2002-01-12 04:55:09 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2006-02-20 23:09:36 +03:00
struct samu access routines
2002-01-12 04:55:09 +03:00
Copyright ( C ) Jeremy Allison 1996 - 2001
Copyright ( C ) Luke Kenneth Casson Leighton 1996 - 1998
2006-04-28 19:36:23 +04:00
Copyright ( C ) Gerald ( Jerry ) Carter 2000 - 2006
2002-01-12 04:55:09 +03:00
Copyright ( C ) Andrew Bartlett 2001 - 2002
2002-07-15 14:35:28 +04:00
Copyright ( C ) Stefan ( metze ) Metzmacher 2002
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2002-01-12 04:55:09 +03:00
( at your option ) any later version .
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2009-02-07 21:00:50 +03:00
2002-01-12 04:55:09 +03:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2002-01-12 04:55:09 +03:00
*/
# include "includes.h"
2011-03-18 20:58:37 +03:00
# include "passdb.h"
2009-03-16 13:27:58 +03:00
# include "../libcli/auth/libcli_auth.h"
2010-10-12 08:27:50 +04:00
# include "../libcli/security/security.h"
2011-07-07 15:04:31 +04:00
# include "../lib/util/bitmap.h"
2002-01-12 04:55:09 +03:00
2002-07-15 14:35:28 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_PASSDB
2002-01-15 04:02:13 +03:00
/**
2003-05-14 04:46:43 +04:00
* @ todo Redefine this to NULL , but this changes the API because
2002-01-15 04:02:13 +03:00
* much of samba assumes that the pdb_get . . . ( ) funtions
2007-11-21 04:18:16 +03:00
* return strings . ( ie not null - pointers ) .
2002-01-15 04:14:58 +03:00
* See also pdb_fill_default_sam ( ) .
2002-01-15 04:02:13 +03:00
*/
# define PDB_NOT_QUITE_NULL ""
2011-11-16 01:27:14 +04:00
/*********************************************************************
Test if a change time is a max value . Copes with old and new values
of max .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
bool pdb_is_password_change_time_max ( time_t test_time )
{
if ( test_time = = get_time_t_max ( ) ) {
return true ;
}
# if (defined(SIZEOF_TIME_T) && (SIZEOF_TIME_T == 8))
if ( test_time = = 0x7FFFFFFFFFFFFFFFLL ) {
return true ;
}
# endif
if ( test_time = = 0x7FFFFFFF ) {
return true ;
}
return false ;
}
/*********************************************************************
Return an unchanging version of max password change time - 0x7FFFFFFF .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2011-11-29 16:38:59 +04:00
static time_t pdb_password_change_time_max ( void )
2011-11-16 01:27:14 +04:00
{
return 0x7FFFFFFF ;
}
2002-01-12 04:55:09 +03:00
/*********************************************************************
2006-02-20 23:09:36 +03:00
Collection of get . . . ( ) functions for struct samu .
2002-01-12 04:55:09 +03:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-21 04:38:04 +04:00
uint32_t pdb_get_acct_ctrl ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > acct_ctrl ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_logon_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_logoff_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logoff_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_kickoff_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > kickoff_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_bad_password_time ( const struct samu * sampass )
2004-02-19 18:59:35 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > bad_password_time ;
2004-02-19 18:59:35 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_last_set_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > pass_last_set_time ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_can_change_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2010-05-21 04:38:04 +04:00
uint32_t allow ;
2006-09-20 21:25:46 +04:00
2006-10-03 21:14:18 +04:00
/* if the last set time is zero, it means the user cannot
change their password , and this time must be zero . jmcd
*/
2006-09-20 21:25:46 +04:00
if ( sampass - > pass_last_set_time = = 0 )
return ( time_t ) 0 ;
2009-02-07 21:00:50 +03:00
2006-10-03 21:14:18 +04:00
/* if the time is max, and the field has been changed,
we ' re trying to update this real value from the sampass
to indicate that the user cannot change their password . jmcd
*/
2011-11-16 01:27:14 +04:00
if ( pdb_is_password_change_time_max ( sampass - > pass_can_change_time ) & &
2010-02-05 17:40:12 +03:00
IS_SAM_CHANGED ( sampass , PDB_CANCHANGETIME ) )
2006-10-03 21:14:18 +04:00
return sampass - > pass_can_change_time ;
2009-07-14 01:53:49 +04:00
if ( ! pdb_get_account_policy ( PDB_POLICY_MIN_PASSWORD_AGE , & allow ) )
2006-09-20 21:25:46 +04:00
allow = 0 ;
2006-10-03 21:14:18 +04:00
/* in normal cases, just calculate it from policy */
2006-09-20 21:25:46 +04:00
return sampass - > pass_last_set_time + allow ;
2002-01-12 04:55:09 +03:00
}
2006-10-03 21:14:18 +04:00
