2002-01-12 04:55:09 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2006-02-20 23:09:36 +03:00
struct samu access routines
2002-01-12 04:55:09 +03:00
Copyright ( C ) Jeremy Allison 1996 - 2001
Copyright ( C ) Luke Kenneth Casson Leighton 1996 - 1998
2006-04-28 19:36:23 +04:00
Copyright ( C ) Gerald ( Jerry ) Carter 2000 - 2006
2002-01-12 04:55:09 +03:00
Copyright ( C ) Andrew Bartlett 2001 - 2002
2002-07-15 14:35:28 +04:00
Copyright ( C ) Stefan ( metze ) Metzmacher 2002
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2002-01-12 04:55:09 +03:00
( at your option ) any later version .
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2002-01-12 04:55:09 +03:00
*/
# include "includes.h"
2009-03-16 13:27:58 +03:00
# include "../libcli/auth/libcli_auth.h"
2002-01-12 04:55:09 +03:00
2002-07-15 14:35:28 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_PASSDB
2002-01-15 04:02:13 +03:00
/**
2003-05-14 04:46:43 +04:00
* @ todo Redefine this to NULL , but this changes the API because
2002-01-15 04:02:13 +03:00
* much of samba assumes that the pdb_get . . . ( ) funtions
2007-11-21 04:18:16 +03:00
* return strings . ( ie not null - pointers ) .
2002-01-15 04:14:58 +03:00
* See also pdb_fill_default_sam ( ) .
2002-01-15 04:02:13 +03:00
*/
# define PDB_NOT_QUITE_NULL ""
2002-01-12 04:55:09 +03:00
/*********************************************************************
2006-02-20 23:09:36 +03:00
Collection of get . . . ( ) functions for struct samu .
2002-01-12 04:55:09 +03:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2006-06-15 05:54:09 +04:00
uint32 pdb_get_acct_ctrl ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > acct_ctrl ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_logon_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_logoff_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logoff_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_kickoff_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > kickoff_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_bad_password_time ( const struct samu * sampass )
2004-02-19 18:59:35 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > bad_password_time ;
2004-02-19 18:59:35 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_last_set_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > pass_last_set_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_can_change_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-09-20 21:25:46 +04:00
uint32 allow ;
2006-10-03 21:14:18 +04:00
/* if the last set time is zero, it means the user cannot
change their password , and this time must be zero . jmcd
*/
2006-09-20 21:25:46 +04:00
if ( sampass - > pass_last_set_time = = 0 )
return ( time_t ) 0 ;
2009-02-07 21:00:50 +03:00
2006-10-03 21:14:18 +04:00
/* if the time is max, and the field has been changed,
we ' re trying to update this real value from the sampass
to indicate that the user cannot change their password . jmcd
*/
if ( sampass - > pass_can_change_time = = get_time_t_max ( ) & &
pdb_get_init_flags ( sampass , PDB_CANCHANGETIME ) = = PDB_CHANGED )
return sampass - > pass_can_change_time ;
2009-07-14 01:53:49 +04:00
if ( ! pdb_get_account_policy ( PDB_POLICY_MIN_PASSWORD_AGE , & allow ) )
2006-09-20 21:25:46 +04:00
allow = 0 ;
2006-10-03 21:14:18 +04:00
/* in normal cases, just calculate it from policy */
2006-09-20 21:25:46 +04:00
return sampass - > pass_last_set_time + allow ;
2002-01-12 04:55:09 +03:00
}
2006-10-03 21:14:18 +04:00
/* we need this for loading from the backend, so that we don't overwrite
non - changed max times , otherwise the pass_can_change checking won ' t work */
time_t pdb_get_pass_can_change_time_noncalc ( const struct samu * sampass )
{
return sampass - > pass_can_change_time ;
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_must_change_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-09-20 21:25:46 +04:00
uint32 expire ;
if ( sampass - > pass_last_set_time = = 0 )
return ( time_t ) 0 ;
if ( sampass - > acct_ctrl & ACB_PWNOEXP )
return get_time_t_max ( ) ;
2009-07-14 01:53:49 +04:00
if ( ! pdb_get_account_policy ( PDB_POLICY_MAX_PASSWORD_AGE , & expire )
2006-09-20 21:25:46 +04:00
| | expire = = ( uint32 ) - 1 | | expire = = 0 )
return get_time_t_max ( ) ;
return sampass - > pass_last_set_time + expire ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_get_pass_can_change ( const struct samu * sampass )
2006-10-03 21:14:18 +04:00
{
if ( sampass - > pass_can_change_time = = get_time_t_max ( ) & &
sampass - > pass_last_set_time ! = 0 )
return False ;
return True ;
}
2006-06-15 05:54:09 +04:00
uint16 pdb_get_logon_divs ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_divs ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
