Esempio n. 1
0
APIERR MNetUserGetGroups(
	const TCHAR FAR	 * pszServer,
	const TCHAR FAR	 * pszUserName,
	UINT		   Level,
	BYTE FAR	** ppbBuffer,
	UINT FAR	 * pcEntriesRead )
{
    DWORD cTotalAvail;

    return (APIERR)NetUserGetGroups( (TCHAR *)pszServer,
    				     (TCHAR *)pszUserName,
				     Level,
				     ppbBuffer,
				     MAXPREFERREDLENGTH,
				     pcEntriesRead,
				     &cTotalAvail );

}   // MNetUserGetGroups
Esempio n. 2
0
static int get_user_global_groups(WCHAR *user, struct oscap_list *list)
{
	NET_API_STATUS status;

	GROUP_USERS_INFO_0 *buffer = NULL;
	DWORD preffered_max_len = MAX_PREFERRED_LENGTH;
	DWORD entries_read = 0;
	DWORD total_entries = 0;
	status = NetUserGetGroups(NULL, user, 0, (LPBYTE *)&buffer, preffered_max_len, &entries_read, &total_entries);
	if (status != NERR_Success) {
		dD("NetUserGetGroups failed: %d", status);
		return 1;
	}
	for (DWORD i = 0; i < entries_read; i++) {
		WCHAR *group_name = buffer[i].grui0_name;
		oscap_list_add(list, wcsdup(group_name));
	}
	NetApiBufferFree(buffer);
	return 0;
}
int SetupTokenGroups(PTOKEN_GROUPS *groupsToken, wchar_t *userNameW)
{
  wchar_t **localGroups  = NULL;
  wchar_t **globalGroups = NULL;
  
  DWORD nLocalGroups     = 0;
  DWORD nLocalGroupsTot  = 0;
  
  DWORD nGlobalGroups    = 0;
  DWORD nGlobalGroupsTot = 0;
  
  DWORD nGroupsTotal     = 0;
  
  DWORD size;
  
  int i;
  
  int exitCode = 1;

  /*
   * Retrieve local groups, which user belong to.
   */
  
  debug("Retrieving local groups list...");
  
  FAIL(NetUserGetLocalGroups(NULL, userNameW, 0, 
                                LG_INCLUDE_INDIRECT, 
                                    (LPBYTE *) &localGroups,
                                         MAX_PREFERRED_LENGTH,
                                             &nLocalGroups, 
                                                 &nLocalGroupsTot));

  debug("Retrieving global groups list...");
  
  /*
   * Retrieve global groups, which user belong to.
   */

  FAIL(NetUserGetGroups(NULL, userNameW, 0, (LPBYTE *) 
                            &globalGroups, MAX_PREFERRED_LENGTH, 
                                &nGlobalGroups, &nGlobalGroupsTot));
  

  /*
   * Allocate buffer for TOKEN_GROUPS struct.
   *
   * We assume user belong to Everyone, AuthenticatedUsers, Local, Interactive
   * and groups retrievied from NetUserGetLocalGroups() and NetUserGetGroups()
   * for given user.
   */
  
  nGroupsTotal = nLocalGroups + nGlobalGroups + 4;

  size = (nGroupsTotal + 1) * sizeof(SID_AND_ATTRIBUTES) + sizeof(DWORD);
  
  *groupsToken = (TOKEN_GROUPS *) LocalAlloc(LPTR, size);
  
  (*groupsToken) -> GroupCount = nGroupsTotal;

  /*
   * Write SIDs of local groups into TOKEN_GROUPS struct.
   */
  
  #define INSIDE_GROUP_FLAG SE_GROUP_ENABLED\
                            | SE_GROUP_ENABLED_BY_DEFAULT\
                            | SE_GROUP_MANDATORY

  int delta = 4;

  for (i = 0; i < nLocalGroups; i++)
  {
    FAIL(GetSidW(&(*groupsToken) -> Groups[i + delta].Sid, localGroups[i]));

    (*groupsToken) -> Groups[i + delta].Attributes = INSIDE_GROUP_FLAG;
  }
  
  /*
   * Write SIDs of global groups into TOKEN_GROUPS struct.
   */

  delta = 4 + nLocalGroups;

  for (i = 0; i < nGlobalGroups; i++)
  {
    FAIL(GetSidW(&(*groupsToken) -> Groups[delta + i].Sid, globalGroups[i]));

    (*groupsToken) -> Groups[delta + i].Attributes = INSIDE_GROUP_FLAG;
  }
  
  /*
   * Write SIDs of Everyone, AuthenticatedUsers, Local and Interactive
   * groups into TOKEN_GROUPS struct.
   */
  
  (*groupsToken) -> Groups[0].Sid = EveryoneSID();
  (*groupsToken) -> Groups[0].Attributes = INSIDE_GROUP_FLAG;
  
  (*groupsToken) -> Groups[1].Sid = AuthenticatedUsersSID();
  (*groupsToken) -> Groups[1].Attributes = INSIDE_GROUP_FLAG;
  
