search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r11964: rename flag to password_properties in SAM_UNK_INFO_1 because that's what
[Samba/nascimento.git] / source3 / rpcclient / cmd_samr.c
blob35598fb50c0f37dd7e8da207b1024b59aeea0e27
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4
5 Copyright (C) Andrew Tridgell 1992-2000,
6 Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 Copyright (C) Elrond 2000,
8 Copyright (C) Tim Potter 2000
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 */
24
25 #include "includes.h"
26 #include "rpcclient.h"
27
28 extern DOM_SID domain_sid;
29
30 /****************************************************************************
31 display sam_user_info_7 structure
32 ****************************************************************************/
33 static void display_sam_user_info_7(SAM_USER_INFO_7 *usr)
34 {
35 fstring temp;
36
37 unistr2_to_ascii(temp, &usr->uni_name, sizeof(temp)-1);
38 printf("\tUser Name :\t%s\n", temp);
39 }
40
41 /****************************************************************************
42 display sam_user_info_21 structure
43 ****************************************************************************/
44 static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
45 {
46 fstring temp;
47
48 unistr2_to_ascii(temp, &usr->uni_user_name, sizeof(temp)-1);
49 printf("\tUser Name :\t%s\n", temp);
50
51 unistr2_to_ascii(temp, &usr->uni_full_name, sizeof(temp)-1);
52 printf("\tFull Name :\t%s\n", temp);
53
54 unistr2_to_ascii(temp, &usr->uni_home_dir, sizeof(temp)-1);
55 printf("\tHome Drive :\t%s\n", temp);
56
57 unistr2_to_ascii(temp, &usr->uni_dir_drive, sizeof(temp)-1);
58 printf("\tDir Drive :\t%s\n", temp);
59
60 unistr2_to_ascii(temp, &usr->uni_profile_path, sizeof(temp)-1);
61 printf("\tProfile Path:\t%s\n", temp);
62
63 unistr2_to_ascii(temp, &usr->uni_logon_script, sizeof(temp)-1);
64 printf("\tLogon Script:\t%s\n", temp);
65
66 unistr2_to_ascii(temp, &usr->uni_acct_desc, sizeof(temp)-1);
67 printf("\tDescription :\t%s\n", temp);
68
69 unistr2_to_ascii(temp, &usr->uni_workstations, sizeof(temp)-1);
70 printf("\tWorkstations:\t%s\n", temp);
71
72 unistr2_to_ascii(temp, &usr->uni_unknown_str, sizeof(temp)-1);
73 printf("\tUnknown Str :\t%s\n", temp);
74
75 unistr2_to_ascii(temp, &usr->uni_munged_dial, sizeof(temp)-1);
76 printf("\tRemote Dial :\t%s\n", temp);
77
78 printf("\tLogon Time :\t%s\n",
79 http_timestring(nt_time_to_unix(&usr->logon_time)));
80 printf("\tLogoff Time :\t%s\n",
81 http_timestring(nt_time_to_unix(&usr->logoff_time)));
82 printf("\tKickoff Time :\t%s\n",
83 http_timestring(nt_time_to_unix(&usr->kickoff_time)));
84 printf("\tPassword last set Time :\t%s\n",
85 http_timestring(nt_time_to_unix(&usr->pass_last_set_time)));
86 printf("\tPassword can change Time :\t%s\n",
87 http_timestring(nt_time_to_unix(&usr->pass_can_change_time)));
88 printf("\tPassword must change Time:\t%s\n",
89 http_timestring(nt_time_to_unix(&usr->pass_must_change_time)));
90
91 printf("\tunknown_2[0..31]...\n"); /* user passwords? */
92
93 printf("\tuser_rid :\t0x%x\n" , usr->user_rid ); /* User ID */
94 printf("\tgroup_rid:\t0x%x\n" , usr->group_rid); /* Group ID */
95 printf("\tacb_info :\t0x%04x\n", usr->acb_info ); /* Account Control Info */
96
97 printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
98 printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
99 printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
100 printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
101
102 printf("\tpadding1[0..7]...\n");
103
104 if (usr->ptr_logon_hrs) {
105 printf("\tlogon_hrs[0..%d]...\n", usr->logon_hrs.len);
106 }
107 }
108
109 static const char *display_time(NTTIME nttime)
110 {
111 static fstring string;
112
113 float high;
114 float low;
115 int sec;
116 int days, hours, mins, secs;
117
118 if (nttime.high==0 && nttime.low==0)
119 return "Now";
120
121 if (nttime.high==0x80000000 && nttime.low==0)
122 return "Never";
123
124 high = 65536;
125 high = high/10000;
126 high = high*65536;
127 high = high/1000;
128 high = high * (~nttime.high);
129
130 low = ~nttime.low;
131 low = low/(1000*1000*10);
132
133 sec=high+low;
134
135 days=sec/(60*60*24);
136 hours=(sec - (days*60*60*24)) / (60*60);
137 mins=(sec - (days*60*60*24) - (hours*60*60) ) / 60;
138 secs=sec - (days*60*60*24) - (hours*60*60) - (mins*60);
139
140 fstr_sprintf(string, "%u days, %u hours, %u minutes, %u seconds", days, hours, mins, secs);
141 return (string);
142 }
143
144 static const char* server_role_str(uint32 server_role)
145 {
146 switch(server_role) {
147 case ROLE_STANDALONE:
148 return SMB_STRDUP("ROLE_STANDALONE");
149 break;
150 case ROLE_DOMAIN_MEMBER:
151 return SMB_STRDUP("ROLE_DOMAIN_MEMBER");
152 break;
153 case ROLE_DOMAIN_BDC:
154 return SMB_STRDUP("ROLE_DOMAIN_BDC");
155 break;
156 case ROLE_DOMAIN_PDC:
157 return SMB_STRDUP("ROLE_DOMAIN_PDC");
158 break;
159 default:
160 return SMB_STRDUP("Unknown -- internal error?");
161 break;
162 }
163 }
164
165 static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1)
166 {
167
168 printf("Minimum password length:\t\t\t%d\n", info1->min_length_password);
169 printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history);
170 printf("Password Properties:\t\t\t\t0x%08x\n", info1->password_properties);
171
172 if (info1->password_properties & DOMAIN_PASSWORD_COMPLEX)
173 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
174
175 if (info1->password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE) {
176 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
177 printf("users must open a session to change password ");
178 }
179
180 if (info1->password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
181 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
182
183 if (info1->password_properties & DOMAIN_LOCKOUT_ADMINS)
184 printf("\tDOMAIN_LOCKOUT_ADMINS\n");
185
186 if (info1->password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
187 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
188
189 if (info1->password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
190 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
191
192 printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire));
193 printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage));
194 }
195
196 static void display_sam_unk_info_2(SAM_UNK_INFO_2 *info2)
197 {
198 fstring name;
199
