static NTSTATUS make_samr_object_sd | ( | TALLOC_CTX * | ctx, | |
SEC_DESC ** | psd, | |||
size_t * | sd_size, | |||
struct generic_mapping * | map, | |||
DOM_SID * | sid, | |||
uint32 | sid_access | |||
) | [static] |
srv_samr_nt.c の 110 行で定義されています。
参照先 generic_mapping::generic_all・generic_mapping::generic_execute・generic_mapping::generic_read・get_global_sam_sid()・global_sid_Builtin_Account_Operators・global_sid_Builtin_Administrators・global_sid_World・init_sec_access()・init_sec_ace()・make_sec_acl()・make_sec_desc()・SEC_ACE_TYPE_ACCESS_ALLOWED・sid_append_rid()・sid_copy().
参照元 _samr_connect()・_samr_connect4()・_samr_connect5()・_samr_create_user()・_samr_open_alias()・_samr_open_domain()・_samr_open_group()・_samr_open_user()・_samr_query_sec_obj().
00113 { 00114 DOM_SID domadmin_sid; 00115 SEC_ACE ace[5]; /* at most 5 entries */ 00116 SEC_ACCESS mask; 00117 size_t i = 0; 00118 00119 SEC_ACL *psa = NULL; 00120 00121 /* basic access for Everyone */ 00122 00123 init_sec_access(&mask, map->generic_execute | map->generic_read ); 00124 init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); 00125 00126 /* add Full Access 'BUILTIN\Administrators' and 'BUILTIN\Account Operators */ 00127 00128 init_sec_access(&mask, map->generic_all); 00129 00130 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); 00131 init_sec_ace(&ace[i++], &global_sid_Builtin_Account_Operators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); 00132 00133 /* Add Full Access for Domain Admins if we are a DC */ 00134 00135 if ( IS_DC ) { 00136 sid_copy( &domadmin_sid, get_global_sam_sid() ); 00137 sid_append_rid( &domadmin_sid, DOMAIN_GROUP_RID_ADMINS ); 00138 init_sec_ace(&ace[i++], &domadmin_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); 00139 } 00140 00141 /* if we have a sid, give it some special access */ 00142 00143 if ( sid ) { 00144 init_sec_access( &mask, sid_access ); 00145 init_sec_ace(&ace[i++], sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); 00146 } 00147 00148 /* create the security descriptor */ 00149 00150 if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) == NULL) 00151 return NT_STATUS_NO_MEMORY; 00152 00153 if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, sd_size)) == NULL) 00154 return NT_STATUS_NO_MEMORY; 00155 00156 return NT_STATUS_OK; 00157 }
static NTSTATUS access_check_samr_object | ( | SEC_DESC * | psd, | |
NT_USER_TOKEN * | token, | |||
SE_PRIV * | rights, | |||
uint32 | rights_mask, | |||
uint32 | des_access, | |||
uint32 * | acc_granted, | |||
const char * | debug | |||
) | [static] |
srv_samr_nt.c の 164 行で定義されています。
参照先 se_access_check()・sec_initial_uid()・status・user_has_any_privilege().
参照元 _samr_connect()・_samr_connect4()・_samr_connect5()・_samr_create_user()・_samr_open_alias()・_samr_open_domain()・_samr_open_group()・_samr_open_user().
00168 { 00169 NTSTATUS status = NT_STATUS_ACCESS_DENIED; 00170 uint32 saved_mask = 0; 00171 00172 /* check privileges; certain SAM access bits should be overridden 00173 by privileges (mostly having to do with creating/modifying/deleting 00174 users and groups) */ 00175 00176 if ( rights && user_has_any_privilege( token, rights ) ) { 00177 00178 saved_mask = (des_access & rights_mask); 00179 des_access &= ~saved_mask; 00180 00181 DEBUG(4,("access_check_samr_object: user rights access mask [0x%x]\n", 00182 rights_mask)); 00183 } 00184 00185 00186 /* check the security descriptor first */ 00187 00188 if ( se_access_check(psd, token, des_access, acc_granted, &status) ) 00189 goto done; 00190 00191 /* give root a free pass */ 00192 00193 if ( geteuid() == sec_initial_uid() ) { 00194 00195 DEBUG(4,("%s: ACCESS should be DENIED (requested: %#010x)\n", debug, des_access)); 00196 DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n")); 00197 00198 *acc_granted = des_access; 00199 00200 status = NT_STATUS_OK; 00201 goto done; 00202 } 00203 00204 00205 done: 00206 /* add in any bits saved during the privilege check (only 00207 matters is status is ok) */ 00208 00209 *acc_granted |= rights_mask; 00210 00211 DEBUG(4,("%s: access %s (requested: 0x%08x, granted: 0x%08x)\n", 00212 debug, NT_STATUS_IS_OK(status) ? "GRANTED" : "DENIED", 00213 des_access, *acc_granted)); 00214 00215 return status; 00216 }
static NTSTATUS access_check_samr_function | ( | uint32 | acc_granted, | |
uint32 | acc_required, | |||
const char * | debug | |||
) | [static] |
srv_samr_nt.c の 222 行で定義されています。
参照先 sec_initial_uid().
参照元 _samr_add_aliasmem()・_samr_add_groupmem()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_del_aliasmem()・_samr_del_groupmem()・_samr_delete_dom_alias()・_samr_delete_dom_group()・_samr_delete_dom_user()・_samr_enum_dom_aliases()・_samr_enum_dom_groups()・_samr_enum_dom_users()・_samr_enum_domains()・_samr_lookup_domain()・_samr_lookup_names()・_samr_open_alias()・_samr_open_domain()・_samr_open_group()・_samr_open_user()・_samr_query_aliasinfo()・_samr_query_aliasmem()・_samr_query_groupinfo()・_samr_query_groupmem()・_samr_query_useraliases()・_samr_query_usergroups()・_samr_remove_sid_foreign_domain()・_samr_set_aliasinfo()・_samr_set_groupinfo()・_samr_set_userinfo()・_samr_set_userinfo2().
00223 { 00224 DEBUG(5,("%s: access check ((granted: %#010x; required: %#010x)\n", 00225 debug, acc_granted, acc_required)); 00226 00227 /* check the security descriptor first */ 00228 00229 if ( (acc_granted&acc_required) == acc_required ) 00230 return NT_STATUS_OK; 00231 00232 /* give root a free pass */ 00233 00234 if (geteuid() == sec_initial_uid()) { 00235 00236 DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x; required: %#010x)\n", 00237 debug, acc_granted, acc_required)); 00238 DEBUGADD(4,("but overwritten by euid == 0\n")); 00239 00240 return NT_STATUS_OK; 00241 } 00242 00243 DEBUG(2,("%s: ACCESS DENIED (granted: %#010x; required: %#010x)\n", 00244 debug, acc_granted, acc_required)); 00245 00246 return NT_STATUS_ACCESS_DENIED; 00247 }
srv_samr_nt.c の 253 行で定義されています。
参照先 get_global_sam_sid()・global_sid_Builtin・disp_info::sid・sid_check_is_builtin()・sid_check_is_domain()・sid_check_is_in_builtin()・sid_check_is_in_our_domain()・sid_copy().
00254 { 00255 /* 00256 * We do a static cache for DISP_INFO's here. Explanation can be found 00257 * in Jeremy's checkin message to r11793: 00258 * 00259 * Fix the SAMR cache so it works across completely insane 00260 * client behaviour (ie.: 00261 * open pipe/open SAMR handle/enumerate 0 - 1024 00262 * close SAMR handle, close pipe. 00263 * open pipe/open SAMR handle/enumerate 1024 - 2048... 00264 * close SAMR handle, close pipe. 00265 * And on ad-nausium. Amazing.... probably object-oriented 00266 * client side programming in action yet again. 00267 * This change should *massively* improve performance when 00268 * enumerating users from an LDAP database. 00269 * Jeremy. 00270 * 00271 * "Our" and the builtin domain are the only ones where we ever 00272 * enumerate stuff, so just cache 2 entries. 00273 */ 00274 00275 static struct disp_info builtin_dispinfo; 00276 static struct disp_info domain_dispinfo; 00277 00278 /* There are two cases to consider here: 00279 1) The SID is a domain SID and we look for an equality match, or 00280 2) This is an account SID and so we return the DISP_INFO* for our 00281 domain */ 00282 00283 if (psid == NULL) { 00284 return NULL; 00285 } 00286 00287 if (sid_check_is_builtin(psid) || sid_check_is_in_builtin(psid)) { 00288 /* 00289 * Necessary only once, but it does not really hurt. 00290 */ 00291 sid_copy(&builtin_dispinfo.sid, &global_sid_Builtin); 00292 00293 return &builtin_dispinfo; 00294 } 00295 00296 if (sid_check_is_domain(psid) || sid_check_is_in_our_domain(psid)) { 00297 /* 00298 * Necessary only once, but it does not really hurt. 00299 */ 00300 sid_copy(&domain_dispinfo.sid, get_global_sam_sid()); 00301 00302 return &domain_dispinfo; 00303 } 00304 00305 return NULL; 00306 }
srv_samr_nt.c の 312 行で定義されています。
参照先 samr_info::builtin_domain・samr_info::disp_info・get_samr_dispinfo_by_sid()・samr_info::mem_ctx・samr_info::sid・sid_check_is_builtin()・sid_copy()・sid_to_string()・talloc_init().
参照元 _samr_connect()・_samr_connect4()・_samr_connect5()・_samr_connect_anon()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_open_alias()・_samr_open_domain()・_samr_open_group()・_samr_open_user().
00313 { 00314 struct samr_info *info; 00315 fstring sid_str; 00316 TALLOC_CTX *mem_ctx; 00317 00318 if (psid) { 00319 sid_to_string(sid_str, psid); 00320 } else { 00321 fstrcpy(sid_str,"(NULL)"); 00322 } 00323 00324 mem_ctx = talloc_init("samr_info for domain sid %s", sid_str); 00325 00326 if ((info = TALLOC_ZERO_P(mem_ctx, struct samr_info)) == NULL) 00327 return NULL; 00328 00329 DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str)); 00330 if (psid) { 00331 sid_copy( &info->sid, psid); 00332 info->builtin_domain = sid_check_is_builtin(psid); 00333 } else { 00334 DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n")); 00335 info->builtin_domain = False; 00336 } 00337 info->mem_ctx = mem_ctx; 00338 00339 info->disp_info = get_samr_dispinfo_by_sid(psid); 00340 00341 return info; 00342 }
static void free_samr_cache | ( | DISP_INFO * | disp_info, | |
const char * | sid_str | |||
) | [static] |
srv_samr_nt.c の 348 行で定義されています。
参照先 disp_info::aliases・become_root()・samr_info::disp_info・disp_info::enum_acb_mask・disp_info::enum_users・disp_info::groups・disp_info::machines・pdb_search_destroy()・unbecome_root()・disp_info::users.
参照元 disp_info_cache_idle_timeout_handler()・force_flush_samr_cache()・free_samr_info().
00349 { 00350 DEBUG(10,("free_samr_cache: deleting cache for SID %s\n", sid_str)); 00351 00352 /* We need to become root here because the paged search might have to 00353 * tell the LDAP server we're not interested in the rest anymore. */ 00354 00355 become_root(); 00356 00357 if (disp_info->users) { 00358 DEBUG(10,("free_samr_cache: deleting users cache\n")); 00359 pdb_search_destroy(disp_info->users); 00360 disp_info->users = NULL; 00361 } 00362 if (disp_info->machines) { 00363 DEBUG(10,("free_samr_cache: deleting machines cache\n")); 00364 pdb_search_destroy(disp_info->machines); 00365 disp_info->machines = NULL; 00366 } 00367 if (disp_info->groups) { 00368 DEBUG(10,("free_samr_cache: deleting groups cache\n")); 00369 pdb_search_destroy(disp_info->groups); 00370 disp_info->groups = NULL; 00371 } 00372 if (disp_info->aliases) { 00373 DEBUG(10,("free_samr_cache: deleting aliases cache\n")); 00374 pdb_search_destroy(disp_info->aliases); 00375 disp_info->aliases = NULL; 00376 } 00377 if (disp_info->enum_users) { 00378 DEBUG(10,("free_samr_cache: deleting enum_users cache\n")); 00379 pdb_search_destroy(disp_info->enum_users); 00380 disp_info->enum_users = NULL; 00381 } 00382 disp_info->enum_acb_mask = 0; 00383 00384 unbecome_root(); 00385 }
static void free_samr_info | ( | void * | ptr | ) | [static] |
srv_samr_nt.c の 391 行で定義されています。
参照先 disp_info::di_cache_timeout_event・samr_info::disp_info・free_samr_cache()・samr_info::mem_ctx・disp_info::sid・sid_to_string().
参照元 _samr_connect()・_samr_connect4()・_samr_connect5()・_samr_connect_anon()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_open_alias()・_samr_open_domain()・_samr_open_group()・_samr_open_user().
00392 { 00393 struct samr_info *info=(struct samr_info *) ptr; 00394 00395 /* Only free the dispinfo cache if no one bothered to set up 00396 a timeout. */ 00397 00398 if (info->disp_info && info->disp_info->di_cache_timeout_event == (smb_event_id_t)0) { 00399 fstring sid_str; 00400 sid_to_string(sid_str, &info->disp_info->sid); 00401 free_samr_cache(info->disp_info, sid_str); 00402 } 00403 00404 talloc_destroy(info->mem_ctx); 00405 }
static void disp_info_cache_idle_timeout_handler | ( | void ** | private_data, | |
time_t * | ev_interval, | |||
time_t | ev_now | |||
) | [static] |
srv_samr_nt.c の 411 行で定義されています。
参照先 disp_info::di_cache_timeout_event・samr_info::disp_info・free_samr_cache()・disp_info::sid・sid_to_string()・smb_unregister_idle_event().
参照元 set_disp_info_cache_timeout().
00414 { 00415 fstring sid_str; 00416 DISP_INFO *disp_info = (DISP_INFO *)(*private_data); 00417 00418 sid_to_string(sid_str, &disp_info->sid); 00419 00420 free_samr_cache(disp_info, sid_str); 00421 00422 /* Remove the event. */ 00423 smb_unregister_idle_event(disp_info->di_cache_timeout_event); 00424 disp_info->di_cache_timeout_event = (smb_event_id_t)0; 00425 00426 DEBUG(10,("disp_info_cache_idle_timeout_handler: caching timed out for SID %s at %u\n", 00427 sid_str, (unsigned int)ev_now)); 00428 }
static void set_disp_info_cache_timeout | ( | DISP_INFO * | disp_info, | |
time_t | secs_fromnow | |||
) | [static] |
srv_samr_nt.c の 434 行で定義されています。
参照先 disp_info::di_cache_timeout_event・samr_info::disp_info・disp_info_cache_idle_timeout_handler()・disp_info::sid・sid_to_string()・smb_register_idle_event()・smb_unregister_idle_event().
参照元 _samr_enum_dom_aliases()・_samr_enum_dom_groups()・_samr_enum_dom_users()・_samr_get_dispenum_index()・_samr_query_dispinfo()・count_sam_aliases()・count_sam_groups()・count_sam_users().
00435 { 00436 fstring sid_str; 00437 00438 sid_to_string(sid_str, &disp_info->sid); 00439 00440 /* Remove any pending timeout and update. */ 00441 00442 if (disp_info->di_cache_timeout_event) { 00443 smb_unregister_idle_event(disp_info->di_cache_timeout_event); 00444 disp_info->di_cache_timeout_event = (smb_event_id_t)0; 00445 } 00446 00447 DEBUG(10,("set_disp_info_cache_timeout: caching enumeration for SID %s for %u seconds\n", 00448 sid_str, (unsigned int)secs_fromnow )); 00449 00450 disp_info->di_cache_timeout_event = 00451 smb_register_idle_event(disp_info_cache_idle_timeout_handler, 00452 disp_info, 00453 secs_fromnow); 00454 }
static void force_flush_samr_cache | ( | DISP_INFO * | disp_info | ) | [static] |
srv_samr_nt.c の 461 行で定義されています。
参照先 disp_info::di_cache_timeout_event・samr_info::disp_info・free_samr_cache()・disp_info::sid・sid_to_string()・smb_unregister_idle_event().
参照元 _samr_add_aliasmem()・_samr_add_groupmem()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_del_aliasmem()・_samr_del_groupmem()・_samr_delete_dom_alias()・_samr_delete_dom_group()・_samr_delete_dom_user()・_samr_remove_sid_foreign_domain()・_samr_set_aliasinfo()・_samr_set_groupinfo()・_samr_set_userinfo()・_samr_set_userinfo2().
00462 { 00463 if (disp_info) { 00464 fstring sid_str; 00465 00466 sid_to_string(sid_str, &disp_info->sid); 00467 if (disp_info->di_cache_timeout_event) { 00468 smb_unregister_idle_event(disp_info->di_cache_timeout_event); 00469 disp_info->di_cache_timeout_event = (smb_event_id_t)0; 00470 DEBUG(10,("force_flush_samr_cache: clearing idle event for SID %s\n", 00471 sid_str)); 00472 } 00473 free_samr_cache(disp_info, sid_str); 00474 } 00475 }
static void samr_clear_sam_passwd | ( | struct samu * | sam_pass | ) | [static] |
srv_samr_nt.c の 481 行で定義されています。
参照先 PDB_DEFAULT・pdb_set_lanman_passwd()・pdb_set_nt_passwd().
参照元 get_user_info_20()・get_user_info_21().
00482 { 00483 00484 if (!sam_pass) 00485 return; 00486 00487 /* These now zero out the old password */ 00488 00489 pdb_set_lanman_passwd(sam_pass, NULL, PDB_DEFAULT); 00490 pdb_set_nt_passwd(sam_pass, NULL, PDB_DEFAULT); 00491 }
static uint32 count_sam_users | ( | struct disp_info * | info, | |
uint32 | acct_flags | |||
) | [static] |
srv_samr_nt.c の 493 行で定義されています。
参照先 disp_info::builtin_domain・pdb_search::num_entries・pdb_search_entries()・pdb_search_users()・set_disp_info_cache_timeout()・disp_info::users.
参照元 _samr_query_domain_info().
00494 { 00495 struct samr_displayentry *entry; 00496 00497 if (info->builtin_domain) { 00498 /* No users in builtin. */ 00499 return 0; 00500 } 00501 00502 if (info->users == NULL) { 00503 info->users = pdb_search_users(acct_flags); 00504 if (info->users == NULL) { 00505 return 0; 00506 } 00507 } 00508 /* Fetch the last possible entry, thus trigger an enumeration */ 00509 pdb_search_entries(info->users, 0xffffffff, 1, &entry); 00510 00511 /* Ensure we cache this enumeration. */ 00512 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT); 00513 00514 return info->users->num_entries; 00515 }
static uint32 count_sam_groups | ( | struct disp_info * | info | ) | [static] |
srv_samr_nt.c の 517 行で定義されています。
参照先 disp_info::builtin_domain・disp_info::groups・pdb_search::num_entries・pdb_search_entries()・pdb_search_groups()・set_disp_info_cache_timeout().
参照元 _samr_query_domain_info().
00518 { 00519 struct samr_displayentry *entry; 00520 00521 if (info->builtin_domain) { 00522 /* No groups in builtin. */ 00523 return 0; 00524 } 00525 00526 if (info->groups == NULL) { 00527 info->groups = pdb_search_groups(); 00528 if (info->groups == NULL) { 00529 return 0; 00530 } 00531 } 00532 /* Fetch the last possible entry, thus trigger an enumeration */ 00533 pdb_search_entries(info->groups, 0xffffffff, 1, &entry); 00534 00535 /* Ensure we cache this enumeration. */ 00536 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT); 00537 00538 return info->groups->num_entries; 00539 }
static uint32 count_sam_aliases | ( | struct disp_info * | info | ) | [static] |
srv_samr_nt.c の 541 行で定義されています。
参照先 disp_info::aliases・pdb_search::num_entries・pdb_search_aliases()・pdb_search_entries()・set_disp_info_cache_timeout()・disp_info::sid.
参照元 _samr_query_domain_info().
00542 { 00543 struct samr_displayentry *entry; 00544 00545 if (info->aliases == NULL) { 00546 info->aliases = pdb_search_aliases(&info->sid); 00547 if (info->aliases == NULL) { 00548 return 0; 00549 } 00550 } 00551 /* Fetch the last possible entry, thus trigger an enumeration */ 00552 pdb_search_entries(info->aliases, 0xffffffff, 1, &entry); 00553 00554 /* Ensure we cache this enumeration. */ 00555 set_disp_info_cache_timeout(info, DISP_INFO_CACHE_TIMEOUT); 00556 00557 return info->aliases->num_entries; 00558 }
NTSTATUS _samr_close_hnd | ( | pipes_struct * | p, | |
SAMR_Q_CLOSE_HND * | q_u, | |||
SAMR_R_CLOSE_HND * | r_u | |||
) |
srv_samr_nt.c の 564 行で定義されています。
参照先 close_policy_hnd()・q_samr_close_hnd_info::pol・r_samr_close_hnd_info::status.
参照元 api_samr_close_hnd().
00565 { 00566 r_u->status = NT_STATUS_OK; 00567 00568 /* close the policy handle */ 00569 if (!close_policy_hnd(p, &q_u->pol)) 00570 return NT_STATUS_OBJECT_NAME_INVALID; 00571 00572 DEBUG(5,("samr_reply_close_hnd: %d\n", __LINE__)); 00573 00574 return r_u->status; 00575 }
NTSTATUS _samr_open_domain | ( | pipes_struct * | p, | |
SAMR_Q_OPEN_DOMAIN * | q_u, | |||
SAMR_R_OPEN_DOMAIN * | r_u | |||
) |
srv_samr_nt.c の 581 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・access_check_samr_object()・create_policy_hnd()・dom_generic_mapping・q_samr_open_domain_info::dom_sid・r_samr_open_domain_info::domain_pol・find_policy_by_hnd()・q_samr_open_domain_info::flags・free_samr_info()・get_samr_info_by_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipes_struct::pipe_user・q_samr_open_domain_info::pol・se_add_users・se_machine_account・se_map_generic()・se_priv_add()・se_priv_copy()・DOM_SID2::sid・sid_check_is_builtin()・sid_check_is_domain()・r_samr_open_domain_info::status・status.
00582 { 00583 struct samr_info *info; 00584 SEC_DESC *psd = NULL; 00585 uint32 acc_granted; 00586 uint32 des_access = q_u->flags; 00587 NTSTATUS status; 00588 size_t sd_size; 00589 SE_PRIV se_rights; 00590 00591 r_u->status = NT_STATUS_OK; 00592 00593 /* find the connection policy handle. */ 00594 00595 if ( !find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info) ) 00596 return NT_STATUS_INVALID_HANDLE; 00597 00598 status = access_check_samr_function( info->acc_granted, 00599 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_open_domain" ); 00600 00601 if ( !NT_STATUS_IS_OK(status) ) 00602 return status; 00603 00604 /*check if access can be granted as requested by client. */ 00605 00606 make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 ); 00607 se_map_generic( &des_access, &dom_generic_mapping ); 00608 00609 se_priv_copy( &se_rights, &se_machine_account ); 00610 se_priv_add( &se_rights, &se_add_users ); 00611 00612 status = access_check_samr_object( psd, p->pipe_user.nt_user_token, 00613 &se_rights, GENERIC_RIGHTS_DOMAIN_WRITE, des_access, 00614 &acc_granted, "_samr_open_domain" ); 00615 00616 if ( !NT_STATUS_IS_OK(status) ) 00617 return status; 00618 00619 if (!sid_check_is_domain(&q_u->dom_sid.sid) && 00620 !sid_check_is_builtin(&q_u->dom_sid.sid)) { 00621 return NT_STATUS_NO_SUCH_DOMAIN; 00622 } 00623 00624 /* associate the domain SID with the (unique) handle. */ 00625 if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL) 00626 return NT_STATUS_NO_MEMORY; 00627 info->acc_granted = acc_granted; 00628 00629 /* get a (unique) handle. open a policy on it. */ 00630 if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info)) 00631 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 00632 00633 DEBUG(5,("samr_open_domain: %d\n", __LINE__)); 00634 00635 return r_u->status; 00636 }
NTSTATUS _samr_get_usrdom_pwinfo | ( | pipes_struct * | p, | |
SAMR_Q_GET_USRDOM_PWINFO * | q_u, | |||
SAMR_R_GET_USRDOM_PWINFO * | r_u | |||
) |
srv_samr_nt.c の 642 行で定義されています。
参照先 find_policy_by_hnd()・init_samr_r_get_usrdom_pwinfo()・sid_check_is_in_our_domain()・r_samr_usrdom_pwinfo_info::status・q_samr_usrdom_pwinfo_info::user_pol.
参照元 api_samr_get_usrdom_pwinfo().
00643 { 00644 struct samr_info *info = NULL; 00645 00646 r_u->status = NT_STATUS_OK; 00647 00648 /* find the policy handle. open a policy on it. */ 00649 if (!find_policy_by_hnd(p, &q_u->user_pol, (void **)(void *)&info)) 00650 return NT_STATUS_INVALID_HANDLE; 00651 00652 if (!sid_check_is_in_our_domain(&info->sid)) 00653 return NT_STATUS_OBJECT_TYPE_MISMATCH; 00654 00655 init_samr_r_get_usrdom_pwinfo(r_u, NT_STATUS_OK); 00656 00657 DEBUG(5,("_samr_get_usrdom_pwinfo: %d\n", __LINE__)); 00658 00659 /* 00660 * NT sometimes return NT_STATUS_ACCESS_DENIED 00661 * I don't know yet why. 00662 */ 00663 00664 return r_u->status; 00665 }
static BOOL get_lsa_policy_samr_sid | ( | pipes_struct * | p, | |
POLICY_HND * | pol, | |||
DOM_SID * | sid, | |||
uint32 * | acc_granted, | |||
DISP_INFO ** | ppdisp_info | |||
) | [static] |
srv_samr_nt.c の 670 行で定義されています。
参照先 find_policy_by_hnd()・pol・samr_info::sid.
参照元 _samr_add_aliasmem()・_samr_add_groupmem()・_samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_del_aliasmem()・_samr_del_groupmem()・_samr_delete_dom_alias()・_samr_delete_dom_group()・_samr_delete_dom_user()・_samr_lookup_names()・_samr_lookup_rids()・_samr_open_alias()・_samr_open_group()・_samr_open_user()・_samr_query_aliasinfo()・_samr_query_aliasmem()・_samr_query_groupinfo()・_samr_query_groupmem()・_samr_query_sec_obj()・_samr_query_usergroups()・_samr_remove_sid_foreign_domain()・_samr_set_aliasinfo()・_samr_set_groupinfo()・_samr_set_sec_obj()・_samr_set_userinfo()・_samr_set_userinfo2().
00673 { 00674 struct samr_info *info = NULL; 00675 00676 /* find the policy handle. open a policy on it. */ 00677 if (!find_policy_by_hnd(p, pol, (void **)(void *)&info)) 00678 return False; 00679 00680 if (!info) 00681 return False; 00682 00683 *sid = info->sid; 00684 *acc_granted = info->acc_granted; 00685 if (ppdisp_info) { 00686 *ppdisp_info = info->disp_info; 00687 } 00688 00689 return True; 00690 }
NTSTATUS _samr_set_sec_obj | ( | pipes_struct * | p, | |
SAMR_Q_SET_SEC_OBJ * | q_u, | |||
SAMR_R_SET_SEC_OBJ * | r_u | |||
) |
srv_samr_nt.c の 696 行で定義されています。
参照先 samr_info::acc_granted・security_ace_info::access_mask・security_acl_info::aces・become_root()・q_samr_set_sec_obj_info::buf・security_descriptor_info::dacl・get_lsa_policy_samr_sid()・pipes_struct::mem_ctx・security_acl_info::num_aces・pdb_getsampwsid()・pdb_set_pass_can_change()・q_samr_set_sec_obj_info::pol・samu_new()・sec_desc_buf_info::sec・sid_equal()・sid_string_static()・r_samr_set_sec_obj_info::status・status・security_ace_info::trustee・unbecome_root().