  (*groupsToken) -> Groups[2].Sid = LocalSID();
  (*groupsToken) -> Groups[2].Attributes = INSIDE_GROUP_FLAG;
  
  (*groupsToken) -> Groups[3].Sid = InteractiveSID();
  (*groupsToken) -> Groups[3].Attributes = INSIDE_GROUP_FLAG;

  exitCode = 0;

fail:

  /*
   * Clean up.
   */
  
  NetApiBufferFree(localGroups);
  NetApiBufferFree(globalGroups);

  if (exitCode)
  {
    debug("ERROR. Failed to setup TOKEN_GROUPS (%u).", GetLastError());
  }
  
  return exitCode;
}
Esempio n. 4
0
int main(int argc, const char **argv)
{
	NET_API_STATUS status;
	struct libnetapi_ctx *ctx = NULL;
	const char *hostname = NULL;
	const char *username = NULL;
	uint32_t level = 0;
	uint8_t *buffer = NULL;
	uint32_t entries_read = 0;
	uint32_t total_entries = 0;
	int i;

	struct GROUP_USERS_INFO_0 *info0 = NULL;
	struct GROUP_USERS_INFO_1 *info1 = NULL;

	poptContext pc;
	int opt;

	struct poptOption long_options[] = {
		POPT_AUTOHELP
		POPT_COMMON_LIBNETAPI_EXAMPLES
		POPT_TABLEEND
	};

	status = libnetapi_init(&ctx);
	if (status != 0) {
		return status;
	}

	pc = poptGetContext("user_getgroups", argc, argv, long_options, 0);

	poptSetOtherOptionHelp(pc, "hostname username level");
	while((opt = poptGetNextOpt(pc)) != -1) {
	}

	if (!poptPeekArg(pc)) {
		poptPrintHelp(pc, stderr, 0);
		goto out;
	}
	hostname = poptGetArg(pc);

	if (!poptPeekArg(pc)) {
		poptPrintHelp(pc, stderr, 0);
		goto out;
	}
	username = poptGetArg(pc);

	if (poptPeekArg(pc)) {
		level = atoi(poptGetArg(pc));
	}

	/* NetUserGetGroups */

	do {
		status = NetUserGetGroups(hostname,
					  username,
					  level,
					  &buffer,
					  (uint32_t)-1,
					  &entries_read,
					  &total_entries);
		if (status == 0 || status == ERROR_MORE_DATA) {

			switch (level) {
				case 0:
					info0 = (struct GROUP_USERS_INFO_0 *)buffer;
					break;
				case 1:
					info1 = (struct GROUP_USERS_INFO_1 *)buffer;
					break;
				default:
					break;
			}

			for (i=0; i<entries_read; i++) {
				switch (level) {
					case 0:
						printf("#%d group: %s\n", i, info0->grui0_name);
						info0++;
						break;
					case 1:
						printf("#%d group: %s\n", i, info1->grui1_name);
						printf("#%d attributes: %d\n", i, info1->grui1_attributes);
						info1++;
						break;
					default:
						break;
				}
			}
			NetApiBufferFree(buffer);
		}
	} while (status == ERROR_MORE_DATA);

	if (status != 0) {
		printf("NetUserGetGroups failed with: %s\n",
			libnetapi_get_error_string(ctx, status));
	}

 out:
	libnetapi_free(ctx);
	poptFreeContext(pc);

	return status;
}
Esempio n. 5
0
// @pymethod [(groupName, attribute), ...]|win32net|NetUserGetGroups|Returns a list of groups,attributes for all groups for the user.
// @todo This needs to be extended to support the new model, while
// not breaking existing code.  A default arg would be perfect.
PyObject *
PyNetUserGetGroups( PyObject *self, PyObject *args)
{
	DWORD dwBuffsize = MAX_PREFERRED_LENGTH;	
	PyWin_AutoFreeBstr	wzServerName;		// storage for incoming servername string pointer
	PyWin_AutoFreeBstr	wzUserName;			// incoming username
	PyObject *		obServerName;
	PyObject *              obUserName;

	
	if (!PyArg_ParseTuple(args, "OO:NetUserGetGroups",
			&obServerName, // @pyparm string|serverName||The name of the remote server on which the function is to execute. None or an empty string specifies the server program running on the local computer.
			&obUserName)) // @pyparm string|userName||The name of the user to search for in each group account.
		return NULL;

	if (!PyWinObject_AsAutoFreeBstr(obServerName, &wzServerName, TRUE))
		return NULL;
	if (!PyWinObject_AsAutoFreeBstr(obUserName, &wzUserName, FALSE))
		return NULL;

	DWORD dwMaxCount, dwCount;		// see the win32api call for how these are used.
	GROUP_USERS_INFO_1 *lpBuffer;
	NET_API_STATUS Errno;

	dwMaxCount = dwCount = 0;

	PyObject * pRetlist = PyList_New(0);	//create a return list of 0 size
	if (pRetlist==NULL) return NULL; // did we err?
	
