summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/ntdomain.h4
-rw-r--r--source3/include/proto.h36
-rw-r--r--source3/lib/util.c35
-rw-r--r--source3/lib/util_sid.c2
-rw-r--r--source3/rpc_client/cli_samr.c107
-rw-r--r--source3/rpcclient/cmd_samr.c405
-rw-r--r--source3/rpcclient/display.c71
7 files changed, 488 insertions, 172 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h
index 3f2461af95..120426d182 100644
--- a/source3/include/ntdomain.h
+++ b/source3/include/ntdomain.h
@@ -150,6 +150,10 @@ struct acct_info
* higher order functions for use with msrpc client code
*/
+#define ALIAS_FN(fn) void (*fn)(char*, DOM_SID*, uint32, char*)
+#define ALIAS_INFO_FN(fn) void (*fn)(char*, DOM_SID*, uint32, ALIAS_INFO_CTR *)
+#define ALIAS_MEM_FN(fn) void(*fn)(char*, DOM_SID*, uint32, char*, uint32, DOM_SID**, char**, uint8*)
+
#define GROUP_FN(fn) void (*fn)(char*, DOM_SID*, uint32, char*)
#define GROUP_INFO_FN(fn) void (*fn)(char*, DOM_SID*, uint32, GROUP_INFO_CTR *)
#define GROUP_MEM_FN(fn) void(*fn)(char*, DOM_SID*, uint32, char*, uint32, uint32*, char**, uint32*)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index ed314fa88e..c570b9a4af 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -482,6 +482,8 @@ BOOL reg_split_key(const char *full_keyname, uint32 *reg_type, char *key_name);
BOOL become_user_permanently(uid_t uid, gid_t gid);
void free_char_array(uint32 num_entries, char **entries);
BOOL add_chars_to_array(uint32 *len, char ***array, const char *name);
+BOOL add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid);
+void free_sid_array(uint32 num_entries, DOM_SID **entries);
/*The following definitions come from lib/util_file.c */
@@ -532,7 +534,7 @@ void sid_copy(DOM_SID *sid1, const DOM_SID *sid2);
BOOL sid_front_equal(const DOM_SID *sid1, const DOM_SID *sid2);
BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
int sid_size(const DOM_SID *sid);
-DOM_SID *sid_dup(DOM_SID *src);
+DOM_SID *sid_dup(const DOM_SID *src);
/*The following definitions come from lib/util_sock.c */
@@ -1896,6 +1898,10 @@ BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_open_domain,
uint32 info_level,
uint32 group_rid, GROUP_INFO_CTR *ctr);
+BOOL get_samr_query_aliasinfo(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_open_domain,
+ uint32 info_level,
+ uint32 alias_rid, ALIAS_INFO_CTR *ctr);
BOOL samr_chgpasswd_user(struct cli_state *cli, uint16 fnum,
char *srv_name, char *user_name,
char nt_newpass[516], uchar nt_oldhash[16],
@@ -1909,9 +1915,9 @@ uint32 samr_enum_dom_groups(struct cli_state *cli, uint16 fnum,
uint32 *start_idx, uint32 size,
struct acct_info **sam,
uint32 *num_sam_groups);
-BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
+uint32 samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol,
- uint32 start_idx, uint32 size,
+ uint32 *start_idx, uint32 size,
struct acct_info **sam,
uint32 *num_sam_aliases);
uint32 samr_enum_dom_users(struct cli_state *cli, uint16 fnum,
@@ -1942,8 +1948,9 @@ BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum,
BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum,
POLICY_HND *domain_pol, const char *acct_name,
POLICY_HND *alias_pol, uint32 *rid);
-BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum,
- POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr);