uint32 pdb_get_hours_len ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > hours_len ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const uint8 * pdb_get_hours ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return ( sampass - > hours ) ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const uint8 * pdb_get_nt_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > nt_pw . data )
| | sampass - > nt_pw . length = = NT_HASH_LEN ) ;
return ( uint8 * ) sampass - > nt_pw . data ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const uint8 * pdb_get_lanman_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > lm_pw . data )
| | sampass - > lm_pw . length = = LM_HASH_LEN ) ;
return ( uint8 * ) sampass - > lm_pw . data ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const uint8 * pdb_get_pw_history ( const struct samu * sampass , uint32 * current_hist_len )
2004-07-08 02:46:51 +04:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > nt_pw_his . data )
| | ( ( sampass - > nt_pw_his . length % PW_HISTORY_ENTRY_LEN ) = = 0 ) ) ;
* current_hist_len = sampass - > nt_pw_his . length / PW_HISTORY_ENTRY_LEN ;
return ( uint8 * ) sampass - > nt_pw_his . data ;
2004-07-08 02:46:51 +04:00
}
2002-07-15 14:35:28 +04:00
/* Return the plaintext password if known. Most of the time
it isn ' t , so don ' t assume anything magic about this function .
2009-02-07 21:00:50 +03:00
2002-07-15 14:35:28 +04:00
Used to pass the plaintext to passdb backends that might
want to store more than just the NTLM hashes .
*/
2006-06-15 05:54:09 +04:00
const char * pdb_get_plaintext_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > plaintext_pw ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
2006-02-20 23:09:36 +03:00
const DOM_SID * pdb_get_user_sid ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return & sampass - > user_sid ;
2002-01-12 04:55:09 +03:00
}
2006-02-25 00:36:40 +03:00
const DOM_SID * pdb_get_group_sid ( struct samu * sampass )
2002-07-15 14:35:28 +04:00
{
2006-02-25 00:36:40 +03:00
DOM_SID * gsid ;
struct passwd * pwd ;
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
/* Return the cached group SID if we have that */
if ( sampass - > group_sid ) {
return sampass - > group_sid ;
}
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
/* generate the group SID from the user's primary Unix group */
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
if ( ! ( gsid = TALLOC_P ( sampass , DOM_SID ) ) ) {
return NULL ;
}
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
/* No algorithmic mapping, meaning that we have to figure out the
primary group SID according to group mapping and the user SID must
be a newly allocated one . We rely on the user ' s Unix primary gid .
We have no choice but to fail if we can ' t find it . */
2006-06-15 05:54:09 +04:00
if ( sampass - > unix_pw ) {
2006-02-25 00:36:40 +03:00
pwd = sampass - > unix_pw ;
2006-06-15 05:54:09 +04:00
} else {
2006-09-19 23:47:54 +04:00
pwd = Get_Pwnam_alloc ( sampass , pdb_get_username ( sampass ) ) ;
2006-06-15 05:54:09 +04:00
}
2006-02-25 00:36:40 +03:00
if ( ! pwd ) {
DEBUG ( 0 , ( " pdb_get_group_sid: Failed to find Unix account for %s \n " , pdb_get_username ( sampass ) ) ) ;
return NULL ;
}
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
if ( pdb_gid_to_sid ( pwd - > pw_gid , gsid ) ) {
2006-09-08 18:28:06 +04:00
enum lsa_SidType type = SID_NAME_UNKNOWN ;
2006-02-25 00:36:40 +03:00
TALLOC_CTX * mem_ctx = talloc_init ( " pdb_get_group_sid " ) ;
2007-10-19 04:40:25 +04:00
bool lookup_ret ;
2009-02-07 21:00:50 +03:00
2006-03-30 03:22:57 +04:00
if ( ! mem_ctx ) {
return NULL ;
}
2006-02-25 00:36:40 +03:00
/* Now check that it's actually a domain group and not something else */
lookup_ret = lookup_sid ( mem_ctx , gsid , NULL , NULL , & type ) ;
TALLOC_FREE ( mem_ctx ) ;
if ( lookup_ret & & ( type = = SID_NAME_DOM_GRP ) ) {
sampass - > group_sid = gsid ;
return sampass - > group_sid ;
}
DEBUG ( 3 , ( " Primary group for user %s is a %s and not a domain group \n " ,
pwd - > pw_name , sid_type_lookup ( type ) ) ) ;
}
/* Just set it to the 'Domain Users' RID of 512 which will
always resolve to a name */
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
sid_copy ( gsid , get_global_sam_sid ( ) ) ;
sid_append_rid ( gsid , DOMAIN_GROUP_RID_USERS ) ;
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
sampass - > group_sid = gsid ;
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
return sampass - > group_sid ;
2002-07-15 14:35:28 +04:00
}
2002-01-12 04:55:09 +03:00
/**
2006-02-20 23:09:36 +03:00
* Get flags showing what is initalised in the struct samu
* @ param sampass the struct samu in question
2002-01-12 04:55:09 +03:00
* @ return the flags indicating the members initialised in the struct .
