| 1 | /*
|
|---|
| 2 | * Unix SMB/CIFS implementation.
|
|---|
| 3 | * NetApi User Support
|
|---|
| 4 | * Copyright (C) Guenther Deschner 2008
|
|---|
| 5 | *
|
|---|
| 6 | * This program is free software; you can redistribute it and/or modify
|
|---|
| 7 | * it under the terms of the GNU General Public License as published by
|
|---|
| 8 | * the Free Software Foundation; either version 3 of the License, or
|
|---|
| 9 | * (at your option) any later version.
|
|---|
| 10 | *
|
|---|
| 11 | * This program is distributed in the hope that it will be useful,
|
|---|
| 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|---|
| 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|---|
| 14 | * GNU General Public License for more details.
|
|---|
| 15 | *
|
|---|
| 16 | * You should have received a copy of the GNU General Public License
|
|---|
| 17 | * along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|---|
| 18 | */
|
|---|
| 19 |
|
|---|
| 20 | #include "includes.h"
|
|---|
| 21 |
|
|---|
| 22 | #include "librpc/gen_ndr/libnetapi.h"
|
|---|
| 23 | #include "lib/netapi/netapi.h"
|
|---|
| 24 | #include "lib/netapi/netapi_private.h"
|
|---|
| 25 | #include "lib/netapi/libnetapi.h"
|
|---|
| 26 |
|
|---|
| 27 | /****************************************************************
|
|---|
| 28 | ****************************************************************/
|
|---|
| 29 |
|
|---|
| 30 | static void convert_USER_INFO_1_to_samr_user_info25(struct USER_INFO_1 *info1,
|
|---|
| 31 | DATA_BLOB *user_session_key,
|
|---|
| 32 | struct samr_UserInfo25 *info25)
|
|---|
| 33 | {
|
|---|
| 34 | uint32_t fields_present = SAMR_FIELD_ACCT_FLAGS;
|
|---|
| 35 | struct samr_LogonHours zero_logon_hours;
|
|---|
| 36 | struct lsa_BinaryString zero_parameters;
|
|---|
| 37 | uint32_t acct_flags = 0;
|
|---|
| 38 | NTTIME password_age;
|
|---|
| 39 |
|
|---|
| 40 | ZERO_STRUCTP(info25);
|
|---|
| 41 | ZERO_STRUCT(zero_logon_hours);
|
|---|
| 42 | ZERO_STRUCT(zero_parameters);
|
|---|
| 43 |
|
|---|
| 44 | if (info1->usri1_name) {
|
|---|
| 45 | fields_present |= SAMR_FIELD_FULL_NAME;
|
|---|
| 46 | }
|
|---|
| 47 | if (info1->usri1_password) {
|
|---|
| 48 | fields_present |= SAMR_FIELD_PASSWORD;
|
|---|
| 49 | }
|
|---|
| 50 | if (info1->usri1_flags) {
|
|---|
| 51 | fields_present |= SAMR_FIELD_ACCT_FLAGS;
|
|---|
| 52 | }
|
|---|
| 53 | if (info1->usri1_name) {
|
|---|
| 54 | fields_present |= SAMR_FIELD_FULL_NAME;
|
|---|
| 55 | }
|
|---|
| 56 | if (info1->usri1_home_dir) {
|
|---|
| 57 | fields_present |= SAMR_FIELD_HOME_DIRECTORY;
|
|---|
| 58 | }
|
|---|
| 59 | if (info1->usri1_script_path) {
|
|---|
| 60 | fields_present |= SAMR_FIELD_LOGON_SCRIPT;
|
|---|
| 61 | }
|
|---|
| 62 | if (info1->usri1_comment) {
|
|---|
| 63 | fields_present |= SAMR_FIELD_DESCRIPTION;
|
|---|
| 64 | }
|
|---|
| 65 | if (info1->usri1_password_age) {
|
|---|
| 66 | fields_present |= SAMR_FIELD_FORCE_PWD_CHANGE;
|
|---|
| 67 | }
|
|---|
| 68 |
|
|---|
| 69 | acct_flags |= info1->usri1_flags | ACB_NORMAL;
|
|---|
| 70 |
|
|---|
| 71 | unix_to_nt_time_abs(&password_age, info1->usri1_password_age);
|
|---|
| 72 |
|
|---|
| 73 | /* TODO: info1->usri1_priv */
|
|---|
| 74 | init_samr_user_info21(&info25->info,
|
|---|
| 75 | 0,
|
|---|
| 76 | 0,
|
|---|
| 77 | 0,
|
|---|
| 78 | 0,
|
|---|
| 79 | 0,
|
|---|
| 80 | password_age,
|
|---|
| 81 | NULL,
|
|---|
| 82 | info1->usri1_name,
|
|---|
| 83 | info1->usri1_home_dir,
|
|---|
| 84 | NULL,
|
|---|
| 85 | info1->usri1_script_path,
|
|---|
| 86 | NULL,
|
|---|
| 87 | info1->usri1_comment,
|
|---|
| 88 | NULL,
|
|---|
| 89 | NULL,
|
|---|
| 90 | &zero_parameters,
|
|---|
| 91 | 0,
|
|---|
| 92 | 0,
|
|---|
| 93 | acct_flags,
|
|---|
| 94 | fields_present,
|
|---|
| 95 | zero_logon_hours,
|
|---|
| 96 | 0,
|
|---|
| 97 | 0,
|
|---|
| 98 | 0,
|
|---|
| 99 | 0,
|
|---|
| 100 | 0,
|
|---|
| 101 | 0,
|
|---|
| 102 | 0);
|
|---|
| 103 |
|
|---|
| 104 | if (info1->usri1_password) {
|
|---|
| 105 | uchar pwbuf[532];
|
|---|
| 106 | struct MD5Context ctx;
|
|---|
| 107 | uint8_t confounder[16];
|
|---|
| 108 | DATA_BLOB confounded_session_key = data_blob(NULL, 16);
|
|---|
| 109 |
|
|---|
| 110 | encode_pw_buffer(pwbuf, info1->usri1_password, STR_UNICODE);
|
|---|
| 111 |
|
|---|
| 112 | generate_random_buffer((uint8_t *)confounder, 16);
|
|---|
| 113 |
|
|---|
| 114 | MD5Init(&ctx);
|
|---|
| 115 | MD5Update(&ctx, confounder, 16);
|
|---|
| 116 | MD5Update(&ctx, user_session_key->data,
|
|---|
| 117 | user_session_key->length);
|
|---|
| 118 | MD5Final(confounded_session_key.data, &ctx);
|
|---|
| 119 |
|
|---|
| 120 | SamOEMhashBlob(pwbuf, 516, &confounded_session_key);
|
|---|
| 121 | memcpy(&pwbuf[516], confounder, 16);
|
|---|
| 122 |
|
|---|
| 123 | memcpy(info25->password.data, pwbuf, sizeof(pwbuf));
|
|---|
| 124 | data_blob_free(&confounded_session_key);
|
|---|
| 125 | }
