00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034 #include "includes.h"
00035
00036 #undef DBGC_CLASS
00037 #define DBGC_CLASS DBGC_RPC_SRV
00038
00039 #define SAMR_USR_RIGHTS_WRITE_PW \
00040 ( READ_CONTROL_ACCESS | \
00041 SA_RIGHT_USER_CHANGE_PASSWORD | \
00042 SA_RIGHT_USER_SET_LOC_COM )
00043 #define SAMR_USR_RIGHTS_CANT_WRITE_PW \
00044 ( READ_CONTROL_ACCESS | SA_RIGHT_USER_SET_LOC_COM )
00045
00046 #define DISP_INFO_CACHE_TIMEOUT 10
00047
00048 typedef struct disp_info {
00049 DOM_SID sid;
00050 BOOL builtin_domain;
00051 struct pdb_search *users;
00052 struct pdb_search *machines;
00053 struct pdb_search *groups;
00054 struct pdb_search *aliases;
00055
00056 uint16 enum_acb_mask;
00057 struct pdb_search *enum_users;
00058
00059
00060 smb_event_id_t di_cache_timeout_event;
00061 } DISP_INFO;
00062
00063
00064
00065
00066 struct samr_info {
00067
00068 DOM_SID sid;
00069 BOOL builtin_domain;
00070 uint32 status;
00071 uint32 acc_granted;
00072 DISP_INFO *disp_info;
00073 TALLOC_CTX *mem_ctx;
00074 };
00075
00076 static struct generic_mapping sam_generic_mapping = {
00077 GENERIC_RIGHTS_SAM_READ,
00078 GENERIC_RIGHTS_SAM_WRITE,
00079 GENERIC_RIGHTS_SAM_EXECUTE,
00080 GENERIC_RIGHTS_SAM_ALL_ACCESS};
00081 static struct generic_mapping dom_generic_mapping = {
00082 GENERIC_RIGHTS_DOMAIN_READ,
00083 GENERIC_RIGHTS_DOMAIN_WRITE,
00084 GENERIC_RIGHTS_DOMAIN_EXECUTE,
00085 GENERIC_RIGHTS_DOMAIN_ALL_ACCESS};
00086 static struct generic_mapping usr_generic_mapping = {
00087 GENERIC_RIGHTS_USER_READ,
00088 GENERIC_RIGHTS_USER_WRITE,
00089 GENERIC_RIGHTS_USER_EXECUTE,
00090 GENERIC_RIGHTS_USER_ALL_ACCESS};
00091 static struct generic_mapping usr_nopwchange_generic_mapping = {
00092 GENERIC_RIGHTS_USER_READ,
00093 GENERIC_RIGHTS_USER_WRITE,
00094 GENERIC_RIGHTS_USER_EXECUTE & ~SA_RIGHT_USER_CHANGE_PASSWORD,
00095 GENERIC_RIGHTS_USER_ALL_ACCESS};
00096 static struct generic_mapping grp_generic_mapping = {
00097 GENERIC_RIGHTS_GROUP_READ,
00098 GENERIC_RIGHTS_GROUP_WRITE,
00099 GENERIC_RIGHTS_GROUP_EXECUTE,
00100 GENERIC_RIGHTS_GROUP_ALL_ACCESS};
00101 static struct generic_mapping ali_generic_mapping = {
00102 GENERIC_RIGHTS_ALIAS_READ,
00103 GENERIC_RIGHTS_ALIAS_WRITE,
00104 GENERIC_RIGHTS_ALIAS_EXECUTE,
00105 GENERIC_RIGHTS_ALIAS_ALL_ACCESS};
00106
00107
00108
00109
00110 static NTSTATUS make_samr_object_sd( TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size,
00111 struct generic_mapping *map,
00112 DOM_SID *sid, uint32 sid_access )
00113 {
00114 DOM_SID domadmin_sid;
00115 SEC_ACE ace[5];
00116 SEC_ACCESS mask;
00117 size_t i = 0;
00118
00119 SEC_ACL *psa = NULL;
00120
00121
00122
00123 init_sec_access(&mask, map->generic_execute | map->generic_read );
00124 init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
00125
00126
00127
00128 init_sec_access(&mask, map->generic_all);
00129
00130 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
00131 init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
00132
00133
00134
00135 if ( IS_DC ) {
00136 sid_copy( &domadmin_sid, get_global_sam_sid() );
00137 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS );
00138 init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
00139 }
00140
00141
00142
00143 if ( sid ) {
00144 init_sec_access( &mask, sid_access );
00145 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
00146 }
00147
00148
00149
00150 if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL)
00151 return NT_STATUS_NO_MEMORY;
00152
00153 if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL)
00154 return NT_STATUS_NO_MEMORY;
00155
00156 return NT_STATUS_OK;
00157 }
00158
00159
00160
00161
00162
00163
00164 static NTSTATUS access_check_samr_object( SEC_DESC *psd, NT_USER_TOKEN *token,
00165 SE_PRIV *rights, uint32 rights_mask,
00166 uint32 des_access, uint32 *acc_granted,
00167 const char *debug )
00168 {
00169 NTSTATUS status = NT_STATUS_ACCESS_DENIED;
00170 uint32 saved_mask = 0;
00171
00172
00173
00174
00175
00176 if ( rights && user_has_any_privilege( token, rights ) ) {
00177
00178 saved_mask = (des_access & rights_mask);
00179 des_access &= ~saved_mask;
00180
00181 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n",
00182 rights_mask));
00183 }
00184
00185
00186
00187
00188 if ( se_access_check(psd, token, des_access, acc_granted, &status) )
00189 goto done;
00190
00191
00192
00193 if ( geteuid() == sec_initial_uid() ) {
00194
00195 DEBUG(4,("%s: ACCESS should be DENIED (requested: %#010x)\n", debug, des_access));
00196 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n"));
00197
00198 *acc_granted = des_access;
00199
00200 status = NT_STATUS_OK;
00201 goto done;
00202 }
00203
00204
00205 done:
00206
00207
00208
00209 *acc_granted |= rights_mask;
00210
00211 DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n",
00212 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED",
00213 des_access, *acc_granted));
00214
00215 return status;
00216 }
00217
00218
00219
00220
00221
00222 static NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug)
00223 {
00224 DEBUG(5,("%s: access check ((granted: %#010x; required: %#010x)\n",
00225 debug, acc_granted, acc_required));
00226
00227
00228
00229 if ( (acc_granted&acc_required) == acc_required )
00230 return NT_STATUS_OK;
00231
00232
00233
00234 if (geteuid() == sec_initial_uid()) {
00235
00236 DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x; required: %#010x)\n",
00237 debug, acc_granted, acc_required));
00238 DEBUGADD(4,("but overwritten by euid == 0\n"));
00239
00240 return NT_STATUS_OK;
00241 }
00242
00243 DEBUG(2,("%s: ACCESS DENIED (granted: %#010x; required: %#010x)\n",
00244 debug, acc_granted, acc_required));
00245
00246 return NT_STATUS_ACCESS_DENIED;
00247 }
00248
00249
00250
00251
00252
00253 static DISP_INFO *get_samr_dispinfo_by_sid(DOM_SID *psid)
00254 {
00255
00256
00257
00258
00259
00260
00261
00262
00263
00264
00265
00266
00267
00268
00269
00270
00271
00272
00273
00274
00275 static struct disp_info builtin_dispinfo;
00276 static struct disp_info domain_dispinfo;
00277
00278
00279
00280
00281
00282
00283 if (psid == NULL) {
00284 return NULL;
00285 }
00286
00287 if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) {
00288
00289
00290
00291 sid_copy(&builtin_dispinfo.sid, &global_sid_Builtin);
00292
00293 return &builtin_dispinfo;
00294 }
00295
00296 if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) {
00297
00298
00299
00300 sid_copy(&domain_dispinfo.sid, get_global_sam_sid());
00301
00302 return &domain_dispinfo;
00303 }
00304
00305 return NULL;
00306 }
00307
00308
00309
00310
00311
00312 static struct samr_info *get_samr_info_by_sid(DOM_SID *psid)
00313 {
00314 struct samr_info *info;
00315 fstring sid_str;
00316 TALLOC_CTX *mem_ctx;
00317
00318 if (psid) {
00319 sid_to_string(sid_str, psid);
00320 } else {
00321 fstrcpy(sid_str,"(NULL)");
00322 }
00323
00324 mem_ctx = talloc_init("samr_info for domain sid %s", sid_str);
00325
00326 if ((info = TALLOC_ZERO_P(mem_ctx, struct samr_info)) == NULL)
00327 return NULL;
00328
00329 DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str));
00330 if (psid) {
00331 sid_copy( &info->sid, psid);
00332 info->builtin_domain = sid_check_is_builtin(psid);
00333 } else {
00334 DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n"));
00335 info->builtin_domain = False;
00336 }
00337 info->mem_ctx = mem_ctx;
00338
00339 info->disp_info = get_samr_dispinfo_by_sid(psid);
00340
00341 return info;
00342 }
00343
00344
00345
00346
00347
00348 static void free_samr_cache(DISP_INFO *disp_info, const char *sid_str)
00349 {
00350 DEBUG(10,("free_samr_cache: deleting cache for SID %s\n", sid_str));
00351
00352
00353
00354
00355 become_root();
00356
00357 if (disp_info->users) {
00358 DEBUG(10,("free_samr_cache: deleting users cache\n"));
00359 pdb_search_destroy(disp_info->users);
00360 disp_info->users = NULL;
00361 }
00362 if (disp_info->machines) {
00363 DEBUG(10,("free_samr_cache: deleting machines cache\n"));
00364 pdb_search_destroy(disp_info->machines);
00365 disp_info->machines = NULL;
00366 }
00367 if (disp_info->groups) {
00368 DEBUG(10,("free_samr_cache: deleting groups cache\n"));
00369 pdb_search_destroy(disp_info->groups);
00370 disp_info->groups = NULL;
00371 }
00372 if (disp_info->aliases) {
00373 DEBUG(10,("free_samr_cache: deleting aliases cache\n"));
00374 pdb_search_destroy(disp_info->aliases);
00375 disp_info->aliases = NULL;
00376 }
00377 if (disp_info->enum_users) {
00378 DEBUG(10,("free_samr_cache: deleting enum_users cache\n"));
00379 pdb_search_destroy(disp_info->enum_users);
00380 disp_info->enum_users = NULL;
00381 }
00382 disp_info->enum_acb_mask = 0;
00383
00384 unbecome_root();
00385 }
00386
00387
00388
00389
00390
00391 static void free_samr_info(void *ptr)
00392 {
00393 struct samr_info *info=(struct samr_info *) ptr;
00394
00395
00396
00397
00398 if (info->disp_info && info->disp_info->di_cache_timeout_event == (smb_event_id_t)0) {
00399 fstring sid_str;
00400 sid_to_string(sid_str, &info->disp_info->sid);
00401 free_samr_cache(info->disp_info, sid_str);
00402 }
00403
00404 talloc_destroy(info->mem_ctx);
00405 }
00406
00407
00408
00409
00410
00411 static void disp_info_cache_idle_timeout_handler(void **private_data,
00412 time_t *ev_interval,
00413 time_t ev_now)
00414 {
00415 fstring sid_str;
00416 DISP_INFO *disp_info = (DISP_INFO *)(*private_data);
00417
00418 sid_to_string(sid_str, &disp_info->sid);
00419
00420 free_samr_cache(disp_info, sid_str);
00421
00422
00423 smb_unregister_idle_event(disp_info->di_cache_timeout_event);
00424 disp_info->di_cache_timeout_event = (smb_event_id_t)0;
00425
00426 DEBUG(10,("disp_info_cache_idle_timeout_handler: caching timed out for SID %s at %u\n",
00427 sid_str, (unsigned int)ev_now));
00428 }
00429
00430
00431
00432
00433
00434 static void set_disp_info_cache_timeout(DISP_INFO *disp_info, time_t secs_fromnow)
00435 {
00436 fstring sid_str;
00437
00438 sid_to_string(sid_str, &disp_info->sid);
00439
00440
00441
00442 if (disp_info->di_cache_timeout_event) {
00443 smb_unregister_idle_event(disp_info->di_cache_timeout_event);
00444 disp_info->di_cache_timeout_event = (smb_event_id_t)0;
00445 }
00446
00447 DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for SID %s for %u seconds\n",
00448 sid_str, (unsigned int)secs_fromnow ));
00449
00450 disp_info->di_cache_timeout_event =
00451 smb_register_idle_event(disp_info_cache_idle_timeout_handler,
00452 disp_info,
00453 secs_fromnow);
00454 }
00455
00456
00457
00458
00459
00460
00461 static void force_flush_samr_cache(DISP_INFO *disp_info)
00462 {
00463 if (disp_info) {
00464 fstring sid_str;
00465
00466 sid_to_string(sid_str, &disp_info->sid);
00467 if (disp_info->di_cache_timeout_event) {
00468 smb_unregister_idle_event(disp_info->di_cache_timeout_event);
00469 disp_info->di_cache_timeout_event = (smb_event_id_t)0;
00470 DEBUG(10,("force_flush_samr_cache: clearing idle event for SID %s\n",
00471 sid_str));
00472 }
00473 free_samr_cache(disp_info, sid_str);
00474 }
00475 }
00476
00477
00478
00479
00480
00481 static void samr_clear_sam_passwd(struct samu *sam_pass)
00482 {
00483
00484 if (!sam_pass)
00485 return;
00486
00487
00488
00489 pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT);
00490 pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT);
00491 }
00492
00493 static uint32 count_sam_users(struct disp_info *info, uint32 acct_flags)
00494 {
00495 struct samr_displayentry *entry;
00496
00497 if (info->builtin_domain) {
00498
00499 return 0;
00500 }
00501
00502 if (info->users == NULL) {
00503 info->users = pdb_search_users(acct_flags);
00504 if (info->users == NULL) {
00505 return 0;
00506 }
00507 }
00508
00509 pdb_search_entries(info->users, 0xffffffff, 1, &entry);
00510
00511
00512 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
00513
00514 return info->users->num_entries;
00515 }
00516
00517 static uint32 count_sam_groups(struct disp_info *info)
00518 {
00519 struct samr_displayentry *entry;
00520
00521 if (info->builtin_domain) {
00522
00523 return 0;
00524 }
00525
00526 if (info->groups == NULL) {
00527 info->groups = pdb_search_groups();
00528 if (info->groups == NULL) {
00529 return 0;
00530 }
00531 }
00532
00533 pdb_search_entries(info->groups, 0xffffffff, 1, &entry);
00534
00535
00536 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
00537
00538 return info->groups->num_entries;
00539 }
00540
00541 static uint32 count_sam_aliases(struct disp_info *info)
00542 {
00543 struct samr_displayentry *entry;
00544
00545 if (info->aliases == NULL) {
00546 info->aliases = pdb_search_aliases(&info->sid);
00547 if (info->aliases == NULL) {
00548 return 0;
00549 }
00550 }
00551
00552 pdb_search_entries(info->aliases, 0xffffffff, 1, &entry);
00553
00554
00555 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT);
00556
00557 return info->aliases->num_entries;
00558 }
00559
00560
00561
00562
00563
00564 NTSTATUS _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND *r_u)
00565 {
00566 r_u->status = NT_STATUS_OK;
00567
00568
00569 if (!close_policy_hnd(p, &q_u->pol))
00570 return NT_STATUS_OBJECT_NAME_INVALID;
00571
00572 DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__));
00573
00574 return r_u->status;
00575 }
00576
00577
00578
00579
00580
00581 NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u)
00582 {
00583 struct samr_info *info;
00584 SEC_DESC *psd = NULL;
00585 uint32 acc_granted;
00586 uint32 des_access = q_u->flags;
00587 NTSTATUS status;
00588 size_t sd_size;
00589 SE_PRIV se_rights;
00590
00591 r_u->status = NT_STATUS_OK;
00592
00593
00594
00595 if ( !find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info) )
00596 return NT_STATUS_INVALID_HANDLE;
00597
00598 status = access_check_samr_function( info->acc_granted,
00599 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_open_domain" );
00600
00601 if ( !NT_STATUS_IS_OK(status) )
00602 return status;
00603
00604
00605
00606 make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 );
00607 se_map_generic( &des_access, &dom_generic_mapping );
00608
00609 se_priv_copy( &se_rights, &se_machine_account );
00610 se_priv_add( &se_rights, &se_add_users );
00611
00612 status = access_check_samr_object( psd, p->pipe_user.nt_user_token,
00613 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access,
00614 &acc_granted, "_samr_open_domain" );
00615
00616 if ( !NT_STATUS_IS_OK(status) )
00617 return status;
00618
00619 if (!sid_check_is_domain(&q_u->dom_sid.sid) &&
00620 !sid_check_is_builtin(&q_u->dom_sid.sid)) {
00621 return NT_STATUS_NO_SUCH_DOMAIN;
00622 }
00623
00624
00625 if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL)
00626 return NT_STATUS_NO_MEMORY;
00627 info->acc_granted = acc_granted;
00628
00629
00630 if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info))
00631 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
00632
00633 DEBUG(5,("samr_open_domain: %d\n", __LINE__));
00634
00635 return r_u->status;
00636 }
00637
00638
00639
00640
00641
00642 NTSTATUS _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, SAMR_R_GET_USRDOM_PWINFO *r_u)
00643 {
00644 struct samr_info *info = NULL;
00645
00646 r_u->status = NT_STATUS_OK;
00647
00648
00649 if (!find_policy_by_hnd(p, &q_u->user_pol, (void **)(void *)&info))
00650 return NT_STATUS_INVALID_HANDLE;
00651
00652 if (!sid_check_is_in_our_domain(&info->sid))
00653 return NT_STATUS_OBJECT_TYPE_MISMATCH;
00654
00655 init_samr_r_get_usrdom_pwinfo(r_u, NT_STATUS_OK);
00656
00657 DEBUG(5,("_samr_get_usrdom_pwinfo: %d\n", __LINE__));
00658
00659
00660
00661
00662
00663
00664 return r_u->status;
00665 }
00666
00667
00668
00669
00670 static BOOL get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol,
00671 DOM_SID *sid, uint32 *acc_granted,
00672 DISP_INFO **ppdisp_info)
00673 {
00674 struct samr_info *info = NULL;
00675
00676
00677 if (!find_policy_by_hnd(p, pol, (void **)(void *)&info))
00678 return False;
00679
00680 if (!info)
00681 return False;
00682
00683 *sid = info->sid;
00684 *acc_granted = info->acc_granted;
00685 if (ppdisp_info) {
00686 *ppdisp_info = info->disp_info;
00687 }
00688
00689 return True;
00690 }
00691
00692
00693
00694
00695
00696 NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u)
00697 {
00698 DOM_SID pol_sid;
00699 uint32 acc_granted, i;
00700 SEC_ACL *dacl;
00701 BOOL ret;
00702 struct samu *sampass=NULL;
00703 NTSTATUS status;
00704
00705 r_u->status = NT_STATUS_OK;
00706
00707 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL))
00708 return NT_STATUS_INVALID_HANDLE;
00709
00710 if (!(sampass = samu_new( p->mem_ctx))) {
00711 DEBUG(0,("No memory!\n"));
00712 return NT_STATUS_NO_MEMORY;
00713 }
00714
00715
00716 become_root();
00717 ret = pdb_getsampwsid(sampass, &pol_sid);
00718 unbecome_root();
00719
00720 if (!ret) {
00721 DEBUG(4, ("User %s not found\n", sid_string_static(&pol_sid)));
00722 TALLOC_FREE(sampass);
00723 return NT_STATUS_INVALID_HANDLE;
00724 }
00725
00726 dacl = q_u->buf->sec->dacl;
