search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-netlogon: implement dcesrv_netr_DsRAddressToSitenamesExW
[Samba/aatanasov.git] / source3 / utils / net_rpc_audit.c
blobf0b440d3bea3c44f979b0da96338813768c6fa6e
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2006,2008 Guenther Deschner
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>. */
18
19 #include "includes.h"
20 #include "utils/net.h"
21
22 /********************************************************************
23 ********************************************************************/
24
25 static int net_help_audit(struct net_context *c, int argc, const char **argv)
26 {
27 d_printf(_("net rpc audit list View configured Auditing policies\n"));
28 d_printf(_("net rpc audit enable Enable Auditing\n"));
29 d_printf(_("net rpc audit disable Disable Auditing\n"));
30 d_printf(_("net rpc audit get <category> View configured Auditing policy setting\n"));
31 d_printf(_("net rpc audit set <category> <policy> Set Auditing policies\n\n"));
32 d_printf(_("\tcategory can be one of: SYSTEM, LOGON, OBJECT, PRIVILEGE, PROCESS, POLICY, SAM, DIRECTORY or ACCOUNT\n"));
33 d_printf(_("\tpolicy can be one of: SUCCESS, FAILURE, ALL or NONE\n\n"));
34
35 return -1;
36 }
37
38 /********************************************************************
39 ********************************************************************/
40
41 static void print_auditing_category(const char *policy, const char *value)
42 {
43 fstring padding;
44 int pad_len, col_len = 30;
45
46 if (policy == NULL) {
47 policy = N_("Unknown");
48 }
49 if (value == NULL) {
50 value = N_("Invalid");
51 }
52
53 /* calculate padding space for d_printf to look nicer */
54 pad_len = col_len - strlen(policy);
55 padding[pad_len] = 0;
56 do padding[--pad_len] = ' '; while (pad_len > 0);
57
58 d_printf(_("\t%s%s%s\n"), policy, padding, value);
59 }
60
61 /********************************************************************
62 ********************************************************************/
63
64 static NTSTATUS rpc_audit_get_internal(struct net_context *c,
65 const DOM_SID *domain_sid,
66 const char *domain_name,
67 struct cli_state *cli,
68 struct rpc_pipe_client *pipe_hnd,
69 TALLOC_CTX *mem_ctx,
70 int argc,
71 const char **argv)
72 {
73 struct policy_handle pol;
74 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
75 union lsa_PolicyInformation *info = NULL;
76 int i;
77 uint32_t audit_category;
78
79 if (argc < 1 || argc > 2) {
80 d_printf(_("insufficient arguments\n"));
81 net_help_audit(c, argc, argv);
82 return NT_STATUS_INVALID_PARAMETER;
83 }
84
85 if (!get_audit_category_from_param(argv[0], &audit_category)) {
86 d_printf(_("invalid auditing category: %s\n"), argv[0]);
87 return NT_STATUS_INVALID_PARAMETER;
88 }
89
90 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
91 SEC_FLAG_MAXIMUM_ALLOWED,
92 &pol);
93
94 if (!NT_STATUS_IS_OK(result)) {
95 goto done;
96 }
97
98 result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
99 &pol,
100 LSA_POLICY_INFO_AUDIT_EVENTS,
101 &info);
102
103 if (!NT_STATUS_IS_OK(result)) {
104 goto done;
105 }
106
107 for (i=0; i < info->audit_events.count; i++) {
108
109 const char *val = NULL, *policy = NULL;
110
111 if (i != audit_category) {
112 continue;
113 }
114
115 val = audit_policy_str(mem_ctx, info->audit_events.settings[i]);
116 policy = audit_description_str(i);
117 print_auditing_category(policy, val);
118 }
119
120 done:
121 if (!NT_STATUS_IS_OK(result)) {
122 d_printf(_("failed to get auditing policy: %s\n"),
123 nt_errstr(result));
124 }
125
126 return result;
127 }
128
129 /********************************************************************
130 ********************************************************************/
131
132 static NTSTATUS rpc_audit_set_internal(struct net_context *c,
133 const DOM_SID *domain_sid,
134 const char *domain_name,
135 struct cli_state *cli,
136 struct rpc_pipe_client *pipe_hnd,
137 TALLOC_CTX *mem_ctx,
138 int argc,
139 const char **argv)
140 {
141 struct policy_handle pol;
142 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
143 union lsa_PolicyInformation *info = NULL;
144 uint32_t audit_policy, audit_category;
145
146 if (argc < 2 || argc > 3) {
147 d_printf(_("insufficient arguments\n"));
148 net_help_audit(c, argc, argv);
149 return NT_STATUS_INVALID_PARAMETER;
150 }
151
152 if (!get_audit_category_from_param(argv[0], &audit_category)) {
153 d_printf(_("invalid auditing category: %s\n"), argv[0]);
154 return NT_STATUS_INVALID_PARAMETER;
155 }
156
157 audit_policy = LSA_AUDIT_POLICY_CLEAR;
158
159 if (strequal(argv[1], "Success")) {
