diff options
author | Luke Leighton <lkcl@samba.org> | 2000-04-09 05:49:34 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 2000-04-09 05:49:34 +0000 |
commit | d5498f171e680db68ccdecc4a98b9ebfdc65a0b0 (patch) | |
tree | 30f3c7010107bc1e08b21eba1ec0940dc9e88206 | |
parent | a2201182db9006a90754ceb3e0cf0c54a248572a (diff) | |
download | samba-d5498f171e680db68ccdecc4a98b9ebfdc65a0b0.tar.gz samba-d5498f171e680db68ccdecc4a98b9ebfdc65a0b0.tar.xz samba-d5498f171e680db68ccdecc4a98b9ebfdc65a0b0.zip |
- fixing cli_pipe.c asserts
- default client NETLOGON Schannel to false, server Schannel to Auto
- netlogond now sub-refers authentication requests if it's not in
its own SAM database. (yes, sounds horrible, doesn't it!)
-rw-r--r-- | source/netlogond/srv_netlogon_nt.c | 308 | ||||
-rw-r--r-- | source/param/loadparm.c | 4 | ||||
-rw-r--r-- | source/rpc_client/cli_pipe.c | 24 | ||||
-rw-r--r-- | source/rpc_parse/parse_net.c | 1 | ||||
-rw-r--r-- | source/rpcclient/cmd_samr.c | 135 |
5 files changed, 235 insertions, 237 deletions
diff --git a/source/netlogond/srv_netlogon_nt.c b/source/netlogond/srv_netlogon_nt.c index dc6eeaf7eb7..960aae992b2 100644 --- a/source/netlogond/srv_netlogon_nt.c +++ b/source/netlogond/srv_netlogon_nt.c @@ -66,8 +66,8 @@ static uint32 direct_samr_userinfo(const UNISTR2 *uni_user, status_sam = _samr_connect(NULL, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); if (status_sam == NT_STATUS_NOPROBLEMO) { - status_dom = _samr_open_domain(&sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + status_dom = _samr_open_domain(&sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, &global_sam_sid, &dom_pol); } if (status_dom == NT_STATUS_NOPROBLEMO) @@ -87,11 +87,11 @@ static uint32 direct_samr_userinfo(const UNISTR2 *uni_user, } if (status_usr == NT_STATUS_NOPROBLEMO) { - status_usr = _samr_open_user(&dom_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + status_usr = _samr_open_user(&dom_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, &usr_pol); } - DEBUG(10,("_samr_open_user: status %x\n", status_usr)); + DEBUG(10, ("_samr_open_user: status %x\n", status_usr)); if (status_usr == NT_STATUS_NOPROBLEMO) { if (!set && gids != NULL && num_grps != NULL) @@ -99,7 +99,8 @@ static uint32 direct_samr_userinfo(const UNISTR2 *uni_user, status_grp = _samr_query_usergroups(&usr_pol, num_grps, gids); } - DEBUG(10,("_samr_query_usergroups: status %x\n", status_grp)); + DEBUG(10, + ("_samr_query_usergroups: status %x\n", status_grp)); if (set) { status_pwd = _samr_set_userinfo(&usr_pol, level, ctr); @@ -211,24 +212,12 @@ static uint32 net_login_interactive(const NET_ID_INFO_1 * id1, { const UNISTR2 *uni_samusr = &id1->uni_user_name; uint32 status = NT_STATUS_NOPROBLEMO; + SAM_USERINFO_CTR ctr; char nt_pwd[16]; char lm_pwd[16]; unsigned char key[16]; - SAM_USERINFO_CTR ctr; - - become_root(True); - status = direct_samr_userinfo(uni_samusr, 0x12, &ctr, - NULL, NULL, False); - unbecome_root(True); - - if (status != NT_STATUS_NOPROBLEMO) - { - free_samr_userinfo_ctr(&ctr); - return status; - } - memset(key, 0, 16); memcpy(key, dc->sess_key, 8); @@ -246,6 +235,16 @@ static uint32 net_login_interactive(const NET_ID_INFO_1 * id1, dump_data_pw("decrypt of lm owf password:", lm_pwd, 16); dump_data_pw("decrypt of nt owf password:", nt_pwd, 16); + become_root(True); + status = direct_samr_userinfo(uni_samusr, 0x12, &ctr, + NULL, NULL, False); + unbecome_root(True); + if (status != NT_STATUS_NOPROBLEMO) + { + free_samr_userinfo_ctr(&ctr); + return status; + } + if (memcmp(ctr.info.id12->lm_pwd, lm_pwd, 16) != 0 || memcmp(ctr.info.id12->nt_pwd, nt_pwd, 16) != 0) { @@ -253,7 +252,6 @@ static uint32 net_login_interactive(const NET_ID_INFO_1 * id1, } free_samr_userinfo_ctr(&ctr); - return status; } @@ -266,22 +264,17 @@ static uint32 net_login_general(const NET_ID_INFO_4 * id4, fstring user; fstring domain; const char *general; - int pw_len = id4->str_general.str_str_len; - unistr2_to_ascii(user, &id4->uni_user_name, sizeof(user) - 1); unistr2_to_ascii(domain, &id4->uni_domain_name, sizeof(domain) - 1); general = id4->str_general.buffer; - DEBUG(5, ("net_login_general: user:%s domain:%s", user, domain)); #ifdef DEBUG_PASSWORD DEBUG(100, ("password:%s", general)); #endif DEBUG(5, ("\n")); - DEBUG(0, ("net_login_general: TODO - \"update encrypted\" disabled\n")); - if (pass_check(user, general, pw_len, NULL, #if 0 lp_update_encrypted()? update_smbpassword_file : @@ -289,24 +282,19 @@ static uint32 net_login_general(const NET_ID_INFO_4 * id4, NULL)) { unsigned