[PATCH] intermediate sam patch
Jelmer Vernooij
jelmer at samba.org
Wed Aug 28 00:09:01 GMT 2002
Hi,
Here's my current sam tree - don't blame me for anything that's ugly
or doesn't work yet - but feel free to fix anything.
Jelmer
--
Jelmer Vernooij http://samba.org/~jelmer/
Samba Team http://www.samba.org/
Running
-------------- next part --------------
Index: Makefile.in
===================================================================
RCS file: /home/cvs/samba/source/Makefile.in,v
retrieving revision 1.518
diff -u -3 -p -r1.518 Makefile.in
--- Makefile.in 25 Aug 2002 22:43:20 -0000 1.518
+++ Makefile.in 28 Aug 2002 04:02:27 -0000
@@ -214,8 +214,12 @@ PASSDB_GET_SET_OBJ = passdb/pdb_get_set.
PASSDB_OBJ = $(PASSDB_GET_SET_OBJ) passdb/passdb.o passdb/pdb_interface.o \
passdb/machine_sid.o passdb/pdb_smbpasswd.o \
passdb/pdb_tdb.o passdb/pdb_ldap.o passdb/pdb_plugin.o \
- passdb/pdb_nisplus.o passdb/pdb_unix.o passdb/util_sam_sid.o \
- passdb/pdb_compat.o
+ passdb/pdb_unix.o passdb/util_sam_sid.o \
+ passdb/pdb_compat.o passdb/pdb_nisplus.o
+
+SAM_OBJ = sam/account.o sam/get_set_user.o sam/get_set_group.o sam/get_set_domain.o sam/interface.o
+
+SAMTEST_OBJ = torture/samtest.o $(SAM_OBJ) $(LIB_OBJ) $(PARAM_OBJ) $(LIBSMB_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) $(READLINE_OBJ)
GROUPDB_OBJ = groupdb/mapping.o
@@ -446,7 +450,7 @@ PROTO_OBJ = $(SMBD_OBJ_MAIN) \
$(PRINTING_OBJ) $(PRINTBACKEND_OBJ) $(OPLOCK_OBJ) $(NOTIFY_OBJ) \
$(QUOTAOBJS) $(PASSDB_OBJ) $(GROUPDB_OBJ) $(MSDFS_OBJ) \
$(READLINE_OBJ) $(PROFILE_OBJ) $(LIBADS_OBJ) $(LIBADS_SERVER_OBJ) \
- $(LIB_SMBD_OBJ)
+ $(LIB_SMBD_OBJ) $(SAM_OBJ)
NSS_OBJ_0 = nsswitch/wins.o $(PARAM_OBJ) $(UBIQX_OBJ) $(LIBSMB_OBJ) \
$(LIB_OBJ) $(NSSWINS_OBJ)
@@ -674,6 +678,10 @@ bin/smbpasswd: $(SMBPASSWD_OBJ) bin/.dum
bin/pdbedit: $(PDBEDIT_OBJ) bin/.dummy
@echo Linking $@
@$(CC) $(FLAGS) -o $@ $(PDBEDIT_OBJ) $(LDFLAGS) $(DYNEXP) $(LIBS) @BUILD_POPT@
+
+bin/samtest: $(SAMTEST_OBJ) bin/.dummy
+ @echo Linking $@
+ @$(CC) $(FLAGS) -o $@ $(SAMTEST_OBJ) $(LDFLAGS) $(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @BUILD_POPT@
bin/smbgroupedit: $(SMBGROUPEDIT_OBJ) bin/.dummy
@echo Linking $@
Index: acconfig.h
===================================================================
RCS file: /home/cvs/samba/source/acconfig.h,v
retrieving revision 1.89
diff -u -3 -p -r1.89 acconfig.h
--- acconfig.h 23 Aug 2002 15:29:44 -0000 1.89
+++ acconfig.h 28 Aug 2002 04:02:27 -0000
@@ -166,6 +166,7 @@
#undef MMAP_BLACKLIST
#undef HAVE_IMMEDIATE_STRUCTURES
#undef HAVE_CUPS
+#undef WITH_SAM
#undef WITH_LDAP_SAM
#undef WITH_NISPLUS_SAM
#undef WITH_TDB_SAM
Index: configure.in
===================================================================
RCS file: /home/cvs/samba/source/configure.in,v
retrieving revision 1.332
diff -u -3 -p -r1.332 configure.in
--- configure.in 27 Aug 2002 09:14:21 -0000 1.332
+++ configure.in 28 Aug 2002 04:02:33 -0000
@@ -2138,6 +2138,22 @@ if test x"$samba_cv_HAVE_TRUNCATED_SALT"
fi
fi
+# New experimental SAM system
+
+AC_MSG_CHECKING([whether to build the new (experimental) SAM database])
+AC_ARG_WITH(sam,
+[ --with-sam Build new (experimental) SAM database (default=no)],
+[ case "$withval" in
+ yes)
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(WITH_SAM)
+ ;;
+ *)
+ AC_MSG_RESULT(no)
+ ;;
+ esac ],
+ AC_MSG_RESULT(no)
+)
########################################################################################
Index: groupdb/aliasdb.c
===================================================================
RCS file: /home/cvs/samba/source/groupdb/aliasdb.c,v
retrieving revision 1.14
diff -u -3 -p -r1.14 aliasdb.c
--- groupdb/aliasdb.c 30 Jan 2002 06:08:14 -0000 1.14
+++ groupdb/aliasdb.c 28 Aug 2002 04:02:33 -0000
@@ -41,9 +41,7 @@ BOOL initialise_alias_db(void)
return True;
}
-#ifdef WITH_NISPLUS
- aldb_ops = nisplus_initialise_alias_db();
-#elif defined(WITH_LDAP)
+#ifdef WITH_LDAP
aldb_ops = ldap_initialise_alias_db();
#else
aldb_ops = file_initialise_alias_db();
Index: groupdb/groupdb.c
===================================================================
RCS file: /home/cvs/samba/source/groupdb/groupdb.c,v
retrieving revision 1.12
diff -u -3 -p -r1.12 groupdb.c
--- groupdb/groupdb.c 30 Jan 2002 06:08:14 -0000 1.12
+++ groupdb/groupdb.c 28 Aug 2002 04:02:34 -0000
@@ -39,9 +39,7 @@ BOOL initialise_group_db(void)
return True;
}
-#ifdef WITH_NISPLUS
- gpdb_ops = nisplus_initialise_group_db();
-#elif defined(WITH_LDAP)
+#ifdef WITH_LDAP
gpdb_ops = ldap_initialise_group_db();
#else
gpdb_ops = file_initialise_group_db();
Index: include/config.h.in
===================================================================
RCS file: /home/cvs/samba/source/include/config.h.in,v
retrieving revision 1.177
diff -u -3 -p -r1.177 config.h.in
--- include/config.h.in 23 Aug 2002 15:51:28 -0000 1.177
+++ include/config.h.in 28 Aug 2002 04:02:34 -0000
@@ -1,4 +1,4 @@
-/* include/config.h.in. Generated automatically from configure.in by autoheader. */
+/* include/config.h.in. Generated automatically from configure.in by autoheader 2.13. */
/* Define if on AIX 3.
System headers sometimes define this.
@@ -232,6 +232,7 @@
#undef MMAP_BLACKLIST
#undef HAVE_IMMEDIATE_STRUCTURES
#undef HAVE_CUPS
+#undef WITH_SAM
#undef WITH_LDAP_SAM
#undef WITH_NISPLUS_SAM
#undef WITH_TDB_SAM
Index: include/debug.h
===================================================================
RCS file: /home/cvs/samba/source/include/debug.h,v
retrieving revision 1.17
diff -u -3 -p -r1.17 debug.h
--- include/debug.h 18 Jun 2002 09:20:07 -0000 1.17
+++ include/debug.h 28 Aug 2002 04:02:34 -0000
@@ -89,8 +89,9 @@ extern int DEBUGLEVEL;
#define DBGC_RPC_SRV 6
#define DBGC_RPC_CLI 7
#define DBGC_PASSDB 8
-#define DBGC_AUTH 9
-#define DBGC_WINBIND 10
+#define DBGC_SAM 9
+#define DBGC_AUTH 10
+#define DBGC_WINBIND 11
/* So you can define DBGC_CLASS before including debug.h */
Index: include/includes.h
===================================================================
RCS file: /home/cvs/samba/source/include/includes.h,v
retrieving revision 1.271
diff -u -3 -p -r1.271 includes.h
--- include/includes.h 21 Aug 2002 19:59:08 -0000 1.271
+++ include/includes.h 28 Aug 2002 04:02:35 -0000
@@ -751,6 +751,10 @@ extern int errno;
#include "passdb.h"
+#ifdef WITH_SAM
+#include "sam.h"
+#endif
+
#include "session.h"
#include "asn_1.h"
Index: lib/debug.c
===================================================================
RCS file: /home/cvs/samba/source/lib/debug.c,v
retrieving revision 1.60
diff -u -3 -p -r1.60 debug.c
--- lib/debug.c 21 Aug 2002 11:48:05 -0000 1.60
+++ lib/debug.c 28 Aug 2002 04:02:35 -0000
@@ -153,6 +153,7 @@ static const char *default_classname_tab
"rpc_srv", /* DBGC_RPC_SRV */
"rpc_cli", /* DBGC_RPC_CLI */
"passdb", /* DBGC_PASSDB */
+ "sam" /* DBGC_SAM */
"auth", /* DBGC_AUTH */
"winbind", /* DBGC_WINBIND */
NULL
Index: lib/time.c
===================================================================
RCS file: /home/cvs/samba/source/lib/time.c,v
retrieving revision 1.44
diff -u -3 -p -r1.44 time.c
--- lib/time.c 1 Jul 2002 09:12:38 -0000 1.44
+++ lib/time.c 28 Aug 2002 04:02:36 -0000
@@ -40,6 +40,12 @@ int extra_time_offset = 0;
#define TIME_T_MAX (~ (time_t) 0 - TIME_T_MIN)
#endif
+void get_nttime_max(NTTIME *t)
+{
+ /* FIXME: This is incorrect */
+ unix_to_nt_time(get_time_t_max(),t);
+}
+
/*******************************************************************
External access to time_t_min and time_t_max.
********************************************************************/
Index: lib/util_seaccess.c
===================================================================
RCS file: /home/cvs/samba/source/lib/util_seaccess.c,v
retrieving revision 1.31
diff -u -3 -p -r1.31 util_seaccess.c
--- lib/util_seaccess.c 10 Jun 2002 12:27:04 -0000 1.31
+++ lib/util_seaccess.c 28 Aug 2002 04:02:36 -0000
@@ -224,7 +224,7 @@ void se_map_standard(uint32 *access_mask
"Access-Checking" document in MSDN.
