Copyright (C) Andrew Tridgell 1992-1997,2000,
Copyright (C) Rafal Szczesniak 2002.
Copyright (C) Jeremy Allison 2005.
+ Copyright (C) Guenther Deschner 2008.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*/
#include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
+#include "../librpc/gen_ndr/cli_samr.h"
+#include "rpc_client/cli_samr.h"
+#include "../lib/crypto/arcfour.h"
-/* Query user info */
+/* User change password */
-NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli,
+NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol,
- uint16 switch_value,
- SAM_USERINFO_CTR **ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_USERINFO q;
- SAMR_R_QUERY_USERINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_userinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_userinfo(&q, user_pol, switch_value);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_userinfo,
- samr_io_r_query_userinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
- *ctr = r.ctr;
-
- return result;
-}
-
-/* Set group info */
-
-NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, GROUP_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_GROUPINFO q;
- SAMR_R_SET_GROUPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_groupinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_groupinfo(&q, group_pol, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_groupinfo,
- samr_io_r_set_groupinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query group info */
-
-NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *group_pol, uint32 info_level,
- GROUP_INFO_CTR **ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_GROUPINFO q;
- SAMR_R_QUERY_GROUPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_groupinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_groupinfo(&q, group_pol, info_level);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_groupinfo,
- samr_io_r_query_groupinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- *ctr = r.ctr;
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/* Query user groups */
-
-NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol,
- uint32 *num_groups,
- DOM_GID **gid)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_USERGROUPS q;
- SAMR_R_QUERY_USERGROUPS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_usergroups\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_usergroups(&q, user_pol);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_usergroups,
- samr_io_r_query_usergroups,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (NT_STATUS_IS_OK(result = r.status)) {
- *num_groups = r.num_entries;
- *gid = r.gid;
- }
-
- return result;
-}
-
-/* Set alias info */
-
-NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_ALIASINFO q;
- SAMR_R_SET_ALIASINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_aliasinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_aliasinfo(&q, alias_pol, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_aliasinfo,
- samr_io_r_set_aliasinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
-/**
- * Enumerate domain users
- *
- * @param cli client state structure
- * @param mem_ctx talloc context
- * @param pol opened domain policy handle
- * @param start_idx starting index of enumeration, returns context for
- next enumeration
- * @param acb_mask account control bit mask (to enumerate some particular
- * kind of accounts)
- * @param size max acceptable size of response
- * @param dom_users returned array of domain user names
- * @param rids returned array of domain user RIDs
- * @param num_dom_users numer returned entries
- *
- * @return NTSTATUS returned in rpc response
- **/
-
-NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx, uint32 acb_mask,
- uint32 size, char ***dom_users, uint32 **rids,
- uint32 *num_dom_users)
-{
- prs_struct qbuf;
- prs_struct rbuf;
- SAMR_Q_ENUM_DOM_USERS q;
- SAMR_R_ENUM_DOM_USERS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- int i;
-
- DEBUG(10,("cli_samr_enum_dom_users starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* always init this */
- *num_dom_users = 0;
-
