git.samba.org / samba.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
s4:security Remove use of user_sid and group_sid from struct security_token
[samba.git] / source4 / auth / system_session.c
1 /* 
2    Unix SMB/CIFS implementation.
3    Authentication utility functions
4    Copyright (C) Andrew Tridgell 1992-1998
5    Copyright (C) Andrew Bartlett 2001-2010
6    Copyright (C) Jeremy Allison 2000-2001
7    Copyright (C) Rafal Szczesniak 2002
8    Copyright (C) Stefan Metzmacher 2005
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "libcli/security/security.h"
26 #include "auth/credentials/credentials.h"
27 #include "param/param.h"
28 #include "auth/auth.h" /* for auth_serversupplied_info */
29 #include "auth/session.h"
30 #include "auth/system_session_proto.h"
31
32 /**
33  * Create the SID list for this user. 
34  *
35  * @note Specialised version for system sessions that doesn't use the SAM.
36  */
37 static NTSTATUS create_token(TALLOC_CTX *mem_ctx, 
38                              struct dom_sid *user_sid,
39                              struct dom_sid *group_sid,
40                              unsigned int n_groupSIDs,
41                              struct dom_sid **groupSIDs,
42                              bool is_authenticated,
43                              struct security_token **token)
44 {
45         struct security_token *ptoken;
46         unsigned int i;
47
48         ptoken = security_token_initialise(mem_ctx);
49         NT_STATUS_HAVE_NO_MEMORY(ptoken);
50
51         ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5);
52         NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
53
54         ptoken->sids[PRIMARY_USER_SID_INDEX] = talloc_reference(ptoken, user_sid);
55         ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid);
56         ptoken->privilege_mask = 0;
57
58         /*
59          * Finally add the "standard" SIDs.
60          * The only difference between guest and "anonymous"
61          * is the addition of Authenticated_Users.
62          */
63         ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD);
64         NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
65         ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK);
66         NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]);
67         ptoken->num_sids = 4;
68
69         if (is_authenticated) {
70                 ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
71                 NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]);
72                 ptoken->num_sids++;
73         }
74
75         for (i = 0; i < n_groupSIDs; i++) {
76                 size_t check_sid_idx;
77                 for (check_sid_idx = 1; 
78                      check_sid_idx < ptoken->num_sids; 
79                      check_sid_idx++) {
80                         if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
81                                 break;
82                         }
83                 }
84
85                 if (check_sid_idx == ptoken->num_sids) {
86                         ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
87                 }
88         }
89
90         *token = ptoken;
91
92         /* Shortcuts to prevent recursion and avoid lookups */
93         if (ptoken->sids == NULL) {
94                 ptoken->privilege_mask = 0;
95                 return NT_STATUS_OK;
96         } 
97         
98         if (security_token_is_system(ptoken)) {
99                 ptoken->privilege_mask = ~0;
100                 return NT_STATUS_OK;
101         } 
102         
103         if (security_token_is_anonymous(ptoken)) {
104                 ptoken->privilege_mask = 0;
105                 return NT_STATUS_OK;
106         }
107
108         /* All other 'users' get a empty priv set so far */
109         ptoken->privilege_mask = 0;
110         return NT_STATUS_OK;
111 }
112
113 NTSTATUS auth_generate_simple_session_info(TALLOC_CTX *mem_ctx,
114                                            struct auth_serversupplied_info *server_info,
115                                            struct auth_session_info **_session_info)
116 {
117         struct auth_session_info *session_info;
118         NTSTATUS nt_status;
119
120         session_info = talloc(mem_ctx, struct auth_session_info);
121         NT_STATUS_HAVE_NO_MEMORY(session_info);
122
123         session_info->server_info = talloc_reference(session_info, server_info);
124
125         /* unless set otherwise, the session key is the user session
126          * key from the auth subsystem */ 
127         session_info->session_key = server_info->user_session_key;
128
129         nt_status = create_token(session_info,
130                                           server_info->account_sid,
131                                           server_info->primary_group_sid,
132                                           server_info->n_domain_groups,
133                                           server_info->domain_groups,
134                                           server_info->authenticated,
135                                           &session_info->security_token);
