diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2008-03-05 19:42:15 +0100 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2008-03-05 19:42:15 +0100 |
| commit | 63036a6f3380652c0cb54627bdeabcd212fa2f8c (patch) | |
| tree | 90194f23cb1e6ca483e7773233c326a9b705f85f /source3/rpcclient | |
| parent | d41d580c600e3228ff8fee5c16c47580f661a240 (diff) | |
| parent | 932c287a406048759fa1ac4bf86e29d96991ded1 (diff) | |
| download | samba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.tar.gz samba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.tar.bz2 samba-63036a6f3380652c0cb54627bdeabcd212fa2f8c.zip | |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 3482cd9b0e81bbc801f1cec33fca82fc45a3ddef)
Diffstat (limited to 'source3/rpcclient')
| -rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 278 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_netlogon.c | 430 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_ntsvcs.c | 189 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_samr.c | 9 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_srvsvc.c | 91 | ||||
| -rw-r--r-- | source3/rpcclient/rpcclient.c | 2 |
6 files changed, 785 insertions, 214 deletions
diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index c014dba676..90f8646810 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -4,6 +4,7 @@ Copyright (C) Tim Potter 2000 Copyright (C) Rafal Szczesniak 2002 + Copyright (C) Guenther Deschner 2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -394,7 +395,7 @@ static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli, } result = rpccli_lsa_open_policy(cli, mem_ctx, True, - POLICY_VIEW_LOCAL_INFORMATION, + LSA_POLICY_VIEW_LOCAL_INFORMATION, &pol); if (!NT_STATUS_IS_OK(result)) @@ -550,8 +551,7 @@ static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli, uint32 enum_context=0; uint32 pref_max_length=0x1000; - DOM_SID *sids; - uint32 count=0; + struct lsa_SidArray sid_array; int i; if (argc > 3) { @@ -572,19 +572,22 @@ static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length, - &count, &sids); + result = rpccli_lsa_EnumAccounts(cli, mem_ctx, + &pol, + &enum_context, + &sid_array, + pref_max_length); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ - printf("found %d SIDs\n\n", count); + printf("found %d SIDs\n\n", sid_array.num_sids); - for (i = 0; i < count; i++) { + for (i = 0; i < sid_array.num_sids; i++) { fstring sid_str; - sid_to_fstring(sid_str, &sids[i]); + sid_to_fstring(sid_str, sid_array.sids[i].sid); printf("%s\n", sid_str); } @@ -650,10 +653,8 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli, POLICY_HND user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 access_desired = 0x000f000f; - DOM_SID sid; - uint32 count=0; - LUID_ATTR *set; + struct lsa_PrivilegeSet *privs = NULL; int i; if (argc != 2 ) { @@ -681,17 +682,22 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set); + result = rpccli_lsa_EnumPrivsAccount(cli, mem_ctx, + &user_pol, + &privs); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ - printf("found %d privileges for SID %s\n\n", count, argv[1]); + printf("found %d privileges for SID %s\n\n", privs->count, argv[1]); printf("high\tlow\tattribute\n"); - for (i = 0; i < count; i++) { - printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr); + for (i = 0; i < privs->count; i++) { + printf("%u\t%u\t%u\n", + privs->set[i].luid.high, + privs->set[i].luid.low, + privs->set[i].attribute); } rpccli_lsa_Close(cli, mem_ctx, &dom_pol); @@ -708,10 +714,8 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli, { POLICY_HND dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DOM_SID sid; - uint32 count; - char **rights; + struct lsa_RightSet rights; int i; @@ -731,16 +735,19 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, &sid, &count, &rights); + result = rpccli_lsa_EnumAccountRights(cli, mem_ctx, + &dom_pol, + &sid, + &rights); if (!NT_STATUS_IS_OK(result)) goto done; - printf("found %d privileges for SID %s\n", count, + printf("found %d privileges for SID %s\n", rights.count, sid_string_tos(&sid)); - for (i = 0; i < count; i++) { - printf("\t%s\n", rights[i]); + for (i = 0; i < rights.count; i++) { + printf("\t%s\n", rights.names[i].string); } rpccli_lsa_Close(cli, mem_ctx, &dom_pol); @@ -757,8 +764,9 @@ static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli, { POLICY_HND dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - + struct lsa_RightSet rights; DOM_SID sid; + int i; if (argc < 3 ) { printf("Usage: %s SID [rights...]