2 Unix SMB/CIFS implementation.
5 Copyright (C) Andrew Tridgell 1992-2000,
6 Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 Copyright (C) Elrond 2000,
8 Copyright (C) Tim Potter 2000
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
26 #include "rpcclient.h"
28 extern DOM_SID domain_sid
;
30 /****************************************************************************
31 display sam_user_info_7 structure
32 ****************************************************************************/
33 static void display_sam_user_info_7(SAM_USER_INFO_7
*usr
)
37 unistr2_to_ascii(temp
, &usr
->uni_name
, sizeof(temp
)-1);
38 printf("\tUser Name :\t%s\n", temp
);
41 /****************************************************************************
42 display sam_user_info_9 structure
43 ****************************************************************************/
44 static void display_sam_user_info_9(SAM_USER_INFO_9
*usr
)
46 printf("\tPrimary group RID :\tox%x\n", usr
->rid_group
);
49 /****************************************************************************
50 display sam_user_info_21 structure
51 ****************************************************************************/
52 static void display_sam_user_info_21(SAM_USER_INFO_21
*usr
)
56 unistr2_to_ascii(temp
, &usr
->uni_user_name
, sizeof(temp
)-1);
57 printf("\tUser Name :\t%s\n", temp
);
59 unistr2_to_ascii(temp
, &usr
->uni_full_name
, sizeof(temp
)-1);
60 printf("\tFull Name :\t%s\n", temp
);
62 unistr2_to_ascii(temp
, &usr
->uni_home_dir
, sizeof(temp
)-1);
63 printf("\tHome Drive :\t%s\n", temp
);
65 unistr2_to_ascii(temp
, &usr
->uni_dir_drive
, sizeof(temp
)-1);
66 printf("\tDir Drive :\t%s\n", temp
);
68 unistr2_to_ascii(temp
, &usr
->uni_profile_path
, sizeof(temp
)-1);
69 printf("\tProfile Path:\t%s\n", temp
);
71 unistr2_to_ascii(temp
, &usr
->uni_logon_script
, sizeof(temp
)-1);
72 printf("\tLogon Script:\t%s\n", temp
);
74 unistr2_to_ascii(temp
, &usr
->uni_acct_desc
, sizeof(temp
)-1);
75 printf("\tDescription :\t%s\n", temp
);
77 unistr2_to_ascii(temp
, &usr
->uni_workstations
, sizeof(temp
)-1);
78 printf("\tWorkstations:\t%s\n", temp
);
80 unistr2_to_ascii(temp
, &usr
->uni_comment
, sizeof(temp
)-1);
81 printf("\tUnknown Str :\t%s\n", temp
);
83 unistr2_to_ascii(temp
, &usr
->uni_munged_dial
, sizeof(temp
)-1);
84 printf("\tRemote Dial :\t%s\n", temp
);
86 printf("\tLogon Time :\t%s\n",
87 http_timestring(nt_time_to_unix(usr
->logon_time
)));
88 printf("\tLogoff Time :\t%s\n",
89 http_timestring(nt_time_to_unix(usr
->logoff_time
)));
90 printf("\tKickoff Time :\t%s\n",
91 http_timestring(nt_time_to_unix(usr
->kickoff_time
)));
92 printf("\tPassword last set Time :\t%s\n",
93 http_timestring(nt_time_to_unix(usr
->pass_last_set_time
)));
94 printf("\tPassword can change Time :\t%s\n",
95 http_timestring(nt_time_to_unix(usr
->pass_can_change_time
)));
96 printf("\tPassword must change Time:\t%s\n",
97 http_timestring(nt_time_to_unix(usr
->pass_must_change_time
)));
99 printf("\tunknown_2[0..31]...\n"); /* user passwords? */
101 printf("\tuser_rid :\t0x%x\n" , usr
->user_rid
); /* User ID */
102 printf("\tgroup_rid:\t0x%x\n" , usr
->group_rid
); /* Group ID */
103 printf("\tacb_info :\t0x%08x\n", usr
->acb_info
); /* Account Control Info */
105 printf("\tfields_present:\t0x%08x\n", usr
->fields_present
); /* 0x00ff ffff */
106 printf("\tlogon_divs:\t%d\n", usr
->logon_divs
); /* 0x0000 00a8 which is 168 which is num hrs in a week */
107 printf("\tbad_password_count:\t0x%08x\n", usr
->bad_password_count
);
108 printf("\tlogon_count:\t0x%08x\n", usr
->logon_count
);
110 printf("\tpadding1[0..7]...\n");
112 if (usr
->ptr_logon_hrs
) {
113 printf("\tlogon_hrs[0..%d]...\n", usr
->logon_hrs
.len
);
118 static void display_password_properties(uint32 password_properties
)
120 printf("password_properties: 0x%08x\n", password_properties
);
122 if (password_properties
& DOMAIN_PASSWORD_COMPLEX
)
123 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
125 if (password_properties
& DOMAIN_PASSWORD_NO_ANON_CHANGE
)
126 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
128 if (password_properties
& DOMAIN_PASSWORD_NO_CLEAR_CHANGE
)
129 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
131 if (password_properties
& DOMAIN_LOCKOUT_ADMINS
)
132 printf("\tDOMAIN_LOCKOUT_ADMINS\n");
134 if (password_properties
& DOMAIN_PASSWORD_STORE_CLEARTEXT
)
135 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
137 if (password_properties
& DOMAIN_REFUSE_PASSWORD_CHANGE
)
138 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
141 static void display_sam_unk_info_1(SAM_UNK_INFO_1
*info1
)
144 printf("Minimum password length:\t\t\t%d\n", info1
->min_length_password
);
145 printf("Password uniqueness (remember x passwords):\t%d\n", info1
->password_history
);
146 display_password_properties(info1
->password_properties
);
147 printf("password expire in:\t\t\t\t%s\n", display_time(info1
->expire
));
148 printf("Min password age (allow changing in x days):\t%s\n", display_time(info1
->min_passwordage
));
151 static void display_sam_unk_info_2(SAM_UNK_INFO_2
*info2
)
155 unistr2_to_ascii(name
, &info2
->uni_domain
, sizeof(name
) - 1);
156 printf("Domain:\t\t%s\n", name
);
158 unistr2_to_ascii(name
, &info2
->uni_server
, sizeof(name
) - 1);
159 printf("Server:\t\t%s\n", name
);
161 unistr2_to_ascii(name
, &info2
->uni_comment
, sizeof(name
) - 1);
162 printf("Comment:\t%s\n", name
);
164 printf("Total Users:\t%d\n", info2
->num_domain_usrs
);
165 printf("Total Groups:\t%d\n", info2
->num_domain_grps
);
166 printf("Total Aliases:\t%d\n", info2
->num_local_grps
);
168 printf("Sequence No:\t%llu\n", (unsigned long long)info2
->seq_num
);
170 printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2
->logout
));
172 printf("Unknown 4:\t0x%x\n", info2
->unknown_4
);
173 printf("Server Role:\t%s\n", server_role_str(info2
->server_role
));
174 printf("Unknown 6:\t0x%x\n", info2
->unknown_6
);
177 static void display_sam_unk_info_3(SAM_UNK_INFO_3
*info3
)
179 printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info3
->logout
));
182 static void display_sam_unk_info_4(SAM_UNK_INFO_4
*info4
)
186 unistr2_to_ascii(name
, &info4
->uni_comment
, sizeof(name
) - 1);
187 printf("Comment:\t%s\n", name
);
190 static void display_sam_unk_info_5(SAM_UNK_INFO_5
*info5
)
194 unistr2_to_ascii(name
, &info5
->uni_domain
, sizeof(name
) - 1);
195 printf("Domain:\t\t%s\n", name
);
198 static void display_sam_unk_info_6(SAM_UNK_INFO_6
*info6
)
202 unistr2_to_ascii(name
, &info6
->uni_server
, sizeof(name
) - 1);
203 printf("Server:\t\t%s\n", name
);
206 static void display_sam_unk_info_7(SAM_UNK_INFO_7
*info7
)
208 printf("Server Role:\t%s\n", server_role_str(info7
->server_role
));
211 static void display_sam_unk_info_8(SAM_UNK_INFO_8
*info8
)
213 printf("Sequence No:\t%llu\n", (unsigned long long)info8
->seq_num
);
214 printf("Domain Create Time:\t%s\n",
215 http_timestring(nt_time_to_unix(info8
->domain_create_time
)));
218 static void display_sam_unk_info_9(SAM_UNK_INFO_9
*info9
)
