Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : SAMR Pipe utility functions.
4 :
5 : Copyright (C) Luke Kenneth Casson Leighton 1996-1998
6 : Copyright (C) Gerald (Jerry) Carter 2000-2001
7 : Copyright (C) Andrew Bartlett 2001-2002
8 : Copyright (C) Stefan (metze) Metzmacher 2002
9 : Copyright (C) Guenther Deschner 2008
10 :
11 : This program is free software; you can redistribute it and/or modify
12 : it under the terms of the GNU General Public License as published by
13 : the Free Software Foundation; either version 3 of the License, or
14 : (at your option) any later version.
15 :
16 : This program is distributed in the hope that it will be useful,
17 : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 : GNU General Public License for more details.
20 :
21 : You should have received a copy of the GNU General Public License
22 : along with this program. If not, see <http://www.gnu.org/licenses/>.
23 : */
24 :
25 : #include "includes.h"
26 : #include "../librpc/gen_ndr/samr.h"
27 : #include "rpc_server/samr/srv_samr_util.h"
28 : #include "passdb.h"
29 : #include "lib/util/base64.h"
30 :
31 : #undef DBGC_CLASS
32 : #define DBGC_CLASS DBGC_RPC_SRV
33 :
34 : #define STRING_CHANGED (old_string && !new_string) ||\
35 : (!old_string && new_string) ||\
36 : (old_string && new_string && (strcmp(old_string, new_string) != 0))
37 :
38 : #define STRING_CHANGED_NC(s1,s2) ((s1) && !(s2)) ||\
39 : (!(s1) && (s2)) ||\
40 : ((s1) && (s2) && (strcmp((s1), (s2)) != 0))
41 :
42 : /*************************************************************
43 : Copies a struct samr_UserInfo2 to a struct samu
44 : **************************************************************/
45 :
46 8 : void copy_id2_to_sam_passwd(struct samu *to,
47 : struct samr_UserInfo2 *from)
48 : {
49 0 : struct samr_UserInfo21 i;
50 :
51 8 : if (from == NULL || to == NULL) {
52 0 : return;
53 : }
54 :
55 8 : ZERO_STRUCT(i);
56 :
57 8 : i.fields_present = SAMR_FIELD_COMMENT |
58 : SAMR_FIELD_COUNTRY_CODE |
59 : SAMR_FIELD_CODE_PAGE;
60 8 : i.comment = from->comment;
61 8 : i.country_code = from->country_code;
62 8 : i.code_page = from->code_page;
63 :
64 8 : copy_id21_to_sam_passwd("INFO_2", to, &i);
65 : }
66 :
67 : /*************************************************************
68 : Copies a struct samr_UserInfo4 to a struct samu
69 : **************************************************************/
70 :
71 12 : void copy_id4_to_sam_passwd(struct samu *to,
72 : struct samr_UserInfo4 *from)
73 : {
74 0 : struct samr_UserInfo21 i;
75 :
76 12 : if (from == NULL || to == NULL) {
77 0 : return;
78 : }
79 :
80 12 : ZERO_STRUCT(i);
81 :
82 12 : i.fields_present = SAMR_FIELD_LOGON_HOURS;
83 12 : i.logon_hours = from->logon_hours;
84 :
85 12 : copy_id21_to_sam_passwd("INFO_4", to, &i);
86 : }
87 :
88 : /*************************************************************
89 : Copies a struct samr_UserInfo6 to a struct samu
90 : **************************************************************/
91 :
92 48 : void copy_id6_to_sam_passwd(struct samu *to,
93 : struct samr_UserInfo6 *from)
