2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Guenther Deschner 2008
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
26 #include "../librpc/gen_ndr/cli_samr.h"
27 #include "rpc_client/init_samr.h"
29 /****************************************************************
30 ****************************************************************/
32 static void convert_USER_INFO_X_to_samr_user_info21(struct USER_INFO_X *infoX,
33 struct samr_UserInfo21 *info21)
35 uint32_t fields_present = 0;
36 struct samr_LogonHours zero_logon_hours;
37 struct lsa_BinaryString zero_parameters;
41 ZERO_STRUCT(zero_logon_hours);
42 ZERO_STRUCT(zero_parameters);
44 if (infoX->usriX_flags) {
45 fields_present |= SAMR_FIELD_ACCT_FLAGS;
47 if (infoX->usriX_name) {
48 fields_present |= SAMR_FIELD_ACCOUNT_NAME;
50 if (infoX->usriX_password) {
51 fields_present |= SAMR_FIELD_NT_PASSWORD_PRESENT;
53 if (infoX->usriX_flags) {
54 fields_present |= SAMR_FIELD_ACCT_FLAGS;
56 if (infoX->usriX_name) {
57 fields_present |= SAMR_FIELD_FULL_NAME;
59 if (infoX->usriX_home_dir) {
60 fields_present |= SAMR_FIELD_HOME_DIRECTORY;
62 if (infoX->usriX_script_path) {
63 fields_present |= SAMR_FIELD_LOGON_SCRIPT;
65 if (infoX->usriX_comment) {
66 fields_present |= SAMR_FIELD_DESCRIPTION;
68 if (infoX->usriX_password_age) {
69 fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
71 if (infoX->usriX_full_name) {
72 fields_present |= SAMR_FIELD_FULL_NAME;
74 if (infoX->usriX_usr_comment) {
75 fields_present |= SAMR_FIELD_COMMENT;
77 if (infoX->usriX_profile) {
78 fields_present |= SAMR_FIELD_PROFILE_PATH;
80 if (infoX->usriX_home_dir_drive) {
81 fields_present |= SAMR_FIELD_HOME_DRIVE;
83 if (infoX->usriX_primary_group_id) {
84 fields_present |= SAMR_FIELD_PRIMARY_GID;
86 if (infoX->usriX_country_code) {
87 fields_present |= SAMR_FIELD_COUNTRY_CODE;
89 if (infoX->usriX_workstations) {
90 fields_present |= SAMR_FIELD_WORKSTATIONS;
93 unix_to_nt_time_abs(&password_age, infoX->usriX_password_age);
95 /* TODO: infoX->usriX_priv */
97 info21->last_logon = 0;
98 info21->last_logoff = 0;
99 info21->last_password_change = 0;
100 info21->acct_expiry = 0;
101 info21->allow_password_change = 0;
102 info21->force_password_change = 0;
103 info21->account_name.string = infoX->usriX_name;
104 info21->full_name.string = infoX->usriX_full_name;
105 info21->home_directory.string = infoX->usriX_home_dir;
106 info21->home_drive.string = infoX->usriX_home_dir_drive;
107 info21->logon_script.string = infoX->usriX_script_path;
108 info21->profile_path.string = infoX->usriX_profile;
109 info21->description.string = infoX->usriX_comment;
110 info21->workstations.string = infoX->usriX_workstations;
111 info21->comment.string = infoX->usriX_usr_comment;
112 info21->parameters = zero_parameters;
113 info21->lm_owf_password = zero_parameters;
114 info21->nt_owf_password = zero_parameters;
115 info21->unknown3.string = NULL;
116 info21->buf_count = 0;
117 info21->buffer = NULL;
118 info21->rid = infoX->usriX_user_id;
119 info21->primary_gid = infoX->usriX_primary_group_id;
120 info21->acct_flags = infoX->usriX_flags;
121 info21->fields_present = fields_present;
122 info21->logon_hours = zero_logon_hours;
123 info21->bad_password_count = infoX->usriX_bad_pw_count;
124 info21->logon_count = infoX->usriX_num_logons;
125 info21->country_code = infoX->usriX_country_code;
126 info21->code_page = infoX->usriX_code_page;
127 info21->lm_password_set = 0;
128 info21->nt_password_set = 0;
129 info21->password_expired = infoX->usriX_password_expired;
130 info21->unknown4 = 0;
133 /****************************************************************
134 ****************************************************************/
136 static NTSTATUS construct_USER_INFO_X(uint32_t level,
138 struct USER_INFO_X *uX)
140 struct USER_INFO_0 *u0 = NULL;
141 struct USER_INFO_1 *u1 = NULL;
142 struct USER_INFO_2 *u2 = NULL;
143 struct USER_INFO_3 *u3 = NULL;
144 struct USER_INFO_1003 *u1003 = NULL;
145 struct USER_INFO_1006 *u1006 = NULL;
146 struct USER_INFO_1007 *u1007 = NULL;
147 struct USER_INFO_1009 *u1009 = NULL;
148 struct USER_INFO_1011 *u1011 = NULL;
149 struct USER_INFO_1012 *u1012 = NULL;
150 struct USER_INFO_1014 *u1014 = NULL;
151 struct USER_INFO_1024 *u1024 = NULL;
152 struct USER_INFO_1051 *u1051 = NULL;
153 struct USER_INFO_1052 *u1052 = NULL;
154 struct USER_INFO_1053 *u1053 = NULL;
156 if (!buffer || !uX) {
157 return NT_STATUS_INVALID_PARAMETER;
164 u0 = (struct USER_INFO_0 *)buffer;
165 uX->usriX_name = u0->usri0_name;
168 u1 = (struct USER_INFO_1 *)buffer;
169 uX->usriX_name = u1->usri1_name;
170 uX->usriX_password = u1->usri1_password;
171 uX->usriX_password_age = u1->usri1_password_age;
172 uX->usriX_priv = u1->usri1_priv;
173 uX->usriX_home_dir = u1->usri1_home_dir;
174 uX->usriX_comment = u1->usri1_comment;
175 uX->usriX_flags = u1->usri1_flags;
176 uX->usriX_script_path = u1->usri1_script_path;
179 u2 = (struct USER_INFO_2 *)buffer;
180 uX->usriX_name = u2->usri2_name;
181 uX->usriX_password = u2->usri2_password;
182 uX->usriX_password_age = u2->usri2_password_age;
183 uX->usriX_priv = u2->usri2_priv;
184 uX->usriX_home_dir = u2->usri2_home_dir;
185 uX->usriX_comment = u2->usri2_comment;
186 uX->usriX_flags = u2->usri2_flags;
187 uX->usriX_script_path = u2->usri2_script_path;
188 uX->usriX_auth_flags = u2->usri2_auth_flags;
189 uX->usriX_full_name = u2->usri2_full_name;
190 uX->usriX_usr_comment = u2->usri2_usr_comment;
191 uX->usriX_parms = u2->usri2_parms;
192 uX->usriX_workstations = u2->usri2_workstations;
193 uX->usriX_last_logon = u2->usri2_last_logon;
194 uX->usriX_last_logoff = u2->usri2_last_logoff;
195 uX->usriX_acct_expires = u2->usri2_acct_expires;
196 uX->usriX_max_storage = u2->usri2_max_storage;
197 uX->usriX_units_per_week= u2->usri2_units_per_week;
198 uX->usriX_logon_hours = u2->usri2_logon_hours;
199 uX->usriX_bad_pw_count = u2->usri2_bad_pw_count;
200 uX->usriX_num_logons = u2->usri2_num_logons;
201 uX->usriX_logon_server = u2->usri2_logon_server;
202 uX->usriX_country_code = u2->usri2_country_code;
203 uX->usriX_code_page = u2->usri2_code_page;
206 u3 = (struct USER_INFO_3 *)buffer;
207 uX->usriX_name = u3->usri3_name;
208 uX->usriX_password_age = u3->usri3_password_age;
209 uX->usriX_priv = u3->usri3_priv;
210 uX->usriX_home_dir = u3->usri3_home_dir;
211 uX->usriX_comment = u3->usri3_comment;
212 uX->usriX_flags = u3->usri3_flags;
213 uX->usriX_script_path = u3->usri3_script_path;
214 uX->usriX_auth_flags = u3->usri3_auth_flags;
215 uX->usriX_full_name = u3->usri3_full_name;
216 uX->usriX_usr_comment = u3->usri3_usr_comment;
217 uX->usriX_parms = u3->usri3_parms;
218 uX->usriX_workstations = u3->usri3_workstations;
219 uX->usriX_last_logon = u3->usri3_last_logon;
220 uX->usriX_last_logoff = u3->usri3_last_logoff;
221 uX->usriX_acct_expires = u3->usri3_acct_expires;
222 uX->usriX_max_storage = u3->usri3_max_storage;
223 uX->usriX_units_per_week= u3->usri3_units_per_week;
224 uX->usriX_logon_hours = u3->usri3_logon_hours;
225 uX->usriX_bad_pw_count = u3->usri3_bad_pw_count;
226 uX->usriX_num_logons = u3->usri3_num_logons;
227 uX->usriX_logon_server = u3->usri3_logon_server;
228 uX->usriX_country_code = u3->usri3_country_code;
229 uX->usriX_code_page = u3->usri3_code_page;
230 uX->usriX_user_id = u3->usri3_user_id;
231 uX->usriX_primary_group_id = u3->usri3_primary_group_id;
232 uX->usriX_profile = u3->usri3_profile;
233 uX->usriX_home_dir_drive = u3->usri3_home_dir_drive;
234 uX->usriX_password_expired = u3->usri3_password_expired;
237 u1003 = (struct USER_INFO_1003 *)buffer;
238 uX->usriX_password = u1003->usri1003_password;
241 u1006 = (struct USER_INFO_1006 *)buffer;
242 uX->usriX_home_dir = u1006->usri1006_home_dir;
245 u1007 = (struct USER_INFO_1007 *)buffer;
246 uX->usriX_comment = u1007->usri1007_comment;
249 u1009 = (struct USER_INFO_1009 *)buffer;
250 uX->usriX_script_path = u1009->usri1009_script_path;
253 u1011 = (struct USER_INFO_1011 *)buffer;
254 uX->usriX_full_name = u1011->usri1011_full_name;
257 u1012 = (struct USER_INFO_1012 *)buffer;
258 uX->usriX_usr_comment = u1012->usri1012_usr_comment;
261 u1014 = (struct USER_INFO_1014 *)buffer;
262 uX->usriX_workstations = u1014->usri1014_workstations;
265 u1024 = (struct USER_INFO_1024 *)buffer;
266 uX->usriX_country_code = u1024->usri1024_country_code;
269 u1051 = (struct USER_INFO_1051 *)buffer;
270 uX->usriX_primary_group_id = u1051->usri1051_primary_group_id;
273 u1052 = (struct USER_INFO_1052 *)buffer;
274 uX->usriX_profile = u1052->usri1052_profile;
277 u1053 = (struct USER_INFO_1053 *)buffer;
278 uX->usriX_home_dir_drive = u1053->usri1053_home_dir_drive;
282 return NT_STATUS_INVALID_INFO_CLASS;
288 /****************************************************************
289 ****************************************************************/
291 static NTSTATUS set_user_info_USER_INFO_X(TALLOC_CTX *ctx,
292 struct rpc_pipe_client *pipe_cli,
293 DATA_BLOB *session_key,
294 struct policy_handle *user_handle,
295 struct USER_INFO_X *uX)
297 union samr_UserInfo user_info;
298 struct samr_UserInfo21 info21;
302 return NT_STATUS_INVALID_PARAMETER;
305 convert_USER_INFO_X_to_samr_user_info21(uX, &info21);
307 ZERO_STRUCT(user_info);
309 if (uX->usriX_password) {
311 user_info.info25.info = info21;
313 init_samr_CryptPasswordEx(uX->usriX_password,
315 &user_info.info25.password);
317 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
322 if (NT_STATUS_EQUAL(status, NT_STATUS(DCERPC_FAULT_INVALID_TAG))) {
324 user_info.info23.info = info21;
326 init_samr_CryptPassword(uX->usriX_password,
328 &user_info.info23.password);