*****************************************************************************/
-BOOL se_access_check(SEC_DESC *sd, NT_USER_TOKEN *token,
+BOOL se_access_check(SEC_DESC *sd, const NT_USER_TOKEN *token,
uint32 acc_desired, uint32 *acc_granted,
NTSTATUS *status)
{
Index: param/loadparm.c
===================================================================
RCS file: /home/cvs/samba/source/param/loadparm.c,v
retrieving revision 1.444
diff -u -3 -p -r1.444 loadparm.c
--- param/loadparm.c 26 Aug 2002 16:38:08 -0000 1.444
+++ param/loadparm.c 28 Aug 2002 04:02:38 -0000
@@ -112,6 +112,7 @@ typedef struct
char *szSMBPasswdFile;
char *szPrivateDir;
char **szPassdbBackend;
+ char **szSamBackend;
char *szPasswordServer;
char *szSocketOptions;
char *szWorkGroup;
@@ -435,7 +436,6 @@ static service sDefault = {
NULL, /* fstype */
NULL, /* vfs object */
NULL, /* vfs options */
- NULL, /* vfs path */
0, /* iMinPrintSpace */
1000, /* iMaxPrintJobs */
0, /* iWriteCacheSize */
@@ -701,6 +701,7 @@ static struct parm_struct parm_table[] =
{"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, 0},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, 0},
{"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, 0},
+ {"sam backend", P_LIST, P_GLOBAL, &Globals.szSamBackend, NULL, NULL, 0},
{"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, 0},
{"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.bAlgorithmicRidBase, NULL, NULL, 0},
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
@@ -1031,7 +1032,6 @@ static struct parm_struct parm_table[] =
{"vfs object", P_STRING, P_LOCAL, &sDefault.szVfsObjectFile, handle_vfs_object, NULL, FLAG_SHARE},
{"vfs options", P_STRING, P_LOCAL, &sDefault.szVfsOptions, NULL, NULL, FLAG_SHARE},
- {"vfs path", P_STRING, P_LOCAL, &sDefault.szVfsPath, NULL, NULL, FLAG_SHARE},
{"msdfs root", P_BOOL, P_LOCAL, &sDefault.bMSDfsRoot, NULL, NULL, FLAG_SHARE},
@@ -1203,6 +1203,7 @@ static void init_globals(void)
string_set(&Globals.szSMBPasswdFile, dyn_SMB_PASSWD_FILE);
string_set(&Globals.szPrivateDir, dyn_PRIVATE_DIR);
Globals.szPassdbBackend = str_list_make("smbpasswd unixsam", NULL);
+ Globals.szSamBackend = str_list_make("test", NULL);
/* use the new 'hash2' method by default */
string_set(&Globals.szManglingMethod, "hash2");
@@ -1514,6 +1515,7 @@ FN_GLOBAL_STRING(lp_nis_home_map_name, &
static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion)
FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases)
FN_GLOBAL_LIST(lp_passdb_backend, &Globals.szPassdbBackend)
+FN_GLOBAL_LIST(lp_sam_backend, &Globals.szSamBackend)
FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction)
FN_GLOBAL_STRING(lp_adduser_script, &Globals.szAddUserScript)
FN_GLOBAL_STRING(lp_deluser_script, &Globals.szDelUserScript)
@@ -1662,7 +1664,6 @@ FN_LOCAL_LIST(lp_printer_admin, printer_
FN_LOCAL_STRING(lp_fstype, fstype)
FN_LOCAL_STRING(lp_vfsobj, szVfsObjectFile)
FN_LOCAL_STRING(lp_vfs_options, szVfsOptions)
-FN_LOCAL_STRING(lp_vfs_path, szVfsPath)
static FN_LOCAL_STRING(lp_volume, volume)
FN_LOCAL_STRING(lp_mangled_map, szMangledMap)
FN_LOCAL_STRING(lp_veto_files, szVetoFiles)
Index: passdb/passgrp.c
===================================================================
RCS file: /home/cvs/samba/source/passdb/passgrp.c,v
retrieving revision 1.8
diff -u -3 -p -r1.8 passgrp.c
--- passdb/passgrp.c 18 May 2002 15:09:21 -0000 1.8
+++ passdb/passgrp.c 28 Aug 2002 04:02:39 -0000
@@ -46,9 +46,7 @@ BOOL initialise_passgrp_db(void)
return True;
}
-#ifdef WITH_NISPLUS
- pwgrp_ops = nisplus_initialise_password_grp();
-#elif defined(WITH_LDAP)
+#ifdef WITH_LDAP
pwgrp_ops = ldap_initialize_password_grp();
#else
pwgrp_ops = file_initialise_password_grp();
Index: rpc_server/srv_samr_nt.c
===================================================================
RCS file: /home/cvs/samba/source/rpc_server/srv_samr_nt.c,v
retrieving revision 1.109
diff -u -3 -p -r1.109 srv_samr_nt.c
--- rpc_server/srv_samr_nt.c 16 Aug 2002 17:35:38 -0000 1.109
+++ rpc_server/srv_samr_nt.c 28 Aug 2002 04:02:41 -0000
@@ -68,8 +68,6 @@ struct generic_mapping usr_generic_mappi
struct generic_mapping grp_generic_mapping = {GROUP_READ, GROUP_WRITE, GROUP_EXECUTE, GROUP_ALL_ACCESS};
struct generic_mapping ali_generic_mapping = {ALIAS_READ, ALIAS_WRITE, ALIAS_EXECUTE, ALIAS_ALL_ACCESS};
-static NTSTATUS samr_make_dom_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *d_size);
-
/*******************************************************************
Checks if access to an object should be granted, and returns that
@@ -411,7 +409,7 @@ NTSTATUS _samr_get_usrdom_pwinfo(pipes_s
samr_make_sam_obj_sd
********************************************************************/
-static NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size)
+NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size)
{
extern DOM_SID global_sid_World;
DOM_SID adm_sid;
Index: sam/SAM-interface_handles.txt
===================================================================
RCS file: /home/cvs/samba/source/sam/SAM-interface_handles.txt,v
retrieving revision 1.1
diff -u -3 -p -r1.1 SAM-interface_handles.txt
--- sam/SAM-interface_handles.txt 31 Jul 2002 12:53:56 -0000 1.1
+++ sam/SAM-interface_handles.txt 28 Aug 2002 04:02:41 -0000
@@ -1,55 +1,32 @@
-SAM API
+NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
+NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
+NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
+NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
+NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
+
+/* Implemented */
+NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
+NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
+NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
+NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE *user)
+NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE *group)
+NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
+NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
+NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
NTSTATUS sam_get_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC **sd)
NTSTATUS sam_set_sec_obj(NT_USER_TOKEN *access, DOM_SID *sid, SEC_DESC *sd)
-
NTSTATUS sam_lookup_name(NT_USER_TOKEN *access, DOM_SID *domain, char *name, DOM_SID **sid, uint32 *type)
NTSTATUS sam_lookup_sid(NT_USER_TOKEN *access, DOM_SID *sid, char **name, uint32 *type)
-
-
-Domain API
-
-NTSTATUS sam_update_domain(SAM_DOMAIN_HANDLE *domain)
-
NTSTATUS sam_enum_domains(NT_USER_TOKEN *access, int32 *domain_count, DOM_SID **domains, char **domain_names)
NTSTATUS sam_lookup_domain(NT_USER_TOKEN *access, char *domain, DOM_SID **domainsid)
-
NTSTATUS sam_get_domain_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
-
-
-User API
-
-NTSTATUS sam_create_user(NT_USER_TOKEN *access, uint32 access_desired, SAM_USER_HANDLE **user)
-NTSTATUS sam_add_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_update_user(SAM_USER_HANDLE *user)
-NTSTATUS sam_delete_user(SAM_USER_HANDLE * user)
-
NTSTATUS sam_enum_users(NT_USER_TOKEN *access, DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users)
-
-NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
-NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
-
-
-Group API
-
-NTSTATUS sam_create_group(NT_USER_TOKEN *access, uint32 access_desired, uint32 typ, SAM_GROUP_HANDLE **group)
-NTSTATUS sam_add_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_update_group(SAM_GROUP_HANDLE *samgroup)
-NTSTATUS sam_delete_group(SAM_GROUP_HANDLE *groupsid)
-
NTSTATUS sam_enum_groups(NT_USER_TOKEN *access, DOM_SID *domainsid, uint32 typ, uint32 *groups_count, SAM_GROUP_ENUM **groups)
-
NTSTATUS sam_get_group_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
NTSTATUS sam_get_group_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_GROUP_HANDLE **group)
-
-NTSTATUS sam_add_member_to_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_delete_member_from_group(SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
-NTSTATUS sam_enum_groupmembers(SAM_GROUP_HANLDE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
-
-NTSTATUS sam_get_groups_of_user(SAM_USER_HANDLE *user, uint32 typ, uint32 *group_count, SAM_GROUP_ENUM **groups)
-
-
-
+NTSTATUS sam_get_user_by_sid(NT_USER_TOKEN *access, uint32 access_desired, DOM_SID *usersid, SAM_USER_HANDLE **user)
+NTSTATUS sam_get_user_by_name(NT_USER_TOKEN *access, uint32 access_desired, char *domain, char *name, SAM_USER_HANDLE **user)
structures
typedef _SAM_GROUP_MEMBER {
@@ -72,6 +49,7 @@ typedef struct sam_group_enum {
char *comment;
} SAM_GROUP_ENUM
+
NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
@@ -120,4 +98,4 @@ NTSTATUS sam_get_group_sid(SAM_GROUP_HAN
NTSTATUS sam_get_group_typ(SAM_GROUP_HANDLE *group, uint32 *typ)
NTSTATUS sam_{get,set}_group_name(SAM_GROUP_HANDLE *group, char **group_name)
NTSTATUS sam_{get,set}_group_comment(SAM_GROUP_HANDLE *group, char **comment)
-NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
\ No newline at end of file
+NTSTATUS sam_{get,set}_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
Index: smbd/vfs.c
===================================================================
RCS file: /home/cvs/samba/source/smbd/vfs.c,v
retrieving revision 1.62
diff -u -3 -p -r1.62 vfs.c
--- smbd/vfs.c 18 Aug 2002 18:04:00 -0000 1.62
+++ smbd/vfs.c 28 Aug 2002 04:02:41 -0000
@@ -206,7 +206,7 @@ Proceeding in compatibility mode, new op
BOOL smbd_vfs_init(connection_struct *conn)
{
- char **vfs_objects, *vfsobj, *vfs_module, *vfs_path;
+ char **vfs_objects, *vfsobj, *vfs_module;
int nobj, i;
struct smb_vfs_handle_struct *handle;
@@ -227,7 +227,6 @@ BOOL smbd_vfs_init(connection_struct *co
/* We are using default separators: ' \t\r\n' */
vfs_objects = toktocliplist(&nobj, NULL);
if (vfs_objects) {
- vfs_path = lp_vfs_path(SNUM(conn));
conn->vfs_private = NULL;
for(i=nobj-1; i>=0; i--) {
handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct));
@@ -235,11 +234,7 @@ BOOL smbd_vfs_init(connection_struct *co
handle->handle = NULL;
DLIST_ADD(conn->vfs_private, handle)
vfs_module = NULL;
- if (vfs_path) {
- asprintf(&vfs_module, "%s/%s", vfs_path, vfs_objects[i]);
- } else {
- asprintf(&vfs_module, "%s", vfs_objects[i]);
- }
+ asprintf(&vfs_module, "%s", vfs_objects[i]);
if (!vfs_init_custom(conn, vfs_module)) {
DEBUG(0, ("smbd_vfs_init: vfs_init_custom failed for %s\n", vfs_module));
string_free(&vfsobj);
Index: torture/cmd_vfs.c
===================================================================
RCS file: /home/cvs/samba/source/torture/cmd_vfs.c,v
retrieving revision 1.5
diff -u -3 -p -r1.5 cmd_vfs.c
--- torture/cmd_vfs.c 21 Aug 2002 02:34:49 -0000 1.5
+++ torture/cmd_vfs.c 28 Aug 2002 04:02:42 -0000
@@ -28,7 +28,6 @@ static char *null_string = "";
static NTSTATUS cmd_load_module(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, char **argv)
{
struct smb_vfs_handle_struct *handle;
- char *path = lp_vfs_path(0);
char name[PATH_MAX];
if (argc != 2) {
@@ -36,11 +35,7 @@ static NTSTATUS cmd_load_module(struct v
return NT_STATUS_OK;
}
- if (path != NULL && *path != '\0') {
- snprintf(name, PATH_MAX, "%s/%s", path, argv[1]);
- } else {
- snprintf(name, PATH_MAX, "%s", argv[1]);
- }
+ snprintf(name, PATH_MAX, "%s", argv[1]);
vfs->conn->vfs_private = NULL;
handle = (struct smb_vfs_handle_struct *) smb_xmalloc(sizeof(smb_vfs_handle_struct));
handle->handle = NULL;
Index: utils/testparm.c
===================================================================
RCS file: /home/cvs/samba/source/utils/testparm.c,v
retrieving revision 1.51
diff -u -3 -p -r1.51 testparm.c
--- utils/testparm.c 21 Aug 2002 20:29:11 -0000 1.51
+++ utils/testparm.c 28 Aug 2002 04:02:42 -0000
@@ -48,7 +48,7 @@ static int do_global_checks(void)
SMB_STRUCT_STAT st;
if (lp_security() >= SEC_DOMAIN && !lp_encrypted_passwords()) {
- printf("ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must also be set to 'true'.\n");
+ printf("ERROR: in 'security=domain' mode the 'encrypt passwords' parameter must always be set to 'true'.\n");
ret = 1;
}
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ sam/account.c 2002-08-28 02:47:21.000000000 +0200
@@ -0,0 +1,301 @@
+/*
+ Unix SMB/CIFS implementation.
+ Password and authentication handling
+ Copyright (C) Jeremy Allison 1996-2001
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1998
+ Copyright (C) Gerald (Jerry) Carter 2000-2001
+ Copyright (C) Andrew Bartlett 2001-2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_PASSDB
+
+/************************************************************
+ Fill the SAM_USER_HANDLE with default values.
+ ***********************************************************/
+
+static void sam_fill_default_user(SAM_USER_HANDLE *user)
+{
+ ZERO_STRUCT(user->private); /* Don't touch the talloc context */
+
+ /* Don't change these timestamp settings without a good reason.
+ They are important for NT member server compatibility. */
+
+ user->private.init_flag = FLAG_SAM_UNINIT;
+
+ /* FIXME: We should actually call get_nt_time_max() or sthng
+ * here */
+ unix_to_nt_time(&(user->private.logoff_time),get_time_t_max());
+ unix_to_nt_time(&(user->private.kickoff_time),get_time_t_max());
+ unix_to_nt_time(&(user->private.pass_must_change_time),get_time_t_max());
+ user->private.unknown_1 = 0x00ffffff; /* don't know */
+ user->private.logon_divs = 168; /* hours per week */
+ user->private.hours_len = 21; /* 21 times 8 bits = 168 */
+ memset(user->private.hours, 0xff, user->private.hours_len); /* available at all hours */
+ user->private.unknown_2 = 0x00000000; /* don't know */
+ user->private.unknown_3 = 0x000004ec; /* don't know */
+}
+
+static void destroy_sam_talloc(SAM_USER_HANDLE **user)
+{
+ if (*user) {
+ talloc_destroy((*user)->mem_ctx);
+ *user = NULL;
+ }
+}
+
+
+/**********************************************************************
+ Alloc memory and initialises a SAM_USER_HANDLE on supplied mem_ctx.
