr_EnumDomainUsers: %d\n", __LINE__));
1069
1070         samr_array->count = num_account;
1071         samr_array->entries = samr_entries;
1072
1073         *r->out.resume_handle = *r->in.resume_handle + num_account;
1074         *r->out.sam = samr_array;
1075         *r->out.num_entries = num_account;
1076
1077         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
1078
1079         return status;
1080 }
1081
1082 /*******************************************************************
1083 makes a SAM_ENTRY / UNISTR2* structure from a group list.
1084 ********************************************************************/
1085
1086 static void make_group_sam_entry_list(TALLOC_CTX *ctx,
1087                                       struct samr_SamEntry **sam_pp,
1088                                       uint32_t num_sam_entries,
1089                                       struct samr_displayentry *entries)
1090 {
1091         struct samr_SamEntry *sam;
1092         uint32_t i;
1093
1094         *sam_pp = NULL;
1095
1096         if (num_sam_entries == 0) {
1097                 return;
1098         }
1099
1100         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_sam_entries);
1101         if (sam == NULL) {
1102                 return;
1103         }
1104
1105         for (i = 0; i < num_sam_entries; i++) {
1106                 /*
1107                  * JRA. I think this should include the null. TNG does not.
1108                  */
1109                 init_lsa_String(&sam[i].name, entries[i].account_name);
1110                 sam[i].idx = entries[i].rid;
1111         }
1112
1113         *sam_pp = sam;
1114 }
1115
1116 /*******************************************************************
1117  _samr_EnumDomainGroups
1118  ********************************************************************/
1119
1120 NTSTATUS _samr_EnumDomainGroups(pipes_struct *p,
1121                                 struct samr_EnumDomainGroups *r)
1122 {
1123         NTSTATUS status;
1124         struct samr_info *info = NULL;
1125         struct samr_displayentry *groups;
1126         uint32 num_groups;
1127         struct samr_SamArray *samr_array = NULL;
1128         struct samr_SamEntry *samr_entries = NULL;
1129
1130         /* find the policy handle.  open a policy on it. */
1131         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1132                 return NT_STATUS_INVALID_HANDLE;
1133
1134         status = access_check_samr_function(info->acc_granted,
1135                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1136                                             "_samr_EnumDomainGroups");
1137         if (!NT_STATUS_IS_OK(status)) {
1138                 return status;
1139         }
1140
1141         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1142
1143         if (info->builtin_domain) {
1144                 /* No groups in builtin. */
1145                 *r->out.resume_handle = *r->in.resume_handle;
1146                 DEBUG(5,("_samr_EnumDomainGroups: No groups in BUILTIN\n"));
1147                 return status;
1148         }
1149
1150         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1151         if (!samr_array) {
1152                 return NT_STATUS_NO_MEMORY;
1153         }
1154
1155         /* the domain group array is being allocated in the function below */
1156
1157         become_root();
1158
1159         if (info->disp_info->groups == NULL) {
1160                 info->disp_info->groups = pdb_search_groups();
1161
1162                 if (info->disp_info->groups == NULL) {
1163                         unbecome_root();
1164                         return NT_STATUS_ACCESS_DENIED;
1165                 }
1166         }
1167
1168         num_groups = pdb_search_entries(info->disp_info->groups,
1169                                         *r->in.resume_handle,
1170                                         MAX_SAM_ENTRIES, &groups);
1171         unbecome_root();
1172
1173         /* Ensure we cache this enumeration. */
1174         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1175
1176         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1177                                   num_groups, groups);
1178
1179         samr_array->count = num_groups;
1180         samr_array->entries = samr_entries;
1181
1182         *r->out.sam = samr_array;
1183         *r->out.num_entries = num_groups;
1184         /* this was missing, IMHO:
1185         *r->out.resume_handle = num_groups + *r->in.resume_handle;
1186         */
1187
1188         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1189
1190         return status;
1191 }
1192
1193 /*******************************************************************
1194  _samr_EnumDomainAliases
1195  ********************************************************************/
1196
1197 NTSTATUS _samr_EnumDomainAliases(pipes_struct *p,
1198                                  struct samr_EnumDomainAliases *r)
1199 {
1200         NTSTATUS status;
1201         struct samr_info *info;
1202         struct samr_displayentry *aliases;
1203         uint32 num_aliases = 0;
1204         struct samr_SamArray *samr_array = NULL;
1205         struct samr_SamEntry *samr_entries = NULL;
1206
1207         /* find the policy handle.  open a policy on it. */
1208         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1209                 return NT_STATUS_INVALID_HANDLE;
1210
1211         DEBUG(5,("_samr_EnumDomainAliases: sid %s\n",
1212                  sid_string_dbg(&info->sid)));
1213
1214         status = access_check_samr_function(info->acc_granted,
1215                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1216                                             "_samr_EnumDomainAliases");
1217         if (!NT_STATUS_IS_OK(status)) {
1218                 return status;
1219         }
1220
1221         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1222         if (!samr_array) {
1223                 return NT_STATUS_NO_MEMORY;
1224         }
1225
1226         become_root();
1227
1228         if (info->disp_info->aliases == NULL) {
1229                 info->disp_info->aliases = pdb_search_aliases(&info->sid);
1230                 if (info->disp_info->aliases == NULL) {
1231                         unbecome_root();
1232                         return NT_STATUS_ACCESS_DENIED;
1233                 }
1234         }
1235
1236         num_aliases = pdb_search_entries(info->disp_info->aliases,
1237                                          *r->in.resume_handle,
1238                                          MAX_SAM_ENTRIES, &aliases);
1239         unbecome_root();
1240
1241         /* Ensure we cache this enumeration. */
1242         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1243
1244         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1245                                   num_aliases, aliases);
1246
1247         DEBUG(5,("_samr_EnumDomainAliases: %d\n", __LINE__));
1248
1249         samr_array->count = num_aliases;
1250         samr_array->entries = samr_entries;
1251
1252         *r->out.sam = samr_array;
1253         *r->out.num_entries = num_aliases;
1254         *r->out.resume_handle = num_aliases + *r->in.resume_handle;
1255
1256         return status;
1257 }
1258
1259 /*******************************************************************
1260  inits a samr_DispInfoGeneral structure.
1261 ********************************************************************/
1262
1263 static NTSTATUS init_samr_dispinfo_1(TALLOC_CTX *ctx,
1264                                      struct samr_DispInfoGeneral *r,
1265                                      uint32_t num_entries,
1266                                      uint32_t start_idx,
1267                                      struct samr_displayentry *entries)
1268 {
1269         uint32 i;
1270
1271         DEBUG(10, ("init_samr_dispinfo_1: num_entries: %d\n", num_entries));
1272
1273         if (num_entries == 0) {
1274                 return NT_STATUS_OK;
1275         }
1276
1277         r->count = num_entries;
1278
1279         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryGeneral, num_entries);
1280         if (!r->entries) {
1281                 return NT_STATUS_NO_MEMORY;
1282         }
1283
1284         for (i = 0; i < num_entries ; i++) {
1285
1286                 init_lsa_String(&r->entries[i].account_name,
1287                                 entries[i].account_name);
1288
1289                 init_lsa_String(&r->entries[i].description,
1290                                 entries[i].description);
1291
1292                 init_lsa_String(&r->entries[i].full_name,
1293                                 entries[i].fullname);
1294
1295                 r->entries[i].rid = entries[i].rid;
1296                 r->entries[i].acct_flags = entries[i].acct_flags;
1297                 r->entries[i].idx = start_idx+i+1;
1298         }
1299
1300         return NT_STATUS_OK;
1301 }
1302
1303 /*******************************************************************
1304  inits a samr_DispInfoFull structure.
1305 ********************************************************************/
1306
1307 static NTSTATUS init_samr_dispinfo_2(TALLOC_CTX *ctx,
1308                                      struct samr_DispInfoFull *r,
1309                                      uint32_t num_entries,
1310                                      uint32_t start_idx,
1311                                      struct samr_displayentry *entries)
1312 {
1313         uint32_t i;
1314
1315         DEBUG(10, ("init_samr_dispinfo_2: num_entries: %d\n", num_entries));
1316
1317         if (num_entries == 0) {
1318                 return NT_STATUS_OK;
1319         }
1320
1321         r->count = num_entries;
1322
1323         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFull, num_entries);
1324         if (!r->entries) {
1325                 return NT_STATUS_NO_MEMORY;
1326         }
1327
1328         for (i = 0; i < num_entries ; i++) {
1329
1330                 init_lsa_String(&r->entries[i].account_name,
1331                                 entries[i].account_name);
1332
1333                 init_lsa_String(&r->entries[i].description,
1334                                 entries[i].description);
1335
1336                 r->entries[i].rid = entries[i].rid;
1337                 r->entries[i].acct_flags = entries[i].acct_flags;
1338                 r->entries[i].idx = start_idx+i+1;
1339         }
1340
1341         return NT_STATUS_OK;
1342 }
1343
1344 /*******************************************************************
1345  inits a samr_DispInfoFullGroups structure.
