2 Unix SMB/Netbios implementation.
6 Copyright (C) Andrew Tridgell 1992-2000,
7 Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
8 Copyright (C) Elrond 2000
9 Copyright (C) Tim Potter 2000
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 extern DOM_SID domain_sid
;
30 /****************************************************************************
31 display sam_user_info_21 structure
32 ****************************************************************************/
33 static void display_sam_user_info_21(SAM_USER_INFO_21
*usr
)
37 unistr2_to_ascii(temp
, &usr
->uni_user_name
, sizeof(temp
)-1);
38 printf("\tUser Name :\t%s\n", temp
);
40 unistr2_to_ascii(temp
, &usr
->uni_full_name
, sizeof(temp
)-1);
41 printf("\tFull Name :\t%s\n", temp
);
43 unistr2_to_ascii(temp
, &usr
->uni_home_dir
, sizeof(temp
)-1);
44 printf("\tHome Drive :\t%s\n", temp
);
46 unistr2_to_ascii(temp
, &usr
->uni_dir_drive
, sizeof(temp
)-1);
47 printf("\tDir Drive :\t%s\n", temp
);
49 unistr2_to_ascii(temp
, &usr
->uni_profile_path
, sizeof(temp
)-1);
50 printf("\tProfile Path:\t%s\n", temp
);
52 unistr2_to_ascii(temp
, &usr
->uni_logon_script
, sizeof(temp
)-1);
53 printf("\tLogon Script:\t%s\n", temp
);
55 unistr2_to_ascii(temp
, &usr
->uni_acct_desc
, sizeof(temp
)-1);
56 printf("\tDescription :\t%s\n", temp
);
58 unistr2_to_ascii(temp
, &usr
->uni_workstations
, sizeof(temp
)-1);
59 printf("\tWorkstations:\t%s\n", temp
);
61 unistr2_to_ascii(temp
, &usr
->uni_unknown_str
, sizeof(temp
)-1);
62 printf("\tUnknown Str :\t%s\n", temp
);
64 unistr2_to_ascii(temp
, &usr
->uni_munged_dial
, sizeof(temp
)-1);
65 printf("\tRemote Dial :\t%s\n", temp
);
67 printf("\tLogon Time :\t%s\n",
68 http_timestring(nt_time_to_unix(&usr
->logon_time
)));
69 printf("\tLogoff Time :\t%s\n",
70 http_timestring(nt_time_to_unix(&usr
->logoff_time
)));
71 printf("\tKickoff Time :\t%s\n",
72 http_timestring(nt_time_to_unix(&usr
->kickoff_time
)));
73 printf("\tPassword last set Time :\t%s\n",
74 http_timestring(nt_time_to_unix(&usr
->pass_last_set_time
)));
75 printf("\tPassword can change Time :\t%s\n",
76 http_timestring(nt_time_to_unix(&usr
->pass_can_change_time
)));
77 printf("\tPassword must change Time:\t%s\n",
78 http_timestring(nt_time_to_unix(&usr
->pass_must_change_time
)));
80 printf("\tunknown_2[0..31]...\n"); /* user passwords? */
82 printf("\tuser_rid :\t%x\n" , usr
->user_rid
); /* User ID */
83 printf("\tgroup_rid:\t%x\n" , usr
->group_rid
); /* Group ID */
84 printf("\tacb_info :\t%04x\n", usr
->acb_info
); /* Account Control Info */
86 printf("\tunknown_3:\t%08x\n", usr
->unknown_3
); /* 0x00ff ffff */
87 printf("\tlogon_divs:\t%d\n", usr
->logon_divs
); /* 0x0000 00a8 which is 168 which is num hrs in a week */
88 printf("\tunknown_5:\t%08x\n", usr
->unknown_5
); /* 0x0002 0000 */
90 printf("\tpadding1[0..7]...\n");
92 if (usr
->ptr_logon_hrs
) {
93 printf("\tlogon_hrs[0..%d]...\n", usr
->logon_hrs
.len
);
97 /**********************************************************************
98 * Query user information
100 static uint32
cmd_samr_query_user(struct cli_state
*cli
, int argc
, char **argv
)
102 POLICY_HND connect_pol
, domain_pol
, user_pol
;
103 uint32 result
= NT_STATUS_UNSUCCESSFUL
,
105 BOOL got_connect_pol
= False
,
106 got_domain_pol
= False
,
107 got_user_pol
= False
;
108 SAM_USERINFO_CTR user_ctr
;
109 SAM_USER_INFO_21 info_21
;
113 printf("Usage: %s\n", argv
[0]);
117 /* Initialise RPC connection */
118 if (!cli_nt_session_open (cli
, PIPE_SAMR
)) {
119 fprintf (stderr
, "Could not initialize samr pipe!\n");
120 return NT_STATUS_UNSUCCESSFUL
;
123 slprintf (server
, sizeof(fstring
), "\\\\%s", cli
->desthost
);
126 if ((result
= cli_samr_connect(cli
, server
