• Home
  • History
  • Annotate
  • Line#
  • Navigate
  • Raw
  • Download
  • only in /asuswrt-rt-n18u-9.0.0.4.380.2695/release/src-rt/router/samba-3.0.25b/source/libads/
1/*
2   Unix SMB/CIFS implementation.
3   ads (active directory) utility library
4
5   Copyright (C) Stefan (metze) Metzmacher 2002
6   Copyright (C) Andrew Tridgell 2001
7
8   This program is free software; you can redistribute it and/or modify
9   it under the terms of the GNU General Public License as published by
10   the Free Software Foundation; either version 2 of the License, or
11   (at your option) any later version.
12
13   This program is distributed in the hope that it will be useful,
14   but WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   GNU General Public License for more details.
17
18   You should have received a copy of the GNU General Public License
19   along with this program; if not, write to the Free Software
20   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21*/
22
23#include "includes.h"
24
25/*
26translated the ACB_CTRL Flags to UserFlags (userAccountControl)
27*/
28uint32 ads_acb2uf(uint32 acb)
29{
30	uint32 uf = 0x00000000;
31
32	if (acb & ACB_DISABLED) 		uf |= UF_ACCOUNTDISABLE;
33	if (acb & ACB_HOMDIRREQ) 		uf |= UF_HOMEDIR_REQUIRED;
34	if (acb & ACB_PWNOTREQ) 		uf |= UF_PASSWD_NOTREQD;
35	if (acb & ACB_TEMPDUP) 			uf |= UF_TEMP_DUPLICATE_ACCOUNT;
36	if (acb & ACB_NORMAL)	 		uf |= UF_NORMAL_ACCOUNT;
37	if (acb & ACB_MNS) 			uf |= UF_MNS_LOGON_ACCOUNT;
38	if (acb & ACB_DOMTRUST) 		uf |= UF_INTERDOMAIN_TRUST_ACCOUNT;
39	if (acb & ACB_WSTRUST) 			uf |= UF_WORKSTATION_TRUST_ACCOUNT;
40	if (acb & ACB_SVRTRUST) 		uf |= UF_SERVER_TRUST_ACCOUNT;
41	if (acb & ACB_PWNOEXP) 			uf |= UF_DONT_EXPIRE_PASSWD;
42	if (acb & ACB_AUTOLOCK) 		uf |= UF_LOCKOUT;
43	if (acb & ACB_USE_DES_KEY_ONLY)		uf |= UF_USE_DES_KEY_ONLY;
44	if (acb & ACB_SMARTCARD_REQUIRED)	uf |= UF_SMARTCARD_REQUIRED;
45	if (acb & ACB_TRUSTED_FOR_DELEGATION)	uf |= UF_TRUSTED_FOR_DELEGATION;
46	if (acb & ACB_DONT_REQUIRE_PREAUTH)	uf |= UF_DONT_REQUIRE_PREAUTH;
47	if (acb & ACB_NO_AUTH_DATA_REQD)	uf |= UF_NO_AUTH_DATA_REQUIRED;
48	if (acb & ACB_NOT_DELEGATED)		uf |= UF_NOT_DELEGATED;
49	if (acb & ACB_ENC_TXT_PWD_ALLOWED)	uf |= UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED;
50
51	return uf;
52}
53
54/*
55translated the UserFlags (userAccountControl) to ACB_CTRL Flags
56*/
57uint32 ads_uf2acb(uint32 uf)
58{
59	uint32 acb = 0x00000000;
60
61	if (uf & UF_ACCOUNTDISABLE) 		acb |= ACB_DISABLED;
62	if (uf & UF_HOMEDIR_REQUIRED) 		acb |= ACB_HOMDIRREQ;
63	if (uf & UF_PASSWD_NOTREQD) 		acb |= ACB_PWNOTREQ;
64	if (uf & UF_MNS_LOGON_ACCOUNT) 		acb |= ACB_MNS;
65	if (uf & UF_DONT_EXPIRE_PASSWD)		acb |= ACB_PWNOEXP;
66	if (uf & UF_LOCKOUT) 			acb |= ACB_AUTOLOCK;
