diff options
Diffstat (limited to 'examples/libmsrpc/cacusermgr')
-rw-r--r-- | examples/libmsrpc/cacusermgr/Makefile | 22 | ||||
-rw-r--r-- | examples/libmsrpc/cacusermgr/cacusermgr.c | 344 | ||||
-rw-r--r-- | examples/libmsrpc/cacusermgr/cacusermgr.h | 65 | ||||
-rw-r--r-- | examples/libmsrpc/cacusermgr/mgr_group.c | 210 | ||||
-rw-r--r-- | examples/libmsrpc/cacusermgr/mgr_user.c | 416 | ||||
-rw-r--r-- | examples/libmsrpc/cacusermgr/util.c | 343 |
6 files changed, 1400 insertions, 0 deletions
diff --git a/examples/libmsrpc/cacusermgr/Makefile b/examples/libmsrpc/cacusermgr/Makefile new file mode 100644 index 0000000000..ab8bea410e --- /dev/null +++ b/examples/libmsrpc/cacusermgr/Makefile @@ -0,0 +1,22 @@ +CC=gcc +INCLUDES= -I`pwd` -I../../../source/ -I../../../source/include -I../../../source/ubiqx + +DEFS= -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE + +CFLAGS= -g -Wall -ansi $(INCLUDES) + +OBJ= util.o mgr_group.o mgr_user.o + +LDFLAGS=-L. -L../../bin/ +LIBS=../../../source/bin/libmsrpc.so + +all: cacusermgr + +cacusermgr: cacusermgr.o $(OBJ) + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $< $(OBJ) $(LIBS) + +.c.o: + $(CC) $(CFLAGS) -c $< -o $@ + +clean: + rm -f *.o cacusermgr diff --git a/examples/libmsrpc/cacusermgr/cacusermgr.c b/examples/libmsrpc/cacusermgr/cacusermgr.c new file mode 100644 index 0000000000..77dd2505f6 --- /dev/null +++ b/examples/libmsrpc/cacusermgr/cacusermgr.c @@ -0,0 +1,344 @@ +/* + * Unix SMB/CIFS implementation. + * cacusermgr main implementation. + * + * Copyright (C) Chris Nicholls 2005 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. */ + +#include "cacusermgr.h" + +#define DEFAULT_MENU_LINES 15 + + +void create_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd) { + struct SamCreateUser cu; + struct SamCreateGroup cg; + + fstring in; + fstring tmp; + + if(!hnd || !mem_ctx || !dom_hnd) { + printf("No Handle to SAM.\n"); + return; + } + + /*the menu*/ + in[0] = '\0'; + while(in[0] != 'c' && in[0] != 'C' && in[0] != 'q' && in[0] != 'Q') { + printf("\n"); + printf("[u] Create User\n"); + printf("[g] Create Group\n"); + printf("[m] Create Machine Account\n"); + printf("[c] Cancel\n\n"); + + printf("Command: "); + mgr_getline(in); + + printf("\n"); + + switch(in[0]) { + case 'u': /*create user*/ + case 'U': + ZERO_STRUCT(cu); + cu.in.dom_hnd = dom_hnd; + cu.in.acb_mask = ACB_NORMAL; + + printf("Enter name: "); + mgr_getline(tmp); + cu.in.name = talloc_strdup(mem_ctx, tmp); + + if(!cac_SamCreateUser(hnd, mem_ctx, &cu)) { + printerr("Could not create user.", hnd->status); + } + else { + user_menu(hnd, mem_ctx, dom_hnd, cu.out.user_hnd); + } + + /*this will break the loop and send us back to the main menu*/ + in[0] = 'c'; + break; + + case 'g': /*create group*/ + case 'G': + ZERO_STRUCT(cg); + cg.in.dom_hnd = dom_hnd; + cg.in.access = MAXIMUM_ALLOWED_ACCESS; + + printf("Enter name: "); + mgr_getline(tmp); + cg.in.name = talloc_strdup(mem_ctx, tmp); + + if(!cac_SamCreateGroup(hnd, mem_ctx, &cg)) { + printerr("Could not create group.", hnd->status); + } + else { + group_menu(hnd, mem_ctx, dom_hnd, cg.out.group_hnd); + } + + /*this will break the loop and send us back to the main menu*/ + in[0] = 'c'; + break; + + case 'm': /*create machine account*/ + case 'M': + ZERO_STRUCT(cu); + cu.in.dom_hnd = dom_hnd; + cu.in.acb_mask = ACB_WSTRUST; + + printf("Enter machine name: "); + mgr_getline(tmp); + + /*make sure we have a $ on the end*/ + if(tmp[strlen(tmp) - 1] != '$') + cu.in.name = talloc_asprintf(mem_ctx, "%s$", tmp); + else + cu.in.name = talloc_strdup(mem_ctx, tmp); + + strlower_m(cu.in.name); + + printf("Creating account: %s\n", cu.in.name); + + if(!cac_SamCreateUser(hnd, mem_ctx, &cu)) { + printerr("Could not create account.", hnd->status); + } + else { + user_menu(hnd, mem_ctx, dom_hnd, cu.out.user_hnd); + } + + /*this will break the loop and send us back to the main menu*/ + in[0] = 'c'; + break; + + case 'c': /*cancel*/ + case 'C': + case 'q': + case 'Q': + /*do nothing*/ + break; + + default: + printf("Invalid option\n"); + } + } + + return; +} + +void main_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd) { + fstring in; + + uint32 rid_type = 0; + + struct SamOpenUser openu; + struct SamOpenGroup openg; + struct SamEnumUsers enumu; + struct SamEnumGroups enumg; + struct SamFlush flush; + + char *name = NULL; + uint32 rid = 0; + + if(!hnd || !mem_ctx || !dom_hnd) { + printf("No handle to SAM.