2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
27 /* useful function to allow entering a name instead of a SID and
28 * looking it up automatically */
29 static NTSTATUS
name_to_sid(struct cli_state
*cli
,
31 DOM_SID
*sid
, const char *name
)
38 /* maybe its a raw SID */
39 if (strncmp(name
, "S-", 2) == 0 &&
40 string_to_sid(sid
, name
)) {
44 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
45 SEC_RIGHTS_MAXIMUM_ALLOWED
,
47 if (!NT_STATUS_IS_OK(result
))
50 result
= cli_lsa_lookup_names(cli
, mem_ctx
, &pol
, 1, &name
, &sids
, &sid_types
);
51 if (!NT_STATUS_IS_OK(result
))
54 cli_lsa_close(cli
, mem_ctx
, &pol
);
63 /* Look up domain related information on a remote host */
65 static NTSTATUS
cmd_lsa_query_info_policy(struct cli_state
*cli
,
66 TALLOC_CTX
*mem_ctx
, int argc
,
70 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
72 struct uuid
*dom_guid
;
74 char *domain_name
= NULL
;
75 char *dns_name
= NULL
;
76 char *forest_name
= NULL
;
78 uint32 info_class
= 3;
81 printf("Usage: %s [info_class]\n", argv
[0]);
86 info_class
= atoi(argv
[1]);
88 /* Lookup info policy */
91 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
92 SEC_RIGHTS_MAXIMUM_ALLOWED
,
95 if (!NT_STATUS_IS_OK(result
))
97 result
= cli_lsa_query_info_policy2(cli
, mem_ctx
, &pol
,
98 info_class
, &domain_name
,
99 &dns_name
, &forest_name
,
100 &dom_guid
, &dom_sid
);
103 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
104 SEC_RIGHTS_MAXIMUM_ALLOWED
,
107 if (!NT_STATUS_IS_OK(result
))
109 result
= cli_lsa_query_info_policy(cli
, mem_ctx
, &pol
,
110 info_class
, &domain_name
,
114 if (!NT_STATUS_IS_OK(result
))
117 sid_to_string(sid_str
, dom_sid
);
120 printf("domain %s has sid %s\n", domain_name
, sid_str
);
122 printf("could not query info for level %d\n", info_class
);
125 printf("domain dns name is %s\n", dns_name
);
127 printf("forest name is %s\n", forest_name
);
129 if (info_class
== 12) {
130 printf("domain GUID is ");
131 smb_uuid_string_static(*dom_guid
);
137 /* Resolve a list of names to a list of sids */
139 static NTSTATUS
cmd_lsa_lookup_names(struct cli_state
*cli
,
140 TALLOC_CTX
*mem_ctx
, int argc
,
144 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
150 printf("Usage: %s [name1 [name2 [...]]]\n", argv
[0]);
154 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
155 SEC_RIGHTS_MAXIMUM_ALLOWED
,
158 if (!NT_STATUS_IS_OK(result
))
161 result
= cli_lsa_lookup_names(cli
, mem_ctx
, &pol
, argc
- 1,
162 (const char**)(argv
+ 1), &sids
, &types
);
164 if (!NT_STATUS_IS_OK(result
) && NT_STATUS_V(result
) !=
165 NT_STATUS_V(STATUS_SOME_UNMAPPED
))
168 result
= NT_STATUS_OK
;
172 for (i
= 0; i
< (argc
- 1); i
++) {
174 sid_to_string(sid_str
, &sids
[i
]);
175 printf("%s %s (%s: %d)\n", argv
[i
+ 1], sid_str
,
176 sid_type_lookup(types
[i
]), types
[i
]);
183 /* Resolve a list of SIDs to a list of names */
185 static NTSTATUS
cmd_lsa_lookup_sids(struct cli_state
*cli
, TALLOC_CTX
*mem_ctx
,
186 int argc
, const char **argv
)
189 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
197 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv
[0]);
201 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
202 SEC_RIGHTS_MAXIMUM_ALLOWED
,
205 if (!NT_STATUS_IS_OK(result
))
208 /* Convert arguments to sids */
210 sids
= TALLOC_ARRAY(mem_ctx
, DOM_SID
, argc
- 1);