char key[16]; - memset(key, 0, 16); memcpy(key, dc->sess_key, 8); - #ifdef DEBUG_PASSWORD DEBUG(100, ("key:")); dump_data(100, key, 16); - DEBUG(100, ("user sess key:")); dump_data(100, usr_sess_key, 16); #endif SamOEMhash((uchar *) usr_sess_key, key, 0); - #ifdef DEBUG_PASSWORD DEBUG(100, ("encrypt of user session key:")); dump_data(100, usr_sess_key, 16); #endif - return NT_STATUS_NOPROBLEMO; } @@ -316,6 +304,50 @@ static uint32 net_login_general(const NET_ID_INFO_4 * id4, /************************************************************************* net_login_network: *************************************************************************/ +static uint32 remote_net_login_network(const NET_ID_INFO_2 * id2, + struct dcinfo *dc, + NET_USER_INFO_3 * usr) +{ + const UNISTR2 *uni_samusr = &id2->uni_user_name; + const UNISTR2 *uni_samnam = &id2->uni_domain_name; + fstring user; + fstring domain; + unsigned char key[16]; + uint32 status; + int nt_pw_len = id2->hdr_nt_chal_resp.str_str_len; + int lm_pw_len = id2->hdr_lm_chal_resp.str_str_len; + unistr2_to_ascii(user, uni_samusr, sizeof(user) - 1); + unistr2_to_ascii(domain, uni_samnam, sizeof(domain) - 1); + DEBUG(5, + ("remote_net_login_network: lm_len:%d nt_len:%d user:%s domain:%s\n", + lm_pw_len, nt_pw_len, user, domain)); + status = check_domain_security(user, domain, + id2->lm_chal, + (const uchar *)id2-> + lm_chal_resp.buffer, lm_pw_len, + (const uchar *)id2-> + nt_chal_resp.buffer, nt_pw_len, usr); + if (status != 0x0) + { + return status; + } + + memset(key, 0, 16); + memcpy(key, dc->sess_key, 8); + dump_data_pw("key:", key, 16); + dump_data_pw("user sess key:", usr->user_sess_key, 16); + dump_data_pw("lm_pw8:", usr->padding, 16); + SamOEMhash((uchar *) usr->padding, key, 3); + SamOEMhash((uchar *) usr->user_sess_key, key, 0); + dump_data_pw("encrypt of user session key:", usr->user_sess_key, 16); + dump_data_pw("encrypt of lm_pw8:", usr->padding, 16); + + return status; +} + +/************************************************************************* + net_login_network: + *************************************************************************/ static uint32 net_login_network(const NET_ID_INFO_2 * id2, uint16 acb_info, struct dcinfo *dc, @@ -324,11 +356,9 @@ static uint32 net_login_network(const NET_ID_INFO_2 * id2, const UNISTR2 *uni_samusr = &id2->uni_user_name; fstring user; fstring domain; - SAM_USERINFO_CTR ctr; - + unsigned char key[16]; uint32 status; - int nt_pw_len = id2->hdr_nt_chal_resp.str_str_len; int lm_pw_len = id2->hdr_lm_chal_resp.str_str_len; @@ -336,8 +366,8 @@ static uint32 net_login_network(const NET_ID_INFO_2 * id2, unistr2_to_ascii(domain, &id2->uni_domain_name, sizeof(domain) - 1); become_root(True); - status = direct_samr_userinfo(uni_samusr, 0x12, &ctr, - NULL, NULL, False); + status = direct_samr_userinfo(uni_samusr, 0x12, &ctr, NULL, NULL, + False); unbecome_root(True); if (status != NT_STATUS_NOPROBLEMO) @@ -350,41 +380,32 @@ static uint32 net_login_network(const NET_ID_INFO_2 * id2, ("net_login_network: lm_len:%d nt_len:%d user:%s domain:%s\n", lm_pw_len, nt_pw_len, user, domain)); - if (smb_password_ok(acb_info, ctr.info.id12->lm_pwd, - ctr.info.id12->nt_pwd, - id2->lm_chal, - user, domain, - (const uchar *)id2->lm_chal_resp.buffer, - lm_pw_len, - (const uchar *)id2->nt_chal_resp.buffer, - nt_pw_len, usr_sess_key)) + if (!smb_password_ok(acb_info, ctr.info.id12->lm_pwd, + ctr.info.id12->nt_pwd, + id2->lm_chal, + user, domain, + (const uchar *)id2->lm_chal_resp.buffer, + lm_pw_len, + (const uchar *)id2->nt_chal_resp.buffer, + nt_pw_len, usr_sess_key)) { - unsigned char key[16]; - - memcpy(lm_pw8, ctr.info.id12->lm_pwd, 8); - - memset(key, 0, 16); - memcpy(key, dc->sess_key, 8); - - dump_data_pw("key:", key, 16); - dump_data_pw("user sess key:", usr_sess_key, 16); - dump_data_pw("lm_pw8:", lm_pw8, 16); - - SamOEMhash((uchar *) lm_pw8, key, 3); - SamOEMhash((uchar *) usr_sess_key, key, 0); + free_samr_userinfo_ctr(&ctr); + return NT_STATUS_WRONG_PASSWORD; + } - dump_data_pw("encrypt of user session key:", usr_sess_key, - 16); - dump_data_pw("encrypt of lm_pw8:", lm_pw8, 16); + memcpy(lm_pw8, ctr.info.id12->lm_pwd, 8); + memset(key, 0, 16); + memcpy(key, dc->sess_key, 8); + dump_data_pw("key:", key, 16); + dump_data_pw("user sess key:", usr_sess_key, 16); + dump_data_pw("lm_pw8:", lm_pw8, 16); + SamOEMhash((uchar *) lm_pw8, key, 3); + SamOEMhash((uchar *) usr_sess_key, key, 0); + dump_data_pw("encrypt of user session key:", usr_sess_key, 16); + dump_data_pw("encrypt of