diff options
-rw-r--r-- | source3/include/proto.h | 18 | ||||
-rw-r--r-- | source3/include/rpc_samr.h | 31 | ||||
-rw-r--r-- | source3/rpc_client/cli_samr.c | 100 | ||||
-rw-r--r-- | source3/rpc_parse/parse_samr.c | 69 | ||||
-rw-r--r-- | source3/rpcclient/cmd_samr.c | 141 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 1 |
6 files changed, 326 insertions, 34 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index b604d55c51..1c704c5d5d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1695,6 +1695,10 @@ BOOL do_reg_shutdown(struct cli_state *cli, uint16 fnum, /*The following definitions come from rpc_client/cli_samr.c */ +BOOL create_samr_domain_user(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_open_domain, + const char *acct_name, uint16 acb_info, + uint32 *rid); BOOL create_samr_domain_alias(struct cli_state *cli, uint16 fnum, POLICY_HND *pol_open_domain, const char *acct_name, const char *acct_desc, @@ -1763,6 +1767,10 @@ BOOL samr_add_aliasmem(struct cli_state *cli, uint16 fnum, POLICY_HND *alias_pol, DOM_SID *sid); BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum, POLICY_HND *alias_pol); +BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum, + POLICY_HND *domain_pol, const char *acct_name, + uint32 unk_0, uint32 unk_1, + POLICY_HND *user_pol, uint32 *rid); BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum, POLICY_HND *domain_pol, const char *acct_name, POLICY_HND *alias_pol, uint32 *rid); @@ -1783,7 +1791,8 @@ BOOL samr_create_dom_group(struct cli_state *cli, uint16 fnum, BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum, POLICY_HND *group_pol, GROUP_INFO_CTR *ctr); BOOL samr_open_domain(struct cli_state *cli, uint16 fnum, - POLICY_HND *connect_pol, uint32 flags, DOM_SID *sid, + POLICY_HND *connect_pol, uint32 ace_perms, + DOM_SID *sid, POLICY_HND *domain_pol); BOOL samr_query_lookup_domain(struct cli_state *cli, uint16 fnum, POLICY_HND *pol, const char *dom_name, @@ -2442,6 +2451,12 @@ void make_samr_q_open_user(SAMR_Q_OPEN_USER *q_u, uint32 unk_0, uint32 rid); void samr_io_q_open_user(char *desc, SAMR_Q_OPEN_USER *q_u, prs_struct *ps, int depth); void samr_io_r_open_user(char *desc, SAMR_R_OPEN_USER *r_u, prs_struct *ps, int depth); +void make_samr_q_create_user(SAMR_Q_CREATE_USER *q_u, + POLICY_HND *pol, + const char *name, + uint16 acb_info, uint32 unk_1); +void samr_io_q_create_user(char *desc, SAMR_Q_CREATE_USER *q_u, prs_struct *ps, int depth); +void samr_io_r_create_user(char *desc, SAMR_R_CREATE_USER *r_u, prs_struct *ps, int depth); void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u, POLICY_HND *hnd, uint16 switch_value); void samr_io_q_query_userinfo(char *desc, SAMR_Q_QUERY_USERINFO *q_u, prs_struct *ps, int depth); @@ -2793,6 +2808,7 @@ void cmd_sam_lookup_domain(struct client_info *info); void cmd_sam_del_aliasmem(struct client_info *info); void cmd_sam_delete_dom_alias(struct client_info *info); void cmd_sam_add_aliasmem(struct client_info *info); +void cmd_sam_create_dom_user(struct client_info *info); void cmd_sam_create_dom_alias(struct client_info *info); void cmd_sam_del_groupmem(struct client_info *info); void cmd_sam_delete_dom_group(struct client_info *info); diff --git a/source3/include/rpc_samr.h b/source3/include/rpc_samr.h index ea6a1f7919..54df484444 100644 --- a/source3/include/rpc_samr.h +++ b/source3/include/rpc_samr.h @@ -40,7 +40,7 @@ x SamrCloseHandle x SamrConnect x SamrCreateAliasInDomain x SamrCreateGroupInDomain -SamrCreateUserInDomain +x SamrCreateUserInDomain ? SamrDeleteAlias SamrDeleteGroup SamrDeleteUser @@ -113,6 +113,7 @@ SamrTestPrivateFunctionsUser #define SAMR_QUERY_ALIASMEM 0x21 #define SAMR_OPEN_USER 0x22 +#define SAMR_CREATE_USER 0x32 #define SAMR_QUERY_USERINFO 0x24 #define SAMR_QUERY_USERGROUPS 0x27 @@ -1202,11 +1203,37 @@ typedef struct r_samr_open_user_info } SAMR_R_OPEN_USER; +/* SAMR_Q_CREATE_USER - probably a