+***********************************************************************/
+
+NTSTATUS sam_init_user_talloc(TALLOC_CTX *mem_ctx, SAM_USER_HANDLE **user)
+{
+ SMB_ASSERT(*user != NULL);
+
+ if (!mem_ctx) {
+ DEBUG(0,("sam_init_user_talloc: mem_ctx was NULL!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ *user=(SAM_USER_HANDLE *)talloc(mem_ctx, sizeof(SAM_USER_HANDLE));
+
+ if (*user==NULL) {
+ DEBUG(0,("sam_init_user_talloc: error while allocating memory\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ (*user)->mem_ctx = mem_ctx;
+
+ (*user)->free_fn = NULL;
+
+ sam_fill_default_user(*user);
+
+ return NT_STATUS_OK;
+}
+
+
+/*************************************************************
+ Alloc memory and initialises a struct sam_passwd.
+ ************************************************************/
+
+NTSTATUS sam_init_user(SAM_USER_HANDLE **user)
+{
+ TALLOC_CTX *mem_ctx;
+ NTSTATUS nt_status;
+
+ mem_ctx = talloc_init_named("passdb internal SAM_USER_HANDLE allocation");
+
+ if (!mem_ctx) {
+ DEBUG(0,("sam_init_user: error while doing talloc_init()\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_init_user_talloc(mem_ctx, user))) {
+ talloc_destroy(mem_ctx);
+ return nt_status;
+ }
+
+ (*user)->free_fn = destroy_sam_talloc;
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * Free the contets of the SAM_USER_HANDLE, but not the structure.
+ *
+ * Also wipes the LM and NT hashes and plaintext passwrod from
+ * memory.
+ *
+ * @param user SAM_USER_HANDLE to free members of.
+ **/
+
+static void sam_free_user_contents(SAM_USER_HANDLE *user)
+{
+
+ /* Kill off sensitive data. Free()ed by the
+ talloc mechinism */
+
+ data_blob_clear_free(&(user->private.lm_pw));
+ data_blob_clear_free(&(user->private.nt_pw));
+ data_blob_clear_free(&(user->private.plaintext_pw));
+}
+
+
+/************************************************************
+ Reset the SAM_USER_HANDLE and free the NT/LM hashes.
+ ***********************************************************/
+
+NTSTATUS sam_reset_sam(SAM_USER_HANDLE *user)
+{
+ SMB_ASSERT(user != NULL);
+
+ sam_free_user_contents(user);
+
+ sam_fill_default_user(user);
+
+ return NT_STATUS_OK;
+}
+
+
+/************************************************************
+ Free the SAM_USER_HANDLE and the member pointers.
+ ***********************************************************/
+
+NTSTATUS sam_free_user(SAM_USER_HANDLE **user)
+{
+ SMB_ASSERT(*user != NULL);
+
+ sam_free_user_contents(*user);
+
+ if ((*user)->free_fn) {
+ (*user)->free_fn(user);
+ }
+
+ return NT_STATUS_OK;
+}
+
+
+/**********************************************************
+ Encode the account control bits into a string.
+ length = length of string to encode into (including terminating
+ null). length *MUST BE MORE THAN 2* !
+ **********************************************************/
+
+char *sam_encode_acct_ctrl(uint16 acct_ctrl, size_t length)
+{
+ static fstring acct_str;
+ size_t i = 0;
+
+ acct_str[i++] = '[';
+
+ if (acct_ctrl & ACB_PWNOTREQ ) acct_str[i++] = 'N';
+ if (acct_ctrl & ACB_DISABLED ) acct_str[i++] = 'D';
+ if (acct_ctrl & ACB_HOMDIRREQ) acct_str[i++] = 'H';
+ if (acct_ctrl & ACB_TEMPDUP ) acct_str[i++] = 'T';
+ if (acct_ctrl & ACB_NORMAL ) acct_str[i++] = 'U';
+ if (acct_ctrl & ACB_MNS ) acct_str[i++] = 'M';
+ if (acct_ctrl & ACB_WSTRUST ) acct_str[i++] = 'W';
+ if (acct_ctrl & ACB_SVRTRUST ) acct_str[i++] = 'S';
+ if (acct_ctrl & ACB_AUTOLOCK ) acct_str[i++] = 'L';
+ if (acct_ctrl & ACB_PWNOEXP ) acct_str[i++] = 'X';
+ if (acct_ctrl & ACB_DOMTRUST ) acct_str[i++] = 'I';
+
+ for ( ; i < length - 2 ; i++ )
+ acct_str[i] = ' ';
+
+ i = length - 2;
+ acct_str[i++] = ']';
+ acct_str[i++] = '\0';
+
+ return acct_str;
+}
+
+/**********************************************************
+ Decode the account control bits from a string.
+ **********************************************************/
+
+uint16 sam_decode_acct_ctrl(const char *p)
+{
+ uint16 acct_ctrl = 0;
+ BOOL finished = False;
+
+ /*
+ * Check if the account type bits have been encoded after the
+ * NT password (in the form [NDHTUWSLXI]).
+ */
+
+ if (*p != '[')
+ return 0;
+
+ for (p++; *p && !finished; p++) {
+ switch (*p) {
+ case 'N': { acct_ctrl |= ACB_PWNOTREQ ; break; /* 'N'o password. */ }
+ case 'D': { acct_ctrl |= ACB_DISABLED ; break; /* 'D'isabled. */ }
+ case 'H': { acct_ctrl |= ACB_HOMDIRREQ; break; /* 'H'omedir required. */ }
+ case 'T': { acct_ctrl |= ACB_TEMPDUP ; break; /* 'T'emp account. */ }
+ case 'U': { acct_ctrl |= ACB_NORMAL ; break; /* 'U'ser account (normal). */ }
+ case 'M': { acct_ctrl |= ACB_MNS ; break; /* 'M'NS logon user account. What is this ? */ }
+ case 'W': { acct_ctrl |= ACB_WSTRUST ; break; /* 'W'orkstation account. */ }
+ case 'S': { acct_ctrl |= ACB_SVRTRUST ; break; /* 'S'erver account. */ }
+ case 'L': { acct_ctrl |= ACB_AUTOLOCK ; break; /* 'L'ocked account. */ }
+ case 'X': { acct_ctrl |= ACB_PWNOEXP ; break; /* No 'X'piry on password */ }
+ case 'I': { acct_ctrl |= ACB_DOMTRUST ; break; /* 'I'nterdomain trust account. */ }
+ case ' ': { break; }
+ case ':':
+ case '\n':
+ case '\0':
+ case ']':
+ default: { finished = True; }
+ }
+ }
+
+ return acct_ctrl;
+}
+
+/*************************************************************
+ Routine to set 32 hex password characters from a 16 byte array.
+**************************************************************/
+
+void sam_sethexpwd(char *p, const unsigned char *pwd, uint16 acct_ctrl)
+{
+ if (pwd != NULL) {
+ int i;
+ for (i = 0; i < 16; i++)
+ slprintf(&p[i*2], 3, "%02X", pwd[i]);
+ } else {
+ if (acct_ctrl & ACB_PWNOTREQ)
+ safe_strcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 33);
+ else
+ safe_strcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 33);
+ }
+}
+
+/*************************************************************
+ Routine to get the 32 hex characters and turn them
+ into a 16 byte array.
+**************************************************************/
+
+BOOL sam_gethexpwd(const char *p, unsigned char *pwd)
+{
+ int i;
+ unsigned char lonybble, hinybble;
+ char *hexchars = "0123456789ABCDEF";
+ char *p1, *p2;
+
+ if (!p)
+ return (False);
+
+ for (i = 0; i < 32; i += 2) {
+ hinybble = toupper(p[i]);
+ lonybble = toupper(p[i + 1]);
+
+ p1 = strchr(hexchars, hinybble);
+ p2 = strchr(hexchars, lonybble);
+
+ if (!p1 || !p2)
+ return (False);
+
+ hinybble = PTR_DIFF(p1, hexchars);
+ lonybble = PTR_DIFF(p2, hexchars);
+
+ pwd[i / 2] = (hinybble << 4) | lonybble;
+ }
+ return (True);
+}
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ sam/get_set_domain.c 2002-08-28 02:47:23.000000000 +0200
@@ -0,0 +1,263 @@
+/*
+ Unix SMB/CIFS implementation.
+ SAM_DOMAIN access routines
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1998
+ Copyright (C) Andrew Bartlett 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+ Copyright (C) Jelmer Vernooij 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_SAM
+
+NTSTATUS sam_get_domain_sid(SAM_DOMAIN_HANDLE *domain, DOM_SID **sid)
+{
+ if (!domain || !sid) return NT_STATUS_UNSUCCESSFUL;
+
+ *sid = &domain->private.sid;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_num_users(SAM_DOMAIN_HANDLE *domain, uint32 *num_users)
+{
+ if (!domain || !num_users)return NT_STATUS_UNSUCCESSFUL;
+
+ *num_users = domain->private.num_users;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_num_groups(SAM_DOMAIN_HANDLE *domain, uint32 *num_groups)
+{
+ if (!domain || !num_groups)return NT_STATUS_UNSUCCESSFUL;
+
+ *num_groups = domain->private.num_groups;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_num_aliases(SAM_DOMAIN_HANDLE *domain, uint32 *num_aliases)
+{
+ if (!domain || !num_aliases)return NT_STATUS_UNSUCCESSFUL;
+
+ *num_aliases = domain->private.num_aliases;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_name(SAM_DOMAIN_HANDLE *domain, char **domain_name)
+{
+ if (!domain || !domain_name)return NT_STATUS_UNSUCCESSFUL;
+
+ *domain_name = domain->private.name;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_name(SAM_DOMAIN_HANDLE *domain, char *domain_name)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.name = talloc_strdup(domain->mem_ctx, domain_name);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_server(SAM_DOMAIN_HANDLE *domain, char **server_name)
+{
+ if (!domain || !server_name)return NT_STATUS_UNSUCCESSFUL;
+
+ *server_name = domain->private.servername;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_server(SAM_DOMAIN_HANDLE *domain, char *server_name)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.servername = talloc_strdup(domain->mem_ctx, server_name);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *max_passwordage)
+{
+ if (!domain || !max_passwordage)return NT_STATUS_UNSUCCESSFUL;
+
+ *max_passwordage = domain->private.max_passwordage;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME *min_passwordage)
+{
+ if (!domain || !min_passwordage)return NT_STATUS_UNSUCCESSFUL;
+
+ *min_passwordage = domain->private.min_passwordage;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME *lockout_duration)
+{
+ if (!domain || !lockout_duration)return NT_STATUS_UNSUCCESSFUL;
+
+ *lockout_duration = domain->private.lockout_duration;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME *reset_lockout_count)
+{
+ if (!domain || !reset_lockout_count)return NT_STATUS_UNSUCCESSFUL;
+
+ *reset_lockout_count = domain->private.reset_count;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 *min_passwordlength)
+{
+ if (!domain || !min_passwordlength)return NT_STATUS_UNSUCCESSFUL;
+
+ *min_passwordlength = domain->private.min_passwordlength;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 *password_history)
+{
+ if (!domain || !password_history)return NT_STATUS_UNSUCCESSFUL;
+
+ *password_history = domain->private.password_history;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 *lockout_count)
+{
+ if (!domain || !lockout_count)return NT_STATUS_UNSUCCESSFUL;
+
+ *lockout_count = domain->private.lockout_count;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL *force_logoff)
+{
+ if (!domain || !force_logoff)return NT_STATUS_UNSUCCESSFUL;
+
+ *force_logoff = domain->private.force_logoff;
+
+ return NT_STATUS_OK;
+}
+
+
+NTSTATUS sam_get_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL *login_pwdchange)
+{
+ if (!domain || !login_pwdchange)return NT_STATUS_UNSUCCESSFUL;
+
+ *login_pwdchange = domain->private.login_pwdchange;
+
+ return NT_STATUS_OK;
+}
+
+/* Set */
+
+NTSTATUS sam_set_domain_max_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME max_passwordage)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.max_passwordage = max_passwordage;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_min_pwdage(SAM_DOMAIN_HANDLE *domain, NTTIME min_passwordage)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.min_passwordage = min_passwordage;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_lockout_duration(SAM_DOMAIN_HANDLE *domain, NTTIME lockout_duration)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.lockout_duration = lockout_duration;
+
+ return NT_STATUS_OK;
+}
+NTSTATUS sam_set_domain_reset_count(SAM_DOMAIN_HANDLE *domain, NTTIME reset_lockout_count)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.reset_count = reset_lockout_count;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_min_pwdlength(SAM_DOMAIN_HANDLE *domain, uint16 min_passwordlength)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.min_passwordlength = min_passwordlength;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_pwd_history(SAM_DOMAIN_HANDLE *domain, uint16 password_history)
+{
+ if (!domain) return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.password_history = password_history;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_lockout_count(SAM_DOMAIN_HANDLE *domain, uint16 lockout_count)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.lockout_count = lockout_count;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_force_logoff(SAM_DOMAIN_HANDLE *domain, BOOL force_logoff)
+{
+ if (!domain)return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.force_logoff = force_logoff;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_domain_login_pwdchange(SAM_DOMAIN_HANDLE *domain, BOOL login_pwdchange)
+{
+ if (!domain) return NT_STATUS_UNSUCCESSFUL;
+
+ domain->private.login_pwdchange = login_pwdchange;
+
+ return NT_STATUS_OK;
+}
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ sam/get_set_group.c 2002-08-28 02:47:25.000000000 +0200
@@ -0,0 +1,123 @@
+/*
+ Unix SMB/CIFS implementation.