lm_pw8:", lm_pw8, 16); - status = NT_STATUS_NOPROBLEMO; - } - else - { - status = NT_STATUS_WRONG_PASSWORD; - } free_samr_userinfo_ctr(&ctr); - return status; + return NT_STATUS_NOPROBLEMO; } /************************************************************************* @@ -392,24 +413,17 @@ static uint32 net_login_network(const NET_ID_INFO_2 * id2, *************************************************************************/ uint32 _net_req_chal(const UNISTR2 *uni_logon_server, const UNISTR2 *uni_logon_client, - const DOM_CHAL * clnt_chal, - DOM_CHAL * srv_chal) + const DOM_CHAL * clnt_chal, DOM_CHAL * srv_chal) { fstring trust_acct; fstring trust_name; - struct dcinfo dc; - ZERO_STRUCT(dc); - unistr2_to_ascii(trust_acct, uni_logon_client, sizeof(trust_acct) - 1); - fstrcpy(trust_name, trust_acct); strlower(trust_name); - fstrcat(trust_acct, "$"); - if (!get_md4pw((char *)dc.md4pw, trust_name, trust_acct)) { /* lkclXXXX take a guess at a good error message to return :-) */ @@ -423,6 +437,7 @@ uint32 _net_req_chal(const UNISTR2 *uni_logon_server, /* create a server challenge for the client */ /* Set these to random values. */ + generate_random_buffer(srv_chal->data, sizeof(srv_chal->data), False); /* copy the server credentials */ @@ -435,7 +450,6 @@ uint32 _net_req_chal(const UNISTR2 *uni_logon_server, /* from client / server challenges and md4 password, generate sess key */ cred_session_key(&(dc.clnt_chal), &(dc.srv_chal), (char *)dc.md4pw, dc.sess_key); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -464,7 +478,6 @@ static BOOL make_netinfo_3(NETLOGON_INFO_3 * info, uint32 flags, info->reserved_3 = 0x0; info->reserved_4 = 0x0; info->reserved_5 = 0x0; - return True; } @@ -477,7 +490,6 @@ static BOOL make_netinfo_1(NETLOGON_INFO_1 * info, uint32 flags, { info->flags = flags; info->pdc_status = pdc_status; - return True; } @@ -493,7 +505,6 @@ static BOOL make_netinfo_2(NETLOGON_INFO_2 * info, uint32 flags, info->pdc_status = pdc_status; info->ptr_trusted_dc_name = 1; info->tc_status = tc_status; - if (trusted_dc_name != NULL) { make_unistr2(&(info->uni_trusted_dc_name), trusted_dc_name, @@ -523,9 +534,7 @@ uint32 _net_logon_ctrl2(const UNISTR2 *uni_server_name, uint32 logon_attempts = 0x0; uint32 tc_status = ERROR_NO_LOGON_SERVERS; char *trusted_domain = "test_domain"; - *reply_switch_value = query_level; - switch (query_level) { case 1: @@ -542,8 +551,7 @@ uint32 _net_logon_ctrl2(const UNISTR2 *uni_server_name, case 3: { make_netinfo_3(&logon_info->info3, flags, - logon_attempts); - break; + logon_attempts); break; } default: { @@ -564,20 +572,15 @@ uint32 _net_trust_dom_list(const UNISTR2 *uni_server_name, { char **doms = NULL; uint32 num_doms = 0; - enumtrustdoms(&doms, &num_doms); - make_buffer2_multi(uni_trust_dom_name, doms, num_doms); - if (num_doms == 0) { uni_trust_dom_name->buf_max_len = 0x2; uni_trust_dom_name->buf_len = 0x2; } uni_trust_dom_name->undoc = 0x1; - free_char_array(num_doms, doms); - return NT_STATUS_NOPROBLEMO; } @@ -588,19 +591,16 @@ uint32 _net_auth(const UNISTR2 *uni_logon_srv, const UNISTR2 *uni_acct_name, uint16 sec_chan, const UNISTR2 *uni_comp_name, - const DOM_CHAL * clnt_chal, - DOM_CHAL * srv_chal) + const DOM_CHAL * clnt_chal, DOM_CHAL * srv_chal) { UTIME srv_time; fstring trust_name; struct dcinfo dc; ZERO_STRUCT(dc); - srv_time.time = 0; unistr2_to_ascii(trust_name, uni_comp_name, sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -640,19 +640,16 @@ uint32 _net_auth_2(const UNISTR2 *uni_logon_srv, const UNISTR2 *uni_comp_name, const DOM_CHAL * clnt_chal, const NEG_FLAGS * clnt_flgs, - DOM_CHAL * srv_chal, - NEG_FLAGS * srv_flgs) + DOM_CHAL * srv_chal, NEG_FLAGS * srv_flgs) { UTIME srv_time; fstring trust_name; struct dcinfo dc; ZERO_STRUCT(dc); - srv_time.time = 0; unistr2_to_ascii(trust_name, uni_comp_name, sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -674,7 +671,6 @@ uint32 _net_auth_2(const UNISTR2 *uni_logon_srv, sizeof(clnt_chal->data)); memcpy(dc.srv_cred.challenge.data, clnt_chal->data, sizeof(clnt_chal->data)); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -682,7 +678,6 @@ uint32 _net_auth_2(const UNISTR2 *uni_logon_srv, /* mask out unsupported bits */ srv_flgs->neg_flags = clnt_flgs->neg_flags & 0x400001ff; - /* minimum bits required */ if (!IS_BITS_SET_ALL(srv_flgs->neg_flags, 0x000000ff)) { @@ -714,13 +709,11 @@ uint32 _net_srv_pwset(const UNISTR2 *uni_logon_srv, uint16 sec_chan, const UNISTR2 *uni_comp_name, const DOM_CRED * clnt_cred, - const uint8 pwd[16], - DOM_CRED * srv_cred) + const