|
|---|
| 126 | }
|
|---|
| 127 |
|
|---|
| 128 | /****************************************************************
|
|---|
| 129 | ****************************************************************/
|
|---|
| 130 |
|
|---|
| 131 | WERROR NetUserAdd_r(struct libnetapi_ctx *ctx,
|
|---|
| 132 | struct NetUserAdd *r)
|
|---|
| 133 | {
|
|---|
| 134 | struct cli_state *cli = NULL;
|
|---|
| 135 | struct rpc_pipe_client *pipe_cli = NULL;
|
|---|
| 136 | NTSTATUS status;
|
|---|
| 137 | WERROR werr;
|
|---|
| 138 | uint32_t resume_handle = 0;
|
|---|
| 139 | uint32_t num_entries = 0;
|
|---|
| 140 | POLICY_HND connect_handle, domain_handle, user_handle;
|
|---|
| 141 | struct samr_SamArray *sam = NULL;
|
|---|
| 142 | const char *domain_name = NULL;
|
|---|
| 143 | struct lsa_String lsa_domain_name, lsa_account_name;
|
|---|
| 144 | struct dom_sid2 *domain_sid = NULL;
|
|---|
| 145 | struct samr_UserInfo25 info25;
|
|---|
| 146 | union samr_UserInfo *user_info = NULL;
|
|---|
| 147 | struct samr_PwInfo pw_info;
|
|---|
| 148 | uint32_t access_granted = 0;
|
|---|
| 149 | uint32_t rid = 0;
|
|---|
| 150 | bool domain_found = true;
|
|---|
| 151 | int i;
|
|---|
| 152 | struct USER_INFO_1 *info1;
|
|---|
| 153 |
|
|---|
| 154 | ZERO_STRUCT(connect_handle);
|
|---|
| 155 | ZERO_STRUCT(domain_handle);
|
|---|
| 156 | ZERO_STRUCT(user_handle);
|
|---|
| 157 |
|
|---|
| 158 | if (!r->in.buffer) {
|
|---|
| 159 | return WERR_INVALID_PARAM;
|
|---|
| 160 | }
|
|---|
| 161 |
|
|---|
| 162 | switch (r->in.level) {
|
|---|
| 163 | case 1:
|
|---|
| 164 | info1 = (struct USER_INFO_1 *)r->in.buffer;
|
|---|
| 165 | break;
|
|---|
| 166 | case 2:
|
|---|
| 167 | case 3:
|
|---|
| 168 | case 4:
|
|---|
| 169 | default:
|
|---|
| 170 | werr = WERR_NOT_SUPPORTED;
|
|---|
| 171 | goto done;
|
|---|
| 172 | }
|
|---|
| 173 |
|
|---|
| 174 | werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
|
|---|
| 175 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 176 | goto done;
|
|---|
| 177 | }
|
|---|
| 178 |
|
|---|
| 179 | werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli);
|
|---|
| 180 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 181 | goto done;
|
|---|
| 182 | }
|
|---|
| 183 |
|
|---|
| 184 | status = rpccli_try_samr_connects(pipe_cli, ctx,
|
|---|
| 185 | SAMR_ACCESS_ENUM_DOMAINS |
|
|---|
| 186 | SAMR_ACCESS_OPEN_DOMAIN,
|
|---|
| 187 | &connect_handle);
|
|---|
| 188 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 189 | werr = ntstatus_to_werror(status);
|
|---|
| 190 | goto done;
|
|---|
| 191 | }
|
|---|
| 192 |
|
|---|
| 193 | status = rpccli_samr_EnumDomains(pipe_cli, ctx,
|
|---|
| 194 | &connect_handle,
|
|---|
| 195 | &resume_handle,
|
|---|
| 196 | &sam,
|
|---|
| 197 | 0xffffffff,
|
|---|
| 198 | &num_entries);
|
|---|
| 199 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 200 | werr = ntstatus_to_werror(status);
|
|---|
| 201 | goto done;
|
|---|
| 202 | }
|
|---|
| 203 |
|
|---|
| 204 | for (i=0; i<num_entries; i++) {
|
|---|
| 205 |
|
|---|
| 206 | domain_name = sam->entries[i].name.string;
|
|---|
| 207 |
|
|---|
| 208 | if (strequal(domain_name, builtin_domain_name())) {
|
|---|
| 209 | continue;
|
|---|
| 210 | }
|
|---|
| 211 |
|
|---|
| 212 | domain_found = true;
|
|---|
| 213 | break;
|
|---|
| 214 | }
|
|---|
| 215 |
|
|---|
| 216 | if (!domain_found) {
|
|---|
| 217 | werr = WERR_NO_SUCH_DOMAIN;
|
|---|
| 218 | goto done;
|
|---|
| 219 | }
|
|---|
| 220 |
|
|---|
| 221 | init_lsa_String(&lsa_domain_name, domain_name);
|
|---|
| 222 |
|
|---|
| 223 | status = rpccli_samr_LookupDomain(pipe_cli, ctx,
|
|---|
| 224 | &connect_handle,
|
|---|
| 225 | &lsa_domain_name,
|
|---|
| 226 | &domain_sid);
|
|---|
| 227 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 228 | werr = ntstatus_to_werror(status);
|
|---|
| 229 | goto done;
|
|---|
| 230 | }
|
|---|
| 231 |
|
|---|
| 232 | status = rpccli_samr_OpenDomain(pipe_cli, ctx,
|
|---|
| 233 | &connect_handle,
|
|---|
| 234 | SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 |
|
|---|
| 235 | SAMR_DOMAIN_ACCESS_CREATE_USER |
|
|---|
| 236 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
|
|---|
| 237 | domain_sid,
|
|---|
| 238 | &domain_handle);
|
|---|
| 239 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 240 | werr = ntstatus_to_werror(status);
|
|---|
| 241 | goto done;
|
|---|
| 242 | }
|
|---|
| 243 |
|
|---|
| 244 | init_lsa_String(&lsa_account_name, info1->usri1_name);
|
|---|
| 245 |
|
|---|
| 246 | status = rpccli_samr_CreateUser2(pipe_cli, ctx,
|
|---|
| 247 | &domain_handle,
|
|---|
| 248 | &lsa_account_name,
|
|---|
| 249 | ACB_NORMAL,
|
|---|
| 250 | SEC_STD_WRITE_DAC |
|
|---|
| 251 | SEC_STD_DELETE |
|
|---|
| 252 | SAMR_USER_ACCESS_SET_PASSWORD |
|
|---|
| 253 | SAMR_USER_ACCESS_SET_ATTRIBUTES |
|
|---|
| 254 | SAMR_USER_ACCESS_GET_ATTRIBUTES,
|
|---|
| 255 | &user_handle,