+ SAM_USER_HANDLE access routines
+ Copyright (C) Andrew Bartlett 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+ Copyright (C) Jelmer Vernooij 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_SAM
+
+/* sam group get functions */
+
+NTSTATUS sam_get_group_sid(const SAM_GROUP_HANDLE *group, DOM_SID **sid)
+{
+ if (!group || !sid) return NT_STATUS_UNSUCCESSFUL;
+
+ *sid = &group->private.sid;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_group_typ(const SAM_GROUP_HANDLE *group, uint32 *typ)
+{
+ if (!group || !typ) return NT_STATUS_UNSUCCESSFUL;
+
+ *typ = group->private.flags;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_group_name(const SAM_GROUP_HANDLE *group, char **group_name)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ *group_name = group->private.name;
+
+ return NT_STATUS_OK;
+
+}
+NTSTATUS sam_get_group_comment(const SAM_GROUP_HANDLE *group, char **comment)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ *comment = group->private.comment;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_group_priv_set(const SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ *priv_set = group->private.privileges;
+
+ return NT_STATUS_OK;
+}
+
+/* sam group set functions */
+
+NTSTATUS sam_set_group_sid(SAM_GROUP_HANDLE *group, DOM_SID *sid)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ if (!sid) ZERO_STRUCT(group->private.sid);
+ else sid_copy(&(group->private.sid), sid);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_group_typ(SAM_GROUP_HANDLE *group, uint32 typ)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ group->private.flags = typ;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_group_name(SAM_GROUP_HANDLE *group, char *group_name)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ group->private.name = talloc_strdup(group->mem_ctx, group_name);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_group_comment(SAM_GROUP_HANDLE *group, char *comment)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ group->private.comment = talloc_strdup(group->mem_ctx, comment);
+
+ return NT_STATUS_OK;
+
+}
+
+NTSTATUS sam_set_group_priv_set(SAM_GROUP_HANDLE *group, PRIVILEGE_SET *priv_set)
+{
+ if (!group) return NT_STATUS_UNSUCCESSFUL;
+
+ if (!priv_set) ZERO_STRUCT(group->private.privileges);
+ else memcpy(&(group->private.privileges), priv_set, sizeof(PRIVILEGE_SET));
+
+ return NT_STATUS_OK;
+}
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ sam/get_set_user.c 2002-08-28 02:47:27.000000000 +0200
@@ -0,0 +1,903 @@
+/*
+ Unix SMB/CIFS implementation.
+ SAM_USER_HANDLE access routines
+ Copyright (C) Andrew Bartlett 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+ Copyright (C) Jelmer Vernooij 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_SAM
+
+NTSTATUS sam_get_user_domain_sid (const SAM_USER_HANDLE *sampass, DOM_SID **sid)
+{
+ NTSTATUS status;
+ SAM_DOMAIN_HANDLE *domain;
+ if (!sampass || !sid) return NT_STATUS_UNSUCCESSFUL;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){
+ DEBUG(0, ("sam_get_user_domain_sid: Can't get domain for user\n"));
+ return status;
+ }
+
+ return sam_get_domain_sid(domain, sid);
+}
+
+NTSTATUS sam_get_user_domain_name (const SAM_USER_HANDLE *sampass, char **domain_name)
+{
+ NTSTATUS status;
+ SAM_DOMAIN_HANDLE *domain;
+ if (!sampass || !domain_name) return NT_STATUS_UNSUCCESSFUL;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_user_domain(sampass, &domain))){
+ DEBUG(0, ("sam_get_user_domain_name: Can't get domain for user\n"));
+ return status;
+ }
+
+ return sam_get_domain_name(domain, domain_name);
+}
+
+NTSTATUS sam_get_user_acct_ctrl (const SAM_USER_HANDLE *sampass, uint16 *acct_ctrl)
+{
+ if(!sampass || !acct_ctrl)return NT_STATUS_UNSUCCESSFUL;
+
+ *acct_ctrl = sampass->private.acct_ctrl;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_logon_time (const SAM_USER_HANDLE *sampass, NTTIME *logon_time)
+{
+ if(!sampass || !logon_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *logon_time = sampass->private.logon_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_logoff_time (const SAM_USER_HANDLE *sampass, NTTIME *logoff_time)
+{
+ if(!sampass || !logoff_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *logoff_time = sampass->private.logoff_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_kickoff_time (const SAM_USER_HANDLE *sampass, NTTIME *kickoff_time)
+{
+ if (!sampass || !kickoff_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *kickoff_time = sampass->private.kickoff_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_pass_last_set_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_last_set_time)
+{
+ if (!sampass || !pass_last_set_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *pass_last_set_time = sampass->private.pass_last_set_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_pass_can_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_can_change_time)
+{
+ if (!sampass || !pass_can_change_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *pass_can_change_time = sampass->private.pass_can_change_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_pass_must_change_time (const SAM_USER_HANDLE *sampass, NTTIME *pass_must_change_time)
+{
+ if (!sampass || !pass_must_change_time)return NT_STATUS_UNSUCCESSFUL;
+
+ *pass_must_change_time = sampass->private.pass_must_change_time;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_logon_divs (const SAM_USER_HANDLE *sampass, uint16 *logon_divs)
+{
+ if (!sampass || !logon_divs)return NT_STATUS_UNSUCCESSFUL;
+
+ *logon_divs = sampass->private.logon_divs;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_hours_len (const SAM_USER_HANDLE *sampass, uint32 *hours_len)
+{
+ if (!sampass || !hours_len)return NT_STATUS_UNSUCCESSFUL;
+
+ *hours_len = sampass->private.hours_len;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_hours (const SAM_USER_HANDLE *sampass, uint8 **hours)
+{
+ if (!sampass || !hours)return NT_STATUS_UNSUCCESSFUL;
+
+ *hours = sampass->private.hours;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_nt_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *nt_pwd)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ SMB_ASSERT((!sampass->private.nt_pw.data)
+ || sampass->private.nt_pw.length == NT_HASH_LEN);
+
+ *nt_pwd = sampass->private.nt_pw;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_lm_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB *lm_pwd)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ SMB_ASSERT((!sampass->private.lm_pw.data)
+ || sampass->private.lm_pw.length == LM_HASH_LEN);
+
+ *lm_pwd = sampass->private.lm_pw;
+
+ return NT_STATUS_OK;
+}
+
+/* Return the plaintext password if known. Most of the time
+ it isn't, so don't assume anything magic about this function.
+
+ Used to pass the plaintext to sam backends that might
+ want to store more than just the NTLM hashes.
+*/
+
+NTSTATUS sam_get_user_plaintext_pwd (const SAM_USER_HANDLE *sampass, DATA_BLOB **plain_pwd)
+{
+ if (!sampass || !plain_pwd)return NT_STATUS_UNSUCCESSFUL;
+
+ *plain_pwd = &(sampass->private.plaintext_pw);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_sid(const SAM_USER_HANDLE *sampass, DOM_SID **sid)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *sid = &(sampass->private.user_sid);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_pgroup(const SAM_USER_HANDLE *sampass, DOM_SID **sid)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *sid = &(sampass->private.group_sid);
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * Get flags showing what is initalised in the SAM_USER_HANDLE
+ * @param sampass the SAM_USER_HANDLE in question
+ * @return the flags indicating the members initialised in the struct.
+ **/
+
+NTSTATUS sam_get_user_init_flag (const SAM_USER_HANDLE *sampass, uint32 *initflag)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *initflag = sampass->private.init_flag;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_name (const SAM_USER_HANDLE *sampass, char **username)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *username = sampass->private.username;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_domain (const SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE **domain)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *domain = sampass->private.domain;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_fullname (const SAM_USER_HANDLE *sampass, char **fullname)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *fullname = sampass->private.full_name;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_homedir (const SAM_USER_HANDLE *sampass, char **homedir)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *homedir = sampass->private.home_dir;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_unix_home_dir (const SAM_USER_HANDLE *sampass, char **uhomedir)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *uhomedir = sampass->private.unix_home_dir;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_dir_drive (const SAM_USER_HANDLE *sampass, char **dirdrive)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *dirdrive = sampass->private.dir_drive;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_logon_script (const SAM_USER_HANDLE *sampass, char **logon_script)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *logon_script = sampass->private.logon_script;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_profile_path (const SAM_USER_HANDLE *sampass, char **profile_path)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *profile_path = sampass->private.profile_path;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_description (const SAM_USER_HANDLE *sampass, char **description)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *description = sampass->private.acct_desc;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_workstations (const SAM_USER_HANDLE *sampass, char **workstations)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *workstations = sampass->private.workstations;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_unknown_str (const SAM_USER_HANDLE *sampass, char **unknown_str)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *unknown_str = sampass->private.unknown_str;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_munged_dial (const SAM_USER_HANDLE *sampass, char **munged_dial)
+{
+ if (!sampass)return NT_STATUS_UNSUCCESSFUL;
+
+ *munged_dial = sampass->private.munged_dial;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_unknown_1 (const SAM_USER_HANDLE *sampass, uint32 *unknown1)
+{
+ if (!sampass || !unknown1)return NT_STATUS_UNSUCCESSFUL;
+
+ *unknown1 = sampass->private.unknown_1;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_unknown_2 (const SAM_USER_HANDLE *sampass, uint32 *unknown2)
+{
+ if (!sampass || !unknown2)return NT_STATUS_UNSUCCESSFUL;
+
+ *unknown2 = sampass->private.unknown_2;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_get_user_unknown_3 (const SAM_USER_HANDLE *sampass, uint32 *unknown3)
+{
+ if (!sampass || !unknown3)return NT_STATUS_UNSUCCESSFUL;
+
+ *unknown3 = sampass->private.unknown_3;
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Collection of set...() functions for SAM_USER_HANDLE_INFO.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_acct_ctrl (SAM_USER_HANDLE *sampass, uint16 flags)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.acct_ctrl = flags;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_logon_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.logon_time = mytime;
+
+ if (store)
+ sam_set_user_init_flag(sampass, FLAG_SAM_LOGONTIME);
+
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+NTSTATUS sam_set_user_logoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.logoff_time = mytime;
+
+ if (store)
+ sam_set_user_init_flag(sampass, FLAG_SAM_LOGOFFTIME);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_kickoff_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.kickoff_time = mytime;
+
+ if (store)
+ sam_set_user_init_flag(sampass, FLAG_SAM_KICKOFFTIME);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_pass_can_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.pass_can_change_time = mytime;
+
+ if (store)
+ sam_set_user_init_flag(sampass, FLAG_SAM_CANCHANGETIME);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_pass_must_change_time (SAM_USER_HANDLE *sampass, NTTIME mytime, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.pass_must_change_time = mytime;
+
+ if (store)
+ sam_set_user_init_flag(sampass, FLAG_SAM_MUSTCHANGETIME);
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_pass_last_set_time (SAM_USER_HANDLE *sampass, NTTIME mytime)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.pass_last_set_time = mytime;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_hours_len (SAM_USER_HANDLE *sampass, uint32 len)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.hours_len = len;
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_logon_divs (SAM_USER_HANDLE *sampass, uint16 hours)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.logon_divs = hours;
+ return NT_STATUS_OK;
+}
+
+/**
+ * Set flags showing what is initalised in the SAM_USER_HANDLE
+ * @param sampass the SAM_USER_HANDLE in question
+ * @param flag The *new* flag to be set. Old flags preserved
+ * this flag is only added.
