s3 net: i18n support for net rpc shell
[kai/samba.git] / source3 / utils / net_rpc_sh_acct.c
1 /*
2    Samba Unix/Linux SMB client library
3    Distributed SMB/CIFS Server Management Utility
4    Copyright (C) 2006 Volker Lendecke (vl@samba.org)
5
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 3 of the License, or
9    (at your option) any later version.
10
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15
16    You should have received a copy of the GNU General Public License
17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "includes.h"
20 #include "utils/net.h"
21
22 /*
23  * Do something with the account policies. Read them all, run a function on
24  * them and possibly write them back. "fn" has to return the container index
25  * it has modified, it can return 0 for no change.
26  */
27
28 static NTSTATUS rpc_sh_acct_do(struct net_context *c,
29                                TALLOC_CTX *mem_ctx,
30                                struct rpc_sh_ctx *ctx,
31                                struct rpc_pipe_client *pipe_hnd,
32                                int argc, const char **argv,
33                                int (*fn)(struct net_context *c,
34                                           TALLOC_CTX *mem_ctx,
35                                           struct rpc_sh_ctx *ctx,
36                                           struct samr_DomInfo1 *i1,
37                                           struct samr_DomInfo3 *i3,
38                                           struct samr_DomInfo12 *i12,
39                                           int argc, const char **argv))
40 {
41         struct policy_handle connect_pol, domain_pol;
42         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
43         union samr_DomainInfo *info1 = NULL;
44         union samr_DomainInfo *info3 = NULL;
45         union samr_DomainInfo *info12 = NULL;
46         int store;
47
48         ZERO_STRUCT(connect_pol);
49         ZERO_STRUCT(domain_pol);
50
51         /* Get sam policy handle */
52
53         result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
54                                       pipe_hnd->desthost,
55                                       MAXIMUM_ALLOWED_ACCESS,
56                                       &connect_pol);
57         if (!NT_STATUS_IS_OK(result)) {
58                 goto done;
59         }
60
61         /* Get domain policy handle */
62
63         result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
64                                         &connect_pol,
65                                         MAXIMUM_ALLOWED_ACCESS,
66                                         ctx->domain_sid,
67                                         &domain_pol);
68         if (!NT_STATUS_IS_OK(result)) {
69                 goto done;
70         }
71
72         result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
73                                              &domain_pol,
74                                              1,
75                                              &info1);
76
77         if (!NT_STATUS_IS_OK(result)) {
78                 d_fprintf(stderr, _("query_domain_info level 1 failed: %s\n"),
79                           nt_errstr(result));
80                 goto done;
81         }
82
83         result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
84                                              &domain_pol,
85                                              3,
86                                              &info3);
87
88         if (!NT_STATUS_IS_OK(result)) {
89                 d_fprintf(stderr, _("query_domain_info level 3 failed: %s\n"),
90                           nt_errstr(result));
91                 goto done;
92         }
93
94         result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
95                                              &domain_pol,
96                                              12,
97                                              &info12);
98
99         if (!NT_STATUS_IS_OK(result)) {
100                 d_fprintf(stderr, _("query_domain_info level 12 failed: %s\n"),
101                           nt_errstr(result));
102                 goto done;
103         }
104
105         store = fn(c, mem_ctx, ctx, &info1->info1, &info3->info3,
106                    &info12->info12, argc, argv);
107
108         if (store <= 0) {
109                 /* Don't save anything */
110                 goto done;
111         }
112
113         switch (store) {
114         case 1:
115                 result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
116                                                    &domain_pol,
117                                                    1,
118                                                    info1);
119                 break;
120         case 3:
121                 result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
122                                                    &domain_pol,
123                                                    3,