200 unistr2_to_ascii(name, &info2->uni_domain, sizeof(name) - 1);
201 printf("Domain:\t\t%s\n", name);
202
203 unistr2_to_ascii(name, &info2->uni_server, sizeof(name) - 1);
204 printf("Server:\t\t%s\n", name);
205
206 unistr2_to_ascii(name, &info2->uni_comment, sizeof(name) - 1);
207 printf("Comment:\t%s\n", name);
208
209 printf("Total Users:\t%d\n", info2->num_domain_usrs);
210 printf("Total Groups:\t%d\n", info2->num_domain_grps);
211 printf("Total Aliases:\t%d\n", info2->num_local_grps);
212
213 printf("Sequence No:\t%d\n", info2->seq_num.low);
214
215 printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2->logout));
216
217 printf("Unknown 4:\t0x%x\n", info2->unknown_4);
218 printf("Server Role:\t%s\n", server_role_str(info2->server_role));
219 printf("Unknown 6:\t0x%x\n", info2->unknown_6);
220 }
221
222 static void display_sam_unk_info_7(SAM_UNK_INFO_7 *info7)
223 {
224 printf("Server Role:\t%s\n", server_role_str(info7->server_role));
225 }
226
227 static void display_sam_unk_info_8(SAM_UNK_INFO_8 *info8)
228 {
229 printf("Sequence No:\t%d\n", info8->seq_num.low);
230 printf("Domain Create Time:\t%s\n",
231 http_timestring(nt_time_to_unix(&info8->domain_create_time)));
232
233 }
234
235 static void display_sam_unk_info_12(SAM_UNK_INFO_12 *info12)
236 {
237 printf("Bad password lockout duration: %s\n", display_time(info12->duration));
238 printf("Reset Lockout after: %s\n", display_time(info12->reset_count));
239 printf("Lockout after bad attempts: %d\n", info12->bad_attempt_lockout);
240 }
241
242 static void display_sam_info_1(SAM_ENTRY1 *e1, SAM_STR1 *s1)
243 {
244 fstring tmp;
245
246 printf("index: 0x%x ", e1->user_idx);
247 printf("RID: 0x%x ", e1->rid_user);
248 printf("acb: 0x%x ", e1->acb_info);
249
250 unistr2_to_ascii(tmp, &s1->uni_acct_name, sizeof(tmp)-1);
251 printf("Account: %s\t", tmp);
252
253 unistr2_to_ascii(tmp, &s1->uni_full_name, sizeof(tmp)-1);
254 printf("Name: %s\t", tmp);
255
256 unistr2_to_ascii(tmp, &s1->uni_acct_desc, sizeof(tmp)-1);
257 printf("Desc: %s\n", tmp);
258 }
259
260 static void display_sam_info_2(SAM_ENTRY2 *e2, SAM_STR2 *s2)
261 {
262 fstring tmp;
263
264 printf("index: 0x%x ", e2->user_idx);
265 printf("RID: 0x%x ", e2->rid_user);
266 printf("acb: 0x%x ", e2->acb_info);
267
268 unistr2_to_ascii(tmp, &s2->uni_srv_name, sizeof(tmp)-1);
269 printf("Account: %s\t", tmp);
270
271 unistr2_to_ascii(tmp, &s2->uni_srv_desc, sizeof(tmp)-1);
272 printf("Name: %s\n", tmp);
273
274 }
275
276 static void display_sam_info_3(SAM_ENTRY3 *e3, SAM_STR3 *s3)
277 {
278 fstring tmp;
279
280 printf("index: 0x%x ", e3->grp_idx);
281 printf("RID: 0x%x ", e3->rid_grp);
282 printf("attr: 0x%x ", e3->attr);
283
284 unistr2_to_ascii(tmp, &s3->uni_grp_name, sizeof(tmp)-1);
285 printf("Account: %s\t", tmp);
286
287 unistr2_to_ascii(tmp, &s3->uni_grp_desc, sizeof(tmp)-1);
288 printf("Name: %s\n", tmp);
289
290 }
291
292 static void display_sam_info_4(SAM_ENTRY4 *e4, SAM_STR4 *s4)
293 {
294 int i;
295
296 printf("index: %d ", e4->user_idx);
297
298 printf("Account: ");
299 for (i=0; i<s4->acct_name.str_str_len; i++)
300 printf("%c", s4->acct_name.buffer[i]);
301 printf("\n");
302
303 }
304
305 static void display_sam_info_5(SAM_ENTRY5 *e5, SAM_STR5 *s5)
306 {
307 int i;
308
309 printf("index: 0x%x ", e5->grp_idx);
310
311 printf("Account: ");
312 for (i=0; i<s5->grp_name.str_str_len; i++)
313 printf("%c", s5->grp_name.buffer[i]);
314 printf("\n");
315
316 }
317
318 /****************************************************************************
319 Try samr_connect4 first, then samr_conenct if it fails
320 ****************************************************************************/
321 static NTSTATUS try_samr_connects(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
322 uint32 access_mask, POLICY_HND *connect_pol)
323 {
324 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
325
326 result = rpccli_samr_connect4(cli, mem_ctx, access_mask, connect_pol);
327 if (!NT_STATUS_IS_OK(result)) {
328 result = rpccli_samr_connect(cli, mem_ctx, access_mask,
329 connect_pol);
330 }
331 return result;
332 }
333
334 /**********************************************************************
335 * Query user information
336 */
337 static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli,
338 TALLOC_CTX *mem_ctx,
339 int argc, const char **argv)
340 {
341 POLICY_HND connect_pol, domain_pol, user_pol;
342 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
343 uint32 info_level = 21;
344 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
345 SAM_USERINFO_CTR *user_ctr;
346 fstring server;
347 uint32 user_rid;
348
349 if ((argc < 2) || (argc > 4)) {
350 printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
351 return NT_STATUS_OK;
352 }
353
354 sscanf(argv[1], "%i", &user_rid);
355
356 if (argc > 2)
357 sscanf(argv[2], "%i", &info_level);
358
359 if (argc > 3)
360 sscanf(argv[3], "%x", &access_mask);
361
362
363 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
364 strupper_m(server);
365
366 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
367 &connect_pol);
368
369 if (!NT_STATUS_IS_OK(result))
370 goto done;
371
372 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
373 MAXIMUM_ALLOWED_ACCESS,
374 &domain_sid, &domain_pol);
375
376 if (!NT_STATUS_IS_OK(result))
377 goto done;
378
379 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
380 access_mask,
381 user_rid, &user_pol);
382
383 if (!NT_STATUS_IS_OK(result))
384 goto done;
385
386 ZERO_STRUCT(user_ctr);
387
388 result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol,
389 info_level, &user_ctr);
390
391 if (!NT_STATUS_IS_OK(result))
392 goto done;
393
394 switch (user_ctr->switch_value) {
395 case 21:
396 display_sam_user_info_21(user_ctr->info.id21);
397 break;
398 case 7:
399 display_sam_user_info_7(user_ctr->info.id7);
400 break;
401 default:
402 printf("Unsupported infolevel: %d\n", info_level);
403 break;
404 }
405
406 rpccli_samr_close(cli, mem_ctx, &user_pol);
407 rpccli_samr_close(cli, mem_ctx, &domain_pol);
408 rpccli_samr_close(cli, mem_ctx, &connect_pol);
409
410 done:
411 return result;
412 }
413
414 /****************************************************************************
415 display group info
416 ****************************************************************************/
417 static void display_group_info1(GROUP_INFO1 *info1)
418 {
419 fstring temp;
420