* */
2009-02-07 21:00:50 +03:00
2006-06-15 05:54:09 +04:00
enum pdb_value_state pdb_get_init_flags ( const struct samu * sampass , enum pdb_elements element )
2002-01-12 04:55:09 +03:00
{
2002-11-02 06:47:48 +03:00
enum pdb_value_state ret = PDB_DEFAULT ;
2009-02-07 21:00:50 +03:00
2006-06-15 05:54:09 +04:00
if ( ! sampass - > change_flags | | ! sampass - > set_flags )
2002-11-02 06:47:48 +03:00
return ret ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( bitmap_query ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: SET \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
ret = PDB_SET ;
}
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( bitmap_query ( sampass - > change_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: CHANGED \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
ret = PDB_CHANGED ;
}
if ( ret = = PDB_DEFAULT ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: DEFAULT \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
}
return ret ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_username ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > username ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_domain ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > domain ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_nt_username ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > nt_username ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_fullname ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > full_name ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_homedir ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > home_dir ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_dir_drive ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > dir_drive ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_logon_script ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_script ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_profile_path ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > profile_path ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_acct_desc ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > acct_desc ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_workstations ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > workstations ;
2002-01-12 04:55:09 +03:00
}
2006-07-11 22:01:26 +04:00
const char * pdb_get_comment ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-07-11 22:01:26 +04:00
return sampass - > comment ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_munged_dial ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > munged_dial ;
2002-01-12 04:55:09 +03:00
}
2006-02-20 23:09:36 +03:00
uint16 pdb_get_bad_password_count ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > bad_password_count ;
2003-09-19 03:53:48 +04:00
}
2006-02-20 23:09:36 +03:00
uint16 pdb_get_logon_count ( const struct samu * sampass )
2003-09-19 03:53:48 +04:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_count ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
uint32 pdb_get_unknown_6 ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > unknown_6 ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
void * pdb_get_backend_private_data ( const struct samu * sampass , const struct pdb_methods * my_methods )
2003-07-05 13:46:12 +04:00
{
2006-06-15 05:54:09 +04:00
if ( my_methods = = sampass - > backend_private_methods ) {
2006-02-20 23:09:36 +03:00
return sampass - > backend_private_data ;
2006-06-15 05:54:09 +04:00
} else {
2003-07-05 13:46:12 +04:00
return NULL ;
2006-06-15 05:54:09 +04:00
}
2003-07-05 13:46:12 +04:00
}
2002-01-12 04:55:09 +03:00
/*********************************************************************
2006-02-20 23:09:36 +03:00
Collection of set . . . ( ) functions for struct samu .
2002-01-12 04:55:09 +03:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_acct_ctrl ( struct samu * sampass , uint32 acct_ctrl , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > acct_ctrl = acct_ctrl ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_ACCTCTRL , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logoff_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logoff_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGOFFTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_kickoff_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > kickoff_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_KICKOFFTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_bad_password_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2004-02-19 18:59:35 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > bad_password_time = mytime ;
2004-02-19 18:59:35 +03:00
return pdb_set_init_flags ( sampass , PDB_BAD_PASSWORD_TIME , flag ) ;
}
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_can_change_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > pass_can_change_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_CANCHANGETIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_must_change_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > pass_must_change_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_MUSTCHANGETIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_last_set_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > pass_last_set_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PASSLASTSET , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_hours_len ( struct samu * sampass , uint32 len , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > hours_len = len ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_HOURSLEN , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_divs ( struct samu * sampass , uint16 hours , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_divs = hours ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONDIVS , flag ) ;
2002-01-12 04:55:09 +03:00
}
/**
2006-02-20 23:09:36 +03:00
* Set flags showing what is initalised in the struct samu
* @ param sampass the struct samu in question
2002-01-12 04:55:09 +03:00
* @ param flag The * new * flag to be set . Old flags preserved
* this flag is only added .
