summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h18
-rw-r--r--source3/include/rpc_samr.h31
-rw-r--r--source3/rpc_client/cli_samr.c100
-rw-r--r--source3/rpc_parse/parse_samr.c69
-rw-r--r--source3/rpcclient/cmd_samr.c141
-rw-r--r--source3/rpcclient/rpcclient.c1
6 files changed, 326 insertions, 34 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index b604d55c51..1c704c5d5d 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1695,6 +1695,10 @@ BOOL do_reg_shutdown(struct cli_state *cli, uint16 fnum,
/*The following definitions come from rpc_client/cli_samr.c */
+BOOL create_samr_domain_user(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_open_domain,
+ const char *acct_name, uint16 acb_info,
+ uint32 *rid);
BOOL create_samr_domain_alias(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol_open_domain,
const char *acct_name, const char *acct_desc,
@@ -1763,6 +1767,10 @@ BOOL samr_add_aliasmem(struct cli_state *cli, uint16 fnum,
POLICY_HND *alias_pol, DOM_SID *sid);
BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum,
POLICY_HND *alias_pol);
+BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *domain_pol, const char *acct_name,
+ uint32 unk_0, uint32 unk_1,
+ POLICY_HND *user_pol, uint32 *rid);
BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum,
POLICY_HND *domain_pol, const char *acct_name,
POLICY_HND *alias_pol, uint32 *rid);
@@ -1783,7 +1791,8 @@ BOOL samr_create_dom_group(struct cli_state *cli, uint16 fnum,
BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum,
POLICY_HND *group_pol, GROUP_INFO_CTR *ctr);
BOOL samr_open_domain(struct cli_state *cli, uint16 fnum,
- POLICY_HND *connect_pol, uint32 flags, DOM_SID *sid,
+ POLICY_HND *connect_pol, uint32 ace_perms,
+ DOM_SID *sid,
POLICY_HND *domain_pol);
BOOL samr_query_lookup_domain(struct cli_state *cli, uint16 fnum,
POLICY_HND *pol, const char *dom_name,
@@ -2442,6 +2451,12 @@ void make_samr_q_open_user(SAMR_Q_OPEN_USER *q_u,
uint32 unk_0, uint32 rid);
void samr_io_q_open_user(char *desc, SAMR_Q_OPEN_USER *q_u, prs_struct *ps, int depth);
void samr_io_r_open_user(char *desc, SAMR_R_OPEN_USER *r_u, prs_struct *ps, int depth);
+void make_samr_q_create_user(SAMR_Q_CREATE_USER *q_u,
+ POLICY_HND *pol,
+ const char *name,
+ uint16 acb_info, uint32 unk_1);
+void samr_io_q_create_user(char *desc, SAMR_Q_CREATE_USER *q_u, prs_struct *ps, int depth);
+void samr_io_r_create_user(char *desc, SAMR_R_CREATE_USER *r_u, prs_struct *ps, int depth);
void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
POLICY_HND *hnd, uint16 switch_value);
void samr_io_q_query_userinfo(char *desc, SAMR_Q_QUERY_USERINFO *q_u, prs_struct *ps, int depth);
@@ -2793,6 +2808,7 @@ void cmd_sam_lookup_domain(struct client_info *info);
void cmd_sam_del_aliasmem(struct client_info *info);
void cmd_sam_delete_dom_alias(struct client_info *info);
void cmd_sam_add_aliasmem(struct client_info *info);
+void cmd_sam_create_dom_user(struct client_info *info);
void cmd_sam_create_dom_alias(struct client_info *info);
void cmd_sam_del_groupmem(struct client_info *info);
void cmd_sam_delete_dom_group(struct client_info *info);
diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h
index ea6a1f7919..54df484444 100644
--- a/source3/include/rpc_samr.h
+++ b/source3/include/rpc_samr.h
@@ -40,7 +40,7 @@ x SamrCloseHandle
x SamrConnect
x SamrCreateAliasInDomain
x SamrCreateGroupInDomain
-SamrCreateUserInDomain
+x SamrCreateUserInDomain
? SamrDeleteAlias
SamrDeleteGroup
SamrDeleteUser
@@ -113,6 +113,7 @@ SamrTestPrivateFunctionsUser
#define SAMR_QUERY_ALIASMEM 0x21
#define SAMR_OPEN_USER 0x22
+#define SAMR_CREATE_USER 0x32
#define SAMR_QUERY_USERINFO 0x24
#define SAMR_QUERY_USERGROUPS 0x27
@@ -1202,11 +1203,37 @@ typedef struct r_samr_open_user_info