/* we need this for loading from the backend, so that we don't overwrite
non - changed max times , otherwise the pass_can_change checking won ' t work */
time_t pdb_get_pass_can_change_time_noncalc ( const struct samu * sampass )
{
return sampass - > pass_can_change_time ;
}
2006-06-15 05:54:09 +04:00
time_t pdb_get_pass_must_change_time ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2010-05-21 04:38:04 +04:00
uint32_t expire ;
2006-09-20 21:25:46 +04:00
if ( sampass - > pass_last_set_time = = 0 )
return ( time_t ) 0 ;
if ( sampass - > acct_ctrl & ACB_PWNOEXP )
2011-11-16 01:27:14 +04:00
return pdb_password_change_time_max ( ) ;
2006-09-20 21:25:46 +04:00
2009-07-14 01:53:49 +04:00
if ( ! pdb_get_account_policy ( PDB_POLICY_MAX_PASSWORD_AGE , & expire )
2010-05-21 04:38:04 +04:00
| | expire = = ( uint32_t ) - 1 | | expire = = 0 )
2006-09-20 21:25:46 +04:00
return get_time_t_max ( ) ;
return sampass - > pass_last_set_time + expire ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_get_pass_can_change ( const struct samu * sampass )
2006-10-03 21:14:18 +04:00
{
2011-11-16 01:27:14 +04:00
if ( pdb_is_password_change_time_max ( sampass - > pass_can_change_time ) )
2006-10-03 21:14:18 +04:00
return False ;
return True ;
}
2010-05-21 04:38:04 +04:00
uint16_t pdb_get_logon_divs ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_divs ;
2002-01-12 04:55:09 +03:00
}
2010-05-21 04:38:04 +04:00
uint32_t pdb_get_hours_len ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > hours_len ;
2002-01-12 04:55:09 +03:00
}
2015-05-09 23:34:31 +03:00
const uint8_t * pdb_get_hours ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return ( sampass - > hours ) ;
2002-01-12 04:55:09 +03:00
}
2015-05-09 23:34:31 +03:00
const uint8_t * pdb_get_nt_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > nt_pw . data )
| | sampass - > nt_pw . length = = NT_HASH_LEN ) ;
2015-05-09 23:34:31 +03:00
return ( uint8_t * ) sampass - > nt_pw . data ;
2002-01-12 04:55:09 +03:00
}
2015-05-09 23:34:31 +03:00
const uint8_t * pdb_get_lanman_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > lm_pw . data )
| | sampass - > lm_pw . length = = LM_HASH_LEN ) ;
2015-05-09 23:34:31 +03:00
return ( uint8_t * ) sampass - > lm_pw . data ;
2002-01-12 04:55:09 +03:00
}
2015-05-09 23:34:31 +03:00
const uint8_t * pdb_get_pw_history ( const struct samu * sampass , uint32_t * current_hist_len )
2004-07-08 02:46:51 +04:00
{
2006-06-15 05:54:09 +04:00
SMB_ASSERT ( ( ! sampass - > nt_pw_his . data )
| | ( ( sampass - > nt_pw_his . length % PW_HISTORY_ENTRY_LEN ) = = 0 ) ) ;
* current_hist_len = sampass - > nt_pw_his . length / PW_HISTORY_ENTRY_LEN ;
2015-05-09 23:34:31 +03:00
return ( uint8_t * ) sampass - > nt_pw_his . data ;
2004-07-08 02:46:51 +04:00
}
2002-07-15 14:35:28 +04:00
/* Return the plaintext password if known. Most of the time
it isn ' t , so don ' t assume anything magic about this function .
2009-02-07 21:00:50 +03:00
2002-07-15 14:35:28 +04:00
Used to pass the plaintext to passdb backends that might
want to store more than just the NTLM hashes .
*/
2006-06-15 05:54:09 +04:00
const char * pdb_get_plaintext_passwd ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > plaintext_pw ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
2010-05-21 05:25:01 +04:00
const struct dom_sid * pdb_get_user_sid ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return & sampass - > user_sid ;
2002-01-12 04:55:09 +03:00
}
2010-05-21 05:25:01 +04:00
const struct dom_sid * pdb_get_group_sid ( struct samu * sampass )
2002-07-15 14:35:28 +04:00
{
2010-05-29 18:51:40 +04:00
NTSTATUS status ;
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
/* Return the cached group SID if we have that */
2010-05-29 18:51:40 +04:00
if ( sampass - > group_sid ) {
2006-02-25 00:36:40 +03:00
return sampass - > group_sid ;
}
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
/* No algorithmic mapping, meaning that we have to figure out the
primary group SID according to group mapping and the user SID must
be a newly allocated one . We rely on the user ' s Unix primary gid .
We have no choice but to fail if we can ' t find it . */
2010-05-29 18:51:40 +04:00
status = get_primary_group_sid ( sampass ,
pdb_get_username ( sampass ) ,
& sampass - > unix_pw ,
& sampass - > group_sid ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2006-02-25 00:36:40 +03:00
return NULL ;
}
2009-02-07 21:00:50 +03:00
2006-02-25 00:36:40 +03:00
return sampass - > group_sid ;
2010-05-29 18:51:40 +04:00
}
2002-07-15 14:35:28 +04:00
2002-01-12 04:55:09 +03:00
/**
2006-02-20 23:09:36 +03:00
* Get flags showing what is initalised in the struct samu
* @ param sampass the struct samu in question
2002-01-12 04:55:09 +03:00
* @ return the flags indicating the members initialised in the struct .