94 : {
95 0 : struct samr_UserInfo21 i;
96 :
97 48 : if (from == NULL || to == NULL) {
98 0 : return;
99 : }
100 :
101 48 : ZERO_STRUCT(i);
102 :
103 48 : i.fields_present = SAMR_FIELD_ACCOUNT_NAME |
104 : SAMR_FIELD_FULL_NAME;
105 48 : i.account_name = from->account_name;
106 48 : i.full_name = from->full_name;
107 :
108 48 : copy_id21_to_sam_passwd("INFO_6", to, &i);
109 : }
110 :
111 : /*************************************************************
112 : Copies a struct samr_UserInfo8 to a struct samu
113 : **************************************************************/
114 :
115 8 : void copy_id8_to_sam_passwd(struct samu *to,
116 : struct samr_UserInfo8 *from)
117 : {
118 0 : struct samr_UserInfo21 i;
119 :
120 8 : if (from == NULL || to == NULL) {
121 0 : return;
122 : }
123 :
124 8 : ZERO_STRUCT(i);
125 :
126 8 : i.fields_present = SAMR_FIELD_FULL_NAME;
127 8 : i.full_name = from->full_name;
128 :
129 8 : copy_id21_to_sam_passwd("INFO_8", to, &i);
130 : }
131 :
132 : /*************************************************************
133 : Copies a struct samr_UserInfo10 to a struct samu
134 : **************************************************************/
135 :
136 24 : void copy_id10_to_sam_passwd(struct samu *to,
137 : struct samr_UserInfo10 *from)
138 : {
139 0 : struct samr_UserInfo21 i;
140 :
141 24 : if (from == NULL || to == NULL) {
142 0 : return;
143 : }
144 :
145 24 : ZERO_STRUCT(i);
146 :
147 24 : i.fields_present = SAMR_FIELD_HOME_DIRECTORY |
148 : SAMR_FIELD_HOME_DRIVE;
149 24 : i.home_directory = from->home_directory;
150 24 : i.home_drive = from->home_drive;
151 :
152 24 : copy_id21_to_sam_passwd("INFO_10", to, &i);
153 : }
154 :
155 : /*************************************************************
156 : Copies a struct samr_UserInfo11 to a struct samu
157 : **************************************************************/
158 :
159 12 : void copy_id11_to_sam_passwd(struct samu *to,
160 : struct samr_UserInfo11 *from)
161 : {
162 0 : struct samr_UserInfo21 i;
163 :
164 12 : if (from == NULL || to == NULL) {
165 0 : return;
166 : }
167 :
168 12 : ZERO_STRUCT(i);
169 :
170 12 : i.fields_present = SAMR_FIELD_LOGON_SCRIPT;
171 12 : i.logon_script = from->logon_script;
172 :
173 12 : copy_id21_to_sam_passwd("INFO_11", to, &i);
174 : }
175 :
176 : /*************************************************************
177 : Copies a struct samr_UserInfo12 to a struct samu
178 : **************************************************************/
179 :
180 12 : void copy_id12_to_sam_passwd(struct samu *to,
181 : struct samr_UserInfo12 *from)
182 : {
183 0 : struct samr_UserInfo21 i;
184 :
185 12 : if (from == NULL || to == NULL) {
186 0 : return;
187 : }
188 :
189 12 : ZERO_STRUCT(i);
190 :
191 12 : i.fields_present = SAMR_FIELD_PROFILE_PATH;
192 12 : i.profile_path = from->profile_path;
193 :
194 12 : copy_id21_to_sam_passwd("INFO_12", to, &i);
195 : }
196 :
197 : /*************************************************************
198 : Copies a struct samr_UserInfo13 to a struct samu