- /* Fill query structure with parameters */
-
- init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_users,
- samr_io_r_enum_dom_users,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
- goto done;
-
- *start_idx = r.next_idx;
- *num_dom_users = r.num_entries2;
-
- if (r.num_entries2) {
- /* allocate memory needed to return received data */
- *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_entries2);
- if (!*rids) {
- DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- *dom_users = TALLOC_ARRAY(mem_ctx, char*, r.num_entries2);
- if (!*dom_users) {
- DEBUG(0, ("Error in cli_samr_enum_dom_users(): out of memory\n"));
- return NT_STATUS_NO_MEMORY;
- }
-
- /* fill output buffers with rpc response */
- for (i = 0; i < r.num_entries2; i++) {
- fstring conv_buf;
-
- (*rids)[i] = r.sam[i].rid;
- unistr2_to_ascii(conv_buf, &(r.uni_acct_name[i]), sizeof(conv_buf));
- (*dom_users)[i] = talloc_strdup(mem_ctx, conv_buf);
- }
- }
-
-done:
- return result;
-}
-
-/* Enumerate domain groups */
-
-NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx,
- uint32 size, struct acct_info **dom_groups,
- uint32 *num_dom_groups)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ENUM_DOM_GROUPS q;
- SAMR_R_ENUM_DOM_GROUPS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 name_idx, i;
-
- DEBUG(10,("cli_samr_enum_dom_groups starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_enum_dom_groups(&q, pol, *start_idx, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_groups,
- samr_io_r_enum_dom_groups,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES))
- goto done;
-
- *num_dom_groups = r.num_entries2;
-
- if (*num_dom_groups == 0)
- goto done;
-
- if (!((*dom_groups) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_groups))) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- memset(*dom_groups, 0, sizeof(struct acct_info) * (*num_dom_groups));
-
- name_idx = 0;
-
- for (i = 0; i < *num_dom_groups; i++) {
-
- (*dom_groups)[i].rid = r.sam[i].rid;
-
- if (r.sam[i].hdr_name.buffer) {
- unistr2_to_ascii((*dom_groups)[i].acct_name,
- &r.uni_grp_name[name_idx],
- sizeof((*dom_groups)[i].acct_name));
- name_idx++;
- }
-
- *start_idx = r.next_idx;
- }
-
- done:
- return result;
-}
-
-/* Enumerate domain groups */
-
-NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint32 *start_idx,
- uint32 size, struct acct_info **dom_aliases,
- uint32 *num_dom_aliases)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_ENUM_DOM_ALIASES q;
- SAMR_R_ENUM_DOM_ALIASES r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 name_idx, i;
-
- DEBUG(10,("cli_samr_enum_als_groups starting at index %u\n", (unsigned int)*start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES,
- q, r,
- qbuf, rbuf,
- samr_io_q_enum_dom_aliases,
- samr_io_r_enum_dom_aliases,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
- goto done;
- }
-
- *num_dom_aliases = r.num_entries2;
-
- if (*num_dom_aliases == 0)
- goto done;
-
- if (!((*dom_aliases) = TALLOC_ARRAY(mem_ctx, struct acct_info, *num_dom_aliases))) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- memset(*dom_aliases, 0, sizeof(struct acct_info) * *num_dom_aliases);
-
- name_idx = 0;
-
- for (i = 0; i < *num_dom_aliases; i++) {
-
- (*dom_aliases)[i].rid = r.sam[i].rid;
-
- if (r.sam[i].hdr_name.buffer) {
- unistr2_to_ascii((*dom_aliases)[i].acct_name,
- &r.uni_grp_name[name_idx],
- sizeof((*dom_aliases)[i].acct_name));
- name_idx++;
- }
-
- *start_idx = r.next_idx;
- }
-
- done:
- return result;
-}
-
-/* Query alias info */
-
-NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *alias_pol, uint16 switch_value,
- ALIAS_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_ALIASINFO q;
- SAMR_R_QUERY_ALIASINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_alias_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_aliasinfo(&q, alias_pol, switch_value);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_aliasinfo,
- samr_io_r_query_aliasinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- *ctr = *r.ctr;
-
- done:
-
- return result;
-}
-
-/* Query domain info */
-
-NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DOMAIN_INFO q;
- SAMR_R_QUERY_DOMAIN_INFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_dom_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_domain_info(&q, domain_pol, switch_value);
-
- r.ctr = ctr;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_domain_info,
- samr_io_r_query_domain_info,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
-
-/* Query domain info2 */
-
-NTSTATUS rpccli_samr_query_dom_info2(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
+ struct policy_handle *user_handle,
+ const char *newpassword,
+ const char *oldpassword)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DOMAIN_INFO2 q;
- SAMR_R_QUERY_DOMAIN_INFO2 r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct samr_Password hash1, hash2, hash3, hash4, hash5, hash6;
- DEBUG(10,("cli_samr_query_dom_info2\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_domain_info2(&q, domain_pol, switch_value);
-
- r.ctr = ctr;
+ uchar old_nt_hash[16];
+ uchar old_lm_hash[16];
+ uchar new_nt_hash[16];
+ uchar new_lm_hash[16];
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO2,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_domain_info2,
- samr_io_r_query_domain_info2,
- NT_STATUS_UNSUCCESSFUL);
+ ZERO_STRUCT(old_nt_hash);
+ ZERO_STRUCT(old_lm_hash);
+ ZERO_STRUCT(new_nt_hash);
+ ZERO_STRUCT(new_lm_hash);
- /* Return output parameters */
+ DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
+ E_md4hash(oldpassword, old_nt_hash);
+ E_md4hash(newpassword, new_nt_hash);
- done:
+ E_deshash(oldpassword, old_lm_hash);
+ E_deshash(newpassword, new_lm_hash);
+
+ E_old_pw_hash(new_lm_hash, old_lm_hash, hash1.hash);
+ E_old_pw_hash(old_lm_hash, new_lm_hash, hash2.hash);
+ E_old_pw_hash(new_nt_hash, old_nt_hash, hash3.hash);
+ E_old_pw_hash(old_nt_hash, new_nt_hash, hash4.hash);
+ E_old_pw_hash(old_lm_hash, new_nt_hash, hash5.hash);
+ E_old_pw_hash(old_nt_hash, new_lm_hash, hash6.hash);
+
+ result = rpccli_samr_ChangePasswordUser(cli, mem_ctx,
+ user_handle,
+ true,
+ &hash1,
+ &hash2,
+ true,
+ &hash3,
+ &hash4,
+ true,
+ &hash5,
+ true,
+ &hash6);
return result;
}
-/* Set domain info */
-
-NTSTATUS rpccli_samr_set_domain_info(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_DOMAIN_INFO q;
- SAMR_R_SET_DOMAIN_INFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_domain_info\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_domain_info(&q, domain_pol, switch_value, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_DOMAIN_INFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_domain_info,
- samr_io_r_set_domain_info,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}
/* User change password */
-NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- const char *newpassword,
- const char *oldpassword )
+NTSTATUS rpccli_samr_chgpasswd_user2(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ const char *newpassword,
+ const char *oldpassword)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER q;
- SAMR_R_CHGPASSWD_USER r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lanman_hash_enc;
- uchar new_nt_password[516];
- uchar new_lm_password[516];
uchar old_nt_hash[16];
uchar old_lanman_hash[16];
- uchar old_nt_hash_enc[16];
- uchar old_lanman_hash_enc[16];
-
uchar new_nt_hash[16];
uchar new_lanman_hash[16];
+ struct lsa_String server, account;
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
-
- DEBUG(10,("rpccli_samr_chgpasswd_user\n"));
+ DEBUG(10,("rpccli_samr_chgpasswd_user2\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+ init_lsa_String(&server, cli->srv_name_slash);
+ init_lsa_String(&account, username);
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash(oldpassword, old_nt_hash);
E_md4hash(newpassword, new_nt_hash);
- if (lp_client_lanman_auth()
- && E_deshash(newpassword, new_lanman_hash)
- && E_deshash(oldpassword, old_lanman_hash)) {
+ if (lp_client_lanman_auth() &&
+ E_deshash(newpassword, new_lanman_hash) &&
+ E_deshash(oldpassword, old_lanman_hash)) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars). This allows us to match Win2k, which