	Py_BEGIN_ALLOW_THREADS
	Errno = NetUserGetGroups((BSTR)wzServerName, (BSTR)wzUserName, 1, (LPBYTE *)&lpBuffer, dwBuffsize, &dwCount, &dwMaxCount);
	Py_END_ALLOW_THREADS

	if (Errno == NERR_Success)	// if no error, then build the list
	{

		GROUP_USERS_INFO_1 *p_nr = lpBuffer;	// Enum Resource returns a buffer of successive structs

		if (dwCount > 0)	// we actually got something
		{
			do
			{
				PyObject *obName = PyWinObject_FromWCHAR(p_nr->grui1_name);
				PyObject *t_ob = Py_BuildValue("(Oi)",obName, p_nr->grui1_attributes);	
				Py_XDECREF(obName);

				int listerr = PyList_Append(pRetlist,t_ob);				// append our obj...Append does an INCREF!
				Py_DECREF(t_ob);
				if (listerr)	// or bail
				{
					Py_DECREF(pRetlist);	// free the Python List
					NetApiBufferFree((LPVOID)lpBuffer);
					return NULL;
				}

				p_nr++;	// next object (its a ++ because it is a typed pointer!)
				dwCount--;
			} while (dwCount);
		}; // if (dwCount > 0)

	}	
	else {	// ERROR Occurred
		Py_DECREF(pRetlist);
		return ReturnNetError("NetUserGetGroups", Errno);
	}
	// @rdesc Always makes the level 1 call and returns all data.
	// Data return format is a Python List.  Each "Item"
	// is a tuple of (groupname, attributes).  "(s,i)" respectively.  In NT 4 the attributes seem to be hardcoded to 7.
	// Earlier version of NT have not been tested.
	NetApiBufferFree((LPVOID)lpBuffer);
	return pRetlist;

}
Esempio n. 6
0
isc_result_t
isc_ntsecurity_getaccountgroups (char *username, char **GroupList, unsigned int maxgroups, unsigned int *totalGroups)
{
    LPGROUP_USERS_INFO_0 pTmpBuf;

    LPLOCALGROUP_USERS_INFO_0 pTmpLBuf;

    DWORD i;

    LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;

    LPGROUP_USERS_INFO_0 pgrpBuf = NULL;

    DWORD dwLevel = 0;

    DWORD dwFlags = LG_INCLUDE_INDIRECT;

    DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;

    DWORD dwEntriesRead = 0;

    DWORD dwTotalEntries = 0;

    NET_API_STATUS nStatus;

    DWORD dwTotalCount = 0;

    size_t retlen;

    wchar_t user[MAX_NAME_LENGTH];

    retlen = mbstowcs (user, username, MAX_NAME_LENGTH);

    *totalGroups = 0;
    /*
     * Call the NetUserGetLocalGroups function
     * specifying information level 0.
     *
     * The LG_INCLUDE_INDIRECT flag specifies that the
     * function should also return the names of the local
     * groups in which the user is indirectly a member.
     */
    nStatus = NetUserGetLocalGroups (NULL,
                                     user,
                                     dwLevel,
                                     dwFlags, (LPBYTE *) & pBuf, dwPrefMaxLen, &dwEntriesRead, &dwTotalEntries);
    /*
     * See if the call succeeds,
     */
    if (nStatus != NERR_Success)
    {
        if (nStatus == ERROR_ACCESS_DENIED)
            return (ISC_R_NOPERM);
        if (nStatus == ERROR_MORE_DATA)
            return (ISC_R_NOSPACE);
        if (nStatus == NERR_UserNotFound)
            dwEntriesRead = 0;
    }

    dwTotalCount = 0;
    if (pBuf != NULL)
    {
        pTmpLBuf = pBuf;
        /*
         * Loop through the entries
         */
        for (i = 0; (i < dwEntriesRead && *totalGroups < maxgroups); i++)
        {
            assert (pTmpLBuf != NULL);
            if (pTmpLBuf == NULL)
                break;
            retlen = wcslen (pTmpLBuf->lgrui0_name);
            GroupList[*totalGroups] = (char *) malloc (retlen + 1);
            if (GroupList[*totalGroups] == NULL)
                return (ISC_R_NOMEMORY);

            retlen = wcstombs (GroupList[*totalGroups], pTmpLBuf->lgrui0_name, retlen);
            GroupList[*totalGroups][retlen] = '\0';
            if (strcmp (GroupList[*totalGroups], "None") == 0)
                free (GroupList[*totalGroups]);
            else
                (*totalGroups)++;
            pTmpLBuf++;
        }
    }
    /* Free the allocated memory. */
    if (pBuf != NULL)
        NetApiBufferFree (pBuf);