* */
2009-02-07 21:00:50 +03:00
2006-06-15 05:54:09 +04:00
enum pdb_value_state pdb_get_init_flags ( const struct samu * sampass , enum pdb_elements element )
2002-01-12 04:55:09 +03:00
{
2002-11-02 06:47:48 +03:00
enum pdb_value_state ret = PDB_DEFAULT ;
2009-02-07 21:00:50 +03:00
2006-06-15 05:54:09 +04:00
if ( ! sampass - > change_flags | | ! sampass - > set_flags )
2002-11-02 06:47:48 +03:00
return ret ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( bitmap_query ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: SET \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
ret = PDB_SET ;
}
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( bitmap_query ( sampass - > change_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: CHANGED \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
ret = PDB_CHANGED ;
}
if ( ret = = PDB_DEFAULT ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d: DEFAULT \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
}
return ret ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_username ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > username ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_domain ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > domain ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_nt_username ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > nt_username ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_fullname ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > full_name ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_homedir ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > home_dir ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_dir_drive ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > dir_drive ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_logon_script ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_script ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_profile_path ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > profile_path ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_acct_desc ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > acct_desc ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_workstations ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > workstations ;
2002-01-12 04:55:09 +03:00
}
2006-07-11 22:01:26 +04:00
const char * pdb_get_comment ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-07-11 22:01:26 +04:00
return sampass - > comment ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
const char * pdb_get_munged_dial ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > munged_dial ;
2002-01-12 04:55:09 +03:00
}
2010-05-21 04:38:04 +04:00
uint16_t pdb_get_bad_password_count ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > bad_password_count ;
2003-09-19 03:53:48 +04:00
}
2010-05-21 04:38:04 +04:00
uint16_t pdb_get_logon_count ( const struct samu * sampass )
2003-09-19 03:53:48 +04:00
{
2006-06-15 05:54:09 +04:00
return sampass - > logon_count ;
2002-01-12 04:55:09 +03:00
}
2011-02-15 21:08:47 +03:00
uint16_t pdb_get_country_code ( const struct samu * sampass )
{
return sampass - > country_code ;
}
2011-02-15 21:07:42 +03:00
uint16_t pdb_get_code_page ( const struct samu * sampass )
{
return sampass - > code_page ;
}
2010-05-21 04:38:04 +04:00
uint32_t pdb_get_unknown_6 ( const struct samu * sampass )
2002-01-12 04:55:09 +03:00
{
2006-06-15 05:54:09 +04:00
return sampass - > unknown_6 ;
2002-01-12 04:55:09 +03:00
}
2006-06-15 05:54:09 +04:00
void * pdb_get_backend_private_data ( const struct samu * sampass , const struct pdb_methods * my_methods )
2003-07-05 13:46:12 +04:00
{
2006-06-15 05:54:09 +04:00
if ( my_methods = = sampass - > backend_private_methods ) {
2006-02-20 23:09:36 +03:00
return sampass - > backend_private_data ;
2006-06-15 05:54:09 +04:00
} else {
2003-07-05 13:46:12 +04:00
return NULL ;
2006-06-15 05:54:09 +04:00
}
2003-07-05 13:46:12 +04:00
}
2002-01-12 04:55:09 +03:00
/*********************************************************************
2006-02-20 23:09:36 +03:00
Collection of set . . . ( ) functions for struct samu .
2002-01-12 04:55:09 +03:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-21 04:38:04 +04:00
bool pdb_set_acct_ctrl ( struct samu * sampass , uint32_t acct_ctrl , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > acct_ctrl = acct_ctrl ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_ACCTCTRL , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_logoff_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logoff_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGOFFTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_kickoff_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > kickoff_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_KICKOFFTIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_bad_password_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2004-02-19 18:59:35 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > bad_password_time = mytime ;
2004-02-19 18:59:35 +03:00
return pdb_set_init_flags ( sampass , PDB_BAD_PASSWORD_TIME , flag ) ;
}
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_can_change_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > pass_can_change_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_CANCHANGETIME , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_last_set_time ( struct samu * sampass , time_t mytime , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > pass_last_set_time = mytime ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PASSLASTSET , flag ) ;
2002-01-12 04:55:09 +03:00
}
2010-05-21 04:38:04 +04:00
bool pdb_set_hours_len ( struct samu * sampass , uint32_t len , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > hours_len = len ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_HOURSLEN , flag ) ;
2002-01-12 04:55:09 +03:00
}
2010-05-21 04:38:04 +04:00
bool pdb_set_logon_divs ( struct samu * sampass , uint16_t hours , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_divs = hours ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONDIVS , flag ) ;
2002-01-12 04:55:09 +03:00
}
/**
2006-02-20 23:09:36 +03:00
* Set flags showing what is initalised in the struct samu
* @ param sampass the struct samu in question
2002-01-12 04:55:09 +03:00
* @ param flag The * new * flag to be set . Old flags preserved
* this flag is only added .