421 unistr2_to_ascii(temp, &info1->uni_acct_name, sizeof(temp)-1);
422 printf("\tGroup Name:\t%s\n", temp);
423 unistr2_to_ascii(temp, &info1->uni_acct_desc, sizeof(temp)-1);
424 printf("\tDescription:\t%s\n", temp);
425 printf("\tGroup Attribute:%d\n", info1->group_attr);
426 printf("\tNum Members:%d\n", info1->num_members);
427 }
428
429 /****************************************************************************
430 display group info
431 ****************************************************************************/
432 static void display_group_info3(GROUP_INFO3 *info3)
433 {
434 printf("\tGroup Attribute:%d\n", info3->group_attr);
435 }
436
437
438 /****************************************************************************
439 display group info
440 ****************************************************************************/
441 static void display_group_info4(GROUP_INFO4 *info4)
442 {
443 fstring desc;
444
445 unistr2_to_ascii(desc, &info4->uni_acct_desc, sizeof(desc)-1);
446 printf("\tGroup Description:%s\n", desc);
447 }
448
449 /****************************************************************************
450 display sam sync structure
451 ****************************************************************************/
452 static void display_group_info_ctr(GROUP_INFO_CTR *ctr)
453 {
454 switch (ctr->switch_value1) {
455 case 1: {
456 display_group_info1(&ctr->group.info1);
457 break;
458 }
459 case 3: {
460 display_group_info3(&ctr->group.info3);
461 break;
462 }
463 case 4: {
464 display_group_info4(&ctr->group.info4);
465 break;
466 }
467 }
468 }
469
470 /***********************************************************************
471 * Query group information
472 */
473 static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli,
474 TALLOC_CTX *mem_ctx,
475 int argc, const char **argv)
476 {
477 POLICY_HND connect_pol, domain_pol, group_pol;
478 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
479 uint32 info_level = 1;
480 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
481 GROUP_INFO_CTR *group_ctr;
482 fstring server;
483 uint32 group_rid;
484
485 if ((argc < 2) || (argc > 4)) {
486 printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
487 return NT_STATUS_OK;
488 }
489
490 sscanf(argv[1], "%i", &group_rid);
491
492 if (argc > 2)
493 sscanf(argv[2], "%i", &info_level);
494
495 if (argc > 3)
496 sscanf(argv[3], "%x", &access_mask);
497
498 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
499 strupper_m(server);
500
501 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
502 &connect_pol);
503
504 if (!NT_STATUS_IS_OK(result))
505 goto done;
506
507 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
508 MAXIMUM_ALLOWED_ACCESS,
509 &domain_sid, &domain_pol);
510
511 if (!NT_STATUS_IS_OK(result))
512 goto done;
513
514 result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
515 access_mask,
516 group_rid, &group_pol);
517
518 if (!NT_STATUS_IS_OK(result))
519 goto done;
520
521 result = rpccli_samr_query_groupinfo(cli, mem_ctx, &group_pol,
522 info_level, &group_ctr);
523 if (!NT_STATUS_IS_OK(result)) {
524 goto done;
525 }
526
527 display_group_info_ctr(group_ctr);
528
529 rpccli_samr_close(cli, mem_ctx, &group_pol);
530 rpccli_samr_close(cli, mem_ctx, &domain_pol);
531 rpccli_samr_close(cli, mem_ctx, &connect_pol);
532 done:
533 return result;
534 }
535
536 /* Query groups a user is a member of */
537
538 static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli,
539 TALLOC_CTX *mem_ctx,
540 int argc, const char **argv)
541 {
542 POLICY_HND connect_pol,
543 domain_pol,
544 user_pol;
545 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
546 uint32 num_groups,
547 user_rid;
548 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
549 DOM_GID *user_gids;
550 int i;
551 fstring server;
552
553 if ((argc < 2) || (argc > 3)) {
554 printf("Usage: %s rid [access mask]\n", argv[0]);
555 return NT_STATUS_OK;
556 }
557
558 sscanf(argv[1], "%i", &user_rid);
559
560 if (argc > 2)
561 sscanf(argv[2], "%x", &access_mask);
562
563 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
564 strupper_m(server);
565
566 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
567 &connect_pol);
568
569 if (!NT_STATUS_IS_OK(result))
570 goto done;
571
572 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
573 MAXIMUM_ALLOWED_ACCESS,
574 &domain_sid, &domain_pol);
575
576 if (!NT_STATUS_IS_OK(result))
577 goto done;
578
579 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
580 access_mask,
581 user_rid, &user_pol);
582
583 if (!NT_STATUS_IS_OK(result))
584 goto done;
585
586 result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol,
587 &num_groups, &user_gids);
588
589 if (!NT_STATUS_IS_OK(result))
590 goto done;
591
592 for (i = 0; i < num_groups; i++) {
593 printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
594 user_gids[i].g_rid, user_gids[i].attr);
595 }
596
597 rpccli_samr_close(cli, mem_ctx, &user_pol);
598 rpccli_samr_close(cli, mem_ctx, &domain_pol);
599 rpccli_samr_close(cli, mem_ctx, &connect_pol);
600 done:
601 return result;
602 }
603
604 /* Query aliases a user is a member of */
605
606 static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
607 TALLOC_CTX *mem_ctx,
608 int argc, const char **argv)
609 {
610 POLICY_HND connect_pol, domain_pol;
611 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
612 DOM_SID *sids;
613 size_t num_sids;
614 uint32 num_aliases, *alias_rids;
615 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
616 int i;
617 fstring server;
618 DOM_SID2 *sid2;
619
620 if (argc < 3) {
621 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
622 return NT_STATUS_INVALID_PARAMETER;
623 }
624
625 sids = NULL;
626 num_sids = 0;
627
628 for (i=2; i<argc; i++) {
629 DOM_SID tmp_sid;
630 if (!string_to_sid(&tmp_sid, argv[i])) {
631 printf("%s is not a legal SID\n", argv[i]);
632 return NT_STATUS_INVALID_PARAMETER;
633 }
634 add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids);
635 }
636
637 sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids);
638 if (sid2 == NULL)
639 return NT_STATUS_NO_MEMORY;
640
641 for (i=0; i<num_sids; i++) {
642 sid_copy(&sid2[i].sid, &sids[i]);
643 sid2[i].num_auths = sid2[i].sid.num_auths;
644 }
645
646 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
647 strupper_m(server);
648
649 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
650 &connect_pol);
651
652 if (!NT_STATUS_IS_OK(result))