    /*
     * Call the NetUserGetGroups function, specifying level 0.
     */
    nStatus = NetUserGetGroups (NULL,
                                user, dwLevel, (LPBYTE *) & pgrpBuf, dwPrefMaxLen, &dwEntriesRead, &dwTotalEntries);
    /*
     * See if the call succeeds,
     */
    if (nStatus != NERR_Success)
    {
        if (nStatus == ERROR_ACCESS_DENIED)
            return (ISC_R_NOPERM);
        if (nStatus == ERROR_MORE_DATA)
            return (ISC_R_NOSPACE);
        if (nStatus == NERR_UserNotFound)
            dwEntriesRead = 0;
    }

    if (pgrpBuf != NULL)
    {
        pTmpBuf = pgrpBuf;
        /*
         * Loop through the entries
         */
        for (i = 0; (i < dwEntriesRead && *totalGroups < maxgroups); i++)
        {
            assert (pTmpBuf != NULL);

            if (pTmpBuf == NULL)
                break;
            retlen = wcslen (pTmpBuf->grui0_name);
            GroupList[*totalGroups] = (char *) malloc (retlen + 1);
            if (GroupList[*totalGroups] == NULL)
                return (ISC_R_NOMEMORY);

            retlen = wcstombs (GroupList[*totalGroups], pTmpBuf->grui0_name, retlen);
            GroupList[*totalGroups][retlen] = '\0';
            if (strcmp (GroupList[*totalGroups], "None") == 0)
                free (GroupList[*totalGroups]);
            else
                (*totalGroups)++;
            pTmpBuf++;
        }
    }
    /*
     * Free the allocated memory.
     */
    if (pgrpBuf != NULL)
        NetApiBufferFree (pgrpBuf);

    return (ISC_R_SUCCESS);
}
Esempio n. 7
0
Boolean System::isGroupMember(const char* userName, const char* groupName)
{
    Boolean retVal = false;

    LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
    DWORD dwLevel = 0;
    DWORD dwFlags = LG_INCLUDE_INDIRECT ;
    DWORD dwPrefMaxLen = MAX_PREFERRED_LENGTH;
    DWORD dwEntriesRead = 0;
    DWORD dwTotalEntries = 0;
    NET_API_STATUS nStatus;
    wchar_t wcUserName[UNLEN+1];
    wchar_t wcGroupName[UNLEN+1];

    //Convert user name to unicode
    if (!MultiByteToWideChar(CP_ACP,0,userName, -1, wcUserName,
        strlen(userName)+1))
    {
        return false;
    }

    //Convert group name to unicode
    if (!MultiByteToWideChar(CP_ACP, 0, groupName, -1, wcGroupName,
        strlen(groupName)+1))
    {
        return false;
    }

    //
    // Call the NetUserGetLocalGroups function
    // specifying information level 0.
    //
    // The LG_INCLUDE_INDIRECT flag specifies that the
    // function should also return the names of the local
    // groups in which the user is indirectly a member.
    //
    nStatus = NetUserGetLocalGroups(
        NULL,
        (LPCWSTR)wcUserName,
        dwLevel,
        dwFlags,
        (LPBYTE *) &pBuf,
        dwPrefMaxLen,
        &dwEntriesRead,
        &dwTotalEntries);

    //
    // If the call succeeds,
    //
    if (nStatus == NERR_Success)
    {
        LPLOCALGROUP_USERS_INFO_0 pTmpBuf;
        DWORD i;
        DWORD dwTotalCount = 0;

        if ((pTmpBuf = pBuf) != NULL)
        {
            //
            // Loop through the local groups that the user belongs
            // and find the matching group name.
            //
            for (i = 0; i < dwEntriesRead; i++)
            {
                //
                // Compare the user's group name to groupName.
                //

                if (wcscmp(pTmpBuf->lgrui0_name, wcGroupName) == 0)
                {
                    // User is a member of the group.
                    retVal = true;
                    break;
                }

                pTmpBuf++;
                dwTotalCount++;
            }
        }
    }

    //
    // Free the allocated memory.
    //
    if (pBuf != NULL)
        NetApiBufferFree(pBuf);

    //
    // If the given user and group are not found in the local group
    // then try on the global groups.
    //
    if (!retVal)
    {
        LPGROUP_USERS_INFO_0 pBuf = NULL;
        dwLevel = 0;
        dwPrefMaxLen = MAX_PREFERRED_LENGTH;
        dwEntriesRead = 0;
        dwTotalEntries = 0;

        //
        // Call the NetUserGetGroups function, specifying level 0.
        //
        nStatus = NetUserGetGroups(
            NULL,
            (LPCWSTR)wcUserName,
            dwLevel,
            (LPBYTE*)&pBuf,
            dwPrefMaxLen,
            &dwEntriesRead,
            &dwTotalEntries);

        //
        // If the call succeeds,
        //
        if (nStatus == NERR_Success)
        {
            LPGROUP_USERS_INFO_0 pTmpBuf;
            DWORD i;
            DWORD dwTotalCount = 0;

            if ((pTmpBuf = pBuf) != NULL)
            {
                //
                // Loop through the global groups to which the user belongs
                // and find the matching group name.
                //
                for (i = 0; i < dwEntriesRead; i++)
                {
                    //
                    // Compare the user's group name to groupName.
                    //
                    if (wcscmp(pTmpBuf->grui0_name, wcGroupName) == 0)
                    {
                        // User is a member of the group.
                        retVal = true;
                        break;
                    }

                    pTmpBuf++;
                    dwTotalCount++;
                }
            }
        }