* */
2009-02-07 21:00:50 +03:00
2007-10-19 04:40:25 +04:00
bool pdb_set_init_flags ( struct samu * sampass , enum pdb_elements element , enum pdb_value_state value_flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
if ( ! sampass - > set_flags ) {
if ( ( sampass - > set_flags =
bitmap_talloc ( sampass ,
2002-11-02 06:47:48 +03:00
PDB_COUNT ) ) = = NULL ) {
DEBUG ( 0 , ( " bitmap_talloc failed \n " ) ) ;
return False ;
}
}
2006-02-20 23:09:36 +03:00
if ( ! sampass - > change_flags ) {
if ( ( sampass - > change_flags =
bitmap_talloc ( sampass ,
2002-11-02 06:47:48 +03:00
PDB_COUNT ) ) = = NULL ) {
DEBUG ( 0 , ( " bitmap_talloc failed \n " ) ) ;
return False ;
}
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
switch ( value_flag ) {
case PDB_CHANGED :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2003-03-20 15:52:56 +03:00
DEBUG ( 11 , ( " element %d -> now CHANGED \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
case PDB_SET :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_set ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2005-01-26 23:36:44 +03:00
DEBUG ( 11 , ( " element %d -> now SET \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
case PDB_DEFAULT :
default :
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > change_flags , element ) ) {
2002-11-02 06:47:48 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in change_flags. \n " , element ) ) ;
return False ;
}
2006-02-20 23:09:36 +03:00
if ( ! bitmap_clear ( sampass - > set_flags , element ) ) {
2003-03-20 15:52:56 +03:00
DEBUG ( 0 , ( " Can't set flag: %d in set_flags. \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
return False ;
}
2003-04-28 09:26:59 +04:00
DEBUG ( 11 , ( " element %d -> now DEFAULT \n " , element ) ) ;
2002-11-02 06:47:48 +03:00
break ;
}
2002-01-12 04:55:09 +03:00
return True ;
}
2010-05-21 05:25:01 +04:00
bool pdb_set_user_sid ( struct samu * sampass , const struct dom_sid * u_sid , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-06-20 05:00:39 +04:00
if ( ! u_sid )
2002-01-12 04:55:09 +03:00
return False ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sid_copy ( & sampass - > user_sid , u_sid ) ;
2002-01-12 04:55:09 +03:00
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_user_sid: setting user sid %s \n " ,
2007-12-15 23:11:36 +03:00
sid_string_dbg ( & sampass - > user_sid ) ) ) ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_USERSID , flag ) ;
2002-01-12 04:55:09 +03:00
}
2011-10-13 16:55:32 +04:00
bool pdb_set_user_sid_from_string ( struct samu * sampass , const char * u_sid , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2010-05-21 05:25:01 +04:00
struct dom_sid new_sid ;
2009-02-07 21:00:50 +03:00
2006-06-20 05:00:39 +04:00
if ( ! u_sid )
2002-01-12 04:55:09 +03:00
return False ;
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_user_sid_from_string: setting user sid %s \n " ,
u_sid ) ) ;
if ( ! string_to_sid ( & new_sid , u_sid ) ) {
DEBUG ( 1 , ( " pdb_set_user_sid_from_string: %s isn't a valid SID! \n " , u_sid ) ) ;
return False ;
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_user_sid ( sampass , & new_sid , flag ) ) {
2006-02-20 23:09:36 +03:00
DEBUG ( 1 , ( " pdb_set_user_sid_from_string: could not set sid %s on struct samu! \n " , u_sid ) ) ;
2002-07-15 14:35:28 +04:00
return False ;
}
return True ;
}
2006-02-25 00:36:40 +03:00
/********************************************************************
We never fill this in from a passdb backend but rather set is
based on the user ' s primary group membership . However , the
struct samu * is overloaded and reused in domain memship code
2008-02-17 04:09:35 +03:00
as well and built from the netr_SamInfo3 or PAC so we
2006-02-25 00:36:40 +03:00
have to allow the explicitly setting of a group SID here .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-21 05:25:01 +04:00
bool pdb_set_group_sid ( struct samu * sampass , const struct dom_sid * g_sid , enum pdb_value_state flag )
2002-07-15 14:35:28 +04:00
{
2006-02-17 22:07:58 +03:00
gid_t gid ;
2010-05-21 05:25:01 +04:00
struct dom_sid dug_sid ;
2006-02-17 22:07:58 +03:00
2006-06-20 05:00:39 +04:00
if ( ! g_sid )
2002-07-15 14:35:28 +04:00
return False ;
2011-06-07 05:38:41 +04:00
if ( ! ( sampass - > group_sid = talloc ( sampass , struct dom_sid ) ) ) {
2006-02-25 00:36:40 +03:00
return False ;
}
2006-02-17 22:07:58 +03:00
/* if we cannot resolve the SID to gid, then just ignore it and
store DOMAIN_USERS as the primary groupSID */
2010-05-18 00:04:24 +04:00
sid_compose ( & dug_sid , get_global_sam_sid ( ) , DOMAIN_RID_USERS ) ;
2010-03-25 22:59:49 +03:00
2010-08-26 17:48:50 +04:00
if ( dom_sid_equal ( & dug_sid , g_sid ) ) {
2010-03-25 22:59:49 +03:00
sid_copy ( sampass - > group_sid , & dug_sid ) ;
} else if ( sid_to_gid ( g_sid , & gid ) ) {
2006-02-25 00:36:40 +03:00
sid_copy ( sampass - > group_sid , g_sid ) ;
2006-02-17 22:07:58 +03:00
} else {
2010-03-25 22:59:49 +03:00
sid_copy ( sampass - > group_sid , & dug_sid ) ;
2006-02-17 22:07:58 +03:00
}
2002-07-15 14:35:28 +04:00
DEBUG ( 10 , ( " pdb_set_group_sid: setting group sid %s \n " ,
2007-12-15 23:11:36 +03:00
sid_string_dbg ( sampass - > group_sid ) ) ) ;
2002-07-15 14:35:28 +04:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_GROUPSID , flag ) ;
2002-07-15 14:35:28 +04:00
}
2002-01-12 04:55:09 +03:00
/*********************************************************************
Set the user ' s UNIX name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_username ( struct samu * sampass , const char * username , enum pdb_value_state flag )