* */
2009-02-07 21:00:50 +03:00
2007-10-19 04:40:25 +04:00
bool pdb_set_init_flags ( struct samu * sampass , enum pdb_elements element , enum pdb_value_state value_flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
if ( ! sampass - > set_flags ) {
if ( ( sampass - > set_flags =
bitmap_talloc ( sampass ,
2002-11-02 06:47:48 +03:00
PDB_COUNT ) ) = = NULL ) {
DEBUG ( 0 , ( " bitmap_talloc failed \n " ) ) ;
return False ;
}
}
2006-02-20 23:09:36 +03:00
if ( ! sampass - > change_flags ) {
if ( ( sampass - > change_flags =
bitmap_talloc ( sampass ,
2002-11-02 06:47:48 +03:00
PDB_COUNT ) ) = = NULL ) {
DEBUG ( 0 , ( " bitmap_talloc failed \n " ) ) ;
return False ;
}
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
switch ( value_flag ) {
case PDB_CHANGED :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d -> now CHANGED \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
case PDB_SET :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2005-01-26 23:36:44 +03:00
DEBUG ( 11 , ( " element %d -> now SET \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
case PDB_DEFAULT :
default :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2003-04-28 09:26:59 +04:00
DEBUG ( 11 , ( " element %d -> now DEFAULT \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
}
2002-01-12 04:55:09 +03:00
return True ;
}
2007-10-19 04:40:25 +04:00
bool pdb_set_user_sid ( struct samu * sampass , const DOM_SID * u_sid , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-06-20 05:00:39 +04:00
if ( ! u_sid )
2002-01-12 04:55:09 +03:00
return False ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sid_copy ( & sampass - > user_sid , u_sid ) ;
2002-01-12 04:55:09 +03:00
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_user_sid: setting user sid %s \n " ,
2007-12-15 23:11:36 +03:00
sid_string_dbg ( & sampass - > user_sid ) ) ) ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_USERSID , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_user_sid_from_string ( struct samu * sampass , fstring u_sid , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-07-15 14:35:28 +04:00
DOM_SID new_sid ;
2009-02-07 21:00:50 +03:00
2006-06-20 05:00:39 +04:00
if ( ! u_sid )
2002-01-12 04:55:09 +03:00
return False ;
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_user_sid_from_string: setting user sid %s \n " ,
u_sid ) ) ;
if ( ! string_to_sid ( & new_sid , u_sid ) ) {
DEBUG ( 1 , ( " pdb_set_user_sid_from_string: %s isn't a valid SID! \n " , u_sid ) ) ;
return False ;
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_user_sid ( sampass , & new_sid , flag ) ) {
2006-02-20 23:09:36 +03:00
DEBUG ( 1 , ( " pdb_set_user_sid_from_string: could not set sid %s on struct samu! \n " , u_sid ) ) ;
2002-07-15 14:35:28 +04:00
return False ;
}
return True ;
}
2006-02-25 00:36:40 +03:00
/********************************************************************
We never fill this in from a passdb backend but rather set is
based on the user ' s primary group membership . However , the
struct samu * is overloaded and reused in domain memship code
2008-02-17 04:09:35 +03:00
as well and built from the netr_SamInfo3 or PAC so we
2006-02-25 00:36:40 +03:00
have to allow the explicitly setting of a group SID here .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_group_sid ( struct samu * sampass , const DOM_SID * g_sid , enum pdb_value_state flag )
2002-07-15 14:35:28 +04:00
{
2006-02-17 22:07:58 +03:00
gid_t gid ;
2006-06-20 05:00:39 +04:00
if ( ! g_sid )
2002-07-15 14:35:28 +04:00
return False ;
2006-02-25 00:36:40 +03:00
if ( ! ( sampass - > group_sid = TALLOC_P ( sampass , DOM_SID ) ) ) {
return False ;
}
2006-02-17 22:07:58 +03:00
/* if we cannot resolve the SID to gid, then just ignore it and
store DOMAIN_USERS as the primary groupSID */
if ( sid_to_gid ( g_sid , & gid ) ) {
2006-02-25 00:36:40 +03:00
sid_copy ( sampass - > group_sid , g_sid ) ;
2006-02-17 22:07:58 +03:00
} else {
2006-02-25 00:36:40 +03:00
sid_copy ( sampass - > group_sid , get_global_sam_sid ( ) ) ;
sid_append_rid ( sampass - > group_sid , DOMAIN_GROUP_RID_USERS ) ;
2006-02-17 22:07:58 +03:00
}
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_group_sid: setting group sid %s \n " ,
2007-12-15 23:11:36 +03:00
sid_string_dbg ( sampass - > group_sid ) ) ) ;
2002-07-15 14:35:28 +04:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_GROUPSID , flag ) ;
2002-07-15 14:35:28 +04:00
}
2002-01-12 04:55:09 +03:00
/*********************************************************************
Set the user ' s UNIX name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_username ( struct samu * sampass , const char * username , enum pdb_value_state flag )
2002-11-02 06:47:48 +03:00
{
2002-01-15 04:02:13 +03:00
if ( username ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_username: setting username %s, was %s \n " , username ,
2006-02-20 23:09:36 +03:00