220 printf("unknown:\t%d (0x%08x)\n", info9
->unknown
, info9
->unknown
);
223 static void display_sam_unk_info_12(SAM_UNK_INFO_12
*info12
)
225 printf("Bad password lockout duration: %s\n", display_time(info12
->duration
));
226 printf("Reset Lockout after: %s\n", display_time(info12
->reset_count
));
227 printf("Lockout after bad attempts: %d\n", info12
->bad_attempt_lockout
);
230 static void display_sam_unk_info_13(SAM_UNK_INFO_13
*info13
)
232 printf("Sequence No:\t%llu\n", (unsigned long long)info13
->seq_num
);
233 printf("Domain Create Time:\t%s\n",
234 http_timestring(nt_time_to_unix(info13
->domain_create_time
)));
235 printf("Unknown1:\t%d\n", info13
->unknown1
);
236 printf("Unknown2:\t%d\n", info13
->unknown2
);
240 static void display_sam_info_1(SAM_ENTRY1
*e1
, SAM_STR1
*s1
)
244 printf("index: 0x%x ", e1
->user_idx
);
245 printf("RID: 0x%x ", e1
->rid_user
);
246 printf("acb: 0x%x ", e1
->acb_info
);
248 unistr2_to_ascii(tmp
, &s1
->uni_acct_name
, sizeof(tmp
)-1);
249 printf("Account: %s\t", tmp
);
251 unistr2_to_ascii(tmp
, &s1
->uni_full_name
, sizeof(tmp
)-1);
252 printf("Name: %s\t", tmp
);
254 unistr2_to_ascii(tmp
, &s1
->uni_acct_desc
, sizeof(tmp
)-1);
255 printf("Desc: %s\n", tmp
);
258 static void display_sam_info_2(SAM_ENTRY2
*e2
, SAM_STR2
*s2
)
262 printf("index: 0x%x ", e2
->user_idx
);
263 printf("RID: 0x%x ", e2
->rid_user
);
264 printf("acb: 0x%x ", e2
->acb_info
);
266 unistr2_to_ascii(tmp
, &s2
->uni_srv_name
, sizeof(tmp
)-1);
267 printf("Account: %s\t", tmp
);
269 unistr2_to_ascii(tmp
, &s2
->uni_srv_desc
, sizeof(tmp
)-1);
270 printf("Name: %s\n", tmp
);
274 static void display_sam_info_3(SAM_ENTRY3
*e3
, SAM_STR3
*s3
)
278 printf("index: 0x%x ", e3
->grp_idx
);
279 printf("RID: 0x%x ", e3
->rid_grp
);
280 printf("attr: 0x%x ", e3
->attr
);
282 unistr2_to_ascii(tmp
, &s3
->uni_grp_name
, sizeof(tmp
)-1);
283 printf("Account: %s\t", tmp
);
285 unistr2_to_ascii(tmp
, &s3
->uni_grp_desc
, sizeof(tmp
)-1);
286 printf("Name: %s\n", tmp
);
290 static void display_sam_info_4(SAM_ENTRY4
*e4
, SAM_STR4
*s4
)
294 printf("index: %d ", e4
->user_idx
);
297 for (i
=0; i
<s4
->acct_name
.str_str_len
; i
++)
298 printf("%c", s4
->acct_name
.buffer
[i
]);
303 static void display_sam_info_5(SAM_ENTRY5
*e5
, SAM_STR5
*s5
)
307 printf("index: 0x%x ", e5
->grp_idx
);
310 for (i
=0; i
<s5
->grp_name
.str_str_len
; i
++)
311 printf("%c", s5
->grp_name
.buffer
[i
]);
316 /****************************************************************************
317 Try samr_connect4 first, then samr_conenct if it fails
318 ****************************************************************************/
319 static NTSTATUS
try_samr_connects(struct rpc_pipe_client
*cli
, TALLOC_CTX
*mem_ctx
,
320 uint32 access_mask
, POLICY_HND
*connect_pol
)
322 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
324 result
= rpccli_samr_connect4(cli
, mem_ctx
, access_mask
, connect_pol
);
325 if (!NT_STATUS_IS_OK(result
)) {
326 result
= rpccli_samr_connect(cli
, mem_ctx
, access_mask
,
332 /**********************************************************************
333 * Query user information
335 static NTSTATUS
cmd_samr_query_user(struct rpc_pipe_client
*cli
,
337 int argc
, const char **argv
)
339 POLICY_HND connect_pol
, domain_pol
, user_pol
;
340 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
341 uint32 info_level
= 21;
342 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
343 SAM_USERINFO_CTR
*user_ctr
;
347 if ((argc
< 2) || (argc
> 4)) {
348 printf("Usage: %s rid [info level] [access mask] \n", argv
[0]);
352 sscanf(argv
[1], "%i", &user_rid
);
355 sscanf(argv
[2], "%i", &info_level
);
358 sscanf(argv
[3], "%x", &access_mask
);
361 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
364 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
367 if (!NT_STATUS_IS_OK(result
))
370 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
371 MAXIMUM_ALLOWED_ACCESS
,
372 &domain_sid
, &domain_pol
);
374 if (!NT_STATUS_IS_OK(result
))
377 result
= rpccli_samr_open_user(cli
, mem_ctx
, &domain_pol
,
379 user_rid
, &user_pol
);
381 if (NT_STATUS_EQUAL(result
, NT_STATUS_NO_SUCH_USER
) &&
384 /* Probably this was a user name, try lookupnames */
386 uint32
*rids
, *types
;
388 result
= rpccli_samr_lookup_names(cli
, mem_ctx
, &domain_pol
,
393 if (NT_STATUS_IS_OK(result
)) {
394 result
= rpccli_samr_open_user(cli
, mem_ctx
,
402 if (!NT_STATUS_IS_OK(result
))
405 ZERO_STRUCT(user_ctr
);
407 result
= rpccli_samr_query_userinfo(cli
, mem_ctx
, &user_pol
,
408 info_level
, &user_ctr
);
410 if (!NT_STATUS_IS_OK(result
))
413 switch (user_ctr
->switch_value
) {
415 display_sam_user_info_21(user_ctr
->info
.id21
);
418 display_sam_user_info_7(user_ctr
->info
.id7
);
421 display_sam_user_info_9(user_ctr
->info
.id9
);
424 printf("Unsupported infolevel: %d\n", info_level
);
428 rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
429 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
430 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
436 /****************************************************************************
438 ****************************************************************************/
439 static void display_group_info1(GROUP_INFO1
*info1
)
443 unistr2_to_ascii(temp
, &info1
->uni_acct_name
, sizeof(temp
)-1);
444 printf("\tGroup Name:\t%s\n", temp
);
445 unistr2_to_ascii(temp
, &info1
->uni_acct_desc
, sizeof(temp
)-1);
446 printf("\tDescription:\t%s\n", temp
);
447 printf("\tGroup Attribute:%d\n", info1
->group_attr
);
448 printf("\tNum Members:%d\n", info1
->num_members
);
451 /****************************************************************************
453 ****************************************************************************/
454 static void display_group_info2(GROUP_INFO2
*info2
)
458 unistr2_to_ascii(name
, &info2
->uni_acct_name
, sizeof(name
)-1);
459 printf("\tGroup Description:%s\n", name
);
463 /****************************************************************************
465 ****************************************************************************/
466 static void display_group_info3(GROUP_INFO3
*info3
)
468 printf("\tGroup Attribute:%d\n", info3
->group_attr
);
472 /****************************************************************************
474 ****************************************************************************/
475 static void display_group_info4(GROUP_INFO4
*info4
)
479 unistr2_to_ascii(desc
, &info4
->uni_acct_desc
, sizeof(desc
)-1);
480 printf("\tGroup Description:%s\n", desc
);
483 /****************************************************************************
485 ****************************************************************************/
486 static void display_group_info5(GROUP_INFO5
*info5
)
490 unistr2_to_ascii(temp
, &info5
->uni_acct_name
, sizeof(temp
)-1);
491 printf("\tGroup Name:\t%s\n", temp
);
492 unistr2_to_ascii(temp
, &info5
->uni_acct_desc
, sizeof(temp
)-1);
493 printf("\tDescription:\t%s\n", temp
);
494 printf("\tGroup Attribute:%d\n", info5
->group_attr
);
