s3-samr: simplify _samr_QueryUserInfo a lot and fix some few potential memleaks.
[kai/samba.git] / source3 / rpc_server / srv_samr_nt.c
1 /*
2  *  Unix SMB/CIFS implementation.
3  *  RPC Pipe client / server routines
4  *  Copyright (C) Andrew Tridgell                   1992-1997,
5  *  Copyright (C) Luke Kenneth Casson Leighton      1996-1997,
6  *  Copyright (C) Paul Ashton                       1997,
7  *  Copyright (C) Marc Jacobsen                     1999,
8  *  Copyright (C) Jeremy Allison                    2001-2008,
9  *  Copyright (C) Jean François Micouleau           1998-2001,
10  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002,
11  *  Copyright (C) Gerald (Jerry) Carter             2003-2004,
12  *  Copyright (C) Simo Sorce                        2003.
13  *  Copyright (C) Volker Lendecke                   2005.
14  *  Copyright (C) Guenther Deschner                 2008.
15  *
16  *  This program is free software; you can redistribute it and/or modify
17  *  it under the terms of the GNU General Public License as published by
18  *  the Free Software Foundation; either version 3 of the License, or
19  *  (at your option) any later version.
20  *
21  *  This program is distributed in the hope that it will be useful,
22  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  *  GNU General Public License for more details.
25  *
26  *  You should have received a copy of the GNU General Public License
27  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
28  */
29
30 /*
31  * This is the implementation of the SAMR code.
32  */
33
34 #include "includes.h"
35
36 #undef DBGC_CLASS
37 #define DBGC_CLASS DBGC_RPC_SRV
38
39 #define SAMR_USR_RIGHTS_WRITE_PW \
40                 ( READ_CONTROL_ACCESS           | \
41                   SAMR_USER_ACCESS_CHANGE_PASSWORD      | \
42                   SAMR_USER_ACCESS_SET_LOC_COM)
43 #define SAMR_USR_RIGHTS_CANT_WRITE_PW \
44                 ( READ_CONTROL_ACCESS | SAMR_USER_ACCESS_SET_LOC_COM )
45
46 #define DISP_INFO_CACHE_TIMEOUT 10
47
48 #define MAX_SAM_ENTRIES_W2K 0x400 /* 1024 */
49 #define MAX_SAM_ENTRIES_W95 50
50
51 typedef struct disp_info {
52         DOM_SID sid; /* identify which domain this is. */
53         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
54         struct pdb_search *users; /* querydispinfo 1 and 4 */
55         struct pdb_search *machines; /* querydispinfo 2 */
56         struct pdb_search *groups; /* querydispinfo 3 and 5, enumgroups */
57         struct pdb_search *aliases; /* enumaliases */
58
59         uint16 enum_acb_mask;
60         struct pdb_search *enum_users; /* enumusers with a mask */
61
62         struct timed_event *cache_timeout_event; /* cache idle timeout
63                                                   * handler. */
64 } DISP_INFO;
65
66 /* We keep a static list of these by SID as modern clients close down
67    all resources between each request in a complete enumeration. */
68
69 struct samr_info {
70         /* for use by the \PIPE\samr policy */
71         DOM_SID sid;
72         bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
73         uint32 status; /* some sort of flag.  best to record it.  comes from opnum 0x39 */
74         uint32 acc_granted;
75         DISP_INFO *disp_info;
76         TALLOC_CTX *mem_ctx;
77 };
78
79 static const struct generic_mapping sam_generic_mapping = {
80         GENERIC_RIGHTS_SAM_READ,
81         GENERIC_RIGHTS_SAM_WRITE,
82         GENERIC_RIGHTS_SAM_EXECUTE,
83         GENERIC_RIGHTS_SAM_ALL_ACCESS};
84 static const struct generic_mapping dom_generic_mapping = {
85         GENERIC_RIGHTS_DOMAIN_READ,
86         GENERIC_RIGHTS_DOMAIN_WRITE,
87         GENERIC_RIGHTS_DOMAIN_EXECUTE,
88         GENERIC_RIGHTS_DOMAIN_ALL_ACCESS};
89 static const struct generic_mapping usr_generic_mapping = {
90         GENERIC_RIGHTS_USER_READ,
91         GENERIC_RIGHTS_USER_WRITE,
92         GENERIC_RIGHTS_USER_EXECUTE,
93         GENERIC_RIGHTS_USER_ALL_ACCESS};
94 static const struct generic_mapping usr_nopwchange_generic_mapping = {
95         GENERIC_RIGHTS_USER_READ,
96         GENERIC_RIGHTS_USER_WRITE,
97         GENERIC_RIGHTS_USER_EXECUTE & ~SAMR_USER_ACCESS_CHANGE_PASSWORD,
98         GENERIC_RIGHTS_USER_ALL_ACCESS};
99 static const struct generic_mapping grp_generic_mapping = {
100         GENERIC_RIGHTS_GROUP_READ,
101         GENERIC_RIGHTS_GROUP_WRITE,
102         GENERIC_RIGHTS_GROUP_EXECUTE,
103         GENERIC_RIGHTS_GROUP_ALL_ACCESS};
104 static const struct generic_mapping ali_generic_mapping = {
105         GENERIC_RIGHTS_ALIAS_READ,
106         GENERIC_RIGHTS_ALIAS_WRITE,
107         GENERIC_RIGHTS_ALIAS_EXECUTE,
108         GENERIC_RIGHTS_ALIAS_ALL_ACCESS};
109
110 /*******************************************************************
111 *******************************************************************/
112
113 static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
114                                      const struct generic_mapping *map,
115                                      DOM_SID *sid, uint32 sid_access )
116 {
117         DOM_SID domadmin_sid;
118         SEC_ACE ace[5];         /* at most 5 entries */
119         size_t i = 0;
120
121         SEC_ACL *psa = NULL;
122
123         /* basic access for Everyone */
124
125         init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED,
126                         map->generic_execute | map->generic_read, 0);
127
128         /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
129
130         init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
131                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
132         init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators,
133                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
134
135         /* Add Full Access for Domain Admins if we are a DC */
136
137         if ( IS_DC ) {
138                 sid_copy( &domadmin_sid, get_global_sam_sid() );
139                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
140                 init_sec_ace(&ace[i++], &domadmin_sid,
141                         SEC_ACE_TYPE_ACCESS_ALLOWED, map->generic_all, 0);
142         }
143
144         /* if we have a sid, give it some special access */
145
146         if ( sid ) {
147                 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, sid_access, 0);
148         }
149
150         /* create the security descriptor */
151
152         if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
153                 return NT_STATUS_NO_MEMORY;
154
155         if ((*psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
156                                   SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
157                                   psa, sd_size)) == NULL)
158                 return NT_STATUS_NO_MEMORY;
159
160         return NT_STATUS_OK;
161 }
162
163 /*******************************************************************
164  Checks if access to an object should be granted, and returns that
165  level of access for further checks.
166 ********************************************************************/
167
168 static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token,
169                                           SE_PRIV *rights, uint32 rights_mask,
170                                           uint32 des_access, uint32 *acc_granted,
171                                           const char *debug )
172 {
173         NTSTATUS status = NT_STATUS_ACCESS_DENIED;
174         uint32 saved_mask = 0;
175
176         /* check privileges; certain SAM access bits should be overridden
177            by privileges (mostly having to do with creating/modifying/deleting
178            users and groups) */
179
180         if ( rights && user_has_any_privilege( token, rights ) ) {
181
182                 saved_mask = (des_access & rights_mask);
183                 des_access &= ~saved_mask;
184
185                 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n",
186                         rights_mask));
187         }
188
189
190         /* check the security descriptor first */
191
192         status = se_access_check(psd, token, des_access, acc_granted);
193         if (NT_STATUS_IS_OK(status)) {
194                 goto done;
195         }
196
197         /* give root a free pass */
198
199         if ( geteuid() == sec_initial_uid() ) {
200
201                 DEBUG(4,("%s: ACCESS should be DENIED  (requested: %#010x)\n", debug, des_access));
202                 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n"));
203
204                 *acc_granted = des_access;
205
206                 status = NT_STATUS_OK;
207                 goto done;
208         }
209
210
211 done:
212         /* add in any bits saved during the privilege check (only
213            matters is status is ok) */
214
215         *acc_granted |= rights_mask;
216
217         DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n",
218                 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED",
219                 des_access, *acc_granted));
220
221         return status;
222 }
223
224 /*******************************************************************
225  Checks if access to a function can be granted
226 ********************************************************************/
227
228 static NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug)
229 {
230         DEBUG(5,("%s: access check ((granted: %#010x;  required: %#010x)\n",
231                 debug, acc_granted, acc_required));
232
233         /* check the security descriptor first */
234
235         if ( (acc_granted&acc_required) == acc_required )
236                 return NT_STATUS_OK;
237
238         /* give root a free pass */
239
240         if (geteuid() == sec_initial_uid()) {
241
242                 DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x;  required: %#010x)\n",
243                         debug, acc_granted, acc_required));
244                 DEBUGADD(4,("but overwritten by euid == 0\n"));
245
246                 return NT_STATUS_OK;
247         }
248
249         DEBUG(2,("%s: ACCESS DENIED (granted: %#010x;  required: %#010x)\n",
250                 debug, acc_granted, acc_required));
251
252         return NT_STATUS_ACCESS_DENIED;
253 }
254
255 /*******************************************************************
256  Map any MAXIMUM_ALLOWED_ACCESS request to a valid access set.
257 ********************************************************************/
258
259 static void map_max_allowed_access(const NT_USER_TOKEN *token,
260                                         uint32_t *pacc_requested)
261 {
262         if (!((*pacc_requested) & MAXIMUM_ALLOWED_ACCESS)) {
263                 return;
264         }
265         *pacc_requested &= ~MAXIMUM_ALLOWED_ACCESS;
266
267         /* At least try for generic read. */
268         *pacc_requested = GENERIC_READ_ACCESS;
269
270         /* root gets anything. */
271         if (geteuid() == sec_initial_uid()) {
272                 *pacc_requested |= GENERIC_ALL_ACCESS;
273                 return;
274         }
275
276         /* Full Access for 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */
277
278         if (is_sid_in_token(token, &global_sid_Builtin_Administrators) ||
279                         is_sid_in_token(token, &global_sid_Builtin_Account_Operators)) {
280                 *pacc_requested |= GENERIC_ALL_ACCESS;
281                 return;
282         }
283
284         /* Full access for DOMAIN\Domain Admins. */
285         if ( IS_DC ) {
286                 DOM_SID domadmin_sid;
287                 sid_copy( &domadmin_sid, get_global_sam_sid() );
288                 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
289                 if (is_sid_in_token(token, &domadmin_sid)) {
290                         *pacc_requested |= GENERIC_ALL_ACCESS;
291                         return;
292                 }
293         }
294         /* TODO ! Check privileges. */
295 }
296
297 /*******************************************************************
298  Fetch or create a dispinfo struct.
299 ********************************************************************/
300
301 static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid)
302 {
303         /*
304          * We do a static cache for DISP_INFO's here. Explanation can be found
305          * in Jeremy's checkin message to r11793:
306          *
307          * Fix the SAMR cache so it works across completely insane
308          * client behaviour (ie.:
309          * open pipe/open SAMR handle/enumerate 0 - 1024
310          * close SAMR handle, close pipe.
311          * open pipe/open SAMR handle/enumerate 1024 - 2048...
312          * close SAMR handle, close pipe.
313          * And on ad-nausium. Amazing.... probably object-oriented
314          * client side programming in action yet again.
315          * This change should *massively* improve performance when
316          * enumerating users from an LDAP database.
317          * Jeremy.
318          *
319          * "Our" and the builtin domain are the only ones where we ever
320          * enumerate stuff, so just cache 2 entries.
321          */
322
323         static struct disp_info builtin_dispinfo;
324         static struct disp_info domain_dispinfo;
325
326         /* There are two cases to consider here:
327            1) The SID is a domain SID and we look for an equality match, or
328            2) This is an account SID and so we return the DISP_INFO* for our
329               domain */
330
331         if (psid == NULL) {
332                 return NULL;
333         }
334
335         if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) {
336                 /*
337                  * Necessary only once, but it does not really hurt.
338                  */
339                 sid_copy(&builtin_dispinfo.sid, &global_sid_Builtin);
340
341                 return &builtin_dispinfo;
342         }
343
344         if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
345                 /*
346                  * Necessary only once, but it does not really hurt.