330 status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
337 user_info.info21 = info21;
339 status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
348 /****************************************************************
349 ****************************************************************/
351 WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
352 struct NetUserAdd *r)
354 struct rpc_pipe_client *pipe_cli = NULL;
357 struct policy_handle connect_handle, domain_handle, user_handle;
358 struct lsa_String lsa_account_name;
359 struct dom_sid2 *domain_sid = NULL;
360 union samr_UserInfo *user_info = NULL;
361 struct samr_PwInfo pw_info;
362 uint32_t access_granted = 0;
364 struct USER_INFO_X uX;
366 ZERO_STRUCT(connect_handle);
367 ZERO_STRUCT(domain_handle);
368 ZERO_STRUCT(user_handle);
371 return WERR_INVALID_PARAM;
374 switch (r->in.level) {
381 werr = WERR_NOT_SUPPORTED;
385 werr = libnetapi_open_pipe(ctx, r->in.server_name,
386 &ndr_table_samr.syntax_id,
388 if (!W_ERROR_IS_OK(werr)) {
392 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
393 if (!NT_STATUS_IS_OK(status)) {
394 werr = ntstatus_to_werror(status);
398 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
399 SAMR_ACCESS_ENUM_DOMAINS |
400 SAMR_ACCESS_LOOKUP_DOMAIN,
401 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
402 SAMR_DOMAIN_ACCESS_CREATE_USER |
403 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
407 if (!W_ERROR_IS_OK(werr)) {
411 init_lsa_String(&lsa_account_name, uX.usriX_name);
413 status = rpccli_samr_CreateUser2(pipe_cli, ctx,
419 SAMR_USER_ACCESS_SET_PASSWORD |
420 SAMR_USER_ACCESS_SET_ATTRIBUTES |
421 SAMR_USER_ACCESS_GET_ATTRIBUTES,
425 if (!NT_STATUS_IS_OK(status)) {
426 werr = ntstatus_to_werror(status);
430 status = rpccli_samr_QueryUserInfo(pipe_cli, ctx,
434 if (!NT_STATUS_IS_OK(status)) {
435 werr = ntstatus_to_werror(status);
439 if (!(user_info->info16.acct_flags & ACB_NORMAL)) {
440 werr = WERR_INVALID_PARAM;
444 status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx,
447 if (!NT_STATUS_IS_OK(status)) {
448 werr = ntstatus_to_werror(status);
452 uX.usriX_flags |= ACB_NORMAL;
454 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
455 &pipe_cli->auth->user_session_key,
458 if (!NT_STATUS_IS_OK(status)) {
459 werr = ntstatus_to_werror(status);
467 rpccli_samr_DeleteUser(pipe_cli, ctx,
471 if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
472 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
475 if (ctx->disable_policy_handle_cache) {
476 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
477 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
483 /****************************************************************
484 ****************************************************************/
486 WERROR NetUserAdd_l(struct libnetapi_ctx *ctx,
487 struct NetUserAdd *r)
489 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserAdd);
492 /****************************************************************
493 ****************************************************************/
495 WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
496 struct NetUserDel *r)
498 struct rpc_pipe_client *pipe_cli = NULL;
501 struct policy_handle connect_handle, builtin_handle, domain_handle, user_handle;
502 struct lsa_String lsa_account_name;
503 struct samr_Ids user_rids, name_types;
504 struct dom_sid2 *domain_sid = NULL;
505 struct dom_sid2 user_sid;
507 ZERO_STRUCT(connect_handle);
508 ZERO_STRUCT(builtin_handle);
509 ZERO_STRUCT(domain_handle);
510 ZERO_STRUCT(user_handle);
512 werr = libnetapi_open_pipe(ctx, r->in.server_name,
513 &ndr_table_samr.syntax_id,
516 if (!W_ERROR_IS_OK(werr)) {
520 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
521 SAMR_ACCESS_ENUM_DOMAINS |
522 SAMR_ACCESS_LOOKUP_DOMAIN,
523 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
527 if (!W_ERROR_IS_OK(werr)) {
531 status = rpccli_samr_OpenDomain(pipe_cli, ctx,
533 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
534 CONST_DISCARD(DOM_SID *, &global_sid_Builtin),
536 if (!NT_STATUS_IS_OK(status)) {
537 werr = ntstatus_to_werror(status);
541 init_lsa_String(&lsa_account_name, r->in.user_name);
543 status = rpccli_samr_LookupNames(pipe_cli, ctx,
549 if (!NT_STATUS_IS_OK(status)) {
550 werr = ntstatus_to_werror(status);
554 status = rpccli_samr_OpenUser(pipe_cli, ctx,
559 if (!NT_STATUS_IS_OK(status)) {
560 werr = ntstatus_to_werror(status);
564 sid_compose(&user_sid, domain_sid, user_rids.ids[0]);
566 status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx,
569 if (!NT_STATUS_IS_OK(status)) {
570 werr = ntstatus_to_werror(status);
574 status = rpccli_samr_DeleteUser(pipe_cli, ctx,
576 if (!NT_STATUS_IS_OK(status)) {
577 werr = ntstatus_to_werror(status);
584 if (is_valid_policy_hnd(&user_handle)) {
585 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
588 if (ctx->disable_policy_handle_cache) {
589 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
590 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
591 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
597 /****************************************************************
598 ****************************************************************/
600 WERROR NetUserDel_l(struct libnetapi_ctx *ctx,
601 struct NetUserDel *r)
603 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserDel);
606 /****************************************************************
607 ****************************************************************/
609 static NTSTATUS libnetapi_samr_lookup_user(TALLOC_CTX *mem_ctx,
610 struct rpc_pipe_client *pipe_cli,
611 struct policy_handle *domain_handle,
612 struct policy_handle *builtin_handle,
613 const char *user_name,
614 const struct dom_sid *domain_sid,
617 struct samr_UserInfo21 **info21,
618 struct sec_desc_buf **sec_desc,
619 uint32_t *auth_flag_p)
623 struct policy_handle user_handle;
624 union samr_UserInfo *user_info = NULL;
625 struct samr_RidWithAttributeArray *rid_array = NULL;
626 uint32_t access_mask = SEC_STD_READ_CONTROL |
627 SAMR_USER_ACCESS_GET_ATTRIBUTES |
628 SAMR_USER_ACCESS_GET_NAME_ETC;
630 ZERO_STRUCT(user_handle);
636 access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO |
637 SAMR_USER_ACCESS_GET_GROUPS;
643 access_mask |= SAMR_USER_ACCESS_GET_LOGONINFO |
644 SAMR_USER_ACCESS_GET_GROUPS |
645 SAMR_USER_ACCESS_GET_LOCALE;
652 return NT_STATUS_INVALID_LEVEL;
659 status = rpccli_samr_OpenUser(pipe_cli, mem_ctx,
664 if (!NT_STATUS_IS_OK(status)) {
668 status = rpccli_samr_QueryUserInfo(pipe_cli, mem_ctx,
672 if (!NT_STATUS_IS_OK(status)) {
676 status = rpccli_samr_QuerySecurity(pipe_cli, mem_ctx,
680 if (!NT_STATUS_IS_OK(status)) {
684 if (access_mask & SAMR_USER_ACCESS_GET_GROUPS) {
686 struct lsa_SidArray sid_array;
687 struct samr_Ids alias_rids;
689 uint32_t auth_flag = 0;
692 status = rpccli_samr_GetGroupsForUser(pipe_cli, mem_ctx,
695 if (!NT_STATUS_IS_OK(status)) {
699 sid_array.num_sids = rid_array->count + 1;
700 sid_array.sids = talloc_array(mem_ctx, struct lsa_SidPtr,
702 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids);
704 for (i=0; i<rid_array->count; i++) {
705 sid_compose(&sid, domain_sid, rid_array->rids[i].rid);
706 sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
707 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
710 sid_compose(&sid, domain_sid, rid);
711 sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sid);
712 NT_STATUS_HAVE_NO_MEMORY(sid_array.sids[i].sid);
714 status = rpccli_samr_GetAliasMembership(pipe_cli, mem_ctx,
718 if (!NT_STATUS_IS_OK(status)) {
722 for (i=0; i<alias_rids.count; i++) {
723 switch (alias_rids.ids[i]) {
724 case 550: /* Print Operators */
725 auth_flag |= AF_OP_PRINT;
727 case 549: /* Server Operators */
728 auth_flag |= AF_OP_SERVER;
730 case 548: /* Account Operators */
731 auth_flag |= AF_OP_ACCOUNTS;
739 *auth_flag_p = auth_flag;
743 *info21 = &user_info->info21;
746 if (is_valid_policy_hnd(&user_handle)) {
747 rpccli_samr_Close(pipe_cli, mem_ctx, &user_handle);
753 /****************************************************************
754 ****************************************************************/
756 static uint32_t samr_rid_to_priv_level(uint32_t rid)
759 case DOMAIN_RID_ADMINISTRATOR:
760 return USER_PRIV_ADMIN;
761 case DOMAIN_RID_GUEST:
762 return USER_PRIV_GUEST;
764 return USER_PRIV_USER;
768 /****************************************************************
769 ****************************************************************/
771 static uint32_t samr_acb_flags_to_netapi_flags(uint32_t acb)
773 uint32_t fl = UF_SCRIPT; /* god knows why */
775 fl |= ds_acb2uf(acb);
780 /****************************************************************
781 ****************************************************************/
783 static NTSTATUS info21_to_USER_INFO_1(TALLOC_CTX *mem_ctx,
784 const struct samr_UserInfo21 *i21,
785 struct USER_INFO_1 *i)
788 i->usri1_name = talloc_strdup(mem_ctx, i21->account_name.string);
789 NT_STATUS_HAVE_NO_MEMORY(i->usri1_name);
790 i->usri1_password = NULL;
791 i->usri1_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
792 i->usri1_priv = samr_rid_to_priv_level(i21->rid);
793 i->usri1_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
794 i->usri1_comment = talloc_strdup(mem_ctx, i21->description.string);
795 i->usri1_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
796 i->usri1_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
801 /****************************************************************
802 ****************************************************************/