uint8 pwd[16], DOM_CRED * srv_cred) { pstring trust_acct; unsigned char hash3_pwd[16]; uint32 status_pwd; - fstring trust_name; struct dcinfo dc; SAM_USERINFO_CTR ctr; @@ -728,7 +721,6 @@ uint32 _net_srv_pwset(const UNISTR2 *uni_logon_srv, ZERO_STRUCT(dc); unistr2_to_ascii(trust_name, uni_comp_name, sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -743,23 +735,21 @@ uint32 _net_srv_pwset(const UNISTR2 *uni_logon_srv, } memcpy(&(dc.srv_cred), &(dc.clnt_cred), sizeof(dc.clnt_cred)); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; } unistr2_to_ascii(trust_acct, uni_acct_name, sizeof(trust_acct) - 1); - DEBUG(3, ("Server Password Set Wksta:[%s]\n", trust_acct)); /* get info for trust account */ ZERO_STRUCT(ctr); + become_root(True); status_pwd = direct_samr_userinfo(uni_acct_name, 0x12, &ctr, NULL, NULL, False); unbecome_root(True); - if (status_pwd != NT_STATUS_NOPROBLEMO) { free_samr_userinfo_ctr(&ctr); @@ -769,7 +759,6 @@ uint32 _net_srv_pwset(const UNISTR2 *uni_logon_srv, /* Some debug output, needed an iterater variable */ { int i; - DEBUG(100, ("Server password set : new given value was :\n")); for (i = 0; i < 16; i++) { @@ -807,50 +796,42 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, const NET_ID_INFO_CTR * id_ctr, uint16 validation_level, DOM_CRED * srv_creds, - NET_USER_INFO_CTR * uctr, - uint32 *auth_resp) + NET_USER_INFO_CTR * uctr, uint32 *auth_resp) { const UNISTR2 *uni_samusr = NULL; const UNISTR2 *uni_domain = NULL; fstring nt_username; + fstring nt_samname; char *enc_user_sess_key = NULL; char usr_sess_key[16]; char lm_pw8[16]; char *padding = NULL; uint32 status_pwd = 0x0; SAM_USERINFO_CTR ctr; - NTTIME logon_time; NTTIME logoff_time; NTTIME kickoff_time; NTTIME pass_last_set_time; NTTIME pass_can_change_time; NTTIME pass_must_change_time; - UNISTR2 *uni_nt_name; UNISTR2 *uni_full_name; UNISTR2 *uni_logon_script; UNISTR2 *uni_profile_path; UNISTR2 *uni_home_dir; UNISTR2 *uni_dir_drive; - uint32 user_rid; uint32 group_rid; - int num_gids = 0; DOM_GID *gids = NULL; - fstring trust_name; struct dcinfo dc; uint16 acb_info; - UNISTR2 uni_myname; UNISTR2 uni_sam_name; - uint32 status = NT_STATUS_NOPROBLEMO; unistr2_to_ascii(trust_name, uni_comp_name, sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -864,7 +845,6 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, } memcpy(&dc.srv_cred, &dc.clnt_cred, sizeof(dc.clnt_cred)); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -878,30 +858,21 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, { uni_samusr = &id_ctr->auth.id1.uni_user_name; uni_domain = &id_ctr->auth.id1.uni_domain_name; - - DEBUG(3, - ("SAM Logon (Interactive). Domain:[%s]. ", - global_sam_name)); + DEBUG(3, ("SAM Logon (Interactive).")); break; } case NETWORK_LOGON_TYPE: { uni_samusr = &id_ctr->auth.id2.uni_user_name; uni_domain = &id_ctr->auth.id2.uni_domain_name; - - DEBUG(3, - ("SAM Logon (Network). Domain:[%s]. ", - global_sam_name)); + DEBUG(3, ("SAM Logon (Network). ")); break; } case GENERAL_LOGON_TYPE: { uni_samusr = &id_ctr->auth.id4.uni_user_name; uni_domain = &id_ctr->auth.id4.uni_domain_name; - - DEBUG(3, - ("SAM Logon (General). Domain:[%s]. ", - global_sam_name)); + DEBUG(3, ("SAM Logon (General). ")); break; } default: @@ -914,8 +885,39 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, /* check username exists */ unistr2_to_ascii(nt_username, uni_samusr, sizeof(nt_username) - 1); + unistr2_to_ascii(nt_samname, uni_domain, sizeof(nt_samname) - 1); - DEBUG(3, ("User:[%s]\n", nt_username)); + DEBUG(3, ("Domain:[%s] User:[%s]\n", nt_samname, nt_username)); + + /* + * call up to a PDC if it's not our own SAM database. + */ + if (!strequal(nt_samname, global_sam_name)) + { + uctr->usr.id3 = g_new(NET_USER_INFO_3, 1); + if (uctr->usr.id3 == NULL) + { + return NT_STATUS_INVALID_PARAMETER; + } + + (*auth_resp) = 0; + switch (logon_level) + { + case NETWORK_LOGON_TYPE: + { + return remote_net_login_network(&id_ctr->auth. + id2, &dc, + uctr->usr. + id3);} + case GENERAL_LOGON_TYPE: + case INTERACTIVE_LOGON_TYPE: + default: + { + return NT_STATUS_ACCESS_DENIED; + } + } + return NT_STATUS_ACCESS_DENIED; + } /* * IMPORTANT: do a General Login BEFORE the others, @@ -934,7 +936,6 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, net_login_general(&id_ctr->auth.id4, &dc, usr_sess_key); enc_user_sess_key = usr_sess_key; - if (status != NT_STATUS_NOPROBLEMO) { return status; @@ -950,7 +951,6 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, status_pwd = direct_samr_userinfo(uni_samusr, 