samlib.c revision a0aa776e20803c84edd153d9cb584fd67163aef3
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* This module provides the high level interface to the SAM RPC
* functions.
*/
#include <alloca.h>
#include <smbsrv/libmlsvc.h>
#include <smbsrv/ntstatus.h>
#include <smbsrv/ntaccess.h>
#include <lsalib.h>
#include <samlib.h>
/*
* Valid values for the OEM OWF password encryption.
*/
#define SAM_PASSWORD_516 516
#define SAM_KEYLEN 16
/*
* sam_create_trust_account
*
* Create a trust account for this system.
*
* SAMR_AF_WORKSTATION_TRUST_ACCOUNT: servers and workstations.
* SAMR_AF_SERVER_TRUST_ACCOUNT: domain controllers.
*
* Returns NT status codes.
*/
{
char account_name[SMB_SAMACCT_MAXLEN];
return (NT_STATUS_INTERNAL_ERROR);
/*
* The trust account value here should match
* the value that will be used when the user
* information is set on this account.
*/
/*
* Based on network traces, a Windows 2000 client will
* always try to create the computer account first.
* If it existed, then check the user permission to join
* the domain.
*/
if (status == NT_STATUS_USER_EXISTS)
return (status);
}
/*
* sam_create_account
*
* Create the specified domain account in the SAM database on the
* domain controller.
*
* Account flags:
* SAMR_AF_NORMAL_ACCOUNT
* SAMR_AF_WORKSTATION_TRUST_ACCOUNT
* SAMR_AF_SERVER_TRUST_ACCOUNT
*
* Returns NT status codes.
*/
{
union samr_user_info sui;
int rc;
char user[SMB_USERNAME_MAXLEN];
&samr_handle);
if (rc != 0) {
smb_tracef("SamCreateAccount[%s\\%s]: %s",
return (status);
}
if (status == NT_STATUS_SUCCESS) {
if (status == NT_STATUS_SUCCESS) {
(void) samr_query_user_info(&user_handle,
(void) samr_get_user_pwinfo(&user_handle);
(void) samr_set_user_info(&user_handle);
(void) samr_close_handle(&user_handle);
} else if (status != NT_STATUS_USER_EXISTS) {
smb_tracef("SamCreateAccount[%s]: %s",
}
(void) samr_close_handle(&domain_handle);
} else {
smb_tracef("SamCreateAccount[%s]: open domain failed",
}
(void) samr_close_handle(&samr_handle);
return (status);
}
/*
* sam_remove_trust_account
*
* Attempt to remove the workstation trust account for this system.
* Administrator access is required to perform this operation.
*
* Returns NT status codes.
*/
{
char account_name[SMB_SAMACCT_MAXLEN];
return (NT_STATUS_INTERNAL_ERROR);
}
/*
* sam_delete_account
*
* Attempt to remove an account from the SAM database on the specified
* server.
*
* Returns NT status codes.
*/
{
int rc;
char user[SMB_USERNAME_MAXLEN];
&samr_handle);
if (rc != 0)
return (NT_STATUS_OPEN_FAILED);
if (status != NT_STATUS_SUCCESS) {
(void) samr_close_handle(&samr_handle);
return (status);
}
if (status == NT_STATUS_SUCCESS) {
if (status == NT_STATUS_SUCCESS) {
if (samr_delete_user(&user_handle) != 0)
(void) samr_close_handle(&user_handle);
}
}
(void) samr_close_handle(&domain_handle);
(void) samr_close_handle(&samr_handle);
return (status);
}
/*
* sam_check_user
*
* Check to see if user have permission to access computer account.
* The user being checked is the specified user for joining the Solaris
* host to the domain.
*/
{
int rc;
char user[SMB_USERNAME_MAXLEN];
&samr_handle);
if (rc != 0)
return (NT_STATUS_OPEN_FAILED);
if (status != NT_STATUS_SUCCESS) {
(void) samr_close_handle(&samr_handle);
return (status);
}
if (status == NT_STATUS_SUCCESS) {
/*
* Win2000 client uses this access mask. The
* following SAMR user specific rights bits are
* set: set password, set attributes, and get
* attributes.
*/
access_mask = 0xb0;
if (status == NT_STATUS_SUCCESS)
(void) samr_close_handle(&user_handle);
}
(void) samr_close_handle(&domain_handle);
(void) samr_close_handle(&samr_handle);
return (status);
}
/*
* sam_lookup_name
*
* Lookup an account name in the SAM database on the specified domain
* controller. Provides the account RID on success.
*
* Returns NT status codes.
*/
{
struct samr_sid *domain_sid;
int rc;
char user[SMB_USERNAME_MAXLEN];
*rid_ret = 0;
&samr_handle);
if (rc != 0)
return (NT_STATUS_OPEN_FAILED);
if (domain_sid == NULL) {
(void) samr_close_handle(&samr_handle);
return (NT_STATUS_NO_SUCH_DOMAIN);
}
if (status == NT_STATUS_SUCCESS) {
account_name, &ainfo);
if (status == NT_STATUS_SUCCESS)
(void) samr_close_handle(&domain_handle);
}
(void) samr_close_handle(&samr_handle);
return (status);
}
/*
* sam_get_local_domains
*
* Query a remote server to get the list of local domains that it
* supports.
*
* Returns NT status codes.
*/
{
int rc;
char user[SMB_USERNAME_MAXLEN];
&samr_handle);
if (rc != 0)
return (NT_STATUS_OPEN_FAILED);
(void) samr_close_handle(&samr_handle);
return (status);
}
/*
* sam_oem_password
*
* Generate an OEM password.
*/
int
unsigned char *old_password)
{
int length;
#ifdef PBSHORTCUT
#endif /* PBSHORTCUT */
(char *)new_password, length);
return (0);
}
static struct samr_sid *
{
if (!smb_domain_getinfo(&domain)) {
return (NULL);
}
} else {
}
}