|
|---|
| 256 | &access_granted,
|
|---|
| 257 | &rid);
|
|---|
| 258 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 259 | werr = ntstatus_to_werror(status);
|
|---|
| 260 | goto done;
|
|---|
| 261 | }
|
|---|
| 262 |
|
|---|
| 263 | status = rpccli_samr_QueryUserInfo(pipe_cli, ctx,
|
|---|
| 264 | &user_handle,
|
|---|
| 265 | 16,
|
|---|
| 266 | &user_info);
|
|---|
| 267 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 268 | werr = ntstatus_to_werror(status);
|
|---|
| 269 | goto done;
|
|---|
| 270 | }
|
|---|
| 271 |
|
|---|
| 272 | if (!(user_info->info16.acct_flags & ACB_NORMAL)) {
|
|---|
| 273 | werr = WERR_INVALID_PARAM;
|
|---|
| 274 | goto done;
|
|---|
| 275 | }
|
|---|
| 276 |
|
|---|
| 277 | status = rpccli_samr_GetUserPwInfo(pipe_cli, ctx,
|
|---|
| 278 | &user_handle,
|
|---|
| 279 | &pw_info);
|
|---|
| 280 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 281 | werr = ntstatus_to_werror(status);
|
|---|
| 282 | goto done;
|
|---|
| 283 | }
|
|---|
| 284 |
|
|---|
| 285 | ZERO_STRUCTP(user_info);
|
|---|
| 286 |
|
|---|
| 287 | convert_USER_INFO_1_to_samr_user_info25(info1,
|
|---|
| 288 | &cli->user_session_key,
|
|---|
| 289 | &info25);
|
|---|
| 290 |
|
|---|
| 291 | if (info1->usri1_password) {
|
|---|
| 292 | user_info->info25 = info25;
|
|---|
| 293 | status = rpccli_samr_SetUserInfo2(pipe_cli, ctx,
|
|---|
| 294 | &user_handle,
|
|---|
| 295 | 25,
|
|---|
| 296 | user_info);
|
|---|
| 297 | } else {
|
|---|
| 298 | user_info->info21 = info25.info;
|
|---|
| 299 | status = rpccli_samr_SetUserInfo(pipe_cli, ctx,
|
|---|
| 300 | &user_handle,
|
|---|
| 301 | 21,
|
|---|
| 302 | user_info);
|
|---|
| 303 |
|
|---|
| 304 | }
|
|---|
| 305 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 306 | werr = ntstatus_to_werror(status);
|
|---|
| 307 | goto failed;
|
|---|
| 308 | }
|
|---|
| 309 |
|
|---|
| 310 | werr = WERR_OK;
|
|---|
| 311 | goto done;
|
|---|
| 312 |
|
|---|
| 313 | failed:
|
|---|
| 314 | rpccli_samr_DeleteUser(pipe_cli, ctx,
|
|---|
| 315 | &user_handle);
|
|---|
| 316 |
|
|---|
| 317 | done:
|
|---|
| 318 | if (!cli) {
|
|---|
| 319 | return werr;
|
|---|
| 320 | }
|
|---|
| 321 |
|
|---|
| 322 | if (is_valid_policy_hnd(&user_handle)) {
|
|---|
| 323 | rpccli_samr_Close(pipe_cli, ctx, &user_handle);
|
|---|
| 324 | }
|
|---|
| 325 | if (is_valid_policy_hnd(&domain_handle)) {
|
|---|
| 326 | rpccli_samr_Close(pipe_cli, ctx, &domain_handle);
|
|---|
| 327 | }
|
|---|
| 328 | if (is_valid_policy_hnd(&connect_handle)) {
|
|---|
| 329 | rpccli_samr_Close(pipe_cli, ctx, &connect_handle);
|
|---|
| 330 | }
|
|---|
| 331 |
|
|---|
| 332 | return werr;
|
|---|
| 333 | }
|
|---|
| 334 |
|
|---|
| 335 | /****************************************************************
|
|---|
| 336 | ****************************************************************/
|
|---|
| 337 |
|
|---|
| 338 | WERROR NetUserAdd_l(struct libnetapi_ctx *ctx,
|
|---|
| 339 | struct NetUserAdd *r)
|
|---|
| 340 | {
|
|---|
| 341 | /* for now just talk to local RPC server */
|
|---|
| 342 | if (!r->in.server_name) {
|
|---|
| 343 | r->in.server_name = "localhost";
|
|---|
| 344 | }
|
|---|
| 345 |
|
|---|
| 346 | return NetUserAdd_r(ctx, r);
|
|---|
| 347 | }
|
|---|
| 348 |
|
|---|
| 349 | /****************************************************************
|
|---|
| 350 | ****************************************************************/
|
|---|
| 351 |
|
|---|
| 352 | WERROR NetUserDel_r(struct libnetapi_ctx *ctx,
|
|---|
| 353 | struct NetUserDel *r)
|
|---|
| 354 | {
|
|---|
| 355 | struct cli_state *cli = NULL;
|
|---|
| 356 | struct rpc_pipe_client *pipe_cli = NULL;
|
|---|
| 357 | NTSTATUS status;
|
|---|
| 358 | WERROR werr;
|
|---|
| 359 | uint32_t resume_handle = 0;
|
|---|
| 360 | uint32_t num_entries = 0;
|
|---|
| 361 | POLICY_HND connect_handle, builtin_handle, domain_handle, user_handle;
|
|---|
| 362 | struct samr_SamArray *sam = NULL;
|
|---|
| 363 | const char *domain_name = NULL;
|
|---|
| 364 | struct lsa_String lsa_domain_name, lsa_account_name;
|
|---|
| 365 | struct samr_Ids user_rids, name_types;
|
|---|
| 366 | struct dom_sid2 *domain_sid = NULL;
|
|---|
| 367 | struct dom_sid2 user_sid;
|
|---|
| 368 | bool domain_found = true;
|
|---|
| 369 | int i;
|
|---|
| 370 |
|
|---|
| 371 | ZERO_STRUCT(connect_handle);
|
|---|
| 372 | ZERO_STRUCT(builtin_handle);
|
|---|
| 373 | ZERO_STRUCT(domain_handle);
|
|---|
| 374 | ZERO_STRUCT(user_handle);
|
|---|
| 375 |
|
|---|
| 376 | werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
|
|---|
| 377 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 378 | goto done;
|
|---|
| 379 | }
|
|---|
| 380 |
|
|---|
| 381 | werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli);
|
|---|
| 382 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 383 | goto done;
|
|---|
| 384 | }
|
|---|
| 385 |
|