495 printf("\tNum Members:%d\n", info5
->num_members
);
498 /****************************************************************************
499 display sam sync structure
500 ****************************************************************************/
501 static void display_group_info_ctr(GROUP_INFO_CTR
*ctr
)
503 switch (ctr
->switch_value1
) {
505 display_group_info1(&ctr
->group
.info1
);
508 display_group_info2(&ctr
->group
.info2
);
511 display_group_info3(&ctr
->group
.info3
);
514 display_group_info4(&ctr
->group
.info4
);
517 display_group_info5(&ctr
->group
.info5
);
523 /***********************************************************************
524 * Query group information
526 static NTSTATUS
cmd_samr_query_group(struct rpc_pipe_client
*cli
,
528 int argc
, const char **argv
)
530 POLICY_HND connect_pol
, domain_pol
, group_pol
;
531 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
532 uint32 info_level
= 1;
533 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
534 GROUP_INFO_CTR
*group_ctr
;
538 if ((argc
< 2) || (argc
> 4)) {
539 printf("Usage: %s rid [info level] [access mask]\n", argv
[0]);
543 sscanf(argv
[1], "%i", &group_rid
);
546 sscanf(argv
[2], "%i", &info_level
);
549 sscanf(argv
[3], "%x", &access_mask
);
551 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
554 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
557 if (!NT_STATUS_IS_OK(result
))
560 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
561 MAXIMUM_ALLOWED_ACCESS
,
562 &domain_sid
, &domain_pol
);
564 if (!NT_STATUS_IS_OK(result
))
567 result
= rpccli_samr_open_group(cli
, mem_ctx
, &domain_pol
,
569 group_rid
, &group_pol
);
571 if (!NT_STATUS_IS_OK(result
))
574 result
= rpccli_samr_query_groupinfo(cli
, mem_ctx
, &group_pol
,
575 info_level
, &group_ctr
);
576 if (!NT_STATUS_IS_OK(result
)) {
580 display_group_info_ctr(group_ctr
);
582 rpccli_samr_close(cli
, mem_ctx
, &group_pol
);
583 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
584 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
589 /* Query groups a user is a member of */
591 static NTSTATUS
cmd_samr_query_usergroups(struct rpc_pipe_client
*cli
,
593 int argc
, const char **argv
)
595 POLICY_HND connect_pol
,
598 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
601 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
606 if ((argc
< 2) || (argc
> 3)) {
607 printf("Usage: %s rid [access mask]\n", argv
[0]);
611 sscanf(argv
[1], "%i", &user_rid
);
614 sscanf(argv
[2], "%x", &access_mask
);
616 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
619 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
622 if (!NT_STATUS_IS_OK(result
))
625 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
626 MAXIMUM_ALLOWED_ACCESS
,
627 &domain_sid
, &domain_pol
);
629 if (!NT_STATUS_IS_OK(result
))
632 result
= rpccli_samr_open_user(cli
, mem_ctx
, &domain_pol
,
634 user_rid
, &user_pol
);
636 if (!NT_STATUS_IS_OK(result
))
639 result
= rpccli_samr_query_usergroups(cli
, mem_ctx
, &user_pol
,
640 &num_groups
, &user_gids
);
642 if (!NT_STATUS_IS_OK(result
))
645 for (i
= 0; i
< num_groups
; i
++) {
646 printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
647 user_gids
[i
].g_rid
, user_gids
[i
].attr
);
650 rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
651 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
652 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
657 /* Query aliases a user is a member of */
659 static NTSTATUS
cmd_samr_query_useraliases(struct rpc_pipe_client
*cli
,
661 int argc
, const char **argv
)
663 POLICY_HND connect_pol
, domain_pol
;
664 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
667 uint32 num_aliases
, *alias_rids
;
668 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
674 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv
[0]);
675 return NT_STATUS_INVALID_PARAMETER
;
681 for (i
=2; i
<argc
; i
++) {
683 if (!string_to_sid(&tmp_sid
, argv
[i
])) {
684 printf("%s is not a legal SID\n", argv
[i
]);
685 return NT_STATUS_INVALID_PARAMETER
;
687 if (!add_sid_to_array(mem_ctx
, &tmp_sid
, &sids
, &num_sids
)) {
688 return NT_STATUS_NO_MEMORY
;
692 sid2
= TALLOC_ARRAY(mem_ctx
, DOM_SID2
, num_sids
);
694 return NT_STATUS_NO_MEMORY
;
696 for (i
=0; i
<num_sids
; i
++) {
697 sid_copy(&sid2
[i
].sid
, &sids
[i
]);
698 sid2
[i
].num_auths
= sid2
[i
].sid
.num_auths
;
701 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
704 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
707 if (!NT_STATUS_IS_OK(result
))
710 if (StrCaseCmp(argv
[1], "domain")==0)
711 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
713 &domain_sid
, &domain_pol
);
714 else if (StrCaseCmp(argv
[1], "builtin")==0)
715 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
720 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv
[0]);
721 return NT_STATUS_INVALID_PARAMETER
;
724 if (!NT_STATUS_IS_OK(result
))
727 result
= rpccli_samr_query_useraliases(cli
, mem_ctx
, &domain_pol
,
729 &num_aliases
, &alias_rids
);
731 if (!NT_STATUS_IS_OK(result
))
734 for (i
= 0; i
< num_aliases
; i
++) {
735 printf("\tgroup rid:[0x%x]\n", alias_rids
[i
]);
738 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
739 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
744 /* Query members of a group */
746 static NTSTATUS
cmd_samr_query_groupmem(struct rpc_pipe_client
*cli
,
748 int argc
, const char **argv
)
750 POLICY_HND connect_pol
, domain_pol
, group_pol
;
751 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
752 uint32 num_members
, *group_rids
, *group_attrs
, group_rid
;
753 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
756 unsigned int old_timeout
;
758 if ((argc
< 2) || (argc
> 3)) {
759 printf("Usage: %s rid [access mask]\n", argv
[0]);
763 sscanf(argv
[1], "%i", &group_rid
);
766 sscanf(argv
[2], "%x", &access_mask
);
768 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
771 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
774 if (!NT_STATUS_IS_OK(result
))
777 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
778 MAXIMUM_ALLOWED_ACCESS
,
779 &domain_sid
, &domain_pol
);
781 if (!NT_STATUS_IS_OK(result
))
784 result
= rpccli_samr_open_group(cli
, mem_ctx
, &domain_pol
,
786 group_rid
, &group_pol
);
788 if (!NT_STATUS_IS_OK(result
))
791 /* Make sure to wait for our DC's reply */
792 old_timeout
= cli_set_timeout(cli
->cli
, MAX(cli
->cli
->timeout
,30000)); /* 30 seconds. */
794 result
= rpccli_samr_query_groupmem(cli
, mem_ctx
, &group_pol
,
795 &num_members
, &group_rids
,
798 cli_set_timeout(cli
->cli
, old_timeout
);
800 if (!NT_STATUS_IS_OK(result
))
803 for (i
= 0; i
< num_members
; i
++) {
804 printf("\trid:[0x%x] attr:[0x%x]\n", group_rids
[i
],
808 rpccli_samr_close(cli
, mem_ctx
, &group_pol
);
809 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
810 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
815 /* Enumerate domain users */
817 static NTSTATUS
cmd_samr_enum_dom_users(struct rpc_pipe_client
*cli
,
819 int argc
, const char **argv
)
821 POLICY_HND connect_pol
, domain_pol
