#include "cacusermgr.h"
void print_user_info(CacUserInfo *info) {
printf("\n");
printf(" User Name : %s\n", info->username);
printf(" Full Name : %s\n", info->full_name);
printf(" Home Dir : %s\n", info->home_dir);
printf(" Home Drive : %s\n", info->home_drive);
printf(" Profile Path : %s\n", info->profile_path);
printf(" Logon Script : %s\n", info->logon_script);
printf(" Description : %s\n", info->description);
printf(" Workstations : %s\n", info->workstations);
printf(" Remote Dial : %s\n", info->dial);
printf(" Logon Time : %s\n", http_timestring(info->logon_time));
printf(" Logoff Time : %s\n", http_timestring(info->logoff_time));
printf(" Kickoff Time : %s\n", http_timestring(info->kickoff_time));
printf(" Pass last set : %s\n", http_timestring(info->pass_last_set_time));
printf(" Pass can set : %s\n", http_timestring(info->pass_can_change_time));
printf(" Pass must set : %s\n", http_timestring(info->pass_must_change_time));
printf(" User RID : 0x%x\n", info->rid);
printf(" Group RID : 0x%x\n", info->group_rid);
printf(" User Type : ");
if(info->acb_mask & ACB_NORMAL)
printf("Normal User\n");
else if(info->acb_mask & ACB_TEMPDUP)
printf("Temporary Duplicate Account\n");
else if(info->acb_mask & ACB_DOMTRUST)
printf("Inter-Domain Trust Account\n");
else if(info->acb_mask & ACB_WSTRUST)
printf("Workstation Trust Account\n");
else if(info->acb_mask & ACB_SVRTRUST)
printf("Server Trust Account\n");
else
printf("\n");
printf(" Disabled : %s\n", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No");
printf(" Locked : %s\n", (info->acb_mask & ACB_AUTOLOCK) ? "Yes" : "No");
printf(" Pass Expires : %s\n", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes");
printf(" Pass Required : %s\n", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes");
}
CacUserInfo *modify_user_info(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) {
CacUserInfo *info = NULL;
fstring tmp;
struct SamGetUserInfo getinfo;
struct SamSetUserInfo setinfo;
ZERO_STRUCT(getinfo);
ZERO_STRUCT(setinfo);
getinfo.in.user_hnd = user_hnd;
if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
printerr("Could not get user info.", hnd->status);
return NULL;
}
info = getinfo.out.info;
printf("\n");
printf(" User Name [%s]: ", info->username);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->username = talloc_strdup(mem_ctx, tmp);
printf(" Full Name [%s]: ", info->full_name);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->full_name = talloc_strdup(mem_ctx, tmp);
printf(" Description [%s]: ", info->description);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->description = talloc_strdup(mem_ctx, tmp);
printf(" Home Dir [%s]: ", info->home_dir);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->home_dir = talloc_strdup(mem_ctx, tmp);
printf(" Home Drive [%s]: ", info->home_drive);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->home_drive = talloc_strdup(mem_ctx, tmp);
printf(" Profile Path [%s]: ", info->profile_path);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->profile_path = talloc_strdup(mem_ctx, tmp);
printf(" Logon Script [%s]: ", info->logon_script);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->logon_script = talloc_strdup(mem_ctx, tmp);
printf(" Workstations [%s]: ", info->workstations);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->workstations = talloc_strdup(mem_ctx, tmp);
printf(" Remote Dial [%s]: ", info->dial);
mgr_getline(tmp);
if(tmp[0] != '\0')
info->dial = talloc_strdup(mem_ctx, tmp);
printf(" Disabled [%s] (y/n): ", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No");
mgr_getline(tmp);
if(tmp[0] == 'y' || tmp[0] == 'Y')
info->acb_mask |= ACB_DISABLED;
else if(tmp[0] == 'n' || tmp[0] == 'N')
info->acb_mask ^= (info->acb_mask & ACB_DISABLED) ? ACB_DISABLED : 0x0;
printf(" Pass Expires [%s] (y/n): ", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes");
mgr_getline(tmp);
if(tmp[0] == 'n' || tmp[0] == 'N')
info->acb_mask |= ACB_PWNOEXP;
else if(tmp[0] == 'y' || tmp[0] == 'Y')
info->acb_mask ^= (info->acb_mask & ACB_PWNOEXP) ? ACB_PWNOEXP : 0x0;
printf(" Pass Required [%s] (y/n): ", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes");
mgr_getline(tmp);
if(tmp[0] == 'n' || tmp[0] == 'N')
info->acb_mask |= ACB_PWNOTREQ;
else if(tmp[0] == 'y' || tmp[0] == 'Y')
info->acb_mask ^= (info->acb_mask & ACB_PWNOTREQ) ? ACB_PWNOTREQ : 0x0;
setinfo.in.user_hnd = user_hnd;
setinfo.in.info = info;
if(!cac_SamSetUserInfo(hnd, mem_ctx, &setinfo)) {
printerr("Could not set user info.", hnd->status);
}
return info;
}
void add_user_to_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) {