( sampass - > username ) ? ( sampass - > username ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > username = talloc_strdup ( sampass , username ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > username ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_username: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > username = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_USERNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the domain name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_domain ( struct samu * sampass , const char * domain , enum pdb_value_state flag )
2002-11-02 06:47:48 +03:00
{
2002-01-15 04:02:13 +03:00
if ( domain ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_domain: setting domain %s, was %s \n " , domain ,
2006-02-20 23:09:36 +03:00
( sampass - > domain ) ? ( sampass - > domain ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > domain = talloc_strdup ( sampass , domain ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > domain ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_domain: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > domain = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_DOMAIN , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s NT name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_nt_username ( struct samu * sampass , const char * nt_username , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( nt_username ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_nt_username: setting nt username %s, was %s \n " , nt_username ,
2006-02-20 23:09:36 +03:00
( sampass - > nt_username ) ? ( sampass - > nt_username ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > nt_username = talloc_strdup ( sampass , nt_username ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > nt_username ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_nt_username: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > nt_username = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_NTUSERNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s full name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_fullname ( struct samu * sampass , const char * full_name , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( full_name ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_full_name: setting full name %s, was %s \n " , full_name ,
2006-02-20 23:09:36 +03:00
( sampass - > full_name ) ? ( sampass - > full_name ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > full_name = talloc_strdup ( sampass , full_name ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > full_name ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_fullname: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > full_name = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_FULLNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s logon script .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_script ( struct samu * sampass , const char * logon_script , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( logon_script ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_logon_script: setting logon script %s, was %s \n " , logon_script ,
2006-02-20 23:09:36 +03:00
( sampass - > logon_script ) ? ( sampass - > logon_script ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > logon_script = talloc_strdup ( sampass , logon_script ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > logon_script ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_logon_script: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > logon_script = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONSCRIPT , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s profile path .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_profile_path ( struct samu * sampass , const char * profile_path , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( profile_path ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_profile_path: setting profile path %s, was %s \n " , profile_path ,
2006-02-20 23:09:36 +03:00
( sampass - > profile_path ) ? ( sampass - > profile_path ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > profile_path = talloc_strdup ( sampass , profile_path ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > profile_path ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_profile_path: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > profile_path = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PROFILE , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s directory drive .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_dir_drive ( struct samu * sampass , const char * dir_drive , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( dir_drive ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_dir_drive: setting dir drive %s, was %s \n " , dir_drive ,
2006-02-20 23:09:36 +03:00