|---|
| 386 | status = rpccli_try_samr_connects(pipe_cli, ctx,
|
|---|
| 387 | SAMR_ACCESS_ENUM_DOMAINS |
|
|---|
| 388 | SAMR_ACCESS_OPEN_DOMAIN,
|
|---|
| 389 | &connect_handle);
|
|---|
| 390 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 391 | werr = ntstatus_to_werror(status);
|
|---|
| 392 | goto done;
|
|---|
| 393 | }
|
|---|
| 394 |
|
|---|
| 395 | status = rpccli_samr_EnumDomains(pipe_cli, ctx,
|
|---|
| 396 | &connect_handle,
|
|---|
| 397 | &resume_handle,
|
|---|
| 398 | &sam,
|
|---|
| 399 | 0xffffffff,
|
|---|
| 400 | &num_entries);
|
|---|
| 401 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 402 | werr = ntstatus_to_werror(status);
|
|---|
| 403 | goto done;
|
|---|
| 404 | }
|
|---|
| 405 |
|
|---|
| 406 | for (i=0; i<num_entries; i++) {
|
|---|
| 407 |
|
|---|
| 408 | domain_name = sam->entries[i].name.string;
|
|---|
| 409 |
|
|---|
| 410 | if (strequal(domain_name, builtin_domain_name())) {
|
|---|
| 411 | continue;
|
|---|
| 412 | }
|
|---|
| 413 |
|
|---|
| 414 | domain_found = true;
|
|---|
| 415 | break;
|
|---|
| 416 | }
|
|---|
| 417 |
|
|---|
| 418 | if (!domain_found) {
|
|---|
| 419 | werr = WERR_NO_SUCH_DOMAIN;
|
|---|
| 420 | goto done;
|
|---|
| 421 | }
|
|---|
| 422 |
|
|---|
| 423 | init_lsa_String(&lsa_domain_name, domain_name);
|
|---|
| 424 |
|
|---|
| 425 | status = rpccli_samr_LookupDomain(pipe_cli, ctx,
|
|---|
| 426 | &connect_handle,
|
|---|
| 427 | &lsa_domain_name,
|
|---|
| 428 | &domain_sid);
|
|---|
| 429 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 430 | werr = ntstatus_to_werror(status);
|
|---|
| 431 | goto done;
|
|---|
| 432 | }
|
|---|
| 433 |
|
|---|
| 434 | status = rpccli_samr_OpenDomain(pipe_cli, ctx,
|
|---|
| 435 | &connect_handle,
|
|---|
| 436 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
|
|---|
| 437 | domain_sid,
|
|---|
| 438 | &domain_handle);
|
|---|
| 439 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 440 | werr = ntstatus_to_werror(status);
|
|---|
| 441 | goto done;
|
|---|
| 442 | }
|
|---|
| 443 |
|
|---|
| 444 | status = rpccli_samr_OpenDomain(pipe_cli, ctx,
|
|---|
| 445 | &connect_handle,
|
|---|
| 446 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
|
|---|
| 447 | CONST_DISCARD(DOM_SID *, &global_sid_Builtin),
|
|---|
| 448 | &builtin_handle);
|
|---|
| 449 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 450 | werr = ntstatus_to_werror(status);
|
|---|
| 451 | goto done;
|
|---|
| 452 | }
|
|---|
| 453 |
|
|---|
| 454 | init_lsa_String(&lsa_account_name, r->in.user_name);
|
|---|
| 455 |
|
|---|
| 456 | status = rpccli_samr_LookupNames(pipe_cli, ctx,
|
|---|
| 457 | &domain_handle,
|
|---|
| 458 | 1,
|
|---|
| 459 | &lsa_account_name,
|
|---|
| 460 | &user_rids,
|
|---|
| 461 | &name_types);
|
|---|
| 462 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 463 | werr = ntstatus_to_werror(status);
|
|---|
| 464 | goto done;
|
|---|
| 465 | }
|
|---|
| 466 |
|
|---|
| 467 | status = rpccli_samr_OpenUser(pipe_cli, ctx,
|
|---|
| 468 | &domain_handle,
|
|---|
| 469 | STD_RIGHT_DELETE_ACCESS,
|
|---|
| 470 | user_rids.ids[0],
|
|---|
| 471 | &user_handle);
|
|---|
| 472 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 473 | werr = ntstatus_to_werror(status);
|
|---|
| 474 | goto done;
|
|---|
| 475 | }
|
|---|
| 476 |
|
|---|
| 477 | sid_compose(&user_sid, domain_sid, user_rids.ids[0]);
|
|---|
| 478 |
|
|---|
| 479 | status = rpccli_samr_RemoveMemberFromForeignDomain(pipe_cli, ctx,
|
|---|
| 480 | &builtin_handle,
|
|---|
| 481 | &user_sid);
|
|---|
| 482 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 483 | werr = ntstatus_to_werror(status);
|
|---|
| 484 | goto done;
|
|---|
| 485 | }
|
|---|
| 486 |
|
|---|
| 487 | status = rpccli_samr_DeleteUser(pipe_cli, ctx,
|
|---|
| 488 | &user_handle);
|
|---|
| 489 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 490 | werr = ntstatus_to_werror(status);
|
|---|
| 491 | goto done;
|
|---|
| 492 | }
|
|---|
| 493 |
|
|---|
| 494 | werr = WERR_OK;
|
|---|
| 495 |
|
|---|
| 496 | done:
|
|---|
| 497 | if (!cli) {
|
|---|
| 498 | return werr;
|
|---|
| 499 | }
|
|---|
| 500 |
|
|---|
| 501 | if (is_valid_policy_hnd(&user_handle)) {
|
|---|
| 502 | rpccli_samr_Close(pipe_cli, ctx, &user_handle);
|
|---|
| 503 | }
|
|---|
| 504 | if (is_valid_policy_hnd(&builtin_handle)) {
|
|---|
| 505 | rpccli_samr_Close(pipe_cli, ctx, &builtin_handle);
|
|---|
| 506 | }
|
|---|
| 507 | if (is_valid_policy_hnd(&domain_handle)) {
|
|---|
| 508 | rpccli_samr_Close(pipe_cli, ctx, &domain_handle);
|
|---|
| 509 | }
|
|---|
| 510 | if (is_valid_policy_hnd(&connect_handle)) {
|
|---|
| 511 | rpccli_samr_Close(pipe_cli, ctx, &connect_handle);
|
|---|
| 512 | }
|
|---|
| 513 |
|
|---|
| 514 | return werr;
|
|---|
| 515 | }
|
|---|
| 516 |
|
|---|
| 517 | /****************************************************************
|
|---|
