1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00

Forward ported version of Matt Geddes <musicalcarrion@gmail.com>

patch for adding acct_flags to rpccli_samr_create_dom_user().
Jerry please test.
Jeremy.
(This used to be commit 7d94f97947b7edfcf3ec52f0125e4593d6d54c05)
This commit is contained in:
Jeremy Allison 2008-01-23 13:54:02 -08:00
parent a925a53f61
commit a0186fb78d
8 changed files with 71 additions and 20 deletions

View File

@ -145,6 +145,31 @@ SamrTestPrivateFunctionsUser
#define SAMR_CHGPASSWD_USER3 0x3F
#define SAMR_CONNECT5 0x40
/* SAMR account creation flags/permissions */
#define SAMR_USER_GETNAME 0x1
#define SAMR_USER_GETLOCALE 0x2
#define SAMR_USER_GETLOCCOM 0x4
#define SAMR_USER_GETLOGONINFO 0x8
#define SAMR_USER_GETATTR 0x10
#define SAMR_USER_SETATTR 0x20
#define SAMR_USER_CHPASS 0x40
#define SAMR_USER_SETPASS 0x80
#define SAMR_USER_GETGROUPS 0x100
#define SAMR_USER_GETMEMBERSHIP 0x200
#define SAMR_USER_CHMEMBERSHIP 0x400
#define SAMR_STANDARD_DELETE 0x10000
#define SAMR_STANDARD_READCTRL 0x20000
#define SAMR_STANDARD_WRITEDAC 0x40000
#define SAMR_STANDARD_WRITEOWNER 0x80000
#define SAMR_STANDARD_SYNC 0x100000
#define SAMR_GENERIC_ACCESSSACL 0x800000
#define SAMR_GENERIC_MAXALLOWED 0x2000000
#define SAMR_GENERIC_ALL 0x10000000
#define SAMR_GENERIC_EXECUTE 0x20000000
#define SAMR_GENERIC_WRITE 0x40000000
#define SAMR_GENERIC_READ 0x80000000
typedef struct logon_hours_info
{
uint32 max_len; /* normally 1260 bytes */
@ -1555,7 +1580,7 @@ typedef struct q_samr_create_user_info
UNISTR2 uni_name; /* unicode account name */
uint32 acb_info; /* account control info */
uint32 access_mask; /* 0xe005 00b0 */
uint32 acct_flags; /* 0xe005 00b0 */
} SAMR_Q_CREATE_USER;

View File

@ -684,10 +684,15 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
const_acct_name = acct_name;
if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
uint32 acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
SAMR_USER_GETATTR | SAMR_USER_SETATTR;
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx,
&domain_pol,
acct_name, ACB_WSTRUST,
0xe005000b, &user_pol,
acct_flags, &user_pol,
&user_rid);
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
if (!(r->in.join_flags &

View File

@ -1643,7 +1643,7 @@ NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_c
NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
POLICY_HND *domain_pol, const char *acct_name,
uint32 acb_info, uint32 access_mask,
uint32 acb_info, uint32 acct_flags,
POLICY_HND *user_pol, uint32 *rid)
{
prs_struct qbuf, rbuf;
@ -1658,7 +1658,7 @@ NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *me
/* Marshall data and send request */
init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, access_mask);
init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, acct_flags);
CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER,
q, r,

View File

@ -5172,7 +5172,7 @@ reads or writes a structure.
void init_samr_q_create_user(SAMR_Q_CREATE_USER * q_u,
POLICY_HND *pol,
const char *name,
uint32 acb_info, uint32 access_mask)
uint32 acb_info, uint32 acct_flags)
{
DEBUG(5, ("samr_init_samr_q_create_user\n"));
@ -5182,7 +5182,7 @@ void init_samr_q_create_user(SAMR_Q_CREATE_USER * q_u,
init_uni_hdr(&q_u->hdr_name, &q_u->uni_name);
q_u->acb_info = acb_info;
q_u->access_mask = access_mask;
q_u->acct_flags = acct_flags;
}
/*******************************************************************
@ -5213,7 +5213,7 @@ bool samr_io_q_create_user(const char *desc, SAMR_Q_CREATE_USER * q_u,
return False;
if(!prs_uint32("acb_info ", ps, depth, &q_u->acb_info))
return False;
if(!prs_uint32("access_mask", ps, depth, &q_u->access_mask))
if(!prs_uint32("acct_flags", ps, depth, &q_u->acct_flags))
return False;
return True;

View File

@ -1450,7 +1450,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
uint32 acb_info;
uint32 user_rid;
uint32 acct_flags, user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
if ((argc < 2) || (argc > 3)) {
@ -1459,7 +1459,7 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
}
acct_name = argv[1];
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
@ -1483,10 +1483,13 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
/* Create domain user */
acb_info = ACB_NORMAL;
access_mask = 0xe005000b;
acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS |
SAMR_USER_GETATTR | SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
acct_name, acb_info, access_mask,
acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result))

View File

@ -208,6 +208,7 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
uint32 num_rids, *name_types, *user_rids;
uint32 flags = 0x3e8;
uint32 acb_info = ACB_WSTRUST;
uint32 acct_flags;
uint32 fields_present;
uchar pwbuf[532];
SAM_USERINFO_CTR ctr;
@ -245,8 +246,13 @@ NTSTATUS netdom_join_domain( TALLOC_CTX *mem_ctx, struct cli_state *cli,
/* Don't try to set any acb_info flags other than ACB_WSTRUST */
acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
SAMR_USER_SETATTR;
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, 0xe005000b, &user_pol, &user_rid);
acct_name, acb_info, acct_flags, &user_pol, &user_rid);
if ( !NT_STATUS_IS_OK(status)
&& !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS))

View File

@ -588,7 +588,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
uint32 acb_info;
uint32 access_mask, user_rid;
uint32 acct_flags, user_rid;
if (argc < 1) {
d_printf("User must be specified\n");
@ -618,10 +618,13 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
/* Create domain user */
acb_info = ACB_NORMAL;
access_mask = 0xe005000b;
acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, access_mask,
acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;
@ -5341,7 +5344,8 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
uint32 acb_info;
uint32 unknown, user_rid;
uint32 acct_flags=0;
uint32 user_rid;
if (argc != 2) {
d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
@ -5375,11 +5379,13 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
/* Create trusting domain's account */
acb_info = ACB_NORMAL;
unknown = 0xe00500b0; /* No idea what this is - a permission mask?
mimir: yes, most probably it is */
acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
SAMR_USER_SETATTR;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info, unknown,
acct_name, acb_info, acct_flags,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;

View File

@ -160,6 +160,7 @@ int net_rpc_join_newstyle(int argc, const char **argv)
uint32 flags = 0x3e8;
char *acct_name;
const char *const_acct_name;
uint32 acct_flags=0;
/* check what type of join */
if (argc >= 0) {
@ -249,9 +250,14 @@ int net_rpc_join_newstyle(int argc, const char **argv)
strlower_m(acct_name);
const_acct_name = acct_name;
acct_flags = SAMR_GENERIC_READ | SAMR_GENERIC_WRITE |
SAMR_GENERIC_EXECUTE | SAMR_STANDARD_WRITEDAC |
SAMR_STANDARD_DELETE | SAMR_USER_SETPASS | SAMR_USER_GETATTR |
SAMR_USER_SETATTR;
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
acct_name, acb_info,
0xe005000b, &user_pol,
acct_flags, &user_pol,
&user_rid);
if (!NT_STATUS_IS_OK(result) &&