804 static NTSTATUS info21_to_USER_INFO_2(TALLOC_CTX *mem_ctx,
805 const struct samr_UserInfo21 *i21,
807 struct USER_INFO_2 *i)
811 i->usri2_name = talloc_strdup(mem_ctx, i21->account_name.string);
812 NT_STATUS_HAVE_NO_MEMORY(i->usri2_name);
813 i->usri2_password = NULL;
814 i->usri2_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
815 i->usri2_priv = samr_rid_to_priv_level(i21->rid);
816 i->usri2_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
817 i->usri2_comment = talloc_strdup(mem_ctx, i21->description.string);
818 i->usri2_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
819 i->usri2_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
820 i->usri2_auth_flags = auth_flag;
821 i->usri2_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
822 i->usri2_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
823 i->usri2_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
824 i->usri2_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
825 i->usri2_last_logon = nt_time_to_unix(i21->last_logon);
826 i->usri2_last_logoff = nt_time_to_unix(i21->last_logoff);
827 i->usri2_acct_expires = nt_time_to_unix(i21->acct_expiry);
828 i->usri2_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
829 i->usri2_units_per_week = i21->logon_hours.units_per_week;
830 i->usri2_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
831 i->usri2_bad_pw_count = i21->bad_password_count;
832 i->usri2_num_logons = i21->logon_count;
833 i->usri2_logon_server = talloc_strdup(mem_ctx, "\\\\*");
834 i->usri2_country_code = i21->country_code;
835 i->usri2_code_page = i21->code_page;
840 /****************************************************************
841 ****************************************************************/
843 static NTSTATUS info21_to_USER_INFO_3(TALLOC_CTX *mem_ctx,
844 const struct samr_UserInfo21 *i21,
846 struct USER_INFO_3 *i)
850 i->usri3_name = talloc_strdup(mem_ctx, i21->account_name.string);
851 NT_STATUS_HAVE_NO_MEMORY(i->usri3_name);
852 i->usri3_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
853 i->usri3_priv = samr_rid_to_priv_level(i21->rid);
854 i->usri3_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
855 i->usri3_comment = talloc_strdup(mem_ctx, i21->description.string);
856 i->usri3_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
857 i->usri3_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
858 i->usri3_auth_flags = auth_flag;
859 i->usri3_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
860 i->usri3_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
861 i->usri3_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
862 i->usri3_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
863 i->usri3_last_logon = nt_time_to_unix(i21->last_logon);
864 i->usri3_last_logoff = nt_time_to_unix(i21->last_logoff);
865 i->usri3_acct_expires = nt_time_to_unix(i21->acct_expiry);
866 i->usri3_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
867 i->usri3_units_per_week = i21->logon_hours.units_per_week;
868 i->usri3_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
869 i->usri3_bad_pw_count = i21->bad_password_count;
870 i->usri3_num_logons = i21->logon_count;
871 i->usri3_logon_server = talloc_strdup(mem_ctx, "\\\\*");
872 i->usri3_country_code = i21->country_code;
873 i->usri3_code_page = i21->code_page;
874 i->usri3_user_id = i21->rid;
875 i->usri3_primary_group_id = i21->primary_gid;
876 i->usri3_profile = talloc_strdup(mem_ctx, i21->profile_path.string);
877 i->usri3_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
878 i->usri3_password_expired = i21->password_expired;
883 /****************************************************************
884 ****************************************************************/
886 static NTSTATUS info21_to_USER_INFO_4(TALLOC_CTX *mem_ctx,
887 const struct samr_UserInfo21 *i21,
889 struct dom_sid *domain_sid,
890 struct USER_INFO_4 *i)
896 i->usri4_name = talloc_strdup(mem_ctx, i21->account_name.string);
897 NT_STATUS_HAVE_NO_MEMORY(i->usri4_name);
898 i->usri4_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
899 i->usri4_password = NULL;
900 i->usri4_priv = samr_rid_to_priv_level(i21->rid);
901 i->usri4_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
902 i->usri4_comment = talloc_strdup(mem_ctx, i21->description.string);
903 i->usri4_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
904 i->usri4_script_path = talloc_strdup(mem_ctx, i21->logon_script.string);
905 i->usri4_auth_flags = auth_flag;
906 i->usri4_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
907 i->usri4_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
908 i->usri4_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
909 i->usri4_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
910 i->usri4_last_logon = nt_time_to_unix(i21->last_logon);
911 i->usri4_last_logoff = nt_time_to_unix(i21->last_logoff);
912 i->usri4_acct_expires = nt_time_to_unix(i21->acct_expiry);
913 i->usri4_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
914 i->usri4_units_per_week = i21->logon_hours.units_per_week;
915 i->usri4_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
916 i->usri4_bad_pw_count = i21->bad_password_count;
917 i->usri4_num_logons = i21->logon_count;
918 i->usri4_logon_server = talloc_strdup(mem_ctx, "\\\\*");
919 i->usri4_country_code = i21->country_code;
920 i->usri4_code_page = i21->code_page;
921 if (!sid_compose(&sid, domain_sid, i21->rid)) {
922 return NT_STATUS_NO_MEMORY;
924 i->usri4_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
925 i->usri4_primary_group_id = i21->primary_gid;
926 i->usri4_profile = talloc_strdup(mem_ctx, i21->profile_path.string);
927 i->usri4_home_dir_drive = talloc_strdup(mem_ctx, i21->home_drive.string);
928 i->usri4_password_expired = i21->password_expired;
933 /****************************************************************
934 ****************************************************************/
936 static NTSTATUS info21_to_USER_INFO_10(TALLOC_CTX *mem_ctx,
937 const struct samr_UserInfo21 *i21,
938 struct USER_INFO_10 *i)
942 i->usri10_name = talloc_strdup(mem_ctx, i21->account_name.string);
943 NT_STATUS_HAVE_NO_MEMORY(i->usri10_name);
944 i->usri10_comment = talloc_strdup(mem_ctx, i21->description.string);
945 i->usri10_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
946 i->usri10_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
951 /****************************************************************
952 ****************************************************************/
954 static NTSTATUS info21_to_USER_INFO_11(TALLOC_CTX *mem_ctx,
955 const struct samr_UserInfo21 *i21,
957 struct USER_INFO_11 *i)
961 i->usri11_name = talloc_strdup(mem_ctx, i21->account_name.string);
962 NT_STATUS_HAVE_NO_MEMORY(i->usri11_name);
963 i->usri11_comment = talloc_strdup(mem_ctx, i21->description.string);
964 i->usri11_usr_comment = talloc_strdup(mem_ctx, i21->comment.string);
965 i->usri11_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
966 i->usri11_priv = samr_rid_to_priv_level(i21->rid);
967 i->usri11_auth_flags = auth_flag;
968 i->usri11_password_age = time(NULL) - nt_time_to_unix(i21->last_password_change);
969 i->usri11_home_dir = talloc_strdup(mem_ctx, i21->home_directory.string);
970 i->usri11_parms = talloc_strndup(mem_ctx, (const char *)i21->parameters.array, i21->parameters.size/2);
971 i->usri11_last_logon = nt_time_to_unix(i21->last_logon);
972 i->usri11_last_logoff = nt_time_to_unix(i21->last_logoff);
973 i->usri11_bad_pw_count = i21->bad_password_count;
974 i->usri11_num_logons = i21->logon_count;
975 i->usri11_logon_server = talloc_strdup(mem_ctx, "\\\\*");
976 i->usri11_country_code = i21->country_code;
977 i->usri11_workstations = talloc_strdup(mem_ctx, i21->workstations.string);
978 i->usri11_max_storage = USER_MAXSTORAGE_UNLIMITED; /* FIXME */
979 i->usri11_units_per_week = i21->logon_hours.units_per_week;
980 i->usri11_logon_hours = (uint8_t *)talloc_memdup(mem_ctx, i21->logon_hours.bits, 21);
981 i->usri11_code_page = i21->code_page;
986 /****************************************************************
987 ****************************************************************/
989 static NTSTATUS info21_to_USER_INFO_20(TALLOC_CTX *mem_ctx,
990 const struct samr_UserInfo21 *i21,
991 struct USER_INFO_20 *i)
995 i->usri20_name = talloc_strdup(mem_ctx, i21->account_name.string);
996 NT_STATUS_HAVE_NO_MEMORY(i->usri20_name);
997 i->usri20_comment = talloc_strdup(mem_ctx, i21->description.string);
998 i->usri20_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
999 i->usri20_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
1000 i->usri20_user_id = i21->rid;
1002 return NT_STATUS_OK;
1005 /****************************************************************
1006 ****************************************************************/
1008 static NTSTATUS info21_to_USER_INFO_23(TALLOC_CTX *mem_ctx,
1009 const struct samr_UserInfo21 *i21,
1010 struct dom_sid *domain_sid,
1011 struct USER_INFO_23 *i)
1017 i->usri23_name = talloc_strdup(mem_ctx, i21->account_name.string);
1018 NT_STATUS_HAVE_NO_MEMORY(i->usri23_name);
1019 i->usri23_comment = talloc_strdup(mem_ctx, i21->description.string);
1020 i->usri23_full_name = talloc_strdup(mem_ctx, i21->full_name.string);
1021 i->usri23_flags = samr_acb_flags_to_netapi_flags(i21->acct_flags);
1022 if (!sid_compose(&sid, domain_sid, i21->rid)) {
1023 return NT_STATUS_NO_MEMORY;
1025 i->usri23_user_sid = (struct domsid *)sid_dup_talloc(mem_ctx, &sid);
1027 return NT_STATUS_OK;
1030 /****************************************************************
1031 ****************************************************************/