| 518 | ****************************************************************/
|
|---|
| 519 |
|
|---|
| 520 | WERROR NetUserDel_l(struct libnetapi_ctx *ctx,
|
|---|
| 521 | struct NetUserDel *r)
|
|---|
| 522 | {
|
|---|
| 523 | /* for now just talk to local RPC server */
|
|---|
| 524 | if (!r->in.server_name) {
|
|---|
| 525 | r->in.server_name = "localhost";
|
|---|
| 526 | }
|
|---|
| 527 |
|
|---|
| 528 | return NetUserDel_r(ctx, r);
|
|---|
| 529 | }
|
|---|
| 530 |
|
|---|
| 531 | /****************************************************************
|
|---|
| 532 | ****************************************************************/
|
|---|
| 533 |
|
|---|
| 534 | static WERROR convert_samr_samarray_to_USER_INFO_buffer(TALLOC_CTX *mem_ctx,
|
|---|
| 535 | struct samr_SamArray *sam_array,
|
|---|
| 536 | uint32_t level,
|
|---|
| 537 | uint8_t **buffer)
|
|---|
| 538 | {
|
|---|
| 539 | struct USER_INFO_0 *info0 = NULL;
|
|---|
| 540 | int i;
|
|---|
| 541 |
|
|---|
| 542 | switch (level) {
|
|---|
| 543 | case 0:
|
|---|
| 544 | info0 = TALLOC_ZERO_ARRAY(mem_ctx, struct USER_INFO_0,
|
|---|
| 545 | sam_array->count);
|
|---|
| 546 | W_ERROR_HAVE_NO_MEMORY(info0);
|
|---|
| 547 |
|
|---|
| 548 | for (i=0; i<sam_array->count; i++) {
|
|---|
| 549 | info0[i].usri0_name = talloc_strdup(mem_ctx,
|
|---|
| 550 | sam_array->entries[i].name.string);
|
|---|
| 551 | W_ERROR_HAVE_NO_MEMORY(info0[i].usri0_name);
|
|---|
| 552 | }
|
|---|
| 553 |
|
|---|
| 554 | *buffer = (uint8_t *)talloc_memdup(mem_ctx, info0,
|
|---|
| 555 | sizeof(struct USER_INFO_0) * sam_array->count);
|
|---|
| 556 | W_ERROR_HAVE_NO_MEMORY(*buffer);
|
|---|
| 557 | break;
|
|---|
| 558 | default:
|
|---|
| 559 | return WERR_NOT_SUPPORTED;
|
|---|
| 560 | }
|
|---|
| 561 |
|
|---|
| 562 | return WERR_OK;
|
|---|
| 563 | }
|
|---|
| 564 |
|
|---|
| 565 | /****************************************************************
|
|---|
| 566 | ****************************************************************/
|
|---|
| 567 |
|
|---|
| 568 | WERROR NetUserEnum_r(struct libnetapi_ctx *ctx,
|
|---|
| 569 | struct NetUserEnum *r)
|
|---|
| 570 | {
|
|---|
| 571 | struct cli_state *cli = NULL;
|
|---|
| 572 | struct rpc_pipe_client *pipe_cli = NULL;
|
|---|
| 573 | struct policy_handle connect_handle;
|
|---|
| 574 | struct dom_sid2 *domain_sid = NULL;
|
|---|
| 575 | struct policy_handle domain_handle;
|
|---|
| 576 | struct samr_SamArray *sam = NULL;
|
|---|
| 577 | uint32_t num_entries = 0;
|
|---|
| 578 | int i;
|
|---|
| 579 | const char *domain_name = NULL;
|
|---|
| 580 | bool domain_found = true;
|
|---|
| 581 | uint32_t dom_resume_handle = 0;
|
|---|
| 582 | struct lsa_String lsa_domain_name;
|
|---|
| 583 |
|
|---|
| 584 | NTSTATUS status;
|
|---|
| 585 | WERROR werr;
|
|---|
| 586 |
|
|---|
| 587 | ZERO_STRUCT(connect_handle);
|
|---|
| 588 | ZERO_STRUCT(domain_handle);
|
|---|
| 589 |
|
|---|
| 590 | switch (r->in.level) {
|
|---|
| 591 | case 0:
|
|---|
| 592 | break;
|
|---|
| 593 | case 1:
|
|---|
| 594 | case 2:
|
|---|
| 595 | case 3:
|
|---|
| 596 | case 10:
|
|---|
| 597 | case 11:
|
|---|
| 598 | case 20:
|
|---|
| 599 | case 23:
|
|---|
| 600 | default:
|
|---|
| 601 | return WERR_NOT_SUPPORTED;
|
|---|
| 602 | }
|
|---|
| 603 |
|
|---|
| 604 | werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
|
|---|
| 605 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 606 | goto done;
|
|---|
| 607 | }
|
|---|
| 608 |
|
|---|
| 609 | werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli);
|
|---|
| 610 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 611 | goto done;
|
|---|
| 612 | }
|
|---|
| 613 |
|
|---|
| 614 | status = rpccli_try_samr_connects(pipe_cli, ctx,
|
|---|
| 615 | SAMR_ACCESS_OPEN_DOMAIN |
|
|---|
| 616 | SAMR_ACCESS_ENUM_DOMAINS,
|
|---|
| 617 | &connect_handle);
|
|---|
| 618 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 619 | werr = ntstatus_to_werror(status);
|
|---|
| 620 | goto done;
|
|---|
| 621 | }
|
|---|
| 622 |
|
|---|
| 623 | status = rpccli_samr_EnumDomains(pipe_cli, ctx,
|
|---|
| 624 | &connect_handle,
|
|---|
| 625 | &dom_resume_handle,
|
|---|
| 626 | &sam,
|
|---|
| 627 | 0xffffffff,
|
|---|
| 628 | &num_entries);
|
|---|
| 629 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 630 | werr = ntstatus_to_werror(status);
|
|---|
| 631 | goto done;
|
|---|
| 632 | }
|
|---|
| 633 |
|
|---|
| 634 | for (i=0; i<num_entries; i++) {
|
|---|
| 635 |
|
|---|
| 636 | domain_name = sam->entries[i].name.string;
|
|---|
| 637 |
|
|---|
| 638 | if (strequal(domain_name, builtin_domain_name())) {
|
|---|
| 639 | continue;
|
|---|
| 640 | }
|
|---|
| 641 |
|
|---|
| 642 | domain_found = true;
|
|---|
| 643 | break;
|
|---|
| 644 | }
|
|---|
| 645 |
|
|---|
| 646 | if (!domain_found) {
|
|---|
| 647 | werr = WERR_NO_SUCH_DOMAIN;
|
|---|
| 648 | goto done;
|
|---|
| 649 | }
|
|---|