67	if (uf & UF_USE_DES_KEY_ONLY)		acb |= ACB_USE_DES_KEY_ONLY;
68	if (uf & UF_SMARTCARD_REQUIRED)		acb |= ACB_SMARTCARD_REQUIRED;
69	if (uf & UF_TRUSTED_FOR_DELEGATION)	acb |= ACB_TRUSTED_FOR_DELEGATION;
70	if (uf & UF_DONT_REQUIRE_PREAUTH)	acb |= ACB_DONT_REQUIRE_PREAUTH;
71	if (uf & UF_NO_AUTH_DATA_REQUIRED)	acb |= ACB_NO_AUTH_DATA_REQD;
72	if (uf & UF_NOT_DELEGATED)		acb |= ACB_NOT_DELEGATED;
73	if (uf & UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED) acb |= ACB_ENC_TXT_PWD_ALLOWED;
74
75	switch (uf & UF_ACCOUNT_TYPE_MASK)
76	{
77		case UF_TEMP_DUPLICATE_ACCOUNT:		acb |= ACB_TEMPDUP;break;
78		case UF_NORMAL_ACCOUNT:	 		acb |= ACB_NORMAL;break;
79		case UF_INTERDOMAIN_TRUST_ACCOUNT: 	acb |= ACB_DOMTRUST;break;
80		case UF_WORKSTATION_TRUST_ACCOUNT:	acb |= ACB_WSTRUST;break;
81		case UF_SERVER_TRUST_ACCOUNT: 		acb |= ACB_SVRTRUST;break;
82		/*Fix Me: what should we do here? */
83		default: 				acb |= ACB_NORMAL;break;
84	}
85
86	return acb;
87}
88
89/*
90get the accountType from the UserFlags
91*/
92uint32 ads_uf2atype(uint32 uf)
93{
94	uint32 atype = 0x00000000;
95
96	if (uf & UF_NORMAL_ACCOUNT)			atype = ATYPE_NORMAL_ACCOUNT;
97	else if (uf & UF_TEMP_DUPLICATE_ACCOUNT)	atype = ATYPE_NORMAL_ACCOUNT;
98	else if (uf & UF_SERVER_TRUST_ACCOUNT)		atype = ATYPE_WORKSTATION_TRUST;
99	else if (uf & UF_WORKSTATION_TRUST_ACCOUNT)	atype = ATYPE_WORKSTATION_TRUST;
100	else if (uf & UF_INTERDOMAIN_TRUST_ACCOUNT)	atype = ATYPE_INTERDOMAIN_TRUST;
101
102	return atype;
103}
104
105/*
106get the accountType from the groupType
107*/
108uint32 ads_gtype2atype(uint32 gtype)
109{
110	uint32 atype = 0x00000000;
111
112	switch(gtype) {
113		case GTYPE_SECURITY_BUILTIN_LOCAL_GROUP:
114			atype = ATYPE_SECURITY_LOCAL_GROUP;
115			break;
116		case GTYPE_SECURITY_DOMAIN_LOCAL_GROUP:
117			atype = ATYPE_SECURITY_LOCAL_GROUP;
118			break;
119		case GTYPE_SECURITY_GLOBAL_GROUP:
120			atype = ATYPE_SECURITY_GLOBAL_GROUP;
121			break;
122
123		case GTYPE_DISTRIBUTION_GLOBAL_GROUP:
124			atype = ATYPE_DISTRIBUTION_GLOBAL_GROUP;
125			break;
126		case GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP:
127			atype = ATYPE_DISTRIBUTION_UNIVERSAL_GROUP;
128			break;
129		case GTYPE_DISTRIBUTION_UNIVERSAL_GROUP:
130			atype = ATYPE_DISTRIBUTION_LOCAL_GROUP;
131			break;
132	}
133
134	return atype;
135}
136
137/* turn a sAMAccountType into a SID_NAME_USE */
138enum lsa_SidType ads_atype_map(uint32 atype)
139{
140	switch (atype & 0xF0000000) {
141	case ATYPE_GLOBAL_GROUP:
142		return SID_NAME_DOM_GRP;
143	case ATYPE_SECURITY_LOCAL_GROUP:
144		return SID_NAME_ALIAS;
145	case ATYPE_ACCOUNT:
146		return SID_NAME_USER;
147	default:
148		DEBUG(1,("hmm, need to map account type 0x%x\n", atype));
149	}
150	return SID_NAME_UNKNOWN;
151}
152