\n", argv[0]); @@ -776,8 +784,21 @@ static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid, - argc-2, argv+2); + rights.count = argc-2; + rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge, + rights.count); + if (!rights.names) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; i<argc-1; i++) { + init_lsa_StringLarge(&rights.names[i], argv[i+2]); + } + + result = rpccli_lsa_AddAccountRights(cli, mem_ctx, + &dom_pol, + &sid, + &rights); if (!NT_STATUS_IS_OK(result)) goto done; @@ -796,8 +817,9 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli, { POLICY_HND dom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - + struct lsa_RightSet rights; DOM_SID sid; + int i; if (argc < 3 ) { printf("Usage: %s SID [rights...]\n", argv[0]); @@ -815,8 +837,22 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid, - False, argc-2, argv+2); + rights.count = argc-2; + rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge, + rights.count); + if (!rights.names) { + return NT_STATUS_NO_MEMORY; + } + + for (i=0; i<argc-2; i++) { + init_lsa_StringLarge(&rights.names[i], argv[i+2]); + } + + result = rpccli_lsa_RemoveAccountRights(cli, mem_ctx, + &dom_pol, + &sid, + false, + &rights); if (!NT_STATUS_IS_OK(result)) goto done; @@ -836,7 +872,8 @@ static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli, { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LUID luid; + struct lsa_LUID luid; + struct lsa_String name; if (argc != 2 ) { printf("Usage: %s name\n", argv[0]); @@ -850,7 +887,12 @@ static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_lookup_priv_value(cli, mem_ctx, &pol, argv[1], &luid); + init_lsa_String(&name, argv[1]); + + result = rpccli_lsa_LookupPrivValue(cli, mem_ctx, + &pol, + &name, + &luid); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1130,6 +1172,176 @@ static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli, return result; } +static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + POLICY_HND dom_pol, user_pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + struct lsa_PrivilegeSet privs; + struct lsa_LUIDAttribute *set = NULL; + DOM_SID sid; + int i; + + ZERO_STRUCT(privs); + + if (argc < 3 ) { + printf("Usage: %s SID [rights...]\n", argv[0]); + return NT_STATUS_OK; + } + + result = name_to_sid(cli, mem_ctx, &sid, argv[1]); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = rpccli_lsa_open_policy2(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &dom_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = rpccli_lsa_OpenAccount(cli, mem_ctx, + &dom_pol, + &sid, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &user_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + for (i=2; i<argc; i++) { + + struct lsa_String priv_name; + struct lsa_LUID luid; + + init_lsa_String(&priv_name, argv[i]); + + result = rpccli_lsa_LookupPrivValue(cli, mem_ctx, + &dom_pol, + &priv_name, + &luid); + if (!NT_STATUS_IS_OK(result)) { + continue; + } + + privs.count++; + set = TALLOC_REALLOC_ARRAY(mem_ctx, set, + struct lsa_LUIDAttribute, + privs.count); + if (!set) { + return NT_STATUS_NO_MEMORY; + } + + set[privs.count-1].luid = luid; + set[privs.count-1].attribute = 0; + } + + privs.set = set; + + result = rpccli_lsa_AddPrivilegesToAccount(cli, mem_ctx, + &user_pol, + &privs); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + rpccli_lsa_Close(cli, mem_ctx, &user_pol); + rpccli_lsa_Close(cli, mem_ctx, &dom_pol); + done: + return result; +} + +static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + POLICY_HND dom_pol, user_pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + struct lsa_PrivilegeSet privs; + struct lsa_LUIDAttribute *set = NULL; + DOM_SID sid; + int i; + + ZERO_STRUCT(privs); + + if (argc < 3 ) { + printf("Usage: %s SID [rights...]