199 : **************************************************************/
200 :
201 12 : void copy_id13_to_sam_passwd(struct samu *to,
202 : struct samr_UserInfo13 *from)
203 : {
204 0 : struct samr_UserInfo21 i;
205 :
206 12 : if (from == NULL || to == NULL) {
207 0 : return;
208 : }
209 :
210 12 : ZERO_STRUCT(i);
211 :
212 12 : i.fields_present = SAMR_FIELD_DESCRIPTION;
213 12 : i.description = from->description;
214 :
215 12 : copy_id21_to_sam_passwd("INFO_13", to, &i);
216 : }
217 :
218 : /*************************************************************
219 : Copies a struct samr_UserInfo14 to a struct samu
220 : **************************************************************/
221 :
222 12 : void copy_id14_to_sam_passwd(struct samu *to,
223 : struct samr_UserInfo14 *from)
224 : {
225 0 : struct samr_UserInfo21 i;
226 :
227 12 : if (from == NULL || to == NULL) {
228 0 : return;
229 : }
230 :
231 12 : ZERO_STRUCT(i);
232 :
233 12 : i.fields_present = SAMR_FIELD_WORKSTATIONS;
234 12 : i.workstations = from->workstations;
235 :
236 12 : copy_id21_to_sam_passwd("INFO_14", to, &i);
237 : }
238 :
239 : /*************************************************************
240 : Copies a struct samr_UserInfo16 to a struct samu
241 : **************************************************************/
242 :
243 53 : void copy_id16_to_sam_passwd(struct samu *to,
244 : struct samr_UserInfo16 *from)
245 : {
246 0 : struct samr_UserInfo21 i;
247 :
248 53 : if (from == NULL || to == NULL) {
249 0 : return;
250 : }
251 :
252 53 : ZERO_STRUCT(i);
253 :
254 53 : i.fields_present = SAMR_FIELD_ACCT_FLAGS;
255 53 : i.acct_flags = from->acct_flags;
256 :
257 53 : copy_id21_to_sam_passwd("INFO_16", to, &i);
258 : }
259 :
260 : /*************************************************************
261 : Copies a struct samr_UserInfo17 to a struct samu
262 : **************************************************************/
263 :
264 8 : void copy_id17_to_sam_passwd(struct samu *to,
265 : struct samr_UserInfo17 *from)
266 : {
267 0 : struct samr_UserInfo21 i;
268 :
269 8 : if (from == NULL || to == NULL) {
270 0 : return;
271 : }
272 :
273 8 : ZERO_STRUCT(i);
274 :
275 8 : i.fields_present = SAMR_FIELD_ACCT_EXPIRY;
276 8 : i.acct_expiry = from->acct_expiry;
277 :
278 8 : copy_id21_to_sam_passwd("INFO_17", to, &i);
279 : }
280 :
281 : /*************************************************************
282 : Copies a struct samr_UserInfo18 to a struct samu
283 : **************************************************************/
284 :
285 26 : void copy_id18_to_sam_passwd(struct samu *to,
286 : struct samr_UserInfo18 *from)
287 : {
288 0 : struct samr_UserInfo21 i;
289 :
290 26 : if (from == NULL || to == NULL) {
291 0 : return;
292 : }
293 :
294 26 : ZERO_STRUCT(i);
295 :
296 26 : i.fields_present = SAMR_FIELD_EXPIRED_FLAG;
297 26 : i.password_expired = from->password_expired;
298 :
299 26 : copy_id21_to_sam_passwd("INFO_18", to, &i);
300 : }
301 :
302 : /*************************************************************
303 : Copies a struct samr_UserInfo20 to a struct samu