00727 for (i=0; i < dacl->num_aces; i++) {
00728 if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
00729 ret = pdb_set_pass_can_change(sampass,
00730 (dacl->aces[i].access_mask &
00731 SA_RIGHT_USER_CHANGE_PASSWORD) ?
00732 True: False);
00733 break;
00734 }
00735 }
00736
00737 if (!ret) {
00738 TALLOC_FREE(sampass);
00739 return NT_STATUS_ACCESS_DENIED;
00740 }
00741
00742 status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj");
00743 if (NT_STATUS_IS_OK(status)) {
00744 become_root();
00745 status = pdb_update_sam_account(sampass);
00746 unbecome_root();
00747 }
00748
00749 TALLOC_FREE(sampass);
00750
00751 return status;
00752 }
00753
00754
00755
00756
00757 static BOOL check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
00758 {
00759 struct samu *sampass=NULL;
00760 BOOL ret;
00761
00762 if ( !(sampass = samu_new( mem_ctx )) ) {
00763 DEBUG(0,("No memory!\n"));
00764 return False;
00765 }
00766
00767 become_root();
00768 ret = pdb_getsampwsid(sampass, user_sid);
00769 unbecome_root();
00770
00771 if (ret == False) {
00772 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
00773 TALLOC_FREE(sampass);
00774 return False;
00775 }
00776
00777 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) ));
00778
00779 if (pdb_get_pass_can_change(sampass)) {
00780 TALLOC_FREE(sampass);
00781 return True;
00782 }
00783 TALLOC_FREE(sampass);
00784 return False;
00785 }
00786
00787
00788
00789
00790
00791
00792 NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QUERY_SEC_OBJ *r_u)
00793 {
00794 DOM_SID pol_sid;
00795 fstring str_sid;
00796 SEC_DESC * psd = NULL;
00797 uint32 acc_granted;
00798 size_t sd_size;
00799
00800 r_u->status = NT_STATUS_OK;
00801
00802
00803 if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL))
00804 return NT_STATUS_INVALID_HANDLE;
00805
00806 DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n", sid_to_string(str_sid, &pol_sid)));
00807
00808
00809
00810
00811 if (pol_sid.sid_rev_num == 0) {
00812 DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n"));
00813 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
00814 } else if (sid_equal(&pol_sid,get_global_sam_sid())) {
00815
00816 DEBUG(5,("_samr_query_sec_obj: querying security on Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
00817 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
00818 } else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
00819
00820
00821 DEBUG(5,("_samr_query_sec_obj: querying security on Builtin Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
00822 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
00823 } else if (sid_check_is_in_our_domain(&pol_sid) ||
00824 sid_check_is_in_builtin(&pol_sid)) {
00825
00826
00827 DEBUG(10,("_samr_query_sec_obj: querying security on Object with SID: %s\n", sid_to_string(str_sid, &pol_sid)));
00828 if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
00829 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
00830 &pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
00831 } else {
00832 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
00833 &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
00834 }
00835 } else {
00836 return NT_STATUS_OBJECT_TYPE_MISMATCH;
00837 }
00838
00839 if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
00840 return NT_STATUS_NO_MEMORY;
00841
00842 if (NT_STATUS_IS_OK(r_u->status))
00843 r_u->ptr = 1;
00844
00845 return r_u->status;
00846 }
00847
00848
00849
00850
00851
00852 static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp,
00853 UNISTR2 **uni_name_pp,
00854 uint32 num_entries, uint32 start_idx,
00855 struct samr_displayentry *entries)
00856 {
00857 uint32 i;
00858 SAM_ENTRY *sam;
00859 UNISTR2 *uni_name;
00860
00861 *sam_pp = NULL;
00862 *uni_name_pp = NULL;
00863
00864 if (num_entries == 0)
00865 return NT_STATUS_OK;
00866
00867 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_entries);
00868
00869 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_entries);
00870
00871 if (sam == NULL || uni_name == NULL) {
00872 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n"));
00873 return NT_STATUS_NO_MEMORY;
00874 }
00875
00876 for (i = 0; i < num_entries; i++) {
00877 UNISTR2 uni_temp_name;
00878
00879
00880
00881
00882 if (entries[i].acct_flags & ACB_DOMTRUST) {
00883 init_unistr2(&uni_temp_name, entries[i].account_name,
00884 UNI_FLAGS_NONE);
00885 } else {
00886 init_unistr2(&uni_temp_name, entries[i].account_name,
00887 UNI_STR_TERMINATE);
00888 }
00889
00890 init_sam_entry(&sam[i], &uni_temp_name, entries[i].rid);
00891 copy_unistr2(&uni_name[i], &uni_temp_name);
00892 }
00893
00894 *sam_pp = sam;
00895 *uni_name_pp = uni_name;
00896 return NT_STATUS_OK;
00897 }
00898
00899
00900
00901
00902
00903 NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u,
00904 SAMR_R_ENUM_DOM_USERS *r_u)
00905 {
00906 struct samr_info *info = NULL;
00907 int num_account;
00908 uint32 enum_context=q_u->start_idx;
00909 enum remote_arch_types ra_type = get_remote_arch();
00910 int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
00911 uint32 max_entries = max_sam_entries;
00912 struct samr_displayentry *entries = NULL;
00913
00914 r_u->status = NT_STATUS_OK;
00915
00916
00917 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
00918 return NT_STATUS_INVALID_HANDLE;
00919
00920 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted,
00921 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
00922 "_samr_enum_dom_users"))) {
00923 return r_u->status;
00924 }
00925
00926 DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__));
00927
00928 if (info->builtin_domain) {
00929
00930 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0);
00931 DEBUG(5,("_samr_enum_dom_users: No users in BUILTIN\n"));
00932 return r_u->status;
00933 }
00934
00935 become_root();
00936
00937
00938
00939 if ((info->disp_info->enum_users != NULL) &&
00940 (info->disp_info->enum_acb_mask != q_u->acb_mask)) {
00941 pdb_search_destroy(info->disp_info->enum_users);
00942 info->disp_info->enum_users = NULL;
00943 }
00944
00945 if (info->disp_info->enum_users == NULL) {
00946 info->disp_info->enum_users = pdb_search_users(q_u->acb_mask);
00947 info->disp_info->enum_acb_mask = q_u->acb_mask;
00948 }
00949
00950 if (info->disp_info->enum_users == NULL) {
00951
00952 unbecome_root();
00953 return NT_STATUS_ACCESS_DENIED;
00954 }
00955
00956 num_account = pdb_search_entries(info->disp_info->enum_users,
00957 enum_context, max_entries,
00958 &entries);
00959
00960
00961
00962 unbecome_root();
00963
00964 if (num_account == 0) {
00965 DEBUG(5, ("_samr_enum_dom_users: enumeration handle over "
00966 "total entries\n"));
00967 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0);
00968 return NT_STATUS_OK;
00969 }
00970
00971 r_u->status = make_user_sam_entry_list(p->mem_ctx, &r_u->sam,
00972 &r_u->uni_acct_name,
00973 num_account, enum_context,
00974 entries);
00975
00976 if (!NT_STATUS_IS_OK(r_u->status))
00977 return r_u->status;
00978
00979 if (max_entries <= num_account) {
00980 r_u->status = STATUS_MORE_ENTRIES;
00981 } else {
00982 r_u->status = NT_STATUS_OK;
00983 }
00984
00985
00986 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
00987
00988 DEBUG(5, ("_samr_enum_dom_users: %d\n", __LINE__));
00989
00990 init_samr_r_enum_dom_users(r_u, q_u->start_idx + num_account,
00991 num_account);
00992
00993 DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__));
00994
00995 return r_u->status;
00996 }
00997
00998
00999
01000
01001
01002 static void make_group_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp,
01003 UNISTR2 **uni_name_pp,
01004 uint32 num_sam_entries,
01005 struct samr_displayentry *entries)
01006 {
01007 uint32 i;
01008 SAM_ENTRY *sam;
01009 UNISTR2 *uni_name;
01010
01011 *sam_pp = NULL;
01012 *uni_name_pp = NULL;
01013
01014 if (num_sam_entries == 0)
01015 return;
01016
01017 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries);
01018 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries);
01019
01020 if (sam == NULL || uni_name == NULL) {
01021 DEBUG(0, ("NULL pointers in SAMR_R_QUERY_DISPINFO\n"));
01022 return;
01023 }
01024
01025 for (i = 0; i < num_sam_entries; i++) {
01026
01027
01028
01029 init_unistr2(&uni_name[i], entries[i].account_name,
01030 UNI_STR_TERMINATE);
01031 init_sam_entry(&sam[i], &uni_name[i], entries[i].rid);
01032 }
01033
01034 *sam_pp = sam;
01035 *uni_name_pp = uni_name;
01036 }
01037
01038
01039
01040
01041
01042 NTSTATUS _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAMR_R_ENUM_DOM_GROUPS *r_u)
01043 {
01044 struct samr_info *info = NULL;
01045 struct samr_displayentry *groups;
01046 uint32 num_groups;
01047
01048 r_u->status = NT_STATUS_OK;
01049
01050
01051 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
01052 return NT_STATUS_INVALID_HANDLE;
01053
01054 r_u->status = access_check_samr_function(info->acc_granted,
01055 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
01056 "_samr_enum_dom_groups");
01057 if (!NT_STATUS_IS_OK(r_u->status))
01058 return r_u->status;
01059
01060 DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__));
01061
01062 if (info->builtin_domain) {
01063
01064 init_samr_r_enum_dom_groups(r_u, q_u->start_idx, 0);
01065 DEBUG(5,("_samr_enum_dom_users: No groups in BUILTIN\n"));
01066 return r_u->status;
01067 }
01068
01069
01070
01071 become_root();
01072
01073 if (info->disp_info->groups == NULL) {
01074 info->disp_info->groups = pdb_search_groups();
01075
01076 if (info->disp_info->groups == NULL) {
01077 unbecome_root();
01078 return NT_STATUS_ACCESS_DENIED;
01079 }
01080 }
01081
01082 num_groups = pdb_search_entries(info->disp_info->groups, q_u->start_idx,
01083 MAX_SAM_ENTRIES, &groups);
01084 unbecome_root();
01085
01086
01087 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
01088
01089 make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name,
01090 num_groups, groups);
01091
01092 init_samr_r_enum_dom_groups(r_u, q_u->start_idx, num_groups);
01093
01094 DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__));
01095
01096 return r_u->status;
01097 }
01098
01099
01100
01101
01102
01103 NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, SAMR_R_ENUM_DOM_ALIASES *r_u)
01104 {
01105 struct samr_info *info;
01106 struct samr_displayentry *aliases;
01107 uint32 num_aliases = 0;
01108
01109
01110 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
01111 return NT_STATUS_INVALID_HANDLE;
01112
01113 r_u->status = access_check_samr_function(info->acc_granted,
01114 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
01115 "_samr_enum_dom_aliases");
01116 if (!NT_STATUS_IS_OK(r_u->status))
01117 return r_u->status;
01118
01119 DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n",
01120 sid_string_static(&info->sid)));
01121
01122 become_root();
01123
01124 if (info->disp_info->aliases == NULL) {
01125 info->disp_info->aliases = pdb_search_aliases(&info->sid);
01126 if (info->disp_info->aliases == NULL) {
01127 unbecome_root();
01128 return NT_STATUS_ACCESS_DENIED;
01129 }
01130 }
01131
01132 num_aliases = pdb_search_entries(info->disp_info->aliases, q_u->start_idx,
01133 MAX_SAM_ENTRIES, &aliases);
01134 unbecome_root();
01135
01136
01137 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
01138
01139 make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name,
01140 num_aliases, aliases);
01141
01142 init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_aliases,
01143 num_aliases);
01144
01145 DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__));
01146
01147 return r_u->status;
01148 }
01149
01150
01151
01152
01153
01154 NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u,
01155 SAMR_R_QUERY_DISPINFO *r_u)
01156 {
01157 struct samr_info *info = NULL;
01158 uint32 struct_size=0x20;
01159
01160 uint32 max_entries=q_u->max_entries;
01161 uint32 enum_context=q_u->start_idx;
01162 uint32 max_size=q_u->max_size;
01163
01164 SAM_DISPINFO_CTR *ctr;
01165 uint32 temp_size=0, total_data_size=0;
01166 NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL;
01167 uint32 num_account = 0;
01168 enum remote_arch_types ra_type = get_remote_arch();
01169 int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K;
01170 struct samr_displayentry *entries = NULL;
01171
01172 DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
01173 r_u->status = NT_STATUS_UNSUCCESSFUL;
01174
01175
01176 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info))
01177 return NT_STATUS_INVALID_HANDLE;
01178
01179
01180
01181
01182
01183
01184
01185
01186
01187
01188
01189
01190
01191
01192
01193
01194
01195
01196
01197
01198
01199
01200
01201
01202
01203
01204
01205
01206
01207 if ((q_u->switch_level < 1) || (q_u->switch_level > 5)) {
01208 DEBUG(0,("_samr_query_dispinfo: Unknown info level (%u)\n",
01209 (unsigned int)q_u->switch_level ));
01210 return NT_STATUS_INVALID_INFO_CLASS;
01211 }
01212
01213
01214 if(max_entries > max_sam_entries) {
01215 DEBUG(5, ("samr_reply_query_dispinfo: client requested %d "
01216 "entries, limiting to %d\n", max_entries,
01217 max_sam_entries));
01218 max_entries = max_sam_entries;
01219 }
01220
01221
01222
01223
01224 temp_size=max_entries*struct_size;
01225
01226 if (temp_size>max_size) {
01227 max_entries=MIN((max_size/struct_size),max_entries);;
01228 DEBUG(5, ("samr_reply_query_dispinfo: buffer size limits to "
01229 "only %d entries\n", max_entries));
01230 }
01231
01232 if (!(ctr = TALLOC_ZERO_P(p->mem_ctx,SAM_DISPINFO_CTR)))
01233 return NT_STATUS_NO_MEMORY;
01234
01235 ZERO_STRUCTP(ctr);
01236
01237 become_root();
01238
01239
01240
01241 switch (q_u->switch_level) {
01242 case 0x1:
01243 case 0x4:
01244 if (info->disp_info->users == NULL) {
01245 info->disp_info->users = pdb_search_users(ACB_NORMAL);
01246 if (info->disp_info->users == NULL) {
01247 unbecome_root();
01248 return NT_STATUS_ACCESS_DENIED;
01249 }
01250 DEBUG(10,("samr_reply_query_dispinfo: starting user enumeration at index %u\n",
01251 (unsigned int)enum_context ));
01252 } else {
01253 DEBUG(10,("samr_reply_query_dispinfo: using cached user enumeration at index %u\n",
01254 (unsigned int)enum_context ));
01255 }
01256
01257 num_account = pdb_search_entries(info->disp_info->users,
01258 enum_context, max_entries,
01259 &entries);
01260 break;
01261 case 0x2:
01262 if (info->disp_info->machines == NULL) {
01263 info->disp_info->machines =
01264 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST);
01265 if (info->disp_info->machines == NULL) {
01266 unbecome_root();
01267 return NT_STATUS_ACCESS_DENIED;
01268 }
01269 DEBUG(10,("samr_reply_query_dispinfo: starting machine enumeration at index %u\n",
01270 (unsigned int)enum_context ));
01271 } else {
01272 DEBUG(10,("samr_reply_query_dispinfo: using cached machine enumeration at index %u\n",
01273 (unsigned int)enum_context ));
01274 }
01275
01276 num_account = pdb_search_entries(info->disp_info->machines,
01277 enum_context, max_entries,
01278 &entries);
01279 break;
01280 case 0x3:
01281 case 0x5:
01282 if (info->disp_info->groups == NULL) {
01283 info->disp_info->groups = pdb_search_groups();
01284 if (info->disp_info->groups == NULL) {
01285 unbecome_root();
01286 return NT_STATUS_ACCESS_DENIED;
01287 }
01288 DEBUG(10,("samr_reply_query_dispinfo: starting group enumeration at index %u\n",
01289 (unsigned int)enum_context ));
01290 } else {
01291 DEBUG(10,("samr_reply_query_dispinfo: using cached group enumeration at index %u\n",
01292 (unsigned int)enum_context ));
01293 }
01294
01295 num_account = pdb_search_entries(info->disp_info->groups,
01296 enum_context, max_entries,
01297 &entries);
01298 break;
01299 default:
01300 unbecome_root();
01301 smb_panic("info class changed");
01302 break;
01303 }
01304 unbecome_root();
01305
01306
01307 switch (q_u->switch_level) {
01308 case 0x1:
01309 disp_ret = init_sam_dispinfo_1(p->mem_ctx, &ctr->sam.info1,
01310 num_account, enum_context,
01311 entries);
01312 break;
01313 case 0x2:
01314 disp_ret = init_sam_dispinfo_2(p->mem_ctx, &ctr->sam.info2,
01315 num_account, enum_context,
01316 entries);
01317 break;
01318 case 0x3:
01319 disp_ret = init_sam_dispinfo_3(p->mem_ctx, &ctr->sam.info3,
01320 num_account, enum_context,
01321 entries);
01322 break;
01323 case 0x4:
01324 disp_ret = init_sam_dispinfo_4(p->mem_ctx, &ctr->sam.info4,
