git.samba.org / nivanova / samba-autobuild / .git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
r23779: Change from v2 or later to v3 or later.
[nivanova/samba-autobuild/.git] / source3 / rpc_parse / parse_samr.c
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 0a055ff826a72c352e0bccb42e06087cf9eae65a..2133d2124de50e94782a6137be7158843ba2311f 100644 (file)
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -6,12 +6,12 @@
  *  Copyright (C) Paul Ashton                  1997-2000,
  *  Copyright (C) Elrond                            2000,
  *  Copyright (C) Jeremy Allison                    2001,
- *  Copyright (C) Jean François Micouleau      1998-2001,
+ *  Copyright (C) Jean François Micouleau      1998-2001,
  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>   2002.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 2 of the License, or
+ *  the Free Software Foundation; either version 3 of the License, or
  *  (at your option) any later version.
  *  
  *  This program is distributed in the hope that it will be useful,
@@ -344,7 +344,7 @@ void init_samr_r_get_usrdom_pwinfo(SAMR_R_GET_USRDOM_PWINFO *r_u, NTSTATUS statu
 {
        DEBUG(5, ("init_samr_r_get_usrdom_pwinfo\n"));
        
-       r_u->unknown_0 = 0x0000;
+       r_u->min_pwd_length = 0x0000;
 
        /*
         * used to be   
@@ -354,7 +354,7 @@ void init_samr_r_get_usrdom_pwinfo(SAMR_R_GET_USRDOM_PWINFO *r_u, NTSTATUS statu
        r_u->unknown_1 = 0x01D1;
        r_u->unknown_1 = 0x0015;
 
-       r_u->unknown_2 = 0x00000000;
+       r_u->password_properties = 0x00000000;
 
        r_u->status = status;
 }
@@ -375,12 +375,13 @@ BOOL samr_io_r_get_usrdom_pwinfo(const char *desc, SAMR_R_GET_USRDOM_PWINFO * r_
        if(!prs_align(ps))
                return False;
 
-       if(!prs_uint16("unknown_0", ps, depth, &r_u->unknown_0))
+       if(!prs_uint16("min_pwd_length", ps, depth, &r_u->min_pwd_length))
                return False;
        if(!prs_uint16("unknown_1", ps, depth, &r_u->unknown_1))
                return False;
-       if(!prs_uint32("unknown_2", ps, depth, &r_u->unknown_2))
+       if(!prs_uint32("password_properties", ps, depth, &r_u->password_properties))
                return False;
+
        if(!prs_ntstatus("status   ", ps, depth, &r_u->status))
                return False;
 
@@ -460,10 +461,10 @@ BOOL samr_io_q_query_sec_obj(const char *desc, SAMR_Q_QUERY_SEC_OBJ * q_u,
 reads or writes a structure.
 ********************************************************************/
 
-void init_samr_q_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO * q_u,
-                               POLICY_HND *domain_pol, uint16 switch_value)
+void init_samr_q_query_domain_info(SAMR_Q_QUERY_DOMAIN_INFO * q_u,
+                                  POLICY_HND *domain_pol, uint16 switch_value)
 {
-       DEBUG(5, ("samr_init_samr_q_query_dom_info\n"));
+       DEBUG(5, ("samr_init_samr_q_query_domain_info\n"));
 
        q_u->domain_pol = *domain_pol;
        q_u->switch_value = switch_value;
@@ -473,13 +474,13 @@ void init_samr_q_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO * q_u,
 reads or writes a structure.
 ********************************************************************/
 
-BOOL samr_io_q_query_dom_info(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u,
-                             prs_struct *ps, int depth)
+BOOL samr_io_q_query_domain_info(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u,
+                                prs_struct *ps, int depth)
 {
        if (q_u == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "samr_io_q_query_dom_info");
+       prs_debug(ps, depth, desc, "samr_io_q_query_domain_info");
        depth++;
 
        if(!prs_align(ps))
@@ -494,31 +495,51 @@ BOOL samr_io_q_query_dom_info(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO * q_u,
        return True;
 }
 
-
 /*******************************************************************
 inits a structure.
 ********************************************************************/
 
-void init_unk_info3(SAM_UNK_INFO_3 *u_3, NTTIME nt_logout)
+void init_unk_info1(SAM_UNK_INFO_1 *u_1, uint16 min_pass_len, uint16 pass_hist, 
+                   uint32 password_properties, NTTIME nt_expire, NTTIME nt_min_age)
 {
-       u_3->logout.low = nt_logout.low;
-       u_3->logout.high = nt_logout.high;
+       u_1->min_length_password = min_pass_len;
+       u_1->password_history = pass_hist;
+       
+       if (lp_check_password_script() && *lp_check_password_script()) {
+               password_properties |= DOMAIN_PASSWORD_COMPLEX;
+       }
+       u_1->password_properties = password_properties;
+
+       /* password never expire */
+       u_1->expire = nt_expire;
+
+       /* can change the password now */
+       u_1->min_passwordage = nt_min_age;
+       
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info3(const char *desc, SAM_UNK_INFO_3 * u_3,
+static BOOL sam_io_unk_info1(const char *desc, SAM_UNK_INFO_1 * u_1,
                             prs_struct *ps, int depth)
 {
-       if (u_3 == NULL)
-               return False;
+       if (u_1 == NULL)
+         return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info3");
+       prs_debug(ps, depth, desc, "sam_io_unk_info1");
        depth++;
 
-       if(!smb_io_time("logout", &u_3->logout, ps, depth))
+       if(!prs_uint16("min_length_password", ps, depth, &u_1->min_length_password))
+               return False;
+       if(!prs_uint16("password_history", ps, depth, &u_1->password_history))
+               return False;
+       if(!prs_uint32("password_properties", ps, depth, &u_1->password_properties))
+               return False;
+       if(!smb_io_time("expire", &u_1->expire, ps, depth))
+               return False;
+       if(!smb_io_time("min_passwordage", &u_1->min_passwordage, ps, depth))
                return False;
 
        return True;
@@ -528,31 +549,77 @@ static BOOL sam_io_unk_info3(const char *desc, SAM_UNK_INFO_3 * u_3,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info6(SAM_UNK_INFO_6 * u_6)
+void init_unk_info2(SAM_UNK_INFO_2 * u_2,
+                       const char *comment, const char *domain, const char *server,
+                       uint32 seq_num, uint32 num_users, uint32 num_groups, uint32 num_alias, NTTIME nt_logout, uint32 server_role)
 {
-       u_6->unknown_0 = 0x00000000;
-       u_6->ptr_0 = 1;
-       memset(u_6->padding, 0, sizeof(u_6->padding));  /* 12 bytes zeros */
+       u_2->logout = nt_logout;
+
+       u_2->seq_num = seq_num;
+
+
+       u_2->unknown_4 = 0x00000001;
+       u_2->server_role = server_role;
+       u_2->unknown_6 = 0x00000001;
+       u_2->num_domain_usrs = num_users;
+       u_2->num_domain_grps = num_groups;
+       u_2->num_local_grps = num_alias;
+
+       init_unistr2(&u_2->uni_comment, comment, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_2->hdr_comment, &u_2->uni_comment);
+       init_unistr2(&u_2->uni_domain, domain, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_2->hdr_domain, &u_2->uni_domain);
+       init_unistr2(&u_2->uni_server, server, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_2->hdr_server, &u_2->uni_server);
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info6(const char *desc, SAM_UNK_INFO_6 * u_6,
+static BOOL sam_io_unk_info2(const char *desc, SAM_UNK_INFO_2 * u_2,
                             prs_struct *ps, int depth)
 {
-       if (u_6 == NULL)
+       if (u_2 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info6");
+       prs_debug(ps, depth, desc, "sam_io_unk_info2");
        depth++;
 
-       if(!prs_uint32("unknown_0", ps, depth, &u_6->unknown_0)) /* 0x0000 0000 */
+       if(!smb_io_time("logout", &u_2->logout, ps, depth))
+               return False;
+       if(!smb_io_unihdr("hdr_comment", &u_2->hdr_comment, ps, depth))
+               return False;
+       if(!smb_io_unihdr("hdr_domain", &u_2->hdr_domain, ps, depth))
+               return False;
+       if(!smb_io_unihdr("hdr_server", &u_2->hdr_server, ps, depth))
+               return False;
+
+       /* put all the data in here, at the moment, including what the above
+          pointer is referring to
+        */
+
+       if(!prs_uint64("seq_num ", ps, depth, &u_2->seq_num))
+               return False;
+
+       if(!prs_uint32("unknown_4 ", ps, depth, &u_2->unknown_4)) /* 0x0000 0001 */
+               return False;
+       if(!prs_uint32("server_role ", ps, depth, &u_2->server_role))
+               return False;
+       if(!prs_uint32("unknown_6 ", ps, depth, &u_2->unknown_6)) /* 0x0000 0001 */
+               return False;
+       if(!prs_uint32("num_domain_usrs ", ps, depth, &u_2->num_domain_usrs))
+               return False;
+       if(!prs_uint32("num_domain_grps", ps, depth, &u_2->num_domain_grps))
+               return False;
+       if(!prs_uint32("num_local_grps", ps, depth, &u_2->num_local_grps))
+               return False;
+
+       if(!smb_io_unistr2("uni_comment", &u_2->uni_comment, u_2->hdr_comment.buffer, ps, depth))
                return False;
-       if(!prs_uint32("ptr_0", ps, depth, &u_6->ptr_0)) /* pointer to unknown structure */
+       if(!smb_io_unistr2("uni_domain", &u_2->uni_domain, u_2->hdr_domain.buffer, ps, depth))
                return False;
-       if(!prs_uint8s(False, "padding", ps, depth, u_6->padding, sizeof(u_6->padding)))        /* 12 bytes zeros */
+       if(!smb_io_unistr2("uni_server", &u_2->uni_server, u_2->hdr_server.buffer, ps, depth))
                return False;
 
        return True;
@@ -562,25 +629,25 @@ static BOOL sam_io_unk_info6(const char *desc, SAM_UNK_INFO_6 * u_6,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info7(SAM_UNK_INFO_7 * u_7, uint32 server_role)
+void init_unk_info3(SAM_UNK_INFO_3 *u_3, NTTIME nt_logout)
 {
-       u_7->server_role = server_role;
+       u_3->logout = nt_logout;
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info7(const char *desc, SAM_UNK_INFO_7 * u_7,
+static BOOL sam_io_unk_info3(const char *desc, SAM_UNK_INFO_3 * u_3,
                             prs_struct *ps, int depth)
 {
-       if (u_7 == NULL)
+       if (u_3 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info7");
+       prs_debug(ps, depth, desc, "sam_io_unk_info3");
        depth++;
 