304 : **************************************************************/
305 :
306 8 : void copy_id20_to_sam_passwd(struct samu *to,
307 : struct samr_UserInfo20 *from)
308 : {
309 0 : DATA_BLOB mung;
310 :
311 8 : if (from == NULL || to == NULL) {
312 0 : return;
313 : }
314 :
315 8 : if (from->parameters.array) {
316 0 : const char *old_string;
317 8 : char *new_string = NULL;
318 8 : old_string = pdb_get_munged_dial(to);
319 8 : mung = data_blob_const(from->parameters.array,
320 8 : from->parameters.length);
321 :
322 8 : if (mung.length != 0) {
323 4 : new_string = base64_encode_data_blob(talloc_tos(),
324 : mung);
325 4 : SMB_ASSERT(new_string != NULL);
326 : }
327 :
328 8 : DEBUG(10,("INFO_20 PARAMETERS: %s -> %s\n",
329 : old_string, new_string));
330 8 : if (STRING_CHANGED_NC(old_string,new_string)) {
331 6 : pdb_set_munged_dial(to, new_string, PDB_CHANGED);
332 : }
333 :
334 8 : TALLOC_FREE(new_string);
335 : }
336 : }
337 :
338 : /*************************************************************
339 : Copies a struct samr_UserInfo21 to a struct samu
340 : **************************************************************/
341 :
342 724 : void copy_id21_to_sam_passwd(const char *log_prefix,
343 : struct samu *to,
344 : struct samr_UserInfo21 *from)
345 : {
346 0 : time_t unix_time, stored_time;
347 0 : const char *old_string, *new_string;
348 0 : const char *l;
349 :
350 724 : if (from == NULL || to == NULL) {
351 0 : return;
352 : }
353 :
354 724 : if (log_prefix) {
355 724 : l = log_prefix;
356 : } else {
357 0 : l = "INFO_21";
358 : }
359 :
360 724 : if (from->fields_present & SAMR_FIELD_LAST_LOGON) {
361 0 : unix_time = nt_time_to_unix(from->last_logon);
362 0 : stored_time = pdb_get_logon_time(to);
363 0 : DEBUG(10,("%s SAMR_FIELD_LAST_LOGON: %lu -> %lu\n", l,
364 : (long unsigned int)stored_time,
365 : (long unsigned int)unix_time));
366 0 : if (stored_time != unix_time) {
367 0 : pdb_set_logon_time(to, unix_time, PDB_CHANGED);
368 : }
369 : }
370 :
371 724 : if (from->fields_present & SAMR_FIELD_LAST_LOGOFF) {
372 0 : unix_time = nt_time_to_unix(from->last_logoff);
373 0 : stored_time = pdb_get_logoff_time(to);
374 0 : DEBUG(10,("%s SAMR_FIELD_LAST_LOGOFF: %lu -> %lu\n", l,
375 : (long unsigned int)stored_time,
376 : (long unsigned int)unix_time));
377 0 : if (stored_time != unix_time) {
378 0 : pdb_set_logoff_time(to, unix_time, PDB_CHANGED);
379 : }
380 : }
381 :
382 724 : if (from->fields_present & SAMR_FIELD_ACCT_EXPIRY) {
383 22 : unix_time = nt_time_to_unix(from->acct_expiry);
384 22 : stored_time = pdb_get_kickoff_time(to);
385 22 : DEBUG(10,("%s SAMR_FIELD_ACCT_EXPIRY: %lu -> %lu\n", l,
386 : (long unsigned int)stored_time,
387 : (long unsigned int)unix_time));
388 22 : if (stored_time != unix_time) {
389 12 : pdb_set_kickoff_time(to, unix_time , PDB_CHANGED);
390 : }
391 : }
392 :
393 724 : if (from->fields_present & SAMR_FIELD_LAST_PWD_CHANGE) {
394 0 : unix_time = nt_time_to_unix(from->last_password_change);
395 0 : stored_time = pdb_get_pass_last_set_time(to);
