2 * Unix SMB/CIFS implementation.
3 * cacusermgr user implementation.
5 * Copyright (C) Chris Nicholls 2005
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version.
12 * This program is distributed in the hope that it will be useful, but WITHOUT
13 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
17 * You should have received a copy of the GNU General Public License along with
18 * this program; if not, write to the Free Software Foundation, Inc., 675
19 * Mass Ave, Cambridge, MA 02139, USA. */
21 #include "cacusermgr.h"
23 void print_user_info(CacUserInfo *info) {
25 printf(" User Name : %s\n", info->username);
26 printf(" Full Name : %s\n", info->full_name);
27 printf(" Home Dir : %s\n", info->home_dir);
28 printf(" Home Drive : %s\n", info->home_drive);
29 printf(" Profile Path : %s\n", info->profile_path);
30 printf(" Logon Script : %s\n", info->logon_script);
31 printf(" Description : %s\n", info->description);
32 printf(" Workstations : %s\n", info->workstations);
33 printf(" Remote Dial : %s\n", info->dial);
35 printf(" Logon Time : %s\n", http_timestring(info->logon_time));
36 printf(" Logoff Time : %s\n", http_timestring(info->logoff_time));
37 printf(" Kickoff Time : %s\n", http_timestring(info->kickoff_time));
38 printf(" Pass last set : %s\n", http_timestring(info->pass_last_set_time));
39 printf(" Pass can set : %s\n", http_timestring(info->pass_can_change_time));
40 printf(" Pass must set : %s\n", http_timestring(info->pass_must_change_time));
42 printf(" User RID : 0x%x\n", info->rid);
43 printf(" Group RID : 0x%x\n", info->group_rid);
44 printf(" User Type : ");
46 if(info->acb_mask & ACB_NORMAL)
47 printf("Normal User\n");
48 else if(info->acb_mask & ACB_TEMPDUP)
49 printf("Temporary Duplicate Account\n");
50 else if(info->acb_mask & ACB_DOMTRUST)
51 printf("Inter-Domain Trust Account\n");
52 else if(info->acb_mask & ACB_WSTRUST)
53 printf("Workstation Trust Account\n");
54 else if(info->acb_mask & ACB_SVRTRUST)
55 printf("Server Trust Account\n");
59 printf(" Disabled : %s\n", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No");
60 printf(" Locked : %s\n", (info->acb_mask & ACB_AUTOLOCK) ? "Yes" : "No");
61 printf(" Pass Expires : %s\n", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes");
62 printf(" Pass Required : %s\n", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes");
66 CacUserInfo *modify_user_info(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) {
67 CacUserInfo *info = NULL;
70 struct SamGetUserInfo getinfo;
71 struct SamSetUserInfo setinfo;
76 getinfo.in.user_hnd = user_hnd;
78 if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
79 printerr("Could not get user info.", hnd->status);
83 info = getinfo.out.info;
86 printf(" User Name [%s]: ", info->username);
89 info->username = talloc_strdup(mem_ctx, tmp);
91 printf(" Full Name [%s]: ", info->full_name);
94 info->full_name = talloc_strdup(mem_ctx, tmp);
96 printf(" Description [%s]: ", info->description);
99 info->description = talloc_strdup(mem_ctx, tmp);
101 printf(" Home Dir [%s]: ", info->home_dir);
104 info->home_dir = talloc_strdup(mem_ctx, tmp);
106 printf(" Home Drive [%s]: ", info->home_drive);
109 info->home_drive = talloc_strdup(mem_ctx, tmp);
111 printf(" Profile Path [%s]: ", info->profile_path);
114 info->profile_path = talloc_strdup(mem_ctx, tmp);
116 printf(" Logon Script [%s]: ", info->logon_script);
119 info->logon_script = talloc_strdup(mem_ctx, tmp);
121 printf(" Workstations [%s]: ", info->workstations);
124 info->workstations = talloc_strdup(mem_ctx, tmp);
126 printf(" Remote Dial [%s]: ", info->dial);
129 info->dial = talloc_strdup(mem_ctx, tmp);
131 printf(" Disabled [%s] (y/n): ", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No");
133 if(tmp[0] == 'y' || tmp[0] == 'Y')
134 info->acb_mask |= ACB_DISABLED;
135 else if(tmp[0] == 'n' || tmp[0] == 'N')
136 info->acb_mask ^= (info->acb_mask & ACB_DISABLED) ? ACB_DISABLED : 0x0;
138 printf(" Pass Expires [%s] (y/n): ", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes");
140 if(tmp[0] == 'n' || tmp[0] == 'N')
141 info->acb_mask |= ACB_PWNOEXP;
142 else if(tmp[0] == 'y' || tmp[0] == 'Y')
143 info->acb_mask ^= (info->acb_mask & ACB_PWNOEXP) ? ACB_PWNOEXP : 0x0;
145 printf(" Pass Required [%s] (y/n): ", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes");
147 if(tmp[0] == 'n' || tmp[0] == 'N')
148 info->acb_mask |= ACB_PWNOTREQ;
149 else if(tmp[0] == 'y' || tmp[0] == 'Y')
150 info->acb_mask ^= (info->acb_mask & ACB_PWNOTREQ) ? ACB_PWNOTREQ : 0x0;
152 setinfo.in.user_hnd = user_hnd;
153 setinfo.in.info = info;
155 if(!cac_SamSetUserInfo(hnd, mem_ctx, &setinfo)) {
156 printerr("Could not set user info.", hnd->status);
162 void add_user_to_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) {
167 struct SamOpenGroup og;