;
822 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
823 uint32 start_idx
, size
, num_dom_users
, i
;
826 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
827 uint32 acb_mask
= ACB_NORMAL
;
828 BOOL got_connect_pol
= False
, got_domain_pol
= False
;
830 if ((argc
< 1) || (argc
> 3)) {
831 printf("Usage: %s [access_mask] [acb_mask]\n", argv
[0]);
836 sscanf(argv
[1], "%x", &access_mask
);
839 sscanf(argv
[2], "%x", &acb_mask
);
841 /* Get sam policy handle */
843 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
846 if (!NT_STATUS_IS_OK(result
))
849 got_connect_pol
= True
;
851 /* Get domain policy handle */
853 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
855 &domain_sid
, &domain_pol
);
857 if (!NT_STATUS_IS_OK(result
))
860 got_domain_pol
= True
;
862 /* Enumerate domain users */
868 result
= rpccli_samr_enum_dom_users(
869 cli
, mem_ctx
, &domain_pol
, &start_idx
, acb_mask
,
870 size
, &dom_users
, &dom_rids
, &num_dom_users
);
872 if (NT_STATUS_IS_OK(result
) ||
873 NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
875 for (i
= 0; i
< num_dom_users
; i
++)
876 printf("user:[%s] rid:[0x%x]\n",
877 dom_users
[i
], dom_rids
[i
]);
880 } while (NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
));
884 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
887 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
892 /* Enumerate domain groups */
894 static NTSTATUS
cmd_samr_enum_dom_groups(struct rpc_pipe_client
*cli
,
896 int argc
, const char **argv
)
898 POLICY_HND connect_pol
, domain_pol
;
899 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
900 uint32 start_idx
, size
, num_dom_groups
, i
;
901 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
902 struct acct_info
*dom_groups
;
903 BOOL got_connect_pol
= False
, got_domain_pol
= False
;
905 if ((argc
< 1) || (argc
> 2)) {
906 printf("Usage: %s [access_mask]\n", argv
[0]);
911 sscanf(argv
[1], "%x", &access_mask
);
913 /* Get sam policy handle */
915 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
918 if (!NT_STATUS_IS_OK(result
))
921 got_connect_pol
= True
;
923 /* Get domain policy handle */
925 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
927 &domain_sid
, &domain_pol
);
929 if (!NT_STATUS_IS_OK(result
))
932 got_domain_pol
= True
;
934 /* Enumerate domain groups */
940 result
= rpccli_samr_enum_dom_groups(
941 cli
, mem_ctx
, &domain_pol
, &start_idx
, size
,
942 &dom_groups
, &num_dom_groups
);
944 if (NT_STATUS_IS_OK(result
) ||
945 NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
947 for (i
= 0; i
< num_dom_groups
; i
++)
948 printf("group:[%s] rid:[0x%x]\n",
949 dom_groups
[i
].acct_name
,
953 } while (NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
));
957 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
960 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
965 /* Enumerate alias groups */
967 static NTSTATUS
cmd_samr_enum_als_groups(struct rpc_pipe_client
*cli
,
969 int argc
, const char **argv
)
971 POLICY_HND connect_pol
, domain_pol
;
972 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
973 uint32 start_idx
, size
, num_als_groups
, i
;
974 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
975 struct acct_info
*als_groups
;
976 BOOL got_connect_pol
= False
, got_domain_pol
= False
;
978 if ((argc
< 2) || (argc
> 3)) {
979 printf("Usage: %s builtin|domain [access mask]\n", argv
[0]);
984 sscanf(argv
[2], "%x", &access_mask
);
986 /* Get sam policy handle */
988 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
991 if (!NT_STATUS_IS_OK(result
))
994 got_connect_pol
= True
;
996 /* Get domain policy handle */
998 if (StrCaseCmp(argv
[1], "domain")==0)
999 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1001 &domain_sid
, &domain_pol
);
1002 else if (StrCaseCmp(argv
[1], "builtin")==0)
1003 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1005 &global_sid_Builtin
, &domain_pol
);
1007 return NT_STATUS_OK
;
1009 if (!NT_STATUS_IS_OK(result
))
1012 got_domain_pol
= True
;
1014 /* Enumerate alias groups */
1017 size
= 0xffff; /* Number of groups to retrieve */
1020 result
= rpccli_samr_enum_als_groups(
1021 cli
, mem_ctx
, &domain_pol
, &start_idx
, size
,
1022 &als_groups
, &num_als_groups
);
1024 if (NT_STATUS_IS_OK(result
) ||
1025 NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
)) {
1027 for (i
= 0; i
< num_als_groups
; i
++)
1028 printf("group:[%s] rid:[0x%x]\n",
1029 als_groups
[i
].acct_name
,
1032 } while (NT_STATUS_V(result
) == NT_STATUS_V(STATUS_MORE_ENTRIES
));
1036 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1038 if (got_connect_pol
)
1039 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1044 /* Query alias membership */
1046 static NTSTATUS
cmd_samr_query_aliasmem(struct rpc_pipe_client
*cli
,
1047 TALLOC_CTX
*mem_ctx
,
1048 int argc
, const char **argv
)
1050 POLICY_HND connect_pol
, domain_pol
, alias_pol
;
1051 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1052 uint32 alias_rid
, num_members
, i
;
1053 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1054 DOM_SID
*alias_sids
;
1056 if ((argc
< 3) || (argc
> 4)) {
1057 printf("Usage: %s builtin|domain rid [access mask]\n", argv
[0]);
1058 return NT_STATUS_OK
;
1061 sscanf(argv
[2], "%i", &alias_rid
);
1064 sscanf(argv
[3], "%x", &access_mask
);
1066 /* Open SAMR handle */
1068 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1071 if (!NT_STATUS_IS_OK(result
))
1074 /* Open handle on domain */
1076 if (StrCaseCmp(argv
[1], "domain")==0)
1077 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1078 MAXIMUM_ALLOWED_ACCESS
,
1079 &domain_sid
, &domain_pol
);
1080 else if (StrCaseCmp(argv
[1], "builtin")==0)
1081 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1082 MAXIMUM_ALLOWED_ACCESS
,
1083 &global_sid_Builtin
, &domain_pol
);
1085 return NT_STATUS_OK
;
1087 if (!NT_STATUS_IS_OK(result
))
1090 /* Open handle on alias */
1092 result
= rpccli_samr_open_alias(cli
, mem_ctx
, &domain_pol
,
1094 alias_rid
, &alias_pol
);
1095 if (!NT_STATUS_IS_OK(result
))
1098 result
= rpccli_samr_query_aliasmem(cli
, mem_ctx
, &alias_pol
,
1099 &num_members
, &alias_sids
);
1101 if (!NT_STATUS_IS_OK(result
))
1104 for (i
= 0; i
< num_members
; i
++) {
1107 sid_to_string(sid_str
, &alias_sids
[i
]);
1108 printf("\tsid:[%s]\n", sid_str
);
1111 rpccli_samr_close(cli
, mem_ctx
, &alias_pol
);
1112 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1113 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1118 /* Query delete an alias membership */
1120 static NTSTATUS
cmd_samr_delete_alias(struct rpc_pipe_client
*cli
,
1121 TALLOC_CTX
*mem_ctx
,
1122 int argc
, const char **argv
)
1124 POLICY_HND connect_pol
, domain_pol
, alias_pol
;
1125 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1127 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1130 printf("Usage: %s builtin|domain [rid|name]\n", argv
[0]);
1131 return NT_STATUS_OK
;
1134 alias_rid
= strtoul(argv
[2], NULL
, 10);
1136 /* Open SAMR handle */
1138 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1141 if (!NT_STATUS_IS_OK(result