, MAXIMUM_ALLOWED_ACCESS
,
128 NT_STATUS_NOPROBLEMO
) {
132 got_connect_pol
= True
;
133 fetch_domain_sid(cli
);
135 if ((result
= cli_samr_open_domain(cli
, &connect_pol
,
136 MAXIMUM_ALLOWED_ACCESS
,
137 &domain_sid
, &domain_pol
))
138 != NT_STATUS_NOPROBLEMO
) {
142 got_domain_pol
= True
;
144 if ((result
= cli_samr_open_user(cli
, &domain_pol
,
145 MAXIMUM_ALLOWED_ACCESS
,
147 != NT_STATUS_NOPROBLEMO
) {
153 ZERO_STRUCT(user_ctr
);
154 ZERO_STRUCT(info_21
);
156 user_ctr
.info
.id21
= &info_21
;
158 if ((result
= cli_samr_query_userinfo(cli
, &user_pol
, info_level
,
160 != NT_STATUS_NOPROBLEMO
) {
164 display_sam_user_info_21(&info_21
);
167 if (got_user_pol
) cli_samr_close(cli
, &user_pol
);
168 if (got_domain_pol
) cli_samr_close(cli
, &domain_pol
);
169 if (got_connect_pol
) cli_samr_close(cli
, &connect_pol
);
171 cli_nt_session_close(cli
);
176 /****************************************************************************
178 ****************************************************************************/
179 static void display_group_info1(GROUP_INFO1
*info1
)
183 unistr2_to_ascii(temp
, &info1
->uni_acct_name
, sizeof(temp
)-1);
184 printf("\tGroup Name:\t%s\n", temp
);
185 unistr2_to_ascii(temp
, &info1
->uni_acct_desc
, sizeof(temp
)-1);
186 printf("\tDescription:\t%s\n", temp
);
187 printf("\tunk1:%d\n", info1
->unknown_1
);
188 printf("\tNum Members:%d\n", info1
->num_members
);
191 /****************************************************************************
193 ****************************************************************************/
194 static void display_group_info4(GROUP_INFO4
*info4
)
198 unistr2_to_ascii(desc
, &info4
->uni_acct_desc
, sizeof(desc
)-1);
199 printf("\tGroup Description:%s\n", desc
);
202 /****************************************************************************
203 display sam sync structure
204 ****************************************************************************/
205 static void display_group_info_ctr(GROUP_INFO_CTR
*ctr
)
207 switch (ctr
->switch_value1
) {
209 display_group_info1(&ctr
->group
.info1
);
213 display_group_info4(&ctr
->group
.info4
);
219 /***********************************************************************
220 * Query group information
222 static uint32
cmd_samr_query_group(struct cli_state
*cli
, int argc
, char **argv
)
224 POLICY_HND connect_pol
, domain_pol
, group_pol
;
225 uint32 result
= NT_STATUS_UNSUCCESSFUL
, info_level
= 1;
226 BOOL got_connect_pol
= False
, got_domain_pol
= False
,
227 got_group_pol
= False
;
228 GROUP_INFO_CTR group_ctr
;
232 printf("Usage: %s\n", argv
[0]);
236 /* Initialise RPC connection */
237 if (!cli_nt_session_open (cli
, PIPE_SAMR
)) {
238 fprintf (stderr
, "Could not initialize samr pipe!\n");
239 return NT_STATUS_UNSUCCESSFUL
;
242 slprintf (server
, sizeof(fstring
), "\\\\%s", cli
->desthost
);
245 if ((result
= cli_samr_connect(cli
, server
, MAXIMUM_ALLOWED_ACCESS
,
247 NT_STATUS_NOPROBLEMO
) {
251 got_connect_pol
= True
;
252 fetch_domain_sid(cli
);
254 if ((result
= cli_samr_open_domain(cli
, &connect_pol
,
255 MAXIMUM_ALLOWED_ACCESS
,
256 &domain_sid
, &domain_pol
))
257 != NT_STATUS_NOPROBLEMO
) {
261 got_domain_pol
= True
;
263 if ((result
= cli_samr_open_group(cli
, &domain_pol
,
264 MAXIMUM_ALLOWED_ACCESS
,
266 != NT_STATUS_NOPROBLEMO
) {
270 got_group_pol
= True
;
272 ZERO_STRUCT(group_ctr
);
274 if ((result
= cli_samr_query_groupinfo(cli
, &group_pol
, info_level
,
276 != NT_STATUS_NOPROBLEMO
) {
280 display_group_info_ctr(&group_ctr
);
283 if (got_group_pol
) cli_samr_close(cli
, &group_pol
);
284 if (got_domain_pol
) cli_samr_close(cli
, &domain_pol
);
285 if (got_connect_pol
) cli_samr_close(cli
, &connect_pol
);
287 cli_nt_session_close(cli