347                  */
348                 sid_copy(&domain_dispinfo.sid, get_global_sam_sid());
349
350                 return &domain_dispinfo;
351         }
352
353         return NULL;
354 }
355
356 /*******************************************************************
357  Create a samr_info struct.
358 ********************************************************************/
359
360 static struct samr_info *get_samr_info_by_sid(DOM_SID *psid)
361 {
362         struct samr_info *info;
363         fstring sid_str;
364         TALLOC_CTX *mem_ctx;
365
366         if (psid) {
367                 sid_to_fstring(sid_str, psid);
368         } else {
369                 fstrcpy(sid_str,"(NULL)");
370         }
371
372         mem_ctx = talloc_init("samr_info for domain sid %s", sid_str);
373
374         if ((info = TALLOC_ZERO_P(mem_ctx, struct samr_info)) == NULL)
375                 return NULL;
376
377         DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str));
378         if (psid) {
379                 sid_copy( &info->sid, psid);
380                 info->builtin_domain = sid_check_is_builtin(psid);
381         } else {
382                 DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n"));
383                 info->builtin_domain = False;
384         }
385         info->mem_ctx = mem_ctx;
386
387         info->disp_info = get_samr_dispinfo_by_sid(psid);
388
389         return info;
390 }
391
392 /*******************************************************************
393  Function to free the per SID data.
394  ********************************************************************/
395
396 static void free_samr_cache(DISP_INFO *disp_info)
397 {
398         DEBUG(10, ("free_samr_cache: deleting cache for SID %s\n",
399                    sid_string_dbg(&disp_info->sid)));
400
401         /* We need to become root here because the paged search might have to
402          * tell the LDAP server we're not interested in the rest anymore. */
403
404         become_root();
405
406         if (disp_info->users) {
407                 DEBUG(10,("free_samr_cache: deleting users cache\n"));
408                 pdb_search_destroy(disp_info->users);
409                 disp_info->users = NULL;
410         }
411         if (disp_info->machines) {
412                 DEBUG(10,("free_samr_cache: deleting machines cache\n"));
413                 pdb_search_destroy(disp_info->machines);
414                 disp_info->machines = NULL;
415         }
416         if (disp_info->groups) {
417                 DEBUG(10,("free_samr_cache: deleting groups cache\n"));
418                 pdb_search_destroy(disp_info->groups);
419                 disp_info->groups = NULL;
420         }
421         if (disp_info->aliases) {
422                 DEBUG(10,("free_samr_cache: deleting aliases cache\n"));
423                 pdb_search_destroy(disp_info->aliases);
424                 disp_info->aliases = NULL;
425         }
426         if (disp_info->enum_users) {
427                 DEBUG(10,("free_samr_cache: deleting enum_users cache\n"));
428                 pdb_search_destroy(disp_info->enum_users);
429                 disp_info->enum_users = NULL;
430         }
431         disp_info->enum_acb_mask = 0;
432
433         unbecome_root();
434 }
435
436 /*******************************************************************
437  Function to free the per handle data.
438  ********************************************************************/
439
440 static void free_samr_info(void *ptr)
441 {
442         struct samr_info *info=(struct samr_info *) ptr;
443
444         /* Only free the dispinfo cache if no one bothered to set up
445            a timeout. */
446
447         if (info->disp_info && info->disp_info->cache_timeout_event == NULL) {
448                 free_samr_cache(info->disp_info);
449         }
450
451         talloc_destroy(info->mem_ctx);
452 }
453
454 /*******************************************************************
455  Idle event handler. Throw away the disp info cache.
456  ********************************************************************/
457
458 static void disp_info_cache_idle_timeout_handler(struct event_context *ev_ctx,
459                                                  struct timed_event *te,
460                                                  const struct timeval *now,
461                                                  void *private_data)
462 {
463         DISP_INFO *disp_info = (DISP_INFO *)private_data;
464
465         TALLOC_FREE(disp_info->cache_timeout_event);
466
467         DEBUG(10, ("disp_info_cache_idle_timeout_handler: caching timed "
468                    "out\n"));
469         free_samr_cache(disp_info);
470 }
471
472 /*******************************************************************
473  Setup cache removal idle event handler.
474  ********************************************************************/
475
476 static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
477 {
478         /* Remove any pending timeout and update. */
479
480         TALLOC_FREE(disp_info->cache_timeout_event);
481
482         DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for "
483                   "SID %s for %u seconds\n", sid_string_dbg(&disp_info->sid),
484                   (unsigned int)secs_fromnow ));
485
486         disp_info->cache_timeout_event = event_add_timed(
487                 smbd_event_context(), NULL,
488                 timeval_current_ofs(secs_fromnow, 0),
489                 "disp_info_cache_idle_timeout_handler",
490                 disp_info_cache_idle_timeout_handler, (void *)disp_info);
491 }
492
493 /*******************************************************************
494  Force flush any cache. We do this on any samr_set_xxx call.
495  We must also remove the timeout handler.
496  ********************************************************************/
497
498 static void force_flush_samr_cache(DISP_INFO *disp_info)
499 {
500         if ((disp_info == NULL) || (disp_info->cache_timeout_event == NULL)) {
501                 return;
502         }
503
504         DEBUG(10,("force_flush_samr_cache: clearing idle event\n"));
505         TALLOC_FREE(disp_info->cache_timeout_event);
506         free_samr_cache(disp_info);
507 }
508
509 /*******************************************************************
510  Ensure password info is never given out. Paranioa... JRA.
511  ********************************************************************/
512
513 static void samr_clear_sam_passwd(struct samu *sam_pass)
514 {
515
516         if (!sam_pass)
517                 return;
518
519         /* These now zero out the old password */
520
521         pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
522         pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
523 }
524
525 static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
526 {
527         struct samr_displayentry *entry;
528
529         if (info->builtin_domain) {
530                 /* No users in builtin. */
531                 return 0;
532         }
533
534         if (info->users == NULL) {
535                 info->users = pdb_search_users(acct_flags);
536                 if (info->users == NULL) {
537                         return 0;
538                 }
539         }
540         /* Fetch the last possible entry, thus trigger an enumeration */
541         pdb_search_entries(info->users, 0xffffffff, 1, &entry);
542
543         /* Ensure we cache this enumeration. */
544         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
545
546         return info->users->num_entries;
547 }
548
549 static uint32 count_sam_groups(struct disp_info *info)
550 {
551         struct samr_displayentry *entry;
552
553         if (info->builtin_domain) {
554                 /* No groups in builtin. */
555                 return 0;
556         }
557
558         if (info->groups == NULL) {
559                 info->groups = pdb_search_groups();
560                 if (info->groups == NULL) {
561                         return 0;
562                 }
563         }
564         /* Fetch the last possible entry, thus trigger an enumeration */
565         pdb_search_entries(info->groups, 0xffffffff, 1, &entry);
566
567         /* Ensure we cache this enumeration. */
568         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
569
570         return info->groups->num_entries;
571 }
572
573 static uint32 count_sam_aliases(struct disp_info *info)
574 {
575         struct samr_displayentry *entry;
576
577         if (info->aliases == NULL) {
578                 info->aliases = pdb_search_aliases(&info->sid);
579                 if (info->aliases == NULL) {
580                         return 0;
581                 }
582         }
583         /* Fetch the last possible entry, thus trigger an enumeration */
584         pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
585
586         /* Ensure we cache this enumeration. */
587         set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
588
589         return info->aliases->num_entries;
590 }
591
592 /*******************************************************************
593  _samr_Close
594  ********************************************************************/
595
596 NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r)
597 {
598         if (!close_policy_hnd(p, r->in.handle)) {
599                 return NT_STATUS_INVALID_HANDLE;
600         }
601
602         ZERO_STRUCTP(r->out.handle);
603
604         return NT_STATUS_OK;
605 }
606
607 /*******************************************************************
608  _samr_OpenDomain
609  ********************************************************************/
610
611 NTSTATUS _samr_OpenDomain(pipes_struct *p,
612                           struct samr_OpenDomain *r)
613 {
614         struct    samr_info *info;
615         SEC_DESC *psd = NULL;
616         uint32    acc_granted;
617         uint32    des_access = r->in.access_mask;
618         NTSTATUS  status;
619         size_t    sd_size;
620         SE_PRIV se_rights;
621
622         /* find the connection policy handle. */
623
624         if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) )
625                 return NT_STATUS_INVALID_HANDLE;
626
627         status = access_check_samr_function(info->acc_granted,
628                                             SAMR_ACCESS_OPEN_DOMAIN,
629                                             "_samr_OpenDomain" );
630
631         if ( !NT_STATUS_IS_OK(status) )
632                 return status;
633
634         /*check if access can be granted as requested by client. */
635         map_max_allowed_access(p->server_info->ptok, &des_access);
636
637         make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 );
638         se_map_generic( &des_access, &dom_generic_mapping );
639
640         se_priv_copy( &se_rights, &se_machine_account );
641         se_priv_add( &se_rights, &se_add_users );
642
643         status = access_check_samr_object( psd, p->server_info->ptok,
644                 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access,
645                 &acc_granted, "_samr_OpenDomain" );
646
647         if ( !NT_STATUS_IS_OK(status) )
648                 return status;
649
650         if (!sid_check_is_domain(r->in.sid) &&
651             !sid_check_is_builtin(r->in.sid)) {
652                 return NT_STATUS_NO_SUCH_DOMAIN;
653         }
654
655         /* associate the domain SID with the (unique) handle. */
656         if ((info = get_samr_info_by_sid(r->in.sid))==NULL)
657                 return NT_STATUS_NO_MEMORY;
658         info->acc_granted = acc_granted;
659
660         /* get a (unique) handle.  open a policy on it. */
661         if (!create_policy_hnd(p, r->out.domain_handle, free_samr_info, (void *)info))
662                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
663
664         DEBUG(5,("_samr_OpenDomain: %d\n", __LINE__));
665
666         return NT_STATUS_OK;
667 }
668
669 /*******************************************************************
670  _samr_GetUserPwInfo
671  ********************************************************************/
672
673 NTSTATUS _samr_GetUserPwInfo(pipes_struct *p,
674                              struct samr_GetUserPwInfo *r)
675 {
676         struct samr_info *info = NULL;
677         enum lsa_SidType sid_type;
678         uint32_t min_password_length = 0;
679         uint32_t password_properties = 0;
680         bool ret = false;
681         NTSTATUS status;
682
683         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
684
685         /* find the policy handle.  open a policy on it. */
686         if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info)) {
687                 return NT_STATUS_INVALID_HANDLE;
688         }
689
690         status = access_check_samr_function(info->acc_granted,
691                                             SAMR_USER_ACCESS_GET_ATTRIBUTES,
692                                             "_samr_GetUserPwInfo" );
693         if (!NT_STATUS_IS_OK(status)) {
694                 return status;
695         }
696
697         if (!sid_check_is_in_our_domain(&info->sid)) {
698                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
699         }
700
701         become_root();
702         ret = lookup_sid(p->mem_ctx, &info->sid, NULL, NULL, &sid_type);
703         unbecome_root();
704         if (ret == false) {
705                 return NT_STATUS_NO_SUCH_USER;
706         }
707
708         switch (sid_type) {
709                 case SID_NAME_USER:
710                         become_root();
711                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN,
712                                                &min_password_length);
713                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
714                                                &password_properties);
715                         unbecome_root();
716
717                         if (lp_check_password_script() && *lp_check_password_script()) {
718                                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
719                         }
720
721                         break;
722                 default:
723                         break;
724         }
725
726         r->out.info->min_password_length = min_password_length;
727         r->out.info->password_properties = password_properties;
728
729         DEBUG(5,("_samr_GetUserPwInfo: %d\n", __LINE__));
730
731         return NT_STATUS_OK;
732 }
733
734 /*******************************************************************
735 ********************************************************************/
736
737 static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol,
738                                         DOM_SID *sid, uint32 *acc_granted,
739                                         DISP_INFO **ppdisp_info)
740 {
741         struct samr_info *info = NULL;
742
743         /* find the policy handle.  open a policy on it. */
744         if (!find_policy_by_hnd(p, pol, (void **)(void *)&info))
745                 return False;
746
747         if (!info)
748                 return False;
749
750         *sid = info->sid;
751         *acc_granted = info->acc_granted;
752         if (ppdisp_info) {
753                 *ppdisp_info = info->disp_info;
754         }
755
756         return True;
757 }
758
759 /*******************************************************************
760  _samr_SetSecurity
761  ********************************************************************/
762
763 NTSTATUS _samr_SetSecurity(pipes_struct *p,
764                            struct samr_SetSecurity *r)
765 {
766         DOM_SID pol_sid;
767         uint32 acc_granted, i;
768         SEC_ACL *dacl;
769         bool ret;
770         struct samu *sampass=NULL;
771         NTSTATUS status;
772
773         if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
774                 return NT_STATUS_INVALID_HANDLE;
775
776         if (!(sampass = samu_new( p->mem_ctx))) {
777                 DEBUG(0,("No memory!\n"));
778                 return NT_STATUS_NO_MEMORY;
779         }
780
781         /* get the user record */
782         become_root();
783         ret = pdb_getsampwsid(sampass, &pol_sid);
784         unbecome_root();
785
786         if (!ret) {
787                 DEBUG(4, ("User %s not found\n", sid_string_dbg(&pol_sid)));
788                 TALLOC_FREE(sampass);
789                 return NT_STATUS_INVALID_HANDLE;
790         }
791
792         dacl = r->in.sdbuf->sd->dacl;