653 goto done;
654
655 if (StrCaseCmp(argv[1], "domain")==0)
656 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
657 access_mask,
658 &domain_sid, &domain_pol);
659 else if (StrCaseCmp(argv[1], "builtin")==0)
660 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
661 access_mask,
662 &global_sid_Builtin,
663 &domain_pol);
664 else {
665 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
666 return NT_STATUS_INVALID_PARAMETER;
667 }
668
669 if (!NT_STATUS_IS_OK(result))
670 goto done;
671
672 result = rpccli_samr_query_useraliases(cli, mem_ctx, &domain_pol,
673 num_sids, sid2,
674 &num_aliases, &alias_rids);
675
676 if (!NT_STATUS_IS_OK(result))
677 goto done;
678
679 for (i = 0; i < num_aliases; i++) {
680 printf("\tgroup rid:[0x%x]\n", alias_rids[i]);
681 }
682
683 rpccli_samr_close(cli, mem_ctx, &domain_pol);
684 rpccli_samr_close(cli, mem_ctx, &connect_pol);
685 done:
686 return result;
687 }
688
689 /* Query members of a group */
690
691 static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli,
692 TALLOC_CTX *mem_ctx,
693 int argc, const char **argv)
694 {
695 POLICY_HND connect_pol, domain_pol, group_pol;
696 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
697 uint32 num_members, *group_rids, *group_attrs, group_rid;
698 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
699 int i;
700 fstring server;
701
702 if ((argc < 2) || (argc > 3)) {
703 printf("Usage: %s rid [access mask]\n", argv[0]);
704 return NT_STATUS_OK;
705 }
706
707 sscanf(argv[1], "%i", &group_rid);
708
709 if (argc > 2)
710 sscanf(argv[2], "%x", &access_mask);
711
712 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
713 strupper_m(server);
714
715 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
716 &connect_pol);
717
718 if (!NT_STATUS_IS_OK(result))
719 goto done;
720
721 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
722 MAXIMUM_ALLOWED_ACCESS,
723 &domain_sid, &domain_pol);
724
725 if (!NT_STATUS_IS_OK(result))
726 goto done;
727
728 result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
729 access_mask,
730 group_rid, &group_pol);
731
732 if (!NT_STATUS_IS_OK(result))
733 goto done;
734
735 result = rpccli_samr_query_groupmem(cli, mem_ctx, &group_pol,
736 &num_members, &group_rids,
737 &group_attrs);
738
739 if (!NT_STATUS_IS_OK(result))
740 goto done;
741
742 for (i = 0; i < num_members; i++) {
743 printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i],
744 group_attrs[i]);
745 }
746
747 rpccli_samr_close(cli, mem_ctx, &group_pol);
748 rpccli_samr_close(cli, mem_ctx, &domain_pol);
749 rpccli_samr_close(cli, mem_ctx, &connect_pol);
750 done:
751 return result;
752 }
753
754 /* Enumerate domain users */
755
756 static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
757 TALLOC_CTX *mem_ctx,
758 int argc, const char **argv)
759 {
760 POLICY_HND connect_pol, domain_pol;
761 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
762 uint32 start_idx, size, num_dom_users, i;
763 char **dom_users;
764 uint32 *dom_rids;
765 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
766 uint16 acb_mask = ACB_NORMAL;
767 BOOL got_connect_pol = False, got_domain_pol = False;
768
769 if ((argc < 1) || (argc > 3)) {
770 printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
771 return NT_STATUS_OK;
772 }
773
774 if (argc > 1)
775 sscanf(argv[1], "%x", &access_mask);
776
777 if (argc > 2)
778 sscanf(argv[2], "%hx", &acb_mask);
779
780 /* Get sam policy handle */
781
782 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
783 &connect_pol);
784
785 if (!NT_STATUS_IS_OK(result))
786 goto done;
787
788 got_connect_pol = True;
789
790 /* Get domain policy handle */
791
792 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
793 access_mask,
794 &domain_sid, &domain_pol);
795
796 if (!NT_STATUS_IS_OK(result))
797 goto done;
798
799 got_domain_pol = True;
800
801 /* Enumerate domain users */
802
803 start_idx = 0;
804 size = 0xffff;
805
806 do {
807 result = rpccli_samr_enum_dom_users(
808 cli, mem_ctx, &domain_pol, &start_idx, acb_mask,
809 size, &dom_users, &dom_rids, &num_dom_users);
810
811 if (NT_STATUS_IS_OK(result) ||
812 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
813
814 for (i = 0; i < num_dom_users; i++)
815 printf("user:[%s] rid:[0x%x]\n",
816 dom_users[i], dom_rids[i]);
817 }
818
819 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
820
821 done:
822 if (got_domain_pol)
823 rpccli_samr_close(cli, mem_ctx, &domain_pol);
824
825 if (got_connect_pol)
826 rpccli_samr_close(cli, mem_ctx, &connect_pol);
827
828 return result;
829 }
830
831 /* Enumerate domain groups */
832
833 static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
834 TALLOC_CTX *mem_ctx,
835 int argc, const char **argv)
836 {
837 POLICY_HND connect_pol, domain_pol;
838 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
839 uint32 start_idx, size, num_dom_groups, i;
840 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
841 struct acct_info *dom_groups;
842 BOOL got_connect_pol = False, got_domain_pol = False;
843
844 if ((argc < 1) || (argc > 2)) {
845 printf("Usage: %s [access_mask]\n", argv[0]);
846 return NT_STATUS_OK;
847 }
848
849 if (argc > 1)
850 sscanf(argv[1], "%x", &access_mask);
851
852 /* Get sam policy handle */
853
854 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
855 &connect_pol);
856
857 if (!NT_STATUS_IS_OK(result))
858 goto done;
859
860 got_connect_pol = True;
861
862 /* Get domain policy handle */
863
864 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
865 access_mask,
866 &domain_sid, &domain_pol);
867
868 if (!NT_STATUS_IS_OK(result))
869 goto done;
870
871 got_domain_pol = True;
872
873 /* Enumerate domain groups */
874
875 start_idx = 0;
876 size = 0xffff;
877
878 do {
879 result = rpccli_samr_enum_dom_groups(
880 cli, mem_ctx, &domain_pol, &start_idx, size,
881 &dom_groups, &num_dom_groups);
882
883 if (NT_STATUS_IS_OK(result) ||
884 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
885
886 for (i = 0; i < num_dom_groups; i++)
887 printf("group:[%s] rid:[0x%x]\n",
888 dom_groups[i].acct_name,
889 dom_groups[i].rid);
890 }
891
892 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
893
894 done:
895 if (got_domain_pol)
896 rpccli_samr_close(cli, mem_ctx, &domain_pol);
897
898 if (got_connect_pol)
899 rpccli_samr_close(cli, mem_ctx, &connect_pol);
900
901 return result;
902 }
903
904 /* Enumerate alias groups */
905