} SAMR_R_OPEN_USER;
+/* SAMR_Q_CREATE_USER - probably a create */
+typedef struct q_samr_create_user_info
+{
+ POLICY_HND domain_pol; /* policy handle */
+
+ UNIHDR hdr_name; /* unicode account name header */
+ UNISTR2 uni_name; /* unicode account name */
+
+ uint16 acb_info; /* account control info */
+ uint32 unknown_1; /* 0xe005 00b0 */
+
+} SAMR_Q_CREATE_USER;
+
+
+/* SAMR_R_CREATE_USER - probably a create */
+typedef struct r_samr_create_user_info
+{
+ POLICY_HND user_pol; /* policy handle associated with user */
+
+ uint32 unknown_0; /* 0x0007 03ff */
+ uint32 user_rid; /* user RID */
+ uint32 status; /* return status */
+
+} SAMR_R_CREATE_USER;
+
+
/* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */
typedef struct q_samr_unknown_32_info
{
- POLICY_HND pol; /* policy handle */
+ POLICY_HND pol; /* policy handle */
UNIHDR hdr_mach_acct; /* unicode machine account name header */
UNISTR2 uni_mach_acct; /* unicode machine account name */
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index d95bd99eac..f822937cef 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -34,6 +34,34 @@ extern int DEBUGLEVEL;
/****************************************************************************
+do a SAMR create domain user
+****************************************************************************/
+BOOL create_samr_domain_user(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *pol_open_domain,
+ const char *acct_name, uint16 acb_info,
+ uint32 *rid)
+{
+ POLICY_HND pol_open_user;
+ BOOL ret = True;
+
+ if (pol_open_domain == NULL || acct_name == NULL) return False;
+
+ /* send create user */
+ if (!samr_create_dom_user(cli, fnum,
+ pol_open_domain,
+ acct_name, acb_info, 0xe005000b,
+ &pol_open_user, rid))
+ {
+ return False;
+ }
+
+ DEBUG(5,("create_samr_domain_user: name: %s rid 0x%x\n",
+ acct_name, *rid));
+
+ return samr_close(cli, fnum, &pol_open_user) && ret;
+}
+
+/****************************************************************************
do a SAMR create domain alias
****************************************************************************/
BOOL create_samr_domain_alias(struct cli_state *cli, uint16 fnum,
@@ -1118,6 +1146,65 @@ BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum,
}
/****************************************************************************
+do a SAMR Create Domain User
+****************************************************************************/
+BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum,
+ POLICY_HND *domain_pol, const char *acct_name,
+ uint32 unk_0, uint32 unk_1,
+ POLICY_HND *user_pol, uint32 *rid)
+{
+ prs_struct data;
+ prs_struct rdata;
+
+ SAMR_Q_CREATE_USER q_o;
+ BOOL valid_pol = False;
+
+ if (user_pol == NULL || domain_pol == NULL || acct_name == NULL || rid == NULL) return False;
+
+ /* create and send a MSRPC command with api SAMR_CREATE_USER */
+
+ prs_init(&data , 1024, 4, SAFETY_MARGIN, False);
+ prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True );
+
+ DEBUG(4,("SAMR Create Domain User. Name:%s\n", acct_name));
+
+ /* store the parameters */
+ make_samr_q_create_user(&q_o, domain_pol, acct_name, unk_0, unk_1);
+
+ /* turn parameters into data stream */
+ samr_io_q_create_user("", &q_o, &data, 0);
+
+ /* send the data on \PIPE\ */
+ if (rpc_api_pipe_req(cli, fnum, SAMR_CREATE_USER, &data, &rdata))
+ {
+ SAMR_R_CREATE_USER r_o;
+ BOOL p;
+
+ samr_io_r_create_user("", &r_o, &rdata, 0);
+ p = rdata.offset != 0;
+
+ if (p && r_o.status != 0)
+ {
+ /* report error code */
+ DEBUG(0,("SAMR_R_CREATE_USER: %s\n", get_nt_error_msg(r_o.status)));
+ p = False;
+ }
+
+ if (p)
+ {
+ memcpy(user_pol, &r_o.user_pol, sizeof(r_o.user_pol));
+ *rid = r_o.user_rid;
+ valid_pol = True;