| 650 |
|
|---|
| 651 | init_lsa_String(&lsa_domain_name, domain_name);
|
|---|
| 652 |
|
|---|
| 653 | status = rpccli_samr_LookupDomain(pipe_cli, ctx,
|
|---|
| 654 | &connect_handle,
|
|---|
| 655 | &lsa_domain_name,
|
|---|
| 656 | &domain_sid);
|
|---|
| 657 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 658 | werr = ntstatus_to_werror(status);
|
|---|
| 659 | goto done;
|
|---|
| 660 | }
|
|---|
| 661 |
|
|---|
| 662 | status = rpccli_samr_OpenDomain(pipe_cli,
|
|---|
| 663 | ctx,
|
|---|
| 664 | &connect_handle,
|
|---|
| 665 | SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 |
|
|---|
| 666 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
|
|---|
| 667 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
|
|---|
| 668 | domain_sid,
|
|---|
| 669 | &domain_handle);
|
|---|
| 670 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 671 | werr = ntstatus_to_werror(status);
|
|---|
| 672 | goto done;
|
|---|
| 673 | }
|
|---|
| 674 |
|
|---|
| 675 | status = rpccli_samr_EnumDomainUsers(pipe_cli,
|
|---|
| 676 | ctx,
|
|---|
| 677 | &domain_handle,
|
|---|
| 678 | r->in.resume_handle,
|
|---|
| 679 | r->in.filter,
|
|---|
| 680 | &sam,
|
|---|
| 681 | r->in.prefmaxlen,
|
|---|
| 682 | r->out.entries_read);
|
|---|
| 683 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 684 | werr = ntstatus_to_werror(status);
|
|---|
| 685 | goto done;
|
|---|
| 686 | }
|
|---|
| 687 |
|
|---|
| 688 | werr = convert_samr_samarray_to_USER_INFO_buffer(ctx, sam,
|
|---|
| 689 | r->in.level,
|
|---|
| 690 | r->out.buffer);
|
|---|
| 691 |
|
|---|
| 692 | done:
|
|---|
| 693 | if (!cli) {
|
|---|
| 694 | return werr;
|
|---|
| 695 | }
|
|---|
| 696 |
|
|---|
| 697 | if (is_valid_policy_hnd(&domain_handle)) {
|
|---|
| 698 | rpccli_samr_Close(pipe_cli, ctx, &domain_handle);
|
|---|
| 699 | }
|
|---|
| 700 | if (is_valid_policy_hnd(&connect_handle)) {
|
|---|
| 701 | rpccli_samr_Close(pipe_cli, ctx, &connect_handle);
|
|---|
| 702 | }
|
|---|
| 703 |
|
|---|
| 704 | return werr;
|
|---|
| 705 | }
|
|---|
| 706 |
|
|---|
| 707 | /****************************************************************
|
|---|
| 708 | ****************************************************************/
|
|---|
| 709 |
|
|---|
| 710 | WERROR NetUserEnum_l(struct libnetapi_ctx *ctx,
|
|---|
| 711 | struct NetUserEnum *r)
|
|---|
| 712 | {
|
|---|
| 713 | return WERR_NOT_SUPPORTED;
|
|---|
| 714 | }
|
|---|
| 715 |
|
|---|
| 716 | /****************************************************************
|
|---|
| 717 | ****************************************************************/
|
|---|
| 718 |
|
|---|
| 719 | static WERROR convert_samr_dispinfo_to_NET_DISPLAY_USER(TALLOC_CTX *mem_ctx,
|
|---|
| 720 | struct samr_DispInfoGeneral *info,
|
|---|
| 721 | uint32_t *entries_read,
|
|---|
| 722 | void **buffer)
|
|---|
| 723 | {
|
|---|
| 724 | struct NET_DISPLAY_USER *user = NULL;
|
|---|
| 725 | int i;
|
|---|
| 726 |
|
|---|
| 727 | user = TALLOC_ZERO_ARRAY(mem_ctx,
|
|---|
| 728 | struct NET_DISPLAY_USER,
|
|---|
| 729 | info->count);
|
|---|
| 730 | W_ERROR_HAVE_NO_MEMORY(user);
|
|---|
| 731 |
|
|---|
| 732 | for (i = 0; i < info->count; i++) {
|
|---|
| 733 | user[i].usri1_name = talloc_strdup(mem_ctx,
|
|---|
| 734 | info->entries[i].account_name.string);
|
|---|
| 735 | user[i].usri1_comment = talloc_strdup(mem_ctx,
|
|---|
| 736 | info->entries[i].description.string);
|
|---|
| 737 | user[i].usri1_flags =
|
|---|
| 738 | info->entries[i].acct_flags;
|
|---|
| 739 | user[i].usri1_full_name = talloc_strdup(mem_ctx,
|
|---|
| 740 | info->entries[i].full_name.string);
|
|---|
| 741 | user[i].usri1_user_id =
|
|---|
| 742 | info->entries[i].rid;
|
|---|
| 743 | user[i].usri1_next_index =
|
|---|
| 744 | info->entries[i].idx;
|
|---|
| 745 |
|
|---|
| 746 | if (!user[i].usri1_name) {
|
|---|
| 747 | return WERR_NOMEM;
|
|---|
| 748 | }
|
|---|
| 749 | }
|
|---|
| 750 |
|
|---|
| 751 | *buffer = talloc_memdup(mem_ctx, user,
|
|---|
| 752 | sizeof(struct NET_DISPLAY_USER) * info->count);
|
|---|
| 753 | W_ERROR_HAVE_NO_MEMORY(*buffer);
|
|---|
| 754 |
|
|---|
| 755 | *entries_read = info->count;
|
|---|
| 756 |
|
|---|
| 757 | return WERR_OK;
|
|---|
| 758 | }
|
|---|
| 759 |
|
|---|
| 760 | /****************************************************************
|
|---|
| 761 | ****************************************************************/
|
|---|
| 762 |
|
|---|
| 763 | static WERROR convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(TALLOC_CTX *mem_ctx,
|
|---|
| 764 | struct samr_DispInfoFull *info,
|
|---|
| 765 | uint32_t *entries_read,
|
|---|
| 766 | void **buffer)
|
|---|
| 767 | {
|
|---|
| 768 | struct NET_DISPLAY_MACHINE *machine = NULL;
|
|---|
| 769 | int i;
|
|---|
| 770 |
|
|---|
| 771 | machine = TALLOC_ZERO_ARRAY(mem_ctx,
|
|---|
| 772 | struct NET_DISPLAY_MACHINE,
|
|---|
| 773 | info->count);
