Fix crashes

Fix incorrect LDAP attributes
Fix local backdoor
Fix build warnings
Allow configured groups to become machine local administrators
Fix workstation unlock

1 files changed, 50 insertions, 5 deletions

diff --git a/sc-ap/netusergroup.cpp b/sc-ap/netusergroup.cpp
index a8e34c0..018ce3d 100755
--- a/sc-ap/netusergroup.cpp
+++ b/sc-ap/netusergroup.cpp
@@ -1,8 +1,8 @@
 /*

-  $Id: netusergroup.cpp,v 1.1.1.1 2005/07/07 15:05:59 oflebbe Exp $

-

   Copyright (C) 2003 Olaf Flebbe, Science and Computing AG

   o.flebbe@science-computing.de

+  Copyright (C) 2013 Timothy Pearson, Northern Illinois University

+  kb9vqf@pearsoncomputing.net

 

   This program is free software; you can redistribute it and/or modify

   it under the terms of the GNU General Public License as published by

@@ -24,6 +24,7 @@
 

 #include <windows.h>

 #include <lm.h>

+#include <time.h>

 #include "netusergroup.h"

 

 int

@@ -53,7 +54,7 @@ delUserFromGroup( const mystring& userName, const mystring& groupName) {
 

 int addGroup( const mystring& groupName) {

 LOCALGROUP_INFO_0 gent;

-  gent.lgrpi0_name = wcsdup( groupName.c_str());

+  gent.lgrpi0_name = _wcsdup( groupName.c_str());

   int ret = NetLocalGroupAdd( NULL, 0, (LPBYTE )&gent, NULL);

   free( gent.lgrpi0_name);

   if (!(ret ==  NERR_Success || ret == NERR_GroupExists || ret == ERROR_ALIAS_EXISTS)) {

@@ -80,13 +81,13 @@ addUser( const mystring& userName) {
   return (!(ret == NERR_Success || ret == NERR_UserExists));

 }

 

-int addUser( const mystring& userName, const mystring& homepath, const mystring& homedrive, 

+int addUser( const mystring& userName, const mystring& password, const mystring& homepath, const mystring& homedrive, 

 			const mystring& profile, const mystring& script) {

 	USER_INFO_4 ui; /* INFO_3 für 2000? */

 

 	memset( &ui, 0, sizeof( ui));

 	ui.usri4_name = (LPWSTR) userName.c_str();

-	ui.usri4_password = L"xyzzy";

+	ui.usri4_password = (LPWSTR) password.c_str();

 	ui.usri4_priv = USER_PRIV_USER;

 	ui.usri4_home_dir = (LPWSTR) homepath.c_str();

 

@@ -104,6 +105,50 @@ int addUser( const mystring& userName, const mystring& homepath, const mystring&
 	int ret = NetUserAdd( NULL, 4, (LPBYTE )&ui, NULL);

 	return (!(ret == NERR_Success || ret == NERR_UserExists));

 }

+

+int modifyUser( const mystring& userName, const mystring& password, const mystring& homepath, const mystring& homedrive, 

+			const mystring& profile, const mystring& script) {

+	LPUSER_INFO_4 ui = NULL;

+	if (NERR_Success == NetUserGetInfo( NULL, userName.c_str(), 4, (LPBYTE *)&ui)) {

+		ui->usri4_name = (LPWSTR) userName.c_str();

+		ui->usri4_home_dir = (LPWSTR) homepath.c_str();

+

+		ui->usri4_script_path = (LPWSTR) script.c_str();

+

+		ui->usri4_profile = (LPWSTR) profile.c_str(); 

+		ui->usri4_home_dir_drive = (LPWSTR) homedrive.c_str();

+		int ret = NetUserSetInfo( NULL, userName.c_str(), 4, (LPBYTE )ui, NULL);

+		return (!(ret == NERR_Success || ret == NERR_UserExists));

+	}

+	else {

+		return 1;

+	}

+}

+

+int

+resetAccountExpiry( const mystring& userName, const mystring& password, FILE *fp) {

+	if (fp) {

+		fprintf( fp, "resetting account expiration for user '%S'\n", userName.c_str());

+		fflush(fp);

+	}

+	LPUSER_INFO_4 ui = NULL;

+	if (NERR_Success == NetUserGetInfo( NULL, userName.c_str(), 4, (LPBYTE *)&ui)) {

+		ui->usri4_acct_expires = (DWORD)time(0) + 10;	/* only allow login for up to 10 seconds after Kerberized authentication */

+		//ui->usri4_acct_expires = TIMEQ_FOREVER;

+		ui->usri4_password = (LPWSTR) password.c_str();

+		ui->usri4_flags = (ui->usri4_flags & (~UF_ACCOUNTDISABLE));	/* ensure account is enabled */

+		int ret = NetUserSetInfo( NULL, userName.c_str(), 4, (LPBYTE )ui, NULL);

+		if (fp) {

+			fprintf( fp, "new time %d: commit returned %d\n", ui->usri4_acct_expires, ret);

+			fflush(fp);

+		}

+		return (!(ret == NERR_Success || ret == NERR_UserExists));

+	}

+	else {

+		return 1;

+	}

+}

+

 // return  1: User exists and disabled

 // return  0: User exists and enabled

 // return -1: User does not exist