+ **/
+
+NTSTATUS sam_set_user_init_flag (SAM_USER_HANDLE *sampass, uint32 flag)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.init_flag |= flag;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_sid (SAM_USER_HANDLE *sampass, DOM_SID *u_sid)
+{
+ if (!sampass || !u_sid)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sid_copy(&sampass->private.user_sid, u_sid);
+
+ DEBUG(10, ("sam_set_user_sid: setting user sid %s\n",
+ sid_string_static(&sampass->private.user_sid)));
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_sid_from_string (SAM_USER_HANDLE *sampass, fstring u_sid)
+{
+ DOM_SID new_sid;
+ if (!sampass || !u_sid)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_user_sid_from_string: setting user sid %s\n",
+ u_sid));
+
+ if (!string_to_sid(&new_sid, u_sid)) {
+ DEBUG(1, ("sam_set_user_sid_from_string: %s isn't a valid SID!\n", u_sid));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!NT_STATUS_IS_OK(sam_set_user_sid(sampass, &new_sid))) {
+ DEBUG(1, ("sam_set_user_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", u_sid));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_pgroup_sid (SAM_USER_HANDLE *sampass, DOM_SID *g_sid)
+{
+ if (!sampass || !g_sid)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sid_copy(&sampass->private.group_sid, g_sid);
+
+ DEBUG(10, ("sam_set_group_sid: setting group sid %s\n",
+ sid_string_static(&sampass->private.group_sid)));
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_pgroup_string (SAM_USER_HANDLE *sampass, fstring g_sid)
+{
+ DOM_SID new_sid;
+ if (!sampass || !g_sid)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_group_sid_from_string: setting group sid %s\n",
+ g_sid));
+
+ if (!string_to_sid(&new_sid, g_sid)) {
+ DEBUG(1, ("sam_set_group_sid_from_string: %s isn't a valid SID!\n", g_sid));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!NT_STATUS_IS_OK(sam_set_user_pgroup_sid(sampass, &new_sid))) {
+ DEBUG(1, ("sam_set_group_sid_from_string: could not set sid %s on SAM_USER_HANDLE!\n", g_sid));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the domain name.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_domain(SAM_USER_HANDLE *sampass, SAM_DOMAIN_HANDLE *domain)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.domain = domain;
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's NT name.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_username(SAM_USER_HANDLE *sampass, const char *nt_username)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_user_username: setting nt username %s, was %s\n", nt_username, sampass->private.username));
+
+ sampass->private.username = talloc_strdup(sampass->mem_ctx, nt_username);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's full name.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_fullname(SAM_USER_HANDLE *sampass, const char *full_name)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_user_fullname: setting full name %s, was %s\n", full_name, sampass->private.full_name));
+
+ sampass->private.full_name = talloc_strdup(sampass->mem_ctx, full_name);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's logon script.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_logon_script(SAM_USER_HANDLE *sampass, const char *logon_script, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_logon_script: from %s to %s\n", logon_script, sampass->private.logon_script));
+
+ sampass->private.logon_script = talloc_strdup(sampass->mem_ctx, logon_script);
+
+ sam_set_user_init_flag(sampass, FLAG_SAM_LOGONSCRIPT);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's profile path.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_profile_path (SAM_USER_HANDLE *sampass, const char *profile_path, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_profile_path: setting profile path %s, was %s\n", profile_path, sampass->private.profile_path));
+
+ sampass->private.profile_path = talloc_strdup(sampass->mem_ctx, profile_path);
+
+ if (store) {
+ DEBUG(10, ("sam_set_profile_path: setting profile path sam flag!\n"));
+ sam_set_user_init_flag(sampass, FLAG_SAM_PROFILE);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's directory drive.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_dir_drive (SAM_USER_HANDLE *sampass, const char *dir_drive, BOOL store)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_dir_drive: setting dir drive %s, was %s\n", dir_drive,
+ sampass->private.dir_drive));
+
+ sampass->private.dir_drive = talloc_strdup(sampass->mem_ctx, dir_drive);
+
+ if (store) {
+ DEBUG(10, ("sam_set_dir_drive: setting dir drive sam flag!\n"));
+ sam_set_user_init_flag(sampass, FLAG_SAM_DRIVE);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's home directory.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_homedir (SAM_USER_HANDLE *sampass, const char *home_dir, BOOL store)
+{
+ if (!sampass) return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_homedir: setting home dir %s, was %s\n", home_dir,
+ sampass->private.home_dir));
+
+ sampass->private.home_dir = talloc_strdup(sampass->mem_ctx, home_dir);
+
+ if (store) {
+ DEBUG(10, ("sam_set_homedir: setting home dir sam flag!\n"));
+ sam_set_user_init_flag(sampass, FLAG_SAM_SMBHOME);
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's unix home directory.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_unix_homedir (SAM_USER_HANDLE *sampass, const char *unix_home_dir)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_unix_homedir: setting home dir %s, was %s\n", unix_home_dir,
+ sampass->private.unix_home_dir));
+
+ sampass->private.unix_home_dir = talloc_strdup(sampass->mem_ctx, unix_home_dir);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's account description.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_acct_desc (SAM_USER_HANDLE *sampass, const char *acct_desc)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's workstation allowed list.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_workstations (SAM_USER_HANDLE *sampass, const char *workstations)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ DEBUG(10, ("sam_set_workstations: setting workstations %s, was %s\n", workstations,
+ sampass->private.workstations));
+
+ sampass->private.workstations = talloc_strdup(sampass->mem_ctx, workstations);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's 'unknown_str', whatever the heck this actually is...
+ ********************************************************************/
+
+NTSTATUS sam_set_user_unknown_str (SAM_USER_HANDLE *sampass, const char *unknown_str)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str);
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's dial string.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_munged_dial (SAM_USER_HANDLE *sampass, const char *munged_dial)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial);
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's NT hash.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_nt_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.nt_pw = data;
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's LM hash.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_lm_pwd (SAM_USER_HANDLE *sampass, DATA_BLOB data)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.lm_pw = data;
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's plaintext password only (base procedure, see helper
+ below)
+ ********************************************************************/
+
+NTSTATUS sam_set_user_plaintext_pw_only (SAM_USER_HANDLE *sampass, DATA_BLOB data)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.plaintext_pw = data;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_unknown_1 (SAM_USER_HANDLE *sampass, uint32 unkn)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.unknown_1 = unkn;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_unknown_2 (SAM_USER_HANDLE *sampass, uint32 unkn)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.unknown_2 = unkn;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_unknown_3 (SAM_USER_HANDLE *sampass, uint32 unkn)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ sampass->private.unknown_3 = unkn;
+ return NT_STATUS_OK;
+}
+
+NTSTATUS sam_set_user_hours (SAM_USER_HANDLE *sampass, const uint8 *hours)
+{
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ if (!hours) {
+ memset ((char *)sampass->private.hours, 0, MAX_HOURS_LEN);
+ return NT_STATUS_OK;
+ }
+
+ memcpy (sampass->private.hours, hours, MAX_HOURS_LEN);
+
+ return NT_STATUS_OK;
+}
+
+/* Helpful interfaces to the above */
+
+/*********************************************************************
+ Sets the last changed times and must change times for a normal
+ password change.
+ ********************************************************************/
+
+NTSTATUS sam_set_user_pass_changed_now (SAM_USER_HANDLE *sampass)
+{
+ uint32 expire;
+ NTTIME temptime;
+
+ if (!sampass)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ unix_to_nt_time(&temptime, time(NULL));
+ if (!NT_STATUS_IS_OK(sam_set_user_pass_last_set_time (sampass, temptime)))
+ return NT_STATUS_UNSUCCESSFUL;
+
+ if (!account_policy_get(AP_MAX_PASSWORD_AGE, &expire)
+ || (expire==(uint32)-1)) {
+
+ get_nttime_max(&temptime);
+ if (!NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime, False)))
+ return NT_STATUS_UNSUCCESSFUL;
+
+ } else {
+ /* FIXME: Add expire to temptime */
+
+ if (!NT_STATUS_IS_OK(sam_get_user_pass_last_set_time(sampass,&temptime)) || !NT_STATUS_IS_OK(sam_set_user_pass_must_change_time (sampass, temptime,True)))
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/*********************************************************************
+ Set the user's PLAINTEXT password. Used as an interface to the above.
+ Also sets the last change time to NOW.
+ ********************************************************************/
+
+NTSTATUS sam_set_plaintext_passwd (SAM_USER_HANDLE *sampass, const char *plaintext)
+{
+ DATA_BLOB data;
+ uchar new_lanman_p16[16];
+ uchar new_nt_p16[16];
+
+ if (!sampass || !plaintext)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16);
+
+ data = data_blob(new_nt_p16, 16);
+ if (!NT_STATUS_IS_OK(sam_set_user_nt_pwd (sampass, data)))
+ return NT_STATUS_UNSUCCESSFUL;
+
+ data = data_blob(new_lanman_p16, 16);
+
+ if (!NT_STATUS_IS_OK(sam_set_user_lm_pwd (sampass, data)))
+ return NT_STATUS_UNSUCCESSFUL;
+
+ if (!NT_STATUS_IS_OK(sam_set_user_pass_changed_now (sampass)))
+ return NT_STATUS_UNSUCCESSFUL;
+
+ return NT_STATUS_OK;
+}
+
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ sam/interface.c 2002-08-28 02:47:29.000000000 +0200
@@ -0,0 +1,1001 @@
+/*
+ Unix SMB/CIFS implementation.
+ Password and authentication handling
+ Copyright (C) Andrew Bartlett 2002
+ Copyright (C) Jelmer Vernooij 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_SAM
+
+/** List of various built-in sam modules */
+
+const struct sam_init_function_entry builtin_sam_init_functions[] = {
+ { NULL, NULL}
+};
+
+/* FIXME: wrapper functions : context_* */
+
+/******************************************************************
+ context_sam_* functions are used to link the external SAM interface
+ with the internal backends. These functions lookup the appropriate
+ backends for the domain and pass on to the function in sam_methods
+ in the selected backend
+ *******************************************************************/
+
+NTSTATUS sam_get_methods_by_sid(const struct sam_context *context, struct sam_methods **sam_method, const DOM_SID *domainsid)
+{
+ struct sam_methods *tmp_methods;
+
+ DEBUG(5,("sam_get_methods_by_sid: %d\n", __LINE__));
+
+ if ((!context) || (!context->methods))
+ {
+ DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ tmp_methods = context->methods;
+
+ while (tmp_methods)
+ {
+ if (sid_equal(domainsid, &tmp_methods->domain->private.sid))
+ {
+ (*sam_method) = tmp_methods;
+ return NT_STATUS_OK;
+ }
+ tmp_methods = tmp_methods->next;
+ }
+
+ DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", sid_string_static(domainsid)));
+
+ return NT_STATUS_NO_SUCH_DOMAIN;
+}
+
+NTSTATUS sam_get_methods_by_name(const struct sam_context *context, struct sam_methods **sam_method, const char *domainname)
+{
+ struct sam_methods *tmp_methods;
+
+ DEBUG(5,("sam_get_methods_by_name: %d\n", __LINE__));
+
+ if ((!context) || (!context->methods))
+ {
+ DEBUG(2,("sam_get_methods_by_sid: invalid sam_context specified!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ tmp_methods = context->methods;
+
+ while (tmp_methods)
+ {
+ if (strcmp(domainname, tmp_methods->domain->private.name))
+ {
+ (*sam_method) = tmp_methods;
+ return NT_STATUS_OK;
+ }
+ tmp_methods = tmp_methods->next;
+ }
+
+ DEBUG(3,("sam_get_methods_by_sid: There is no backend specified for domain %s\n", domainname));
+
+ return NT_STATUS_NO_SUCH_DOMAIN;
+}
+
+NTSTATUS context_sam_get_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd)
+{
+ struct sam_methods *tmp_methods;
+// DOM_SID *domainsid;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_get_sec_desc: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_sec_desc) {
+ DEBUG(3, ("context_sam_get_sec_desc: sam_methods of the domain did not specify sam_get_sec_desc\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_sec_desc(tmp_methods, access_token, sid, sd))) {
+ DEBUG(4,("context_sam_get_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_set_sec_desc(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd)
+{
+ struct sam_methods *tmp_methods;
+// DOM_SID *domainsid;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_set_sec_desc: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_set_sec_desc) {
+ DEBUG(3, ("context_sam_set_sec_desc: sam_methods of the domain did not specify sam_set_sec_desc\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_set_sec_desc(tmp_methods, access_token, sid, sd))) {
+ DEBUG(4,("context_sam_set_sec_desc for %s in backend %s failed\n", sid_string_static(sid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+
+NTSTATUS context_sam_lookup_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_lookup_name: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
+ DEBUG(4,("sam_get_methods_by_name failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_lookup_name) {
+ DEBUG(3, ("context_sam_lookup_name: sam_methods of the domain did not specify sam_lookup_name\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_name(tmp_methods, access_token, name, sid, type))) {
+ DEBUG(4,("context_sam_lookup_name for %s\\%s in backend %s failed\n",
+ tmp_methods->domain->private.name, name, tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_lookup_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type)
+{
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ NTSTATUS nt_status;