|
|---|
| 774 | W_ERROR_HAVE_NO_MEMORY(machine);
|
|---|
| 775 |
|
|---|
| 776 | for (i = 0; i < info->count; i++) {
|
|---|
| 777 | machine[i].usri2_name = talloc_strdup(mem_ctx,
|
|---|
| 778 | info->entries[i].account_name.string);
|
|---|
| 779 | machine[i].usri2_comment = talloc_strdup(mem_ctx,
|
|---|
| 780 | info->entries[i].description.string);
|
|---|
| 781 | machine[i].usri2_flags =
|
|---|
| 782 | info->entries[i].acct_flags;
|
|---|
| 783 | machine[i].usri2_user_id =
|
|---|
| 784 | info->entries[i].rid;
|
|---|
| 785 | machine[i].usri2_next_index =
|
|---|
| 786 | info->entries[i].idx;
|
|---|
| 787 |
|
|---|
| 788 | if (!machine[i].usri2_name) {
|
|---|
| 789 | return WERR_NOMEM;
|
|---|
| 790 | }
|
|---|
| 791 | }
|
|---|
| 792 |
|
|---|
| 793 | *buffer = talloc_memdup(mem_ctx, machine,
|
|---|
| 794 | sizeof(struct NET_DISPLAY_MACHINE) * info->count);
|
|---|
| 795 | W_ERROR_HAVE_NO_MEMORY(*buffer);
|
|---|
| 796 |
|
|---|
| 797 | *entries_read = info->count;
|
|---|
| 798 |
|
|---|
| 799 | return WERR_OK;
|
|---|
| 800 | }
|
|---|
| 801 |
|
|---|
| 802 | /****************************************************************
|
|---|
| 803 | ****************************************************************/
|
|---|
| 804 |
|
|---|
| 805 | static WERROR convert_samr_dispinfo_to_NET_DISPLAY_GROUP(TALLOC_CTX *mem_ctx,
|
|---|
| 806 | struct samr_DispInfoFullGroups *info,
|
|---|
| 807 | uint32_t *entries_read,
|
|---|
| 808 | void **buffer)
|
|---|
| 809 | {
|
|---|
| 810 | struct NET_DISPLAY_GROUP *group = NULL;
|
|---|
| 811 | int i;
|
|---|
| 812 |
|
|---|
| 813 | group = TALLOC_ZERO_ARRAY(mem_ctx,
|
|---|
| 814 | struct NET_DISPLAY_GROUP,
|
|---|
| 815 | info->count);
|
|---|
| 816 | W_ERROR_HAVE_NO_MEMORY(group);
|
|---|
| 817 |
|
|---|
| 818 | for (i = 0; i < info->count; i++) {
|
|---|
| 819 | group[i].grpi3_name = talloc_strdup(mem_ctx,
|
|---|
| 820 | info->entries[i].account_name.string);
|
|---|
| 821 | group[i].grpi3_comment = talloc_strdup(mem_ctx,
|
|---|
| 822 | info->entries[i].description.string);
|
|---|
| 823 | group[i].grpi3_group_id =
|
|---|
| 824 | info->entries[i].rid;
|
|---|
| 825 | group[i].grpi3_attributes =
|
|---|
| 826 | info->entries[i].acct_flags;
|
|---|
| 827 | group[i].grpi3_next_index =
|
|---|
| 828 | info->entries[i].idx;
|
|---|
| 829 |
|
|---|
| 830 | if (!group[i].grpi3_name) {
|
|---|
| 831 | return WERR_NOMEM;
|
|---|
| 832 | }
|
|---|
| 833 | }
|
|---|
| 834 |
|
|---|
| 835 | *buffer = talloc_memdup(mem_ctx, group,
|
|---|
| 836 | sizeof(struct NET_DISPLAY_GROUP) * info->count);
|
|---|
| 837 | W_ERROR_HAVE_NO_MEMORY(*buffer);
|
|---|
| 838 |
|
|---|
| 839 | *entries_read = info->count;
|
|---|
| 840 |
|
|---|
| 841 | return WERR_OK;
|
|---|
| 842 |
|
|---|
| 843 | }
|
|---|
| 844 |
|
|---|
| 845 | /****************************************************************
|
|---|
| 846 | ****************************************************************/
|
|---|
| 847 |
|
|---|
| 848 | WERROR convert_samr_dispinfo_to_NET_DISPLAY(TALLOC_CTX *mem_ctx,
|
|---|
| 849 | union samr_DispInfo *info,
|
|---|
| 850 | uint32_t level,
|
|---|
| 851 | uint32_t *entries_read,
|
|---|
| 852 | void **buffer)
|
|---|
| 853 | {
|
|---|
| 854 | switch (level) {
|
|---|
| 855 | case 1:
|
|---|
| 856 | return convert_samr_dispinfo_to_NET_DISPLAY_USER(mem_ctx,
|
|---|
| 857 | &info->info1,
|
|---|
| 858 | entries_read,
|
|---|
| 859 | buffer);
|
|---|
| 860 | case 2:
|
|---|
| 861 | return convert_samr_dispinfo_to_NET_DISPLAY_MACHINE(mem_ctx,
|
|---|
| 862 | &info->info2,
|
|---|
| 863 | entries_read,
|
|---|
| 864 | buffer);
|
|---|
| 865 | case 3:
|
|---|
| 866 | return convert_samr_dispinfo_to_NET_DISPLAY_GROUP(mem_ctx,
|
|---|
| 867 | &info->info3,
|
|---|
| 868 | entries_read,
|
|---|
| 869 | buffer);
|
|---|
| 870 | default:
|
|---|
| 871 | return WERR_UNKNOWN_LEVEL;
|
|---|
| 872 | }
|
|---|
| 873 |
|
|---|
| 874 | return WERR_OK;
|
|---|
| 875 | }
|
|---|
| 876 |
|
|---|
| 877 | /****************************************************************
|
|---|
| 878 | ****************************************************************/
|
|---|
| 879 |
|
|---|
| 880 | WERROR NetQueryDisplayInformation_r(struct libnetapi_ctx *ctx,
|
|---|
| 881 | struct NetQueryDisplayInformation *r)
|
|---|
| 882 | {
|
|---|
| 883 | struct cli_state *cli = NULL;
|
|---|
| 884 | struct rpc_pipe_client *pipe_cli = NULL;
|
|---|
| 885 | struct policy_handle connect_handle;
|
|---|
| 886 | struct dom_sid2 *domain_sid = NULL;
|
|---|
| 887 | struct policy_handle domain_handle;
|
|---|
| 888 | union samr_DispInfo info;
|
|---|
| 889 | struct samr_SamArray *sam = NULL;
|
|---|
| 890 | uint32_t num_entries = 0;
|
|---|
| 891 | int i;
|
|---|
| 892 | const char *domain_name = NULL;
|
|---|
| 893 | bool domain_found = true;
|
|---|
| 894 | uint32_t dom_resume_handle = 0;
|
|---|