+BOOL samr_query_aliasinfo(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *alias_pol, uint16 switch_value,
+ ALIAS_INFO_CTR *ctr);
BOOL samr_set_aliasinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr);
BOOL samr_open_group(struct cli_state *cli, uint16 fnum,
@@ -3268,6 +3275,13 @@ int msrpc_sam_enum_users(struct client_info *info,
USER_MEM_FN(usr_als_fn));
BOOL sam_query_dominfo(struct client_info *info, DOM_SID *sid1,
uint32 switch_value, SAM_UNK_CTR *ctr);
+BOOL sam_query_aliasmem(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_dom,
+ uint32 alias_rid,
+ uint32 *num_names,
+ DOM_SID ***sids,
+ char ***name,
+ uint8 **type);
BOOL sam_query_groupmem(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_dom,
uint32 group_rid,
@@ -3281,6 +3295,12 @@ uint32 msrpc_sam_enum_groups(struct client_info *info,
GROUP_FN(grp_fn),
GROUP_INFO_FN(grp_inf_fn),
GROUP_MEM_FN(grp_mem_fn));
+uint32 msrpc_sam_enum_aliases(struct client_info *info,
+ struct acct_info **sam,
+ uint32 *num_sam_entries,
+ ALIAS_FN(als_fn),
+ ALIAS_INFO_FN(als_inf_fn),
+ ALIAS_MEM_FN(als_mem_fn));
void cmd_sam_ntchange_pwd(struct client_info *info);
void cmd_sam_test(struct client_info *info);
void cmd_sam_lookup_domain(struct client_info *info);
@@ -3400,7 +3420,8 @@ void display_share2(FILE *out_hnd, enum action_type action,
void display_name(FILE *out_hnd, enum action_type action,
char *sname);
void display_alias_members(FILE *out_hnd, enum action_type action,
- uint32 num_mem, char **sid_mem);
+ uint32 num_mem, char **sid_mem,
+ uint8 *type);
void display_alias_rid_info(FILE *out_hnd, enum action_type action,
DOM_SID *sid,
uint32 num_rids, uint32 *rid);
@@ -3414,6 +3435,9 @@ void display_group_rid_info(FILE *out_hnd, enum action_type action,
uint32 num_gids, DOM_GID *gid);
void display_alias_name_info(FILE *out_hnd, enum action_type action,
uint32 num_aliases, fstring *alias_name, uint32 *num_als_usrs);
+void display_alias_info3(FILE *out_hnd, enum action_type action, ALIAS_INFO3 *info3);
+void display_alias_info_ctr(FILE *out_hnd, enum action_type action,
+ ALIAS_INFO_CTR *ctr);
void display_sam_user_info_21(FILE *out_hnd, enum action_type action, SAM_USER_INFO_21 *usr);
char *get_sec_mask_str(uint32 type);
void display_sec_access(FILE *out_hnd, enum action_type action, SEC_ACCESS *info);
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 9e13e819be..9e01f0f095 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -3261,3 +3261,38 @@ BOOL add_chars_to_array(uint32 *len, char ***array, const char *name)
}
return True;
}
+
+BOOL add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid)
+{
+ if (len == NULL || array == NULL)
+ {
+ return False;
+ }
+
+ (*array) = (char**)Realloc((*array), ((*len)+1) * sizeof((*array)[0]));
+
+ if ((*array) != NULL)
+ {
+ (*array)[(*len)] = sid_dup(sid);
+ (*len)++;
+ return True;
+ }
+ return True;
+}
+
+void free_sid_array(uint32 num_entries, DOM_SID **entries)
+{
+ uint32 i;
+ if (entries != NULL)
+ {
+ for (i = 0; i < num_entries; i++)
+ {
+ if (entries[i] != NULL)
+ {
+ free(entries[i]);
+ }
+ }
+ free(entries);
+ }
+}
+
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 3be81ce811..295fd0efac 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -231,7 +231,7 @@ int sid_size(const DOM_SID *sid)
Duplicates a sid - mallocs the target.
