summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source/include/proto.h9
-rw-r--r--source/samrd/srv_samr_dom_tdb.c457
-rw-r--r--source/samrd/srv_samr_grp_tdb.c6
-rw-r--r--source/samrd/srv_samr_tdb.c59
-rw-r--r--source/samrd/srv_samr_tdb_init.c26
-rw-r--r--source/samrd/srv_samr_usr_tdb.c135
6 files changed, 322 insertions, 370 deletions
diff --git a/source/include/proto.h b/source/include/proto.h
index 8a2d64fd32c..71ef7ae8027 100644
--- a/source/include/proto.h
+++ b/source/include/proto.h
@@ -4054,12 +4054,12 @@ BOOL set_tdbsid(struct policy_cache *cache, POLICY_HND *hnd,
TDB_CONTEXT *tdb, const DOM_SID *sid);
BOOL get_tdbsid(struct policy_cache *cache, const POLICY_HND *hnd,
TDB_CONTEXT **tdb, DOM_SID *sid);
-uint32 samr_open_by_tdbrid( const POLICY_HND *parent_pol,
+TDB_CONTEXT *open_usr_db(const DOM_SID *sid, uint32 rid, int perms);
+uint32 samr_open_user_tdb( const POLICY_HND *parent_pol,
+ const DOM_SID *sid,
TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
POLICY_HND *pol,
- uint32 access_mask, uint32 rid);
+ uint32 ace_perms, uint32 rid);
/*The following definitions come from samrd/srv_samr_tdb_init.c */
@@ -4097,6 +4097,7 @@ uint32 _samr_delete_dom_user(POLICY_HND *user_pol);
/*The following definitions come from samrd/srv_samr_usr_tdb.c */
+BOOL tdb_lookup_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr);
uint32 _samr_get_usrdom_pwinfo(const POLICY_HND *user_pol,
uint32 *unknown_0,
uint32 *unknown_1);
diff --git a/source/samrd/srv_samr_dom_tdb.c b/source/samrd/srv_samr_dom_tdb.c
index 5f3159168f9..ad58c86c10b 100644
--- a/source/samrd/srv_samr_dom_tdb.c
+++ b/source/samrd/srv_samr_dom_tdb.c
@@ -36,24 +36,22 @@ typedef struct sam_data21_info
uint32 start_idx;
uint32 current_idx;;
-} SAM_DATA_21;
+}
+SAM_DATA_21;
/******************************************************************
makes a SAMR_R_ENUM_USERS structure.
********************************************************************/
-static int tdb_user21_traverse(TDB_CONTEXT *tdb,
- TDB_DATA kbuf,
- TDB_DATA dbuf,
- void *state)
+static int tdb_user21_traverse(TDB_CONTEXT * tdb,
+ TDB_DATA kbuf, TDB_DATA dbuf, void *state)
{
prs_struct ps;
SAM_USER_INFO_21 *usr;
- SAM_DATA_21 *data = (SAM_DATA_21*)state;
+ SAM_DATA_21 *data = (SAM_DATA_21 *) state;
uint32 num_sam_entries = data->num_sam_entries + 1;
- DEBUG(5,("tdb_user21_traverse: idx: %d %d\n",
- data->current_idx,
- num_sam_entries));
+ DEBUG(5, ("tdb_user21_traverse: idx: %d %d\n",
+ data->current_idx, num_sam_entries));
dump_data_pw("usr:\n", dbuf.dptr, dbuf.dsize);
dump_data_pw("rid:\n", kbuf.dptr, kbuf.dsize);
@@ -65,12 +63,13 @@ static int tdb_user21_traverse(TDB_CONTEXT *tdb,
return 0;
}
- data->usr = (SAM_USER_INFO_21*)Realloc(data->usr,
- num_sam_entries * sizeof(data->usr[0]));
+ data->usr = (SAM_USER_INFO_21 *) Realloc(data->usr,
+ num_sam_entries *
+ sizeof(data->usr[0]));
if (data->usr == NULL)
{
- DEBUG(0,("NULL pointers in tdb_user21_traverse\n"));
+ DEBUG(0, ("NULL pointers in tdb_user21_traverse\n"));
return -1;
}
@@ -85,141 +84,35 @@ static int tdb_user21_traverse(TDB_CONTEXT *tdb,
return 0;
}
-static uint32 open_dom_dbs(const DOM_SID *sid, int perms,
- TDB_CONTEXT **usr_tdb,
- TDB_CONTEXT **usg_tdb,
- TDB_CONTEXT **usa_tdb,
- TDB_CONTEXT **grp_tdb,
- TDB_CONTEXT **als_tdb)
-{
- fstring usr;
- fstring usg;
- fstring usa;
- fstring grp;
- fstring als;
- fstring tmp;
-
- sid_to_string(tmp, sid);
-
- slprintf(usr, sizeof(usr)-1, "%s.usr.tdb", tmp);
- slprintf(usg, sizeof(usg)-1, "%s.usg.tdb", tmp);
- slprintf(usa, sizeof(usa)-1, "%s.usa.tdb", tmp);
- slprintf(als, sizeof(als)-1, "%s.als.tdb", tmp);
- slprintf(grp, sizeof(grp)-1, "%s.grp.tdb", tmp);
-
- DEBUG(10,("opening domain %s with ", tmp));
- DEBUGADD(10, ("rdonly: %s ", BOOLSTR(IS_BITS_SET_ALL(perms, O_RDONLY))));
- DEBUGADD(10, ("wronly: %s", BOOLSTR(IS_BITS_SET_ALL(perms, O_WRONLY))));
- DEBUGADD(10, ("rdwr: %s", BOOLSTR(IS_BITS_SET_ALL(perms, O_RDWR))));
- DEBUGADD(10, ("\n"));
-
- (*usr_tdb) = tdb_open(passdb_path(usr),0,0,perms, 0644);
- (*usg_tdb) = tdb_open(passdb_path(usg),0,0,perms, 0644);
- (*usa_tdb) = tdb_open(passdb_path(usa),0,0,perms, 0644);
- (*grp_tdb) = tdb_open(passdb_path(grp),0,0,perms, 0644);
- (*als_tdb) = tdb_open(passdb_path(als),0,0,perms, 0644);
- if ((*usr_tdb) == NULL ||
- (*usg_tdb) == NULL ||
- (*usa_tdb) == NULL ||
- (*grp_tdb) == NULL ||
- (*als_tdb) == NULL)
- {
- tdb_close(*usr_tdb);
- tdb_close(*usg_tdb);
- tdb_close(*usa_tdb);
- tdb_close(*grp_tdb);
- tdb_close(*als_tdb);
- return NT_STATUS_ACCESS_DENIED;
- }
- return NT_STATUS_NOPROBLEMO;
-}
-
/*******************************************************************
samr_reply_open_domain
********************************************************************/
uint32 _samr_open_domain(const POLICY_HND *connect_pol,
- uint32 ace_perms,
- const DOM_SID *sid,
- POLICY_HND *domain_pol)
+ uint32 ace_perms,
+ const DOM_SID * sid, POLICY_HND *domain_pol)
{
- TDB_CONTEXT *dom_tdb = NULL;