01325 num_account, enum_context,
01326 entries);
01327 break;
01328 case 0x5:
01329 disp_ret = init_sam_dispinfo_5(p->mem_ctx, &ctr->sam.info5,
01330 num_account, enum_context,
01331 entries);
01332 break;
01333 default:
01334 smb_panic("info class changed");
01335 break;
01336 }
01337
01338 if (!NT_STATUS_IS_OK(disp_ret))
01339 return disp_ret;
01340
01341 temp_size = num_account * struct_size;
01342
01343 if (num_account) {
01344 r_u->status = STATUS_MORE_ENTRIES;
01345 } else {
01346 r_u->status = NT_STATUS_OK;
01347 }
01348
01349 if (num_account < max_entries) {
01350 r_u->status = NT_STATUS_OK;
01351 }
01352
01353
01354 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
01355
01356 DEBUG(5, ("_samr_query_dispinfo: %d\n", __LINE__));
01357
01358 init_samr_r_query_dispinfo(r_u, num_account, total_data_size,
01359 temp_size, q_u->switch_level, ctr,
01360 r_u->status);
01361
01362 return r_u->status;
01363
01364 }
01365
01366
01367
01368
01369
01370 NTSTATUS _samr_query_aliasinfo(pipes_struct *p, SAMR_Q_QUERY_ALIASINFO *q_u, SAMR_R_QUERY_ALIASINFO *r_u)
01371 {
01372 DOM_SID sid;
01373 struct acct_info info;
01374 uint32 acc_granted;
01375 BOOL ret;
01376
01377 r_u->status = NT_STATUS_OK;
01378
01379 DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__));
01380
01381
01382 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL))
01383 return NT_STATUS_INVALID_HANDLE;
01384 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_LOOKUP_INFO, "_samr_query_aliasinfo"))) {
01385 return r_u->status;
01386 }
01387
01388 become_root();
01389 ret = pdb_get_aliasinfo(&sid, &info);
01390 unbecome_root();
01391
01392 if ( !ret )
01393 return NT_STATUS_NO_SUCH_ALIAS;
01394
01395 if ( !(r_u->ctr = TALLOC_ZERO_P( p->mem_ctx, ALIAS_INFO_CTR )) )
01396 return NT_STATUS_NO_MEMORY;
01397
01398
01399 switch (q_u->level ) {
01400 case 1:
01401 r_u->ctr->level = 1;
01402 init_samr_alias_info1(&r_u->ctr->alias.info1, info.acct_name, 1, info.acct_desc);
01403 break;
01404 case 3:
01405 r_u->ctr->level = 3;
01406 init_samr_alias_info3(&r_u->ctr->alias.info3, info.acct_desc);
01407 break;
01408 default:
01409 return NT_STATUS_INVALID_INFO_CLASS;
01410 }
01411
01412 DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__));
01413
01414 return r_u->status;
01415 }
01416
01417 #if 0
01418
01419
01420
01421
01422 uint32 _samr_lookup_ids(pipes_struct *p, SAMR_Q_LOOKUP_IDS *q_u, SAMR_R_LOOKUP_IDS *r_u)
01423 {
01424 uint32 rid[MAX_SAM_ENTRIES];
01425 int num_rids = q_u->num_sids1;
01426
01427 r_u->status = NT_STATUS_OK;
01428
01429 DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__));
01430
01431 if (num_rids > MAX_SAM_ENTRIES) {
01432 num_rids = MAX_SAM_ENTRIES;
01433 DEBUG(5,("_samr_lookup_ids: truncating entries to %d\n", num_rids));
01434 }
01435
01436 #if 0
01437 int i;
01438 SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids);
01439
01440 for (i = 0; i < num_rids && status == 0; i++)
01441 {
01442 struct sam_passwd *sam_pass;
01443 fstring user_name;
01444
01445
01446 fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer,
01447 q_u->uni_user_name[i].uni_str_len));
01448
01449
01450 become_root();
01451 sam_pass = get_smb21pwd_entry(user_name, 0);
01452 unbecome_root();
01453
01454 if (sam_pass == NULL)
01455 {
01456 status = 0xC0000000 | NT_STATUS_NO_SUCH_USER;
01457 rid[i] = 0;
01458 }
01459 else
01460 {
01461 rid[i] = sam_pass->user_rid;
01462 }
01463 }
01464 #endif
01465
01466 num_rids = 1;
01467 rid[0] = BUILTIN_ALIAS_RID_USERS;
01468
01469 init_samr_r_lookup_ids(&r_u, num_rids, rid, NT_STATUS_OK);
01470
01471 DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__));
01472
01473 return r_u->status;
01474 }
01475 #endif
01476
01477
01478
01479
01480
01481 NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LOOKUP_NAMES *r_u)
01482 {
01483 uint32 rid[MAX_SAM_ENTRIES];
01484 enum lsa_SidType type[MAX_SAM_ENTRIES];
01485 int i;
01486 int num_rids = q_u->num_names2;
01487 DOM_SID pol_sid;
01488 fstring sid_str;
01489 uint32 acc_granted;
01490
01491 r_u->status = NT_STATUS_OK;
01492
01493 DEBUG(5,("_samr_lookup_names: %d\n", __LINE__));
01494
01495 ZERO_ARRAY(rid);
01496 ZERO_ARRAY(type);
01497
01498 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) {
01499 init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH);
01500 return r_u->status;
01501 }
01502
01503 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, 0, "_samr_lookup_names"))) {
01504 return r_u->status;
01505 }
01506
01507 if (num_rids > MAX_SAM_ENTRIES) {
01508 num_rids = MAX_SAM_ENTRIES;
01509 DEBUG(5,("_samr_lookup_names: truncating entries to %d\n", num_rids));
01510 }
01511
01512 DEBUG(5,("_samr_lookup_names: looking name on SID %s\n", sid_to_string(sid_str, &pol_sid)));
01513
01514 for (i = 0; i < num_rids; i++) {
01515 fstring name;
01516 int ret;
01517
01518 r_u->status = NT_STATUS_NONE_MAPPED;
01519 type[i] = SID_NAME_UNKNOWN;
01520
01521 rid [i] = 0xffffffff;
01522
01523 ret = rpcstr_pull(name, q_u->uni_name[i].buffer, sizeof(name), q_u->uni_name[i].uni_str_len*2, 0);
01524
01525 if (ret <= 0) {
01526 continue;
01527 }
01528
01529 if (sid_check_is_builtin(&pol_sid)) {
01530 if (lookup_builtin_name(name, &rid[i])) {
01531 type[i] = SID_NAME_ALIAS;
01532 }
01533 } else {
01534 lookup_global_sam_name(name, 0, &rid[i], &type[i]);
01535 }
01536
01537 if (type[i] != SID_NAME_UNKNOWN) {
01538 r_u->status = NT_STATUS_OK;
01539 }
01540 }
01541
01542 init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, type, r_u->status);
01543
01544 DEBUG(5,("_samr_lookup_names: %d\n", __LINE__));
01545
01546 return r_u->status;
01547 }
01548
01549
01550
01551
01552
01553 NTSTATUS _samr_chgpasswd_user(pipes_struct *p, SAMR_Q_CHGPASSWD_USER *q_u, SAMR_R_CHGPASSWD_USER *r_u)
01554 {
01555 fstring user_name;
01556 fstring wks;
01557
01558 DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__));
01559
01560 r_u->status = NT_STATUS_OK;
01561
01562 rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0);
01563 rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0);
01564
01565 DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks));
01566
01567
01568
01569
01570
01571
01572 (void)map_username(user_name);
01573
01574
01575
01576
01577
01578
01579 r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
01580 q_u->nt_newpass.pass, q_u->nt_oldhash.hash, NULL);
01581
01582 init_samr_r_chgpasswd_user(r_u, r_u->status);
01583
01584 DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__));
01585
01586 return r_u->status;
01587 }
01588
01589
01590
01591
01592
01593 NTSTATUS _samr_chgpasswd_user3(pipes_struct *p, SAMR_Q_CHGPASSWD_USER3 *q_u, SAMR_R_CHGPASSWD_USER3 *r_u)
01594 {
01595 fstring user_name;
01596 fstring wks;
01597 uint32 reject_reason;
01598 SAM_UNK_INFO_1 *info = NULL;
01599 SAMR_CHANGE_REJECT *reject = NULL;
01600
01601 DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__));
01602
01603 rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0);
01604 rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0);
01605
01606 DEBUG(5,("_samr_chgpasswd_user3: user: %s wks: %s\n", user_name, wks));
01607
01608
01609
01610
01611
01612
01613 (void)map_username(user_name);
01614
01615
01616
01617
01618
01619
01620 r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash,
01621 q_u->nt_newpass.pass, q_u->nt_oldhash.hash, &reject_reason);
01622
01623 if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) ||
01624 NT_STATUS_EQUAL(r_u->status, NT_STATUS_ACCOUNT_RESTRICTION)) {
01625
01626 uint32 min_pass_len,pass_hist,password_properties;
01627 time_t u_expire, u_min_age;
01628 NTTIME nt_expire, nt_min_age;
01629 uint32 account_policy_temp;
01630
01631 if ((info = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_INFO_1)) == NULL) {
01632 return NT_STATUS_NO_MEMORY;
01633 }
01634
01635 if ((reject = TALLOC_ZERO_P(p->mem_ctx, SAMR_CHANGE_REJECT)) == NULL) {
01636 return NT_STATUS_NO_MEMORY;
01637 }
01638
01639 ZERO_STRUCTP(info);
01640 ZERO_STRUCTP(reject);
01641
01642 become_root();
01643
01644
01645
01646 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
01647 min_pass_len = account_policy_temp;
01648
01649 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
01650 pass_hist = account_policy_temp;
01651
01652 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
01653 password_properties = account_policy_temp;
01654
01655 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
01656 u_expire = account_policy_temp;
01657
01658 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
01659 u_min_age = account_policy_temp;
01660
01661
01662
01663 unbecome_root();
01664
01665 unix_to_nt_time_abs(&nt_expire, u_expire);
01666 unix_to_nt_time_abs(&nt_min_age, u_min_age);
01667
01668 init_unk_info1(info, (uint16)min_pass_len, (uint16)pass_hist,
01669 password_properties, nt_expire, nt_min_age);
01670
01671 reject->reject_reason = reject_reason;
01672 }
01673
01674 init_samr_r_chgpasswd_user3(r_u, r_u->status, reject, info);
01675
01676 DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__));
01677
01678 return r_u->status;
01679 }
01680
01681
01682
01683
01684
01685 static BOOL make_samr_lookup_rids(TALLOC_CTX *ctx, uint32 num_names,
01686 const char **names, UNIHDR **pp_hdr_name,
01687 UNISTR2 **pp_uni_name)
01688 {
01689 uint32 i;
01690 UNIHDR *hdr_name=NULL;
01691 UNISTR2 *uni_name=NULL;
01692
01693 *pp_uni_name = NULL;
01694 *pp_hdr_name = NULL;
01695
01696 if (num_names != 0) {
01697 hdr_name = TALLOC_ZERO_ARRAY(ctx, UNIHDR, num_names);
01698 if (hdr_name == NULL)
01699 return False;
01700
01701 uni_name = TALLOC_ZERO_ARRAY(ctx,UNISTR2, num_names);
01702 if (uni_name == NULL)
01703 return False;
01704 }
01705
01706 for (i = 0; i < num_names; i++) {
01707 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : ""));
01708 init_unistr2(&uni_name[i], names[i], UNI_FLAGS_NONE);
01709 init_uni_hdr(&hdr_name[i], &uni_name[i]);
01710 }
01711
01712 *pp_uni_name = uni_name;
01713 *pp_hdr_name = hdr_name;
01714
01715 return True;
01716 }
01717
01718
01719
01720
01721
01722 NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOKUP_RIDS *r_u)
01723 {
01724 const char **names;
01725 enum lsa_SidType *attrs = NULL;
01726 uint32 *wire_attrs = NULL;
01727 UNIHDR *hdr_name = NULL;
01728 UNISTR2 *uni_name = NULL;
01729 DOM_SID pol_sid;
01730 int num_rids = (int)q_u->num_rids1;
01731 uint32 acc_granted;
01732 int i;
01733
01734 r_u->status = NT_STATUS_OK;
01735
01736 DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__));
01737
01738
01739 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL))
01740 return NT_STATUS_INVALID_HANDLE;
01741
01742 if (num_rids > 1000) {
01743 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according "
01744 "to samba4 idl this is not possible\n", num_rids));
01745 return NT_STATUS_UNSUCCESSFUL;
01746 }
01747
01748 if (num_rids) {
01749 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids);
01750 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids);
01751 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids);
01752
01753 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL))
01754 return NT_STATUS_NO_MEMORY;
01755 } else {
01756 names = NULL;
01757 attrs = NULL;
01758 wire_attrs = NULL;
01759 }
01760
01761 become_root();
01762 r_u->status = pdb_lookup_rids(&pol_sid, num_rids, q_u->rid,
01763 names, attrs);
01764 unbecome_root();
01765
01766 if ( NT_STATUS_EQUAL(r_u->status, NT_STATUS_NONE_MAPPED) && (num_rids == 0) ) {
01767 r_u->status = NT_STATUS_OK;
01768 }
01769
01770 if(!make_samr_lookup_rids(p->mem_ctx, num_rids, names,
01771 &hdr_name, &uni_name))
01772 return NT_STATUS_NO_MEMORY;
01773
01774
01775 for (i = 0; i < num_rids; i++) {
01776 wire_attrs[i] = (uint32)attrs[i];
01777 }
01778
01779 init_samr_r_lookup_rids(r_u, num_rids, hdr_name, uni_name, wire_attrs);
01780
01781 DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__));
01782
01783 return r_u->status;
01784 }
01785
01786
01787
01788
01789
01790 NTSTATUS _samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_USER *r_u)
01791 {
01792 struct samu *sampass=NULL;
01793 DOM_SID sid;
01794 POLICY_HND domain_pol = q_u->domain_pol;
01795 POLICY_HND *user_pol = &r_u->user_pol;
01796 struct samr_info *info = NULL;
01797 SEC_DESC *psd = NULL;
01798 uint32 acc_granted;
01799 uint32 des_access = q_u->access_mask;
01800 size_t sd_size;
01801 BOOL ret;
01802 NTSTATUS nt_status;
01803 SE_PRIV se_rights;
01804
01805 r_u->status = NT_STATUS_OK;
01806
01807
01808
01809 if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
01810 return NT_STATUS_INVALID_HANDLE;
01811
01812 nt_status = access_check_samr_function( acc_granted,
01813 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_user" );
01814
01815 if ( !NT_STATUS_IS_OK(nt_status) )
01816 return nt_status;
01817
01818 if ( !(sampass = samu_new( p->mem_ctx )) ) {
01819 return NT_STATUS_NO_MEMORY;
01820 }
01821
01822
01823
01824 if (!sid_append_rid(&sid, q_u->user_rid))
01825 return NT_STATUS_NO_SUCH_USER;
01826
01827
01828
01829 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW);
01830 se_map_generic(&des_access, &usr_generic_mapping);
01831
01832 se_priv_copy( &se_rights, &se_machine_account );
01833 se_priv_add( &se_rights, &se_add_users );
01834
01835 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
01836 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
01837 &acc_granted, "_samr_open_user");
01838
01839 if ( !NT_STATUS_IS_OK(nt_status) )
01840 return nt_status;
01841
01842 become_root();
01843 ret=pdb_getsampwsid(sampass, &sid);
01844 unbecome_root();
01845
01846
01847 if (ret == False) {
01848 return NT_STATUS_NO_SUCH_USER;
01849 }
01850
01851 TALLOC_FREE(sampass);
01852
01853
01854 if ((info = get_samr_info_by_sid(&sid)) == NULL)
01855 return NT_STATUS_NO_MEMORY;
01856 info->acc_granted = acc_granted;
01857
01858
01859 if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info))
01860 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
01861
01862 return r_u->status;
01863 }
01864
01865
01866
01867
01868
01869 static NTSTATUS get_user_info_7(TALLOC_CTX *mem_ctx, SAM_USER_INFO_7 *id7, DOM_SID *user_sid)
01870 {
01871 struct samu *smbpass=NULL;
01872 BOOL ret;
01873
01874 if ( !(smbpass = samu_new( mem_ctx )) ) {
01875 return NT_STATUS_NO_MEMORY;
01876 }
01877
01878 become_root();
01879 ret = pdb_getsampwsid(smbpass, user_sid);
01880 unbecome_root();
01881
01882 if ( !ret ) {
01883 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
01884 return NT_STATUS_NO_SUCH_USER;
01885 }
01886
01887 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
01888
01889 ZERO_STRUCTP(id7);
01890 init_sam_user_info7(id7, pdb_get_username(smbpass) );
01891
01892 TALLOC_FREE(smbpass);
01893
01894 return NT_STATUS_OK;
01895 }
01896
01897
01898
01899
01900 static NTSTATUS get_user_info_9(TALLOC_CTX *mem_ctx, SAM_USER_INFO_9 * id9, DOM_SID *user_sid)
01901 {
01902 struct samu *smbpass=NULL;
01903 BOOL ret;
01904
01905 if ( !(smbpass = samu_new( mem_ctx )) ) {
01906 return NT_STATUS_NO_MEMORY;
01907 }
01908
01909 become_root();
01910 ret = pdb_getsampwsid(smbpass, user_sid);
01911 unbecome_root();
01912
01913 if (ret==False) {
01914 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
01915 return NT_STATUS_NO_SUCH_USER;
01916 }
01917
01918 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
01919
01920 ZERO_STRUCTP(id9);
01921 init_sam_user_info9(id9, pdb_get_group_rid(smbpass) );
01922
01923 TALLOC_FREE(smbpass);
01924
01925 return NT_STATUS_OK;
01926 }
01927
01928
01929
01930
01931
01932 static NTSTATUS get_user_info_16(TALLOC_CTX *mem_ctx, SAM_USER_INFO_16 *id16, DOM_SID *user_sid)
01933 {
01934 struct samu *smbpass=NULL;
01935 BOOL ret;
01936
01937 if ( !(smbpass = samu_new( mem_ctx )) ) {
01938 return NT_STATUS_NO_MEMORY;
01939 }
01940
01941 become_root();
01942 ret = pdb_getsampwsid(smbpass, user_sid);
01943 unbecome_root();
01944
01945 if (ret==False) {
01946 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
01947 return NT_STATUS_NO_SUCH_USER;
01948 }
01949
01950 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) ));
01951
01952 ZERO_STRUCTP(id16);
01953 init_sam_user_info16(id16, pdb_get_acct_ctrl(smbpass) );
01954
01955 TALLOC_FREE(smbpass);
01956
01957 return NT_STATUS_OK;