does not store a LM hash for these passwords (which
would reduce the effective password length to 14) */
- encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
+ encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
- SamOEMhash( new_lm_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
+ arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
} else {
ZERO_STRUCT(new_lm_password);
ZERO_STRUCT(old_lanman_hash_enc);
}
- encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
-
- SamOEMhash( new_nt_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
+ encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
- /* Marshall data and send request */
+ arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
- init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
- new_nt_password,
- old_nt_hash_enc,
- new_lm_password,
- old_lanman_hash_enc);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user,
- samr_io_r_chgpasswd_user,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
+ result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lanman_hash_enc);
return result;
}
/* User change password given blobs */
NTSTATUS rpccli_samr_chng_pswd_auth_crap(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- DATA_BLOB new_nt_password,
- DATA_BLOB old_nt_hash_enc,
- DATA_BLOB new_lm_password,
- DATA_BLOB old_lm_hash_enc)
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ DATA_BLOB new_nt_password_blob,
+ DATA_BLOB old_nt_hash_enc_blob,
+ DATA_BLOB new_lm_password_blob,
+ DATA_BLOB old_lm_hash_enc_blob)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER q;
- SAMR_R_CHGPASSWD_USER r;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lm_hash_enc;
+ struct lsa_String server, account;
DEBUG(10,("rpccli_samr_chng_pswd_auth_crap\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_chgpasswd_user(&q, srv_name_slash, username,
- new_nt_password.data,
- old_nt_hash_enc.data,
- new_lm_password.data,
- old_lm_hash_enc.data);
+ init_lsa_String(&server, cli->srv_name_slash);
+ init_lsa_String(&account, username);
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user,
- samr_io_r_chgpasswd_user,
- NT_STATUS_UNSUCCESSFUL);
+ if (new_nt_password_blob.length > 0) {
+ memcpy(&new_nt_password.data, new_nt_password_blob.data, 516);
+ } else {
+ ZERO_STRUCT(new_nt_password_blob);
+ }
- /* Return output parameters */
+ if (new_lm_password_blob.length > 0) {
+ memcpy(&new_lm_password.data, new_lm_password_blob.data, 516);
+ } else {
+ ZERO_STRUCT(new_lm_password);
+ }
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
+ if (old_nt_hash_enc_blob.length > 0) {
+ memcpy(&old_nt_hash_enc.hash, old_nt_hash_enc_blob.data, 16);
+ } else {
+ ZERO_STRUCT(old_nt_hash_enc);
}
- done:
+ if (old_lm_hash_enc_blob.length > 0) {
+ memcpy(&old_lm_hash_enc.hash, old_lm_hash_enc_blob.data, 16);
+ } else {
+ ZERO_STRUCT(old_lm_hash_enc);
+ }
+ result = rpccli_samr_ChangePasswordUser2(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lm_hash_enc);
return result;
}
/* change password 3 */
-NTSTATUS rpccli_samr_chgpasswd3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- const char *username,
- const char *newpassword,
- const char *oldpassword,
- SAM_UNK_INFO_1 *info,
- SAMR_CHANGE_REJECT *reject)
+NTSTATUS rpccli_samr_chgpasswd_user3(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *username,
+ const char *newpassword,
+ const char *oldpassword,
+ struct samr_DomInfo1 **dominfo1,
+ struct userPwdChangeFailureInformation **reject)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_CHGPASSWD_USER3 q;
- SAMR_R_CHGPASSWD_USER3 r;
+ NTSTATUS status;
+
+ struct samr_CryptPassword new_nt_password;
+ struct samr_CryptPassword new_lm_password;
+ struct samr_Password old_nt_hash_enc;
+ struct samr_Password old_lanman_hash_enc;
- uchar new_nt_password[516];
- uchar new_lm_password[516];
uchar old_nt_hash[16];
uchar old_lanman_hash[16];
- uchar old_nt_hash_enc[16];
- uchar old_lanman_hash_enc[16];
-
uchar new_nt_hash[16];
uchar new_lanman_hash[16];
- char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost);
+ struct lsa_String server, account;