+ DOM_SID domainsid;
+
+ DEBUG(5,("context_sam_lookup_sid: %d\n", __LINE__));
+
+ sid_copy(&domainsid, sid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_lookup_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_lookup_sid) {
+ DEBUG(3, ("context_sam_lookup_sid: sam_methods of the domain did not specify sam_lookup_sid\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_lookup_sid(tmp_methods, access_token, sid, name, type))) {
+ DEBUG(4,("context_sam_lookup_name for %s in backend %s failed\n",
+ sid_string_static(sid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+
+NTSTATUS context_sam_update_domain(const struct sam_context *context, const SAM_DOMAIN_HANDLE *domain)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS context_sam_enum_domains(const struct sam_context *context, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char ***domain_names)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ SEC_DESC *sd;
+ size_t sd_size;
+ uint32 acc_granted;
+ int i = 0;
+
+ DEBUG(5,("context_sam_enum_domains: %d\n", __LINE__));
+
+ if ((!context)|| (!context->methods)) {
+ DEBUG(2,("context_sam_enum_domains: invalid sam_context specified!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) {
+ DEBUG(4,("samr_make_sam_obj_sd failed\n"));
+ return nt_status;
+ }
+
+ if (!se_access_check(sd, access_token, SAMR_ACCESS_ENUM_DOMAINS, &acc_granted, &nt_status)) {
+ DEBUG(3,("context_sam_enum_domains: ACCESS DENIED\n"));
+ return nt_status;
+ }
+
+ tmp_methods= context->methods;
+
+ while (tmp_methods)
+ {
+ (*domain_count)++;
+ tmp_methods= tmp_methods->next;
+ }
+
+ DEBUG(6,("context_sam_enum_domains: enumerating %d domains\n", (*domain_count)));
+
+ tmp_methods = context->methods;
+
+ if (((*domains) = malloc( sizeof(DOM_SID) * (*domain_count))) == NULL) {
+ DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (((*domain_names) = malloc( sizeof(char*) * (*domain_count))) == NULL) {
+ DEBUG(0,("context_sam_enum_domains: Out of memory allocating domain list\n"));
+ SAFE_FREE((*domains));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ while (tmp_methods)
+ {
+
+ DEBUGADD(7,(" [%d] %s: %s\n", i, tmp_methods->domain->private.name, sid_string_static(&tmp_methods->domain->private.sid)));
+ sid_copy(domains[i],&tmp_methods->domain->private.sid);
+ if(asprintf(&(*domain_names[i]),"%s",tmp_methods->domain->private.name) < 0) {
+ DEBUG(0,("context_sam_enum_domains: asprintf failed"));
+ SAFE_FREE((*domains));
+ SAFE_FREE((*domain_names));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ i++;
+ tmp_methods= tmp_methods->next;
+
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_lookup_domain(const struct sam_context *context, const NT_USER_TOKEN *access_token, const char *domain, DOM_SID **domainsid)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ SEC_DESC *sd;
+ size_t sd_size;
+ uint32 acc_granted;
+
+ DEBUG(5,("context_sam_lookup_domain: %d\n", __LINE__));
+
+ if ((!context)|| (!context->methods)) {
+ DEBUG(2,("context_sam_lookup_domain: invalid sam_context specified!\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = samr_make_sam_obj_sd(context->mem_ctx, &sd, &sd_size))) {
+ DEBUG(4,("samr_make_sam_obj_sd failed\n"));
+ return nt_status;
+ }
+
+ if (!se_access_check(sd, access_token, SAMR_ACCESS_OPEN_DOMAIN, &acc_granted, &nt_status)) {
+ DEBUG(3,("context_sam_lookup_domain: ACCESS DENIED\n"));
+ return nt_status;
+ }
+
+ tmp_methods= context->methods;
+
+ while (tmp_methods)
+ {
+ if (strcmp(domain, tmp_methods->domain->private.name) == 0) {
+ sid_copy((*domainsid), &tmp_methods->domain->private.sid);
+ return NT_STATUS_OK;
+ }
+ tmp_methods= tmp_methods->next;
+ }
+
+ return NT_STATUS_NO_SUCH_DOMAIN;
+}
+
+
+NTSTATUS context_sam_get_domain_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_get_domain_by_sid: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_domain_handle) {
+ DEBUG(3, ("context_sam_get_domain_by_sid: sam_methods of the domain did not specify sam_get_domain_handle\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_domain_handle(tmp_methods, access_token, access_desired, domain))) {
+ DEBUG(4,("context_sam_get_domain_by_sid for %s in backend %s failed\n",
+ sid_string_static(domainsid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_create_user(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_USER_HANDLE **user)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_create_user: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_create_user) {
+ DEBUG(3, ("context_sam_create_user: sam_methods of the domain did not specify sam_create_user\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_user(tmp_methods, access_token, access_desired, user))) {
+ DEBUG(4,("context_sam_create_user in backend %s failed\n",
+ tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_add_user(const struct sam_context *context, const SAM_USER_HANDLE *user)
+{
+ DOM_SID domainsid;
+ DOM_SID *usersid;
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) {
+ DEBUG(0,("Can't get user SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, usersid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_add_user) {
+ DEBUG(3, ("context_sam_add_user: sam_methods of the domain did not specify sam_add_user\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_user(tmp_methods, user))){
+ DEBUG(4,("context_sam_add_user in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_update_user(const struct sam_context *context, const SAM_USER_HANDLE *user)
+{
+ DOM_SID domainsid;
+ struct sam_methods *tmp_methods;
+ DOM_SID *usersid;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) {
+ DEBUG(0,("Can't get user SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, usersid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_update_user) {
+ DEBUG(3, ("context_sam_update_user: sam_methods of the domain did not specify sam_update_user\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_user(tmp_methods, user))){
+ DEBUG(4,("context_sam_update_user in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_delete_user(const struct sam_context *context, SAM_USER_HANDLE *user)
+{
+ DOM_SID domainsid;
+ struct sam_methods *tmp_methods;
+ DOM_SID *usersid;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_user_sid(user, &usersid))) {
+ DEBUG(0,("Can't get user SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, usersid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_delete_user) {
+ DEBUG(3, ("context_sam_delete_user: sam_methods of the domain did not specify sam_delete_user\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_user(tmp_methods, user))){
+ DEBUG(4,("context_sam_delete_user in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_enum_users(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, int32 *user_count, SAM_USER_ENUM **users)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_enum_users: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_enum_users) {
+ DEBUG(3, ("context_sam_enum_users: sam_methods of the domain did not specify sam_enum_users\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_users(tmp_methods, access_token, user_count, users))) {
+ DEBUG(4,("context_sam_enum_users for domain %s in backend %s failed\n",
+ tmp_methods->domain->private.name, tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+
+NTSTATUS context_sam_get_user_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *usersid, SAM_USER_HANDLE **user)
+{
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ DOM_SID domainsid;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_get_user_by_sid: %d\n", __LINE__));
+
+ sid_copy(&domainsid, usersid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_user_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_user_by_sid) {
+ DEBUG(3, ("context_sam_get_user_by_sid: sam_methods of the domain did not specify sam_get_user_by_sid\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_sid(tmp_methods, access_token, access_desired, usersid, user))) {
+ DEBUG(4,("context_sam_get_user_by_sid for %s in backend %s failed\n",
+ sid_string_static(usersid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_get_user_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_USER_HANDLE **user)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_get_user_by_name: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
+ DEBUG(4,("sam_get_methods_by_name failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_user_by_name) {
+ DEBUG(3, ("context_sam_get_user_by_name: sam_methods of the domain did not specify sam_get_user_by_name\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_user_by_name(tmp_methods, access_token, access_desired, name, user))) {
+ DEBUG(4,("context_sam_get_user_by_name for %s\\%s in backend %s failed\n",
+ domain, name, tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_create_group(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, DOM_SID *sid, SAM_GROUP_HANDLE **group)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_create_group: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, sid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_create_group) {
+ DEBUG(3, ("context_sam_create_group: sam_methods of the domain did not specify sam_create_group\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_create_group(tmp_methods, access_token, access_desired, type, group))) {
+ DEBUG(4,("context_sam_create_group in backend %s failed\n",
+ tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_add_group(const struct sam_context *context, const SAM_GROUP_HANDLE *group)
+{
+ DOM_SID domainsid;
+ DOM_SID *groupsid;
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) {
+ DEBUG(0,("Can't get group SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, groupsid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_add_group) {
+ DEBUG(3, ("context_sam_add_group: sam_methods of the domain did not specify sam_add_group\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_add_group(tmp_methods, group))){
+ DEBUG(4,("context_sam_add_group in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_update_group(const struct sam_context *context, const DOM_SID *domainsid, const SAM_GROUP_HANDLE *group)
+{
+ DOM_SID domainsid;
+ DOM_SID *groupsid;
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) {
+ DEBUG(0,("Can't get group SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, groupsid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_update_group) {
+ DEBUG(3, ("context_sam_update_group: sam_methods of the domain did not specify sam_update_group\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_update_group(tmp_methods, group))){
+ DEBUG(4,("context_sam_update_group in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_delete_group(const struct sam_context *context, SAM_GROUP_HANDLE **groupsid)
+{
+ DOM_SID domainsid;
+ struct sam_methods *tmp_methods;
+ DOM_SID *groupsid;
+ uint32 rid;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_get_group_sid(group, &groupsid))) {
+ DEBUG(0,("Can't get group SID\n"));
+ return status;
+ }
+
+ sid_copy(&domainsid, groupsid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return status;
+ }
+
+ if (!tmp_methods->sam_delete_group) {
+ DEBUG(3, ("context_sam_delete_group: sam_methods of the domain did not specify sam_delete_group\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(status = tmp_methods->sam_delete_group(tmp_methods, group))){
+ DEBUG(4,("context_sam_delete_group in backend %s failed\n",
+ tmp_methods->backendname));
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_enum_groups(const struct sam_context *context, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_enum_groups: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_enum_users) {
+ DEBUG(3, ("context_sam_enum_groups: sam_methods of the domain did not specify sam_enum_groups\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_enum_groups(tmp_methods, access_token, type, groups_count, groups))) {
+ DEBUG(4,("context_sam_enum_groups for domain %s in backend %s failed\n",
+ tmp_methods->domain->private.name, tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_get_group_by_sid(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group)
+{
+ struct sam_methods *tmp_methods;
+ uint32 rid;
+ NTSTATUS nt_status;
+ DOM_SID domainsid;
+
+ DEBUG(5,("context_sam_get_group_by_sid: %d\n", __LINE__));
+
+ sid_copy(&domainsid, groupsid);
+ if (!sid_split_rid(&domainsid, &rid)) {
+ DEBUG(3,("context_sam_get_group_by_sid: failed to split the sid\n"));
+ return NT_STATUS_INVALID_SID;
+ }
+
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_sid(context, &tmp_methods, &domainsid))) {
+ DEBUG(4,("sam_get_methods_by_sid failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_group_by_sid) {
+ DEBUG(3, ("context_sam_get_group_by_sid: sam_methods of the domain did not specify sam_get_group_by_sid\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_sid(tmp_methods, access_token, access_desired, groupsid, group))) {
+ DEBUG(4,("context_sam_get_group_by_sid for %s in backend %s failed\n",
+ sid_string_static(groupsid), tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_get_group_by_name(const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group)
+{
+ struct sam_methods *tmp_methods;
+ NTSTATUS nt_status;
+
+ DEBUG(5,("context_sam_get_group_by_name: %d\n", __LINE__));
+
+ if (!NT_STATUS_IS_OK(nt_status = sam_get_methods_by_name(context, &tmp_methods, domain))) {
+ DEBUG(4,("sam_get_methods_by_name failed\n"));
+ return nt_status;
+ }
+
+ if (!tmp_methods->sam_get_group_by_name) {
+ DEBUG(3, ("context_sam_get_group_by_name: sam_methods of the domain did not specify sam_get_group_by_name\n"));
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ if (!NT_STATUS_IS_OK(nt_status = tmp_methods->sam_get_group_by_name(tmp_methods, access_token, access_desired, name, group))) {
+ DEBUG(4,("context_sam_get_group_by_name for %s\\%s in backend %s failed\n",
+ domain, name, tmp_methods->backendname));
+ return nt_status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS context_sam_add_member_to_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+NTSTATUS context_sam_delete_member_from_group(const struct sam_context *context, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS context_sam_enum_groupmembers(const struct sam_context *context, const SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+NTSTATUS context_sam_get_groups_of_user(const struct sam_context *context, const SAM_USER_HANDLE *user, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+
+/******************************************************************
+ Free and cleanup a sam context, any associated data and anything
+ that the attached modules might have associated.