( sampass - > dir_drive ) ? ( sampass - > dir_drive ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > dir_drive = talloc_strdup ( sampass , dir_drive ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > dir_drive ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_dir_drive: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > dir_drive = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_DRIVE , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s home directory .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_homedir ( struct samu * sampass , const char * home_dir , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( home_dir ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_homedir: setting home dir %s, was %s \n " , home_dir ,
2006-02-20 23:09:36 +03:00
( sampass - > home_dir ) ? ( sampass - > home_dir ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > home_dir = talloc_strdup ( sampass , home_dir ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > home_dir ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_home_dir: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > home_dir = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_SMBHOME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s account description .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_acct_desc ( struct samu * sampass , const char * acct_desc , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( acct_desc ) {
2006-02-20 23:09:36 +03:00
sampass - > acct_desc = talloc_strdup ( sampass , acct_desc ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > acct_desc ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_acct_desc: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > acct_desc = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_ACCTDESC , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s workstation allowed list .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_workstations ( struct samu * sampass , const char * workstations , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( workstations ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_workstations: setting workstations %s, was %s \n " , workstations ,
2006-02-20 23:09:36 +03:00
( sampass - > workstations ) ? ( sampass - > workstations ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > workstations = talloc_strdup ( sampass , workstations ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > workstations ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_workstations: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > workstations = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_WORKSTATIONS , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_comment ( struct samu * sampass , const char * comment , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-07-11 22:01:26 +04:00
if ( comment ) {
sampass - > comment = talloc_strdup ( sampass , comment ) ;
2009-02-07 21:00:50 +03:00
2006-07-11 22:01:26 +04:00
if ( ! sampass - > comment ) {
DEBUG ( 0 , ( " pdb_set_comment: talloc_strdup() failed! \n " ) ) ;
2002-01-15 08:15:22 +03:00
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-07-11 22:01:26 +04:00
sampass - > comment = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2006-07-11 22:01:26 +04:00
return pdb_set_init_flags ( sampass , PDB_COMMENT , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s dial string .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_munged_dial ( struct samu * sampass , const char * munged_dial , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( munged_dial ) {
2006-02-20 23:09:36 +03:00
sampass - > munged_dial = talloc_strdup ( sampass , munged_dial ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > munged_dial ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_munged_dial: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > munged_dial = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_MUNGEDDIAL , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s NT hash .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_nt_passwd ( struct samu * sampass , const uint8 pwd [ NT_HASH_LEN ] , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
data_blob_clear_free ( & sampass - > nt_pw ) ;
2009-02-07 21:00:50 +03:00
2004-01-29 23:14:50 +03:00
if ( pwd ) {
2006-02-20 23:09:36 +03:00
sampass - > nt_pw =
data_blob_talloc ( sampass , pwd , NT_HASH_LEN ) ;
2004-01-29 23:14:50 +03:00
} else {
2007-05-14 16:16:20 +04:00
sampass - > nt_pw = data_blob_null ;
2004-01-29 23:14:50 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_NTPASSWD , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s LM hash .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_lanman_passwd ( struct samu * sampass , const uint8 pwd [ LM_HASH_LEN ] , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
data_blob_clear_free ( & sampass - > lm_pw ) ;
2009-02-07 21:00:50 +03:00
2006-04-28 19:36:23 +04:00
/* on keep the password if we are allowing LANMAN authentication */
if ( pwd & & lp_lanman_auth ( ) ) {
sampass - > lm_pw = data_blob_talloc ( sampass , pwd , LM_HASH_LEN ) ;
} else {
2007-05-14 16:16:20 +04:00
sampass - > lm_pw = data_blob_null ;