\n"); + return; + } + + /*initialize this here and don't worry about it later*/ + ZERO_STRUCT(flush); + flush.in.dom_hnd = dom_hnd; + + in[0] = '\0'; + + /*handle the menu and commands*/ + while(in[0] != 'q' && in[0] != 'Q') { + printf("\n"); + + printf("[o] Open User or Group\n"); + printf("[c] Create Account or Group\n"); + printf("[u] List Users\n"); + printf("[g] List Groups\n"); + printf("[m] List Machine Accounts\n"); + printf("[q] Quit\n\n"); + + printf("Command: "); + + mgr_getline(in); + + printf("\n"); + + switch(in[0]) { + case 'o': /*open user or group*/ + case 'O': + printf("Enter RID or Name: "); + rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &rid, &name); + + if(rid_type == CAC_USER_RID) { + ZERO_STRUCT(openu); + openu.in.dom_hnd = dom_hnd; + openu.in.rid = rid; + openu.in.access = MAXIMUM_ALLOWED_ACCESS; + + if(!cac_SamOpenUser(hnd, mem_ctx, &openu)) + printerr("Could not open user.", hnd->status); + else { + user_menu(hnd, mem_ctx, dom_hnd, openu.out.user_hnd); + + if(!cac_SamFlush(hnd, mem_ctx, &flush)) { + printerr("Lost handle while flushing SAM.", hnd->status); + /*we want to quit*/ + in[0] = 'q'; + } + } + } + else if(rid_type == CAC_GROUP_RID) { + ZERO_STRUCT(openg); + openg.in.dom_hnd = dom_hnd; + openg.in.rid = rid; + openg.in.access = MAXIMUM_ALLOWED_ACCESS; + + if(!cac_SamOpenGroup(hnd, mem_ctx, &openg)) + printerr("Could not open group.", hnd->status); + else { + group_menu(hnd, mem_ctx, dom_hnd, openg.out.group_hnd); + + if(!cac_SamFlush(hnd, mem_ctx, &flush)) { + printerr("Lost handle while flushing SAM.", hnd->status); + /*we want to quit*/ + in[0] = 'q'; + } + } + } + else { + printf("Unknown RID/Name.\n"); + } + + break; + + case 'c': /*create account/group*/ + case 'C': + create_menu(hnd, mem_ctx, dom_hnd); + if(!cac_SamFlush(hnd, mem_ctx, &flush)) { + printerr("Lost handle while flushing SAM.", hnd->status); + /*we want to quit*/ + in[0] = 'q'; + } + break; + + case 'u': /*list users*/ + case 'U': + ZERO_STRUCT(enumu); + enumu.in.dom_hnd = dom_hnd; + enumu.in.acb_mask = ACB_NORMAL; + + printf("Users:\n"); + while(cac_SamEnumUsers(hnd, mem_ctx, &enumu)) { + print_rid_list(enumu.out.rids, enumu.out.names, enumu.out.num_users); + } + if(CAC_OP_FAILED(hnd->status)) + printerr("Error occured while enumerating users.", hnd->status); + break; + + case 'g': /*list groups*/ + case 'G': + ZERO_STRUCT(enumg); + enumg.in.dom_hnd = dom_hnd; + + while(cac_SamEnumGroups(hnd, mem_ctx, &enumg)) { + print_rid_list( enumg.out.rids, enumg.out.names, enumg.out.num_groups); + } + + if(CAC_OP_FAILED(hnd->status)) + printerr("Error occured while enumerating groups.", hnd->status); + break; + + case 'm': /*list machine accounts*/ + case 'M': + ZERO_STRUCT(enumu); + enumu.in.dom_hnd = dom_hnd; + enumu.in.acb_mask = ACB_WSTRUST; + + printf("Users:\n"); + while(cac_SamEnumUsers(hnd, mem_ctx, &enumu)) { + print_rid_list( enumu.out.rids, enumu.out.names, enumu.out.num_users); + } + if(CAC_OP_FAILED(hnd->status)) + printerr("Error occured while enumerating accounts.", hnd->status); + break; + + case 'q': /*quit*/ + case 'Q': + /*just do nothing*/ + break; + + default: + printf("Invalid Command.\n"); + } + } +} + +int main(int argc, char **argv) { + CacServerHandle *hnd = NULL; + TALLOC_CTX *mem_ctx = NULL; + + struct SamOpenDomain sod; + + mem_ctx = talloc_init("cacusermgr"); + if(!mem_ctx) { + printf("Could not initialize Talloc Context\n"); + exit(-1); + } + + /**first initialize the server handle with what we have*/ + hnd = cac_NewServerHandle(True); + if(!hnd) { + printf("Could not create server handle\n"); + exit(-1); + } + + /*fill in the blanks*/ + if(!process_cmd_line(hnd, mem_ctx, argc, argv)) + usage(); + + if(!cac_Connect(hnd, NULL)) { + printf("Could not connect to server %s. %s\n", hnd->server, nt_errstr(hnd->status)); + exit(-1); + } + + /*open the domain sam*/ + ZERO_STRUCT(sod); + sod.in.access = MAXIMUM_ALLOWED_ACCESS; + + if(!cac_SamOpenDomain(hnd, mem_ctx, &sod)) { + printf("Could not open handle