1346 ********************************************************************/
1347
1348 static NTSTATUS init_samr_dispinfo_3(TALLOC_CTX *ctx,
1349                                      struct samr_DispInfoFullGroups *r,
1350                                      uint32_t num_entries,
1351                                      uint32_t start_idx,
1352                                      struct samr_displayentry *entries)
1353 {
1354         uint32_t i;
1355
1356         DEBUG(5, ("init_samr_dispinfo_3: num_entries: %d\n", num_entries));
1357
1358         if (num_entries == 0) {
1359                 return NT_STATUS_OK;
1360         }
1361
1362         r->count = num_entries;
1363
1364         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFullGroup, num_entries);
1365         if (!r->entries) {
1366                 return NT_STATUS_NO_MEMORY;
1367         }
1368
1369         for (i = 0; i < num_entries ; i++) {
1370
1371                 init_lsa_String(&r->entries[i].account_name,
1372                                 entries[i].account_name);
1373
1374                 init_lsa_String(&r->entries[i].description,
1375                                 entries[i].description);
1376
1377                 r->entries[i].rid = entries[i].rid;
1378                 r->entries[i].acct_flags = entries[i].acct_flags;
1379                 r->entries[i].idx = start_idx+i+1;
1380         }
1381
1382         return NT_STATUS_OK;
1383 }
1384
1385 /*******************************************************************
1386  inits a samr_DispInfoAscii structure.
1387 ********************************************************************/
1388
1389 static NTSTATUS init_samr_dispinfo_4(TALLOC_CTX *ctx,
1390                                      struct samr_DispInfoAscii *r,
1391                                      uint32_t num_entries,
1392                                      uint32_t start_idx,
1393                                      struct samr_displayentry *entries)
1394 {
1395         uint32_t i;
1396
1397         DEBUG(5, ("init_samr_dispinfo_4: num_entries: %d\n", num_entries));
1398
1399         if (num_entries == 0) {
1400                 return NT_STATUS_OK;
1401         }
1402
1403         r->count = num_entries;
1404
1405         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1406         if (!r->entries) {
1407                 return NT_STATUS_NO_MEMORY;
1408         }
1409
1410         for (i = 0; i < num_entries ; i++) {
1411
1412                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1413                                           entries[i].account_name);
1414
1415                 r->entries[i].idx = start_idx+i+1;
1416         }
1417
1418         return NT_STATUS_OK;
1419 }
1420
1421 /*******************************************************************
1422  inits a samr_DispInfoAscii structure.
1423 ********************************************************************/
1424
1425 static NTSTATUS init_samr_dispinfo_5(TALLOC_CTX *ctx,
1426                                      struct samr_DispInfoAscii *r,
1427                                      uint32_t num_entries,
1428                                      uint32_t start_idx,
1429                                      struct samr_displayentry *entries)
1430 {
1431         uint32_t i;
1432
1433         DEBUG(5, ("init_samr_dispinfo_5: num_entries: %d\n", num_entries));
1434
1435         if (num_entries == 0) {
1436                 return NT_STATUS_OK;
1437         }
1438
1439         r->count = num_entries;
1440
1441         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1442         if (!r->entries) {
1443                 return NT_STATUS_NO_MEMORY;
1444         }
1445
1446         for (i = 0; i < num_entries ; i++) {
1447
1448                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1449                                           entries[i].account_name);
1450
1451                 r->entries[i].idx = start_idx+i+1;
1452         }
1453
1454         return NT_STATUS_OK;
1455 }
1456
1457 /*******************************************************************
1458  _samr_QueryDisplayInfo
1459  ********************************************************************/
1460
1461 NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
1462                                 struct samr_QueryDisplayInfo *r)
1463 {
1464         NTSTATUS status;
1465         struct samr_info *info = NULL;
1466         uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */
1467
1468         uint32 max_entries = r->in.max_entries;
1469         uint32 enum_context = r->in.start_idx;
1470         uint32 max_size = r->in.buf_size;
1471
1472         union samr_DispInfo *disp_info = r->out.info;
1473
1474         uint32 temp_size=0, total_data_size=0;
1475         NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL;
1476         uint32 num_account = 0;
1477         enum remote_arch_types ra_type = get_remote_arch();
1478         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
1479         struct samr_displayentry *entries = NULL;
1480
1481         DEBUG(5,("_samr_QueryDisplayInfo: %d\n", __LINE__));
1482
1483         /* find the policy handle.  open a policy on it. */
1484         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1485                 return NT_STATUS_INVALID_HANDLE;
1486
1487         if (info->builtin_domain) {
1488                 DEBUG(5,("_samr_QueryDisplayInfo: Nothing in BUILTIN\n"));
1489                 return NT_STATUS_OK;
1490         }
1491
1492         status = access_check_samr_function(info->acc_granted,
1493                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1494                                             "_samr_QueryDisplayInfo");
1495         if (!NT_STATUS_IS_OK(status)) {
1496                 return status;
1497         }
1498
1499         /*
1500          * calculate how many entries we will return.
1501          * based on
1502          * - the number of entries the client asked
1503          * - our limit on that
1504          * - the starting point (enumeration context)
1505          * - the buffer size the client will accept
1506          */
1507
1508         /*
1509          * We are a lot more like W2K. Instead of reading the SAM
1510          * each time to find the records we need to send back,
1511          * we read it once and link that copy to the sam handle.
1512          * For large user list (over the MAX_SAM_ENTRIES)
1513          * it's a definitive win.
1514          * second point to notice: between enumerations
1515          * our sam is now the same as it's a snapshoot.
1516          * third point: got rid of the static SAM_USER_21 struct
1517          * no more intermediate.
1518          * con: it uses much more memory, as a full copy is stored
1519          * in memory.
1520          *
1521          * If you want to change it, think twice and think
1522          * of the second point , that's really important.