00697 { 00698 DOM_SID pol_sid; 00699 uint32 acc_granted, i; 00700 SEC_ACL *dacl; 00701 BOOL ret; 00702 struct samu *sampass=NULL; 00703 NTSTATUS status; 00704 00705 r_u->status = NT_STATUS_OK; 00706 00707 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) 00708 return NT_STATUS_INVALID_HANDLE; 00709 00710 if (!(sampass = samu_new( p->mem_ctx))) { 00711 DEBUG(0,("No memory!\n")); 00712 return NT_STATUS_NO_MEMORY; 00713 } 00714 00715 /* get the user record */ 00716 become_root(); 00717 ret = pdb_getsampwsid(sampass, &pol_sid); 00718 unbecome_root(); 00719 00720 if (!ret) { 00721 DEBUG(4, ("User %s not found\n", sid_string_static(&pol_sid))); 00722 TALLOC_FREE(sampass); 00723 return NT_STATUS_INVALID_HANDLE; 00724 } 00725 00726 dacl = q_u->buf->sec->dacl; 00727 for (i=0; i < dacl->num_aces; i++) { 00728 if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) { 00729 ret = pdb_set_pass_can_change(sampass, 00730 (dacl->aces[i].access_mask & 00731 SA_RIGHT_USER_CHANGE_PASSWORD) ? 00732 True: False); 00733 break; 00734 } 00735 } 00736 00737 if (!ret) { 00738 TALLOC_FREE(sampass); 00739 return NT_STATUS_ACCESS_DENIED; 00740 } 00741 00742 status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj"); 00743 if (NT_STATUS_IS_OK(status)) { 00744 become_root(); 00745 status = pdb_update_sam_account(sampass); 00746 unbecome_root(); 00747 } 00748 00749 TALLOC_FREE(sampass); 00750 00751 return status; 00752 }
static BOOL check_change_pw_access | ( | TALLOC_CTX * | mem_ctx, | |
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 757 行で定義されています。
参照先 become_root()・pdb_get_pass_can_change()・pdb_get_username()・pdb_getsampwsid()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
00758 { 00759 struct samu *sampass=NULL; 00760 BOOL ret; 00761 00762 if ( !(sampass = samu_new( mem_ctx )) ) { 00763 DEBUG(0,("No memory!\n")); 00764 return False; 00765 } 00766 00767 become_root(); 00768 ret = pdb_getsampwsid(sampass, user_sid); 00769 unbecome_root(); 00770 00771 if (ret == False) { 00772 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 00773 TALLOC_FREE(sampass); 00774 return False; 00775 } 00776 00777 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) )); 00778 00779 if (pdb_get_pass_can_change(sampass)) { 00780 TALLOC_FREE(sampass); 00781 return True; 00782 } 00783 TALLOC_FREE(sampass); 00784 return False; 00785 }
NTSTATUS _samr_query_sec_obj | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_SEC_OBJ * | q_u, | |||
SAMR_R_QUERY_SEC_OBJ * | r_u | |||
) |
srv_samr_nt.c の 792 行で定義されています。
参照先 r_samr_query_sec_obj_info::buf・check_change_pw_access()・dom_generic_mapping・get_global_sam_sid()・get_lsa_policy_samr_sid()・global_sid_Builtin・make_samr_object_sd()・make_sec_desc_buf()・pipes_struct::mem_ctx・r_samr_query_sec_obj_info::ptr・sam_generic_mapping・sid_check_is_in_builtin()・sid_check_is_in_our_domain()・sid_equal()・dom_sid::sid_rev_num・sid_to_string()・r_samr_query_sec_obj_info::status・q_samr_query_sec_obj_info::user_pol・usr_generic_mapping・usr_nopwchange_generic_mapping.
00793 { 00794 DOM_SID pol_sid; 00795 fstring str_sid; 00796 SEC_DESC * psd = NULL; 00797 uint32 acc_granted; 00798 size_t sd_size; 00799 00800 r_u->status = NT_STATUS_OK; 00801 00802 /* Get the SID. */ 00803 if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL)) 00804 return NT_STATUS_INVALID_HANDLE; 00805 00806 DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n", sid_to_string(str_sid, &pol_sid))); 00807 00808 /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */ 00809 00810 /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */ 00811 if (pol_sid.sid_rev_num == 0) { 00812 DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n")); 00813 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); 00814 } else if (sid_equal(&pol_sid,get_global_sam_sid())) { 00815 /* check if it is our domain SID */ 00816 DEBUG(5,("_samr_query_sec_obj: querying security on Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); 00817 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); 00818 } else if (sid_equal(&pol_sid,&global_sid_Builtin)) { 00819 /* check if it is the Builtin Domain */ 00820 /* TODO: Builtin probably needs a different SD with restricted write access*/ 00821 DEBUG(5,("_samr_query_sec_obj: querying security on Builtin Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); 00822 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0); 00823 } else if (sid_check_is_in_our_domain(&pol_sid) || 00824 sid_check_is_in_builtin(&pol_sid)) { 00825 /* TODO: different SDs have to be generated for aliases groups and users. 00826 Currently all three get a default user SD */ 00827 DEBUG(10,("_samr_query_sec_obj: querying security on Object with SID: %s\n", sid_to_string(str_sid, &pol_sid))); 00828 if (check_change_pw_access(p->mem_ctx, &pol_sid)) { 00829 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, 00830 &pol_sid, SAMR_USR_RIGHTS_WRITE_PW); 00831 } else { 00832 r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping, 00833 &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW); 00834 } 00835 } else { 00836 return NT_STATUS_OBJECT_TYPE_MISMATCH; 00837 } 00838 00839 if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) 00840 return NT_STATUS_NO_MEMORY; 00841 00842 if (NT_STATUS_IS_OK(r_u->status)) 00843 r_u->ptr = 1; 00844 00845 return r_u->status; 00846 }
static NTSTATUS make_user_sam_entry_list | ( | TALLOC_CTX * | ctx, | |
SAM_ENTRY ** | sam_pp, | |||
UNISTR2 ** | uni_name_pp, | |||
uint32 | num_entries, | |||
uint32 | start_idx, | |||
struct samr_displayentry * | entries | |||
) | [static] |
srv_samr_nt.c の 852 行で定義されています。
参照先 copy_unistr2()・init_sam_entry()・init_unistr2()・UNI_FLAGS_NONE・UNI_STR_TERMINATE.
00856 { 00857 uint32 i; 00858 SAM_ENTRY *sam; 00859 UNISTR2 *uni_name; 00860 00861 *sam_pp = NULL; 00862 *uni_name_pp = NULL; 00863 00864 if (num_entries == 0) 00865 return NT_STATUS_OK; 00866 00867 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_entries); 00868 00869 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_entries); 00870 00871 if (sam == NULL || uni_name == NULL) { 00872 DEBUG(0, ("make_user_sam_entry_list: TALLOC_ZERO failed!\n")); 00873 return NT_STATUS_NO_MEMORY; 00874 } 00875 00876 for (i = 0; i < num_entries; i++) { 00877 UNISTR2 uni_temp_name; 00878 /* 00879 * usrmgr expects a non-NULL terminated string with 00880 * trust relationships 00881 */ 00882 if (entries[i].acct_flags & ACB_DOMTRUST) { 00883 init_unistr2(&uni_temp_name, entries[i].account_name, 00884 UNI_FLAGS_NONE); 00885 } else { 00886 init_unistr2(&uni_temp_name, entries[i].account_name, 00887 UNI_STR_TERMINATE); 00888 } 00889 00890 init_sam_entry(&sam[i], &uni_temp_name, entries[i].rid); 00891 copy_unistr2(&uni_name[i], &uni_temp_name); 00892 } 00893 00894 *sam_pp = sam; 00895 *uni_name_pp = uni_name; 00896 return NT_STATUS_OK; 00897 }
NTSTATUS _samr_enum_dom_users | ( | pipes_struct * | p, | |
SAMR_Q_ENUM_DOM_USERS * | q_u, | |||
SAMR_R_ENUM_DOM_USERS * | r_u | |||
) |
srv_samr_nt.c の 903 行で定義されています。
参照先 q_samr_enum_dom_users_info::acb_mask・access_check_samr_function()・become_root()・find_policy_by_hnd()・get_remote_arch()・init_samr_r_enum_dom_users()・make_user_sam_entry_list()・pipes_struct::mem_ctx・pdb_search_destroy()・pdb_search_entries()・pdb_search_users()・q_samr_enum_dom_users_info::pol・ra_type・RA_WIN95・r_samr_enum_dom_users_info::sam・set_disp_info_cache_timeout()・q_samr_enum_dom_users_info::start_idx・r_samr_enum_dom_users_info::status・unbecome_root()・r_samr_enum_dom_users_info::uni_acct_name.
参照元 api_samr_enum_dom_users().
00905 { 00906 struct samr_info *info = NULL; 00907 int num_account; 00908 uint32 enum_context=q_u->start_idx; 00909 enum remote_arch_types ra_type = get_remote_arch(); 00910 int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; 00911 uint32 max_entries = max_sam_entries; 00912 struct samr_displayentry *entries = NULL; 00913 00914 r_u->status = NT_STATUS_OK; 00915 00916 /* find the policy handle. open a policy on it. */ 00917 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) 00918 return NT_STATUS_INVALID_HANDLE; 00919 00920 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, 00921 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, 00922 "_samr_enum_dom_users"))) { 00923 return r_u->status; 00924 } 00925 00926 DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); 00927 00928 if (info->builtin_domain) { 00929 /* No users in builtin. */ 00930 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0); 00931 DEBUG(5,("_samr_enum_dom_users: No users in BUILTIN\n")); 00932 return r_u->status; 00933 } 00934 00935 become_root(); 00936 00937 /* AS ROOT !!!! */ 00938 00939 if ((info->disp_info->enum_users != NULL) && 00940 (info->disp_info->enum_acb_mask != q_u->acb_mask)) { 00941 pdb_search_destroy(info->disp_info->enum_users); 00942 info->disp_info->enum_users = NULL; 00943 } 00944 00945 if (info->disp_info->enum_users == NULL) { 00946 info->disp_info->enum_users = pdb_search_users(q_u->acb_mask); 00947 info->disp_info->enum_acb_mask = q_u->acb_mask; 00948 } 00949 00950 if (info->disp_info->enum_users == NULL) { 00951 /* END AS ROOT !!!! */ 00952 unbecome_root(); 00953 return NT_STATUS_ACCESS_DENIED; 00954 } 00955 00956 num_account = pdb_search_entries(info->disp_info->enum_users, 00957 enum_context, max_entries, 00958 &entries); 00959 00960 /* END AS ROOT !!!! */ 00961 00962 unbecome_root(); 00963 00964 if (num_account == 0) { 00965 DEBUG(5, ("_samr_enum_dom_users: enumeration handle over " 00966 "total entries\n")); 00967 init_samr_r_enum_dom_users(r_u, q_u->start_idx, 0); 00968 return NT_STATUS_OK; 00969 } 00970 00971 r_u->status = make_user_sam_entry_list(p->mem_ctx, &r_u->sam, 00972 &r_u->uni_acct_name, 00973 num_account, enum_context, 00974 entries); 00975 00976 if (!NT_STATUS_IS_OK(r_u->status)) 00977 return r_u->status; 00978 00979 if (max_entries <= num_account) { 00980 r_u->status = STATUS_MORE_ENTRIES; 00981 } else { 00982 r_u->status = NT_STATUS_OK; 00983 } 00984 00985 /* Ensure we cache this enumeration. */ 00986 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); 00987 00988 DEBUG(5, ("_samr_enum_dom_users: %d\n", __LINE__)); 00989 00990 init_samr_r_enum_dom_users(r_u, q_u->start_idx + num_account, 00991 num_account); 00992 00993 DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); 00994 00995 return r_u->status; 00996 }
static void make_group_sam_entry_list | ( | TALLOC_CTX * | ctx, | |
SAM_ENTRY ** | sam_pp, | |||
UNISTR2 ** | uni_name_pp, | |||
uint32 | num_sam_entries, | |||
struct samr_displayentry * | entries | |||
) | [static] |
srv_samr_nt.c の 1002 行で定義されています。
参照先 samr_displayentry::account_name・init_sam_entry()・init_unistr2()・samr_displayentry::rid・UNI_STR_TERMINATE.
参照元 _samr_enum_dom_aliases()・_samr_enum_dom_groups().
01006 { 01007 uint32 i; 01008 SAM_ENTRY *sam; 01009 UNISTR2 *uni_name; 01010 01011 *sam_pp = NULL; 01012 *uni_name_pp = NULL; 01013 01014 if (num_sam_entries == 0) 01015 return; 01016 01017 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries); 01018 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries); 01019 01020 if (sam == NULL || uni_name == NULL) { 01021 DEBUG(0, ("NULL pointers in SAMR_R_QUERY_DISPINFO\n")); 01022 return; 01023 } 01024 01025 for (i = 0; i < num_sam_entries; i++) { 01026 /* 01027 * JRA. I think this should include the null. TNG does not. 01028 */ 01029 init_unistr2(&uni_name[i], entries[i].account_name, 01030 UNI_STR_TERMINATE); 01031 init_sam_entry(&sam[i], &uni_name[i], entries[i].rid); 01032 } 01033 01034 *sam_pp = sam; 01035 *uni_name_pp = uni_name; 01036 }
NTSTATUS _samr_enum_dom_groups | ( | pipes_struct * | p, | |
SAMR_Q_ENUM_DOM_GROUPS * | q_u, | |||
SAMR_R_ENUM_DOM_GROUPS * | r_u | |||
) |
srv_samr_nt.c の 1042 行で定義されています。
参照先 access_check_samr_function()・become_root()・find_policy_by_hnd()・init_samr_r_enum_dom_groups()・make_group_sam_entry_list()・pipes_struct::mem_ctx・pdb_search_entries()・pdb_search_groups()・q_samr_enum_dom_groups_info::pol・r_samr_enum_dom_groups_info::sam・set_disp_info_cache_timeout()・q_samr_enum_dom_groups_info::start_idx・r_samr_enum_dom_groups_info::status・unbecome_root()・r_samr_enum_dom_groups_info::uni_grp_name.
参照元 api_samr_enum_dom_groups().
01043 { 01044 struct samr_info *info = NULL; 01045 struct samr_displayentry *groups; 01046 uint32 num_groups; 01047 01048 r_u->status = NT_STATUS_OK; 01049 01050 /* find the policy handle. open a policy on it. */ 01051 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) 01052 return NT_STATUS_INVALID_HANDLE; 01053 01054 r_u->status = access_check_samr_function(info->acc_granted, 01055 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, 01056 "_samr_enum_dom_groups"); 01057 if (!NT_STATUS_IS_OK(r_u->status)) 01058 return r_u->status; 01059 01060 DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__)); 01061 01062 if (info->builtin_domain) { 01063 /* No groups in builtin. */ 01064 init_samr_r_enum_dom_groups(r_u, q_u->start_idx, 0); 01065 DEBUG(5,("_samr_enum_dom_users: No groups in BUILTIN\n")); 01066 return r_u->status; 01067 } 01068 01069 /* the domain group array is being allocated in the function below */ 01070 01071 become_root(); 01072 01073 if (info->disp_info->groups == NULL) { 01074 info->disp_info->groups = pdb_search_groups(); 01075 01076 if (info->disp_info->groups == NULL) { 01077 unbecome_root(); 01078 return NT_STATUS_ACCESS_DENIED; 01079 } 01080 } 01081 01082 num_groups = pdb_search_entries(info->disp_info->groups, q_u->start_idx, 01083 MAX_SAM_ENTRIES, &groups); 01084 unbecome_root(); 01085 01086 /* Ensure we cache this enumeration. */ 01087 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); 01088 01089 make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name, 01090 num_groups, groups); 01091 01092 init_samr_r_enum_dom_groups(r_u, q_u->start_idx, num_groups); 01093 01094 DEBUG(5,("samr_enum_dom_groups: %d\n", __LINE__)); 01095 01096 return r_u->status; 01097 }
NTSTATUS _samr_enum_dom_aliases | ( | pipes_struct * | p, | |
SAMR_Q_ENUM_DOM_ALIASES * | q_u, | |||
SAMR_R_ENUM_DOM_ALIASES * | r_u | |||
) |
srv_samr_nt.c の 1103 行で定義されています。
参照先 access_check_samr_function()・become_root()・find_policy_by_hnd()・init_samr_r_enum_dom_aliases()・make_group_sam_entry_list()・pipes_struct::mem_ctx・pdb_search_aliases()・pdb_search_entries()・q_samr_enum_dom_aliases_info::pol・r_samr_enum_dom_aliases_info::sam・set_disp_info_cache_timeout()・sid_string_static()・q_samr_enum_dom_aliases_info::start_idx・r_samr_enum_dom_aliases_info::status・unbecome_root()・r_samr_enum_dom_aliases_info::uni_grp_name.
参照元 api_samr_enum_dom_aliases().
01104 { 01105 struct samr_info *info; 01106 struct samr_displayentry *aliases; 01107 uint32 num_aliases = 0; 01108 01109 /* find the policy handle. open a policy on it. */ 01110 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) 01111 return NT_STATUS_INVALID_HANDLE; 01112 01113 r_u->status = access_check_samr_function(info->acc_granted, 01114 SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, 01115 "_samr_enum_dom_aliases"); 01116 if (!NT_STATUS_IS_OK(r_u->status)) 01117 return r_u->status; 01118 01119 DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", 01120 sid_string_static(&info->sid))); 01121 01122 become_root(); 01123 01124 if (info->disp_info->aliases == NULL) { 01125 info->disp_info->aliases = pdb_search_aliases(&info->sid); 01126 if (info->disp_info->aliases == NULL) { 01127 unbecome_root(); 01128 return NT_STATUS_ACCESS_DENIED; 01129 } 01130 } 01131 01132 num_aliases = pdb_search_entries(info->disp_info->aliases, q_u->start_idx, 01133 MAX_SAM_ENTRIES, &aliases); 01134 unbecome_root(); 01135 01136 /* Ensure we cache this enumeration. */ 01137 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); 01138 01139 make_group_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_grp_name, 01140 num_aliases, aliases); 01141 01142 init_samr_r_enum_dom_aliases(r_u, q_u->start_idx + num_aliases, 01143 num_aliases); 01144 01145 DEBUG(5,("samr_enum_dom_aliases: %d\n", __LINE__)); 01146 01147 return r_u->status; 01148 }
NTSTATUS _samr_query_dispinfo | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_DISPINFO * | q_u, | |||
SAMR_R_QUERY_DISPINFO * | r_u | |||
) |
srv_samr_nt.c の 1154 行で定義されています。
参照先 become_root()・q_samr_query_disp_info::domain_pol・find_policy_by_hnd()・get_remote_arch()・sam_dispinfo_ctr_info::info1・sam_dispinfo_ctr_info::info2・sam_dispinfo_ctr_info::info3・sam_dispinfo_ctr_info::info4・sam_dispinfo_ctr_info::info5・init_sam_dispinfo_1()・init_sam_dispinfo_2()・init_sam_dispinfo_3()・init_sam_dispinfo_4()・init_sam_dispinfo_5()・init_samr_r_query_dispinfo()・q_samr_query_disp_info::max_entries・q_samr_query_disp_info::max_size・pipes_struct::mem_ctx・pdb_search_entries()・pdb_search_groups()・pdb_search_users()・ra_type・RA_WIN95・sam_dispinfo_ctr_info::sam・set_disp_info_cache_timeout()・smb_panic()・q_samr_query_disp_info::start_idx・r_samr_query_dispinfo_info::status・q_samr_query_disp_info::switch_level・unbecome_root().
参照元 api_samr_query_dispinfo().
01156 { 01157 struct samr_info *info = NULL; 01158 uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */ 01159 01160 uint32 max_entries=q_u->max_entries; 01161 uint32 enum_context=q_u->start_idx; 01162 uint32 max_size=q_u->max_size; 01163 01164 SAM_DISPINFO_CTR *ctr; 01165 uint32 temp_size=0, total_data_size=0; 01166 NTSTATUS disp_ret = NT_STATUS_UNSUCCESSFUL; 01167 uint32 num_account = 0; 01168 enum remote_arch_types ra_type = get_remote_arch(); 01169 int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; 01170 struct samr_displayentry *entries = NULL; 01171 01172 DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__)); 01173 r_u->status = NT_STATUS_UNSUCCESSFUL; 01174 01175 /* find the policy handle. open a policy on it. */ 01176 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) 01177 return NT_STATUS_INVALID_HANDLE; 01178 01179 /* 01180 * calculate how many entries we will return. 01181 * based on 01182 * - the number of entries the client asked 01183 * - our limit on that 01184 * - the starting point (enumeration context) 01185 * - the buffer size the client will accept 01186 */ 01187 01188 /* 01189 * We are a lot more like W2K. Instead of reading the SAM 01190 * each time to find the records we need to send back, 01191 * we read it once and link that copy to the sam handle. 01192 * For large user list (over the MAX_SAM_ENTRIES) 01193 * it's a definitive win. 01194 * second point to notice: between enumerations 01195 * our sam is now the same as it's a snapshoot. 01196 * third point: got rid of the static SAM_USER_21 struct 01197 * no more intermediate. 01198 * con: it uses much more memory, as a full copy is stored 01199 * in memory. 01200 * 01201 * If you want to change it, think twice and think 01202 * of the second point , that's really important. 01203 * 01204 * JFM, 12/20/2001 01205 */ 01206 01207 if ((q_u->switch_level < 1) || (q_u->switch_level > 5)) { 01208 DEBUG(0,("_samr_query_dispinfo: Unknown info level (%u)\n", 01209 (unsigned int)q_u->switch_level )); 01210 return NT_STATUS_INVALID_INFO_CLASS; 01211 } 01212 01213 /* first limit the number of entries we will return */ 01214 if(max_entries > max_sam_entries) { 01215 DEBUG(5, ("samr_reply_query_dispinfo: client requested %d " 01216 "entries, limiting to %d\n", max_entries, 01217 max_sam_entries)); 01218 max_entries = max_sam_entries; 01219 } 01220 01221 /* calculate the size and limit on the number of entries we will 01222 * return */ 01223 01224 temp_size=max_entries*struct_size; 01225 01226 if (temp_size>max_size) { 01227 max_entries=MIN((max_size/struct_size),max_entries);; 01228 DEBUG(5, ("samr_reply_query_dispinfo: buffer size limits to " 01229 "only %d entries\n", max_entries)); 01230 } 01231 01232 if (!(ctr = TALLOC_ZERO_P(p->mem_ctx,SAM_DISPINFO_CTR))) 01233 return NT_STATUS_NO_MEMORY; 01234 01235 ZERO_STRUCTP(ctr); 01236 01237 become_root(); 01238 01239 /* THe following done as ROOT. Don't return without unbecome_root(). */ 01240 01241 switch (q_u->switch_level) { 01242 case 0x1: 01243 case 0x4: 01244 if (info->disp_info->users == NULL) { 01245 info->disp_info->users = pdb_search_users(ACB_NORMAL); 01246 if (info->disp_info->users == NULL) { 01247 unbecome_root(); 01248 return NT_STATUS_ACCESS_DENIED; 01249 } 01250 DEBUG(10,("samr_reply_query_dispinfo: starting user enumeration at index %u\n", 01251 (unsigned int)enum_context )); 01252 } else { 01253 DEBUG(10,("samr_reply_query_dispinfo: using cached user enumeration at index %u\n", 01254 (unsigned int)enum_context )); 01255 } 01256 01257 num_account = pdb_search_entries(info->disp_info->users, 01258 enum_context, max_entries, 01259 &entries); 01260 break; 01261 case 0x2: 01262 if (info->disp_info->machines == NULL) { 01263 info->disp_info->machines = 01264 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST); 01265 if (info->disp_info->machines == NULL) { 01266 unbecome_root(); 01267 return NT_STATUS_ACCESS_DENIED; 01268 } 01269 DEBUG(10,("samr_reply_query_dispinfo: starting machine enumeration at index %u\n", 01270 (unsigned int)enum_context )); 01271 } else { 01272 DEBUG(10,("samr_reply_query_dispinfo: using cached machine enumeration at index %u\n", 01273 (unsigned int)enum_context )); 01274 } 01275 01276 num_account = pdb_search_entries(info->disp_info->machines, 01277 enum_context, max_entries, 01278 &entries); 01279 break; 01280 case 0x3: 01281 case 0x5: 01282 if (info->disp_info->groups == NULL) { 01283 info->disp_info->groups = pdb_search_groups(); 01284 if (info->disp_info->groups == NULL) { 01285 unbecome_root(); 01286 return NT_STATUS_ACCESS_DENIED; 01287 } 01288 DEBUG(10,("samr_reply_query_dispinfo: starting group enumeration at index %u\n", 01289 (unsigned int)enum_context )); 01290 } else { 01291 DEBUG(10,("samr_reply_query_dispinfo: using cached group enumeration at index %u\n", 01292 (unsigned int)enum_context )); 01293 } 01294 01295 num_account = pdb_search_entries(info->disp_info->groups, 01296 enum_context, max_entries, 01297 &entries); 01298 break; 01299 default: 01300 unbecome_root(); 01301 smb_panic("info class changed"); 01302 break; 01303 } 01304 unbecome_root(); 01305 01306 /* Now create reply structure */ 01307 switch (q_u->switch_level) { 01308 case 0x1: 01309 disp_ret = init_sam_dispinfo_1(p->mem_ctx, &ctr->sam.info1, 01310 num_account, enum_context, 01311 entries); 01312 break; 01313 case 0x2: 01314 disp_ret = init_sam_dispinfo_2(p->mem_ctx, &ctr->sam.info2, 01315 num_account, enum_context, 01316 entries); 01317 break; 01318 case 0x3: 01319 disp_ret = init_sam_dispinfo_3(p->mem_ctx, &ctr->sam.info3, 01320 num_account, enum_context, 01321 entries); 01322 break; 01323 case 0x4: 01324 disp_ret = init_sam_dispinfo_4(p->mem_ctx, &ctr->sam.info4, 01325 num_account, enum_context, 01326 entries); 01327 break; 01328 case 0x5: 01329 disp_ret = init_sam_dispinfo_5(p->mem_ctx, &ctr->sam.info5, 01330 num_account, enum_context, 01331 entries); 01332 break; 01333 default: 01334 smb_panic("info class changed"); 01335 break; 01336 } 01337 01338 if (!NT_STATUS_IS_OK(disp_ret)) 01339 return disp_ret; 01340 01341 temp_size = num_account * struct_size; 01342 01343 if (num_account) { 01344 r_u->status = STATUS_MORE_ENTRIES; 01345 } else { 01346 r_u->status = NT_STATUS_OK; 01347 } 01348 01349 if (num_account < max_entries) { 01350 r_u->status = NT_STATUS_OK; 01351 } 01352 01353 /* Ensure we cache this enumeration. */ 01354 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); 01355 01356 DEBUG(5, ("_samr_query_dispinfo: %d\n", __LINE__)); 01357 01358 init_samr_r_query_dispinfo(r_u, num_account, total_data_size, 01359 temp_size, q_u->switch_level, ctr, 01360 r_u->status); 01361 01362 return r_u->status; 01363 01364 }
NTSTATUS _samr_query_aliasinfo | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_ALIASINFO * | q_u, | |||
SAMR_R_QUERY_ALIASINFO * | r_u | |||
) |
srv_samr_nt.c の 1370 行で定義されています。
参照先 access_check_samr_function()・acct_info::acct_desc・acct_info::acct_name・ALIAS_INFO_CTR::alias・become_root()・SAMR_R_QUERY_ALIASINFO::ctr・get_lsa_policy_samr_sid()・ALIAS_INFO_CTR::info1・ALIAS_INFO_CTR::info3・init_samr_alias_info1()・init_samr_alias_info3()・ALIAS_INFO_CTR::level・SAMR_Q_QUERY_ALIASINFO::level・pipes_struct::mem_ctx・pdb_get_aliasinfo()・SAMR_Q_QUERY_ALIASINFO::pol・SAMR_R_QUERY_ALIASINFO::status・unbecome_root().