+ }
+ }
+
+ prs_mem_free(&data );
+ prs_mem_free(&rdata );
+
+ return valid_pol;
+}
+
+/****************************************************************************
do a SAMR Create Domain Alias
****************************************************************************/
BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum,
@@ -1569,7 +1656,8 @@ BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum,
do a SAMR Open Domain
****************************************************************************/
BOOL samr_open_domain(struct cli_state *cli, uint16 fnum,
- POLICY_HND *connect_pol, uint32 flags, DOM_SID *sid,
+ POLICY_HND *connect_pol, uint32 ace_perms,
+ DOM_SID *sid,
POLICY_HND *domain_pol)
{
pstring sid_str;
@@ -1579,8 +1667,12 @@ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum,
SAMR_Q_OPEN_DOMAIN q_o;
BOOL valid_pol = False;
- sid_to_string(sid_str, sid);
- DEBUG(4,("SAMR Open Domain. SID:%s Flags:%x\n", sid_str, flags));
+ if (DEBUGLVL(4))
+ {
+ sid_to_string(sid_str, sid);
+ DEBUG(4,("SAMR Open Domain. SID:%s Permissions:%x\n",
+ sid_str, ace_perms));
+ }
if (connect_pol == NULL || sid == NULL || domain_pol == NULL) return False;
@@ -1590,7 +1682,7 @@ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum,
prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True );
/* store the parameters */
- make_samr_q_open_domain(&q_o, connect_pol, flags, sid);
+ make_samr_q_open_domain(&q_o, connect_pol, ace_perms, sid);
/* turn parameters into data stream */
samr_io_q_open_domain("", &q_o, &data, 0);
diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c
index 9e5c3b3495..4eaafea0fb 100644
--- a/source3/rpc_parse/parse_samr.c
+++ b/source3/rpc_parse/parse_samr.c
@@ -3774,6 +3774,75 @@ void samr_io_r_open_user(char *desc, SAMR_R_OPEN_USER *r_u, prs_struct *ps, int
}
/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+void make_samr_q_create_user(SAMR_Q_CREATE_USER *q_u,
+ POLICY_HND *pol,
+ const char *name,
+ uint16 acb_info, uint32 unk_1)
+{
+ int len_name;
+ if (q_u == NULL) return;
+ len_name = strlen(name);
+
+ DEBUG(5,("samr_make_samr_q_create_user\n"));
+
+ memcpy(&q_u->domain_pol, pol, sizeof(q_u->domain_pol));
+
+ make_uni_hdr(&(q_u->hdr_name), len_name, len_name, 1);
+ make_unistr2(&(q_u->uni_name), name, len_name);
+
+ q_u->acb_info = acb_info;
+ q_u->unknown_1 = unk_1;
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+void samr_io_q_create_user(char *desc, SAMR_Q_CREATE_USER *q_u, prs_struct *ps, int depth)
+{
+ if (q_u == NULL) return;
+
+ prs_debug(ps, depth, desc, "samr_io_q_create_user");
+ depth++;
+
+ prs_align(ps);
+
+ smb_io_pol_hnd("domain_pol", &(q_u->domain_pol), ps, depth);
+ prs_align(ps);
+
+ smb_io_unihdr ("unihdr", &(q_u->hdr_name), ps, depth);
+ smb_io_unistr2("unistr2", &(q_u->uni_name), q_u->hdr_name.buffer, ps, depth);
+ prs_align(ps);
+
+ prs_uint16("acb_info", ps, depth, &(q_u->acb_info));
+ prs_align(ps);
+ prs_uint32("unknown_1", ps, depth, &(q_u->unknown_1));
+
+ prs_align(ps);
+}
+
+/*******************************************************************
+reads or writes a structure.
+********************************************************************/
+void samr_io_r_create_user(char *desc, SAMR_R_CREATE_USER *r_u, prs_struct *ps, int depth)
+{
+ if (r_u == NULL) return;
+
+ prs_debug(ps, depth, desc, "samr_io_r_create_user");
+ depth++;
+
+ prs_align(ps);
+
+ smb_io_pol_hnd("user_pol", &(r_u->user_pol), ps, depth);
+ prs_align(ps);
+
+ prs_uint32("unknown_0", ps, depth, &(r_u->unknown_0));
+ prs_uint32("user_rid ", ps, depth, &(r_u->user_rid ));
+ prs_uint32("status", ps, depth, &(r_u->status));
+}
+
+/*******************************************************************
makes a SAMR_Q_QUERY_USERINFO structure.