2002-11-02 06:47:48 +03:00
{
2002-01-15 04:02:13 +03:00
if ( username ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_username: setting username %s, was %s \n " , username ,
2006-02-20 23:09:36 +03:00
( sampass - > username ) ? ( sampass - > username ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > username = talloc_strdup ( sampass , username ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > username ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_username: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > username = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_USERNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the domain name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_domain ( struct samu * sampass , const char * domain , enum pdb_value_state flag )
2002-11-02 06:47:48 +03:00
{
2002-01-15 04:02:13 +03:00
if ( domain ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_domain: setting domain %s, was %s \n " , domain ,
2006-02-20 23:09:36 +03:00
( sampass - > domain ) ? ( sampass - > domain ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > domain = talloc_strdup ( sampass , domain ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > domain ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_domain: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > domain = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_DOMAIN , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s NT name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_nt_username ( struct samu * sampass , const char * nt_username , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( nt_username ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_nt_username: setting nt username %s, was %s \n " , nt_username ,
2006-02-20 23:09:36 +03:00
( sampass - > nt_username ) ? ( sampass - > nt_username ) : " NULL " ) ) ;
2002-03-19 02:57:14 +03:00
2006-02-20 23:09:36 +03:00
sampass - > nt_username = talloc_strdup ( sampass , nt_username ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > nt_username ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_nt_username: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > nt_username = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_NTUSERNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s full name .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_fullname ( struct samu * sampass , const char * full_name , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( full_name ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_full_name: setting full name %s, was %s \n " , full_name ,
2006-02-20 23:09:36 +03:00
( sampass - > full_name ) ? ( sampass - > full_name ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > full_name = talloc_strdup ( sampass , full_name ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > full_name ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_fullname: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > full_name = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_FULLNAME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s logon script .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_logon_script ( struct samu * sampass , const char * logon_script , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( logon_script ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_logon_script: setting logon script %s, was %s \n " , logon_script ,
2006-02-20 23:09:36 +03:00
( sampass - > logon_script ) ? ( sampass - > logon_script ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > logon_script = talloc_strdup ( sampass , logon_script ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > logon_script ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_logon_script: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > logon_script = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LOGONSCRIPT , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s profile path .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_profile_path ( struct samu * sampass , const char * profile_path , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( profile_path ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_profile_path: setting profile path %s, was %s \n " , profile_path ,
2006-02-20 23:09:36 +03:00
( sampass - > profile_path ) ? ( sampass - > profile_path ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > profile_path = talloc_strdup ( sampass , profile_path ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > profile_path ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_profile_path: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > profile_path = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PROFILE , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s directory drive .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_dir_drive ( struct samu * sampass , const char * dir_drive , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( dir_drive ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_dir_drive: setting dir drive %s, was %s \n " , dir_drive ,
2006-02-20 23:09:36 +03:00
( sampass - > dir_drive ) ? ( sampass - > dir_drive ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > dir_drive = talloc_strdup ( sampass , dir_drive ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > dir_drive ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_dir_drive: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > dir_drive = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2009-02-07 21:00:50 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_DRIVE , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s home directory .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_homedir ( struct samu * sampass , const char * home_dir , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( home_dir ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_homedir: setting home dir %s, was %s \n " , home_dir ,