参照元 api_samr_query_aliasinfo().
01371 { 01372 DOM_SID sid; 01373 struct acct_info info; 01374 uint32 acc_granted; 01375 BOOL ret; 01376 01377 r_u->status = NT_STATUS_OK; 01378 01379 DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__)); 01380 01381 /* find the policy handle. open a policy on it. */ 01382 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL)) 01383 return NT_STATUS_INVALID_HANDLE; 01384 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_LOOKUP_INFO, "_samr_query_aliasinfo"))) { 01385 return r_u->status; 01386 } 01387 01388 become_root(); 01389 ret = pdb_get_aliasinfo(&sid, &info); 01390 unbecome_root(); 01391 01392 if ( !ret ) 01393 return NT_STATUS_NO_SUCH_ALIAS; 01394 01395 if ( !(r_u->ctr = TALLOC_ZERO_P( p->mem_ctx, ALIAS_INFO_CTR )) ) 01396 return NT_STATUS_NO_MEMORY; 01397 01398 01399 switch (q_u->level ) { 01400 case 1: 01401 r_u->ctr->level = 1; 01402 init_samr_alias_info1(&r_u->ctr->alias.info1, info.acct_name, 1, info.acct_desc); 01403 break; 01404 case 3: 01405 r_u->ctr->level = 3; 01406 init_samr_alias_info3(&r_u->ctr->alias.info3, info.acct_desc); 01407 break; 01408 default: 01409 return NT_STATUS_INVALID_INFO_CLASS; 01410 } 01411 01412 DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__)); 01413 01414 return r_u->status; 01415 }
uint32 _samr_lookup_ids | ( | pipes_struct * | p, | |
SAMR_Q_LOOKUP_IDS * | q_u, | |||
SAMR_R_LOOKUP_IDS * | r_u | |||
) |
srv_samr_nt.c の 1422 行で定義されています。
参照先 become_root()・acct_info::rid・status・unbecome_root()・user_name.
01423 { 01424 uint32 rid[MAX_SAM_ENTRIES]; 01425 int num_rids = q_u->num_sids1; 01426 01427 r_u->status = NT_STATUS_OK; 01428 01429 DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__)); 01430 01431 if (num_rids > MAX_SAM_ENTRIES) { 01432 num_rids = MAX_SAM_ENTRIES; 01433 DEBUG(5,("_samr_lookup_ids: truncating entries to %d\n", num_rids)); 01434 } 01435 01436 #if 0 01437 int i; 01438 SMB_ASSERT_ARRAY(q_u->uni_user_name, num_rids); 01439 01440 for (i = 0; i < num_rids && status == 0; i++) 01441 { 01442 struct sam_passwd *sam_pass; 01443 fstring user_name; 01444 01445 01446 fstrcpy(user_name, unistrn2(q_u->uni_user_name[i].buffer, 01447 q_u->uni_user_name[i].uni_str_len)); 01448 01449 /* find the user account */ 01450 become_root(); 01451 sam_pass = get_smb21pwd_entry(user_name, 0); 01452 unbecome_root(); 01453 01454 if (sam_pass == NULL) 01455 { 01456 status = 0xC0000000 | NT_STATUS_NO_SUCH_USER; 01457 rid[i] = 0; 01458 } 01459 else 01460 { 01461 rid[i] = sam_pass->user_rid; 01462 } 01463 } 01464 #endif 01465 01466 num_rids = 1; 01467 rid[0] = BUILTIN_ALIAS_RID_USERS; 01468 01469 init_samr_r_lookup_ids(&r_u, num_rids, rid, NT_STATUS_OK); 01470 01471 DEBUG(5,("_samr_lookup_ids: %d\n", __LINE__)); 01472 01473 return r_u->status; 01474 }
NTSTATUS _samr_lookup_names | ( | pipes_struct * | p, | |
SAMR_Q_LOOKUP_NAMES * | q_u, | |||
SAMR_R_LOOKUP_NAMES * | r_u | |||
) |
srv_samr_nt.c の 1481 行で定義されています。
参照先 access_check_samr_function()・UNISTR2::buffer・get_lsa_policy_samr_sid()・init_samr_r_lookup_names()・lookup_builtin_name()・lookup_global_sam_name()・pipes_struct::mem_ctx・name・q_samr_lookup_names_info::num_names2・q_samr_lookup_names_info::pol・acct_info::rid・rpcstr_pull()・sid_check_is_builtin()・SID_NAME_ALIAS・SID_NAME_UNKNOWN・sid_to_string()・r_samr_lookup_names_info::status・type・q_samr_lookup_names_info::uni_name・UNISTR2::uni_str_len.
01482 { 01483 uint32 rid[MAX_SAM_ENTRIES]; 01484 enum lsa_SidType type[MAX_SAM_ENTRIES]; 01485 int i; 01486 int num_rids = q_u->num_names2; 01487 DOM_SID pol_sid; 01488 fstring sid_str; 01489 uint32 acc_granted; 01490 01491 r_u->status = NT_STATUS_OK; 01492 01493 DEBUG(5,("_samr_lookup_names: %d\n", __LINE__)); 01494 01495 ZERO_ARRAY(rid); 01496 ZERO_ARRAY(type); 01497 01498 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) { 01499 init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH); 01500 return r_u->status; 01501 } 01502 01503 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, 0, "_samr_lookup_names"))) { /* Don't know the acc_bits yet */ 01504 return r_u->status; 01505 } 01506 01507 if (num_rids > MAX_SAM_ENTRIES) { 01508 num_rids = MAX_SAM_ENTRIES; 01509 DEBUG(5,("_samr_lookup_names: truncating entries to %d\n", num_rids)); 01510 } 01511 01512 DEBUG(5,("_samr_lookup_names: looking name on SID %s\n", sid_to_string(sid_str, &pol_sid))); 01513 01514 for (i = 0; i < num_rids; i++) { 01515 fstring name; 01516 int ret; 01517 01518 r_u->status = NT_STATUS_NONE_MAPPED; 01519 type[i] = SID_NAME_UNKNOWN; 01520 01521 rid [i] = 0xffffffff; 01522 01523 ret = rpcstr_pull(name, q_u->uni_name[i].buffer, sizeof(name), q_u->uni_name[i].uni_str_len*2, 0); 01524 01525 if (ret <= 0) { 01526 continue; 01527 } 01528 01529 if (sid_check_is_builtin(&pol_sid)) { 01530 if (lookup_builtin_name(name, &rid[i])) { 01531 type[i] = SID_NAME_ALIAS; 01532 } 01533 } else { 01534 lookup_global_sam_name(name, 0, &rid[i], &type[i]); 01535 } 01536 01537 if (type[i] != SID_NAME_UNKNOWN) { 01538 r_u->status = NT_STATUS_OK; 01539 } 01540 } 01541 01542 init_samr_r_lookup_names(p->mem_ctx, r_u, num_rids, rid, type, r_u->status); 01543 01544 DEBUG(5,("_samr_lookup_names: %d\n", __LINE__)); 01545 01546 return r_u->status; 01547 }
NTSTATUS _samr_chgpasswd_user | ( | pipes_struct * | p, | |
SAMR_Q_CHGPASSWD_USER * | q_u, | |||
SAMR_R_CHGPASSWD_USER * | r_u | |||
) |
srv_samr_nt.c の 1553 行で定義されています。
参照先 UNISTR2::buffer・enc_hash_info::hash・init_samr_r_chgpasswd_user()・q_samr_chgpasswd_user_info::lm_newpass・q_samr_chgpasswd_user_info::lm_oldhash・map_username()・q_samr_chgpasswd_user_info::nt_newpass・q_samr_chgpasswd_user_info::nt_oldhash・enc_passwd_info::pass・pass_oem_change()・rpcstr_pull()・r_samr_chgpasswd_user_info::status・q_samr_chgpasswd_user_info::uni_dest_host・UNISTR2::uni_str_len・q_samr_chgpasswd_user_info::uni_user_name・user_name.
参照元 api_samr_chgpasswd_user().
01554 { 01555 fstring user_name; 01556 fstring wks; 01557 01558 DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__)); 01559 01560 r_u->status = NT_STATUS_OK; 01561 01562 rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0); 01563 rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0); 01564 01565 DEBUG(5,("samr_chgpasswd_user: user: %s wks: %s\n", user_name, wks)); 01566 01567 /* 01568 * Pass the user through the NT -> unix user mapping 01569 * function. 01570 */ 01571 01572 (void)map_username(user_name); 01573 01574 /* 01575 * UNIX username case mangling not required, pass_oem_change 01576 * is case insensitive. 01577 */ 01578 01579 r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash, 01580 q_u->nt_newpass.pass, q_u->nt_oldhash.hash, NULL); 01581 01582 init_samr_r_chgpasswd_user(r_u, r_u->status); 01583 01584 DEBUG(5,("_samr_chgpasswd_user: %d\n", __LINE__)); 01585 01586 return r_u->status; 01587 }
NTSTATUS _samr_chgpasswd_user3 | ( | pipes_struct * | p, | |
SAMR_Q_CHGPASSWD_USER3 * | q_u, | |||
SAMR_R_CHGPASSWD_USER3 * | r_u | |||
) |
srv_samr_nt.c の 1593 行で定義されています。
参照先 become_root()・UNISTR2::buffer・enc_hash_info::hash・init_samr_r_chgpasswd_user3()・init_unk_info1()・q_samr_chgpasswd_user3::lm_newpass・q_samr_chgpasswd_user3::lm_oldhash・map_username()・pipes_struct::mem_ctx・q_samr_chgpasswd_user3::nt_newpass・q_samr_chgpasswd_user3::nt_oldhash・enc_passwd_info::pass・pass_oem_change()・pdb_get_account_policy()・samr_change_reject::reject_reason・rpcstr_pull()・r_samr_chgpasswd_user3::status・unbecome_root()・q_samr_chgpasswd_user3::uni_dest_host・UNISTR2::uni_str_len・q_samr_chgpasswd_user3::uni_user_name・unix_to_nt_time_abs()・user_name.
参照元 api_samr_chgpasswd_user3().
01594 { 01595 fstring user_name; 01596 fstring wks; 01597 uint32 reject_reason; 01598 SAM_UNK_INFO_1 *info = NULL; 01599 SAMR_CHANGE_REJECT *reject = NULL; 01600 01601 DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__)); 01602 01603 rpcstr_pull(user_name, q_u->uni_user_name.buffer, sizeof(user_name), q_u->uni_user_name.uni_str_len*2, 0); 01604 rpcstr_pull(wks, q_u->uni_dest_host.buffer, sizeof(wks), q_u->uni_dest_host.uni_str_len*2,0); 01605 01606 DEBUG(5,("_samr_chgpasswd_user3: user: %s wks: %s\n", user_name, wks)); 01607 01608 /* 01609 * Pass the user through the NT -> unix user mapping 01610 * function. 01611 */ 01612 01613 (void)map_username(user_name); 01614 01615 /* 01616 * UNIX username case mangling not required, pass_oem_change 01617 * is case insensitive. 01618 */ 01619 01620 r_u->status = pass_oem_change(user_name, q_u->lm_newpass.pass, q_u->lm_oldhash.hash, 01621 q_u->nt_newpass.pass, q_u->nt_oldhash.hash, &reject_reason); 01622 01623 if (NT_STATUS_EQUAL(r_u->status, NT_STATUS_PASSWORD_RESTRICTION) || 01624 NT_STATUS_EQUAL(r_u->status, NT_STATUS_ACCOUNT_RESTRICTION)) { 01625 01626 uint32 min_pass_len,pass_hist,password_properties; 01627 time_t u_expire, u_min_age; 01628 NTTIME nt_expire, nt_min_age; 01629 uint32 account_policy_temp; 01630 01631 if ((info = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_INFO_1)) == NULL) { 01632 return NT_STATUS_NO_MEMORY; 01633 } 01634 01635 if ((reject = TALLOC_ZERO_P(p->mem_ctx, SAMR_CHANGE_REJECT)) == NULL) { 01636 return NT_STATUS_NO_MEMORY; 01637 } 01638 01639 ZERO_STRUCTP(info); 01640 ZERO_STRUCTP(reject); 01641 01642 become_root(); 01643 01644 /* AS ROOT !!! */ 01645 01646 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp); 01647 min_pass_len = account_policy_temp; 01648 01649 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp); 01650 pass_hist = account_policy_temp; 01651 01652 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp); 01653 password_properties = account_policy_temp; 01654 01655 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp); 01656 u_expire = account_policy_temp; 01657 01658 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp); 01659 u_min_age = account_policy_temp; 01660 01661 /* !AS ROOT */ 01662 01663 unbecome_root(); 01664 01665 unix_to_nt_time_abs(&nt_expire, u_expire); 01666 unix_to_nt_time_abs(&nt_min_age, u_min_age); 01667 01668 init_unk_info1(info, (uint16)min_pass_len, (uint16)pass_hist, 01669 password_properties, nt_expire, nt_min_age); 01670 01671 reject->reject_reason = reject_reason; 01672 } 01673 01674 init_samr_r_chgpasswd_user3(r_u, r_u->status, reject, info); 01675 01676 DEBUG(5,("_samr_chgpasswd_user3: %d\n", __LINE__)); 01677 01678 return r_u->status; 01679 }
static BOOL make_samr_lookup_rids | ( | TALLOC_CTX * | ctx, | |
uint32 | num_names, | |||
const char ** | names, | |||
UNIHDR ** | pp_hdr_name, | |||
UNISTR2 ** | pp_uni_name | |||
) | [static] |
srv_samr_nt.c の 1685 行で定義されています。
参照先 init_uni_hdr()・init_unistr2()・UNI_FLAGS_NONE.
参照元 _samr_lookup_rids().
01688 { 01689 uint32 i; 01690 UNIHDR *hdr_name=NULL; 01691 UNISTR2 *uni_name=NULL; 01692 01693 *pp_uni_name = NULL; 01694 *pp_hdr_name = NULL; 01695 01696 if (num_names != 0) { 01697 hdr_name = TALLOC_ZERO_ARRAY(ctx, UNIHDR, num_names); 01698 if (hdr_name == NULL) 01699 return False; 01700 01701 uni_name = TALLOC_ZERO_ARRAY(ctx,UNISTR2, num_names); 01702 if (uni_name == NULL) 01703 return False; 01704 } 01705 01706 for (i = 0; i < num_names; i++) { 01707 DEBUG(10, ("names[%d]:%s\n", i, names[i] && *names[i] ? names[i] : "")); 01708 init_unistr2(&uni_name[i], names[i], UNI_FLAGS_NONE); 01709 init_uni_hdr(&hdr_name[i], &uni_name[i]); 01710 } 01711 01712 *pp_uni_name = uni_name; 01713 *pp_hdr_name = hdr_name; 01714 01715 return True; 01716 }
NTSTATUS _samr_lookup_rids | ( | pipes_struct * | p, | |
SAMR_Q_LOOKUP_RIDS * | q_u, | |||
SAMR_R_LOOKUP_RIDS * | r_u | |||
) |
srv_samr_nt.c の 1722 行で定義されています。
参照先 become_root()・get_lsa_policy_samr_sid()・init_samr_r_lookup_rids()・make_samr_lookup_rids()・pipes_struct::mem_ctx・q_samr_lookup_rids_info::num_rids1・pdb_lookup_rids()・q_samr_lookup_rids_info::pol・q_samr_lookup_rids_info::rid・r_samr_lookup_rids_info::status・unbecome_root().
01723 { 01724 const char **names; 01725 enum lsa_SidType *attrs = NULL; 01726 uint32 *wire_attrs = NULL; 01727 UNIHDR *hdr_name = NULL; 01728 UNISTR2 *uni_name = NULL; 01729 DOM_SID pol_sid; 01730 int num_rids = (int)q_u->num_rids1; 01731 uint32 acc_granted; 01732 int i; 01733 01734 r_u->status = NT_STATUS_OK; 01735 01736 DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__)); 01737 01738 /* find the policy handle. open a policy on it. */ 01739 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL)) 01740 return NT_STATUS_INVALID_HANDLE; 01741 01742 if (num_rids > 1000) { 01743 DEBUG(0, ("Got asked for %d rids (more than 1000) -- according " 01744 "to samba4 idl this is not possible\n", num_rids)); 01745 return NT_STATUS_UNSUCCESSFUL; 01746 } 01747 01748 if (num_rids) { 01749 names = TALLOC_ZERO_ARRAY(p->mem_ctx, const char *, num_rids); 01750 attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, enum lsa_SidType, num_rids); 01751 wire_attrs = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_rids); 01752 01753 if ((names == NULL) || (attrs == NULL) || (wire_attrs==NULL)) 01754 return NT_STATUS_NO_MEMORY; 01755 } else { 01756 names = NULL; 01757 attrs = NULL; 01758 wire_attrs = NULL; 01759 } 01760 01761 become_root(); /* lookup_sid can require root privs */ 01762 r_u->status = pdb_lookup_rids(&pol_sid, num_rids, q_u->rid, 01763 names, attrs); 01764 unbecome_root(); 01765 01766 if ( NT_STATUS_EQUAL(r_u->status, NT_STATUS_NONE_MAPPED) && (num_rids == 0) ) { 01767 r_u->status = NT_STATUS_OK; 01768 } 01769 01770 if(!make_samr_lookup_rids(p->mem_ctx, num_rids, names, 01771 &hdr_name, &uni_name)) 01772 return NT_STATUS_NO_MEMORY; 01773 01774 /* Convert from enum lsa_SidType to uint32 for wire format. */ 01775 for (i = 0; i < num_rids; i++) { 01776 wire_attrs[i] = (uint32)attrs[i]; 01777 } 01778 01779 init_samr_r_lookup_rids(r_u, num_rids, hdr_name, uni_name, wire_attrs); 01780 01781 DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__)); 01782 01783 return r_u->status; 01784 }
NTSTATUS _samr_open_user | ( | pipes_struct * | p, | |
SAMR_Q_OPEN_USER * | q_u, | |||
SAMR_R_OPEN_USER * | r_u | |||
) |
srv_samr_nt.c の 1790 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・access_check_samr_object()・q_samr_open_user_info::access_mask・become_root()・create_policy_hnd()・q_samr_open_user_info::domain_pol・free_samr_info()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pdb_getsampwsid()・pipes_struct::pipe_user・samu_new()・se_add_users・se_machine_account・se_map_generic()・se_priv_add()・se_priv_copy()・samr_info::sid・sid_append_rid()・r_samr_open_user_info::status・unbecome_root()・r_samr_open_user_info::user_pol・q_samr_open_user_info::user_rid・usr_generic_mapping.
参照元 api_samr_open_user().
01791 { 01792 struct samu *sampass=NULL; 01793 DOM_SID sid; 01794 POLICY_HND domain_pol = q_u->domain_pol; 01795 POLICY_HND *user_pol = &r_u->user_pol; 01796 struct samr_info *info = NULL; 01797 SEC_DESC *psd = NULL; 01798 uint32 acc_granted; 01799 uint32 des_access = q_u->access_mask; 01800 size_t sd_size; 01801 BOOL ret; 01802 NTSTATUS nt_status; 01803 SE_PRIV se_rights; 01804 01805 r_u->status = NT_STATUS_OK; 01806 01807 /* find the domain policy handle and get domain SID / access bits in the domain policy. */ 01808 01809 if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) 01810 return NT_STATUS_INVALID_HANDLE; 01811 01812 nt_status = access_check_samr_function( acc_granted, 01813 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_user" ); 01814 01815 if ( !NT_STATUS_IS_OK(nt_status) ) 01816 return nt_status; 01817 01818 if ( !(sampass = samu_new( p->mem_ctx )) ) { 01819 return NT_STATUS_NO_MEMORY; 01820 } 01821 01822 /* append the user's RID to it */ 01823 01824 if (!sid_append_rid(&sid, q_u->user_rid)) 01825 return NT_STATUS_NO_SUCH_USER; 01826 01827 /* check if access can be granted as requested by client. */ 01828 01829 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW); 01830 se_map_generic(&des_access, &usr_generic_mapping); 01831 01832 se_priv_copy( &se_rights, &se_machine_account ); 01833 se_priv_add( &se_rights, &se_add_users ); 01834 01835 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 01836 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, 01837 &acc_granted, "_samr_open_user"); 01838 01839 if ( !NT_STATUS_IS_OK(nt_status) ) 01840 return nt_status; 01841 01842 become_root(); 01843 ret=pdb_getsampwsid(sampass, &sid); 01844 unbecome_root(); 01845 01846 /* check that the SID exists in our domain. */ 01847 if (ret == False) { 01848 return NT_STATUS_NO_SUCH_USER; 01849 } 01850 01851 TALLOC_FREE(sampass); 01852 01853 /* associate the user's SID and access bits with the new handle. */ 01854 if ((info = get_samr_info_by_sid(&sid)) == NULL) 01855 return NT_STATUS_NO_MEMORY; 01856 info->acc_granted = acc_granted; 01857 01858 /* get a (unique) handle. open a policy on it. */ 01859 if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) 01860 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 01861 01862 return r_u->status; 01863 }
static NTSTATUS get_user_info_7 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_7 * | id7, | |||
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 1869 行で定義されています。
参照先 become_root()・init_sam_user_info7()・pdb_get_username()・pdb_getsampwsid()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
01870 { 01871 struct samu *smbpass=NULL; 01872 BOOL ret; 01873 01874 if ( !(smbpass = samu_new( mem_ctx )) ) { 01875 return NT_STATUS_NO_MEMORY; 01876 } 01877 01878 become_root(); 01879 ret = pdb_getsampwsid(smbpass, user_sid); 01880 unbecome_root(); 01881 01882 if ( !ret ) { 01883 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 01884 return NT_STATUS_NO_SUCH_USER; 01885 } 01886 01887 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) )); 01888 01889 ZERO_STRUCTP(id7); 01890 init_sam_user_info7(id7, pdb_get_username(smbpass) ); 01891 01892 TALLOC_FREE(smbpass); 01893 01894 return NT_STATUS_OK; 01895 }
static NTSTATUS get_user_info_9 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_9 * | id9, | |||
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 1900 行で定義されています。
参照先 become_root()・init_sam_user_info9()・pdb_get_group_rid()・pdb_get_username()・pdb_getsampwsid()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
01901 { 01902 struct samu *smbpass=NULL; 01903 BOOL ret; 01904 01905 if ( !(smbpass = samu_new( mem_ctx )) ) { 01906 return NT_STATUS_NO_MEMORY; 01907 } 01908 01909 become_root(); 01910 ret = pdb_getsampwsid(smbpass, user_sid); 01911 unbecome_root(); 01912 01913 if (ret==False) { 01914 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 01915 return NT_STATUS_NO_SUCH_USER; 01916 } 01917 01918 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) )); 01919 01920 ZERO_STRUCTP(id9); 01921 init_sam_user_info9(id9, pdb_get_group_rid(smbpass) ); 01922 01923 TALLOC_FREE(smbpass); 01924 01925 return NT_STATUS_OK; 01926 }
static NTSTATUS get_user_info_16 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_16 * | id16, | |||
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 1932 行で定義されています。
参照先 become_root()・init_sam_user_info16()・pdb_get_acct_ctrl()・pdb_get_username()・pdb_getsampwsid()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
01933 { 01934 struct samu *smbpass=NULL; 01935 BOOL ret; 01936 01937 if ( !(smbpass = samu_new( mem_ctx )) ) { 01938 return NT_STATUS_NO_MEMORY; 01939 } 01940 01941 become_root(); 01942 ret = pdb_getsampwsid(smbpass, user_sid); 01943 unbecome_root(); 01944 01945 if (ret==False) { 01946 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 01947 return NT_STATUS_NO_SUCH_USER; 01948 } 01949 01950 DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) )); 01951 01952 ZERO_STRUCTP(id16); 01953 init_sam_user_info16(id16, pdb_get_acct_ctrl(smbpass) ); 01954 01955 TALLOC_FREE(smbpass); 01956 01957 return NT_STATUS_OK; 01958 }
static NTSTATUS get_user_info_18 | ( | pipes_struct * | p, | |
TALLOC_CTX * | mem_ctx, | |||
SAM_USER_INFO_18 * | id18, | |||
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 1966 行で定義されています。
参照先 pipes_struct::auth・pipe_auth_data::auth_level・pipe_auth_data::auth_type・init_sam_user_info18()・pdb_get_acct_ctrl()・pdb_get_lanman_passwd()・pdb_get_nt_passwd()・pdb_get_username()・pdb_getsampwsid()・PIPE_AUTH_LEVEL_PRIVACY・PIPE_AUTH_TYPE_NTLMSSP・PIPE_AUTH_TYPE_SPNEGO_NTLMSSP・samu_new()・sid_string_static()・samu::user_sid.
01967 { 01968 struct samu *smbpass=NULL; 01969 BOOL ret; 01970 01971 if (p->auth.auth_type != PIPE_AUTH_TYPE_NTLMSSP || p->auth.auth_type != PIPE_AUTH_TYPE_SPNEGO_NTLMSSP) { 01972 return NT_STATUS_ACCESS_DENIED; 01973 } 01974 01975 if (p->auth.auth_level != PIPE_AUTH_LEVEL_PRIVACY) { 01976 return NT_STATUS_ACCESS_DENIED; 01977 } 01978 01979 /* 01980 * Do *NOT* do become_root()/unbecome_root() here ! JRA. 01981 */ 01982 01983 if ( !(smbpass = samu_new( mem_ctx )) ) { 01984 return NT_STATUS_NO_MEMORY; 01985 } 01986 01987 ret = pdb_getsampwsid(smbpass, user_sid); 01988 01989 if (ret == False) { 01990 DEBUG(4, ("User %s not found\n", sid_string_static(user_sid))); 01991 TALLOC_FREE(smbpass); 01992 return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED; 01993 } 01994 01995 DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) )); 01996 01997 if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) { 01998 TALLOC_FREE(smbpass); 01999 return NT_STATUS_ACCOUNT_DISABLED; 02000 } 02001 02002 ZERO_STRUCTP(id18); 02003 init_sam_user_info18(id18, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass)); 02004 02005 TALLOC_FREE(smbpass); 02006 02007 return NT_STATUS_OK; 02008 }
static NTSTATUS get_user_info_20 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_20 * | id20, | |||
DOM_SID * | user_sid | |||
) | [static] |
srv_samr_nt.c の 2014 行で定義されています。
参照先 become_root()・init_sam_user_info20A()・pdb_get_username()・pdb_getsampwsid()・samr_clear_sam_passwd()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
02015 { 02016 struct samu *sampass=NULL; 02017 BOOL ret; 02018 02019 if ( !(sampass = samu_new( mem_ctx )) ) { 02020 return NT_STATUS_NO_MEMORY; 02021 } 02022 02023 become_root(); 02024 ret = pdb_getsampwsid(sampass, user_sid); 02025 unbecome_root(); 02026 02027 if (ret == False) { 02028 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 02029 return NT_STATUS_NO_SUCH_USER; 02030 } 02031 02032 samr_clear_sam_passwd(sampass); 02033 02034 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) )); 02035 02036 ZERO_STRUCTP(id20); 02037 init_sam_user_info20A(id20, sampass); 02038 02039 TALLOC_FREE(sampass); 02040 02041 return NT_STATUS_OK; 02042 }
static NTSTATUS get_user_info_21 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_21 * | id21, | |||
DOM_SID * | user_sid, | |||
DOM_SID * | domain_sid | |||
) | [static] |
srv_samr_nt.c の 2048 行で定義されています。
参照先 become_root()・domain_sid・init_sam_user_info21A()・pdb_get_username()・pdb_getsampwsid()・samr_clear_sam_passwd()・samu_new()・sid_string_static()・unbecome_root()・samu::user_sid.