793         for (i=0; i < dacl->num_aces; i++) {
794                 if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
795                         ret = pdb_set_pass_can_change(sampass,
796                                 (dacl->aces[i].access_mask &
797                                  SAMR_USER_ACCESS_CHANGE_PASSWORD) ?
798                                                       True: False);
799                         break;
800                 }
801         }
802
803         if (!ret) {
804                 TALLOC_FREE(sampass);
805                 return NT_STATUS_ACCESS_DENIED;
806         }
807
808         status = access_check_samr_function(acc_granted,
809                                             SAMR_USER_ACCESS_SET_ATTRIBUTES,
810                                             "_samr_SetSecurity");
811         if (NT_STATUS_IS_OK(status)) {
812                 become_root();
813                 status = pdb_update_sam_account(sampass);
814                 unbecome_root();
815         }
816
817         TALLOC_FREE(sampass);
818
819         return status;
820 }
821
822 /*******************************************************************
823   build correct perms based on policies and password times for _samr_query_sec_obj
824 *******************************************************************/
825 static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
826 {
827         struct samu *sampass=NULL;
828         bool ret;
829
830         if ( !(sampass = samu_new( mem_ctx )) ) {
831                 DEBUG(0,("No memory!\n"));
832                 return False;
833         }
834
835         become_root();
836         ret = pdb_getsampwsid(sampass, user_sid);
837         unbecome_root();
838
839         if (ret == False) {
840                 DEBUG(4,("User %s not found\n", sid_string_dbg(user_sid)));
841                 TALLOC_FREE(sampass);
842                 return False;
843         }
844
845         DEBUG(3,("User:[%s]\n",  pdb_get_username(sampass) ));
846
847         if (pdb_get_pass_can_change(sampass)) {
848                 TALLOC_FREE(sampass);
849                 return True;
850         }
851         TALLOC_FREE(sampass);
852         return False;
853 }
854
855
856 /*******************************************************************
857  _samr_QuerySecurity
858  ********************************************************************/
859
860 NTSTATUS _samr_QuerySecurity(pipes_struct *p,
861                              struct samr_QuerySecurity *r)
862 {
863         NTSTATUS status;
864         DOM_SID pol_sid;
865         SEC_DESC * psd = NULL;
866         uint32 acc_granted;
867         size_t sd_size;
868
869         /* Get the SID. */
870         if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
871                 return NT_STATUS_INVALID_HANDLE;
872
873         DEBUG(10,("_samr_QuerySecurity: querying security on SID: %s\n",
874                   sid_string_dbg(&pol_sid)));
875
876         status = access_check_samr_function(acc_granted,
877                                             STD_RIGHT_READ_CONTROL_ACCESS,
878                                             "_samr_QuerySecurity");
879         if (!NT_STATUS_IS_OK(status)) {
880                 return status;
881         }
882
883         /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
884
885         /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */
886         if (pol_sid.sid_rev_num == 0) {
887                 DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
888                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
889         } else if (sid_equal(&pol_sid,get_global_sam_sid())) {
890                 /* check if it is our domain SID */
891                 DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
892                          "with SID: %s\n", sid_string_dbg(&pol_sid)));
893                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
894         } else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
895                 /* check if it is the Builtin  Domain */
896                 /* TODO: Builtin probably needs a different SD with restricted write access*/
897                 DEBUG(5,("_samr_QuerySecurity: querying security on Builtin "
898                          "Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
899                 status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
900         } else if (sid_check_is_in_our_domain(&pol_sid) ||
901                  sid_check_is_in_builtin(&pol_sid)) {
902                 /* TODO: different SDs have to be generated for aliases groups and users.
903                          Currently all three get a default user SD  */
904                 DEBUG(10,("_samr_QuerySecurity: querying security on Object "
905                           "with SID: %s\n", sid_string_dbg(&pol_sid)));
906                 if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
907                         status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
908                                                           &pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
909                 } else {
910                         status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
911                                                           &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
912                 }
913         } else {
914                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
915         }
916
917         if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
918                 return NT_STATUS_NO_MEMORY;
919
920         return status;
921 }
922
923 /*******************************************************************
924 makes a SAM_ENTRY / UNISTR2* structure from a user list.
925 ********************************************************************/
926
927 static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx,
928                                          struct samr_SamEntry **sam_pp,
929                                          uint32_t num_entries,
930                                          uint32_t start_idx,
931                                          struct samr_displayentry *entries)
932 {
933         uint32_t i;
934         struct samr_SamEntry *sam;
935
936         *sam_pp = NULL;
937
938         if (num_entries == 0) {
939                 return NT_STATUS_OK;
940         }
941
942         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_entries);
943         if (sam == NULL) {
944                 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n"));
945                 return NT_STATUS_NO_MEMORY;
946         }
947
948         for (i = 0; i < num_entries; i++) {
949 #if 0
950                 /*
951                  * usrmgr expects a non-NULL terminated string with
952                  * trust relationships
953                  */
954                 if (entries[i].acct_flags & ACB_DOMTRUST) {
955                         init_unistr2(&uni_temp_name, entries[i].account_name,
956                                      UNI_FLAGS_NONE);
957                 } else {
958                         init_unistr2(&uni_temp_name, entries[i].account_name,
959                                      UNI_STR_TERMINATE);
960                 }
961 #endif
962                 init_lsa_String(&sam[i].name, entries[i].account_name);
963                 sam[i].idx = entries[i].rid;
964         }
965
966         *sam_pp = sam;
967
968         return NT_STATUS_OK;
969 }
970
971 #define MAX_SAM_ENTRIES MAX_SAM_ENTRIES_W2K
972
973 /*******************************************************************
974  _samr_EnumDomainUsers
975  ********************************************************************/
976
977 NTSTATUS _samr_EnumDomainUsers(pipes_struct *p,
978                                struct samr_EnumDomainUsers *r)
979 {
980         NTSTATUS status;
981         struct samr_info *info = NULL;
982         int num_account;
983         uint32 enum_context = *r->in.resume_handle;
984         enum remote_arch_types ra_type = get_remote_arch();
985         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
986         uint32 max_entries = max_sam_entries;
987         struct samr_displayentry *entries = NULL;
988         struct samr_SamArray *samr_array = NULL;
989         struct samr_SamEntry *samr_entries = NULL;
990
991         /* find the policy handle.  open a policy on it. */
992         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
993                 return NT_STATUS_INVALID_HANDLE;
994
995         status = access_check_samr_function(info->acc_granted,
996                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
997                                             "_samr_EnumDomainUsers");
998         if (!NT_STATUS_IS_OK(status)) {
999                 return status;
1000         }
1001
1002         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
1003
1004         if (info->builtin_domain) {
1005                 /* No users in builtin. */
1006                 *r->out.resume_handle = *r->in.resume_handle;
1007                 DEBUG(5,("_samr_EnumDomainUsers: No users in BUILTIN\n"));
1008                 return status;
1009         }
1010
1011         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1012         if (!samr_array) {
1013                 return NT_STATUS_NO_MEMORY;
1014         }
1015         *r->out.sam = samr_array;
1016
1017         become_root();
1018
1019         /* AS ROOT !!!! */
1020
1021         if ((info->disp_info->enum_users != NULL) &&
1022             (info->disp_info->enum_acb_mask != r->in.acct_flags)) {
1023                 pdb_search_destroy(info->disp_info->enum_users);
1024                 info->disp_info->enum_users = NULL;
1025         }
1026
1027         if (info->disp_info->enum_users == NULL) {
1028                 info->disp_info->enum_users = pdb_search_users(r->in.acct_flags);
1029                 info->disp_info->enum_acb_mask = r->in.acct_flags;
1030         }
1031
1032         if (info->disp_info->enum_users == NULL) {
1033                 /* END AS ROOT !!!! */
1034                 unbecome_root();
1035                 return NT_STATUS_ACCESS_DENIED;
1036         }
1037
1038         num_account = pdb_search_entries(info->disp_info->enum_users,
1039                                          enum_context, max_entries,
1040                                          &entries);
1041
1042         /* END AS ROOT !!!! */
1043
1044         unbecome_root();
1045
1046         if (num_account == 0) {
1047                 DEBUG(5, ("_samr_EnumDomainUsers: enumeration handle over "
1048                           "total entries\n"));
1049                 *r->out.resume_handle = *r->in.resume_handle;
1050                 return NT_STATUS_OK;
1051         }
1052
1053         status = make_user_sam_entry_list(p->mem_ctx, &samr_entries,
1054                                           num_account, enum_context,
1055                                           entries);
1056         if (!NT_STATUS_IS_OK(status)) {
1057                 return status;
1058         }
1059
1060         if (max_entries <= num_account) {
1061                 status = STATUS_MORE_ENTRIES;
1062         } else {
1063                 status = NT_STATUS_OK;
1064         }
1065
1066         /* Ensure we cache this enumeration. */
1067         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1068
1069         DEBUG(5, ("_samr_EnumDomainUsers: %d\n", __LINE__));
1070
1071         samr_array->count = num_account;
1072         samr_array->entries = samr_entries;
1073
1074         *r->out.resume_handle = *r->in.resume_handle + num_account;
1075         *r->out.num_entries = num_account;
1076
1077         DEBUG(5,("_samr_EnumDomainUsers: %d\n", __LINE__));
1078
1079         return status;
1080 }
1081
1082 /*******************************************************************
1083 makes a SAM_ENTRY / UNISTR2* structure from a group list.
1084 ********************************************************************/
1085
1086 static void make_group_sam_entry_list(TALLOC_CTX *ctx,
1087                                       struct samr_SamEntry **sam_pp,
1088                                       uint32_t num_sam_entries,
1089                                       struct samr_displayentry *entries)
1090 {
1091         struct samr_SamEntry *sam;
1092         uint32_t i;
1093
1094         *sam_pp = NULL;
1095
1096         if (num_sam_entries == 0) {
1097                 return;
1098         }
1099
1100         sam = TALLOC_ZERO_ARRAY(ctx, struct samr_SamEntry, num_sam_entries);
1101         if (sam == NULL) {
1102                 return;
1103         }
1104
1105         for (i = 0; i < num_sam_entries; i++) {
1106                 /*
1107                  * JRA. I think this should include the null. TNG does not.
1108                  */
1109                 init_lsa_String(&sam[i].name, entries[i].account_name);
1110                 sam[i].idx = entries[i].rid;
1111         }
1112
1113         *sam_pp = sam;
1114 }
1115
1116 /*******************************************************************
1117  _samr_EnumDomainGroups
1118  ********************************************************************/
1119
1120 NTSTATUS _samr_EnumDomainGroups(pipes_struct *p,
1121                                 struct samr_EnumDomainGroups *r)
1122 {
1123         NTSTATUS status;
1124         struct samr_info *info = NULL;
1125         struct samr_displayentry *groups;
1126         uint32 num_groups;
1127         struct samr_SamArray *samr_array = NULL;
1128         struct samr_SamEntry *samr_entries = NULL;
1129
1130         /* find the policy handle.  open a policy on it. */
1131         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1132                 return NT_STATUS_INVALID_HANDLE;
1133
1134         status = access_check_samr_function(info->acc_granted,
1135                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1136                                             "_samr_EnumDomainGroups");
1137         if (!NT_STATUS_IS_OK(status)) {
1138                 return status;
1139         }
1140
1141         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1142
1143         if (info->builtin_domain) {
1144                 /* No groups in builtin. */
1145                 *r->out.resume_handle = *r->in.resume_handle;
1146                 DEBUG(5,("_samr_EnumDomainGroups: No groups in BUILTIN\n"));
1147                 return status;
1148         }
1149
1150         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1151         if (!samr_array) {
1152                 return NT_STATUS_NO_MEMORY;
1153         }
1154
1155         /* the domain group array is being allocated in the function below */
1156
1157         become_root();
1158
1159         if (info->disp_info->groups == NULL) {
1160                 info->disp_info->groups = pdb_search_groups();
1161
1162                 if (info->disp_info->groups == NULL) {
1163                         unbecome_root();
1164                         return NT_STATUS_ACCESS_DENIED;
1165                 }
1166         }
1167
1168         num_groups = pdb_search_entries(info->disp_info->groups,
1169                                         *r->in.resume_handle,
1170                                         MAX_SAM_ENTRIES, &groups);
1171         unbecome_root();
1172
1173         /* Ensure we cache this enumeration. */
1174         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1175
1176         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1177                                   num_groups, groups);
1178
1179         samr_array->count = num_groups;
1180         samr_array->entries = samr_entries;
1181
1182         *r->out.sam = samr_array;
1183         *r->out.num_entries = num_groups;
1184         /* this was missing, IMHO:
1185         *r->out.resume_handle = num_groups + *r->in.resume_handle;
1186         */
1187
1188         DEBUG(5,("_samr_EnumDomainGroups: %d\n", __LINE__));
1189
1190         return status;
1191 }
1192
1193 /*******************************************************************
1194  _samr_EnumDomainAliases
1195  ********************************************************************/
1196
1197 NTSTATUS _samr_EnumDomainAliases(pipes_struct *p,
1198                                  struct samr_EnumDomainAliases *r)
1199 {
1200         NTSTATUS status;
1201         struct samr_info *info;
1202         struct samr_displayentry *aliases;
1203         uint32 num_aliases = 0;
1204         struct samr_SamArray *samr_array = NULL;
1205         struct samr_SamEntry *samr_entries = NULL;
1206
1207         /* find the policy handle.  open a policy on it. */
1208         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1209                 return NT_STATUS_INVALID_HANDLE;
1210
1211         DEBUG(5,("_samr_EnumDomainAliases: sid %s\n",
1212                  sid_string_dbg(&info->sid)));
1213
1214         status = access_check_samr_function(info->acc_granted,
1215                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1216                                             "_samr_EnumDomainAliases");
1217         if (!NT_STATUS_IS_OK(status)) {
1218                 return status;
1219         }
1220
1221         samr_array = TALLOC_ZERO_P(p->mem_ctx, struct samr_SamArray);
1222         if (!samr_array) {
1223                 return NT_STATUS_NO_MEMORY;
1224         }
1225
1226         become_root();
1227
1228         if (info->disp_info->aliases == NULL) {
1229                 info->disp_info->aliases = pdb_search_aliases(&info->sid);
1230                 if (info->disp_info->aliases == NULL) {
1231                         unbecome_root();
1232                         return NT_STATUS_ACCESS_DENIED;
1233                 }
1234         }
1235
1236         num_aliases = pdb_search_entries(info->disp_info->aliases,
1237                                          *r->in.resume_handle,
1238                                          MAX_SAM_ENTRIES, &aliases);
1239         unbecome_root();
1240
1241         /* Ensure we cache this enumeration. */
1242         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1243
1244         make_group_sam_entry_list(p->mem_ctx, &samr_entries,
1245                                   num_aliases, aliases);
1246
1247         DEBUG(5,("_samr_EnumDomainAliases: %d\n", __LINE__));
1248
1249         samr_array->count = num_aliases;
1250         samr_array->entries = samr_entries;
1251
1252         *r->out.sam = samr_array;
1253         *r->out.num_entries = num_aliases;
1254         *r->out.resume_handle = num_aliases + *r->in.resume_handle;
1255
1256         return status;
1257 }
1258
1259 /*******************************************************************
1260  inits a samr_DispInfoGeneral structure.