*****************************************************************/
-DOM_SID *sid_dup(DOM_SID *src)
+DOM_SID *sid_dup(const DOM_SID *src)
{
DOM_SID *dst;
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 16925b0806..7c1860dee1 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -377,6 +377,42 @@ BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum,
}
/****************************************************************************
+do a SAMR query alias info
+****************************************************************************/
+BOOL get_samr_query_aliasinfo(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_open_domain,
+ uint32 info_level,
+ uint32 alias_rid, ALIAS_INFO_CTR *ctr)
+{
+ POLICY_HND pol_open_alias;
+ BOOL ret = True;
+
+ if (pol_open_domain == NULL || ctr == NULL) return False;
+
+ bzero(ctr, sizeof(*ctr));
+
+ /* send open domain (on alias sid) */
+ if (!samr_open_alias(cli, fnum,
+ pol_open_domain,
+ 0x02000000, alias_rid, &pol_open_alias))
+ {
+ return False;
+ }
+
+ /* send alias info query */
+ if (!samr_query_aliasinfo(cli, fnum,
+ &pol_open_alias,
+ info_level, ctr))
+ {
+ DEBUG(5,("samr_query_aliasinfo: error in query alias info, level 0x%x\n",
+ info_level));
+ ret = False;
+ }
+
+ return samr_close(cli, fnum,&pol_open_alias) && ret;
+}
+
+/****************************************************************************
do a SAMR change user password command
****************************************************************************/
BOOL samr_chgpasswd_user(struct cli_state *cli, uint16 fnum,
@@ -640,21 +676,24 @@ uint32 samr_enum_dom_groups(struct cli_state *cli, uint16 fnum,
/****************************************************************************
do a SAMR enumerate aliases
****************************************************************************/
-BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
+uint32 samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol,
- uint32 start_idx, uint32 size,
+ uint32 *start_idx, uint32 size,
struct acct_info **sam,
uint32 *num_sam_aliases)
{
+ uint32 status = 0x0;
prs_struct data;
prs_struct rdata;
SAMR_Q_ENUM_DOM_ALIASES q_e;
- BOOL valid_pol = False;
DEBUG(4,("SAMR Enum SAM DB max size:%x\n", size));
- if (pol == NULL || num_sam_aliases == NULL) return False;
+ if (pol == NULL || num_sam_aliases == NULL)
+ {
+ return NT_STATUS_INVALID_PARAMETER | 0xC0000000;
+ }
/* create and send a MSRPC command with api SAMR_ENUM_DOM_ALIASES */
@@ -662,7 +701,7 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True );
/* store the parameters */
- make_samr_q_enum_dom_aliases(&q_e, pol, start_idx, size);
+ make_samr_q_enum_dom_aliases(&q_e, pol, *start_idx, size);
/* turn parameters into data stream */
samr_io_q_enum_dom_aliases("", &q_e, &data, 0);
@@ -680,35 +719,31 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
{
/* report error code */
DEBUG(4,("SAMR_R_ENUM_DOM_ALIASES: %s\n", get_nt_error_msg(r_e.status)));
- p = False;
+ p = (r_e.status == STATUS_MORE_ENTRIES);
}
if (p)
{
- uint32 i;
- int name_idx = 0;
-
- *num_sam_aliases = r_e.num_entries2;
- if (*num_sam_aliases > MAX_SAM_ENTRIES)
- {
- *num_sam_aliases = MAX_SAM_ENTRIES;
- DEBUG(2,("samr_enum_dom_aliases: sam user entries limited to %d\n",
- *num_sam_aliases));
- }
+ uint32 i = (*num_sam_aliases);
+ uint32 j = 0;
+ uint32 name_idx = 0;
- *sam = (struct acct_info*) malloc(sizeof(struct acct_info) * (*num_sam_aliases));