2006-04-28 19:36:23 +04:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LMPASSWD , flag ) ;
2002-01-12 04:55:09 +03:00
}
2004-07-08 02:46:51 +04:00
/*********************************************************************
2004-08-05 23:57:41 +04:00
Set the user ' s password history hash . historyLen is the number of
PW_HISTORY_SALT_LEN + SALTED_MD5_HASH_LEN length
2004-07-08 02:46:51 +04:00
entries to store in the history - this must match the size of the uint8 array
in pwd .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_pw_history ( struct samu * sampass , const uint8 * pwd , uint32 historyLen , enum pdb_value_state flag )
2004-07-08 02:46:51 +04:00
{
if ( historyLen & & pwd ) {
2006-02-20 23:09:36 +03:00
sampass - > nt_pw_his = data_blob_talloc ( sampass ,
2004-08-05 23:57:41 +04:00
pwd , historyLen * PW_HISTORY_ENTRY_LEN ) ;
2006-02-20 23:09:36 +03:00
if ( ! sampass - > nt_pw_his . length ) {
2004-07-08 02:46:51 +04:00
DEBUG ( 0 , ( " pdb_set_pw_history: data_blob_talloc() failed! \n " ) ) ;
return False ;
}
} else {
2006-02-20 23:09:36 +03:00
sampass - > nt_pw_his = data_blob_talloc ( sampass , NULL , 0 ) ;
2004-07-08 02:46:51 +04:00
}
return pdb_set_init_flags ( sampass , PDB_PWHISTORY , flag ) ;
}
2002-07-15 14:35:28 +04:00
/*********************************************************************
Set the user ' s plaintext password only ( base procedure , see helper
below )
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_plaintext_pw_only ( struct samu * sampass , const char * password , enum pdb_value_state flag )
2002-07-15 14:35:28 +04:00
{
2002-09-25 19:19:00 +04:00
if ( password ) {
2006-02-20 23:09:36 +03:00
if ( sampass - > plaintext_pw ! = NULL )
memset ( sampass - > plaintext_pw , ' \0 ' , strlen ( sampass - > plaintext_pw ) + 1 ) ;
2002-09-26 22:58:34 +04:00
2006-02-20 23:09:36 +03:00
sampass - > plaintext_pw = talloc_strdup ( sampass , password ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > plaintext_pw ) {
2002-09-25 19:19:00 +04:00
DEBUG ( 0 , ( " pdb_set_unknown_str: talloc_strdup() failed! \n " ) ) ;
return False ;
}
} else {
2006-02-20 23:09:36 +03:00
sampass - > plaintext_pw = NULL ;
2002-09-25 19:19:00 +04:00
}
2002-07-15 14:35:28 +04:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PLAINTEXT_PW , flag ) ;
2002-07-15 14:35:28 +04:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_bad_password_count ( struct samu * sampass , uint16 bad_password_count , enum pdb_value_state flag )
2003-09-19 03:53:48 +04:00
{
2006-02-20 23:09:36 +03:00
sampass - > bad_password_count = bad_password_count ;
2003-09-19 03:53:48 +04:00
return pdb_set_init_flags ( sampass , PDB_BAD_PASSWORD_COUNT , flag ) ;
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_count ( struct samu * sampass , uint16 logon_count , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_count = logon_count ;
2003-09-19 03:53:48 +04:00
return pdb_set_init_flags ( sampass , PDB_LOGON_COUNT , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_unknown_6 ( struct samu * sampass , uint32 unkn , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > unknown_6 = unkn ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_UNKNOWN6 , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_hours ( struct samu * sampass , const uint8 * hours , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
if ( ! hours ) {
2006-02-20 23:09:36 +03:00
memset ( ( char * ) sampass - > hours , 0 , MAX_HOURS_LEN ) ;
2006-06-20 05:00:39 +04:00
} else {
memcpy ( sampass - > hours , hours , MAX_HOURS_LEN ) ;
2002-01-12 04:55:09 +03:00
}
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_HOURS , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_backend_private_data ( struct samu * sampass , void * private_data ,
2003-07-05 13:46:12 +04:00
void ( * free_fn ) ( void * * ) ,
const struct pdb_methods * my_methods ,
enum pdb_value_state flag )
{
2006-02-20 23:09:36 +03:00
if ( sampass - > backend_private_data & &
sampass - > backend_private_data_free_fn ) {
sampass - > backend_private_data_free_fn (
& sampass - > backend_private_data ) ;
2003-07-05 13:46:12 +04:00
}
2006-02-20 23:09:36 +03:00
sampass - > backend_private_data = private_data ;
sampass - > backend_private_data_free_fn = free_fn ;
sampass - > backend_private_methods = my_methods ;
2003-07-05 13:46:12 +04:00
return pdb_set_init_flags ( sampass , PDB_BACKEND_PRIVATE_DATA , flag ) ;
}
2002-01-12 04:55:09 +03:00
/* Helpful interfaces to the above */
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_can_change ( struct samu * sampass , bool canchange )
2002-01-12 04:55:09 +03:00
{
2006-10-03 21:14:18 +04:00
return pdb_set_pass_can_change_time ( sampass ,
canchange ? 0 : get_time_t_max ( ) ,
PDB_CHANGED ) ;
2002-01-12 04:55:09 +03:00
}
2006-10-03 21:14:18 +04:00
2002-01-12 04:55:09 +03:00
/*********************************************************************
Set the user ' s PLAINTEXT password . Used as an interface to the above .
