[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-495-gc61499c

Günther Deschner gd at samba.org
Thu Mar 27 20:57:23 GMT 2008 

The branch, v3-2-test has been updated
       via  c61499ce02355f5969fa0475ed6e3c278995ecdb (commit)
       via  2f5e25be276135e9cb4cc0c44ec573d466def66e (commit)
      from  e048780163f95fb7c2d337606794e1aa3c8b4b79 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit c61499ce02355f5969fa0475ed6e3c278995ecdb
Author: Günther Deschner <gd at samba.org>
Date:   Thu Mar 27 21:55:42 2008 +0100

    Re-add support for display and vampire of account policies in "net".
    
    Guenther

commit 2f5e25be276135e9cb4cc0c44ec573d466def66e
Author: Günther Deschner <gd at samba.org>
Date:   Thu Mar 27 21:04:31 2008 +0100

    Minor fix for net rpc samdump.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/utils/net_rpc_samsync.c |  112 +++++++++++++++++++++++++++++----------
 1 files changed, 83 insertions(+), 29 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/utils/net_rpc_samsync.c b/source/utils/net_rpc_samsync.c
index 775270a..819ebed 100644
--- a/source/utils/net_rpc_samsync.c
+++ b/source/utils/net_rpc_samsync.c
@@ -97,9 +97,53 @@ static time_t uint64s_nt_time_to_unix_abs(const uint64 *src)
 	return nt_time_to_unix_abs(&nttime);
 }
 
+static NTSTATUS pull_netr_AcctLockStr(TALLOC_CTX *mem_ctx,
+				      struct lsa_BinaryString *r,
+				      struct netr_AcctLockStr **str_p)
+{
+	struct netr_AcctLockStr *str;
+	enum ndr_err_code ndr_err;
+	DATA_BLOB blob;
+
+	if (!mem_ctx || !r || !str_p) {
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	*str_p = NULL;
+
+	str = TALLOC_ZERO_P(mem_ctx, struct netr_AcctLockStr);
+	if (!str) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	blob = data_blob_const(r->string, r->length*2);
+
+	ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, str,
+		       (ndr_pull_flags_fn_t)ndr_pull_netr_AcctLockStr);
+	data_blob_free(&blob);
+
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		return ndr_map_error2ntstatus(ndr_err);
+	}
+
+	*str_p = str;
+
+	return NT_STATUS_OK;
+}
+
 static void display_domain_info(struct netr_DELTA_DOMAIN *r)
 {
 	time_t u_logout;
+	struct netr_AcctLockStr *lockstr = NULL;
+	NTSTATUS status;
+	TALLOC_CTX *mem_ctx = talloc_tos();
+
+	status = pull_netr_AcctLockStr(mem_ctx, &r->account_lockout,
+				       &lockstr);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("failed to pull account lockout string: %s\n",
+			nt_errstr(status));
+	}
 
 	u_logout = uint64s_nt_time_to_unix_abs((const uint64 *)&r->force_logoff_time);
 
@@ -113,12 +157,12 @@ static void display_domain_info(struct netr_DELTA_DOMAIN *r)
 	d_printf("Max Password Age: %s\n", display_time(r->max_password_age));
 	d_printf("Min Password Age: %s\n", display_time(r->min_password_age));
 
-#if 0
-	/* FIXME - gd */
-	d_printf("Lockout Time: %s\n", display_time(a->account_lockout.lockout_duration));
-	d_printf("Lockout Reset Time: %s\n", display_time(a->account_lockout.reset_count));
-	d_printf("Bad Attempt Lockout: %d\n", a->account_lockout.bad_attempt_lockout);
-#endif
+	if (lockstr) {
+		d_printf("Lockout Time: %s\n", display_time((NTTIME)lockstr->lockout_duration));
+		d_printf("Lockout Reset Time: %s\n", display_time((NTTIME)lockstr->reset_count));
+		d_printf("Bad Attempt Lockout: %d\n", lockstr->bad_attempt_lockout);
+	}
+
 	d_printf("User must logon to change password: %d\n", r->logon_to_chgpass);
 }
 
@@ -280,7 +324,8 @@ static void display_sam_entry(struct netr_DELTA_ENUM *r)
 	}
 }
 