01958 }
01959
01960
01961
01962
01963
01964
01965
01966 static NTSTATUS get_user_info_18(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_INFO_18 * id18, DOM_SID *user_sid)
01967 {
01968 struct samu *smbpass=NULL;
01969 BOOL ret;
01970
01971 if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) {
01972 return NT_STATUS_ACCESS_DENIED;
01973 }
01974
01975 if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) {
01976 return NT_STATUS_ACCESS_DENIED;
01977 }
01978
01979
01980
01981
01982
01983 if ( !(smbpass = samu_new( mem_ctx )) ) {
01984 return NT_STATUS_NO_MEMORY;
01985 }
01986
01987 ret = pdb_getsampwsid(smbpass, user_sid);
01988
01989 if (ret == False) {
01990 DEBUG(4, ("User %s not found\n", sid_string_static(user_sid)));
01991 TALLOC_FREE(smbpass);
01992 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
01993 }
01994
01995 DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
01996
01997 if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
01998 TALLOC_FREE(smbpass);
01999 return NT_STATUS_ACCOUNT_DISABLED;
02000 }
02001
02002 ZERO_STRUCTP(id18);
02003 init_sam_user_info18(id18, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
02004
02005 TALLOC_FREE(smbpass);
02006
02007 return NT_STATUS_OK;
02008 }
02009
02010
02011
02012
02013
02014 static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DOM_SID *user_sid)
02015 {
02016 struct samu *sampass=NULL;
02017 BOOL ret;
02018
02019 if ( !(sampass = samu_new( mem_ctx )) ) {
02020 return NT_STATUS_NO_MEMORY;
02021 }
02022
02023 become_root();
02024 ret = pdb_getsampwsid(sampass, user_sid);
02025 unbecome_root();
02026
02027 if (ret == False) {
02028 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
02029 return NT_STATUS_NO_SUCH_USER;
02030 }
02031
02032 samr_clear_sam_passwd(sampass);
02033
02034 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) ));
02035
02036 ZERO_STRUCTP(id20);
02037 init_sam_user_info20A(id20, sampass);
02038
02039 TALLOC_FREE(sampass);
02040
02041 return NT_STATUS_OK;
02042 }
02043
02044
02045
02046
02047
02048 static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21,
02049 DOM_SID *user_sid, DOM_SID *domain_sid)
02050 {
02051 struct samu *sampass=NULL;
02052 BOOL ret;
02053 NTSTATUS nt_status;
02054
02055 if ( !(sampass = samu_new( mem_ctx )) ) {
02056 return NT_STATUS_NO_MEMORY;
02057 }
02058
02059 become_root();
02060 ret = pdb_getsampwsid(sampass, user_sid);
02061 unbecome_root();
02062
02063 if (ret == False) {
02064 DEBUG(4,("User %s not found\n", sid_string_static(user_sid)));
02065 return NT_STATUS_NO_SUCH_USER;
02066 }
02067
02068 samr_clear_sam_passwd(sampass);
02069
02070 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) ));
02071
02072 ZERO_STRUCTP(id21);
02073 nt_status = init_sam_user_info21A(id21, sampass, domain_sid);
02074
02075 TALLOC_FREE(sampass);
02076
02077 return nt_status;
02078 }
02079
02080
02081
02082
02083
02084 NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_R_QUERY_USERINFO *r_u)
02085 {
02086 SAM_USERINFO_CTR *ctr;
02087 struct samr_info *info = NULL;
02088 DOM_SID domain_sid;
02089 uint32 rid;
02090
02091 r_u->status=NT_STATUS_OK;
02092
02093
02094 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
02095 return NT_STATUS_INVALID_HANDLE;
02096
02097 domain_sid = info->sid;
02098
02099 sid_split_rid(&domain_sid, &rid);
02100
02101 if (!sid_check_is_in_our_domain(&info->sid))
02102 return NT_STATUS_OBJECT_TYPE_MISMATCH;
02103
02104 DEBUG(5,("_samr_query_userinfo: sid:%s\n", sid_string_static(&info->sid)));
02105
02106 ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_USERINFO_CTR);
02107 if (!ctr)
02108 return NT_STATUS_NO_MEMORY;
02109
02110 ZERO_STRUCTP(ctr);
02111
02112
02113 ctr->switch_value = q_u->switch_value;
02114
02115 DEBUG(5,("_samr_query_userinfo: user info level: %d\n", q_u->switch_value));
02116
02117 switch (q_u->switch_value) {
02118 case 7:
02119 ctr->info.id7 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_7);
02120 if (ctr->info.id7 == NULL)
02121 return NT_STATUS_NO_MEMORY;
02122
02123 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_7(p->mem_ctx, ctr->info.id7, &info->sid)))
02124 return r_u->status;
02125 break;
02126 case 9:
02127 ctr->info.id9 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_9);
02128 if (ctr->info.id9 == NULL)
02129 return NT_STATUS_NO_MEMORY;
02130
02131 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_9(p->mem_ctx, ctr->info.id9, &info->sid)))
02132 return r_u->status;
02133 break;
02134 case 16:
02135 ctr->info.id16 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_16);
02136 if (ctr->info.id16 == NULL)
02137 return NT_STATUS_NO_MEMORY;
02138
02139 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_16(p->mem_ctx, ctr->info.id16, &info->sid)))
02140 return r_u->status;
02141 break;
02142
02143 case 18:
02144 ctr->info.id18 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_18);
02145 if (ctr->info.id18 == NULL)
02146 return NT_STATUS_NO_MEMORY;
02147
02148 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_18(p, p->mem_ctx, ctr->info.id18, &info->sid)))
02149 return r_u->status;
02150 break;
02151
02152 case 20:
02153 ctr->info.id20 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_20);
02154 if (ctr->info.id20 == NULL)
02155 return NT_STATUS_NO_MEMORY;
02156 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_20(p->mem_ctx, ctr->info.id20, &info->sid)))
02157 return r_u->status;
02158 break;
02159
02160 case 21:
02161 ctr->info.id21 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_21);
02162 if (ctr->info.id21 == NULL)
02163 return NT_STATUS_NO_MEMORY;
02164 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21,
02165 &info->sid, &domain_sid)))
02166 return r_u->status;
02167 break;
02168
02169 default:
02170 return NT_STATUS_INVALID_INFO_CLASS;
02171 }
02172
02173 init_samr_r_query_userinfo(r_u, ctr, r_u->status);
02174
02175 DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__));
02176
02177 return r_u->status;
02178 }
02179
02180
02181
02182
02183
02184 NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u)
02185 {
02186 struct samu *sam_pass=NULL;
02187 DOM_SID sid;
02188 DOM_SID *sids;
02189 DOM_GID dom_gid;
02190 DOM_GID *gids = NULL;
02191 uint32 primary_group_rid;
02192 size_t num_groups = 0;
02193 gid_t *unix_gids;
02194 size_t i, num_gids;
02195 uint32 acc_granted;
02196 BOOL ret;
02197 NTSTATUS result;
02198 BOOL success = False;
02199
02200
02201
02202
02203
02204
02205
02206
02207
02208
02209
02210
02211
02212 r_u->status = NT_STATUS_OK;
02213
02214 DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
02215
02216
02217 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL))
02218 return NT_STATUS_INVALID_HANDLE;
02219
02220 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) {
02221 return r_u->status;
02222 }
02223
02224 if (!sid_check_is_in_our_domain(&sid))
02225 return NT_STATUS_OBJECT_TYPE_MISMATCH;
02226
02227 if ( !(sam_pass = samu_new( p->mem_ctx )) ) {
02228 return NT_STATUS_NO_MEMORY;
02229 }
02230
02231 become_root();
02232 ret = pdb_getsampwsid(sam_pass, &sid);
02233 unbecome_root();
02234
02235 if (!ret) {
02236 DEBUG(10, ("pdb_getsampwsid failed for %s\n",
02237 sid_string_static(&sid)));
02238 return NT_STATUS_NO_SUCH_USER;
02239 }
02240
02241 sids = NULL;
02242
02243
02244 become_root();
02245 result = pdb_enum_group_memberships(p->mem_ctx, sam_pass,
02246 &sids, &unix_gids, &num_groups);
02247 if ( NT_STATUS_IS_OK(result) ) {
02248 success = sid_peek_check_rid(get_global_sam_sid(),
02249 pdb_get_group_sid(sam_pass),
02250 &primary_group_rid);
02251 }
02252 unbecome_root();
02253
02254 if (!NT_STATUS_IS_OK(result)) {
02255 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n",
02256 sid_string_static(&sid)));
02257 return result;
02258 }
02259
02260 if ( !success ) {
02261 DEBUG(5, ("Group sid %s for user %s not in our domain\n",
02262 sid_string_static(pdb_get_group_sid(sam_pass)),
02263 pdb_get_username(sam_pass)));
02264 TALLOC_FREE(sam_pass);
02265 return NT_STATUS_INTERNAL_DB_CORRUPTION;
02266 }
02267
02268 gids = NULL;
02269 num_gids = 0;
02270
02271 dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
02272 SE_GROUP_ENABLED);
02273 dom_gid.g_rid = primary_group_rid;
02274 ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
02275
02276 for (i=0; i<num_groups; i++) {
02277
02278 if (!sid_peek_check_rid(get_global_sam_sid(),
02279 &(sids[i]), &dom_gid.g_rid)) {
02280 DEBUG(10, ("Found sid %s not in our domain\n",
02281 sid_string_static(&sids[i])));
02282 continue;
02283 }
02284
02285 if (dom_gid.g_rid == primary_group_rid) {
02286
02287
02288
02289 continue;
02290 }
02291
02292 ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
02293 }
02294
02295
02296 init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status);
02297
02298 DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
02299
02300 return r_u->status;
02301 }
02302
02303
02304
02305
02306
02307 NTSTATUS _samr_query_domain_info(pipes_struct *p,
02308 SAMR_Q_QUERY_DOMAIN_INFO *q_u,
02309 SAMR_R_QUERY_DOMAIN_INFO *r_u)
02310 {
02311 struct samr_info *info = NULL;
02312 SAM_UNK_CTR *ctr;
02313 uint32 min_pass_len,pass_hist,password_properties;
02314 time_t u_expire, u_min_age;
02315 NTTIME nt_expire, nt_min_age;
02316
02317 time_t u_lock_duration, u_reset_time;
02318 NTTIME nt_lock_duration, nt_reset_time;
02319 uint32 lockout;
02320 time_t u_logout;
02321 NTTIME nt_logout;
02322
02323 uint32 account_policy_temp;
02324
02325 time_t seq_num;
02326 uint32 server_role;
02327
02328 uint32 num_users=0, num_groups=0, num_aliases=0;
02329
02330 if ((ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_CTR)) == NULL) {
02331 return NT_STATUS_NO_MEMORY;
02332 }
02333
02334 ZERO_STRUCTP(ctr);
02335
02336 r_u->status = NT_STATUS_OK;
02337
02338 DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__));
02339
02340
02341 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) {
02342 return NT_STATUS_INVALID_HANDLE;
02343 }
02344
02345 switch (q_u->switch_value) {
02346 case 0x01:
02347
02348 become_root();
02349
02350
02351
02352 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp);
02353 min_pass_len = account_policy_temp;
02354
02355 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp);
02356 pass_hist = account_policy_temp;
02357
02358 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp);
02359 password_properties = account_policy_temp;
02360
02361 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp);
02362 u_expire = account_policy_temp;
02363
02364 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp);
02365 u_min_age = account_policy_temp;
02366
02367
02368
02369 unbecome_root();
02370
02371 unix_to_nt_time_abs(&nt_expire, u_expire);
02372 unix_to_nt_time_abs(&nt_min_age, u_min_age);
02373
02374 init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist,
02375 password_properties, nt_expire, nt_min_age);
02376 break;
02377 case 0x02:
02378
02379 become_root();
02380
02381
02382
02383 num_users = count_sam_users(info->disp_info, ACB_NORMAL);
02384 num_groups = count_sam_groups(info->disp_info);
02385 num_aliases = count_sam_aliases(info->disp_info);
02386
02387 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp);
02388 u_logout = account_policy_temp;
02389
02390 unix_to_nt_time_abs(&nt_logout, u_logout);
02391
02392 if (!pdb_get_seq_num(&seq_num))
02393 seq_num = time(NULL);
02394
02395
02396
02397 unbecome_root();
02398
02399 server_role = ROLE_DOMAIN_PDC;
02400 if (lp_server_role() == ROLE_DOMAIN_BDC)
02401 server_role = ROLE_DOMAIN_BDC;
02402
02403 init_unk_info2(&ctr->info.inf2, lp_serverstring(), lp_workgroup(), global_myname(), seq_num,
02404 num_users, num_groups, num_aliases, nt_logout, server_role);
02405 break;
02406 case 0x03:
02407
02408 become_root();
02409
02410
02411
02412 {
02413 uint32 ul;
02414 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul);
02415 u_logout = (time_t)ul;
02416 }
02417
02418
02419
02420 unbecome_root();
02421
02422 unix_to_nt_time_abs(&nt_logout, u_logout);
02423
02424 init_unk_info3(&ctr->info.inf3, nt_logout);
02425 break;
02426 case 0x04:
02427 init_unk_info4(&ctr->info.inf4, lp_serverstring());
02428 break;
02429 case 0x05:
02430 init_unk_info5(&ctr->info.inf5, get_global_sam_name());
02431 break;
02432 case 0x06:
02433
02434
02435
02436 init_unk_info6(&ctr->info.inf6, global_myname());
02437 break;
02438 case 0x07:
02439 server_role = ROLE_DOMAIN_PDC;
02440 if (lp_server_role() == ROLE_DOMAIN_BDC)
02441 server_role = ROLE_DOMAIN_BDC;
02442
02443 init_unk_info7(&ctr->info.inf7, server_role);
02444 break;
02445 case 0x08:
02446
02447 become_root();
02448
02449
02450
02451 if (!pdb_get_seq_num(&seq_num)) {
02452 seq_num = time(NULL);
02453 }
02454
02455
02456
02457 unbecome_root();
02458
02459 init_unk_info8(&ctr->info.inf8, (uint32) seq_num);
02460 break;
02461 case 0x0c:
02462
02463 become_root();
02464
02465
02466
02467 pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp);
02468 u_lock_duration = account_policy_temp;
02469 if (u_lock_duration != -1) {
02470 u_lock_duration *= 60;
02471 }
02472
02473 pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp);
02474 u_reset_time = account_policy_temp * 60;
02475
02476 pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_temp);
02477 lockout = account_policy_temp;
02478
02479
02480
02481 unbecome_root();
02482
02483 unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration);
02484 unix_to_nt_time_abs(&nt_reset_time, u_reset_time);
02485
02486 init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout);
02487 break;
02488 default:
02489 return NT_STATUS_INVALID_INFO_CLASS;
02490 }
02491
02492
02493 init_samr_r_query_domain_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK);
02494
02495 DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__));
02496
02497 return r_u->status;
02498 }
02499
02500
02501
02502
02503
02504
02505 static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name)
02506 {
02507 enum lsa_SidType type;
02508 BOOL result;
02509
02510 DEBUG(10, ("Checking whether [%s] can be created\n", new_name));
02511
02512 become_root();
02513
02514
02515 result = lookup_name(mem_ctx, new_name, LOOKUP_NAME_LOCAL,
02516 NULL, NULL, NULL, &type);
02517 unbecome_root();
02518
02519 if (!result) {
02520 DEBUG(10, ("%s does not exist, can create it\n", new_name));
02521 return NT_STATUS_OK;
02522 }
02523
02524 DEBUG(5, ("trying to create %s, exists as %s\n",
02525 new_name, sid_type_lookup(type)));
02526
02527 if (type == SID_NAME_DOM_GRP) {
02528 return NT_STATUS_GROUP_EXISTS;
02529 }
02530 if (type == SID_NAME_ALIAS) {
02531 return NT_STATUS_ALIAS_EXISTS;
02532 }
02533
02534
02535 return NT_STATUS_USER_EXISTS;
02536 }
02537
02538
02539
02540
02541
02542
02543
02544 NTSTATUS _samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u,
02545 SAMR_R_CREATE_USER *r_u)
02546 {
02547 char *account;
02548 DOM_SID sid;
02549 POLICY_HND dom_pol = q_u->domain_pol;
02550 uint16 acb_info = q_u->acb_info;
02551 POLICY_HND *user_pol = &r_u->user_pol;
02552 struct samr_info *info = NULL;
02553 NTSTATUS nt_status;
02554 uint32 acc_granted;
02555 SEC_DESC *psd;
02556 size_t sd_size;
02557
02558 uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS;
02559 BOOL can_add_account = False;
02560 SE_PRIV se_rights;
02561 DISP_INFO *disp_info = NULL;
02562
02563
02564 if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted,
02565 &disp_info))
02566 return NT_STATUS_INVALID_HANDLE;
02567
02568 nt_status = access_check_samr_function(acc_granted,
02569 SA_RIGHT_DOMAIN_CREATE_USER,
02570 "_samr_create_user");
02571 if (!NT_STATUS_IS_OK(nt_status)) {
02572 return nt_status;
02573 }
02574
02575 if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST ||
02576 acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) {
02577
02578
02579 return NT_STATUS_INVALID_PARAMETER;
02580 }
02581
02582 account = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_name);
02583 if (account == NULL) {
02584 return NT_STATUS_NO_MEMORY;
02585 }
02586
02587 nt_status = can_create(p->mem_ctx, account);
02588 if (!NT_STATUS_IS_OK(nt_status)) {
02589 return nt_status;
02590 }
02591
02592
02593
02594 if ( acb_info & ACB_WSTRUST )
02595 {
02596 se_priv_copy( &se_rights, &se_machine_account );