160 audit_policy |= LSA_AUDIT_POLICY_SUCCESS;
161 } else if (strequal(argv[1], "Failure")) {
162 audit_policy |= LSA_AUDIT_POLICY_FAILURE;
163 } else if (strequal(argv[1], "All")) {
164 audit_policy |= LSA_AUDIT_POLICY_ALL;
165 } else if (strequal(argv[1], "None")) {
166 audit_policy = LSA_AUDIT_POLICY_CLEAR;
167 } else {
168 d_printf(_("invalid auditing policy: %s\n"), argv[1]);
169 return NT_STATUS_INVALID_PARAMETER;
170 }
171
172 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
173 SEC_FLAG_MAXIMUM_ALLOWED,
174 &pol);
175
176 if (!NT_STATUS_IS_OK(result)) {
177 goto done;
178 }
179
180 result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
181 &pol,
182 LSA_POLICY_INFO_AUDIT_EVENTS,
183 &info);
184
185 if (!NT_STATUS_IS_OK(result)) {
186 goto done;
187 }
188
189 info->audit_events.settings[audit_category] = audit_policy;
190
191 result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx,
192 &pol,
193 LSA_POLICY_INFO_AUDIT_EVENTS,
194 info);
195
196 if (!NT_STATUS_IS_OK(result)) {
197 goto done;
198 }
199
200 result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
201 &pol,
202 LSA_POLICY_INFO_AUDIT_EVENTS,
203 &info);
204 {
205 const char *val = audit_policy_str(mem_ctx, info->audit_events.settings[audit_category]);
206 const char *policy = audit_description_str(audit_category);
207 print_auditing_category(policy, val);
208 }
209
210 done:
211 if (!NT_STATUS_IS_OK(result)) {
212 d_printf(_("failed to set audit policy: %s\n"),
213 nt_errstr(result));
214 }
215
216 return result;
217 }
218
219 /********************************************************************
220 ********************************************************************/
221
222 static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd,
223 TALLOC_CTX *mem_ctx,
224 int argc,
225 const char **argv,
226 bool enable)
227 {
228 struct policy_handle pol;
229 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
230 union lsa_PolicyInformation *info = NULL;
231
232 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
233 SEC_FLAG_MAXIMUM_ALLOWED,
234 &pol);
235
236 if (!NT_STATUS_IS_OK(result)) {
237 goto done;
238 }
239
240 result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
241 &pol,
242 LSA_POLICY_INFO_AUDIT_EVENTS,
243 &info);
244 if (!NT_STATUS_IS_OK(result)) {
245 goto done;
246 }
247
248 info->audit_events.auditing_mode = enable;
249
250 result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx,
251 &pol,
252 LSA_POLICY_INFO_AUDIT_EVENTS,
253 info);
254
255 if (!NT_STATUS_IS_OK(result)) {
256 goto done;
257 }
258
259 done:
260 if (!NT_STATUS_IS_OK(result)) {
261 d_printf(_("%s: %s\n"),
262 enable ? _("failed to enable audit policy"):
263 _("failed to disable audit policy"),
264 nt_errstr(result));
265 }
266
267 return result;
268 }
269
270 /********************************************************************
271 ********************************************************************/
272
273 static NTSTATUS rpc_audit_disable_internal(struct net_context *c,
274 const DOM_SID *domain_sid,
275 const char *domain_name,
276 struct cli_state *cli,
277 struct rpc_pipe_client *pipe_hnd,
278 TALLOC_CTX *mem_ctx,
279 int argc,
280 const char **argv)
281 {
282 return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv,
283 false);
284 }
285
286 /********************************************************************
287 ********************************************************************/
288
289 static NTSTATUS rpc_audit_enable_internal(struct net_context *c,
290 const DOM_SID *domain_sid,
291 const char *domain_name,
292 struct cli_state *cli,
293 struct rpc_pipe_client *pipe_hnd,
294 TALLOC_CTX *mem_ctx,
295 int argc,
296 const char **argv)
297 {
298 return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv,
299 true);
300 }
301
302 /********************************************************************
303 ********************************************************************/
304
305 static NTSTATUS rpc_audit_list_internal(struct net_context *c,
306 const DOM_SID *domain_sid,
307 const char *domain_name,
308 struct cli_state *cli,
309 struct rpc_pipe_client *pipe_hnd,
310 TALLOC_CTX *mem_ctx,
311 int argc,
312 const char **argv)
313 {
314 struct policy_handle pol;
315 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
316 union lsa_PolicyInformation *info = NULL;
317 int i;
318
319 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
320 SEC_FLAG_MAXIMUM_ALLOWED,
321 &pol);
322
323 if (!NT_STATUS_IS_OK(result)) {
324 goto done;
325 }
326
327 result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
328 &pol,
329 LSA_POLICY_INFO_AUDIT_EVENTS,
330 &info);