))
1144 /* Open handle on domain */
1146 if (StrCaseCmp(argv
[1], "domain")==0)
1147 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1148 MAXIMUM_ALLOWED_ACCESS
,
1149 &domain_sid
, &domain_pol
);
1150 else if (StrCaseCmp(argv
[1], "builtin")==0)
1151 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1152 MAXIMUM_ALLOWED_ACCESS
,
1153 &global_sid_Builtin
, &domain_pol
);
1155 return NT_STATUS_INVALID_PARAMETER
;
1157 if (!NT_STATUS_IS_OK(result
))
1160 /* Open handle on alias */
1162 result
= rpccli_samr_open_alias(cli
, mem_ctx
, &domain_pol
,
1164 alias_rid
, &alias_pol
);
1165 if (!NT_STATUS_IS_OK(result
) && (alias_rid
== 0)) {
1166 /* Probably this was a user name, try lookupnames */
1168 uint32
*rids
, *types
;
1170 result
= rpccli_samr_lookup_names(cli
, mem_ctx
, &domain_pol
,
1175 if (NT_STATUS_IS_OK(result
)) {
1176 result
= rpccli_samr_open_alias(cli
, mem_ctx
,
1179 rids
[0], &alias_pol
);
1183 result
= rpccli_samr_delete_dom_alias(cli
, mem_ctx
, &alias_pol
);
1185 if (!NT_STATUS_IS_OK(result
))
1188 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1189 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1194 /* Query display info */
1196 static NTSTATUS
cmd_samr_query_dispinfo_int(struct rpc_pipe_client
*cli
,
1197 TALLOC_CTX
*mem_ctx
,
1198 int argc
, const char **argv
,
1201 POLICY_HND connect_pol
, domain_pol
;
1202 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1203 uint32 start_idx
=0, max_entries
=250, max_size
= (uint32
) -1, num_entries
, i
;
1204 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1205 uint32 info_level
= 1;
1206 SAM_DISPINFO_CTR ctr
;
1207 SAM_DISPINFO_1 info1
;
1208 SAM_DISPINFO_2 info2
;
1209 SAM_DISPINFO_3 info3
;
1210 SAM_DISPINFO_4 info4
;
1211 SAM_DISPINFO_5 info5
;
1213 BOOL got_params
= False
; /* Use get_query_dispinfo_params() or not? */
1216 printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv
[0]);
1217 return NT_STATUS_OK
;
1221 sscanf(argv
[1], "%i", &info_level
);
1224 sscanf(argv
[2], "%i", &start_idx
);
1227 sscanf(argv
[3], "%i", &max_entries
);
1232 sscanf(argv
[4], "%i", &max_size
);
1237 sscanf(argv
[5], "%x", &access_mask
);
1240 /* Get sam policy handle */
1242 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1245 if (!NT_STATUS_IS_OK(result
))
1248 /* Get domain policy handle */
1250 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1252 &domain_sid
, &domain_pol
);
1254 if (!NT_STATUS_IS_OK(result
))
1257 /* Query display info */
1262 switch (info_level
) {
1265 ctr
.sam
.info1
= &info1
;
1269 ctr
.sam
.info2
= &info2
;
1273 ctr
.sam
.info3
= &info3
;
1277 ctr
.sam
.info4
= &info4
;
1281 ctr
.sam
.info5
= &info5
;
1289 get_query_dispinfo_params(
1290 loop_count
, &max_entries
, &max_size
);
1293 case SAMR_QUERY_DISPINFO
:
1294 result
= rpccli_samr_query_dispinfo(cli
, mem_ctx
, &domain_pol
,
1295 &start_idx
, info_level
,
1296 &num_entries
, max_entries
,
1299 case SAMR_QUERY_DISPINFO2
:
1300 result
= rpccli_samr_query_dispinfo2(cli
, mem_ctx
, &domain_pol
,
1301 &start_idx
, info_level
,
1302 &num_entries
, max_entries
,
1305 case SAMR_QUERY_DISPINFO3
:
1306 result
= rpccli_samr_query_dispinfo3(cli
, mem_ctx
, &domain_pol
,
1307 &start_idx
, info_level
,
1308 &num_entries
, max_entries
,
1312 printf("unknown opcode: %d\n", opcode
);
1313 return NT_STATUS_INVALID_PARAMETER
;
1319 if (NT_STATUS_IS_ERR(result
))
1322 if (num_entries
== 0)
1325 for (i
= 0; i
< num_entries
; i
++) {
1326 switch (info_level
) {
1328 display_sam_info_1(&ctr
.sam
.info1
->sam
[i
], &ctr
.sam
.info1
->str
[i
]);
1331 display_sam_info_2(&ctr
.sam
.info2
->sam
[i
], &ctr
.sam
.info2
->str
[i
]);
1334 display_sam_info_3(&ctr
.sam
.info3
->sam
[i
], &ctr
.sam
.info3
->str
[i
]);
1337 display_sam_info_4(&ctr
.sam
.info4
->sam
[i
], &ctr
.sam
.info4
->str
[i
]);
1340 display_sam_info_5(&ctr
.sam
.info5
->sam
[i
], &ctr
.sam
.info5
->str
[i
]);
1344 } while ( NT_STATUS_EQUAL(result
, STATUS_MORE_ENTRIES
));
1346 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1347 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1352 static NTSTATUS
cmd_samr_query_dispinfo(struct rpc_pipe_client
*cli
,
1353 TALLOC_CTX
*mem_ctx
,
1354 int argc
, const char **argv
)
1356 return cmd_samr_query_dispinfo_int(cli
, mem_ctx
, argc
, argv
, SAMR_QUERY_DISPINFO
);
1359 static NTSTATUS
cmd_samr_query_dispinfo2(struct rpc_pipe_client
*cli
,
1360 TALLOC_CTX
*mem_ctx
,
1361 int argc
, const char **argv
)
1363 return cmd_samr_query_dispinfo_int(cli
, mem_ctx
, argc
, argv
, SAMR_QUERY_DISPINFO2
);
1366 static NTSTATUS
cmd_samr_query_dispinfo3(struct rpc_pipe_client
*cli
,
1367 TALLOC_CTX
*mem_ctx
,
1368 int argc
, const char **argv
)
1370 return cmd_samr_query_dispinfo_int(cli
, mem_ctx
, argc
, argv
, SAMR_QUERY_DISPINFO3
);
1373 /* Query display info index */
1375 static NTSTATUS
cmd_samr_get_dispenum_index_int(struct rpc_pipe_client
*cli
,
1376 TALLOC_CTX
*mem_ctx
,
1377 int argc
, const char **argv
,
1380 POLICY_HND connect_pol
, domain_pol
;
1381 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1382 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1383 uint16 info_level
= 1;
1386 if (argc
< 2 || argc
> 3) {
1387 printf("Usage: %s name [info level]\n", argv
[0]);
1388 return NT_STATUS_OK
;
1392 sscanf(argv
[2], "%hd", &info_level
);
1395 /* Get sam policy handle */
1397 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1400 if (!NT_STATUS_IS_OK(result
)) {
1404 /* Get domain policy handle */
1406 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1408 &domain_sid
, &domain_pol
);
1410 if (!NT_STATUS_IS_OK(result
)) {
1414 /* Query display info index */
1417 case SAMR_GET_DISPENUM_INDEX
:
1418 result
= rpccli_samr_get_dispenum_index(cli
, mem_ctx
, &domain_pol
,
1419 info_level
, argv
[1], &idx
);
1421 case SAMR_GET_DISPENUM_INDEX2
:
1422 result
= rpccli_samr_get_dispenum_index2(cli
, mem_ctx
, &domain_pol
,
1423 info_level
, argv
[1], &idx
);
1426 printf("unknown opcode\n");
1427 return NT_STATUS_INVALID_PARAMETER
;
1430 if (NT_STATUS_IS_ERR(result
)) {
1434 printf("idx is: %d (0x%08x)\n", idx
, idx
);
1436 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1437 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1442 /* Query display info index */
1444 static NTSTATUS
cmd_samr_get_dispenum_index(struct rpc_pipe_client
*cli
,
1445 TALLOC_CTX
*mem_ctx
,
1446 int argc
, const char **argv
)
1448 return cmd_samr_get_dispenum_index_int(cli
, mem_ctx
, argc
, argv
, SAMR_GET_DISPENUM_INDEX
);
1451 /* Query display info index2 */
1453 static NTSTATUS
cmd_samr_get_dispenum_index2(struct rpc_pipe_client
*cli
,
1454 TALLOC_CTX
*mem_ctx
,
1455 int argc
, const char **argv
)
1457 return cmd_samr_get_dispenum_index_int(cli
, mem_ctx
, argc
, argv
, SAMR_GET_DISPENUM_INDEX2
);
1460 /* Query domain info */
1462 static NTSTATUS
cmd_samr_query_dominfo(struct rpc_pipe_client
*cli
,
1463 TALLOC_CTX
*mem_ctx
,
1464 int argc
, const char **argv
)
1466 POLICY_HND connect_pol
, domain_pol
;
1467 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1468 uint32 switch_level