02050 { 02051 struct samu *sampass=NULL; 02052 BOOL ret; 02053 NTSTATUS nt_status; 02054 02055 if ( !(sampass = samu_new( mem_ctx )) ) { 02056 return NT_STATUS_NO_MEMORY; 02057 } 02058 02059 become_root(); 02060 ret = pdb_getsampwsid(sampass, user_sid); 02061 unbecome_root(); 02062 02063 if (ret == False) { 02064 DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); 02065 return NT_STATUS_NO_SUCH_USER; 02066 } 02067 02068 samr_clear_sam_passwd(sampass); 02069 02070 DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) )); 02071 02072 ZERO_STRUCTP(id21); 02073 nt_status = init_sam_user_info21A(id21, sampass, domain_sid); 02074 02075 TALLOC_FREE(sampass); 02076 02077 return nt_status; 02078 }
NTSTATUS _samr_query_userinfo | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_USERINFO * | q_u, | |||
SAMR_R_QUERY_USERINFO * | r_u | |||
) |
srv_samr_nt.c の 2084 行で定義されています。
参照先 domain_sid・find_policy_by_hnd()・get_user_info_16()・get_user_info_18()・get_user_info_20()・get_user_info_21()・get_user_info_7()・get_user_info_9()・sam_userinfo_ctr_info::id16・sam_userinfo_ctr_info::id18・sam_userinfo_ctr_info::id20・sam_userinfo_ctr_info::id21・sam_userinfo_ctr_info::id7・sam_userinfo_ctr_info::id9・sam_userinfo_ctr_info::info・init_samr_r_query_userinfo()・pipes_struct::mem_ctx・q_samr_query_user_info::pol・sid_check_is_in_our_domain()・sid_split_rid()・sid_string_static()・r_samr_query_user_info::status・q_samr_query_user_info::switch_value・sam_userinfo_ctr_info::switch_value.
参照元 api_samr_query_userinfo().
02085 { 02086 SAM_USERINFO_CTR *ctr; 02087 struct samr_info *info = NULL; 02088 DOM_SID domain_sid; 02089 uint32 rid; 02090 02091 r_u->status=NT_STATUS_OK; 02092 02093 /* search for the handle */ 02094 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) 02095 return NT_STATUS_INVALID_HANDLE; 02096 02097 domain_sid = info->sid; 02098 02099 sid_split_rid(&domain_sid, &rid); 02100 02101 if (!sid_check_is_in_our_domain(&info->sid)) 02102 return NT_STATUS_OBJECT_TYPE_MISMATCH; 02103 02104 DEBUG(5,("_samr_query_userinfo: sid:%s\n", sid_string_static(&info->sid))); 02105 02106 ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_USERINFO_CTR); 02107 if (!ctr) 02108 return NT_STATUS_NO_MEMORY; 02109 02110 ZERO_STRUCTP(ctr); 02111 02112 /* ok! user info levels (lots: see MSDEV help), off we go... */ 02113 ctr->switch_value = q_u->switch_value; 02114 02115 DEBUG(5,("_samr_query_userinfo: user info level: %d\n", q_u->switch_value)); 02116 02117 switch (q_u->switch_value) { 02118 case 7: 02119 ctr->info.id7 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_7); 02120 if (ctr->info.id7 == NULL) 02121 return NT_STATUS_NO_MEMORY; 02122 02123 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_7(p->mem_ctx, ctr->info.id7, &info->sid))) 02124 return r_u->status; 02125 break; 02126 case 9: 02127 ctr->info.id9 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_9); 02128 if (ctr->info.id9 == NULL) 02129 return NT_STATUS_NO_MEMORY; 02130 02131 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_9(p->mem_ctx, ctr->info.id9, &info->sid))) 02132 return r_u->status; 02133 break; 02134 case 16: 02135 ctr->info.id16 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_16); 02136 if (ctr->info.id16 == NULL) 02137 return NT_STATUS_NO_MEMORY; 02138 02139 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_16(p->mem_ctx, ctr->info.id16, &info->sid))) 02140 return r_u->status; 02141 break; 02142 02143 case 18: 02144 ctr->info.id18 = TALLOC_ZERO_P(p->mem_ctx, SAM_USER_INFO_18); 02145 if (ctr->info.id18 == NULL) 02146 return NT_STATUS_NO_MEMORY; 02147 02148 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_18(p, p->mem_ctx, ctr->info.id18, &info->sid))) 02149 return r_u->status; 02150 break; 02151 02152 case 20: 02153 ctr->info.id20 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_20); 02154 if (ctr->info.id20 == NULL) 02155 return NT_STATUS_NO_MEMORY; 02156 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_20(p->mem_ctx, ctr->info.id20, &info->sid))) 02157 return r_u->status; 02158 break; 02159 02160 case 21: 02161 ctr->info.id21 = TALLOC_ZERO_P(p->mem_ctx,SAM_USER_INFO_21); 02162 if (ctr->info.id21 == NULL) 02163 return NT_STATUS_NO_MEMORY; 02164 if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, 02165 &info->sid, &domain_sid))) 02166 return r_u->status; 02167 break; 02168 02169 default: 02170 return NT_STATUS_INVALID_INFO_CLASS; 02171 } 02172 02173 init_samr_r_query_userinfo(r_u, ctr, r_u->status); 02174 02175 DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__)); 02176 02177 return r_u->status; 02178 }
NTSTATUS _samr_query_usergroups | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_USERGROUPS * | q_u, | |||
SAMR_R_QUERY_USERGROUPS * | r_u | |||
) |
srv_samr_nt.c の 2184 行で定義されています。
参照先 access_check_samr_function()・DOM_GID::attr・become_root()・DOM_GID::g_rid・get_global_sam_sid()・get_lsa_policy_samr_sid()・pipes_struct::mem_ctx・pdb_enum_group_memberships()・pdb_get_group_sid()・pdb_get_username()・pdb_getsampwsid()・q_samr_query_usergroup_info::pol・result・samu_new()・sid_check_is_in_our_domain()・sid_peek_check_rid()・sid_string_static()・r_samr_query_usergroup_info::status・unbecome_root().
参照元 api_samr_query_usergroups().
02185 { 02186 struct samu *sam_pass=NULL; 02187 DOM_SID sid; 02188 DOM_SID *sids; 02189 DOM_GID dom_gid; 02190 DOM_GID *gids = NULL; 02191 uint32 primary_group_rid; 02192 size_t num_groups = 0; 02193 gid_t *unix_gids; 02194 size_t i, num_gids; 02195 uint32 acc_granted; 02196 BOOL ret; 02197 NTSTATUS result; 02198 BOOL success = False; 02199 02200 /* 02201 * from the SID in the request: 02202 * we should send back the list of DOMAIN GROUPS 02203 * the user is a member of 02204 * 02205 * and only the DOMAIN GROUPS 02206 * no ALIASES !!! neither aliases of the domain 02207 * nor aliases of the builtin SID 02208 * 02209 * JFM, 12/2/2001 02210 */ 02211 02212 r_u->status = NT_STATUS_OK; 02213 02214 DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); 02215 02216 /* find the policy handle. open a policy on it. */ 02217 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL)) 02218 return NT_STATUS_INVALID_HANDLE; 02219 02220 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) { 02221 return r_u->status; 02222 } 02223 02224 if (!sid_check_is_in_our_domain(&sid)) 02225 return NT_STATUS_OBJECT_TYPE_MISMATCH; 02226 02227 if ( !(sam_pass = samu_new( p->mem_ctx )) ) { 02228 return NT_STATUS_NO_MEMORY; 02229 } 02230 02231 become_root(); 02232 ret = pdb_getsampwsid(sam_pass, &sid); 02233 unbecome_root(); 02234 02235 if (!ret) { 02236 DEBUG(10, ("pdb_getsampwsid failed for %s\n", 02237 sid_string_static(&sid))); 02238 return NT_STATUS_NO_SUCH_USER; 02239 } 02240 02241 sids = NULL; 02242 02243 /* make both calls inside the root block */ 02244 become_root(); 02245 result = pdb_enum_group_memberships(p->mem_ctx, sam_pass, 02246 &sids, &unix_gids, &num_groups); 02247 if ( NT_STATUS_IS_OK(result) ) { 02248 success = sid_peek_check_rid(get_global_sam_sid(), 02249 pdb_get_group_sid(sam_pass), 02250 &primary_group_rid); 02251 } 02252 unbecome_root(); 02253 02254 if (!NT_STATUS_IS_OK(result)) { 02255 DEBUG(10, ("pdb_enum_group_memberships failed for %s\n", 02256 sid_string_static(&sid))); 02257 return result; 02258 } 02259 02260 if ( !success ) { 02261 DEBUG(5, ("Group sid %s for user %s not in our domain\n", 02262 sid_string_static(pdb_get_group_sid(sam_pass)), 02263 pdb_get_username(sam_pass))); 02264 TALLOC_FREE(sam_pass); 02265 return NT_STATUS_INTERNAL_DB_CORRUPTION; 02266 } 02267 02268 gids = NULL; 02269 num_gids = 0; 02270 02271 dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT| 02272 SE_GROUP_ENABLED); 02273 dom_gid.g_rid = primary_group_rid; 02274 ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids); 02275 02276 for (i=0; i<num_groups; i++) { 02277 02278 if (!sid_peek_check_rid(get_global_sam_sid(), 02279 &(sids[i]), &dom_gid.g_rid)) { 02280 DEBUG(10, ("Found sid %s not in our domain\n", 02281 sid_string_static(&sids[i]))); 02282 continue; 02283 } 02284 02285 if (dom_gid.g_rid == primary_group_rid) { 02286 /* We added the primary group directly from the 02287 * sam_account. The other SIDs are unique from 02288 * enum_group_memberships */ 02289 continue; 02290 } 02291 02292 ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids); 02293 } 02294 02295 /* construct the response. lkclXXXX: gids are not copied! */ 02296 init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status); 02297 02298 DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); 02299 02300 return r_u->status; 02301 }
NTSTATUS _samr_query_domain_info | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_DOMAIN_INFO * | q_u, | |||
SAMR_R_QUERY_DOMAIN_INFO * | r_u | |||
) |
srv_samr_nt.c の 2307 行で定義されています。
参照先 become_root()・count_sam_aliases()・count_sam_groups()・count_sam_users()・q_samr_query_domain_info::domain_pol・find_policy_by_hnd()・get_global_sam_name()・global_myname・sam_unknown_ctr_info::inf1・sam_unknown_ctr_info::inf12・sam_unknown_ctr_info::inf2・sam_unknown_ctr_info::inf3・sam_unknown_ctr_info::inf4・sam_unknown_ctr_info::inf5・sam_unknown_ctr_info::inf6・sam_unknown_ctr_info::inf7・sam_unknown_ctr_info::inf8・sam_unknown_ctr_info::info・init_samr_r_query_domain_info()・init_unk_info1()・init_unk_info12()・init_unk_info2()・init_unk_info3()・init_unk_info4()・init_unk_info5()・init_unk_info6()・init_unk_info7()・init_unk_info8()・lp_workgroup()・pipes_struct::mem_ctx・pdb_get_account_policy()・pdb_get_seq_num()・ROLE_DOMAIN_BDC・ROLE_DOMAIN_PDC・server_role・r_samr_query_domain_info::status・q_samr_query_domain_info::switch_value・unbecome_root()・unix_to_nt_time_abs().
参照元 _samr_query_domain_info2()・api_samr_query_domain_info().
02310 { 02311 struct samr_info *info = NULL; 02312 SAM_UNK_CTR *ctr; 02313 uint32 min_pass_len,pass_hist,password_properties; 02314 time_t u_expire, u_min_age; 02315 NTTIME nt_expire, nt_min_age; 02316 02317 time_t u_lock_duration, u_reset_time; 02318 NTTIME nt_lock_duration, nt_reset_time; 02319 uint32 lockout; 02320 time_t u_logout; 02321 NTTIME nt_logout; 02322 02323 uint32 account_policy_temp; 02324 02325 time_t seq_num; 02326 uint32 server_role; 02327 02328 uint32 num_users=0, num_groups=0, num_aliases=0; 02329 02330 if ((ctr = TALLOC_ZERO_P(p->mem_ctx, SAM_UNK_CTR)) == NULL) { 02331 return NT_STATUS_NO_MEMORY; 02332 } 02333 02334 ZERO_STRUCTP(ctr); 02335 02336 r_u->status = NT_STATUS_OK; 02337 02338 DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__)); 02339 02340 /* find the policy handle. open a policy on it. */ 02341 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) { 02342 return NT_STATUS_INVALID_HANDLE; 02343 } 02344 02345 switch (q_u->switch_value) { 02346 case 0x01: 02347 02348 become_root(); 02349 02350 /* AS ROOT !!! */ 02351 02352 pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &account_policy_temp); 02353 min_pass_len = account_policy_temp; 02354 02355 pdb_get_account_policy(AP_PASSWORD_HISTORY, &account_policy_temp); 02356 pass_hist = account_policy_temp; 02357 02358 pdb_get_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, &account_policy_temp); 02359 password_properties = account_policy_temp; 02360 02361 pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &account_policy_temp); 02362 u_expire = account_policy_temp; 02363 02364 pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &account_policy_temp); 02365 u_min_age = account_policy_temp; 02366 02367 /* !AS ROOT */ 02368 02369 unbecome_root(); 02370 02371 unix_to_nt_time_abs(&nt_expire, u_expire); 02372 unix_to_nt_time_abs(&nt_min_age, u_min_age); 02373 02374 init_unk_info1(&ctr->info.inf1, (uint16)min_pass_len, (uint16)pass_hist, 02375 password_properties, nt_expire, nt_min_age); 02376 break; 02377 case 0x02: 02378 02379 become_root(); 02380 02381 /* AS ROOT !!! */ 02382 02383 num_users = count_sam_users(info->disp_info, ACB_NORMAL); 02384 num_groups = count_sam_groups(info->disp_info); 02385 num_aliases = count_sam_aliases(info->disp_info); 02386 02387 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &account_policy_temp); 02388 u_logout = account_policy_temp; 02389 02390 unix_to_nt_time_abs(&nt_logout, u_logout); 02391 02392 if (!pdb_get_seq_num(&seq_num)) 02393 seq_num = time(NULL); 02394 02395 /* !AS ROOT */ 02396 02397 unbecome_root(); 02398 02399 server_role = ROLE_DOMAIN_PDC; 02400 if (lp_server_role() == ROLE_DOMAIN_BDC) 02401 server_role = ROLE_DOMAIN_BDC; 02402 02403 init_unk_info2(&ctr->info.inf2, lp_serverstring(), lp_workgroup(), global_myname(), seq_num, 02404 num_users, num_groups, num_aliases, nt_logout, server_role); 02405 break; 02406 case 0x03: 02407 02408 become_root(); 02409 02410 /* AS ROOT !!! */ 02411 02412 { 02413 uint32 ul; 02414 pdb_get_account_policy(AP_TIME_TO_LOGOUT, &ul); 02415 u_logout = (time_t)ul; 02416 } 02417 02418 /* !AS ROOT */ 02419 02420 unbecome_root(); 02421 02422 unix_to_nt_time_abs(&nt_logout, u_logout); 02423 02424 init_unk_info3(&ctr->info.inf3, nt_logout); 02425 break; 02426 case 0x04: 02427 init_unk_info4(&ctr->info.inf4, lp_serverstring()); 02428 break; 02429 case 0x05: 02430 init_unk_info5(&ctr->info.inf5, get_global_sam_name()); 02431 break; 02432 case 0x06: 02433 /* NT returns its own name when a PDC. win2k and later 02434 * only the name of the PDC if itself is a BDC (samba4 02435 * idl) */ 02436 init_unk_info6(&ctr->info.inf6, global_myname()); 02437 break; 02438 case 0x07: 02439 server_role = ROLE_DOMAIN_PDC; 02440 if (lp_server_role() == ROLE_DOMAIN_BDC) 02441 server_role = ROLE_DOMAIN_BDC; 02442 02443 init_unk_info7(&ctr->info.inf7, server_role); 02444 break; 02445 case 0x08: 02446 02447 become_root(); 02448 02449 /* AS ROOT !!! */ 02450 02451 if (!pdb_get_seq_num(&seq_num)) { 02452 seq_num = time(NULL); 02453 } 02454 02455 /* !AS ROOT */ 02456 02457 unbecome_root(); 02458 02459 init_unk_info8(&ctr->info.inf8, (uint32) seq_num); 02460 break; 02461 case 0x0c: 02462 02463 become_root(); 02464 02465 /* AS ROOT !!! */ 02466 02467 pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &account_policy_temp); 02468 u_lock_duration = account_policy_temp; 02469 if (u_lock_duration != -1) { 02470 u_lock_duration *= 60; 02471 } 02472 02473 pdb_get_account_policy(AP_RESET_COUNT_TIME, &account_policy_temp); 02474 u_reset_time = account_policy_temp * 60; 02475 02476 pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_temp); 02477 lockout = account_policy_temp; 02478 02479 /* !AS ROOT */ 02480 02481 unbecome_root(); 02482 02483 unix_to_nt_time_abs(&nt_lock_duration, u_lock_duration); 02484 unix_to_nt_time_abs(&nt_reset_time, u_reset_time); 02485 02486 init_unk_info12(&ctr->info.inf12, nt_lock_duration, nt_reset_time, (uint16)lockout); 02487 break; 02488 default: 02489 return NT_STATUS_INVALID_INFO_CLASS; 02490 } 02491 02492 02493 init_samr_r_query_domain_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK); 02494 02495 DEBUG(5,("_samr_query_domain_info: %d\n", __LINE__)); 02496 02497 return r_u->status; 02498 }
static NTSTATUS can_create | ( | TALLOC_CTX * | mem_ctx, | |
const char * | new_name | |||
) | [static] |
srv_samr_nt.c の 2505 行で定義されています。
参照先 become_root()・lookup_name()・result・SID_NAME_ALIAS・SID_NAME_DOM_GRP・sid_type_lookup()・type・unbecome_root().
参照元 _samr_create_dom_alias()・_samr_create_dom_group()・_samr_create_user()・_samr_set_aliasinfo()・set_user_info_21()・set_user_info_7().
02506 { 02507 enum lsa_SidType type; 02508 BOOL result; 02509 02510 DEBUG(10, ("Checking whether [%s] can be created\n", new_name)); 02511 02512 become_root(); 02513 /* Lookup in our local databases (LOOKUP_NAME_REMOTE not set) 02514 * whether the name already exists */ 02515 result = lookup_name(mem_ctx, new_name, LOOKUP_NAME_LOCAL, 02516 NULL, NULL, NULL, &type); 02517 unbecome_root(); 02518 02519 if (!result) { 02520 DEBUG(10, ("%s does not exist, can create it\n", new_name)); 02521 return NT_STATUS_OK; 02522 } 02523 02524 DEBUG(5, ("trying to create %s, exists as %s\n", 02525 new_name, sid_type_lookup(type))); 02526 02527 if (type == SID_NAME_DOM_GRP) { 02528 return NT_STATUS_GROUP_EXISTS; 02529 } 02530 if (type == SID_NAME_ALIAS) { 02531 return NT_STATUS_ALIAS_EXISTS; 02532 } 02533 02534 /* Yes, the default is NT_STATUS_USER_EXISTS */ 02535 return NT_STATUS_USER_EXISTS; 02536 }
NTSTATUS _samr_create_user | ( | pipes_struct * | p, | |
SAMR_Q_CREATE_USER * | q_u, | |||
SAMR_R_CREATE_USER * | r_u | |||
) |
srv_samr_nt.c の 2544 行で定義されています。
参照先 q_samr_create_user_info::acb_info・samr_info::acc_granted・access_check_samr_function()・access_check_samr_object()・r_samr_create_user_info::access_granted・become_root()・can_create()・create_policy_hnd()・samr_info::disp_info・q_samr_create_user_info::domain_pol・force_flush_samr_cache()・free_samr_info()・get_global_sam_sid()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・nt_token_check_domain_rid()・current_user::nt_user_token・pdb_create_user()・pipes_struct::pipe_user・rpcstr_pull_unistr2_talloc()・se_add_users・se_machine_account・se_map_generic()・se_priv_copy()・se_priv_none・samr_info::sid・sid_compose()・_unix_token::uid・uidtoname()・unbecome_root()・q_samr_create_user_info::uni_name・user_has_privileges()・r_samr_create_user_info::user_pol・r_samr_create_user_info::user_rid・usr_generic_mapping・current_user::ut.
02546 { 02547 char *account; 02548 DOM_SID sid; 02549 POLICY_HND dom_pol = q_u->domain_pol; 02550 uint16 acb_info = q_u->acb_info; 02551 POLICY_HND *user_pol = &r_u->user_pol; 02552 struct samr_info *info = NULL; 02553 NTSTATUS nt_status; 02554 uint32 acc_granted; 02555 SEC_DESC *psd; 02556 size_t sd_size; 02557 /* check this, when giving away 'add computer to domain' privs */ 02558 uint32 des_access = GENERIC_RIGHTS_USER_ALL_ACCESS; 02559 BOOL can_add_account = False; 02560 SE_PRIV se_rights; 02561 DISP_INFO *disp_info = NULL; 02562 02563 /* Get the domain SID stored in the domain policy */ 02564 if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted, 02565 &disp_info)) 02566 return NT_STATUS_INVALID_HANDLE; 02567 02568 nt_status = access_check_samr_function(acc_granted, 02569 SA_RIGHT_DOMAIN_CREATE_USER, 02570 "_samr_create_user"); 02571 if (!NT_STATUS_IS_OK(nt_status)) { 02572 return nt_status; 02573 } 02574 02575 if (!(acb_info == ACB_NORMAL || acb_info == ACB_DOMTRUST || 02576 acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)) { 02577 /* Match Win2k, and return NT_STATUS_INVALID_PARAMETER if 02578 this parameter is not an account type */ 02579 return NT_STATUS_INVALID_PARAMETER; 02580 } 02581 02582 account = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_name); 02583 if (account == NULL) { 02584 return NT_STATUS_NO_MEMORY; 02585 } 02586 02587 nt_status = can_create(p->mem_ctx, account); 02588 if (!NT_STATUS_IS_OK(nt_status)) { 02589 return nt_status; 02590 } 02591 02592 /* determine which user right we need to check based on the acb_info */ 02593 02594 if ( acb_info & ACB_WSTRUST ) 02595 { 02596 se_priv_copy( &se_rights, &se_machine_account ); 02597 can_add_account = user_has_privileges( 02598 p->pipe_user.nt_user_token, &se_rights ); 02599 } 02600 /* usrmgr.exe (and net rpc trustdom grant) creates a normal user 02601 account for domain trusts and changes the ACB flags later */ 02602 else if ( acb_info & ACB_NORMAL && 02603 (account[strlen(account)-1] != '$') ) 02604 { 02605 se_priv_copy( &se_rights, &se_add_users ); 02606 can_add_account = user_has_privileges( 02607 p->pipe_user.nt_user_token, &se_rights ); 02608 } 02609 else /* implicit assumption of a BDC or domain trust account here 02610 * (we already check the flags earlier) */ 02611 { 02612 if ( lp_enable_privileges() ) { 02613 /* only Domain Admins can add a BDC or domain trust */ 02614 se_priv_copy( &se_rights, &se_priv_none ); 02615 can_add_account = nt_token_check_domain_rid( 02616 p->pipe_user.nt_user_token, 02617 DOMAIN_GROUP_RID_ADMINS ); 02618 } 02619 } 02620 02621 DEBUG(5, ("_samr_create_user: %s can add this account : %s\n", 02622 uidtoname(p->pipe_user.ut.uid), 02623 can_add_account ? "True":"False" )); 02624 02625 /********** BEGIN Admin BLOCK **********/ 02626 02627 if ( can_add_account ) 02628 become_root(); 02629 02630 nt_status = pdb_create_user(p->mem_ctx, account, acb_info, 02631 &r_u->user_rid); 02632 02633 if ( can_add_account ) 02634 unbecome_root(); 02635 02636 /********** END Admin BLOCK **********/ 02637 02638 /* now check for failure */ 02639 02640 if ( !NT_STATUS_IS_OK(nt_status) ) 02641 return nt_status; 02642 02643 /* Get the user's SID */ 02644 02645 sid_compose(&sid, get_global_sam_sid(), r_u->user_rid); 02646 02647 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, 02648 &sid, SAMR_USR_RIGHTS_WRITE_PW); 02649 se_map_generic(&des_access, &usr_generic_mapping); 02650 02651 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 02652 &se_rights, GENERIC_RIGHTS_USER_WRITE, des_access, 02653 &acc_granted, "_samr_create_user"); 02654 02655 if ( !NT_STATUS_IS_OK(nt_status) ) { 02656 return nt_status; 02657 } 02658 02659 /* associate the user's SID with the new handle. */ 02660 if ((info = get_samr_info_by_sid(&sid)) == NULL) { 02661 return NT_STATUS_NO_MEMORY; 02662 } 02663 02664 ZERO_STRUCTP(info); 02665 info->sid = sid; 02666 info->acc_granted = acc_granted; 02667 02668 /* get a (unique) handle. open a policy on it. */ 02669 if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) { 02670 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 02671 } 02672 02673 /* After a "set" ensure we have no cached display info. */ 02674 force_flush_samr_cache(info->disp_info); 02675 02676 r_u->access_granted = acc_granted; 02677 02678 return NT_STATUS_OK; 02679 }
NTSTATUS _samr_connect_anon | ( | pipes_struct * | p, | |
SAMR_Q_CONNECT_ANON * | q_u, | |||
SAMR_R_CONNECT_ANON * | r_u | |||
) |
srv_samr_nt.c の 2685 行で定義されています。
参照先 samr_info::acc_granted・q_samr_connect_anon_info::access_mask・r_samr_connect_anon_info::connect_pol・create_policy_hnd()・free_samr_info()・get_samr_info_by_sid()・pipe_access_check()・sam_generic_mapping・se_map_generic()・samr_info::status・r_samr_connect_anon_info::status・q_samr_connect_anon_info::unknown_0.