Also sets the last change time to NOW .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_plaintext_passwd ( struct samu * sampass , const char * plaintext )
2002-01-12 04:55:09 +03:00
{
2004-07-08 02:46:51 +04:00
uchar new_lanman_p16 [ LM_HASH_LEN ] ;
uchar new_nt_p16 [ NT_HASH_LEN ] ;
2002-01-12 04:55:09 +03:00
2006-06-20 05:00:39 +04:00
if ( ! plaintext )
2002-01-12 04:55:09 +03:00
return False ;
2004-07-08 02:46:51 +04:00
2004-02-08 11:38:42 +03:00
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash ( plaintext , new_nt_p16 ) ;
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_nt_passwd ( sampass , new_nt_p16 , PDB_CHANGED ) )
2002-01-12 04:55:09 +03:00
return False ;
2004-02-08 11:38:42 +03:00
if ( ! E_deshash ( plaintext , new_lanman_p16 ) ) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars ) . This allows us to match Win2k , which
does not store a LM hash for these passwords ( which
would reduce the effective password length to 14 */
if ( ! pdb_set_lanman_passwd ( sampass , NULL , PDB_CHANGED ) )
return False ;
} else {
if ( ! pdb_set_lanman_passwd ( sampass , new_lanman_p16 , PDB_CHANGED ) )
return False ;
}
2002-09-25 19:19:00 +04:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_plaintext_pw_only ( sampass , plaintext , PDB_CHANGED ) )
2002-09-25 19:19:00 +04:00
return False ;
2006-10-03 21:14:18 +04:00
if ( ! pdb_set_pass_last_set_time ( sampass , time ( NULL ) , PDB_CHANGED ) )
2002-01-12 04:55:09 +03:00
return False ;
2004-07-08 02:46:51 +04:00
/* Store the password history. */
if ( pdb_get_acct_ctrl ( sampass ) & ACB_NORMAL ) {
uchar * pwhistory ;
uint32 pwHistLen ;
2009-07-14 01:53:49 +04:00
pdb_get_account_policy ( PDB_POLICY_PASSWORD_HISTORY , & pwHistLen ) ;
2004-07-08 02:46:51 +04:00
if ( pwHistLen ! = 0 ) {
uint32 current_history_len ;
/* We need to make sure we don't have a race condition here - the
account policy history length can change between when the pw_history
2006-02-20 23:09:36 +03:00
was first loaded into the struct samu struct and now . . . . JRA . */
2005-09-30 21:13:37 +04:00
pwhistory = ( uchar * ) pdb_get_pw_history ( sampass , & current_history_len ) ;
2004-07-08 02:46:51 +04:00
if ( current_history_len ! = pwHistLen ) {
2006-02-20 23:09:36 +03:00
/* After closing and reopening struct samu the history
2004-07-08 02:46:51 +04:00
values will sync up . We can ' t do this here . */
/* current_history_len > pwHistLen is not a problem - we
have more history than we need . */
if ( current_history_len < pwHistLen ) {
2004-08-05 23:57:41 +04:00
/* Ensure we have space for the needed history. */
2006-07-11 22:01:26 +04:00
uchar * new_history = ( uchar * ) TALLOC ( sampass ,
2004-08-05 23:57:41 +04:00
pwHistLen * PW_HISTORY_ENTRY_LEN ) ;
2006-03-30 03:22:57 +04:00
if ( ! new_history ) {
return False ;
}
2004-08-05 23:57:41 +04:00
/* And copy it into the new buffer. */
if ( current_history_len ) {
memcpy ( new_history , pwhistory ,
current_history_len * PW_HISTORY_ENTRY_LEN ) ;
}
/* Clearing out any extra space. */
memset ( & new_history [ current_history_len * PW_HISTORY_ENTRY_LEN ] ,
' \0 ' , ( pwHistLen - current_history_len ) * PW_HISTORY_ENTRY_LEN ) ;
/* Finally replace it. */
pwhistory = new_history ;
2004-07-08 02:46:51 +04:00
}
}
2004-07-30 06:19:10 +04:00
if ( pwhistory & & pwHistLen ) {
/* Make room for the new password in the history list. */
2004-07-08 02:46:51 +04:00
if ( pwHistLen > 1 ) {
2004-08-05 23:57:41 +04:00
memmove ( & pwhistory [ PW_HISTORY_ENTRY_LEN ] ,
pwhistory , ( pwHistLen - 1 ) * PW_HISTORY_ENTRY_LEN ) ;
2004-07-08 02:46:51 +04:00
}
2004-08-05 23:57:41 +04:00
/* Create the new salt as the first part of the history entry. */
generate_random_buffer ( pwhistory , PW_HISTORY_SALT_LEN ) ;
/* Generate the md5 hash of the salt+new password as the second
part of the history entry . */
E_md5hash ( pwhistory , new_nt_p16 , & pwhistory [ PW_HISTORY_SALT_LEN ] ) ;
2004-07-08 02:46:51 +04:00
pdb_set_pw_history ( sampass , pwhistory , pwHistLen , PDB_CHANGED ) ;
} else {
DEBUG ( 10 , ( " pdb_get_set.c: pdb_set_plaintext_passwd: pwhistory was NULL! \n " ) ) ;
}
} else {
/* Set the history length to zero. */
pdb_set_pw_history ( sampass , NULL , 0 , PDB_CHANGED ) ;
}
}
2002-01-12 04:55:09 +03:00
return True ;
}
2004-02-12 19:16:53 +03:00
/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */
2006-06-15 05:54:09 +04:00
uint32 pdb_build_fields_present ( struct samu * sampass )
2004-02-12 19:16:53 +03:00
{
/* value set to all for testing */
return 0x00ffffff ;
}