\n", argv[0]); + return NT_STATUS_OK; + } + + result = name_to_sid(cli, mem_ctx, &sid, argv[1]); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = rpccli_lsa_open_policy2(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &dom_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = rpccli_lsa_OpenAccount(cli, mem_ctx, + &dom_pol, + &sid, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &user_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + for (i=2; i<argc; i++) { + + struct lsa_String priv_name; + struct lsa_LUID luid; + + init_lsa_String(&priv_name, argv[i]); + + result = rpccli_lsa_LookupPrivValue(cli, mem_ctx, + &dom_pol, + &priv_name, + &luid); + if (!NT_STATUS_IS_OK(result)) { + continue; + } + + privs.count++; + set = TALLOC_REALLOC_ARRAY(mem_ctx, set, + struct lsa_LUIDAttribute, + privs.count); + if (!set) { + return NT_STATUS_NO_MEMORY; + } + + set[privs.count-1].luid = luid; + set[privs.count-1].attribute = 0; + } + + privs.set = set; + + + result = rpccli_lsa_RemovePrivilegesFromAccount(cli, mem_ctx, + &user_pol, + false, + &privs); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + rpccli_lsa_Close(cli, mem_ctx, &user_pol); + rpccli_lsa_Close(cli, mem_ctx, &dom_pol); + done: + return result; +} + /* List of commands exported by this module */ @@ -1148,10 +1360,8 @@ struct cmd_set lsarpc_commands[] = { { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, PI_LSARPC, NULL, "Create a new lsa account", "" }, { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, NULL, "Enumerate the privileges of an SID", "" }, { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, NULL, "Enumerate the rights of an SID", "" }, -#if 0 - { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, PI_LSARPC, "Assign a privilege to a SID", "" }, - { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, PI_LSARPC, "Revoke a privilege from a SID", "" }, -#endif + { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, PI_LSARPC, NULL, "Assign a privilege to a SID", "" }, + { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, PI_LSARPC, NULL, "Revoke a privilege from a SID", "" }, { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, NULL, "Add rights to an account", "" }, { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, NULL, "Remove rights from an account", "" }, { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, PI_LSARPC, NULL, "Get a privilege value given its name", "" }, diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index a752003e8d..95d79b5825 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -3,6 +3,7 @@ RPC pipe client Copyright (C) Tim Potter 2000 + Copyright (C) Guenther Deschner 2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,27 +22,68 @@ #include "includes.h" #include "rpcclient.h" -static NTSTATUS cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) +static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) { - uint32 query_level = 1; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr; + const char *logon_server = cli->cli->desthost; + enum netr_LogonControlCode function_code = NETLOGON_CONTROL_REDISCOVER; + uint32_t level = 1; + union netr_CONTROL_DATA_INFORMATION data; + union netr_CONTROL_QUERY_INFORMATION query; + const char *domain = lp_workgroup(); - if (argc > 1) { - fprintf(stderr, "Usage: %s\n", argv[0]); - return NT_STATUS_OK; + if (argc > 5) { + fprintf(stderr, "Usage: %s <logon_server> <function_code> " + "<level> <domain>\n", argv[0]); + return WERR_OK; } - result = rpccli_netlogon_logon_ctrl2(cli, mem_ctx, query_level); + if (argc >= 2) { + logon_server = argv[1]; + } - if (!NT_STATUS_IS_OK(result)) - goto done; + if (argc >= 3) { + function_code = atoi(argv[2]); + } + + if (argc >= 4) { + level = atoi(argv[3]); + } + + if (argc >= 5) { + domain = argv[4]; + } + + switch (function_code) { + case NETLOGON_CONTROL_REDISCOVER: + case NETLOGON_CONTROL_TC_QUERY: + data.domain = domain; + break; + default: + break; + } + + status = rpccli_netr_LogonControl2(cli, mem_ctx, + logon_server, + function_code, + level, + &data, + &query, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (!W_ERROR_IS_OK(werr)) { + return werr; + } /* Display results */ - done: - return result; + return werr; } static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli, @@ -348,169 +390,292 @@ static WERROR cmd_netlogon_dsr_getsitename(struct rpc_pipe_client *cli, return WERR_OK; } -static NTSTATUS cmd_netlogon_logon_ctrl(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) +static WERROR cmd_netlogon_logon_ctrl(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) { -#if 0 - uint32 query_level = 1; -#endif - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr; + const char *logon_server = cli->cli->desthost; + enum netr_LogonControlCode function_code = 1; + uint32_t level = 1; + union netr_CONTROL_QUERY_INFORMATION info; + + if (argc > 4) { + fprintf(stderr, "Usage: %s <logon_server> <function_code> " + "<level>\n", argv[0]); + return WERR_OK; + } - if (argc > 1) { - fprintf(stderr, "Usage: %s\n", argv[0]); - return NT_STATUS_OK; + if (argc >= 2) { + logon_server = argv[1]; } -#if 0 - result = cli_netlogon_logon_ctrl(cli, mem_ctx, query_level); - if (!NT_STATUS_IS_OK(result)) { - goto done; + if (argc >= 3) { + function_code = atoi(argv[2]); + } + + if (argc >= 4) { + level = atoi(argv[3]); + } + + status = rpccli_netr_LogonControl(cli, mem_ctx, + logon_server, + function_code, + level, + &info, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (!W_ERROR_IS_OK(werr)) { + return werr; } -#endif /* Display results */ - return result; + return werr; } /* Display sam synchronisation information */ -static void display_sam_sync(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, - SAM_DELTA_CTR *deltas) +static void display_sam_sync(struct netr_DELTA_ENUM_ARRAY *r) { - fstring name; - uint32 i, j; - - for (i = 0; i < num_deltas; i++) { - switch (hdr_deltas[i].type) { - case SAM_DELTA_DOMAIN_INFO: - unistr2_to_ascii(name, - &deltas[i].domain_info.uni_dom_name, - sizeof(name)); - printf("Domain: %s\n", name); - break; - case SAM_DELTA_GROUP_INFO: - unistr2_to_ascii(name, - &deltas[i].group_info.uni_grp_name, - sizeof(name)); - printf("Group: %s\n", name); - break; - case SAM_DELTA_ACCOUNT_INFO: - unistr2_to_ascii(name, - &deltas[i].account_info.uni_acct_name, - sizeof(name)); - printf("Account: %s\n", name); - break; - case SAM_DELTA_ALIAS_INFO: - unistr2_to_ascii(name, - &deltas[i].alias_info.uni_als_name, - sizeof(name)); - printf("Alias: %s\n", name); - break; - case SAM_DELTA_ALIAS_MEM: { - SAM_ALIAS_MEM_INFO *alias = &deltas[i].als_mem_info; - - for (j = 0; j < alias->num_members; j++) { - fstring sid_str; - - sid_to_fstring(sid_str, &alias->sids[j].sid); - - printf("%s\n", sid_str); - } - break; - } - case SAM_DELTA_GROUP_MEM: { - SAM_GROUP_MEM_INFO *group = &deltas[i].grp_mem_info; - - for (j = 0; j < group->num_members; j++) - printf("rid 0x%x, attrib 0x%08x\n", - group->rids[j], group->attribs[j]); - break; - } - case SAM_DELTA_MODIFIED_COUNT: { - SAM_DELTA_MOD_COUNT *mc = &deltas[i].mod_count; - - printf("sam sequence update: 0x%04x\n", mc->seqnum); - break; - } - default: - printf("unknown delta type 0x%02x\n", - hdr_deltas[i].type); - break; - } - } + uint32_t i, j; + + for (i=0; i < r->num_deltas; i++) { + + union netr_DELTA_UNION u = r->delta_enum[i].delta_union; + union netr_DELTA_ID_UNION id = r->delta_enum[i].delta_id_union; + + switch (r->delta_enum[i].delta_type) { + case NETR_DELTA_DOMAIN: + printf("Domain: %s\n", + u.domain->domain_name.string); + break; + case NETR_DELTA_GROUP: + printf("Group: %s\n", + u.group->group_name.string); + break; + case NETR_DELTA_DELETE_GROUP: + printf("Delete Group: %d\n", + u.delete_account.unknown); + break; + case NETR_DELTA_RENAME_GROUP: + printf("Rename Group: %s -> %s\n", + u.rename_group->OldName.string, + u.rename_group->NewName.string); + break; + case NETR_DELTA_USER: + printf("Account: %s\n", + u.user->account_name.string); + break; + case NETR_DELTA_DELETE_USER: + printf("Delete User: %d\n", + id.rid); + break; + case NETR_DELTA_RENAME_USER: + printf("Rename user: %s -> %s\n", + u.rename_user->OldName.string, + u.rename_user->NewName.string); + break; + case NETR_DELTA_GROUP_MEMBER: + for (j=0; j < u.group_member->num_rids; j++) { + printf("rid 0x%x, attrib 