02686 { 02687 struct samr_info *info = NULL; 02688 uint32 des_access = q_u->access_mask; 02689 02690 /* Access check */ 02691 02692 if (!pipe_access_check(p)) { 02693 DEBUG(3, ("access denied to samr_connect_anon\n")); 02694 r_u->status = NT_STATUS_ACCESS_DENIED; 02695 return r_u->status; 02696 } 02697 02698 /* set up the SAMR connect_anon response */ 02699 02700 r_u->status = NT_STATUS_OK; 02701 02702 /* associate the user's SID with the new handle. */ 02703 if ((info = get_samr_info_by_sid(NULL)) == NULL) 02704 return NT_STATUS_NO_MEMORY; 02705 02706 /* don't give away the farm but this is probably ok. The SA_RIGHT_SAM_ENUM_DOMAINS 02707 was observed from a win98 client trying to enumerate users (when configured 02708 user level access control on shares) --jerry */ 02709 02710 if (des_access == MAXIMUM_ALLOWED_ACCESS) { 02711 /* Map to max possible knowing we're filtered below. */ 02712 des_access = GENERIC_ALL_ACCESS; 02713 } 02714 02715 se_map_generic( &des_access, &sam_generic_mapping ); 02716 info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN); 02717 02718 info->status = q_u->unknown_0; 02719 02720 /* get a (unique) handle. open a policy on it. */ 02721 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) 02722 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 02723 02724 return r_u->status; 02725 }
NTSTATUS _samr_connect | ( | pipes_struct * | p, | |
SAMR_Q_CONNECT * | q_u, | |||
SAMR_R_CONNECT * | r_u | |||
) |
srv_samr_nt.c の 2731 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_object()・q_samr_connect_info::access_mask・r_samr_connect_info::connect_pol・create_policy_hnd()・free_samr_info()・get_samr_info_by_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipe_access_check()・pipes_struct::pipe_user・sam_generic_mapping・se_map_generic()・samr_info::status・r_samr_connect_info::status.
参照元 api_samr_connect().
02732 { 02733 struct samr_info *info = NULL; 02734 SEC_DESC *psd = NULL; 02735 uint32 acc_granted; 02736 uint32 des_access = q_u->access_mask; 02737 NTSTATUS nt_status; 02738 size_t sd_size; 02739 02740 02741 DEBUG(5,("_samr_connect: %d\n", __LINE__)); 02742 02743 /* Access check */ 02744 02745 if (!pipe_access_check(p)) { 02746 DEBUG(3, ("access denied to samr_connect\n")); 02747 r_u->status = NT_STATUS_ACCESS_DENIED; 02748 return r_u->status; 02749 } 02750 02751 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); 02752 se_map_generic(&des_access, &sam_generic_mapping); 02753 02754 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 02755 NULL, 0, des_access, &acc_granted, "_samr_connect"); 02756 02757 if ( !NT_STATUS_IS_OK(nt_status) ) 02758 return nt_status; 02759 02760 r_u->status = NT_STATUS_OK; 02761 02762 /* associate the user's SID and access granted with the new handle. */ 02763 if ((info = get_samr_info_by_sid(NULL)) == NULL) 02764 return NT_STATUS_NO_MEMORY; 02765 02766 info->acc_granted = acc_granted; 02767 info->status = q_u->access_mask; 02768 02769 /* get a (unique) handle. open a policy on it. */ 02770 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) 02771 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 02772 02773 DEBUG(5,("_samr_connect: %d\n", __LINE__)); 02774 02775 return r_u->status; 02776 }
NTSTATUS _samr_connect4 | ( | pipes_struct * | p, | |
SAMR_Q_CONNECT4 * | q_u, | |||
SAMR_R_CONNECT4 * | r_u | |||
) |
srv_samr_nt.c の 2782 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_object()・q_samr_connect4_info::access_mask・r_samr_connect_info::connect_pol・create_policy_hnd()・free_samr_info()・get_samr_info_by_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipe_access_check()・pipes_struct::pipe_user・sam_generic_mapping・se_map_generic()・samr_info::status・r_samr_connect_info::status.
参照元 api_samr_connect4().
02783 { 02784 struct samr_info *info = NULL; 02785 SEC_DESC *psd = NULL; 02786 uint32 acc_granted; 02787 uint32 des_access = q_u->access_mask; 02788 NTSTATUS nt_status; 02789 size_t sd_size; 02790 02791 02792 DEBUG(5,("_samr_connect4: %d\n", __LINE__)); 02793 02794 /* Access check */ 02795 02796 if (!pipe_access_check(p)) { 02797 DEBUG(3, ("access denied to samr_connect4\n")); 02798 r_u->status = NT_STATUS_ACCESS_DENIED; 02799 return r_u->status; 02800 } 02801 02802 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); 02803 se_map_generic(&des_access, &sam_generic_mapping); 02804 02805 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 02806 NULL, 0, des_access, &acc_granted, "_samr_connect4"); 02807 02808 if ( !NT_STATUS_IS_OK(nt_status) ) 02809 return nt_status; 02810 02811 r_u->status = NT_STATUS_OK; 02812 02813 /* associate the user's SID and access granted with the new handle. */ 02814 if ((info = get_samr_info_by_sid(NULL)) == NULL) 02815 return NT_STATUS_NO_MEMORY; 02816 02817 info->acc_granted = acc_granted; 02818 info->status = q_u->access_mask; 02819 02820 /* get a (unique) handle. open a policy on it. */ 02821 if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) 02822 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 02823 02824 DEBUG(5,("_samr_connect: %d\n", __LINE__)); 02825 02826 return r_u->status; 02827 }
NTSTATUS _samr_connect5 | ( | pipes_struct * | p, | |
SAMR_Q_CONNECT5 * | q_u, | |||
SAMR_R_CONNECT5 * | r_u | |||
) |
srv_samr_nt.c の 2833 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_object()・q_samr_connect5_info::access_mask・create_policy_hnd()・free_samr_info()・get_samr_info_by_sid()・init_samr_r_connect5()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipe_access_check()・pipes_struct::pipe_user・pol・sam_generic_mapping・se_map_generic()・samr_info::status・r_samr_connect_info5::status.
参照元 api_samr_connect5().
02834 { 02835 struct samr_info *info = NULL; 02836 SEC_DESC *psd = NULL; 02837 uint32 acc_granted; 02838 uint32 des_access = q_u->access_mask; 02839 NTSTATUS nt_status; 02840 POLICY_HND pol; 02841 size_t sd_size; 02842 02843 02844 DEBUG(5,("_samr_connect5: %d\n", __LINE__)); 02845 02846 ZERO_STRUCTP(r_u); 02847 02848 /* Access check */ 02849 02850 if (!pipe_access_check(p)) { 02851 DEBUG(3, ("access denied to samr_connect5\n")); 02852 r_u->status = NT_STATUS_ACCESS_DENIED; 02853 return r_u->status; 02854 } 02855 02856 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); 02857 se_map_generic(&des_access, &sam_generic_mapping); 02858 02859 nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 02860 NULL, 0, des_access, &acc_granted, "_samr_connect5"); 02861 02862 if ( !NT_STATUS_IS_OK(nt_status) ) 02863 return nt_status; 02864 02865 /* associate the user's SID and access granted with the new handle. */ 02866 if ((info = get_samr_info_by_sid(NULL)) == NULL) 02867 return NT_STATUS_NO_MEMORY; 02868 02869 info->acc_granted = acc_granted; 02870 info->status = q_u->access_mask; 02871 02872 /* get a (unique) handle. open a policy on it. */ 02873 if (!create_policy_hnd(p, &pol, free_samr_info, (void *)info)) 02874 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 02875 02876 DEBUG(5,("_samr_connect: %d\n", __LINE__)); 02877 02878 init_samr_r_connect5(r_u, &pol, NT_STATUS_OK); 02879 02880 return r_u->status; 02881 }
NTSTATUS _samr_lookup_domain | ( | pipes_struct * | p, | |
SAMR_Q_LOOKUP_DOMAIN * | q_u, | |||
SAMR_R_LOOKUP_DOMAIN * | r_u | |||
) |
srv_samr_nt.c の 2887 行で定義されています。
参照先 access_check_samr_function()・UNISTR2::buffer・builtin_domain_name()・q_samr_lookup_domain_info::connect_pol・domain_name・find_policy_by_hnd()・global_sid_Builtin・init_samr_r_lookup_domain()・rpcstr_pull()・secrets_fetch_domain_sid()・samr_info::sid・sid_copy()・sid_string_static()・r_samr_lookup_domain_info::status・strequal()・q_samr_lookup_domain_info::uni_domain・UNISTR2::uni_str_len.
02888 { 02889 struct samr_info *info; 02890 fstring domain_name; 02891 DOM_SID sid; 02892 02893 r_u->status = NT_STATUS_OK; 02894 02895 if (!find_policy_by_hnd(p, &q_u->connect_pol, (void**)(void *)&info)) 02896 return NT_STATUS_INVALID_HANDLE; 02897 02898 /* win9x user manager likes to use SA_RIGHT_SAM_ENUM_DOMAINS here. 02899 Reverted that change so we will work with RAS servers again */ 02900 02901 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, 02902 SA_RIGHT_SAM_OPEN_DOMAIN, "_samr_lookup_domain"))) 02903 { 02904 return r_u->status; 02905 } 02906 02907 rpcstr_pull(domain_name, q_u->uni_domain.buffer, sizeof(domain_name), q_u->uni_domain.uni_str_len*2, 0); 02908 02909 ZERO_STRUCT(sid); 02910 02911 if (strequal(domain_name, builtin_domain_name())) { 02912 sid_copy(&sid, &global_sid_Builtin); 02913 } else { 02914 if (!secrets_fetch_domain_sid(domain_name, &sid)) { 02915 r_u->status = NT_STATUS_NO_SUCH_DOMAIN; 02916 } 02917 } 02918 02919 DEBUG(2,("Returning domain sid for domain %s -> %s\n", domain_name, sid_string_static(&sid))); 02920 02921 init_samr_r_lookup_domain(r_u, &sid, r_u->status); 02922 02923 return r_u->status; 02924 }
static BOOL make_enum_domains | ( | TALLOC_CTX * | ctx, | |
SAM_ENTRY ** | pp_sam, | |||
UNISTR2 ** | pp_uni_name, | |||
uint32 | num_sam_entries, | |||
fstring | doms[] | |||
) | [static] |
srv_samr_nt.c の 2930 行で定義されています。
参照先 init_sam_entry()・init_unistr2()・UNI_FLAGS_NONE.
参照元 _samr_enum_domains().
02932 { 02933 uint32 i; 02934 SAM_ENTRY *sam; 02935 UNISTR2 *uni_name; 02936 02937 DEBUG(5, ("make_enum_domains\n")); 02938 02939 *pp_sam = NULL; 02940 *pp_uni_name = NULL; 02941 02942 if (num_sam_entries == 0) 02943 return True; 02944 02945 sam = TALLOC_ZERO_ARRAY(ctx, SAM_ENTRY, num_sam_entries); 02946 uni_name = TALLOC_ZERO_ARRAY(ctx, UNISTR2, num_sam_entries); 02947 02948 if (sam == NULL || uni_name == NULL) 02949 return False; 02950 02951 for (i = 0; i < num_sam_entries; i++) { 02952 init_unistr2(&uni_name[i], doms[i], UNI_FLAGS_NONE); 02953 init_sam_entry(&sam[i], &uni_name[i], 0); 02954 } 02955 02956 *pp_sam = sam; 02957 *pp_uni_name = uni_name; 02958 02959 return True; 02960 }
NTSTATUS _samr_enum_domains | ( | pipes_struct * | p, | |
SAMR_Q_ENUM_DOMAINS * | q_u, | |||
SAMR_R_ENUM_DOMAINS * | r_u | |||
) |
srv_samr_nt.c の 2966 行で定義されています。
参照先 access_check_samr_function()・find_policy_by_hnd()・get_global_sam_name()・init_samr_r_enum_domains()・make_enum_domains()・pipes_struct::mem_ctx・name・q_samr_enum_domains_info::pol・r_samr_enum_domains_info::sam・q_samr_enum_domains_info::start_idx・r_samr_enum_domains_info::status・strupper_m()・r_samr_enum_domains_info::uni_dom_name.
02967 { 02968 struct samr_info *info; 02969 uint32 num_entries = 2; 02970 fstring dom[2]; 02971 const char *name; 02972 02973 r_u->status = NT_STATUS_OK; 02974 02975 if (!find_policy_by_hnd(p, &q_u->pol, (void**)(void *)&info)) 02976 return NT_STATUS_INVALID_HANDLE; 02977 02978 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SA_RIGHT_SAM_ENUM_DOMAINS, "_samr_enum_domains"))) { 02979 return r_u->status; 02980 } 02981 02982 name = get_global_sam_name(); 02983 02984 fstrcpy(dom[0],name); 02985 strupper_m(dom[0]); 02986 fstrcpy(dom[1],"Builtin"); 02987 02988 if (!make_enum_domains(p->mem_ctx, &r_u->sam, &r_u->uni_dom_name, num_entries, dom)) 02989 return NT_STATUS_NO_MEMORY; 02990 02991 init_samr_r_enum_domains(r_u, q_u->start_idx + num_entries, num_entries); 02992 02993 return r_u->status; 02994 }
NTSTATUS _samr_open_alias | ( | pipes_struct * | p, | |
SAMR_Q_OPEN_ALIAS * | q_u, | |||
SAMR_R_OPEN_ALIAS * | r_u | |||
) |
srv_samr_nt.c の 3000 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・access_check_samr_object()・q_samr_open_alias_info::access_mask・ali_generic_mapping・become_root()・create_policy_hnd()・q_samr_open_alias_info::dom_pol・free_samr_info()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・lookup_sid()・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipes_struct::pipe_user・r_samr_open_alias_info::pol・result・q_samr_open_alias_info::rid_alias・se_add_users・se_map_generic()・se_priv_copy()・samr_info::sid・sid_append_rid()・SID_NAME_ALIAS・sid_to_gid()・r_samr_open_alias_info::status・status・type・unbecome_root().
03001 { 03002 DOM_SID sid; 03003 POLICY_HND domain_pol = q_u->dom_pol; 03004 uint32 alias_rid = q_u->rid_alias; 03005 POLICY_HND *alias_pol = &r_u->pol; 03006 struct samr_info *info = NULL; 03007 SEC_DESC *psd = NULL; 03008 uint32 acc_granted; 03009 uint32 des_access = q_u->access_mask; 03010 size_t sd_size; 03011 NTSTATUS status; 03012 SE_PRIV se_rights; 03013 03014 r_u->status = NT_STATUS_OK; 03015 03016 /* find the domain policy and get the SID / access bits stored in the domain policy */ 03017 03018 if ( !get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted, NULL) ) 03019 return NT_STATUS_INVALID_HANDLE; 03020 03021 status = access_check_samr_function(acc_granted, 03022 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_alias"); 03023 03024 if ( !NT_STATUS_IS_OK(status) ) 03025 return status; 03026 03027 /* append the alias' RID to it */ 03028 03029 if (!sid_append_rid(&sid, alias_rid)) 03030 return NT_STATUS_NO_SUCH_ALIAS; 03031 03032 /*check if access can be granted as requested by client. */ 03033 03034 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0); 03035 se_map_generic(&des_access,&ali_generic_mapping); 03036 03037 se_priv_copy( &se_rights, &se_add_users ); 03038 03039 03040 status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 03041 &se_rights, GENERIC_RIGHTS_ALIAS_WRITE, des_access, 03042 &acc_granted, "_samr_open_alias"); 03043 03044 if ( !NT_STATUS_IS_OK(status) ) 03045 return status; 03046 03047 { 03048 /* Check we actually have the requested alias */ 03049 enum lsa_SidType type; 03050 BOOL result; 03051 gid_t gid; 03052 03053 become_root(); 03054 result = lookup_sid(NULL, &sid, NULL, NULL, &type); 03055 unbecome_root(); 03056 03057 if (!result || (type != SID_NAME_ALIAS)) { 03058 return NT_STATUS_NO_SUCH_ALIAS; 03059 } 03060 03061 /* make sure there is a mapping */ 03062 03063 if ( !sid_to_gid( &sid, &gid ) ) { 03064 return NT_STATUS_NO_SUCH_ALIAS; 03065 } 03066 03067 } 03068 03069 /* associate the alias SID with the new handle. */ 03070 if ((info = get_samr_info_by_sid(&sid)) == NULL) 03071 return NT_STATUS_NO_MEMORY; 03072 03073 info->acc_granted = acc_granted; 03074 03075 /* get a (unique) handle. open a policy on it. */ 03076 if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info)) 03077 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 03078 03079 return r_u->status; 03080 }
static NTSTATUS set_user_info_7 | ( | TALLOC_CTX * | mem_ctx, | |
const SAM_USER_INFO_7 * | id7, | |||
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3085 行で定義されています。
参照先 UNISTR2::buffer・can_create()・pdb_rename_sam_account()・rpcstr_pull()・sam_user_info_7::uni_name・UNISTR2::uni_str_len.
03087 { 03088 fstring new_name; 03089 NTSTATUS rc; 03090 03091 if (id7 == NULL) { 03092 DEBUG(5, ("set_user_info_7: NULL id7\n")); 03093 TALLOC_FREE(pwd); 03094 return NT_STATUS_ACCESS_DENIED; 03095 } 03096 03097 if(!rpcstr_pull(new_name, id7->uni_name.buffer, sizeof(new_name), id7->uni_name.uni_str_len*2, 0)) { 03098 DEBUG(5, ("set_user_info_7: failed to get new username\n")); 03099 TALLOC_FREE(pwd); 03100 return NT_STATUS_ACCESS_DENIED; 03101 } 03102 03103 /* check to see if the new username already exists. Note: we can't 03104 reliably lock all backends, so there is potentially the 03105 possibility that a user can be created in between this check and 03106 the rename. The rename should fail, but may not get the 03107 exact same failure status code. I think this is small enough 03108 of a window for this type of operation and the results are 03109 simply that the rename fails with a slightly different status 03110 code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */ 03111 03112 rc = can_create(mem_ctx, new_name); 03113 if (!NT_STATUS_IS_OK(rc)) { 03114 return rc; 03115 } 03116 03117 rc = pdb_rename_sam_account(pwd, new_name); 03118 03119 TALLOC_FREE(pwd); 03120 return rc; 03121 }
static BOOL set_user_info_16 | ( | const SAM_USER_INFO_16 * | id16, | |
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3127 行で定義されています。
参照先 sam_user_info_16::acb_info・PDB_CHANGED・pdb_set_acct_ctrl()・pdb_update_sam_account().
03128 { 03129 if (id16 == NULL) { 03130 DEBUG(5, ("set_user_info_16: NULL id16\n")); 03131 TALLOC_FREE(pwd); 03132 return False; 03133 } 03134 03135 /* FIX ME: check if the value is really changed --metze */ 03136 if (!pdb_set_acct_ctrl(pwd, id16->acb_info, PDB_CHANGED)) { 03137 TALLOC_FREE(pwd); 03138 return False; 03139 } 03140 03141 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { 03142 TALLOC_FREE(pwd); 03143 return False; 03144 } 03145 03146 TALLOC_FREE(pwd); 03147 03148 return True; 03149 }
static BOOL set_user_info_18 | ( | SAM_USER_INFO_18 * | id18, | |
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3155 行で定義されています。
参照先 sam_user_info_18::lm_pwd・sam_user_info_18::nt_pwd・PDB_CHANGED・pdb_set_lanman_passwd()・pdb_set_nt_passwd()・pdb_set_pass_last_set_time()・pdb_update_sam_account().
参照元 _samr_set_userinfo()・_samr_set_userinfo2().
03156 { 03157 03158 if (id18 == NULL) { 03159 DEBUG(2, ("set_user_info_18: id18 is NULL\n")); 03160 TALLOC_FREE(pwd); 03161 return False; 03162 } 03163 03164 if (!pdb_set_lanman_passwd (pwd, id18->lm_pwd, PDB_CHANGED)) { 03165 TALLOC_FREE(pwd); 03166 return False; 03167 } 03168 if (!pdb_set_nt_passwd (pwd, id18->nt_pwd, PDB_CHANGED)) { 03169 TALLOC_FREE(pwd); 03170 return False; 03171 } 03172 if (!pdb_set_pass_last_set_time (pwd, time(NULL), PDB_CHANGED)) { 03173 TALLOC_FREE(pwd); 03174 return False; 03175 } 03176 03177 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { 03178 TALLOC_FREE(pwd); 03179 return False; 03180 } 03181 03182 TALLOC_FREE(pwd); 03183 return True; 03184 }
static BOOL set_user_info_20 | ( | SAM_USER_INFO_20 * | id20, | |
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3190 行で定義されています。
参照先 copy_id20_to_sam_passwd()・pdb_update_sam_account().
03191 { 03192 if (id20 == NULL) { 03193 DEBUG(5, ("set_user_info_20: NULL id20\n")); 03194 return False; 03195 } 03196 03197 copy_id20_to_sam_passwd(pwd, id20); 03198 03199 /* write the change out */ 03200 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { 03201 TALLOC_FREE(pwd); 03202 return False; 03203 } 03204 03205 TALLOC_FREE(pwd); 03206 03207 return True; 03208 }
static NTSTATUS set_user_info_21 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_21 * | id21, | |||
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3213 行で定義されています。
参照先 UNISTR2::buffer・can_create()・copy_id21_to_sam_passwd()・nt_errstr()・pdb_get_username()・PDB_GROUPSID・pdb_rename_sam_account()・PDB_SET・pdb_set_unix_primary_group()・pdb_set_username()・pdb_update_sam_account()・rpcstr_pull()・status・strequal()・UNISTR2::uni_str_len・sam_user_info_21::uni_user_name.
03215 { 03216 fstring new_name; 03217 NTSTATUS status; 03218 03219 if (id21 == NULL) { 03220 DEBUG(5, ("set_user_info_21: NULL id21\n")); 03221 return NT_STATUS_INVALID_PARAMETER; 03222 } 03223 03224 /* we need to separately check for an account rename first */ 03225 03226 if (rpcstr_pull(new_name, id21->uni_user_name.buffer, 03227 sizeof(new_name), id21->uni_user_name.uni_str_len*2, 0) 03228 && (!strequal(new_name, pdb_get_username(pwd)))) 03229 { 03230 03231 /* check to see if the new username already exists. Note: we can't 03232 reliably lock all backends, so there is potentially the 03233 possibility that a user can be created in between this check and 03234 the rename. The rename should fail, but may not get the 03235 exact same failure status code. I think this is small enough 03236 of a window for this type of operation and the results are 03237 simply that the rename fails with a slightly different status 03238 code (like UNSUCCESSFUL instead of ALREADY_EXISTS). */ 03239 03240 status = can_create(mem_ctx, new_name); 03241 if (!NT_STATUS_IS_OK(status)) { 03242 return status; 03243 } 03244 03245 status = pdb_rename_sam_account(pwd, new_name); 03246 03247 if (!NT_STATUS_IS_OK(status)) { 03248 DEBUG(0,("set_user_info_21: failed to rename account: %s\n", 03249 nt_errstr(status))); 03250 TALLOC_FREE(pwd); 03251 return status; 03252 } 03253 03254 /* set the new username so that later 03255 functions can work on the new account */ 03256 pdb_set_username(pwd, new_name, PDB_SET); 03257 } 03258 03259 copy_id21_to_sam_passwd(pwd, id21); 03260 03261 /* 03262 * The funny part about the previous two calls is 03263 * that pwd still has the password hashes from the 03264 * passdb entry. These have not been updated from 03265 * id21. I don't know if they need to be set. --jerry 03266 */ 03267 03268 if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) { 03269 status = pdb_set_unix_primary_group(mem_ctx, pwd); 03270 if ( !NT_STATUS_IS_OK(status) ) { 03271 return status; 03272 } 03273 } 03274 03275 /* Don't worry about writing out the user account since the 03276 primary group SID is generated solely from the user's Unix 03277 primary group. */ 03278 03279 /* write the change out */ 03280 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { 03281 TALLOC_FREE(pwd); 03282 return status; 03283 } 03284 03285 TALLOC_FREE(pwd); 03286 03287 return NT_STATUS_OK; 03288 }
static NTSTATUS set_user_info_23 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_23 * | id23, | |||
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3294 行で定義されています。
参照先 chgpasswd()・copy_id23_to_sam_passwd()・decode_pw_buffer()・Get_Pwnam()・len・sam_user_info_23::pass・pdb_get_acct_ctrl()・pdb_get_username()・PDB_GROUPSID・pdb_set_plaintext_passwd()・pdb_set_unix_primary_group()・pdb_update_sam_account()・status.
参照元 _samr_set_userinfo()・_samr_set_userinfo2().
03296 { 03297 pstring plaintext_buf; 03298 uint32 len; 03299 uint16 acct_ctrl; 03300 NTSTATUS status; 03301 03302 if (id23 == NULL) { 03303 DEBUG(5, ("set_user_info_23: NULL id23\n")); 03304 return NT_STATUS_INVALID_PARAMETER; 03305 } 03306 03307 DEBUG(5, ("Attempting administrator password change (level 23) for user %s\n", 03308 pdb_get_username(pwd))); 03309 03310 acct_ctrl = pdb_get_acct_ctrl(pwd); 03311 03312 if (!decode_pw_buffer(id23->pass, plaintext_buf, 256, &len, STR_UNICODE)) { 03313 TALLOC_FREE(pwd); 03314 return NT_STATUS_INVALID_PARAMETER; 03315 } 03316 03317 if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) { 03318 TALLOC_FREE(pwd); 03319 return NT_STATUS_ACCESS_DENIED; 03320 } 03321 03322 copy_id23_to_sam_passwd(pwd, id23); 03323 03324 /* if it's a trust account, don't update /etc/passwd */ 03325 if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) || 03326 ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) || 03327 ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) { 03328 DEBUG(5, ("Changing trust account. Not updating /etc/passwd\n")); 03329 } else { 03330 /* update the UNIX password */ 03331 if (lp_unix_password_sync() ) { 03332 struct passwd *passwd; 03333 if (pdb_get_username(pwd) == NULL) { 03334 DEBUG(1, ("chgpasswd: User without name???\n")); 03335 TALLOC_FREE(pwd); 03336 return NT_STATUS_ACCESS_DENIED; 03337 } 03338 03339 if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { 03340 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); 03341 } 03342 03343 if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) { 03344 TALLOC_FREE(pwd); 03345 return NT_STATUS_ACCESS_DENIED; 03346 } 03347 } 03348 } 03349 03350 ZERO_STRUCT(plaintext_buf); 03351 03352 if (IS_SAM_CHANGED(pwd, PDB_GROUPSID) && 03353 (!NT_STATUS_IS_OK(status = pdb_set_unix_primary_group(mem_ctx, 03354 pwd)))) { 03355 TALLOC_FREE(pwd); 03356 return status; 03357 } 03358 03359 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { 03360 TALLOC_FREE(pwd); 03361 return status; 03362 } 03363 03364 TALLOC_FREE(pwd); 03365 03366 return NT_STATUS_OK; 03367 }
srv_samr_nt.c の 3373 行で定義されています。
参照先 chgpasswd()・decode_pw_buffer()・Get_Pwnam()・len・pdb_get_acct_ctrl()・pdb_get_init_flags()・pdb_get_pass_last_set_time()・pdb_get_username()・PDB_PASSLASTSET・pdb_set_pass_last_set_time()・pdb_set_plaintext_passwd()・pdb_update_sam_account().
参照元 _samr_set_userinfo()・_samr_set_userinfo2().