2006-02-20 23:09:36 +03:00
( sampass - > home_dir ) ? ( sampass - > home_dir ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > home_dir = talloc_strdup ( sampass , home_dir ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > home_dir ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_home_dir: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > home_dir = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_SMBHOME , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s account description .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_acct_desc ( struct samu * sampass , const char * acct_desc , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( acct_desc ) {
2006-02-20 23:09:36 +03:00
sampass - > acct_desc = talloc_strdup ( sampass , acct_desc ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > acct_desc ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_acct_desc: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > acct_desc = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_ACCTDESC , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s workstation allowed list .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_workstations ( struct samu * sampass , const char * workstations , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( workstations ) {
2002-03-19 02:57:14 +03:00
DEBUG ( 10 , ( " pdb_set_workstations: setting workstations %s, was %s \n " , workstations ,
2006-02-20 23:09:36 +03:00
( sampass - > workstations ) ? ( sampass - > workstations ) : " NULL " ) ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
sampass - > workstations = talloc_strdup ( sampass , workstations ) ;
2002-01-15 08:15:22 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > workstations ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_workstations: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > workstations = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_WORKSTATIONS , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_comment ( struct samu * sampass , const char * comment , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-07-11 22:01:26 +04:00
if ( comment ) {
sampass - > comment = talloc_strdup ( sampass , comment ) ;
2009-02-07 21:00:50 +03:00
2006-07-11 22:01:26 +04:00
if ( ! sampass - > comment ) {
DEBUG ( 0 , ( " pdb_set_comment: talloc_strdup() failed! \n " ) ) ;
2002-01-15 08:15:22 +03:00
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-07-11 22:01:26 +04:00
sampass - > comment = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2006-07-11 22:01:26 +04:00
return pdb_set_init_flags ( sampass , PDB_COMMENT , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s dial string .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_munged_dial ( struct samu * sampass , const char * munged_dial , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2002-01-15 04:02:13 +03:00
if ( munged_dial ) {
2006-02-20 23:09:36 +03:00
sampass - > munged_dial = talloc_strdup ( sampass , munged_dial ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > munged_dial ) {
2002-01-15 08:15:22 +03:00
DEBUG ( 0 , ( " pdb_set_munged_dial: talloc_strdup() failed! \n " ) ) ;
return False ;
}
2002-01-15 04:02:13 +03:00
} else {
2006-02-20 23:09:36 +03:00
sampass - > munged_dial = PDB_NOT_QUITE_NULL ;
2002-01-15 04:02:13 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_MUNGEDDIAL , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s NT hash .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2015-05-09 23:34:31 +03:00
bool pdb_set_nt_passwd ( struct samu * sampass , const uint8_t pwd [ NT_HASH_LEN ] , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
data_blob_clear_free ( & sampass - > nt_pw ) ;
2009-02-07 21:00:50 +03:00
2004-01-29 23:14:50 +03:00
if ( pwd ) {
2006-02-20 23:09:36 +03:00
sampass - > nt_pw =
data_blob_talloc ( sampass , pwd , NT_HASH_LEN ) ;
2004-01-29 23:14:50 +03:00
} else {
2007-05-14 16:16:20 +04:00
sampass - > nt_pw = data_blob_null ;
2004-01-29 23:14:50 +03:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_NTPASSWD , flag ) ;
2002-01-12 04:55:09 +03:00
}
/*********************************************************************
Set the user ' s LM hash .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2015-05-09 23:34:31 +03:00
bool pdb_set_lanman_passwd ( struct samu * sampass , const uint8_t pwd [ LM_HASH_LEN ] , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
data_blob_clear_free ( & sampass - > lm_pw ) ;
2009-02-07 21:00:50 +03:00
2006-04-28 19:36:23 +04:00
/* on keep the password if we are allowing LANMAN authentication */
if ( pwd & & lp_lanman_auth ( ) ) {
sampass - > lm_pw = data_blob_talloc ( sampass , pwd , LM_HASH_LEN ) ;
} else {
2007-05-14 16:16:20 +04:00
sampass - > lm_pw = data_blob_null ;
2006-04-28 19:36:23 +04:00
}
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_LMPASSWD , flag ) ;
2002-01-12 04:55:09 +03:00
}
2004-07-08 02:46:51 +04:00
/*********************************************************************
2004-08-05 23:57:41 +04:00
Set the user ' s password history hash . historyLen is the number of
PW_HISTORY_SALT_LEN + SALTED_MD5_HASH_LEN length