| 895 | struct lsa_String lsa_domain_name;
|
|---|
| 896 |
|
|---|
| 897 | uint32_t total_size = 0;
|
|---|
| 898 | uint32_t returned_size = 0;
|
|---|
| 899 |
|
|---|
| 900 | NTSTATUS status;
|
|---|
| 901 | WERROR werr;
|
|---|
| 902 | WERROR werr_tmp;
|
|---|
| 903 |
|
|---|
| 904 | *r->out.entries_read = 0;
|
|---|
| 905 |
|
|---|
| 906 | ZERO_STRUCT(connect_handle);
|
|---|
| 907 | ZERO_STRUCT(domain_handle);
|
|---|
| 908 |
|
|---|
| 909 | switch (r->in.level) {
|
|---|
| 910 | case 1:
|
|---|
| 911 | case 2:
|
|---|
| 912 | case 3:
|
|---|
| 913 | break;
|
|---|
| 914 | default:
|
|---|
| 915 | return WERR_UNKNOWN_LEVEL;
|
|---|
| 916 | }
|
|---|
| 917 |
|
|---|
| 918 | werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
|
|---|
| 919 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 920 | goto done;
|
|---|
| 921 | }
|
|---|
| 922 |
|
|---|
| 923 | werr = libnetapi_open_pipe(ctx, cli, PI_SAMR, &pipe_cli);
|
|---|
| 924 | if (!W_ERROR_IS_OK(werr)) {
|
|---|
| 925 | goto done;
|
|---|
| 926 | }
|
|---|
| 927 |
|
|---|
| 928 | status = rpccli_try_samr_connects(pipe_cli, ctx,
|
|---|
| 929 | SAMR_ACCESS_OPEN_DOMAIN |
|
|---|
| 930 | SAMR_ACCESS_ENUM_DOMAINS,
|
|---|
| 931 | &connect_handle);
|
|---|
| 932 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 933 | werr = ntstatus_to_werror(status);
|
|---|
| 934 | goto done;
|
|---|
| 935 | }
|
|---|
| 936 |
|
|---|
| 937 | status = rpccli_samr_EnumDomains(pipe_cli, ctx,
|
|---|
| 938 | &connect_handle,
|
|---|
| 939 | &dom_resume_handle,
|
|---|
| 940 | &sam,
|
|---|
| 941 | 0xffffffff,
|
|---|
| 942 | &num_entries);
|
|---|
| 943 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 944 | werr = ntstatus_to_werror(status);
|
|---|
| 945 | goto done;
|
|---|
| 946 | }
|
|---|
| 947 |
|
|---|
| 948 | for (i=0; i<num_entries; i++) {
|
|---|
| 949 |
|
|---|
| 950 | domain_name = sam->entries[i].name.string;
|
|---|
| 951 |
|
|---|
| 952 | if (strequal(domain_name, builtin_domain_name())) {
|
|---|
| 953 | continue;
|
|---|
| 954 | }
|
|---|
| 955 |
|
|---|
| 956 | domain_found = true;
|
|---|
| 957 | break;
|
|---|
| 958 | }
|
|---|
| 959 |
|
|---|
| 960 | if (!domain_found) {
|
|---|
| 961 | werr = WERR_NO_SUCH_DOMAIN;
|
|---|
| 962 | goto done;
|
|---|
| 963 | }
|
|---|
| 964 |
|
|---|
| 965 | init_lsa_String(&lsa_domain_name, domain_name);
|
|---|
| 966 |
|
|---|
| 967 | status = rpccli_samr_LookupDomain(pipe_cli, ctx,
|
|---|
| 968 | &connect_handle,
|
|---|
| 969 | &lsa_domain_name,
|
|---|
| 970 | &domain_sid);
|
|---|
| 971 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 972 | werr = ntstatus_to_werror(status);
|
|---|
| 973 | goto done;
|
|---|
| 974 | }
|
|---|
| 975 |
|
|---|
| 976 | status = rpccli_samr_OpenDomain(pipe_cli,
|
|---|
| 977 | ctx,
|
|---|
| 978 | &connect_handle,
|
|---|
| 979 | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS |
|
|---|
| 980 | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
|
|---|
| 981 | domain_sid,
|
|---|
| 982 | &domain_handle);
|
|---|
| 983 | if (!NT_STATUS_IS_OK(status)) {
|
|---|
| 984 | werr = ntstatus_to_werror(status);
|
|---|
| 985 | goto done;
|
|---|
| 986 | }
|
|---|
| 987 |
|
|---|
| 988 | status = rpccli_samr_QueryDisplayInfo2(pipe_cli,
|
|---|
| 989 | ctx,
|
|---|
| 990 | &domain_handle,
|
|---|
| 991 | r->in.level,
|
|---|
| 992 | r->in.idx,
|
|---|
| 993 | r->in.entries_requested,
|
|---|
| 994 | r->in.prefmaxlen,
|
|---|
| 995 | &total_size,
|
|---|
| 996 | &returned_size,
|
|---|
| 997 | &info);
|
|---|
| 998 | werr = ntstatus_to_werror(status);
|
|---|
| 999 | if (NT_STATUS_IS_ERR(status)) {
|
|---|
| 1000 | goto done;
|
|---|
| 1001 | }
|
|---|
| 1002 |
|
|---|
| 1003 | werr_tmp = convert_samr_dispinfo_to_NET_DISPLAY(ctx, &info,
|
|---|
| 1004 | r->in.level,
|
|---|
| 1005 | r->out.entries_read,
|
|---|
| 1006 | r->out.buffer);
|
|---|
| 1007 | if (!W_ERROR_IS_OK(werr_tmp)) {
|
|---|
| 1008 | werr = werr_tmp;
|
|---|
| 1009 | }
|
|---|
| 1010 | done:
|
|---|
| 1011 | if (!cli) {
|
|---|
| 1012 | return werr;
|
|---|
| 1013 | }
|
|---|
| 1014 |
|
|---|
| 1015 | if (is_valid_policy_hnd(&domain_handle)) {
|
|---|
| 1016 | rpccli_samr_Close(pipe_cli, ctx, &domain_handle);
|
|---|
| 1017 | }
|
|---|
| 1018 | if (is_valid_policy_hnd(&connect_handle)) {
|
|---|
| 1019 | rpccli_samr_Close(pipe_cli, ctx, &connect_handle);
|
|---|
| 1020 | }
|
|---|
| 1021 |
|
|---|
| 1022 | return werr;
|
|---|
| 1023 |
|
|---|
| 1024 | }
|
|---|
| 1025 |
|
|---|
| 1026 | /****************************************************************
|
|---|
| 1027 | ****************************************************************/
|
|---|
| 1028 |
|
|---|
| 1029 |
|
|---|
| 1030 | WERROR NetQueryDisplayInformation_l(struct libnetapi_ctx *ctx,
|
|---|
| 1031 | struct NetQueryDisplayInformation *r)
|
|---|
| 1032 | {
|
|---|
| 1033 | return WERR_NOT_SUPPORTED;
|
|---|
| 1034 | }
|
|---|
