00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021 #include "python/py_samr.h"
00022
00023
00024
00025
00026
00027 PyObject *samr_error;
00028
00029
00030 PyObject *samr_ntstatus;
00031
00032
00033
00034
00035
00036 static void py_samr_group_hnd_dealloc(PyObject* self)
00037 {
00038 PyObject_Del(self);
00039 }
00040
00041 static PyMethodDef samr_group_methods[] = {
00042 { NULL }
00043 };
00044
00045 static PyObject *py_samr_group_hnd_getattr(PyObject *self, char *attrname)
00046 {
00047 return Py_FindMethod(samr_group_methods, self, attrname);
00048 }
00049
00050 PyTypeObject samr_group_hnd_type = {
00051 PyObject_HEAD_INIT(NULL)
00052 0,
00053 "SAMR Group Handle",
00054 sizeof(samr_group_hnd_object),
00055 0,
00056 py_samr_group_hnd_dealloc,
00057 0,
00058 py_samr_group_hnd_getattr,
00059 0,
00060 0,
00061 0,
00062 0,
00063 0,
00064 0,
00065 0,
00066 };
00067
00068 PyObject *new_samr_group_hnd_object(struct cli_state *cli, TALLOC_CTX *mem_ctx,
00069 POLICY_HND *pol)
00070 {
00071 samr_group_hnd_object *o;
00072
00073 o = PyObject_New(samr_group_hnd_object, &samr_group_hnd_type);
00074
00075 o->cli = cli;
00076 o->mem_ctx = mem_ctx;
00077 memcpy(&o->group_pol, pol, sizeof(POLICY_HND));
00078
00079 return (PyObject*)o;
00080 }
00081
00082
00083
00084 static void py_samr_alias_hnd_dealloc(PyObject* self)
00085 {
00086 PyObject_Del(self);
00087 }
00088
00089 static PyMethodDef samr_alias_methods[] = {
00090 { NULL }
00091 };
00092
00093 static PyObject *py_samr_alias_hnd_getattr(PyObject *self, char *attrname)
00094 {
00095 return Py_FindMethod(samr_alias_methods, self, attrname);
00096 }
00097
00098 PyTypeObject samr_alias_hnd_type = {
00099 PyObject_HEAD_INIT(NULL)
00100 0,
00101 "SAMR Alias Handle",
00102 sizeof(samr_alias_hnd_object),
00103 0,
00104 py_samr_alias_hnd_dealloc,
00105 0,
00106 py_samr_alias_hnd_getattr,
00107 0,
00108 0,
00109 0,
00110 0,
00111 0,
00112 0,
00113 0,
00114 };
00115
00116 PyObject *new_samr_alias_hnd_object(struct cli_state *cli, TALLOC_CTX *mem_ctx,
00117 POLICY_HND *pol)
00118 {
00119 samr_alias_hnd_object *o;
00120
00121 o = PyObject_New(samr_alias_hnd_object, &samr_alias_hnd_type);
00122
00123 o->cli = cli;
00124 o->mem_ctx = mem_ctx;
00125 memcpy(&o->alias_pol, pol, sizeof(POLICY_HND));
00126
00127 return (PyObject*)o;
00128 }
00129
00130
00131
00132 static void py_samr_user_hnd_dealloc(PyObject* self)
00133 {
00134 PyObject_Del(self);
00135 }
00136
00137 static PyObject *samr_set_user_info2(PyObject *self, PyObject *args,
00138 PyObject *kw)
00139 {
00140 samr_user_hnd_object *user_hnd = (samr_user_hnd_object *)self;
00141 static char *kwlist[] = { "dict", NULL };
00142 PyObject *info, *result = NULL;
00143 SAM_USERINFO_CTR ctr;
00144 TALLOC_CTX *mem_ctx;
00145 uchar sess_key[16];
00146 NTSTATUS ntstatus;
00147 int level;
00148 union {
00149 SAM_USER_INFO_16 id16;
00150 SAM_USER_INFO_21 id21;
00151 } pinfo;
00152
00153 if (!PyArg_ParseTupleAndKeywords(
00154 args, kw, "O!", kwlist, &PyDict_Type, &info))
00155 return NULL;
00156
00157 if (!get_level_value(info, &level)) {
00158 PyErr_SetString(samr_error, "invalid info level");
00159 return NULL;
00160 }
00161
00162 ZERO_STRUCT(ctr);
00163
00164 ctr.switch_value = level;
00165
00166 switch(level) {
00167 case 16:
00168 ctr.info.id16 = &pinfo.id16;
00169
00170 if (!py_to_SAM_USER_INFO_16(ctr.info.id16, info)) {