1261 ********************************************************************/
1262
1263 static NTSTATUS init_samr_dispinfo_1(TALLOC_CTX *ctx,
1264                                      struct samr_DispInfoGeneral *r,
1265                                      uint32_t num_entries,
1266                                      uint32_t start_idx,
1267                                      struct samr_displayentry *entries)
1268 {
1269         uint32 i;
1270
1271         DEBUG(10, ("init_samr_dispinfo_1: num_entries: %d\n", num_entries));
1272
1273         if (num_entries == 0) {
1274                 return NT_STATUS_OK;
1275         }
1276
1277         r->count = num_entries;
1278
1279         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryGeneral, num_entries);
1280         if (!r->entries) {
1281                 return NT_STATUS_NO_MEMORY;
1282         }
1283
1284         for (i = 0; i < num_entries ; i++) {
1285
1286                 init_lsa_String(&r->entries[i].account_name,
1287                                 entries[i].account_name);
1288
1289                 init_lsa_String(&r->entries[i].description,
1290                                 entries[i].description);
1291
1292                 init_lsa_String(&r->entries[i].full_name,
1293                                 entries[i].fullname);
1294
1295                 r->entries[i].rid = entries[i].rid;
1296                 r->entries[i].acct_flags = entries[i].acct_flags;
1297                 r->entries[i].idx = start_idx+i+1;
1298         }
1299
1300         return NT_STATUS_OK;
1301 }
1302
1303 /*******************************************************************
1304  inits a samr_DispInfoFull structure.
1305 ********************************************************************/
1306
1307 static NTSTATUS init_samr_dispinfo_2(TALLOC_CTX *ctx,
1308                                      struct samr_DispInfoFull *r,
1309                                      uint32_t num_entries,
1310                                      uint32_t start_idx,
1311                                      struct samr_displayentry *entries)
1312 {
1313         uint32_t i;
1314
1315         DEBUG(10, ("init_samr_dispinfo_2: num_entries: %d\n", num_entries));
1316
1317         if (num_entries == 0) {
1318                 return NT_STATUS_OK;
1319         }
1320
1321         r->count = num_entries;
1322
1323         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFull, num_entries);
1324         if (!r->entries) {
1325                 return NT_STATUS_NO_MEMORY;
1326         }
1327
1328         for (i = 0; i < num_entries ; i++) {
1329
1330                 init_lsa_String(&r->entries[i].account_name,
1331                                 entries[i].account_name);
1332
1333                 init_lsa_String(&r->entries[i].description,
1334                                 entries[i].description);
1335
1336                 r->entries[i].rid = entries[i].rid;
1337                 r->entries[i].acct_flags = entries[i].acct_flags;
1338                 r->entries[i].idx = start_idx+i+1;
1339         }
1340
1341         return NT_STATUS_OK;
1342 }
1343
1344 /*******************************************************************
1345  inits a samr_DispInfoFullGroups structure.
1346 ********************************************************************/
1347
1348 static NTSTATUS init_samr_dispinfo_3(TALLOC_CTX *ctx,
1349                                      struct samr_DispInfoFullGroups *r,
1350                                      uint32_t num_entries,
1351                                      uint32_t start_idx,
1352                                      struct samr_displayentry *entries)
1353 {
1354         uint32_t i;
1355
1356         DEBUG(5, ("init_samr_dispinfo_3: num_entries: %d\n", num_entries));
1357
1358         if (num_entries == 0) {
1359                 return NT_STATUS_OK;
1360         }
1361
1362         r->count = num_entries;
1363
1364         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryFullGroup, num_entries);
1365         if (!r->entries) {
1366                 return NT_STATUS_NO_MEMORY;
1367         }
1368
1369         for (i = 0; i < num_entries ; i++) {
1370
1371                 init_lsa_String(&r->entries[i].account_name,
1372                                 entries[i].account_name);
1373
1374                 init_lsa_String(&r->entries[i].description,
1375                                 entries[i].description);
1376
1377                 r->entries[i].rid = entries[i].rid;
1378                 r->entries[i].acct_flags = entries[i].acct_flags;
1379                 r->entries[i].idx = start_idx+i+1;
1380         }
1381
1382         return NT_STATUS_OK;
1383 }
1384
1385 /*******************************************************************
1386  inits a samr_DispInfoAscii structure.
1387 ********************************************************************/
1388
1389 static NTSTATUS init_samr_dispinfo_4(TALLOC_CTX *ctx,
1390                                      struct samr_DispInfoAscii *r,
1391                                      uint32_t num_entries,
1392                                      uint32_t start_idx,
1393                                      struct samr_displayentry *entries)
1394 {
1395         uint32_t i;
1396
1397         DEBUG(5, ("init_samr_dispinfo_4: num_entries: %d\n", num_entries));
1398
1399         if (num_entries == 0) {
1400                 return NT_STATUS_OK;
1401         }
1402
1403         r->count = num_entries;
1404
1405         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1406         if (!r->entries) {
1407                 return NT_STATUS_NO_MEMORY;
1408         }
1409
1410         for (i = 0; i < num_entries ; i++) {
1411
1412                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1413                                           entries[i].account_name);
1414
1415                 r->entries[i].idx = start_idx+i+1;
1416         }
1417
1418         return NT_STATUS_OK;
1419 }
1420
1421 /*******************************************************************
1422  inits a samr_DispInfoAscii structure.
1423 ********************************************************************/
1424
1425 static NTSTATUS init_samr_dispinfo_5(TALLOC_CTX *ctx,
1426                                      struct samr_DispInfoAscii *r,
1427                                      uint32_t num_entries,
1428                                      uint32_t start_idx,
1429                                      struct samr_displayentry *entries)
1430 {
1431         uint32_t i;
1432
1433         DEBUG(5, ("init_samr_dispinfo_5: num_entries: %d\n", num_entries));
1434
1435         if (num_entries == 0) {
1436                 return NT_STATUS_OK;
1437         }
1438
1439         r->count = num_entries;
1440
1441         r->entries = TALLOC_ZERO_ARRAY(ctx, struct samr_DispEntryAscii, num_entries);
1442         if (!r->entries) {
1443                 return NT_STATUS_NO_MEMORY;
1444         }
1445
1446         for (i = 0; i < num_entries ; i++) {
1447
1448                 init_lsa_AsciiStringLarge(&r->entries[i].account_name,
1449                                           entries[i].account_name);
1450
1451                 r->entries[i].idx = start_idx+i+1;
1452         }
1453
1454         return NT_STATUS_OK;
1455 }
1456
1457 /*******************************************************************
1458  _samr_QueryDisplayInfo
1459  ********************************************************************/
1460
1461 NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
1462                                 struct samr_QueryDisplayInfo *r)
1463 {
1464         NTSTATUS status;
1465         struct samr_info *info = NULL;
1466         uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */
1467
1468         uint32 max_entries = r->in.max_entries;
1469         uint32 enum_context = r->in.start_idx;
1470         uint32 max_size = r->in.buf_size;
1471
1472         union samr_DispInfo *disp_info = r->out.info;
1473
1474         uint32 temp_size=0, total_data_size=0;
1475         NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL;
1476         uint32 num_account = 0;
1477         enum remote_arch_types ra_type = get_remote_arch();
1478         int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
1479         struct samr_displayentry *entries = NULL;
1480
1481         DEBUG(5,("_samr_QueryDisplayInfo: %d\n", __LINE__));
1482
1483         /* find the policy handle.  open a policy on it. */
1484         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info))
1485                 return NT_STATUS_INVALID_HANDLE;
1486
1487         if (info->builtin_domain) {
1488                 DEBUG(5,("_samr_QueryDisplayInfo: Nothing in BUILTIN\n"));
1489                 return NT_STATUS_OK;
1490         }
1491
1492         status = access_check_samr_function(info->acc_granted,
1493                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
1494                                             "_samr_QueryDisplayInfo");
1495         if (!NT_STATUS_IS_OK(status)) {
1496                 return status;
1497         }
1498
1499         /*
1500          * calculate how many entries we will return.
1501          * based on
1502          * - the number of entries the client asked
1503          * - our limit on that
1504          * - the starting point (enumeration context)
1505          * - the buffer size the client will accept
1506          */
1507
1508         /*
1509          * We are a lot more like W2K. Instead of reading the SAM
1510          * each time to find the records we need to send back,
1511          * we read it once and link that copy to the sam handle.
1512          * For large user list (over the MAX_SAM_ENTRIES)
1513          * it's a definitive win.
1514          * second point to notice: between enumerations
1515          * our sam is now the same as it's a snapshoot.
1516          * third point: got rid of the static SAM_USER_21 struct
1517          * no more intermediate.
1518          * con: it uses much more memory, as a full copy is stored
1519          * in memory.
1520          *
1521          * If you want to change it, think twice and think
1522          * of the second point , that's really important.