= 2;
1469 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1473 printf("Usage: %s [info level] [access mask]\n", argv
[0]);
1474 return NT_STATUS_OK
;
1478 sscanf(argv
[1], "%i", &switch_level
);
1481 sscanf(argv
[2], "%x", &access_mask
);
1483 /* Get sam policy handle */
1485 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1488 if (!NT_STATUS_IS_OK(result
))
1491 /* Get domain policy handle */
1493 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1495 &domain_sid
, &domain_pol
);
1497 if (!NT_STATUS_IS_OK(result
))
1500 /* Query domain info */
1502 result
= rpccli_samr_query_dom_info(cli
, mem_ctx
, &domain_pol
,
1503 switch_level
, &ctr
);
1505 if (!NT_STATUS_IS_OK(result
))
1508 /* Display domain info */
1510 switch (switch_level
) {
1512 display_sam_unk_info_1(&ctr
.info
.inf1
);
1515 display_sam_unk_info_2(&ctr
.info
.inf2
);
1518 display_sam_unk_info_3(&ctr
.info
.inf3
);
1521 display_sam_unk_info_4(&ctr
.info
.inf4
);
1524 display_sam_unk_info_5(&ctr
.info
.inf5
);
1527 display_sam_unk_info_6(&ctr
.info
.inf6
);
1530 display_sam_unk_info_7(&ctr
.info
.inf7
);
1533 display_sam_unk_info_8(&ctr
.info
.inf8
);
1536 display_sam_unk_info_9(&ctr
.info
.inf9
);
1539 display_sam_unk_info_12(&ctr
.info
.inf12
);
1542 display_sam_unk_info_13(&ctr
.info
.inf13
);
1546 printf("cannot display domain info for switch value %d\n",
1553 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1554 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1558 /* Create domain user */
1560 static NTSTATUS
cmd_samr_create_dom_user(struct rpc_pipe_client
*cli
,
1561 TALLOC_CTX
*mem_ctx
,
1562 int argc
, const char **argv
)
1564 POLICY_HND connect_pol
, domain_pol
, user_pol
;
1565 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1566 const char *acct_name
;
1568 uint32 unknown
, user_rid
;
1569 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1571 if ((argc
< 2) || (argc
> 3)) {
1572 printf("Usage: %s username [access mask]\n", argv
[0]);
1573 return NT_STATUS_OK
;
1576 acct_name
= argv
[1];
1579 sscanf(argv
[2], "%x", &access_mask
);
1581 /* Get sam policy handle */
1583 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1586 if (!NT_STATUS_IS_OK(result
))
1589 /* Get domain policy handle */
1591 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1593 &domain_sid
, &domain_pol
);
1595 if (!NT_STATUS_IS_OK(result
))
1598 /* Create domain user */
1600 acb_info
= ACB_NORMAL
;
1601 unknown
= 0xe005000b; /* No idea what this is - a permission mask? */
1603 result
= rpccli_samr_create_dom_user(cli
, mem_ctx
, &domain_pol
,
1604 acct_name
, acb_info
, unknown
,
1605 &user_pol
, &user_rid
);
1607 if (!NT_STATUS_IS_OK(result
))
1610 result
= rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
1611 if (!NT_STATUS_IS_OK(result
)) goto done
;
1613 result
= rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1614 if (!NT_STATUS_IS_OK(result
)) goto done
;
1616 result
= rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1617 if (!NT_STATUS_IS_OK(result
)) goto done
;
1623 /* Create domain group */
1625 static NTSTATUS
cmd_samr_create_dom_group(struct rpc_pipe_client
*cli
,
1626 TALLOC_CTX
*mem_ctx
,
1627 int argc
, const char **argv
)
1629 POLICY_HND connect_pol
, domain_pol
, group_pol
;
1630 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1631 const char *grp_name
;
1632 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1634 if ((argc
< 2) || (argc
> 3)) {
1635 printf("Usage: %s groupname [access mask]\n", argv
[0]);
1636 return NT_STATUS_OK
;
1642 sscanf(argv
[2], "%x", &access_mask
);
1644 /* Get sam policy handle */
1646 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1649 if (!NT_STATUS_IS_OK(result
))
1652 /* Get domain policy handle */
1654 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1656 &domain_sid
, &domain_pol
);
1658 if (!NT_STATUS_IS_OK(result
))
1661 /* Create domain user */
1663 result
= rpccli_samr_create_dom_group(cli
, mem_ctx
, &domain_pol
,
1664 grp_name
, MAXIMUM_ALLOWED_ACCESS
,
1667 if (!NT_STATUS_IS_OK(result
))
1670 result
= rpccli_samr_close(cli
, mem_ctx
, &group_pol
);
1671 if (!NT_STATUS_IS_OK(result
)) goto done
;
1673 result
= rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1674 if (!NT_STATUS_IS_OK(result
)) goto done
;
1676 result
= rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1677 if (!NT_STATUS_IS_OK(result
)) goto done
;
1683 /* Create domain alias */
1685 static NTSTATUS
cmd_samr_create_dom_alias(struct rpc_pipe_client
*cli
,
1686 TALLOC_CTX
*mem_ctx
,
1687 int argc
, const char **argv
)
1689 POLICY_HND connect_pol
, domain_pol
, alias_pol
;
1690 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1691 const char *alias_name
;
1692 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1694 if ((argc
< 2) || (argc
> 3)) {
1695 printf("Usage: %s aliasname [access mask]\n", argv
[0]);
1696 return NT_STATUS_OK
;
1699 alias_name
= argv
[1];
1702 sscanf(argv
[2], "%x", &access_mask
);
1704 /* Get sam policy handle */
1706 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1709 if (!NT_STATUS_IS_OK(result
))
1712 /* Get domain policy handle */
1714 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1716 &domain_sid
, &domain_pol
);
1718 if (!NT_STATUS_IS_OK(result
))
1721 /* Create domain user */
1723 result
= rpccli_samr_create_dom_alias(cli
, mem_ctx
, &domain_pol
,
1724 alias_name
, &alias_pol
);
1726 if (!NT_STATUS_IS_OK(result
))
1729 result
= rpccli_samr_close(cli
, mem_ctx
, &alias_pol
);
1730 if (!NT_STATUS_IS_OK(result
)) goto done
;
1732 result
= rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1733 if (!NT_STATUS_IS_OK(result
)) goto done
;
1735 result
= rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1736 if (!NT_STATUS_IS_OK(result
)) goto done
;
1742 /* Lookup sam names */
1744 static NTSTATUS
cmd_samr_lookup_names(struct rpc_pipe_client
*cli
,
1745 TALLOC_CTX
*mem_ctx
,
1746 int argc
, const char **argv
)
1748 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1749 POLICY_HND connect_pol
, domain_pol
;
1750 uint32 flags
= 0x000003e8; /* Unknown */
1751 uint32 num_rids
, num_names
, *name_types
, *rids
;
1756 printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv
[0]);
1757 printf("check on the domain SID: S-1-5-21-x-y-z\n");
1758 printf("or check on the builtin SID: S-1-5-32\n");
1759 return NT_STATUS_OK
;
1762 /* Get sam policy and domain handles */
1764 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1767 if (!NT_STATUS_IS_OK(result
))
1770 if (StrCaseCmp(argv
[1], "domain")==0)
1771 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1772 MAXIMUM_ALLOWED_ACCESS
,
1773 &domain_sid
, &domain_pol
);
1774 else if (StrCaseCmp(argv
[1], "builtin")==0)
1775 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1776 MAXIMUM_ALLOWED_ACCESS
,
1777 &global_sid_Builtin
, &domain_pol
);
1779 return NT_STATUS_OK
;
1781 if (!NT_STATUS_IS_OK(result
))
1786 num_names
= argc
- 2;
1787 if ((names
= TALLOC_ARRAY(mem_ctx
, const char *, num_names
)) == NULL
) {