- TDB_CONTEXT *usr_tdb = NULL;
- TDB_CONTEXT *usg_tdb = NULL;
- TDB_CONTEXT *usa_tdb = NULL;
- TDB_CONTEXT *grp_tdb = NULL;
- TDB_CONTEXT *als_tdb = NULL;
-
/* find the policy handle. open a policy on it. */
- if (!get_tdbsam(get_global_hnd_cache(), connect_pol, &dom_tdb))
+ if (!get_tdbsam(get_global_hnd_cache(), connect_pol, NULL))
{
return NT_STATUS_INVALID_HANDLE;
}
/* get a (unique) handle. open a policy on it. */
if (!open_policy_hnd_link(get_global_hnd_cache(),
- connect_pol, domain_pol, ace_perms))
+ connect_pol, domain_pol, ace_perms))
{
return NT_STATUS_ACCESS_DENIED;
}
- if (ace_perms == SEC_RIGHTS_MAXIMUM_ALLOWED)
- {
- uint32 status;
-
- DEBUG(10,("_samr_open_domain: max perms requested\n"));
-
- status = open_dom_dbs(sid, O_RDWR,
- &usr_tdb, &usg_tdb, &usa_tdb,
- &grp_tdb, &als_tdb);
- if (status != 0x0)
- {
- status = open_dom_dbs(sid, O_RDONLY,
- &usr_tdb, &usg_tdb, &usa_tdb,
- &grp_tdb, &als_tdb);
- }
- if (status != 0x0)
- {
- return status;
- }
- }
- else
- {
- int perms = 0;
- BOOL perms_read;
- BOOL perms_write;
- uint32 status;
-
- perms_write = IS_BITS_SET_SOME(ace_perms,
- SEC_RIGHTS_WRITE_OWNER|SEC_RIGHTS_WRITE_DAC);
- perms_read = IS_BITS_SET_ALL(ace_perms, SEC_RIGHTS_READ);
-
- if (perms_write ) perms = O_WRONLY;
- if (perms_read ) perms = O_RDONLY;
- if (perms_write && perms_read) perms = O_RDWR;
-
- status = open_dom_dbs(sid, perms,
- &usr_tdb, &usg_tdb, &usa_tdb,
- &grp_tdb, &als_tdb);
- if (status != 0x0)
- {
- return status;
- }
- }
-
/* associate the domain SID with the (unique) handle. */
if (!set_tdbdomsid(get_global_hnd_cache(), domain_pol,
- usr_tdb, usg_tdb, usa_tdb, grp_tdb, als_tdb, sid))
+ NULL, NULL, NULL, NULL, NULL, sid))
{
- tdb_close(usr_tdb);
- tdb_close(usg_tdb);
- tdb_close(usa_tdb);
- tdb_close(grp_tdb);
- tdb_close(als_tdb);
close_policy_hnd(get_global_hnd_cache(), domain_pol);
return NT_STATUS_ACCESS_DENIED;
}
- DEBUG(5,("_samr_open_domain: %d\n", __LINE__));
+ DEBUG(5, ("_samr_open_domain: %d\n", __LINE__));
return NT_STATUS_NOPROBLEMO;
}
@@ -232,26 +125,24 @@ typedef struct sam_data_info
uint32 start_idx;
uint32 current_idx;;
-} SAM_DATA;
+}
+SAM_DATA;
/******************************************************************
makes a SAMR_R_ENUM_USERS structure.
********************************************************************/
-static int tdb_user_traverse(TDB_CONTEXT *tdb,
- TDB_DATA kbuf,
- TDB_DATA dbuf,
- void *state)
+static int tdb_user_traverse(TDB_CONTEXT * tdb,
+ TDB_DATA kbuf, TDB_DATA dbuf, void *state)
{
prs_struct ps;
SAM_USER_INFO_21 usr;
- SAM_DATA *data = (SAM_DATA*)state;
+ SAM_DATA *data = (SAM_DATA *) state;
uint32 num_sam_entries = data->num_sam_entries + 1;
SAM_ENTRY *sam;
UNISTR2 *str;
- DEBUG(5,("tdb_user_traverse: idx: %d %d\n",
- data->current_idx,
- num_sam_entries));
+ DEBUG(5, ("tdb_user_traverse: idx: %d %d\n",
+ data->current_idx, num_sam_entries));
dump_data_pw("usr:\n", dbuf.dptr, dbuf.dsize);
dump_data_pw("rid:\n", kbuf.dptr, kbuf.dsize);
@@ -263,14 +154,17 @@ static int tdb_user_traverse(TDB_CONTEXT *tdb,
return 0;
}
- data->sam = (SAM_ENTRY*)Realloc(data->sam,
- num_sam_entries * sizeof(data->sam[0]));
- data->uni_name = (UNISTR2*)Realloc(data->uni_name,
- num_sam_entries * sizeof(data->uni_name[0]));
+ data->sam = (SAM_ENTRY *) Realloc(data->sam,
+ num_sam_entries *
+ sizeof(data->sam[0]));
+ data->uni_name =
+ (UNISTR2 *) Realloc(data->uni_name,
+ num_sam_entries *
+ sizeof(data->uni_name[0]));
if (data->sam == NULL || data->uni_name == NULL)
{
- DEBUG(0,("NULL pointers in tdb_user_traverse\n"));
+ DEBUG(0, ("NULL pointers in tdb_user_traverse\n"));
return -1;
}
@@ -297,28 +191,27 @@ static int tdb_user_traverse(TDB_CONTEXT *tdb,
/*******************************************************************
samr_reply_enum_dom_users
********************************************************************/
-uint32 _samr_enum_dom_users( const POLICY_HND *pol, uint32 *start_idx,
- uint16 acb_mask, uint16 unk_1, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_users)
+uint32 _samr_enum_dom_users(const POLICY_HND *pol, uint32 * start_idx,
+ uint16 acb_mask, uint16 unk_1, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name, uint32 * num_sam_users)
{
TDB_CONTEXT *sam_tdb = NULL;
SAM_DATA state;
/* find the domain sid associated with the policy handle */
if (!get_tdbdomsid(get_global_hnd_cache(), pol, &sam_tdb,
- NULL, NULL, NULL, NULL, NULL))
+ NULL, NULL, NULL, NULL, NULL))
{
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_enum_users:\n"));
+ DEBUG(5, ("samr_reply_enum_users:\n"));
ZERO_STRUCT(state);
state.start_idx = (*start_idx);
- tdb_traverse(sam_tdb, tdb_user_traverse, (void*)&state);
+ tdb_traverse(sam_tdb, tdb_user_traverse, (void *)&state);
(*sam) = state.sam;
(*uni_acct_name) = state.uni_name;
@@ -331,12 +224,12 @@ uint32 _samr_enum_dom_users( const POLICY_HND *pol, uint32 *start_idx,
/*******************************************************************
makes a SAMR_R_ENUM_DOM_GROUPS structure.