1523          *
1524          * JFM, 12/20/2001
1525          */
1526
1527         if ((r->in.level < 1) || (r->in.level > 5)) {
1528                 DEBUG(0,("_samr_QueryDisplayInfo: Unknown info level (%u)\n",
1529                          (unsigned int)r->in.level ));
1530                 return NT_STATUS_INVALID_INFO_CLASS;
1531         }
1532
1533         /* first limit the number of entries we will return */
1534         if(max_entries > max_sam_entries) {
1535                 DEBUG(5, ("_samr_QueryDisplayInfo: client requested %d "
1536                           "entries, limiting to %d\n", max_entries,
1537                           max_sam_entries));
1538                 max_entries = max_sam_entries;
1539         }
1540
1541         /* calculate the size and limit on the number of entries we will
1542          * return */
1543
1544         temp_size=max_entries*struct_size;
1545
1546         if (temp_size>max_size) {
1547                 max_entries=MIN((max_size/struct_size),max_entries);;
1548                 DEBUG(5, ("_samr_QueryDisplayInfo: buffer size limits to "
1549                           "only %d entries\n", max_entries));
1550         }
1551
1552         become_root();
1553
1554         /* THe following done as ROOT. Don't return without unbecome_root(). */
1555
1556         switch (r->in.level) {
1557         case 0x1:
1558         case 0x4:
1559                 if (info->disp_info->users == NULL) {
1560                         info->disp_info->users = pdb_search_users(ACB_NORMAL);
1561                         if (info->disp_info->users == NULL) {
1562                                 unbecome_root();
1563                                 return NT_STATUS_ACCESS_DENIED;
1564                         }
1565                         DEBUG(10,("_samr_QueryDisplayInfo: starting user enumeration at index %u\n",
1566                                 (unsigned  int)enum_context ));
1567                 } else {
1568                         DEBUG(10,("_samr_QueryDisplayInfo: using cached user enumeration at index %u\n",
1569                                 (unsigned  int)enum_context ));
1570                 }
1571
1572                 num_account = pdb_search_entries(info->disp_info->users,
1573                                                  enum_context, max_entries,
1574                                                  &entries);
1575                 break;
1576         case 0x2:
1577                 if (info->disp_info->machines == NULL) {
1578                         info->disp_info->machines =
1579                                 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST);
1580                         if (info->disp_info->machines == NULL) {
1581                                 unbecome_root();
1582                                 return NT_STATUS_ACCESS_DENIED;
1583                         }
1584                         DEBUG(10,("_samr_QueryDisplayInfo: starting machine enumeration at index %u\n",
1585                                 (unsigned  int)enum_context ));
1586                 } else {
1587                         DEBUG(10,("_samr_QueryDisplayInfo: using cached machine enumeration at index %u\n",
1588                                 (unsigned  int)enum_context ));
1589                 }
1590
1591                 num_account = pdb_search_entries(info->disp_info->machines,
1592                                                  enum_context, max_entries,
1593                                                  &entries);
1594                 break;
1595         case 0x3:
1596         case 0x5:
1597                 if (info->disp_info->groups == NULL) {
1598                         info->disp_info->groups = pdb_search_groups();
1599                         if (info->disp_info->groups == NULL) {
1600                                 unbecome_root();
1601                                 return NT_STATUS_ACCESS_DENIED;
1602                         }
1603                         DEBUG(10,("_samr_QueryDisplayInfo: starting group enumeration at index %u\n",
1604                                 (unsigned  int)enum_context ));
1605                 } else {
1606                         DEBUG(10,("_samr_QueryDisplayInfo: using cached group enumeration at index %u\n",
1607                                 (unsigned  int)enum_context ));
1608                 }
1609
1610                 num_account = pdb_search_entries(info->disp_info->groups,
1611                                                  enum_context, max_entries,
1612                                                  &entries);
1613                 break;
1614         default:
1615                 unbecome_root();
1616                 smb_panic("info class changed");
1617                 break;
1618         }
1619         unbecome_root();
1620
1621
1622         /* Now create reply structure */
1623         switch (r->in.level) {
1624         case 0x1:
1625                 disp_ret = init_samr_dispinfo_1(p->mem_ctx, &disp_info->info1,
1626                                                 num_account, enum_context,
1627                                                 entries);
1628                 break;
1629         case 0x2:
1630                 disp_ret = init_samr_dispinfo_2(p->mem_ctx, &disp_info->info2,
1631                                                 num_account, enum_context,
1632                                                 entries);
1633                 break;
1634         case 0x3:
1635                 disp_ret = init_samr_dispinfo_3(p->mem_ctx, &disp_info->info3,
1636                                                 num_account, enum_context,
1637                                                 entries);
1638                 break;
1639         case 0x4:
1640                 disp_ret = init_samr_dispinfo_4(p->mem_ctx, &disp_info->info4,
1641                                                 num_account, enum_context,
1642                                                 entries);
1643                 break;
1644         case 0x5:
1645                 disp_ret = init_samr_dispinfo_5(p->mem_ctx, &disp_info->info5,
1646                                                 num_account, enum_context,
1647                                                 entries);
1648                 break;
1649         default:
1650                 smb_panic("info class changed");
1651                 break;
1652         }
1653
1654         if (!NT_STATUS_IS_OK(disp_ret))
1655                 return disp_ret;
1656
1657         /* calculate the total size */
1658         total_data_size=num_account*struct_size;
1659
1660         if (max_entries <= num_account) {
1661                 status = STATUS_MORE_ENTRIES;
1662         } else {
1663                 status = NT_STATUS_OK;
1664         }
1665
1666         /* Ensure we cache this enumeration. */
1667         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1668
1669         DEBUG(5, ("_samr_QueryDisplayInfo: %d\n", __LINE__));
1670
1671         *r->out.total_size = total_data_size;
1672         *r->out.returned_size = temp_size;
1673
1674         return status;
1675 }
1676
1677 /****************************************************************
1678  _samr_QueryDisplayInfo2
1679 ****************************************************************/
1680
1681 NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p,
1682                                  struct samr_QueryDisplayInfo2 *r)
1683 {
1684         struct samr_QueryDisplayInfo q;
1685
1686         q.in.domain_handle      = r->in.domain_handle;
1687         q.in.level              = r->in.level;
1688         q.in.start_idx          = r->in.start_idx;
1689         q.in.max_entries        = r->in.max_entries;
1690         q.in.buf_size           = r->in.buf_size;
1691
1692         q.out.total_size        = r->out.total_size;
1693         q.out.returned_size     = r->out.returned_size;
1694         q.out.info              = r->out.info;
1695
1696         return _samr_QueryDisplayInfo(p, &q);
1697 }
1698
1699 /****************************************************************
1700  _samr_QueryDisplayInfo3
1701 ****************************************************************/
1702
1703 NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p,
1704                                  struct samr_QueryDisplayInfo3 *r)
1705 {
1706         struct samr_QueryDisplayInfo q;
1707
1708         q.in.domain_handle      = r->in.domain_handle;
1709         q.in.level              = r->in.level;
1710         q.in.start_idx          = r->in.start_idx;
1711         q.in.max_entries        = r->in.max_entries;
1712         q.in.buf_size           = r->in.buf_size;
1713
1714         q.out.total_size        = r->out.total_size;
1715         q.out.returned_size     = r->out.returned_size;
1716         q.out.info              = r->out.info;
1717
1718         return _samr_QueryDisplayInfo(p, &q);
1719 }
1720
1721 /*******************************************************************
1722  _samr_QueryAliasInfo
1723  ********************************************************************/
1724
1725 NTSTATUS _samr_QueryAliasInfo(pipes_struct *p,
1726                               struct samr_QueryAliasInfo *r)
1727 {
1728         DOM_SID   sid;
1729         struct acct_info info;
1730         uint32    acc_granted;
1731         NTSTATUS status;
1732         union samr_AliasInfo *alias_info = NULL;
1733         const char *alias_name = NULL;
1734         const char *alias_description = NULL;
1735
1736         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1737
1738         alias_info = TALLOC_ZERO_P(p->mem_ctx, union samr_AliasInfo);
1739         if (!alias_info) {
1740                 return NT_STATUS_NO_MEMORY;
1741         }
1742
1743         /* find the policy handle.  open a policy on it. */
1744         if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &sid, &acc_granted, NULL))
1745                 return NT_STATUS_INVALID_HANDLE;
1746
1747         status = access_check_samr_function(acc_granted,
1748                                             SAMR_ALIAS_ACCESS_LOOKUP_INFO,
1749                                             "_samr_QueryAliasInfo");
1750         if (!NT_STATUS_IS_OK(status)) {
1751                 return status;
1752         }
1753
1754         become_root();
1755         status = pdb_get_aliasinfo(&sid, &info);
1756         unbecome_root();
1757
1758         if ( !NT_STATUS_IS_OK(status))
1759                 return status;
1760
1761         /* FIXME: info contains fstrings */
1762         alias_name = talloc_strdup(r, info.acct_name);
1763         alias_description = talloc_strdup(r, info.acct_desc);
1764
1765         switch (r->in.level) {
1766         case ALIASINFOALL:
1767                 init_samr_alias_info1(&alias_info->all,
1768                                       alias_name,
1769                                       1,
1770                                       alias_description);
1771                 break;
1772         case ALIASINFODESCRIPTION:
1773                 init_samr_alias_info3(&alias_info->description,
1774                                       alias_description);
1775                 break;
1776         default:
1777                 return NT_STATUS_INVALID_INFO_CLASS;
1778         }
1779
1780         *r->out.info = alias_info;
1781
1782         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1783
1784         return NT_STATUS_OK;
1785 }
1786
1787 /*******************************************************************
1788  _samr_LookupNames
1789  ********************************************************************/
1790
1791 NTSTATUS _samr_LookupNames(pipes_struct *p,
1792                            struct samr_LookupNames *r)
1793 {
1794         NTSTATUS status;
1795         uint32 *rid;
1796         enum lsa_SidType *type;
1797         int i;
1798         int num_rids = r->in.num_names;
1799         DOM_SID pol_sid;
1800         uint32  acc_granted;
1801         struct samr_Ids rids, types;
1802         uint32_t num_mapped = 0;
1803
1804         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1805
1806         if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &pol_sid, &acc_granted, NULL)) {
1807                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
1808         }
1809
1810         status = access_check_samr_function(acc_granted,
1811                                             0, /* Don't know the acc_bits yet */
1812                                             "_samr_LookupNames");
1813         if (!NT_STATUS_IS_OK(status)) {
1814                 return status;
1815         }
1816
1817         if (num_rids > MAX_SAM_ENTRIES) {
1818                 num_rids = MAX_SAM_ENTRIES;
1819                 DEBUG(5,("_samr_LookupNames: truncating entries to %d\n", num_rids));
1820         }
1821
1822         rid = talloc_array(p->mem_ctx, uint32, num_rids);
1823         NT_STATUS_HAVE_NO_MEMORY(rid);
1824
1825         type = talloc_array(p->mem_ctx, enum lsa_SidType, num_rids);
1826         NT_STATUS_HAVE_NO_MEMORY(type);
1827
1828         DEBUG(5,("_samr_LookupNames: looking name on SID %s\n",
1829                  sid_string_dbg(&pol_sid)));
1830
1831         for (i = 0; i < num_rids; i++) {
1832
1833                 status = NT_STATUS_NONE_MAPPED;
1834                 type[i] = SID_NAME_UNKNOWN;
1835
1836                 rid[i] = 0xffffffff;
1837
1838                 if (sid_check_is_builtin(&pol_sid)) {
1839                         if (lookup_builtin_name(r->in.names[i].string,
1840                                                 &rid[i]))
1841                         {
1842                                 type[i] = SID_NAME_ALIAS;
1843                         }
1844                 } else {
1845                         lookup_global_sam_name(r->in.names[i].string, 0,
1846                                                &rid[i], &type[i]);
1847                 }
1848
1849                 if (type[i] != SID_NAME_UNKNOWN) {
1850                         num_mapped++;
1851                 }
1852         }
1853
1854         if (num_mapped == num_rids) {
1855                 status = NT_STATUS_OK;
1856         } else if (num_mapped == 0) {
1857                 status = NT_STATUS_NONE_MAPPED;
1858         } else {
1859                 status = STATUS_SOME_UNMAPPED;
1860         }
1861
1862         rids.count = num_rids;
1863         rids.ids = rid;
1864
1865         types.count = num_rids;
1866         types.ids = type;
1867
1868         *r->out.rids = rids;
1869         *r->out.types = types;
1870
1871         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1872
1873         return status;
1874 }
1875
1876 /*******************************************************************
1877  _samr_ChangePasswordUser2
1878  ********************************************************************/
1879
1880 NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
1881                                    struct samr_ChangePasswordUser2 *r)
1882 {
1883         NTSTATUS status;
1884         fstring user_name;
1885         fstring wks;
1886
1887         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1888
1889         fstrcpy(user_name, r->in.account->string);
1890         fstrcpy(wks, r->in.server->string);
1891
1892         DEBUG(5,("_samr_ChangePasswordUser2: user: %s wks: %s\n", user_name, wks));
1893
1894         /*
1895          * Pass the user through the NT -> unix user mapping
1896          * function.