********************************************************************/
void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index ed66962a82..0a482e0256 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -244,7 +244,7 @@ void cmd_sam_del_aliasmem(struct client_info *info)
BOOL res = True;
BOOL res1 = True;
BOOL res2 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
DOM_SID member_sid;
uint32 alias_rid;
@@ -281,7 +281,7 @@ void cmd_sam_del_aliasmem(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* connect to the domain */
@@ -335,7 +335,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info)
BOOL res = True;
BOOL res1 = True;
BOOL res2 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
uint32 alias_rid = 0;
const char *names[1];
uint32 rid [MAX_LOOKUP_SIDS];
@@ -374,7 +374,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
names[0] = name;
@@ -433,7 +433,7 @@ void cmd_sam_add_aliasmem(struct client_info *info)
BOOL res2 = True;
BOOL res3 = True;
BOOL res4 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
uint32 alias_rid;
const char **names = NULL;
int num_names = 0;
@@ -525,7 +525,7 @@ void cmd_sam_add_aliasmem(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* connect to the domain */
@@ -583,6 +583,93 @@ void cmd_sam_add_aliasmem(struct client_info *info)
/****************************************************************************
+SAM create domain user.
+****************************************************************************/
+void cmd_sam_create_dom_user(struct client_info *info)
+{
+ uint16 fnum;
+ fstring srv_name;
+ fstring domain;
+ fstring acct_name;
+ fstring acct_desc;
+ fstring sid;
+ DOM_SID sid1;
+ BOOL res = True;
+ BOOL res1 = True;
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
+ uint32 user_rid;
+
+ sid_copy(&sid1, &info->dom.level5_sid);
+ sid_to_string(sid, &sid1);
+ fstrcpy(domain, info->dom.level5_dom);
+
+ if (sid1.num_auths == 0)
+ {
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
+ return;
+ }
+
+
+ fstrcpy(srv_name, "\\\\");
+ fstrcat(srv_name, info->dest_host);
+ strupper(srv_name);
+
+ if (!next_token(NULL, acct_name, NULL, sizeof(acct_name)))
+ {
+ fprintf(out_hnd, "createuser: <acct name> [acct description]\n");
+ }
+
+ if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc)))
+ {
+ acct_desc[0] = 0;
+ }
+
+
+ fprintf(out_hnd, "SAM Create Domain User\n");
+ fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n",
+ domain, acct_name, acct_desc);
+
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
+
+ /* establish a connection. */
+ res = res ? samr_connect(smb_cli, fnum,
+ srv_name, 0x00000020,
+ &info->dom.samr_pol_connect) : False;
+
+ /* connect to the domain */
+ res = res ? samr_open_domain(smb_cli, fnum,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
+ &info->dom.samr_pol_open_domain) : False;
+
+ /* create a domain user */
+ res1 = res ? create_samr_domain_user(smb_cli, fnum,
+ &info->dom.samr_pol_open_domain,
+ acct_name, ACB_NORMAL, &user_rid) : False;
+
+ res = res ? samr_close(smb_cli, fnum,
+ &info->dom.samr_pol_open_domain) : False;
+
+ res = res ? samr_close(smb_cli, fnum,
+ &info->dom.samr_pol_connect) : False;
+
+ /* close the session */
+ cli_nt_session_close(smb_cli, fnum);
+
+ if (res && res1)
+ {
+ DEBUG(5,("cmd_sam_create_dom_user: succeeded\n"));
+ fprintf(out_hnd, "Create Domain User: OK\n");
+ }
+ else
+ {
+ DEBUG(5,("cmd_sam_create_dom_user: failed\n"));
+ fprintf(out_hnd, "Create Domain User: FAILED\n");
+ }
+}
+
+
+/****************************************************************************
SAM create domain alias.