********************************************************************/
-static void make_samr_dom_groups(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
- uint32 num_sam_entries, DOMAIN_GRP *grps)
+static void make_samr_dom_groups(SAM_ENTRY ** sam, UNISTR2 ** uni_grp_name,
+ uint32 num_sam_entries, DOMAIN_GRP * grps)
{
uint32 i;
- DEBUG(5,("make_samr_dom_groups\n"));
+ DEBUG(5, ("make_samr_dom_groups\n"));
(*sam) = NULL;
(*uni_grp_name) = NULL;
@@ -346,12 +239,16 @@ static void make_samr_dom_groups(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
return;
}
- (*sam) = (SAM_ENTRY*)Realloc(NULL, num_sam_entries * sizeof((*sam)[0]));
- (*uni_grp_name) = (UNISTR2*)Realloc(NULL, num_sam_entries * sizeof((*uni_grp_name)[0]));
+ (*sam) = (SAM_ENTRY *) Realloc(NULL, num_sam_entries * sizeof((*sam)[0]));
+
+ (*uni_grp_name) =
+ (UNISTR2 *) Realloc(NULL,
+ num_sam_entries *
+ sizeof((*uni_grp_name)[0]));
if ((*sam) == NULL || (*uni_grp_name) == NULL)
{
- DEBUG(0,("NULL pointers in SAMR_R_ENUM_DOM_GROUPS\n"));
+ DEBUG(0, ("NULL pointers in SAMR_R_ENUM_DOM_GROUPS\n"));
return;
}
@@ -368,10 +265,10 @@ static void make_samr_dom_groups(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
samr_reply_enum_dom_groups
********************************************************************/
uint32 _samr_enum_dom_groups(const POLICY_HND *pol,
- uint32 *start_idx, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_groups)
+ uint32 * start_idx, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name,
+ uint32 * num_sam_groups)
{
DOMAIN_GRP *grps = NULL;
int num_entries = 0;
@@ -388,7 +285,7 @@ uint32 _samr_enum_dom_groups(const POLICY_HND *pol,
sid_to_string(sid_str, &sid);
- DEBUG(5,("samr_reply_enum_dom_groups: sid %s\n", sid_str));
+ DEBUG(5, ("samr_reply_enum_dom_groups: sid %s\n", sid_str));
if (!sid_equal(&sid, &global_sam_sid))
{
@@ -418,12 +315,12 @@ uint32 _samr_enum_dom_groups(const POLICY_HND *pol,
/*******************************************************************
makes a SAMR_R_ENUM_DOM_ALIASES structure.
********************************************************************/
-static void make_samr_dom_aliases(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
- uint32 num_sam_entries, LOCAL_GRP *alss)
+static void make_samr_dom_aliases(SAM_ENTRY ** sam, UNISTR2 ** uni_grp_name,
+ uint32 num_sam_entries, LOCAL_GRP * alss)
{
uint32 i;
- DEBUG(5,("make_samr_r_enum_dom_aliases\n"));
+ DEBUG(5, ("make_samr_r_enum_dom_aliases\n"));
(*sam) = NULL;
(*uni_grp_name) = NULL;
@@ -433,12 +330,16 @@ static void make_samr_dom_aliases(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
return;
}
- (*sam) = (SAM_ENTRY*)Realloc(NULL, num_sam_entries * sizeof((*sam)[0]));
- (*uni_grp_name) = (UNISTR2*)Realloc(NULL, num_sam_entries * sizeof((*uni_grp_name)[0]));
+ (*sam) = (SAM_ENTRY *) Realloc(NULL, num_sam_entries * sizeof((*sam)[0]));
+
+ (*uni_grp_name) =
+ (UNISTR2 *) Realloc(NULL,
+ num_sam_entries *
+ sizeof((*uni_grp_name)[0]));
if ((*sam) == NULL || (*uni_grp_name) == NULL)
{
- DEBUG(0,("NULL pointers in SAMR_R_ENUM_DOM_ALIASES\n"));
+ DEBUG(0, ("NULL pointers in SAMR_R_ENUM_DOM_ALIASES\n"));
return;
}
@@ -446,7 +347,7 @@ static void make_samr_dom_aliases(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
{
int len = strlen(alss[i].name);
- make_sam_entry(&((*sam)[i]), len, alss[i].rid);
+ make_sam_entry(&((*sam)[i]), len, alss[i].rid);
make_unistr2(&((*uni_grp_name)[i]), alss[i].name, len);
}
}
@@ -455,10 +356,10 @@ static void make_samr_dom_aliases(SAM_ENTRY **sam, UNISTR2 **uni_grp_name,
samr_reply_enum_dom_aliases
********************************************************************/
uint32 _samr_enum_dom_aliases(const POLICY_HND *pol,
- uint32 *start_idx, uint32 size,
- SAM_ENTRY **sam,
- UNISTR2 **uni_acct_name,
- uint32 *num_sam_aliases)
+ uint32 * start_idx, uint32 size,
+ SAM_ENTRY ** sam,
+ UNISTR2 ** uni_acct_name,
+ uint32 * num_sam_aliases)
{
LOCAL_GRP *alss = NULL;
int num_entries = 0;
@@ -468,14 +369,14 @@ uint32 _samr_enum_dom_aliases(const POLICY_HND *pol,
/* find the policy handle. open a policy on it. */
if (!get_tdbdomsid(get_global_hnd_cache(), pol,
- NULL, NULL, NULL, NULL, &als_tdb, &sid))
+ NULL, NULL, NULL, NULL, &als_tdb, &sid))
{
return NT_STATUS_INVALID_HANDLE;
}
sid_to_string(sid_str, &sid);
- DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
+ DEBUG(5, ("samr_reply_enum_dom_aliases: sid %s\n", sid_str));
/* well-known aliases */
if (sid_equal(&sid, &global_sid_S_1_5_20))
@@ -508,7 +409,7 @@ uint32 _samr_enum_dom_aliases(const POLICY_HND *pol,
return NT_STATUS_ACCESS_DENIED;
}
}
-
+
(*start_idx) += num_entries;
(*num_sam_aliases) = num_entries;
@@ -522,13 +423,12 @@ uint32 _samr_enum_dom_aliases(const POLICY_HND *pol,
/*******************************************************************
samr_reply_query_dispinfo
********************************************************************/
-uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
- uint32 start_idx,
- uint32 max_entries,
- uint32 max_size,
- uint32 *data_size,
- uint32 *num_entries,
- SAM_DISPINFO_CTR *ctr)
+uint32 _samr_query_dispinfo(const POLICY_HND *domain_pol, uint16 level,
+ uint32 start_idx,
+ uint32 max_entries,
+ uint32 max_size,
+ uint32 * data_size,
+ uint32 * num_entries, SAM_DISPINFO_CTR * ctr)
{
SAM_USER_INFO_21 *pass = NULL;
DOMAIN_GRP *grps = NULL;
@@ -541,12 +441,12 @@ uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
/* find the domain sid associated with the policy handle */
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol, &sam_tdb,
- NULL, NULL, NULL, NULL, NULL))
+ NULL, NULL, NULL, NULL, NULL))
{
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
+ DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
(*num_entries) = 0;
(*data_size) = 0;
@@ -554,7 +454,7 @@ uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
/* find the policy handle. open a policy on it. */
if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