1033 static NTSTATUS libnetapi_samr_lookup_user_map_USER_INFO(TALLOC_CTX *mem_ctx,
1034 struct rpc_pipe_client *pipe_cli,
1035 struct dom_sid *domain_sid,
1036 struct policy_handle *domain_handle,
1037 struct policy_handle *builtin_handle,
1038 const char *user_name,
1042 uint32_t *num_entries)
1046 struct samr_UserInfo21 *info21 = NULL;
1047 struct sec_desc_buf *sec_desc = NULL;
1048 uint32_t auth_flag = 0;
1050 struct USER_INFO_0 info0;
1051 struct USER_INFO_1 info1;
1052 struct USER_INFO_2 info2;
1053 struct USER_INFO_3 info3;
1054 struct USER_INFO_4 info4;
1055 struct USER_INFO_10 info10;
1056 struct USER_INFO_11 info11;
1057 struct USER_INFO_20 info20;
1058 struct USER_INFO_23 info23;
1072 return NT_STATUS_INVALID_LEVEL;
1076 info0.usri0_name = talloc_strdup(mem_ctx, user_name);
1077 NT_STATUS_HAVE_NO_MEMORY(info0.usri0_name);
1079 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_0, info0,
1080 (struct USER_INFO_0 **)buffer, num_entries);
1082 return NT_STATUS_OK;
1085 status = libnetapi_samr_lookup_user(mem_ctx, pipe_cli,
1096 if (!NT_STATUS_IS_OK(status)) {
1102 /* already returned above */
1105 status = info21_to_USER_INFO_1(mem_ctx, info21, &info1);
1106 NT_STATUS_NOT_OK_RETURN(status);
1108 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_1, info1,
1109 (struct USER_INFO_1 **)buffer, num_entries);
1113 status = info21_to_USER_INFO_2(mem_ctx, info21, auth_flag, &info2);
1114 NT_STATUS_NOT_OK_RETURN(status);
1116 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_2, info2,
1117 (struct USER_INFO_2 **)buffer, num_entries);
1121 status = info21_to_USER_INFO_3(mem_ctx, info21, auth_flag, &info3);
1122 NT_STATUS_NOT_OK_RETURN(status);
1124 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_3, info3,
1125 (struct USER_INFO_3 **)buffer, num_entries);
1129 status = info21_to_USER_INFO_4(mem_ctx, info21, auth_flag, domain_sid, &info4);
1130 NT_STATUS_NOT_OK_RETURN(status);
1132 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_4, info4,
1133 (struct USER_INFO_4 **)buffer, num_entries);
1137 status = info21_to_USER_INFO_10(mem_ctx, info21, &info10);
1138 NT_STATUS_NOT_OK_RETURN(status);
1140 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_10, info10,
1141 (struct USER_INFO_10 **)buffer, num_entries);
1145 status = info21_to_USER_INFO_11(mem_ctx, info21, auth_flag, &info11);
1146 NT_STATUS_NOT_OK_RETURN(status);
1148 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_11, info11,
1149 (struct USER_INFO_11 **)buffer, num_entries);
1153 status = info21_to_USER_INFO_20(mem_ctx, info21, &info20);
1154 NT_STATUS_NOT_OK_RETURN(status);
1156 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_20, info20,
1157 (struct USER_INFO_20 **)buffer, num_entries);
1161 status = info21_to_USER_INFO_23(mem_ctx, info21, domain_sid, &info23);
1162 NT_STATUS_NOT_OK_RETURN(status);
1164 ADD_TO_ARRAY(mem_ctx, struct USER_INFO_23, info23,
1165 (struct USER_INFO_23 **)buffer, num_entries);
1168 return NT_STATUS_INVALID_LEVEL;
1175 /****************************************************************
1176 ****************************************************************/
1178 WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
1179 struct NetUserEnum *r)
1181 struct rpc_pipe_client *pipe_cli = NULL;
1182 struct policy_handle connect_handle;
1183 struct dom_sid2 *domain_sid = NULL;
1184 struct policy_handle domain_handle, builtin_handle;
1185 struct samr_SamArray *sam = NULL;
1186 uint32_t filter = ACB_NORMAL;
1188 uint32_t entries_read = 0;
1190 NTSTATUS status = NT_STATUS_OK;
1193 ZERO_STRUCT(connect_handle);
1194 ZERO_STRUCT(domain_handle);
1195 ZERO_STRUCT(builtin_handle);
1197 if (!r->out.buffer) {
1198 return WERR_INVALID_PARAM;
1201 *r->out.buffer = NULL;
1202 *r->out.entries_read = 0;
1204 switch (r->in.level) {
1216 return WERR_UNKNOWN_LEVEL;
1219 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1220 &ndr_table_samr.syntax_id,
1222 if (!W_ERROR_IS_OK(werr)) {
1226 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1227 SAMR_ACCESS_ENUM_DOMAINS |
1228 SAMR_ACCESS_LOOKUP_DOMAIN,
1229 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1230 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1233 if (!W_ERROR_IS_OK(werr)) {
1237 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1238 SAMR_ACCESS_ENUM_DOMAINS |
1239 SAMR_ACCESS_LOOKUP_DOMAIN,
1240 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1241 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1242 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1246 if (!W_ERROR_IS_OK(werr)) {
1250 switch (r->in.filter) {
1251 case FILTER_NORMAL_ACCOUNT:
1252 filter = ACB_NORMAL;
1254 case FILTER_TEMP_DUPLICATE_ACCOUNT:
1255 filter = ACB_TEMPDUP;
1257 case FILTER_INTERDOMAIN_TRUST_ACCOUNT:
1258 filter = ACB_DOMTRUST;
1260 case FILTER_WORKSTATION_TRUST_ACCOUNT:
1261 filter = ACB_WSTRUST;
1263 case FILTER_SERVER_TRUST_ACCOUNT:
1264 filter = ACB_SVRTRUST;
1270 status = rpccli_samr_EnumDomainUsers(pipe_cli,
1273 r->in.resume_handle,
1278 werr = ntstatus_to_werror(status);
1279 if (NT_STATUS_IS_ERR(status)) {
1283 for (i=0; i < sam->count; i++) {
1285 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1289 sam->entries[i].name.string,
1290 sam->entries[i].idx,
1293 r->out.entries_read);
1294 if (!NT_STATUS_IS_OK(status)) {
1295 werr = ntstatus_to_werror(status);
1302 if (NT_STATUS_IS_OK(status) ||
1303 NT_STATUS_IS_ERR(status)) {
1305 if (ctx->disable_policy_handle_cache) {
1306 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1307 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1308 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1315 /****************************************************************
1316 ****************************************************************/
1318 WERROR NetUserEnum_l(struct libnetapi_ctx *ctx,
1319 struct NetUserEnum *r)
1321 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserEnum);
1324 /****************************************************************
1325 ****************************************************************/
1327 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx,
1328 struct samr_DispInfoGeneral *info,
1329 uint32_t *entries_read,
1332 struct NET_DISPLAY_USER *user = NULL;
1335 user = TALLOC_ZERO_ARRAY(mem_ctx,
1336 struct NET_DISPLAY_USER,
1338 W_ERROR_HAVE_NO_MEMORY(user);
1340 for (i = 0; i < info->count; i++) {
1341 user[i].usri1_name = talloc_strdup(mem_ctx,
1342 info->entries[i].account_name.string);
1343 user[i].usri1_comment = talloc_strdup(mem_ctx,
1344 info->entries[i].description.string);
1345 user[i].usri1_flags =
1346 info->entries[i].acct_flags;
1347 user[i].usri1_full_name = talloc_strdup(mem_ctx,
1348 info->entries[i].full_name.string);
1349 user[i].usri1_user_id =
1350 info->entries[i].rid;
1351 user[i].usri1_next_index =
1352 info->entries[i].idx;
1354 if (!user[i].usri1_name) {
1359 *buffer = talloc_memdup(mem_ctx, user,
1360 sizeof(struct NET_DISPLAY_USER) * info->count);
1361 W_ERROR_HAVE_NO_MEMORY(*buffer);
1363 *entries_read = info->count;
1368 /****************************************************************
1369 ****************************************************************/
1371 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx,
1372 struct samr_DispInfoFull *info,
1373 uint32_t *entries_read,
1376 struct NET_DISPLAY_MACHINE *machine = NULL;
1379 machine = TALLOC_ZERO_ARRAY(mem_ctx,
1380 struct NET_DISPLAY_MACHINE,
1382 W_ERROR_HAVE_NO_MEMORY(machine);
1384 for (i = 0; i < info->count; i++) {
1385 machine[i].usri2_name = talloc_strdup(mem_ctx,
1386 info->entries[i].account_name.string);
1387 machine[i].usri2_comment = talloc_strdup(mem_ctx,
1388 info->entries[i].description.string);
1389 machine[i].usri2_flags =
1390 info->entries[i].acct_flags;
1391 machine[i].usri2_user_id =
1392 info->entries[i].rid;
1393 machine[i].usri2_next_index =
1394 info->entries[i].idx;
1396 if (!machine[i].usri2_name) {
1401 *buffer = talloc_memdup(mem_ctx, machine,
1402 sizeof(struct NET_DISPLAY_MACHINE) * info->count);
1403 W_ERROR_HAVE_NO_MEMORY(*buffer);
1405 *entries_read = info->count;
1410 /****************************************************************
1411 ****************************************************************/
1413 static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx,
1414 struct samr_DispInfoFullGroups *info,
1415 uint32_t *entries_read,
1418 struct NET_DISPLAY_GROUP *group = NULL;
1421 group = TALLOC_ZERO_ARRAY(mem_ctx,
1422 struct NET_DISPLAY_GROUP,
1424 W_ERROR_HAVE_NO_MEMORY(group);
1426 for (i = 0; i < info->count; i++) {
1427 group[i].grpi3_name = talloc_strdup(mem_ctx,
1428 info->entries[i].account_name.string);
1429 group[i].grpi3_comment = talloc_strdup(mem_ctx,
1430 info->entries[i].description.string);
1431 group[i].grpi3_group_id =
1432 info->entries[i].rid;
1433 group[i].grpi3_attributes =
1434 info->entries[i].acct_flags;
1435 group[i].grpi3_next_index =
1436 info->entries[i].idx;
1438 if (!group[i].grpi3_name) {
1443 *buffer = talloc_memdup(mem_ctx, group,
1444 sizeof(struct NET_DISPLAY_GROUP) * info->count);
1445 W_ERROR_HAVE_NO_MEMORY(*buffer);
1447 *entries_read = info->count;
1453 /****************************************************************
1454 ****************************************************************/
1456 static WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx,
1457 union samr_DispInfo *info,
1459 uint32_t *entries_read,
1464 return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx,
1469 return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx,