        //
        // Free the allocated buffer.
        //
        if (pBuf != NULL)
            NetApiBufferFree(pBuf);
    }

    return retVal;
}
Esempio n. 8
0
static
NET_API_STATUS
DisplayUser(LPWSTR lpUserName)
{
    PUSER_MODALS_INFO_0 pUserModals = NULL;
    PUSER_INFO_4 pUserInfo = NULL;
    PLOCALGROUP_USERS_INFO_0 pLocalGroupInfo = NULL;
    PGROUP_USERS_INFO_0 pGroupInfo = NULL;
    DWORD dwLocalGroupRead, dwLocalGroupTotal;
    DWORD dwGroupRead, dwGroupTotal;
    DWORD dwLastSet;
    DWORD i;
    INT nPaddedLength = 29;
    NET_API_STATUS Status;

    /* Modify the user */
    Status = NetUserGetInfo(NULL,
                            lpUserName,
                            4,
                            (LPBYTE*)&pUserInfo);
    if (Status != NERR_Success)
        return Status;

    Status = NetUserModalsGet(NULL,
                              0,
                              (LPBYTE*)&pUserModals);
    if (Status != NERR_Success)
        goto done;

    Status = NetUserGetLocalGroups(NULL,
                                   lpUserName,
                                   0,
                                   0,
                                   (LPBYTE*)&pLocalGroupInfo,
                                   MAX_PREFERRED_LENGTH,
                                   &dwLocalGroupRead,
                                   &dwLocalGroupTotal);
    if (Status != NERR_Success)
        goto done;

    Status = NetUserGetGroups(NULL,
                              lpUserName,
                              0,
                              (LPBYTE*)&pGroupInfo,
                              MAX_PREFERRED_LENGTH,
                              &dwGroupRead,
                              &dwGroupTotal);
    if (Status != NERR_Success)
        goto done;

    PrintPaddedResourceString(IDS_USER_NAME, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_name);

    PrintPaddedResourceString(IDS_USER_FULL_NAME, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_full_name);

    PrintPaddedResourceString(IDS_USER_COMMENT, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_comment);

    PrintPaddedResourceString(IDS_USER_USER_COMMENT, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_usr_comment);

    PrintPaddedResourceString(IDS_USER_COUNTRY_CODE, nPaddedLength);
    ConPrintf(StdOut, L"%03ld ()\n", pUserInfo->usri4_country_code);

    PrintPaddedResourceString(IDS_USER_ACCOUNT_ACTIVE, nPaddedLength);
    if (pUserInfo->usri4_flags & UF_ACCOUNTDISABLE)
        ConResPuts(StdOut, IDS_GENERIC_NO);
    else if (pUserInfo->usri4_flags & UF_LOCKOUT)
        ConResPuts(StdOut, IDS_GENERIC_LOCKED);
    else
        ConResPuts(StdOut, IDS_GENERIC_YES);
    ConPuts(StdOut, L"\n");

    PrintPaddedResourceString(IDS_USER_ACCOUNT_EXPIRES, nPaddedLength);
    if (pUserInfo->usri4_acct_expires == TIMEQ_FOREVER)
        ConResPuts(StdOut, IDS_GENERIC_NEVER);
    else
        PrintDateTime(pUserInfo->usri4_acct_expires);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedResourceString(IDS_USER_PW_LAST_SET, nPaddedLength);
    dwLastSet = GetTimeInSeconds() - pUserInfo->usri4_password_age;
    PrintDateTime(dwLastSet);

    PrintPaddedResourceString(IDS_USER_PW_EXPIRES, nPaddedLength);
    if ((pUserInfo->usri4_flags & UF_DONT_EXPIRE_PASSWD) || pUserModals->usrmod0_max_passwd_age == TIMEQ_FOREVER)
        ConResPuts(StdOut, IDS_GENERIC_NEVER);
    else
        PrintDateTime(dwLastSet + pUserModals->usrmod0_max_passwd_age);
    ConPuts(StdOut, L"\n");

    PrintPaddedResourceString(IDS_USER_PW_CHANGEABLE, nPaddedLength);
    PrintDateTime(dwLastSet + pUserModals->usrmod0_min_passwd_age);

    PrintPaddedResourceString(IDS_USER_PW_REQUIRED, nPaddedLength);
    ConResPuts(StdOut, (pUserInfo->usri4_flags & UF_PASSWD_NOTREQD) ? IDS_GENERIC_NO : IDS_GENERIC_YES);
    ConPuts(StdOut, L"\n");

    PrintPaddedResourceString(IDS_USER_CHANGE_PW, nPaddedLength);
    ConResPuts(StdOut, (pUserInfo->usri4_flags & UF_PASSWD_CANT_CHANGE) ? IDS_GENERIC_NO : IDS_GENERIC_YES);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedResourceString(IDS_USER_WORKSTATIONS, nPaddedLength);
    if (pUserInfo->usri4_workstations == NULL || wcslen(pUserInfo->usri4_workstations) == 0)
        ConResPuts(StdOut, IDS_GENERIC_ALL);
    else
        ConPrintf(StdOut, L"%s", pUserInfo->usri4_workstations);
    ConPuts(StdOut, L"\n");