-       if(!prs_uint16("server_role", ps, depth, &u_7->server_role))
+       if(!smb_io_time("logout", &u_3->logout, ps, depth))
                return False;
 
        return True;
@@ -590,68 +657,61 @@ static BOOL sam_io_unk_info7(const char *desc, SAM_UNK_INFO_7 * u_7,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info8(SAM_UNK_INFO_8 * u_8, uint32 seq_num)
+void init_unk_info4(SAM_UNK_INFO_4 * u_4,const char *comment)
 {
-       unix_to_nt_time(&u_8->domain_create_time, 0);
-       u_8->seq_num.low = seq_num;
-       u_8->seq_num.high = 0x0000;
+       init_unistr2(&u_4->uni_comment, comment, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_4->hdr_comment, &u_4->uni_comment);
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info8(const char *desc, SAM_UNK_INFO_8 * u_8,
+static BOOL sam_io_unk_info4(const char *desc, SAM_UNK_INFO_4 * u_4,
                             prs_struct *ps, int depth)
 {
-       if (u_8 == NULL)
+       if (u_4 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info8");
+       prs_debug(ps, depth, desc, "sam_io_unk_info4");
        depth++;
 
-       if (!prs_uint64("seq_num", ps, depth, &u_8->seq_num))
+       if(!smb_io_unihdr("hdr_comment", &u_4->hdr_comment, ps, depth))
                return False;
 
-       if(!smb_io_time("domain_create_time", &u_8->domain_create_time, ps, depth))
+       if(!smb_io_unistr2("uni_comment", &u_4->uni_comment, u_4->hdr_comment.buffer, ps, depth))
                return False;
 
        return True;
 }
 
-
 /*******************************************************************
 inits a structure.
 ********************************************************************/
 
-void init_unk_info12(SAM_UNK_INFO_12 * u_12, NTTIME nt_lock_duration, NTTIME nt_reset_time, uint16 lockout)
+void init_unk_info5(SAM_UNK_INFO_5 * u_5,const char *domain)
 {
-       u_12->duration.low = nt_lock_duration.low;
-       u_12->duration.high = nt_lock_duration.high;
-       u_12->reset_count.low = nt_reset_time.low;
-       u_12->reset_count.high = nt_reset_time.high;
-
-       u_12->bad_attempt_lockout = lockout;
+       init_unistr2(&u_5->uni_domain, domain, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_5->hdr_domain, &u_5->uni_domain);
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info12(const char *desc, SAM_UNK_INFO_12 * u_12,
-                             prs_struct *ps, int depth)
+static BOOL sam_io_unk_info5(const char *desc, SAM_UNK_INFO_5 * u_5,
+                            prs_struct *ps, int depth)
 {
-       if (u_12 == NULL)
+       if (u_5 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info12");
+       prs_debug(ps, depth, desc, "sam_io_unk_info5");
        depth++;
 
-       if(!smb_io_time("duration", &u_12->duration, ps, depth))
+       if(!smb_io_unihdr("hdr_domain", &u_5->hdr_domain, ps, depth))
                return False;
-       if(!smb_io_time("reset_count", &u_12->reset_count, ps, depth))
-               return False;
-       if(!prs_uint16("bad_attempt_lockout", ps, depth, &u_12->bad_attempt_lockout))
+
+       if(!smb_io_unistr2("uni_domain", &u_5->uni_domain, u_5->hdr_domain.buffer, ps, depth))
                return False;
 
        return True;
@@ -661,29 +721,29 @@ static BOOL sam_io_unk_info12(const char *desc, SAM_UNK_INFO_12 * u_12,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info5(SAM_UNK_INFO_5 * u_5,const char *server)
+void init_unk_info6(SAM_UNK_INFO_6 * u_6, const char *server)
 {
-       init_unistr2(&u_5->uni_server, server, UNI_FLAGS_NONE);
-       init_uni_hdr(&u_5->hdr_server, &u_5->uni_server);
+       init_unistr2(&u_6->uni_server, server, UNI_FLAGS_NONE);
+       init_uni_hdr(&u_6->hdr_server, &u_6->uni_server);
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info5(const char *desc, SAM_UNK_INFO_5 * u_5,
+static BOOL sam_io_unk_info6(const char *desc, SAM_UNK_INFO_6 * u_6,
                             prs_struct *ps, int depth)
 {
-       if (u_5 == NULL)
+       if (u_6 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info5");
+       prs_debug(ps, depth, desc, "sam_io_unk_info6");
        depth++;
 
-       if(!smb_io_unihdr("hdr_server", &u_5->hdr_server, ps, depth))
+       if(!smb_io_unihdr("hdr_server", &u_6->hdr_server, ps, depth))
                return False;
 
-       if(!smb_io_unistr2("uni_server", &u_5->uni_server, u_5->hdr_server.buffer, ps, depth))
+       if(!smb_io_unistr2("uni_server", &u_6->uni_server, u_6->hdr_server.buffer, ps, depth))
                return False;
 
        return True;
@@ -693,81 +753,120 @@ static BOOL sam_io_unk_info5(const char *desc, SAM_UNK_INFO_5 * u_5,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info2(SAM_UNK_INFO_2 * u_2,
-                       const char *comment, const char *domain, const char *server,
-                       uint32 seq_num, uint32 num_users, uint32 num_groups, uint32 num_alias, NTTIME nt_logout, uint32 server_role)
+void init_unk_info7(SAM_UNK_INFO_7 * u_7, uint32 server_role)
 {
-       u_2->logout.low = nt_logout.low;
-       u_2->logout.high = nt_logout.high;
+       u_7->server_role = server_role;
+}
 
-       u_2->seq_num.low = seq_num;
-       u_2->seq_num.high = 0x00000000;
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
 
+static BOOL sam_io_unk_info7(const char *desc, SAM_UNK_INFO_7 * u_7,
+                            prs_struct *ps, int depth)
+{
+       if (u_7 == NULL)
+               return False;
 
-       u_2->unknown_4 = 0x00000001;
-       u_2->server_role = server_role;
-       u_2->unknown_6 = 0x00000001;
-       u_2->num_domain_usrs = num_users;
-       u_2->num_domain_grps = num_groups;
-       u_2->num_local_grps = num_alias;
+       prs_debug(ps, depth, desc, "sam_io_unk_info7");
+       depth++;
 
-       memset(u_2->padding, 0, sizeof(u_2->padding));  /* 12 bytes zeros */
+       if(!prs_uint16("server_role", ps, depth, &u_7->server_role))
+               return False;
 
-       init_unistr2(&u_2->uni_comment, comment, UNI_FLAGS_NONE);
-       init_uni_hdr(&u_2->hdr_comment, &u_2->uni_comment);
-       init_unistr2(&u_2->uni_domain, domain, UNI_FLAGS_NONE);
-       init_uni_hdr(&u_2->hdr_domain, &u_2->uni_domain);
-       init_unistr2(&u_2->uni_server, server, UNI_FLAGS_NONE);
-       init_uni_hdr(&u_2->hdr_server, &u_2->uni_server);
+       return True;
+}
+
+/*******************************************************************
+inits a structure.
+********************************************************************/
+
+void init_unk_info8(SAM_UNK_INFO_8 * u_8, uint32 seq_num)
+{
+       unix_to_nt_time(&u_8->domain_create_time, 0);
+       u_8->seq_num = seq_num;
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info2(const char *desc, SAM_UNK_INFO_2 * u_2,
+static BOOL sam_io_unk_info8(const char *desc, SAM_UNK_INFO_8 * u_8,
                             prs_struct *ps, int depth)
 {
-       if (u_2 == NULL)
+       if (u_8 == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info2");
+       prs_debug(ps, depth, desc, "sam_io_unk_info8");
        depth++;
 
-       if(!smb_io_time("logout", &u_2->logout, ps, depth))
-               return False;
-       if(!smb_io_unihdr("hdr_comment", &u_2->hdr_comment, ps, depth))
-               return False;
-       if(!smb_io_unihdr("hdr_domain", &u_2->hdr_domain, ps, depth))
+       if (!prs_uint64("seq_num", ps, depth, &u_8->seq_num))
                return False;
-       if(!smb_io_unihdr("hdr_server", &u_2->hdr_server, ps, depth))
+
+       if(!smb_io_time("domain_create_time", &u_8->domain_create_time, ps, depth))
                return False;
 
-       /* put all the data in here, at the moment, including what the above
-          pointer is referring to
-        */
+       return True;
+}
 
-       if(!prs_uint64("seq_num ", ps, depth, &u_2->seq_num))
-               return False;
+/*******************************************************************
+inits a structure.
+********************************************************************/
 