03375 { 03376 uint32 len; 03377 pstring plaintext_buf; 03378 uint32 acct_ctrl; 03379 time_t last_set_time; 03380 enum pdb_value_state last_set_state; 03381 03382 DEBUG(5, ("Attempting administrator password change for user %s\n", 03383 pdb_get_username(pwd))); 03384 03385 acct_ctrl = pdb_get_acct_ctrl(pwd); 03386 /* we need to know if it's expired, because this is an admin change, not a 03387 user change, so it's still expired when we're done */ 03388 last_set_state = pdb_get_init_flags(pwd, PDB_PASSLASTSET); 03389 last_set_time = pdb_get_pass_last_set_time(pwd); 03390 03391 ZERO_STRUCT(plaintext_buf); 03392 03393 if (!decode_pw_buffer(pass, plaintext_buf, 256, &len, STR_UNICODE)) { 03394 TALLOC_FREE(pwd); 03395 return False; 03396 } 03397 03398 if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) { 03399 TALLOC_FREE(pwd); 03400 return False; 03401 } 03402 03403 /* if it's a trust account, don't update /etc/passwd */ 03404 if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) || 03405 ( (acct_ctrl & ACB_WSTRUST) == ACB_WSTRUST) || 03406 ( (acct_ctrl & ACB_SVRTRUST) == ACB_SVRTRUST) ) { 03407 DEBUG(5, ("Changing trust account or non-unix-user password, not updating /etc/passwd\n")); 03408 } else { 03409 /* update the UNIX password */ 03410 if (lp_unix_password_sync()) { 03411 struct passwd *passwd; 03412 03413 if (pdb_get_username(pwd) == NULL) { 03414 DEBUG(1, ("chgpasswd: User without name???\n")); 03415 TALLOC_FREE(pwd); 03416 return False; 03417 } 03418 03419 if ((passwd = Get_Pwnam(pdb_get_username(pwd))) == NULL) { 03420 DEBUG(1, ("chgpasswd: Username does not exist in system !?!\n")); 03421 } 03422 03423 if(!chgpasswd(pdb_get_username(pwd), passwd, "", plaintext_buf, True)) { 03424 TALLOC_FREE(pwd); 03425 return False; 03426 } 03427 } 03428 } 03429 03430 ZERO_STRUCT(plaintext_buf); 03431 03432 /* 03433 * A level 25 change does reset the pwdlastset field, a level 24 03434 * change does not. I know this is probably not the full story, but 03435 * it is needed to make XP join LDAP correctly, without it the later 03436 * auth2 check can fail with PWD_MUST_CHANGE. 03437 */ 03438 if (level != 25) { 03439 /* 03440 * restore last set time as this is an admin change, not a 03441 * user pw change 03442 */ 03443 pdb_set_pass_last_set_time (pwd, last_set_time, 03444 last_set_state); 03445 } 03446 03447 DEBUG(5,("set_user_info_pw: pdb_update_pwd()\n")); 03448 03449 /* update the SAMBA password */ 03450 if(!NT_STATUS_IS_OK(pdb_update_sam_account(pwd))) { 03451 TALLOC_FREE(pwd); 03452 return False; 03453 } 03454 03455 TALLOC_FREE(pwd); 03456 03457 return True; 03458 }
static NTSTATUS set_user_info_25 | ( | TALLOC_CTX * | mem_ctx, | |
SAM_USER_INFO_25 * | id25, | |||
struct samu * | pwd | |||
) | [static] |
srv_samr_nt.c の 3464 行で定義されています。
参照先 copy_id25_to_sam_passwd()・PDB_GROUPSID・pdb_set_unix_primary_group()・pdb_update_sam_account()・status.
参照元 _samr_set_userinfo().
03466 { 03467 NTSTATUS status; 03468 03469 if (id25 == NULL) { 03470 DEBUG(5, ("set_user_info_25: NULL id25\n")); 03471 return NT_STATUS_INVALID_PARAMETER; 03472 } 03473 03474 copy_id25_to_sam_passwd(pwd, id25); 03475 03476 /* write the change out */ 03477 if(!NT_STATUS_IS_OK(status = pdb_update_sam_account(pwd))) { 03478 TALLOC_FREE(pwd); 03479 return status; 03480 } 03481 03482 /* 03483 * We need to "pdb_update_sam_account" before the unix primary group 03484 * is set, because the idealx scripts would also change the 03485 * sambaPrimaryGroupSid using the ldap replace method. pdb_ldap uses 03486 * the delete explicit / add explicit, which would then fail to find 03487 * the previous primaryGroupSid value. 03488 */ 03489 03490 if ( IS_SAM_CHANGED(pwd, PDB_GROUPSID) ) { 03491 status = pdb_set_unix_primary_group(mem_ctx, pwd); 03492 if ( !NT_STATUS_IS_OK(status) ) { 03493 return status; 03494 } 03495 } 03496 03497 /* WARNING: No TALLOC_FREE(pwd), we are about to set the password 03498 * hereafter! */ 03499 03500 return NT_STATUS_OK; 03501 }
NTSTATUS _samr_set_userinfo | ( | pipes_struct * | p, | |
SAMR_Q_SET_USERINFO * | q_u, | |||
SAMR_R_SET_USERINFO * | r_u | |||
) |
srv_samr_nt.c の 3507 行で定義されています。
参照先 access_check_samr_function()・become_root()・q_samr_set_user_info::ctr・dump_data()・encode_or_decode_arc4_passwd_buffer()・force_flush_samr_cache()・get_lsa_policy_samr_sid()・sam_userinfo_ctr_info::id18・sam_userinfo_ctr_info::id23・sam_userinfo_ctr_info::id24・sam_userinfo_ctr_info::id25・sam_userinfo_ctr_info::id26・sam_userinfo_ctr_info::info・data_blob_::length・pipes_struct::mem_ctx・nt_token_check_domain_rid()・current_user::nt_user_token・sam_user_info_23::pass・sam_user_info_26::pass・sam_user_info_25::pass・sam_user_info_24::pass・pdb_get_acct_ctrl()・pdb_getsampwsid()・pipes_struct::pipe_user・q_samr_set_user_info::pol・pol・SamOEMhashBlob()・samu_new()・se_add_users・se_machine_account・pipes_struct::session_key・set_user_info_18()・set_user_info_23()・set_user_info_25()・set_user_info_pw()・sid_string_static()・r_samr_set_user_info::status・q_samr_set_user_info::switch_value・_unix_token::uid・uidtoname()・unbecome_root()・user_has_privileges()・current_user::ut.
03508 { 03509 struct samu *pwd = NULL; 03510 DOM_SID sid; 03511 POLICY_HND *pol = &q_u->pol; 03512 uint16 switch_value = q_u->switch_value; 03513 SAM_USERINFO_CTR *ctr = q_u->ctr; 03514 uint32 acc_granted; 03515 uint32 acc_required; 03516 BOOL ret; 03517 BOOL has_enough_rights = False; 03518 uint32 acb_info; 03519 DISP_INFO *disp_info = NULL; 03520 03521 DEBUG(5, ("_samr_set_userinfo: %d\n", __LINE__)); 03522 03523 r_u->status = NT_STATUS_OK; 03524 03525 /* find the policy handle. open a policy on it. */ 03526 if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info)) 03527 return NT_STATUS_INVALID_HANDLE; 03528 03529 /* This is tricky. A WinXP domain join sets 03530 (SA_RIGHT_USER_SET_PASSWORD|SA_RIGHT_USER_SET_ATTRIBUTES|SA_RIGHT_USER_ACCT_FLAGS_EXPIRY) 03531 The MMC lusrmgr plugin includes these perms and more in the SamrOpenUser(). But the 03532 standard Win32 API calls just ask for SA_RIGHT_USER_SET_PASSWORD in the SamrOpenUser(). 03533 This should be enough for levels 18, 24, 25,& 26. Info level 23 can set more so 03534 we'll use the set from the WinXP join as the basis. */ 03535 03536 switch (switch_value) { 03537 case 18: 03538 case 24: 03539 case 25: 03540 case 26: 03541 acc_required = SA_RIGHT_USER_SET_PASSWORD; 03542 break; 03543 default: 03544 acc_required = SA_RIGHT_USER_SET_PASSWORD | SA_RIGHT_USER_SET_ATTRIBUTES | SA_RIGHT_USER_ACCT_FLAGS_EXPIRY; 03545 break; 03546 } 03547 03548 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo"))) { 03549 return r_u->status; 03550 } 03551 03552 DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n", sid_string_static(&sid), switch_value)); 03553 03554 if (ctr == NULL) { 03555 DEBUG(5, ("_samr_set_userinfo: NULL info level\n")); 03556 return NT_STATUS_INVALID_INFO_CLASS; 03557 } 03558 03559 if ( !(pwd = samu_new( NULL )) ) { 03560 return NT_STATUS_NO_MEMORY; 03561 } 03562 03563 become_root(); 03564 ret = pdb_getsampwsid(pwd, &sid); 03565 unbecome_root(); 03566 03567 if ( !ret ) { 03568 TALLOC_FREE(pwd); 03569 return NT_STATUS_NO_SUCH_USER; 03570 } 03571 03572 /* deal with machine password changes differently from userinfo changes */ 03573 /* check to see if we have the sufficient rights */ 03574 03575 acb_info = pdb_get_acct_ctrl(pwd); 03576 if ( acb_info & ACB_WSTRUST ) 03577 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account); 03578 else if ( acb_info & ACB_NORMAL ) 03579 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); 03580 else if ( acb_info & (ACB_SVRTRUST|ACB_DOMTRUST) ) { 03581 if ( lp_enable_privileges() ) 03582 has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ); 03583 } 03584 03585 DEBUG(5, ("_samr_set_userinfo: %s does%s possess sufficient rights\n", 03586 uidtoname(p->pipe_user.ut.uid), 03587 has_enough_rights ? "" : " not")); 03588 03589 /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ 03590 03591 if ( has_enough_rights ) 03592 become_root(); 03593 03594 /* ok! user info levels (lots: see MSDEV help), off we go... */ 03595 03596 switch (switch_value) { 03597 case 18: 03598 if (!set_user_info_18(ctr->info.id18, pwd)) 03599 r_u->status = NT_STATUS_ACCESS_DENIED; 03600 break; 03601 03602 case 24: 03603 if (!p->session_key.length) { 03604 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03605 } 03606 SamOEMhashBlob(ctr->info.id24->pass, 516, &p->session_key); 03607 03608 dump_data(100, (char *)ctr->info.id24->pass, 516); 03609 03610 if (!set_user_info_pw(ctr->info.id24->pass, pwd, 03611 switch_value)) 03612 r_u->status = NT_STATUS_ACCESS_DENIED; 03613 break; 03614 03615 case 25: 03616 if (!p->session_key.length) { 03617 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03618 } 03619 encode_or_decode_arc4_passwd_buffer(ctr->info.id25->pass, &p->session_key); 03620 03621 dump_data(100, (char *)ctr->info.id25->pass, 532); 03622 03623 r_u->status = set_user_info_25(p->mem_ctx, 03624 ctr->info.id25, pwd); 03625 if (!NT_STATUS_IS_OK(r_u->status)) { 03626 goto done; 03627 } 03628 if (!set_user_info_pw(ctr->info.id25->pass, pwd, 03629 switch_value)) 03630 r_u->status = NT_STATUS_ACCESS_DENIED; 03631 break; 03632 03633 case 26: 03634 if (!p->session_key.length) { 03635 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03636 } 03637 encode_or_decode_arc4_passwd_buffer(ctr->info.id26->pass, &p->session_key); 03638 03639 dump_data(100, (char *)ctr->info.id26->pass, 516); 03640 03641 if (!set_user_info_pw(ctr->info.id26->pass, pwd, 03642 switch_value)) 03643 r_u->status = NT_STATUS_ACCESS_DENIED; 03644 break; 03645 03646 case 23: 03647 if (!p->session_key.length) { 03648 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03649 } 03650 SamOEMhashBlob(ctr->info.id23->pass, 516, &p->session_key); 03651 03652 dump_data(100, (char *)ctr->info.id23->pass, 516); 03653 03654 r_u->status = set_user_info_23(p->mem_ctx, 03655 ctr->info.id23, pwd); 03656 break; 03657 03658 default: 03659 r_u->status = NT_STATUS_INVALID_INFO_CLASS; 03660 } 03661 03662 done: 03663 03664 if ( has_enough_rights ) 03665 unbecome_root(); 03666 03667 /* ================ END SeMachineAccountPrivilege BLOCK ================ */ 03668 03669 if (NT_STATUS_IS_OK(r_u->status)) { 03670 force_flush_samr_cache(disp_info); 03671 } 03672 03673 return r_u->status; 03674 }
NTSTATUS _samr_set_userinfo2 | ( | pipes_struct * | p, | |
SAMR_Q_SET_USERINFO2 * | q_u, | |||
SAMR_R_SET_USERINFO2 * | r_u | |||
) |
srv_samr_nt.c の 3680 行で定義されています。
参照先 access_check_samr_function()・become_root()・q_samr_set_user_info2::ctr・dump_data()・encode_or_decode_arc4_passwd_buffer()・force_flush_samr_cache()・get_lsa_policy_samr_sid()・sam_userinfo_ctr_info::id16・sam_userinfo_ctr_info::id18・sam_userinfo_ctr_info::id20・sam_userinfo_ctr_info::id21・sam_userinfo_ctr_info::id23・sam_userinfo_ctr_info::id26・sam_userinfo_ctr_info::id7・sam_userinfo_ctr_info::info・data_blob_::length・pipes_struct::mem_ctx・nt_token_check_domain_rid()・current_user::nt_user_token・sam_user_info_26::pass・sam_user_info_23::pass・pdb_get_acct_ctrl()・pdb_getsampwsid()・pipes_struct::pipe_user・q_samr_set_user_info2::pol・pol・SamOEMhashBlob()・samu_new()・se_add_users・se_machine_account・pipes_struct::session_key・set_user_info_16()・set_user_info_18()・set_user_info_20()・set_user_info_21()・set_user_info_23()・set_user_info_7()・set_user_info_pw()・sid_string_static()・r_samr_set_user_info2::status・sam_userinfo_ctr_info::switch_value・q_samr_set_user_info2::switch_value・_unix_token::uid・uidtoname()・unbecome_root()・user_has_privileges()・current_user::ut.
03681 { 03682 struct samu *pwd = NULL; 03683 DOM_SID sid; 03684 SAM_USERINFO_CTR *ctr = q_u->ctr; 03685 POLICY_HND *pol = &q_u->pol; 03686 uint16 switch_value = q_u->switch_value; 03687 uint32 acc_granted; 03688 uint32 acc_required; 03689 BOOL ret; 03690 BOOL has_enough_rights = False; 03691 uint32 acb_info; 03692 DISP_INFO *disp_info = NULL; 03693 03694 DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__)); 03695 03696 r_u->status = NT_STATUS_OK; 03697 03698 /* find the policy handle. open a policy on it. */ 03699 if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted, &disp_info)) 03700 return NT_STATUS_INVALID_HANDLE; 03701 03702 03703 #if 0 /* this really should be applied on a per info level basis --jerry */ 03704 03705 /* observed when joining XP client to Samba domain */ 03706 acc_required = SA_RIGHT_USER_SET_PASSWORD | SA_RIGHT_USER_SET_ATTRIBUTES | SA_RIGHT_USER_ACCT_FLAGS_EXPIRY; 03707 #else 03708 acc_required = SA_RIGHT_USER_SET_ATTRIBUTES; 03709 #endif 03710 03711 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo2"))) { 03712 return r_u->status; 03713 } 03714 03715 DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n", sid_string_static(&sid))); 03716 03717 if (ctr == NULL) { 03718 DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n")); 03719 return NT_STATUS_INVALID_INFO_CLASS; 03720 } 03721 03722 switch_value=ctr->switch_value; 03723 03724 if ( !(pwd = samu_new( NULL )) ) { 03725 return NT_STATUS_NO_MEMORY; 03726 } 03727 03728 become_root(); 03729 ret = pdb_getsampwsid(pwd, &sid); 03730 unbecome_root(); 03731 03732 if ( !ret ) { 03733 TALLOC_FREE(pwd); 03734 return NT_STATUS_NO_SUCH_USER; 03735 } 03736 03737 acb_info = pdb_get_acct_ctrl(pwd); 03738 if ( acb_info & ACB_WSTRUST ) 03739 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account); 03740 else if ( acb_info & ACB_NORMAL ) 03741 has_enough_rights = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); 03742 else if ( acb_info & (ACB_SVRTRUST|ACB_DOMTRUST) ) { 03743 if ( lp_enable_privileges() ) 03744 has_enough_rights = nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ); 03745 } 03746 03747 DEBUG(5, ("_samr_set_userinfo2: %s does%s possess sufficient rights\n", 03748 uidtoname(p->pipe_user.ut.uid), 03749 has_enough_rights ? "" : " not")); 03750 03751 /* ================ BEGIN SeMachineAccountPrivilege BLOCK ================ */ 03752 03753 if ( has_enough_rights ) 03754 become_root(); 03755 03756 /* ok! user info levels (lots: see MSDEV help), off we go... */ 03757 03758 switch (switch_value) { 03759 case 7: 03760 r_u->status = set_user_info_7(p->mem_ctx, 03761 ctr->info.id7, pwd); 03762 break; 03763 case 16: 03764 if (!set_user_info_16(ctr->info.id16, pwd)) 03765 r_u->status = NT_STATUS_ACCESS_DENIED; 03766 break; 03767 case 18: 03768 /* Used by AS/U JRA. */ 03769 if (!set_user_info_18(ctr->info.id18, pwd)) 03770 r_u->status = NT_STATUS_ACCESS_DENIED; 03771 break; 03772 case 20: 03773 if (!set_user_info_20(ctr->info.id20, pwd)) 03774 r_u->status = NT_STATUS_ACCESS_DENIED; 03775 break; 03776 case 21: 03777 r_u->status = set_user_info_21(p->mem_ctx, 03778 ctr->info.id21, pwd); 03779 break; 03780 case 23: 03781 if (!p->session_key.length) { 03782 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03783 } 03784 SamOEMhashBlob(ctr->info.id23->pass, 516, &p->session_key); 03785 03786 dump_data(100, (char *)ctr->info.id23->pass, 516); 03787 03788 r_u->status = set_user_info_23(p->mem_ctx, 03789 ctr->info.id23, pwd); 03790 break; 03791 case 26: 03792 if (!p->session_key.length) { 03793 r_u->status = NT_STATUS_NO_USER_SESSION_KEY; 03794 } 03795 encode_or_decode_arc4_passwd_buffer(ctr->info.id26->pass, &p->session_key); 03796 03797 dump_data(100, (char *)ctr->info.id26->pass, 516); 03798 03799 if (!set_user_info_pw(ctr->info.id26->pass, pwd, 03800 switch_value)) 03801 r_u->status = NT_STATUS_ACCESS_DENIED; 03802 break; 03803 default: 03804 r_u->status = NT_STATUS_INVALID_INFO_CLASS; 03805 } 03806 03807 if ( has_enough_rights ) 03808 unbecome_root(); 03809 03810 /* ================ END SeMachineAccountPrivilege BLOCK ================ */ 03811 03812 if (NT_STATUS_IS_OK(r_u->status)) { 03813 force_flush_samr_cache(disp_info); 03814 } 03815 03816 return r_u->status; 03817 }
NTSTATUS _samr_query_useraliases | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_USERALIASES * | q_u, | |||
SAMR_R_QUERY_USERALIASES * | r_u | |||
) |
srv_samr_nt.c の 3823 行で定義されています。
参照先 access_check_samr_function()・become_root()・find_policy_by_hnd()・init_samr_r_query_useraliases()・pipes_struct::mem_ctx・q_samr_query_useraliases_info::num_sids1・pdb_enum_alias_memberships()・q_samr_query_useraliases_info::pol・DOM_SID2::sid・q_samr_query_useraliases_info::sid・sid_check_is_builtin()・sid_check_is_domain()・sid_copy()・r_samr_query_useraliases_info::status・unbecome_root().
参照元 api_samr_query_useraliases().
03824 { 03825 size_t num_alias_rids; 03826 uint32 *alias_rids; 03827 struct samr_info *info = NULL; 03828 size_t i; 03829 03830 NTSTATUS ntstatus1; 03831 NTSTATUS ntstatus2; 03832 03833 DOM_SID *members; 03834 03835 r_u->status = NT_STATUS_OK; 03836 03837 DEBUG(5,("_samr_query_useraliases: %d\n", __LINE__)); 03838 03839 /* find the policy handle. open a policy on it. */ 03840 if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) 03841 return NT_STATUS_INVALID_HANDLE; 03842 03843 ntstatus1 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM, "_samr_query_useraliases"); 03844 ntstatus2 = access_check_samr_function(info->acc_granted, SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_query_useraliases"); 03845 03846 if (!NT_STATUS_IS_OK(ntstatus1) || !NT_STATUS_IS_OK(ntstatus2)) { 03847 if (!(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus2)) && 03848 !(NT_STATUS_EQUAL(ntstatus1,NT_STATUS_ACCESS_DENIED) && NT_STATUS_IS_OK(ntstatus1))) { 03849 return (NT_STATUS_IS_OK(ntstatus1)) ? ntstatus2 : ntstatus1; 03850 } 03851 } 03852 03853 if (!sid_check_is_domain(&info->sid) && 03854 !sid_check_is_builtin(&info->sid)) 03855 return NT_STATUS_OBJECT_TYPE_MISMATCH; 03856 03857 if (q_u->num_sids1) { 03858 members = TALLOC_ARRAY(p->mem_ctx, DOM_SID, q_u->num_sids1); 03859 03860 if (members == NULL) 03861 return NT_STATUS_NO_MEMORY; 03862 } else { 03863 members = NULL; 03864 } 03865 03866 for (i=0; i<q_u->num_sids1; i++) 03867 sid_copy(&members[i], &q_u->sid[i].sid); 03868 03869 alias_rids = NULL; 03870 num_alias_rids = 0; 03871 03872 become_root(); 03873 ntstatus1 = pdb_enum_alias_memberships(p->mem_ctx, &info->sid, members, 03874 q_u->num_sids1, 03875 &alias_rids, &num_alias_rids); 03876 unbecome_root(); 03877 03878 if (!NT_STATUS_IS_OK(ntstatus1)) { 03879 return ntstatus1; 03880 } 03881 03882 init_samr_r_query_useraliases(r_u, num_alias_rids, alias_rids, 03883 NT_STATUS_OK); 03884 return NT_STATUS_OK; 03885 }
NTSTATUS _samr_query_aliasmem | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_ALIASMEM * | q_u, | |||
SAMR_R_QUERY_ALIASMEM * | r_u | |||
) |
srv_samr_nt.c の 3891 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・q_samr_query_aliasmem_info::alias_pol・become_root()・get_lsa_policy_samr_sid()・init_dom_sid2()・init_samr_r_query_aliasmem()・pipes_struct::mem_ctx・pdb_enum_aliasmem()・samr_info::sid・sid_string_static()・r_samr_query_aliasmem_info::status・status・unbecome_root().
参照元 api_samr_query_aliasmem().
03892 { 03893 NTSTATUS status; 03894 size_t i; 03895 size_t num_sids = 0; 03896 DOM_SID2 *sid; 03897 DOM_SID *sids=NULL; 03898 03899 DOM_SID alias_sid; 03900 03901 uint32 acc_granted; 03902 03903 /* find the policy handle. open a policy on it. */ 03904 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, NULL)) 03905 return NT_STATUS_INVALID_HANDLE; 03906 03907 if (!NT_STATUS_IS_OK(r_u->status = 03908 access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_GET_MEMBERS, "_samr_query_aliasmem"))) { 03909 return r_u->status; 03910 } 03911 03912 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid))); 03913 03914 become_root(); 03915 status = pdb_enum_aliasmem(&alias_sid, &sids, &num_sids); 03916 unbecome_root(); 03917 03918 if (!NT_STATUS_IS_OK(status)) { 03919 return status; 03920 } 03921 03922 if (num_sids) { 03923 sid = TALLOC_ZERO_ARRAY(p->mem_ctx, DOM_SID2, num_sids); 03924 if (sid == NULL) { 03925 SAFE_FREE(sids); 03926 return NT_STATUS_NO_MEMORY; 03927 } 03928 } else { 03929 sid = NULL; 03930 } 03931 03932 for (i = 0; i < num_sids; i++) { 03933 init_dom_sid2(&sid[i], &sids[i]); 03934 } 03935 03936 init_samr_r_query_aliasmem(r_u, num_sids, sid, NT_STATUS_OK); 03937 03938 TALLOC_FREE(sids); 03939 03940 return NT_STATUS_OK; 03941 }
NTSTATUS _samr_query_groupmem | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_GROUPMEM * | q_u, | |||
SAMR_R_QUERY_GROUPMEM * | r_u | |||
) |
srv_samr_nt.c の 3947 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・get_lsa_policy_samr_sid()・q_samr_query_groupmem_info::group_pol・init_samr_r_query_groupmem()・pipes_struct::mem_ctx・pdb_enum_group_members()・result・sid_check_is_in_our_domain()・SID_NAME_USER・sid_to_string()・r_samr_query_groupmem_info::status・unbecome_root().
参照元 api_samr_query_groupmem().
03948 { 03949 DOM_SID group_sid; 03950 fstring group_sid_str; 03951 size_t i, num_members; 03952 03953 uint32 *rid=NULL; 03954 uint32 *attr=NULL; 03955 03956 uint32 acc_granted; 03957 03958 NTSTATUS result; 03959 03960 /* find the policy handle. open a policy on it. */ 03961 if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, NULL)) 03962 return NT_STATUS_INVALID_HANDLE; 03963 03964 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_GET_MEMBERS, "_samr_query_groupmem"))) { 03965 return r_u->status; 03966 } 03967 03968 sid_to_string(group_sid_str, &group_sid); 03969 DEBUG(10, ("sid is %s\n", group_sid_str)); 03970 03971 if (!sid_check_is_in_our_domain(&group_sid)) { 03972 DEBUG(3, ("sid %s is not in our domain\n", group_sid_str)); 03973 return NT_STATUS_NO_SUCH_GROUP; 03974 } 03975 03976 DEBUG(10, ("lookup on Domain SID\n")); 03977 03978 become_root(); 03979 result = pdb_enum_group_members(p->mem_ctx, &group_sid, 03980 &rid, &num_members); 03981 unbecome_root(); 03982 03983 if (!NT_STATUS_IS_OK(result)) 03984 return result; 03985 03986 if (num_members) { 03987 attr=TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, num_members); 03988 if (attr == NULL) { 03989 return NT_STATUS_NO_MEMORY; 03990 } 03991 } else { 03992 attr = NULL; 03993 } 03994 03995 for (i=0; i<num_members; i++) 03996 attr[i] = SID_NAME_USER; 03997 03998 init_samr_r_query_groupmem(r_u, num_members, rid, attr, NT_STATUS_OK); 03999 04000 return NT_STATUS_OK; 04001 }
NTSTATUS _samr_add_aliasmem | ( | pipes_struct * | p, | |
SAMR_Q_ADD_ALIASMEM * | q_u, | |||
SAMR_R_ADD_ALIASMEM * | r_u | |||
) |
srv_samr_nt.c の 4007 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・q_samr_add_alias_mem_info::alias_pol・become_root()・samr_info::disp_info・force_flush_samr_cache()・get_lsa_policy_samr_sid()・current_user::nt_user_token・pdb_add_aliasmem()・pipes_struct::pipe_user・se_add_users・se_priv_copy()・DOM_SID2::sid・q_samr_add_alias_mem_info::sid・sid_string_static()・r_samr_add_alias_mem_info::status・unbecome_root()・user_has_privileges().