00171 PyErr_SetString(
00172 samr_error, "error converting user info");
00173 goto done;
00174 }
00175
00176 break;
00177 case 21:
00178 ctr.info.id21 = &pinfo.id21;
00179
00180 if (!py_to_SAM_USER_INFO_21(ctr.info.id21, info)) {
00181 PyErr_SetString(
00182 samr_error, "error converting user info");
00183 goto done;
00184 }
00185
00186 break;
00187 default:
00188 PyErr_SetString(samr_error, "unsupported info level");
00189 goto done;
00190 }
00191
00192
00193
00194 if (!(mem_ctx = talloc_init("samr_set_user_info2"))) {
00195 PyErr_SetString(
00196 samr_error, "unable to init talloc context\n");
00197 goto done;
00198 }
00199
00200 ntstatus = rpccli_samr_set_userinfo2(
00201 user_hnd->cli, mem_ctx, &user_hnd->user_pol, level,
00202 sess_key, &ctr);
00203
00204 talloc_destroy(mem_ctx);
00205
00206 if (!NT_STATUS_IS_OK(ntstatus)) {
00207 PyErr_SetObject(samr_ntstatus, py_ntstatus_tuple(ntstatus));
00208 goto done;
00209 }
00210
00211 Py_INCREF(Py_None);
00212 result = Py_None;
00213
00214 done:
00215 return result;
00216 }
00217
00218 static PyObject *samr_delete_dom_user(PyObject *self, PyObject *args,
00219 PyObject *kw)
00220 {
00221 samr_user_hnd_object *user_hnd = (samr_user_hnd_object *)self;
00222 static char *kwlist[] = { NULL };
00223 NTSTATUS ntstatus;
00224 TALLOC_CTX *mem_ctx;
00225 PyObject *result = NULL;
00226
00227 if (!PyArg_ParseTupleAndKeywords(
00228 args, kw, "", kwlist))
00229 return NULL;
00230
00231 if (!(mem_ctx = talloc_init("samr_delete_dom_user"))) {
00232 PyErr_SetString(samr_error, "unable to init talloc context");
00233 return NULL;
00234 }
00235
00236 ntstatus = rpccli_samr_delete_dom_user(
00237 user_hnd->cli, mem_ctx, &user_hnd->user_pol);
00238
00239 if (!NT_STATUS_IS_OK(ntstatus)) {
00240 PyErr_SetObject(samr_ntstatus, py_ntstatus_tuple(ntstatus));
00241 goto done;
00242 }
00243
00244 Py_INCREF(Py_None);
00245 result = Py_None;
00246
00247 done:
00248 talloc_destroy(mem_ctx);
00249
00250 return result;
00251 }
00252
00253 static PyMethodDef samr_user_methods[] = {
00254 { "delete_domain_user", (PyCFunction)samr_delete_dom_user,
00255 METH_VARARGS | METH_KEYWORDS,
00256 "Delete domain user." },
00257 { "set_user_info2", (PyCFunction)samr_set_user_info2,
00258 METH_VARARGS | METH_KEYWORDS,
00259 "Set user info 2" },
00260 { NULL }
00261 };
00262
00263 static PyObject *py_samr_user_hnd_getattr(PyObject *self, char *attrname)
00264 {
00265 return Py_FindMethod(samr_user_methods, self, attrname);
00266 }
00267
00268 PyTypeObject samr_user_hnd_type = {
00269 PyObject_HEAD_INIT(NULL)
00270 0,
00271 "SAMR User Handle",
00272 sizeof(samr_user_hnd_object),
00273 0,
00274 py_samr_user_hnd_dealloc,
00275 0,
00276 py_samr_user_hnd_getattr,
00277 0,
00278 0,
00279 0,
00280 0,
00281 0,
00282 0,
00283 0,
00284 };
00285
00286 PyObject *new_samr_user_hnd_object(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
00287 POLICY_HND *pol)
00288 {
00289 samr_user_hnd_object *o;
00290
00291 o = PyObject_New(samr_user_hnd_object, &samr_user_hnd_type);
00292
00293 o->cli = cli;
00294 o->mem_ctx = mem_ctx;
00295 memcpy(&o->user_pol, pol, sizeof(POLICY_HND));
00296
00297 return (PyObject*)o;
00298 }
00299
00300
00301
00302 static void py_samr_connect_hnd_dealloc(PyObject* self)
00303 {
00304 PyObject_Del(self);
00305 }
00306
00307 PyObject *new_samr_domain_hnd_object(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