1897          */
1898
1899         (void)map_username(user_name);
1900
1901         /*
1902          * UNIX username case mangling not required, pass_oem_change
1903          * is case insensitive.
1904          */
1905
1906         status = pass_oem_change(user_name,
1907                                  r->in.lm_password->data,
1908                                  r->in.lm_verifier->hash,
1909                                  r->in.nt_password->data,
1910                                  r->in.nt_verifier->hash,
1911                                  NULL);
1912
1913         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1914
1915         return status;
1916 }
1917
1918 /*******************************************************************
1919  _samr_ChangePasswordUser3
1920  ********************************************************************/
1921
1922 NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p,
1923                                    struct samr_ChangePasswordUser3 *r)
1924 {
1925         NTSTATUS status;
1926         fstring user_name;
1927         const char *wks = NULL;
1928         uint32 reject_reason;
1929         struct samr_DomInfo1 *dominfo = NULL;
1930         struct samr_ChangeReject *reject = NULL;
1931
1932         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
1933
1934         fstrcpy(user_name, r->in.account->string);
1935         if (r->in.server && r->in.server->string) {
1936                 wks = r->in.server->string;
1937         }
1938
1939         DEBUG(5,("_samr_ChangePasswordUser3: user: %s wks: %s\n", user_name, wks));
1940
1941         /*
1942          * Pass the user through the NT -> unix user mapping
1943          * function.
1944          */
1945
1946         (void)map_username(user_name);
1947
1948         /*
1949          * UNIX username case mangling not required, pass_oem_change
1950          * is case insensitive.
1951          */
1952
1953         status = pass_oem_change(user_name,
1954                                  r->in.lm_password->data,
1955                                  r->in.lm_verifier->hash,
1956                                  r->in.nt_password->data,
1957                                  r->in.nt_verifier->hash,
1958                                  &reject_reason);
1959
1960         if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) ||
1961             NT_STATUS_EQUAL(status, NT_STATUS_ACCOUNT_RESTRICTION)) {
1962
1963                 uint32 min_pass_len,pass_hist,password_properties;
1964                 time_t u_expire, u_min_age;
1965                 NTTIME nt_expire, nt_min_age;
1966                 uint32 account_policy_temp;
1967
1968                 dominfo = TALLOC_ZERO_P(p->mem_ctx, struct samr_DomInfo1);
1969                 if (!dominfo) {
1970                         return NT_STATUS_NO_MEMORY;
1971                 }
1972
1973                 reject = TALLOC_ZERO_P(p->mem_ctx, struct samr_ChangeReject);
1974                 if (!reject) {
1975                         return NT_STATUS_NO_MEMORY;
1976                 }
1977
1978                 become_root();
1979
1980                 /* AS ROOT !!! */
1981
1982                 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
1983                 min_pass_len = account_policy_temp;
1984
1985                 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
1986                 pass_hist = account_policy_temp;
1987
1988                 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
1989                 password_properties = account_policy_temp;
1990
1991                 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
1992                 u_expire = account_policy_temp;
1993
1994                 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
1995                 u_min_age = account_policy_temp;
1996
1997                 /* !AS ROOT */
1998
1999                 unbecome_root();
2000
2001                 unix_to_nt_time_abs(&nt_expire, u_expire);
2002                 unix_to_nt_time_abs(&nt_min_age, u_min_age);
2003
2004                 if (lp_check_password_script() && *lp_check_password_script()) {
2005                         password_properties |= DOMAIN_PASSWORD_COMPLEX;
2006                 }
2007
2008                 init_samr_DomInfo1(dominfo,
2009                                    min_pass_len,
2010                                    pass_hist,
2011                                    password_properties,
2012                                    u_expire,
2013                                    u_min_age);
2014
2015                 reject->reason = reject_reason;
2016
2017                 *r->out.dominfo = dominfo;
2018                 *r->out.reject = reject;
2019         }
2020
2021         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
2022
2023         return status;
2024 }
2025
2026 /*******************************************************************
2027 makes a SAMR_R_LOOKUP_RIDS structure.
2028 ********************************************************************/
2029
2030 static bool make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names,
2031                                   const char **names,
2032                                   struct lsa_String **lsa_name_array_p)
2033 {
2034         struct lsa_String *lsa_name_array = NULL;
2035         uint32_t i;
2036
2037         *lsa_name_array_p = NULL;
2038
2039         if (num_names != 0) {
2040                 lsa_name_array = TALLOC_ZERO_ARRAY(ctx, struct lsa_String, num_names);
2041                 if (!lsa_name_array) {
2042                         return false;
2043                 }
2044         }
2045
2046         for (i = 0; i < num_names; i++) {
2047                 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : ""));
2048                 init_lsa_String(&lsa_name_array[i], names[i]);
2049         }
2050
2051         *lsa_name_array_p = lsa_name_array;
2052
2053         return true;
2054 }
2055
2056 /*******************************************************************
2057  _samr_LookupRids
2058  ********************************************************************/
2059
2060 NTSTATUS _samr_LookupRids(pipes_struct *p,
2061                           struct samr_LookupRids *r)
2062 {
2063         NTSTATUS status;
2064         const char **names;
2065         enum lsa_SidType *attrs = NULL;
2066         uint32 *wire_attrs = NULL;
2067         DOM_SID pol_sid;
2068         int num_rids = (int)r->in.num_rids;
2069         uint32 acc_granted;
2070         int i;
2071         struct lsa_Strings names_array;
2072         struct samr_Ids types_array;
2073         struct lsa_String *lsa_names = NULL;
2074
2075         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
2076
2077         /* find the policy handle.  open a policy on it. */
2078         if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &pol_sid, &acc_granted, NULL))
2079                 return NT_STATUS_INVALID_HANDLE;
2080
2081         status = access_check_samr_function(acc_granted,
2082                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
2083                                             "_samr_LookupRids");
2084         if (!NT_STATUS_IS_OK(status)) {
2085                 return status;
2086         }
2087
2088         if (num_rids > 1000) {
2089                 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according "
2090                           "to samba4 idl this is not possible\n", num_rids));
2091                 return NT_STATUS_UNSUCCESSFUL;
2092         }
2093
2094         if (num_rids) {
2095                 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids);
2096                 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids);
2097                 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids);
2098
2099                 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))
2100                         return NT_STATUS_NO_MEMORY;
2101         } else {
2102                 names = NULL;
2103                 attrs = NULL;
2104                 wire_attrs = NULL;
2105         }
2106
2107         become_root();  /* lookup_sid can require root privs */
2108         status = pdb_lookup_rids(&pol_sid, num_rids, r->in.rids,
2109                                  names, attrs);
2110         unbecome_root();
2111
2112         if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED) && (num_rids == 0)) {
2113                 status = NT_STATUS_OK;
2114         }
2115
2116         if (!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
2117                                    &lsa_names)) {
2118                 return NT_STATUS_NO_MEMORY;
2119         }
2120
2121         /* Convert from enum lsa_SidType to uint32 for wire format. */
2122         for (i = 0; i < num_rids; i++) {
2123                 wire_attrs[i] = (uint32)attrs[i];
2124         }
2125
2126         names_array.count = num_rids;
2127         names_array.names = lsa_names;
2128
2129         types_array.count = num_rids;
2130         types_array.ids = wire_attrs;
2131
2132         *r->out.names = names_array;