04008 { 04009 DOM_SID alias_sid; 04010 uint32 acc_granted; 04011 SE_PRIV se_rights; 04012 BOOL can_add_accounts; 04013 NTSTATUS ret; 04014 DISP_INFO *disp_info = NULL; 04015 04016 /* Find the policy handle. Open a policy on it. */ 04017 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) 04018 return NT_STATUS_INVALID_HANDLE; 04019 04020 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_ADD_MEMBER, "_samr_add_aliasmem"))) { 04021 return r_u->status; 04022 } 04023 04024 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid))); 04025 04026 se_priv_copy( &se_rights, &se_add_users ); 04027 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04028 04029 /******** BEGIN SeAddUsers BLOCK *********/ 04030 04031 if ( can_add_accounts ) 04032 become_root(); 04033 04034 ret = pdb_add_aliasmem(&alias_sid, &q_u->sid.sid); 04035 04036 if ( can_add_accounts ) 04037 unbecome_root(); 04038 04039 /******** END SeAddUsers BLOCK *********/ 04040 04041 if (NT_STATUS_IS_OK(ret)) { 04042 force_flush_samr_cache(disp_info); 04043 } 04044 04045 return ret; 04046 }
NTSTATUS _samr_del_aliasmem | ( | pipes_struct * | p, | |
SAMR_Q_DEL_ALIASMEM * | q_u, | |||
SAMR_R_DEL_ALIASMEM * | r_u | |||
) |
srv_samr_nt.c の 4052 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・q_samr_del_alias_mem_info::alias_pol・become_root()・samr_info::disp_info・force_flush_samr_cache()・get_lsa_policy_samr_sid()・current_user::nt_user_token・pdb_del_aliasmem()・pipes_struct::pipe_user・se_add_users・se_priv_copy()・DOM_SID2::sid・q_samr_del_alias_mem_info::sid・sid_string_static()・r_samr_del_alias_mem_info::status・unbecome_root()・user_has_privileges().
04053 { 04054 DOM_SID alias_sid; 04055 uint32 acc_granted; 04056 SE_PRIV se_rights; 04057 BOOL can_add_accounts; 04058 NTSTATUS ret; 04059 DISP_INFO *disp_info = NULL; 04060 04061 /* Find the policy handle. Open a policy on it. */ 04062 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) 04063 return NT_STATUS_INVALID_HANDLE; 04064 04065 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_REMOVE_MEMBER, "_samr_del_aliasmem"))) { 04066 return r_u->status; 04067 } 04068 04069 DEBUG(10, ("_samr_del_aliasmem:sid is %s\n", 04070 sid_string_static(&alias_sid))); 04071 04072 se_priv_copy( &se_rights, &se_add_users ); 04073 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04074 04075 /******** BEGIN SeAddUsers BLOCK *********/ 04076 04077 if ( can_add_accounts ) 04078 become_root(); 04079 04080 ret = pdb_del_aliasmem(&alias_sid, &q_u->sid.sid); 04081 04082 if ( can_add_accounts ) 04083 unbecome_root(); 04084 04085 /******** END SeAddUsers BLOCK *********/ 04086 04087 if (NT_STATUS_IS_OK(ret)) { 04088 force_flush_samr_cache(disp_info); 04089 } 04090 04091 return ret; 04092 }
NTSTATUS _samr_add_groupmem | ( | pipes_struct * | p, | |
SAMR_Q_ADD_GROUPMEM * | q_u, | |||
SAMR_R_ADD_GROUPMEM * | r_u | |||
) |
srv_samr_nt.c の 4098 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・samr_info::disp_info・force_flush_samr_cache()・get_global_sam_sid()・get_lsa_policy_samr_sid()・pipes_struct::mem_ctx・current_user::nt_user_token・pdb_add_groupmem()・pipes_struct::pipe_user・q_samr_add_group_mem_info::pol・q_samr_add_group_mem_info::rid・se_add_users・se_priv_copy()・sid_peek_check_rid()・sid_string_static()・r_samr_add_group_mem_info::status・unbecome_root()・user_has_privileges().
04099 { 04100 DOM_SID group_sid; 04101 uint32 group_rid; 04102 uint32 acc_granted; 04103 SE_PRIV se_rights; 04104 BOOL can_add_accounts; 04105 DISP_INFO *disp_info = NULL; 04106 04107 /* Find the policy handle. Open a policy on it. */ 04108 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) 04109 return NT_STATUS_INVALID_HANDLE; 04110 04111 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_ADD_MEMBER, "_samr_add_groupmem"))) { 04112 return r_u->status; 04113 } 04114 04115 DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid))); 04116 04117 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid, 04118 &group_rid)) { 04119 return NT_STATUS_INVALID_HANDLE; 04120 } 04121 04122 se_priv_copy( &se_rights, &se_add_users ); 04123 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04124 04125 /******** BEGIN SeAddUsers BLOCK *********/ 04126 04127 if ( can_add_accounts ) 04128 become_root(); 04129 04130 r_u->status = pdb_add_groupmem(p->mem_ctx, group_rid, q_u->rid); 04131 04132 if ( can_add_accounts ) 04133 unbecome_root(); 04134 04135 /******** END SeAddUsers BLOCK *********/ 04136 04137 force_flush_samr_cache(disp_info); 04138 04139 return r_u->status; 04140 }
NTSTATUS _samr_del_groupmem | ( | pipes_struct * | p, | |
SAMR_Q_DEL_GROUPMEM * | q_u, | |||
SAMR_R_DEL_GROUPMEM * | r_u | |||
) |
srv_samr_nt.c の 4146 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・samr_info::disp_info・force_flush_samr_cache()・get_global_sam_sid()・get_lsa_policy_samr_sid()・pipes_struct::mem_ctx・current_user::nt_user_token・pdb_del_groupmem()・pipes_struct::pipe_user・q_samr_del_group_mem_info::pol・q_samr_del_group_mem_info::rid・se_add_users・se_priv_copy()・sid_peek_check_rid()・r_samr_del_group_mem_info::status・unbecome_root()・user_has_privileges().
04147 { 04148 DOM_SID group_sid; 04149 uint32 group_rid; 04150 uint32 acc_granted; 04151 SE_PRIV se_rights; 04152 BOOL can_add_accounts; 04153 DISP_INFO *disp_info = NULL; 04154 04155 /* 04156 * delete the group member named q_u->rid 04157 * who is a member of the sid associated with the handle 04158 * the rid is a user's rid as the group is a domain group. 04159 */ 04160 04161 /* Find the policy handle. Open a policy on it. */ 04162 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) 04163 return NT_STATUS_INVALID_HANDLE; 04164 04165 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_REMOVE_MEMBER, "_samr_del_groupmem"))) { 04166 return r_u->status; 04167 } 04168 04169 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid, 04170 &group_rid)) { 04171 return NT_STATUS_INVALID_HANDLE; 04172 } 04173 04174 se_priv_copy( &se_rights, &se_add_users ); 04175 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04176 04177 /******** BEGIN SeAddUsers BLOCK *********/ 04178 04179 if ( can_add_accounts ) 04180 become_root(); 04181 04182 r_u->status = pdb_del_groupmem(p->mem_ctx, group_rid, q_u->rid); 04183 04184 if ( can_add_accounts ) 04185 unbecome_root(); 04186 04187 /******** END SeAddUsers BLOCK *********/ 04188 04189 force_flush_samr_cache(disp_info); 04190 04191 return r_u->status; 04192 }
NTSTATUS _samr_delete_dom_user | ( | pipes_struct * | p, | |
SAMR_Q_DELETE_DOM_USER * | q_u, | |||
SAMR_R_DELETE_DOM_USER * | r_u | |||
) |
srv_samr_nt.c の 4198 行で定義されています。
参照先 access_check_samr_function()・become_root()・close_policy_hnd()・force_flush_samr_cache()・get_lsa_policy_samr_sid()・pipes_struct::mem_ctx・nt_errstr()・current_user::nt_user_token・pdb_delete_user()・pdb_get_acct_ctrl()・pdb_get_username()・pdb_getsampwsid()・pipes_struct::pipe_user・samu_new()・se_add_users・se_machine_account・sid_check_is_in_our_domain()・sid_string_static()・r_samr_delete_dom_user_info::status・unbecome_root()・user_has_privileges()・q_samr_delete_dom_user_info::user_pol・samu::user_sid.
参照元 api_samr_delete_dom_user().
04199 { 04200 DOM_SID user_sid; 04201 struct samu *sam_pass=NULL; 04202 uint32 acc_granted; 04203 BOOL can_add_accounts; 04204 uint32 acb_info; 04205 DISP_INFO *disp_info = NULL; 04206 BOOL ret; 04207 04208 DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__)); 04209 04210 /* Find the policy handle. Open a policy on it. */ 04211 if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid, &acc_granted, &disp_info)) 04212 return NT_STATUS_INVALID_HANDLE; 04213 04214 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_user"))) { 04215 return r_u->status; 04216 } 04217 04218 if (!sid_check_is_in_our_domain(&user_sid)) 04219 return NT_STATUS_CANNOT_DELETE; 04220 04221 /* check if the user exists before trying to delete */ 04222 if ( !(sam_pass = samu_new( NULL )) ) { 04223 return NT_STATUS_NO_MEMORY; 04224 } 04225 04226 become_root(); 04227 ret = pdb_getsampwsid(sam_pass, &user_sid); 04228 unbecome_root(); 04229 04230 if( !ret ) { 04231 DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n", 04232 sid_string_static(&user_sid))); 04233 TALLOC_FREE(sam_pass); 04234 return NT_STATUS_NO_SUCH_USER; 04235 } 04236 04237 acb_info = pdb_get_acct_ctrl(sam_pass); 04238 04239 /* For machine accounts it's the SeMachineAccountPrivilege that counts. */ 04240 if ( acb_info & ACB_WSTRUST ) { 04241 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_machine_account ); 04242 } else { 04243 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); 04244 } 04245 04246 /******** BEGIN SeAddUsers BLOCK *********/ 04247 04248 if ( can_add_accounts ) 04249 become_root(); 04250 04251 r_u->status = pdb_delete_user(p->mem_ctx, sam_pass); 04252 04253 if ( can_add_accounts ) 04254 unbecome_root(); 04255 04256 /******** END SeAddUsers BLOCK *********/ 04257 04258 if ( !NT_STATUS_IS_OK(r_u->status) ) { 04259 DEBUG(5,("_samr_delete_dom_user: Failed to delete entry for " 04260 "user %s: %s.\n", pdb_get_username(sam_pass), 04261 nt_errstr(r_u->status))); 04262 TALLOC_FREE(sam_pass); 04263 return r_u->status; 04264 } 04265 04266 04267 TALLOC_FREE(sam_pass); 04268 04269 if (!close_policy_hnd(p, &q_u->user_pol)) 04270 return NT_STATUS_OBJECT_NAME_INVALID; 04271 04272 force_flush_samr_cache(disp_info); 04273 04274 return NT_STATUS_OK; 04275 }
NTSTATUS _samr_delete_dom_group | ( | pipes_struct * | p, | |
SAMR_Q_DELETE_DOM_GROUP * | q_u, | |||
SAMR_R_DELETE_DOM_GROUP * | r_u | |||
) |
srv_samr_nt.c の 4281 行で定義されています。
参照先 access_check_samr_function()・become_root()・close_policy_hnd()・force_flush_samr_cache()・get_global_sam_sid()・get_lsa_policy_samr_sid()・q_samr_delete_dom_group_info::group_pol・samu::group_sid・pipes_struct::mem_ctx・nt_errstr()・current_user::nt_user_token・pdb_delete_dom_group()・pipes_struct::pipe_user・se_add_users・se_priv_copy()・sid_peek_check_rid()・sid_string_static()・r_samr_delete_dom_group_info::status・unbecome_root()・user_has_privileges().
参照元 api_samr_delete_dom_group().
04282 { 04283 DOM_SID group_sid; 04284 uint32 group_rid; 04285 uint32 acc_granted; 04286 SE_PRIV se_rights; 04287 BOOL can_add_accounts; 04288 DISP_INFO *disp_info = NULL; 04289 04290 DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__)); 04291 04292 /* Find the policy handle. Open a policy on it. */ 04293 if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted, &disp_info)) 04294 return NT_STATUS_INVALID_HANDLE; 04295 04296 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_group"))) { 04297 return r_u->status; 04298 } 04299 04300 DEBUG(10, ("sid is %s\n", sid_string_static(&group_sid))); 04301 04302 if (!sid_peek_check_rid(get_global_sam_sid(), &group_sid, 04303 &group_rid)) { 04304 return NT_STATUS_NO_SUCH_GROUP; 04305 } 04306 04307 se_priv_copy( &se_rights, &se_add_users ); 04308 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04309 04310 /******** BEGIN SeAddUsers BLOCK *********/ 04311 04312 if ( can_add_accounts ) 04313 become_root(); 04314 04315 r_u->status = pdb_delete_dom_group(p->mem_ctx, group_rid); 04316 04317 if ( can_add_accounts ) 04318 unbecome_root(); 04319 04320 /******** END SeAddUsers BLOCK *********/ 04321 04322 if ( !NT_STATUS_IS_OK(r_u->status) ) { 04323 DEBUG(5,("_samr_delete_dom_group: Failed to delete mapping " 04324 "entry for group %s: %s\n", 04325 sid_string_static(&group_sid), 04326 nt_errstr(r_u->status))); 04327 return r_u->status; 04328 } 04329 04330 if (!close_policy_hnd(p, &q_u->group_pol)) 04331 return NT_STATUS_OBJECT_NAME_INVALID; 04332 04333 force_flush_samr_cache(disp_info); 04334 04335 return NT_STATUS_OK; 04336 }
NTSTATUS _samr_delete_dom_alias | ( | pipes_struct * | p, | |
SAMR_Q_DELETE_DOM_ALIAS * | q_u, | |||
SAMR_R_DELETE_DOM_ALIAS * | r_u | |||
) |
srv_samr_nt.c の 4342 行で定義されています。
参照先 access_check_samr_function()・q_samr_delete_dom_alias_info::alias_pol・become_root()・close_policy_hnd()・force_flush_samr_cache()・get_lsa_policy_samr_sid()・current_user::nt_user_token・pdb_delete_alias()・pipes_struct::pipe_user・r_samr_delete_dom_alias_info::pol・se_add_users・se_priv_copy()・sid_check_is_in_builtin()・sid_check_is_in_our_domain()・sid_string_static()・r_samr_delete_dom_alias_info::status・unbecome_root()・user_has_privileges().
参照元 api_samr_delete_dom_alias().
04343 { 04344 DOM_SID alias_sid; 04345 uint32 acc_granted; 04346 SE_PRIV se_rights; 04347 BOOL can_add_accounts; 04348 BOOL ret; 04349 DISP_INFO *disp_info = NULL; 04350 04351 DEBUG(5, ("_samr_delete_dom_alias: %d\n", __LINE__)); 04352 04353 /* Find the policy handle. Open a policy on it. */ 04354 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted, &disp_info)) 04355 return NT_STATUS_INVALID_HANDLE; 04356 04357 /* copy the handle to the outgoing reply */ 04358 04359 memcpy( &r_u->pol, &q_u->alias_pol, sizeof(r_u->pol) ); 04360 04361 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, "_samr_delete_dom_alias"))) { 04362 return r_u->status; 04363 } 04364 04365 DEBUG(10, ("sid is %s\n", sid_string_static(&alias_sid))); 04366 04367 /* Don't let Windows delete builtin groups */ 04368 04369 if ( sid_check_is_in_builtin( &alias_sid ) ) { 04370 return NT_STATUS_SPECIAL_ACCOUNT; 04371 } 04372 04373 if (!sid_check_is_in_our_domain(&alias_sid)) 04374 return NT_STATUS_NO_SUCH_ALIAS; 04375 04376 DEBUG(10, ("lookup on Local SID\n")); 04377 04378 se_priv_copy( &se_rights, &se_add_users ); 04379 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04380 04381 /******** BEGIN SeAddUsers BLOCK *********/ 04382 04383 if ( can_add_accounts ) 04384 become_root(); 04385 04386 /* Have passdb delete the alias */ 04387 ret = pdb_delete_alias(&alias_sid); 04388 04389 if ( can_add_accounts ) 04390 unbecome_root(); 04391 04392 /******** END SeAddUsers BLOCK *********/ 04393 04394 if ( !ret ) 04395 return NT_STATUS_ACCESS_DENIED; 04396 04397 if (!close_policy_hnd(p, &q_u->alias_pol)) 04398 return NT_STATUS_OBJECT_NAME_INVALID; 04399 04400 force_flush_samr_cache(disp_info); 04401 04402 return NT_STATUS_OK; 04403 }
NTSTATUS _samr_create_dom_group | ( | pipes_struct * | p, | |
SAMR_Q_CREATE_DOM_GROUP * | q_u, | |||
SAMR_R_CREATE_DOM_GROUP * | r_u | |||
) |
srv_samr_nt.c の 4409 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・can_create()・create_policy_hnd()・samr_info::disp_info・force_flush_samr_cache()・free_samr_info()・get_global_sam_sid()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・pipes_struct::mem_ctx・name・current_user::nt_user_token・pdb_create_dom_group()・pipes_struct::pipe_user・r_samr_create_dom_group_info::pol・q_samr_create_dom_group_info::pol・r_samr_create_dom_group_info::rid・rpcstr_pull_unistr2_talloc()・se_add_users・se_priv_copy()・sid_compose()・sid_equal()・r_samr_create_dom_group_info::status・unbecome_root()・q_samr_create_dom_group_info::uni_acct_desc・user_has_privileges().
参照元 api_samr_create_dom_group().
04410 { 04411 DOM_SID dom_sid; 04412 DOM_SID info_sid; 04413 const char *name; 04414 struct samr_info *info; 04415 uint32 acc_granted; 04416 SE_PRIV se_rights; 04417 BOOL can_add_accounts; 04418 DISP_INFO *disp_info = NULL; 04419 04420 /* Find the policy handle. Open a policy on it. */ 04421 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid, &acc_granted, &disp_info)) 04422 return NT_STATUS_INVALID_HANDLE; 04423 04424 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_GROUP, "_samr_create_dom_group"))) { 04425 return r_u->status; 04426 } 04427 04428 if (!sid_equal(&dom_sid, get_global_sam_sid())) 04429 return NT_STATUS_ACCESS_DENIED; 04430 04431 name = rpcstr_pull_unistr2_talloc(p->mem_ctx, &q_u->uni_acct_desc); 04432 if (name == NULL) { 04433 return NT_STATUS_NO_MEMORY; 04434 } 04435 04436 r_u->status = can_create(p->mem_ctx, name); 04437 if (!NT_STATUS_IS_OK(r_u->status)) { 04438 return r_u->status; 04439 } 04440 04441 se_priv_copy( &se_rights, &se_add_users ); 04442 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04443 04444 /******** BEGIN SeAddUsers BLOCK *********/ 04445 04446 if ( can_add_accounts ) 04447 become_root(); 04448 04449 /* check that we successfully create the UNIX group */ 04450 04451 r_u->status = pdb_create_dom_group(p->mem_ctx, name, &r_u->rid); 04452 04453 if ( can_add_accounts ) 04454 unbecome_root(); 04455 04456 /******** END SeAddUsers BLOCK *********/ 04457 04458 /* check if we should bail out here */ 04459 04460 if ( !NT_STATUS_IS_OK(r_u->status) ) 04461 return r_u->status; 04462 04463 sid_compose(&info_sid, get_global_sam_sid(), r_u->rid); 04464 04465 if ((info = get_samr_info_by_sid(&info_sid)) == NULL) 04466 return NT_STATUS_NO_MEMORY; 04467 04468 /* they created it; let the user do what he wants with it */ 04469 04470 info->acc_granted = GENERIC_RIGHTS_GROUP_ALL_ACCESS; 04471 04472 /* get a (unique) handle. open a policy on it. */ 04473 if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) 04474 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 04475 04476 force_flush_samr_cache(disp_info); 04477 04478 return NT_STATUS_OK; 04479 }
NTSTATUS _samr_create_dom_alias | ( | pipes_struct * | p, | |
SAMR_Q_CREATE_DOM_ALIAS * | q_u, | |||
SAMR_R_CREATE_DOM_ALIAS * | r_u | |||
) |
srv_samr_nt.c の 4485 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・r_samr_create_dom_alias_info::alias_pol・become_root()・can_create()・create_policy_hnd()・samr_info::disp_info・q_samr_create_dom_alias_info::dom_pol・force_flush_samr_cache()・free_samr_info()・get_global_sam_sid()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・pipes_struct::mem_ctx・name・nt_errstr()・current_user::nt_user_token・pdb_create_alias()・pipes_struct::pipe_user・result・r_samr_create_dom_alias_info::rid・se_add_users・se_priv_copy()・sid_append_rid()・sid_copy()・sid_equal()・sid_to_gid()・r_samr_create_dom_alias_info::status・unbecome_root()・q_samr_create_dom_alias_info::uni_acct_desc・unistr2_to_ascii()・user_has_privileges().
参照元 api_samr_create_dom_alias().
04486 { 04487 DOM_SID dom_sid; 04488 DOM_SID info_sid; 04489 fstring name; 04490 struct samr_info *info; 04491 uint32 acc_granted; 04492 gid_t gid; 04493 NTSTATUS result; 04494 SE_PRIV se_rights; 04495 BOOL can_add_accounts; 04496 DISP_INFO *disp_info = NULL; 04497 04498 /* Find the policy handle. Open a policy on it. */ 04499 if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid, &acc_granted, &disp_info)) 04500 return NT_STATUS_INVALID_HANDLE; 04501 04502 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_DOMAIN_CREATE_ALIAS, "_samr_create_alias"))) { 04503 return r_u->status; 04504 } 04505 04506 if (!sid_equal(&dom_sid, get_global_sam_sid())) 04507 return NT_STATUS_ACCESS_DENIED; 04508 04509 unistr2_to_ascii(name, &q_u->uni_acct_desc, sizeof(name)-1); 04510 04511 se_priv_copy( &se_rights, &se_add_users ); 04512 can_add_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_rights ); 04513 04514 result = can_create(p->mem_ctx, name); 04515 if (!NT_STATUS_IS_OK(result)) { 04516 return result; 04517 } 04518 04519 /******** BEGIN SeAddUsers BLOCK *********/ 04520 04521 if ( can_add_accounts ) 04522 become_root(); 04523 04524 /* Have passdb create the alias */ 04525 result = pdb_create_alias(name, &r_u->rid); 04526 04527 if ( can_add_accounts ) 04528 unbecome_root(); 04529 04530 /******** END SeAddUsers BLOCK *********/ 04531 04532 if (!NT_STATUS_IS_OK(result)) { 04533 DEBUG(10, ("pdb_create_alias failed: %s\n", 04534 nt_errstr(result))); 04535 return result; 04536 } 04537 04538 sid_copy(&info_sid, get_global_sam_sid()); 04539 sid_append_rid(&info_sid, r_u->rid); 04540 04541 if (!sid_to_gid(&info_sid, &gid)) { 04542 DEBUG(10, ("Could not find alias just created\n")); 04543 return NT_STATUS_ACCESS_DENIED; 04544 } 04545 04546 /* check if the group has been successfully created */ 04547 if ( getgrgid(gid) == NULL ) { 04548 DEBUG(10, ("getgrgid(%d) of just created alias failed\n", 04549 gid)); 04550 return NT_STATUS_ACCESS_DENIED; 04551 } 04552 04553 if ((info = get_samr_info_by_sid(&info_sid)) == NULL) 04554 return NT_STATUS_NO_MEMORY; 04555 04556 /* they created it; let the user do what he wants with it */ 04557 04558 info->acc_granted = GENERIC_RIGHTS_ALIAS_ALL_ACCESS; 04559 04560 /* get a (unique) handle. open a policy on it. */ 04561 if (!create_policy_hnd(p, &r_u->alias_pol, free_samr_info, (void *)info)) 04562 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 04563 04564 force_flush_samr_cache(disp_info); 04565 04566 return NT_STATUS_OK; 04567 }
NTSTATUS _samr_query_groupinfo | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_GROUPINFO * | q_u, | |||
SAMR_R_QUERY_GROUPINFO * | r_u | |||
) |
srv_samr_nt.c の 4576 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・_GROUP_MAP::comment・get_domain_group_from_sid()・get_lsa_policy_samr_sid()・group_info_ctr::group・group_info_ctr::info1・group_info_ctr::info2・group_info_ctr::info3・group_info_ctr::info4・group_info_ctr::info5・init_samr_group_info1()・init_samr_group_info2()・init_samr_group_info3()・init_samr_group_info4()・init_samr_group_info5()・init_samr_r_query_groupinfo()・pipes_struct::mem_ctx・_GROUP_MAP::nt_name・pdb_enum_group_members()・q_samr_query_group_info::pol・r_samr_query_groupinfo_info::status・q_samr_query_group_info::switch_level・group_info_ctr::switch_value1・unbecome_root().
参照元 api_samr_query_groupinfo().
04577 { 04578 DOM_SID group_sid; 04579 GROUP_MAP map; 04580 GROUP_INFO_CTR *ctr; 04581 uint32 acc_granted; 04582 BOOL ret; 04583 04584 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, NULL)) 04585 return NT_STATUS_INVALID_HANDLE; 04586 04587 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_LOOKUP_INFO, "_samr_query_groupinfo"))) { 04588 return r_u->status; 04589 } 04590 04591 become_root(); 04592 ret = get_domain_group_from_sid(group_sid, &map); 04593 unbecome_root(); 04594 if (!ret) 04595 return NT_STATUS_INVALID_HANDLE; 04596 04597 ctr=TALLOC_ZERO_P(p->mem_ctx, GROUP_INFO_CTR); 04598 if (ctr==NULL) 04599 return NT_STATUS_NO_MEMORY; 04600 04601 switch (q_u->switch_level) { 04602 case 1: { 04603 uint32 *members; 04604 size_t num_members; 04605 04606 ctr->switch_value1 = 1; 04607 04608 become_root(); 04609 r_u->status = pdb_enum_group_members( 04610 p->mem_ctx, &group_sid, &members, &num_members); 04611 unbecome_root(); 04612 04613 if (!NT_STATUS_IS_OK(r_u->status)) { 04614 return r_u->status; 04615 } 04616 04617 init_samr_group_info1(&ctr->group.info1, map.nt_name, 04618 map.comment, num_members); 04619 break; 04620 } 04621 case 2: 04622 ctr->switch_value1 = 2; 04623 init_samr_group_info2(&ctr->group.info2, map.nt_name); 04624 break; 04625 case 3: 04626 ctr->switch_value1 = 3; 04627 init_samr_group_info3(&ctr->group.info3); 04628 break; 04629 case 4: 04630 ctr->switch_value1 = 4; 04631 init_samr_group_info4(&ctr->group.info4, map.comment); 04632 break; 04633 case 5: { 04634 /* 04635 uint32 *members; 04636 size_t num_members; 04637 */ 04638 04639 ctr->switch_value1 = 5; 04640 04641 /* 04642 become_root(); 04643 r_u->status = pdb_enum_group_members( 04644 p->mem_ctx, &group_sid, &members, &num_members); 04645 unbecome_root(); 04646 04647 if (!NT_STATUS_IS_OK(r_u->status)) { 04648 return r_u->status; 04649 } 04650 */ 04651 init_samr_group_info5(&ctr->group.info5, map.nt_name, 04652 map.comment, 0 /* num_members */); /* in w2k3 this is always 0 */ 04653 break; 04654 } 04655 default: 04656 return NT_STATUS_INVALID_INFO_CLASS; 04657 } 04658 04659 init_samr_r_query_groupinfo(r_u, ctr, NT_STATUS_OK); 04660 04661 return NT_STATUS_OK; 04662 }
NTSTATUS _samr_set_groupinfo | ( | pipes_struct * | p, | |
SAMR_Q_SET_GROUPINFO * | q_u, | |||
SAMR_R_SET_GROUPINFO * | r_u | |||
) |
srv_samr_nt.c の 4670 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・become_root()・_GROUP_MAP::comment・q_samr_set_group_info::ctr・samr_info::disp_info・force_flush_samr_cache()・get_domain_group_from_sid()・get_lsa_policy_samr_sid()・group_info_ctr::group・group_info_ctr::info1・group_info_ctr::info4・current_user::nt_user_token・pdb_update_group_mapping_entry()・pipes_struct::pipe_user・q_samr_set_group_info::pol・result・se_add_users・r_samr_set_group_info::status・group_info_ctr::switch_value1・unbecome_root()・samr_group_info4::uni_acct_desc・samr_group_info1::uni_acct_desc・unistr2_to_ascii()・user_has_privileges().