    PrintPaddedResourceString(IDS_USER_LOGON_SCRIPT, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_script_path);

    PrintPaddedResourceString(IDS_USER_PROFILE, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_profile);

    PrintPaddedResourceString(IDS_USER_HOME_DIR, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_home_dir);

    PrintPaddedResourceString(IDS_USER_LAST_LOGON, nPaddedLength);
    if (pUserInfo->usri4_last_logon == 0)
        ConResPuts(StdOut, IDS_GENERIC_NEVER);
    else
        PrintDateTime(pUserInfo->usri4_last_logon);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedResourceString(IDS_USER_LOGON_HOURS, nPaddedLength);
    if (pUserInfo->usri4_logon_hours == NULL)
        ConResPuts(StdOut, IDS_GENERIC_ALL);
    ConPuts(StdOut, L"\n\n");

    ConPuts(StdOut, L"\n");
    PrintPaddedResourceString(IDS_USER_LOCAL_GROUPS, nPaddedLength);
    if (dwLocalGroupTotal != 0 && pLocalGroupInfo != NULL)
    {
        for (i = 0; i < dwLocalGroupTotal; i++)
        {
            if (i != 0)
                PrintPadding(L' ', nPaddedLength);
            ConPrintf(StdOut, L"*%s\n", pLocalGroupInfo[i].lgrui0_name);
        }
    }
    else
    {
        ConPuts(StdOut, L"\n");
    }

    PrintPaddedResourceString(IDS_USER_GLOBAL_GROUPS, nPaddedLength);
    if (dwGroupTotal != 0 && pGroupInfo != NULL)
    {
        for (i = 0; i < dwGroupTotal; i++)
        {
            if (i != 0)
                PrintPadding(L' ', nPaddedLength);
            ConPrintf(StdOut, L"*%s\n", pGroupInfo[i].grui0_name);
        }
    }
    else
    {
        ConPuts(StdOut, L"\n");
    }

done:
    if (pGroupInfo != NULL)
        NetApiBufferFree(pGroupInfo);

    if (pLocalGroupInfo != NULL)
        NetApiBufferFree(pLocalGroupInfo);

    if (pUserModals != NULL)
        NetApiBufferFree(pUserModals);

    if (pUserInfo != NULL)
        NetApiBufferFree(pUserInfo);

    return NERR_Success;
}
Esempio n. 9
0
/* returns 1 on success, 0 on failure */
int
Valid_Global_Groups(char *UserName, const char **Groups)
{
    int result = 0;
    WCHAR wszUserName[UNLEN + 1];	// Unicode user name

    WCHAR wszDomainControllerName[UNCLEN + 1];

    char NTDomain[DNLEN + UNLEN + 2];
    char *domain_qualify = NULL;
    char User[UNLEN + 1];
    size_t j;

    LPGROUP_USERS_INFO_0 pUsrBuf = NULL;
    LPGROUP_USERS_INFO_0 pTmpBuf;
    PDOMAIN_CONTROLLER_INFO pDCInfo = NULL;
    DWORD dwLevel = 0;
    DWORD dwPrefMaxLen = -1;
    DWORD dwEntriesRead = 0;
    DWORD dwTotalEntries = 0;
    NET_API_STATUS nStatus;
    DWORD i;
    DWORD dwTotalCount = 0;
    LPBYTE pBufTmp = NULL;

    strncpy(NTDomain, UserName, sizeof(NTDomain));

    for (j = 0; j < strlen(NTV_VALID_DOMAIN_SEPARATOR); j++) {
        if ((domain_qualify = strchr(NTDomain, NTV_VALID_DOMAIN_SEPARATOR[j])) != NULL)
            break;
    }
    if (domain_qualify == NULL) {
        strcpy(User, NTDomain);
        strcpy(NTDomain, DefaultDomain);
    } else {
        strcpy(User, domain_qualify + 1);
        domain_qualify[0] = '\0';
        strlwr(NTDomain);
    }

    debug("Valid_Global_Groups: checking group membership of '%s\\%s'.\n", NTDomain, User);

    /* Convert ANSI User Name to Unicode */

    MultiByteToWideChar(CP_ACP, 0, User,
                        strlen(User) + 1, wszUserName,
                        sizeof(wszUserName) / sizeof(wszUserName[0]));

    /* Query AD for a DC */

    if (DsGetDcName(NULL, NTDomain, NULL, NULL, DS_IS_FLAT_NAME | DS_RETURN_FLAT_NAME, &pDCInfo) != NO_ERROR) {
        fprintf(stderr, "%s DsGetDcName() failed.'\n", myname);
        if (pDCInfo != NULL)
            NetApiBufferFree(pDCInfo);
        return result;
    }
    /* Convert ANSI Domain Controller Name to Unicode */