1788 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1789 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1790 result
= NT_STATUS_NO_MEMORY
;
1794 for (i
= 0; i
< argc
- 2; i
++)
1795 names
[i
] = argv
[i
+ 2];
1797 result
= rpccli_samr_lookup_names(cli
, mem_ctx
, &domain_pol
,
1798 flags
, num_names
, names
,
1799 &num_rids
, &rids
, &name_types
);
1801 if (!NT_STATUS_IS_OK(result
))
1804 /* Display results */
1806 for (i
= 0; i
< num_names
; i
++)
1807 printf("name %s: 0x%x (%d)\n", names
[i
], rids
[i
],
1810 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1811 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1816 /* Lookup sam rids */
1818 static NTSTATUS
cmd_samr_lookup_rids(struct rpc_pipe_client
*cli
,
1819 TALLOC_CTX
*mem_ctx
,
1820 int argc
, const char **argv
)
1822 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1823 POLICY_HND connect_pol
, domain_pol
;
1824 uint32 num_rids
, num_names
, *rids
, *name_types
;
1829 printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv
[0]);
1830 return NT_STATUS_OK
;
1833 /* Get sam policy and domain handles */
1835 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1838 if (!NT_STATUS_IS_OK(result
))
1841 if (StrCaseCmp(argv
[1], "domain")==0)
1842 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1843 MAXIMUM_ALLOWED_ACCESS
,
1844 &domain_sid
, &domain_pol
);
1845 else if (StrCaseCmp(argv
[1], "builtin")==0)
1846 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1847 MAXIMUM_ALLOWED_ACCESS
,
1848 &global_sid_Builtin
, &domain_pol
);
1850 return NT_STATUS_OK
;
1852 if (!NT_STATUS_IS_OK(result
))
1857 num_rids
= argc
- 2;
1858 rids
= TALLOC_ARRAY(mem_ctx
, uint32
, num_rids
);
1859 if ((rids
= TALLOC_ARRAY(mem_ctx
, uint32
, num_rids
)) == NULL
) {
1860 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1861 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1862 result
= NT_STATUS_NO_MEMORY
;
1866 for (i
= 0; i
< argc
- 2; i
++)
1867 sscanf(argv
[i
+ 2], "%i", &rids
[i
]);
1869 result
= rpccli_samr_lookup_rids(cli
, mem_ctx
, &domain_pol
, num_rids
, rids
,
1870 &num_names
, &names
, &name_types
);
1872 if (!NT_STATUS_IS_OK(result
) &&
1873 !NT_STATUS_EQUAL(result
, STATUS_SOME_UNMAPPED
))
1876 /* Display results */
1878 for (i
= 0; i
< num_names
; i
++)
1879 printf("rid 0x%x: %s (%d)\n", rids
[i
], names
[i
], name_types
[i
]);
1881 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1882 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1887 /* Delete domain user */
1889 static NTSTATUS
cmd_samr_delete_dom_user(struct rpc_pipe_client
*cli
,
1890 TALLOC_CTX
*mem_ctx
,
1891 int argc
, const char **argv
)
1893 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1894 POLICY_HND connect_pol
, domain_pol
, user_pol
;
1895 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
1897 if ((argc
< 2) || (argc
> 3)) {
1898 printf("Usage: %s username\n", argv
[0]);
1899 return NT_STATUS_OK
;
1903 sscanf(argv
[2], "%x", &access_mask
);
1905 /* Get sam policy and domain handles */
1907 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1910 if (!NT_STATUS_IS_OK(result
))
1913 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
1914 MAXIMUM_ALLOWED_ACCESS
,
1915 &domain_sid
, &domain_pol
);
1917 if (!NT_STATUS_IS_OK(result
))
1920 /* Get handle on user */
1923 uint32
*user_rids
, num_rids
, *name_types
;
1924 uint32 flags
= 0x000003e8; /* Unknown */
1926 result
= rpccli_samr_lookup_names(cli
, mem_ctx
, &domain_pol
,
1927 flags
, 1, (const char **)&argv
[1],
1928 &num_rids
, &user_rids
,
1931 if (!NT_STATUS_IS_OK(result
))
1934 result
= rpccli_samr_open_user(cli
, mem_ctx
, &domain_pol
,
1936 user_rids
[0], &user_pol
);
1938 if (!NT_STATUS_IS_OK(result
))
1944 result
= rpccli_samr_delete_dom_user(cli
, mem_ctx
, &user_pol
);
1946 if (!NT_STATUS_IS_OK(result
))
1949 /* Display results */
1951 rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
1952 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
1953 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
1959 /**********************************************************************
1960 * Query user security object
1962 static NTSTATUS
cmd_samr_query_sec_obj(struct rpc_pipe_client
*cli
,
1963 TALLOC_CTX
*mem_ctx
,
1964 int argc
, const char **argv
)
1966 POLICY_HND connect_pol
, domain_pol
, user_pol
, *pol
;
1967 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
1968 uint32 sec_info
= DACL_SECURITY_INFORMATION
;
1970 uint32 user_rid
= 0;
1971 TALLOC_CTX
*ctx
= NULL
;
1972 SEC_DESC_BUF
*sec_desc_buf
=NULL
;
1973 BOOL domain
= False
;
1975 ctx
=talloc_init("cmd_samr_query_sec_obj");
1977 if ((argc
< 1) || (argc
> 3)) {
1978 printf("Usage: %s [rid|-d] [sec_info]\n", argv
[0]);
1979 printf("\tSpecify rid for security on user, -d for security on domain\n");
1980 return NT_STATUS_OK
;
1984 if (strcmp(argv
[1], "-d") == 0)
1987 sscanf(argv
[1], "%i", &user_rid
);
1991 sec_info
= atoi(argv
[2]);
1994 slprintf(server
, sizeof(fstring
)-1, "\\\\%s", cli
->cli
->desthost
);
1996 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
1999 if (!NT_STATUS_IS_OK(result
))
2002 if (domain
|| user_rid
)
2003 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
2004 MAXIMUM_ALLOWED_ACCESS
,
2005 &domain_sid
, &domain_pol
);
2007 if (!NT_STATUS_IS_OK(result
))
2011 result
= rpccli_samr_open_user(cli
, mem_ctx
, &domain_pol
,
2012 MAXIMUM_ALLOWED_ACCESS
,
2013 user_rid
, &user_pol
);
2015 if (!NT_STATUS_IS_OK(result
))
2018 /* Pick which query pol to use */
2028 /* Query SAM security object */
2030 result
= rpccli_samr_query_sec_obj(cli
, mem_ctx
, pol
, sec_info
, ctx
,
2033 if (!NT_STATUS_IS_OK(result
))
2036 display_sec_desc(sec_desc_buf
->sd
);
2038 rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
2039 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
2040 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
2042 talloc_destroy(ctx
);
2046 static NTSTATUS
cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client
*cli
,
2047 TALLOC_CTX
*mem_ctx
,
2048 int argc
, const char **argv
)
2050 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2051 POLICY_HND connect_pol
, domain_pol
, user_pol
;
2052 uint16 min_pwd_length
;
2053 uint32 password_properties
, unknown1
, rid
;
2056 printf("Usage: %s rid\n", argv
[0]);
2057 return NT_STATUS_OK
;
2060 sscanf(argv
[1], "%i", &rid
);
2062 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
2065 if (!NT_STATUS_IS_OK(result
)) {
2069 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
2070 MAXIMUM_ALLOWED_ACCESS
, &domain_sid
, &domain_pol
);
2072 if (!NT_STATUS_IS_OK(result
)) {
2076 result
= rpccli_samr_open_user(cli
, mem_ctx
, &domain_pol
,
2077 MAXIMUM_ALLOWED_ACCESS
,
2080 if (!NT_STATUS_IS_OK(result
)) {
2084 result
= rpccli_samr_get_usrdom_pwinfo(cli
, mem_ctx
, &user_pol
,
2085 &min_pwd_length
, &password_properties
,
2088 if (NT_STATUS_IS_OK(result
)) {
2089 printf("min_pwd_length: %d\n", min_pwd_length
);
2090 printf("unknown1: %d\n", unknown1
);
2091 display_password_properties(password_properties
);
2095 rpccli_samr_close(cli
, mem_ctx
, &user_pol
);