1474 return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx,
1482 return WERR_UNKNOWN_LEVEL;
1485 /****************************************************************
1486 ****************************************************************/
1488 WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
1489 struct NetQueryDisplayInformation *r)
1491 struct rpc_pipe_client *pipe_cli = NULL;
1492 struct policy_handle connect_handle;
1493 struct dom_sid2 *domain_sid = NULL;
1494 struct policy_handle domain_handle;
1495 union samr_DispInfo info;
1497 uint32_t total_size = 0;
1498 uint32_t returned_size = 0;
1500 NTSTATUS status = NT_STATUS_OK;
1504 *r->out.entries_read = 0;
1506 ZERO_STRUCT(connect_handle);
1507 ZERO_STRUCT(domain_handle);
1509 switch (r->in.level) {
1515 return WERR_UNKNOWN_LEVEL;
1518 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1519 &ndr_table_samr.syntax_id,
1521 if (!W_ERROR_IS_OK(werr)) {
1525 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1526 SAMR_ACCESS_ENUM_DOMAINS |
1527 SAMR_ACCESS_LOOKUP_DOMAIN,
1528 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
1529 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
1530 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1534 if (!W_ERROR_IS_OK(werr)) {
1538 status = rpccli_samr_QueryDisplayInfo2(pipe_cli,
1543 r->in.entries_requested,
1548 werr = ntstatus_to_werror(status);
1549 if (NT_STATUS_IS_ERR(status)) {
1553 werr_tmp = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
1555 r->out.entries_read,
1557 if (!W_ERROR_IS_OK(werr_tmp)) {
1562 if (NT_STATUS_IS_OK(status) ||
1563 NT_STATUS_IS_ERR(status)) {
1565 if (ctx->disable_policy_handle_cache) {
1566 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1567 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1575 /****************************************************************
1576 ****************************************************************/
1579 WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx,
1580 struct NetQueryDisplayInformation *r)
1582 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetQueryDisplayInformation);
1585 /****************************************************************
1586 ****************************************************************/
1588 WERROR NetUserChangePassword_r(struct libnetapi_ctx *ctx,
1589 struct NetUserChangePassword *r)
1591 return WERR_NOT_SUPPORTED;
1594 /****************************************************************
1595 ****************************************************************/
1597 WERROR NetUserChangePassword_l(struct libnetapi_ctx *ctx,
1598 struct NetUserChangePassword *r)
1600 return WERR_NOT_SUPPORTED;
1603 /****************************************************************
1604 ****************************************************************/
1606 WERROR NetUserGetInfo_r(struct libnetapi_ctx *ctx,
1607 struct NetUserGetInfo *r)
1609 struct rpc_pipe_client *pipe_cli = NULL;
1613 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1614 struct lsa_String lsa_account_name;
1615 struct dom_sid2 *domain_sid = NULL;
1616 struct samr_Ids user_rids, name_types;
1617 uint32_t num_entries = 0;
1619 ZERO_STRUCT(connect_handle);
1620 ZERO_STRUCT(domain_handle);
1621 ZERO_STRUCT(builtin_handle);
1622 ZERO_STRUCT(user_handle);
1624 if (!r->out.buffer) {
1625 return WERR_INVALID_PARAM;
1628 switch (r->in.level) {
1640 werr = WERR_UNKNOWN_LEVEL;
1644 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1645 &ndr_table_samr.syntax_id,
1647 if (!W_ERROR_IS_OK(werr)) {
1651 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1652 SAMR_ACCESS_ENUM_DOMAINS |
1653 SAMR_ACCESS_LOOKUP_DOMAIN,
1654 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1658 if (!W_ERROR_IS_OK(werr)) {
1662 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1663 SAMR_ACCESS_ENUM_DOMAINS |
1664 SAMR_ACCESS_LOOKUP_DOMAIN,
1665 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1666 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1669 if (!W_ERROR_IS_OK(werr)) {
1673 init_lsa_String(&lsa_account_name, r->in.user_name);
1675 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1681 if (!NT_STATUS_IS_OK(status)) {
1682 werr = ntstatus_to_werror(status);
1686 status = libnetapi_samr_lookup_user_map_USER_INFO(ctx, pipe_cli,
1695 if (!NT_STATUS_IS_OK(status)) {
1696 werr = ntstatus_to_werror(status);
1701 if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
1702 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1705 if (ctx->disable_policy_handle_cache) {
1706 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1707 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1713 /****************************************************************
1714 ****************************************************************/
1716 WERROR NetUserGetInfo_l(struct libnetapi_ctx *ctx,
1717 struct NetUserGetInfo *r)
1719 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetInfo);
1722 /****************************************************************
1723 ****************************************************************/
1725 WERROR NetUserSetInfo_r(struct libnetapi_ctx *ctx,
1726 struct NetUserSetInfo *r)
1728 struct rpc_pipe_client *pipe_cli = NULL;
1732 struct policy_handle connect_handle, domain_handle, builtin_handle, user_handle;
1733 struct lsa_String lsa_account_name;
1734 struct dom_sid2 *domain_sid = NULL;
1735 struct samr_Ids user_rids, name_types;
1736 uint32_t user_mask = 0;
1738 struct USER_INFO_X uX;
1740 ZERO_STRUCT(connect_handle);
1741 ZERO_STRUCT(domain_handle);
1742 ZERO_STRUCT(builtin_handle);
1743 ZERO_STRUCT(user_handle);
1745 if (!r->in.buffer) {
1746 return WERR_INVALID_PARAM;
1749 switch (r->in.level) {
1751 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES;
1754 user_mask = SAMR_USER_ACCESS_SET_PASSWORD;
1763 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES;
1767 user_mask = SAMR_USER_ACCESS_SET_LOC_COM;
1769 user_mask = SAMR_USER_ACCESS_SET_ATTRIBUTES |
1770 SAMR_USER_ACCESS_GET_GROUPS;
1773 user_mask = STD_RIGHT_READ_CONTROL_ACCESS |
1774 STD_RIGHT_WRITE_DAC_ACCESS |
1775 SAMR_USER_ACCESS_GET_GROUPS |
1776 SAMR_USER_ACCESS_SET_PASSWORD |
1777 SAMR_USER_ACCESS_SET_ATTRIBUTES |
1778 SAMR_USER_ACCESS_GET_ATTRIBUTES |
1779 SAMR_USER_ACCESS_SET_LOC_COM;
1791 werr = WERR_NOT_SUPPORTED;
1794 werr = WERR_UNKNOWN_LEVEL;
1798 werr = libnetapi_open_pipe(ctx, r->in.server_name,
1799 &ndr_table_samr.syntax_id,
1801 if (!W_ERROR_IS_OK(werr)) {
1805 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
1806 SAMR_ACCESS_ENUM_DOMAINS |
1807 SAMR_ACCESS_LOOKUP_DOMAIN,
1808 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
1809 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
1813 if (!W_ERROR_IS_OK(werr)) {
1817 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
1818 SAMR_ACCESS_ENUM_DOMAINS |
1819 SAMR_ACCESS_LOOKUP_DOMAIN,
1820 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
1821 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
1824 if (!W_ERROR_IS_OK(werr)) {
1828 init_lsa_String(&lsa_account_name, r->in.user_name);
1830 status = rpccli_samr_LookupNames(pipe_cli, ctx,
1836 if (!NT_STATUS_IS_OK(status)) {
1837 werr = ntstatus_to_werror(status);
1841 status = rpccli_samr_OpenUser(pipe_cli, ctx,
1846 if (!NT_STATUS_IS_OK(status)) {
1847 werr = ntstatus_to_werror(status);
1851 status = construct_USER_INFO_X(r->in.level, r->in.buffer, &uX);
1852 if (!NT_STATUS_IS_OK(status)) {
1853 werr = ntstatus_to_werror(status);
1857 status = set_user_info_USER_INFO_X(ctx, pipe_cli,
1858 &pipe_cli->auth->user_session_key,
1861 if (!NT_STATUS_IS_OK(status)) {
1862 werr = ntstatus_to_werror(status);
1869 if (is_valid_policy_hnd(&user_handle) && pipe_cli) {
1870 rpccli_samr_Close(pipe_cli, ctx, &user_handle);
1873 if (ctx->disable_policy_handle_cache) {
1874 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
1875 libnetapi_samr_close_builtin_handle(ctx, &builtin_handle);
1876 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
1882 /****************************************************************
1883 ****************************************************************/
1885 WERROR NetUserSetInfo_l(struct libnetapi_ctx *ctx,
1886 struct NetUserSetInfo *r)
1888 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetInfo);
1891 /****************************************************************
1892 ****************************************************************/
1894 static NTSTATUS query_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
1895 struct rpc_pipe_client *pipe_cli,
1896 struct policy_handle *domain_handle,
1897 struct samr_DomInfo1 *info1,
1898 struct samr_DomInfo3 *info3,
1899 struct samr_DomInfo5 *info5,
1900 struct samr_DomInfo6 *info6,
1901 struct samr_DomInfo7 *info7,
1902 struct samr_DomInfo12 *info12)
1905 union samr_DomainInfo *dom_info = NULL;
1908 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1912 NT_STATUS_NOT_OK_RETURN(status);
1914 *info1 = dom_info->info1;
1918 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1922 NT_STATUS_NOT_OK_RETURN(status);
1924 *info3 = dom_info->info3;
1928 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1932 NT_STATUS_NOT_OK_RETURN(status);
1934 *info5 = dom_info->info5;
1938 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1942 NT_STATUS_NOT_OK_RETURN(status);
1944 *info6 = dom_info->info6;
1948 status = rpccli_samr_QueryDomainInfo(pipe_cli, mem_ctx,
1952 NT_STATUS_NOT_OK_RETURN(status);
1954 *info7 = dom_info->info7;
1958 status = rpccli_samr_QueryDomainInfo2(pipe_cli, mem_ctx,
1962 NT_STATUS_NOT_OK_RETURN(status);
1964 *info12 = dom_info->info12;
1967 return NT_STATUS_OK;