02597 can_add_account = user_has_privileges(
02598 p->pipe_user.nt_user_token, &se_rights );
02599 }
02600
02601
02602 else if ( acb_info & ACB_NORMAL &&
02603 (account[strlen(account)-1] != '$') )
02604 {
02605 se_priv_copy( &se_rights, &se_add_users );
02606 can_add_account = user_has_privileges(
02607 p->pipe_user.nt_user_token, &se_rights );
02608 }
02609 else
02610
02611 {
02612 if ( lp_enable_privileges() ) {
02613
02614 se_priv_copy( &se_rights, &se_priv_none );
02615 can_add_account = nt_token_check_domain_rid(
02616 p->pipe_user.nt_user_token,
02617 DOMAIN_GROUP_RID_ADMINS );
02618 }
02619 }
02620
02621 DEBUG(5, ("_samr_create_user: %s can add this account : %s\n",
02622 uidtoname(p->pipe_user.ut.uid),
02623 can_add_account ? "True":"False" ));
02624
02625
02626
02627 if ( can_add_account )
02628 become_root();
02629
02630 nt_status = pdb_create_user(p->mem_ctx, account, acb_info,
02631 &r_u->user_rid);
02632
02633 if ( can_add_account )
02634 unbecome_root();
02635
02636
02637
02638
02639
02640 if ( !NT_STATUS_IS_OK(nt_status) )
02641 return nt_status;
02642
02643
02644
02645 sid_compose(&sid, get_global_sam_sid(), r_u->user_rid);
02646
02647 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
02648 &sid, SAMR_USR_RIGHTS_WRITE_PW);
02649 se_map_generic(&des_access, &usr_generic_mapping);
02650
02651 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
02652 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access,
02653 &acc_granted, "_samr_create_user");
02654
02655 if ( !NT_STATUS_IS_OK(nt_status) ) {
02656 return nt_status;
02657 }
02658
02659
02660 if ((info = get_samr_info_by_sid(&sid)) == NULL) {
02661 return NT_STATUS_NO_MEMORY;
02662 }
02663
02664 ZERO_STRUCTP(info);
02665 info->sid = sid;
02666 info->acc_granted = acc_granted;
02667
02668
02669 if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
02670 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
02671 }
02672
02673
02674 force_flush_samr_cache(info->disp_info);
02675
02676 r_u->access_granted = acc_granted;
02677
02678 return NT_STATUS_OK;
02679 }
02680
02681
02682
02683
02684
02685 NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CONNECT_ANON *r_u)
02686 {
02687 struct samr_info *info = NULL;
02688 uint32 des_access = q_u->access_mask;
02689
02690
02691
02692 if (!pipe_access_check(p)) {
02693 DEBUG(3, ("access denied to samr_connect_anon\n"));
02694 r_u->status = NT_STATUS_ACCESS_DENIED;
02695 return r_u->status;
02696 }
02697
02698
02699
02700 r_u->status = NT_STATUS_OK;
02701
02702
02703 if ((info = get_samr_info_by_sid(NULL)) == NULL)
02704 return NT_STATUS_NO_MEMORY;
02705
02706
02707
02708
02709
02710 if (des_access == MAXIMUM_ALLOWED_ACCESS) {
02711
02712 des_access = GENERIC_ALL_ACCESS;
02713 }
02714
02715 se_map_generic( &des_access, &sam_generic_mapping );
02716 info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);
02717
02718 info->status = q_u->unknown_0;
02719
02720
02721 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
02722 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
02723
02724 return r_u->status;
02725 }
02726
02727
02728
02729
02730
02731 NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u)
02732 {
02733 struct samr_info *info = NULL;
02734 SEC_DESC *psd = NULL;
02735 uint32 acc_granted;
02736 uint32 des_access = q_u->access_mask;
02737 NTSTATUS nt_status;
02738 size_t sd_size;
02739
02740
02741 DEBUG(5,("_samr_connect: %d\n", __LINE__));
02742
02743
02744
02745 if (!pipe_access_check(p)) {
02746 DEBUG(3, ("access denied to samr_connect\n"));
02747 r_u->status = NT_STATUS_ACCESS_DENIED;
02748 return r_u->status;
02749 }
02750
02751 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
02752 se_map_generic(&des_access, &sam_generic_mapping);
02753
02754 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
02755 NULL, 0, des_access, &acc_granted, "_samr_connect");
02756
02757 if ( !NT_STATUS_IS_OK(nt_status) )
02758 return nt_status;
02759
02760 r_u->status = NT_STATUS_OK;
02761
02762
02763 if ((info = get_samr_info_by_sid(NULL)) == NULL)
02764 return NT_STATUS_NO_MEMORY;
02765
02766 info->acc_granted = acc_granted;
02767 info->status = q_u->access_mask;
02768
02769
02770 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
02771 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
02772
02773 DEBUG(5,("_samr_connect: %d\n", __LINE__));
02774
02775 return r_u->status;
02776 }
02777
02778
02779
02780
02781
02782 NTSTATUS _samr_connect4(pipes_struct *p, SAMR_Q_CONNECT4 *q_u, SAMR_R_CONNECT4 *r_u)
02783 {
02784 struct samr_info *info = NULL;
02785 SEC_DESC *psd = NULL;
02786 uint32 acc_granted;
02787 uint32 des_access = q_u->access_mask;
02788 NTSTATUS nt_status;
02789 size_t sd_size;
02790
02791
02792 DEBUG(5,("_samr_connect4: %d\n", __LINE__));
02793
02794
02795
02796 if (!pipe_access_check(p)) {
02797 DEBUG(3, ("access denied to samr_connect4\n"));
02798 r_u->status = NT_STATUS_ACCESS_DENIED;
02799 return r_u->status;
02800 }
02801
02802 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
02803 se_map_generic(&des_access, &sam_generic_mapping);
02804
02805 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
02806 NULL, 0, des_access, &acc_granted, "_samr_connect4");
02807
02808 if ( !NT_STATUS_IS_OK(nt_status) )
02809 return nt_status;
02810
02811 r_u->status = NT_STATUS_OK;
02812
02813
02814 if ((info = get_samr_info_by_sid(NULL)) == NULL)
02815 return NT_STATUS_NO_MEMORY;
02816
02817 info->acc_granted = acc_granted;
02818 info->status = q_u->access_mask;
02819
02820
02821 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info))
02822 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
02823
02824 DEBUG(5,("_samr_connect: %d\n", __LINE__));
02825
02826 return r_u->status;
02827 }
02828
02829
02830
02831
02832
02833 NTSTATUS _samr_connect5(pipes_struct *p, SAMR_Q_CONNECT5 *q_u, SAMR_R_CONNECT5 *r_u)
02834 {
02835 struct samr_info *info = NULL;
02836 SEC_DESC *psd = NULL;
02837 uint32 acc_granted;
02838 uint32 des_access = q_u->access_mask;
02839 NTSTATUS nt_status;
02840 POLICY_HND pol;
02841 size_t sd_size;
02842
02843
02844 DEBUG(5,("_samr_connect5: %d\n", __LINE__));
02845
02846 ZERO_STRUCTP(r_u);
02847
02848
02849
02850 if (!pipe_access_check(p)) {
02851 DEBUG(3, ("access denied to samr_connect5\n"));
02852 r_u->status = NT_STATUS_ACCESS_DENIED;
02853 return r_u->status;
02854 }
02855
02856 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
02857 se_map_generic(&des_access, &sam_generic_mapping);
02858
02859 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
02860 NULL, 0, des_access, &acc_granted, "_samr_connect5");
02861
02862 if ( !NT_STATUS_IS_OK(nt_status) )
02863 return nt_status;
02864
02865
02866 if ((info = get_samr_info_by_sid(NULL)) == NULL)
02867 return NT_STATUS_NO_MEMORY;
02868
02869 info->acc_granted = acc_granted;
02870 info->status = q_u->access_mask;
02871
02872
02873 if (!create_policy_hnd(p, &pol, free_samr_info, (void *)info))
02874 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
02875
02876 DEBUG(5,("_samr_connect: %d\n", __LINE__));
02877
02878 init_samr_r_connect5(r_u, &pol, NT_STATUS_OK);
02879
02880 return r_u->status;
02881 }
02882
02883
02884
02885
02886
02887 NTSTATUS _samr_lookup_domain(pipes_struct *p, SAMR_Q_LOOKUP_DOMAIN *q_u, SAMR_R_LOOKUP_DOMAIN *r_u)
02888 {
02889 struct samr_info *info;
02890 fstring domain_name;
02891 DOM_SID sid;
02892
02893 r_u->status = NT_STATUS_OK;
02894
02895 if (!find_policy_by_hnd(p, &q_u->connect_pol, (void**)(void *)&info))
02896 return NT_STATUS_INVALID_HANDLE;
02897
02898
02899
02900
02901 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted,
02902 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_lookup_domain")))
02903 {
02904 return r_u->status;
02905 }
02906
02907 rpcstr_pull(domain_name, q_u->uni_domain.buffer, sizeof(domain_name), q_u->uni_domain.uni_str_len*2, 0);
02908
02909 ZERO_STRUCT(sid);
02910
02911 if (strequal(domain_name, builtin_domain_name())) {
02912 sid_copy(&sid, &global_sid_Builtin);
02913 } else {
02914 if (!secrets_fetch_domain_sid(domain_name, &sid)) {
02915 r_u->status = NT_STATUS_NO_SUCH_DOMAIN;
02916 }
02917 }
02918
02919 DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name, sid_string_static(&sid)));
02920
02921 init_samr_r_lookup_domain(r_u, &sid, r_u->status);
02922
02923 return r_u->status;
02924 }
02925
02926
02927
02928
02929
02930 static BOOL make_enum_domains(TALLOC_CTX *ctx, SAM_ENTRY **pp_sam,
02931 UNISTR2 **pp_uni_name, uint32 num_sam_entries, fstring doms[])
02932 {
02933 uint32 i;
02934 SAM_ENTRY *sam;
02935 UNISTR2 *uni_name;
02936
02937 DEBUG(5, ("make_enum_domains\n"));
02938
02939 *pp_sam = NULL;
02940 *pp_uni_name = NULL;
02941
02942 if (num_sam_entries == 0)
02943 return True;
02944
02945 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries);
02946 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries);
02947
02948 if (sam == NULL || uni_name == NULL)
02949 return False;
02950
02951 for (i = 0; i < num_sam_entries; i++) {
02952 init_unistr2(&uni_name[i], doms[i], UNI_FLAGS_NONE);
02953 init_sam_entry(&sam[i], &uni_name[i], 0);
02954 }
02955
02956 *pp_sam = sam;
02957 *pp_uni_name = uni_name;
02958
02959 return True;
02960 }
02961
02962
02963
02964
02965
02966 NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_ENUM_DOMAINS *r_u)
02967 {
02968 struct samr_info *info;
02969 uint32 num_entries = 2;
02970 fstring dom[2];
02971 const char *name;
02972
02973 r_u->status = NT_STATUS_OK;
02974
02975 if (!find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info))
02976 return NT_STATUS_INVALID_HANDLE;
02977
02978 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SA_RIGHT_SAM_ENUM_DOMAINS, "_samr_enum_domains"))) {
02979 return r_u->status;
02980 }
02981
02982 name = get_global_sam_name();
02983
02984 fstrcpy(dom[0],name);
02985 strupper_m(dom[0]);
02986 fstrcpy(dom[1],"Builtin");
02987
02988 if (!make_enum_domains(p->mem_ctx, &r_u->sam, &r_u->uni_dom_name, num_entries, dom))
02989 return NT_STATUS_NO_MEMORY;
02990
02991 init_samr_r_enum_domains(r_u, q_u->start_idx + num_entries, num_entries);
02992
02993 return r_u->status;
02994 }
02995
02996
02997
02998
02999
03000 NTSTATUS _samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OPEN_ALIAS *r_u)
03001 {
03002 DOM_SID sid;
03003 POLICY_HND domain_pol = q_u->dom_pol;
03004 uint32 alias_rid = q_u->rid_alias;
03005 POLICY_HND *alias_pol = &r_u->pol;
03006 struct samr_info *info = NULL;
03007 SEC_DESC *psd = NULL;
03008 uint32 acc_granted;
03009 uint32 des_access = q_u->access_mask;
03010 size_t sd_size;
03011 NTSTATUS status;
03012 SE_PRIV se_rights;
03013
03014 r_u->status = NT_STATUS_OK;
03015
03016
03017
03018 if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) )
03019 return NT_STATUS_INVALID_HANDLE;
03020
03021 status = access_check_samr_function(acc_granted,
03022 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_alias");
03023
03024 if ( !NT_STATUS_IS_OK(status) )
03025 return status;
03026
03027
03028
03029 if (!sid_append_rid(&sid, alias_rid))
03030 return NT_STATUS_NO_SUCH_ALIAS;
03031
03032
03033
03034 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0);
03035 se_map_generic(&des_access,&ali_generic_mapping);
03036
03037 se_priv_copy( &se_rights, &se_add_users );
03038
03039
03040 status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
03041 &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access,
03042 &acc_granted, "_samr_open_alias");
03043
03044 if ( !NT_STATUS_IS_OK(status) )
03045 return status;
03046
03047 {
03048
03049 enum lsa_SidType type;
03050 BOOL result;
03051 gid_t gid;
03052
03053 become_root();
03054 result = lookup_sid(NULL, &sid, NULL, NULL, &type);
03055 unbecome_root();
03056
03057 if (!result || (type != SID_NAME_ALIAS)) {
03058 return NT_STATUS_NO_SUCH_ALIAS;
03059 }
03060
03061
03062
03063 if ( !sid_to_gid( &sid, &gid ) ) {
03064 return NT_STATUS_NO_SUCH_ALIAS;
03065 }
03066
03067 }
03068
03069
03070 if ((info = get_samr_info_by_sid(&sid)) == NULL)
03071 return NT_STATUS_NO_MEMORY;
03072
03073 info->acc_granted = acc_granted;
03074
03075
03076 if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info))
03077 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
03078
03079 return r_u->status;
03080 }
03081
03082
03083
03084
03085 static NTSTATUS set_user_info_7(TALLOC_CTX *mem_ctx,
03086 const SAM_USER_INFO_7 *id7, struct samu *pwd)
03087 {
03088 fstring new_name;
03089 NTSTATUS rc;
03090
03091 if (id7 == NULL) {
03092 DEBUG(5, ("set_user_info_7: NULL id7\n"));
03093 TALLOC_FREE(pwd);
03094 return NT_STATUS_ACCESS_DENIED;
03095 }
03096
03097 if(!rpcstr_pull(new_name, id7->uni_name.buffer, sizeof(new_name), id7->uni_name.uni_str_len*2, 0)) {
03098 DEBUG(5, ("set_user_info_7: failed to get new username\n"));
03099 TALLOC_FREE(pwd);
03100 return NT_STATUS_ACCESS_DENIED;
03101 }
03102
03103
03104
03105
03106
03107
03108
03109
03110
03111
03112 rc = can_create(mem_ctx, new_name);
03113 if (!NT_STATUS_IS_OK(rc)) {
03114 return rc;
03115 }
03116
03117 rc = pdb_rename_sam_account(pwd, new_name);
03118
03119 TALLOC_FREE(pwd);
03120 return rc;
03121 }
03122
03123
03124
03125
03126
03127 static BOOL set_user_info_16(const SAM_USER_INFO_16 *id16, struct samu *pwd)
03128 {
03129 if (id16 == NULL) {
03130 DEBUG(5, ("set_user_info_16: NULL id16\n"));
03131 TALLOC_FREE(pwd);
03132 return False;
03133 }
03134
03135
03136 if (!pdb_set_acct_ctrl(pwd, id16->acb_info, PDB_CHANGED)) {
03137 TALLOC_FREE(pwd);
03138 return False;
03139 }
03140
03141 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
03142 TALLOC_FREE(pwd);
03143 return False;
03144 }
03145
03146 TALLOC_FREE(pwd);
03147
03148 return True;
03149 }
03150
03151
03152
03153
03154
03155 static BOOL set_user_info_18(SAM_USER_INFO_18 *id18, struct samu *pwd)
03156 {
03157
03158 if (id18 == NULL) {
03159 DEBUG(2, ("set_user_info_18: id18 is NULL\n"));
03160 TALLOC_FREE(pwd);
03161 return False;
03162 }
03163
03164 if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd, PDB_CHANGED)) {
03165 TALLOC_FREE(pwd);
03166 return False;
03167 }
03168 if (!pdb_set_nt_passwd (pwd, id18->nt_pwd, PDB_CHANGED)) {
03169 TALLOC_FREE(pwd);
03170 return False;
03171 }
03172 if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) {
03173 TALLOC_FREE(pwd);
03174 return False;
03175 }
03176
03177 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
03178 TALLOC_FREE(pwd);
03179 return False;
03180 }
03181
03182 TALLOC_FREE(pwd);
03183 return True;
03184 }
03185
03186
03187
03188
03189
03190 static BOOL set_user_info_20(SAM_USER_INFO_20 *id20, struct samu *pwd)
03191 {
03192 if (id20 == NULL) {
03193 DEBUG(5, ("set_user_info_20: NULL id20\n"));
03194 return False;
03195 }
03196
03197 copy_id20_to_sam_passwd(pwd, id20);
03198
03199
03200 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
03201 TALLOC_FREE(pwd);
03202 return False;
03203 }
03204
03205 TALLOC_FREE(pwd);
03206
03207 return True;
03208 }
03209
03210
03211
03212
03213 static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21,
03214 struct samu *pwd)
03215 {
03216 fstring new_name;
03217 NTSTATUS status;
03218
03219 if (id21 == NULL) {
03220 DEBUG(5, ("set_user_info_21: NULL id21\n"));
03221 return NT_STATUS_INVALID_PARAMETER;
03222 }
03223
03224
03225
03226 if (rpcstr_pull(new_name, id21->uni_user_name.buffer,
03227 sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0)
03228 && (!strequal(new_name, pdb_get_username(pwd))))
03229 {
03230
03231
03232
03233
03234
03235
03236
03237
03238
03239
03240 status = can_create(mem_ctx, new_name);
03241 if (!NT_STATUS_IS_OK(status)) {
03242 return status;
03243 }
03244
03245 status = pdb_rename_sam_account(pwd, new_name);
03246
03247 if (!NT_STATUS_IS_OK(status)) {
03248 DEBUG(0,("set_user_info_21: failed to rename account: %s\n",
03249 nt_errstr(status)));
03250 TALLOC_FREE(pwd);
03251 return status;
03252 }
03253
03254
03255
03256 pdb_set_username(pwd, new_name, PDB_SET);
03257 }
03258
03259 copy_id21_to_sam_passwd(pwd, id21);
03260
03261
03262
03263
03264
03265
03266
03267
03268 if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
03269 status = pdb_set_unix_primary_group(mem_ctx, pwd);
03270 if ( !NT_STATUS_IS_OK(status) ) {
03271 return status;
03272 }
03273 }
03274
03275
03276