to domain SAM. %s\n", nt_errstr(hnd->status)); + goto cleanup; + } + + main_menu(hnd, mem_ctx, sod.out.dom_hnd); + +cleanup: + + if(sod.out.dom_hnd) + cac_SamClose(hnd, mem_ctx, sod.out.dom_hnd); + + if(sod.out.sam) + cac_SamClose(hnd, mem_ctx, sod.out.sam); + + cac_FreeHandle(hnd); + + talloc_destroy(mem_ctx); + + return 0; +} diff --git a/examples/libmsrpc/cacusermgr/cacusermgr.h b/examples/libmsrpc/cacusermgr/cacusermgr.h new file mode 100644 index 0000000000..01dbb60acf --- /dev/null +++ b/examples/libmsrpc/cacusermgr/cacusermgr.h @@ -0,0 +1,65 @@ +/* + * Unix SMB/CIFS implementation. + * cacusermgr definitions and includes. + * + * Copyright (C) Chris Nicholls 2005 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. */ + +#ifndef CACUSERMGR_H_ +#define CACUSERMGR_H_ + +#include "libmsrpc.h" +#include "includes.h" + +/*used for the simple pager - mgr_page()*/ +#define DEFAULT_SCREEN_LINES 20 + +/************** + * prototypes * + **************/ + +/*util.c*/ +void usage(); +int process_cmd_line(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, int argc, char **argv); +void mgr_getline(fstring line); +void mgr_page(uint32 line_count); +uint32 rid_or_name(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, uint32 *rid, char **name); +char *get_new_password(TALLOC_CTX *mem_ctx); +void printerr(const char *msg, NTSTATUS status); +void print_rid_list(uint32 *rids, char **names, uint32 num_rids); +void print_lookup_records(CacLookupRidsRecord *map, uint32 num_rids); +int list_groups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd); +void list_privs(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info); +void add_privs(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info); +void list_users(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd); + +void mgr_GetAuthDataFn(const char * pServer, + const char * pShare, + char * pWorkgroup, + int maxLenWorkgroup, + char * pUsername, + int maxLenUsername, + char * pPassword, + int maxLenPassword); + + +/*mgr_group.c*/ +void group_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *group_hnd); + +/*mgr_user.c*/ +void user_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *user_hnd); + +#endif /*CACUSERMGR_H_*/ diff --git a/examples/libmsrpc/cacusermgr/mgr_group.c b/examples/libmsrpc/cacusermgr/mgr_group.c new file mode 100644 index 0000000000..a936433e60 --- /dev/null +++ b/examples/libmsrpc/cacusermgr/mgr_group.c @@ -0,0 +1,210 @@ +/* + * Unix SMB/CIFS implementation. + * cacusermgr group implementation. + * + * Copyright (C) Chris Nicholls 2005 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. */ + +#include "cacusermgr.h" + +CacGroupInfo *get_group_info(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd) { + struct SamGetGroupInfo getinfo; + + if(!hnd || !mem_ctx ||!group_hnd) + return NULL; + + ZERO_STRUCT(getinfo); + getinfo.in.group_hnd = group_hnd; + + if(!cac_SamGetGroupInfo(hnd, mem_ctx, &getinfo)) + printerr("Could not get group info.", hnd->status); + + return getinfo.out.info; +} + +void print_group_info(CacGroupInfo *info) { + if(!info) + return; + + printf(" Group Name : %s\n", info->name); + printf(" Description : %s\n", info->description); + printf(" Number of Members : %d\n", info->num_members); +} + +CacGroupInfo *modify_group_info(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *group_hnd) { + struct SamSetGroupInfo setinfo; + CacGroupInfo *info = NULL; + fstring tmp; + + info = get_group_info(hnd, mem_ctx, group_hnd); + + if(!info) + return NULL; + + printf("Description [%s]: ", info->description); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->description = talloc_strdup(mem_ctx, tmp); + + ZERO_STRUCT(setinfo); + setinfo.in.group_hnd = group_hnd; + setinfo.in.info = info; + + if(!cac_SamSetGroupInfo(hnd, mem_ctx, &setinfo)) { + printerr("Could not set info.", hnd->status); + info = NULL; + } + + return info; +} + +void group_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *group_hnd) { + CacGroupInfo *info = NULL; + int rid_type = 0; + + fstring in; + + char *buf; + + struct SamGetGroupMembers getmem; + struct SamGetNamesFromRids getnames; + struct SamAddGroupMember add; + struct SamRemoveGroupMember del; + + info = get_group_info(hnd, mem_ctx, group_hnd); + + printf("\n"); + print_group_info(info); + + while(in[0] != 'b' && in[0] != 'B' && in[0] != 'q' && in[0] != 'Q') { + printf("\n"); + printf("[m] List Group Members\n"); + printf("[a] Add User To Group\n"); + printf("[r] Remove User From Group\n"); + printf("[l] List Users\n"); + printf("[v] View Group Info\n"); + printf("[d] Set Group Description\n"); + printf("[x] Delete Group\n"); + printf("[b] Back\n\n"); + + printf("Command: "); + mgr_getline(in); + + printf("\n"); + + switch(in[0]) { + case 'a': /*add member to group*/ + case 'A': + ZERO_STRUCT(add); + add.in.group_hnd = group_hnd; + + printf("Enter RID or Name: "); + rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &add.in.rid, &buf); + + if(rid_type != CAC_USER_RID) { + printf("Invalid User.\n"); + break; + } + + if(!cac_SamAddGroupMember(hnd, mem_ctx, &add)) { + printerr("Could not add user to group.", hnd->status); + } + break; + + case 'r': /*remove user from group*/ + case 'R': + ZERO_STRUCT(del); + del.in.group_hnd = group_hnd; + + printf("Enter RID or Name: "); + rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &del.in.rid, &buf); + + if(rid_type != CAC_USER_RID) { + printf("Invalid User.\n"); + break; + } + + if(!cac_SamRemoveGroupMember(hnd, mem_ctx, &del)) { + printerr("Could not remove use from group.", hnd->status); + } + break; + + case 'l': /*list users*/ + case 'L': + list_users(hnd, mem_ctx, dom_hnd); + break; + + case 'm': /*list members*/ + case 'M': + ZERO_STRUCT(getmem); + getmem.in.group_hnd = group_hnd; + + if(!cac_SamGetGroupMembers(hnd, mem_ctx, &getmem)) { + printerr("Could not get members.", hnd->status); + break; + } + + ZERO_STRUCT(getnames); + getnames.in.dom_hnd = dom_hnd; + getnames.in.rids = getmem.out.rids; + getnames.in.num_rids = getmem.out.num_members; + + if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &getnames)) { + printerr("Could not lookup names.", hnd->status); + break; + } + + printf("Group has %d members:\n", getnames.out.num_names); + print_lookup_records(getnames.out.map, getnames.out.num_names); + + break; + + case 'd': /*set description*/ + case 'D': + info = modify_group_info(hnd, mem_ctx, group_hnd); + + if(info) + printf("Set Group Info.\n"); + break; + + case 'v': /*view info*/ + case 'V': + info = get_group_info(hnd, mem_ctx, group_hnd); + print_group_info(info); + break; + + case 'x': /*delete group*/ + case 'X': + if(!cac_SamDeleteGroup(hnd, mem_ctx, group_hnd)) + printerr("Could Not Delete Group.", hnd->status); + + /*we want to go back to the main menu*/ + in[0] = 'b'; + break; + + case 'b': /*back*/ + case 'B': + case 'q': + case 'Q': + break; + + default: + printf("Invalid Command.\n"); + } + } + + cac_SamClose(hnd, mem_ctx, group_hnd); +} diff --git a/examples/libmsrpc/cacusermgr/mgr_user.c b/examples/libmsrpc/cacusermgr/mgr_user.c new file mode 100644 index 0000000000..7e2e56499f --- /dev/null +++ b/examples/libmsrpc/cacusermgr/mgr_user.c @@ -0,0 +1,416 @@ +/* + * Unix SMB/CIFS implementation. + * cacusermgr user implementation. + * + * Copyright (C) Chris Nicholls 2005 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. */ + +#include "cacusermgr.h" + +void print_user_info(CacUserInfo *info) { + printf("\n"); + printf(" User Name : %s\n", info->username); + printf(" Full Name : %s\n", info->full_name); + printf(" Home Dir : %s\n", info->home_dir); + printf(" Home Drive : %s\n", info->home_drive); + printf(" Profile Path : %s\n", info->profile_path); + printf(" Logon Script : %s\n", info->logon_script); + printf(" Description : %s\n", info->description); + printf(" Workstations : %s\n", info->workstations); + printf(" Remote Dial : %s\n", info->dial); + + printf(" Logon Time : %s\n", http_timestring(info->logon_time)); + printf(" Logoff Time : %s\n", http_timestring(info->logoff_time)); + printf(" Kickoff Time : %s\n", http_timestring(info->kickoff_time)); + printf(" Pass last set : %s\n", http_timestring(info->pass_last_set_time)); + printf(" Pass can set : %s\n", http_timestring(info->pass_can_change_time)); + printf(" Pass must set : %s\n", http_timestring(info->pass_must_change_time)); + + printf(" User RID : 0x%x\n", info->rid); + printf(" Group RID : 