-       if(!prs_uint32("unknown_4 ", ps, depth, &u_2->unknown_4)) /* 0x0000 0001 */
-               return False;
-       if(!prs_uint32("server_role ", ps, depth, &u_2->server_role))
-               return False;
-       if(!prs_uint32("unknown_6 ", ps, depth, &u_2->unknown_6)) /* 0x0000 0001 */
-               return False;
-       if(!prs_uint32("num_domain_usrs ", ps, depth, &u_2->num_domain_usrs))
+void init_unk_info9(SAM_UNK_INFO_9 * u_9, uint32 unknown)
+{
+       u_9->unknown = unknown;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+static BOOL sam_io_unk_info9(const char *desc, SAM_UNK_INFO_9 * u_9,
+                            prs_struct *ps, int depth)
+{
+       if (u_9 == NULL)
                return False;
-       if(!prs_uint32("num_domain_grps", ps, depth, &u_2->num_domain_grps))
+
+       prs_debug(ps, depth, desc, "sam_io_unk_info9");
+       depth++;
+
+       if (!prs_uint32("unknown", ps, depth, &u_9->unknown))
                return False;
-       if(!prs_uint32("num_local_grps", ps, depth, &u_2->num_local_grps))
+
+       return True;
+}
+
+/*******************************************************************
+inits a structure.
+********************************************************************/
+
+void init_unk_info12(SAM_UNK_INFO_12 * u_12, NTTIME nt_lock_duration, NTTIME nt_reset_time, uint16 lockout)
+{
+       u_12->duration = nt_lock_duration;
+       u_12->reset_count = nt_reset_time;
+
+       u_12->bad_attempt_lockout = lockout;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+static BOOL sam_io_unk_info12(const char *desc, SAM_UNK_INFO_12 * u_12,
+                             prs_struct *ps, int depth)
+{
+       if (u_12 == NULL)
                return False;
 
-       if(!smb_io_unistr2("uni_comment", &u_2->uni_comment, u_2->hdr_comment.buffer, ps, depth))
+       prs_debug(ps, depth, desc, "sam_io_unk_info12");
+       depth++;
+
+       if(!smb_io_time("duration", &u_12->duration, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_domain", &u_2->uni_domain, u_2->hdr_domain.buffer, ps, depth))
+       if(!smb_io_time("reset_count", &u_12->reset_count, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_server", &u_2->uni_server, u_2->hdr_server.buffer, ps, depth))
+       if(!prs_uint16("bad_attempt_lockout", ps, depth, &u_12->bad_attempt_lockout))
                return False;
 
        return True;
@@ -777,45 +876,36 @@ static BOOL sam_io_unk_info2(const char *desc, SAM_UNK_INFO_2 * u_2,
 inits a structure.
 ********************************************************************/
 
-void init_unk_info1(SAM_UNK_INFO_1 *u_1, uint16 min_pass_len, uint16 pass_hist, 
-                   uint32 password_properties, NTTIME nt_expire, NTTIME nt_min_age)
+void init_unk_info13(SAM_UNK_INFO_13 * u_13, uint32 seq_num)
 {
-       u_1->min_length_password = min_pass_len;
-       u_1->password_history = pass_hist;
-       u_1->password_properties = password_properties;
-       
-       /* password never expire */
-       u_1->expire.high = nt_expire.high;
-       u_1->expire.low = nt_expire.low;
-       
-       /* can change the password now */
-       u_1->min_passwordage.high = nt_min_age.high;
-       u_1->min_passwordage.low = nt_min_age.low;
-       
+       unix_to_nt_time(&u_13->domain_create_time, 0);
+       u_13->seq_num = seq_num;
+       u_13->unknown1 = 0;
+       u_13->unknown2 = 0;
 }
 
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
 
-static BOOL sam_io_unk_info1(const char *desc, SAM_UNK_INFO_1 * u_1,
+static BOOL sam_io_unk_info13(const char *desc, SAM_UNK_INFO_13 * u_13,
                             prs_struct *ps, int depth)
 {
-       if (u_1 == NULL)
-         return False;
+       if (u_13 == NULL)
+               return False;
 
-       prs_debug(ps, depth, desc, "sam_io_unk_info1");
+       prs_debug(ps, depth, desc, "sam_io_unk_info13");
        depth++;
 
-       if(!prs_uint16("min_length_password", ps, depth, &u_1->min_length_password))
+       if (!prs_uint64("seq_num", ps, depth, &u_13->seq_num))
                return False;
-       if(!prs_uint16("password_history", ps, depth, &u_1->password_history))
+
+       if(!smb_io_time("domain_create_time", &u_13->domain_create_time, ps, depth))
                return False;
-       if(!prs_uint32("password_properties", ps, depth, &u_1->password_properties))
+
+       if (!prs_uint32("unknown1", ps, depth, &u_13->unknown1))
                return False;
-       if(!smb_io_time("expire", &u_1->expire, ps, depth))
-               return False;
-       if(!smb_io_time("min_passwordage", &u_1->min_passwordage, ps, depth))
+       if (!prs_uint32("unknown2", ps, depth, &u_13->unknown2))
                return False;
 
        return True;
@@ -825,11 +915,11 @@ static BOOL sam_io_unk_info1(const char *desc, SAM_UNK_INFO_1 * u_1,
 inits a SAMR_R_QUERY_DOMAIN_INFO structure.
 ********************************************************************/
 
-void init_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO * r_u,
-                               uint16 switch_value, SAM_UNK_CTR * ctr,
-                               NTSTATUS status)
+void init_samr_r_query_domain_info(SAMR_R_QUERY_DOMAIN_INFO * r_u,
+                                  uint16 switch_value, SAM_UNK_CTR * ctr,
+                                  NTSTATUS status)
 {
-       DEBUG(5, ("init_samr_r_query_dom_info\n"));
+       DEBUG(5, ("init_samr_r_query_domain_info\n"));
 
        r_u->ptr_0 = 0;
        r_u->switch_value = 0;
@@ -846,13 +936,13 @@ void init_samr_r_query_dom_info(SAMR_R_QUERY_DOMAIN_INFO * r_u,
 reads or writes a structure.
 ********************************************************************/
 
-BOOL samr_io_r_query_dom_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
-                             prs_struct *ps, int depth)
+BOOL samr_io_r_query_domain_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
+                                prs_struct *ps, int depth)
 {
         if (r_u == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "samr_io_r_query_dom_info");
+       prs_debug(ps, depth, desc, "samr_io_r_query_domain_info");
        depth++;
 
        if(!prs_align(ps))
@@ -868,10 +958,18 @@ BOOL samr_io_r_query_dom_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
                        return False;
 
                switch (r_u->switch_value) {
+               case 0x0d:
+                       if(!sam_io_unk_info13("unk_inf13", &r_u->ctr->info.inf13, ps, depth))
+                               return False;
+                       break;
                case 0x0c:
                        if(!sam_io_unk_info12("unk_inf12", &r_u->ctr->info.inf12, ps, depth))
                                return False;
                        break;
+               case 0x09:
+                       if(!sam_io_unk_info9("unk_inf9",&r_u->ctr->info.inf9, ps,depth))
+                               return False;
+                       break;
                case 0x08:
                        if(!sam_io_unk_info8("unk_inf8",&r_u->ctr->info.inf8, ps,depth))
                                return False;
@@ -888,6 +986,10 @@ BOOL samr_io_r_query_dom_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
                        if(!sam_io_unk_info5("unk_inf5",&r_u->ctr->info.inf5, ps,depth))
                                return False;
                        break;
+               case 0x04:
+                       if(!sam_io_unk_info4("unk_inf4",&r_u->ctr->info.inf4, ps,depth))
+                               return False;
+                       break;
                case 0x03:
                        if(!sam_io_unk_info3("unk_inf3",&r_u->ctr->info.inf3, ps,depth))
                                return False;
@@ -901,7 +1003,7 @@ BOOL samr_io_r_query_dom_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
                                return False;
                        break;
                default:
-                       DEBUG(0, ("samr_io_r_query_dom_info: unknown switch level 0x%x\n",
+                       DEBUG(0, ("samr_io_r_query_domain_info: unknown switch level 0x%x\n",
                                r_u->switch_value));
                        r_u->status = NT_STATUS_INVALID_INFO_CLASS;
                        return False;
@@ -917,6 +1019,21 @@ BOOL samr_io_r_query_dom_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_u,
        return True;
 }
 
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+void init_samr_q_set_sec_obj(SAMR_Q_SET_SEC_OBJ * q_u,
+                            POLICY_HND *pol, uint32 sec_info, SEC_DESC_BUF *buf)
+{
+       DEBUG(5, ("samr_init_samr_q_set_sec_obj\n"));
+
+       q_u->pol = *pol;
+       q_u->sec_info = sec_info;
+       q_u->buf = buf;
+}
+
+
 /*******************************************************************
 reads or writes a SAMR_R_SET_SEC_OBJ structure.
 ********************************************************************/
@@ -1003,7 +1120,7 @@ inits a SAM_ENTRY1 structure.
 static void init_sam_entry1(SAM_ENTRY1 *sam, uint32 user_idx,
                            UNISTR2 *sam_name, UNISTR2 *sam_full,
                            UNISTR2 *sam_desc, uint32 rid_user,
-                           uint16 acb_info)
+                           uint32 acb_info)
 {
        DEBUG(5, ("init_sam_entry1\n"));
 