0x%08x\n", + u.group_member->rids[j], + u.group_member->attribs[j]); + } + break; + case NETR_DELTA_ALIAS: + printf("Alias: %s\n", + u.alias->alias_name.string); + break; + case NETR_DELTA_DELETE_ALIAS: + printf("Delete Alias: %d\n", + r->delta_enum[i].delta_id_union.rid); + break; + case NETR_DELTA_RENAME_ALIAS: + printf("Rename alias: %s -> %s\n", + u.rename_alias->OldName.string, + u.rename_alias->NewName.string); + break; + case NETR_DELTA_ALIAS_MEMBER: + for (j=0; j < u.alias_member->sids.num_sids; j++) { + fstring sid_str; + sid_to_fstring(sid_str, + u.alias_member->sids.sids[j].sid); + printf("%s\n", sid_str); + } + break; + case NETR_DELTA_POLICY: + printf("Policy\n"); + break; + case NETR_DELTA_TRUSTED_DOMAIN: + printf("Trusted Domain: %s\n", + u.trusted_domain->domain_name.string); + break; + case NETR_DELTA_DELETE_TRUST: + printf("Delete Trust: %d\n", + u.delete_trust.unknown); + break; + case NETR_DELTA_ACCOUNT: + printf("Account\n"); + break; + case NETR_DELTA_DELETE_ACCOUNT: + printf("Delete Account: %d\n", + u.delete_account.unknown); + break; + case NETR_DELTA_SECRET: + printf("Secret\n"); + break; + case NETR_DELTA_DELETE_SECRET: + printf("Delete Secret: %d\n", + u.delete_secret.unknown); + break; + case NETR_DELTA_DELETE_GROUP2: + printf("Delete Group2: %s\n", + u.delete_group->account_name); + break; + case NETR_DELTA_DELETE_USER2: + printf("Delete User2: %s\n", + u.delete_user->account_name); + break; + case NETR_DELTA_MODIFY_COUNT: + printf("sam sequence update: 0x%016llx\n", + (unsigned long long) *u.modified_count); + break; + default: + printf("unknown delta type 0x%02x\n", + r->delta_enum[i].delta_type); + break; + } + } } /* Perform sam synchronisation */ -static NTSTATUS cmd_netlogon_sam_sync(struct rpc_pipe_client *cli, +static NTSTATUS cmd_netlogon_sam_sync(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 database_id = 0, num_deltas; - SAM_DELTA_HDR *hdr_deltas; - SAM_DELTA_CTR *deltas; + const char *logon_server = cli->cli->desthost; + const char *computername = global_myname(); + struct netr_Authenticator credential; + struct netr_Authenticator return_authenticator; + enum netr_SamDatabaseID database_id = SAM_DATABASE_DOMAIN; + uint16_t restart_state = 0; + uint32_t sync_context = 0; if (argc > 2) { fprintf(stderr, "Usage: %s [database_id]\n", argv[0]); return NT_STATUS_OK; } - if (argc == 2) - database_id = atoi(argv[1]); + if (argc == 2) { + database_id = atoi(argv[1]); + } - /* Synchronise sam database */ + /* Synchronise sam database */ + + do { + struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; + + netlogon_creds_client_step(cli->dc, &credential); + + result = rpccli_netr_DatabaseSync2(cli, mem_ctx, + logon_server, + computername, + &credential, + &return_authenticator, + database_id, + restart_state, + &sync_context, + &delta_enum_array, + 0xffff); + + /* Check returned credentials. */ + if (!netlogon_creds_client_check(cli->dc, + &return_authenticator.cred)) { + DEBUG(0,("credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } - result = rpccli_netlogon_sam_sync(cli, mem_ctx, database_id, - 0, &num_deltas, &hdr_deltas, &deltas); + if (NT_STATUS_IS_ERR(result)) { + break; + } - if (!NT_STATUS_IS_OK(result)) - goto done; + /* Display results */ - /* Display results */ + display_sam_sync(delta_enum_array); - display_sam_sync(num_deltas, hdr_deltas, deltas); + TALLOC_FREE(delta_enum_array); - done: - return result; + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); + + return result; } /* Perform sam delta synchronisation */ -static NTSTATUS cmd_netlogon_sam_deltas(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) +static NTSTATUS cmd_netlogon_sam_deltas(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 database_id, num_deltas, tmp; - SAM_DELTA_HDR *hdr_deltas; - SAM_DELTA_CTR *deltas; - uint64 seqnum; + uint32_t tmp; + const char *logon_server = cli->cli->desthost; + const char *computername = global_myname(); + struct netr_Authenticator credential; + struct netr_Authenticator return_authenticator; + enum netr_SamDatabaseID database_id = SAM_DATABASE_DOMAIN; + uint64_t sequence_num; + + if (argc != 3) { + fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]); + return