0x%x\n", info->group_rid); + printf(" User Type : "); + + if(info->acb_mask & ACB_NORMAL) + printf("Normal User\n"); + else if(info->acb_mask & ACB_TEMPDUP) + printf("Temporary Duplicate Account\n"); + else if(info->acb_mask & ACB_DOMTRUST) + printf("Inter-Domain Trust Account\n"); + else if(info->acb_mask & ACB_WSTRUST) + printf("Workstation Trust Account\n"); + else if(info->acb_mask & ACB_SVRTRUST) + printf("Server Trust Account\n"); + else + printf("\n"); + + printf(" Disabled : %s\n", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No"); + printf(" Locked : %s\n", (info->acb_mask & ACB_AUTOLOCK) ? "Yes" : "No"); + printf(" Pass Expires : %s\n", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes"); + printf(" Pass Required : %s\n", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes"); + +} + +CacUserInfo *modify_user_info(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *user_hnd) { + CacUserInfo *info = NULL; + fstring tmp; + + struct SamGetUserInfo getinfo; + struct SamSetUserInfo setinfo; + + ZERO_STRUCT(getinfo); + ZERO_STRUCT(setinfo); + + getinfo.in.user_hnd = user_hnd; + + if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) { + printerr("Could not get user info.", hnd->status); + return NULL; + } + + info = getinfo.out.info; + + printf("\n"); + printf(" User Name [%s]: ", info->username); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->username = talloc_strdup(mem_ctx, tmp); + + printf(" Full Name [%s]: ", info->full_name); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->full_name = talloc_strdup(mem_ctx, tmp); + + printf(" Description [%s]: ", info->description); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->description = talloc_strdup(mem_ctx, tmp); + + printf(" Home Dir [%s]: ", info->home_dir); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->home_dir = talloc_strdup(mem_ctx, tmp); + + printf(" Home Drive [%s]: ", info->home_drive); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->home_drive = talloc_strdup(mem_ctx, tmp); + + printf(" Profile Path [%s]: ", info->profile_path); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->profile_path = talloc_strdup(mem_ctx, tmp); + + printf(" Logon Script [%s]: ", info->logon_script); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->logon_script = talloc_strdup(mem_ctx, tmp); + + printf(" Workstations [%s]: ", info->workstations); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->workstations = talloc_strdup(mem_ctx, tmp); + + printf(" Remote Dial [%s]: ", info->dial); + mgr_getline(tmp); + if(tmp[0] != '\0') + info->dial = talloc_strdup(mem_ctx, tmp); + + printf(" Disabled [%s] (y/n): ", (info->acb_mask & ACB_DISABLED) ? "Yes" : "No"); + mgr_getline(tmp); + if(tmp[0] == 'y' || tmp[0] == 'Y') + info->acb_mask |= ACB_DISABLED; + else if(tmp[0] == 'n' || tmp[0] == 'N') + info->acb_mask ^= (info->acb_mask & ACB_DISABLED) ? ACB_DISABLED : 0x0; + + printf(" Pass Expires [%s] (y/n): ", (info->acb_mask & ACB_PWNOEXP) ? "No" : "Yes"); + mgr_getline(tmp); + if(tmp[0] == 'n' || tmp[0] == 'N') + info->acb_mask |= ACB_PWNOEXP; + else if(tmp[0] == 'y' || tmp[0] == 'Y') + info->acb_mask ^= (info->acb_mask & ACB_PWNOEXP) ? ACB_PWNOEXP : 0x0; + + printf(" Pass Required [%s] (y/n): ", (info->acb_mask & ACB_PWNOTREQ) ? "No" : "Yes"); + mgr_getline(tmp); + if(tmp[0] == 'n' || tmp[0] == 'N') + info->acb_mask |= ACB_PWNOTREQ; + else if(tmp[0] == 'y' || tmp[0] == 'Y') + info->acb_mask ^= (info->acb_mask & ACB_PWNOTREQ) ? ACB_PWNOTREQ : 0x0; + + setinfo.in.user_hnd = user_hnd; + setinfo.in.info = info; + + if(!cac_SamSetUserInfo(hnd, mem_ctx, &setinfo)) { + printerr("Could not set user info.", hnd->status); + } + + return info; +} + +void add_user_to_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) { + int rid_type = 0; + + char *tmp = NULL; + + struct SamOpenGroup og; + struct SamAddGroupMember add; + + ZERO_STRUCT(og); + ZERO_STRUCT(add); + + printf("Group RID or Name:"); + + og.in.dom_hnd = dom_hnd; + og.in.access = MAXIMUM_ALLOWED_ACCESS; + rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp); + + if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) { + printerr("Could not open group.", hnd->status); + return; + } + + add.in.group_hnd = og.out.group_hnd; + add.in.rid = info->rid; + + if(!cac_SamAddGroupMember(hnd, mem_ctx, &add)) { + printerr("Could not add user to group.", hnd->status); + } + + cac_SamClose(hnd, mem_ctx, og.out.group_hnd); +} + +void remove_user_from_group(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, CacUserInfo *info, POLICY_HND *dom_hnd) { + int rid_type = 0; + + char *tmp = NULL; + + struct SamOpenGroup og; + struct SamRemoveGroupMember del; + + ZERO_STRUCT(og); + ZERO_STRUCT(del); + + printf("Group RID or Name:"); + + og.in.dom_hnd = dom_hnd; + og.in.access = MAXIMUM_ALLOWED_ACCESS; + rid_type = rid_or_name(hnd, mem_ctx, dom_hnd, &og.in.rid, &tmp); + + if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) { + printerr("Could not open group.", hnd->status); + return; + } + + del.in.group_hnd = og.out.group_hnd; + del.in.rid = info->rid; + + if(!cac_SamRemoveGroupMember(hnd, mem_ctx, &del)) { + printerr("Could not add user to group.", hnd->status); + } + + cac_SamClose(hnd, mem_ctx, og.out.group_hnd); +} + +void user_menu(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, POLICY_HND *user_hnd) { + fstring in; + + struct SamGetUserInfo getinfo; + struct SamSetPassword setpass; + struct SamGetGroupsForUser groups; + struct SamGetNamesFromRids gnfr; + + CacUserInfo *info = NULL; + + if(!hnd || !mem_ctx || !user_hnd) { + printf("Must open user.\n"); + return; + } + + /*get the userinfo and print it out*/ + ZERO_STRUCT(getinfo); + getinfo.in.user_hnd = user_hnd; + + if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) { + printerr("Could not get info.", hnd->status); + info = NULL; + } + else { + info = getinfo.out.info; + print_user_info(info); + } + + /*now deal with the menu*/ + in[0] = '\0'; + while(in[0] != 'b' && in[0] != 'B' && in[0] != 'q' && in[0] != 'Q') { + printf("\n"); + printf("[s] Set Password\n"); + + if(info && (info->acb_mask & ACB_DISABLED)) + printf("[e] Enable User\n"); + else if(info) + printf("[d] Disable User\n"); + + printf("[v] View User Info\n"); + printf("[m] Modify User Info\n"); + printf("[x] Delete User\n\n"); + + printf("[g] List Group Membership\n"); + printf("[a] Add User To Group\n"); + printf("[l] List Domain Groups\n"); + printf("[r] Remove User From Group\n\n"); + + printf("[b] Back\n\n"); + + printf("Command: "); + mgr_getline(in); + + printf("\n"); + + switch(in[0]) { + case 'g': /*list group membership*/ + case 'G': + ZERO_STRUCT(groups); + groups.in.user_hnd = user_hnd; + + if(!cac_SamGetGroupsForUser(hnd, mem_ctx, &groups)) { + printerr("Could not get groups.", hnd->status); + break; + } + + ZERO_STRUCT(gnfr); + gnfr.in.dom_hnd = dom_hnd; + gnfr.in.rids = groups.out.rids; + gnfr.in.num_rids = groups.out.num_groups; + + if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &gnfr)) { + printerr("Could not map RIDs to names.", hnd->status); + break; + } + + print_lookup_records(gnfr.out.map, gnfr.out.num_names); + + break; + case 's': /*reset password*/ + case 'S': + ZERO_STRUCT(setpass); + setpass.in.user_hnd = user_hnd; + setpass.in.password = get_new_password(mem_ctx); + + if(!setpass.in.password) { + printf("Out of memory.\n"); + break; + } + + if(!cac_SamSetPassword(hnd, mem_ctx, &setpass)) { + printerr("Could not set password.", hnd->status); + } + else { + printf("Reset password.\n"); + } + break; + + case 'e': /*enable user*/ + case 'E': + if(info && !(info->acb_mask & ACB_DISABLED)) + break; + + if(!cac_SamEnableUser(hnd, mem_ctx, user_hnd)) { + printerr("Could not enable user.", hnd->status); + } + else { + printf("Enabled User.\n"); + /*toggle the disabled ACB bit in our local copy of the info*/ + info->acb_mask ^= ACB_DISABLED; + } + break; + + case 'd': /*disable user*/ + case 'D': + if(info && (info->acb_mask & ACB_DISABLED)) + break; + + if(!cac_SamDisableUser(hnd, mem_ctx, user_hnd)) { + printerr("Could not disable user.", hnd->status); + } + else { + printf("Disabled User.\n"); + /*toggle the disabled ACB bit in our local copy of the info*/ + info->acb_mask ^= ACB_DISABLED; + } + break; + + case 'v': /*view user info*/ + case 'V': + ZERO_STRUCT(getinfo); + getinfo.in.user_hnd = user_hnd; + + if(!cac_SamGetUserInfo(hnd, mem_ctx, &getinfo)) { + printerr("Could not get info.", hnd->status); + info = NULL; + } + else { + info = getinfo.out.info; + print_user_info(info); + } + + break; + + case 'm': /*modify user info*/ + case 'M': + info = modify_user_info(hnd, mem_ctx, user_hnd); + + if(info) + printf("Updated user info.