@@ -1039,10 +1156,7 @@ static BOOL sam_io_sam_entry1(const char *desc, SAM_ENTRY1 * sam,
 
        if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
                return False;
-       if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
-               return False;
-
-       if(!prs_align(ps))
+       if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
                return False;
 
        if (!smb_io_unihdr("hdr_acct_name", &sam->hdr_acct_name, ps, depth))
@@ -1084,7 +1198,7 @@ inits a SAM_ENTRY2 structure.
 ********************************************************************/
 static void init_sam_entry2(SAM_ENTRY2 * sam, uint32 user_idx,
                            UNISTR2 *sam_name, UNISTR2 *sam_desc,
-                           uint32 rid_user, uint16 acb_info)
+                           uint32 rid_user, uint32 acb_info)
 {
        DEBUG(5, ("init_sam_entry2\n"));
 
@@ -1117,10 +1231,7 @@ static BOOL sam_io_sam_entry2(const char *desc, SAM_ENTRY2 * sam,
 
        if(!prs_uint32("rid_user ", ps, depth, &sam->rid_user))
                return False;
-       if(!prs_uint16("acb_info ", ps, depth, &sam->acb_info))
-               return False;
-
-       if(!prs_align(ps))
+       if(!prs_uint32("acb_info ", ps, depth, &sam->acb_info))
                return False;
 
        if(!smb_io_unihdr("unihdr", &sam->hdr_srv_name, ps, depth))     /* account name unicode string header */
@@ -1321,7 +1432,7 @@ inits a SAMR_Q_ENUM_DOM_USERS structure.
 
 void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
                                uint32 start_idx,
-                               uint16 acb_mask, uint16 unk_1, uint32 size)
+                               uint32 acb_mask, uint32 size)
 {
        DEBUG(5, ("init_samr_q_enum_dom_users\n"));
 
@@ -1329,7 +1440,6 @@ void init_samr_q_enum_dom_users(SAMR_Q_ENUM_DOM_USERS * q_e, POLICY_HND *pol,
 
        q_e->start_idx = start_idx;     /* zero indicates lots */
        q_e->acb_mask = acb_mask;
-       q_e->unknown_1 = unk_1;
        q_e->max_size = size;
 }
 
@@ -1354,9 +1464,7 @@ BOOL samr_io_q_enum_dom_users(const char *desc, SAMR_Q_ENUM_DOM_USERS * q_e,
 
        if(!prs_uint32("start_idx", ps, depth, &q_e->start_idx))
                return False;
-       if(!prs_uint16("acb_mask ", ps, depth, &q_e->acb_mask))
-               return False;
-       if(!prs_uint16("unknown_1", ps, depth, &q_e->unknown_1))
+       if(!prs_uint32("acb_mask ", ps, depth, &q_e->acb_mask))
                return False;
 
        if(!prs_uint32("max_size ", ps, depth, &q_e->max_size))
@@ -2064,6 +2172,76 @@ BOOL samr_io_r_query_dispinfo(const char *desc, SAMR_R_QUERY_DISPINFO * r_u,
        return True;
 }
 
+/*******************************************************************
+inits a SAMR_Q_GET_DISPENUM_INDEX structure.
+********************************************************************/
+
+void init_samr_q_get_dispenum_index(SAMR_Q_GET_DISPENUM_INDEX * q_e, POLICY_HND *pol,
+                                   uint16 switch_level, const char *name)
+{
+       DEBUG(5, ("init_samr_q_get_dispenum_index\n"));
+
+       q_e->domain_pol = *pol;
+
+       q_e->switch_level = switch_level;
+
+       init_lsa_string(&q_e->name, name);
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+BOOL samr_io_q_get_dispenum_index(const char *desc, SAMR_Q_GET_DISPENUM_INDEX * q_e,
+                                 prs_struct *ps, int depth)
+{
+       if (q_e == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "samr_io_q_get_dispenum_index");
+       depth++;
+
+       if(!prs_align(ps))
+               return False;
+
+       if(!smb_io_pol_hnd("domain_pol", &q_e->domain_pol, ps, depth))
+               return False;
+
+       if(!prs_uint16("switch_level", ps, depth, &q_e->switch_level))
+               return False;
+
+       if (!smb_io_lsa_string("name", &q_e->name, ps, depth))
+               return False;
+
+       return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+BOOL samr_io_r_get_dispenum_index(const char *desc, SAMR_R_GET_DISPENUM_INDEX * r_u,
+                                 prs_struct *ps, int depth)
+{
+       if (r_u == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "samr_io_r_get_dispenum_index");
+       depth++;
+
+       if(!prs_align(ps))
+               return False;
+
+       if(!prs_uint32("idx", ps, depth, &r_u->idx))
+               return False;
+       
+       if(!prs_ntstatus("status", ps, depth, &r_u->status))
+               return False;
+
+       return True;
+}
+
+
 /*******************************************************************
 inits a SAMR_Q_OPEN_GROUP structure.
 ********************************************************************/
@@ -2299,6 +2477,69 @@ BOOL samr_io_group_info4(const char *desc, GROUP_INFO4 * gr4,
        return True;
 }
 
+/*******************************************************************
+inits a GROUP_INFO5 structure.
+********************************************************************/
+
+void init_samr_group_info5(GROUP_INFO5 * gr5,
+                          char *acct_name, char *acct_desc,
+                          uint32 num_members)
+{
+       DEBUG(5, ("init_samr_group_info5\n"));
+
+       gr5->group_attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT); /* why not | SE_GROUP_ENABLED ? */
+       gr5->num_members = num_members;
+
+       init_unistr2(&gr5->uni_acct_name, acct_name, UNI_FLAGS_NONE);
+       init_uni_hdr(&gr5->hdr_acct_name, &gr5->uni_acct_name);
+       init_unistr2(&gr5->uni_acct_desc, acct_desc, UNI_FLAGS_NONE);
+       init_uni_hdr(&gr5->hdr_acct_desc, &gr5->uni_acct_desc);
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+BOOL samr_io_group_info5(const char *desc, GROUP_INFO5 * gr5,
+                        prs_struct *ps, int depth)
+{
+       uint16 dummy = 1;
+
+       if (gr5 == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "samr_io_group_info5");
+       depth++;
+
+       if(!prs_uint16("level", ps, depth, &dummy))
+               return False;
+
+       if(!prs_align(ps))
+               return False;
+
+       if(!smb_io_unihdr("hdr_acct_name", &gr5->hdr_acct_name, ps, depth))
+               return False;
+
+       if(!prs_uint32("group_attr", ps, depth, &gr5->group_attr))
+               return False;
+       if(!prs_uint32("num_members", ps, depth, &gr5->num_members))
+               return False;
+
+       if(!smb_io_unihdr("hdr_acct_desc", &gr5->hdr_acct_desc, ps, depth))
+               return False;
+
+       if(!smb_io_unistr2("uni_acct_name", &gr5->uni_acct_name,
+                          gr5->hdr_acct_name.buffer, ps, depth))
+               return False;
+
+       if(!smb_io_unistr2("uni_acct_desc", &gr5->uni_acct_desc,
+                          gr5->hdr_acct_desc.buffer, ps, depth))
+               return False;
+
+       return True;
+}
+
+
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
@@ -2335,6 +2576,10 @@ static BOOL samr_group_info_ctr(const char *desc, GROUP_INFO_CTR **ctr,
                if(!samr_io_group_info4("group_info4", &(*ctr)->group.info4, ps, depth))
                        return False;
                break;
+       case 5:
+               if(!samr_io_group_info5("group_info5", &(*ctr)->group.info5, ps, depth))
+                       return False;
+               break;
        default:
                DEBUG(0,("samr_group_info_ctr: unsupported switch level\n"));
                break;
@@ -3153,7 +3398,7 @@ BOOL samr_io_r_enum_domains(const char *desc, SAMR_R_ENUM_DOMAINS * r_u,
                if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3))
                        return False;
 
-               if (UNMARSHALLING(ps)) {
+               if (UNMARSHALLING(ps) && r_u->num_entries2) {
                        r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2);
                        r_u->uni_dom_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2);
                }
@@ -3292,7 +3537,7 @@ BOOL samr_io_r_enum_dom_groups(const char *desc, SAMR_R_ENUM_DOM_GROUPS * r_u,
                if(!prs_uint32("num_entries3", ps, depth, &r_u->num_entries3))
                        return False;
 
-               if (UNMARSHALLING(ps)) {
+               if (UNMARSHALLING(ps) && r_u->num_entries2) {
                        r_u->sam = PRS_ALLOC_MEM(ps,SAM_ENTRY,r_u->num_entries2);
                        r_u->uni_grp_name = PRS_ALLOC_MEM(ps,UNISTR2,r_u->num_entries2);
                }
@@ -3547,6 +3792,28 @@ BOOL samr_io_alias_info3(const char *desc, ALIAS_INFO3 *al3,
 reads or writes a structure.
 ********************************************************************/
 
+BOOL samr_io_alias_info2(const char *desc, ALIAS_INFO2 *al2,
+                        prs_struct *ps, int depth)
+{
+       if (al2 == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "samr_io_alias_info2");
+       depth++;
+
+       if(!prs_align(ps))
+               return False;
+
+       if (!prs_unistr4("name", ps, depth, &al2->name))
+               return False;
+
+       return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
 BOOL samr_alias_info_ctr(const char *desc, prs_struct *ps, int depth, ALIAS_INFO_CTR * ctr)
 {
        if ( !ctr )
@@ -3565,6 +3832,10 @@ BOOL samr_alias_info_ctr(const char *desc, prs_struct *ps, int depth, ALIAS_INFO
                if(!samr_io_alias_info1("alias_info1", &ctr->alias.info1, ps, depth))
                        return False;
                break;
+       case 2: 
+               if(!samr_io_alias_info2("alias_info2", &ctr->alias.info2, ps, depth))
+                       return False;
+               break;
        case 3: 
                if(!samr_io_alias_info3("alias_info3", &ctr->alias.info3, ps, depth))
                        return False;
@@ -3644,7 +3915,7 @@ BOOL samr_io_r_query_aliasinfo(const char *desc, SAMR_R_QUERY_ALIASINFO *out,
        if(!prs_align(ps))
                return False;
 