{
- DEBUG(5,("samr_reply_query_dispinfo: invalid handle\n"));
+ DEBUG(5, ("samr_reply_query_dispinfo: invalid handle\n"));
return NT_STATUS_INVALID_HANDLE;
}
@@ -574,8 +474,8 @@ uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
state.start_idx = start_idx;
total_entries = tdb_traverse(sam_tdb,
- tdb_user21_traverse,
- (void*)&state);
+ tdb_user21_traverse,
+ (void *)&state);
pass = state.usr;
start_idx += state.num_sam_entries;
@@ -598,10 +498,13 @@ uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
return NT_STATUS_ACCESS_DENIED;
}
- if (start_idx < num_sam_entries) {
+ if (start_idx < num_sam_entries)
+ {
grps = sam_grps + start_idx;
num_sam_entries -= start_idx;
- } else {
+ }
+ else
+ {
num_sam_entries = 0;
}
break;
@@ -670,7 +573,7 @@ uint32 _samr_query_dispinfo( const POLICY_HND *domain_pol, uint16 level,
}
}
- DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__));
+ DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__));
safe_free(sam_grps);
safe_free(grps);
@@ -692,38 +595,23 @@ typedef struct tdb_name_info
uint32 num_names;
BOOL found_one;
-} TDB_NAME_INFO;
+}
+TDB_NAME_INFO;
/******************************************************************
tdb_userlookup_names
********************************************************************/
-static int tdb_userlookup_names(TDB_CONTEXT *tdb,
- TDB_DATA kbuf,
- TDB_DATA dbuf,
- void *state)
+static int tdb_userlookup_names(TDB_CONTEXT * tdb, void *state)
{
- prs_struct ps;
SAM_USER_INFO_21 usr;
- TDB_NAME_INFO *data = (TDB_NAME_INFO*)state;
- uint32 rid;
+ TDB_NAME_INFO *data = (TDB_NAME_INFO *) state;
int i;
- DEBUG(5,("tdb_userlookup_names\n"));
-
- dump_data_pw("usr:\n", dbuf.dptr, dbuf.dsize);
- dump_data_pw("rid:\n", kbuf.dptr, kbuf.dsize);
+ DEBUG(5, ("tdb_userlookup_names\n"));
- prs_create(&ps, dbuf.dptr, dbuf.dsize, 4, True);
- if (!sam_io_user_info21("usr", &usr, &ps, 0))
+ if (!tdb_lookup_user(tdb, &usr))
{
- DEBUG(5,("tdb_userlookup_names: user convert failed\n"));
- return 0;
- }
- prs_create(&ps, kbuf.dptr, kbuf.dsize, 4, True);
- if (!_prs_uint32("rid", &ps, 0, &rid))
- {
- DEBUG(5,("tdb_userlookup_names: rid convert failed\n"));
- return 0;
+ return -1;
}
for (i = 0; i < data->num_names; i++)
@@ -731,10 +619,10 @@ static int tdb_userlookup_names(TDB_CONTEXT *tdb,
const UNISTR2 *str = &data->uni_name[i];
if (unistr2equal(str, &usr.uni_user_name))
{
- DEBUG(10,("found user rid[i]: %d\n", i));
+ DEBUG(10, ("found user rid[i]: %d\n", i));
data->types[i] = SID_NAME_USER;
- data->rids[i] = rid;
+ data->rids[i] = usr.user_rid;
data->found_one = True;
return 0;
@@ -744,29 +632,68 @@ static int tdb_userlookup_names(TDB_CONTEXT *tdb,
return 0;
}
+BOOL dom_user_traverse(const DOM_SID * dom_sid,
+ int (*fn) (TDB_CONTEXT *, void *), void *state)
+{
+ DIR *dirp;
+ char *dpname;
+ pstring tmp;
+ pstring dirname;
+
+ sid_to_string(tmp, dom_sid);
+ slprintf(dirname, sizeof(dirname) - 1, "%s/usr", tmp);
+
+ dirp = opendir(passdb_path(dirname));
+
+ if (dirp == NULL)
+ {
+ DEBUG(2, ("Error opening directory [%s]\n", dirname));
+ return False;
+ }
+
+ while ((dpname = readdirname(dirp)) != NULL)
+ {
+ TDB_CONTEXT *usr_tdb;
+ uint32 rid = strtoul(dpname, (char **)NULL, 16);
+
+ DEBUG(10,("dom_user_traverse: %s\n", dpname));
+
+ if (rid == 0)
+ {
+ continue;
+ }
+ usr_tdb = open_usr_db(dom_sid, rid, O_RDONLY);
+ if (usr_tdb != NULL && fn(usr_tdb, state) != 0)
+ {
+ tdb_close(usr_tdb);
+ break;
+ }
+ tdb_close(usr_tdb);
+ }
+ closedir(dirp);
+
+ return True;
+}
+
/*******************************************************************
samr_reply_lookup_names
********************************************************************/
uint32 _samr_lookup_names(const POLICY_HND *dom_pol,
-
- uint32 num_names,
- uint32 flags,
- uint32 ptr,
- const UNISTR2 *uni_name,
-
- uint32 *num_rids,
- uint32 rid[MAX_SAM_ENTRIES],
- uint32 *num_types,
- uint32 type[MAX_SAM_ENTRIES])
+ uint32 num_names,
+ uint32 flags,
+ uint32 ptr,
+ const UNISTR2 * uni_name,
+ uint32 * num_rids,
+ uint32 rid[MAX_SAM_ENTRIES],
+ uint32 * num_types, uint32 type[MAX_SAM_ENTRIES])
{
- TDB_CONTEXT *usr_tdb = NULL;
DOM_SID dom_sid;
TDB_NAME_INFO state;
- DEBUG(5,("samr_lookup_names: %d\n", __LINE__));
+ DEBUG(5, ("samr_lookup_names: %d\n", __LINE__));
if (!get_tdbdomsid(get_global_hnd_cache(), dom_pol,
- &usr_tdb, NULL, NULL, NULL, NULL, &dom_sid))
+ NULL, NULL, NULL, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
@@ -785,14 +712,17 @@ uint32 _samr_lookup_names(const POLICY_HND *dom_pol,
state.uni_name = uni_name;
if (state.rids == NULL ||
- state.types == NULL ||
- state.uni_name == NULL)
+ state.types == NULL || state.uni_name == NULL)
{
return NT_STATUS_NO_MEMORY;
}
/* lookups */
- tdb_traverse(usr_tdb, tdb_userlookup_names, (void*)&state);
+ if (!dom_user_traverse
+ (&dom_sid, tdb_userlookup_names, (void *)&state))
+ {
+ return NT_STATUS_ACCESS_DENIED;
+ }
if (!state.found_one)
{
@@ -801,7 +731,6 @@ uint32 _samr_lookup_names(const POLICY_HND *dom_pol,
(*num_types) = num_names;
(*num_rids) = num_names;
-
return NT_STATUS_NOPROBLEMO;
}
@@ -813,38 +742,31 @@ typedef struct tdb_rid_info
UNISTR2 *uni_name;
uint32 num_rids;
BOOL found_one;
-
} TDB_RID_INFO;
-
/******************************************************************
tdb_userlookup_rids
********************************************************************/
-static int tdb_userlookup_rids(TDB_CONTEXT *tdb,
- TDB_DATA kbuf,
- TDB_DATA dbuf,
- void *state)
+static int tdb_userlookup_rids(TDB_CONTEXT * tdb,
+ TDB_DATA kbuf, TDB_DATA dbuf, void *state)
{
prs_struct ps;
SAM_USER_INFO_21 usr;
- TDB_RID_INFO *data = (TDB_RID_INFO*)state;
+ TDB_RID_INFO *data = (TDB_RID_INFO *) state;
uint32 rid;
int i;
-
- DEBUG(5,("tdb_userlookup_rids\n"));
-
+ DEBUG(5, ("tdb_userlookup_rids\n"));
dump_data_pw("usr:\n", dbuf.dptr, dbuf.dsize);
dump_data_pw("rid:\n", kbuf.dptr, kbuf.dsize);
-
prs_create(&ps, dbuf.dptr, dbuf.dsize, 4, True);
if (!sam_io_user_info21("usr", &usr, &ps, 0))