124                                                    info3);
125                 break;
126         case 12:
127                 result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
128                                                    &domain_pol,
129                                                    12,
130                                                    info12);
131                 break;
132         default:
133                 d_fprintf(stderr, _("Got unexpected info level %d\n"), store);
134                 result = NT_STATUS_INTERNAL_ERROR;
135                 goto done;
136         }
137
138  done:
139         if (is_valid_policy_hnd(&domain_pol)) {
140                 rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
141         }
142         if (is_valid_policy_hnd(&connect_pol)) {
143                 rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
144         }
145
146         return result;
147 }
148
149 static int account_show(struct net_context *c,
150                         TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
151                         struct samr_DomInfo1 *i1,
152                         struct samr_DomInfo3 *i3,
153                         struct samr_DomInfo12 *i12,
154                         int argc, const char **argv)
155 {
156         if (argc != 0) {
157                 d_fprintf(stderr, _("usage: %s\n"), ctx->whoami);
158                 return -1;
159         }
160
161         d_printf(_("Minimum password length: %d\n"), i1->min_password_length);
162         d_printf(_("Password history length: %d\n"),
163                  i1->password_history_length);
164
165         d_printf(_("Minimum password age: "));
166         if (!nt_time_is_zero((NTTIME *)&i1->min_password_age)) {
167                 time_t t = nt_time_to_unix_abs((NTTIME *)&i1->min_password_age);
168                 d_printf(_("%d seconds\n"), (int)t);
169         } else {
170                 d_printf(_("not set\n"));
171         }
172
173         d_printf(_("Maximum password age: "));
174         if (nt_time_is_set((NTTIME *)&i1->max_password_age)) {
175                 time_t t = nt_time_to_unix_abs((NTTIME *)&i1->max_password_age);
176                 d_printf(_("%d seconds\n"), (int)t);
177         } else {
178                 d_printf(_("not set\n"));
179         }
180
181         d_printf(_("Bad logon attempts: %d\n"), i12->lockout_threshold);
182
183         if (i12->lockout_threshold != 0) {
184
185                 d_printf(_("Account lockout duration: "));
186                 if (nt_time_is_set(&i12->lockout_duration)) {
187                         time_t t = nt_time_to_unix_abs(&i12->lockout_duration);
188                         d_printf(_("%d seconds\n"), (int)t);
189                 } else {
190                         d_printf(_("not set\n"));
191                 }
192
193                 d_printf(_("Bad password count reset after: "));
194                 if (nt_time_is_set(&i12->lockout_window)) {
195                         time_t t = nt_time_to_unix_abs(&i12->lockout_window);
196                         d_printf(_("%d seconds\n"), (int)t);
197                 } else {
198                         d_printf(_("not set\n"));
199                 }
200         }
201
202         d_printf(_("Disconnect users when logon hours expire: %s\n"),
203                  nt_time_is_zero(&i3->force_logoff_time) ? _("yes") : _("no"));
204
205         d_printf(_("User must logon to change password: %s\n"),
206                  (i1->password_properties & 0x2) ? _("yes") : _("no"));
207
208         return 0;               /* Don't save */
209 }
210
211 static NTSTATUS rpc_sh_acct_pol_show(struct net_context *c,
212                                      TALLOC_CTX *mem_ctx,
213                                      struct rpc_sh_ctx *ctx,
214                                      struct rpc_pipe_client *pipe_hnd,
215                                      int argc, const char **argv) {
216         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
217                               account_show);
218 }
219
220 static int account_set_badpw(struct net_context *c,
221                              TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
222                              struct samr_DomInfo1 *i1,
223                              struct samr_DomInfo3 *i3,
224                              struct samr_DomInfo12 *i12,
225                              int argc, const char **argv)
226 {
227         if (argc != 1) {
228                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
229                 return -1;
230         }
231
232         i12->lockout_threshold = atoi(argv[0]);
233         d_printf(_("Setting bad password count to %d\n"),
234                  i12->lockout_threshold);
235
236         return 12;
237 }
238
239 static NTSTATUS rpc_sh_acct_set_badpw(struct net_context *c,
240                                       TALLOC_CTX *mem_ctx,