906 static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli,
907 TALLOC_CTX *mem_ctx,
908 int argc, const char **argv)
909 {
910 POLICY_HND connect_pol, domain_pol;
911 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
912 uint32 start_idx, size, num_als_groups, i;
913 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
914 struct acct_info *als_groups;
915 BOOL got_connect_pol = False, got_domain_pol = False;
916
917 if ((argc < 2) || (argc > 3)) {
918 printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
919 return NT_STATUS_OK;
920 }
921
922 if (argc > 2)
923 sscanf(argv[2], "%x", &access_mask);
924
925 /* Get sam policy handle */
926
927 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
928 &connect_pol);
929
930 if (!NT_STATUS_IS_OK(result))
931 goto done;
932
933 got_connect_pol = True;
934
935 /* Get domain policy handle */
936
937 if (StrCaseCmp(argv[1], "domain")==0)
938 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
939 access_mask,
940 &domain_sid, &domain_pol);
941 else if (StrCaseCmp(argv[1], "builtin")==0)
942 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
943 access_mask,
944 &global_sid_Builtin, &domain_pol);
945 else
946 return NT_STATUS_OK;
947
948 if (!NT_STATUS_IS_OK(result))
949 goto done;
950
951 got_domain_pol = True;
952
953 /* Enumerate alias groups */
954
955 start_idx = 0;
956 size = 0xffff; /* Number of groups to retrieve */
957
958 do {
959 result = rpccli_samr_enum_als_groups(
960 cli, mem_ctx, &domain_pol, &start_idx, size,
961 &als_groups, &num_als_groups);
962
963 if (NT_STATUS_IS_OK(result) ||
964 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
965
966 for (i = 0; i < num_als_groups; i++)
967 printf("group:[%s] rid:[0x%x]\n",
968 als_groups[i].acct_name,
969 als_groups[i].rid);
970 }
971 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
972
973 done:
974 if (got_domain_pol)
975 rpccli_samr_close(cli, mem_ctx, &domain_pol);
976
977 if (got_connect_pol)
978 rpccli_samr_close(cli, mem_ctx, &connect_pol);
979
980 return result;
981 }
982
983 /* Query alias membership */
984
985 static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli,
986 TALLOC_CTX *mem_ctx,
987 int argc, const char **argv)
988 {
989 POLICY_HND connect_pol, domain_pol, alias_pol;
990 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
991 uint32 alias_rid, num_members, i;
992 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
993 DOM_SID *alias_sids;
994
995 if ((argc < 3) || (argc > 4)) {
996 printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
997 return NT_STATUS_OK;
998 }
999
1000 sscanf(argv[2], "%i", &alias_rid);
1001
1002 if (argc > 3)
1003 sscanf(argv[3], "%x", &access_mask);
1004
1005 /* Open SAMR handle */
1006
1007 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1008 &connect_pol);
1009
1010 if (!NT_STATUS_IS_OK(result))
1011 goto done;
1012
1013 /* Open handle on domain */
1014
1015 if (StrCaseCmp(argv[1], "domain")==0)
1016 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1017 MAXIMUM_ALLOWED_ACCESS,
1018 &domain_sid, &domain_pol);
1019 else if (StrCaseCmp(argv[1], "builtin")==0)
1020 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1021 MAXIMUM_ALLOWED_ACCESS,
1022 &global_sid_Builtin, &domain_pol);
1023 else
1024 return NT_STATUS_OK;
1025
1026 if (!NT_STATUS_IS_OK(result))
1027 goto done;
1028
1029 /* Open handle on alias */
1030
1031 result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1032 access_mask,
1033 alias_rid, &alias_pol);
1034 if (!NT_STATUS_IS_OK(result))
1035 goto done;
1036
1037 result = rpccli_samr_query_aliasmem(cli, mem_ctx, &alias_pol,
1038 &num_members, &alias_sids);
1039
1040 if (!NT_STATUS_IS_OK(result))
1041 goto done;
1042
1043 for (i = 0; i < num_members; i++) {
1044 fstring sid_str;
1045
1046 sid_to_string(sid_str, &alias_sids[i]);
1047 printf("\tsid:[%s]\n", sid_str);
1048 }
1049
1050 rpccli_samr_close(cli, mem_ctx, &alias_pol);
1051 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1052 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1053 done:
1054 return result;
1055 }
1056
1057 /* Query display info */
1058
1059 static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli,
1060 TALLOC_CTX *mem_ctx,
1061 int argc, const char **argv)
1062 {
1063 POLICY_HND connect_pol, domain_pol;
1064 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1065 uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i;
1066 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1067 uint32 info_level = 1;
1068 SAM_DISPINFO_CTR ctr;
1069 SAM_DISPINFO_1 info1;
1070 SAM_DISPINFO_2 info2;
1071 SAM_DISPINFO_3 info3;
1072 SAM_DISPINFO_4 info4;
1073 SAM_DISPINFO_5 info5;
1074 int loop_count = 0;
1075 BOOL got_params = False; /* Use get_query_dispinfo_params() or not? */
1076
1077 if (argc > 5) {
1078 printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1079 return NT_STATUS_OK;
1080 }
1081
1082 if (argc >= 2)
1083 sscanf(argv[1], "%i", &info_level);
1084
1085 if (argc >= 3)
1086 sscanf(argv[2], "%i", &start_idx);
1087
1088 if (argc >= 4) {
1089 sscanf(argv[3], "%i", &max_entries);
1090 got_params = True;
1091 }
1092
1093 if (argc >= 5) {
1094 sscanf(argv[4], "%i", &max_size);
1095 got_params = True;
1096 }
1097
1098 if (argc >= 6)
1099 sscanf(argv[5], "%x", &access_mask);
1100
1101 /* Get sam policy handle */
1102
1103 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1104 &connect_pol);
1105
1106 if (!NT_STATUS_IS_OK(result))
1107 goto done;
1108
1109 /* Get domain policy handle */
1110
1111 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1112 access_mask,
1113 &domain_sid, &domain_pol);
1114
1115 if (!NT_STATUS_IS_OK(result))
1116 goto done;
1117
1118 /* Query display info */
1119
1120 ZERO_STRUCT(ctr);
1121 ZERO_STRUCT(info1);
1122
1123 switch (info_level) {
1124 case 1:
1125 ZERO_STRUCT(info1);
1126 ctr.sam.info1 = &info1;
1127 break;
1128 case 2:
1129 ZERO_STRUCT(info2);
1130 ctr.sam.info2 = &info2;
1131 break;
1132 case 3:
1133 ZERO_STRUCT(info3);
1134 ctr.sam.info3 = &info3;
1135 break;
1136 case 4:
1137 ZERO_STRUCT(info4);
1138 ctr.sam.info4 = &info4;
1139 break;
1140 case 5:
1141 ZERO_STRUCT(info5);
1142 ctr.sam.info5 = &info5;
1143 break;
1144 }
1145
1146
1147 do {
1148
1149 if (!got_params)
1150 get_query_dispinfo_params(
1151 loop_count, &max_entries, &max_size);
1152
1153 result = rpccli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
1154 &start_idx, info_level,
1155 &num_entries, max_entries,