+ (*num_sam_aliases) += r_e.num_entries2;
+ (*sam) = (struct acct_info*) Realloc((*sam),
+ sizeof(struct acct_info) * (*num_sam_aliases));
if ((*sam) == NULL)
{
- *num_sam_aliases = 0;
+ (*num_sam_aliases) = 0;
+ i = 0;
}
- for (i = 0; i < *num_sam_aliases; i++)
+ for (j = 0; i < (*num_sam_aliases) && j < r_e.num_entries2; j++, i++)
{
- (*sam)[i].rid = r_e.sam[i].rid;
+ (*sam)[i].rid = r_e.sam[j].rid;
(*sam)[i].acct_name[0] = 0;
(*sam)[i].acct_desc[0] = 0;
- if (r_e.sam[i].hdr_name.buffer)
+ if (r_e.sam[j].hdr_name.buffer)
{
unistr2_to_ascii((*sam)[i].acct_name, &r_e.uni_grp_name[name_idx], sizeof((*sam)[i].acct_name)-1);
name_idx++;
@@ -716,14 +751,14 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum,
DEBUG(5,("samr_enum_dom_aliases: idx: %4d rid: %8x acct: %s\n",
i, (*sam)[i].rid, (*sam)[i].acct_name));
}
- valid_pol = True;
+ (*start_idx) = r_e.next_idx;
}
}
prs_mem_free(&data );
prs_mem_free(&rdata );
- return valid_pol;
+ return status;
}
/****************************************************************************
@@ -1290,17 +1325,17 @@ BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum,
return valid_pol;
}
-#if 0
/****************************************************************************
do a SAMR Get Alias Info
****************************************************************************/
-BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum,
- POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr)
+BOOL samr_query_aliasinfo(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *alias_pol, uint16 switch_value,
+ ALIAS_INFO_CTR *ctr)
{
prs_struct data;
prs_struct rdata;
- SAMR_Q_GET_ALIASINFO q_o;
+ SAMR_Q_QUERY_ALIASINFO q_o;
BOOL valid_pol = False;
if (alias_pol == NULL || ctr == NULL) return False;
@@ -1313,24 +1348,27 @@ BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum,
DEBUG(4,("SAMR Get Alias Info\n"));
/* store the parameters */
- make_samr_q_get_aliasinfo(&q_o, alias_pol, ctr);
+ make_samr_q_query_aliasinfo(&q_o, alias_pol, switch_value);
/* turn parameters into data stream */
- samr_io_q_get_aliasinfo("", &q_o, &data, 0);
+ samr_io_q_query_aliasinfo("", &q_o, &data, 0);
/* send the data on \PIPE\ */
- if (rpc_api_pipe_req(cli, fnum, SAMR_GET_ALIASINFO, &data, &rdata))
+ if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_ALIASINFO, &data, &rdata))
{
- SAMR_R_GET_ALIASINFO r_o;
+ SAMR_R_QUERY_ALIASINFO r_o;
BOOL p;
- samr_io_r_get_aliasinfo("", &r_o, &rdata, 0);
+ /* get alias info */
+ r_o.ctr = ctr;
+
+ samr_io_r_query_aliasinfo("", &r_o, &rdata, 0);
p = rdata.offset != 0;
if (p && r_o.status != 0)
{
/* report error code */
- DEBUG(4,("SAMR_R_GET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status)));
+ DEBUG(4,("SAMR_R_QUERY_ALIASINFO: %s\n", get_nt_error_msg(r_o.status)));
p = False;
}
@@ -1345,7 +1383,6 @@ BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum,
return valid_pol;
}
-#endif
/****************************************************************************
do a SAMR Set Alias Info
@@ -2326,7 +2363,7 @@ BOOL samr_query_groupinfo(struct cli_state *cli, uint16 fnum,
SAMR_R_QUERY_GROUPINFO r_o;
BOOL p;
- /* get user info */
+ /* get group info */
r_o.ctr = ctr;
samr_io_r_query_groupinfo("", &r_o, &rdata, 0);
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 1656f017da..a1506f8ca2 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -37,6 +37,33 @@ extern struct cli_state *smb_cli;