00308 POLICY_HND *pol)
00309 {
00310 samr_domain_hnd_object *o;
00311
00312 o = PyObject_New(samr_domain_hnd_object, &samr_domain_hnd_type);
00313
00314 o->cli = cli;
00315 o->mem_ctx = mem_ctx;
00316 memcpy(&o->domain_pol, pol, sizeof(POLICY_HND));
00317
00318 return (PyObject*)o;
00319 }
00320
00321 static PyObject *samr_open_domain(PyObject *self, PyObject *args, PyObject *kw)
00322 {
00323 samr_connect_hnd_object *connect_hnd = (samr_connect_hnd_object *)self;
00324 static char *kwlist[] = { "sid", "access", NULL };
00325 uint32 desired_access = MAXIMUM_ALLOWED_ACCESS;
00326 char *sid_str;
00327 DOM_SID sid;
00328 TALLOC_CTX *mem_ctx = NULL;
00329 POLICY_HND domain_pol;
00330 NTSTATUS ntstatus;
00331 PyObject *result = NULL;
00332
00333 if (!PyArg_ParseTupleAndKeywords(
00334 args, kw, "s|i", kwlist, &sid_str, &desired_access))
00335 return NULL;
00336
00337 if (!string_to_sid(&sid, sid_str)) {
00338 PyErr_SetString(PyExc_TypeError, "string is not a sid");
00339 return NULL;
00340 }
00341
00342 if (!(mem_ctx = talloc_init("samr_open_domain"))) {
00343 PyErr_SetString(samr_error, "unable to init talloc context");
00344 return NULL;
00345 }
00346
00347 ntstatus = rpccli_samr_open_domain(
00348 connect_hnd->cli, mem_ctx, &connect_hnd->connect_pol,
00349 desired_access, &sid, &domain_pol);
00350
00351 if (!NT_STATUS_IS_OK(ntstatus)) {
00352 PyErr_SetObject(samr_ntstatus, py_ntstatus_tuple(ntstatus));
00353 goto done;
00354 }
00355
00356 result = new_samr_domain_hnd_object(
00357 connect_hnd->cli, mem_ctx, &domain_pol);
00358
00359 done:
00360 if (!result) {
00361 if (mem_ctx)
00362 talloc_destroy(mem_ctx);
00363 }
00364
00365 return result;
00366 }
00367
00368 static PyMethodDef samr_connect_methods[] = {
00369 { "open_domain", (PyCFunction)samr_open_domain,
00370 METH_VARARGS | METH_KEYWORDS,
00371 "Open a handle on a domain" },
00372
00373 { NULL }
00374 };
00375
00376 static PyObject *py_samr_connect_hnd_getattr(PyObject *self, char *attrname)
00377 {
00378 return Py_FindMethod(samr_connect_methods, self, attrname);
00379 }
00380
00381 PyTypeObject samr_connect_hnd_type = {
00382 PyObject_HEAD_INIT(NULL)
00383 0,
00384 "SAMR Connect Handle",
00385 sizeof(samr_connect_hnd_object),
00386 0,
00387 py_samr_connect_hnd_dealloc,
00388 0,
00389 py_samr_connect_hnd_getattr,
00390 0,
00391 0,
00392 0,
00393 0,
00394 0,
00395 0,
00396 0,
00397 };
00398
00399 PyObject *new_samr_connect_hnd_object(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
00400 POLICY_HND *pol)
00401 {
00402 samr_connect_hnd_object *o;
00403
00404 o = PyObject_New(samr_connect_hnd_object, &samr_connect_hnd_type);
00405
00406 o->cli = cli;
00407 o->mem_ctx = mem_ctx;
00408 memcpy(&o->connect_pol, pol, sizeof(POLICY_HND));
00409
00410 return (PyObject*)o;
00411 }
00412
00413
00414
00415 static void py_samr_domain_hnd_dealloc(PyObject* self)
00416 {
00417 PyObject_Del(self);
00418 }
00419
00420 static PyObject *samr_enum_dom_groups(PyObject *self, PyObject *args,
00421 PyObject *kw)
00422 {
00423 samr_domain_hnd_object *domain_hnd = (samr_domain_hnd_object *)self;
00424 static char *kwlist[] = { NULL };
00425 TALLOC_CTX *mem_ctx;
00426
00427 uint32 start_idx, size, num_dom_groups;
00428 struct acct_info *dom_groups;
00429 NTSTATUS result;
00430 PyObject *py_result = NULL;
00431
00432 if (!PyArg_ParseTupleAndKeywords(args, kw, "", kwlist))