DEBUG(10,("rpccli_samr_chgpasswd_user3\n"));
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
+ init_lsa_String(&server, cli->srv_name_slash);
+ init_lsa_String(&account, username);
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash(oldpassword, old_nt_hash);
E_md4hash(newpassword, new_nt_hash);
- if (lp_client_lanman_auth()
- && E_deshash(newpassword, new_lanman_hash)
- && E_deshash(oldpassword, old_lanman_hash)) {
+ if (lp_client_lanman_auth() &&
+ E_deshash(newpassword, new_lanman_hash) &&
+ E_deshash(oldpassword, old_lanman_hash)) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars). This allows us to match Win2k, which
does not store a LM hash for these passwords (which
would reduce the effective password length to 14) */
- encode_pw_buffer(new_lm_password, newpassword, STR_UNICODE);
+ encode_pw_buffer(new_lm_password.data, newpassword, STR_UNICODE);
- SamOEMhash( new_lm_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_lanman_hash, old_lanman_hash_enc);
+ arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_lanman_hash, old_lanman_hash_enc.hash);
} else {
ZERO_STRUCT(new_lm_password);
ZERO_STRUCT(old_lanman_hash_enc);
}
- encode_pw_buffer(new_nt_password, newpassword, STR_UNICODE);
-
- SamOEMhash( new_nt_password, old_nt_hash, 516);
- E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc);
-
- /* Marshall data and send request */
-
- init_samr_q_chgpasswd_user3(&q, srv_name_slash, username,
- new_nt_password,
- old_nt_hash_enc,
- new_lm_password,
- old_lanman_hash_enc);
- r.info = info;
- r.reject = reject;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER3,
- q, r,
- qbuf, rbuf,
- samr_io_q_chgpasswd_user3,
- samr_io_r_chgpasswd_user3,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- return r.status;
+ encode_pw_buffer(new_nt_password.data, newpassword, STR_UNICODE);
+
+ arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
+ E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
+
+ status = rpccli_samr_ChangePasswordUser3(cli, mem_ctx,
+ &server,
+ &account,
+ &new_nt_password,
+ &old_nt_hash_enc,
+ true,
+ &new_lm_password,
+ &old_lanman_hash_enc,
+ NULL,
+ dominfo1,
+ reject);
+ return status;
}
/* This function returns the bizzare set of (max_entries, max_size) required
*max_size = 131071;
break;
}
-}
-
-/* Query display info */
-
-NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 *start_idx,
- uint16 switch_value, uint32 *num_entries,
- uint32 max_entries, uint32 max_size,
- SAM_DISPINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_DISPINFO q;
- SAMR_R_QUERY_DISPINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_dispinfo for start_idx = %u\n", *start_idx));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- *num_entries = 0;
-
- /* Marshall data and send request */
-
- init_samr_q_query_dispinfo(&q, domain_pol, switch_value,
- *start_idx, max_entries, max_size);
-
- r.ctr = ctr;
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_dispinfo,
- samr_io_r_query_dispinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- NT_STATUS_V(result) != NT_STATUS_V(STATUS_MORE_ENTRIES)) {
- goto done;
- }
-
- *num_entries = r.num_entries;
- *start_idx += r.num_entries; /* No next_idx in this structure! */
-
- done:
- return result;
-}
-
-/* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are
- looked up in one packet. */
-
-NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol,
- uint32 num_rids, uint32 *rids,
- uint32 *num_names, char ***names,
- uint32 **name_types)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_LOOKUP_RIDS q;
- SAMR_R_LOOKUP_RIDS r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 i;
-
- DEBUG(10,("cli_samr_lookup_rids\n"));
-
- if (num_rids > 1000) {
- DEBUG(2, ("cli_samr_lookup_rids: warning: NT4 can crash if "
- "more than ~1000 rids are looked up at once.\n"));
- }
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS,
- q, r,
- qbuf, rbuf,
- samr_io_q_lookup_rids,
- samr_io_r_lookup_rids,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result) &&
- !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
- goto done;
-
- if (r.num_names1 == 0) {