241                                       struct rpc_sh_ctx *ctx,
242                                       struct rpc_pipe_client *pipe_hnd,
243                                       int argc, const char **argv)
244 {
245         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
246                               account_set_badpw);
247 }
248
249 static int account_set_lockduration(struct net_context *c,
250                                     TALLOC_CTX *mem_ctx,
251                                     struct rpc_sh_ctx *ctx,
252                                     struct samr_DomInfo1 *i1,
253                                     struct samr_DomInfo3 *i3,
254                                     struct samr_DomInfo12 *i12,
255                                     int argc, const char **argv)
256 {
257         if (argc != 1) {
258                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
259                 return -1;
260         }
261
262         unix_to_nt_time_abs(&i12->lockout_duration, atoi(argv[0]));
263         d_printf(_("Setting lockout duration to %d seconds\n"),
264                  (int)nt_time_to_unix_abs(&i12->lockout_duration));
265
266         return 12;
267 }
268
269 static NTSTATUS rpc_sh_acct_set_lockduration(struct net_context *c,
270                                              TALLOC_CTX *mem_ctx,
271                                              struct rpc_sh_ctx *ctx,
272                                              struct rpc_pipe_client *pipe_hnd,
273                                              int argc, const char **argv)
274 {
275         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
276                               account_set_lockduration);
277 }
278
279 static int account_set_resetduration(struct net_context *c,
280                                      TALLOC_CTX *mem_ctx,
281                                      struct rpc_sh_ctx *ctx,
282                                      struct samr_DomInfo1 *i1,
283                                      struct samr_DomInfo3 *i3,
284                                      struct samr_DomInfo12 *i12,
285                                      int argc, const char **argv)
286 {
287         if (argc != 1) {
288                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
289                 return -1;
290         }
291
292         unix_to_nt_time_abs(&i12->lockout_window, atoi(argv[0]));
293         d_printf(_("Setting bad password reset duration to %d seconds\n"),
294                  (int)nt_time_to_unix_abs(&i12->lockout_window));
295
296         return 12;
297 }
298
299 static NTSTATUS rpc_sh_acct_set_resetduration(struct net_context *c,
300                                               TALLOC_CTX *mem_ctx,
301                                               struct rpc_sh_ctx *ctx,
302                                               struct rpc_pipe_client *pipe_hnd,
303                                               int argc, const char **argv)
304 {
305         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
306                               account_set_resetduration);
307 }
308
309 static int account_set_minpwage(struct net_context *c,
310                                 TALLOC_CTX *mem_ctx,
311                                 struct rpc_sh_ctx *ctx,
312                                 struct samr_DomInfo1 *i1,
313                                 struct samr_DomInfo3 *i3,
314                                 struct samr_DomInfo12 *i12,
315                                 int argc, const char **argv)
316 {
317         if (argc != 1) {
318                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
319                 return -1;
320         }
321
322         unix_to_nt_time_abs((NTTIME *)&i1->min_password_age, atoi(argv[0]));
323         d_printf(_("Setting minimum password age to %d seconds\n"),
324                  (int)nt_time_to_unix_abs((NTTIME *)&i1->min_password_age));
325
326         return 1;
327 }
328
329 static NTSTATUS rpc_sh_acct_set_minpwage(struct net_context *c,
330                                          TALLOC_CTX *mem_ctx,
331                                          struct rpc_sh_ctx *ctx,
332                                          struct rpc_pipe_client *pipe_hnd,
333                                          int argc, const char **argv)
334 {
335         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
336                               account_set_minpwage);
337 }
338
339 static int account_set_maxpwage(struct net_context *c,
340                                 TALLOC_CTX *mem_ctx,
341                                 struct rpc_sh_ctx *ctx,
342                                 struct samr_DomInfo1 *i1,
343                                 struct samr_DomInfo3 *i3,
344                                 struct samr_DomInfo12 *i12,
345                                 int argc, const char **argv)
346 {
347         if (argc != 1) {
348                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