136         NT_STATUS_NOT_OK_RETURN(nt_status);
137
138         session_info->credentials = NULL;
139
140         *_session_info = session_info;
141         return NT_STATUS_OK;
142 }
143
144
145 /*
146   prevent the static system session being freed
147  */
148 static int system_session_destructor(struct auth_session_info *info)
149 {
150         return -1;
151 }
152
153 /* Create a security token for a session SYSTEM (the most
154  * trusted/prvilaged account), including the local machine account as
155  * the off-host credentials
156  */ 
157 _PUBLIC_ struct auth_session_info *system_session(struct loadparm_context *lp_ctx)
158 {
159         static struct auth_session_info *static_session;
160         NTSTATUS nt_status;
161
162         if (static_session) {
163                 return static_session;
164         }
165
166         nt_status = auth_system_session_info(talloc_autofree_context(),
167                                              lp_ctx,
168                                              &static_session);
169         if (!NT_STATUS_IS_OK(nt_status)) {
170                 talloc_free(static_session);
171                 static_session = NULL;
172                 return NULL;
173         }
174         talloc_set_destructor(static_session, system_session_destructor);
175         return static_session;
176 }
177
178 static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx, 
179                                           struct loadparm_context *lp_ctx,
180                                           bool anonymous_credentials, 
181                                           struct auth_session_info **_session_info) 
182 {
183         NTSTATUS nt_status;
184         struct auth_serversupplied_info *server_info = NULL;
185         struct auth_session_info *session_info = NULL;
186         TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
187         
188         nt_status = auth_system_server_info(mem_ctx, lpcfg_netbios_name(lp_ctx),
189                                             &server_info);
190         if (!NT_STATUS_IS_OK(nt_status)) {
191                 talloc_free(mem_ctx);
192                 return nt_status;
193         }
194
195         /* references the server_info into the session_info */
196         nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info);
197         talloc_free(mem_ctx);
198
199         NT_STATUS_NOT_OK_RETURN(nt_status);
200
201         session_info->credentials = cli_credentials_init(session_info);
202         if (!session_info->credentials) {
203                 return NT_STATUS_NO_MEMORY;
204         }
205
206         cli_credentials_set_conf(session_info->credentials, lp_ctx);
207
208         if (anonymous_credentials) {
209                 cli_credentials_set_anonymous(session_info->credentials);
210         } else {
211                 cli_credentials_set_machine_account_pending(session_info->credentials, lp_ctx);
212         }
213         *_session_info = session_info;
214
215         return NT_STATUS_OK;
216 }
217
218 /*
219   Create a system session, but with anonymous credentials (so we do not need to open secrets.ldb)
220 */
221 _PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
222 {
223         NTSTATUS nt_status;
224         struct auth_session_info *session_info = NULL;
225         nt_status = _auth_system_session_info(mem_ctx, lp_ctx, true, &session_info);
226         if (!NT_STATUS_IS_OK(nt_status)) {
227                 return NULL;
228         }
229         return session_info;
230 }
231
232
233
234 _PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, 
235                                            struct loadparm_context *lp_ctx,
236                                            struct auth_session_info **_session_info) 
237 {
238         return _auth_system_session_info(parent_ctx, 
239                         lp_ctx,
240                         lpcfg_parm_bool(lp_ctx, NULL, "system", "anonymous", false),
241                         _session_info);
242 }
243
244 NTSTATUS auth_system_server_info(TALLOC_CTX *mem_ctx, const char *netbios_name, 
245                                  struct auth_serversupplied_info **_server_info) 
246 {
247         struct auth_serversupplied_info *server_info;
248
249         server_info = talloc(mem_ctx, struct auth_serversupplied_info);
250         NT_STATUS_HAVE_NO_MEMORY(server_info);
251
252         server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_SYSTEM);
253         NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
254
255         /* is this correct? */
256         server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_ADMINISTRATORS);
257         NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
258
259         server_info->n_domain_groups = 0;
260         server_info->domain_groups = NULL;
261
262         /* annoying, but the Anonymous really does have a session key, 
263            and it is all zeros! */
264         server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
265         NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
266
267         server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