{
- DEBUG(5,("tdb_userlookup_rids: user convert failed\n"));
+ DEBUG(5, ("tdb_userlookup_rids: user convert failed\n"));
return 0;
}
prs_create(&ps, kbuf.dptr, kbuf.dsize, 4, True);
if (!_prs_uint32("rid", &ps, 0, &rid))
{
- DEBUG(5,("tdb_userlookup_rids: rid convert failed\n"));
+ DEBUG(5, ("tdb_userlookup_rids: rid convert failed\n"));
return 0;
}
@@ -853,40 +775,35 @@ static int tdb_userlookup_rids(TDB_CONTEXT *tdb,
if (rid == data->rids[i])
{
UNISTR2 *str = &data->uni_name[i];
- UNIHDR *hdr = &data->hdr_name[i];
-
- DEBUG(10,("found user rid[i]: %d\n", i));
-
+ UNIHDR *hdr = &data->hdr_name[i];
+ DEBUG(10, ("found user rid[i]: %d\n", i));
data->types[i] = SID_NAME_USER;
copy_unistr2(str, &usr.uni_user_name);
make_uni_hdr(hdr, str->uni_str_len);
-
data->found_one = True;
-
return 0;
}
}
return 0;
}
+
/*******************************************************************
samr_reply_lookup_rids
********************************************************************/
uint32 _samr_lookup_rids(const POLICY_HND *dom_pol,
- uint32 num_rids, uint32 flags,
- const uint32 *rids,
- uint32 *num_names,
- UNIHDR **hdr_name, UNISTR2** uni_name,
- uint32 **types)
+ uint32 num_rids, uint32 flags,
+ const uint32 * rids,
+ uint32 * num_names,
+ UNIHDR ** hdr_name, UNISTR2 ** uni_name,
+ uint32 ** types)
{
TDB_CONTEXT *usr_tdb = NULL;
DOM_SID dom_sid;
TDB_RID_INFO state;
-
- DEBUG(5,("samr_lookup_rids: %d\n", __LINE__));
-
+ DEBUG(5, ("samr_lookup_rids: %d\n", __LINE__));
if (!get_tdbdomsid(get_global_hnd_cache(), dom_pol,
- &usr_tdb, NULL, NULL, NULL, NULL, &dom_sid))
+ &usr_tdb, NULL, NULL, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
@@ -897,29 +814,26 @@ uint32 _samr_lookup_rids(const POLICY_HND *dom_pol,
state.num_rids = num_rids;
state.rids = rids;
state.types = malloc(num_rids * sizeof(*state.types));
- state.hdr_name = (UNIHDR*)malloc(num_rids * sizeof(*state.hdr_name));
- state.uni_name = (UNISTR2*)malloc(num_rids * sizeof(*state.uni_name));
-
- if (state.types == NULL ||
- state.hdr_name == NULL ||
- state.uni_name == NULL)
+ state.hdr_name =
+ (UNIHDR *) malloc(num_rids * sizeof(*state.hdr_name));
+ state.uni_name =
+ (UNISTR2 *) malloc(num_rids * sizeof(*state.uni_name));
+ if (state.types == NULL || state.hdr_name == NULL
+ || state.uni_name == NULL)
{
safe_free(state.types);
safe_free(state.hdr_name);
safe_free(state.uni_name);
-
return NT_STATUS_NO_MEMORY;
}
/* lookups */
- tdb_traverse(usr_tdb, tdb_userlookup_rids, (void*)&state);
-
+ tdb_traverse(usr_tdb, tdb_userlookup_rids, (void *)&state);
if (!state.found_one)
{
safe_free(state.types);
safe_free(state.hdr_name);
safe_free(state.uni_name);
-
return NT_STATUS_NONE_MAPPED;
}
@@ -927,7 +841,6 @@ uint32 _samr_lookup_rids(const POLICY_HND *dom_pol,
(*types) = state.types;
(*hdr_name) = state.hdr_name;
(*uni_name) = state.uni_name;
-
return NT_STATUS_NOPROBLEMO;
}
@@ -935,13 +848,12 @@ uint32 _samr_lookup_rids(const POLICY_HND *dom_pol,
_samr_query_dom_info
********************************************************************/
uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
- uint16 switch_value,
- SAM_UNK_CTR *ctr)
+ uint16 switch_value, SAM_UNK_CTR * ctr)
{
/* find the policy handle. open a policy on it. */
if (find_policy_by_hnd(get_global_hnd_cache(), domain_pol) == -1)
{
- DEBUG(5,("samr_reply_query_dom_info: invalid handle\n"));
+ DEBUG(5, ("samr_reply_query_dom_info: invalid handle\n"));
return NT_STATUS_INVALID_HANDLE;
}
@@ -966,7 +878,8 @@ uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
{
extern fstring global_sam_name;
extern pstring global_myname;
- make_unk_info2(&(ctr->info.inf2), global_sam_name, global_myname);
+ make_unk_info2(&(ctr->info.inf2), global_sam_name,
+ global_myname);
break;
}
case 0x01:
@@ -987,8 +900,8 @@ uint32 _samr_query_dom_info(const POLICY_HND *domain_pol,
/*******************************************************************
samr_reply_unknown_2d
********************************************************************/
-uint32 _samr_unknown_2d(const POLICY_HND *domain_pol, const DOM_SID *sid)
+uint32 _samr_unknown_2d(const POLICY_HND *domain_pol, const DOM_SID * sid)
{
- DEBUG(0,("_samr_unknown_2d: not implemented, returning OK\n"));
+ DEBUG(0, ("_samr_unknown_2d: not implemented, returning OK\n"));
return NT_STATUS_NOPROBLEMO;
}
diff --git a/source/samrd/srv_samr_grp_tdb.c b/source/samrd/srv_samr_grp_tdb.c
index b708e74d269..095eaebf78e 100644
--- a/source/samrd/srv_samr_grp_tdb.c
+++ b/source/samrd/srv_samr_grp_tdb.c
@@ -509,6 +509,7 @@ uint32 _samr_create_dom_group(const POLICY_HND *domain_pol,
return NT_STATUS_ACCESS_DENIED;
}
+ return NT_STATUS_ACCESS_DENIED;
#if 0
if (!tdb_store_group_mem(tdb_usg, (*group_rid), 0, NULL, 0, NULL))
{
@@ -516,9 +517,9 @@ uint32 _samr_create_dom_group(const POLICY_HND *domain_pol,
return NT_STATUS_ACCESS_DENIED;
}
-#endif
return samr_open_by_tdbrid(domain_pol, NULL, tdb_grp, NULL,
group_pol, access_mask, *group_rid);
+#endif
}
/*******************************************************************
@@ -544,9 +545,12 @@ uint32 _samr_open_group(const POLICY_HND *domain_pol, uint32 access_mask,
return NT_STATUS_NO_SUCH_GROUP;
}
+ return NT_STATUS_NO_SUCH_GROUP;
+#if 0
return samr_open_by_tdbrid(domain_pol,
NULL, tdb_grp, NULL,
group_pol, access_mask, group_rid);
+#endif
}
diff --git a/source/samrd/srv_samr_tdb.c b/source/samrd/srv_samr_tdb.c
index d94a010e89a..ba602475a30 100644
--- a/source/samrd/srv_samr_tdb.c
+++ b/source/samrd/srv_samr_tdb.c
@@ -390,26 +390,69 @@ BOOL get_tdbsid(struct policy_cache *cache, const POLICY_HND *hnd,
return False;
}
+TDB_CONTEXT *open_usr_db(const DOM_SID *sid, uint32 rid, int perms)
+{
+ pstring tmp;
+ pstring usr;
+
+ sid_to_string(tmp, sid);
+ slprintf(usr, sizeof(usr)-1, "%s/usr/%x", tmp, rid);
+
+ return tdb_open(passdb_path(usr),0,0,perms, 0644);
+}
+
/*******************************************************************
opens a samr entiry by rid, returns a policy handle.
