mirror of
https://github.com/samba-team/samba.git
synced 2025-12-11 08:23:49 +03:00
r13522: Add SAMR_GET_USRDOM_PWINFO client-side.
Guenther
This commit is contained in:
Günther Deschner
committed by
Gerald (Jerry) Carter
Gerald (Jerry) Carter
parent
6ec0e9124a
commit
290a581b75
@@ -468,9 +468,9 @@ SAMR_R_GET_USRDOM_PWINFO - a "set user info" occurs just after this
|
||||
/* SAMR_R_GET_USRDOM_PWINFO */
|
||||
typedef struct r_samr_usrdom_pwinfo_info
|
||||
{
|
||||
uint16 unknown_0; /* 0000 */
|
||||
uint16 min_pwd_length;
|
||||
uint16 unknown_1; /* 0x0016 or 0x0015 */
|
||||
uint32 unknown_2; /* 0x0000 0000 */
|
||||
uint32 password_properties;
|
||||
NTSTATUS status;
|
||||
|
||||
} SAMR_R_GET_USRDOM_PWINFO;
|
||||
|
||||
@@ -1880,6 +1880,50 @@ NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Get domain password info */
|
||||
|
||||
NTSTATUS rpccli_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
|
||||
POLICY_HND *pol, uint16 *min_pwd_length,
|
||||
uint32 *password_properties, uint32 *unknown1)
|
||||
{
|
||||
prs_struct qbuf, rbuf;
|
||||
SAMR_Q_GET_USRDOM_PWINFO q;
|
||||
SAMR_R_GET_USRDOM_PWINFO r;
|
||||
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
|
||||
|
||||
DEBUG(10,("cli_samr_get_usrdom_pwinfo\n"));
|
||||
|
||||
ZERO_STRUCT(q);
|
||||
ZERO_STRUCT(r);
|
||||
|
||||
/* Marshall data and send request */
|
||||
|
||||
init_samr_q_get_usrdom_pwinfo(&q, pol);
|
||||
|
||||
CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_USRDOM_PWINFO,
|
||||
q, r,
|
||||
qbuf, rbuf,
|
||||
samr_io_q_get_usrdom_pwinfo,
|
||||
samr_io_r_get_usrdom_pwinfo,
|
||||
NT_STATUS_UNSUCCESSFUL);
|
||||
|
||||
/* Return output parameters */
|
||||
|
||||
result = r.status;
|
||||
|
||||
if (NT_STATUS_IS_OK(result)) {
|
||||
if (min_pwd_length)
|
||||
*min_pwd_length = r.min_pwd_length;
|
||||
if (password_properties)
|
||||
*password_properties = r.password_properties;
|
||||
if (unknown1)
|
||||
*unknown1 = r.unknown_1;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
/* Lookup Domain Name */
|
||||
|
||||
NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
|
||||
|
||||
@@ -344,7 +344,7 @@ void init_samr_r_get_usrdom_pwinfo(SAMR_R_GET_USRDOM_PWINFO *r_u, NTSTATUS statu
|
||||
{
|
||||
DEBUG(5, ("init_samr_r_get_usrdom_pwinfo\n"));
|
||||
|
||||
r_u->unknown_0 = 0x0000;
|
||||
r_u->min_pwd_length = 0x0000;
|
||||
|
||||
/*
|
||||
* used to be
|
||||
@@ -354,7 +354,7 @@ void init_samr_r_get_usrdom_pwinfo(SAMR_R_GET_USRDOM_PWINFO *r_u, NTSTATUS statu
|
||||
r_u->unknown_1 = 0x01D1;
|
||||
r_u->unknown_1 = 0x0015;
|
||||
|
||||
r_u->unknown_2 = 0x00000000;
|
||||
r_u->password_properties = 0x00000000;
|
||||
|
||||
r_u->status = status;
|
||||
}
|
||||
@@ -375,12 +375,13 @@ BOOL samr_io_r_get_usrdom_pwinfo(const char *desc, SAMR_R_GET_USRDOM_PWINFO * r_
|
||||
if(!prs_align(ps))
|
||||
return False;
|
||||
|
||||
if(!prs_uint16("unknown_0", ps, depth, &r_u->unknown_0))
|
||||
if(!prs_uint16("min_pwd_length", ps, depth, &r_u->min_pwd_length))
|
||||
return False;
|
||||
if(!prs_uint16("unknown_1", ps, depth, &r_u->unknown_1))
|
||||
return False;
|
||||
if(!prs_uint32("unknown_2", ps, depth, &r_u->unknown_2))
|
||||
if(!prs_uint32("password_properties", ps, depth, &r_u->password_properties))
|
||||
return False;
|
||||
|
||||
if(!prs_ntstatus("status ", ps, depth, &r_u->status))
|
||||
return False;
|
||||
|
||||
|
||||
@@ -149,33 +149,35 @@ static const char *display_time(NTTIME nttime)
|
||||
return (string);
|
||||
}
|
||||
|
||||
static void display_password_properties(uint32 password_properties)
|
||||
{
|
||||
printf("password_properties: 0x%08x\n", password_properties);
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_COMPLEX)
|
||||
printf("\tDOMAIN_PASSWORD_COMPLEX\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
|
||||
printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
|
||||
printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
|
||||
|
||||
if (password_properties & DOMAIN_LOCKOUT_ADMINS)
|
||||
printf("\tDOMAIN_LOCKOUT_ADMINS\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
|
||||
printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
|
||||
|
||||
if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
|
||||
printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
|
||||
}
|
||||
|
||||
static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1)
|
||||
{
|
||||
|
||||
printf("Minimum password length:\t\t\t%d\n", info1->min_length_password);
|
||||
printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history);
|
||||
printf("Password Properties:\t\t\t\t0x%08x\n", info1->password_properties);