213 printf("could not allocate memory for %d sids\n", argc
- 1);
217 for (i
= 0; i
< argc
- 1; i
++)
218 if (!string_to_sid(&sids
[i
], argv
[i
+ 1])) {
219 result
= NT_STATUS_INVALID_SID
;
223 /* Lookup the SIDs */
225 result
= cli_lsa_lookup_sids(cli
, mem_ctx
, &pol
, argc
- 1, sids
,
226 &domains
, &names
, &types
);
228 if (!NT_STATUS_IS_OK(result
) && NT_STATUS_V(result
) !=
229 NT_STATUS_V(STATUS_SOME_UNMAPPED
))
232 result
= NT_STATUS_OK
;
236 for (i
= 0; i
< (argc
- 1); i
++) {
239 sid_to_string(sid_str
, &sids
[i
]);
240 printf("%s %s\\%s (%d)\n", sid_str
,
241 domains
[i
] ? domains
[i
] : "*unknown*",
242 names
[i
] ? names
[i
] : "*unknown*", types
[i
]);
249 /* Enumerate list of trusted domains */
251 static NTSTATUS
cmd_lsa_enum_trust_dom(struct cli_state
*cli
,
252 TALLOC_CTX
*mem_ctx
, int argc
,
256 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
257 DOM_SID
*domain_sids
;
260 /* defaults, but may be changed using params */
262 uint32 num_domains
= 0;
266 printf("Usage: %s [enum context (0)]\n", argv
[0]);
270 if (argc
== 2 && argv
[1]) {
271 enum_ctx
= atoi(argv
[2]);
274 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
275 POLICY_VIEW_LOCAL_INFORMATION
,
278 if (!NT_STATUS_IS_OK(result
))
281 /* Lookup list of trusted domains */
283 result
= cli_lsa_enum_trust_dom(cli
, mem_ctx
, &pol
, &enum_ctx
,
285 &domain_names
, &domain_sids
);
286 if (!NT_STATUS_IS_OK(result
) &&
287 !NT_STATUS_EQUAL(result
, NT_STATUS_NO_MORE_ENTRIES
) &&
288 !NT_STATUS_EQUAL(result
, STATUS_MORE_ENTRIES
))
291 /* Print results: list of names and sids returned in this response. */
292 for (i
= 0; i
< num_domains
; i
++) {
295 sid_to_string(sid_str
, &domain_sids
[i
]);
296 printf("%s %s\n", domain_names
[i
] ? domain_names
[i
] :
297 "*unknown*", sid_str
);
304 /* Enumerates privileges */
306 static NTSTATUS
cmd_lsa_enum_privilege(struct cli_state
*cli
,
307 TALLOC_CTX
*mem_ctx
, int argc
,
311 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
313 uint32 enum_context
=0;
314 uint32 pref_max_length
=0x1000;
322 printf("Usage: %s [enum context] [max length]\n", argv
[0]);
327 enum_context
=atoi(argv
[1]);
330 pref_max_length
=atoi(argv
[2]);
332 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
333 SEC_RIGHTS_MAXIMUM_ALLOWED
,
336 if (!NT_STATUS_IS_OK(result
))
339 result
= cli_lsa_enum_privilege(cli
, mem_ctx
, &pol
, &enum_context
, pref_max_length
,
340 &count
, &privs_name
, &privs_high
, &privs_low
);
342 if (!NT_STATUS_IS_OK(result
))
346 printf("found %d privileges\n\n", count
);
348 for (i
= 0; i
< count
; i
++) {
349 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name
[i
] ? privs_name
[i
] : "*unknown*",
350 privs_high
[i
], privs_low
[i
], privs_high
[i
], privs_low
[i
]);
357 /* Get privilege name */
359 static NTSTATUS
cmd_lsa_get_dispname(struct cli_state
*cli
,
360 TALLOC_CTX
*mem_ctx
, int argc
,
364 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
367 uint16 lang_id_sys
=0;
372 printf("Usage: %s privilege name\n", argv
[0]);
376 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
377 SEC_RIGHTS_MAXIMUM_ALLOWED
,
380 if (!NT_STATUS_IS_OK(result
))
383 result
= cli_lsa_get_dispname(cli
, mem_ctx
, &pol
, argv
[1], lang_id
, lang_id_sys
, description
, &lang_id_desc
);
385 if (!NT_STATUS_IS_OK(result
))
389 printf("%s -> %s (language: 0x%x)\n", argv
[1], description
, lang_id_desc