extern FILE* out_hnd;
+static void sam_display_alias_info(char *domain, DOM_SID *sid,
+ uint32 alias_rid,
+ ALIAS_INFO_CTR *ctr)
+{
+ display_alias_info_ctr(out_hnd, ACTION_HEADER , ctr);
+ display_alias_info_ctr(out_hnd, ACTION_ENUMERATE, ctr);
+ display_alias_info_ctr(out_hnd, ACTION_FOOTER , ctr);
+}
+
+static void sam_display_alias(char *domain, DOM_SID *sid,
+ uint32 alias_rid, char *alias_name)
+{
+ report(out_hnd, "Alias RID: %8x Alias Name: %s\n",
+ alias_rid, alias_name);
+}
+
+static void sam_display_alias_members(char *domain, DOM_SID *sid,
+ uint32 alias_rid, char *alias_name,
+ uint32 num_names,
+ DOM_SID **sids,
+ char **name,
+ uint8 *type)
+{
+ display_alias_members(out_hnd, ACTION_HEADER , num_names, name, type);
+ display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
+ display_alias_members(out_hnd, ACTION_FOOTER , num_names, name, type);
+}
static void sam_display_group_info(char *domain, DOM_SID *sid,
uint32 group_rid,
@@ -474,41 +501,69 @@ BOOL sam_query_dominfo(struct client_info *info, DOM_SID *sid1,
}
+static BOOL query_aliasinfo(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_dom,
+ char *domain,
+ DOM_SID *sid,
+ uint32 alias_rid,
+ ALIAS_INFO_FN(grp_inf))
+{
+ ALIAS_INFO_CTR ctr;
-static void req_samr_aliasmem(struct cli_state *cli, uint16 fnum,
- const char *srv_name,
- POLICY_HND *pol_dom, uint32 alias_rid)
+ /* send alias info query */
+ if (get_samr_query_aliasinfo(smb_cli, fnum,
+ pol_dom,
+ 3, /* info level */
+ alias_rid, &ctr))
+ {
+ if (grp_inf != NULL)
+ {
+ grp_inf(domain, sid, alias_rid, &ctr);
+ }
+ return True;
+ }
+ return False;
+}
+
+BOOL sam_query_aliasmem(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_dom,
+ uint32 alias_rid,
+ uint32 *num_names,
+ DOM_SID ***sids,
+ char ***name,
+ uint8 **type)
{
- uint32 num_aliases;
+ BOOL res3 = True;
+ BOOL res4 = True;
DOM_SID2 sid_mem[MAX_LOOKUP_SIDS];
+ uint32 num_aliases = 0;
- /* send user aliases query */
- if (get_samr_query_aliasmem(smb_cli, fnum,
- pol_dom,
- alias_rid, &num_aliases, sid_mem))
+ *sids = NULL;
+ *num_names = 0;
+ *name = NULL;
+ *type = NULL;
+
+ /* get alias members */
+ res3 = get_samr_query_aliasmem(smb_cli, fnum,
+ pol_dom,
+ alias_rid, &num_aliases, sid_mem);
+
+ if (res3 && num_aliases != 0)
{
+ fstring srv_name;
uint16 fnum_lsa;
POLICY_HND lsa_pol;
- BOOL res3 = True;
- BOOL res4 = True;
- char **names = NULL;
- int num_names = 0;
- DOM_SID **sids = NULL;
uint32 i;
+ uint32 numsids = 0;
- if (num_aliases != 0)
- {
- sids = (DOM_SID**)malloc(num_aliases * sizeof(DOM_SID*));
- }
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, cli->desthost);
+ strupper(srv_name);
- res3 = sids != NULL;
- if (res3)
+ for (i = 0; i < num_aliases; i++)
{
- for (i = 0; i < num_aliases; i++)
- {
- sids[i] = &sid_mem[i].sid;
- }
+ add_sid_to_array(&numsids, sids, &sid_mem[i].sid);
}
/* open LSARPC session. */
@@ -522,25 +577,67 @@ static void req_samr_aliasmem(struct cli_state *cli, uint16 fnum,
/* send lsa lookup sids call */
res4 = res3 ? lsa_lookup_sids(smb_cli, fnum_lsa,
&lsa_pol,
- num_aliases, sids,
- &names, NULL, &num_names) : False;
+ num_aliases, *sids,
+ name, type, num_names) : False;
res3 = res3 ? lsa_close(smb_cli, fnum_lsa, &lsa_pol) : False;
cli_nt_session_close(smb_cli, fnum_lsa);
+ }
+
+ if (!res4)
+ {
+ free_char_array(*num_names, *name);
+ if ((*type) != NULL)
+ {
+ free(*type);
+ }
+ if ((*sids) != NULL)
+ {