****************************************************************************/
void cmd_sam_create_dom_alias(struct client_info *info)
@@ -596,7 +683,7 @@ void cmd_sam_create_dom_alias(struct client_info *info)
DOM_SID sid1;
BOOL res = True;
BOOL res1 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x00000211; /* permissions */
uint32 alias_rid;
sid_copy(&sid1, &info->dom.level5_sid);
@@ -639,7 +726,7 @@ void cmd_sam_create_dom_alias(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* create a domain alias */
@@ -684,7 +771,7 @@ void cmd_sam_del_groupmem(struct client_info *info)
BOOL res = True;
BOOL res1 = True;
BOOL res2 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
uint32 member_rid;
uint32 group_rid;
@@ -721,7 +808,7 @@ void cmd_sam_del_groupmem(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* connect to the domain */
@@ -776,7 +863,7 @@ void cmd_sam_delete_dom_group(struct client_info *info)
BOOL res = True;
BOOL res1 = True;
BOOL res2 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
uint32 group_rid = 0;
const char *names[1];
uint32 rid [MAX_LOOKUP_SIDS];
@@ -815,7 +902,7 @@ void cmd_sam_delete_dom_group(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
names[0] = name;
@@ -872,7 +959,7 @@ void cmd_sam_add_groupmem(struct client_info *info)
BOOL res = True;
BOOL res1 = True;
BOOL res2 = True;
- uint32 flags = 0x200003f3; /* absolutely no idea. */
+ uint32 ace_perms = 0x200003f3; /* absolutely no idea. */
uint32 group_rid = 0;
const char **names = NULL;
uint32 num_names = 0;
@@ -925,7 +1012,7 @@ void cmd_sam_add_groupmem(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
res1 = res ? samr_query_lookup_names(smb_cli, fnum,
@@ -999,7 +1086,7 @@ void cmd_sam_create_dom_group(struct client_info *info)
DOM_SID sid1;
BOOL res = True;
BOOL res1 = True;
- uint32 flags = 0x220; /* absolutely no idea. */
+ uint32 ace_perms = 0x220; /* absolutely no idea. */
uint32 group_rid;
sid_copy(&sid1, &info->dom.level5_sid);
@@ -1042,7 +1129,7 @@ void cmd_sam_create_dom_group(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* read some users */
@@ -1192,7 +1279,7 @@ void cmd_sam_enum_users(struct client_info *info)
uint16 unk_0 = 0x0;
uint16 acb_mask = 0;
uint16 unk_1 = 0x0;
- uint32 flags = 0x304; /* access control permissions */
+ uint32 ace_perms = 0x304; /* access control permissions */
fstring tmp;
int i;
@@ -1269,12 +1356,12 @@ void cmd_sam_enum_users(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* connect to the S-1-5-20 domain */
res1 = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid_1_5_20,
+ &info->dom.samr_pol_connect, ace_perms, &sid_1_5_20,
&info->dom.samr_pol_open_builtindom) : False;
info->dom.sam = NULL;
@@ -1358,7 +1445,7 @@ void cmd_sam_query_user(struct client_info *info)
DOM_SID sid1;
int user_idx = 0; /* FIXME maybe ... */
BOOL res = True;
- uint32 flags = 0x304; /* absolutely no idea. */
+ uint32 ace_perms = 0x304; /* absolutely no idea. */
fstring rid_str ;
fstring info_str;
uint32 user_rid = 0;
@@ -1403,7 +1490,7 @@ void cmd_sam_query_user(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
fprintf(out_hnd, "User RID: %8x User Name: %s\n",
@@ -1456,7 +1543,7 @@ void cmd_sam_query_dominfo(struct client_info *info)
BOOL res = True;
fstring info_str;
uint32 switch_value = 2;
- uint32 flags = 0x304; /* absolutely no idea. */
+ uint32 ace_perms = 0x304; /* absolutely no idea. */
sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
@@ -1492,7 +1579,7 @@ void cmd_sam_query_dominfo(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
/* send a samr 0x8 command */
@@ -1531,7 +1618,7 @@ void cmd_sam_enum_aliases(struct client_info *info)
DOM_SID sid1;
BOOL res = True;
BOOL request_member_info = False;
- uint32 flags = 0x200003f3; /* access control permissions */
+ uint32 ace_perms = 0x200003f3; /* access control permissions */
fstring tmp;
uint32 alias_idx;
@@ -1572,7 +1659,7 @@ void cmd_sam_enum_aliases(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
info->dom.sam = NULL;
@@ -1740,7 +1827,7 @@ void cmd_sam_enum_groups(struct client_info *info)
DOM_SID sid1;
BOOL res = True;
BOOL request_member_info = False;
- uint32 flags = 0x200003f3; /* access control permissions. */
+ uint32 ace_perms = 0x200003f3; /* access control permissions. */
fstring tmp;
uint32 group_idx;
@@ -1779,7 +1866,7 @@ void cmd_sam_enum_groups(struct client_info *info)
/* connect to the domain */
res = res ? samr_open_domain(smb_cli, fnum,
- &info->dom.samr_pol_connect, flags, &sid1,
+ &info->dom.samr_pol_connect, ace_perms, &sid1,
&info->dom.samr_pol_open_domain) : False;
info->dom.sam = NULL;
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index fb520004da..a0e3fe90a3 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -132,6 +132,7 @@ struct
{"addaliasmem",cmd_sam_add_aliasmem,"<alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member"},
{"creategroup",cmd_sam_create_dom_group,"SAM Create Domain Group"},
{"createalias",cmd_sam_create_dom_alias,"SAM Create Domain Alias"},
+ {"createuser", cmd_sam_create_dom_user,"<username> SAM Create Domain User"},
{"delgroup", cmd_sam_delete_dom_group,"SAM Delete Domain Group"},
{"delalias", cmd_sam_delete_dom_alias,"SAM Delete Domain Alias"},
{"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"},