1970 /****************************************************************
1971 ****************************************************************/
1973 static NTSTATUS query_USER_MODALS_INFO_0(TALLOC_CTX *mem_ctx,
1974 struct rpc_pipe_client *pipe_cli,
1975 struct policy_handle *domain_handle,
1976 struct USER_MODALS_INFO_0 *info0)
1979 struct samr_DomInfo1 dom_info1;
1980 struct samr_DomInfo3 dom_info3;
1982 ZERO_STRUCTP(info0);
1984 status = query_USER_MODALS_INFO_rpc(mem_ctx,
1993 NT_STATUS_NOT_OK_RETURN(status);
1995 info0->usrmod0_min_passwd_len =
1996 dom_info1.min_password_length;
1997 info0->usrmod0_max_passwd_age =
1998 nt_time_to_unix_abs((NTTIME *)&dom_info1.max_password_age);
1999 info0->usrmod0_min_passwd_age =
2000 nt_time_to_unix_abs((NTTIME *)&dom_info1.min_password_age);
2001 info0->usrmod0_password_hist_len =
2002 dom_info1.password_history_length;
2004 info0->usrmod0_force_logoff =
2005 nt_time_to_unix_abs(&dom_info3.force_logoff_time);
2007 return NT_STATUS_OK;
2010 /****************************************************************
2011 ****************************************************************/
2013 static NTSTATUS query_USER_MODALS_INFO_1(TALLOC_CTX *mem_ctx,
2014 struct rpc_pipe_client *pipe_cli,
2015 struct policy_handle *domain_handle,
2016 struct USER_MODALS_INFO_1 *info1)
2019 struct samr_DomInfo6 dom_info6;
2020 struct samr_DomInfo7 dom_info7;
2022 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2031 NT_STATUS_NOT_OK_RETURN(status);
2033 info1->usrmod1_primary =
2034 talloc_strdup(mem_ctx, dom_info6.primary.string);
2036 info1->usrmod1_role = dom_info7.role;
2038 return NT_STATUS_OK;
2041 /****************************************************************
2042 ****************************************************************/
2044 static NTSTATUS query_USER_MODALS_INFO_2(TALLOC_CTX *mem_ctx,
2045 struct rpc_pipe_client *pipe_cli,
2046 struct policy_handle *domain_handle,
2047 struct dom_sid *domain_sid,
2048 struct USER_MODALS_INFO_2 *info2)
2051 struct samr_DomInfo5 dom_info5;
2053 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2062 NT_STATUS_NOT_OK_RETURN(status);
2064 info2->usrmod2_domain_name =
2065 talloc_strdup(mem_ctx, dom_info5.domain_name.string);
2066 info2->usrmod2_domain_id =
2067 (struct domsid *)sid_dup_talloc(mem_ctx, domain_sid);
2069 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_name);
2070 NT_STATUS_HAVE_NO_MEMORY(info2->usrmod2_domain_id);
2072 return NT_STATUS_OK;
2075 /****************************************************************
2076 ****************************************************************/
2078 static NTSTATUS query_USER_MODALS_INFO_3(TALLOC_CTX *mem_ctx,
2079 struct rpc_pipe_client *pipe_cli,
2080 struct policy_handle *domain_handle,
2081 struct USER_MODALS_INFO_3 *info3)
2084 struct samr_DomInfo12 dom_info12;
2086 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2095 NT_STATUS_NOT_OK_RETURN(status);
2097 info3->usrmod3_lockout_duration =
2098 nt_time_to_unix_abs(&dom_info12.lockout_duration);
2099 info3->usrmod3_lockout_observation_window =
2100 nt_time_to_unix_abs(&dom_info12.lockout_window);
2101 info3->usrmod3_lockout_threshold =
2102 dom_info12.lockout_threshold;
2104 return NT_STATUS_OK;
2107 /****************************************************************
2108 ****************************************************************/
2110 static NTSTATUS query_USER_MODALS_INFO_to_buffer(TALLOC_CTX *mem_ctx,
2111 struct rpc_pipe_client *pipe_cli,
2113 struct policy_handle *domain_handle,
2114 struct dom_sid *domain_sid,
2119 struct USER_MODALS_INFO_0 info0;
2120 struct USER_MODALS_INFO_1 info1;
2121 struct USER_MODALS_INFO_2 info2;
2122 struct USER_MODALS_INFO_3 info3;
2125 return ERROR_INSUFFICIENT_BUFFER;
2130 status = query_USER_MODALS_INFO_0(mem_ctx,
2134 NT_STATUS_NOT_OK_RETURN(status);
2136 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info0,
2141 status = query_USER_MODALS_INFO_1(mem_ctx,
2145 NT_STATUS_NOT_OK_RETURN(status);
2147 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info1,
2151 status = query_USER_MODALS_INFO_2(mem_ctx,
2156 NT_STATUS_NOT_OK_RETURN(status);
2158 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info2,
2162 status = query_USER_MODALS_INFO_3(mem_ctx,
2166 NT_STATUS_NOT_OK_RETURN(status);
2168 *buffer = (uint8_t *)talloc_memdup(mem_ctx, &info3,
2175 NT_STATUS_HAVE_NO_MEMORY(*buffer);
2177 return NT_STATUS_OK;
2180 /****************************************************************
2181 ****************************************************************/
2183 WERROR NetUserModalsGet_r(struct libnetapi_ctx *ctx,
2184 struct NetUserModalsGet *r)
2186 struct rpc_pipe_client *pipe_cli = NULL;
2190 struct policy_handle connect_handle, domain_handle;
2191 struct dom_sid2 *domain_sid = NULL;
2192 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2194 ZERO_STRUCT(connect_handle);
2195 ZERO_STRUCT(domain_handle);
2197 if (!r->out.buffer) {
2198 return WERR_INVALID_PARAM;
2201 switch (r->in.level) {
2203 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2204 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
2208 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2;
2211 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1;
2214 werr = WERR_UNKNOWN_LEVEL;
2218 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2219 &ndr_table_samr.syntax_id,
2221 if (!W_ERROR_IS_OK(werr)) {
2225 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2226 SAMR_ACCESS_ENUM_DOMAINS |
2227 SAMR_ACCESS_LOOKUP_DOMAIN,
2232 if (!W_ERROR_IS_OK(werr)) {
2239 /* 3: 12 (DomainInfo2) */
2241 status = query_USER_MODALS_INFO_to_buffer(ctx,
2247 if (!NT_STATUS_IS_OK(status)) {
2248 werr = ntstatus_to_werror(status);
2253 if (ctx->disable_policy_handle_cache) {
2254 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2255 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2261 /****************************************************************
2262 ****************************************************************/
2264 WERROR NetUserModalsGet_l(struct libnetapi_ctx *ctx,
2265 struct NetUserModalsGet *r)
2267 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsGet);
2270 /****************************************************************
2271 ****************************************************************/
2273 static NTSTATUS set_USER_MODALS_INFO_rpc(TALLOC_CTX *mem_ctx,
2274 struct rpc_pipe_client *pipe_cli,
2275 struct policy_handle *domain_handle,
2276 struct samr_DomInfo1 *info1,
2277 struct samr_DomInfo3 *info3,
2278 struct samr_DomInfo12 *info12)
2281 union samr_DomainInfo dom_info;
2285 ZERO_STRUCT(dom_info);
2287 dom_info.info1 = *info1;
2289 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2293 NT_STATUS_NOT_OK_RETURN(status);
2298 ZERO_STRUCT(dom_info);
2300 dom_info.info3 = *info3;
2302 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2307 NT_STATUS_NOT_OK_RETURN(status);
2312 ZERO_STRUCT(dom_info);
2314 dom_info.info12 = *info12;
2316 status = rpccli_samr_SetDomainInfo(pipe_cli, mem_ctx,
2321 NT_STATUS_NOT_OK_RETURN(status);
2324 return NT_STATUS_OK;
2327 /****************************************************************
2328 ****************************************************************/
2330 static NTSTATUS set_USER_MODALS_INFO_0_buffer(TALLOC_CTX *mem_ctx,
2331 struct rpc_pipe_client *pipe_cli,
2332 struct policy_handle *domain_handle,
2333 struct USER_MODALS_INFO_0 *info0)
2336 struct samr_DomInfo1 dom_info_1;
2337 struct samr_DomInfo3 dom_info_3;
2339 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2348 NT_STATUS_NOT_OK_RETURN(status);
2350 dom_info_1.min_password_length =
2351 info0->usrmod0_min_passwd_len;
2352 dom_info_1.password_history_length =
2353 info0->usrmod0_password_hist_len;
2355 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2356 info0->usrmod0_max_passwd_age);
2357 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2358 info0->usrmod0_min_passwd_age);
2360 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2361 info0->usrmod0_force_logoff);
2363 return set_USER_MODALS_INFO_rpc(mem_ctx,
2371 /****************************************************************
2372 ****************************************************************/
2374 static NTSTATUS set_USER_MODALS_INFO_3_buffer(TALLOC_CTX *mem_ctx,
2375 struct rpc_pipe_client *pipe_cli,
2376 struct policy_handle *domain_handle,
2377 struct USER_MODALS_INFO_3 *info3)
2380 struct samr_DomInfo12 dom_info_12;
2382 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2391 NT_STATUS_NOT_OK_RETURN(status);
2393 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_duration,
2394 info3->usrmod3_lockout_duration);
2395 unix_to_nt_time_abs((NTTIME *)&dom_info_12.lockout_window,
2396 info3->usrmod3_lockout_observation_window);
2397 dom_info_12.lockout_threshold = info3->usrmod3_lockout_threshold;
2399 return set_USER_MODALS_INFO_rpc(mem_ctx,
2407 /****************************************************************
2408 ****************************************************************/
2410 static NTSTATUS set_USER_MODALS_INFO_1001_buffer(TALLOC_CTX *mem_ctx,
2411 struct rpc_pipe_client *pipe_cli,
2412 struct policy_handle *domain_handle,
2413 struct USER_MODALS_INFO_1001 *info1001)
2416 struct samr_DomInfo1 dom_info_1;
2418 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2427 NT_STATUS_NOT_OK_RETURN(status);
2429 dom_info_1.min_password_length =
2430 info1001->usrmod1001_min_passwd_len;
2432 return set_USER_MODALS_INFO_rpc(mem_ctx,
2440 /****************************************************************