2133         *r->out.types = types_array;
2134
2135         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
2136
2137         return status;
2138 }
2139
2140 /*******************************************************************
2141  _samr_OpenUser
2142 ********************************************************************/
2143
2144 NTSTATUS _samr_OpenUser(pipes_struct *p,
2145                         struct samr_OpenUser *r)
2146 {
2147         struct samu *sampass=NULL;
2148         DOM_SID sid;
2149         POLICY_HND domain_pol = *r->in.domain_handle;
2150         POLICY_HND *user_pol = r->out.user_handle;
2151         struct samr_info *info = NULL;
2152         SEC_DESC *psd = NULL;
2153         uint32    acc_granted;
2154         uint32    des_access = r->in.access_mask;
2155         size_t    sd_size;
2156         bool ret;
2157         NTSTATUS nt_status;
2158         SE_PRIV se_rights;
2159
2160         /* find the domain policy handle and get domain SID / access bits in the domain policy. */
2161
2162         if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
2163                 return NT_STATUS_INVALID_HANDLE;
2164
2165         nt_status = access_check_samr_function(acc_granted,
2166                                                SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2167                                                "_samr_OpenUser" );
2168
2169         if ( !NT_STATUS_IS_OK(nt_status) )
2170                 return nt_status;
2171
2172         if ( !(sampass = samu_new( p->mem_ctx )) ) {
2173                 return NT_STATUS_NO_MEMORY;
2174         }
2175
2176         /* append the user's RID to it */
2177
2178         if (!sid_append_rid(&sid, r->in.rid))
2179                 return NT_STATUS_NO_SUCH_USER;
2180
2181         /* check if access can be granted as requested by client. */
2182
2183         map_max_allowed_access(p->server_info->ptok, &des_access);
2184
2185         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
2186         se_map_generic(&des_access, &usr_generic_mapping);
2187
2188         se_priv_copy( &se_rights, &se_machine_account );
2189         se_priv_add( &se_rights, &se_add_users );
2190
2191         nt_status = access_check_samr_object(psd, p->server_info->ptok,
2192                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
2193                 &acc_granted, "_samr_OpenUser");
2194
2195         if ( !NT_STATUS_IS_OK(nt_status) )
2196                 return nt_status;
2197
2198         become_root();
2199         ret=pdb_getsampwsid(sampass, &sid);
2200         unbecome_root();
2201
2202         /* check that the SID exists in our domain. */
2203         if (ret == False) {
2204                 return NT_STATUS_NO_SUCH_USER;
2205         }
2206
2207         TALLOC_FREE(sampass);
2208
2209         /* associate the user's SID and access bits with the new handle. */
2210         if ((info = get_samr_info_by_sid(&sid)) == NULL)
2211                 return NT_STATUS_NO_MEMORY;
2212         info->acc_granted = acc_granted;
2213
2214         /* get a (unique) handle.  open a policy on it. */
2215         if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
2216                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2217
2218         return NT_STATUS_OK;
2219 }
2220
2221 /*************************************************************************
2222  *************************************************************************/
2223
2224 static NTSTATUS init_samr_parameters_string(TALLOC_CTX *mem_ctx,
2225                                             DATA_BLOB *blob,
2226                                             struct lsa_BinaryString **_r)
2227 {
2228         struct lsa_BinaryString *r;
2229
2230         if (!blob || !_r) {
2231                 return NT_STATUS_INVALID_PARAMETER;
2232         }
2233
2234         r = TALLOC_ZERO_P(mem_ctx, struct lsa_BinaryString);
2235         if (!r) {
2236                 return NT_STATUS_NO_MEMORY;
2237         }
2238
2239         r->array = TALLOC_ZERO_ARRAY(mem_ctx, uint16_t, blob->length/2);
2240         if (!r->array) {
2241                 return NT_STATUS_NO_MEMORY;
2242         }
2243         memcpy(r->array, blob->data, blob->length);
2244         r->size = blob->length;
2245         r->length = blob->length;
2246
2247         if (!r->array) {
2248                 return NT_STATUS_NO_MEMORY;
2249         }
2250
2251         *_r = r;
2252
2253         return NT_STATUS_OK;
2254 }
2255
2256 static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
2257                                 struct samr_UserInfo5 *r,
2258                                 DOM_SID *user_sid,
2259                                 DOM_SID *domain_sid)
2260 {
2261         struct samu *pw = NULL;
2262         bool ret;
2263         const DOM_SID *sid_user, *sid_group;
2264         uint32_t rid, primary_gid;
2265         NTTIME last_logon, last_logoff, last_password_change,
2266                acct_expiry;
2267         const char *account_name, *full_name, *home_directory, *home_drive,
2268                    *logon_script, *profile_path, *description,
2269                    *workstations, *comment;
2270         struct samr_LogonHours logon_hours;
2271
2272         ZERO_STRUCTP(r);
2273
2274         if (!(pw = samu_new(mem_ctx))) {
2275                 return NT_STATUS_NO_MEMORY;
2276         }
2277
2278         become_root();
2279         ret = pdb_getsampwsid(pw, user_sid);
2280         unbecome_root();
2281
2282         if (ret == False) {
2283                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2284                 TALLOC_FREE(pw);
2285                 return NT_STATUS_NO_SUCH_USER;
2286         }
2287
2288         samr_clear_sam_passwd(pw);
2289
2290         DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
2291
2292         sid_user = pdb_get_user_sid(pw);
2293
2294         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2295                 DEBUG(0, ("get_user_info_5: User %s has SID %s, \nwhich conflicts with "
2296                           "the domain sid %s.  Failing operation.\n",
2297                           pdb_get_username(pw), sid_string_dbg(sid_user),
2298                           sid_string_dbg(domain_sid)));
2299                 TALLOC_FREE(pw);
2300                 return NT_STATUS_UNSUCCESSFUL;
2301         }
2302
2303         become_root();
2304         sid_group = pdb_get_group_sid(pw);
2305         unbecome_root();
2306
2307         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2308                 DEBUG(0, ("get_user_info_5: User %s has Primary Group SID %s, \n"
2309                           "which conflicts with the domain sid %s.  Failing operation.\n",
2310                           pdb_get_username(pw), sid_string_dbg(sid_group),
2311                           sid_string_dbg(domain_sid)));
2312                 TALLOC_FREE(pw);
2313                 return NT_STATUS_UNSUCCESSFUL;
2314         }
2315
2316         unix_to_nt_time(&last_logon, pdb_get_logon_time(pw));
2317         unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw));
2318         unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw));
2319         unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw));
2320
2321         account_name = talloc_strdup(mem_ctx, pdb_get_username(pw));
2322         full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2323         home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2324         home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2325         logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2326         profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2327         description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2328         workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2329         comment = talloc_strdup(mem_ctx, pdb_get_comment(pw));
2330
2331         logon_hours = get_logon_hours_from_pdb(mem_ctx, pw);
2332
2333         init_samr_user_info5(r,
2334                              account_name,
2335                              full_name,
2336                              rid,
2337                              primary_gid,
2338                              home_directory,
2339                              home_drive,
2340                              logon_script,
2341                              profile_path,
2342                              description,
2343                              workstations,
2344                              last_logon,
2345                              last_logoff,
2346                              logon_hours,
2347                              pdb_get_bad_password_count(pw),
2348                              pdb_get_logon_count(pw),
2349                              last_password_change,
2350                              acct_expiry,
2351                              pdb_get_acct_ctrl(pw));
2352
2353         TALLOC_FREE(pw);
2354
2355         return NT_STATUS_OK;
2356 }
2357
2358 /*************************************************************************
2359  get_user_info_7. Safe. Only gives out account_name.