1156 max_size, &ctr);
1157
1158 loop_count++;
1159
1160 if (NT_STATUS_IS_ERR(result))
1161 break;
1162
1163 if (num_entries == 0)
1164 break;
1165
1166 for (i = 0; i < num_entries; i++) {
1167 switch (info_level) {
1168 case 1:
1169 display_sam_info_1(&ctr.sam.info1->sam[i], &ctr.sam.info1->str[i]);
1170 break;
1171 case 2:
1172 display_sam_info_2(&ctr.sam.info2->sam[i], &ctr.sam.info2->str[i]);
1173 break;
1174 case 3:
1175 display_sam_info_3(&ctr.sam.info3->sam[i], &ctr.sam.info3->str[i]);
1176 break;
1177 case 4:
1178 display_sam_info_4(&ctr.sam.info4->sam[i], &ctr.sam.info4->str[i]);
1179 break;
1180 case 5:
1181 display_sam_info_5(&ctr.sam.info5->sam[i], &ctr.sam.info5->str[i]);
1182 break;
1183 }
1184 }
1185 } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1186
1187 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1188 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1189 done:
1190 return result;
1191 }
1192
1193 /* Query domain info */
1194
1195 static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli,
1196 TALLOC_CTX *mem_ctx,
1197 int argc, const char **argv)
1198 {
1199 POLICY_HND connect_pol, domain_pol;
1200 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1201 uint32 switch_level = 2;
1202 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1203 SAM_UNK_CTR ctr;
1204
1205 if (argc > 2) {
1206 printf("Usage: %s [info level] [access mask]\n", argv[0]);
1207 return NT_STATUS_OK;
1208 }
1209
1210 if (argc > 1)
1211 sscanf(argv[1], "%i", &switch_level);
1212
1213 if (argc > 2)
1214 sscanf(argv[2], "%x", &access_mask);
1215
1216 /* Get sam policy handle */
1217
1218 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1219 &connect_pol);
1220
1221 if (!NT_STATUS_IS_OK(result))
1222 goto done;
1223
1224 /* Get domain policy handle */
1225
1226 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1227 access_mask,
1228 &domain_sid, &domain_pol);
1229
1230 if (!NT_STATUS_IS_OK(result))
1231 goto done;
1232
1233 /* Query domain info */
1234
1235 result = rpccli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
1236 switch_level, &ctr);
1237
1238 if (!NT_STATUS_IS_OK(result))
1239 goto done;
1240
1241 /* Display domain info */
1242
1243 switch (switch_level) {
1244 case 1:
1245 display_sam_unk_info_1(&ctr.info.inf1);
1246 break;
1247 case 2:
1248 display_sam_unk_info_2(&ctr.info.inf2);
1249 break;
1250 case 7:
1251 display_sam_unk_info_7(&ctr.info.inf7);
1252 break;
1253 case 8:
1254 display_sam_unk_info_8(&ctr.info.inf8);
1255 break;
1256 case 12:
1257 display_sam_unk_info_12(&ctr.info.inf12);
1258 break;
1259 default:
1260 printf("cannot display domain info for switch value %d\n",
1261 switch_level);
1262 break;
1263 }
1264
1265 done:
1266
1267 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1268 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1269 return result;
1270 }
1271
1272 /* Create domain user */
1273
1274 static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
1275 TALLOC_CTX *mem_ctx,
1276 int argc, const char **argv)
1277 {
1278 POLICY_HND connect_pol, domain_pol, user_pol;
1279 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1280 const char *acct_name;
1281 uint16 acb_info;
1282 uint32 unknown, user_rid;
1283 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1284
1285 if ((argc < 2) || (argc > 3)) {
1286 printf("Usage: %s username [access mask]\n", argv[0]);
1287 return NT_STATUS_OK;
1288 }
1289
1290 acct_name = argv[1];
1291
1292 if (argc > 2)
1293 sscanf(argv[2], "%x", &access_mask);
1294
1295 /* Get sam policy handle */
1296
1297 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1298 &connect_pol);
1299
1300 if (!NT_STATUS_IS_OK(result))
1301 goto done;
1302
1303 /* Get domain policy handle */
1304
1305 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1306 access_mask,
1307 &domain_sid, &domain_pol);
1308
1309 if (!NT_STATUS_IS_OK(result))
1310 goto done;
1311
1312 /* Create domain user */
1313
1314 acb_info = ACB_NORMAL;
1315 unknown = 0xe005000b; /* No idea what this is - a permission mask? */
1316
1317 result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1318 acct_name, acb_info, unknown,
1319 &user_pol, &user_rid);
1320
1321 if (!NT_STATUS_IS_OK(result))
1322 goto done;
1323
1324 result = rpccli_samr_close(cli, mem_ctx, &user_pol);
1325 if (!NT_STATUS_IS_OK(result)) goto done;
1326
1327 result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1328 if (!NT_STATUS_IS_OK(result)) goto done;
1329
1330 result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1331 if (!NT_STATUS_IS_OK(result)) goto done;
1332
1333 done:
1334 return result;
1335 }
1336
1337 /* Create domain group */
1338
1339 static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
1340 TALLOC_CTX *mem_ctx,
1341 int argc, const char **argv)
1342 {
1343 POLICY_HND connect_pol, domain_pol, group_pol;
1344 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1345 const char *grp_name;
1346 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1347
1348 if ((argc < 2) || (argc > 3)) {
1349 printf("Usage: %s groupname [access mask]\n", argv[0]);
1350 return NT_STATUS_OK;
1351 }
1352
1353 grp_name = argv[1];
1354
1355 if (argc > 2)
1356 sscanf(argv[2], "%x", &access_mask);
1357
1358 /* Get sam policy handle */
1359
1360 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1361 &connect_pol);
1362
1363 if (!NT_STATUS_IS_OK(result))
1364 goto done;
1365
1366 /* Get domain policy handle */
1367
1368 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1369 access_mask,
1370 &domain_sid, &domain_pol);
1371
1372 if (!NT_STATUS_IS_OK(result))
1373 goto done;
1374
1375 /* Create domain user */
1376
1377 result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol,
1378 grp_name, MAXIMUM_ALLOWED_ACCESS,
1379 &group_pol);
1380
1381 if (!NT_STATUS_IS_OK(result))
1382 goto done;
1383
1384 result = rpccli_samr_close(cli, mem_ctx, &group_pol);
1385 if (!NT_STATUS_IS_OK(result)) goto done;
1386
1387 result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1388 if (!NT_STATUS_IS_OK(result)) goto done;
1389
1390 result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1391 if (!NT_STATUS_IS_OK(result)) goto done;
1392
1393 done:
1394 return result;
1395 }
1396
1397 /* Lookup sam names */
1398
1399 static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli,
1400 TALLOC_CTX *mem_ctx,
1401 int argc, const char **argv)
1402 {