2441 ****************************************************************/
2443 static NTSTATUS set_USER_MODALS_INFO_1002_buffer(TALLOC_CTX *mem_ctx,
2444 struct rpc_pipe_client *pipe_cli,
2445 struct policy_handle *domain_handle,
2446 struct USER_MODALS_INFO_1002 *info1002)
2449 struct samr_DomInfo1 dom_info_1;
2451 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2460 NT_STATUS_NOT_OK_RETURN(status);
2462 unix_to_nt_time_abs((NTTIME *)&dom_info_1.max_password_age,
2463 info1002->usrmod1002_max_passwd_age);
2465 return set_USER_MODALS_INFO_rpc(mem_ctx,
2473 /****************************************************************
2474 ****************************************************************/
2476 static NTSTATUS set_USER_MODALS_INFO_1003_buffer(TALLOC_CTX *mem_ctx,
2477 struct rpc_pipe_client *pipe_cli,
2478 struct policy_handle *domain_handle,
2479 struct USER_MODALS_INFO_1003 *info1003)
2482 struct samr_DomInfo1 dom_info_1;
2484 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2493 NT_STATUS_NOT_OK_RETURN(status);
2495 unix_to_nt_time_abs((NTTIME *)&dom_info_1.min_password_age,
2496 info1003->usrmod1003_min_passwd_age);
2498 return set_USER_MODALS_INFO_rpc(mem_ctx,
2506 /****************************************************************
2507 ****************************************************************/
2509 static NTSTATUS set_USER_MODALS_INFO_1004_buffer(TALLOC_CTX *mem_ctx,
2510 struct rpc_pipe_client *pipe_cli,
2511 struct policy_handle *domain_handle,
2512 struct USER_MODALS_INFO_1004 *info1004)
2515 struct samr_DomInfo3 dom_info_3;
2517 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2526 NT_STATUS_NOT_OK_RETURN(status);
2528 unix_to_nt_time_abs(&dom_info_3.force_logoff_time,
2529 info1004->usrmod1004_force_logoff);
2531 return set_USER_MODALS_INFO_rpc(mem_ctx,
2539 /****************************************************************
2540 ****************************************************************/
2542 static NTSTATUS set_USER_MODALS_INFO_1005_buffer(TALLOC_CTX *mem_ctx,
2543 struct rpc_pipe_client *pipe_cli,
2544 struct policy_handle *domain_handle,
2545 struct USER_MODALS_INFO_1005 *info1005)
2548 struct samr_DomInfo1 dom_info_1;
2550 status = query_USER_MODALS_INFO_rpc(mem_ctx,
2559 NT_STATUS_NOT_OK_RETURN(status);
2561 dom_info_1.password_history_length =
2562 info1005->usrmod1005_password_hist_len;
2564 return set_USER_MODALS_INFO_rpc(mem_ctx,
2572 /****************************************************************
2573 ****************************************************************/
2575 static NTSTATUS set_USER_MODALS_INFO_buffer(TALLOC_CTX *mem_ctx,
2576 struct rpc_pipe_client *pipe_cli,
2578 struct policy_handle *domain_handle,
2579 struct dom_sid *domain_sid,
2582 struct USER_MODALS_INFO_0 *info0;
2583 struct USER_MODALS_INFO_3 *info3;
2584 struct USER_MODALS_INFO_1001 *info1001;
2585 struct USER_MODALS_INFO_1002 *info1002;
2586 struct USER_MODALS_INFO_1003 *info1003;
2587 struct USER_MODALS_INFO_1004 *info1004;
2588 struct USER_MODALS_INFO_1005 *info1005;
2591 return ERROR_INSUFFICIENT_BUFFER;
2596 info0 = (struct USER_MODALS_INFO_0 *)buffer;
2597 return set_USER_MODALS_INFO_0_buffer(mem_ctx,
2602 info3 = (struct USER_MODALS_INFO_3 *)buffer;
2603 return set_USER_MODALS_INFO_3_buffer(mem_ctx,
2608 info1001 = (struct USER_MODALS_INFO_1001 *)buffer;
2609 return set_USER_MODALS_INFO_1001_buffer(mem_ctx,
2614 info1002 = (struct USER_MODALS_INFO_1002 *)buffer;
2615 return set_USER_MODALS_INFO_1002_buffer(mem_ctx,
2620 info1003 = (struct USER_MODALS_INFO_1003 *)buffer;
2621 return set_USER_MODALS_INFO_1003_buffer(mem_ctx,
2626 info1004 = (struct USER_MODALS_INFO_1004 *)buffer;
2627 return set_USER_MODALS_INFO_1004_buffer(mem_ctx,
2632 info1005 = (struct USER_MODALS_INFO_1005 *)buffer;
2633 return set_USER_MODALS_INFO_1005_buffer(mem_ctx,
2642 return NT_STATUS_OK;
2645 /****************************************************************
2646 ****************************************************************/
2648 WERROR NetUserModalsSet_r(struct libnetapi_ctx *ctx,
2649 struct NetUserModalsSet *r)
2651 struct rpc_pipe_client *pipe_cli = NULL;
2655 struct policy_handle connect_handle, domain_handle;
2656 struct dom_sid2 *domain_sid = NULL;
2657 uint32_t access_mask = SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT;
2659 ZERO_STRUCT(connect_handle);
2660 ZERO_STRUCT(domain_handle);
2662 if (!r->in.buffer) {
2663 return WERR_INVALID_PARAM;
2666 switch (r->in.level) {
2668 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2669 SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2670 SAMR_DOMAIN_ACCESS_SET_INFO_1 |
2671 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2678 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
2679 SAMR_DOMAIN_ACCESS_SET_INFO_1;
2682 access_mask |= SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
2683 SAMR_DOMAIN_ACCESS_SET_INFO_2;
2689 werr = WERR_NOT_SUPPORTED;
2692 werr = WERR_UNKNOWN_LEVEL;
2696 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2697 &ndr_table_samr.syntax_id,
2699 if (!W_ERROR_IS_OK(werr)) {
2703 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2704 SAMR_ACCESS_ENUM_DOMAINS |
2705 SAMR_ACCESS_LOOKUP_DOMAIN,
2710 if (!W_ERROR_IS_OK(werr)) {
2714 status = set_USER_MODALS_INFO_buffer(ctx,
2720 if (!NT_STATUS_IS_OK(status)) {
2721 werr = ntstatus_to_werror(status);
2726 if (ctx->disable_policy_handle_cache) {
2727 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2728 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2734 /****************************************************************
2735 ****************************************************************/
2737 WERROR NetUserModalsSet_l(struct libnetapi_ctx *ctx,
2738 struct NetUserModalsSet *r)
2740 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserModalsSet);
2743 /****************************************************************
2744 ****************************************************************/
2746 NTSTATUS add_GROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx,
2748 const char *group_name,
2749 uint32_t attributes,
2751 uint32_t *num_entries)
2753 struct GROUP_USERS_INFO_0 u0;
2754 struct GROUP_USERS_INFO_1 u1;
2759 u0.grui0_name = talloc_strdup(mem_ctx, group_name);
2760 NT_STATUS_HAVE_NO_MEMORY(u0.grui0_name);
2762 u0.grui0_name = NULL;
2765 ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_0, u0,
2766 (struct GROUP_USERS_INFO_0 **)buffer, num_entries);
2770 u1.grui1_name = talloc_strdup(mem_ctx, group_name);
2771 NT_STATUS_HAVE_NO_MEMORY(u1.grui1_name);
2773 u1.grui1_name = NULL;
2776 u1.grui1_attributes = attributes;
2778 ADD_TO_ARRAY(mem_ctx, struct GROUP_USERS_INFO_1, u1,
2779 (struct GROUP_USERS_INFO_1 **)buffer, num_entries);
2782 return NT_STATUS_INVALID_INFO_CLASS;
2785 return NT_STATUS_OK;
2788 /****************************************************************
2789 ****************************************************************/
2791 WERROR NetUserGetGroups_r(struct libnetapi_ctx *ctx,
2792 struct NetUserGetGroups *r)
2794 struct rpc_pipe_client *pipe_cli = NULL;
2795 struct policy_handle connect_handle, domain_handle, user_handle;
2796 struct lsa_String lsa_account_name;
2797 struct dom_sid2 *domain_sid = NULL;
2798 struct samr_Ids user_rids, name_types;
2799 struct samr_RidWithAttributeArray *rid_array = NULL;
2800 struct lsa_Strings names;
2801 struct samr_Ids types;
2802 uint32_t *rids = NULL;
2805 uint32_t entries_read = 0;
2807 NTSTATUS status = NT_STATUS_OK;
2810 ZERO_STRUCT(connect_handle);
2811 ZERO_STRUCT(domain_handle);
2813 if (!r->out.buffer) {
2814 return WERR_INVALID_PARAM;
2817 *r->out.buffer = NULL;
2818 *r->out.entries_read = 0;
2819 *r->out.total_entries = 0;
2821 switch (r->in.level) {
2826 return WERR_UNKNOWN_LEVEL;
2829 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2830 &ndr_table_samr.syntax_id,
2832 if (!W_ERROR_IS_OK(werr)) {
2836 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2837 SAMR_ACCESS_ENUM_DOMAINS |
2838 SAMR_ACCESS_LOOKUP_DOMAIN,
2839 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2843 if (!W_ERROR_IS_OK(werr)) {
2847 init_lsa_String(&lsa_account_name, r->in.user_name);
2849 status = rpccli_samr_LookupNames(pipe_cli, ctx,
2855 if (!NT_STATUS_IS_OK(status)) {
2856 werr = ntstatus_to_werror(status);
2860 status = rpccli_samr_OpenUser(pipe_cli, ctx,
2862 SAMR_USER_ACCESS_GET_GROUPS,
2865 if (!NT_STATUS_IS_OK(status)) {
2866 werr = ntstatus_to_werror(status);
2870 status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx,
2873 if (!NT_STATUS_IS_OK(status)) {
2874 werr = ntstatus_to_werror(status);
2878 rids = talloc_array(ctx, uint32_t, rid_array->count);
2884 for (i=0; i < rid_array->count; i++) {
2885 rids[i] = rid_array->rids[i].rid;
2888 status = rpccli_samr_LookupRids(pipe_cli, ctx,
2894 if (!NT_STATUS_IS_OK(status) &&
2895 !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
2896 werr = ntstatus_to_werror(status);
2900 for (i=0; i < names.count; i++) {
2901 status = add_GROUP_USERS_INFO_X_buffer(ctx,
2903 names.names[i].string,
2904 rid_array->rids[i].attributes,
2907 if (!NT_STATUS_IS_OK(status)) {
2908 werr = ntstatus_to_werror(status);
2913 *r->out.entries_read = entries_read;
2914 *r->out.total_entries = entries_read;
2917 if (ctx->disable_policy_handle_cache) {
2918 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
2919 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
2925 /****************************************************************
2926 ****************************************************************/
2928 WERROR NetUserGetGroups_l(struct libnetapi_ctx *ctx,