NT_STATUS_OK; + } - if (argc != 3) { - fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]); - return NT_STATUS_OK; - } + database_id = atoi(argv[1]); + tmp = atoi(argv[2]); - database_id = atoi(argv[1]); - tmp = atoi(argv[2]); + sequence_num = tmp & 0xffff; - seqnum = tmp & 0xffff; + do { + struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; - result = rpccli_netlogon_sam_deltas(cli, mem_ctx, database_id, - seqnum, &num_deltas, - &hdr_deltas, &deltas); + netlogon_creds_client_step(cli->dc, &credential); - if (!NT_STATUS_IS_OK(result)) - goto done; + result = rpccli_netr_DatabaseDeltas(cli, mem_ctx, + logon_server, + computername, + &credential, + &return_authenticator, + database_id, + &sequence_num, + &delta_enum_array, + 0xffff); - /* Display results */ + /* Check returned credentials. */ + if (!netlogon_creds_client_check(cli->dc, + &return_authenticator.cred)) { + DEBUG(0,("credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + + if (NT_STATUS_IS_ERR(result)) { + break; + } + + /* Display results */ + + display_sam_sync(delta_enum_array); + + TALLOC_FREE(delta_enum_array); + + } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - display_sam_sync(num_deltas, hdr_deltas, deltas); - - done: return result; } @@ -837,14 +1002,13 @@ static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli, } - /* List of commands exported by this module */ struct cmd_set netlogon_commands[] = { { "NETLOGON" }, - { "logonctrl2", RPC_RTYPE_NTSTATUS, cmd_netlogon_logon_ctrl2, NULL, PI_NETLOGON, NULL, "Logon Control 2", "" }, + { "logonctrl2", RPC_RTYPE_WERROR, NULL, cmd_netlogon_logon_ctrl2, PI_NETLOGON, NULL, "Logon Control 2", "" }, { "getanydcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_getanydcname, PI_NETLOGON, NULL, "Get trusted DC name", "" }, { "getdcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_getdcname, PI_NETLOGON, NULL, "Get trusted PDC name", "" }, { "dsr_getdcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcname, PI_NETLOGON, NULL, "Get trusted DC name", "" }, @@ -852,7 +1016,7 @@ struct cmd_set netlogon_commands[] = { { "dsr_getdcnameex2", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcnameex2, PI_NETLOGON, NULL, "Get trusted DC name", "" }, { "dsr_getsitename", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getsitename, PI_NETLOGON, NULL, "Get sitename", "" }, { "dsr_getforesttrustinfo", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getforesttrustinfo, PI_NETLOGON, NULL, "Get Forest Trust Info", "" }, - { "logonctrl", RPC_RTYPE_NTSTATUS, cmd_netlogon_logon_ctrl, NULL, PI_NETLOGON, NULL, "Logon Control", "" }, + { "logonctrl", RPC_RTYPE_WERROR, NULL, cmd_netlogon_logon_ctrl, PI_NETLOGON, NULL, "Logon Control", "" }, { "samsync", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_sync, NULL, PI_NETLOGON, NULL, "Sam Synchronisation", "" }, { "samdeltas", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_deltas, NULL, PI_NETLOGON, NULL, "Query Sam Deltas", "" }, { "samlogon", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_logon, NULL, PI_NETLOGON, NULL, "Sam Logon", "" }, diff --git a/source3/rpcclient/cmd_ntsvcs.c b/source3/rpcclient/cmd_ntsvcs.c new file mode 100644 index 0000000000..b7b37e2fa6 --- /dev/null +++ b/source3/rpcclient/cmd_ntsvcs.c @@ -0,0 +1,189 @@ +/* + Unix SMB/CIFS implementation. + RPC pipe client + + Copyright (C) Günther Deschner 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "rpcclient.h" + +static WERROR cmd_ntsvcs_get_version(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + uint16_t version; + + status = rpccli_PNP_GetVersion(cli, mem_ctx, + &version, &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (W_ERROR_IS_OK(werr)) { + printf("version: %d\n", version); + } + + return werr; +} + +static WERROR cmd_ntsvcs_validate_dev_inst(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + const char *devicepath = NULL; + uint32_t flags = 0; + + if (argc < 2 || argc > 3) { + printf("usage: %s [devicepath] <flags>\n", argv[0]); + return WERR_OK; + } + + devicepath = argv[1]; + + if (argc >= 3) { + flags = atoi(argv[2]); + } + + status = rpccli_PNP_ValidateDeviceInstance(cli, mem_ctx, + devicepath, + flags, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + return werr; +} + +static WERROR cmd_ntsvcs_get_device_list_size(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + const char *devicename = NULL; + uint32_t flags = 0; + uint32_t size = 0; + + if (argc < 2 || argc > 4) { + printf("usage: %s [devicename] <flags>\n", argv[0]); + return WERR_OK; + } + + devicename = argv[1]; + + if (argc >= 3) { + flags = atoi(argv[2]); + } + + status = rpccli_PNP_GetDeviceListSize(cli, mem_ctx, + devicename, + &size, + flags, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (W_ERROR_IS_OK(werr)) { + printf("size: %d\n", size); + } + + return werr; +} + +static WERROR cmd_ntsvcs_hw_prof_flags(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + const char *devicepath = NULL; + uint32_t unk3 = 0; + uint16_t unk4 = 0; + const char *unk5 = NULL; + const char *unk5a = NULL; + + if (argc < 2) { + printf("usage: %s [devicepath]\n", argv[0]); + return WERR_OK; + } + + devicepath = argv[1]; + + status = rpccli_PNP_HwProfFlags(cli, mem_ctx, + 0, + devicepath, + 0, + &unk3, + &unk4, + unk5, + &unk5a, + 0, + 0, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + return werr; +} + +static WERROR cmd_ntsvcs_get_hw_prof_info(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + uint32_t idx = 0; + struct PNP_HwProfInfo info; + uint32_t unknown1 = 0, unknown2 = 0; + + ZERO_STRUCT(info); + + status = rpccli_PNP_GetHwProfInfo(cli, mem_ctx, + idx, + &info, + unknown1, + unknown2, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + return werr; +} + +struct cmd_set ntsvcs_commands[] = { + + { "NTSVCS" }, + { "ntsvcs_getversion", RPC_RTYPE_WERROR, NULL, cmd_ntsvcs_get_version, PI_NTSVCS, NULL, "Query NTSVCS version", "" }, + { "ntsvcs_validatedevinst", RPC_RTYPE_WERROR, NULL, cmd_ntsvcs_validate_dev_inst, PI_NTSVCS, NULL, "Query NTSVCS device instance", "" }, + { "ntsvcs_getdevlistsize", RPC_RTYPE_WERROR, NULL, cmd_ntsvcs_get_device_list_size, PI_NTSVCS, NULL, "Query NTSVCS get device list", "" }, + { "ntsvcs_hwprofflags", RPC_RTYPE_WERROR, NULL, cmd_ntsvcs_hw_prof_flags, PI_NTSVCS, NULL, "Query NTSVCS HW prof flags", "" }, + { "ntsvcs_hwprofinfo", RPC_RTYPE_WERROR, NULL, cmd_ntsvcs_get_hw_prof_info, PI_NTSVCS, NULL, "Query NTSVCS HW prof info", "" }, + { NULL } +}; diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index f8b8ba893c..2d20afeb13 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -6,6 +6,7 @@ Copyright (C) Luke Kenneth Casson Leighton 1996-2000, Copyright (C) Elrond 2000, Copyright (C) Tim Potter 2000 + Copyright (C) Guenther Deschner 2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1044,8 +1045,8 @@ static NTSTATUS cmd_samr_enum_domains(struct rpc_pipe_client *cli, return NT_STATUS_OK; } - if (argc > 2) { - sscanf(argv[2], "%x", &access_mask); + if (argc > 1) { + sscanf(argv[1], "%x", &access_mask); } /* Get sam policy handle */ @@ -1194,11 +1195,11 @@ static NTSTATUS cmd_samr_query_aliasinfo(struct rpc_pipe_client *cli, sscanf(argv[2], "%i", &alias_rid); - if (argc > 3) { + if (argc > 2) { level = atoi(argv[3]); } - if (argc > 4) { + if (argc > 3) { sscanf(argv[4], "%x", &access_mask); } diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c index 572609981d..2e84f0498f 100644 --- a/source3/rpcclient/cmd_srvsvc.c +++ b/source3/rpcclient/cmd_srvsvc.c @@ -130,51 +130,37 @@ static char *get_server_type_str(uint32 type) return typestr; } -static void display_server(char *sname, uint32 type, const char *comment) +static void display_server(const char *sname, uint32 type, const char *comment) { printf("\t%-15.15s%-20s %s\n", sname, get_server_type_str(type), comment); } -static void display_srv_info_101(SRV_INFO_101 *sv101) +static void display_srv_info_101(struct srvsvc_NetSrvInfo101 *r) { - fstring name; - fstring comment; + display_server(r->server_name, r->server_type, r->comment); - unistr2_to_ascii(name, &sv101->uni_name, sizeof(name)); - unistr2_to_ascii(comment, &sv101->uni_comment, sizeof(comment)); - - display_server(name, sv101->srv_type, comment); - - printf("\tplatform_id :\t%d\n", sv101->platform_id); - printf("\tos version :\t%d.