331 if (!NT_STATUS_IS_OK(result)) {
332 goto done;
333 }
334
335 printf(_("Auditing:\t\t"));
336 switch (info->audit_events.auditing_mode) {
337 case true:
338 printf(_("Enabled"));
339 break;
340 case false:
341 printf(_("Disabled"));
342 break;
343 default:
344 printf(_("unknown (%d)"),
345 info->audit_events.auditing_mode);
346 break;
347 }
348 printf("\n");
349
350 printf(_("Auditing categories:\t%d\n"), info->audit_events.count);
351 printf(_("Auditing settings:\n"));
352
353 for (i=0; i < info->audit_events.count; i++) {
354 const char *val = audit_policy_str(mem_ctx, info->audit_events.settings[i]);
355 const char *policy = audit_description_str(i);
356 print_auditing_category(policy, val);
357 }
358
359 done:
360 if (!NT_STATUS_IS_OK(result)) {
361 d_printf(_("failed to list auditing policies: %s\n"),
362 nt_errstr(result));
363 }
364
365 return result;
366 }
367
368 /********************************************************************
369 ********************************************************************/
370
371 static int rpc_audit_get(struct net_context *c, int argc, const char **argv)
372 {
373 if (c->display_usage) {
374 d_printf(_("Usage:\n"
375 "net rpc audit get\n"
376 " View configured audit setting\n"));
377 return 0;
378 }
379
380 return run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
381 rpc_audit_get_internal, argc, argv);
382 }
383
384 /********************************************************************
385 ********************************************************************/
386
387 static int rpc_audit_set(struct net_context *c, int argc, const char **argv)
388 {
389 if (c->display_usage) {
390 d_printf(_("Usage:\n"
391 "net rpc audit set\n"
392 " Set audit policies\n"));
393 return 0;
394 }
395
396 return run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
397 rpc_audit_set_internal, argc, argv);
398 }
399
400 /********************************************************************
401 ********************************************************************/
402
403 static int rpc_audit_enable(struct net_context *c, int argc, const char **argv)
404 {
405 if (c->display_usage) {
406 d_printf(_("Usage:\n"
407 "net rpc audit enable\n"
408 " Enable auditing\n"));
409 return 0;
410 }
411
412 return run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
413 rpc_audit_enable_internal, argc, argv);
414 }
415
416 /********************************************************************
417 ********************************************************************/
418
419 static int rpc_audit_disable(struct net_context *c, int argc, const char **argv)
420 {
421 if (c->display_usage) {
422 d_printf(_("Usage:\n"
423 "net rpc audit disable\n"
424 " Disable auditing\n"));
425 return 0;
426 }
427
428 return run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
429 rpc_audit_disable_internal, argc, argv);
430 }
431
432 /********************************************************************
433 ********************************************************************/
434
435 static int rpc_audit_list(struct net_context *c, int argc, const char **argv)
436 {
437 if (c->display_usage) {
438 d_printf(_("Usage:\n"
439 "net rpc audit list\n"
440 " List auditing settings\n"));
441 return 0;
442 }
443
444 return run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
445 rpc_audit_list_internal, argc, argv);
446 }
447
448 /********************************************************************
449 ********************************************************************/
450
451 int net_rpc_audit(struct net_context *c, int argc, const char **argv)
452 {
453 struct functable func[] = {
454 {
455 "get",
456 rpc_audit_get,
457 NET_TRANSPORT_RPC,
458 N_("View configured auditing settings"),
459 N_("net rpc audit get\n"
460 " View configured auditing settings")
461 },
462 {
463 "set",
464 rpc_audit_set,
465 NET_TRANSPORT_RPC,
466 N_("Set auditing policies"),
467 N_("net rpc audit set\n"
468 " Set auditing policies")
469 },
470 {
471 "enable",
472 rpc_audit_enable,
473 NET_TRANSPORT_RPC,
474 N_("Enable auditing"),
475 N_("net rpc audit enable\n"
476 " Enable auditing")
477 },
478 {
479 "disable",
480 rpc_audit_disable,
481 NET_TRANSPORT_RPC,
482 N_("Disable auditing"),
483 N_("net rpc audit disable\n"
484 " Disable auditing")
485 },
486 {
487 "list",
488 rpc_audit_list,
489 NET_TRANSPORT_RPC,
490 N_("List configured auditing settings"),
491 N_("net rpc audit list\n"
492 " List configured auditing settings")
493 },
494 {NULL, NULL, 0, NULL, NULL}
495 };
496
497 return net_run_function(c, argc, argv, "net rpc audit", func);
498 }
aatanasov's samba4 branch