********************************************************************/
-uint32 samr_open_by_tdbrid( const POLICY_HND *parent_pol,
+uint32 samr_open_user_tdb( const POLICY_HND *parent_pol,
+ const DOM_SID *sid,
TDB_CONTEXT *usr_tdb,
- TDB_CONTEXT *grp_tdb,
- TDB_CONTEXT *als_tdb,
POLICY_HND *pol,
- uint32 access_mask, uint32 rid)
+ uint32 ace_perms, uint32 rid)
{
/* get a (unique) handle. open a policy on it. */
if (!open_policy_hnd_link(get_global_hnd_cache(),
- parent_pol, pol, access_mask))
+ parent_pol, pol, ace_perms))
+ {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (usr_tdb == NULL && ace_perms == SEC_RIGHTS_MAXIMUM_ALLOWED)
+ {
+ DEBUG(10,("samr_open_user_tdb: max perms requested\n"));
+
+ usr_tdb = open_usr_db(sid, rid, O_RDWR);
+ if (usr_tdb == NULL)
+ {
+ usr_tdb = open_usr_db(sid, rid, O_RDONLY);
+ }
+ }
+
+ if (usr_tdb == NULL)
+ {
+ int perms = 0;
+ BOOL perms_read;
+ BOOL perms_write;
+
+ perms_write = IS_BITS_SET_SOME(ace_perms,
+ SEC_RIGHTS_WRITE_OWNER|SEC_RIGHTS_WRITE_DAC);
+ perms_read = IS_BITS_SET_ALL(ace_perms, SEC_RIGHTS_READ);
+
+ if (perms_write ) perms = O_WRONLY;
+ if (perms_read ) perms = O_RDONLY;
+ if (perms_write && perms_read) perms = O_RDWR;
+
+ usr_tdb = open_usr_db(sid, rid, O_RDWR);
+ }
+
+ if (usr_tdb == NULL)
{
+ close_policy_hnd(get_global_hnd_cache(), pol);
return NT_STATUS_ACCESS_DENIED;
}
- /* associate a RID with the (unique) handle. */
- if (!set_tdbrid(get_global_hnd_cache(), pol,
- usr_tdb, grp_tdb, als_tdb, rid))
+ /* associate a SID with the (unique) handle. */
+ if (!set_tdbsam(get_global_hnd_cache(), pol, usr_tdb))
{
/* close the policy in case we can't associate a group SID */
close_policy_hnd(get_global_hnd_cache(), pol);
diff --git a/source/samrd/srv_samr_tdb_init.c b/source/samrd/srv_samr_tdb_init.c
index 4740d6b371f..fbf162c6790 100644
--- a/source/samrd/srv_samr_tdb_init.c
+++ b/source/samrd/srv_samr_tdb_init.c
@@ -30,29 +30,23 @@ extern int DEBUGLEVEL;
uint32 initialise_dom_tdb(const DOM_SID *sid)
{
pstring usr;
- pstring usg;
- pstring usa;
pstring grp;
pstring als;
fstring tmp;
sid_to_string(tmp, sid);
- slprintf(usr, sizeof(usr)-1, "%s.usr.tdb", tmp);
- slprintf(usg, sizeof(usg)-1, "%s.usg.tdb", tmp);
- slprintf(usa, sizeof(usa)-1, "%s.usa.tdb", tmp);
- slprintf(grp, sizeof(grp)-1, "%s.grp.tdb", tmp);
- slprintf(als, sizeof(als)-1, "%s.als.tdb", tmp);
+ mkdir(passdb_path(tmp), 0755);
+
+ slprintf(usr, sizeof(usr)-1, "%s/usr", tmp);
+ mkdir(passdb_path(usr), 0755);
+
+ slprintf(grp, sizeof(grp)-1, "%s/grp", tmp);
+ mkdir(passdb_path(grp), 0755);
+
+ slprintf(als, sizeof(als)-1, "%s/als", tmp);
+ mkdir(passdb_path(als), 0755);
- /* create if not-exist with root-readwrite, all others read */
- if (tdb_close(tdb_open(passdb_path(usr),0,0,O_RDWR|O_CREAT,0644)) ||
- tdb_close(tdb_open(passdb_path(usg),0,0,O_RDWR|O_CREAT,0644)) ||
- tdb_close(tdb_open(passdb_path(usa),0,0,O_RDWR|O_CREAT,0644)) ||
- tdb_close(tdb_open(passdb_path(grp),0,0,O_RDWR|O_CREAT,0644)) ||
- tdb_close(tdb_open(passdb_path(als),0,0,O_RDWR|O_CREAT,0644)))
- {
- return NT_STATUS_ACCESS_DENIED;
- }
return NT_STATUS_NOPROBLEMO;
}
diff --git a/source/samrd/srv_samr_usr_tdb.c b/source/samrd/srv_samr_usr_tdb.c
index 6ed9cf60c9c..4db5fe77dd2 100644
--- a/source/samrd/srv_samr_usr_tdb.c
+++ b/source/samrd/srv_samr_usr_tdb.c
@@ -29,6 +29,7 @@
extern int DEBUGLEVEL;
+#if 0
static BOOL tdb_lookup_user_als(TDB_CONTEXT *tdb,
const DOM_SID *sid,
uint32 *num_rids,
@@ -89,15 +90,15 @@ static BOOL tdb_lookup_user_grps(TDB_CONTEXT *tdb,
return True;
}
-static BOOL tdb_lookup_user(TDB_CONTEXT *tdb,
- uint32 rid,
- SAM_USER_INFO_21 *usr)
+#endif
+BOOL tdb_lookup_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr)
{
prs_struct key;
prs_struct data;
+ uint8 k = 0;
prs_init(&key, 0, 4, False);
- if (!_prs_uint32("rid", &key, 0, &rid))
+ if (!_prs_uint8("usr", &key, 0, &k))
{
return False;
}
@@ -117,6 +118,7 @@ static BOOL tdb_lookup_user(TDB_CONTEXT *tdb,
return True;
}
+#if 0
static BOOL tdb_store_user_grps(TDB_CONTEXT *tdb,
uint32 rid, uint32 num_gids,
DOM_GID *gids)
@@ -177,17 +179,18 @@ static BOOL tdb_store_user_als(TDB_CONTEXT *tdb,
return True;
}
-static BOOL tdb_store_user(TDB_CONTEXT *tdb, uint32 rid, SAM_USER_INFO_21 *usr)
+#endif
+
+static BOOL tdb_store_user(TDB_CONTEXT *tdb, SAM_USER_INFO_21 *usr)
{
prs_struct key;
prs_struct data;
-
- DEBUG(10,("storing user %x\n", rid));
+ uint8 k = 0;
prs_init(&key, 0, 4, False);
prs_init(&data, 0, 4, False);
- if (!_prs_uint32("rid", &key, 0, &rid) ||
+ if (!_prs_uint8("usr", &key, 0, &k) ||
!sam_io_user_info21("usr", usr, &data, 0) ||
prs_tdb_store(tdb, TDB_REPLACE, &key, &data) != 0)
{
@@ -201,8 +204,7 @@ static BOOL tdb_store_user(TDB_CONTEXT *tdb, uint32 rid, SAM_USER_INFO_21 *usr)
return True;
}
-static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint32 rid,
- uint16 acb_info)
+static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint16 acb_info)
{
SAM_USER_INFO_21 usr;
@@ -211,7 +213,7 @@ static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint32 rid,
return False;
}
- if (!tdb_lookup_user(tdb, rid, &usr))
+ if (!tdb_lookup_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -219,7 +221,7 @@ static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint32 rid,
usr.acb_info = acb_info;
- if (!tdb_store_user(tdb, rid, &usr))
+ if (!tdb_store_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -229,7 +231,7 @@ static BOOL tdb_set_userinfo_10(TDB_CONTEXT *tdb, uint32 rid,
return True;
}
-static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb, uint32 rid,