create */ +typedef struct q_samr_create_user_info +{ + POLICY_HND domain_pol; /* policy handle */ + + UNIHDR hdr_name; /* unicode account name header */ + UNISTR2 uni_name; /* unicode account name */ + + uint16 acb_info; /* account control info */ + uint32 unknown_1; /* 0xe005 00b0 */ + +} SAMR_Q_CREATE_USER; + + +/* SAMR_R_CREATE_USER - probably a create */ +typedef struct r_samr_create_user_info +{ + POLICY_HND user_pol; /* policy handle associated with user */ + + uint32 unknown_0; /* 0x0007 03ff */ + uint32 user_rid; /* user RID */ + uint32 status; /* return status */ + +} SAMR_R_CREATE_USER; + + /* SAMR_Q_UNKNOWN_32 - probably a "create SAM entry" */ typedef struct q_samr_unknown_32_info { - POLICY_HND pol; /* policy handle */ + POLICY_HND pol; /* policy handle */ UNIHDR hdr_mach_acct; /* unicode machine account name header */ UNISTR2 uni_mach_acct; /* unicode machine account name */ diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index d95bd99eac..f822937cef 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -34,6 +34,34 @@ extern int DEBUGLEVEL; /**************************************************************************** +do a SAMR create domain user +****************************************************************************/ +BOOL create_samr_domain_user(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_open_domain, + const char *acct_name, uint16 acb_info, + uint32 *rid) +{ + POLICY_HND pol_open_user; + BOOL ret = True; + + if (pol_open_domain == NULL || acct_name == NULL) return False; + + /* send create user */ + if (!samr_create_dom_user(cli, fnum, + pol_open_domain, + acct_name, acb_info, 0xe005000b, + &pol_open_user, rid)) + { + return False; + } + + DEBUG(5,("create_samr_domain_user: name: %s rid 0x%x\n", + acct_name, *rid)); + + return samr_close(cli, fnum, &pol_open_user) && ret; +} + +/**************************************************************************** do a SAMR create domain alias ****************************************************************************/ BOOL create_samr_domain_alias(struct cli_state *cli, uint16 fnum, @@ -1118,6 +1146,65 @@ BOOL samr_delete_dom_alias(struct cli_state *cli, uint16 fnum, } /**************************************************************************** +do a SAMR Create Domain User +****************************************************************************/ +BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum, + POLICY_HND *domain_pol, const char *acct_name, + uint32 unk_0, uint32 unk_1, + POLICY_HND *user_pol, uint32 *rid) +{ + prs_struct data; + prs_struct rdata; + + SAMR_Q_CREATE_USER q_o; + BOOL valid_pol = False; + + if (user_pol == NULL || domain_pol == NULL || acct_name == NULL || rid == NULL) return False; + + /* create and send a MSRPC command with api SAMR_CREATE_USER */ + + prs_init(&data , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True ); + + DEBUG(4,("SAMR Create Domain User. Name:%s\n", acct_name)); + + /* store the parameters */ + make_samr_q_create_user(&q_o, domain_pol, acct_name, unk_0, unk_1); + + /* turn parameters into data stream */ + samr_io_q_create_user("", &q_o, &data, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, fnum, SAMR_CREATE_USER, &data, &rdata)) + { + SAMR_R_CREATE_USER r_o; + BOOL p; + + samr_io_r_create_user("", &r_o, &rdata, 0); + p = rdata.offset != 0; + + if (p && r_o.status != 0) + { + /* report error code */ + DEBUG(0,("SAMR_R_CREATE_USER: %s\n", get_nt_error_msg(r_o.status))); + p = False; + } + + if (p) + { + memcpy(user_pol, &r_o.user_pol, sizeof(r_o.user_pol)); + *rid = r_o.user_rid; + valid_pol = True; + } + } + + prs_mem_free(&data ); + prs_mem_free(&rdata ); + + return valid_pol; +} + +/**************************************************************************** do a SAMR Create Domain Alias ****************************************************************************/ BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum, @@ -1569,7 +1656,8 @@ BOOL samr_set_groupinfo(struct cli_state *cli, uint16 fnum, do a SAMR Open Domain ****************************************************************************/ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum, - POLICY_HND *connect_pol, uint32 flags, DOM_SID *sid, + POLICY_HND *connect_pol, uint32 ace_perms, + DOM_SID *sid, POLICY_HND *domain_pol) { pstring sid_str; @@ -1579,8 +1667,12 @@ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum, SAMR_Q_OPEN_DOMAIN q_o; BOOL valid_pol = False; - sid_to_string(sid_str, sid); - DEBUG(4,("SAMR Open Domain. SID:%s Flags:%x\n", sid_str, flags)); + if (DEBUGLVL(4)) + { + sid_to_string(sid_str, sid); + DEBUG(4,("SAMR Open Domain. SID:%s Permissions:%x\n", + sid_str, ace_perms)); + } if (connect_pol == NULL || sid == NULL || domain_pol == NULL) return False; @@ -1590,7 +1682,7 @@ BOOL samr_open_domain(struct cli_state *cli, uint16 fnum, prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True ); /* store the parameters */ - make_samr_q_open_domain(&q_o, connect_pol, flags, sid); + make_samr_q_open_domain(&q_o, connect_pol, ace_perms, sid); /* turn parameters into data stream */ samr_io_q_open_domain("", &q_o, &data, 0); diff --git a/source3/rpc_parse/parse_samr.c b/source3/rpc_parse/parse_samr.c index 9e5c3b3495..4eaafea0fb 100644 --- a/source3/rpc_parse/parse_samr.c +++ b/source3/rpc_parse/parse_samr.c @@ -3774,6 +3774,75 @@ void samr_io_r_open_user(char *desc, SAMR_R_OPEN_USER *r_u, prs_struct *ps, int } /******************************************************************* +reads or writes a structure. +********************************************************************/ +void make_samr_q_create_user(SAMR_Q_CREATE_USER *q_u, + POLICY_HND *pol, + const char *name, + uint16 acb_info, uint32 unk_1) +{ + int len_name; + if (q_u == NULL) return; + len_name = strlen(name); + + DEBUG(5,("samr_make_samr_q_create_user\n")); + + memcpy(&q_u->domain_pol, pol, sizeof(q_u->domain_pol)); + + make_uni_hdr(&(q_u->hdr_name), len_name, len_name, 1); + make_unistr2(&(q_u->uni_name), name, len_name); + + q_u->acb_info = acb_info; + q_u->unknown_1 = unk_1; +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void samr_io_q_create_user(char *desc, SAMR_Q_CREATE_USER *q_u, prs_struct *ps, int depth) +{ + if (q_u == NULL) return; + + prs_debug(ps, depth, desc, "samr_io_q_create_user"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("domain_pol", &(q_u->domain_pol), ps, depth); + prs_align(ps); + + smb_io_unihdr ("unihdr", &(q_u->hdr_name), ps, depth); + smb_io_unistr2("unistr2", &(q_u->uni_name), q_u->hdr_name.buffer, ps, depth); + prs_align(ps); + + prs_uint16("acb_info", ps, depth, &(q_u->acb_info)); + prs_align(ps); + prs_uint32("unknown_1", ps, depth, &(q_u->unknown_1)); + + prs_align(ps); +} + +/******************************************************************* +reads or writes a structure. +********************************************************************/ +void samr_io_r_create_user(char *desc, SAMR_R_CREATE_USER *r_u, prs_struct *ps, int depth) +{ + if (r_u == NULL) return; + + prs_debug(ps, depth, desc, "samr_io_r_create_user"); + depth++; + + prs_align(ps); + + smb_io_pol_hnd("user_pol", &(r_u->user_pol), ps, depth); + prs_align(ps); + + prs_uint32("unknown_0", ps, depth, &(r_u->unknown_0)); + prs_uint32("user_rid ", ps, depth, &(r_u->user_rid )); + prs_uint32("status", ps, depth, &(r_u->status)); +} + +/******************************************************************* makes a SAMR_Q_QUERY_USERINFO structure. ********************************************************************/ void make_samr_q_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u, diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index ed66962a82..0a482e0256 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -244,7 +244,7 @@ void