);
395 /* Enumerate the LSA SIDS */
397 static NTSTATUS
cmd_lsa_enum_sids(struct cli_state
*cli
,
398 TALLOC_CTX
*mem_ctx
, int argc
,
402 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
404 uint32 enum_context
=0;
405 uint32 pref_max_length
=0x1000;
411 printf("Usage: %s [enum context] [max length]\n", argv
[0]);
416 enum_context
=atoi(argv
[1]);
419 pref_max_length
=atoi(argv
[2]);
421 result
= cli_lsa_open_policy(cli
, mem_ctx
, True
,
422 SEC_RIGHTS_MAXIMUM_ALLOWED
,
425 if (!NT_STATUS_IS_OK(result
))
428 result
= cli_lsa_enum_sids(cli
, mem_ctx
, &pol
, &enum_context
, pref_max_length
,
431 if (!NT_STATUS_IS_OK(result
))
435 printf("found %d SIDs\n\n", count
);
437 for (i
= 0; i
< count
; i
++) {
440 sid_to_string(sid_str
, &sids
[i
]);
441 printf("%s\n", sid_str
);
448 /* Enumerate the privileges of an SID */
450 static NTSTATUS
cmd_lsa_enum_privsaccounts(struct cli_state
*cli
,
451 TALLOC_CTX
*mem_ctx
, int argc
,
456 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
457 uint32 access_desired
= 0x000f000f;
465 printf("Usage: %s SID\n", argv
[0]);
469 result
= name_to_sid(cli
, mem_ctx
, &sid
, argv
[1]);
470 if (!NT_STATUS_IS_OK(result
))
473 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
474 SEC_RIGHTS_MAXIMUM_ALLOWED
,
477 if (!NT_STATUS_IS_OK(result
))
480 result
= cli_lsa_open_account(cli
, mem_ctx
, &dom_pol
, &sid
, access_desired
, &user_pol
);
482 if (!NT_STATUS_IS_OK(result
))
485 result
= cli_lsa_enum_privsaccount(cli
, mem_ctx
, &user_pol
, &count
, &set
);
487 if (!NT_STATUS_IS_OK(result
))
491 printf("found %d privileges for SID %s\n\n", count
, argv
[1]);
492 printf("high\tlow\tattribute\n");
494 for (i
= 0; i
< count
; i
++) {
495 printf("%u\t%u\t%u\n", set
[i
].luid
.high
, set
[i
].luid
.low
, set
[i
].attr
);
503 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
505 static NTSTATUS
cmd_lsa_enum_acct_rights(struct cli_state
*cli
,
506 TALLOC_CTX
*mem_ctx
, int argc
,
510 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
519 printf("Usage: %s SID\n", argv
[0]);
523 result
= name_to_sid(cli
, mem_ctx
, &sid
, argv
[1]);
524 if (!NT_STATUS_IS_OK(result
))
527 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
528 SEC_RIGHTS_MAXIMUM_ALLOWED
,
531 if (!NT_STATUS_IS_OK(result
))
534 result
= cli_lsa_enum_account_rights(cli
, mem_ctx
, &dom_pol
, sid
, &count
, &rights
);
536 if (!NT_STATUS_IS_OK(result
))
539 printf("found %d privileges for SID %s\n", count
, sid_string_static(&sid
));
541 for (i
= 0; i
< count
; i
++) {
542 printf("\t%s\n", rights
[i
]);
550 /* add some privileges to a SID via LsaAddAccountRights */
552 static NTSTATUS
cmd_lsa_add_acct_rights(struct cli_state
*cli
,
553 TALLOC_CTX
*mem_ctx
, int argc
,
557 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
562 printf("Usage: %s SID [rights...]\n", argv
[0]);
566 result
= name_to_sid(cli
, mem_ctx
, &sid
, argv
[1]);
567 if (!NT_STATUS_IS_OK(result
))
570 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
571 SEC_RIGHTS_MAXIMUM_ALLOWED
,
574 if (!NT_STATUS_IS_OK(result
))
577 result
= cli_lsa_add_account_rights(cli
, mem_ctx
, &dom_pol
, sid
,
580 if (!NT_STATUS_IS_OK(result
))
588 /* remove some privileges to a SID via LsaRemoveAccountRights */
590 static NTSTATUS
cmd_lsa_remove_acct_rights(struct cli_state
*cli
,
591 TALLOC_CTX
*mem_ctx
, int argc
,