2360  *************************************************************************/
2361
2362 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
2363                                 struct samr_UserInfo7 *r,
2364                                 DOM_SID *user_sid)
2365 {
2366         struct samu *smbpass=NULL;
2367         bool ret;
2368         const char *account_name = NULL;
2369
2370         ZERO_STRUCTP(r);
2371
2372         if ( !(smbpass = samu_new( mem_ctx )) ) {
2373                 return NT_STATUS_NO_MEMORY;
2374         }
2375
2376         become_root();
2377         ret = pdb_getsampwsid(smbpass, user_sid);
2378         unbecome_root();
2379
2380         if ( !ret ) {
2381                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2382                 return NT_STATUS_NO_SUCH_USER;
2383         }
2384
2385         account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
2386         if (!account_name) {
2387                 TALLOC_FREE(smbpass);
2388                 return NT_STATUS_NO_MEMORY;
2389         }
2390         TALLOC_FREE(smbpass);
2391
2392         DEBUG(3,("User:[%s]\n", account_name));
2393
2394         init_samr_user_info7(r, account_name);
2395
2396         return NT_STATUS_OK;
2397 }
2398
2399 /*************************************************************************
2400  get_user_info_9. Only gives out primary group SID.
2401  *************************************************************************/
2402
2403 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
2404                                 struct samr_UserInfo9 *r,
2405                                 DOM_SID *user_sid)
2406 {
2407         struct samu *smbpass=NULL;
2408         bool ret;
2409
2410         ZERO_STRUCTP(r);
2411
2412         if ( !(smbpass = samu_new( mem_ctx )) ) {
2413                 return NT_STATUS_NO_MEMORY;
2414         }
2415
2416         become_root();
2417         ret = pdb_getsampwsid(smbpass, user_sid);
2418         unbecome_root();
2419
2420         if (ret==False) {
2421                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2422                 TALLOC_FREE(smbpass);
2423                 return NT_STATUS_NO_SUCH_USER;
2424         }
2425
2426         DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
2427
2428         init_samr_user_info9(r, pdb_get_group_rid(smbpass));
2429
2430         TALLOC_FREE(smbpass);
2431
2432         return NT_STATUS_OK;
2433 }
2434
2435 /*************************************************************************
2436  get_user_info_16. Safe. Only gives out acb bits.
2437  *************************************************************************/
2438
2439 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
2440                                  struct samr_UserInfo16 *r,
2441                                  DOM_SID *user_sid)
2442 {
2443         struct samu *smbpass=NULL;
2444         bool ret;
2445
2446         ZERO_STRUCTP(r);
2447
2448         if ( !(smbpass = samu_new( mem_ctx )) ) {
2449                 return NT_STATUS_NO_MEMORY;
2450         }
2451
2452         become_root();
2453         ret = pdb_getsampwsid(smbpass, user_sid);
2454         unbecome_root();
2455
2456         if (ret==False) {
2457                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2458                 TALLOC_FREE(smbpass);
2459                 return NT_STATUS_NO_SUCH_USER;
2460         }
2461
2462         DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
2463
2464         init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass));
2465
2466         TALLOC_FREE(smbpass);
2467
2468         return NT_STATUS_OK;
2469 }
2470
2471 /*************************************************************************
2472  get_user_info_18. OK - this is the killer as it gives out password info.
2473  Ensure that this is only allowed on an encrypted connection with a root
2474  user. JRA.
2475  *************************************************************************/
2476
2477 static NTSTATUS get_user_info_18(pipes_struct *p,
2478                                  TALLOC_CTX *mem_ctx,
2479                                  struct samr_UserInfo18 *r,
2480                                  DOM_SID *user_sid)
2481 {
2482         struct samu *smbpass=NULL;
2483         bool ret;
2484
2485         ZERO_STRUCTP(r);
2486
2487         if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
2488                 return NT_STATUS_ACCESS_DENIED;
2489         }
2490
2491         if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
2492                 return NT_STATUS_ACCESS_DENIED;
2493         }
2494
2495         /*
2496          * Do *NOT* do become_root()/unbecome_root() here ! JRA.
2497          */
2498
2499         if ( !(smbpass = samu_new( mem_ctx )) ) {
2500                 return NT_STATUS_NO_MEMORY;
2501         }
2502
2503         ret = pdb_getsampwsid(smbpass, user_sid);
2504
2505         if (ret == False) {
2506                 DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
2507                 TALLOC_FREE(smbpass);
2508                 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
2509         }
2510
2511         DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
2512
2513         if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
2514                 TALLOC_FREE(smbpass);
2515                 return NT_STATUS_ACCOUNT_DISABLED;
2516         }
2517
2518         init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass),
2519                               pdb_get_nt_passwd(smbpass));
2520
2521         TALLOC_FREE(smbpass);
2522
2523         return NT_STATUS_OK;
2524 }
2525
2526 /*************************************************************************
2527  get_user_info_20
2528  *************************************************************************/
2529
2530 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
2531                                  struct samr_UserInfo20 *r,
2532                                  DOM_SID *user_sid)
2533 {
2534         struct samu *sampass=NULL;
2535         bool ret;
2536         const char *munged_dial = NULL;
2537         DATA_BLOB blob;
2538         NTSTATUS status;
2539         struct lsa_BinaryString *parameters = NULL;
2540
2541         ZERO_STRUCTP(r);
2542
2543         if ( !(sampass = samu_new( mem_ctx )) ) {
2544                 return NT_STATUS_NO_MEMORY;
2545         }
2546
2547         become_root();
2548         ret = pdb_getsampwsid(sampass, user_sid);
2549         unbecome_root();
2550
2551         if (ret == False) {
2552                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2553                 TALLOC_FREE(sampass);
2554                 return NT_STATUS_NO_SUCH_USER;
2555         }
2556
2557         munged_dial = pdb_get_munged_dial(sampass);
2558
2559         samr_clear_sam_passwd(sampass);
2560
2561         DEBUG(3,("User:[%s] has [%s] (length: %d)\n", pdb_get_username(sampass),
2562                 munged_dial, (int)strlen(munged_dial)));
2563
2564         if (munged_dial) {
2565                 blob = base64_decode_data_blob(munged_dial);
2566         } else {
2567                 blob = data_blob_string_const_null("");
2568         }
2569
2570         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2571         data_blob_free(&blob);
2572         TALLOC_FREE(sampass);
2573         if (!NT_STATUS_IS_OK(status)) {
2574                 return status;
2575         }
2576
2577         init_samr_user_info20(r, parameters);
2578
2579         return NT_STATUS_OK;
2580 }
2581
2582
2583 /*************************************************************************
2584  get_user_info_21
2585  *************************************************************************/
2586
2587 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
2588                                  struct samr_UserInfo21 *r,
2589                                  DOM_SID *user_sid,
2590                                  DOM_SID *domain_sid)
2591 {
2592         NTSTATUS status;
2593         struct samu *pw = NULL;
2594         bool ret;
2595         const DOM_SID *sid_user, *sid_group;
2596         uint32_t rid, primary_gid;
2597         NTTIME last_logon, last_logoff, last_password_change,
2598                acct_expiry, allow_password_change, force_password_change;
2599         time_t must_change_time;
2600         uint8_t password_expired;
2601         const char *account_name, *full_name, *home_directory, *home_drive,
2602                    *logon_script, *profile_path, *description,
2603                    *workstations, *comment;
2604         struct samr_LogonHours logon_hours;
2605         struct lsa_BinaryString *parameters = NULL;
2606         const char *munged_dial = NULL;
2607         DATA_BLOB blob;
2608
2609         ZERO_STRUCTP(r);
2610
2611         if (!(pw = samu_new(mem_ctx))) {
2612                 return NT_STATUS_NO_MEMORY;
2613         }
2614
2615         become_root();
2616         ret = pdb_getsampwsid(pw, user_sid);
2617         unbecome_root();
2618
2619         if (ret == False) {
2620                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
2621                 TALLOC_FREE(pw);
2622                 return NT_STATUS_NO_SUCH_USER;
2623         }
2624
2625         samr_clear_sam_passwd(pw);
2626
2627         DEBUG(3,("User:[%s]\n", pdb_get_username(pw)));
2628
2629         sid_user = pdb_get_user_sid(pw);
2630
2631         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2632                 DEBUG(0, ("get_user_info_21: User %s has SID %s, \nwhich conflicts with "
2633                           "the domain sid %s.  Failing operation.\n",
2634                           pdb_get_username(pw), sid_string_dbg(sid_user),
2635                           sid_string_dbg(domain_sid)));
2636                 TALLOC_FREE(pw);
2637                 return NT_STATUS_UNSUCCESSFUL;
2638         }
2639
2640         become_root();
2641         sid_group = pdb_get_group_sid(pw);
2642         unbecome_root();
2643
2644         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2645                 DEBUG(0, ("get_user_info_21: User %s has Primary Group SID %s, \n"
2646                           "which conflicts with the domain sid %s.  Failing operation.\n",
2647                           pdb_get_username(pw), sid_string_dbg(sid_group),
2648                           sid_string_dbg(domain_sid)));
2649                 TALLOC_FREE(pw);
2650                 return NT_STATUS_UNSUCCESSFUL;
2651         }
2652
2653         unix_to_nt_time(&last_logon, pdb_get_logon_time(pw));
2654         unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw));
2655         unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw));
2656         unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw));
2657         unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(pw));
2658
2659         must_change_time = pdb_get_pass_must_change_time(pw);
2660         if (must_change_time == get_time_t_max()) {
2661                 unix_to_nt_time_abs(&force_password_change, must_change_time);
2662         } else {
2663                 unix_to_nt_time(&force_password_change, must_change_time);
2664         }
2665
2666         if (pdb_get_pass_must_change_time(pw) == 0) {
2667                 password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON;
2668         } else {
2669                 password_expired = 0;
2670         }
2671
2672         munged_dial = pdb_get_munged_dial(pw);
2673         if (munged_dial) {
2674                 blob = base64_decode_data_blob(munged_dial);
2675         } else {
2676                 blob = data_blob_string_const_null("");
2677         }
2678
2679         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2680         data_blob_free(&blob);
2681         if (!NT_STATUS_IS_OK(status)) {
2682                 TALLOC_FREE(pw);
2683                 return status;
2684         }
2685
2686         account_name = talloc_strdup(mem_ctx, pdb_get_username(pw));
2687         full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2688         home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2689         home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2690         logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2691         profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2692         description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2693         workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2694         comment = talloc_strdup(mem_ctx, pdb_get_comment(pw));
2695
2696         logon_hours = get_logon_hours_from_pdb(mem_ctx, pw);
2697 #if 0
2698
2699         /*
2700           Look at a user on a real NT4 PDC with usrmgr, press
2701           'ok'. Then you will see that fields_present is set to
2702           0x08f827fa. Look at the user immediately after that again,
2703           and you will see that 0x00fffff is returned. This solves
2704           the problem that you get access denied after having looked
2705           at the user.