21, &ctr, &gids, &num_gids, False); unbecome_root(True); - if (status_pwd != NT_STATUS_NOPROBLEMO) { free_samr_userinfo_ctr(&ctr); @@ -984,19 +984,16 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, pass_last_set_time = ctr.info.id21->pass_last_set_time; pass_can_change_time = ctr.info.id21->pass_can_change_time; pass_must_change_time = ctr.info.id21->pass_must_change_time; - uni_nt_name = &ctr.info.id21->uni_user_name; uni_full_name = &ctr.info.id21->uni_full_name; uni_home_dir = &ctr.info.id21->uni_home_dir; uni_dir_drive = &ctr.info.id21->uni_dir_drive; uni_logon_script = &ctr.info.id21->uni_logon_script; uni_profile_path = &ctr.info.id21->uni_profile_path; - user_rid = ctr.info.id21->user_rid; group_rid = ctr.info.id21->group_rid; /* validate password - if required */ - if (!(IS_BITS_SET_ALL(acb_info, ACB_PWNOTREQ))) { switch (logon_level) @@ -1005,8 +1002,8 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, { /* interactive login. */ status = - net_login_interactive(&id_ctr-> - auth.id1, &dc); + net_login_interactive(&id_ctr->auth. + id1, &dc); (*auth_resp) = 1; break; } @@ -1046,7 +1043,6 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, make_unistr2(&uni_myname, global_myname, strlen(global_myname)); make_unistr2(&uni_sam_name, global_sam_name, strlen(global_sam_name)); - switch (validation_level) { case 2: @@ -1069,8 +1065,7 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, group_rid, num_gids, gids, 0x20, enc_user_sess_key, &uni_myname, &uni_sam_name, padding, - &global_sam_sid); - break; + &global_sam_sid); break; } case 3: { @@ -1094,9 +1089,7 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, gids, 0x20, enc_user_sess_key, &uni_myname, &uni_sam_name, padding, - &global_sam_sid, NULL); - break; - } + &global_sam_sid, NULL); break;} default: { status = NT_STATUS_INVALID_INFO_CLASS; @@ -1107,7 +1100,6 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, /* Free any allocated groups array. */ safe_free(gids); free_samr_userinfo_ctr(&ctr); - if (status != NT_STATUS_NOPROBLEMO) { return status; @@ -1119,17 +1111,15 @@ uint32 _net_sam_logon(const UNISTR2 *uni_logon_srv, /************************************************************************* _net_sam_logoff *************************************************************************/ -uint32 _net_sam_logoff(const DOM_SAM_INFO * sam_id, - DOM_CRED * srv_creds) +uint32 _net_sam_logoff(const DOM_SAM_INFO * sam_id, DOM_CRED * srv_creds) { fstring trust_name; struct dcinfo dc; ZERO_STRUCT(dc); - - unistr2_to_ascii(trust_name, &(sam_id->client.login.uni_comp_name), + unistr2_to_ascii(trust_name, + &(sam_id->client.login.uni_comp_name), sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -1143,7 +1133,6 @@ uint32 _net_sam_logoff(const DOM_SAM_INFO * sam_id, } memcpy(&(dc.srv_cred), &(dc.clnt_cred), sizeof(dc.clnt_cred)); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -1168,24 +1157,18 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, SAM_DELTA_HDR * hdr_deltas, SAM_DELTA_CTR * deltas) { fstring trust_name; - int i = 0; - POLICY_HND sam_pol; POLICY_HND dom_pol; - uint32 enum_status; - SAM_ENTRY *sam = NULL; UNISTR2 *uni_acct_name = NULL; uint32 start_idx = 0x0; uint32 num_sam_users = 0; uint32 idx; - struct dcinfo dc; unistr2_to_ascii(trust_name, uni_cli_name, sizeof(trust_name) - 1); - if (!cred_get(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; @@ -1199,16 +1182,14 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, } memcpy(&dc.srv_cred, &dc.clnt_cred, sizeof(dc.clnt_cred)); - if (!cred_store(global_sam_name, trust_name, &dc)) { return NT_STATUS_ACCESS_DENIED; } (*sync_context) = 1; - - if (_samr_connect(NULL, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) != - NT_STATUS_NOPROBLEMO) + if (_samr_connect(NULL, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) != + NT_STATUS_NOPROBLEMO) { return NT_STATUS_ACCESS_DENIED; } @@ -1232,7 +1213,6 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, &sam, &uni_acct_name, &num_sam_users); - } while (enum_status == STATUS_MORE_ENTRIES); @@ -1241,18 +1221,15 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, SAM_USERINFO_CTR ctr; POLICY_HND usr_pol; uint32 status_usr = NT_STATUS_NOPROBLEMO; - ZERO_STRUCT(ctr); - status_usr = - _samr_open_user(&dom_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, - sam[idx].rid, &usr_pol); + _samr_open_user(&dom_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, + sam[idx].rid, &usr_pol); if (status_usr == NT_STATUS_NOPROBLEMO && _samr_query_userinfo(&usr_pol, 