+ free_sid_array(num_aliases, *sids);
+ }
+ *num_names = 0;
+ *name = NULL;
+ *type = NULL;
+ *sids = NULL;
+ }
+
+ return res4;
+}
+
+static BOOL req_aliasmem_info(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_dom,
+ char *domain,
+ DOM_SID *sid,
+ uint32 alias_rid,
+ char *alias_name,
+ ALIAS_MEM_FN(als_mem))
+{
+ uint32 num_names = 0;
+ char **name = NULL;
+ uint8 *type = NULL;
+ DOM_SID **sids = NULL;
+
+ if (sam_query_aliasmem(cli, fnum, pol_dom, alias_rid,
+ &num_names, &sids,
+ &name, &type))
+ {
+ als_mem(domain, sid,
+ alias_rid, alias_name,
+ num_names, sids, name, type);
- if (res4 && names != NULL)
+ free_char_array(num_names, name);
+ if (type != NULL)
{
- display_alias_members(out_hnd, ACTION_HEADER , num_names, names);
- display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, names);
- display_alias_members(out_hnd, ACTION_FOOTER , num_names, names);
+ free(type);
}
- free_char_array(num_names, names);
if (sids != NULL)
{
- free(sids);
+ free_sid_array(num_names, sids);
}
+ return True;
}
+ return False;
}
BOOL sam_query_groupmem(struct cli_state *cli, uint16 fnum,
@@ -725,6 +822,7 @@ uint32 msrpc_sam_enum_groups(struct client_info *info,
&pol_dom) : False;
(*sam) = NULL;
+ (*num_sam_entries) = 0;
if (res)
{
@@ -793,6 +891,133 @@ uint32 msrpc_sam_enum_groups(struct client_info *info,
}
/****************************************************************************
+SAM aliases query.
+****************************************************************************/
+uint32 msrpc_sam_enum_aliases(struct client_info *info,
+ struct acct_info **sam,
+ uint32 *num_sam_entries,
+ ALIAS_FN(als_fn),
+ ALIAS_INFO_FN(als_inf_fn),
+ ALIAS_MEM_FN(als_mem_fn))
+{
+ uint16 fnum;
+ fstring srv_name;
+ fstring domain;
+ fstring sid;
+ DOM_SID sid1;
+ BOOL res = True;
+ uint32 ace_perms = 0x02000000; /* access control permissions */
+ POLICY_HND sam_pol;
+ POLICY_HND pol_dom;
+ uint32 status = 0x0;
+
+ sid_copy(&sid1, &info->dom.level5_sid);
+ sid_to_string(sid, &sid1);
+ fstrcpy(domain, info->dom.level5_dom);
+
+ if (sid1.num_auths == 0)
+ {
+ report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
+ return 0;
+ }
+
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, info->dest_host);
+ strupper(srv_name);
+
+ report(out_hnd, "SAM Enumerate Aliases\n");
+ report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
+ info->myhostname, srv_name, domain, sid);
+
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
+
+ /* establish a connection. */
+ res = res ? samr_connect(smb_cli, fnum,
+ srv_name, 0x02000000,
+ &sam_pol) : False;
+
+ /* connect to the domain */
+ res = res ? samr_open_domain(smb_cli, fnum,
+ &sam_pol, ace_perms, &sid1,
+ &pol_dom) : False;
+
+ (*sam) = NULL;
+ (*num_sam_entries) = 0;
+
+ if (res)
+ {
+ uint32 alias_idx;
+ uint32 start_idx = 0;
+ /* read some groups */
+ do
+ {
+ status = samr_enum_dom_aliases(smb_cli, fnum,
+ &pol_dom,
+ &start_idx, 0x100000,
+ sam, num_sam_entries);
+
+ } while (status == STATUS_MORE_ENTRIES);
+
+ if ((*num_sam_entries) == 0)
+ {
+ report(out_hnd, "No aliases\n");
+ }
+
+ for (alias_idx = 0; alias_idx < (*num_sam_entries); alias_idx++)
+ {
+ uint32 alias_rid = (*sam)[alias_idx].rid;
+ char *alias_name = (*sam)[alias_idx].acct_name;
+
+ if (als_fn != NULL)
+ {
+ als_fn(domain, &sid1, alias_rid, alias_name);
+ }
+
+ if (als_inf_fn != NULL)
+ {
+ query_aliasinfo(smb_cli, fnum, &pol_dom,
+ domain, &sid1,
