diff options
-rw-r--r-- | source3/rpcclient/cmd_samr.c | 108 |
1 files changed, 104 insertions, 4 deletions
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 5ac650b650..d199e65b95 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -122,6 +122,7 @@ static uint32 cmd_samr_query_user(struct cli_state *cli, int argc, char **argv) return NT_STATUS_UNSUCCESSFUL; } + fetch_domain_sid(cli); /* Initialise RPC connection */ if (!cli_nt_session_open (cli, PIPE_SAMR)) { @@ -139,7 +140,6 @@ static uint32 cmd_samr_query_user(struct cli_state *cli, int argc, char **argv) } got_connect_pol = True; - fetch_domain_sid(cli); if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, @@ -250,6 +250,8 @@ static uint32 cmd_samr_query_group(struct cli_state *cli, int argc, char **argv) return NT_STATUS_UNSUCCESSFUL; } + fetch_domain_sid(cli); + /* Initialise RPC connection */ if (!cli_nt_session_open (cli, PIPE_SAMR)) { fprintf (stderr, "Could not initialize samr pipe!\n"); @@ -266,7 +268,6 @@ static uint32 cmd_samr_query_group(struct cli_state *cli, int argc, char **argv) } got_connect_pol = True; - fetch_domain_sid(cli); if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, @@ -338,6 +339,8 @@ static uint32 cmd_samr_query_usergroups(struct cli_state *cli, int argc, char ** sscanf(argv[1], "%i", &user_rid); + fetch_domain_sid(cli); + /* Initialise RPC connection */ if (!cli_nt_session_open (cli, PIPE_SAMR)) { fprintf (stderr, "Could not initialize samr pipe!\n"); @@ -354,7 +357,6 @@ static uint32 cmd_samr_query_usergroups(struct cli_state *cli, int argc, char ** } got_connect_pol = True; - fetch_domain_sid(cli); if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, @@ -423,6 +425,8 @@ static uint32 cmd_samr_query_groupmem(struct cli_state *cli, int argc, char **ar sscanf(argv[1], "%i", &group_rid); + fetch_domain_sid(cli); + /* Initialise RPC connection */ if (!cli_nt_session_open (cli, PIPE_SAMR)) { fprintf (stderr, "Could not initialize samr pipe!\n"); @@ -439,7 +443,6 @@ static uint32 cmd_samr_query_groupmem(struct cli_state *cli, int argc, char **ar } got_connect_pol = True; - fetch_domain_sid(cli); if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, @@ -563,6 +566,102 @@ static uint32 cmd_samr_enum_dom_groups(struct cli_state *cli, int argc, return result; } +/* Query alias membership */ + +static uint32 cmd_samr_query_aliasmem(struct cli_state *cli, int argc, + char **argv) +{ + POLICY_HND connect_pol, domain_pol, alias_pol; + BOOL got_connect_pol = False, got_domain_pol = False, + got_alias_pol = False; + TALLOC_CTX *mem_ctx; + uint32 result = NT_STATUS_UNSUCCESSFUL, alias_rid, num_members, i; + DOM_SID *alias_sids; + + fstring server; + + if (argc != 2) { + printf("Usage: %s rid\n", argv[0]); + return 0; + } + + if (!(mem_ctx=talloc_init())) { + DEBUG(0,("cmd_samr_query_aliasmem: talloc_init() " + "returned NULL!\n")); + return NT_STATUS_UNSUCCESSFUL; + } + + sscanf(argv[1], "%i", &alias_rid); + + /* Initialise RPC connection */ + + fetch_domain_sid(cli); + + if (!cli_nt_session_open (cli, PIPE_SAMR)) { + fprintf (stderr, "Could not initialize samr pipe!\n"); + return NT_STATUS_UNSUCCESSFUL; + } + + /* Open SAMR handle */ + + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + strupper(server); + + if ((result = cli_samr_connect(cli, mem_ctx, server, + MAXIMUM_ALLOWED_ACCESS, + &connect_pol)) != + NT_STATUS_NOPROBLEMO) { + goto done; + } + + got_connect_pol = True; + + /* Open handle on domain */ + + if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, &domain_pol)) + != NT_STATUS_NOPROBLEMO) { + goto done; + } + + got_domain_pol = True; + + /* Open handle on alias */ + + if ((result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + alias_rid, &alias_pol)) + != NT_STATUS_NOPROBLEMO) { + goto done; + } + + got_alias_pol = True; + + if ((result = cli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, + &num_members, &alias_sids)) + != NT_STATUS_NOPROBLEMO) { + goto done; + } + + for (i = 0; i < num_members; i++) { + fstring sid_str; + + sid_to_string(sid_str, &alias_sids[i]); + printf("\tsid:[%s]\n", sid_str); + } + + done: + if (got_alias_pol) cli_samr_close(cli, mem_ctx, &alias_pol); + if (got_domain_pol) cli_samr_close(cli, mem_ctx, &domain_pol); + if (got_connect_pol) cli_samr_close(cli, mem_ctx, &connect_pol); + + cli_nt_session_close(cli); + talloc_destroy(mem_ctx); + + return result; +} + /* List of commands exported by this module */ struct cmd_set samr_commands[] = { @@ -572,6 +671,7 @@ struct cmd_set samr_commands[] = { { "querygroup", cmd_samr_query_group, "Query group info" }, { "queryusergroups", cmd_samr_query_usergroups, "Query user groups" }, { "querygroupmem", cmd_samr_query_groupmem, "Query group membership" }, + { "queryaliasmem", cmd_samr_query_aliasmem, "Query alias membership" }, { "enumdomgroups", cmd_samr_enum_dom_groups, "Enumerate domain groups" }, { NULL, NULL, NULL } |