1523          *
1524          * JFM, 12/20/2001
1525          */
1526
1527         if ((r->in.level < 1) || (r->in.level > 5)) {
1528                 DEBUG(0,("_samr_QueryDisplayInfo: Unknown info level (%u)\n",
1529                          (unsigned int)r->in.level ));
1530                 return NT_STATUS_INVALID_INFO_CLASS;
1531         }
1532
1533         /* first limit the number of entries we will return */
1534         if(max_entries > max_sam_entries) {
1535                 DEBUG(5, ("_samr_QueryDisplayInfo: client requested %d "
1536                           "entries, limiting to %d\n", max_entries,
1537                           max_sam_entries));
1538                 max_entries = max_sam_entries;
1539         }
1540
1541         /* calculate the size and limit on the number of entries we will
1542          * return */
1543
1544         temp_size=max_entries*struct_size;
1545
1546         if (temp_size>max_size) {
1547                 max_entries=MIN((max_size/struct_size),max_entries);;
1548                 DEBUG(5, ("_samr_QueryDisplayInfo: buffer size limits to "
1549                           "only %d entries\n", max_entries));
1550         }
1551
1552         become_root();
1553
1554         /* THe following done as ROOT. Don't return without unbecome_root(). */
1555
1556         switch (r->in.level) {
1557         case 0x1:
1558         case 0x4:
1559                 if (info->disp_info->users == NULL) {
1560                         info->disp_info->users = pdb_search_users(ACB_NORMAL);
1561                         if (info->disp_info->users == NULL) {
1562                                 unbecome_root();
1563                                 return NT_STATUS_ACCESS_DENIED;
1564                         }
1565                         DEBUG(10,("_samr_QueryDisplayInfo: starting user enumeration at index %u\n",
1566                                 (unsigned  int)enum_context ));
1567                 } else {
1568                         DEBUG(10,("_samr_QueryDisplayInfo: using cached user enumeration at index %u\n",
1569                                 (unsigned  int)enum_context ));
1570                 }
1571
1572                 num_account = pdb_search_entries(info->disp_info->users,
1573                                                  enum_context, max_entries,
1574                                                  &entries);
1575                 break;
1576         case 0x2:
1577                 if (info->disp_info->machines == NULL) {
1578                         info->disp_info->machines =
1579                                 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST);
1580                         if (info->disp_info->machines == NULL) {
1581                                 unbecome_root();
1582                                 return NT_STATUS_ACCESS_DENIED;
1583                         }
1584                         DEBUG(10,("_samr_QueryDisplayInfo: starting machine enumeration at index %u\n",
1585                                 (unsigned  int)enum_context ));
1586                 } else {
1587                         DEBUG(10,("_samr_QueryDisplayInfo: using cached machine enumeration at index %u\n",
1588                                 (unsigned  int)enum_context ));
1589                 }
1590
1591                 num_account = pdb_search_entries(info->disp_info->machines,
1592                                                  enum_context, max_entries,
1593                                                  &entries);
1594                 break;
1595         case 0x3:
1596         case 0x5:
1597                 if (info->disp_info->groups == NULL) {
1598                         info->disp_info->groups = pdb_search_groups();
1599                         if (info->disp_info->groups == NULL) {
1600                                 unbecome_root();
1601                                 return NT_STATUS_ACCESS_DENIED;
1602                         }
1603                         DEBUG(10,("_samr_QueryDisplayInfo: starting group enumeration at index %u\n",
1604                                 (unsigned  int)enum_context ));
1605                 } else {
1606                         DEBUG(10,("_samr_QueryDisplayInfo: using cached group enumeration at index %u\n",
1607                                 (unsigned  int)enum_context ));
1608                 }
1609
1610                 num_account = pdb_search_entries(info->disp_info->groups,
1611                                                  enum_context, max_entries,
1612                                                  &entries);
1613                 break;
1614         default:
1615                 unbecome_root();
1616                 smb_panic("info class changed");
1617                 break;
1618         }
1619         unbecome_root();
1620
1621
1622         /* Now create reply structure */
1623         switch (r->in.level) {
1624         case 0x1:
1625                 disp_ret = init_samr_dispinfo_1(p->mem_ctx, &disp_info->info1,
1626                                                 num_account, enum_context,
1627                                                 entries);
1628                 break;
1629         case 0x2:
1630                 disp_ret = init_samr_dispinfo_2(p->mem_ctx, &disp_info->info2,
1631                                                 num_account, enum_context,
1632                                                 entries);
1633                 break;
1634         case 0x3:
1635                 disp_ret = init_samr_dispinfo_3(p->mem_ctx, &disp_info->info3,
1636                                                 num_account, enum_context,
1637                                                 entries);
1638                 break;
1639         case 0x4:
1640                 disp_ret = init_samr_dispinfo_4(p->mem_ctx, &disp_info->info4,
1641                                                 num_account, enum_context,
1642                                                 entries);
1643                 break;
1644         case 0x5:
1645                 disp_ret = init_samr_dispinfo_5(p->mem_ctx, &disp_info->info5,
1646                                                 num_account, enum_context,
1647                                                 entries);
1648                 break;
1649         default:
1650                 smb_panic("info class changed");
1651                 break;
1652         }
1653
1654         if (!NT_STATUS_IS_OK(disp_ret))
1655                 return disp_ret;
1656
1657         /* calculate the total size */
1658         total_data_size=num_account*struct_size;
1659
1660         if (max_entries <= num_account) {
1661                 status = STATUS_MORE_ENTRIES;
1662         } else {
1663                 status = NT_STATUS_OK;
1664         }
1665
1666         /* Ensure we cache this enumeration. */
1667         set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
1668
1669         DEBUG(5, ("_samr_QueryDisplayInfo: %d\n", __LINE__));
1670
1671         *r->out.total_size = total_data_size;
1672         *r->out.returned_size = temp_size;
1673
1674         return status;
1675 }
1676
1677 /****************************************************************
1678  _samr_QueryDisplayInfo2
1679 ****************************************************************/
1680
1681 NTSTATUS _samr_QueryDisplayInfo2(pipes_struct *p,
1682                                  struct samr_QueryDisplayInfo2 *r)
1683 {
1684         struct samr_QueryDisplayInfo q;
1685
1686         q.in.domain_handle      = r->in.domain_handle;
1687         q.in.level              = r->in.level;
1688         q.in.start_idx          = r->in.start_idx;
1689         q.in.max_entries        = r->in.max_entries;
1690         q.in.buf_size           = r->in.buf_size;
1691
1692         q.out.total_size        = r->out.total_size;
1693         q.out.returned_size     = r->out.returned_size;
1694         q.out.info              = r->out.info;
1695
1696         return _samr_QueryDisplayInfo(p, &q);
1697 }
1698
1699 /****************************************************************
1700  _samr_QueryDisplayInfo3
1701 ****************************************************************/
1702
1703 NTSTATUS _samr_QueryDisplayInfo3(pipes_struct *p,
1704                                  struct samr_QueryDisplayInfo3 *r)
1705 {
1706         struct samr_QueryDisplayInfo q;
1707
1708         q.in.domain_handle      = r->in.domain_handle;
1709         q.in.level              = r->in.level;
1710         q.in.start_idx          = r->in.start_idx;
1711         q.in.max_entries        = r->in.max_entries;
1712         q.in.buf_size           = r->in.buf_size;
1713
1714         q.out.total_size        = r->out.total_size;
1715         q.out.returned_size     = r->out.returned_size;
1716         q.out.info              = r->out.info;
1717
1718         return _samr_QueryDisplayInfo(p, &q);
1719 }
1720
1721 /*******************************************************************
1722  _samr_QueryAliasInfo
1723  ********************************************************************/
1724
1725 NTSTATUS _samr_QueryAliasInfo(pipes_struct *p,
1726                               struct samr_QueryAliasInfo *r)
1727 {
1728         DOM_SID   sid;
1729         struct acct_info info;
1730         uint32    acc_granted;
1731         NTSTATUS status;
1732         union samr_AliasInfo *alias_info = NULL;
1733         const char *alias_name = NULL;
1734         const char *alias_description = NULL;
1735
1736         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1737
1738         alias_info = TALLOC_ZERO_P(p->mem_ctx, union samr_AliasInfo);
1739         if (!alias_info) {
1740                 return NT_STATUS_NO_MEMORY;
1741         }
1742
1743         /* find the policy handle.  open a policy on it. */
1744         if (!get_lsa_policy_samr_sid(p, r->in.alias_handle, &sid, &acc_granted, NULL))
1745                 return NT_STATUS_INVALID_HANDLE;
1746
1747         status = access_check_samr_function(acc_granted,
1748                                             SAMR_ALIAS_ACCESS_LOOKUP_INFO,
1749                                             "_samr_QueryAliasInfo");
1750         if (!NT_STATUS_IS_OK(status)) {
1751                 return status;
1752         }
1753
1754         become_root();
1755         status = pdb_get_aliasinfo(&sid, &info);
1756         unbecome_root();
1757
1758         if ( !NT_STATUS_IS_OK(status))
1759                 return status;
1760
1761         /* FIXME: info contains fstrings */
1762         alias_name = talloc_strdup(r, info.acct_name);
1763         alias_description = talloc_strdup(r, info.acct_desc);
1764
1765         switch (r->in.level) {
1766         case ALIASINFOALL:
1767                 init_samr_alias_info1(&alias_info->all,
1768                                       alias_name,
1769                                       1,
1770                                       alias_description);
1771                 break;
1772         case ALIASINFODESCRIPTION:
1773                 init_samr_alias_info3(&alias_info->description,
1774                                       alias_description);
1775                 break;
1776         default:
1777                 return NT_STATUS_INVALID_INFO_CLASS;
1778         }
1779
1780         *r->out.info = alias_info;
1781
1782         DEBUG(5,("_samr_QueryAliasInfo: %d\n", __LINE__));
1783
1784         return NT_STATUS_OK;
1785 }
1786
1787 /*******************************************************************
1788  _samr_LookupNames
1789  ********************************************************************/
1790
1791 NTSTATUS _samr_LookupNames(pipes_struct *p,
1792                            struct samr_LookupNames *r)
1793 {
1794         NTSTATUS status;
1795         uint32 *rid;
1796         enum lsa_SidType *type;
1797         int i;
1798         int num_rids = r->in.num_names;
1799         DOM_SID pol_sid;
1800         uint32  acc_granted;
1801         struct samr_Ids rids, types;
1802         uint32_t num_mapped = 0;
1803
1804         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1805
1806         if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &pol_sid, &acc_granted, NULL)) {
1807                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
1808         }
1809
1810         status = access_check_samr_function(acc_granted,
1811                                             0, /* Don't know the acc_bits yet */
1812                                             "_samr_LookupNames");
1813         if (!NT_STATUS_IS_OK(status)) {
1814                 return status;
1815         }
1816
1817         if (num_rids > MAX_SAM_ENTRIES) {
1818                 num_rids = MAX_SAM_ENTRIES;
1819                 DEBUG(5,("_samr_LookupNames: truncating entries to %d\n", num_rids));
1820         }
1821
1822         rid = talloc_array(p->mem_ctx, uint32, num_rids);
1823         NT_STATUS_HAVE_NO_MEMORY(rid);
1824
1825         type = talloc_array(p->mem_ctx, enum lsa_SidType, num_rids);
1826         NT_STATUS_HAVE_NO_MEMORY(type);
1827
1828         DEBUG(5,("_samr_LookupNames: looking name on SID %s\n",
1829                  sid_string_dbg(&pol_sid)));
1830
1831         for (i = 0; i < num_rids; i++) {
1832
1833                 status = NT_STATUS_NONE_MAPPED;
1834                 type[i] = SID_NAME_UNKNOWN;
1835
1836                 rid[i] = 0xffffffff;
1837
1838                 if (sid_check_is_builtin(&pol_sid)) {
1839                         if (lookup_builtin_name(r->in.names[i].string,
1840                                                 &rid[i]))
1841                         {
1842                                 type[i] = SID_NAME_ALIAS;
1843                         }
1844                 } else {
1845                         lookup_global_sam_name(r->in.names[i].string, 0,
1846                                                &rid[i], &type[i]);
1847                 }
1848
1849                 if (type[i] != SID_NAME_UNKNOWN) {
1850                         num_mapped++;
1851                 }
1852         }
1853
1854         if (num_mapped == num_rids) {
1855                 status = NT_STATUS_OK;
1856         } else if (num_mapped == 0) {
1857                 status = NT_STATUS_NONE_MAPPED;
1858         } else {
1859                 status = STATUS_SOME_UNMAPPED;
1860         }
1861
1862         rids.count = num_rids;
1863         rids.ids = rid;
1864
1865         types.count = num_rids;
1866         types.ids = type;
1867
1868         *r->out.rids = rids;
1869         *r->out.types = types;
1870
1871         DEBUG(5,("_samr_LookupNames: %d\n", __LINE__));
1872
1873         return status;
1874 }
1875
1876 /*******************************************************************
1877  _samr_ChangePasswordUser2
1878  ********************************************************************/
1879
1880 NTSTATUS _samr_ChangePasswordUser2(pipes_struct *p,
1881                                    struct samr_ChangePasswordUser2 *r)
1882 {
1883         NTSTATUS status;
1884         fstring user_name;
1885         fstring wks;
1886
1887         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1888
1889         fstrcpy(user_name, r->in.account->string);
1890         fstrcpy(wks, r->in.server->string);
1891
1892         DEBUG(5,("_samr_ChangePasswordUser2: user: %s wks: %s\n", user_name, wks));
1893
1894         /*
1895          * Pass the user through the NT -> unix user mapping
1896          * function.
1897          */
1898
1899         (void)map_username(user_name);
1900
1901         /*
1902          * UNIX username case mangling not required, pass_oem_change
1903          * is case insensitive.
1904          */
1905
1906         status = pass_oem_change(user_name,
1907                                  r->in.lm_password->data,
1908                                  r->in.lm_verifier->hash,
1909                                  r->in.nt_password->data,
1910                                  r->in.nt_verifier->hash,
1911                                  NULL);
1912
1913         DEBUG(5,("_samr_ChangePasswordUser2: %d\n", __LINE__));
1914
1915         return status;
1916 }
1917
1918 /*******************************************************************
1919  _samr_ChangePasswordUser3
1920  ********************************************************************/
1921
1922 NTSTATUS _samr_ChangePasswordUser3(pipes_struct *p,
1923                                    struct samr_ChangePasswordUser3 *r)
1924 {
1925         NTSTATUS status;
1926         fstring user_name;
1927         const char *wks = NULL;
1928         uint32 reject_reason;
1929         struct samr_DomInfo1 *dominfo = NULL;
1930         struct samr_ChangeReject *reject = NULL;
1931
1932         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
1933
1934         fstrcpy(user_name, r->in.account->string);
1935         if (r->in.server && r->in.server->string) {
1936                 wks = r->in.server->string;
1937         }
1938
1939         DEBUG(5,("_samr_ChangePasswordUser3: user: %s wks: %s\n", user_name, wks));
1940
1941         /*
1942          * Pass the user through the NT -> unix user mapping
1943          * function.
1944          */
1945
1946         (void)map_username(user_name);
1947
1948         /*
1949          * UNIX username case mangling not required, pass_oem_change
1950          * is case insensitive.
1951          */
1952
1953         status = pass_oem_change(user_name,
1954                                  r->in.lm_password->data,
1955                                  r->in.lm_verifier->hash,
1956                                  r->in.nt_password->data,
1957                                  r->in.nt_verifier->hash,
1958                                  &reject_reason);
1959
1960         if (NT_STATUS_EQUAL(status, NT_STATUS_PASSWORD_RESTRICTION) ||
1961             NT_STATUS_EQUAL(status, NT_STATUS_ACCOUNT_RESTRICTION)) {
1962
1963                 uint32 min_pass_len,pass_hist,password_properties;
1964                 time_t u_expire, u_min_age;
1965                 NTTIME nt_expire, nt_min_age;
1966                 uint32 account_policy_temp;
1967
1968                 dominfo = TALLOC_ZERO_P(p->mem_ctx, struct samr_DomInfo1);
1969                 if (!dominfo) {
1970                         return NT_STATUS_NO_MEMORY;
1971                 }
1972
1973                 reject = TALLOC_ZERO_P(p->mem_ctx, struct samr_ChangeReject);
1974                 if (!reject) {
1975                         return NT_STATUS_NO_MEMORY;
1976                 }
1977
1978                 become_root();
1979
1980                 /* AS ROOT !!! */
1981
1982                 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
1983                 min_pass_len = account_policy_temp;
1984
1985                 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
1986                 pass_hist = account_policy_temp;
1987
1988                 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
1989                 password_properties = account_policy_temp;
1990
1991                 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
1992                 u_expire = account_policy_temp;
1993
1994                 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
1995                 u_min_age = account_policy_temp;
1996
1997                 /* !AS ROOT */
1998
1999                 unbecome_root();
2000
2001                 unix_to_nt_time_abs(&nt_expire, u_expire);
2002                 unix_to_nt_time_abs(&nt_min_age, u_min_age);
2003
2004                 if (lp_check_password_script() && *lp_check_password_script()) {
2005                         password_properties |= DOMAIN_PASSWORD_COMPLEX;
2006                 }
2007
2008                 init_samr_DomInfo1(dominfo,
2009                                    min_pass_len,
2010                                    pass_hist,
2011                                    password_properties,
2012                                    u_expire,
2013                                    u_min_age);
2014
2015                 reject->reason = reject_reason;
2016
2017                 *r->out.dominfo = dominfo;
2018                 *r->out.reject = reject;
2019         }
2020
2021         DEBUG(5,("_samr_ChangePasswordUser3: %d\n", __LINE__));
2022
2023         return status;
2024 }
2025
2026 /*******************************************************************
2027 makes a SAMR_R_LOOKUP_RIDS structure.