-static void dump_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type)
+static void dump_database(struct rpc_pipe_client *pipe_hnd,
+			  enum netr_SamDatabaseID database_id)
 {
         NTSTATUS result;
 	int i;
@@ -289,7 +334,6 @@ static void dump_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type)
 	const char *computername = global_myname();
 	struct netr_Authenticator credential;
 	struct netr_Authenticator return_authenticator;
-	enum netr_SamDatabaseID database_id = db_type;
 	uint16_t restart_state = 0;
 	uint32_t sync_context = 0;
 
@@ -297,7 +341,7 @@ static void dump_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type)
 		return;
 	}
 
-	switch( db_type ) {
+	switch(database_id) {
 	case SAM_DATABASE_DOMAIN:
 		d_printf("Dumping DOMAIN database\n");
 		break;
@@ -308,7 +352,8 @@ static void dump_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type)
 		d_printf("Dumping PRIVS databases\n");
 		break;
 	default:
-		d_printf("Dumping unknown database type %u\n", db_type );
+		d_printf("Dumping unknown database type %u\n",
+			database_id);
 		break;
 	}
 
@@ -981,21 +1026,29 @@ static NTSTATUS fetch_domain_info(uint32_t rid,
 				  struct netr_DELTA_DOMAIN *r)
 {
 	time_t u_max_age, u_min_age, u_logout;
-#if 0
-	/* FIXME: gd */
 	time_t u_lockoutreset, u_lockouttime;
-#endif
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	const char *domname;
+	struct netr_AcctLockStr *lockstr = NULL;
+	NTSTATUS status;
+	TALLOC_CTX *mem_ctx = talloc_tos();
+
+	status = pull_netr_AcctLockStr(mem_ctx, &r->account_lockout,
+				       &lockstr);
+	if (!NT_STATUS_IS_OK(status)) {
+		d_printf("failed to pull account lockout string: %s\n",
+			nt_errstr(status));
+	}
 
 	u_max_age = uint64s_nt_time_to_unix_abs((uint64 *)&r->max_password_age);
 	u_min_age = uint64s_nt_time_to_unix_abs((uint64 *)&r->min_password_age);
 	u_logout = uint64s_nt_time_to_unix_abs((uint64 *)&r->force_logoff_time);
-#if 0
-	/* FIXME: gd */
-	u_lockoutreset = uint64s_nt_time_to_unix_abs(&delta->account_lockout.reset_count);
-	u_lockouttime = uint64s_nt_time_to_unix_abs(&delta->account_lockout.lockout_duration);
-#endif
+
+	if (lockstr) {
+		u_lockoutreset = uint64s_nt_time_to_unix_abs(&lockstr->reset_count);
+		u_lockouttime = uint64s_nt_time_to_unix_abs((uint64_t *)&lockstr->lockout_duration);
+	}
+
 	domname = r->domain_name.string;
 	if (!domname) {
 		return NT_STATUS_NO_MEMORY;
@@ -1024,20 +1077,21 @@ static NTSTATUS fetch_domain_info(uint32_t rid,
 
 	if (!pdb_set_account_policy(AP_TIME_TO_LOGOUT, (uint32)u_logout))
 		return nt_status;
-#if 0
-/* FIXME: gd */
-	if (!pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT, delta->account_lockout.bad_attempt_lockout))
-		return nt_status;
 
-	if (!pdb_set_account_policy(AP_RESET_COUNT_TIME, (uint32)u_lockoutreset/60))
-		return nt_status;
+	if (lockstr) {
+		if (!pdb_set_account_policy(AP_BAD_ATTEMPT_LOCKOUT,
+					    lockstr->bad_attempt_lockout))
+			return nt_status;
 
-	if (u_lockouttime != -1)
-		u_lockouttime /= 60;
+		if (!pdb_set_account_policy(AP_RESET_COUNT_TIME, (uint32_t)u_lockoutreset/60))
+			return nt_status;
 
-	if (!pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (uint32)u_lockouttime))
-		return nt_status;
-#endif
+		if (u_lockouttime != -1)
+			u_lockouttime /= 60;
+
+		if (!pdb_set_account_policy(AP_LOCK_ACCOUNT_DURATION, (uint32_t)u_lockouttime))
+			return nt_status;
+	}
 
 	if (!pdb_set_account_policy(AP_USER_MUST_LOGON_TO_CHG_PASS,
 				    r->logon_to_chgpass))


-- 
Samba Shared Repository

More information about the samba-cvs mailing list