268         NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
269
270         data_blob_clear(&server_info->user_session_key);
271         data_blob_clear(&server_info->lm_session_key);
272
273         server_info->account_name = talloc_strdup(server_info, "SYSTEM");
274         NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
275
276         server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
277         NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
278
279         server_info->full_name = talloc_strdup(server_info, "System");
280         NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
281
282         server_info->logon_script = talloc_strdup(server_info, "");
283         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
284
285         server_info->profile_path = talloc_strdup(server_info, "");
286         NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
287
288         server_info->home_directory = talloc_strdup(server_info, "");
289         NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
290
291         server_info->home_drive = talloc_strdup(server_info, "");
292         NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
293
294         server_info->logon_server = talloc_strdup(server_info, netbios_name);
295         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
296
297         server_info->last_logon = 0;
298         server_info->last_logoff = 0;
299         server_info->acct_expiry = 0;
300         server_info->last_password_change = 0;
301         server_info->allow_password_change = 0;
302         server_info->force_password_change = 0;
303
304         server_info->logon_count = 0;
305         server_info->bad_password_count = 0;
306
307         server_info->acct_flags = ACB_NORMAL;
308
309         server_info->authenticated = true;
310
311         *_server_info = server_info;
312
313         return NT_STATUS_OK;
314 }
315
316
317 /* Create server info for the Administrator account. This should only be used
318  * during provisioning when we need to impersonate Administrator but
319  * the account has not been created yet */
320
321 static NTSTATUS create_admin_token(TALLOC_CTX *mem_ctx,
322                                    struct dom_sid *user_sid,
323                                    struct dom_sid *group_sid,
324                                    unsigned int n_groupSIDs,
325                                    struct dom_sid **groupSIDs,
326                                    struct security_token **token)
327 {
328         struct security_token *ptoken;
329         unsigned int i;
330
331         ptoken = security_token_initialise(mem_ctx);
332         NT_STATUS_HAVE_NO_MEMORY(ptoken);
333
334         ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 3);
335         NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
336
337         ptoken->privilege_mask = 0;
338         ptoken->sids[PRIMARY_USER_SID_INDEX] = talloc_reference(ptoken, user_sid);
339         ptoken->sids[PRIMARY_GROUP_SID_INDEX] = talloc_reference(ptoken, group_sid);
340
341         ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
342         NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
343         ptoken->num_sids = 3;
344
345
346         for (i = 0; i < n_groupSIDs; i++) {
347                 size_t check_sid_idx;
348                 for (check_sid_idx = 1;
349                      check_sid_idx < ptoken->num_sids;
350                      check_sid_idx++) {
351                         if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
352                                 break;
353                         }
354                 }
355
356                 if (check_sid_idx == ptoken->num_sids) {
357                         ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
358                 }
359         }
360
361         *token = ptoken;
362         ptoken->privilege_mask = ~0;
363         return NT_STATUS_OK;
364 }
365
366 static NTSTATUS auth_domain_admin_server_info(TALLOC_CTX *mem_ctx,
367                                               const char *netbios_name,
368                                               const char *domain_name,
369                                               struct dom_sid *domain_sid,
370                                               struct auth_serversupplied_info **_server_info)
371 {
372         struct auth_serversupplied_info *server_info;
373
374         server_info = talloc(mem_ctx, struct auth_serversupplied_info);
375         NT_STATUS_HAVE_NO_MEMORY(server_info);
376
377         server_info->account_sid = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_ADMINISTRATOR);
378         NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
379
380         server_info->primary_group_sid = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_USERS);
381         NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
382
383         server_info->n_domain_groups = 6;
384         server_info->domain_groups = talloc_array(server_info, struct dom_sid *, server_info->n_domain_groups);
385