1403 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1404 POLICY_HND connect_pol, domain_pol;
1405 uint32 flags = 0x000003e8; /* Unknown */
1406 uint32 num_rids, num_names, *name_types, *rids;
1407 const char **names;
1408 int i;
1409
1410 if (argc < 3) {
1411 printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
1412 printf("check on the domain SID: S-1-5-21-x-y-z\n");
1413 printf("or check on the builtin SID: S-1-5-32\n");
1414 return NT_STATUS_OK;
1415 }
1416
1417 /* Get sam policy and domain handles */
1418
1419 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1420 &connect_pol);
1421
1422 if (!NT_STATUS_IS_OK(result))
1423 goto done;
1424
1425 if (StrCaseCmp(argv[1], "domain")==0)
1426 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1427 MAXIMUM_ALLOWED_ACCESS,
1428 &domain_sid, &domain_pol);
1429 else if (StrCaseCmp(argv[1], "builtin")==0)
1430 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1431 MAXIMUM_ALLOWED_ACCESS,
1432 &global_sid_Builtin, &domain_pol);
1433 else
1434 return NT_STATUS_OK;
1435
1436 if (!NT_STATUS_IS_OK(result))
1437 goto done;
1438
1439 /* Look up names */
1440
1441 num_names = argc - 2;
1442 names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
1443
1444 for (i = 0; i < argc - 2; i++)
1445 names[i] = argv[i + 2];
1446
1447 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1448 flags, num_names, names,
1449 &num_rids, &rids, &name_types);
1450
1451 if (!NT_STATUS_IS_OK(result))
1452 goto done;
1453
1454 /* Display results */
1455
1456 for (i = 0; i < num_names; i++)
1457 printf("name %s: 0x%x (%d)\n", names[i], rids[i],
1458 name_types[i]);
1459
1460 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1461 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1462 done:
1463 return result;
1464 }
1465
1466 /* Lookup sam rids */
1467
1468 static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
1469 TALLOC_CTX *mem_ctx,
1470 int argc, const char **argv)
1471 {
1472 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1473 POLICY_HND connect_pol, domain_pol;
1474 uint32 num_rids, num_names, *rids, *name_types;
1475 char **names;
1476 int i;
1477
1478 if (argc < 3) {
1479 printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
1480 return NT_STATUS_OK;
1481 }
1482
1483 /* Get sam policy and domain handles */
1484
1485 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1486 &connect_pol);
1487
1488 if (!NT_STATUS_IS_OK(result))
1489 goto done;
1490
1491 if (StrCaseCmp(argv[1], "domain")==0)
1492 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1493 MAXIMUM_ALLOWED_ACCESS,
1494 &domain_sid, &domain_pol);
1495 else if (StrCaseCmp(argv[1], "builtin")==0)
1496 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1497 MAXIMUM_ALLOWED_ACCESS,
1498 &global_sid_Builtin, &domain_pol);
1499 else
1500 return NT_STATUS_OK;
1501
1502 if (!NT_STATUS_IS_OK(result))
1503 goto done;
1504
1505 /* Look up rids */
1506
1507 num_rids = argc - 2;
1508 rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
1509
1510 for (i = 0; i < argc - 2; i++)
1511 sscanf(argv[i + 2], "%i", &rids[i]);
1512
1513 result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
1514 &num_names, &names, &name_types);
1515
1516 if (!NT_STATUS_IS_OK(result) &&
1517 !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1518 goto done;
1519
1520 /* Display results */
1521
1522 for (i = 0; i < num_names; i++)
1523 printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]);
1524
1525 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1526 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1527 done:
1528 return result;
1529 }
1530
1531 /* Delete domain user */
1532
1533 static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli,
1534 TALLOC_CTX *mem_ctx,
1535 int argc, const char **argv)
1536 {
1537 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1538 POLICY_HND connect_pol, domain_pol, user_pol;
1539 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1540
1541 if ((argc < 2) || (argc > 3)) {
1542 printf("Usage: %s username\n", argv[0]);
1543 return NT_STATUS_OK;
1544 }
1545
1546 if (argc > 2)
1547 sscanf(argv[2], "%x", &access_mask);
1548
1549 /* Get sam policy and domain handles */
1550
1551 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1552 &connect_pol);
1553
1554 if (!NT_STATUS_IS_OK(result))
1555 goto done;
1556
1557 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1558 MAXIMUM_ALLOWED_ACCESS,
1559 &domain_sid, &domain_pol);
1560
1561 if (!NT_STATUS_IS_OK(result))
1562 goto done;
1563
1564 /* Get handle on user */
1565
1566 {
1567 uint32 *user_rids, num_rids, *name_types;
1568 uint32 flags = 0x000003e8; /* Unknown */
1569
1570 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1571 flags, 1, (const char **)&argv[1],
1572 &num_rids, &user_rids,
1573 &name_types);
1574
1575 if (!NT_STATUS_IS_OK(result))
1576 goto done;
1577
1578 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1579 access_mask,
1580 user_rids[0], &user_pol);
1581
1582 if (!NT_STATUS_IS_OK(result))
1583 goto done;
1584 }
1585
1586 /* Delete user */
1587
1588 result = rpccli_samr_delete_dom_user(cli, mem_ctx, &user_pol);
1589
1590 if (!NT_STATUS_IS_OK(result))
1591 goto done;
1592
1593 /* Display results */
1594
1595 rpccli_samr_close(cli, mem_ctx, &user_pol);
1596 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1597 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1598
1599 done:
1600 return result;
1601 }
1602
1603 /**********************************************************************
1604 * Query user security object
1605 */
1606 static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
1607 TALLOC_CTX *mem_ctx,
1608 int argc, const char **argv)
1609 {
1610 POLICY_HND connect_pol, domain_pol, user_pol, *pol;
1611 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1612 uint32 info_level = 4;
1613 fstring server;
1614 uint32 user_rid = 0;
1615 TALLOC_CTX *ctx = NULL;
1616 SEC_DESC_BUF *sec_desc_buf=NULL;
1617 BOOL domain = False;
1618
1619 ctx=talloc_init("cmd_samr_query_sec_obj");
1620
1621 if ((argc < 1) || (argc > 2)) {
1622 printf("Usage: %s [rid|-d]\n", argv[0]);
1623 printf("\tSpecify rid for security on user, -d for security on domain\n");
1624 return NT_STATUS_OK;
1625 }
1626
1627 if (argc > 1) {
1628 if (strcmp(argv[1], "-d") == 0)
1629 domain = True;
1630 else
1631 sscanf(argv[1], "%i", &user_rid);
1632 }
1633
1634 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