2028 ********************************************************************/
2029
2030 static bool make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names,
2031                                   const char **names,
2032                                   struct lsa_String **lsa_name_array_p)
2033 {
2034         struct lsa_String *lsa_name_array = NULL;
2035         uint32_t i;
2036
2037         *lsa_name_array_p = NULL;
2038
2039         if (num_names != 0) {
2040                 lsa_name_array = TALLOC_ZERO_ARRAY(ctx, struct lsa_String, num_names);
2041                 if (!lsa_name_array) {
2042                         return false;
2043                 }
2044         }
2045
2046         for (i = 0; i < num_names; i++) {
2047                 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : ""));
2048                 init_lsa_String(&lsa_name_array[i], names[i]);
2049         }
2050
2051         *lsa_name_array_p = lsa_name_array;
2052
2053         return true;
2054 }
2055
2056 /*******************************************************************
2057  _samr_LookupRids
2058  ********************************************************************/
2059
2060 NTSTATUS _samr_LookupRids(pipes_struct *p,
2061                           struct samr_LookupRids *r)
2062 {
2063         NTSTATUS status;
2064         const char **names;
2065         enum lsa_SidType *attrs = NULL;
2066         uint32 *wire_attrs = NULL;
2067         DOM_SID pol_sid;
2068         int num_rids = (int)r->in.num_rids;
2069         uint32 acc_granted;
2070         int i;
2071         struct lsa_Strings names_array;
2072         struct samr_Ids types_array;
2073         struct lsa_String *lsa_names = NULL;
2074
2075         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
2076
2077         /* find the policy handle.  open a policy on it. */
2078         if (!get_lsa_policy_samr_sid(p, r->in.domain_handle, &pol_sid, &acc_granted, NULL))
2079                 return NT_STATUS_INVALID_HANDLE;
2080
2081         status = access_check_samr_function(acc_granted,
2082                                             SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
2083                                             "_samr_LookupRids");
2084         if (!NT_STATUS_IS_OK(status)) {
2085                 return status;
2086         }
2087
2088         if (num_rids > 1000) {
2089                 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according "
2090                           "to samba4 idl this is not possible\n", num_rids));
2091                 return NT_STATUS_UNSUCCESSFUL;
2092         }
2093
2094         if (num_rids) {
2095                 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids);
2096                 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids);
2097                 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids);
2098
2099                 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))
2100                         return NT_STATUS_NO_MEMORY;
2101         } else {
2102                 names = NULL;
2103                 attrs = NULL;
2104                 wire_attrs = NULL;
2105         }
2106
2107         become_root();  /* lookup_sid can require root privs */
2108         status = pdb_lookup_rids(&pol_sid, num_rids, r->in.rids,
2109                                  names, attrs);
2110         unbecome_root();
2111
2112         if (NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED) && (num_rids == 0)) {
2113                 status = NT_STATUS_OK;
2114         }
2115
2116         if (!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
2117                                    &lsa_names)) {
2118                 return NT_STATUS_NO_MEMORY;
2119         }
2120
2121         /* Convert from enum lsa_SidType to uint32 for wire format. */
2122         for (i = 0; i < num_rids; i++) {
2123                 wire_attrs[i] = (uint32)attrs[i];
2124         }
2125
2126         names_array.count = num_rids;
2127         names_array.names = lsa_names;
2128
2129         types_array.count = num_rids;
2130         types_array.ids = wire_attrs;
2131
2132         *r->out.names = names_array;
2133         *r->out.types = types_array;
2134
2135         DEBUG(5,("_samr_LookupRids: %d\n", __LINE__));
2136
2137         return status;
2138 }
2139
2140 /*******************************************************************
2141  _samr_OpenUser
2142 ********************************************************************/
2143
2144 NTSTATUS _samr_OpenUser(pipes_struct *p,
2145                         struct samr_OpenUser *r)
2146 {
2147         struct samu *sampass=NULL;
2148         DOM_SID sid;
2149         POLICY_HND domain_pol = *r->in.domain_handle;
2150         POLICY_HND *user_pol = r->out.user_handle;
2151         struct samr_info *info = NULL;
2152         SEC_DESC *psd = NULL;
2153         uint32    acc_granted;
2154         uint32    des_access = r->in.access_mask;
2155         size_t    sd_size;
2156         bool ret;
2157         NTSTATUS nt_status;
2158         SE_PRIV se_rights;
2159
2160         /* find the domain policy handle and get domain SID / access bits in the domain policy. */
2161
2162         if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
2163                 return NT_STATUS_INVALID_HANDLE;
2164
2165         nt_status = access_check_samr_function(acc_granted,
2166                                                SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2167                                                "_samr_OpenUser" );
2168
2169         if ( !NT_STATUS_IS_OK(nt_status) )
2170                 return nt_status;
2171
2172         if ( !(sampass = samu_new( p->mem_ctx )) ) {
2173                 return NT_STATUS_NO_MEMORY;
2174         }
2175
2176         /* append the user's RID to it */
2177
2178         if (!sid_append_rid(&sid, r->in.rid))
2179                 return NT_STATUS_NO_SUCH_USER;
2180
2181         /* check if access can be granted as requested by client. */
2182
2183         map_max_allowed_access(p->server_info->ptok, &des_access);
2184
2185         make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
2186         se_map_generic(&des_access, &usr_generic_mapping);
2187
2188         se_priv_copy( &se_rights, &se_machine_account );
2189         se_priv_add( &se_rights, &se_add_users );
2190
2191         nt_status = access_check_samr_object(psd, p->server_info->ptok,
2192                 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
2193                 &acc_granted, "_samr_OpenUser");
2194
2195         if ( !NT_STATUS_IS_OK(nt_status) )
2196                 return nt_status;
2197
2198         become_root();
2199         ret=pdb_getsampwsid(sampass, &sid);
2200         unbecome_root();
2201
2202         /* check that the SID exists in our domain. */
2203         if (ret == False) {
2204                 return NT_STATUS_NO_SUCH_USER;
2205         }
2206
2207         TALLOC_FREE(sampass);
2208
2209         /* associate the user's SID and access bits with the new handle. */
2210         if ((info = get_samr_info_by_sid(&sid)) == NULL)
2211                 return NT_STATUS_NO_MEMORY;
2212         info->acc_granted = acc_granted;
2213
2214         /* get a (unique) handle.  open a policy on it. */
2215         if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
2216                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
2217
2218         return NT_STATUS_OK;
2219 }
2220
2221 /*************************************************************************
2222  *************************************************************************/
2223
2224 static NTSTATUS init_samr_parameters_string(TALLOC_CTX *mem_ctx,
2225                                             DATA_BLOB *blob,
2226                                             struct lsa_BinaryString **_r)
2227 {
2228         struct lsa_BinaryString *r;
2229
2230         if (!blob || !_r) {
2231                 return NT_STATUS_INVALID_PARAMETER;
2232         }
2233
2234         r = TALLOC_ZERO_P(mem_ctx, struct lsa_BinaryString);
2235         if (!r) {
2236                 return NT_STATUS_NO_MEMORY;
2237         }
2238
2239         r->array = TALLOC_ZERO_ARRAY(mem_ctx, uint16_t, blob->length/2);
2240         if (!r->array) {
2241                 return NT_STATUS_NO_MEMORY;
2242         }
2243         memcpy(r->array, blob->data, blob->length);
2244         r->size = blob->length;
2245         r->length = blob->length;
2246
2247         if (!r->array) {
2248                 return NT_STATUS_NO_MEMORY;
2249         }
2250
2251         *_r = r;
2252
2253         return NT_STATUS_OK;
2254 }
2255
2256 static NTSTATUS get_user_info_5(TALLOC_CTX *mem_ctx,
2257                                 struct samr_UserInfo5 *r,
2258                                 struct samu *pw,
2259                                 DOM_SID *domain_sid)
2260 {
2261         const DOM_SID *sid_user, *sid_group;
2262         uint32_t rid, primary_gid;
2263         NTTIME last_logon, last_logoff, last_password_change,
2264                acct_expiry;
2265         const char *account_name, *full_name, *home_directory, *home_drive,
2266                    *logon_script, *profile_path, *description,
2267                    *workstations, *comment;
2268         struct samr_LogonHours logon_hours;
2269
2270         ZERO_STRUCTP(r);
2271
2272         sid_user = pdb_get_user_sid(pw);
2273
2274         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2275                 DEBUG(0, ("get_user_info_5: User %s has SID %s, \nwhich conflicts with "
2276                           "the domain sid %s.  Failing operation.\n",
2277                           pdb_get_username(pw), sid_string_dbg(sid_user),
2278                           sid_string_dbg(domain_sid)));
2279                 return NT_STATUS_UNSUCCESSFUL;
2280         }
2281
2282         become_root();
2283         sid_group = pdb_get_group_sid(pw);
2284         unbecome_root();
2285
2286         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2287                 DEBUG(0, ("get_user_info_5: User %s has Primary Group SID %s, \n"
2288                           "which conflicts with the domain sid %s.  Failing operation.\n",
2289                           pdb_get_username(pw), sid_string_dbg(sid_group),
2290                           sid_string_dbg(domain_sid)));
2291                 return NT_STATUS_UNSUCCESSFUL;
2292         }
2293
2294         unix_to_nt_time(&last_logon, pdb_get_logon_time(pw));
2295         unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw));
2296         unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw));
2297         unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw));
2298
2299         account_name = talloc_strdup(mem_ctx, pdb_get_username(pw));
2300         full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2301         home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2302         home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2303         logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2304         profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2305         description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2306         workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2307         comment = talloc_strdup(mem_ctx, pdb_get_comment(pw));
2308
2309         logon_hours = get_logon_hours_from_pdb(mem_ctx, pw);
2310
2311         init_samr_user_info5(r,
2312                              account_name,
2313                              full_name,
2314                              rid,
2315                              primary_gid,
2316                              home_directory,
2317                              home_drive,
2318                              logon_script,
2319                              profile_path,
2320                              description,
2321                              workstations,
2322                              last_logon,
2323                              last_logoff,
2324                              logon_hours,
2325                              pdb_get_bad_password_count(pw),
2326                              pdb_get_logon_count(pw),
2327                              last_password_change,
2328                              acct_expiry,
2329                              pdb_get_acct_ctrl(pw));
2330
2331         return NT_STATUS_OK;
2332 }
2333
2334 /*************************************************************************
2335  get_user_info_7. Safe. Only gives out account_name.
2336  *************************************************************************/
2337
2338 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx,
2339                                 struct samr_UserInfo7 *r,
2340                                 struct samu *smbpass)
2341 {
2342         const char *account_name = NULL;
2343
2344         ZERO_STRUCTP(r);
2345
2346         account_name = talloc_strdup(mem_ctx, pdb_get_username(smbpass));
2347         if (!account_name) {
2348                 return NT_STATUS_NO_MEMORY;
2349         }
2350
2351         init_samr_user_info7(r, account_name);
2352
2353         return NT_STATUS_OK;
2354 }
2355
2356 /*************************************************************************
2357  get_user_info_9. Only gives out primary group SID.
2358  *************************************************************************/
2359
2360 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx,
2361                                 struct samr_UserInfo9 *r,
2362                                 struct samu *smbpass)
2363 {
2364         ZERO_STRUCTP(r);
2365
2366         init_samr_user_info9(r, pdb_get_group_rid(smbpass));
2367
2368         return NT_STATUS_OK;
2369 }
2370
2371 /*************************************************************************
2372  get_user_info_16. Safe. Only gives out acb bits.
2373  *************************************************************************/
2374
2375 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx,
2376                                  struct samr_UserInfo16 *r,
2377                                  struct samu *smbpass)
2378 {
2379         ZERO_STRUCTP(r);
2380
2381         init_samr_user_info16(r, pdb_get_acct_ctrl(smbpass));
2382
2383         return NT_STATUS_OK;
2384 }
2385
2386 /*************************************************************************
2387  get_user_info_18. OK - this is the killer as it gives out password info.
2388  Ensure that this is only allowed on an encrypted connection with a root
2389  user. JRA.
2390  *************************************************************************/
2391
2392 static NTSTATUS get_user_info_18(pipes_struct *p,
2393                                  TALLOC_CTX *mem_ctx,
2394                                  struct samr_UserInfo18 *r,
2395                                  DOM_SID *user_sid)
2396 {
2397         struct samu *smbpass=NULL;
2398         bool ret;
2399
2400         ZERO_STRUCTP(r);
2401
2402         if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
2403                 return NT_STATUS_ACCESS_DENIED;
2404         }
2405
2406         if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
2407                 return NT_STATUS_ACCESS_DENIED;
2408         }
2409
2410         /*
2411          * Do *NOT* do become_root()/unbecome_root() here ! JRA.