2929 struct NetUserGetGroups *r)
2931 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetGroups);
2934 /****************************************************************
2935 ****************************************************************/
2937 WERROR NetUserSetGroups_r(struct libnetapi_ctx *ctx,
2938 struct NetUserSetGroups *r)
2940 struct rpc_pipe_client *pipe_cli = NULL;
2941 struct policy_handle connect_handle, domain_handle, user_handle, group_handle;
2942 struct lsa_String lsa_account_name;
2943 struct dom_sid2 *domain_sid = NULL;
2944 struct samr_Ids user_rids, name_types;
2945 struct samr_Ids group_rids;
2946 struct samr_RidWithAttributeArray *rid_array = NULL;
2947 struct lsa_String *lsa_names = NULL;
2949 uint32_t *add_rids = NULL;
2950 uint32_t *del_rids = NULL;
2951 size_t num_add_rids = 0;
2952 size_t num_del_rids = 0;
2954 uint32_t *member_rids = NULL;
2955 size_t num_member_rids = 0;
2957 struct GROUP_USERS_INFO_0 *i0 = NULL;
2958 struct GROUP_USERS_INFO_1 *i1 = NULL;
2962 NTSTATUS status = NT_STATUS_OK;
2965 ZERO_STRUCT(connect_handle);
2966 ZERO_STRUCT(domain_handle);
2968 if (!r->in.buffer) {
2969 return WERR_INVALID_PARAM;
2972 switch (r->in.level) {
2977 return WERR_UNKNOWN_LEVEL;
2980 werr = libnetapi_open_pipe(ctx, r->in.server_name,
2981 &ndr_table_samr.syntax_id,
2983 if (!W_ERROR_IS_OK(werr)) {
2987 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
2988 SAMR_ACCESS_ENUM_DOMAINS |
2989 SAMR_ACCESS_LOOKUP_DOMAIN,
2990 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
2994 if (!W_ERROR_IS_OK(werr)) {
2998 init_lsa_String(&lsa_account_name, r->in.user_name);
3000 status = rpccli_samr_LookupNames(pipe_cli, ctx,
3006 if (!NT_STATUS_IS_OK(status)) {
3007 werr = ntstatus_to_werror(status);
3011 status = rpccli_samr_OpenUser(pipe_cli, ctx,
3013 SAMR_USER_ACCESS_GET_GROUPS,
3016 if (!NT_STATUS_IS_OK(status)) {
3017 werr = ntstatus_to_werror(status);
3021 switch (r->in.level) {
3023 i0 = (struct GROUP_USERS_INFO_0 *)r->in.buffer;
3026 i1 = (struct GROUP_USERS_INFO_1 *)r->in.buffer;
3030 lsa_names = talloc_array(ctx, struct lsa_String, r->in.num_entries);
3036 for (i=0; i < r->in.num_entries; i++) {
3038 switch (r->in.level) {
3040 init_lsa_String(&lsa_names[i], i0->grui0_name);
3044 init_lsa_String(&lsa_names[i], i1->grui1_name);
3050 status = rpccli_samr_LookupNames(pipe_cli, ctx,
3056 if (!NT_STATUS_IS_OK(status)) {
3057 werr = ntstatus_to_werror(status);
3061 member_rids = group_rids.ids;
3062 num_member_rids = group_rids.count;
3064 status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx,
3067 if (!NT_STATUS_IS_OK(status)) {
3068 werr = ntstatus_to_werror(status);
3074 for (i=0; i < r->in.num_entries; i++) {
3075 bool already_member = false;
3076 for (k=0; k < rid_array->count; k++) {
3077 if (member_rids[i] == rid_array->rids[k].rid) {
3078 already_member = true;
3082 if (!already_member) {
3083 if (!add_rid_to_array_unique(ctx,
3085 &add_rids, &num_add_rids)) {
3086 werr = WERR_GENERAL_FAILURE;
3094 for (k=0; k < rid_array->count; k++) {
3095 bool keep_member = false;
3096 for (i=0; i < r->in.num_entries; i++) {
3097 if (member_rids[i] == rid_array->rids[k].rid) {
3103 if (!add_rid_to_array_unique(ctx,
3104 rid_array->rids[k].rid,
3105 &del_rids, &num_del_rids)) {
3106 werr = WERR_GENERAL_FAILURE;
3114 for (i=0; i < num_add_rids; i++) {
3115 status = rpccli_samr_OpenGroup(pipe_cli, ctx,
3117 SAMR_GROUP_ACCESS_ADD_MEMBER,
3120 if (!NT_STATUS_IS_OK(status)) {
3121 werr = ntstatus_to_werror(status);
3125 status = rpccli_samr_AddGroupMember(pipe_cli, ctx,
3129 if (!NT_STATUS_IS_OK(status)) {
3130 werr = ntstatus_to_werror(status);
3134 if (is_valid_policy_hnd(&group_handle)) {
3135 rpccli_samr_Close(pipe_cli, ctx, &group_handle);
3141 for (i=0; i < num_del_rids; i++) {
3142 status = rpccli_samr_OpenGroup(pipe_cli, ctx,
3144 SAMR_GROUP_ACCESS_REMOVE_MEMBER,
3147 if (!NT_STATUS_IS_OK(status)) {
3148 werr = ntstatus_to_werror(status);
3152 status = rpccli_samr_DeleteGroupMember(pipe_cli, ctx,
3155 if (!NT_STATUS_IS_OK(status)) {
3156 werr = ntstatus_to_werror(status);
3160 if (is_valid_policy_hnd(&group_handle)) {
3161 rpccli_samr_Close(pipe_cli, ctx, &group_handle);
3168 if (is_valid_policy_hnd(&group_handle)) {
3169 rpccli_samr_Close(pipe_cli, ctx, &group_handle);
3172 if (ctx->disable_policy_handle_cache) {
3173 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
3174 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
3180 /****************************************************************
3181 ****************************************************************/
3183 WERROR NetUserSetGroups_l(struct libnetapi_ctx *ctx,
3184 struct NetUserSetGroups *r)
3186 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserSetGroups);
3189 /****************************************************************
3190 ****************************************************************/
3192 static NTSTATUS add_LOCALGROUP_USERS_INFO_X_buffer(TALLOC_CTX *mem_ctx,
3194 const char *group_name,
3196 uint32_t *num_entries)
3198 struct LOCALGROUP_USERS_INFO_0 u0;
3202 u0.lgrui0_name = talloc_strdup(mem_ctx, group_name);
3203 NT_STATUS_HAVE_NO_MEMORY(u0.lgrui0_name);
3205 ADD_TO_ARRAY(mem_ctx, struct LOCALGROUP_USERS_INFO_0, u0,
3206 (struct LOCALGROUP_USERS_INFO_0 **)buffer, num_entries);
3209 return NT_STATUS_INVALID_INFO_CLASS;
3212 return NT_STATUS_OK;
3215 /****************************************************************
3216 ****************************************************************/
3218 WERROR NetUserGetLocalGroups_r(struct libnetapi_ctx *ctx,
3219 struct NetUserGetLocalGroups *r)
3221 struct rpc_pipe_client *pipe_cli = NULL;
3222 struct policy_handle connect_handle, domain_handle, user_handle,
3224 struct lsa_String lsa_account_name;
3225 struct dom_sid2 *domain_sid = NULL;
3226 struct samr_Ids user_rids, name_types;
3227 struct samr_RidWithAttributeArray *rid_array = NULL;
3228 struct lsa_Strings names;
3229 struct samr_Ids types;
3230 uint32_t *rids = NULL;
3231 size_t num_rids = 0;
3232 struct dom_sid user_sid;
3233 struct lsa_SidArray sid_array;
3234 struct samr_Ids domain_rids;
3235 struct samr_Ids builtin_rids;
3238 uint32_t entries_read = 0;
3240 NTSTATUS status = NT_STATUS_OK;
3243 ZERO_STRUCT(connect_handle);
3244 ZERO_STRUCT(domain_handle);
3246 if (!r->out.buffer) {
3247 return WERR_INVALID_PARAM;
3250 *r->out.buffer = NULL;
3251 *r->out.entries_read = 0;
3252 *r->out.total_entries = 0;
3254 switch (r->in.level) {
3259 return WERR_UNKNOWN_LEVEL;
3262 werr = libnetapi_open_pipe(ctx, r->in.server_name,
3263 &ndr_table_samr.syntax_id,
3265 if (!W_ERROR_IS_OK(werr)) {
3269 werr = libnetapi_samr_open_domain(ctx, pipe_cli,
3270 SAMR_ACCESS_ENUM_DOMAINS |
3271 SAMR_ACCESS_LOOKUP_DOMAIN,
3272 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
3273 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
3277 if (!W_ERROR_IS_OK(werr)) {
3281 werr = libnetapi_samr_open_builtin_domain(ctx, pipe_cli,
3282 SAMR_ACCESS_ENUM_DOMAINS |
3283 SAMR_ACCESS_LOOKUP_DOMAIN,
3284 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT |
3285 SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
3288 if (!W_ERROR_IS_OK(werr)) {
3292 init_lsa_String(&lsa_account_name, r->in.user_name);
3294 status = rpccli_samr_LookupNames(pipe_cli, ctx,
3300 if (!NT_STATUS_IS_OK(status)) {
3301 werr = ntstatus_to_werror(status);
3305 status = rpccli_samr_OpenUser(pipe_cli, ctx,
3307 SAMR_USER_ACCESS_GET_GROUPS,
3310 if (!NT_STATUS_IS_OK(status)) {
3311 werr = ntstatus_to_werror(status);
3315 status = rpccli_samr_GetGroupsForUser(pipe_cli, ctx,
3318 if (!NT_STATUS_IS_OK(status)) {
3319 werr = ntstatus_to_werror(status);
3323 if (!sid_compose(&user_sid, domain_sid, user_rids.ids[0])) {
3328 sid_array.num_sids = rid_array->count + 1;
3329 sid_array.sids = TALLOC_ARRAY(ctx, struct lsa_SidPtr, sid_array.num_sids);
3330 if (!sid_array.sids) {
3335 sid_array.sids[0].sid = sid_dup_talloc(ctx, &user_sid);
3336 if (!sid_array.sids[0].sid) {
3341 for (i=0; i < rid_array->count; i++) {
3344 if (!sid_compose(&sid, domain_sid, rid_array->rids[i].rid)) {
3349 sid_array.sids[i+1].sid = sid_dup_talloc(ctx, &sid);
3350 if (!sid_array.sids[i+1].sid) {
3356 status = rpccli_samr_GetAliasMembership(pipe_cli, ctx,
3360 if (!NT_STATUS_IS_OK(status)) {
3361 werr = ntstatus_to_werror(status);
3365 for (i=0; i < domain_rids.count; i++) {
3366 if (!add_rid_to_array_unique(ctx, domain_rids.ids[i],
3367 &rids, &num_rids)) {
3373 status = rpccli_samr_GetAliasMembership(pipe_cli, ctx,
3377 if (!NT_STATUS_IS_OK(status)) {
3378 werr = ntstatus_to_werror(status);
3382 for (i=0; i < builtin_rids.count; i++) {
3383 if (!add_rid_to_array_unique(ctx, builtin_rids.ids[i],
3384 &rids, &num_rids)) {
3390 status = rpccli_samr_LookupRids(pipe_cli, ctx,
3396 if (!NT_STATUS_IS_OK(status)) {
3397 werr = ntstatus_to_werror(status);
3401 for (i=0; i < names.count; i++) {
3402 status = add_LOCALGROUP_USERS_INFO_X_buffer(ctx,
3404 names.names[i].string,
3407 if (!NT_STATUS_IS_OK(status)) {
3408 werr = ntstatus_to_werror(status);
3413 *r->out.entries_read = entries_read;
3414 *r->out.total_entries = entries_read;
3417 if (ctx->disable_policy_handle_cache) {
3418 libnetapi_samr_close_domain_handle(ctx, &domain_handle);
3419 libnetapi_samr_close_connect_handle(ctx, &connect_handle);
3425 /****************************************************************
3426 ****************************************************************/
3428 WERROR NetUserGetLocalGroups_l(struct libnetapi_ctx *ctx,
3429 struct NetUserGetLocalGroups *r)
3431 LIBNETAPI_REDIRECT_TO_LOCALHOST(ctx, r, NetUserGetLocalGroups);