static NTSTATUS row_to_sam_account ( PGresult *r, long row, SAM_ACCOUNT *u )
{
pstring temp ;
DOM_SID sid ;
if ( row >= PQntuples( r ) ) return NT_STATUS_INVALID_PARAMETER ;
pdb_set_logon_time ( u, PQgetlong ( r, row, 0 ), PDB_SET ) ;
pdb_set_logoff_time ( u, PQgetlong ( r, row, 1 ), PDB_SET ) ;
pdb_set_kickoff_time ( u, PQgetlong ( r, row, 2 ), PDB_SET ) ;
pdb_set_pass_last_set_time ( u, PQgetlong ( r, row, 3 ), PDB_SET ) ;
pdb_set_pass_can_change_time ( u, PQgetlong ( r, row, 4 ), PDB_SET ) ;
pdb_set_pass_must_change_time( u, PQgetlong ( r, row, 5 ), PDB_SET ) ;
pdb_set_username ( u, PQgetvalue( r, row, 6 ), PDB_SET ) ;
pdb_set_domain ( u, PQgetvalue( r, row, 7 ), PDB_SET ) ;
pdb_set_nt_username ( u, PQgetvalue( r, row, 8 ), PDB_SET ) ;
pdb_set_fullname ( u, PQgetvalue( r, row, 9 ), PDB_SET ) ;
pdb_set_homedir ( u, PQgetvalue( r, row, 10 ), PDB_SET ) ;
pdb_set_dir_drive ( u, PQgetvalue( r, row, 11 ), PDB_SET ) ;
pdb_set_logon_script ( u, PQgetvalue( r, row, 12 ), PDB_SET ) ;
pdb_set_profile_path ( u, PQgetvalue( r, row, 13 ), PDB_SET ) ;
pdb_set_acct_desc ( u, PQgetvalue( r, row, 14 ), PDB_SET ) ;
pdb_set_workstations ( u, PQgetvalue( r, row, 15 ), PDB_SET ) ;
pdb_set_unknown_str ( u, PQgetvalue( r, row, 16 ), PDB_SET ) ;
pdb_set_munged_dial ( u, PQgetvalue( r, row, 17 ), PDB_SET ) ;
pdb_set_acct_ctrl ( u, PQgetlong ( r, row, 23 ), PDB_SET ) ;
pdb_set_logon_divs ( u, PQgetlong ( r, row, 24 ), PDB_SET ) ;
pdb_set_hours_len ( u, PQgetlong ( r, row, 25 ), PDB_SET ) ;
pdb_set_bad_password_count ( u, PQgetlong (r, row, 26 ), PDB_SET ) ;
pdb_set_logon_count ( u, PQgetlong ( r, row, 27 ), PDB_SET ) ;
pdb_set_unknown_6 ( u, PQgetlong ( r, row, 28 ), PDB_SET ) ;
if ( !PQgetisnull( r, row, 18 ) ) {
string_to_sid( &sid, PQgetvalue( r, row, 18 ) ) ;
pdb_set_user_sid ( u, &sid, PDB_SET ) ;
}
if ( !PQgetisnull( r, row, 19 ) ) {
string_to_sid( &sid, PQgetvalue( r, row, 19 ) ) ;
pdb_set_group_sid( u, &sid, PDB_SET ) ;
}
if ( pdb_gethexpwd( PQgetvalue( r, row, 20 ), temp ), PDB_SET ) pdb_set_lanman_passwd( u, temp, PDB_SET ) ;
if ( pdb_gethexpwd( PQgetvalue( r, row, 21 ), temp ), PDB_SET ) pdb_set_nt_passwd ( u, temp, PDB_SET ) ;
/* Only use plaintext password storage when lanman and nt are NOT used */
if ( PQgetisnull( r, row, 20 ) || PQgetisnull( r, row, 21 ) ) pdb_set_plaintext_passwd( u, PQgetvalue( r, row, 22 ) ) ;
return NT_STATUS_OK ;
}
/**
* update the encrypted smbpasswd file from the plaintext username and password
*
* this ugly hack needs to die, but not quite yet, I think people still use it...
**/
static BOOL update_smbpassword_file(const char *user, const char *password)
{
struct samu *sampass;
BOOL ret;
if ( !(sampass = samu_new( NULL )) ) {
return False;
}
become_root();
ret = pdb_getsampwnam(sampass, user);
unbecome_root();
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
TALLOC_FREE(sampass);
return False;
}
/*
* Remove the account disabled flag - we are updating the
* users password from a login.