+ *******************************************************************/
+
+void free_sam_context(struct sam_context **context)
+{
+ struct sam_methods *sam_selected = (*context)->methods;
+
+ while (sam_selected){
+ if (sam_selected->free_private_data) {
+ sam_selected->free_private_data(&(sam_selected->private_data));
+ }
+ sam_selected = sam_selected->next;
+ }
+
+ talloc_destroy((*context)->mem_ctx);
+ *context = NULL;
+}
+
+/******************************************************************
+ Make a sam_methods from scratch
+ *******************************************************************/
+
+NTSTATUS make_sam_context_list(struct sam_context **context, char **selected)
+{
+ int i = 0;
+ struct sam_methods *curmethods, *tmpmethods;
+ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+
+ if (!NT_STATUS_IS_OK(nt_status = make_sam_context(context))) {
+ return nt_status;
+ }
+ while (selected[i]){
+ /* Try to initialise sam */
+ DEBUG(5,("Trying to load: %s\n", selected[i]));
+ if (!NT_STATUS_IS_OK(nt_status = make_sam_methods_name(&curmethods, *context, selected[i]))) {
+ DEBUG(1, ("Loading %s failed!\n", selected[i]));
+ free_sam_context(context);
+ return nt_status;
+ }
+ curmethods->parent = *context;
+ DLIST_ADD_END((*context)->methods, curmethods, tmpmethods);
+ i++;
+ }
+ return NT_STATUS_OK;
+}
+
+NTSTATUS make_sam_methods_name(struct sam_methods **methods, struct sam_context *context, const char *selected)
+{
+ char *module_name = smb_xstrdup(selected);
+ char *module_location = NULL, *p;
+ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ int i;
+
+ p = strchr(module_name, ':');
+
+ if (p) {
+ *p = 0;
+ module_location = p+1;
+ trim_string(module_location, " ", " ");
+ }
+
+ trim_string(module_name, " ", " ");
+
+ DEBUG(5,("Attempting to find an sam backend to match %s (%s)\n", selected, module_name));
+ for (i = 0; builtin_sam_init_functions[i].name; i++)
+ {
+ if (strequal(builtin_sam_init_functions[i].name, module_name))
+ {
+ DEBUG(5,("Found sam backend %s (at pos %d)\n", module_name, i));
+ nt_status = builtin_sam_init_functions[i].init(context, methods, module_location);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(5,("sam backend %s has a valid init\n", selected));
+ } else {
+ DEBUG(0,("sam backend %s did not correctly init (error was %s)\n", selected, nt_errstr(nt_status)));
+ }
+ SAFE_FREE(module_name);
+ return nt_status;
+ break; /* unreached */
+ }
+ }
+
+ /* No such backend found */
+ SAFE_FREE(module_name);
+ return NT_STATUS_INVALID_PARAMETER;
+}
+
+/******************************************************************
+ Make a sam_context from scratch.
+ *******************************************************************/
+
+NTSTATUS make_sam_context(struct sam_context **context)
+{
+ TALLOC_CTX *mem_ctx;
+
+ mem_ctx = talloc_init_named("sam_context internal allocation context");
+
+ if (!mem_ctx) {
+ DEBUG(0, ("make_sam_context: talloc init failed!\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ *context = talloc(mem_ctx, sizeof(**context));
+ if (!*context) {
+ DEBUG(0, ("make_sam_context: talloc failed!\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ZERO_STRUCTP(*context);
+
+ (*context)->mem_ctx = mem_ctx;
+
+ /* FIXME */
+
+ (*context)->free_fn = free_sam_context;
+
+ return NT_STATUS_OK;
+}
+
+
+/******************************************************************
+ Return an already initialised sam_context, to facilitate backward
+ compatibility (see functions below).
+ *******************************************************************/
+
+struct sam_context *sam_get_static_context(BOOL reload)
+{
+ static struct sam_context *sam_context = NULL;
+
+ if ((sam_context) && (reload)) {
+ sam_context->free_fn(&sam_context);
+ if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) {
+ return NULL;
+ }
+ }
+
+ if (!sam_context) {
+ if (!NT_STATUS_IS_OK(make_sam_context_list(&sam_context, lp_sam_backend()))) {
+ return NULL;
+ }
+ }
+
+ return sam_context;
+}
+
+/***************************************************************
+ Initialize the static context (at smbd startup etc).
+
+ If uninitialised, context will auto-init on first use.
+ ***************************************************************/
+
+BOOL initialize_sam(BOOL reload)
+{
+ return (sam_get_static_context(reload) != NULL);
+}
+
+
+NTSTATUS make_sam_methods(TALLOC_CTX *mem_ctx, SAM_METHODS **methods)
+{
+ *methods = talloc(mem_ctx, sizeof(struct sam_methods));
+
+ if (!*methods) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ZERO_STRUCTP(*methods);
+
+ return NT_STATUS_OK;
+}
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ include/sam.h 2002-08-28 02:38:29.000000000 +0200
@@ -0,0 +1,258 @@
+/*
+ Unix SMB/CIFS implementation.
+ SAM structures
+ Copyright (C) Kai Krueger 2002
+ Copyright (C) Stefan (metze) Metzmacher 2002
+ Copyright (C) Simo Sorce 2002
+ Copyright (C) Andrew Bartlett 2002
+ Copyright (C) Jelmer Vernooij 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#ifndef _SAM_H
+#define _SAM_H
+
+#define SAM_INTERFACE_VERSION 1
+
+/* use this inside a passdb module */
+#define SAM_MODULE_VERSIONING_MAGIC \
+int sam_version(void)\
+{\
+ return SAM_INTERFACE_VERSION;\
+}
+
+typedef struct sam_domain {
+ TALLOC_CTX *mem_ctx;
+ uint32 access_granted;
+ struct sam_methods *current_sam_methods; /* sam_methods creating this
+handle */
+ void (*free_fn)(struct sam_domain **);
+ struct domain_data {
+ DOM_SID sid; /*SID of the domain. Should not be changed */
+ char *name; /* Name of the domain */
+ char *servername; /* */
+ NTTIME max_passwordage; /* time till next password expiration */
+ NTTIME min_passwordage; /* time till password can be changed again */
+ NTTIME lockout_duration; /* time till login is allowed again after
+lockout*/
+ NTTIME reset_count; /* time till bad login counter is reset */
+ uint16 min_passwordlength; /* minimum number of characters for a password
+*/
+ uint16 password_history; /* number of passwords stored in history */
+ uint16 lockout_count; /* number of bad login attempts before lockout */
+ BOOL force_logoff; /* force logoff after logon hours have expired */
+ BOOL login_pwdchange; /* Users need to logon to change their password */
+ uint32 num_users; /* number of users in the domain */
+ uint32 num_groups; /* number of global groups */
+ uint32 num_aliases; /* number of local groups */
+ } private;
+} SAM_DOMAIN_HANDLE;
+
+typedef struct sam_user {
+ TALLOC_CTX *mem_ctx;
+ uint32 access_granted;
+ struct sam_methods *current_sam_methods; /* sam_methods creating this
+handle */
+ void (*free_fn)(struct sam_user **);
+ struct sam_user_data {
+ uint32 init_flag;
+ NTTIME logon_time; /* logon time */
+ NTTIME logoff_time; /* logoff time */
+ NTTIME kickoff_time; /* kickoff time */
+ NTTIME pass_last_set_time; /* password last set time */
+ NTTIME pass_can_change_time; /* password can change time */
+ NTTIME pass_must_change_time; /* password must change time */
+ char * username; /* username string */
+ SAM_DOMAIN_HANDLE * domain; /* domain of user */
+ char * full_name; /* user's full name string */
+ char * unix_home_dir; /* UNIX home directory string */
+ char * home_dir; /* home directory string */
+ char * dir_drive; /* home directory drive string */
+ char * logon_script; /* logon script string */
+ char * profile_path; /* profile path string */
+ char * acct_desc; /* user description string */
+ char * workstations; /* login from workstations string */
+ char * unknown_str; /* don't know what this is, yet. */
+ char * munged_dial; /* munged path name and dial-back tel number */
+ DOM_SID user_sid; /* Primary User SID */
+ DOM_SID group_sid; /* Primary Group SID */
+ DATA_BLOB lm_pw; /* .data is Null if no password */
+ DATA_BLOB nt_pw; /* .data is Null if no password */
+ DATA_BLOB plaintext_pw; /* .data is Null if not available */
+ uint16 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
+ uint32 unknown_1; /* 0x00ff ffff */
+ uint16 logon_divs; /* 168 - number of hours in a week */
+ uint32 hours_len; /* normally 21 bytes */
+ uint8 hours[MAX_HOURS_LEN];
+ uint32 unknown_2; /* 0x0002 0000 */
+ uint32 unknown_3; /* 0x0000 04ec */
+ } private;
+} SAM_USER_HANDLE;
+
+typedef struct sam_group {
+ TALLOC_CTX *mem_ctx;
+ uint32 access_granted;
+ struct sam_methods *current_sam_methods; /* sam_methods creating this
+handle */
+ void (*free_fn)(struct sam_group **);
+ struct sam_group_data {
+ char *name;
+ char *comment;
+ DOM_SID sid;
+ int32 flags; /* specifies if the group is a lokal group or a global group
+*/
+ uint32 num_members;
+ PRIVILEGE_SET privileges;
+ } private;
+} SAM_GROUP_HANDLE;
+
+
+typedef struct sam_group_member {
+ DOM_SID sid;
+ BOOL group; /* specifies if it is a group or a user */
+
+} SAM_GROUP_MEMBER;
+
+typedef struct sam_user_enum {
+ DOM_SID sid;
+ char *username;
+ char *full_name;
+ char *user_desc;
+ uint16 acc_ctrl;
+} SAM_USER_ENUM;
+
+typedef struct sam_group_enum {
+ DOM_SID sid;
+ char *groupname;
+ char *comment;
+} SAM_GROUP_ENUM;
+
+typedef struct sam_context
+{
+ struct sam_methods *methods;
+ TALLOC_CTX *mem_ctx;
+
+ /* General API */
+
+ NTSTATUS (*sam_get_sec_desc) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd);
+ NTSTATUS (*sam_set_sec_desc) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd);
+
+ NTSTATUS (*sam_lookup_sid) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type);
+ NTSTATUS (*sam_lookup_name) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const char *domain, const char *name, DOM_SID **sid, uint32 *type);
+
+
+ /* Domain API */
+
+ NTSTATUS (*sam_update_domain) ( const struct sam_context *, SAM_DOMAIN_HANDLE *domain);
+
+ NTSTATUS (*sam_enum_domains) ( const struct sam_context *, const NT_USER_TOKEN *access_token, int32 *domain_count, DOM_SID **domains, char **domain_names);
+ NTSTATUS (*sam_lookup_domain) ( const struct sam_context *, const NT_USER_TOKEN * access_token, const char *domain, DOM_SID **domainsid);
+
+ NTSTATUS (*sam_get_domain_by_sid) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *domainsid, SAM_DOMAIN_HANDLE **domain);
+
+
+ /* User API */
+
+ NTSTATUS (*sam_create_user) ( const struct sam_context *context, const NT_USER_TOKEN *access_token, const uint32 access_desired, DOM_SID *domainsid, SAM_USER_HANDLE **user);
+ NTSTATUS (*sam_add_user) ( const struct sam_context *, DOM_SID *domainsid, SAM_USER_HANDLE *user);
+ NTSTATUS (*sam_update_user) ( const struct sam_context *, SAM_USER_HANDLE *user);
+ NTSTATUS (*sam_delete_user) ( const struct sam_context *, SAM_USER_HANDLE * user);
+ NTSTATUS (*sam_enum_users) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const DOM_SID *domain, int32 *user_count, SAM_USER_ENUM **users);
+
+ NTSTATUS (*sam_get_user_by_sid) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *usersid, SAM_USER_HANDLE **user);
+ NTSTATUS (*sam_get_user_by_name) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_USER_HANDLE **user);
+
+ /* Group API */
+
+
+ NTSTATUS (*sam_add_group) ( const struct sam_context *, DOM_SID *domainsid, SAM_GROUP_HANDLE *samgroup);
+ NTSTATUS (*sam_update_group) ( const struct sam_context *, SAM_GROUP_HANDLE *samgroup);
+ NTSTATUS (*sam_delete_group) ( const struct sam_context *, SAM_GROUP_HANDLE *groupsid);
+ NTSTATUS (*sam_enum_groups) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const DOM_SID *domainsid, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups);
+ NTSTATUS (*sam_get_group_by_sid) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group);