\n"); + break; + + case 'l': /*list domain groups*/ + case 'L': + list_groups(hnd, mem_ctx, dom_hnd); + break; + + case 'a': /*add user to group*/ + case 'A': + add_user_to_group(hnd, mem_ctx, info, dom_hnd); + break; + + case 'r': /*remove user from group*/ + case 'R': + remove_user_from_group(hnd, mem_ctx, info, dom_hnd); + break; + + case 'x': /*delete user*/ + case 'X': + if(!cac_SamDeleteUser(hnd, mem_ctx, user_hnd)) + printerr("Could not delete user.", hnd->status); + + /*we want to go back to the main menu*/ + in[0] = 'b'; + break; + + case 'b': /*back*/ + case 'B': + case 'q': + case 'Q': + /*do nothing*/ + break; + + default: + printf("Invalid command.\n"); + } + } + + /*close the user before returning*/ + cac_SamClose(hnd, mem_ctx, user_hnd); +} diff --git a/examples/libmsrpc/cacusermgr/util.c b/examples/libmsrpc/cacusermgr/util.c new file mode 100644 index 0000000000..1629911812 --- /dev/null +++ b/examples/libmsrpc/cacusermgr/util.c @@ -0,0 +1,343 @@ +/* + * Unix SMB/CIFS implementation. + * cacusermgr utility functions. + * + * Copyright (C) Chris Nicholls 2005 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 675 + * Mass Ave, Cambridge, MA 02139, USA. */ + +#include "cacusermgr.h" + +/*prints usage and quits*/ +void usage() { + printf("Usage:\n"); + printf(" cacusermgr [options] server\n\n"); + printf("options:\n"); + printf(" -u USERNAME Username to login with\n"); + printf(" -d/-w DOMAIN Domain name\n"); + printf(" -D LEVEL Debug level\n"); + printf(" -h Print this message\n"); + + exit(1); +} + +/*initializes values in the server handle from the command line returns 0 if there is a problem, non-zero if everything is ok*/ +int process_cmd_line(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, int argc, char **argv) { + char op; + + if(!hnd || !mem_ctx || !argc) + return 0; + + while( (op = getopt(argc, argv, "u:U:d:w:W:D:h")) != -1) { + switch(op) { + case 'u': /*username*/ + case 'U': + if(optarg) + strncpy(hnd->username, optarg, sizeof(fstring)); + else + usage(); + break; + + case 'd': /*domain name*/ + case 'w': + case 'W': + if(optarg) + strncpy(hnd->domain, optarg, sizeof(fstring)); + else + usage(); + break; + + case 'D': /*debug level*/ + if(optarg) + hnd->debug = atoi(optarg); + else + usage(); + break; + + case 'h': /*help*/ + usage(); + break; + + case '?': + default: + printf("Unknown option -%c\n", op); + usage(); + } + } + + if(optind >= argc) + usage(); + + /*whatever is less should be the server*/ + strncpy(hnd->server, argv[optind], sizeof(fstring)); + + return 1; +} + +void mgr_getline(fstring line) { + + fgets(line, sizeof(fstring), stdin); + + if(line[strlen(line) - 1] == '\n') + line[strlen(line) - 1] = '\0'; + +} + +/*this is pretty similar to the other get_auth_data_fn's*/ +void mgr_GetAuthDataFn(const char * pServer, + const char * pShare, + char * pWorkgroup, + int maxLenWorkgroup, + char * pUsername, + int maxLenUsername, + char * pPassword, + int maxLenPassword) + +{ + char temp[sizeof(fstring)]; + + static char authUsername[sizeof(fstring)]; + static char authWorkgroup[sizeof(fstring)]; + static char authPassword[sizeof(fstring)]; + static char authSet = 0; + + char *pass = NULL; + + if (authSet) + { + strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); + strncpy(pUsername, authUsername, maxLenUsername - 1); + strncpy(pPassword, authPassword, maxLenPassword - 1); + } + else + { + if(pWorkgroup[0] != '\0') { + strncpy(authWorkgroup, pWorkgroup, maxLenWorkgroup - 1); + } + else { + d_printf("Domain: [%s] ", pWorkgroup); + mgr_getline(pWorkgroup); + + if (temp[0] != '\0') + { + strncpy(pWorkgroup, temp, maxLenWorkgroup - 1); + strncpy(authWorkgroup, temp, maxLenWorkgroup - 1); + } + } + + + if(pUsername[0] != '\0') { + strncpy(authUsername, pUsername, maxLenUsername - 1); + } + else { + d_printf("Username: [%s] ", pUsername); + mgr_getline(pUsername); + + if (temp[strlen(temp) - 1] == '\n') /* A new line? */ + { + temp[strlen(temp) - 1] = '\0'; + } + + if (temp[0] != '\0') + { + strncpy(pUsername, temp, maxLenUsername - 1); + strncpy(authUsername, pUsername, maxLenUsername - 1); + } + } + if(pPassword[0] != '\0') { + strncpy(authPassword, pPassword, maxLenPassword - 1); + } + else { + pass = getpass("Password: "); + if (pass) + fstrcpy(temp, pass); + if (temp[strlen(temp) - 1] == '\n') /* A new line? */ + { + temp[strlen(temp) - 1] = '\0'; + } + if (temp[0] != '\0') + { + strncpy(pPassword, temp, maxLenPassword - 1); + strncpy(authPassword, pPassword, maxLenPassword - 1); + } + } + authSet = 1; + } +} + +void mgr_page(uint32 line_count) { + + if( (line_count % DEFAULT_SCREEN_LINES) != 0) + return; + + printf("--Press enter to continue--\n"); + getchar(); +} + +/*reads a line from stdin, figures out if it is a RID or name, gets a CacLookupRidsRecord and then returns the type*/ +uint32 rid_or_name(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd, uint32 *rid, char **name) { + fstring line; + + BOOL is_rid = False; + uint32 rid_type = 0; + + struct SamGetNamesFromRids getnames; + struct SamGetRidsFromNames getrids; + + mgr_getline(line); + + if(strncmp(line, "0x", 2) == 0) { + /*then this is a RID*/ + sscanf( (line + 2), "%x", rid); + is_rid = True; + } + else { + /*then this is a name*/ + *name = talloc_strdup(mem_ctx, line); + } + + if(is_rid) { + ZERO_STRUCT(getnames); + + getnames.in.dom_hnd = dom_hnd; + getnames.in.rids = rid; + getnames.in.num_rids = 1; + + cac_SamGetNamesFromRids(hnd, mem_ctx, &getnames); + + if(getnames.out.num_names > 0) + rid_type = getnames.out.map[0].type; + + } + else { + ZERO_STRUCT(getrids); + + getrids.in.dom_hnd = dom_hnd; + getrids.in.names = name; + getrids.in.num_names = 1; + + cac_SamGetRidsFromNames(hnd, mem_ctx, &getrids); + + if(getrids.out.num_rids > 0) { + rid_type = getrids.out.map[0].type; + + /*send back the RID so cac_SamOpenXX() doesn't have to look it up*/ + *rid = getrids.out.map[0].rid; + } + } + + return rid_type; +} + +/*print's out some common error messages*/ +void printerr(const char *msg, NTSTATUS status) { + if(NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) + printf("%s You do not have sufficient rights.\n", msg); + + else if(NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) + printf("%s No such user.\n", msg); + + else if(NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_GROUP)) + printf("%s No such group.\n", msg); + + else if(NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) + printf("%s User already exists.\n", msg); + + else if(NT_STATUS_EQUAL(status, NT_STATUS_GROUP_EXISTS)) + printf("%s Group already exists.\n", msg); + + else + printf("%s %s.\n", msg, nt_errstr(status)); +} + +char *get_new_password(TALLOC_CTX *mem_ctx) { + char *pass1 = NULL; + + pass1 = getpass("Enter new password: "); + + return talloc_strdup(mem_ctx, pass1); +} + +void print_rid_list(uint32 *rids, char **names, uint32 num_rids) { + uint32 i = 0; + + if(!names || !rids) + return; + + printf(" RID Name\n"); + + while(i < num_rids) { + printf("[0x%x] [%s]\n", rids[i], names[i]); + + i++; + + mgr_page(i); + } +} + +void print_lookup_records(CacLookupRidsRecord *map, uint32 num_rids) { + uint32 i = 0; + + if(!map) + return; + + printf("RID Name\n"); + + while(i < num_rids) { + if(map[i].found) { + printf("[0x%x] [%s]\n", map[i].rid, map[i].name); + } + + i++; + + mgr_page(i); + } +} + +int list_groups(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd) { + struct SamEnumGroups eg; + + if(!hnd || !mem_ctx || !dom_hnd) + return 0; + + ZERO_STRUCT(eg); + eg.in.dom_hnd = dom_hnd; + + while(cac_SamEnumGroups(hnd, mem_ctx, &eg)) + print_rid_list(eg.out.rids, eg.out.names, eg.out.num_groups); + + if(CAC_OP_FAILED(hnd->status)) { + printerr("Could not enumerate groups.", hnd->status); + return 0; + } + + return 1; +} + +void list_users(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, POLICY_HND *dom_hnd) { + struct SamEnumUsers eu; + + if(!hnd || !mem_ctx || !dom_hnd) + return; + + ZERO_STRUCT(eu); + eu.in.dom_hnd = dom_hnd; + + while(cac_SamEnumUsers(hnd, mem_ctx, &eu)) + print_rid_list(eu.out.rids, eu.out.names, eu.out.num_users); + + if(CAC_OP_FAILED(hnd->status)) + printerr("Could not enumerate users.", hnd->status); +} |