-       if ( !prs_pointer("alias", ps, depth, (void**)&out->ctr, sizeof(ALIAS_INFO_CTR), (PRS_POINTER_CAST)samr_alias_info_ctr))
+       if ( !prs_pointer("alias", ps, depth, (void*)&out->ctr, sizeof(ALIAS_INFO_CTR), (PRS_POINTER_CAST)samr_alias_info_ctr))
                return False;
        if(!prs_align(ps))
                return False;
@@ -3974,7 +4245,11 @@ void init_samr_q_lookup_rids(TALLOC_CTX *ctx, SAMR_Q_LOOKUP_RIDS * q_u,
        q_u->flags = flags;
        q_u->ptr = 0;
        q_u->num_rids2 = num_rids;
-       q_u->rid = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids );
+       if (num_rids) {
+               q_u->rid = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids );
+       } else {
+               q_u->rid = NULL;
+       }
        if (q_u->rid == NULL) {
                q_u->num_rids1 = 0;
                q_u->num_rids2 = 0;
@@ -4467,6 +4742,9 @@ BOOL samr_io_r_delete_dom_alias(const char *desc, SAMR_R_DELETE_DOM_ALIAS * r_u,
        if(!prs_align(ps))
                return False;
 
+       if(!smb_io_pol_hnd("pol", &r_u->pol, ps, depth))
+               return False;
+
        if(!prs_ntstatus("status", ps, depth, &r_u->status))
                return False;
 
@@ -4560,9 +4838,14 @@ BOOL samr_io_r_query_aliasmem(const char *desc, SAMR_R_QUERY_ALIASMEM * r_u,
                if(!prs_uint32("num_sids1", ps, depth, &r_u->num_sids1))
                        return False;
 
-               ptr_sid = TALLOC_ARRAY(ps->mem_ctx, uint32, r_u->num_sids1);
-               if (!ptr_sid) {
-                       return False;
+               /* We must always use talloc here even when marshalling. */
+               if (r_u->num_sids1) {
+                       ptr_sid = TALLOC_ARRAY(ps->mem_ctx, uint32, r_u->num_sids1);
+                       if (!ptr_sid) {
+                               return False;
+                       }
+               } else {
+                       ptr_sid = NULL;
                }
                
                for (i = 0; i < r_u->num_sids1; i++) {
@@ -4572,7 +4855,14 @@ BOOL samr_io_r_query_aliasmem(const char *desc, SAMR_R_QUERY_ALIASMEM * r_u,
                }
                
                if (UNMARSHALLING(ps)) {
-                       r_u->sid = TALLOC_ARRAY(ps->mem_ctx, DOM_SID2, r_u->num_sids1);
+                       if (r_u->num_sids1) {
+                               r_u->sid = TALLOC_ARRAY(ps->mem_ctx, DOM_SID2, r_u->num_sids1);
+                               if (!r_u->sid) {
+                                       return False;
+                               }
+                       } else {
+                               r_u->sid = NULL;
+                       }
                }
                
                for (i = 0; i < r_u->num_sids1; i++) {
@@ -4610,11 +4900,16 @@ NTSTATUS init_samr_q_lookup_names(TALLOC_CTX *ctx, SAMR_Q_LOOKUP_NAMES * q_u,
        q_u->ptr = 0;
        q_u->num_names2 = num_names;
 
-       if (!(q_u->hdr_name = TALLOC_ZERO_ARRAY(ctx, UNIHDR, num_names)))
-               return NT_STATUS_NO_MEMORY;
+       if (num_names) {
+               if (!(q_u->hdr_name = TALLOC_ZERO_ARRAY(ctx, UNIHDR, num_names)))
+                       return NT_STATUS_NO_MEMORY;
 
-       if (!(q_u->uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_names)))
-               return NT_STATUS_NO_MEMORY;
+               if (!(q_u->uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_names)))
+                       return NT_STATUS_NO_MEMORY;
+       } else {
+               q_u->hdr_name = NULL;
+               q_u->uni_name = NULL;
+       }
 
        for (i = 0; i < num_names; i++) {
                init_unistr2(&q_u->uni_name[i], name[i], UNI_FLAGS_NONE);       /* unicode string for machine account */
@@ -4683,7 +4978,7 @@ inits a SAMR_R_LOOKUP_NAMES structure.
 
 NTSTATUS init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
                              uint32 num_rids,
-                             uint32 *rid, uint32 *type,
+                             uint32 *rid, enum lsa_SidType *type,
                              NTSTATUS status)
 {
        DEBUG(5, ("init_samr_r_lookup_names\n"));
@@ -4699,10 +4994,15 @@ NTSTATUS init_samr_r_lookup_names(TALLOC_CTX *ctx, SAMR_R_LOOKUP_NAMES * r_u,
                r_u->ptr_rids = 1;
                r_u->num_rids2 = num_rids;
 
-               if (!(r_u->rids = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids)))
-                       return NT_STATUS_NO_MEMORY;
-               if (!(r_u->types = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids)))
-                       return NT_STATUS_NO_MEMORY;
+               if (num_rids) {
+                       if (!(r_u->rids = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids)))
+                               return NT_STATUS_NO_MEMORY;
+                       if (!(r_u->types = TALLOC_ZERO_ARRAY(ctx, uint32, num_rids)))
+                               return NT_STATUS_NO_MEMORY;
+               } else {
+                       r_u->rids = NULL;
+                       r_u->types = NULL;
+               }
 
                if (!r_u->rids || !r_u->types)
                        goto empty;
@@ -4767,12 +5067,13 @@ BOOL samr_io_r_lookup_names(const char *desc, SAMR_R_LOOKUP_NAMES * r_u,
                        return False;
                }
 
-               if (UNMARSHALLING(ps))
+               if (UNMARSHALLING(ps) && r_u->num_rids2) {
                        r_u->rids = PRS_ALLOC_MEM(ps, uint32, r_u->num_rids2);
 
-               if (!r_u->rids) {
-                       DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n"));
-                       return False;
+                       if (!r_u->rids) {
+                               DEBUG(0, ("NULL rids in samr_io_r_lookup_names\n"));
+                               return False;
+                       }
                }
 
                for (i = 0; i < r_u->num_rids2; i++) {
@@ -4796,12 +5097,13 @@ BOOL samr_io_r_lookup_names(const char *desc, SAMR_R_LOOKUP_NAMES * r_u,
                        return False;
                }
 
-               if (UNMARSHALLING(ps))
+               if (UNMARSHALLING(ps) && r_u->num_types2) {
                        r_u->types = PRS_ALLOC_MEM(ps, uint32, r_u->num_types2);
 
-               if (!r_u->types) {
-                       DEBUG(0, ("NULL types in samr_io_r_lookup_names\n"));
-                       return False;
+                       if (!r_u->types) {
+                               DEBUG(0, ("NULL types in samr_io_r_lookup_names\n"));
+                               return False;
+                       }
                }
 
                for (i = 0; i < r_u->num_types2; i++) {
@@ -5031,7 +5333,7 @@ inits a SAMR_Q_QUERY_USERINFO structure.
 ********************************************************************/
 
 void init_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO * q_u,
-                               POLICY_HND *hnd, uint16 switch_value)
+                               const POLICY_HND *hnd, uint16 switch_value)
 {
        DEBUG(5, ("init_samr_q_query_userinfo\n"));
 
@@ -5182,6 +5484,39 @@ static BOOL sam_io_user_info7(const char *desc, SAM_USER_INFO_7 * usr,
        return True;
 }
 
+/*******************************************************************
+inits a SAM_USER_INFO_9 structure.
+********************************************************************/
+
+void init_sam_user_info9(SAM_USER_INFO_9 * usr, uint32 rid_group)
+{
+       DEBUG(5, ("init_sam_user_info9\n"));
+
+       usr->rid_group = rid_group;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+static BOOL sam_io_user_info9(const char *desc, SAM_USER_INFO_9 * usr,
+                       prs_struct *ps, int depth)
+{
+       if (usr == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "samr_io_r_user_info9");
+       depth++;
+
+       if(!prs_align(ps))
+               return False;
+
+       if(!prs_uint32("rid_group", ps, depth, &usr->rid_group))
+               return False;
+
+       return True;
+}
+
 /*******************************************************************
 inits a SAM_USER_INFO_16 structure.
 ********************************************************************/
@@ -5341,7 +5676,8 @@ static BOOL sam_io_user_info17(const char *desc, SAM_USER_INFO_17 * usr,
  init_sam_user_infoa
  *************************************************************************/
 
-void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516], uint16 pw_len)
+void init_sam_user_info24(SAM_USER_INFO_24 * usr, char newpass[516],
+                         uint8 pw_len)
 {
        DEBUG(10, ("init_sam_user_info24:\n"));
        memcpy(usr->pass, newpass, sizeof(usr->pass));
@@ -5369,15 +5705,43 @@ static BOOL sam_io_user_info24(const char *desc, SAM_USER_INFO_24 * usr,
                return False;
        
        if (MARSHALLING(ps) && (usr->pw_len != 0)) {
-               if (!prs_uint16("pw_len", ps, depth, &usr->pw_len))
+               if (!prs_uint8("pw_len", ps, depth, &usr->pw_len))
+                       return False;
+       } else if (UNMARSHALLING(ps)) {
+               if (!prs_uint8("pw_len", ps, depth, &usr->pw_len))
                        return False;
        }
+
+       return True;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+
+static BOOL sam_io_user_info26(const char *desc, SAM_USER_INFO_26 * usr,
+                              prs_struct *ps, int depth)
+{
+       if (usr == NULL)
+               return False;
+
+       prs_debug(ps, depth, desc, "sam_io_user_info26");
+       depth++;
+
        if(!prs_align(ps))
                return False;
 
