static int print_sam_info (struct samu *sam_pwent, bool verbosity, bool smbpwdstyle) { uid_t uid; time_t tmp; /* TODO: check if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { char temp[44]; const uint8_t *hours; printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); printf ("Account Flags: %s\n", pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent), NEW_PW_FORMAT_SPACE_PADDED_LEN)); printf ("User SID: %s\n", sid_string_tos(pdb_get_user_sid(sam_pwent))); printf ("Primary Group SID: %s\n", sid_string_tos(pdb_get_group_sid(sam_pwent))); printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); printf ("HomeDir Drive: %s\n", pdb_get_dir_drive(sam_pwent)); printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent)); printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent)); printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); tmp = pdb_get_logon_time(sam_pwent); printf ("Logon time: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_logoff_time(sam_pwent); printf ("Logoff time: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_kickoff_time(sam_pwent); printf ("Kickoff time: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_last_set_time(sam_pwent); printf ("Password last set: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_can_change_time(sam_pwent); printf ("Password can change: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_pass_must_change_time(sam_pwent); printf ("Password must change: %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); tmp = pdb_get_bad_password_time(sam_pwent); printf ("Last bad password : %s\n", tmp ? http_timestring(talloc_tos(), tmp) : "0"); printf ("Bad password count : %d\n", pdb_get_bad_password_count(sam_pwent)); hours = pdb_get_hours(sam_pwent); pdb_sethexhours(temp, hours); printf ("Logon hours : %s\n", temp); } else if (smbpwdstyle) { char lm_passwd[33]; char nt_passwd[33]; uid = nametouid(pdb_get_username(sam_pwent)); pdb_sethexpwd(lm_passwd, pdb_get_lanman_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); pdb_sethexpwd(nt_passwd, pdb_get_nt_passwd(sam_pwent), pdb_get_acct_ctrl(sam_pwent)); printf("%s:%lu:%s:%s:%s:LCT-%08X:\n", pdb_get_username(sam_pwent), (unsigned long)uid, lm_passwd, nt_passwd, pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), (uint32_t)convert_time_t_to_uint32_t(pdb_get_pass_last_set_time(sam_pwent))); } else { uid = nametouid(pdb_get_username(sam_pwent)); printf ("%s:%lu:%s\n", pdb_get_username(sam_pwent), (unsigned long)uid, pdb_get_fullname(sam_pwent)); } return 0; }
static BOOL samu_correct(struct samu *s1, struct samu *s2) { BOOL ret = True; uint32 s1_len, s2_len; const char *s1_buf, *s2_buf; const uint8 *d1_buf, *d2_buf; /* Check Unix username */ s1_buf = pdb_get_username(s1); s2_buf = pdb_get_username(s2); if (s2_buf == NULL && s1_buf != NULL) { DEBUG(0, ("Username is not set\n")); ret = False; } else if (s1_buf == NULL) { /* Do nothing */ } else if (strcmp(s1_buf,s2_buf)) { DEBUG(0, ("Username not written correctly, want %s, got \"%s\"\n", pdb_get_username(s1), pdb_get_username(s2))); ret = False; } /* Check NT username */ s1_buf = pdb_get_nt_username(s1); s2_buf = pdb_get_nt_username(s2); if (s2_buf == NULL && s1_buf != NULL) { DEBUG(0, ("NT Username is not set\n")); ret = False; } else if (s1_buf == NULL) { /* Do nothing */ } else if (strcmp(s1_buf, s2_buf)) { DEBUG(0, ("NT Username not written correctly, want \"%s\", got \"%s\"\n", pdb_get_nt_username(s1), pdb_get_nt_username(s2))); ret = False; } /* Check acct ctrl */ if (pdb_get_acct_ctrl(s1) != pdb_get_acct_ctrl(s2)) { DEBUG(0, ("Acct ctrl field not written correctly, want %d (0x%X), got %d (0x%X)\n", pdb_get_acct_ctrl(s1), pdb_get_acct_ctrl(s1), pdb_get_acct_ctrl(s2), pdb_get_acct_ctrl(s2))); ret = False; } /* Check NT password */ d1_buf = pdb_get_nt_passwd(s1); d2_buf = pdb_get_nt_passwd(s2); if (d2_buf == NULL && d1_buf != NULL) { DEBUG(0, ("NT password is not set\n")); ret = False; } else if (d1_buf == NULL) { /* Do nothing */ } else if (memcmp(d1_buf, d2_buf, NT_HASH_LEN)) { DEBUG(0, ("NT password not written correctly\n")); ret = False; } /* Check lanman password */ d1_buf = pdb_get_lanman_passwd(s1); d2_buf = pdb_get_lanman_passwd(s2); if (d2_buf == NULL && d1_buf != NULL) { DEBUG(0, ("Lanman password is not set\n")); } else if (d1_buf == NULL) { /* Do nothing */ } else if (memcmp(d1_buf, d2_buf, NT_HASH_LEN)) { DEBUG(0, ("Lanman password not written correctly\n")); ret = False; } /* Check password history */ d1_buf = pdb_get_pw_history(s1, &s1_len); d2_buf = pdb_get_pw_history(s2, &s2_len); if (d2_buf == NULL && d1_buf != NULL) { DEBUG(0, ("Password history is not set\n")); } else if (d1_buf == NULL) { /* Do nothing */ } else if (s1_len != s1_len) { DEBUG(0, ("Password history not written correctly, lengths differ, want %d, got %d\n", s1_len, s2_len)); ret = False; } else if (strncmp(s1_buf, s2_buf, s1_len)) { DEBUG(0, ("Password history not written correctly\n")); ret = False; } /* Check logon time */ if (pdb_get_logon_time(s1) != pdb_get_logon_time(s2)) { DEBUG(0, ("Logon time is not written correctly\n")); ret = False; } /* Check logoff time */ if (pdb_get_logoff_time(s1) != pdb_get_logoff_time(s2)) { DEBUG(0, ("Logoff time is not written correctly\n")); ret = False; } /* Check kickoff time */ if (pdb_get_kickoff_time(s1) != pdb_get_logoff_time(s2)) { DEBUG(0, ("Kickoff time is not written correctly\n")); ret = False; } /* Check bad password time */ if (pdb_get_bad_password_time(s1) != pdb_get_bad_password_time(s2)) { DEBUG(0, ("Bad password time is not written correctly\n")); ret = False; } /* Check password last set time */ if (pdb_get_pass_last_set_time(s1) != pdb_get_pass_last_set_time(s2)) { DEBUG(0, ("Password last set time is not written correctly\n")); ret = False; } /* Check password can change time */ if (pdb_get_pass_can_change_time(s1) != pdb_get_pass_can_change_time(s2)) { DEBUG(0, ("Password can change time is not written correctly\n")); ret = False; } /* Check password must change time */ if (pdb_get_pass_must_change_time(s1) != pdb_get_pass_must_change_time(s2)) { DEBUG(0, ("Password must change time is not written correctly\n")); ret = False; } /* Check logon divs */ if (pdb_get_logon_divs(s1) != pdb_get_logon_divs(s2)) { DEBUG(0, ("Logon divs not written correctly\n")); ret = False; } /* Check logon hours */ if (pdb_get_hours_len(s1) != pdb_get_hours_len(s2)) { DEBUG(0, ("Logon hours length not written correctly\n")); ret = False; } else if (pdb_get_hours_len(s1) != 0) { d1_buf = pdb_get_hours(s1); d2_buf = pdb_get_hours(s2); if (d2_buf == NULL && d2_buf != NULL) { DEBUG(0, ("Logon hours is not set\n")); ret = False; } else if (d1_buf == NULL) { /* Do nothing */ } else if (memcmp(d1_buf, d2_buf, MAX_HOURS_LEN)) { DEBUG(0, ("Logon hours is not written correctly\n")); ret = False; } } /* Check profile path */ s1_buf = pdb_get_profile_path(s1); s2_buf = pdb_get_profile_path(s2); if (s2_buf == NULL && s1_buf != NULL) { DEBUG(0, ("Profile path is not set\n")); ret = False; } else if (s1_buf == NULL) { /* Do nothing */ } else if (strcmp(s1_buf, s2_buf)) { DEBUG(0, ("Profile path is not written correctly\n")); ret = False; } /* Check home dir */ s1_buf = pdb_get_homedir(s1); s2_buf = pdb_get_homedir(s2); if (s2_buf == NULL && s1_buf != NULL) { DEBUG(0, ("Home dir is not set\n")); ret = False; } else if (s1_buf == NULL) { /* Do nothing */ } else if (strcmp(s1_buf, s2_buf)) { DEBUG(0, ("Home dir is not written correctly\n")); ret = False; } /* Check logon script */ s1_buf = pdb_get_logon_script(s1); s2_buf = pdb_get_logon_script(s2); if (s2_buf == NULL && s1_buf != NULL) { DEBUG(0, ("Logon script not set\n")); ret = False; } else if (s1_buf == NULL) { /* Do nothing */ } else if (strcmp(s1_buf, s2_buf)) { DEBUG(0, ("Logon script is not written correctly\n")); ret = False; } /* TODO Check user and group sids */ return ret; }