cmd_sam_del_aliasmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ DOM_SID member_sid; uint32 alias_rid; @@ -281,7 +281,7 @@ void cmd_sam_del_aliasmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -335,7 +335,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 alias_rid = 0; const char *names[1]; uint32 rid [MAX_LOOKUP_SIDS]; @@ -374,7 +374,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; names[0] = name; @@ -433,7 +433,7 @@ void cmd_sam_add_aliasmem(struct client_info *info) BOOL res2 = True; BOOL res3 = True; BOOL res4 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 alias_rid; const char **names = NULL; int num_names = 0; @@ -525,7 +525,7 @@ void cmd_sam_add_aliasmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -583,6 +583,93 @@ void cmd_sam_add_aliasmem(struct client_info *info) /**************************************************************************** +SAM create domain user. +****************************************************************************/ +void cmd_sam_create_dom_user(struct client_info *info) +{ + uint16 fnum; + fstring srv_name; + fstring domain; + fstring acct_name; + fstring acct_desc; + fstring sid; + DOM_SID sid1; + BOOL res = True; + BOOL res1 = True; + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ + uint32 user_rid; + + sid_copy(&sid1, &info->dom.level5_sid); + sid_to_string(sid, &sid1); + fstrcpy(domain, info->dom.level5_dom); + + if (sid1.num_auths == 0) + { + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + return; + } + + + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->dest_host); + strupper(srv_name); + + if (!next_token(NULL, acct_name, NULL, sizeof(acct_name))) + { + fprintf(out_hnd, "createuser: <acct name> [acct description]\n"); + } + + if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc))) + { + acct_desc[0] = 0; + } + + + fprintf(out_hnd, "SAM Create Domain User\n"); + fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n", + domain, acct_name, acct_desc); + + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False; + + /* establish a connection. */ + res = res ? samr_connect(smb_cli, fnum, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; + + /* connect to the domain */ + res = res ? samr_open_domain(smb_cli, fnum, + &info->dom.samr_pol_connect, ace_perms, &sid1, + &info->dom.samr_pol_open_domain) : False; + + /* create a domain user */ + res1 = res ? create_samr_domain_user(smb_cli, fnum, + &info->dom.samr_pol_open_domain, + acct_name, ACB_NORMAL, &user_rid) : False; + + res = res ? samr_close(smb_cli, fnum, + &info->dom.samr_pol_open_domain) : False; + + res = res ? samr_close(smb_cli, fnum, + &info->dom.samr_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli, fnum); + + if (res && res1) + { + DEBUG(5,("cmd_sam_create_dom_user: succeeded\n")); + fprintf(out_hnd, "Create Domain User: OK\n"); + } + else + { + DEBUG(5,("cmd_sam_create_dom_user: failed\n")); + fprintf(out_hnd, "Create Domain User: FAILED\n"); + } +} + + +/**************************************************************************** SAM create domain alias. ****************************************************************************/ void cmd_sam_create_dom_alias(struct client_info *info) @@ -596,7 +683,7 @@ void cmd_sam_create_dom_alias(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL res1 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x00000211; /* permissions */ uint32 alias_rid; sid_copy(&sid1, &info->dom.level5_sid); @@ -639,7 +726,7 @@ void cmd_sam_create_dom_alias(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* create a domain alias */ @@ -684,7 +771,7 @@ void cmd_sam_del_groupmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 member_rid; uint32 group_rid; @@ -721,7 +808,7 @@ void cmd_sam_del_groupmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -776,7 +863,7 @@ void cmd_sam_delete_dom_group(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 