+       if(!prs_uint8s(False, "password", ps, depth, usr->pass, 
+                      sizeof(usr->pass)))
+               return False;
+       
+       if (!prs_uint8("pw_len", ps, depth, &usr->pw_len))
+               return False;
+
        return True;
 }
 
+
 /*************************************************************************
  init_sam_user_info23
 
@@ -5467,13 +5831,17 @@ void init_sam_user_info23W(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z
        copy_unistr2(&usr->uni_workstations, wkstas);
        init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations);
 
-       copy_unistr2(&usr->uni_unknown_str, unk_str);
-       init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str);
+       copy_unistr2(&usr->uni_comment, unk_str);
+       init_uni_hdr(&usr->hdr_comment, &usr->uni_comment);
 
        copy_unistr2(&usr->uni_munged_dial, mung_dial);
        init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
 
-       memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       if (hrs) {
+               memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       } else {
+               ZERO_STRUCT(usr->logon_hrs);
+       }
 }
 
 /*************************************************************************
@@ -5557,15 +5925,19 @@ void init_sam_user_info23A(SAM_USER_INFO_23 * usr, NTTIME * logon_time, /* all z
        init_unistr2(&usr->uni_workstations, wkstas, UNI_FLAGS_NONE);
        init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations);
 
-       init_unistr2(&usr->uni_unknown_str, unk_str, UNI_FLAGS_NONE);
-       init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str);
+       init_unistr2(&usr->uni_comment, unk_str, UNI_FLAGS_NONE);
+       init_uni_hdr(&usr->hdr_comment, &usr->uni_comment);
 
        init_unistr2_from_datablob(&usr->uni_munged_dial, &blob);
        init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
 
        data_blob_free(&blob);
        
-       memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       if (hrs) {
+               memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       } else {
+               ZERO_STRUCT(usr->logon_hrs);
+       }
 }
 
 /*******************************************************************
@@ -5613,7 +5985,7 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr,
                return False;
        if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth))       /* wkstas user can log on from */
                return False;
-       if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth))        /* unknown string */
+       if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth))        /* unknown string */
                return False;
        if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth))        /* wkstas user can log on from */
                return False;
@@ -5681,7 +6053,7 @@ static BOOL sam_io_user_info23(const char *desc, SAM_USER_INFO_23 * usr,
        if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth))        /* worksations user can log on from */
                return False;
 
-       if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth))  /* unknown string */
+       if(!smb_io_unistr2("uni_comment ", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth))      /* unknown string */
                return False;
 
        if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth))
@@ -5743,7 +6115,7 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str
                return False;
        if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth))       /* wkstas user can log on from */
                return False;
-       if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth))        /* unknown string */
+       if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth))        /* unknown string */
                return False;
        if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth))        /* wkstas user can log on from */
                return False;
@@ -5759,10 +6131,29 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str
                return False;
        if(!prs_uint32("acb_info      ", ps, depth, &usr->acb_info))
                return False;
+       if(!prs_uint32("fields_present ", ps, depth, &usr->fields_present))
+               return False;
+
+       if(!prs_uint16("logon_divs    ", ps, depth, &usr->logon_divs))  /* logon divisions per week */
+               return False;
+       if(!prs_align(ps))
+               return False;
+       if(!prs_uint32("ptr_logon_hrs ", ps, depth, &usr->ptr_logon_hrs))
+               return False;
+
+       if(!prs_uint16("bad_password_count     ", ps, depth, &usr->bad_password_count))
+               return False;
+       if(!prs_uint16("logon_count     ", ps, depth, &usr->logon_count))
+               return False;
 
-       if(!prs_uint32s(False, "unknown_6      ", ps, depth, usr->unknown_6, 6))
+       if(!prs_uint8s(False, "padding1      ", ps, depth, usr->padding1, sizeof(usr->padding1)))
+               return False;
+       if(!prs_uint8("passmustchange ", ps, depth, &usr->passmustchange))
+               return False;
+       if(!prs_uint8("padding2       ", ps, depth, &usr->padding2))
                return False;
 
+
        if(!prs_uint8s(False, "password      ", ps, depth, usr->pass, sizeof(usr->pass)))
                return False;
 
@@ -5792,19 +6183,17 @@ static BOOL sam_io_user_info25(const char *desc, SAM_USER_INFO_25 * usr, prs_str
        if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth))        /* worksations user can log on from */
                return False;
 
-       if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth))  /* unknown string */
+       if(!smb_io_unistr2("uni_comment ", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth))      /* unknown string */
                return False;
 
        if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth))
                return False;
 
-#if 0 /* JRA - unknown... */
        /* ok, this is only guess-work (as usual) */
        if (usr->ptr_logon_hrs) {
                if(!sam_io_logon_hrs("logon_hrs", &usr->logon_hrs, ps, depth))
                        return False;
        } 
-#endif
 
        return True;
 }
@@ -5898,13 +6287,17 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
        copy_unistr2(&usr->uni_workstations, wkstas);
        init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations);
 
-       copy_unistr2(&usr->uni_unknown_str, unk_str);
-       init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str);
+       copy_unistr2(&usr->uni_comment, unk_str);
+       init_uni_hdr(&usr->hdr_comment, &usr->uni_comment);
 
        copy_unistr2(&usr->uni_munged_dial, mung_dial);
        init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
 
-       memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       if (hrs) {
+               memcpy(&usr->logon_hrs, hrs, sizeof(usr->logon_hrs));
+       } else {
+               ZERO_STRUCT(usr->logon_hrs);
+       }
 }
 
 /*************************************************************************
@@ -5914,12 +6307,13 @@ void init_sam_user_info21W(SAM_USER_INFO_21 * usr,
 
  *************************************************************************/
 
-NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *domain_sid)
+NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, struct samu *pw, DOM_SID *domain_sid)
 {
        NTTIME          logon_time, logoff_time, kickoff_time,
                        pass_last_set_time, pass_can_change_time,
                        pass_must_change_time;
                        
+       time_t must_change_time;
        const char*             user_name = pdb_get_username(pw);
        const char*             full_name = pdb_get_fullname(pw);
        const char*             home_dir  = pdb_get_homedir(pw);
@@ -5940,16 +6334,20 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
        if (munged_dial) {
                munged_dial_blob = base64_decode_data_blob(munged_dial);
        } else {
-               munged_dial_blob = data_blob(NULL, 0);
+               munged_dial_blob = data_blob_null;
        }
 
        /* Create NTTIME structs */
-       unix_to_nt_time (&logon_time,           pdb_get_logon_time(pw));
-       unix_to_nt_time (&logoff_time,          pdb_get_logoff_time(pw));
+       unix_to_nt_time (&logon_time,           pdb_get_logon_time(pw));
+       unix_to_nt_time (&logoff_time,  pdb_get_logoff_time(pw));
        unix_to_nt_time (&kickoff_time,         pdb_get_kickoff_time(pw));
-       unix_to_nt_time (&pass_last_set_time,   pdb_get_pass_last_set_time(pw));
-       unix_to_nt_time (&pass_can_change_time, pdb_get_pass_can_change_time(pw));
-       unix_to_nt_time (&pass_must_change_time,pdb_get_pass_must_change_time(pw));
+       unix_to_nt_time (&pass_last_set_time, pdb_get_pass_last_set_time(pw));
+       unix_to_nt_time (&pass_can_change_time,pdb_get_pass_can_change_time(pw));
+       must_change_time = pdb_get_pass_must_change_time(pw);
+       if (must_change_time == get_time_t_max())
+               unix_to_nt_time_abs(&pass_must_change_time, must_change_time);
+       else
+               unix_to_nt_time(&pass_must_change_time, must_change_time);
        
        /* structure assignment */
        usr->logon_time            = logon_time;
@@ -5976,8 +6374,10 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
                return NT_STATUS_UNSUCCESSFUL;
        }
 
+       become_root();  
        group_sid = pdb_get_group_sid(pw);
-       
+       unbecome_root();
+
        if (!sid_peek_check_rid(domain_sid, group_sid, &group_rid)) {
                fstring group_sid_string;
                fstring domain_sid_string;
@@ -6043,8 +6443,8 @@ NTSTATUS init_sam_user_info21A(SAM_USER_INFO_21 *usr, SAM_ACCOUNT *pw, DOM_SID *
        init_unistr2(&usr->uni_workstations, workstations, UNI_STR_TERMINATE);
        init_uni_hdr(&usr->hdr_workstations, &usr->uni_workstations);
 
-       init_unistr2(&usr->uni_unknown_str, NULL, UNI_STR_TERMINATE);
-       init_uni_hdr(&usr->hdr_unknown_str, &usr->uni_unknown_str);
+       init_unistr2(&usr->uni_comment, NULL, UNI_STR_TERMINATE);
+       init_uni_hdr(&usr->hdr_comment, &usr->uni_comment);
 
        init_unistr2_from_datablob(&usr->uni_munged_dial, &munged_dial_blob);
        init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
@@ -6110,7 +6510,7 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr,
                return False;
        if(!smb_io_unihdr("hdr_workstations", &usr->hdr_workstations, ps, depth))       /* wkstas user can log on from */
                return False;
-       if(!smb_io_unihdr("hdr_unknown_str ", &usr->hdr_unknown_str, ps, depth))        /* unknown string */
+       if(!smb_io_unihdr("hdr_comment ", &usr->hdr_comment, ps, depth))        /* unknown string */
                return False;
        if(!smb_io_unihdr("hdr_munged_dial ", &usr->hdr_munged_dial, ps, depth))        /* wkstas user can log on from */
                return False;
@@ -6150,25 +6550,25 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr,
 
