summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libsmb/cli_samr.c150
-rw-r--r--source3/rpcclient/cmd_samr.c88
2 files changed, 238 insertions, 0 deletions
diff --git a/source3/libsmb/cli_samr.c b/source3/libsmb/cli_samr.c
index a33474d1c1..11b8543cce 100644
--- a/source3/libsmb/cli_samr.c
+++ b/source3/libsmb/cli_samr.c
@@ -860,3 +860,153 @@ uint32 cli_samr_lookup_rids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
return result;
}
+
+/* Create a domain user */
+
+uint32 cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *domain_pol, char *acct_name,
+ uint32 acb_info, uint32 unknown,
+ POLICY_HND *user_pol, uint32 *rid)
+{
+ prs_struct qbuf, rbuf;
+ SAMR_Q_CREATE_USER q;
+ SAMR_R_CREATE_USER r;
+ uint32 result = NT_STATUS_UNSUCCESSFUL;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown);
+
+ if (!samr_io_q_create_user("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_CREATE_USER, &qbuf, &rbuf)) {
+ goto done;
+ }
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_create_user("", &r, &rbuf, 0)) {
+ goto done;
+ }
+
+ /* Return output parameters */
+
+ if ((result = r.status) != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ if (user_pol)
+ *user_pol = r.user_pol;
+
+ if (rid)
+ *rid = r.user_rid;
+
+ done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
+ return result;
+}
+
+/* Set userinfo */
+
+uint32 cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *user_pol, uint16 switch_value,
+ uchar sess_key[16], SAM_USERINFO_CTR *ctr)
+{
+ prs_struct qbuf, rbuf;
+ SAMR_Q_SET_USERINFO q;
+ SAMR_R_SET_USERINFO r;
+ uint32 result = NT_STATUS_UNSUCCESSFUL;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ q.ctr = ctr;
+
+ init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value, ctr);
+
+ if (!samr_io_q_set_userinfo("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_SET_USERINFO, &qbuf, &rbuf)) {
+ goto done;
+ }
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_set_userinfo("", &r, &rbuf, 0)) {
+ goto done;
+ }
+
+ /* Return output parameters */
+
+ if ((result = r.status) != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
+ return result;
+}
+
+/* Set userinfo2 */
+
+uint32 cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ POLICY_HND *user_pol, uint16 switch_value,
+ uchar sess_key[16], SAM_USERINFO_CTR *ctr)
+{
+ prs_struct qbuf, rbuf;
+ SAMR_Q_SET_USERINFO2 q;
+ SAMR_R_SET_USERINFO2 r;
+ uint32 result = NT_STATUS_UNSUCCESSFUL;
+
+ ZERO_STRUCT(q);
+ ZERO_STRUCT(r);
+
+ /* Initialise parse structures */
+
+ prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL);
+ prs_init(&rbuf, 0, mem_ctx, UNMARSHALL);
+
+ /* Marshall data and send request */
+
+ init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr);
+
+ if (!samr_io_q_set_userinfo2("", &q, &qbuf, 0) ||
+ !rpc_api_pipe_req(cli, SAMR_SET_USERINFO2, &qbuf, &rbuf)) {
+ goto done;
+ }
+
+ /* Unmarshall response */
+
+ if (!samr_io_r_set_userinfo2("", &r, &rbuf, 0)) {
+ goto done;
+ }
+
+ /* Return output parameters */
+
+ if ((result = r.status) != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ done:
+ prs_mem_free(&qbuf);
+ prs_mem_free(&rbuf);
+
+ return result;
+}
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index d6d1ff9edb..e2a637515a 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -884,6 +884,93 @@ static uint32 cmd_samr_query_dominfo(struct cli_state *cli, int argc,
return result;
}
+/* Create domain user */
+
+static uint32 cmd_samr_create_dom_user(struct cli_state *cli, int argc,
+ char **argv)
+{
+ POLICY_HND connect_pol, domain_pol, user_pol;
+ uint32 result = NT_STATUS_UNSUCCESSFUL;
+ BOOL got_connect_pol = False, got_domain_pol = False,
+ got_user_pol = False;
+ TALLOC_CTX *mem_ctx;
+ fstring server;
+ char *acct_name;
+ uint16 acb_info;
+ uint32 unknown, user_rid;
+
+ if (argc != 2) {
+ printf("Usage: %s username\n", argv[0]);
+ return 0;
+ }
+
+ acct_name = argv[1];
+
+ if (!(mem_ctx = talloc_init())) {
+ DEBUG(0, ("cmd_samr_query_dispinfo: talloc_init returned "
+ "NULL!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ fetch_domain_sid(cli);
+
+ /* Initialise RPC connection */
+
+ if (!cli_nt_session_open (cli, PIPE_SAMR)) {
+ fprintf (stderr, "Could not initialize samr pipe!\n");
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
+ strupper(server);
+
+ /* Get sam policy handle */
+
+ if ((result = cli_samr_connect(cli, mem_ctx, server,
+ MAXIMUM_ALLOWED_ACCESS,
+ &connect_pol))
+ != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ got_connect_pol = True;
+
+ /* Get domain policy handle */
+
+ if ((result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid, &domain_pol))
+ != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ got_domain_pol = True;
+
+ /* Create domain user */
+
+ acb_info = ACB_NORMAL;
+ unknown = 0xe005000b; /* No idea what this is - a permission mask? */
+
+ if ((result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
+ acct_name, acb_info, unknown,
+ &user_pol, &user_rid))
+ != NT_STATUS_NOPROBLEMO) {
+ goto done;
+ }
+
+ got_user_pol = True;
+
+ done:
+ if (got_user_pol) cli_samr_close(cli, mem_ctx, &user_pol);
+ if (got_domain_pol) cli_samr_close(cli, mem_ctx, &domain_pol);
+ if (got_connect_pol) cli_samr_close(cli, mem_ctx, &connect_pol);
+
+ cli_nt_session_close(cli);
+ talloc_destroy(mem_ctx);
+
+ return result;
+}
+
/* List of commands exported by this module */
struct cmd_set samr_commands[] = {
@@ -898,5 +985,6 @@ struct cmd_set samr_commands[] = {
{ "querydominfo", cmd_samr_query_dominfo, "Query domain info" },
{ "enumdomgroups", cmd_samr_enum_dom_groups, "Enumerate domain groups" },
+ { "createdomuser", cmd_samr_create_dom_user, "Create domain user" },
{ NULL, NULL, NULL }
};