00433 return NULL;
00434
00435 if (!(mem_ctx = talloc_init("samr_enum_dom_groups"))) {
00436 PyErr_SetString(samr_error, "unable to init talloc context");
00437 return NULL;
00438 }
00439
00440 start_idx = 0;
00441 size = 0xffff;
00442
00443 do {
00444 result = rpccli_samr_enum_dom_groups(
00445 domain_hnd->cli, mem_ctx, &domain_hnd->domain_pol,
00446 &start_idx, size, &dom_groups, &num_dom_groups);
00447
00448 if (NT_STATUS_IS_OK(result) ||
00449 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
00450 py_from_acct_info(&py_result, dom_groups,
00451 num_dom_groups);
00452 }
00453
00454 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
00455
00456 return py_result;
00457 }
00458
00459 static PyObject *samr_create_dom_user(PyObject *self, PyObject *args,
00460 PyObject *kw)
00461 {
00462 samr_domain_hnd_object *domain_hnd = (samr_domain_hnd_object *)self;
00463 static char *kwlist[] = { "account_name", "acb_info", NULL };
00464 char *account_name;
00465 NTSTATUS ntstatus;
00466 uint32 acct_flags = 0;
00467 uint32 user_rid;
00468 PyObject *result = NULL;
00469 TALLOC_CTX *mem_ctx;
00470 uint32 acb_info = ACB_NORMAL;
00471 POLICY_HND user_pol;
00472
00473 if (!PyArg_ParseTupleAndKeywords(
00474 args, kw, "s|i", kwlist, &account_name, &acb_info))
00475 return NULL;
00476
00477 if (!(mem_ctx = talloc_init("samr_create_dom_user"))) {
00478 PyErr_SetString(samr_error, "unable to init talloc context");
00479 return NULL;
00480 }
00481
00482 acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
00483 SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
00484 SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
00485 SAMR_USER_SETATTR;
00486 DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
00487 ntstatus = rpccli_samr_create_dom_user(
00488 domain_hnd->cli, mem_ctx, &domain_hnd->domain_pol,
00489 account_name, acb_info, acct_flags, &user_pol, &user_rid);
00490
00491 if (!NT_STATUS_IS_OK(ntstatus)) {
00492 PyErr_SetObject(samr_ntstatus, py_ntstatus_tuple(ntstatus));
00493 talloc_destroy(mem_ctx);
00494 goto done;
00495 }
00496
00497 result = new_samr_user_hnd_object(
00498 domain_hnd->cli, mem_ctx, &user_pol);
00499
00500 done:
00501
00502 return result;
00503 }
00504
00505 static PyMethodDef samr_domain_methods[] = {
00506 { "enum_domain_groups", (PyCFunction)samr_enum_dom_groups,
00507 METH_VARARGS | METH_KEYWORDS, "Enumerate domain groups" },
00508 { "create_domain_user", (PyCFunction)samr_create_dom_user,
00509 METH_VARARGS | METH_KEYWORDS, "Create domain user" },
00510 { NULL }
00511 };
00512
00513 static PyObject *py_samr_domain_hnd_getattr(PyObject *self, char *attrname)
00514 {
00515 return Py_FindMethod(samr_domain_methods, self, attrname);
00516 }
00517
00518 PyTypeObject samr_domain_hnd_type = {
00519 PyObject_HEAD_INIT(NULL)
00520 0,
00521 "SAMR Domain Handle",
00522 sizeof(samr_domain_hnd_object),
00523 0,
00524 py_samr_domain_hnd_dealloc,
00525 0,
00526 py_samr_domain_hnd_getattr,
00527 0,
00528 0,
00529 0,
00530 0,
00531 0,
00532 0,
00533 0,
00534 };
00535
00536 static PyObject *samr_connect(PyObject *self, PyObject *args, PyObject *kw)
00537 {
00538 static char *kwlist[] = { "server", "creds", "access", NULL };
00539 uint32 desired_access = MAXIMUM_ALLOWED_ACCESS;
00540 char *server, *errstr;
00541 struct cli_state *cli = NULL;
00542 POLICY_HND hnd;