2706           -- Volker
2707         */
2708
2709 #endif
2710
2711         init_samr_user_info21(r,
2712                               last_logon,
2713                               last_logoff,
2714                               last_password_change,
2715                               acct_expiry,
2716                               allow_password_change,
2717                               force_password_change,
2718                               account_name,
2719                               full_name,
2720                               home_directory,
2721                               home_drive,
2722                               logon_script,
2723                               profile_path,
2724                               description,
2725                               workstations,
2726                               comment,
2727                               parameters,
2728                               rid,
2729                               primary_gid,
2730                               pdb_get_acct_ctrl(pw),
2731                               pdb_build_fields_present(pw),
2732                               logon_hours,
2733                               pdb_get_bad_password_count(pw),
2734                               pdb_get_logon_count(pw),
2735                               0, /* country_code */
2736                               0, /* code_page */
2737                               0, /* nt_password_set */
2738                               0, /* lm_password_set */
2739                               password_expired);
2740         TALLOC_FREE(pw);
2741
2742         return NT_STATUS_OK;
2743 }
2744
2745 /*******************************************************************
2746  _samr_QueryUserInfo
2747  ********************************************************************/
2748
2749 NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
2750                              struct samr_QueryUserInfo *r)
2751 {
2752         NTSTATUS status;
2753         union samr_UserInfo *user_info = NULL;
2754         struct samr_info *info = NULL;
2755         DOM_SID domain_sid;
2756         uint32 rid;
2757
2758         /* search for the handle */
2759         if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info))
2760                 return NT_STATUS_INVALID_HANDLE;
2761
2762         status = access_check_samr_function(info->acc_granted,
2763                                             SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2764                                             "_samr_QueryUserInfo");
2765         if (!NT_STATUS_IS_OK(status)) {
2766                 return status;
2767         }
2768
2769         domain_sid = info->sid;
2770
2771         sid_split_rid(&domain_sid, &rid);
2772
2773         if (!sid_check_is_in_our_domain(&info->sid))
2774                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2775
2776         DEBUG(5,("_samr_QueryUserInfo: sid:%s\n",
2777                  sid_string_dbg(&info->sid)));
2778
2779         user_info = TALLOC_ZERO_P(p->mem_ctx, union samr_UserInfo);
2780         if (!user_info) {
2781                 return NT_STATUS_NO_MEMORY;
2782         }
2783
2784         DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
2785
2786         switch (r->in.level) {
2787         case 5:
2788                 status = get_user_info_5(p->mem_ctx, &user_info->info5, &info->sid, &domain_sid);
2789                 if (!NT_STATUS_IS_OK(status)) {
2790                         return status;
2791                 }
2792                 break;
2793         case 7:
2794                 status = get_user_info_7(p->mem_ctx, &user_info->info7, &info->sid);
2795                 if (!NT_STATUS_IS_OK(status)) {
2796                         return status;
2797                 }
2798                 break;
2799         case 9:
2800                 status = get_user_info_9(p->mem_ctx, &user_info->info9, &info->sid);
2801                 if (!NT_STATUS_IS_OK(status)) {
2802                         return status;
2803                 }
2804                 break;
2805         case 16:
2806                 status = get_user_info_16(p->mem_ctx, &user_info->info16, &info->sid);
2807                 if (!NT_STATUS_IS_OK(status)) {
2808                         return status;
2809                 }
2810                 break;
2811
2812         case 18:
2813                 status = get_user_info_18(p, p->mem_ctx, &user_info->info18, &info->sid);
2814                 if (!NT_STATUS_IS_OK(status)) {
2815                         return status;
2816                 }
2817                 break;
2818
2819         case 20:
2820                 status = get_user_info_20(p->mem_ctx, &user_info->info20, &info->sid);
2821                 if (!NT_STATUS_IS_OK(status)) {
2822                         return status;
2823                 }
2824                 break;
2825
2826         case 21:
2827                 status = get_user_info_21(p->mem_ctx, &user_info->info21,
2828                                           &info->sid, &domain_sid);
2829                 if (!NT_STATUS_IS_OK(status)) {
2830                         return status;
2831                 }
2832                 break;
2833
2834         default:
2835                 return NT_STATUS_INVALID_INFO_CLASS;
2836         }
2837
2838         *r->out.info = user_info;
2839
2840         DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));
2841
2842         return status;
2843 }
2844
2845 /****************************************************************
2846 ****************************************************************/
2847
2848 NTSTATUS _samr_QueryUserInfo2(pipes_struct *p,
2849                               struct samr_QueryUserInfo2 *r)
2850 {
2851         struct samr_QueryUserInfo u;
2852
2853         u.in.user_handle        = r->in.user_handle;
2854         u.in.level              = r->in.level;
2855         u.out.info              = r->out.info;
2856
2857         return _samr_QueryUserInfo(p, &u);
2858 }
2859
2860 /*******************************************************************
2861  _samr_GetGroupsForUser
2862  ********************************************************************/
2863
2864 NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
2865                                 struct samr_GetGroupsForUser *r)
2866 {
2867         struct samu *sam_pass=NULL;
2868         DOM_SID  sid;
2869         DOM_SID *sids;
2870         struct samr_RidWithAttribute dom_gid;
2871         struct samr_RidWithAttribute *gids = NULL;
2872         uint32 primary_group_rid;
2873         size_t num_groups = 0;
2874         gid_t *unix_gids;
2875         size_t i, num_gids;
2876         uint32 acc_granted;
2877         bool ret;
2878         NTSTATUS result;
2879         bool success = False;
2880
2881         struct samr_RidWithAttributeArray *rids = NULL;
2882
2883         /*
2884          * from the SID in the request:
2885          * we should send back the list of DOMAIN GROUPS
2886          * the user is a member of
2887          *
2888          * and only the DOMAIN GROUPS
2889          * no ALIASES !!! neither aliases of the domain
2890          * nor aliases of the builtin SID
2891          *
2892          * JFM, 12/2/2001
2893          */
2894
2895         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2896
2897         rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidWithAttributeArray);
2898         if (!rids) {
2899                 return NT_STATUS_NO_MEMORY;
2900         }
2901
2902         /* find the policy handle.  open a policy on it. */
2903         if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &sid, &acc_granted, NULL))
2904                 return NT_STATUS_INVALID_HANDLE;
2905
2906         result = access_check_samr_function(acc_granted,
2907                                             SAMR_USER_ACCESS_GET_GROUPS,
2908                                             "_samr_GetGroupsForUser");
2909         if (!NT_STATUS_IS_OK(result)) {
2910                 return result;
2911         }
2912
2913         if (!sid_check_is_in_our_domain(&sid))
2914                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2915
2916         if ( !(sam_pass = samu_new( p->mem_ctx )) ) {
2917                 return NT_STATUS_NO_MEMORY;
2918         }
2919
2920         become_root();
2921         ret = pdb_getsampwsid(sam_pass, &sid);
2922         unbecome_root();
2923
2924         if (!ret) {
2925                 DEBUG(10, ("pdb_getsampwsid failed for %s\n",
2926                            sid_string_dbg(&sid)));
2927                 return NT_STATUS_NO_SUCH_USER;
2928         }
2929
2930         sids = NULL;
2931
2932         /* make both calls inside the root block */
2933         become_root();
2934         result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
2935                                             &sids, &unix_gids, &num_groups);
2936         if ( NT_STATUS_IS_OK(result) ) {
2937                 success = sid_peek_check_rid(get_global_sam_sid(),
2938                                              pdb_get_group_sid(sam_pass),
2939                                              &primary_group_rid);
2940         }
2941         unbecome_root();
2942
2943         if (!NT_STATUS_IS_OK(result)) {
2944                 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
2945                            sid_string_dbg(&sid)));
2946                 return result;
2947         }
2948
2949         if ( !success ) {
2950                 DEBUG(5, ("Group sid %s for user %s not in our domain\n",
2951                           sid_string_dbg(pdb_get_group_sid(sam_pass)),
2952                           pdb_get_username(sam_pass)));
2953                 TALLOC_FREE(sam_pass);
2954                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
2955         }
2956
2957         gids = NULL;
2958         num_gids = 0;
2959
2960         dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