+ alias_rid,
+ als_inf_fn);
+ }
+ if (als_mem_fn != NULL)
+ {
+ req_aliasmem_info(smb_cli, fnum, &pol_dom,
+ domain, &sid1,
+ alias_rid, alias_name,
+ als_mem_fn);
+ }
+ }
+ }
+
+ res = res ? samr_close(smb_cli, fnum,
+ &sam_pol) : False;
+
+ res = res ? samr_close(smb_cli, fnum,
+ &pol_dom) : False;
+
+ /* close the session */
+ cli_nt_session_close(smb_cli, fnum);
+
+ if (sam != NULL)
+ {
+ free(sam);
+ }
+
+ if (res)
+ {
+ DEBUG(5,("msrpc_sam_enum_aliases: succeeded\n"));
+ }
+ else
+ {
+ DEBUG(5,("msrpc_sam_enum_aliases: failed\n"));
+ }
+
+ return (*num_sam_entries);
+}
+
+/****************************************************************************
SAM password change
****************************************************************************/
void cmd_sam_ntchange_pwd(struct client_info *info)
@@ -885,7 +1110,7 @@ void cmd_sam_test(struct client_info *info)
fstrcpy(domain, info->dom.level5_dom);
/*
- if (strlen(sid) == 0)
+ if (sid1.num_auths == 0)
{
report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
@@ -2317,7 +2542,7 @@ void cmd_sam_query_dispinfo(struct client_info *info)
sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
- if (strlen(sid) == 0)
+ if (sid1.num_auths == 0)
{
fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
@@ -2397,7 +2622,7 @@ void cmd_sam_query_dominfo(struct client_info *info)
sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
- if (strlen(sid) == 0)
+ if (sid1.num_auths == 0)
{
report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
@@ -2432,114 +2657,38 @@ SAM aliases query.
****************************************************************************/
void cmd_sam_enum_aliases(struct client_info *info)
{
- uint16 fnum;
- fstring srv_name;
- fstring domain;
- fstring sid;
- DOM_SID sid1;
- BOOL res = True;
BOOL request_member_info = False;
- uint32 ace_perms = 0x02000000; /* access control permissions */
+ BOOL request_alias_info = False;
fstring tmp;
- uint32 alias_idx;
- struct acct_info *sam;
- uint32 num_sam_entries;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_to_string(sid, &info->dom.level5_sid);
- fstrcpy(domain, info->dom.level5_dom);
-#if 0
- fstrcpy(sid , "S-1-5-20");
-#endif
- if (strlen(sid) == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- string_to_sid(&sid1, sid);
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- /* a bad way to do token parsing... */
- if (next_token(NULL, tmp, NULL, sizeof(tmp)))
- {
- request_member_info |= strequal(tmp, "-m");
- }
-
- report(out_hnd, "SAM Enumerate Aliases\n");
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid);
-
- /* open SAMR session. negotiate credentials */
- res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
-
- /* establish a connection. */
- res = res ? samr_connect(smb_cli, fnum,
- srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain(smb_cli, fnum,
- &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- sam = NULL;
-
- /* read some aliases */
- res = res ? samr_enum_dom_aliases(smb_cli, fnum,
- &pol_dom,
- 0x0, 0xffff,
- &sam, &num_sam_entries) : False;
-
- if (res && num_sam_entries == 0)
- {
- report(out_hnd, "No aliases\n");
- }
+ int i;
+ struct acct_info *sam = NULL;
+ uint32 num_sam_entries = 0;
- if (res)
+ for (i = 0; i < 2; i++)
{
- for (alias_idx = 0; alias_idx < num_sam_entries; alias_idx++)
+ /* a bad way to do token parsing... */
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- uint32 alias_rid = sam[alias_idx].rid;