        /* here begins pointed-to data */
 
-       if(!smb_io_unistr2("uni_user_name   ", &usr->uni_user_name,usr->hdr_user_name.buffer, ps, depth))       /* username unicode string */
+       if(!smb_io_unistr2("uni_user_name   ", &usr->uni_user_name,usr->hdr_user_name.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_full_name   ", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth))      /* user's full name unicode string */
+       if(!smb_io_unistr2("uni_full_name   ", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_home_dir    ", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth))        /* home directory unicode string */
+       if(!smb_io_unistr2("uni_home_dir    ", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_dir_drive   ", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth))      /* home directory drive unicode string */
+       if(!smb_io_unistr2("uni_dir_drive   ", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth))        /* logon script unicode string */
+       if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth))        /* profile path unicode string */
+       if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_acct_desc   ", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth))      /* user desc unicode string */
+       if(!smb_io_unistr2("uni_acct_desc   ", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth))        /* worksations user can log on from */
+       if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_unknown_str ", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth))  /* unknown string */
+       if(!smb_io_unistr2("uni_comment", &usr->uni_comment, usr->hdr_comment.buffer, ps, depth))
                return False;
-       if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial,usr->hdr_munged_dial.buffer, ps, depth))   /* worksations user can log on from */
+       if(!smb_io_unistr2("uni_munged_dial ", &usr->uni_munged_dial,usr->hdr_munged_dial.buffer, ps, depth))
                return False;
 
        /* ok, this is only guess-work (as usual) */
@@ -6180,11 +6580,17 @@ static BOOL sam_io_user_info21(const char *desc, SAM_USER_INFO_21 * usr,
        return True;
 }
 
-void init_sam_user_info20A(SAM_USER_INFO_20 *usr, SAM_ACCOUNT *pw)
+void init_sam_user_info20A(SAM_USER_INFO_20 *usr, struct samu *pw)
 {
        const char *munged_dial = pdb_get_munged_dial(pw);
-       DATA_BLOB blob = base64_decode_data_blob(munged_dial);
-       
+       DATA_BLOB blob;
+
+       if (munged_dial) {
+               blob = base64_decode_data_blob(munged_dial);
+       } else {
+               blob = data_blob_null;
+       }
+
        init_unistr2_from_datablob(&usr->uni_munged_dial, &blob);
        init_uni_hdr(&usr->hdr_munged_dial, &usr->uni_munged_dial);
        data_blob_free(&blob);
@@ -6298,13 +6704,13 @@ static void init_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr, DATA_BLOB *sess_key,
        switch (switch_value) {
        case 0x18:
                SamOEMhashBlob(ctr->info.id24->pass, 516, sess_key);
-               dump_data(100, (char *)sess_key->data, sess_key->length);
-               dump_data(100, (char *)ctr->info.id24->pass, 516);
+               dump_data(100, sess_key->data, sess_key->length);
+               dump_data(100, ctr->info.id24->pass, 516);
                break;
        case 0x17:
                SamOEMhashBlob(ctr->info.id23->pass, 516, sess_key);
-               dump_data(100, (char *)sess_key->data, sess_key->length);
-               dump_data(100, (char *)ctr->info.id23->pass, 516);
+               dump_data(100, sess_key->data, sess_key->length);
+               dump_data(100, ctr->info.id23->pass, 516);
                break;
        case 0x07:
                break;
@@ -6354,6 +6760,15 @@ static BOOL samr_io_userinfo_ctr(const char *desc, SAM_USERINFO_CTR **ppctr,
                }
                ret = sam_io_user_info7("", ctr->info.id7, ps, depth);
                break;
+       case 9:
+               if (UNMARSHALLING(ps))
+                       ctr->info.id9 = PRS_ALLOC_MEM(ps,SAM_USER_INFO_9,1);
+               if (ctr->info.id9 == NULL) {
+                       DEBUG(2,("samr_io_userinfo_ctr: info pointer not initialised\n"));
+                       return False;
+               }
+               ret = sam_io_user_info9("", ctr->info.id9, ps, depth);
+               break;
        case 16:
                if (UNMARSHALLING(ps))
                        ctr->info.id16 = PRS_ALLOC_MEM(ps,SAM_USER_INFO_16,1);
@@ -6433,6 +6848,16 @@ static BOOL samr_io_userinfo_ctr(const char *desc, SAM_USERINFO_CTR **ppctr,
                }
                ret = sam_io_user_info25("", ctr->info.id25, ps, depth);
                break;
+       case 26:
+               if (UNMARSHALLING(ps))
+                       ctr->info.id26 = PRS_ALLOC_MEM(ps,SAM_USER_INFO_26,1);
+
+               if (ctr->info.id26 == NULL) {
+                       DEBUG(2,("samr_io_userinfo_ctr: info pointer not initialised\n"));
+                       return False;
+               }
+               ret = sam_io_user_info26("", ctr->info.id26, ps,  depth);
+               break;
        default:
                DEBUG(2, ("samr_io_userinfo_ctr: unknown switch level 0x%x\n", ctr->switch_value));
                ret = False;
@@ -6499,7 +6924,7 @@ inits a SAMR_Q_SET_USERINFO structure.
 ********************************************************************/
 
 void init_samr_q_set_userinfo(SAMR_Q_SET_USERINFO * q_u,
-                             POLICY_HND *hnd, DATA_BLOB *sess_key,
+                             const POLICY_HND *hnd, DATA_BLOB *sess_key,
                              uint16 switch_value, void *info)
 {
        DEBUG(5, ("init_samr_q_set_userinfo\n"));
@@ -6573,7 +6998,7 @@ inits a SAMR_Q_SET_USERINFO2 structure.
 ********************************************************************/
 
 void init_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 * q_u,
-                              POLICY_HND *hnd, DATA_BLOB *sess_key,
+                              const POLICY_HND *hnd, DATA_BLOB *sess_key,
                               uint16 switch_value, SAM_USERINFO_CTR * ctr)
 {
        DEBUG(5, ("init_samr_q_set_userinfo2\n"));
@@ -6582,16 +7007,15 @@ void init_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 * q_u,
        q_u->switch_value = switch_value;
        q_u->ctr = ctr;
 
-       if (q_u->ctr != NULL)
-               q_u->ctr->switch_value = switch_value;
+       q_u->ctr->switch_value = switch_value;
 
        switch (switch_value) {
        case 18:
                SamOEMhashBlob(ctr->info.id18->lm_pwd, 16, sess_key);
                SamOEMhashBlob(ctr->info.id18->nt_pwd, 16, sess_key);
-               dump_data(100, (char *)sess_key->data, sess_key->length);
-               dump_data(100, (char *)ctr->info.id18->lm_pwd, 16);
-               dump_data(100, (char *)ctr->info.id18->nt_pwd, 16);
+               dump_data(100, sess_key->data, sess_key->length);
+               dump_data(100, ctr->info.id18->lm_pwd, 16);
+               dump_data(100, ctr->info.id18->nt_pwd, 16);
                break;
        }
 }
@@ -6923,8 +7347,7 @@ void init_samr_q_connect_anon(SAMR_Q_CONNECT_ANON * q_u)
 
        q_u->ptr = 1;
        q_u->unknown_0 = 0x5c;  /* server name (?!!) */
-       q_u->unknown_1 = 0x01;
-       q_u->access_mask = 0x20;
+       q_u->access_mask = MAXIMUM_ALLOWED_ACCESS;
 }
 
 /*******************************************************************
@@ -6945,9 +7368,11 @@ BOOL samr_io_q_connect_anon(const char *desc, SAMR_Q_CONNECT_ANON * q_u,
 
        if(!prs_uint32("ptr      ", ps, depth, &q_u->ptr))
                return False;
-       if(!prs_uint16("unknown_0", ps, depth, &q_u->unknown_0))
-               return False;
-       if(!prs_uint16("unknown_1", ps, depth, &q_u->unknown_1))
+       if (q_u->ptr) {
+               if(!prs_uint16("unknown_0", ps, depth, &q_u->unknown_0))
+                       return False;
+       }
+       if(!prs_align(ps))
                return False;
        if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask))
                return False;
@@ -7218,7 +7643,7 @@ inits a SAMR_R_CHGPASSWD_USER structure.
 
 void init_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER * r_u, NTSTATUS status)
 {
-       DEBUG(5, ("init_r_chgpasswd_user\n"));
+       DEBUG(5, ("init_samr_r_chgpasswd_user\n"));
 
        r_u->status = status;
 }
@@ -7249,14 +7674,14 @@ BOOL samr_io_r_chgpasswd_user(const char *desc, SAMR_R_CHGPASSWD_USER * r_u,
 inits a SAMR_Q_CHGPASSWD3 structure.
 ********************************************************************/
 