    MultiByteToWideChar(CP_ACP, 0, pDCInfo->DomainControllerName,
                        strlen(pDCInfo->DomainControllerName) + 1, wszDomainControllerName,
                        sizeof(wszDomainControllerName) / sizeof(wszDomainControllerName[0]));

    debug("Using '%S' as DC for '%s' user's domain.\n", wszDomainControllerName, NTDomain);
    debug("DC Active Directory Site is %s\n", pDCInfo->DcSiteName);
    debug("Machine Active Directory Site is %s\n", pDCInfo->ClientSiteName);

    /*
     * Call the NetUserGetGroups function
     * specifying information level 0.
     */
    dwLevel = 0;
    pBufTmp = NULL;
    nStatus = NetUserGetGroups(wszDomainControllerName,
                               wszUserName,
                               dwLevel,
                               &pBufTmp,
                               dwPrefMaxLen,
                               &dwEntriesRead,
                               &dwTotalEntries);
    pUsrBuf = (LPGROUP_USERS_INFO_0) pBufTmp;
    /*
     * If the call succeeds,
     */
    if (nStatus == NERR_Success) {
        if ((pTmpBuf = pUsrBuf) != NULL) {
            for (i = 0; i < dwEntriesRead; i++) {
                assert(pTmpBuf != NULL);
                if (pTmpBuf == NULL) {
                    result = 0;
                    break;
                }
                if (wcstrcmparray(pTmpBuf->grui0_name, Groups) == 0) {
                    result = 1;
                    break;
                }
                pTmpBuf++;
                dwTotalCount++;
            }
        }
    } else {
        result = 0;
        fprintf(stderr, "%s NetUserGetGroups() failed.'\n", myname);
    }
    /*
     * Free the allocated memory.
     */
    if (pUsrBuf != NULL)
        NetApiBufferFree(pUsrBuf);
    if (pDCInfo != NULL)
        NetApiBufferFree((LPVOID) pDCInfo);
    return result;
}
Esempio n. 10
0
static NET_API_STATUS test_netusergetgroups(struct torture_context *tctx,
					    const char *hostname,
					    uint32_t level,
					    const char *username,
					    const char *groupname)
{
	NET_API_STATUS status;
	uint32_t entries_read = 0;
	uint32_t total_entries = 0;
	const char *current_name;
	int found_group = 0;
	uint8_t *buffer = NULL;
	int i;

	struct GROUP_USERS_INFO_0 *i0;
	struct GROUP_USERS_INFO_1 *i1;

	torture_comment(tctx, "Testing NetUserGetGroups level %d\n", level);

	do {
		status = NetUserGetGroups(hostname,
					  username,
					  level,
					  &buffer,
					  (uint32_t)-1,
					  &entries_read,
					  &total_entries);
		if (status == 0 || status == ERROR_MORE_DATA) {
			switch (level) {
				case 0:
					i0 = (struct GROUP_USERS_INFO_0 *)buffer;
					break;
				case 1:
					i1 = (struct GROUP_USERS_INFO_1 *)buffer;
					break;
				default:
					return -1;
			}

			for (i=0; i<entries_read; i++) {

				switch (level) {
					case 0:
						current_name = i0->grui0_name;
						break;
					case 1:
						current_name = i1->grui1_name;
						break;
					default:
						return -1;
				}

				if (groupname && strcasecmp(current_name, groupname) == 0) {
					found_group = 1;
				}

				switch (level) {
					case 0:
						i0++;
						break;
					case 1:
						i1++;
						break;
					default:
						break;
				}
			}
			NetApiBufferFree(buffer);
		}
	} while (status == ERROR_MORE_DATA);

	if (status) {
		return status;
	}

	if (groupname && !found_group) {
		torture_comment(tctx, "failed to get membership\n");
		return -1;
	}

	return 0;
}
Esempio n. 11
0
static
NET_API_STATUS
DisplayUser(LPWSTR lpUserName)
{
    PUSER_MODALS_INFO_0 pUserModals = NULL;
    PUSER_INFO_4 pUserInfo = NULL;
    PLOCALGROUP_USERS_INFO_0 pLocalGroupInfo = NULL;
    PGROUP_USERS_INFO_0 pGroupInfo = NULL;
    DWORD dwLocalGroupRead, dwLocalGroupTotal;
    DWORD dwGroupRead, dwGroupTotal;
    DWORD dwLastSet;
    DWORD i;
    WCHAR szCountry[40];
    INT nPaddedLength = 36;
    NET_API_STATUS Status;

    /* Modify the user */
    Status = NetUserGetInfo(NULL,
                            lpUserName,
                            4,
                            (LPBYTE*)&pUserInfo);
    if (Status != NERR_Success)
        return Status;

    Status = NetUserModalsGet(NULL,
                              0,
                              (LPBYTE*)&pUserModals);
    if (Status != NERR_Success)
        goto done;