- *num_names = 0;
- *names = NULL;
- goto done;
- }
-
- *num_names = r.num_names1;
- *names = TALLOC_ARRAY(mem_ctx, char *, r.num_names1);
- *name_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_names1);
-
- if ((*names == NULL) || (*name_types == NULL)) {
- TALLOC_FREE(*names);
- TALLOC_FREE(*name_types);
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i = 0; i < r.num_names1; i++) {
- fstring tmp;
-
- unistr2_to_ascii(tmp, &r.uni_name[i], sizeof(tmp));
- (*names)[i] = talloc_strdup(mem_ctx, tmp);
- (*name_types)[i] = r.type[i];
- }
-
- done:
-
- return result;
-}
-
-/* Lookup names */
-
-NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *domain_pol, uint32 flags,
- uint32 num_names, const char **names,
- uint32 *num_rids, uint32 **rids,
- uint32 **rid_types)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_LOOKUP_NAMES q;
- SAMR_R_LOOKUP_NAMES r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 i;
-
- DEBUG(10,("cli_samr_lookup_names\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags,
- num_names, names);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES,
- q, r,
- qbuf, rbuf,
- samr_io_q_lookup_names,
- samr_io_r_lookup_names,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- if (r.num_rids1 == 0) {
- *num_rids = 0;
- goto done;
- }
-
- *num_rids = r.num_rids1;
- *rids = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
- *rid_types = TALLOC_ARRAY(mem_ctx, uint32, r.num_rids1);
-
- if ((*rids == NULL) || (*rid_types == NULL)) {
- TALLOC_FREE(*rids);
- TALLOC_FREE(*rid_types);
- return NT_STATUS_NO_MEMORY;
- }
-
- for (i = 0; i < r.num_rids1; i++) {
- (*rids)[i] = r.rids[i];
- (*rid_types)[i] = r.types[i];
- }
-
- done:
-
- return result;
}
-/* Set userinfo */
-
-NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol, uint16 switch_value,
- DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
+NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ uint32_t access_mask,
+ struct policy_handle *connect_pol)
{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_USERINFO q;
- SAMR_R_SET_USERINFO r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_userinfo\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- if (!sess_key->length) {
- DEBUG(1, ("No user session key\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
+ NTSTATUS status;
+ union samr_ConnectInfo info_in, info_out;
+ struct samr_ConnectInfo1 info1;
+ uint32_t lvl_out = 0;
+
+ ZERO_STRUCT(info1);
+
+ info1.client_version = SAMR_CONNECT_W2K;
+ info_in.info1 = info1;
+
+ status = rpccli_samr_Connect5(cli, mem_ctx,
+ cli->srv_name_slash,
+ access_mask,
+ 1,
+ &info_in,
+ &lvl_out,
+ &info_out,
+ connect_pol);
+ if (NT_STATUS_IS_OK(status)) {
+ return status;
}
- /* Initialise parse structures */
-
- prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
- prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
-
- /* Marshall data and send request */
-
- q.ctr = ctr;
-
- init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value,
- ctr->info.id);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_userinfo,
- samr_io_r_set_userinfo,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
+ status = rpccli_samr_Connect4(cli, mem_ctx,
+ cli->srv_name_slash,
+ SAMR_CONNECT_W2K,
+ access_mask,
+ connect_pol);
+ if (NT_STATUS_IS_OK(status)) {
+ return status;
}
- done:
-
- return result;
+ status = rpccli_samr_Connect2(cli, mem_ctx,
+ cli->srv_name_slash,
+ access_mask,
+ connect_pol);
+ return status;
}
-/* Set userinfo2 */
-
-NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- const POLICY_HND *user_pol, uint16 switch_value,
- DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_USERINFO2 q;
- SAMR_R_SET_USERINFO2 r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_userinfo2\n"));
-
- if (!sess_key->length) {
- DEBUG(1, ("No user session key\n"));
- return NT_STATUS_NO_USER_SESSION_KEY;
- }
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_userinfo2,
- samr_io_r_set_userinfo2,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- if (!NT_STATUS_IS_OK(result = r.status)) {
- goto done;
- }
-
- done:
-
- return result;
-}