%d\n", sv101->ver_major, - sv101->ver_minor); - - printf("\tserver type :\t0x%x\n", sv101->srv_type); + printf("\tplatform_id :\t%d\n", r->platform_id); + printf("\tos version :\t%d.%d\n", + r->version_major, r->version_minor); + printf("\tserver type :\t0x%x\n", r->server_type); } -static void display_srv_info_102(SRV_INFO_102 *sv102) +static void display_srv_info_102(struct srvsvc_NetSrvInfo102 *r) { - fstring name; - fstring comment; - fstring usr_path; - - unistr2_to_ascii(name, &sv102->uni_name, sizeof(name)); - unistr2_to_ascii(comment, &sv102->uni_comment, sizeof(comment)); - unistr2_to_ascii(usr_path, &sv102->uni_usr_path, sizeof(usr_path)); - - display_server(name, sv102->srv_type, comment); - - printf("\tplatform_id :\t%d\n", sv102->platform_id); - printf("\tos version :\t%d.%d\n", sv102->ver_major, - sv102->ver_minor); - - printf("\tusers :\t%x\n", sv102->users); - printf("\tdisc, hidden :\t%x, %x\n", sv102->disc, sv102->hidden); - printf("\tannounce, delta :\t%d, %d\n", sv102->announce, - sv102->ann_delta); - printf("\tlicenses :\t%d\n", sv102->licenses); - printf("\tuser path :\t%s\n", usr_path); + display_server(r->server_name, r->server_type, r->comment); + + printf("\tplatform_id :\t%d\n", r->platform_id); + printf("\tos version :\t%d.%d\n", + r->version_major, r->version_minor); + printf("\tserver type :\t0x%x\n", r->server_type); + + printf("\tusers :\t%x\n", r->users); + printf("\tdisc, hidden :\t%x, %x\n", r->disc, r->hidden); + printf("\tannounce, delta :\t%d, %d\n", r->announce, + r->anndelta); + printf("\tlicenses :\t%d\n", r->licenses); + printf("\tuser path :\t%s\n", r->userpath); } /* Server query info */ @@ -183,8 +169,10 @@ static WERROR cmd_srvsvc_srv_query_info(struct rpc_pipe_client *cli, int argc, const char **argv) { uint32 info_level = 101; - SRV_INFO_CTR ctr; + union srvsvc_NetSrvInfo info; WERROR result; + NTSTATUS status; + const char *server_name; if (argc > 2) { printf("Usage: %s [infolevel]\n", argv[0]); @@ -194,8 +182,18 @@ static WERROR cmd_srvsvc_srv_query_info(struct rpc_pipe_client *cli, if (argc == 2) info_level = atoi(argv[1]); - result = rpccli_srvsvc_net_srv_get_info(cli, mem_ctx, info_level, - &ctr); + server_name = talloc_asprintf_strupper_m(mem_ctx, "\\\\%s", + cli->cli->desthost); + W_ERROR_HAVE_NO_MEMORY(server_name); + + status = rpccli_srvsvc_NetSrvGetInfo(cli, mem_ctx, + server_name, + info_level, + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } if (!W_ERROR_IS_OK(result)) { goto done; @@ -205,10 +203,10 @@ static WERROR cmd_srvsvc_srv_query_info(struct rpc_pipe_client *cli, switch (info_level) { case 101: - display_srv_info_101(&ctr.srv.sv101); + display_srv_info_101(info.info101); break; case 102: - display_srv_info_102(&ctr.srv.sv102); + display_srv_info_102(info.info102); break; default: printf("unsupported info level %d\n", info_level); @@ -404,9 +402,10 @@ static WERROR cmd_srvsvc_net_remote_tod(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { - TIME_OF_DAY_INFO tod; + struct srvsvc_NetRemoteTODInfo *tod = NULL; fstring srv_name_slash; WERROR result; + NTSTATUS status; if (argc > 1) { printf("Usage: %s\n", argv[0]); @@ -414,8 +413,14 @@ static WERROR cmd_srvsvc_net_remote_tod(struct rpc_pipe_client *cli, } fstr_sprintf(srv_name_slash, "\\\\%s", cli->cli->desthost); - result = rpccli_srvsvc_net_remote_tod( - cli, mem_ctx, srv_name_slash, &tod); + status = rpccli_srvsvc_NetRemoteTOD(cli, mem_ctx, + srv_name_slash, + &tod, + &result); + if (!NT_STATUS_IS_OK(status)) { + result = ntstatus_to_werror(status); + goto done; + } if (!W_ERROR_IS_OK(result)) goto done; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 4a9b4acb7d..5e87058111 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -503,6 +503,7 @@ extern struct cmd_set echo_commands[]; extern struct cmd_set shutdown_commands[]; extern struct cmd_set test_commands[]; extern struct cmd_set wkssvc_commands[]; +extern struct cmd_set ntsvcs_commands[]; static struct cmd_set *rpcclient_command_list[] = { rpcclient_commands, @@ -517,6 +518,7 @@ static struct cmd_set *rpcclient_command_list[] = { shutdown_commands, test_commands, wkssvc_commands, + ntsvcs_commands, NULL }; |