00543 TALLOC_CTX *mem_ctx = NULL;
00544 PyObject *result = NULL, *creds = NULL;
00545 NTSTATUS ntstatus;
00546
00547 if (!PyArg_ParseTupleAndKeywords(
00548 args, kw, "s|Oi", kwlist, &server, &creds,
00549 &desired_access))
00550 return NULL;
00551
00552 if (server[0] != '\\' || server[1] != '\\') {
00553 PyErr_SetString(PyExc_ValueError, "UNC name required");
00554 return NULL;
00555 }
00556
00557 server += 2;
00558
00559 if (creds && creds != Py_None && !PyDict_Check(creds)) {
00560 PyErr_SetString(PyExc_TypeError,
00561 "credentials must be dictionary or None");
00562 return NULL;
00563 }
00564
00565 if (!(cli = open_pipe_creds(server, creds, PI_SAMR, &errstr))) {
00566 PyErr_SetString(samr_error, errstr);
00567 free(errstr);
00568 return NULL;
00569 }
00570
00571 if (!(mem_ctx = talloc_init("samr_connect"))) {
00572 PyErr_SetString(samr_ntstatus,
00573 "unable to init talloc context\n");
00574 goto done;
00575 }
00576
00577 ntstatus = rpccli_samr_connect(cli->pipe_list, mem_ctx, desired_access, &hnd);
00578
00579 if (!NT_STATUS_IS_OK(ntstatus)) {
00580 cli_shutdown(cli);
00581 PyErr_SetObject(samr_ntstatus, py_ntstatus_tuple(ntstatus));
00582 goto done;
00583 }
00584
00585 result = new_samr_connect_hnd_object(cli->pipe_list, mem_ctx, &hnd);
00586
00587 done:
00588 if (!result) {
00589 if (cli)
00590 cli_shutdown(cli);
00591
00592 if (mem_ctx)
00593 talloc_destroy(mem_ctx);
00594 }
00595
00596 return result;
00597 }
00598
00599
00600
00601
00602
00603 static PyMethodDef samr_methods[] = {
00604
00605
00606
00607 { "connect", (PyCFunction)samr_connect,
00608 METH_VARARGS | METH_KEYWORDS,
00609 "Open a connect handle" },
00610
00611 { NULL }
00612 };
00613
00614 static struct const_vals {
00615 char *name;
00616 uint32 value;
00617 } module_const_vals[] = {
00618
00619
00620
00621 { "ACB_DISABLED", 0x0001 },
00622 { "ACB_HOMDIRREQ", 0x0002 },
00623 { "ACB_PWNOTREQ", 0x0004 },
00624 { "ACB_TEMPDUP", 0x0008 },
00625 { "ACB_NORMAL", 0x0010 },
00626 { "ACB_MNS", 0x0020 },
00627 { "ACB_DOMTRUST", 0x0040 },
00628 { "ACB_WSTRUST", 0x0080 },
00629 { "ACB_SVRTRUST", 0x0100 },
00630 { "ACB_PWNOEXP", 0x0200 },
00631 { "ACB_AUTOLOCK", 0x0400 },
00632
00633 { NULL }
00634 };
00635
00636 static void const_init(PyObject *dict)
00637 {
00638 struct const_vals *tmp;
00639 PyObject *obj;
00640
00641 for (tmp = module_const_vals; tmp->name; tmp++) {
00642 obj = PyInt_FromLong(tmp->value);
00643 PyDict_SetItemString(dict, tmp->name, obj);
00644 Py_DECREF(obj);
00645 }
00646 }
00647
00648 void initsamr(void)
00649 {
00650 PyObject *module, *dict;
00651
00652
00653
00654 module = Py_InitModule("samr", samr_methods);
00655 dict = PyModule_GetDict(module);
00656
00657 samr_error = PyErr_NewException("samr.error", NULL, NULL);
00658 PyDict_SetItemString(dict, "error", samr_error);
00659
00660 samr_ntstatus = PyErr_NewException("samr.ntstatus", NULL, NULL);
00661 PyDict_SetItemString(dict, "ntstatus", samr_ntstatus);
00662
00663
00664
00665 samr_connect_hnd_type.ob_type = &PyType_Type;
00666 samr_domain_hnd_type.ob_type = &PyType_Type;
00667 samr_user_hnd_type.ob_type = &PyType_Type;
00668 samr_group_hnd_type.ob_type = &PyType_Type;
00669 samr_alias_hnd_type.ob_type = &PyType_Type;
00670
00671
00672
00673 const_init(dict);
00674
00675
00676
00677 py_samba_init();
00678
00679 setup_logging("samr", True);
00680 DEBUGLEVEL = 10;
00681 }