595 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
600 printf("Usage: %s SID [rights...]\n", argv
[0]);
604 result
= name_to_sid(cli
, mem_ctx
, &sid
, argv
[1]);
605 if (!NT_STATUS_IS_OK(result
))
608 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
609 SEC_RIGHTS_MAXIMUM_ALLOWED
,
612 if (!NT_STATUS_IS_OK(result
))
615 result
= cli_lsa_remove_account_rights(cli
, mem_ctx
, &dom_pol
, sid
,
616 False
, argc
-2, argv
+2);
618 if (!NT_STATUS_IS_OK(result
))
626 /* Get a privilege value given its name */
628 static NTSTATUS
cmd_lsa_lookupprivvalue(struct cli_state
*cli
,
629 TALLOC_CTX
*mem_ctx
, int argc
,
633 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
637 printf("Usage: %s name\n", argv
[0]);
641 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
642 SEC_RIGHTS_MAXIMUM_ALLOWED
,
645 if (!NT_STATUS_IS_OK(result
))
648 result
= cli_lsa_lookupprivvalue(cli
, mem_ctx
, &pol
, argv
[1], &luid
);
650 if (!NT_STATUS_IS_OK(result
))
655 printf("%u:%u (0x%x:0x%x)\n", luid
.high
, luid
.low
, luid
.high
, luid
.low
);
661 /* Query LSA security object */
663 static NTSTATUS
cmd_lsa_query_secobj(struct cli_state
*cli
,
664 TALLOC_CTX
*mem_ctx
, int argc
,
668 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
670 uint32 sec_info
= 0x00000004; /* ??? */
673 printf("Usage: %s\n", argv
[0]);
677 result
= cli_lsa_open_policy2(cli
, mem_ctx
, True
,
678 SEC_RIGHTS_MAXIMUM_ALLOWED
,
681 if (!NT_STATUS_IS_OK(result
))
684 result
= cli_lsa_query_secobj(cli
, mem_ctx
, &pol
, sec_info
, &sdb
);
686 if (!NT_STATUS_IS_OK(result
))
691 display_sec_desc(sdb
->sec
);
698 /* List of commands exported by this module */
700 struct cmd_set lsarpc_commands
[] = {
704 { "lsaquery", RPC_RTYPE_NTSTATUS
, cmd_lsa_query_info_policy
, NULL
, PI_LSARPC
, "Query info policy", "" },
705 { "lookupsids", RPC_RTYPE_NTSTATUS
, cmd_lsa_lookup_sids
, NULL
, PI_LSARPC
, "Convert SIDs to names", "" },
706 { "lookupnames", RPC_RTYPE_NTSTATUS
, cmd_lsa_lookup_names
, NULL
, PI_LSARPC
, "Convert names to SIDs", "" },
707 { "enumtrust", RPC_RTYPE_NTSTATUS
, cmd_lsa_enum_trust_dom
, NULL
, PI_LSARPC
, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
708 { "enumprivs", RPC_RTYPE_NTSTATUS
, cmd_lsa_enum_privilege
, NULL
, PI_LSARPC
, "Enumerate privileges", "" },
709 { "getdispname", RPC_RTYPE_NTSTATUS
, cmd_lsa_get_dispname
, NULL
, PI_LSARPC
, "Get the privilege name", "" },
710 { "lsaenumsid", RPC_RTYPE_NTSTATUS
, cmd_lsa_enum_sids
, NULL
, PI_LSARPC
, "Enumerate the LSA SIDS", "" },
711 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS
, cmd_lsa_enum_privsaccounts
, NULL
, PI_LSARPC
, "Enumerate the privileges of an SID", "" },
712 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS
, cmd_lsa_enum_acct_rights
, NULL
, PI_LSARPC
, "Enumerate the rights of an SID", "" },
713 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS
, cmd_lsa_add_acct_rights
, NULL
, PI_LSARPC
, "Add rights to an account", "" },
714 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS
, cmd_lsa_remove_acct_rights
, NULL
, PI_LSARPC
, "Remove rights from an account", "" },
715 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS
, cmd_lsa_lookupprivvalue
, NULL
, PI_LSARPC
, "Get a privilege value given its name", "" },
716 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS
, cmd_lsa_query_secobj
, NULL
, PI_LSARPC
, "Query LSA security object", "" },