4 files changed, 182 insertions, 43 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 3380bc4e63..d9af7c5e4f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2158,7 +2158,7 @@ BOOL msrpc_lsa_query_secret(const char* srv_name,
 
 /*The following definitions come from  rpc_client/msrpc_samr.c  */
 
-BOOL req_user_info( POLICY_HND *pol_dom,
+BOOL req_user_info( const POLICY_HND *pol_dom,
 				const char *domain,
 				const DOM_SID *sid,
 				uint32 user_rid,
@@ -2174,6 +2174,24 @@ uint32 sam_query_usergroups(
 				char    ***name,
 				uint32  **type,
 				USER_MEM_FN(usr_mem));
+void msrpc_sam_user( const POLICY_HND *pol_dom, const POLICY_HND *pol_blt,
+			const char* domain,
+			const DOM_SID *sid1,
+			const DOM_SID *blt_sid1,
+			uint32 user_rid,
+			char  *user_name,
+			USER_FN(usr_fn),
+			USER_INFO_FN(usr_inf_fn),
+			USER_MEM_FN(usr_grp_fn),
+			USER_MEM_FN(usr_als_fn));
+BOOL msrpc_sam_query_user( const char* srv_name,
+			const char* domain,
+			const DOM_SID *sid,
+			char  *user_name,
+			USER_FN(usr_fn),
+			USER_INFO_FN(usr_inf_fn),
+			USER_MEM_FN(usr_grp_fn),
+			USER_MEM_FN(usr_als_fn));
 int msrpc_sam_enum_users( const char* srv_name,
 			const char* domain,
 			const DOM_SID *sid1,
@@ -2279,7 +2297,7 @@ BOOL set_samr_set_userinfo(
 				uint32 info_level,
 				uint32 user_rid, void *usr);
 BOOL get_samr_query_userinfo( 
-				POLICY_HND *pol_open_domain,
+				const POLICY_HND *pol_open_domain,
 				uint32 info_level,
 				uint32 user_rid, void *usr);
 BOOL get_samr_query_groupinfo( 
@@ -3823,6 +3841,7 @@ void display_job_info_ctr(FILE *out_hnd, enum action_type action,
 
 /*The following definitions come from  rpcclient/rpcclient.c  */
 
+void readline_init(void);
 
 /*The following definitions come from  smbd/blocking.c  */
 
diff --git a/source3/rpc_client/msrpc_samr.c b/source3/rpc_client/msrpc_samr.c
index d72e57308c..a2806463b5 100644
--- a/source3/rpc_client/msrpc_samr.c
+++ b/source3/rpc_client/msrpc_samr.c
@@ -33,7 +33,7 @@ extern int DEBUGLEVEL;
 
 #define DEBUG_TESTING
 
-BOOL req_user_info( POLICY_HND *pol_dom,
+BOOL req_user_info( const POLICY_HND *pol_dom,
 				const char *domain,
 				const DOM_SID *sid,
 				uint32 user_rid,
@@ -152,6 +152,11 @@ static void req_alias_info(
 	uint32 *ptr_sid;
 	DOM_SID2 *als_sid;
 
+	if (pol_dom == NULL)
+	{
+		return;
+	}
+
 	ptr_sid = (uint32*)  malloc(sizeof(ptr_sid[0]) * 1);
 	als_sid = (DOM_SID2*)malloc(sizeof(als_sid[0]) * 1);
 
@@ -216,6 +221,110 @@ static void req_alias_info(
 }
 
 /****************************************************************************
+experimental SAM user display info.
+****************************************************************************/
+void msrpc_sam_user( const POLICY_HND *pol_dom, const POLICY_HND *pol_blt,
+			const char* domain,
+			const DOM_SID *sid1,
+			const DOM_SID *blt_sid1,
+			uint32 user_rid,
+			char  *user_name,
+			USER_FN(usr_fn),
+			USER_INFO_FN(usr_inf_fn),
+			USER_MEM_FN(usr_grp_fn),
+			USER_MEM_FN(usr_als_fn))
+{
+	if (usr_fn != NULL)
+	{
+		usr_fn(domain, sid1, user_rid, user_name);
+	}
+
+	if (usr_inf_fn != NULL)
+	{
+		req_user_info(pol_dom,
+				  domain, sid1,
+				  user_rid, 
+				  usr_inf_fn);
+	}
+
+	if (usr_grp_fn != NULL)
+	{
+		req_group_info(pol_dom,
+				  domain, sid1,
+				  user_rid, user_name,
+				  usr_grp_fn);
+	}
+
+	if (usr_als_fn != NULL)
+	{
+		req_alias_info(pol_dom,
+				  domain, sid1,
+				  user_rid, user_name,
+				  usr_als_fn);
+		req_alias_info(pol_blt,
+				  domain, blt_sid1,
+				  user_rid, user_name,
+				  usr_als_fn);
+	}
+}
+
+/****************************************************************************
+experimental SAM user query.
+****************************************************************************/
+BOOL msrpc_sam_query_user( const char* srv_name,
+			const char* domain,
+			const DOM_SID *sid,
+			char  *user_name,
+			USER_FN(usr_fn),
+			USER_INFO_FN(usr_inf_fn),
+			USER_MEM_FN(usr_grp_fn),
+			USER_MEM_FN(usr_als_fn))
+{
+	BOOL res = True;
+	BOOL res1 = True;
+
+	char *names[1];
+	uint32 num_rids;
+	uint32 rid[MAX_LOOKUP_SIDS];
+	uint32 type[MAX_LOOKUP_SIDS];
+	POLICY_HND sam_pol;
+	POLICY_HND pol_dom;
+
+	/* establish a connection. */
+	res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False;
+
+	/* connect to the domain */
+	res = res ? samr_open_domain( &sam_pol, 0x304, sid, &pol_dom) : False;
+
+	/* look up user rid */
+	names[0] = user_name;
+	res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
+					1, names,
+					&num_rids, rid, type) : False;
+
+	/* send user info query */
+	if (res1 && num_rids == 1)
+	{
+		msrpc_sam_user( &pol_dom, NULL,
+				domain,
+				sid, NULL,
+				rid[0],
+				names[0],
+				usr_fn, usr_inf_fn,
+		                usr_grp_fn, usr_als_fn);
+	}
+	else
+	{
+		res1 = False;
+	}
+
+	res = res ? samr_close( &sam_pol) : False;
+	res = res ? samr_close( &pol_dom) : False;
+
+	return res1;
+}
+
+/****************************************************************************
 experimental SAM users enum.
 ****************************************************************************/
 int msrpc_sam_enum_users( const char* srv_name,
@@ -289,38 +398,12 @@ int msrpc_sam_enum_users( const char* srv_name,
 			uint32 user_rid  = (*sam)[user_idx].rid;
 			char  *user_name = (*sam)[user_idx].acct_name;
 