0x21, &ctr) == NT_STATUS_NOPROBLEMO) { SAM_USER_INFO_21 *usr = ctr.info.id21; - make_sam_delta_hdr(&hdr_deltas[i], 5, usr->user_rid); make_sam_account_info(&deltas[i].account_info, &usr->uni_user_name, @@ -1267,7 +1244,6 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, &usr->uni_workstations, &usr->uni_unknown_str, &usr->uni_munged_dial); - i++; free_samr_userinfo_ctr(&ctr); } diff --git a/source/param/loadparm.c b/source/param/loadparm.c index 4d7f44413b8..3330451cc65 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -1119,8 +1119,8 @@ static void init_globals(void) /* NETLOGON Secure Channel */ - Globals.bClientSChannel = Auto; - Globals.bServerSChannel = False; + Globals.bClientSChannel = False; + Globals.bServerSChannel = Auto; /* NTLMv2 */ diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index 6a1e7e5b273..71c5cd216df 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -1013,24 +1013,20 @@ BOOL rpc_pipe_bind(struct cli_connection *con, if (valid_ack && auth->decode_bind_resp != NULL) { valid_ack = auth->decode_bind_resp(con, &rdata); + } + + if (valid_ack && auth->create_bind_cont != NULL) + { + prs_struct dataa; + prs_init(&dataa, 0, 4, False); + valid_ack = auth->create_bind_cont(con, &dataa, + rpc_call_id); if (valid_ack) { - prs_struct dataa; - prs_init(&dataa, 0, 4, False); - - SMB_ASSERT(auth->create_bind_cont != NULL); - - valid_ack = - auth->create_bind_cont(con, &dataa, - rpc_call_id); - if (valid_ack) - { - valid_ack = - rpc_api_write(con, &dataa); - } - prs_free_data(&dataa); + valid_ack = rpc_api_write(con, &dataa); } + prs_free_data(&dataa); } } diff --git a/source/rpc_parse/parse_net.c b/source/rpc_parse/parse_net.c index eb223c9c7bc..03753c4d3d2 100644 --- a/source/rpc_parse/parse_net.c +++ b/source/rpc_parse/parse_net.c @@ -2086,6 +2086,7 @@ void free_net_user_info_ctr(NET_USER_INFO_CTR * ctr) return; safe_free(ctr->usr.id); + ctr->usr.id = NULL; } /******************************************************************* diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c index d93cd89be89..3d9d9662d51 100644 --- a/source/rpcclient/cmd_samr.c +++ b/source/rpcclient/cmd_samr.c @@ -40,7 +40,7 @@ static void sam_display_domain(const char *domain) report(out_hnd, "Domain Name: %s\n", domain); } -static void sam_display_dom_info(const char *domain, const DOM_SID * sid, +static void sam_display_dom_info(const char *domain, const DOM_SID *sid, uint32 switch_value, SAM_UNK_CTR * ctr) { fstring sidstr; @@ -51,7 +51,7 @@ static void sam_display_dom_info(const char *domain, const DOM_SID * sid, display_sam_unk_ctr(out_hnd, ACTION_FOOTER, switch_value, ctr); } -static void sam_display_alias_info(const char *domain, const DOM_SID * sid, +static void sam_display_alias_info(const char *domain, const DOM_SID *sid, uint32 alias_rid, ALIAS_INFO_CTR * const ctr) { @@ -60,18 +60,18 @@ static void sam_display_alias_info(const char *domain, const DOM_SID * sid, display_alias_info_ctr(out_hnd, ACTION_FOOTER, ctr); } -static void sam_display_alias(const char *domain, const DOM_SID * sid, +static void sam_display_alias(const char *domain, const DOM_SID *sid, uint32 alias_rid, const char *alias_name) { report(out_hnd, "Alias RID: %8x Alias Name: %s\n", alias_rid, alias_name); } -static void sam_display_alias_members(const char *domain, const DOM_SID * sid, +static void sam_display_alias_members(const char *domain, const DOM_SID *sid, uint32 alias_rid, const char *alias_name, uint32 num_names, - DOM_SID * const *const sids, + DOM_SID *const *const sids, char *const *const name, uint32 *const type) { @@ -81,7 +81,7 @@ static void sam_display_alias_members(const char *domain, const DOM_SID * sid, display_alias_members(out_hnd, ACTION_FOOTER, num_names, name, type); } -static void sam_display_group_info(const char *domain, const DOM_SID * sid, +static void sam_display_group_info(const char *domain, const DOM_SID *sid, uint32 group_rid, GROUP_INFO_CTR * const ctr) { @@ -90,14 +90,14 @@ static void sam_display_group_info(const char *domain, const DOM_SID * sid, display_group_info_ctr(out_hnd, ACTION_FOOTER, ctr); } -static void sam_display_group(const char *domain, const DOM_SID * sid, +static void sam_display_group(const char *domain, const DOM_SID *sid, uint32 group_rid, const char *group_name) { report(out_hnd, "Group RID: %8x Group Name: %s\n", group_rid, group_name); } -static void sam_display_group_members(const char *domain, const DOM_SID * sid, +static void sam_display_group_members(const char *domain, const DOM_SID *sid, uint32 group_rid, const