int rid_type = 0;
char *tmp = NULL;
struct SamOpenGroup og;
struct SamAddGroupMember add;
ZERO_STRUCT(og);
ZERO_STRUCT(add);
printf("Group RID or Name:");
og.in.dom_hnd = dom_hnd;
og.in.access = MAXIMUM_ALLOWED_ACCESS;
rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp);
if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) {
printerr("Could not open group.", hnd->status);
return;
}
add.in.group_hnd = og.out.group_hnd;
add.in.rid = info->rid;
if(!cac_SamAddGroupMember(hnd, mem_ctx, &add)) {
printerr("Could not add user to group.", hnd->status);
}
cac_SamClose(hnd, mem_ctx, og.out.group_hnd);
}
void remove_user_from_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) {
int rid_type = 0;
char *tmp = NULL;
struct SamOpenGroup og;
struct SamRemoveGroupMember del;
ZERO_STRUCT(og);
ZERO_STRUCT(del);
printf("Group RID or Name:");
og.in.dom_hnd = dom_hnd;
og.in.access = MAXIMUM_ALLOWED_ACCESS;
rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp);
if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) {
printerr("Could not open group.", hnd->status);
return;
}
del.in.group_hnd = og.out.group_hnd;
del.in.rid = info->rid;
if(!cac_SamRemoveGroupMember(hnd, mem_ctx, &del)) {
printerr("Could not add user to group.", hnd->status);
}
cac_SamClose(hnd, mem_ctx, og.out.group_hnd);
}
void user_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *user_hnd) {
fstring in;
struct SamGetUserInfo getinfo;
struct SamSetPassword setpass;
struct SamGetGroupsForUser groups;
struct SamGetNamesFromRids gnfr;
CacUserInfo *info = NULL;
if(!hnd || !mem_ctx || !user_hnd) {
printf("Must open user.\n");
return;
}
ZERO_STRUCT(getinfo);
getinfo.in.user_hnd = user_hnd;
if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
printerr("Could not get info.", hnd->status);
info = NULL;
}
else {
info = getinfo.out.info;
print_user_info(info);
}
in[0] = '\0';
while(in[0] != 'b' && in[0] != 'B' && in[0] != 'q' && in[0] != 'Q') {
printf("\n");
printf("[s] Set Password\n");
if(info && (info->acb_mask & ACB_DISABLED))
printf("[e] Enable User\n");
else if(info)
printf("[d] Disable User\n");
printf("[v] View User Info\n");
printf("[m] Modify User Info\n");
printf("[x] Delete User\n\n");
printf("[g] List Group Membership\n");
printf("[a] Add User To Group\n");
printf("[l] List Domain Groups\n");
printf("[r] Remove User From Group\n\n");
printf("[b] Back\n\n");
printf("Command: ");
mgr_getline(in);
printf("\n");
switch(in[0]) {
case 'g':
case 'G':
ZERO_STRUCT(groups);
groups.in.user_hnd = user_hnd;
if(!cac_SamGetGroupsForUser(hnd, mem_ctx, &groups)) {
printerr("Could not get groups.", hnd->status);
break;
}
ZERO_STRUCT(gnfr);
gnfr.in.dom_hnd = dom_hnd;
gnfr.in.rids = groups.out.rids;
gnfr.in.num_rids = groups.out.num_groups;
if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &gnfr)) {
printerr("Could not map RIDs to names.", hnd->status);
break;
}
print_lookup_records(gnfr.out.map, gnfr.out.num_names);
break;
case 's':
case 'S':
ZERO_STRUCT(setpass);
setpass.in.user_hnd = user_hnd;
setpass.in.password = get_new_password(mem_ctx);
if(!setpass.in.password) {
printf("Out of memory.\n");
break;
}
if(!cac_SamSetPassword(hnd, mem_ctx, &setpass)) {
printerr("Could not set password.", hnd->status);
}
else {
printf("Reset password.\n");
}
break;
case 'e':
case 'E':
if(info && !(info->acb_mask & ACB_DISABLED))
break;
if(!cac_SamEnableUser(hnd, mem_ctx, user_hnd)) {
printerr("Could not enable user.", hnd->status);
}
else {
printf("Enabled User.\n");
info->acb_mask ^= ACB_DISABLED;
}
break;
case 'd':
case 'D':
if(info && (info->acb_mask & ACB_DISABLED))
break;
if(!cac_SamDisableUser(hnd, mem_ctx, user_hnd)) {
printerr("Could not disable user.", hnd->status);
}
else {
printf("Disabled User.\n");
info->acb_mask ^= ACB_DISABLED;
}
break;
case 'v':
case 'V':
ZERO_STRUCT(getinfo);
getinfo.in.user_hnd = user_hnd;
if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) {
printerr("Could not get info.", hnd->status);
info = NULL;
}
else {
info = getinfo.out.info;
print_user_info(info);
}
break;
case 'm':
case 'M':
info = modify_user_info(hnd, mem_ctx, user_hnd);
if(info)
printf("Updated user info.\n");
break;
case 'l':
case 'L':
list_groups(hnd, mem_ctx, dom_hnd);
break;
case 'a':
case 'A':
add_user_to_group(hnd, mem_ctx, info, dom_hnd);
break;
case 'r':
case 'R':
remove_user_from_group(hnd, mem_ctx, info, dom_hnd);
break;
case 'x':
case 'X':
if(!cac_SamDeleteUser(hnd, mem_ctx, user_hnd))
printerr("Could not delete user.", hnd->status);
in[0] = 'b';
break;
case 'b':
case 'B':
case 'q':
case 'Q':
break;
default:
printf("Invalid command.\n");
}
}
cac_SamClose(hnd, mem_ctx, user_hnd);
}