group_rid = 0; const char *names[1]; uint32 rid [MAX_LOOKUP_SIDS]; @@ -815,7 +902,7 @@ void cmd_sam_delete_dom_group(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; names[0] = name; @@ -872,7 +959,7 @@ void cmd_sam_add_groupmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 group_rid = 0; const char **names = NULL; uint32 num_names = 0; @@ -925,7 +1012,7 @@ void cmd_sam_add_groupmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; res1 = res ? samr_query_lookup_names(smb_cli, fnum, @@ -999,7 +1086,7 @@ void cmd_sam_create_dom_group(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL res1 = True; - uint32 flags = 0x220; /* absolutely no idea. */ + uint32 ace_perms = 0x220; /* absolutely no idea. */ uint32 group_rid; sid_copy(&sid1, &info->dom.level5_sid); @@ -1042,7 +1129,7 @@ void cmd_sam_create_dom_group(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* read some users */ @@ -1192,7 +1279,7 @@ void cmd_sam_enum_users(struct client_info *info) uint16 unk_0 = 0x0; uint16 acb_mask = 0; uint16 unk_1 = 0x0; - uint32 flags = 0x304; /* access control permissions */ + uint32 ace_perms = 0x304; /* access control permissions */ fstring tmp; int i; @@ -1269,12 +1356,12 @@ void cmd_sam_enum_users(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the S-1-5-20 domain */ res1 = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid_1_5_20, + &info->dom.samr_pol_connect, ace_perms, &sid_1_5_20, &info->dom.samr_pol_open_builtindom) : False; info->dom.sam = NULL; @@ -1358,7 +1445,7 @@ void cmd_sam_query_user(struct client_info *info) DOM_SID sid1; int user_idx = 0; /* FIXME maybe ... */ BOOL res = True; - uint32 flags = 0x304; /* absolutely no idea. */ + uint32 ace_perms = 0x304; /* absolutely no idea. */ fstring rid_str ; fstring info_str; uint32 user_rid = 0; @@ -1403,7 +1490,7 @@ void cmd_sam_query_user(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; fprintf(out_hnd, "User RID: %8x User Name: %s\n", @@ -1456,7 +1543,7 @@ void cmd_sam_query_dominfo(struct client_info *info) BOOL res = True; fstring info_str; uint32 switch_value = 2; - uint32 flags = 0x304; /* absolutely no idea. */ + uint32 ace_perms = 0x304; /* absolutely no idea. */ sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); @@ -1492,7 +1579,7 @@ void cmd_sam_query_dominfo(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* send a samr 0x8 command */ @@ -1531,7 +1618,7 @@ void cmd_sam_enum_aliases(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL request_member_info = False; - uint32 flags = 0x200003f3; /* access control permissions */ + uint32 ace_perms = 0x200003f3; /* access control permissions */ fstring tmp; uint32 alias_idx; @@ -1572,7 +1659,7 @@ void cmd_sam_enum_aliases(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; info->dom.sam = NULL; @@ -1740,7 +1827,7 @@ void cmd_sam_enum_groups(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL request_member_info = False; - uint32 flags = 0x200003f3; /* access control permissions. */ + uint32 ace_perms = 0x200003f3; /* access control permissions. */ fstring tmp; uint32 group_idx; @@ -1779,7 +1866,7 @@ void cmd_sam_enum_groups(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; info->dom.sam = NULL; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index fb520004da..a0e3fe90a3 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -132,6 +132,7 @@ struct {"addaliasmem",cmd_sam_add_aliasmem,"<alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member"}, {"creategroup",cmd_sam_create_dom_group,"SAM Create Domain Group"}, {"createalias",cmd_sam_create_dom_alias,"SAM Create Domain Alias"}, + {"createuser", cmd_sam_create_dom_user,"<username> SAM Create Domain User"}, {"delgroup", cmd_sam_delete_dom_group,"SAM Delete Domain Group"}, {"delalias", cmd_sam_delete_dom_alias,"SAM Delete Domain Alias"}, {"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"}, |