char *group_name, uint32 num_names, @@ -111,7 +111,7 @@ static void sam_display_group_members(const char *domain, const DOM_SID * sid, display_group_members(out_hnd, ACTION_FOOTER, num_names, name, type); } -static void sam_display_user_info(const char *domain, const DOM_SID * sid, +static void sam_display_user_info(const char *domain, const DOM_SID *sid, uint32 user_rid, SAM_USERINFO_CTR * const ctr) { @@ -124,7 +124,7 @@ static void sam_display_user_info(const char *domain, const DOM_SID * sid, } } -static void sam_display_user(const char *domain, const DOM_SID * sid, +static void sam_display_user(const char *domain, const DOM_SID *sid, uint32 user_rid, const char *user_name) { report(out_hnd, "User RID: %8x User Name: %s\n", @@ -169,14 +169,15 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) } else { - safe_strcpy(domain, usr_creds->ntc.domain, sizeof(domain) - 1); + safe_strcpy(domain, usr_creds->ntc.domain, + sizeof(domain) - 1); safe_strcpy(acct_name, usr_creds->ntc.user_name, sizeof(acct_name) - 1); pwd_get_lm_nt_16(&(usr_creds->ntc.pwd), lm_oldhash, nt_oldhash); } - report(out_hnd,"User: %s Domain: %s\n", acct_name, domain); + report(out_hnd, "User: %s Domain: %s\n", acct_name, domain); pwd = (char *)getpass("New Password: "); ZERO_STRUCT(new_passwd); @@ -191,7 +192,7 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[]) { fstrcpy(new_passwd2, pwd); } - + if (!strequal(new_passwd, new_passwd2)) { report(out_hnd, "New passwords differ!\n"); @@ -285,11 +286,11 @@ void cmd_sam_lookup_domain(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_query_lookup_domain(&sam_pol, domain, - &dom_sid) : False; + &dom_sid) : False; res = res ? samr_close(&sam_pol) : False; @@ -312,7 +313,7 @@ Lookup names in SAM server. ****************************************************************************/ static void fill_domain_sid(const char *srv_name, const char *new_domain, char *domain, - DOM_SID * sid) + DOM_SID *sid) { uint32 ret; DOM_SID new_sid; @@ -409,7 +410,7 @@ void cmd_sam_lookup_names(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &pol_sam) : False; + &pol_sam) : False; /* connect to the domain */ res = res ? samr_open_domain(&pol_sam, ace_perms, &sid_dom, @@ -530,7 +531,7 @@ void cmd_sam_lookup_rids(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &pol_sam) : False; + &pol_sam) : False; /* connect to the domain */ res = res ? samr_open_domain(&pol_sam, ace_perms, &sid_dom, @@ -623,7 +624,7 @@ void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -641,7 +642,7 @@ void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[]) /* get a sid, delete a member from the alias */ res2 = res2 ? string_to_sid(&member_sid, argv[0]) : False; res2 = res2 ? samr_del_aliasmem(&alias_pol, - &member_sid) : False; + &member_sid) : False; if (res2) { @@ -720,8 +721,8 @@ void cmd_sam_delete_dom_alias(struct client_info *info, int argc, report(out_hnd, "SAM Delete Domain Alias\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -829,8 +830,8 @@ void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Domain Alias Member\n"); /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy(srv_name, &lsa_pol, True, - SEC_RIGHTS_MAXIMUM_ALLOWED) : False; + res3 = res3 ? lsa_open_policy(srv_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res4 = res3 ? lsa_lookup_names(&lsa_pol, @@ -863,7 +864,7 @@ void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1091,7 +1092,8 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) } case 'p': { - safe_strcpy(ascii_pwd, optarg, sizeof(ascii_pwd) - 1); + safe_strcpy(ascii_pwd, optarg, + sizeof(ascii_pwd) - 1); use_ascii_pwd = True; break; } @@ -1144,9 +1146,30 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) return; } + if (join_domain) + { + fstrcpy(domain, join_dom_name); + if (!get_any_dc_name(domain, srv_name)) + { + report(out_hnd, + "could not locate server for domain %s\n", + domain); + return; + } + + if (msrpc_sam_get_first_domain(srv_name, domain, &sid1) != + 0x0) + { + report(out_hnd, + "could not find SID for domain %s\n", domain); + return; + } + } + report(out_hnd, "Domain: %s Name: %s ACB: %s\n", domain, acct_name, - pwdb_encode_acct_ctrl(acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN)); + pwdb_encode_acct_ctrl(acb_info, + NEW_PW_FORMAT_SPACE_PADDED_LEN)); if (acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST) { @@ -1169,14 +1192,16 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) } else { - safe_strcpy(ascii_pwd, name, sizeof(ascii_pwd)-1); + safe_strcpy(ascii_pwd, name, sizeof(ascii_pwd) - 