03277
03278
03279
03280 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
03281 TALLOC_FREE(pwd);
03282 return status;
03283 }
03284
03285 TALLOC_FREE(pwd);
03286
03287 return NT_STATUS_OK;
03288 }
03289
03290
03291
03292
03293
03294 static NTSTATUS set_user_info_23(TALLOC_CTX *mem_ctx, SAM_USER_INFO_23 *id23,
03295 struct samu *pwd)
03296 {
03297 pstring plaintext_buf;
03298 uint32 len;
03299 uint16 acct_ctrl;
03300 NTSTATUS status;
03301
03302 if (id23 == NULL) {
03303 DEBUG(5, ("set_user_info_23: NULL id23\n"));
03304 return NT_STATUS_INVALID_PARAMETER;
03305 }
03306
03307 DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n",
03308 pdb_get_username(pwd)));
03309
03310 acct_ctrl = pdb_get_acct_ctrl(pwd);
03311
03312 if (!decode_pw_buffer(id23->pass, plaintext_buf, 256, &len, STR_UNICODE)) {
03313 TALLOC_FREE(pwd);
03314 return NT_STATUS_INVALID_PARAMETER;
03315 }
03316
03317 if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
03318 TALLOC_FREE(pwd);
03319 return NT_STATUS_ACCESS_DENIED;
03320 }
03321
03322 copy_id23_to_sam_passwd(pwd, id23);
03323
03324
03325 if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
03326 ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
03327 ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
03328 DEBUG(5, ("Changing trust account. Not updating /etc/passwd\n"));
03329 } else {
03330
03331 if (lp_unix_password_sync() ) {
03332 struct passwd *passwd;
03333 if (pdb_get_username(pwd) == NULL) {
03334 DEBUG(1, ("chgpasswd: User without name???\n"));
03335 TALLOC_FREE(pwd);
03336 return NT_STATUS_ACCESS_DENIED;
03337 }
03338
03339 if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
03340 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
03341 }
03342
03343 if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) {
03344 TALLOC_FREE(pwd);
03345 return NT_STATUS_ACCESS_DENIED;
03346 }
03347 }
03348 }
03349
03350 ZERO_STRUCT(plaintext_buf);
03351
03352 if (IS_SAM_CHANGED(pwd, PDB_GROUPSID) &&
03353 (!NT_STATUS_IS_OK(status = pdb_set_unix_primary_group(mem_ctx,
03354 pwd)))) {
03355 TALLOC_FREE(pwd);
03356 return status;
03357 }
03358
03359 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
03360 TALLOC_FREE(pwd);
03361 return status;
03362 }
03363
03364 TALLOC_FREE(pwd);
03365
03366 return NT_STATUS_OK;
03367 }
03368
03369
03370
03371
03372
03373 static BOOL set_user_info_pw(uint8 *pass, struct samu *pwd,
03374 int level)
03375 {
03376 uint32 len;
03377 pstring plaintext_buf;
03378 uint32 acct_ctrl;
03379 time_t last_set_time;
03380 enum pdb_value_state last_set_state;
03381
03382 DEBUG(5, ("Attempting administrator password change for user %s\n",
03383 pdb_get_username(pwd)));
03384
03385 acct_ctrl = pdb_get_acct_ctrl(pwd);
03386
03387
03388 last_set_state = pdb_get_init_flags(pwd, PDB_PASSLASTSET);
03389 last_set_time = pdb_get_pass_last_set_time(pwd);
03390
03391 ZERO_STRUCT(plaintext_buf);
03392
03393 if (!decode_pw_buffer(pass, plaintext_buf, 256, &len, STR_UNICODE)) {
03394 TALLOC_FREE(pwd);
03395 return False;
03396 }
03397
03398 if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
03399 TALLOC_FREE(pwd);
03400 return False;
03401 }
03402
03403
03404 if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
03405 ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) ||
03406 ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) {
03407 DEBUG(5, ("Changing trust account or non-unix-user password, not updating /etc/passwd\n"));
03408 } else {
03409
03410 if (lp_unix_password_sync()) {
03411 struct passwd *passwd;
03412
03413 if (pdb_get_username(pwd) == NULL) {
03414 DEBUG(1, ("chgpasswd: User without name???\n"));
03415 TALLOC_FREE(pwd);
03416 return False;
03417 }
03418
03419 if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) {
03420 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n"));
03421 }
03422
03423 if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) {
03424 TALLOC_FREE(pwd);
03425 return False;
03426 }
03427 }
03428 }
03429
03430 ZERO_STRUCT(plaintext_buf);
03431
03432
03433
03434
03435
03436
03437
03438 if (level != 25) {
03439
03440
03441
03442
03443 pdb_set_pass_last_set_time (pwd, last_set_time,
03444 last_set_state);
03445 }
03446
03447 DEBUG(5,("set_user_info_pw: pdb_update_pwd()\n"));
03448
03449
03450 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) {
03451 TALLOC_FREE(pwd);
03452 return False;
03453 }
03454
03455 TALLOC_FREE(pwd);
03456
03457 return True;
03458 }
03459
03460
03461
03462
03463
03464 static NTSTATUS set_user_info_25(TALLOC_CTX *mem_ctx, SAM_USER_INFO_25 *id25,
03465 struct samu *pwd)
03466 {
03467 NTSTATUS status;
03468
03469 if (id25 == NULL) {
03470 DEBUG(5, ("set_user_info_25: NULL id25\n"));
03471 return NT_STATUS_INVALID_PARAMETER;
03472 }
03473
03474 copy_id25_to_sam_passwd(pwd, id25);
03475
03476
03477 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) {
03478 TALLOC_FREE(pwd);
03479 return status;
03480 }
03481
03482
03483
03484
03485
03486
03487
03488
03489
03490 if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) {
03491 status = pdb_set_unix_primary_group(mem_ctx, pwd);
03492 if ( !NT_STATUS_IS_OK(status) ) {
03493 return status;
03494 }
03495 }
03496
03497
03498
03499
03500 return NT_STATUS_OK;
03501 }
03502
03503
03504
03505
03506
03507 NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_USERINFO *r_u)
03508 {
03509 struct samu *pwd = NULL;
03510 DOM_SID sid;
03511 POLICY_HND *pol = &q_u->pol;
03512 uint16 switch_value = q_u->switch_value;
03513 SAM_USERINFO_CTR *ctr = q_u->ctr;
03514 uint32 acc_granted;
03515 uint32 acc_required;
03516 BOOL ret;
03517 BOOL has_enough_rights = False;
03518 uint32 acb_info;
03519 DISP_INFO *disp_info = NULL;
03520
03521 DEBUG(5, ("_samr_set_userinfo: %d\n", __LINE__));
03522
03523 r_u->status = NT_STATUS_OK;
03524
03525
03526 if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info))
03527 return NT_STATUS_INVALID_HANDLE;
03528
03529
03530
03531
03532
03533
03534
03535
03536 switch (switch_value) {
03537 case 18:
03538 case 24:
03539 case 25:
03540 case 26:
03541 acc_required = SA_RIGHT_USER_SET_PASSWORD;
03542 break;
03543 default:
03544 acc_required = SA_RIGHT_USER_SET_PASSWORD | SA_RIGHT_USER_SET_ATTRIBUTES | SA_RIGHT_USER_ACCT_FLAGS_EXPIRY;
03545 break;
03546 }
03547
03548 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo"))) {
03549 return r_u->status;
03550 }
03551
03552 DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n", sid_string_static(&sid), switch_value));
03553
03554 if (ctr == NULL) {
03555 DEBUG(5, ("_samr_set_userinfo: NULL info level\n"));
03556 return NT_STATUS_INVALID_INFO_CLASS;
03557 }
03558
03559 if ( !(pwd = samu_new( NULL )) ) {
03560 return NT_STATUS_NO_MEMORY;
03561 }
03562
03563 become_root();
03564 ret = pdb_getsampwsid(pwd, &sid);
03565 unbecome_root();
03566
03567 if ( !ret ) {
03568 TALLOC_FREE(pwd);
03569 return NT_STATUS_NO_SUCH_USER;
03570 }
03571
03572
03573
03574
03575 acb_info = pdb_get_acct_ctrl(pwd);
03576 if ( acb_info & ACB_WSTRUST )
03577 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account);
03578 else if ( acb_info & ACB_NORMAL )
03579 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users );
03580 else if ( acb_info & (ACB_SVRTRUST|ACB_DOMTRUST) ) {
03581 if ( lp_enable_privileges() )
03582 has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS );
03583 }
03584
03585 DEBUG(5, ("_samr_set_userinfo: %s does%s possess sufficient rights\n",
03586 uidtoname(p->pipe_user.ut.uid),
03587 has_enough_rights ? "" : " not"));
03588
03589
03590
03591 if ( has_enough_rights )
03592 become_root();
03593
03594
03595
03596 switch (switch_value) {
03597 case 18:
03598 if (!set_user_info_18(ctr->info.id18, pwd))
03599 r_u->status = NT_STATUS_ACCESS_DENIED;
03600 break;
03601
03602 case 24:
03603 if (!p->session_key.length) {
03604 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03605 }
03606 SamOEMhashBlob(ctr->info.id24->pass, 516, &p->session_key);
03607
03608 dump_data(100, (char *)ctr->info.id24->pass, 516);
03609
03610 if (!set_user_info_pw(ctr->info.id24->pass, pwd,
03611 switch_value))
03612 r_u->status = NT_STATUS_ACCESS_DENIED;
03613 break;
03614
03615 case 25:
03616 if (!p->session_key.length) {
03617 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03618 }
03619 encode_or_decode_arc4_passwd_buffer(ctr->info.id25->pass, &p->session_key);
03620
03621 dump_data(100, (char *)ctr->info.id25->pass, 532);
03622
03623 r_u->status = set_user_info_25(p->mem_ctx,
03624 ctr->info.id25, pwd);
03625 if (!NT_STATUS_IS_OK(r_u->status)) {
03626 goto done;
03627 }
03628 if (!set_user_info_pw(ctr->info.id25->pass, pwd,
03629 switch_value))
03630 r_u->status = NT_STATUS_ACCESS_DENIED;
03631 break;
03632
03633 case 26:
03634 if (!p->session_key.length) {
03635 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03636 }
03637 encode_or_decode_arc4_passwd_buffer(ctr->info.id26->pass, &p->session_key);
03638
03639 dump_data(100, (char *)ctr->info.id26->pass, 516);
03640
03641 if (!set_user_info_pw(ctr->info.id26->pass, pwd,
03642 switch_value))
03643 r_u->status = NT_STATUS_ACCESS_DENIED;
03644 break;
03645
03646 case 23:
03647 if (!p->session_key.length) {
03648 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03649 }
03650 SamOEMhashBlob(ctr->info.id23->pass, 516, &p->session_key);
03651
03652 dump_data(100, (char *)ctr->info.id23->pass, 516);
03653
03654 r_u->status = set_user_info_23(p->mem_ctx,
03655 ctr->info.id23, pwd);
03656 break;
03657
03658 default:
03659 r_u->status = NT_STATUS_INVALID_INFO_CLASS;
03660 }
03661
03662 done:
03663
03664 if ( has_enough_rights )
03665 unbecome_root();
03666
03667
03668
03669 if (NT_STATUS_IS_OK(r_u->status)) {
03670 force_flush_samr_cache(disp_info);
03671 }
03672
03673 return r_u->status;
03674 }
03675
03676
03677
03678
03679
03680 NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_SET_USERINFO2 *r_u)
03681 {
03682 struct samu *pwd = NULL;
03683 DOM_SID sid;
03684 SAM_USERINFO_CTR *ctr = q_u->ctr;
03685 POLICY_HND *pol = &q_u->pol;
03686 uint16 switch_value = q_u->switch_value;
03687 uint32 acc_granted;
03688 uint32 acc_required;
03689 BOOL ret;
03690 BOOL has_enough_rights = False;
03691 uint32 acb_info;
03692 DISP_INFO *disp_info = NULL;
03693
03694 DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__));
03695
03696 r_u->status = NT_STATUS_OK;
03697
03698
03699 if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info))
03700 return NT_STATUS_INVALID_HANDLE;
03701
03702
03703 #if 0
03704
03705
03706 acc_required = SA_RIGHT_USER_SET_PASSWORD | SA_RIGHT_USER_SET_ATTRIBUTES | SA_RIGHT_USER_ACCT_FLAGS_EXPIRY;
03707 #else
03708 acc_required = SA_RIGHT_USER_SET_ATTRIBUTES;
03709 #endif
03710
03711 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo2"))) {
03712 return r_u->status;
03713 }
03714
03715 DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n", sid_string_static(&sid)));
03716
03717 if (ctr == NULL) {
03718 DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n"));
03719 return NT_STATUS_INVALID_INFO_CLASS;
03720 }
03721
03722 switch_value=ctr->switch_value;
03723
03724 if ( !(pwd = samu_new( NULL )) ) {
03725 return NT_STATUS_NO_MEMORY;
03726 }
03727
03728 become_root();
03729 ret = pdb_getsampwsid(pwd, &sid);
03730 unbecome_root();
03731
03732 if ( !ret ) {
03733 TALLOC_FREE(pwd);
03734 return NT_STATUS_NO_SUCH_USER;
03735 }
03736
03737 acb_info = pdb_get_acct_ctrl(pwd);
03738 if ( acb_info & ACB_WSTRUST )
03739 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account);
03740 else if ( acb_info & ACB_NORMAL )
03741 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users );
03742 else if ( acb_info & (ACB_SVRTRUST|ACB_DOMTRUST) ) {
03743 if ( lp_enable_privileges() )
03744 has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS );
03745 }
03746
03747 DEBUG(5, ("_samr_set_userinfo2: %s does%s possess sufficient rights\n",
03748 uidtoname(p->pipe_user.ut.uid),
03749 has_enough_rights ? "" : " not"));
03750
03751
03752
03753 if ( has_enough_rights )
03754 become_root();
03755
03756
03757
03758 switch (switch_value) {
03759 case 7:
03760 r_u->status = set_user_info_7(p->mem_ctx,
03761 ctr->info.id7, pwd);
03762 break;
03763 case 16:
03764 if (!set_user_info_16(ctr->info.id16, pwd))
03765 r_u->status = NT_STATUS_ACCESS_DENIED;
03766 break;
03767 case 18:
03768
03769 if (!set_user_info_18(ctr->info.id18, pwd))
03770 r_u->status = NT_STATUS_ACCESS_DENIED;
03771 break;
03772 case 20:
03773 if (!set_user_info_20(ctr->info.id20, pwd))
03774 r_u->status = NT_STATUS_ACCESS_DENIED;
03775 break;
03776 case 21:
03777 r_u->status = set_user_info_21(p->mem_ctx,
03778 ctr->info.id21, pwd);
03779 break;
03780 case 23:
03781 if (!p->session_key.length) {
03782 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03783 }
03784 SamOEMhashBlob(ctr->info.id23->pass, 516, &p->session_key);
03785
03786 dump_data(100, (char *)ctr->info.id23->pass, 516);
03787
03788 r_u->status = set_user_info_23(p->mem_ctx,
03789 ctr->info.id23, pwd);
03790 break;
03791 case 26:
03792 if (!p->session_key.length) {
03793 r_u->status = NT_STATUS_NO_USER_SESSION_KEY;
03794 }
03795 encode_or_decode_arc4_passwd_buffer(ctr->info.id26->pass, &p->session_key);
03796
03797 dump_data(100, (char *)ctr->info.id26->pass, 516);
03798
03799 if (!set_user_info_pw(ctr->info.id26->pass, pwd,
03800 switch_value))
03801 r_u->status = NT_STATUS_ACCESS_DENIED;
03802 break;
03803 default:
03804 r_u->status = NT_STATUS_INVALID_INFO_CLASS;
03805 }
03806
03807 if ( has_enough_rights )
03808 unbecome_root();
03809
03810
03811
03812 if (NT_STATUS_IS_OK(r_u->status)) {
03813 force_flush_samr_cache(disp_info);
03814 }
03815
03816 return r_u->status;
03817 }
03818
03819
03820
03821
03822
03823 NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, SAMR_R_QUERY_USERALIASES *r_u)
03824 {
03825 size_t num_alias_rids;
03826 uint32 *alias_rids;
03827 struct samr_info *info = NULL;
03828 size_t i;
03829
03830 NTSTATUS ntstatus1;
03831 NTSTATUS ntstatus2;
03832
03833 DOM_SID *members;
03834
03835 r_u->status = NT_STATUS_OK;
03836
03837 DEBUG(5,("_samr_query_useraliases: %d\n", __LINE__));
03838
03839
03840 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
03841 return NT_STATUS_INVALID_HANDLE;
03842
03843 ntstatus1 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM, "_samr_query_useraliases");
03844 ntstatus2 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_query_useraliases");
03845
03846 if (!NT_STATUS_IS_OK(ntstatus1) || !NT_STATUS_IS_OK(ntstatus2)) {
03847 if (!(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus2)) &&
03848 !(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus1))) {
03849 return (NT_STATUS_IS_OK(ntstatus1)) ? ntstatus2 : ntstatus1;
03850 }
03851 }
03852
03853 if (!sid_check_is_domain(&info->sid) &&
03854 !sid_check_is_builtin(&info->sid))
03855 return NT_STATUS_OBJECT_TYPE_MISMATCH;
03856
03857 if (q_u->num_sids1) {
03858 members = TALLOC_ARRAY(p->mem_ctx, DOM_SID, q_u->num_sids1);
03859
03860 if (members == NULL)
03861 return NT_STATUS_NO_MEMORY;
03862 } else {
03863 members = NULL;
03864 }
03865
03866 for (i=0; i<q_u->num_sids1; i++)
03867 sid_copy(&members[i], &q_u->sid[i].sid);
03868
03869 alias_rids = NULL;
03870 num_alias_rids = 0;
03871
03872 become_root();
03873 ntstatus1 = pdb_enum_alias_memberships(p->mem_ctx, &info->sid, members,
03874 q_u->num_sids1,
03875 &alias_rids, &num_alias_rids);
03876 unbecome_root();
03877
03878 if (!NT_STATUS_IS_OK(ntstatus1)) {
03879 return ntstatus1;
03880 }
03881
03882 init_samr_r_query_useraliases(r_u, num_alias_rids, alias_rids,
03883 NT_STATUS_OK);
03884 return NT_STATUS_OK;
03885 }
03886
03887
03888
03889
03890
03891 NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_R_QUERY_ALIASMEM *r_u)
03892 {
03893 NTSTATUS status;
03894 size_t i;
03895 size_t num_sids = 0;
03896 DOM_SID2 *sid;
03897 DOM_SID *sids=NULL;
03898
03899 DOM_SID alias_sid;
03900
03901 uint32 acc_granted;
03902
03903
03904 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, NULL))
03905 return NT_STATUS_INVALID_HANDLE;
03906
03907 if (!NT_STATUS_IS_OK(r_u->status =
03908 access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_GET_MEMBERS, "_samr_query_aliasmem"))) {
03909 return r_u->status;
03910 }
03911
03912 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