2096 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
2097 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
2103 static NTSTATUS
cmd_samr_get_dom_pwinfo(struct rpc_pipe_client
*cli
,
2104 TALLOC_CTX
*mem_ctx
,
2105 int argc
, const char **argv
)
2107 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2108 uint16 min_pwd_length
;
2109 uint32 password_properties
;
2112 printf("Usage: %s\n", argv
[0]);
2113 return NT_STATUS_OK
;
2116 result
= rpccli_samr_get_dom_pwinfo(cli
, mem_ctx
, &min_pwd_length
, &password_properties
) ;
2118 if (NT_STATUS_IS_OK(result
)) {
2119 printf("min_pwd_length: %d\n", min_pwd_length
);
2120 display_password_properties(password_properties
);
2126 /* Look up domain name */
2128 static NTSTATUS
cmd_samr_lookup_domain(struct rpc_pipe_client
*cli
,
2129 TALLOC_CTX
*mem_ctx
,
2130 int argc
, const char **argv
)
2132 POLICY_HND connect_pol
, domain_pol
;
2133 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2134 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
2135 fstring domain_name
,sid_string
;
2139 printf("Usage: %s domain_name\n", argv
[0]);
2140 return NT_STATUS_OK
;
2143 sscanf(argv
[1], "%s", domain_name
);
2145 result
= try_samr_connects(cli
, mem_ctx
, access_mask
, &connect_pol
);
2147 if (!NT_STATUS_IS_OK(result
))
2150 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
2151 access_mask
, &domain_sid
, &domain_pol
);
2153 if (!NT_STATUS_IS_OK(result
))
2156 result
= rpccli_samr_lookup_domain(
2157 cli
, mem_ctx
, &connect_pol
, domain_name
, &sid
);
2159 sid_to_string(sid_string
,&sid
);
2161 if (NT_STATUS_IS_OK(result
))
2162 printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2163 domain_name
,sid_string
);
2165 rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
2166 rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
2171 /* Change user password */
2173 static NTSTATUS
cmd_samr_chgpasswd3(struct rpc_pipe_client
*cli
,
2174 TALLOC_CTX
*mem_ctx
,
2175 int argc
, const char **argv
)
2177 POLICY_HND connect_pol
, domain_pol
;
2178 NTSTATUS result
= NT_STATUS_UNSUCCESSFUL
;
2179 const char *user
, *oldpass
, *newpass
;
2180 uint32 access_mask
= MAXIMUM_ALLOWED_ACCESS
;
2181 SAM_UNK_INFO_1 info
;
2182 SAMR_CHANGE_REJECT reject
;
2185 printf("Usage: %s username oldpass newpass\n", argv
[0]);
2186 return NT_STATUS_INVALID_PARAMETER
;
2193 /* Get sam policy handle */
2195 result
= try_samr_connects(cli
, mem_ctx
, MAXIMUM_ALLOWED_ACCESS
,
2198 if (!NT_STATUS_IS_OK(result
))
2201 /* Get domain policy handle */
2203 result
= rpccli_samr_open_domain(cli
, mem_ctx
, &connect_pol
,
2205 &domain_sid
, &domain_pol
);
2207 if (!NT_STATUS_IS_OK(result
))
2210 /* Change user password */
2211 result
= rpccli_samr_chgpasswd3(cli
, mem_ctx
, user
, newpass
, oldpass
, &info
, &reject
);
2213 if (NT_STATUS_EQUAL(result
, NT_STATUS_PASSWORD_RESTRICTION
)) {
2215 display_sam_unk_info_1(&info
);
2217 switch (reject
.reject_reason
) {
2218 case REJECT_REASON_TOO_SHORT
:
2219 d_printf("REJECT_REASON_TOO_SHORT\n");
2221 case REJECT_REASON_IN_HISTORY
:
2222 d_printf("REJECT_REASON_IN_HISTORY\n");
2224 case REJECT_REASON_NOT_COMPLEX
:
2225 d_printf("REJECT_REASON_NOT_COMPLEX\n");
2227 case REJECT_REASON_OTHER
:
2228 d_printf("REJECT_REASON_OTHER\n");
2231 d_printf("unknown reject reason: %d\n", reject
.reject_reason
);
2236 if (!NT_STATUS_IS_OK(result
))
2239 result
= rpccli_samr_close(cli
, mem_ctx
, &domain_pol
);
2240 if (!NT_STATUS_IS_OK(result
)) goto done
;
2242 result
= rpccli_samr_close(cli
, mem_ctx
, &connect_pol
);
2243 if (!NT_STATUS_IS_OK(result
)) goto done
;
2249 /* List of commands exported by this module */
2251 struct cmd_set samr_commands
[] = {
2255 { "queryuser", RPC_RTYPE_NTSTATUS
, cmd_samr_query_user
, NULL
, PI_SAMR
, NULL
, "Query user info", "" },
2256 { "querygroup", RPC_RTYPE_NTSTATUS
, cmd_samr_query_group
, NULL
, PI_SAMR
, NULL
, "Query group info", "" },
2257 { "queryusergroups", RPC_RTYPE_NTSTATUS
, cmd_samr_query_usergroups
, NULL
, PI_SAMR
, NULL
, "Query user groups", "" },
2258 { "queryuseraliases", RPC_RTYPE_NTSTATUS
, cmd_samr_query_useraliases
, NULL
, PI_SAMR
, NULL
, "Query user aliases", "" },
2259 { "querygroupmem", RPC_RTYPE_NTSTATUS
, cmd_samr_query_groupmem
, NULL
, PI_SAMR
, NULL
, "Query group membership", "" },
2260 { "queryaliasmem", RPC_RTYPE_NTSTATUS
, cmd_samr_query_aliasmem
, NULL
, PI_SAMR
, NULL
, "Query alias membership", "" },
2261 { "deletealias", RPC_RTYPE_NTSTATUS
, cmd_samr_delete_alias
, NULL
, PI_SAMR
, NULL
, "Delete an alias", "" },
2262 { "querydispinfo", RPC_RTYPE_NTSTATUS
, cmd_samr_query_dispinfo
, NULL
, PI_SAMR
, NULL
, "Query display info", "" },
2263 { "querydispinfo2", RPC_RTYPE_NTSTATUS
, cmd_samr_query_dispinfo2
, NULL
, PI_SAMR
, NULL
, "Query display info 2", "" },
2264 { "querydispinfo3", RPC_RTYPE_NTSTATUS
, cmd_samr_query_dispinfo3
, NULL
, PI_SAMR
, NULL
, "Query display info 3", "" },
2265 { "getdispenumindex", RPC_RTYPE_NTSTATUS
, cmd_samr_get_dispenum_index
, NULL
, PI_SAMR
, NULL
, "Query display info index", "" },
2266 { "getdispenumindex2", RPC_RTYPE_NTSTATUS
, cmd_samr_get_dispenum_index2
, NULL
, PI_SAMR
, NULL
, "Query display info index", "" },
2267 { "querydominfo", RPC_RTYPE_NTSTATUS
, cmd_samr_query_dominfo
, NULL
, PI_SAMR
, NULL
, "Query domain info", "" },
2268 { "enumdomusers", RPC_RTYPE_NTSTATUS
, cmd_samr_enum_dom_users
, NULL
, PI_SAMR
, NULL
, "Enumerate domain users", "" },
2269 { "enumdomgroups", RPC_RTYPE_NTSTATUS
, cmd_samr_enum_dom_groups
, NULL
, PI_SAMR
, NULL
, "Enumerate domain groups", "" },
2270 { "enumalsgroups", RPC_RTYPE_NTSTATUS
, cmd_samr_enum_als_groups
, NULL
, PI_SAMR
, NULL
, "Enumerate alias groups", "" },
2272 { "createdomuser", RPC_RTYPE_NTSTATUS
, cmd_samr_create_dom_user
, NULL
, PI_SAMR
, NULL
, "Create domain user", "" },
2273 { "createdomgroup", RPC_RTYPE_NTSTATUS
, cmd_samr_create_dom_group
, NULL
, PI_SAMR
, NULL
, "Create domain group", "" },
2274 { "createdomalias", RPC_RTYPE_NTSTATUS
, cmd_samr_create_dom_alias
, NULL
, PI_SAMR
, NULL
, "Create domain alias", "" },
2275 { "samlookupnames", RPC_RTYPE_NTSTATUS
, cmd_samr_lookup_names
, NULL
, PI_SAMR
, NULL
, "Look up names", "" },
2276 { "samlookuprids", RPC_RTYPE_NTSTATUS
, cmd_samr_lookup_rids
, NULL
, PI_SAMR
, NULL
, "Look up names", "" },
2277 { "deletedomuser", RPC_RTYPE_NTSTATUS
, cmd_samr_delete_dom_user
, NULL
, PI_SAMR
, NULL
, "Delete domain user", "" },
2278 { "samquerysecobj", RPC_RTYPE_NTSTATUS
, cmd_samr_query_sec_obj
, NULL
, PI_SAMR
, NULL
, "Query SAMR security object", "" },
2279 { "getdompwinfo", RPC_RTYPE_NTSTATUS
, cmd_samr_get_dom_pwinfo
, NULL
, PI_SAMR
, NULL
, "Retrieve domain password info", "" },
2280 { "getusrdompwinfo", RPC_RTYPE_NTSTATUS
, cmd_samr_get_usrdom_pwinfo
, NULL
, PI_SAMR
, NULL
, "Retrieve user domain password info", "" },
2282 { "lookupdomain", RPC_RTYPE_NTSTATUS
, cmd_samr_lookup_domain
, NULL
, PI_SAMR
, NULL
, "Lookup Domain Name", "" },
2283 { "chgpasswd3", RPC_RTYPE_NTSTATUS
, cmd_samr_chgpasswd3
, NULL
, PI_SAMR
, NULL
, "Change user password", "" },