2015-05-09 23:34:31 +03:00
entries to store in the history - this must match the size of the uint8_t array
2004-07-08 02:46:51 +04:00
in pwd .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2015-05-09 23:34:31 +03:00
bool pdb_set_pw_history ( struct samu * sampass , const uint8_t * pwd , uint32_t historyLen , enum pdb_value_state flag )
2004-07-08 02:46:51 +04:00
{
2014-12-24 15:58:12 +03:00
DATA_BLOB new_nt_pw_his = { } ;
2004-07-08 02:46:51 +04:00
if ( historyLen & & pwd ) {
2014-12-24 15:58:12 +03:00
new_nt_pw_his = data_blob_talloc ( sampass ,
pwd , historyLen * PW_HISTORY_ENTRY_LEN ) ;
if ( new_nt_pw_his . length = = 0 ) {
2004-07-08 02:46:51 +04:00
DEBUG ( 0 , ( " pdb_set_pw_history: data_blob_talloc() failed! \n " ) ) ;
return False ;
}
}
2014-12-24 15:58:12 +03:00
data_blob_free ( & sampass - > nt_pw_his ) ;
sampass - > nt_pw_his = new_nt_pw_his ;
2004-07-08 02:46:51 +04:00
return pdb_set_init_flags ( sampass , PDB_PWHISTORY , flag ) ;
}
2002-07-15 14:35:28 +04:00
/*********************************************************************
Set the user ' s plaintext password only ( base procedure , see helper
below )
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_plaintext_pw_only ( struct samu * sampass , const char * password , enum pdb_value_state flag )
2002-07-15 14:35:28 +04:00
{
2002-09-25 19:19:00 +04:00
if ( password ) {
2006-02-20 23:09:36 +03:00
if ( sampass - > plaintext_pw ! = NULL )
memset ( sampass - > plaintext_pw , ' \0 ' , strlen ( sampass - > plaintext_pw ) + 1 ) ;
2002-09-26 22:58:34 +04:00
2006-02-20 23:09:36 +03:00
sampass - > plaintext_pw = talloc_strdup ( sampass , password ) ;
2009-02-07 21:00:50 +03:00
2006-02-20 23:09:36 +03:00
if ( ! sampass - > plaintext_pw ) {
2002-09-25 19:19:00 +04:00
DEBUG ( 0 , ( " pdb_set_unknown_str: talloc_strdup() failed! \n " ) ) ;
return False ;
}
} else {
2006-02-20 23:09:36 +03:00
sampass - > plaintext_pw = NULL ;
2002-09-25 19:19:00 +04:00
}
2002-07-15 14:35:28 +04:00
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_PLAINTEXT_PW , flag ) ;
2002-07-15 14:35:28 +04:00
}
2010-05-21 04:38:04 +04:00
bool pdb_set_bad_password_count ( struct samu * sampass , uint16_t bad_password_count , enum pdb_value_state flag )
2003-09-19 03:53:48 +04:00
{
2006-02-20 23:09:36 +03:00
sampass - > bad_password_count = bad_password_count ;
2003-09-19 03:53:48 +04:00
return pdb_set_init_flags ( sampass , PDB_BAD_PASSWORD_COUNT , flag ) ;
}
2010-05-21 04:38:04 +04:00
bool pdb_set_logon_count ( struct samu * sampass , uint16_t logon_count , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > logon_count = logon_count ;
2003-09-19 03:53:48 +04:00
return pdb_set_init_flags ( sampass , PDB_LOGON_COUNT , flag ) ;
2002-01-12 04:55:09 +03:00
}
2011-02-15 21:08:47 +03:00
bool pdb_set_country_code ( struct samu * sampass , uint16_t country_code ,
enum pdb_value_state flag )
{
sampass - > country_code = country_code ;
return pdb_set_init_flags ( sampass , PDB_COUNTRY_CODE , flag ) ;
}
2011-02-15 21:07:42 +03:00
bool pdb_set_code_page ( struct samu * sampass , uint16_t code_page ,
enum pdb_value_state flag )
{
sampass - > code_page = code_page ;
return pdb_set_init_flags ( sampass , PDB_CODE_PAGE , flag ) ;
}
2010-05-21 04:38:04 +04:00
bool pdb_set_unknown_6 ( struct samu * sampass , uint32_t unkn , enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2006-02-20 23:09:36 +03:00
sampass - > unknown_6 = unkn ;
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_UNKNOWN6 , flag ) ;
2002-01-12 04:55:09 +03:00
}
2015-05-09 23:34:31 +03:00
bool pdb_set_hours ( struct samu * sampass , const uint8_t * hours , int hours_len ,
2011-02-16 18:47:23 +03:00
enum pdb_value_state flag )
2002-01-12 04:55:09 +03:00
{
2011-02-16 18:47:23 +03:00
if ( hours_len > sizeof ( sampass - > hours ) ) {
return false ;
}
2002-01-12 04:55:09 +03:00
if ( ! hours ) {
2011-02-16 18:47:23 +03:00
memset ( ( char * ) sampass - > hours , 0 , hours_len ) ;
2006-06-20 05:00:39 +04:00
} else {
2011-02-16 18:47:23 +03:00
memcpy ( sampass - > hours , hours , hours_len ) ;
2002-01-12 04:55:09 +03:00
}
2002-11-02 06:47:48 +03:00
return pdb_set_init_flags ( sampass , PDB_HOURS , flag ) ;
2002-01-12 04:55:09 +03:00
}
2007-10-19 04:40:25 +04:00
bool pdb_set_backend_private_data ( struct samu * sampass , void * private_data ,
2003-07-05 13:46:12 +04:00
void ( * free_fn ) ( void * * ) ,
const struct pdb_methods * my_methods ,
enum pdb_value_state flag )
{
2006-02-20 23:09:36 +03:00
if ( sampass - > backend_private_data & &
sampass - > backend_private_data_free_fn ) {
sampass - > backend_private_data_free_fn (
& sampass - > backend_private_data ) ;
2003-07-05 13:46:12 +04:00
}
2006-02-20 23:09:36 +03:00
sampass - > backend_private_data = private_data ;
sampass - > backend_private_data_free_fn = free_fn ;
sampass - > backend_private_methods = my_methods ;
2003-07-05 13:46:12 +04:00
return pdb_set_init_flags ( sampass , PDB_BACKEND_PRIVATE_DATA , flag ) ;
}
2002-01-12 04:55:09 +03:00
/* Helpful interfaces to the above */
2007-10-19 04:40:25 +04:00
bool pdb_set_pass_can_change ( struct samu * sampass , bool canchange )
2002-01-12 04:55:09 +03:00
{
2006-10-03 21:14:18 +04:00
return pdb_set_pass_can_change_time ( sampass ,
2011-11-16 01:27:14 +04:00
canchange ? 0 : pdb_password_change_time_max ( ) ,
2006-10-03 21:14:18 +04:00
PDB_CHANGED ) ;
2002-01-12 04:55:09 +03:00
}
2006-10-03 21:14:18 +04:00
2002-01-12 04:55:09 +03:00
/*********************************************************************
Set the user ' s PLAINTEXT password . Used as an interface to the above .