+static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb,
const uchar lm_pwd[16], const uchar nt_pwd[16])
{
SAM_USER_INFO_21 usr;
@@ -240,7 +242,7 @@ static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb, uint32 rid,
return False;
}
- if (!tdb_lookup_user(tdb, rid, &usr))
+ if (!tdb_lookup_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -249,7 +251,7 @@ static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb, uint32 rid,
memcpy(usr.lm_pwd, lm_pwd, sizeof(usr.lm_pwd));
memcpy(usr.nt_pwd, nt_pwd, sizeof(usr.nt_pwd));
- if (!tdb_store_user(tdb, rid, &usr))
+ if (!tdb_store_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -259,7 +261,7 @@ static BOOL tdb_set_userinfo_pwds(TDB_CONTEXT *tdb, uint32 rid,
return True;
}
-static BOOL tdb_set_userinfo_23(TDB_CONTEXT *tdb, uint32 rid,
+static BOOL tdb_set_userinfo_23(TDB_CONTEXT *tdb,
const SAM_USER_INFO_23 *usr23,
const uchar lm_pwd[16], const uchar nt_pwd[16])
{
@@ -270,7 +272,7 @@ static BOOL tdb_set_userinfo_23(TDB_CONTEXT *tdb, uint32 rid,
return False;
}
- if (!tdb_lookup_user(tdb, rid, &usr))
+ if (!tdb_lookup_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -311,7 +313,7 @@ static BOOL tdb_set_userinfo_23(TDB_CONTEXT *tdb, uint32 rid,
return False;
}
- if (!tdb_store_user(tdb, rid, &usr))
+ if (!tdb_store_user(tdb, &usr))
{
tdb_writeunlock(tdb);
return False;
@@ -353,9 +355,10 @@ uint32 _samr_query_usergroups(const POLICY_HND *pol,
uint32 *num_groups,
DOM_GID **gids)
{
+#if 0
uint32 rid;
+#endif
TDB_CONTEXT *usr_tdb = NULL;
- TDB_CONTEXT *usg_tdb = NULL;
(*gids) = NULL;
(*num_groups) = 0;
@@ -363,16 +366,17 @@ uint32 _samr_query_usergroups(const POLICY_HND *pol,
DEBUG(5,("samr_query_usergroups: %d\n", __LINE__));
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, &usr_tdb,
- &usg_tdb, NULL, &rid))
+ if (!get_tdbsam(get_global_hnd_cache(), pol, &usr_tdb))
{
return NT_STATUS_INVALID_HANDLE;
}
+#if 0
if (!tdb_lookup_user_grps(usg_tdb, rid, num_groups, gids))
{
return NT_STATUS_NO_SUCH_USER;
}
+#endif
return NT_STATUS_NOPROBLEMO;
}
@@ -383,8 +387,10 @@ uint32 _samr_query_useraliases(const POLICY_HND *domain_pol,
const uint32 *ptr_sid, const DOM_SID2 *sid,
uint32 *num_aliases, uint32 **rid)
{
+#if 0
TDB_CONTEXT *tdb = NULL;
DOM_SID dom_sid;
+#endif
DEBUG(5,("samr_query_useraliases: %d\n", __LINE__));
@@ -396,14 +402,14 @@ uint32 _samr_query_useraliases(const POLICY_HND *domain_pol,
return NT_STATUS_ACCESS_DENIED;
}
+#if 0
/* find the policy handle. open a policy on it. */
- if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
+ if (!get_tdbsam(get_global_hnd_cache(), domain_pol,
NULL, NULL, &tdb, NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
-#if 0
if (!tdb_lookup_user_als(tdb, &sid->sid, num_aliases, rid))
{
return NT_STATUS_NO_SUCH_USER;
@@ -419,26 +425,16 @@ uint32 _samr_open_user(const POLICY_HND *domain_pol,
uint32 access_mask, uint32 user_rid,
POLICY_HND *user_pol)
{
- TDB_CONTEXT *tdb_usr = NULL;
- TDB_CONTEXT *tdb_usg = NULL;
- TDB_CONTEXT *tdb_usa = NULL;
DOM_SID dom_sid;
- SAM_USER_INFO_21 usr;
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- &tdb_usr, &tdb_usg, &tdb_usa,
+ NULL, NULL, NULL,
NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
}
- if (!tdb_lookup_user(tdb_usr, user_rid, &usr))
- {
- return NT_STATUS_NO_SUCH_USER;
- }
-
- return samr_open_by_tdbrid(domain_pol,
- tdb_usr, tdb_usg, tdb_usa,
+ return samr_open_user_tdb(domain_pol, &dom_sid, NULL,
user_pol, access_mask, user_rid);
}
@@ -449,21 +445,19 @@ uint32 _samr_query_userinfo(const POLICY_HND *pol, uint16 switch_value,
SAM_USERINFO_CTR *ctr)
{
TDB_CONTEXT *tdb_usr = NULL;
- uint32 rid = 0x0;
SAM_USER_INFO_21 usr;
/* find the policy handle. open a policy on it. */
- if (!get_tdbrid(get_global_hnd_cache(), pol, &tdb_usr,
- NULL, NULL, &rid))
+ if (!get_tdbsam(get_global_hnd_cache(), pol, &tdb_usr))
{
return NT_STATUS_INVALID_HANDLE;
}
- if (!tdb_lookup_user(tdb_usr, rid, &usr))
+ if (!tdb_lookup_user(tdb_usr, &usr))
{
return NT_STATUS_NO_SUCH_USER;
}
- DEBUG(5,("samr_reply_query_userinfo: rid:0x%x\n", rid));
+ DEBUG(5,("samr_reply_query_userinfo\n"));
return make_samr_userinfo_ctr_usr21(ctr, switch_value, &usr);
}
@@ -471,7 +465,7 @@ uint32 _samr_query_userinfo(const POLICY_HND *pol, uint16 switch_value,
/*******************************************************************
set_user_info_24
********************************************************************/
-static BOOL set_user_info_24(TDB_CONTEXT *usr_tdb, uint32 rid,
+static BOOL set_user_info_24(TDB_CONTEXT *usr_tdb,
const SAM_USER_INFO_24 *id24)
{
static uchar nt_hash[16];
@@ -489,22 +483,22 @@ static BOOL set_user_info_24(TDB_CONTEXT *usr_tdb, uint32 rid,
nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
- return tdb_set_userinfo_pwds(usr_tdb, rid, lm_hash, nt_hash);
+ return tdb_set_userinfo_pwds(usr_tdb, lm_hash, nt_hash);
}
/*******************************************************************
set_user_info_12
********************************************************************/
-static BOOL set_user_info_12(TDB_CONTEXT *usr_tdb, uint32 rid,
+static BOOL set_user_info_12(TDB_CONTEXT *usr_tdb,
const SAM_USER_INFO_12 *id12)
{
- return tdb_set_userinfo_pwds(usr_tdb, rid, id12->lm_pwd, id12->nt_pwd);
+ return tdb_set_userinfo_pwds(usr_tdb, id12->lm_pwd, id12->nt_pwd);
}
/*******************************************************************
set_user_info_23
********************************************************************/
-static BOOL set_user_info_23(TDB_CONTEXT *usr_tdb, uint32 rid,