168 struct SamAddGroupMember add;
173 printf("Group RID or Name:");
175 og.in.dom_hnd = dom_hnd;
176 og.in.access = MAXIMUM_ALLOWED_ACCESS;
177 rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp);
179 if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) {
180 printerr("Could not open group.", hnd->status);
184 add.in.group_hnd = og.out.group_hnd;
185 add.in.rid = info->rid;
187 if(!cac_SamAddGroupMember(hnd, mem_ctx, &add)) {
188 printerr("Could not add user to group.", hnd->status);
191 cac_SamClose(hnd, mem_ctx, og.out.group_hnd);
194 void remove_user_from_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) {
199 struct SamOpenGroup og;
200 struct SamRemoveGroupMember del;
205 printf("Group RID or Name:");
207 og.in.dom_hnd = dom_hnd;
208 og.in.access = MAXIMUM_ALLOWED_ACCESS;
209 rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp);
211 if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) {
212 printerr("Could not open group.", hnd->status);
216 del.in.group_hnd = og.out.group_hnd;
217 del.in.rid = info->rid;
219 if(!cac_SamRemoveGroupMember(hnd, mem_ctx, &del)) {
220 printerr("Could not add user to group.", hnd->status);
223 cac_SamClose(hnd, mem_ctx, og.out.group_hnd);
226 void user_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *user_hnd) {
229 struct SamGetUserInfo getinfo;
230 struct SamSetPassword setpass;
231 struct SamGetGroupsForUser groups;
232 struct SamGetNamesFromRids gnfr;
234 CacUserInfo *info = NULL;
236 if(!hnd || !mem_ctx || !user_hnd) {
237 printf("Must open user.\n");
241 /*get the userinfo and print it out*/
242 ZERO_STRUCT(getinfo);
243 getinfo.in.user_hnd = user_hnd;
245 if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
246 printerr("Could not get info.", hnd->status);
250 info = getinfo.out.info;
251 print_user_info(info);
254 /*now deal with the menu*/
256 while(in[0] != 'b' && in[0] != 'B' && in[0] != 'q' && in[0] != 'Q') {
258 printf("[s] Set Password\n");
260 if(info && (info->acb_mask & ACB_DISABLED))
261 printf("[e] Enable User\n");
263 printf("[d] Disable User\n");
265 printf("[v] View User Info\n");
266 printf("[m] Modify User Info\n");
267 printf("[x] Delete User\n\n");
269 printf("[g] List Group Membership\n");
270 printf("[a] Add User To Group\n");
271 printf("[l] List Domain Groups\n");
272 printf("[r] Remove User From Group\n\n");
274 printf("[b] Back\n\n");
282 case 'g': /*list group membership*/
285 groups.in.user_hnd = user_hnd;
287 if(!cac_SamGetGroupsForUser(hnd, mem_ctx, &groups)) {
288 printerr("Could not get groups.", hnd->status);
293 gnfr.in.dom_hnd = dom_hnd;
294 gnfr.in.rids = groups.out.rids;
295 gnfr.in.num_rids = groups.out.num_groups;
297 if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &gnfr)) {
298 printerr("Could not map RIDs to names.", hnd->status);
302 print_lookup_records(gnfr.out.map, gnfr.out.num_names);
305 case 's': /*reset password*/
307 ZERO_STRUCT(setpass);
308 setpass.in.user_hnd = user_hnd;
309 setpass.in.password = get_new_password(mem_ctx);
311 if(!setpass.in.password) {
312 printf("Out of memory.\n");
316 if(!cac_SamSetPassword(hnd, mem_ctx, &setpass)) {
317 printerr("Could not set password.", hnd->status);
320 printf("Reset password.\n");
324 case 'e': /*enable user*/
326 if(info && !(info->acb_mask & ACB_DISABLED))
329 if(!cac_SamEnableUser(hnd, mem_ctx, user_hnd)) {
330 printerr("Could not enable user.", hnd->status);
333 printf("Enabled User.\n");
334 /*toggle the disabled ACB bit in our local copy of the info*/
335 info->acb_mask ^= ACB_DISABLED;
339 case 'd': /*disable user*/
341 if(info && (info->acb_mask & ACB_DISABLED))
344 if(!cac_SamDisableUser(hnd, mem_ctx, user_hnd)) {
345 printerr("Could not disable user.", hnd->status);
348 printf("Disabled User.\n");
349 /*toggle the disabled ACB bit in our local copy of the info*/
350 info->acb_mask ^= ACB_DISABLED;
354 case 'v': /*view user info*/
356 ZERO_STRUCT(getinfo);
357 getinfo.in.user_hnd = user_hnd;
359 if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
360 printerr("Could not get info.", hnd->status);
364 info = getinfo.out.info;
365 print_user_info(info);
370 case 'm': /*modify user info*/
372 info = modify_user_info(hnd, mem_ctx, user_hnd);
375 printf("Updated user info.\n");
378 case 'l': /*list domain groups*/
380 list_groups(hnd, mem_ctx, dom_hnd);
383 case 'a': /*add user to group*/
385 add_user_to_group(hnd, mem_ctx, info, dom_hnd);
388 case 'r': /*remove user from group*/
390 remove_user_from_group(hnd, mem_ctx, info, dom_hnd);
393 case 'x': /*delete user*/
395 if(!cac_SamDeleteUser(hnd, mem_ctx, user_hnd))
396 printerr("Could not delete user.", hnd->status);
398 /*we want to go back to the main menu*/
410 printf("Invalid command.\n");
414 /*close the user before returning*/
415 cac_SamClose(hnd, mem_ctx, user_hnd);