Also sets the last change time to NOW .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
bool pdb_set_plaintext_passwd ( struct samu * sampass , const char * plaintext )
2002-01-12 04:55:09 +03:00
{
2004-07-08 02:46:51 +04:00
uchar new_lanman_p16 [ LM_HASH_LEN ] ;
uchar new_nt_p16 [ NT_HASH_LEN ] ;
2002-01-12 04:55:09 +03:00
2006-06-20 05:00:39 +04:00
if ( ! plaintext )
2002-01-12 04:55:09 +03:00
return False ;
2004-07-08 02:46:51 +04:00
2004-02-08 11:38:42 +03:00
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash ( plaintext , new_nt_p16 ) ;
2002-01-12 04:55:09 +03:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_nt_passwd ( sampass , new_nt_p16 , PDB_CHANGED ) )
2002-01-12 04:55:09 +03:00
return False ;
2004-02-08 11:38:42 +03:00
if ( ! E_deshash ( plaintext , new_lanman_p16 ) ) {
/* E_deshash returns false for 'long' passwords (> 14
DOS chars ) . This allows us to match Win2k , which
does not store a LM hash for these passwords ( which
would reduce the effective password length to 14 */
if ( ! pdb_set_lanman_passwd ( sampass , NULL , PDB_CHANGED ) )
return False ;
} else {
if ( ! pdb_set_lanman_passwd ( sampass , new_lanman_p16 , PDB_CHANGED ) )
return False ;
}
2002-09-25 19:19:00 +04:00
2002-11-02 06:47:48 +03:00
if ( ! pdb_set_plaintext_pw_only ( sampass , plaintext , PDB_CHANGED ) )
2002-09-25 19:19:00 +04:00
return False ;
2006-10-03 21:14:18 +04:00
if ( ! pdb_set_pass_last_set_time ( sampass , time ( NULL ) , PDB_CHANGED ) )
2002-01-12 04:55:09 +03:00
return False ;
2015-06-10 16:26:58 +03:00
return pdb_update_history ( sampass , new_nt_p16 ) ;
}
/*********************************************************************
Update password history after change
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
bool pdb_update_history ( struct samu * sampass , const uint8_t new_nt [ NT_HASH_LEN ] )
{
uchar * pwhistory ;
uint32_t pwHistLen ;
uint32_t current_history_len ;
const uint8_t * current_history ;
2009-12-14 20:13:28 +03:00
if ( ( pdb_get_acct_ctrl ( sampass ) & ACB_NORMAL ) = = 0 ) {
/*
* No password history for non - user accounts
*/
return true ;
}
2004-08-05 23:57:41 +04:00
2009-12-14 20:13:28 +03:00
pdb_get_account_policy ( PDB_POLICY_PASSWORD_HISTORY , & pwHistLen ) ;
2009-12-14 20:24:04 +03:00
if ( pwHistLen = = 0 ) {
/* Set the history length to zero. */
pdb_set_pw_history ( sampass , NULL , 0 , PDB_CHANGED ) ;
return true ;
}
/*
* We need to make sure we don ' t have a race condition here -
* the account policy history length can change between when
* the pw_history was first loaded into the struct samu struct
* and now . . . . JRA .
*/
2014-02-26 23:16:26 +04:00
current_history = pdb_get_pw_history ( sampass , & current_history_len ) ;
if ( ( current_history_len ! = 0 ) & & ( current_history = = NULL ) ) {
2015-06-10 16:26:58 +03:00
DEBUG ( 1 , ( " pdb_update_history: pwhistory == NULL! \n " ) ) ;
2009-12-14 21:12:50 +03:00
return false ;
}
2014-02-26 23:16:26 +04:00
/*
* Ensure we have space for the needed history . This
* also takes care of an account which did not have
* any history at all so far , i . e . pwhistory = = NULL
*/
pwhistory = talloc_zero_array (
2009-12-14 20:50:38 +03:00
sampass , uchar ,
pwHistLen * PW_HISTORY_ENTRY_LEN ) ;
2014-02-26 23:16:26 +04:00
if ( ! pwhistory ) {
return false ;
2009-12-14 20:24:04 +03:00
}
2009-12-14 20:13:28 +03:00
2014-02-26 23:16:26 +04:00
memcpy ( pwhistory , current_history ,
current_history_len * PW_HISTORY_ENTRY_LEN ) ;
2009-12-14 21:18:09 +03:00
/*
* Make room for the new password in the history list .
*/
if ( pwHistLen > 1 ) {
memmove ( & pwhistory [ PW_HISTORY_ENTRY_LEN ] , pwhistory ,
( pwHistLen - 1 ) * PW_HISTORY_ENTRY_LEN ) ;
}
2009-12-14 20:24:04 +03:00
2009-12-14 21:18:09 +03:00
/*
2010-01-05 20:28:48 +03:00
* Fill the salt area with 0 - s : this indicates that
* a plain nt hash is stored in the has area .
* The old format was to store a 16 byte salt and
* then an md5hash of the nt_hash concatenated with
* the salt .
2009-12-14 21:18:09 +03:00
*/
2010-01-05 20:28:48 +03:00
memset ( pwhistory , 0 , PW_HISTORY_SALT_LEN ) ;
2009-12-14 21:18:09 +03:00
/*
2010-01-05 20:28:48 +03:00
* Store the plain nt hash in the second 16 bytes .
* The old format was to store the md5 hash of
* the salt + newpw .
2009-12-14 21:18:09 +03:00
*/
2015-06-10 16:26:58 +03:00
memcpy ( & pwhistory [ PW_HISTORY_SALT_LEN ] , new_nt , SALTED_MD5_HASH_LEN ) ;
2009-12-14 21:18:09 +03:00
pdb_set_pw_history ( sampass , pwhistory , pwHistLen , PDB_CHANGED ) ;
2009-12-14 20:24:04 +03:00
2002-01-12 04:55:09 +03:00
return True ;
2015-06-10 16:26:58 +03:00
2002-01-12 04:55:09 +03:00
}
2004-02-12 19:16:53 +03:00
/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */
2010-05-21 04:38:04 +04:00
uint32_t pdb_build_fields_present ( struct samu * sampass )
2004-02-12 19:16:53 +03:00
{
/* value set to all for testing */
return 0x00ffffff ;
}
2011-08-11 09:39:47 +04:00
/**********************************************************************
Helper function to determine for update_sam_account whether
we need LDAP modification .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
bool pdb_element_is_changed ( const struct samu * sampass ,
enum pdb_elements element )
{
return IS_SAM_CHANGED ( sampass , element ) ;
}
/**********************************************************************
Helper function to determine for update_sam_account whether
we need LDAP modification .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
bool pdb_element_is_set_or_changed ( const struct samu * sampass ,
enum pdb_elements element )
{
return ( IS_SAM_SET ( sampass , element ) | |
IS_SAM_CHANGED ( sampass , element ) ) ;
}