396 0 : DEBUG(10,("%s SAMR_FIELD_LAST_PWD_CHANGE: %lu -> %lu\n", l,
397 : (long unsigned int)stored_time,
398 : (long unsigned int)unix_time));
399 0 : if (stored_time != unix_time) {
400 0 : pdb_set_pass_last_set_time(to, unix_time, PDB_CHANGED);
401 : }
402 : }
403 :
404 724 : if ((from->fields_present & SAMR_FIELD_ACCOUNT_NAME) &&
405 54 : (from->account_name.string)) {
406 54 : old_string = pdb_get_username(to);
407 54 : new_string = from->account_name.string;
408 54 : DEBUG(10,("%s SAMR_FIELD_ACCOUNT_NAME: %s -> %s\n", l,
409 : old_string, new_string));
410 54 : if (STRING_CHANGED) {
411 0 : pdb_set_username(to, new_string, PDB_CHANGED);
412 : }
413 : }
414 :
415 724 : if ((from->fields_present & SAMR_FIELD_FULL_NAME) &&
416 180 : (from->full_name.string)) {
417 180 : old_string = pdb_get_fullname(to);
418 180 : new_string = from->full_name.string;
419 180 : DEBUG(10,("%s SAMR_FIELD_FULL_NAME: %s -> %s\n", l,
420 : old_string, new_string));
421 180 : if (STRING_CHANGED) {
422 132 : pdb_set_fullname(to, new_string, PDB_CHANGED);
423 : }
424 : }
425 :
426 724 : if ((from->fields_present & SAMR_FIELD_HOME_DIRECTORY) &&
427 34 : (from->home_directory.string)) {
428 34 : old_string = pdb_get_homedir(to);
429 34 : new_string = from->home_directory.string;
430 34 : DEBUG(10,("%s SAMR_FIELD_HOME_DIRECTORY: %s -> %s\n", l,
431 : old_string, new_string));
432 34 : if (STRING_CHANGED) {
433 10 : pdb_set_homedir(to, new_string, PDB_CHANGED);
434 : }
435 : }
436 :
437 724 : if ((from->fields_present & SAMR_FIELD_HOME_DRIVE) &&
438 34 : (from->home_drive.string)) {
439 34 : old_string = pdb_get_dir_drive(to);
440 34 : new_string = from->home_drive.string;
441 34 : DEBUG(10,("%s SAMR_FIELD_HOME_DRIVE: %s -> %s\n", l,
442 : old_string, new_string));
443 34 : if (STRING_CHANGED) {
444 10 : pdb_set_dir_drive(to, new_string, PDB_CHANGED);
445 : }
446 : }
447 :
448 724 : if ((from->fields_present & SAMR_FIELD_LOGON_SCRIPT) &&
449 18 : (from->logon_script.string)) {
450 18 : old_string = pdb_get_logon_script(to);
451 18 : new_string = from->logon_script.string;
452 18 : DEBUG(10,("%s SAMR_FIELD_LOGON_SCRIPT: %s -> %s\n", l,
453 : old_string, new_string));
454 18 : if (STRING_CHANGED) {
455 8 : pdb_set_logon_script(to , new_string, PDB_CHANGED);
456 : }
457 : }
458 :
459 724 : if ((from->fields_present & SAMR_FIELD_PROFILE_PATH) &&
460 18 : (from->profile_path.string)) {
461 18 : old_string = pdb_get_profile_path(to);
462 18 : new_string = from->profile_path.string;
463 18 : DEBUG(10,("%s SAMR_FIELD_PROFILE_PATH: %s -> %s\n", l,
464 : old_string, new_string));
465 18 : if (STRING_CHANGED) {
466 8 : pdb_set_profile_path(to , new_string, PDB_CHANGED);
467 : }
468 : }
469 :
470 724 : if ((from->fields_present & SAMR_FIELD_DESCRIPTION) &&
471 80 : (from->description.string)) {
472 80 : old_string = pdb_get_acct_desc(to);
473 80 : new_string = from->description.string;
474 80 : DEBUG(10,("%s SAMR_FIELD_DESCRIPTION: %s -> %s\n", l,
475 : old_string, new_string));
476 80 : if (STRING_CHANGED) {
477 70 : pdb_set_acct_desc(to, new_string, PDB_CHANGED);