349                 return -1;
350         }
351
352         unix_to_nt_time_abs((NTTIME *)&i1->max_password_age, atoi(argv[0]));
353         d_printf(_("Setting maximum password age to %d seconds\n"),
354                  (int)nt_time_to_unix_abs((NTTIME *)&i1->max_password_age));
355
356         return 1;
357 }
358
359 static NTSTATUS rpc_sh_acct_set_maxpwage(struct net_context *c,
360                                          TALLOC_CTX *mem_ctx,
361                                          struct rpc_sh_ctx *ctx,
362                                          struct rpc_pipe_client *pipe_hnd,
363                                          int argc, const char **argv)
364 {
365         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
366                               account_set_maxpwage);
367 }
368
369 static int account_set_minpwlen(struct net_context *c,
370                                 TALLOC_CTX *mem_ctx,
371                                 struct rpc_sh_ctx *ctx,
372                                 struct samr_DomInfo1 *i1,
373                                 struct samr_DomInfo3 *i3,
374                                 struct samr_DomInfo12 *i12,
375                                 int argc, const char **argv)
376 {
377         if (argc != 1) {
378                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
379                 return -1;
380         }
381
382         i1->min_password_length = atoi(argv[0]);
383         d_printf(_("Setting minimum password length to %d\n"),
384                  i1->min_password_length);
385
386         return 1;
387 }
388
389 static NTSTATUS rpc_sh_acct_set_minpwlen(struct net_context *c,
390                                          TALLOC_CTX *mem_ctx,
391                                          struct rpc_sh_ctx *ctx,
392                                          struct rpc_pipe_client *pipe_hnd,
393                                          int argc, const char **argv)
394 {
395         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
396                               account_set_minpwlen);
397 }
398
399 static int account_set_pwhistlen(struct net_context *c,
400                                  TALLOC_CTX *mem_ctx,
401                                  struct rpc_sh_ctx *ctx,
402                                  struct samr_DomInfo1 *i1,
403                                  struct samr_DomInfo3 *i3,
404                                  struct samr_DomInfo12 *i12,
405                                  int argc, const char **argv)
406 {
407         if (argc != 1) {
408                 d_fprintf(stderr, _("usage: %s <count>\n"), ctx->whoami);
409                 return -1;
410         }
411
412         i1->password_history_length = atoi(argv[0]);
413         d_printf(_("Setting password history length to %d\n"),
414                  i1->password_history_length);
415
416         return 1;
417 }
418
419 static NTSTATUS rpc_sh_acct_set_pwhistlen(struct net_context *c,
420                                           TALLOC_CTX *mem_ctx,
421                                           struct rpc_sh_ctx *ctx,
422                                           struct rpc_pipe_client *pipe_hnd,
423                                           int argc, const char **argv)
424 {
425         return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
426                               account_set_pwhistlen);
427 }
428
429 struct rpc_sh_cmd *net_rpc_acct_cmds(struct net_context *c, TALLOC_CTX *mem_ctx,
430                                      struct rpc_sh_ctx *ctx)
431 {
432         static struct rpc_sh_cmd cmds[9] = {
433                 { "show", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_pol_show,
434                   N_("Show current account policy settings") },
435                 { "badpw", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_badpw,
436                   N_("Set bad password count before lockout") },
437                 { "lockduration", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_lockduration,
438                   N_("Set account lockout duration") },
439                 { "resetduration", NULL, &ndr_table_samr.syntax_id,
440                   rpc_sh_acct_set_resetduration,
441                   N_("Set bad password count reset duration") },
442                 { "minpwage", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_minpwage,
443                   N_("Set minimum password age") },
444                 { "maxpwage", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_maxpwage,
445                   N_("Set maximum password age") },
446                 { "minpwlen", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_minpwlen,
447                   N_("Set minimum password length") },
448                 { "pwhistlen", NULL, &ndr_table_samr.syntax_id, rpc_sh_acct_set_pwhistlen,
449                   N_("Set the password history length") },
450                 { NULL, NULL, 0, NULL, NULL }
451         };
452
453         return cmds;
454 }