03913
03914 become_root();
03915 status = pdb_enum_aliasmem(&alias_sid, &sids, &num_sids);
03916 unbecome_root();
03917
03918 if (!NT_STATUS_IS_OK(status)) {
03919 return status;
03920 }
03921
03922 if (num_sids) {
03923 sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_sids);
03924 if (sid == NULL) {
03925 SAFE_FREE(sids);
03926 return NT_STATUS_NO_MEMORY;
03927 }
03928 } else {
03929 sid = NULL;
03930 }
03931
03932 for (i = 0; i < num_sids; i++) {
03933 init_dom_sid2(&sid[i], &sids[i]);
03934 }
03935
03936 init_samr_r_query_aliasmem(r_u, num_sids, sid, NT_STATUS_OK);
03937
03938 TALLOC_FREE(sids);
03939
03940 return NT_STATUS_OK;
03941 }
03942
03943
03944
03945
03946
03947 NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_R_QUERY_GROUPMEM *r_u)
03948 {
03949 DOM_SID group_sid;
03950 fstring group_sid_str;
03951 size_t i, num_members;
03952
03953 uint32 *rid=NULL;
03954 uint32 *attr=NULL;
03955
03956 uint32 acc_granted;
03957
03958 NTSTATUS result;
03959
03960
03961 if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, NULL))
03962 return NT_STATUS_INVALID_HANDLE;
03963
03964 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_GET_MEMBERS, "_samr_query_groupmem"))) {
03965 return r_u->status;
03966 }
03967
03968 sid_to_string(group_sid_str, &group_sid);
03969 DEBUG(10, ("sid is %s\n", group_sid_str));
03970
03971 if (!sid_check_is_in_our_domain(&group_sid)) {
03972 DEBUG(3, ("sid %s is not in our domain\n", group_sid_str));
03973 return NT_STATUS_NO_SUCH_GROUP;
03974 }
03975
03976 DEBUG(10, ("lookup on Domain SID\n"));
03977
03978 become_root();
03979 result = pdb_enum_group_members(p->mem_ctx, &group_sid,
03980 &rid, &num_members);
03981 unbecome_root();
03982
03983 if (!NT_STATUS_IS_OK(result))
03984 return result;
03985
03986 if (num_members) {
03987 attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members);
03988 if (attr == NULL) {
03989 return NT_STATUS_NO_MEMORY;
03990 }
03991 } else {
03992 attr = NULL;
03993 }
03994
03995 for (i=0; i<num_members; i++)
03996 attr[i] = SID_NAME_USER;
03997
03998 init_samr_r_query_groupmem(r_u, num_members, rid, attr, NT_STATUS_OK);
03999
04000 return NT_STATUS_OK;
04001 }
04002
04003
04004
04005
04006
04007 NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_ADD_ALIASMEM *r_u)
04008 {
04009 DOM_SID alias_sid;
04010 uint32 acc_granted;
04011 SE_PRIV se_rights;
04012 BOOL can_add_accounts;
04013 NTSTATUS ret;
04014 DISP_INFO *disp_info = NULL;
04015
04016
04017 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info))
04018 return NT_STATUS_INVALID_HANDLE;
04019
04020 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_ADD_MEMBER, "_samr_add_aliasmem"))) {
04021 return r_u->status;
04022 }
04023
04024 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
04025
04026 se_priv_copy( &se_rights, &se_add_users );
04027 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04028
04029
04030
04031 if ( can_add_accounts )
04032 become_root();
04033
04034 ret = pdb_add_aliasmem(&alias_sid, &q_u->sid.sid);
04035
04036 if ( can_add_accounts )
04037 unbecome_root();
04038
04039
04040
04041 if (NT_STATUS_IS_OK(ret)) {
04042 force_flush_samr_cache(disp_info);
04043 }
04044
04045 return ret;
04046 }
04047
04048
04049
04050
04051
04052 NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DEL_ALIASMEM *r_u)
04053 {
04054 DOM_SID alias_sid;
04055 uint32 acc_granted;
04056 SE_PRIV se_rights;
04057 BOOL can_add_accounts;
04058 NTSTATUS ret;
04059 DISP_INFO *disp_info = NULL;
04060
04061
04062 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info))
04063 return NT_STATUS_INVALID_HANDLE;
04064
04065 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_REMOVE_MEMBER, "_samr_del_aliasmem"))) {
04066 return r_u->status;
04067 }
04068
04069 DEBUG(10, ("_samr_del_aliasmem:sid is %s\n",
04070 sid_string_static(&alias_sid)));
04071
04072 se_priv_copy( &se_rights, &se_add_users );
04073 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04074
04075
04076
04077 if ( can_add_accounts )
04078 become_root();
04079
04080 ret = pdb_del_aliasmem(&alias_sid, &q_u->sid.sid);
04081
04082 if ( can_add_accounts )
04083 unbecome_root();
04084
04085
04086
04087 if (NT_STATUS_IS_OK(ret)) {
04088 force_flush_samr_cache(disp_info);
04089 }
04090
04091 return ret;
04092 }
04093
04094
04095
04096
04097
04098 NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_ADD_GROUPMEM *r_u)
04099 {
04100 DOM_SID group_sid;
04101 uint32 group_rid;
04102 uint32 acc_granted;
04103 SE_PRIV se_rights;
04104 BOOL can_add_accounts;
04105 DISP_INFO *disp_info = NULL;
04106
04107
04108 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info))
04109 return NT_STATUS_INVALID_HANDLE;
04110
04111 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_ADD_MEMBER, "_samr_add_groupmem"))) {
04112 return r_u->status;
04113 }
04114
04115 DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid)));
04116
04117 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid,
04118 &group_rid)) {
04119 return NT_STATUS_INVALID_HANDLE;
04120 }
04121
04122 se_priv_copy( &se_rights, &se_add_users );
04123 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04124
04125
04126
04127 if ( can_add_accounts )
04128 become_root();
04129
04130 r_u->status = pdb_add_groupmem(p->mem_ctx, group_rid, q_u->rid);
04131
04132 if ( can_add_accounts )
04133 unbecome_root();
04134
04135
04136
04137 force_flush_samr_cache(disp_info);
04138
04139 return r_u->status;
04140 }
04141
04142
04143
04144
04145
04146 NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DEL_GROUPMEM *r_u)
04147 {
04148 DOM_SID group_sid;
04149 uint32 group_rid;
04150 uint32 acc_granted;
04151 SE_PRIV se_rights;
04152 BOOL can_add_accounts;
04153 DISP_INFO *disp_info = NULL;
04154
04155
04156
04157
04158
04159
04160
04161
04162 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info))
04163 return NT_STATUS_INVALID_HANDLE;
04164
04165 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_REMOVE_MEMBER, "_samr_del_groupmem"))) {
04166 return r_u->status;
04167 }
04168
04169 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid,
04170 &group_rid)) {
04171 return NT_STATUS_INVALID_HANDLE;
04172 }
04173
04174 se_priv_copy( &se_rights, &se_add_users );
04175 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04176
04177
04178
04179 if ( can_add_accounts )
04180 become_root();
04181
04182 r_u->status = pdb_del_groupmem(p->mem_ctx, group_rid, q_u->rid);
04183
04184 if ( can_add_accounts )
04185 unbecome_root();
04186
04187
04188
04189 force_flush_samr_cache(disp_info);
04190
04191 return r_u->status;
04192 }
04193
04194
04195
04196
04197
04198 NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAMR_R_DELETE_DOM_USER *r_u )
04199 {
04200 DOM_SID user_sid;
04201 struct samu *sam_pass=NULL;
04202 uint32 acc_granted;
04203 BOOL can_add_accounts;
04204 uint32 acb_info;
04205 DISP_INFO *disp_info = NULL;
04206 BOOL ret;
04207
04208 DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__));
04209
04210
04211 if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid, &acc_granted, &disp_info))
04212 return NT_STATUS_INVALID_HANDLE;
04213
04214 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_user"))) {
04215 return r_u->status;
04216 }
04217
04218 if (!sid_check_is_in_our_domain(&user_sid))
04219 return NT_STATUS_CANNOT_DELETE;
04220
04221
04222 if ( !(sam_pass = samu_new( NULL )) ) {
04223 return NT_STATUS_NO_MEMORY;
04224 }
04225
04226 become_root();
04227 ret = pdb_getsampwsid(sam_pass, &user_sid);
04228 unbecome_root();
04229
04230 if( !ret ) {
04231 DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n",
04232 sid_string_static(&user_sid)));
04233 TALLOC_FREE(sam_pass);
04234 return NT_STATUS_NO_SUCH_USER;
04235 }
04236
04237 acb_info = pdb_get_acct_ctrl(sam_pass);
04238
04239
04240 if ( acb_info & ACB_WSTRUST ) {
04241 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account );
04242 } else {
04243 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users );
04244 }
04245
04246
04247
04248 if ( can_add_accounts )
04249 become_root();
04250
04251 r_u->status = pdb_delete_user(p->mem_ctx, sam_pass);
04252
04253 if ( can_add_accounts )
04254 unbecome_root();
04255
04256
04257
04258 if ( !NT_STATUS_IS_OK(r_u->status) ) {
04259 DEBUG(5,("_samr_delete_dom_user: Failed to delete entry for "
04260 "user %s: %s.\n", pdb_get_username(sam_pass),
04261 nt_errstr(r_u->status)));
04262 TALLOC_FREE(sam_pass);
04263 return r_u->status;
04264 }
04265
04266
04267 TALLOC_FREE(sam_pass);
04268
04269 if (!close_policy_hnd(p, &q_u->user_pol))
04270 return NT_STATUS_OBJECT_NAME_INVALID;
04271
04272 force_flush_samr_cache(disp_info);
04273
04274 return NT_STATUS_OK;
04275 }
04276
04277
04278
04279
04280
04281 NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, SAMR_R_DELETE_DOM_GROUP *r_u)
04282 {
04283 DOM_SID group_sid;
04284 uint32 group_rid;
04285 uint32 acc_granted;
04286 SE_PRIV se_rights;
04287 BOOL can_add_accounts;
04288 DISP_INFO *disp_info = NULL;
04289
04290 DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__));
04291
04292
04293 if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, &disp_info))
04294 return NT_STATUS_INVALID_HANDLE;
04295
04296 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_group"))) {
04297 return r_u->status;
04298 }
04299
04300 DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid)));
04301
04302 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid,
04303 &group_rid)) {
04304 return NT_STATUS_NO_SUCH_GROUP;
04305 }
04306
04307 se_priv_copy( &se_rights, &se_add_users );
04308 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04309
04310
04311
04312 if ( can_add_accounts )
04313 become_root();
04314
04315 r_u->status = pdb_delete_dom_group(p->mem_ctx, group_rid);
04316
04317 if ( can_add_accounts )
04318 unbecome_root();
04319
04320
04321
04322 if ( !NT_STATUS_IS_OK(r_u->status) ) {
04323 DEBUG(5,("_samr_delete_dom_group: Failed to delete mapping "
04324 "entry for group %s: %s\n",
04325 sid_string_static(&group_sid),
04326 nt_errstr(r_u->status)));
04327 return r_u->status;
04328 }
04329
04330 if (!close_policy_hnd(p, &q_u->group_pol))
04331 return NT_STATUS_OBJECT_NAME_INVALID;
04332
04333 force_flush_samr_cache(disp_info);
04334
04335 return NT_STATUS_OK;
04336 }
04337
04338
04339
04340
04341
04342 NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, SAMR_R_DELETE_DOM_ALIAS *r_u)
04343 {
04344 DOM_SID alias_sid;
04345 uint32 acc_granted;
04346 SE_PRIV se_rights;
04347 BOOL can_add_accounts;
04348 BOOL ret;
04349 DISP_INFO *disp_info = NULL;
04350
04351 DEBUG(5, ("_samr_delete_dom_alias: %d\n", __LINE__));
04352
04353
04354 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info))
04355 return NT_STATUS_INVALID_HANDLE;
04356
04357
04358
04359 memcpy( &r_u->pol, &q_u->alias_pol, sizeof(r_u->pol) );
04360
04361 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_alias"))) {
04362 return r_u->status;
04363 }
04364
04365 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid)));
04366
04367
04368
04369 if ( sid_check_is_in_builtin( &alias_sid ) ) {
04370 return NT_STATUS_SPECIAL_ACCOUNT;
04371 }
04372
04373 if (!sid_check_is_in_our_domain(&alias_sid))
04374 return NT_STATUS_NO_SUCH_ALIAS;
04375
04376 DEBUG(10, ("lookup on Local SID\n"));
04377
04378 se_priv_copy( &se_rights, &se_add_users );
04379 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04380
04381
04382
04383 if ( can_add_accounts )
04384 become_root();
04385
04386
04387 ret = pdb_delete_alias(&alias_sid);
04388
04389 if ( can_add_accounts )
04390 unbecome_root();
04391
04392
04393
04394 if ( !ret )
04395 return NT_STATUS_ACCESS_DENIED;
04396
04397 if (!close_policy_hnd(p, &q_u->alias_pol))
04398 return NT_STATUS_OBJECT_NAME_INVALID;
04399
04400 force_flush_samr_cache(disp_info);
04401
04402 return NT_STATUS_OK;
04403 }
04404
04405
04406
04407
04408
04409 NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, SAMR_R_CREATE_DOM_GROUP *r_u)
04410 {
04411 DOM_SID dom_sid;
04412 DOM_SID info_sid;
04413 const char *name;
04414 struct samr_info *info;
04415 uint32 acc_granted;
04416 SE_PRIV se_rights;
04417 BOOL can_add_accounts;
04418 DISP_INFO *disp_info = NULL;
04419
04420
04421 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid, &acc_granted, &disp_info))
04422 return NT_STATUS_INVALID_HANDLE;
04423
04424 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_create_dom_group"))) {
04425 return r_u->status;
04426 }
04427
04428 if (!sid_equal(&dom_sid, get_global_sam_sid()))
04429 return NT_STATUS_ACCESS_DENIED;
04430
04431 name = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_acct_desc);
04432 if (name == NULL) {
04433 return NT_STATUS_NO_MEMORY;
04434 }
04435
04436 r_u->status = can_create(p->mem_ctx, name);
04437 if (!NT_STATUS_IS_OK(r_u->status)) {
04438 return r_u->status;
04439 }
04440
04441 se_priv_copy( &se_rights, &se_add_users );
04442 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04443
04444
04445
04446 if ( can_add_accounts )
04447 become_root();
04448
04449
04450
04451 r_u->status = pdb_create_dom_group(p->mem_ctx, name, &r_u->rid);
04452
04453 if ( can_add_accounts )
04454 unbecome_root();
04455
04456
04457
04458
04459
04460 if ( !NT_STATUS_IS_OK(r_u->status) )
04461 return r_u->status;
04462
04463 sid_compose(&info_sid, get_global_sam_sid(), r_u->rid);
04464
04465 if ((info = get_samr_info_by_sid(&info_sid)) == NULL)
04466 return NT_STATUS_NO_MEMORY;
04467
04468
04469
04470 info->acc_granted = GENERIC_RIGHTS_GROUP_ALL_ACCESS;
04471
04472
04473 if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info))
04474 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
04475
04476 force_flush_samr_cache(disp_info);
04477
04478 return NT_STATUS_OK;
04479 }
04480
04481
04482
04483
04484
04485 NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, SAMR_R_CREATE_DOM_ALIAS *r_u)
04486 {
04487 DOM_SID dom_sid;
04488 DOM_SID info_sid;
04489 fstring name;
04490 struct samr_info *info;
04491 uint32 acc_granted;
04492 gid_t gid;
04493 NTSTATUS result;
04494 SE_PRIV se_rights;
04495 BOOL can_add_accounts;
04496 DISP_INFO *disp_info = NULL;
04497
04498
04499 if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid, &acc_granted, &disp_info))
04500 return NT_STATUS_INVALID_HANDLE;
04501
04502 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_create_alias"))) {
04503 return r_u->status;
04504 }
04505
04506 if (!sid_equal(&dom_sid, get_global_sam_sid()))
04507 return NT_STATUS_ACCESS_DENIED;
04508
04509 unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)-1);
04510
04511 se_priv_copy( &se_rights, &se_add_users );
04512 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights );
04513
04514 result = can_create(p->mem_ctx, name);
04515 if (!NT_STATUS_IS_OK(result)) {
04516 return result;
04517 }
04518
04519
04520
04521 if ( can_add_accounts )
04522 become_root();
04523
04524
04525 result = pdb_create_alias(name, &r_u->rid);
04526
04527 if ( can_add_accounts )
04528 unbecome_root();
04529
04530
04531
04532 if (!NT_STATUS_IS_OK(result)) {
04533 DEBUG(10, ("pdb_create_alias failed: %s\n",
04534 nt_errstr(result)));
04535 return result;
04536 }
04537
04538 sid_copy(&info_sid, get_global_sam_sid());
04539 sid_append_rid(&info_sid, r_u->rid);
04540
04541 if (!sid_to_gid(&info_sid, &gid)) {
04542 DEBUG(10, ("Could not find alias just created\n"));
04543 return NT_STATUS_ACCESS_DENIED;
04544 }
04545
04546
04547 if ( getgrgid(gid) == NULL ) {
04548 DEBUG(10, ("getgrgid(%d) of just created alias failed\n",
04549 gid));
04550 return NT_STATUS_ACCESS_DENIED;
04551 }
04552
04553 if ((info = get_samr_info_by_sid(&info_sid)) == NULL)
04554 return NT_STATUS_NO_MEMORY;
04555
04556
04557
04558 info->acc_granted = GENERIC_RIGHTS_ALIAS_ALL_ACCESS;
04559
04560
04561 if (!create_policy_hnd(p, &r_u->alias_pol, free_samr_info, (void *)info))
04562 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
04563
04564 force_flush_samr_cache(disp_info);
04565
04566 return NT_STATUS_OK;
04567 }
04568
04569
04570
04571
04572
04573
04574
04575
04576 NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAMR_R_QUERY_GROUPINFO *r_u)
04577 {
04578 DOM_SID group_sid;
04579 GROUP_MAP map;
04580 GROUP_INFO_CTR *ctr;
04581 uint32 acc_granted;
04582 BOOL ret;
04583