478 : }
479 : }
480 :
481 724 : if ((from->fields_present & SAMR_FIELD_WORKSTATIONS) &&
482 30 : (from->workstations.string)) {
483 30 : old_string = pdb_get_workstations(to);
484 30 : new_string = from->workstations.string;
485 30 : DEBUG(10,("%s SAMR_FIELD_WORKSTATIONS: %s -> %s\n", l,
486 : old_string, new_string));
487 30 : if (STRING_CHANGED) {
488 14 : pdb_set_workstations(to , new_string, PDB_CHANGED);
489 : }
490 : }
491 :
492 724 : if ((from->fields_present & SAMR_FIELD_COMMENT) &&
493 92 : (from->comment.string)) {
494 92 : old_string = pdb_get_comment(to);
495 92 : new_string = from->comment.string;
496 92 : DEBUG(10,("%s SAMR_FIELD_COMMENT: %s -> %s\n", l,
497 : old_string, new_string));
498 92 : if (STRING_CHANGED) {
499 84 : pdb_set_comment(to, new_string, PDB_CHANGED);
500 : }
501 : }
502 :
503 724 : if ((from->fields_present & SAMR_FIELD_PARAMETERS) &&
504 16 : (from->parameters.array)) {
505 16 : char *newstr = NULL;
506 0 : DATA_BLOB mung;
507 16 : old_string = pdb_get_munged_dial(to);
508 :
509 16 : mung = data_blob_const(from->parameters.array,
510 16 : from->parameters.length);
511 :
512 16 : if (mung.length != 0) {
513 8 : newstr = base64_encode_data_blob(talloc_tos(), mung);
514 8 : SMB_ASSERT(newstr != NULL);
515 : }
516 16 : DEBUG(10,("%s SAMR_FIELD_PARAMETERS: %s -> %s\n", l,
517 : old_string, newstr));
518 16 : if (STRING_CHANGED_NC(old_string,newstr)) {
519 12 : pdb_set_munged_dial(to, newstr, PDB_CHANGED);
520 : }
521 :
522 16 : TALLOC_FREE(newstr);
523 : }
524 :
525 724 : if (from->fields_present & SAMR_FIELD_RID) {
526 0 : if (from->rid == 0) {
527 0 : DEBUG(10,("%s: Asked to set User RID to 0 !? Skipping change!\n", l));
528 0 : } else if (from->rid != pdb_get_user_rid(to)) {
529 0 : DEBUG(10,("%s SAMR_FIELD_RID: %u -> %u NOT UPDATED!\n", l,
530 : pdb_get_user_rid(to), from->rid));
531 : }
532 : }
533 :
534 724 : if (from->fields_present & SAMR_FIELD_PRIMARY_GID) {
535 2 : if (from->primary_gid == 0) {
536 0 : DEBUG(10,("%s: Asked to set Group RID to 0 !? Skipping change!\n", l));
537 2 : } else if (from->primary_gid != pdb_get_group_rid(to)) {
538 0 : DEBUG(10,("%s SAMR_FIELD_PRIMARY_GID: %u -> %u\n", l,
539 : pdb_get_group_rid(to), from->primary_gid));
540 0 : pdb_set_group_sid_from_rid(to,
541 : from->primary_gid, PDB_CHANGED);
542 : }
543 : }
544 :
545 724 : if (from->fields_present & SAMR_FIELD_ACCT_FLAGS) {
546 125 : DEBUG(10,("%s SAMR_FIELD_ACCT_FLAGS: %08X -> %08X\n", l,
547 : pdb_get_acct_ctrl(to), from->acct_flags));
548 125 : if (from->acct_flags != pdb_get_acct_ctrl(to)) {
549 :
550 : /* You cannot autolock an unlocked account via
551 : * setuserinfo calls, so make sure to remove the
552 : * ACB_AUTOLOCK bit here - gd */
553 :
554 103 : if ((from->acct_flags & ACB_AUTOLOCK) &&
555 4 : !(pdb_get_acct_ctrl(to) & ACB_AUTOLOCK)) {
556 4 : from->acct_flags &= ~ACB_AUTOLOCK;
557 : }
558 :
559 103 : if (!(from->acct_flags & ACB_AUTOLOCK) &&
560 103 : (pdb_get_acct_ctrl(to) & ACB_AUTOLOCK)) {
561 : /* We're unlocking a previously locked user. Reset bad password counts.