+ NTSTATUS (*sam_get_group_by_name) ( const struct sam_context *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *domain, const char *name, SAM_GROUP_HANDLE **group);
+
+ NTSTATUS (*sam_add_member_to_group) ( const struct sam_context *, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member);
+ NTSTATUS (*sam_delete_member_from_group) ( const struct sam_context *, SAM_GROUP_HANDLE *group, SAM_GROUP_MEMBER *member);
+ NTSTATUS (*sam_enum_groupmembers) ( const struct sam_context *, SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members);
+
+ NTSTATUS (*sam_get_groups_of_user) ( const struct sam_context *, SAM_USER_HANDLE *user, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups);
+
+ void (*free_fn)(struct sam_context **);
+} SAM_CONTEXT;
+
+typedef struct sam_methods
+{
+ struct sam_context *parent;
+ struct sam_methods *next;
+ struct sam_methods *prev;
+ const char *backendname;
+ struct sam_domain *domain;
+ void *private_data;
+
+ /* General API */
+
+ NTSTATUS (*sam_get_sec_desc) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, SEC_DESC **sd);
+ NTSTATUS (*sam_set_sec_desc) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, const SEC_DESC *sd);
+
+ NTSTATUS (*sam_lookup_sid) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const DOM_SID *sid, char **name, uint32 *type);
+ NTSTATUS (*sam_lookup_name) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const char *name, DOM_SID **sid, uint32 *type);
+
+ /* Domain API */
+
+ NTSTATUS (*sam_update_domain) ( const struct sam_methods *, SAM_DOMAIN_HANDLE *domain);
+ NTSTATUS (*sam_get_domain_handle) (const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, SAM_DOMAIN_HANDLE **domain);
+
+ /* User API */
+
+ NTSTATUS (*sam_create_user) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, SAM_USER_HANDLE **user);
+ NTSTATUS (*sam_add_user) ( const struct sam_methods *, const SAM_USER_HANDLE *user);
+ NTSTATUS (*sam_update_user) ( const struct sam_methods *, const SAM_USER_HANDLE *user);
+ NTSTATUS (*sam_delete_user) ( const struct sam_methods *, const SAM_USER_HANDLE *user);
+ NTSTATUS (*sam_enum_users) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, int32 *user_count, SAM_USER_ENUM **users);
+
+ NTSTATUS (*sam_get_user_by_sid) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *usersid, SAM_USER_HANDLE **user);
+ NTSTATUS (*sam_get_user_by_name) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_USER_HANDLE **user);
+
+ /* Group API */
+
+ NTSTATUS (*sam_create_group) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const uint32 type, SAM_GROUP_HANDLE **group);
+ NTSTATUS (*sam_add_group) ( const struct sam_methods *, SAM_GROUP_HANDLE *samgroup);
+ NTSTATUS (*sam_update_group) ( const struct sam_methods *, SAM_GROUP_HANDLE *samgroup);
+ NTSTATUS (*sam_delete_group) ( const struct sam_methods *, SAM_GROUP_HANDLE *groupsid);
+ NTSTATUS (*sam_enum_groups) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 type, uint32 *groups_count, SAM_GROUP_ENUM **groups);
+ NTSTATUS (*sam_get_group_by_sid) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const DOM_SID *groupsid, SAM_GROUP_HANDLE **group);
+ NTSTATUS (*sam_get_group_by_name) ( const struct sam_methods *, const NT_USER_TOKEN *access_token, const uint32 access_desired, const char *name, SAM_GROUP_HANDLE **group);
+
+ NTSTATUS (*sam_add_member_to_group) ( const struct sam_methods *, SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
+ NTSTATUS (*sam_delete_member_from_group) ( const struct sam_methods *, SAM_GROUP_HANDLE *group, const SAM_GROUP_MEMBER *member);
+ NTSTATUS (*sam_enum_groupmembers) ( const struct sam_methods *, SAM_GROUP_HANDLE *group, uint32 *members_count, SAM_GROUP_MEMBER **members);
+
+ NTSTATUS (*sam_get_groups_of_user) ( const struct sam_methods *, SAM_USER_HANDLE *user, const uint32 type, uint32 *group_count, SAM_GROUP_ENUM **groups);
+
+ void (*free_private_data)(void **);
+} SAM_METHODS;
+
+typedef NTSTATUS (*sam_init_function)( const struct sam_context *, struct sam_methods **, const char *);
+
+struct sam_init_function_entry {
+ char *name;
+ /* Function to create a member of the sam_methods list */
+ sam_init_function init;
+};
+
+
+#endif /* _SAM_H */
--- /dev/null 2002-07-09 21:30:36.000000000 +0200
+++ passdb/pdb_sam.c 2002-08-28 02:44:17.000000000 +0200
@@ -0,0 +1,244 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Compatibility passdb module for the new SAM system
+ * Copyright (C) Jelmer Vernooij 2002
+ *
+ * This program is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 675
+ * Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_PASSDB
+
+static void sam_user_handle_to_sam_account(SAM_USER_HANDLE *h, SAM_ACCOUNT *a)
+{
+ uint16 uint16;
+ uint32 uint32;
+ NTTIME *time;
+ char *str;
+ DATA_BLOB data;
+ DOM_SID *sid;
+
+ /* @todo set uid and gid */
+
+ sam_get_user_pgroup(h, &sid);
+ pdb_set_group_sid(a, sid);
+
+ sam_get_user_sid(h, &sid);
+ pdb_set_user_sid(a, sid);
+
+ sam_get_user_name(h, &str);
+ pdb_set_nt_username(a, str);
+
+ sam_get_user_fullname(h, &str);
+ pdb_set_fullname(a, str);
+
+ sam_get_user_description(h, &str);
+ pdb_set_acct_desc(a, str);
+
+ sam_get_user_home_dir(h, &str);
+ pdb_set_homedir(a, str);
+
+ sam_get_user_dir_drive(h, &str);
+ pdb_set_dir_drive(a, str);
+
+ sam_get_user_logon_script(h, &str);
+ pdb_set_login_script(a, str);
+
+ sam_get_user_profile_path(h, &str);
+ pdb_set_profile_path(a, str);
+
+ sam_get_user_workstations(h, &str);
+ pdb_set_workstations(a, str);
+
+ sam_get_user_munged_dial(h, &str);
+ pdb_set_munged_dial(a, str);
+
+ sam_get_user_nt_pwd(h, &data);
+ pdb_set_nt_passwd(a, &data);
+
+ sam_get_user_lm_pwd(h, &data);
+ pdb_set_lanman_passwd(a, &data);
+
+ sam_get_user_acct_ctrl(h, &uint16);
+ pdb_set_acct_ctrl(a, uint16);
+
+ sam_get_user_logon_time(h, &time);
+ pdb_set_logon_time(a, nt_time_to_unix(time));
+
+ sam_get_user_logoff_time(h, &time);
+ pdb_set_logoff_time(a, nt_time_to_unix(time));
+
+ sam_get_user_kickoff_time(h, &time);
+ pdb_set_kickoff_time(a, nt_time_to_unix(time));
+
+ sam_get_user_pwd_last_set(h, &time);
+ pdb_set_pass_last_set_time(a, nt_time_to_unix(time));
+
+ sam_get_user_logon_divs(h, &uint16);
+ pdb_set_logon_divs(a, uint16);
+
+ sam_get_user_hours(h, &uint32);
+ pdb_set_hours_len(a, uint32);
+
+ sam_get_user_pwd_can_change(h, &time);
+ pdb_set_pass_can_change_time(a, nt_time_to_unix(time));
+
+ sam_get_user_pwd_must_change(h, &time);
+ pdb_set_pass_must_change_time(a, nt_time_to_unix(time));
+
+ sam_get_user_unknown_1(h, &str);
+ pdb_set_unknown_str(a, str);
+
+ sam_get_user_unknown_2(h, &uint32);
+ pdb_set_unknown_3(a, uint32);
+
+ sam_get_user_unknown_3(h, &uint32);
+ pdb_set_unknown_5(a, uint32);
+
+ sam_get_user_unknown_4(h, &uint32);
+ pdb_set_unknown_6(a, uint32);
+}
+
+static BOOL sam_account_to_sam_user_handle(SAM_ACCOUNT *a, SAM_USER_HANDLE *h)
+{
+ sam_set_user_sid(h, pdb_get_user_sid(a));
+ sam_set_user_pgroup(h, pdb_get_group_sid(a));
+ sam_set_user_name(h, pdb_get_nt_username(a));
+ sam_set_user_fullname(h, pdb_get_fullname(a));
+ sam_set_user_description(h, pdb_get_acct_desc(a));
+ sam_set_user_home_dir(h, pdb_get_homedir(a));
+ sam_set_user_dir_drive(h, pdb_get_dir_drive(a));
+
+
+ NTSTATUS sam_{get,set}_user_dir_drive(SAM_USER_HANDLE *user, char **dir_drive)
+ NTSTATUS sam_{get,set}_user_logon_script(SAM_USER_HANDLE *user, char **logon_script)
+ NTSTATUS sam_{get,set}_user_profile_path(SAM_USER_HANDLE *user, char **profile_path)
+ NTSTATUS sam_{get,set}_user_workstations(SAM_USER_HANDLE *user, char **workstations)
+ NTSTATUS sam_{get,set}_user_munged_dial(SAM_USER_HANDLE *user, char **munged_dial)
+ NTSTATUS sam_{get,set}_user_lm_pwd(SAM_USER_HANDLE *user, DATA_BLOB *lm_pwd)
+ NTSTATUS sam_{get,set}_user_nt_pwd(SAM_USER_HANDLE *user, DATA_BLOB *nt_pwd)
+ NTSTATUS sam_{get,set}_user_plain_pwd(SAM_USER_HANDLE *user, DATA_BLOB *plaintext_pwd)
+ NTSTATUS sam_{get,set}_user_acct_ctrl(SAM_USER_HANDLE *user, uint16 *acct_ctrl)
+ NTSTATUS sam_{get,set}_user_logon_divs(SAM_USER_HANDLE *user, uint16 *logon_divs)
+
+ NTSTATUS sam_{get,set}_user_hours(SAM_USER_HANDLE *user, uint32 *hours_len, uint8 **hours)
+ NTSTATUS sam_{get,set}_user_logon_time(SAM_USER_HANDLE *user, NTTIME *logon_time)
+ NTSTATUS sam_{get,set}_user_logoff_time(SAM_USER_HANDLE *user, NTTIME *logoff_time)
+ NTSTATUS sam_{get,set}_user_kickoff_time(SAM_USER_HANDLE *user, NTTIME kickoff_time)
+ NTSTATUS sam_{get,set}_user_pwd_last_set(SAM_USER_HANDLE *user, NTTIME pwd_last_set)
+ NTSTATUS sam_{get,set}_user_pwd_can_change(SAM_USER_HANDLE *user, NTTIME pwd_can_change)
+ NTSTATUS sam_{get,set}_user_pwd_must_change(SAM_USER_HANDLE *user, NTTIME pwd_must_change)
+ NTSTATUS sam_{get,set}_user_unknown_1(SAM_USER_HANDLE *user, char **unknown_1)
+ NTSTATUS sam_{get,set}_user_unknown_2(SAM_USER_HANDLE *user, uint32 *unknown_2)
+ NTSTATUS sam_{get,set}_user_unknown_3(SAM_USER_HANDLE *user, uint32 *unknown_3)
+ NTSTATUS sam_{get,set}_user_unknown_4(SAM_USER_HANDLE *user, uint32 *unknown_4)
+
+
+ return True;
+}
+
+static BOOL pdb_sam_setsampwent (struct pdb_methods *my_methods, BOOL update)
+{
+
+}
+
+static void smbpasswd_endsampwent (struct pdb_methods *my_methods)
+{
+}
+
+static BOOL smbpasswd_getsampwent(struct pdb_methods *my_methods, SAM_ACCOUNT *user)
+{
+ return True;
+}
+
+static BOOL pdb_sam_getsampwnam(struct pdb_methods *my_methods, SAM_ACCOUNT *user, const char *username)
+{
+ struct SAM_USER_HANDLE *h;
+ if(!NT_STATUS_IS_OK(sam_get_user_by_name(access, access_desired, username, &h))){
+ return False;
+ }
+ sam_user_handle_to_sam_account(h, user);
+ return True;
+
+}
+
+static BOOL pdb_sam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, DOM_SID *sid)
+{
+ struct SAM_USER_HANDLE *h;
+ if(!NT_STATUS_IS_OK(sam_get_user_by_sid(access, access_desired, sid, &h))){
+ return False;
+ }
+ sam_user_handle_to_sam_account(h, user);
+ return True;
+}
+
+static BOOL pdb_sam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT *sampass)
+{
+ struct SAM_USER_HANDLE h;
+ sam_account_to_sam_user_handle(sampass, &h);
+ return NT_STATUS_IS_OK(sam_add_user(h));
+}
+
+static BOOL pdb_sam_update_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT *sampass)
+{
+ struct SAM_USER_HANDLE h;
+ sam_account_to_sam_user_handle(sampass, &h);
+ return NT_STATUS_IS_OK(sam_update_user(h));
+}
+
+static BOOL smbpasswd_delete_sam_account (struct pdb_methods *my_methods, SAM_ACCOUNT *sampass)
+{
+ struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data;
+
+ const char *username = pdb_get_username(sampass);
+
+ return del_smbfilepwd_entry(smbpasswd_state, username);
+}
+
+static void free_private_data(void **vp)
+{
+ struct smbpasswd_privates **privates = (struct smbpasswd_privates**)vp;
+
+ endsmbfilepwent((*privates)->pw_file, &((*privates)->pw_file_lock_depth));
+
+ *privates = NULL;
+ /* No need to free any further, as it is talloc()ed */
+}
+
+
+NTSTATUS pdb_init_sam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
+{
+ NTSTATUS nt_status;
+ struct smbpasswd_privates *privates;
+
+ if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
+ return nt_status;
+ }
+
+ (*pdb_method)->name = "sam";
+
+ (*pdb_method)->setsampwent = pdb_sam_setsampwent;
+ (*pdb_method)->endsampwent = pdb_sam_endsampwent;
+ (*pdb_method)->getsampwent = pdb_sam_getsampwent;
+ (*pdb_method)->getsampwnam = pdb_sam_getsampwnam;
+ (*pdb_method)->getsampwsid = pdb_sam_getsampwsid;
+ (*pdb_method)->add_sam_account = pdb_sam_add_sam_account;
+ (*pdb_method)->update_sam_account = pdb_sam_update_sam_account;
+ (*pdb_method)->delete_sam_account = pdb_sam_delete_sam_account;
+
+ return NT_STATUS_OK;
+}
More information about the samba-technical
mailing list