1635 strupper_m(server);
1636 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1637 &connect_pol);
1638
1639 if (!NT_STATUS_IS_OK(result))
1640 goto done;
1641
1642 if (domain || user_rid)
1643 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1644 MAXIMUM_ALLOWED_ACCESS,
1645 &domain_sid, &domain_pol);
1646
1647 if (!NT_STATUS_IS_OK(result))
1648 goto done;
1649
1650 if (user_rid)
1651 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1652 MAXIMUM_ALLOWED_ACCESS,
1653 user_rid, &user_pol);
1654
1655 if (!NT_STATUS_IS_OK(result))
1656 goto done;
1657
1658 /* Pick which query pol to use */
1659
1660 pol = &connect_pol;
1661
1662 if (domain)
1663 pol = &domain_pol;
1664
1665 if (user_rid)
1666 pol = &user_pol;
1667
1668 /* Query SAM security object */
1669
1670 result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, info_level, ctx,
1671 &sec_desc_buf);
1672
1673 if (!NT_STATUS_IS_OK(result))
1674 goto done;
1675
1676 display_sec_desc(sec_desc_buf->sec);
1677
1678 rpccli_samr_close(cli, mem_ctx, &user_pol);
1679 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1680 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1681 done:
1682 talloc_destroy(ctx);
1683 return result;
1684 }
1685
1686 static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
1687 TALLOC_CTX *mem_ctx,
1688 int argc, const char **argv)
1689 {
1690 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1691 uint16 min_pwd_length;
1692 uint32 password_properties;
1693
1694 if (argc != 1) {
1695 printf("Usage: %s\n", argv[0]);
1696 return NT_STATUS_OK;
1697 }
1698
1699 result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &min_pwd_length, &password_properties) ;
1700
1701 if (NT_STATUS_IS_OK(result)) {
1702 printf("min_pwd_length: %d\n", min_pwd_length);
1703 printf("password_properties: 0x%08x\n", password_properties);
1704
1705 if (password_properties & DOMAIN_PASSWORD_COMPLEX)
1706 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
1707
1708 if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
1709 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
1710
1711 if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
1712 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
1713
1714 if (password_properties & DOMAIN_LOCKOUT_ADMINS)
1715 printf("\tDOMAIN_LOCKOUT_ADMINS\n");
1716
1717 if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
1718 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
1719
1720 if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
1721 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
1722 }
1723
1724 return result;
1725 }
1726
1727 /* Look up domain name */
1728
1729 static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli,
1730 TALLOC_CTX *mem_ctx,
1731 int argc, const char **argv)
1732 {
1733 POLICY_HND connect_pol, domain_pol;
1734 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1735 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1736 fstring domain_name,sid_string;
1737 DOM_SID sid;
1738
1739 if (argc != 2) {
1740 printf("Usage: %s domain_name\n", argv[0]);
1741 return NT_STATUS_OK;
1742 }
1743
1744 sscanf(argv[1], "%s", domain_name);
1745
1746 result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol);
1747
1748 if (!NT_STATUS_IS_OK(result))
1749 goto done;
1750
1751 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1752 access_mask, &domain_sid, &domain_pol);
1753
1754 if (!NT_STATUS_IS_OK(result))
1755 goto done;
1756
1757 result = rpccli_samr_lookup_domain(
1758 cli, mem_ctx, &connect_pol, domain_name, &sid);
1759
1760 sid_to_string(sid_string,&sid);
1761
1762 if (NT_STATUS_IS_OK(result))
1763 printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
1764 domain_name,sid_string);
1765
1766 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1767 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1768 done:
1769 return result;
1770 }
1771
1772
1773 /* List of commands exported by this module */
1774
1775 struct cmd_set samr_commands[] = {
1776
1777 { "SAMR" },
1778
1779 { "queryuser", RPC_RTYPE_NTSTATUS, cmd_samr_query_user, NULL, PI_SAMR, NULL, "Query user info", "" },
1780 { "querygroup", RPC_RTYPE_NTSTATUS, cmd_samr_query_group, NULL, PI_SAMR, NULL, "Query group info", "" },
1781 { "queryusergroups", RPC_RTYPE_NTSTATUS, cmd_samr_query_usergroups, NULL, PI_SAMR, NULL, "Query user groups", "" },
1782 { "queryuseraliases", RPC_RTYPE_NTSTATUS, cmd_samr_query_useraliases, NULL, PI_SAMR, NULL, "Query user aliases", "" },
1783 { "querygroupmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_groupmem, NULL, PI_SAMR, NULL, "Query group membership", "" },
1784 { "queryaliasmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_aliasmem, NULL, PI_SAMR, NULL, "Query alias membership", "" },
1785 { "querydispinfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dispinfo, NULL, PI_SAMR, NULL, "Query display info", "" },
1786 { "querydominfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dominfo, NULL, PI_SAMR, NULL, "Query domain info", "" },
1787 { "enumdomusers", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_users, NULL, PI_SAMR, NULL, "Enumerate domain users", "" },
1788 { "enumdomgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_groups, NULL, PI_SAMR, NULL, "Enumerate domain groups", "" },
1789 { "enumalsgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_als_groups, NULL, PI_SAMR, NULL, "Enumerate alias groups", "" },
1790
1791 { "createdomuser", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user, NULL, PI_SAMR, NULL, "Create domain user", "" },
1792 { "createdomgroup", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group, NULL, PI_SAMR, NULL, "Create domain group", "" },
1793 { "samlookupnames", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names, NULL, PI_SAMR, NULL, "Look up names", "" },
1794 { "samlookuprids", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids, NULL, PI_SAMR, NULL, "Look up names", "" },
1795 { "deletedomuser", RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user, NULL, PI_SAMR, NULL, "Delete domain user", "" },
1796 { "samquerysecobj", RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj, NULL, PI_SAMR, NULL, "Query SAMR security object", "" },
1797 { "getdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
1798
1799 { "lookupdomain", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain, NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
1800 { NULL }
1801 };