-			if (usr_fn != NULL)
-			{
-				usr_fn(domain, sid1, user_rid, user_name);
-			}
-
-			if (usr_inf_fn != NULL)
-			{
-				req_user_info(&pol_dom,
-				                  domain, sid1,
-				                  user_rid, 
-				                  usr_inf_fn);
-			}
-
-			if (usr_grp_fn != NULL)
-			{
-				req_group_info(&pol_dom,
-				                  domain, sid1,
-				                  user_rid, user_name,
-				                  usr_grp_fn);
-			}
-
-			if (usr_als_fn != NULL)
-			{
-				req_alias_info(&pol_dom,
-				                  domain, sid1,
-				                  user_rid, user_name,
-				                  usr_als_fn);
-				req_alias_info(&pol_blt,
-				                  domain, sid1,
-				                  user_rid, user_name,
-				                  usr_als_fn);
-			}
+			msrpc_sam_user( &pol_dom, &pol_blt,
+					domain,
+					sid1, &sid_1_5_20,
+					user_rid, user_name,
+					usr_fn, usr_inf_fn,
+					usr_grp_fn, usr_als_fn);
 		}
 	}
 
@@ -1250,7 +1333,7 @@ BOOL set_samr_set_userinfo(
 do a SAMR query user info
 ****************************************************************************/
 BOOL get_samr_query_userinfo( 
-				POLICY_HND *pol_open_domain,
+				const POLICY_HND *pol_open_domain,
 				uint32 info_level,
 				uint32 user_rid, void *usr)
 {
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index fbfde7c9a4..f436e1b22f 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1516,6 +1516,7 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[])
 	DOM_SID sid;
 	BOOL res = True;
 	BOOL res1 = True;
+	int opt;
 
 	char *user_name;
 	char *names[1];
@@ -1525,6 +1526,10 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[])
 	POLICY_HND sam_pol;
 	POLICY_HND pol_dom;
 
+	BOOL request_user_info  = False;
+	BOOL request_group_info = False;
+	BOOL request_alias_info = False;
+
 	fstrcpy(domain, info->dom.level5_dom);
 	sid_copy(&sid, &info->dom.level5_sid);
 
@@ -1536,12 +1541,37 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[])
 
 	if (argc < 2)
 	{
-		report(out_hnd, "samuser <name>\n");
+		report(out_hnd, "samuser <name> [-u] [-g] [-a]\n");
 		return;
 	}
 
 	user_name = argv[1];
 
+	argc--;
+	argv++;
+
+	while ((opt = getopt(argc, argv, "uga")) != EOF)
+	{
+		switch (opt)
+		{
+			case 'u':
+			{
+				request_user_info  = True;
+				break;
+			}
+			case 'g':
+			{
+				request_group_info = True;
+				break;
+			}
+			case 'a':
+			{
+				request_alias_info = True;
+				break;
+			}
+		}
+	}
+
 	fstrcpy(srv_name, "\\\\");
 	fstrcat(srv_name, info->dest_host);
 	strupper(srv_name);
@@ -1569,14 +1599,21 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[])
 	/* send user info query */
 	if (res1 && num_rids == 1)
 	{
-		res1 = req_user_info( &pol_dom,
+		msrpc_sam_user( &pol_dom, NULL,
 				domain,
-				&sid,
-				rid[0],
-				sam_display_user_info);
+				&sid, NULL,
+				rid[0], names[0],
+	            sam_display_user,
+	            request_user_info  ? sam_display_user_info     : NULL,
+	            request_group_info ? sam_display_group_members : NULL,
+	            request_alias_info ? sam_display_group_members : NULL);
+	}
+	else
+	{
+		res1 = False;
 	}
-	res = res ? samr_close( &sam_pol) : False;
 
+	res = res ? samr_close( &sam_pol) : False;
 	res = res ? samr_close( &pol_dom) : False;
 
 	if (res1)
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index f0f4a6de5c..189f8fa734 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -429,7 +429,7 @@ commands[] =
 	{
 		"samuser",
 		cmd_sam_query_user,
-		"<username> SAM User Query (experimental!)",
+		"<username> [-g] [-u] [-a] SAM User Query (experimental!)",
 		{COMPL_SAMUSR, COMPL_NONE}
 	},
 	{