04671 { 04672 DOM_SID group_sid; 04673 GROUP_MAP map; 04674 GROUP_INFO_CTR *ctr; 04675 uint32 acc_granted; 04676 NTSTATUS ret; 04677 BOOL result; 04678 BOOL can_mod_accounts; 04679 DISP_INFO *disp_info = NULL; 04680 04681 if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted, &disp_info)) 04682 return NT_STATUS_INVALID_HANDLE; 04683 04684 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_GROUP_SET_INFO, "_samr_set_groupinfo"))) { 04685 return r_u->status; 04686 } 04687 04688 become_root(); 04689 result = get_domain_group_from_sid(group_sid, &map); 04690 unbecome_root(); 04691 if (!result) 04692 return NT_STATUS_NO_SUCH_GROUP; 04693 04694 ctr=q_u->ctr; 04695 04696 switch (ctr->switch_value1) { 04697 case 1: 04698 unistr2_to_ascii(map.comment, &(ctr->group.info1.uni_acct_desc), sizeof(map.comment)-1); 04699 break; 04700 case 4: 04701 unistr2_to_ascii(map.comment, &(ctr->group.info4.uni_acct_desc), sizeof(map.comment)-1); 04702 break; 04703 default: 04704 return NT_STATUS_INVALID_INFO_CLASS; 04705 } 04706 04707 can_mod_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); 04708 04709 /******** BEGIN SeAddUsers BLOCK *********/ 04710 04711 if ( can_mod_accounts ) 04712 become_root(); 04713 04714 ret = pdb_update_group_mapping_entry(&map); 04715 04716 if ( can_mod_accounts ) 04717 unbecome_root(); 04718 04719 /******** End SeAddUsers BLOCK *********/ 04720 04721 if (NT_STATUS_IS_OK(ret)) { 04722 force_flush_samr_cache(disp_info); 04723 } 04724 04725 return ret; 04726 }
NTSTATUS _samr_set_aliasinfo | ( | pipes_struct * | p, | |
SAMR_Q_SET_ALIASINFO * | q_u, | |||
SAMR_R_SET_ALIASINFO * | r_u | |||
) |
srv_samr_nt.c の 4734 行で定義されています。
参照先 access_check_samr_function()・acct_info::acct_desc・acct_info::acct_name・SAMR_Q_SET_ALIASINFO::alias_pol・become_root()・can_create()・SAMR_Q_SET_ALIASINFO::ctr・force_flush_samr_cache()・fstr_sprintf()・get_lsa_policy_samr_sid()・global_myname・pipes_struct::mem_ctx・current_user::nt_user_token・pdb_get_aliasinfo()・pdb_set_aliasinfo()・pipes_struct::pipe_user・se_add_users・sid_check_is_in_builtin()・status・SAMR_R_SET_ALIASINFO::status・strequal()・unbecome_root()・unistr2_to_ascii()・user_has_privileges().
04735 { 04736 DOM_SID group_sid; 04737 struct acct_info info; 04738 ALIAS_INFO_CTR *ctr; 04739 uint32 acc_granted; 04740 BOOL ret; 04741 BOOL can_mod_accounts; 04742 DISP_INFO *disp_info = NULL; 04743 04744 if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &group_sid, &acc_granted, &disp_info)) 04745 return NT_STATUS_INVALID_HANDLE; 04746 04747 if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_ALIAS_SET_INFO, "_samr_set_aliasinfo"))) { 04748 return r_u->status; 04749 } 04750 04751 ctr=&q_u->ctr; 04752 04753 /* get the current group information */ 04754 04755 become_root(); 04756 ret = pdb_get_aliasinfo( &group_sid, &info ); 04757 unbecome_root(); 04758 04759 if ( !ret ) { 04760 return NT_STATUS_NO_SUCH_ALIAS; 04761 } 04762 04763 switch (ctr->level) { 04764 case 2: 04765 { 04766 fstring group_name, acct_name; 04767 NTSTATUS status; 04768 04769 /* We currently do not support renaming groups in the 04770 the BUILTIN domain. Refer to util_builtin.c to understand 04771 why. The eventually needs to be fixed to be like Windows 04772 where you can rename builtin groups, just not delete them */ 04773 04774 if ( sid_check_is_in_builtin( &group_sid ) ) { 04775 return NT_STATUS_SPECIAL_ACCOUNT; 04776 } 04777 04778 /* There has to be a valid name (and it has to be different) */ 04779 04780 if ( !ctr->alias.info2.name.string ) 04781 return NT_STATUS_INVALID_PARAMETER; 04782 04783 unistr2_to_ascii( acct_name, ctr->alias.info2.name.string, 04784 sizeof(acct_name)-1 ); 04785 04786 /* If the name is the same just reply "ok". Yes this 04787 doesn't allow you to change the case of a group name. */ 04788 04789 if ( strequal( acct_name, info.acct_name ) ) 04790 return NT_STATUS_OK; 04791 04792 fstrcpy( info.acct_name, acct_name ); 04793 04794 /* make sure the name doesn't already exist as a user 04795 or local group */ 04796 04797 fstr_sprintf( group_name, "%s\\%s", global_myname(), info.acct_name ); 04798 status = can_create( p->mem_ctx, group_name ); 04799 if ( !NT_STATUS_IS_OK( status ) ) 04800 return status; 04801 break; 04802 } 04803 case 3: 04804 if ( ctr->alias.info3.description.string ) { 04805 unistr2_to_ascii( info.acct_desc, 04806 ctr->alias.info3.description.string, 04807 sizeof(info.acct_desc)-1 ); 04808 } 04809 else 04810 fstrcpy( info.acct_desc, "" ); 04811 break; 04812 default: 04813 return NT_STATUS_INVALID_INFO_CLASS; 04814 } 04815 04816 can_mod_accounts = user_has_privileges( p->pipe_user.nt_user_token, &se_add_users ); 04817 04818 /******** BEGIN SeAddUsers BLOCK *********/ 04819 04820 if ( can_mod_accounts ) 04821 become_root(); 04822 04823 ret = pdb_set_aliasinfo( &group_sid, &info ); 04824 04825 if ( can_mod_accounts ) 04826 unbecome_root(); 04827 04828 /******** End SeAddUsers BLOCK *********/ 04829 04830 if (ret) { 04831 force_flush_samr_cache(disp_info); 04832 } 04833 04834 return ret ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED; 04835 }
NTSTATUS _samr_get_dom_pwinfo | ( | pipes_struct * | p, | |
SAMR_Q_GET_DOM_PWINFO * | q_u, | |||
SAMR_R_GET_DOM_PWINFO * | r_u | |||
) |
srv_samr_nt.c の 4841 行で定義されています。
参照先 pipe_access_check()・r_samr_get_dom_pwinfo::status.
参照元 api_samr_get_dom_pwinfo().
04842 { 04843 /* Perform access check. Since this rpc does not require a 04844 policy handle it will not be caught by the access checks on 04845 SAMR_CONNECT or SAMR_CONNECT_ANON. */ 04846 04847 if (!pipe_access_check(p)) { 04848 DEBUG(3, ("access denied to samr_get_dom_pwinfo\n")); 04849 r_u->status = NT_STATUS_ACCESS_DENIED; 04850 return r_u->status; 04851 } 04852 04853 /* Actually, returning zeros here works quite well :-). */ 04854 04855 return NT_STATUS_OK; 04856 }
NTSTATUS _samr_open_group | ( | pipes_struct * | p, | |
SAMR_Q_OPEN_GROUP * | q_u, | |||
SAMR_R_OPEN_GROUP * | r_u | |||
) |
srv_samr_nt.c の 4862 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・access_check_samr_object()・q_samr_open_group_info::access_mask・become_root()・create_policy_hnd()・q_samr_open_group_info::domain_pol・free_samr_info()・get_domain_group_from_sid()・get_global_sam_sid()・get_lsa_policy_samr_sid()・get_samr_info_by_sid()・grp_generic_mapping・make_samr_object_sd()・pipes_struct::mem_ctx・current_user::nt_user_token・pipes_struct::pipe_user・r_samr_open_group_info::pol・q_samr_open_group_info::rid_group・se_add_users・se_map_generic()・se_priv_copy()・samr_info::sid・sid_append_rid()・sid_copy()・sid_equal()・sid_to_string()・status・unbecome_root().
04863 { 04864 DOM_SID sid; 04865 DOM_SID info_sid; 04866 GROUP_MAP map; 04867 struct samr_info *info; 04868 SEC_DESC *psd = NULL; 04869 uint32 acc_granted; 04870 uint32 des_access = q_u->access_mask; 04871 size_t sd_size; 04872 NTSTATUS status; 04873 fstring sid_string; 04874 BOOL ret; 04875 SE_PRIV se_rights; 04876 04877 if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted, NULL)) 04878 return NT_STATUS_INVALID_HANDLE; 04879 04880 status = access_check_samr_function(acc_granted, 04881 SA_RIGHT_DOMAIN_OPEN_ACCOUNT, "_samr_open_group"); 04882 04883 if ( !NT_STATUS_IS_OK(status) ) 04884 return status; 04885 04886 /*check if access can be granted as requested by client. */ 04887 make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &grp_generic_mapping, NULL, 0); 04888 se_map_generic(&des_access,&grp_generic_mapping); 04889 04890 se_priv_copy( &se_rights, &se_add_users ); 04891 04892 status = access_check_samr_object(psd, p->pipe_user.nt_user_token, 04893 &se_rights, GENERIC_RIGHTS_GROUP_WRITE, des_access, 04894 &acc_granted, "_samr_open_group"); 04895 04896 if ( !NT_STATUS_IS_OK(status) ) 04897 return status; 04898 04899 /* this should not be hard-coded like this */ 04900 04901 if (!sid_equal(&sid, get_global_sam_sid())) 04902 return NT_STATUS_ACCESS_DENIED; 04903 04904 sid_copy(&info_sid, get_global_sam_sid()); 04905 sid_append_rid(&info_sid, q_u->rid_group); 04906 sid_to_string(sid_string, &info_sid); 04907 04908 if ((info = get_samr_info_by_sid(&info_sid)) == NULL) 04909 return NT_STATUS_NO_MEMORY; 04910 04911 info->acc_granted = acc_granted; 04912 04913 DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string)); 04914 04915 /* check if that group really exists */ 04916 become_root(); 04917 ret = get_domain_group_from_sid(info->sid, &map); 04918 unbecome_root(); 04919 if (!ret) 04920 return NT_STATUS_NO_SUCH_GROUP; 04921 04922 /* get a (unique) handle. open a policy on it. */ 04923 if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info)) 04924 return NT_STATUS_OBJECT_NAME_NOT_FOUND; 04925 04926 return NT_STATUS_OK; 04927 }
NTSTATUS _samr_remove_sid_foreign_domain | ( | pipes_struct * | p, | |
SAMR_Q_REMOVE_SID_FOREIGN_DOMAIN * | q_u, | |||
SAMR_R_REMOVE_SID_FOREIGN_DOMAIN * | r_u | |||
) |
srv_samr_nt.c の 4933 行で定義されています。
参照先 samr_info::acc_granted・access_check_samr_function()・samr_info::disp_info・q_samr_remove_sid_foreign_domain_info::dom_pol・domain_sid・force_flush_samr_cache()・get_global_sam_sid()・get_lsa_policy_samr_sid()・result・DOM_SID2::sid・q_samr_remove_sid_foreign_domain_info::sid・sid_check_is_builtin()・sid_copy()・sid_string_static().
参照元 api_samr_remove_sid_foreign_domain().
04936 { 04937 DOM_SID delete_sid, domain_sid; 04938 uint32 acc_granted; 04939 NTSTATUS result; 04940 DISP_INFO *disp_info = NULL; 04941 04942 sid_copy( &delete_sid, &q_u->sid.sid ); 04943 04944 DEBUG(5,("_samr_remove_sid_foreign_domain: removing SID [%s]\n", 04945 sid_string_static(&delete_sid))); 04946 04947 /* Find the policy handle. Open a policy on it. */ 04948 04949 if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &domain_sid, 04950 &acc_granted, &disp_info)) 04951 return NT_STATUS_INVALID_HANDLE; 04952 04953 result = access_check_samr_function(acc_granted, STD_RIGHT_DELETE_ACCESS, 04954 "_samr_remove_sid_foreign_domain"); 04955 04956 if (!NT_STATUS_IS_OK(result)) 04957 return result; 04958 04959 DEBUG(8, ("_samr_remove_sid_foreign_domain:sid is %s\n", 04960 sid_string_static(&domain_sid))); 04961 04962 /* we can only delete a user from a group since we don't have 04963 nested groups anyways. So in the latter case, just say OK */ 04964 04965 /* TODO: The above comment nowadays is bogus. Since we have nested 04966 * groups now, and aliases members are never reported out of the unix 04967 * group membership, the "just say OK" makes this call a no-op. For 04968 * us. This needs fixing however. */ 04969 04970 /* I've only ever seen this in the wild when deleting a user from 04971 * usrmgr.exe. domain_sid is the builtin domain, and the sid to delete 04972 * is the user about to be deleted. I very much suspect this is the 04973 * only application of this call. To verify this, let people report 04974 * other cases. */ 04975 04976 if (!sid_check_is_builtin(&domain_sid)) { 04977 DEBUG(1,("_samr_remove_sid_foreign_domain: domain_sid = %s, " 04978 "global_sam_sid() = %s\n", 04979 sid_string_static(&domain_sid), 04980 sid_string_static(get_global_sam_sid()))); 04981 DEBUGADD(1,("please report to samba-technical@samba.org!\n")); 04982 return NT_STATUS_OK; 04983 } 04984 04985 force_flush_samr_cache(disp_info); 04986 04987 result = NT_STATUS_OK; 04988 04989 return result; 04990 }
NTSTATUS _samr_query_domain_info2 | ( | pipes_struct * | p, | |
SAMR_Q_QUERY_DOMAIN_INFO2 * | q_u, | |||
SAMR_R_QUERY_DOMAIN_INFO2 * | r_u | |||
) |
srv_samr_nt.c の 4996 行で定義されています。
参照先 _samr_query_domain_info()・r_samr_query_domain_info::ctr・r_samr_query_domain_info2::ctr・q_samr_query_domain_info2::domain_pol・q_samr_query_domain_info::domain_pol・r_samr_query_domain_info::ptr_0・r_samr_query_domain_info2::ptr_0・r_samr_query_domain_info2::status・r_samr_query_domain_info::switch_value・r_samr_query_domain_info2::switch_value・q_samr_query_domain_info2::switch_value・q_samr_query_domain_info::switch_value.
参照元 api_samr_query_domain_info2().
04999 { 05000 SAMR_Q_QUERY_DOMAIN_INFO q; 05001 SAMR_R_QUERY_DOMAIN_INFO r; 05002 05003 ZERO_STRUCT(q); 05004 ZERO_STRUCT(r); 05005 05006 DEBUG(5,("_samr_query_domain_info2: %d\n", __LINE__)); 05007 05008 q.domain_pol = q_u->domain_pol; 05009 q.switch_value = q_u->switch_value; 05010 05011 r_u->status = _samr_query_domain_info(p, &q, &r); 05012 05013 r_u->ptr_0 = r.ptr_0; 05014 r_u->switch_value = r.switch_value; 05015 r_u->ctr = r.ctr; 05016 05017 return r_u->status; 05018 }
NTSTATUS _samr_set_dom_info | ( | pipes_struct * | p, | |
SAMR_Q_SET_DOMAIN_INFO * | q_u, | |||
SAMR_R_SET_DOMAIN_INFO * | r_u | |||
) |
srv_samr_nt.c の 5024 行で定義されています。
参照先 sam_unknown_info_12_inf::bad_attempt_lockout・q_samr_set_domain_info::ctr・q_samr_set_domain_info::domain_pol・sam_unknown_info_12_inf::duration・sam_unknown_info_1_inf::expire・find_policy_by_hnd()・sam_unknown_ctr_info::inf1・sam_unknown_ctr_info::inf12・sam_unknown_ctr_info::inf3・sam_unknown_ctr_info::info・init_samr_r_set_domain_info()・sam_unknown_info_3_info::logout・sam_unknown_info_1_inf::min_length_password・sam_unknown_info_1_inf::min_passwordage・nt_time_to_unix_abs()・sam_unknown_info_1_inf::password_history・sam_unknown_info_1_inf::password_properties・pdb_set_account_policy()・sam_unknown_info_12_inf::reset_count・r_samr_set_domain_info::status・q_samr_set_domain_info::switch_value.
05025 { 05026 time_t u_expire, u_min_age; 05027 time_t u_logout; 05028 time_t u_lock_duration, u_reset_time; 05029 05030 r_u->status = NT_STATUS_OK; 05031 05032 DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__)); 05033 05034 /* find the policy handle. open a policy on it. */ 05035 if (!find_policy_by_hnd(p, &q_u->domain_pol, NULL)) 05036 return NT_STATUS_INVALID_HANDLE; 05037 05038 DEBUG(5,("_samr_set_dom_info: switch_value: %d\n", q_u->switch_value)); 05039 05040 switch (q_u->switch_value) { 05041 case 0x01: 05042 u_expire=nt_time_to_unix_abs(&q_u->ctr->info.inf1.expire); 05043 u_min_age=nt_time_to_unix_abs(&q_u->ctr->info.inf1.min_passwordage); 05044 05045 pdb_set_account_policy(AP_MIN_PASSWORD_LEN, (uint32)q_u->ctr->info.inf1.min_length_password); 05046 pdb_set_account_policy(AP_PASSWORD_HISTORY, (uint32)q_u->ctr->info.inf1.password_history); 05047 pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS, (uint32)q_u->ctr->info.inf1.password_properties); 05048 pdb_set_account_policy(AP_MAX_PASSWORD_AGE, (int)u_expire); 05049 pdb_set_account_policy(AP_MIN_PASSWORD_AGE, (int)u_min_age); 05050 break; 05051 case 0x02: 05052 break; 05053 case 0x03: 05054 u_logout=nt_time_to_unix_abs(&q_u->ctr->info.inf3.logout); 05055 pdb_set_account_policy(AP_TIME_TO_LOGOUT, (int)u_logout); 05056 break; 05057 case 0x05: 05058 break; 05059 case 0x06: 05060 break; 05061 case 0x07: 05062 break; 05063 case 0x0c: 05064 u_lock_duration=nt_time_to_unix_abs(&q_u->ctr->info.inf12.duration); 05065 if (u_lock_duration != -1) 05066 u_lock_duration /= 60; 05067 05068 u_reset_time=nt_time_to_unix_abs(&q_u->ctr->info.inf12.reset_count)/60; 05069 05070 pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (int)u_lock_duration); 05071 pdb_set_account_policy(AP_RESET_COUNT_TIME, (int)u_reset_time); 05072 pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, (uint32)q_u->ctr->info.inf12.bad_attempt_lockout); 05073 break; 05074 default: 05075 return NT_STATUS_INVALID_INFO_CLASS; 05076 } 05077 05078 init_samr_r_set_domain_info(r_u, NT_STATUS_OK); 05079 05080 DEBUG(5,("_samr_set_dom_info: %d\n", __LINE__)); 05081 05082 return r_u->status; 05083 }
NTSTATUS _samr_get_dispenum_index | ( | pipes_struct * | p, | |
SAMR_Q_GET_DISPENUM_INDEX * | q_u, | |||
SAMR_R_GET_DISPENUM_INDEX * | r_u | |||
) |
srv_samr_nt.c の 5089 行で定義されています。
参照先 samr_displayentry::account_name・become_root()・q_samr_get_dispenum_index::domain_pol・find_policy_by_hnd()・init_samr_r_get_dispenum_index()・q_samr_get_dispenum_index::name・pdb_search_entries()・pdb_search_groups()・pdb_search_users()・rpcstr_pull_unistr2_fstring()・set_disp_info_cache_timeout()・smb_panic()・r_samr_get_dispenum_index::status・strequal()・q_samr_get_dispenum_index::switch_level・unbecome_root()・LSA_STRING::unistring.
参照元 api_samr_get_dispenum_index().
05090 { 05091 struct samr_info *info = NULL; 05092 uint32 max_entries = (uint32) -1; 05093 uint32 enum_context = 0; 05094 int i; 05095 uint32 num_account = 0; 05096 struct samr_displayentry *entries = NULL; 05097 fstring account_name; 05098 05099 DEBUG(5, ("_samr_get_dispenum_index: %d\n", __LINE__)); 05100 05101 r_u->status = NT_STATUS_UNSUCCESSFUL; 05102 05103 /* find the policy handle. open a policy on it. */ 05104 if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)(void *)&info)) 05105 return NT_STATUS_INVALID_HANDLE; 05106 05107 if ((q_u->switch_level < 1) || (q_u->switch_level > 3)) { 05108 DEBUG(0,("_samr_get_dispenum_index: Unknown info level (%u)\n", 05109 (unsigned int)q_u->switch_level )); 05110 return NT_STATUS_INVALID_INFO_CLASS; 05111 } 05112 05113 if (!rpcstr_pull_unistr2_fstring(account_name, &q_u->name.unistring)) { 05114 return NT_STATUS_NO_MEMORY; 05115 } 05116 05117 become_root(); 05118 05119 /* The following done as ROOT. Don't return without unbecome_root(). */ 05120 05121 switch (q_u->switch_level) { 05122 case 0x1: 05123 if (info->disp_info->users == NULL) { 05124 info->disp_info->users = pdb_search_users(ACB_NORMAL); 05125 if (info->disp_info->users == NULL) { 05126 unbecome_root(); 05127 return NT_STATUS_ACCESS_DENIED; 05128 } 05129 DEBUG(10,("_samr_get_dispenum_index: starting user enumeration at index %u\n", 05130 (unsigned int)enum_context )); 05131 } else { 05132 DEBUG(10,("_samr_get_dispenum_index: using cached user enumeration at index %u\n", 05133 (unsigned int)enum_context )); 05134 } 05135 05136 num_account = pdb_search_entries(info->disp_info->users, 05137 enum_context, max_entries, 05138 &entries); 05139 break; 05140 case 0x2: 05141 if (info->disp_info->machines == NULL) { 05142 info->disp_info->machines = 05143 pdb_search_users(ACB_WSTRUST|ACB_SVRTRUST); 05144 if (info->disp_info->machines == NULL) { 05145 unbecome_root(); 05146 return NT_STATUS_ACCESS_DENIED; 05147 } 05148 DEBUG(10,("_samr_get_dispenum_index: starting machine enumeration at index %u\n", 05149 (unsigned int)enum_context )); 05150 } else { 05151 DEBUG(10,("_samr_get_dispenum_index: using cached machine enumeration at index %u\n", 05152 (unsigned int)enum_context )); 05153 } 05154 05155 num_account = pdb_search_entries(info->disp_info->machines, 05156 enum_context, max_entries, 05157 &entries); 05158 break; 05159 case 0x3: 05160 if (info->disp_info->groups == NULL) { 05161 info->disp_info->groups = pdb_search_groups(); 05162 if (info->disp_info->groups == NULL) { 05163 unbecome_root(); 05164 return NT_STATUS_ACCESS_DENIED; 05165 } 05166 DEBUG(10,("_samr_get_dispenum_index: starting group enumeration at index %u\n", 05167 (unsigned int)enum_context )); 05168 } else { 05169 DEBUG(10,("_samr_get_dispenum_index: using cached group enumeration at index %u\n", 05170 (unsigned int)enum_context )); 05171 } 05172 05173 num_account = pdb_search_entries(info->disp_info->groups, 05174 enum_context, max_entries, 05175 &entries); 05176 break; 05177 default: 05178 unbecome_root(); 05179 smb_panic("info class changed"); 05180 break; 05181 } 05182 unbecome_root(); 05183 05184 /* Ensure we cache this enumeration. */ 05185 set_disp_info_cache_timeout(info->disp_info, DISP_INFO_CACHE_TIMEOUT); 05186 05187 DEBUG(10,("_samr_get_dispenum_index: looking for :%s\n", account_name)); 05188 05189 for (i=0; i<num_account; i++) { 05190 if (strequal(entries[i].account_name, account_name)) { 05191 DEBUG(10,("_samr_get_dispenum_index: found %s at idx %d\n", 05192 account_name, i)); 05193 05194 init_samr_r_get_dispenum_index(r_u, i); 05195 05196 return NT_STATUS_OK; 05197 } 05198 } 05199 05200 /* assuming account_name lives at the very end */ 05201 init_samr_r_get_dispenum_index(r_u, num_account); 05202 05203 return NT_STATUS_OK; 05204 }
struct generic_mapping sam_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_SAM_READ, GENERIC_RIGHTS_SAM_WRITE, GENERIC_RIGHTS_SAM_EXECUTE, GENERIC_RIGHTS_SAM_ALL_ACCESS}
srv_samr_nt.c の 76 行で定義されています。
参照元 _samr_connect()・_samr_connect4()・_samr_connect5()・_samr_connect_anon()・_samr_query_sec_obj().
struct generic_mapping dom_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_DOMAIN_READ, GENERIC_RIGHTS_DOMAIN_WRITE, GENERIC_RIGHTS_DOMAIN_EXECUTE, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS}
srv_samr_nt.c の 81 行で定義されています。
struct generic_mapping usr_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_USER_READ, GENERIC_RIGHTS_USER_WRITE, GENERIC_RIGHTS_USER_EXECUTE, GENERIC_RIGHTS_USER_ALL_ACCESS}
srv_samr_nt.c の 86 行で定義されています。
参照元 _samr_create_user()・_samr_open_user()・_samr_query_sec_obj().
struct generic_mapping usr_nopwchange_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_USER_READ, GENERIC_RIGHTS_USER_WRITE, GENERIC_RIGHTS_USER_EXECUTE & ~SA_RIGHT_USER_CHANGE_PASSWORD, GENERIC_RIGHTS_USER_ALL_ACCESS}
srv_samr_nt.c の 91 行で定義されています。
struct generic_mapping grp_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_GROUP_READ, GENERIC_RIGHTS_GROUP_WRITE, GENERIC_RIGHTS_GROUP_EXECUTE, GENERIC_RIGHTS_GROUP_ALL_ACCESS}
srv_samr_nt.c の 96 行で定義されています。
参照元 _samr_open_group().
struct generic_mapping ali_generic_mapping [static] |
初期値:
{ GENERIC_RIGHTS_ALIAS_READ, GENERIC_RIGHTS_ALIAS_WRITE, GENERIC_RIGHTS_ALIAS_EXECUTE, GENERIC_RIGHTS_ALIAS_ALL_ACCESS}
srv_samr_nt.c の 101 行で定義されています。
参照元 _samr_open_alias().