1); strlower(ascii_pwd); use_ascii_pwd = True; report(out_hnd, - "Resetting Trust Account to insecure, initial, well-known value: \"%s\"\n", ascii_pwd); + "Resetting Trust Account to insecure, initial, well-known value: \"%s\"\n", + ascii_pwd); report(out_hnd, - "%s can now be joined to the domain, which should\n", name); + "%s can now be joined to the domain, which should\n", + name); report(out_hnd, "be done on a private, secure network as soon as possible\n"); } @@ -1201,8 +1226,8 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) * local copy-of trust account out-of-sync with the * remote one, and you're stuffed! */ - res = lsa_open_policy(wks_name, &lsa_pol, True, - SEC_RIGHTS_MAXIMUM_ALLOWED); + res = lsa_open_policy(wks_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED); if (!res) { @@ -1330,7 +1355,7 @@ void cmd_sam_create_dom_alias(struct client_info *info, int argc, { report(out_hnd, "createalias: <acct name> [acct description]\n"); - return; + return; } acct_name = argv[1]; @@ -1350,7 +1375,7 @@ void cmd_sam_create_dom_alias(struct client_info *info, int argc, /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1431,7 +1456,7 @@ void cmd_sam_del_groupmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1528,7 +1553,7 @@ void cmd_sam_delete_dom_user(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x0200, &sid1, @@ -1637,7 +1662,7 @@ void cmd_sam_delete_dom_group(struct client_info *info, int argc, /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1762,7 +1787,7 @@ void cmd_sam_add_groupmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res4 = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1927,7 +1952,7 @@ void cmd_sam_create_dom_group(struct client_info *info, int argc, { report(out_hnd, "creategroup: <acct name> [acct description]\n"); - return; + return; } acct_name = argv[1]; @@ -1948,7 +1973,7 @@ void cmd_sam_create_dom_group(struct client_info *info, int argc, /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -2103,7 +2128,7 @@ void cmd_sam_query_groupmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2200,7 +2225,7 @@ void cmd_sam_query_group(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2298,7 +2323,7 @@ void cmd_sam_query_sec_obj(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2446,7 +2471,7 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2592,11 +2617,11 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sid, &pol_dom) : False; + &sid, &pol_dom) : False; /* look up user rid */ names[0] = user_name; @@ -2611,7 +2636,7 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) void *usr = NULL; uint32 switch_value = 0; - SAM_USER_INFO_12 *p= g_new(SAM_USER_INFO_12, 1); + SAM_USER_INFO_12 *p = g_new(SAM_USER_INFO_12, 1); usr = (void *)p; switch_value = 0x12; @@ -2638,7 +2663,7 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) SAM_USER_INFO_10 *p = g_new(SAM_USER_INFO_10, 1); p->acb_info = ctr.info.id10->acb_info; DEBUG(10, ("acb_info: %x set: %x clr: %x\n", - p->acb_info, acb_set, acb_clr)); + p->acb_info, acb_set, acb_clr)); if (set_acb_bits) { p->acb_info |= acb_set; @@ -2650,7 +2675,7 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) } DEBUG(10, ("acb_info: %x set: %x clr: %x\n", - p->acb_info, acb_set, acb_clr)); + p->acb_info, acb_set, acb_clr)); usr = (void *)p; switch_value = 16; @@ -2775,11 +2800,11 @@ void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sid, &pol_dom) : False; + &sid, &pol_dom) : False; /* look up user rid */ names[0] = user_name; @@ -2880,7 +2905,7 @@ void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[]) free_samr_userinfo_ctr(&ctr); } -static void sam_display_disp_info(const char *domain, const DOM_SID * sid, +static void sam_display_disp_info(const char *domain, const DOM_SID *sid, uint16 info, uint32 num, SAM_DISPINFO_CTR * ctr) { @@ -3025,7 +3050,7 @@ void cmd_sam_query_aliasmem(struct client_info *info, int argc, char *argv[]) if (!split_domain_name(argv[1], domain, alias_name)) { - safe_strcpy(alias_name, argv[1], sizeof(alias_name)-1); + safe_strcpy(alias_name, argv[1], sizeof(alias_name) - 1); fstrcpy(domain, info->dom.level5_dom); sid_copy(&sid, &info->dom.level5_sid); } @@ -3052,7 +3077,7 @@ void cmd_sam_query_aliasmem(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -3150,7 +3175,7 @@ void cmd_sam_query_alias(struct client_info *info, int argc, char *argv[]) /* establish a connection. */ res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol) : False; + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; |