-void init_samr_q_chgpasswd3(SAMR_Q_CHGPASSWD3 * q_u,
-                           const char *dest_host, const char *user_name,
-                           const uchar nt_newpass[516],
-                           const uchar nt_oldhash[16],
-                           const uchar lm_newpass[516],
-                           const uchar lm_oldhash[16])
+void init_samr_q_chgpasswd_user3(SAMR_Q_CHGPASSWD_USER3 * q_u,
+                                const char *dest_host, const char *user_name,
+                                const uchar nt_newpass[516],
+                                const uchar nt_oldhash[16],
+                                const uchar lm_newpass[516],
+                                const uchar lm_oldhash[16])
 {
-       DEBUG(5, ("init_samr_q_chgpasswd3\n"));
+       DEBUG(5, ("init_samr_q_chgpasswd_user3\n"));
 
        q_u->ptr_0 = 1;
        init_unistr2(&q_u->uni_dest_host, dest_host, UNI_FLAGS_NONE);
@@ -7280,13 +7705,13 @@ void init_samr_q_chgpasswd3(SAMR_Q_CHGPASSWD3 * q_u,
 reads or writes a structure.
 ********************************************************************/
 
-BOOL samr_io_q_chgpasswd3(const char *desc, SAMR_Q_CHGPASSWD3 * q_u,
-                         prs_struct *ps, int depth)
+BOOL samr_io_q_chgpasswd_user3(const char *desc, SAMR_Q_CHGPASSWD_USER3 * q_u,
+                              prs_struct *ps, int depth)
 {
        if (q_u == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "samr_io_q_chgpasswd3");
+       prs_debug(ps, depth, desc, "samr_io_q_chgpasswd_user3");
        depth++;
 
        if(!prs_align(ps))
@@ -7327,14 +7752,28 @@ BOOL samr_io_q_chgpasswd3(const char *desc, SAMR_Q_CHGPASSWD3 * q_u,
 }
 
 /*******************************************************************
-inits a SAMR_R_CHGPASSWD3 structure.
+inits a SAMR_R_CHGPASSWD_USER3 structure.
 ********************************************************************/
 
-void init_samr_r_chgpasswd3(SAMR_R_CHGPASSWD3 * r_u, NTSTATUS status)
+void init_samr_r_chgpasswd_user3(SAMR_R_CHGPASSWD_USER3 *r_u, NTSTATUS status, 
+                                SAMR_CHANGE_REJECT *reject, SAM_UNK_INFO_1 *info)
 {
-       DEBUG(5, ("init_r_chgpasswd3\n"));
+       DEBUG(5, ("init_samr_r_chgpasswd_user3\n"));
 
        r_u->status = status;
+       r_u->info = 0;
+       r_u->ptr_info = 0;
+       r_u->reject = 0;
+       r_u->ptr_reject = 0;
+
+       if (info) {
+               r_u->info = info;
+               r_u->ptr_info = 1;
+       }
+       if (reject && (reject->reject_reason != Undefined)) {
+               r_u->reject = reject;
+               r_u->ptr_reject = 1;
+       }
 }
 
 /*******************************************************************
@@ -7371,41 +7810,45 @@ BOOL samr_io_change_reject(const char *desc, SAMR_CHANGE_REJECT *reject, prs_str
 reads or writes a structure.
 ********************************************************************/
 
-BOOL samr_io_r_chgpasswd3(const char *desc, SAMR_R_CHGPASSWD3 * r_u,
-                         prs_struct *ps, int depth)
+BOOL samr_io_r_chgpasswd_user3(const char *desc, SAMR_R_CHGPASSWD_USER3 *r_u,
+                              prs_struct *ps, int depth)
 {
-       uint32 ptr_info, ptr_reject;
-       
        if (r_u == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "samr_io_r_chgpasswd3");
+       prs_debug(ps, depth, desc, "samr_io_r_chgpasswd_user3");
        depth++;
 
-       if(!prs_align(ps))
+       if (!prs_align(ps))
                return False;
 
-       if(!prs_uint32("ptr_info", ps, depth, &ptr_info))
+       if (!prs_uint32("ptr_info", ps, depth, &r_u->ptr_info))
                return False;
 
-       if (ptr_info) {
+       /* special case: Windows 2000 can return stub data here saying
+          NT_STATUS_NOT_SUPPORTED */
+
+       if ( NT_STATUS_EQUAL( NT_STATUS_NOT_SUPPORTED, NT_STATUS(r_u->ptr_info)) ) {
+               r_u->status = NT_STATUS_NOT_SUPPORTED;
+               return True;
+       }       
 
+       if (r_u->ptr_info && r_u->info != NULL) {
                /* SAM_UNK_INFO_1 */
-               if(!sam_io_unk_info1("info", &r_u->info, ps, depth))
+               if (!sam_io_unk_info1("info", r_u->info, ps, depth))
                        return False;
        }
 
-       if(!prs_uint32("ptr_reject", ps, depth, &ptr_reject))
+       if (!prs_uint32("ptr_reject", ps, depth, &r_u->ptr_reject))
                return False;
                             
-       if (ptr_reject) {
-
+       if (r_u->ptr_reject && r_u->reject != NULL) {
                /* SAMR_CHANGE_REJECT */
-               if(!samr_io_change_reject("reject", &r_u->reject, ps, depth))
+               if (!samr_io_change_reject("reject", r_u->reject, ps, depth))
                        return False;
        }
 
-       if(!prs_ntstatus("status", ps, depth, &r_u->status))
+       if (!prs_ntstatus("status", ps, depth, &r_u->status))
                return False;
 
        return True;
@@ -7453,11 +7896,11 @@ BOOL samr_io_q_query_domain_info2(const char *desc, SAMR_Q_QUERY_DOMAIN_INFO2 *q
 inits a SAMR_R_QUERY_DOMAIN_INFO structure.
 ********************************************************************/
 
-void init_samr_r_samr_query_domain_info2(SAMR_R_QUERY_DOMAIN_INFO2 * r_u,
-                               uint16 switch_value, SAM_UNK_CTR * ctr,
-                               NTSTATUS status)
+void init_samr_r_query_domain_info2(SAMR_R_QUERY_DOMAIN_INFO2 * r_u,
+                                   uint16 switch_value, SAM_UNK_CTR * ctr,
+                                   NTSTATUS status)
 {
-       DEBUG(5, ("init_samr_r_samr_query_domain_info2\n"));
+       DEBUG(5, ("init_samr_r_query_domain_info2\n"));
 
        r_u->ptr_0 = 0;
        r_u->switch_value = 0;
@@ -7474,13 +7917,13 @@ void init_samr_r_samr_query_domain_info2(SAMR_R_QUERY_DOMAIN_INFO2 * r_u,
 reads or writes a structure.
 ********************************************************************/
 
-BOOL samr_io_r_samr_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INFO2 * r_u,
-                             prs_struct *ps, int depth)
+BOOL samr_io_r_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INFO2 * r_u,
+                                 prs_struct *ps, int depth)
 {
         if (r_u == NULL)
                return False;
 
-       prs_debug(ps, depth, desc, "samr_io_r_samr_query_domain_info2");
+       prs_debug(ps, depth, desc, "samr_io_r_query_domain_info2");
        depth++;
 
        if(!prs_align(ps))
@@ -7496,10 +7939,22 @@ BOOL samr_io_r_samr_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INF
                        return False;
 
                switch (r_u->switch_value) {
+               case 0x0d:
+                       if(!sam_io_unk_info13("unk_inf13", &r_u->ctr->info.inf13, ps, depth))
+                               return False;
+                       break;
                case 0x0c:
                        if(!sam_io_unk_info12("unk_inf12", &r_u->ctr->info.inf12, ps, depth))
                                return False;
                        break;
+               case 0x09:
+                       if(!sam_io_unk_info9("unk_inf9",&r_u->ctr->info.inf9, ps,depth))
+                               return False;
+                       break;
+               case 0x08:
+                       if(!sam_io_unk_info8("unk_inf8",&r_u->ctr->info.inf8, ps,depth))
+                               return False;
+                       break;
                case 0x07:
                        if(!sam_io_unk_info7("unk_inf7",&r_u->ctr->info.inf7, ps,depth))
                                return False;
@@ -7512,6 +7967,10 @@ BOOL samr_io_r_samr_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INF
                        if(!sam_io_unk_info5("unk_inf5",&r_u->ctr->info.inf5, ps,depth))
                                return False;
                        break;
+               case 0x04:
+                       if(!sam_io_unk_info4("unk_inf4",&r_u->ctr->info.inf4, ps,depth))
+                               return False;
+                       break;
                case 0x03:
                        if(!sam_io_unk_info3("unk_inf3",&r_u->ctr->info.inf3, ps,depth))
                                return False;
@@ -7525,7 +7984,7 @@ BOOL samr_io_r_samr_query_domain_info2(const char *desc, SAMR_R_QUERY_DOMAIN_INF
                                return False;
                        break;
                default:
-                       DEBUG(0, ("samr_io_r_samr_query_domain_info2: unknown switch level 0x%x\n",
+                       DEBUG(0, ("samr_io_r_query_domain_info2: unknown switch level 0x%x\n",
                                r_u->switch_value));
                        r_u->status = NT_STATUS_INVALID_INFO_CLASS;
                        return False;
@@ -7587,8 +8046,10 @@ BOOL samr_io_q_set_domain_info(const char *desc, SAMR_Q_SET_DOMAIN_INFO *q_u,
        if(!prs_align(ps))
                return False;
 
-       if ((q_u->ctr = PRS_ALLOC_MEM(ps, SAM_UNK_CTR, 1)) == NULL)
-               return False;
+       if (UNMARSHALLING(ps)) {
+               if ((q_u->ctr = PRS_ALLOC_MEM(ps, SAM_UNK_CTR, 1)) == NULL)
+                       return False;
+       }
        
        switch (q_u->switch_value) {
 
Unnamed repository; edit this file 'description' to name the repository.