    Status = NetUserGetLocalGroups(NULL,
                                   lpUserName,
                                   0,
                                   0,
                                   (LPBYTE*)&pLocalGroupInfo,
                                   MAX_PREFERRED_LENGTH,
                                   &dwLocalGroupRead,
                                   &dwLocalGroupTotal);
    if (Status != NERR_Success)
        goto done;

    Status = NetUserGetGroups(NULL,
                              lpUserName,
                              0,
                              (LPBYTE*)&pGroupInfo,
                              MAX_PREFERRED_LENGTH,
                              &dwGroupRead,
                              &dwGroupTotal);
    if (Status != NERR_Success)
        goto done;

    PrintPaddedMessageString(4411, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_name);

    PrintPaddedMessageString(4412, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_full_name);

    PrintPaddedMessageString(4413, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_comment);

    PrintPaddedMessageString(4414, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_usr_comment);

    PrintPaddedMessageString(4416, nPaddedLength);
    GetCountryFromCountryCode(pUserInfo->usri4_country_code,
                              ARRAYSIZE(szCountry), szCountry);
    ConPrintf(StdOut, L"%03ld (%s)\n", pUserInfo->usri4_country_code, szCountry);

    PrintPaddedMessageString(4419, nPaddedLength);
    if (pUserInfo->usri4_flags & UF_ACCOUNTDISABLE)
        PrintMessageString(4301);
    else if (pUserInfo->usri4_flags & UF_LOCKOUT)
        PrintMessageString(4440);
    else
        PrintMessageString(4300);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4420, nPaddedLength);
    if (pUserInfo->usri4_acct_expires == TIMEQ_FOREVER)
        PrintMessageString(4305);
    else
        PrintDateTime(pUserInfo->usri4_acct_expires);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedMessageString(4421, nPaddedLength);
    dwLastSet = GetTimeInSeconds() - pUserInfo->usri4_password_age;
    PrintDateTime(dwLastSet);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4422, nPaddedLength);
    if ((pUserInfo->usri4_flags & UF_DONT_EXPIRE_PASSWD) || pUserModals->usrmod0_max_passwd_age == TIMEQ_FOREVER)
        PrintMessageString(4305);
    else
        PrintDateTime(dwLastSet + pUserModals->usrmod0_max_passwd_age);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4423, nPaddedLength);
    PrintDateTime(dwLastSet + pUserModals->usrmod0_min_passwd_age);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4437, nPaddedLength);
    PrintMessageString((pUserInfo->usri4_flags & UF_PASSWD_NOTREQD) ? 4301 : 4300);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4438, nPaddedLength);
    PrintMessageString((pUserInfo->usri4_flags & UF_PASSWD_CANT_CHANGE) ? 4301 : 4300);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedMessageString(4424, nPaddedLength);
    if (pUserInfo->usri4_workstations == NULL || wcslen(pUserInfo->usri4_workstations) == 0)
        PrintMessageString(4302);
    else
        ConPrintf(StdOut, L"%s", pUserInfo->usri4_workstations);
    ConPuts(StdOut, L"\n");

    PrintPaddedMessageString(4429, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_script_path);

    PrintPaddedMessageString(4439, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_profile);

    PrintPaddedMessageString(4436, nPaddedLength);
    ConPrintf(StdOut, L"%s\n", pUserInfo->usri4_home_dir);

    PrintPaddedMessageString(4430, nPaddedLength);
    if (pUserInfo->usri4_last_logon == 0)
        PrintMessageString(4305);
    else
        PrintDateTime(pUserInfo->usri4_last_logon);
    ConPuts(StdOut, L"\n\n");

    PrintPaddedMessageString(4432, nPaddedLength);
    if (pUserInfo->usri4_logon_hours == NULL)
        PrintMessageString(4302);
    ConPuts(StdOut, L"\n\n");

    ConPuts(StdOut, L"\n");
    PrintPaddedMessageString(4427, nPaddedLength);
    if (dwLocalGroupTotal != 0 && pLocalGroupInfo != NULL)
    {
        for (i = 0; i < dwLocalGroupTotal; i++)
        {
            if (i != 0)
                PrintPadding(L' ', nPaddedLength);
            ConPrintf(StdOut, L"*%s\n", pLocalGroupInfo[i].lgrui0_name);
        }
    }
    else
    {
        ConPuts(StdOut, L"\n");
    }

    PrintPaddedMessageString(4431, nPaddedLength);
    if (dwGroupTotal != 0 && pGroupInfo != NULL)
    {
        for (i = 0; i < dwGroupTotal; i++)
        {
            if (i != 0)
                PrintPadding(L' ', nPaddedLength);
            ConPrintf(StdOut, L"*%s\n", pGroupInfo[i].grui0_name);
        }
    }
    else
    {
        ConPuts(StdOut, L"\n");
    }

done:
    if (pGroupInfo != NULL)
        NetApiBufferFree(pGroupInfo);

    if (pLocalGroupInfo != NULL)
        NetApiBufferFree(pLocalGroupInfo);

    if (pUserModals != NULL)
        NetApiBufferFree(pUserModals);

    if (pUserInfo != NULL)
        NetApiBufferFree(pUserInfo);

    return NERR_Success;
}