386         server_info->domain_groups[0] = dom_sid_parse_talloc(server_info, SID_BUILTIN_ADMINISTRATORS);
387         server_info->domain_groups[1] = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_ADMINS);
388         server_info->domain_groups[2] = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_USERS);
389         server_info->domain_groups[3] = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_ENTERPRISE_ADMINS);
390         server_info->domain_groups[4] = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_POLICY_ADMINS);
391         server_info->domain_groups[5] = dom_sid_add_rid(server_info, domain_sid, DOMAIN_RID_SCHEMA_ADMINS);
392
393         /* What should the session key be?*/
394         server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
395         NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
396
397         server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
398         NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
399
400         data_blob_clear(&server_info->user_session_key);
401         data_blob_clear(&server_info->lm_session_key);
402
403         server_info->account_name = talloc_strdup(server_info, "Administrator");
404         NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
405
406         server_info->domain_name = talloc_strdup(server_info, domain_name);
407         NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
408
409         server_info->full_name = talloc_strdup(server_info, "Administrator");
410         NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
411
412         server_info->logon_script = talloc_strdup(server_info, "");
413         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
414
415         server_info->profile_path = talloc_strdup(server_info, "");
416         NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
417
418         server_info->home_directory = talloc_strdup(server_info, "");
419         NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
420
421         server_info->home_drive = talloc_strdup(server_info, "");
422         NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
423
424         server_info->logon_server = talloc_strdup(server_info, netbios_name);
425         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
426
427         server_info->last_logon = 0;
428         server_info->last_logoff = 0;
429         server_info->acct_expiry = 0;
430         server_info->last_password_change = 0;
431         server_info->allow_password_change = 0;
432         server_info->force_password_change = 0;
433
434         server_info->logon_count = 0;
435         server_info->bad_password_count = 0;
436
437         server_info->acct_flags = ACB_NORMAL;
438
439         server_info->authenticated = true;
440
441         *_server_info = server_info;
442
443         return NT_STATUS_OK;
444 }
445
446 static NTSTATUS auth_domain_admin_session_info(TALLOC_CTX *parent_ctx,
447                                                struct loadparm_context *lp_ctx,
448                                                struct dom_sid *domain_sid,
449                                                struct auth_session_info **_session_info)
450 {
451         NTSTATUS nt_status;
452         struct auth_serversupplied_info *server_info = NULL;
453         struct auth_session_info *session_info = NULL;
454         TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
455
456         nt_status = auth_domain_admin_server_info(mem_ctx, lpcfg_netbios_name(lp_ctx),
457                                                   lpcfg_workgroup(lp_ctx), domain_sid,
458                                                   &server_info);
459         if (!NT_STATUS_IS_OK(nt_status)) {
460                 talloc_free(mem_ctx);
461                 return nt_status;
462         }
463
464         session_info = talloc(mem_ctx, struct auth_session_info);
465         NT_STATUS_HAVE_NO_MEMORY(session_info);
466
467         session_info->server_info = talloc_reference(session_info, server_info);
468
469         /* unless set otherwise, the session key is the user session
470          * key from the auth subsystem */
471         session_info->session_key = server_info->user_session_key;
472
473         nt_status = create_admin_token(session_info,
474                                        server_info->account_sid,
475                                        server_info->primary_group_sid,
476                                        server_info->n_domain_groups,
477                                        server_info->domain_groups,
478                                        &session_info->security_token);
479         NT_STATUS_NOT_OK_RETURN(nt_status);
480
481         session_info->credentials = cli_credentials_init(session_info);
482         if (!session_info->credentials) {
483                 return NT_STATUS_NO_MEMORY;
484         }
485
486         cli_credentials_set_conf(session_info->credentials, lp_ctx);
487
488         *_session_info = session_info;
489
490         return NT_STATUS_OK;
491 }
492
493 _PUBLIC_ struct auth_session_info *admin_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, struct dom_sid *domain_sid)