+static BOOL set_user_info_23(TDB_CONTEXT *usr_tdb,
const SAM_USER_INFO_23 *id23)
{
static uchar nt_hash[16];
@@ -528,7 +522,7 @@ static BOOL set_user_info_23(TDB_CONTEXT *usr_tdb, uint32 rid,
nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
- return tdb_set_userinfo_23(usr_tdb, rid, id23, lm_hash, nt_hash);
+ return tdb_set_userinfo_23(usr_tdb, id23, lm_hash, nt_hash);
}
/*******************************************************************
@@ -539,19 +533,15 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
{
TDB_CONTEXT *tdb_usr = NULL;
uchar user_sess_key[16];
- uint32 rid = 0x0;
DEBUG(5,("samr_reply_set_userinfo: %d\n", __LINE__));
/* find the domain rid associated with the policy handle */
- if (!get_tdbrid(get_global_hnd_cache(), pol, &tdb_usr,
- NULL, NULL, &rid))
+ if (!get_tdbsam(get_global_hnd_cache(), pol, &tdb_usr))
{
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_set_userinfo: rid:0x%x\n", rid));
-
if (!pol_get_usr_sesskey(get_global_hnd_cache(), pol, user_sess_key))
{
return NT_STATUS_INVALID_HANDLE;
@@ -569,7 +559,7 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
case 0x12:
{
SAM_USER_INFO_12 *id12 = ctr->info.id12;
- if (!set_user_info_12(tdb_usr, rid, id12))
+ if (!set_user_info_12(tdb_usr, id12))
{
DEBUG(10,("_samr_set_userinfo 0x12 failed\n"));
return NT_STATUS_ACCESS_DENIED;
@@ -581,7 +571,7 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
{
SAM_USER_INFO_24 *id24 = ctr->info.id24;
SamOEMhash(id24->pass, user_sess_key, True);
- if (!set_user_info_24(tdb_usr, rid, id24))
+ if (!set_user_info_24(tdb_usr, id24))
{
DEBUG(10,("_samr_set_userinfo 0x18 failed\n"));
return NT_STATUS_ACCESS_DENIED;
@@ -597,7 +587,7 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
id23->pass, sizeof(id23->pass));
dbgflush();
- if (!set_user_info_23(tdb_usr, rid, id23))
+ if (!set_user_info_23(tdb_usr, id23))
{
return NT_STATUS_ACCESS_DENIED;
}
@@ -616,10 +606,10 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
/*******************************************************************
set_user_info_10
********************************************************************/
-static BOOL set_user_info_10(TDB_CONTEXT *usr_tdb, uint32 rid,
+static BOOL set_user_info_10(TDB_CONTEXT *usr_tdb,
const SAM_USER_INFO_10 *id16)
{
- return tdb_set_userinfo_10(usr_tdb, rid, id16->acb_info);
+ return tdb_set_userinfo_10(usr_tdb, id16->acb_info);
}
/*******************************************************************
@@ -629,16 +619,14 @@ uint32 _samr_set_userinfo2(const POLICY_HND *pol, uint16 switch_value,
SAM_USERINFO_CTR *ctr)
{
TDB_CONTEXT *tdb_usr = NULL;
- uint32 rid = 0x0;
/* find the domain sid associated with the policy handle */
- if (!get_tdbrid(get_global_hnd_cache(), pol, &tdb_usr,
- NULL, NULL, &rid))
+ if (!get_tdbsam(get_global_hnd_cache(), pol, &tdb_usr))
{
return NT_STATUS_INVALID_HANDLE;
}
- DEBUG(5,("samr_reply_set_userinfo2: rid:0x%x\n", rid));
+ DEBUG(5,("samr_reply_set_userinfo2\n"));
if (ctr == NULL)
{
@@ -654,7 +642,7 @@ uint32 _samr_set_userinfo2(const POLICY_HND *pol, uint16 switch_value,
case 16:
{
SAM_USER_INFO_10 *id10 = ctr->info.id10;
- if (!set_user_info_10(tdb_usr, rid, id10))
+ if (!set_user_info_10(tdb_usr, id10))
{
return NT_STATUS_ACCESS_DENIED;
}
@@ -736,8 +724,6 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
DOM_SID sid;
DOM_SID grp_sid;
TDB_CONTEXT *tdb_usr = NULL;
- TDB_CONTEXT *tdb_usg = NULL;
- TDB_CONTEXT *tdb_usa = NULL;
SAM_USER_INFO_21 usr;
uint32 status1;
@@ -749,11 +735,13 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
struct passwd *pass = NULL;
uint32 group_rid;
+#if 0
uint32 num_gids = 0;
DOM_GID *gids = NULL;
uint32 num_alss = 0;
uint32 *als_rids = NULL;
+#endif
(*unknown_0) = 0x30;
(*user_rid) = 0x0;
@@ -766,7 +754,7 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
/* find the domain sid associated with the policy handle */
if (!get_tdbdomsid(get_global_hnd_cache(), domain_pol,
- &tdb_usr, &tdb_usg, &tdb_usa,
+ NULL, NULL, NULL,
NULL, NULL, &dom_sid))
{
return NT_STATUS_INVALID_HANDLE;
@@ -797,9 +785,11 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
}
{
+#if 0
int i;
int n_groups = 0;
gid_t *groups = NULL;
+#endif
fstring user_name;
unistr2_to_ascii(user_name, uni_username, sizeof(user_name)-1);
pass = Get_Pwnam(user_name, False);
@@ -810,6 +800,7 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
user_name));
return NT_STATUS_ACCESS_DENIED;
}
+#if 0
get_unixgroups(user_name,pass->pw_uid,pass->pw_gid,
&n_groups,
&groups);
@@ -852,6 +843,7 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
}
}
}
+#endif
}
/* create a User SID for the unix user */
@@ -895,13 +887,18 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
create_user_info_21(&usr, uni_username, acb_info,
(*user_rid), group_rid);
- if (!tdb_store_user(tdb_usr, usr.user_rid, &usr))
+ tdb_usr = open_usr_db(&dom_sid, (*user_rid), O_RDWR | O_CREAT);
+
+ if (tdb_usr == NULL)
{
- /* account doesn't exist: say so */
return NT_STATUS_ACCESS_DENIED;
}
-
+ if (!tdb_store_user(tdb_usr, &usr))
+ {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+#if 0
if (!tdb_store_user_grps(tdb_usg, usr.user_rid, num_gids, gids))
{
/* account doesn't exist: say so */
@@ -913,11 +910,11 @@ uint32 _samr_create_user(const POLICY_HND *domain_pol,
/* account doesn't exist: say so */
return NT_STATUS_ACCESS_DENIED;
}
+#endif
*unknown_0 = 0x000703ff;
- return samr_open_by_tdbrid(domain_pol, tdb_usr, tdb_usg,
- tdb_usa,
+ return samr_open_user_tdb(domain_pol, &dom_sid, tdb_usr,
user_pol, access_mask, *user_rid);
}