1 /*tries to set privileges for an account*/
6 #define BIGGEST_UINT32 0xffffffff
8 int main(int argc
, char **argv
) {
9 CacServerHandle
*hnd
= NULL
;
10 TALLOC_CTX
*mem_ctx
= NULL
;
12 struct LsaOpenPolicy lop
;
13 struct LsaEnumPrivileges ep
;
14 struct LsaEnumAccountRights ar
;
15 struct LsaAddPrivileges ap
;
21 mem_ctx
= talloc_init("lsapriv");
23 hnd
= cac_NewServerHandle(True
);
25 cac_SetAuthDataFn(hnd
, cactest_GetAuthDataFn
);
27 cac_parse_cmd_line(argc
, argv
, hnd
);
29 if(!cac_Connect(hnd
, NULL
)) {
30 fprintf(stderr
, "Could not connect to server %s. Error: %s\n", hnd
->server
, nt_errstr(hnd
->status
));
36 lop
.in
.access
= SEC_RIGHT_MAXIMUM_ALLOWED
;
38 if(!cac_LsaOpenPolicy(hnd
, mem_ctx
, &lop
)) {
39 fprintf(stderr
, "Could not open LSA policy. Error: %s\n", nt_errstr(hnd
->status
));
43 /*first enumerate possible privileges*/
46 ep
.in
.pol
= lop
.out
.pol
;
47 ep
.in
.pref_max_privs
= BIGGEST_UINT32
;
49 printf("Enumerating supported privileges:\n");
50 while(cac_LsaEnumPrivileges(hnd
, mem_ctx
, &ep
)) {
51 for(i
= 0; i
< ep
.out
.num_privs
; i
++) {
52 printf("\t%s\n", ep
.out
.priv_names
[i
]);
56 if(CAC_OP_FAILED(hnd
->status
)) {
57 fprintf(stderr
, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd
->status
));
61 printf("Enter account name: ");
62 cactest_readline(stdin
, tmp
);
66 ar
.in
.pol
= lop
.out
.pol
;
67 ar
.in
.name
= talloc_strdup(mem_ctx
, tmp
);
69 printf("Enumerating privileges for %s:\n", ar
.in
.name
);
70 if(!cac_LsaEnumAccountRights(hnd
, mem_ctx
, &ar
)) {
71 fprintf(stderr
, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd
->status
));
75 printf("Enumerated %d privileges:\n", ar
.out
.num_privs
);
77 for(i
= 0; i
< ar
.out
.num_privs
; i
++)
78 printf("\t%s\n", ar
.out
.priv_names
[i
]);
82 ap
.in
.pol
= lop
.out
.pol
;
83 ap
.in
.name
= ar
.in
.name
;
85 printf("How many privileges will you set: ");
86 scanf("%d", &ap
.in
.num_privs
);
88 ap
.in
.priv_names
= talloc_array(mem_ctx
, char *, ap
.in
.num_privs
);
89 if(!ap
.in
.priv_names
) {
90 fprintf(stderr
, "No memory\n");
94 for(i
= 0; i
< ap
.in
.num_privs
; i
++) {
95 printf("Enter priv %d: ", i
);
96 cactest_readline(stdin
, tmp
);
98 ap
.in
.priv_names
[i
] = talloc_strdup(mem_ctx
, tmp
);
101 if(!cac_LsaSetPrivileges(hnd
, mem_ctx
, &ap
)) {
102 fprintf(stderr
, "Could not set privileges. Error: %s\n", nt_errstr(hnd
->status
));
107 talloc_destroy(mem_ctx
);