494 {
495         NTSTATUS nt_status;
496         struct auth_session_info *session_info = NULL;
497         nt_status = auth_domain_admin_session_info(mem_ctx,
498                                                    lp_ctx,
499                                                    domain_sid,
500                                                    &session_info);
501         if (!NT_STATUS_IS_OK(nt_status)) {
502                 return NULL;
503         }
504         return session_info;
505 }
506
507 _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, 
508                                               struct loadparm_context *lp_ctx,
509                                               struct auth_session_info **_session_info) 
510 {
511         NTSTATUS nt_status;
512         struct auth_serversupplied_info *server_info = NULL;
513         struct auth_session_info *session_info = NULL;
514         TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
515         
516         nt_status = auth_anonymous_server_info(mem_ctx,
517                                                lpcfg_netbios_name(lp_ctx),
518                                                &server_info);
519         if (!NT_STATUS_IS_OK(nt_status)) {
520                 talloc_free(mem_ctx);
521                 return nt_status;
522         }
523
524         /* references the server_info into the session_info */
525         nt_status = auth_generate_simple_session_info(parent_ctx, server_info, &session_info);
526         talloc_free(mem_ctx);
527
528         NT_STATUS_NOT_OK_RETURN(nt_status);
529
530         session_info->credentials = cli_credentials_init(session_info);
531         if (!session_info->credentials) {
532                 return NT_STATUS_NO_MEMORY;
533         }
534
535         cli_credentials_set_conf(session_info->credentials, lp_ctx);
536         cli_credentials_set_anonymous(session_info->credentials);
537         
538         *_session_info = session_info;
539
540         return NT_STATUS_OK;
541 }
542
543 _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx, 
544                                     const char *netbios_name,
545                                     struct auth_serversupplied_info **_server_info) 
546 {
547         struct auth_serversupplied_info *server_info;
548         server_info = talloc(mem_ctx, struct auth_serversupplied_info);
549         NT_STATUS_HAVE_NO_MEMORY(server_info);
550
551         server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
552         NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
553
554         /* is this correct? */
555         server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
556         NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
557
558         server_info->n_domain_groups = 0;
559         server_info->domain_groups = NULL;
560
561         /* annoying, but the Anonymous really does have a session key... */
562         server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
563         NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
564
565         server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
566         NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
567
568         /*  and it is all zeros! */
569         data_blob_clear(&server_info->user_session_key);
570         data_blob_clear(&server_info->lm_session_key);
571
572         server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON");
573         NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
574
575         server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
576         NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
577
578         server_info->full_name = talloc_strdup(server_info, "Anonymous Logon");
579         NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
580
581         server_info->logon_script = talloc_strdup(server_info, "");
582         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
583
584         server_info->profile_path = talloc_strdup(server_info, "");
585         NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
586
587         server_info->home_directory = talloc_strdup(server_info, "");
588         NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
589
590         server_info->home_drive = talloc_strdup(server_info, "");
591         NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
592
593         server_info->logon_server = talloc_strdup(server_info, netbios_name);
594         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
595
596         server_info->last_logon = 0;
597         server_info->last_logoff = 0;
598         server_info->acct_expiry = 0;
599         server_info->last_password_change = 0;
600         server_info->allow_password_change = 0;
601         server_info->force_password_change = 0;
602
603         server_info->logon_count = 0;
604         server_info->bad_password_count = 0;
605
606         server_info->acct_flags = ACB_NORMAL;
607
608         server_info->authenticated = false;
609
610         *_server_info = server_info;
611
612         return NT_STATUS_OK;
613 }
614
Samba Shared Repository