-
- report(out_hnd, "Alias RID: %8x Group Name: %s\n",
- alias_rid,
- sam[alias_idx].acct_name);
-
- if (request_member_info)
- {
- req_samr_aliasmem(smb_cli, fnum,
- srv_name, &pol_dom, alias_rid);
- }
+ request_member_info |= strequal(tmp, "-m");
+ request_alias_info |= strequal(tmp, "-a");
+ }
+ else
+ {
+ break;
}
}
- res = res ? samr_close(smb_cli, fnum,
- &sam_pol) : False;
-
- res = res ? samr_close(smb_cli, fnum,
- &pol_dom) : False;
+ report(out_hnd, "SAM Enumerate Aliases\n");
- /* close the session */
- cli_nt_session_close(smb_cli, fnum);
+ msrpc_sam_enum_aliases(info, &sam, &num_sam_entries,
+ sam_display_alias,
+ request_alias_info ? sam_display_alias_info : NULL,
+ request_member_info ? sam_display_alias_members : NULL);
if (sam != NULL)
{
free(sam);
}
-
- if (res)
- {
- DEBUG(5,("cmd_sam_enum_aliases: succeeded\n"));
- }
- else
- {
- DEBUG(5,("cmd_sam_enum_aliases: failed\n"));
- }
}
/****************************************************************************
diff --git a/source3/rpcclient/display.c b/source3/rpcclient/display.c
index c8e69101ea..bb99769201 100644
--- a/source3/rpcclient/display.c
+++ b/source3/rpcclient/display.c
@@ -1201,7 +1201,8 @@ void display_name(FILE *out_hnd, enum action_type action,
display alias members
****************************************************************************/
void display_alias_members(FILE *out_hnd, enum action_type action,
- uint32 num_mem, char **sid_mem)
+ uint32 num_mem, char **sid_mem,
+ uint8 *type)
{
switch (action)
{
@@ -1226,7 +1227,9 @@ void display_alias_members(FILE *out_hnd, enum action_type action,
{
if (sid_mem[i] != NULL)
{
- fprintf(out_hnd, "\tMember Name:\t%s\n", sid_mem[i]);
+ fprintf(out_hnd, "\tMember Name:\t%s\tType:\t%s\n",
+ sid_mem[i],
+ get_sid_name_use_str(type[i]));
}
}
@@ -1512,6 +1515,70 @@ void display_alias_name_info(FILE *out_hnd, enum action_type action,
}
}
+/****************************************************************************
+ display alias info
+ ****************************************************************************/
+void display_alias_info3(FILE *out_hnd, enum action_type action, ALIAS_INFO3 *info3)
+
+{
+ switch (action)
+ {
+ case ACTION_HEADER:
+ {
+ break;
+ }
+ case ACTION_ENUMERATE:
+ {
+ fstring temp;
+
+ unistr2_to_ascii(temp, &info3->uni_acct_desc, sizeof(temp)-1);
+ fprintf(out_hnd, "\tDescription:\t%s\n", temp);
+ break;
+ }
+ case ACTION_FOOTER:
+ {
+ break;
+ }
+ }
+}
+
+/****************************************************************************
+ display sam sync structure
+ ****************************************************************************/
+void display_alias_info_ctr(FILE *out_hnd, enum action_type action,
+ ALIAS_INFO_CTR *ctr)
+{
+ switch (action)
+ {
+ case ACTION_HEADER:
+ {
+ fprintf(out_hnd, "\tSAM Group Info\n");
+ fprintf(out_hnd, "\t--------------\n");
+
+ break;
+ }
+ case ACTION_ENUMERATE:
+ {
+ switch (ctr->switch_value1)
+ {
+ case 3:
+ {
+ display_alias_info3(out_hnd, ACTION_HEADER , &ctr->alias.info3);
+ display_alias_info3(out_hnd, ACTION_ENUMERATE, &ctr->alias.info3);
+ display_alias_info3(out_hnd, ACTION_FOOTER , &ctr->alias.info3);
+ break;
+ }
+ }
+ break;
+ }
+ case ACTION_FOOTER:
+ {
+ fprintf(out_hnd, "\n");
+ break;
+ }
+ }
+}
+
/****************************************************************************
display sam_user_info_21 structure