562 : Patch from Jianliang Lu. <Jianliang.Lu@getronics.com> */
563 0 : pdb_set_bad_password_count(to, 0, PDB_CHANGED);
564 0 : pdb_set_bad_password_time(to, 0, PDB_CHANGED);
565 : }
566 103 : pdb_set_acct_ctrl(to, from->acct_flags, PDB_CHANGED);
567 : }
568 : }
569 :
570 724 : if (from->fields_present & SAMR_FIELD_LOGON_HOURS) {
571 0 : char oldstr[44]; /* hours strings are 42 bytes. */
572 0 : char newstr[44];
573 18 : DEBUG(15,("%s SAMR_FIELD_LOGON_HOURS (units_per_week): %08X -> %08X\n", l,
574 : pdb_get_logon_divs(to), from->logon_hours.units_per_week));
575 18 : if (from->logon_hours.units_per_week != pdb_get_logon_divs(to)) {
576 0 : pdb_set_logon_divs(to,
577 0 : from->logon_hours.units_per_week, PDB_CHANGED);
578 : }
579 :
580 18 : DEBUG(15,("%s SAMR_FIELD_LOGON_HOURS (units_per_week/8): %08X -> %08X\n", l,
581 : pdb_get_hours_len(to),
582 : from->logon_hours.units_per_week/8));
583 18 : if (from->logon_hours.units_per_week/8 != pdb_get_hours_len(to)) {
584 0 : pdb_set_hours_len(to,
585 0 : from->logon_hours.units_per_week/8, PDB_CHANGED);
586 : }
587 :
588 18 : DEBUG(15,("%s SAMR_FIELD_LOGON_HOURS (bits): %s -> %s\n", l,
589 : pdb_get_hours(to), from->logon_hours.bits));
590 18 : pdb_sethexhours(oldstr, pdb_get_hours(to));
591 18 : pdb_sethexhours(newstr, from->logon_hours.bits);
592 18 : if (!strequal(oldstr, newstr)) {
593 8 : pdb_set_hours(to, from->logon_hours.bits,
594 8 : from->logon_hours.units_per_week/8,
595 : PDB_CHANGED);
596 : }
597 : }
598 :
599 724 : if (from->fields_present & SAMR_FIELD_BAD_PWD_COUNT) {
600 0 : DEBUG(10,("%s SAMR_FIELD_BAD_PWD_COUNT: %08X -> %08X\n", l,
601 : pdb_get_bad_password_count(to), from->bad_password_count));
602 0 : if (from->bad_password_count != pdb_get_bad_password_count(to)) {
603 0 : pdb_set_bad_password_count(to,
604 0 : from->bad_password_count, PDB_CHANGED);
605 : }
606 : }
607 :
608 724 : if (from->fields_present & SAMR_FIELD_NUM_LOGONS) {
609 0 : DEBUG(10,("%s SAMR_FIELD_NUM_LOGONS: %08X -> %08X\n", l,
610 : pdb_get_logon_count(to), from->logon_count));
611 0 : if (from->logon_count != pdb_get_logon_count(to)) {
612 0 : pdb_set_logon_count(to, from->logon_count, PDB_CHANGED);
613 : }
614 : }
615 :
616 : /* If the must change flag is set, the last set time goes to zero.
617 : the must change and can change fields also do, but they are
618 : calculated from policy, not set from the wire */
619 :
620 724 : if (from->fields_present & SAMR_FIELD_EXPIRED_FLAG) {
621 233 : DEBUG(10,("%s SAMR_FIELD_EXPIRED_FLAG: %02X\n", l,
622 : from->password_expired));
623 233 : if (from->password_expired != 0) {
624 : /* Only allow the set_time to zero (which means
625 : "User Must Change Password on Next Login"
626 : if the user object allows password change. */
627 44 : if (pdb_get_pass_can_change(to)) {
628 44 : pdb_set_pass_last_set_time(to, 0, PDB_CHANGED);
629 : } else {
630 0 : DEBUG(10,("%s Disallowing set of 'User Must "
631 : "Change Password on Next Login' as "
632 : "user object disallows this.\n", l));
633 : }
634 : } else {
635 : /* A subtlety here: some windows commands will
636 : clear the expired flag even though it's not
637 : set, and we don't want to reset the time
638 : in these caess. "net user /dom <user> /active:y"
639 : for example, to clear an autolocked acct.
640 : We must check to see if it's expired first. jmcd */
641 :
642 189 : uint32_t pwd_max_age = 0;
643 189 : time_t now = time(NULL);
644 :
645 189 : pdb_get_account_policy(PDB_POLICY_MAX_PASSWORD_AGE, &pwd_max_age);
646 :
647 189 : if (pwd_max_age == (uint32_t)-1 || pwd_max_age == 0) {
648 189 : pwd_max_age = get_time_t_max();
649 : }
650 :
651 189 : stored_time = pdb_get_pass_last_set_time(to);
652 :
653 : /* we will only *set* a pwdlastset date when
654 : a) the last pwdlastset time was 0 (user was forced to
655 : change password).