2961                               SE_GROUP_ENABLED);
2962         dom_gid.rid = primary_group_rid;
2963         ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2964
2965         for (i=0; i<num_groups; i++) {
2966
2967                 if (!sid_peek_check_rid(get_global_sam_sid(),
2968                                         &(sids[i]), &dom_gid.rid)) {
2969                         DEBUG(10, ("Found sid %s not in our domain\n",
2970                                    sid_string_dbg(&sids[i])));
2971                         continue;
2972                 }
2973
2974                 if (dom_gid.rid == primary_group_rid) {
2975                         /* We added the primary group directly from the
2976                          * sam_account. The other SIDs are unique from
2977                          * enum_group_memberships */
2978                         continue;
2979                 }
2980
2981                 ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2982         }
2983
2984         rids->count = num_gids;
2985         rids->rids = gids;
2986
2987         *r->out.rids = rids;
2988
2989         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2990
2991         return result;
2992 }
2993
2994 /*******************************************************************
2995  _samr_QueryDomainInfo
2996  ********************************************************************/
2997
2998 NTSTATUS _samr_QueryDomainInfo(pipes_struct *p,
2999                                struct samr_QueryDomainInfo *r)
3000 {
3001         NTSTATUS status = NT_STATUS_OK;
3002         struct samr_info *info = NULL;
3003         union samr_DomainInfo *dom_info;
3004         uint32 min_pass_len,pass_hist,password_properties;
3005         time_t u_expire, u_min_age;
3006         NTTIME nt_expire, nt_min_age;
3007
3008         time_t u_lock_duration, u_reset_time;
3009         NTTIME nt_lock_duration, nt_reset_time;
3010         uint32 lockout;
3011         time_t u_logout;
3012         NTTIME nt_logout;
3013
3014         uint32 account_policy_temp;
3015
3016         time_t seq_num;
3017         uint32 server_role;
3018
3019         uint32 num_users=0, num_groups=0, num_aliases=0;
3020
3021         DEBUG(5,("_samr_QueryDomainInfo: %d\n", __LINE__));
3022
3023         dom_info = TALLOC_ZERO_P(p->mem_ctx, union samr_DomainInfo);
3024         if (!dom_info) {
3025                 return NT_STATUS_NO_MEMORY;
3026         }
3027
3028         /* find the policy handle.  open a policy on it. */
3029         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info)) {
3030                 return NT_STATUS_INVALID_HANDLE;
3031         }
3032
3033         status = access_check_samr_function(info->acc_granted,
3034                                             SAMR_ACCESS_OPEN_DOMAIN,
3035                                             "_samr_QueryDomainInfo" );
3036
3037         if ( !NT_STATUS_IS_OK(status) )
3038                 return status;
3039
3040         switch (r->in.level) {
3041                 case 0x01:
3042
3043                         become_root();
3044
3045                         /* AS ROOT !!! */
3046
3047                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
3048                         min_pass_len = account_policy_temp;
3049
3050                         pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
3051                         pass_hist = account_policy_temp;
3052
3053                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
3054                         password_properties = account_policy_temp;
3055
3056                         pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
3057                         u_expire = account_policy_temp;
3058
3059                         pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
3060                         u_min_age = account_policy_temp;
3061
3062                         /* !AS ROOT */
3063
3064                         unbecome_root();
3065
3066                         unix_to_nt_time_abs(&nt_expire, u_expire);
3067                         unix_to_nt_time_abs(&nt_min_age, u_min_age);
3068
3069                         if (lp_check_password_script() && *lp_check_password_script()) {
3070                                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
3071                         }
3072
3073                         init_samr_DomInfo1(&dom_info->info1,
3074                                            (uint16)min_pass_len,
3075                                            (uint16)pass_hist,
3076                                            password_properties,
3077                                            nt_expire,
3078                                            nt_min_age);
3079                         break;
3080                 case 0x02:
3081
3082                         become_root();
3083
3084                         /* AS ROOT !!! */
3085
3086                         num_users = count_sam_users(info->disp_info, ACB_NORMAL);
3087                         num_groups = count_sam_groups(info->disp_info);
3088                         num_aliases = count_sam_aliases(info->disp_info);
3089
3090                         pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);
3091                         u_logout = account_policy_temp;
3092
3093                         unix_to_nt_time_abs(&nt_logout, u_logout);
3094
3095                         if (!pdb_get_seq_num(&seq_num))
3096                                 seq_num = time(NULL);
3097
3098                         /* !AS ROOT */
3099
3100                         unbecome_root();
3101
3102                         server_role = ROLE_DOMAIN_PDC;
3103                         if (lp_server_role() == ROLE_DOMAIN_BDC)
3104                                 server_role = ROLE_DOMAIN_BDC;
3105
3106                         init_samr_DomGeneralInformation(&dom_info->general,
3107                                                         nt_logout,
3108                                                         lp_serverstring(),
3109                                                         lp_workgroup(),
3110                                                         global_myname(),
3111                                                         seq_num,
3112                                                         1,
3113                                                         server_role,
3114                                                         1,
3115                                                         num_users,
3116                                                         num_groups,
3117                                                         num_aliases);
3118                         break;
3119                 case 0x03:
3120
3121                         become_root();
3122
3123                         /* AS ROOT !!! */
3124
3125                         {
3126                                 uint32 ul;
3127                                 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul);
3128                                 u_logout = (time_t)ul;
3129                         }
3130
3131                         /* !AS ROOT */
3132
3133                         unbecome_root();
3134
3135                         unix_to_nt_time_abs(&nt_logout, u_logout);
3136
3137                         init_samr_DomInfo3(&dom_info->info3,
3138                                            nt_logout);
3139
3140                         break;
3141                 case 0x04:
3142                         init_samr_DomOEMInformation(&dom_info->oem,
3143                                                     lp_serverstring());
3144                         break;
3145                 case 0x05:
3146                         init_samr_DomInfo5(&dom_info->info5,
3147                                            get_global_sam_name());
3148                         break;
3149                 case 0x06:
3150                         /* NT returns its own name when a PDC. win2k and later
3151                          * only the name of the PDC if itself is a BDC (samba4
3152                          * idl) */
3153                         init_samr_DomInfo6(&dom_info->info6,
3154                                            global_myname());
3155                         break;
3156                 case 0x07:
3157                         server_role = ROLE_DOMAIN_PDC;
3158                         if (lp_server_role() == ROLE_DOMAIN_BDC)
3159                                 server_role = ROLE_DOMAIN_BDC;
3160
3161                         init_samr_DomInfo7(&dom_info->info7,
3162                                            server_role);
3163                         break;
3164                 case 0x08:
3165
3166                         become_root();
3167
3168                         /* AS ROOT !!! */
3169
3170                         if (!pdb_get_seq_num(&seq_num)) {
3171                                 seq_num = time(NULL);
3172                         }
3173
3174                         /* !AS ROOT */
3175
3176                         unbecome_root();
3177
3178                         init_samr_DomInfo8(&dom_info->info8,
3179                                            seq_num,
3180                                            0);
3181                         break;
3182                 case 0x0c:
3183
3184                         become_root();
3185
3186                         /* AS ROOT !!! */
3187
3188                         pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp);
3189                         u_lock_duration = account_policy_temp;
3190                         if (u_lock_duration != -1) {
3191                                 u_lock_duration *= 60;
3192                         }
3193
3194                         pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp);
3195                         u_reset_time = account_policy_temp * 60;
3196
3197