*/
if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED, PDB_CHANGED)) {
TALLOC_FREE(sampass);
return False;
}
if (!pdb_set_plaintext_passwd (sampass, password)) {
TALLOC_FREE(sampass);
return False;
}
/* Now write it into the file. */
become_root();
ret = NT_STATUS_IS_OK(pdb_update_sam_account (sampass));
unbecome_root();
if (ret) {
DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
}
TALLOC_FREE(sampass);
return ret;
}
static int new_machine (struct pdb_methods *in, const char *machine_in)
{
struct samu *sam_pwent=NULL;
fstring machinename;
fstring machineaccount;
struct passwd *pwd = NULL;
get_global_sam_sid();
if (strlen(machine_in) == 0) {
fprintf(stderr, "No machine name given\n");
return -1;
}
fstrcpy(machinename, machine_in);
machinename[15]= '\0';
if (machinename[strlen (machinename) -1] == '$')
machinename[strlen (machinename) -1] = '\0';
strlower_m(machinename);
fstrcpy(machineaccount, machinename);
fstrcat(machineaccount, "$");
if ((pwd = getpwnam_alloc(NULL, machineaccount))) {
if ( (sam_pwent = samu_new( NULL )) == NULL ) {
fprintf(stderr, "Memory allocation error!\n");
TALLOC_FREE(pwd);
return -1;
}
if ( !NT_STATUS_IS_OK(samu_set_unix(sam_pwent, pwd )) ) {
fprintf(stderr, "Could not init sam from pw\n");
TALLOC_FREE(pwd);
return -1;
}
TALLOC_FREE(pwd);
} else {
if ( (sam_pwent = samu_new( NULL )) == NULL ) {
fprintf(stderr, "Could not init sam from pw\n");
return -1;
}
}
pdb_set_plaintext_passwd (sam_pwent, machinename);
pdb_set_username (sam_pwent, machineaccount, PDB_CHANGED);
pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST, PDB_CHANGED);
if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) {
print_user_info (in, machineaccount, True, False);
} else {
fprintf (stderr, "Unable to add machine! (does it already exist?)\n");
TALLOC_FREE(sam_pwent);
return -1;
}
TALLOC_FREE(sam_pwent);
return 0;
}
/*********************************************************
Add New User
**********************************************************/
static int new_user (struct pdb_methods *in, const char *username,
const char *fullname, const char *homedir,
const char *drive, const char *script,
const char *profile, char *user_sid, BOOL stdin_get)
{
struct samu *sam_pwent;
char *password1, *password2;
int rc_pwd_cmp;
struct passwd *pwd;
get_global_sam_sid();
if ( !(pwd = getpwnam_alloc( NULL, username )) ) {
DEBUG(0,("Cannot locate Unix account for %s\n", username));
return -1;
}
if ( (sam_pwent = samu_new( NULL )) == NULL ) {
DEBUG(0, ("Memory allocation failure!\n"));
return -1;
}
if (!NT_STATUS_IS_OK(samu_alloc_rid_unix(sam_pwent, pwd ))) {
TALLOC_FREE( sam_pwent );
TALLOC_FREE( pwd );
DEBUG(0, ("could not create account to add new user %s\n", username));
return -1;
}
password1 = get_pass( "new password:"******"retype new password:"******"Passwords do not match!\n");
TALLOC_FREE(sam_pwent);
} else {
pdb_set_plaintext_passwd(sam_pwent, password1);
}
memset(password1, 0, strlen(password1));
SAFE_FREE(password1);
memset(password2, 0, strlen(password2));
SAFE_FREE(password2);
/* pwds do _not_ match? */
if (rc_pwd_cmp)
return -1;
if (fullname)
pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED);
if (homedir)
pdb_set_homedir (sam_pwent, homedir, PDB_CHANGED);
if (drive)
pdb_set_dir_drive (sam_pwent, drive, PDB_CHANGED);
if (script)
pdb_set_logon_script(sam_pwent, script, PDB_CHANGED);
if (profile)
pdb_set_profile_path (sam_pwent, profile, PDB_CHANGED);
if (user_sid) {
DOM_SID u_sid;
if (!string_to_sid(&u_sid, user_sid)) {
/* not a complete sid, may be a RID, try building a SID */
int u_rid;
if (sscanf(user_sid, "%d", &u_rid) != 1) {
fprintf(stderr, "Error passed string is not a complete user SID or RID!\n");
TALLOC_FREE(sam_pwent);
return -1;
}
sid_copy(&u_sid, get_global_sam_sid());
sid_append_rid(&u_sid, u_rid);
}
pdb_set_user_sid (sam_pwent, &u_sid, PDB_CHANGED);
}
pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED);
if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) {
print_user_info (in, username, True, False);
} else {
fprintf (stderr, "Unable to add user! (does it already exist?)\n");
TALLOC_FREE(sam_pwent);
return -1;
}
TALLOC_FREE(sam_pwent);
return 0;
}