);
292 /* Query groups a user is a member of */
294 static uint32
cmd_samr_query_usergroups(struct cli_state
*cli
, int argc
, char **argv
)
296 POLICY_HND connect_pol
,
299 uint32 result
= NT_STATUS_UNSUCCESSFUL
;
300 BOOL got_connect_pol
= False
,
301 got_domain_pol
= False
,
302 got_user_pol
= False
;
310 printf("Usage: %s rid/name\n", argv
[0]);
314 sscanf(argv
[1], "%i", &user_rid
);
316 /* Initialise RPC connection */
317 if (!cli_nt_session_open (cli
, PIPE_SAMR
)) {
318 fprintf (stderr
, "Could not initialize samr pipe!\n");
319 return NT_STATUS_UNSUCCESSFUL
;
322 slprintf (server
, sizeof(fstring
), "\\\\%s", cli
->desthost
);
325 if ((result
= cli_samr_connect(cli
, server
, MAXIMUM_ALLOWED_ACCESS
,
327 NT_STATUS_NOPROBLEMO
) {
331 got_connect_pol
= True
;
332 fetch_domain_sid(cli
);
334 if ((result
= cli_samr_open_domain(cli
, &connect_pol
,
335 MAXIMUM_ALLOWED_ACCESS
,
336 &domain_sid
, &domain_pol
))
337 != NT_STATUS_NOPROBLEMO
) {
341 got_domain_pol
= True
;
343 if ((result
= cli_samr_open_user(cli
, &domain_pol
,
344 MAXIMUM_ALLOWED_ACCESS
,
345 user_rid
, &user_pol
))
346 != NT_STATUS_NOPROBLEMO
) {
352 if ((result
= cli_samr_query_usergroups(cli
, &user_pol
,
353 &num_groups
, &user_gids
))
354 != NT_STATUS_NOPROBLEMO
) {
358 for (i
= 0; i
< num_groups
; i
++) {
359 printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
360 user_gids
[i
].g_rid
, user_gids
[i
].attr
);
364 if (got_user_pol
) cli_samr_close(cli
, &user_pol
);
365 if (got_domain_pol
) cli_samr_close(cli
, &domain_pol
);
366 if (got_connect_pol
) cli_samr_close(cli
, &connect_pol
);
368 cli_nt_session_close(cli
);
373 /* Query members of a group */
375 static uint32
cmd_samr_query_groupmem(struct cli_state
*cli
, int argc
, char **argv
)
377 POLICY_HND connect_pol
, domain_pol
, group_pol
;
378 uint32 result
= NT_STATUS_UNSUCCESSFUL
;
379 BOOL got_connect_pol
= False
,
380 got_domain_pol
= False
,
381 got_group_pol
= False
;
382 uint32 num_members
, *group_rids
, *group_attrs
, group_rid
;
387 printf("Usage: %s rid/name\n", argv
[0]);
391 sscanf(argv
[1], "%i", &group_rid
);
393 /* Initialise RPC connection */
394 if (!cli_nt_session_open (cli
, PIPE_SAMR
)) {
395 fprintf (stderr
, "Could not initialize samr pipe!\n");
396 return NT_STATUS_UNSUCCESSFUL
;
399 slprintf (server
, sizeof(fstring
), "\\\\%s", cli
->desthost
);
402 if ((result
= cli_samr_connect(cli
, server
, MAXIMUM_ALLOWED_ACCESS
,
404 NT_STATUS_NOPROBLEMO
) {
408 got_connect_pol
= True
;
409 fetch_domain_sid(cli
);
411 if ((result
= cli_samr_open_domain(cli
, &connect_pol
,
412 MAXIMUM_ALLOWED_ACCESS
,
413 &domain_sid
, &domain_pol
))
414 != NT_STATUS_NOPROBLEMO
) {
418 got_domain_pol
= True
;
420 if ((result
= cli_samr_open_group(cli
, &domain_pol
,
421 MAXIMUM_ALLOWED_ACCESS
,
422 group_rid
, &group_pol
))
423 != NT_STATUS_NOPROBLEMO
) {
427 got_group_pol
= True
;
429 if ((result
= cli_samr_query_groupmem(cli
, &group_pol
,
430 &num_members
, &group_rids
,
432 != NT_STATUS_NOPROBLEMO
) {
436 for (i
= 0; i
< num_members
; i
++) {
437 printf("\trid:[0x%x] attr:[0x%x]\n", group_rids
[i
],
442 if (got_group_pol
) cli_samr_close(cli
, &group_pol
);
443 if (got_domain_pol
) cli_samr_close(cli
, &domain_pol
);
444 if (got_connect_pol
) cli_samr_close(cli
, &connect_pol
);
446 cli_nt_session_close(cli
);
451 /* List of commands exported by this module */
453 struct cmd_set samr_commands
[] = {
454 { "SAMR", NULL
, "" },
455 { "queryuser", cmd_samr_query_user
, "Query user info" },
456 { "querygroup", cmd_samr_query_group
, "Query group info" },
457 { "queryusergroups", cmd_samr_query_usergroups
, "Query user groups" },
458 { "querygroupmem", cmd_samr_query_groupmem
, "Query group membership" },