04584 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, NULL))
04585 return NT_STATUS_INVALID_HANDLE;
04586
04587 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_LOOKUP_INFO, "_samr_query_groupinfo"))) {
04588 return r_u->status;
04589 }
04590
04591 become_root();
04592 ret = get_domain_group_from_sid(group_sid, &map);
04593 unbecome_root();
04594 if (!ret)
04595 return NT_STATUS_INVALID_HANDLE;
04596
04597 ctr=TALLOC_ZERO_P(p->mem_ctx, GROUP_INFO_CTR);
04598 if (ctr==NULL)
04599 return NT_STATUS_NO_MEMORY;
04600
04601 switch (q_u->switch_level) {
04602 case 1: {
04603 uint32 *members;
04604 size_t num_members;
04605
04606 ctr->switch_value1 = 1;
04607
04608 become_root();
04609 r_u->status = pdb_enum_group_members(
04610 p->mem_ctx, &group_sid, &members, &num_members);
04611 unbecome_root();
04612
04613 if (!NT_STATUS_IS_OK(r_u->status)) {
04614 return r_u->status;
04615 }
04616
04617 init_samr_group_info1(&ctr->group.info1, map.nt_name,
04618 map.comment, num_members);
04619 break;
04620 }
04621 case 2:
04622 ctr->switch_value1 = 2;
04623 init_samr_group_info2(&ctr->group.info2, map.nt_name);
04624 break;
04625 case 3:
04626 ctr->switch_value1 = 3;
04627 init_samr_group_info3(&ctr->group.info3);
04628 break;
04629 case 4:
04630 ctr->switch_value1 = 4;
04631 init_samr_group_info4(&ctr->group.info4, map.comment);
04632 break;
04633 case 5: {
04634
04635
04636
04637
04638
04639 ctr->switch_value1 = 5;
04640
04641
04642
04643
04644
04645
04646
04647
04648
04649
04650
04651 init_samr_group_info5(&ctr->group.info5, map.nt_name,
04652 map.comment, 0 );
04653 break;
04654 }
04655 default:
04656 return NT_STATUS_INVALID_INFO_CLASS;
04657 }
04658
04659 init_samr_r_query_groupinfo(r_u, ctr, NT_STATUS_OK);
04660
04661 return NT_STATUS_OK;
04662 }
04663
04664
04665
04666
04667
04668
04669
04670 NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_SET_GROUPINFO *r_u)
04671 {
04672 DOM_SID group_sid;
04673 GROUP_MAP map;
04674 GROUP_INFO_CTR *ctr;
04675 uint32 acc_granted;
04676 NTSTATUS ret;
04677 BOOL result;
04678 BOOL can_mod_accounts;
04679 DISP_INFO *disp_info = NULL;
04680
04681 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info))
04682 return NT_STATUS_INVALID_HANDLE;
04683
04684 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_SET_INFO, "_samr_set_groupinfo"))) {
04685 return r_u->status;
04686 }
04687
04688 become_root();
04689 result = get_domain_group_from_sid(group_sid, &map);
04690 unbecome_root();
04691 if (!result)
04692 return NT_STATUS_NO_SUCH_GROUP;
04693
04694 ctr=q_u->ctr;
04695
04696 switch (ctr->switch_value1) {
04697 case 1:
04698 unistr2_to_ascii(map.comment, &(ctr->group.info1.uni_acct_desc), sizeof(map.comment)-1);
04699 break;
04700 case 4:
04701 unistr2_to_ascii(map.comment, &(ctr->group.info4.uni_acct_desc), sizeof(map.comment)-1);
04702 break;
04703 default:
04704 return NT_STATUS_INVALID_INFO_CLASS;
04705 }
04706
04707 can_mod_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users );
04708
04709
04710
04711 if ( can_mod_accounts )
04712 become_root();
04713
04714 ret = pdb_update_group_mapping_entry(&map);
04715
04716 if ( can_mod_accounts )
04717 unbecome_root();
04718
04719
04720
04721 if (NT_STATUS_IS_OK(ret)) {
04722 force_flush_samr_cache(disp_info);
04723 }
04724
04725 return ret;
04726 }
04727
04728
04729
04730
04731
04732
04733
04734 NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_SET_ALIASINFO *r_u)
04735 {
04736 DOM_SID group_sid;
04737 struct acct_info info;
04738 ALIAS_INFO_CTR *ctr;
04739 uint32 acc_granted;
04740 BOOL ret;
04741 BOOL can_mod_accounts;
04742 DISP_INFO *disp_info = NULL;
04743
04744 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &group_sid, &acc_granted, &disp_info))
04745 return NT_STATUS_INVALID_HANDLE;
04746
04747 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_SET_INFO, "_samr_set_aliasinfo"))) {
04748 return r_u->status;
04749 }
04750
04751 ctr=&q_u->ctr;
04752
04753
04754
04755 become_root();
04756 ret = pdb_get_aliasinfo( &group_sid, &info );
04757 unbecome_root();
04758
04759 if ( !ret ) {
04760 return NT_STATUS_NO_SUCH_ALIAS;
04761 }
04762
04763 switch (ctr->level) {
04764 case 2:
04765 {
04766 fstring group_name, acct_name;
04767 NTSTATUS status;
04768
04769
04770
04771
04772
04773
04774 if ( sid_check_is_in_builtin( &group_sid ) ) {
04775 return NT_STATUS_SPECIAL_ACCOUNT;
04776 }
04777
04778
04779
04780 if ( !ctr->alias.info2.name.string )
04781 return NT_STATUS_INVALID_PARAMETER;
04782
04783 unistr2_to_ascii( acct_name, ctr->alias.info2.name.string,
04784 sizeof(acct_name)-1 );
04785
04786
04787
04788
04789 if ( strequal( acct_name, info.acct_name ) )
04790 return NT_STATUS_OK;
04791
04792 fstrcpy( info.acct_name, acct_name );
04793
04794
04795
04796
04797 fstr_sprintf( group_name, "%s\\%s", global_myname(), info.acct_name );
04798 status = can_create( p->mem_ctx, group_name );
04799 if ( !NT_STATUS_IS_OK( status ) )
04800 return status;
04801 break;
04802 }
04803 case 3:
04804 if ( ctr->alias.info3.description.string ) {
04805 unistr2_to_ascii( info.acct_desc,
04806 ctr->alias.info3.description.string,
04807 sizeof(info.acct_desc)-1 );
04808 }
04809 else
04810 fstrcpy( info.acct_desc, "" );
04811 break;
04812 default:
04813 return NT_STATUS_INVALID_INFO_CLASS;
04814 }
04815
04816 can_mod_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users );
04817
04818
04819
04820 if ( can_mod_accounts )
04821 become_root();
04822
04823 ret = pdb_set_aliasinfo( &group_sid, &info );
04824
04825 if ( can_mod_accounts )
04826 unbecome_root();
04827
04828
04829
04830 if (ret) {
04831 force_flush_samr_cache(disp_info);
04832 }
04833
04834 return ret ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED;
04835 }
04836
04837
04838
04839
04840
04841 NTSTATUS _samr_get_dom_pwinfo(pipes_struct *p, SAMR_Q_GET_DOM_PWINFO *q_u, SAMR_R_GET_DOM_PWINFO *r_u)
04842 {
04843
04844
04845
04846
04847 if (!pipe_access_check(p)) {
04848 DEBUG(3, ("access denied to samr_get_dom_pwinfo\n"));
04849 r_u->status = NT_STATUS_ACCESS_DENIED;
04850 return r_u->status;
04851 }
04852
04853
04854
04855 return NT_STATUS_OK;
04856 }
04857
04858
04859
04860
04861
04862 NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_GROUP *r_u)
04863 {
04864 DOM_SID sid;
04865 DOM_SID info_sid;
04866 GROUP_MAP map;
04867 struct samr_info *info;
04868 SEC_DESC *psd = NULL;
04869 uint32 acc_granted;
04870 uint32 des_access = q_u->access_mask;
04871 size_t sd_size;
04872 NTSTATUS status;
04873 fstring sid_string;
04874 BOOL ret;
04875 SE_PRIV se_rights;
04876
04877 if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted, NULL))
04878 return NT_STATUS_INVALID_HANDLE;
04879
04880 status = access_check_samr_function(acc_granted,
04881 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_group");
04882
04883 if ( !NT_STATUS_IS_OK(status) )
04884 return status;
04885
04886
04887 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &grp_generic_mapping, NULL, 0);
04888 se_map_generic(&des_access,&grp_generic_mapping);
04889
04890 se_priv_copy( &se_rights, &se_add_users );
04891
04892 status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
04893 &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access,
04894 &acc_granted, "_samr_open_group");
04895
04896 if ( !NT_STATUS_IS_OK(status) )
04897 return status;
04898
04899
04900
04901 if (!sid_equal(&sid, get_global_sam_sid()))
04902 return NT_STATUS_ACCESS_DENIED;
04903
04904 sid_copy(&info_sid, get_global_sam_sid());
04905 sid_append_rid(&info_sid, q_u->rid_group);
04906 sid_to_string(sid_string, &info_sid);
04907
04908 if ((info = get_samr_info_by_sid(&info_sid)) == NULL)
04909 return NT_STATUS_NO_MEMORY;
04910
04911 info->acc_granted = acc_granted;
04912
04913 DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string));
04914
04915
04916 become_root();
04917 ret = get_domain_group_from_sid(info->sid, &map);
04918 unbecome_root();
04919 if (!ret)
04920 return NT_STATUS_NO_SUCH_GROUP;
04921
04922
04923 if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info))
04924 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
04925
04926 return NT_STATUS_OK;
04927 }
04928
04929
04930
04931
04932
04933 NTSTATUS _samr_remove_sid_foreign_domain(pipes_struct *p,
04934 SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN *q_u,
04935 SAMR_R_REMOVE_SID_FOREIGN_DOMAIN *r_u)
04936 {
04937 DOM_SID delete_sid, domain_sid;
04938 uint32 acc_granted;
04939 NTSTATUS result;
04940 DISP_INFO *disp_info = NULL;
04941
04942 sid_copy( &delete_sid, &q_u->sid.sid );
04943
04944 DEBUG(5,("_samr_remove_sid_foreign_domain: removing SID [%s]\n",
04945 sid_string_static(&delete_sid)));
04946
04947
04948
04949 if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &domain_sid,
04950 &acc_granted, &disp_info))
04951 return NT_STATUS_INVALID_HANDLE;
04952
04953 result = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS,
04954 "_samr_remove_sid_foreign_domain");
04955
04956 if (!NT_STATUS_IS_OK(result))
04957 return result;
04958
04959 DEBUG(8, ("_samr_remove_sid_foreign_domain:sid is %s\n",
04960 sid_string_static(&domain_sid)));
04961
04962
04963
04964
04965
04966
04967
04968
04969
04970
04971
04972
04973
04974
04975
04976 if (!sid_check_is_builtin(&domain_sid)) {
04977 DEBUG(1,("_samr_remove_sid_foreign_domain: domain_sid = %s, "
04978 "global_sam_sid() = %s\n",
04979 sid_string_static(&domain_sid),
04980 sid_string_static(get_global_sam_sid())));
04981 DEBUGADD(1,("please report to samba-technical@samba.org!\n"));
04982 return NT_STATUS_OK;
04983 }
04984
04985 force_flush_samr_cache(disp_info);
04986
04987 result = NT_STATUS_OK;
04988
04989 return result;
04990 }
04991
04992
04993
04994
04995
04996 NTSTATUS _samr_query_domain_info2(pipes_struct *p,
04997 SAMR_Q_QUERY_DOMAIN_INFO2 *q_u,
04998 SAMR_R_QUERY_DOMAIN_INFO2 *r_u)
04999 {
05000 SAMR_Q_QUERY_DOMAIN_INFO q;
05001 SAMR_R_QUERY_DOMAIN_INFO r;
05002
05003 ZERO_STRUCT(q);
05004 ZERO_STRUCT(r);
05005
05006 DEBUG(5,("_samr_query_domain_info2: %d\n", __LINE__));
05007
05008 q.domain_pol = q_u->domain_pol;
05009 q.switch_value = q_u->switch_value;
05010
05011 r_u->status = _samr_query_domain_info(p, &q, &r);
05012
05013 r_u->ptr_0 = r.ptr_0;
05014 r_u->switch_value = r.switch_value;
05015 r_u->ctr = r.ctr;
05016
05017 return r_u->status;
05018 }
05019
05020
05021
05022
05023
05024 NTSTATUS _samr_set_dom_info(pipes_struct *p, SAMR_Q_SET_DOMAIN_INFO *q_u, SAMR_R_SET_DOMAIN_INFO *r_u)
05025 {
05026 time_t u_expire, u_min_age;
05027 time_t u_logout;
05028 time_t u_lock_duration, u_reset_time;
05029
05030 r_u->status = NT_STATUS_OK;
05031
05032 DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__));
05033
05034
05035 if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL))
05036 return NT_STATUS_INVALID_HANDLE;
05037
05038 DEBUG(5,("_samr_set_dom_info: switch_value: %d\n", q_u->switch_value));
05039
05040 switch (q_u->switch_value) {
05041 case 0x01:
05042 u_expire=nt_time_to_unix_abs(&q_u->ctr->info.inf1.expire);
05043 u_min_age=nt_time_to_unix_abs(&q_u->ctr->info.inf1.min_passwordage);
05044
05045 pdb_set_account_policy(AP_MIN_PASSWORD_LEN, (uint32)q_u->ctr->info.inf1.min_length_password);
05046 pdb_set_account_policy(AP_PASSWORD_HISTORY, (uint32)q_u->ctr->info.inf1.password_history);
05047 pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)q_u->ctr->info.inf1.password_properties);
05048 pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (int)u_expire);
05049 pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (int)u_min_age);
05050 break;
05051 case 0x02:
05052 break;
05053 case 0x03:
05054 u_logout=nt_time_to_unix_abs(&q_u->ctr->info.inf3.logout);
05055 pdb_set_account_policy(AP_TIME_TO_LOGOUT, (int)u_logout);
05056 break;
05057 case 0x05:
05058 break;
05059 case 0x06:
05060 break;
05061 case 0x07:
05062 break;
05063 case 0x0c:
05064 u_lock_duration=nt_time_to_unix_abs(&q_u->ctr->info.inf12.duration);
05065 if (u_lock_duration != -1)
05066 u_lock_duration /= 60;
05067
05068 u_reset_time=nt_time_to_unix_abs(&q_u->ctr->info.inf12.reset_count)/60;
05069
05070 pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (int)u_lock_duration);
05071 pdb_set_account_policy(AP_RESET_COUNT_TIME, (int)u_reset_time);
05072 pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, (uint32)q_u->ctr->info.inf12.bad_attempt_lockout);
05073 break;
05074 default:
05075 return NT_STATUS_INVALID_INFO_CLASS;
05076 }
05077
05078 init_samr_r_set_domain_info(r_u, NT_STATUS_OK);
05079
05080 DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__));
05081
05082 return r_u->status;
05083 }
05084
05085
05086
05087
05088
05089 NTSTATUS _samr_get_dispenum_index(pipes_struct *p, SAMR_Q_GET_DISPENUM_INDEX *q_u, SAMR_R_GET_DISPENUM_INDEX *r_u)
05090 {
05091 struct samr_info *info = NULL;
05092 uint32 max_entries = (uint32) -1;
05093 uint32 enum_context = 0;
05094 int i;
05095 uint32 num_account = 0;
05096 struct samr_displayentry *entries = NULL;
05097 fstring account_name;
05098
05099 DEBUG(5, ("_samr_get_dispenum_index: %d\n", __LINE__));
05100
05101 r_u->status = NT_STATUS_UNSUCCESSFUL;
05102
05103
05104 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info))
05105 return NT_STATUS_INVALID_HANDLE;
05106
05107 if ((q_u->switch_level < 1) || (q_u->switch_level > 3)) {
05108 DEBUG(0,("_samr_get_dispenum_index: Unknown info level (%u)\n",
05109 (unsigned int)q_u->switch_level ));
05110 return NT_STATUS_INVALID_INFO_CLASS;
05111 }
05112
05113 if (!rpcstr_pull_unistr2_fstring(account_name, &q_u->name.unistring)) {
05114 return NT_STATUS_NO_MEMORY;
05115 }
05116
05117 become_root();
05118
05119
05120
05121 switch (q_u->switch_level) {
05122 case 0x1:
05123 if (info->disp_info->users == NULL) {
05124 info->disp_info->users = pdb_search_users(ACB_NORMAL);
05125 if (info->disp_info->users == NULL) {
05126 unbecome_root();
05127 return NT_STATUS_ACCESS_DENIED;
05128 }
05129 DEBUG(10,("_samr_get_dispenum_index: starting user enumeration at index %u\n",
05130 (unsigned int)enum_context ));
05131 } else {
05132 DEBUG(10,("_samr_get_dispenum_index: using cached user enumeration at index %u\n",
05133 (unsigned int)enum_context ));
05134 }
05135
05136 num_account = pdb_search_entries(info->disp_info->users,
05137 enum_context, max_entries,
05138 &entries);
05139 break;
05140 case 0x2:
05141 if (info->disp_info->machines == NULL) {
05142 info->disp_info->machines =
05143 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST);
05144 if (info->disp_info->machines == NULL) {
05145 unbecome_root();
05146 return NT_STATUS_ACCESS_DENIED;
05147 }
05148 DEBUG(10,("_samr_get_dispenum_index: starting machine enumeration at index %u\n",
05149 (unsigned int)enum_context ));
05150 } else {
05151 DEBUG(10,("_samr_get_dispenum_index: using cached machine enumeration at index %u\n",
05152 (unsigned int)enum_context ));
05153 }
05154
05155 num_account = pdb_search_entries(info->disp_info->machines,
05156 enum_context, max_entries,
05157 &entries);
05158 break;
05159 case 0x3:
05160 if (info->disp_info->groups == NULL) {
05161 info->disp_info->groups = pdb_search_groups();
05162 if (info->disp_info->groups == NULL) {
05163 unbecome_root();
05164 return NT_STATUS_ACCESS_DENIED;
05165 }
05166 DEBUG(10,("_samr_get_dispenum_index: starting group enumeration at index %u\n",
05167 (unsigned int)enum_context ));
05168 } else {
05169 DEBUG(10,("_samr_get_dispenum_index: using cached group enumeration at index %u\n",
05170 (unsigned int)enum_context ));
05171 }
05172
05173 num_account = pdb_search_entries(info->disp_info->groups,
05174 enum_context, max_entries,
05175 &entries);
05176 break;
05177 default:
05178 unbecome_root();
05179 smb_panic("info class changed");
05180 break;
05181 }
05182 unbecome_root();
05183
05184
05185 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT);
05186
05187 DEBUG(10,("_samr_get_dispenum_index: looking for :%s\n", account_name));
05188
05189 for (i=0; i<num_account; i++) {
05190 if (strequal(entries[i].account_name, account_name)) {
05191 DEBUG(10,("_samr_get_dispenum_index: found %s at idx %d\n",
05192 account_name, i));
05193
05194 init_samr_r_get_dispenum_index(r_u, i);
05195
05196 return NT_STATUS_OK;
05197 }
05198 }
05199
05200
05201 init_samr_r_get_dispenum_index(r_u, num_account);
05202
05203 return NT_STATUS_OK;
05204 }