|
||||
|
||||
if (info1->password_properties & DOMAIN_PASSWORD_COMPLEX)
|
||||
printf("\tDOMAIN_PASSWORD_COMPLEX\n");
|
||||
|
||||
if (info1->password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE) {
|
||||
printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
|
||||
printf("users must open a session to change password ");
|
||||
}
|
||||
|
||||
if (info1->password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
|
||||
printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
|
||||
|
||||
if (info1->password_properties & DOMAIN_LOCKOUT_ADMINS)
|
||||
printf("\tDOMAIN_LOCKOUT_ADMINS\n");
|
||||
|
||||
if (info1->password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
|
||||
printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
|
||||
|
||||
if (info1->password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
|
||||
printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
|
||||
|
||||
display_password_properties(info1->password_properties);
|
||||
printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire));
|
||||
printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage));
|
||||
}
|
||||
@@ -1829,6 +1831,63 @@ done:
|
||||
return result;
|
||||
}
|
||||
|
||||
static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
int argc, const char **argv)
|
||||
{
|
||||
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
|
||||
POLICY_HND connect_pol, domain_pol, user_pol;
|
||||
uint16 min_pwd_length;
|
||||
uint32 password_properties, unknown1, rid;
|
||||
|
||||
if (argc != 2) {
|
||||
printf("Usage: %s rid\n", argv[0]);
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
sscanf(argv[1], "%i", &rid);
|
||||
|
||||
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
|
||||
&connect_pol);
|
||||
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
|
||||
MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol);
|
||||
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
|
||||
MAXIMUM_ALLOWED_ACCESS,
|
||||
rid, &user_pol);
|
||||
|
||||
if (!NT_STATUS_IS_OK(result)) {
|
||||
goto done;
|
||||
}
|
||||
|
||||
result = rpccli_samr_get_usrdom_pwinfo(cli, mem_ctx, &user_pol,
|
||||
&min_pwd_length, &password_properties,
|
||||
&unknown1) ;
|
||||
|
||||
if (NT_STATUS_IS_OK(result)) {
|
||||
printf("min_pwd_length: %d\n", min_pwd_length);
|
||||
printf("unknown1: %d\n", unknown1);
|
||||
display_password_properties(password_properties);
|
||||
}
|
||||
|
||||
done:
|
||||
rpccli_samr_close(cli, mem_ctx, &user_pol);
|
||||
rpccli_samr_close(cli, mem_ctx, &domain_pol);
|
||||
rpccli_samr_close(cli, mem_ctx, &connect_pol);
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
int argc, const char **argv)
|
||||
@@ -1846,25 +1905,7 @@ static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
|
||||
|
||||
if (NT_STATUS_IS_OK(result)) {
|
||||
printf("min_pwd_length: %d\n", min_pwd_length);
|
||||
printf("password_properties: 0x%08x\n", password_properties);
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_COMPLEX)
|
||||
printf("\tDOMAIN_PASSWORD_COMPLEX\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
|
||||
printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
|
||||
printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
|
||||
|
||||
if (password_properties & DOMAIN_LOCKOUT_ADMINS)
|
||||
printf("\tDOMAIN_LOCKOUT_ADMINS\n");
|
||||
|
||||
if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
|
||||
printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
|
||||
|
||||
if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
|
||||
printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
|
||||
display_password_properties(password_properties);
|
||||
}
|
||||
|
||||
return result;
|
||||
@@ -2019,6 +2060,7 @@ struct cmd_set samr_commands[] = {
|
||||
{ "deletedomuser", RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user, NULL, PI_SAMR, NULL, "Delete domain user", "" },
|
||||
{ "samquerysecobj", RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj, NULL, PI_SAMR, NULL, "Query SAMR security object", "" },
|
||||
{ "getdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
|
||||
{ "getusrdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_usrdom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve user domain password info", "" },
|
||||
|
||||
{ "lookupdomain", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain, NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
|
||||
{ "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, PI_SAMR, NULL, "Change user password", "" },
|
||||
|
||||
Reference in New Issue
Block a user