2412          */
2413
2414         if ( !(smbpass = samu_new( mem_ctx )) ) {
2415                 return NT_STATUS_NO_MEMORY;
2416         }
2417
2418         ret = pdb_getsampwsid(smbpass, user_sid);
2419
2420         if (ret == False) {
2421                 DEBUG(4, ("User %s not found\n", sid_string_dbg(user_sid)));
2422                 TALLOC_FREE(smbpass);
2423                 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
2424         }
2425
2426         DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
2427
2428         if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
2429                 TALLOC_FREE(smbpass);
2430                 return NT_STATUS_ACCOUNT_DISABLED;
2431         }
2432
2433         init_samr_user_info18(r, pdb_get_lanman_passwd(smbpass),
2434                               pdb_get_nt_passwd(smbpass));
2435
2436         TALLOC_FREE(smbpass);
2437
2438         return NT_STATUS_OK;
2439 }
2440
2441 /*************************************************************************
2442  get_user_info_20
2443  *************************************************************************/
2444
2445 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx,
2446                                  struct samr_UserInfo20 *r,
2447                                  struct samu *sampass)
2448 {
2449         const char *munged_dial = NULL;
2450         DATA_BLOB blob;
2451         NTSTATUS status;
2452         struct lsa_BinaryString *parameters = NULL;
2453
2454         ZERO_STRUCTP(r);
2455
2456         munged_dial = pdb_get_munged_dial(sampass);
2457
2458         DEBUG(3,("User:[%s] has [%s] (length: %d)\n", pdb_get_username(sampass),
2459                 munged_dial, (int)strlen(munged_dial)));
2460
2461         if (munged_dial) {
2462                 blob = base64_decode_data_blob(munged_dial);
2463         } else {
2464                 blob = data_blob_string_const_null("");
2465         }
2466
2467         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2468         data_blob_free(&blob);
2469         if (!NT_STATUS_IS_OK(status)) {
2470                 return status;
2471         }
2472
2473         init_samr_user_info20(r, parameters);
2474
2475         return NT_STATUS_OK;
2476 }
2477
2478
2479 /*************************************************************************
2480  get_user_info_21
2481  *************************************************************************/
2482
2483 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx,
2484                                  struct samr_UserInfo21 *r,
2485                                  struct samu *pw,
2486                                  DOM_SID *domain_sid)
2487 {
2488         NTSTATUS status;
2489         const DOM_SID *sid_user, *sid_group;
2490         uint32_t rid, primary_gid;
2491         NTTIME last_logon, last_logoff, last_password_change,
2492                acct_expiry, allow_password_change, force_password_change;
2493         time_t must_change_time;
2494         uint8_t password_expired;
2495         const char *account_name, *full_name, *home_directory, *home_drive,
2496                    *logon_script, *profile_path, *description,
2497                    *workstations, *comment;
2498         struct samr_LogonHours logon_hours;
2499         struct lsa_BinaryString *parameters = NULL;
2500         const char *munged_dial = NULL;
2501         DATA_BLOB blob;
2502
2503         ZERO_STRUCTP(r);
2504
2505         sid_user = pdb_get_user_sid(pw);
2506
2507         if (!sid_peek_check_rid(domain_sid, sid_user, &rid)) {
2508                 DEBUG(0, ("get_user_info_21: User %s has SID %s, \nwhich conflicts with "
2509                           "the domain sid %s.  Failing operation.\n",
2510                           pdb_get_username(pw), sid_string_dbg(sid_user),
2511                           sid_string_dbg(domain_sid)));
2512                 return NT_STATUS_UNSUCCESSFUL;
2513         }
2514
2515         become_root();
2516         sid_group = pdb_get_group_sid(pw);
2517         unbecome_root();
2518
2519         if (!sid_peek_check_rid(domain_sid, sid_group, &primary_gid)) {
2520                 DEBUG(0, ("get_user_info_21: User %s has Primary Group SID %s, \n"
2521                           "which conflicts with the domain sid %s.  Failing operation.\n",
2522                           pdb_get_username(pw), sid_string_dbg(sid_group),
2523                           sid_string_dbg(domain_sid)));
2524                 return NT_STATUS_UNSUCCESSFUL;
2525         }
2526
2527         unix_to_nt_time(&last_logon, pdb_get_logon_time(pw));
2528         unix_to_nt_time(&last_logoff, pdb_get_logoff_time(pw));
2529         unix_to_nt_time(&acct_expiry, pdb_get_kickoff_time(pw));
2530         unix_to_nt_time(&last_password_change, pdb_get_pass_last_set_time(pw));
2531         unix_to_nt_time(&allow_password_change, pdb_get_pass_can_change_time(pw));
2532
2533         must_change_time = pdb_get_pass_must_change_time(pw);
2534         if (must_change_time == get_time_t_max()) {
2535                 unix_to_nt_time_abs(&force_password_change, must_change_time);
2536         } else {
2537                 unix_to_nt_time(&force_password_change, must_change_time);
2538         }
2539
2540         if (pdb_get_pass_must_change_time(pw) == 0) {
2541                 password_expired = PASS_MUST_CHANGE_AT_NEXT_LOGON;
2542         } else {
2543                 password_expired = 0;
2544         }
2545
2546         munged_dial = pdb_get_munged_dial(pw);
2547         if (munged_dial) {
2548                 blob = base64_decode_data_blob(munged_dial);
2549         } else {
2550                 blob = data_blob_string_const_null("");
2551         }
2552
2553         status = init_samr_parameters_string(mem_ctx, &blob, &parameters);
2554         data_blob_free(&blob);
2555         if (!NT_STATUS_IS_OK(status)) {
2556                 return status;
2557         }
2558
2559         account_name = talloc_strdup(mem_ctx, pdb_get_username(pw));
2560         full_name = talloc_strdup(mem_ctx, pdb_get_fullname(pw));
2561         home_directory = talloc_strdup(mem_ctx, pdb_get_homedir(pw));
2562         home_drive = talloc_strdup(mem_ctx, pdb_get_dir_drive(pw));
2563         logon_script = talloc_strdup(mem_ctx, pdb_get_logon_script(pw));
2564         profile_path = talloc_strdup(mem_ctx, pdb_get_profile_path(pw));
2565         description = talloc_strdup(mem_ctx, pdb_get_acct_desc(pw));
2566         workstations = talloc_strdup(mem_ctx, pdb_get_workstations(pw));
2567         comment = talloc_strdup(mem_ctx, pdb_get_comment(pw));
2568
2569         logon_hours = get_logon_hours_from_pdb(mem_ctx, pw);
2570 #if 0
2571
2572         /*
2573           Look at a user on a real NT4 PDC with usrmgr, press
2574           'ok'. Then you will see that fields_present is set to
2575           0x08f827fa. Look at the user immediately after that again,
2576           and you will see that 0x00fffff is returned. This solves
2577           the problem that you get access denied after having looked
2578           at the user.
2579           -- Volker
2580         */
2581
2582 #endif
2583
2584         init_samr_user_info21(r,
2585                               last_logon,
2586                               last_logoff,
2587                               last_password_change,
2588                               acct_expiry,
2589                               allow_password_change,
2590                               force_password_change,
2591                               account_name,
2592                               full_name,
2593                               home_directory,
2594                               home_drive,
2595                               logon_script,
2596                               profile_path,
2597                               description,
2598                               workstations,
2599                               comment,
2600                               parameters,
2601                               rid,
2602                               primary_gid,
2603                               pdb_get_acct_ctrl(pw),
2604                               pdb_build_fields_present(pw),
2605                               logon_hours,
2606                               pdb_get_bad_password_count(pw),
2607                               pdb_get_logon_count(pw),
2608                               0, /* country_code */
2609                               0, /* code_page */
2610                               0, /* nt_password_set */
2611                               0, /* lm_password_set */
2612                               password_expired);
2613
2614         return NT_STATUS_OK;
2615 }
2616
2617 /*******************************************************************
2618  _samr_QueryUserInfo
2619  ********************************************************************/
2620
2621 NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
2622                              struct samr_QueryUserInfo *r)
2623 {
2624         NTSTATUS status;
2625         union samr_UserInfo *user_info = NULL;
2626         struct samr_info *info = NULL;
2627         DOM_SID domain_sid;
2628         uint32 rid;
2629         bool ret = false;
2630         struct samu *pwd = NULL;
2631
2632         /* search for the handle */
2633         if (!find_policy_by_hnd(p, r->in.user_handle, (void **)(void *)&info))
2634                 return NT_STATUS_INVALID_HANDLE;
2635
2636         status = access_check_samr_function(info->acc_granted,
2637                                             SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2638                                             "_samr_QueryUserInfo");
2639         if (!NT_STATUS_IS_OK(status)) {
2640                 return status;
2641         }
2642
2643         domain_sid = info->sid;
2644
2645         sid_split_rid(&domain_sid, &rid);
2646
2647         if (!sid_check_is_in_our_domain(&info->sid))
2648                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2649
2650         DEBUG(5,("_samr_QueryUserInfo: sid:%s\n",
2651                  sid_string_dbg(&info->sid)));
2652
2653         user_info = TALLOC_ZERO_P(p->mem_ctx, union samr_UserInfo);
2654         if (!user_info) {
2655                 return NT_STATUS_NO_MEMORY;
2656         }
2657
2658         DEBUG(5,("_samr_QueryUserInfo: user info level: %d\n", r->in.level));
2659
2660         if (!(pwd = samu_new(p->mem_ctx))) {
2661                 return NT_STATUS_NO_MEMORY;
2662         }
2663
2664         become_root();
2665         ret = pdb_getsampwsid(pwd, &info->sid);
2666         unbecome_root();
2667
2668         if (ret == false) {
2669                 DEBUG(4,("User %s not found\n", sid_string_dbg(&info->sid)));
2670                 TALLOC_FREE(pwd);
2671                 return NT_STATUS_NO_SUCH_USER;
2672         }
2673
2674         DEBUG(3,("User:[%s]\n", pdb_get_username(pwd)));
2675
2676         samr_clear_sam_passwd(pwd);
2677
2678         switch (r->in.level) {
2679         case 5:
2680                 status = get_user_info_5(p->mem_ctx, &user_info->info5, pwd, &domain_sid);
2681                 break;
2682         case 7:
2683                 status = get_user_info_7(p->mem_ctx, &user_info->info7, pwd);
2684                 break;
2685         case 9:
2686                 status = get_user_info_9(p->mem_ctx, &user_info->info9, pwd);
2687                 break;
2688         case 16:
2689                 status = get_user_info_16(p->mem_ctx, &user_info->info16, pwd);
2690                 break;
2691         case 18:
2692                 /* level 18 is special */
2693                 status = get_user_info_18(p, p->mem_ctx, &user_info->info18, &info->sid);
2694                 break;
2695         case 20:
2696                 status = get_user_info_20(p->mem_ctx, &user_info->info20, pwd);
2697                 break;
2698         case 21:
2699                 status = get_user_info_21(p->mem_ctx, &user_info->info21, pwd, &domain_sid);
2700                 break;
2701         default:
2702                 status = NT_STATUS_INVALID_INFO_CLASS;
2703                 break;
2704         }
2705
2706         TALLOC_FREE(pwd);
2707
2708         *r->out.info = user_info;
2709
2710         DEBUG(5,("_samr_QueryUserInfo: %d\n", __LINE__));
2711
2712         return status;
2713 }
2714
2715 /****************************************************************
2716 ****************************************************************/
2717
2718 NTSTATUS _samr_QueryUserInfo2(pipes_struct *p,
2719                               struct samr_QueryUserInfo2 *r)
2720 {
2721         struct samr_QueryUserInfo u;
2722
2723         u.in.user_handle        = r->in.user_handle;
2724         u.in.level              = r->in.level;
2725         u.out.info              = r->out.info;
2726
2727         return _samr_QueryUserInfo(p, &u);
2728 }
2729
2730 /*******************************************************************
2731  _samr_GetGroupsForUser
2732  ********************************************************************/
2733
2734 NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
2735                                 struct samr_GetGroupsForUser *r)
2736 {
2737         struct samu *sam_pass=NULL;
2738         DOM_SID  sid;
2739         DOM_SID *sids;
2740         struct samr_RidWithAttribute dom_gid;
2741         struct samr_RidWithAttribute *gids = NULL;
2742         uint32 primary_group_rid;
2743         size_t num_groups = 0;
2744         gid_t *unix_gids;
2745         size_t i, num_gids;
2746         uint32 acc_granted;
2747         bool ret;
2748         NTSTATUS result;
2749         bool success = False;
2750
2751         struct samr_RidWithAttributeArray *rids = NULL;
2752
2753         /*
2754          * from the SID in the request:
2755          * we should send back the list of DOMAIN GROUPS
2756          * the user is a member of
2757          *
2758          * and only the DOMAIN GROUPS
2759          * no ALIASES !!! neither aliases of the domain
2760          * nor aliases of the builtin SID
2761          *
2762          * JFM, 12/2/2001
2763          */
2764
2765         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2766
2767         rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidWithAttributeArray);
2768         if (!rids) {
2769                 return NT_STATUS_NO_MEMORY;
2770         }
2771
2772         /* find the policy handle.  open a policy on it. */
2773         if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &sid, &acc_granted, NULL))
2774                 return NT_STATUS_INVALID_HANDLE;
2775
2776         result = access_check_samr_function(acc_granted,
2777                                             SAMR_USER_ACCESS_GET_GROUPS,
2778                                             "_samr_GetGroupsForUser");
2779         if (!NT_STATUS_IS_OK(result)) {
2780                 return result;
2781         }
2782
2783         if (!sid_check_is_in_our_domain(&sid))
2784                 return NT_STATUS_OBJECT_TYPE_MISMATCH;
2785
2786         if ( !(sam_pass = samu_new( p->mem_ctx )) ) {
2787                 return NT_STATUS_NO_MEMORY;
2788         }
2789
2790         become_root();
2791         ret = pdb_getsampwsid(sam_pass, &sid);
2792         unbecome_root();
2793
2794         if (!ret) {
2795                 DEBUG(10, ("pdb_getsampwsid failed for %s\n",
2796                            sid_string_dbg(&sid)));
2797                 return NT_STATUS_NO_SUCH_USER;
2798         }
2799
2800         sids = NULL;
2801
2802         /* make both calls inside the root block */
2803         become_root();
2804         result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
2805                                             &sids, &unix_gids, &num_groups);
2806         if ( NT_STATUS_IS_OK(result) ) {
2807                 success = sid_peek_check_rid(get_global_sam_sid(),