656 : b) the users password has not expired. gd. */
657 :
658 189 : if ((stored_time == 0) ||
659 185 : ((now - stored_time) > pwd_max_age)) {
660 4 : pdb_set_pass_last_set_time(to, now, PDB_CHANGED);
661 : }
662 : }
663 : }
664 :
665 724 : if (from->fields_present & SAMR_FIELD_COUNTRY_CODE) {
666 8 : DEBUG(10,("%s SAMR_FIELD_COUNTRY_CODE: %08X -> %08X\n", l,
667 : pdb_get_country_code(to), from->country_code));
668 8 : if (from->country_code != pdb_get_country_code(to)) {
669 0 : pdb_set_country_code(to,
670 0 : from->country_code, PDB_CHANGED);
671 : }
672 : }
673 :
674 724 : if (from->fields_present & SAMR_FIELD_CODE_PAGE) {
675 8 : DEBUG(10,("%s SAMR_FIELD_CODE_PAGE: %08X -> %08X\n", l,
676 : pdb_get_code_page(to), from->code_page));
677 8 : if (from->code_page != pdb_get_code_page(to)) {
678 0 : pdb_set_code_page(to,
679 0 : from->code_page, PDB_CHANGED);
680 : }
681 : }
682 : }
683 :
684 :
685 : /*************************************************************
686 : Copies a struct samr_UserInfo23 to a struct samu
687 : **************************************************************/
688 :
689 8 : void copy_id23_to_sam_passwd(struct samu *to,
690 : struct samr_UserInfo23 *from)
691 : {
692 8 : if (from == NULL || to == NULL) {
693 0 : return;
694 : }
695 :
696 8 : copy_id21_to_sam_passwd("INFO 23", to, &from->info);
697 : }
698 :
699 : /*************************************************************
700 : Copies a struct samr_UserInfo24 to a struct samu
701 : **************************************************************/
702 :
703 112 : void copy_id24_to_sam_passwd(struct samu *to,
704 : struct samr_UserInfo24 *from)
705 : {
706 0 : struct samr_UserInfo21 i;
707 :
708 112 : if (from == NULL || to == NULL) {
709 0 : return;
710 : }
711 :
712 112 : ZERO_STRUCT(i);
713 :
714 112 : i.fields_present = SAMR_FIELD_EXPIRED_FLAG;
715 112 : i.password_expired = from->password_expired;
716 :
717 112 : copy_id21_to_sam_passwd("INFO_24", to, &i);
718 : }
719 :
720 : /*************************************************************
721 : Copies a struct samr_UserInfo25 to a struct samu
722 : **************************************************************/
723 :
724 60 : void copy_id25_to_sam_passwd(struct samu *to,
725 : struct samr_UserInfo25 *from)
726 : {
727 60 : if (from == NULL || to == NULL) {
728 0 : return;
729 : }
730 :
731 60 : copy_id21_to_sam_passwd("INFO_25", to, &from->info);
732 : }
733 :
734 6 : void copy_id32_to_sam_passwd(struct samu *to, struct samr_UserInfo32 *from)
735 : {
736 6 : if (from == NULL || to == NULL) {
737 0 : return;
738 : }
739 :
740 6 : copy_id21_to_sam_passwd("INFO_32", to, &from->info);
741 : }
742 :
743 43 : void copy_pwd_expired_to_sam_passwd(struct samu *to,
744 : uint8_t password_expired)
745 : {
746 43 : struct samr_UserInfo21 i = {
747 : .fields_present = SAMR_FIELD_EXPIRED_FLAG,
748 : .password_expired = password_expired,
749 : };
750 :
751 43 : if (to == NULL) {
752 0 : return;
753 : }
754 :
755 43 : copy_id21_to_sam_passwd("INFO_GENERIC", to, &i);
756 : }
|