2808                                              pdb_get_group_sid(sam_pass),
2809                                              &primary_group_rid);
2810         }
2811         unbecome_root();
2812
2813         if (!NT_STATUS_IS_OK(result)) {
2814                 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
2815                            sid_string_dbg(&sid)));
2816                 return result;
2817         }
2818
2819         if ( !success ) {
2820                 DEBUG(5, ("Group sid %s for user %s not in our domain\n",
2821                           sid_string_dbg(pdb_get_group_sid(sam_pass)),
2822                           pdb_get_username(sam_pass)));
2823                 TALLOC_FREE(sam_pass);
2824                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
2825         }
2826
2827         gids = NULL;
2828         num_gids = 0;
2829
2830         dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
2831                               SE_GROUP_ENABLED);
2832         dom_gid.rid = primary_group_rid;
2833         ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2834
2835         for (i=0; i<num_groups; i++) {
2836
2837                 if (!sid_peek_check_rid(get_global_sam_sid(),
2838                                         &(sids[i]), &dom_gid.rid)) {
2839                         DEBUG(10, ("Found sid %s not in our domain\n",
2840                                    sid_string_dbg(&sids[i])));
2841                         continue;
2842                 }
2843
2844                 if (dom_gid.rid == primary_group_rid) {
2845                         /* We added the primary group directly from the
2846                          * sam_account. The other SIDs are unique from
2847                          * enum_group_memberships */
2848                         continue;
2849                 }
2850
2851                 ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
2852         }
2853
2854         rids->count = num_gids;
2855         rids->rids = gids;
2856
2857         *r->out.rids = rids;
2858
2859         DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
2860
2861         return result;
2862 }
2863
2864 /*******************************************************************
2865  _samr_QueryDomainInfo
2866  ********************************************************************/
2867
2868 NTSTATUS _samr_QueryDomainInfo(pipes_struct *p,
2869                                struct samr_QueryDomainInfo *r)
2870 {
2871         NTSTATUS status = NT_STATUS_OK;
2872         struct samr_info *info = NULL;
2873         union samr_DomainInfo *dom_info;
2874         uint32 min_pass_len,pass_hist,password_properties;
2875         time_t u_expire, u_min_age;
2876         NTTIME nt_expire, nt_min_age;
2877
2878         time_t u_lock_duration, u_reset_time;
2879         NTTIME nt_lock_duration, nt_reset_time;
2880         uint32 lockout;
2881         time_t u_logout;
2882         NTTIME nt_logout;
2883
2884         uint32 account_policy_temp;
2885
2886         time_t seq_num;
2887         uint32 server_role;
2888
2889         uint32 num_users=0, num_groups=0, num_aliases=0;
2890
2891         DEBUG(5,("_samr_QueryDomainInfo: %d\n", __LINE__));
2892
2893         dom_info = TALLOC_ZERO_P(p->mem_ctx, union samr_DomainInfo);
2894         if (!dom_info) {
2895                 return NT_STATUS_NO_MEMORY;
2896         }
2897
2898         /* find the policy handle.  open a policy on it. */
2899         if (!find_policy_by_hnd(p, r->in.domain_handle, (void **)(void *)&info)) {
2900                 return NT_STATUS_INVALID_HANDLE;
2901         }
2902
2903         status = access_check_samr_function(info->acc_granted,
2904                                             SAMR_ACCESS_OPEN_DOMAIN,
2905                                             "_samr_QueryDomainInfo" );
2906
2907         if ( !NT_STATUS_IS_OK(status) )
2908                 return status;
2909
2910         switch (r->in.level) {
2911                 case 0x01:
2912
2913                         become_root();
2914
2915                         /* AS ROOT !!! */
2916
2917                         pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
2918                         min_pass_len = account_policy_temp;
2919
2920                         pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
2921                         pass_hist = account_policy_temp;
2922
2923                         pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
2924                         password_properties = account_policy_temp;
2925
2926                         pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
2927                         u_expire = account_policy_temp;
2928
2929                         pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
2930                         u_min_age = account_policy_temp;
2931
2932                         /* !AS ROOT */
2933
2934                         unbecome_root();
2935
2936                         unix_to_nt_time_abs(&nt_expire, u_expire);
2937                         unix_to_nt_time_abs(&nt_min_age, u_min_age);
2938
2939                         if (lp_check_password_script() && *lp_check_password_script()) {
2940                                 password_properties |= DOMAIN_PASSWORD_COMPLEX;
2941                         }
2942
2943                         init_samr_DomInfo1(&dom_info->info1,
2944                                            (uint16)min_pass_len,
2945                                            (uint16)pass_hist,
2946                                            password_properties,
2947                                            nt_expire,
2948                                            nt_min_age);
2949                         break;
2950                 case 0x02:
2951
2952                         become_root();
2953
2954                         /* AS ROOT !!! */
2955
2956                         num_users = count_sam_users(info->disp_info, ACB_NORMAL);
2957                         num_groups = count_sam_groups(info->disp_info);
2958                         num_aliases = count_sam_aliases(info->disp_info);
2959
2960                         pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);
2961                         u_logout = account_policy_temp;
2962
2963                         unix_to_nt_time_abs(&nt_logout, u_logout);
2964
2965                         if (!pdb_get_seq_num(&seq_num))
2966                                 seq_num = time(NULL);
2967
2968                         /* !AS ROOT */
2969
2970                         unbecome_root();
2971
2972                         server_role = ROLE_DOMAIN_PDC;
2973                         if (lp_server_role() == ROLE_DOMAIN_BDC)
2974                                 server_role = ROLE_DOMAIN_BDC;
2975
2976                         init_samr_DomGeneralInformation(&dom_info->general,
2977                                                         nt_logout,
2978                                                         lp_serverstring(),
2979                                                         lp_workgroup(),
2980                                                         global_myname(),
2981                                                         seq_num,
2982                                                         DOMAIN_SERVER_ENABLED,
2983                                                         server_role,
2984                                                         1,
2985                                                         num_users,
2986                                                         num_groups,
2987                                                         num_aliases);
2988                         break;
2989                 case 0x03:
2990
2991                         become_root();
2992
2993                         /* AS ROOT !!! */
2994
2995                         {
2996                                 uint32 ul;
2997                                 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul);
2998                                 u_logout = (time_t)ul;
2999                         }
3000
3001                         /* !AS ROOT */
3002
3003                         unbecome_root();
3004
3005                         unix_to_nt_time_abs(&nt_logout, u_logout);
3006
3007                         init_samr_DomInfo3(&dom_info->info3,
3008                                            nt_logout);
3009
3010                         break;
3011                 case 0x04:
3012                         init_samr_DomOEMInformation(&dom_info->oem,
3013                                                     lp_serverstring());
3014                         break;
3015                 case 0x05:
3016                         init_samr_DomInfo5(&dom_info->info5,
3017                                            get_global_sam_name());
3018                         break;
3019                 case 0x06:
3020                         /* NT returns its own name when a PDC. win2k and later
3021                          * only the name of the PDC if itself is a BDC (samba4
3022                          * idl) */
3023                         init_samr_DomInfo6(&dom_info->info6,
3024                                            global_myname());
3025                         break;
3026                 case 0x07:
3027                         server_role = ROLE_DOMAIN_PDC;
3028                         if (lp_server_role() == ROLE_DOMAIN_BDC)
3029                                 server_role = ROLE_DOMAIN_BDC;
3030
3031                         init_samr_DomInfo7(&dom_info->info7,
3032                                            server_role);
3033                         break;
3034                 case 0x08:
3035
3036                         become_root();
3037
3038                         /* AS ROOT !!! */
3039
3040                         if (!pdb_get_seq_num(&seq_num)) {
3041                                 seq_num = time(NULL);
3042                         }
3043
3044                         /* !AS ROOT */
3045
3046                         unbecome_root();
3047
3048                         init_samr_DomInfo8(&dom_info->info8,
3049                                            seq_num,
3050                                            0);
3051                         break;
3052                 case 0x0c:
3053
3054                         become_root();
3055
3056                         /* AS ROOT !!! */
3057
3058                         pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp);
3059                         u_lock_duration = account_policy_temp;
3060                         if (u_lock_duration != -1) {
3061                                 u_lock_duration *= 60;
3062                         }
3063
3064                         pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp);
3065                         u_reset_time = account_policy_temp * 60;
3066
3067                         pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_temp);
3068                         lockout = account_policy_temp;
3069
3070                         /* !AS ROOT */
3071
3072                         unbecome_root();
3073
3074                         unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration);
3075                         unix_to_nt_time_abs(&nt_reset_time, u_reset_time);
3076
3077                         init_samr_DomInfo12(&dom_info->info12,
3078                                             nt_lock_duration,
3079                                             nt_reset_time,
3080                                             (uint16)lockout);
3081                         break;
3082                 default:
3083                         return NT_STATUS_INVALID_INFO_CLASS;
3084         }
3085
3086         *r->out.info = dom_info;
3087
3088         DEBUG(5,("_samr_QueryDomainInfo: %d\n", __LINE__));
3089
3090         return status;
3091 }
3092
3093 /* W2k3 seems to use the same check for all 3 objects that can be created via
3094  * SAMR, if you try to create for example "Dialup" as an alias it says
3095  * "NT_STATUS_USER_EXISTS". This is racy, but we can't really lock the user
3096  * database. */
3097
3098 static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name)
3099 {
3100         enum lsa_SidType type;
3101         bool result;
3102
3103         DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
3104
3105         become_root();
3106         /* Lookup in our local databases (LOOKUP_NAME_REMOTE not set)
3107          * whether the name already exists */
3108         result = lookup_name(mem_ctx, new_name, LOOKUP_NAME_LOCAL,
3109                              NULL, NULL, NULL, &type);
3110         unbecome_root();
3111
3112         if (!result) {
3113                 DEBUG(10, ("%s does not exist, can create it\n", new_name));
3114                 return NT_STATUS_OK;
3115         }
3116
3117         DEBUG(5, ("trying to create %s, exists as %s\n",
3118                   new_name, sid_type_lookup(type)));
3119
3120         if (type == SID_NAME_DOM_GRP) {
3121                 return NT_STATUS_GROUP_EXISTS;
3122         }
3123         if (type == SID_NAME_ALIAS) {
3124                 return NT_STATUS_ALIAS_EXISTS;
3125         }
3126
3127         /* Yes, the default is NT_STATUS_USER_EXISTS */
3128         return NT_STATUS_USER_EXISTS;
3129 }
3130
3131 /*******************************************************************
3132  _samr_CreateUser2
3133  ********************************************************************/
3134
3135 NTSTATUS _samr_CreateUser2(pipes_struct *p,
3136                            struct samr_CreateUser2 *r)
3137 {
3138         const char *account = NULL;
3139         DOM_SID sid;
3140         POLICY_HND dom_pol = *r->in.domain_handle;
3141         uint32_t acb_info = r->in.acct_flags;
3142         POLICY_HND *user_pol = r->out.user_handle;
3143         struct samr_info *info = NULL;
3144         NTSTATUS nt_status;
3145         uint32 acc_granted;
3146         SEC_DESC *psd;
3147         size_t    sd_size;
3148         /* check this, when giving away 'add computer to domain' privs */
3149         uint32    des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
3150         bool can_add_account = False;
3151         SE_PRIV se_rights;
3152         DISP_INFO *disp_info = NULL;
3153
3154         /* Get the domain SID stored in the domain policy */
3155         if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted,
3156                                      &disp_info))
3157                 return NT_STATUS_INVALID_HANDLE;
3158
3159         if (disp_info->builtin_domain) {
3160                 DEBUG(5,("_samr_CreateUser2: Refusing user create in BUILTIN\n"));
3161                 return NT_STATUS_ACCESS_DENIED;
3162         }
3163
3164         nt_status = access_check_samr_function(acc_granted,
3165                                                SAMR_DOMAIN_ACCESS_CREATE_USER,
3166                                                "_samr_CreateUser2");
3167         if (!NT_STATUS_IS_OK(nt_status)) {
3168                 return nt_status;
3169         }
3170
3171         if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST ||
3172               acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) {
3173                 /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if
3174                    this parameter is not an account type */
3175                 return NT_STATUS_INVALID_PARAMETER;
3176         }
3177
3178         account = r->in.account_name->string;
3179         if (account == NULL) {
3180                 return NT_STATUS_NO_MEMORY;
3181         }
3182
3183         nt_status = can_create(p->mem_ctx, account);
3184         if (!NT_STATUS_IS_OK(nt_status)) {
3185                 return nt_status;
3186         }
3187