summaryrefslogtreecommitdiff
path: root/source3/rpcclient/cmd_samr.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpcclient/cmd_samr.c')
-rw-r--r--source3/rpcclient/cmd_samr.c2365
1 files changed, 308 insertions, 2057 deletions
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index a03393fbbd..023bf512e8 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -2,8 +2,8 @@
Unix SMB/Netbios implementation.
Version 1.9.
NT Domain Authentication SMB / MSRPC client
- Copyright (C) Andrew Tridgell 1994-1999
- Copyright (C) Luke Kenneth Casson Leighton 1996-1999
+ Copyright (C) Andrew Tridgell 1994-1997
+ Copyright (C) Luke Kenneth Casson Leighton 1996-1997
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -33,104 +33,15 @@ extern int DEBUGLEVEL;
#define DEBUG_TESTING
-extern struct ntuser_creds *usr_creds;
+extern struct cli_state *smb_cli;
extern FILE* out_hnd;
-static void sam_display_domain(const char *domain)
-{
- report(out_hnd, "Domain Name: %s\n", domain);
-}
-
-static void sam_display_dom_info(const char* domain, const DOM_SID *sid,
- uint32 switch_value,
- SAM_UNK_CTR *ctr)
-{
- fstring sidstr;
- sid_to_string(sidstr, sid);
- report(out_hnd, "Domain Name:\t%s\tSID:\t%s\n", domain, sidstr);
- display_sam_unk_ctr(out_hnd, ACTION_HEADER , switch_value, ctr);
- display_sam_unk_ctr(out_hnd, ACTION_ENUMERATE, switch_value, ctr);
- display_sam_unk_ctr(out_hnd, ACTION_FOOTER , switch_value, ctr);
-}
-
-static void sam_display_alias_info(const char *domain, const DOM_SID *sid,
- uint32 alias_rid,
- ALIAS_INFO_CTR *const ctr)
-{
- display_alias_info_ctr(out_hnd, ACTION_HEADER , ctr);
- display_alias_info_ctr(out_hnd, ACTION_ENUMERATE, ctr);
- display_alias_info_ctr(out_hnd, ACTION_FOOTER , ctr);
-}
-
-static void sam_display_alias(const char *domain, const DOM_SID *sid,
- uint32 alias_rid, const char *alias_name)
-{
- report(out_hnd, "Alias RID: %8x Alias Name: %s\n",
- alias_rid, alias_name);
-}
-
-static void sam_display_alias_members(const char *domain, const DOM_SID *sid,
- uint32 alias_rid, const char *alias_name,
- uint32 num_names,
- DOM_SID *const *const sids,
- char *const *const name,
- uint8 *const type)
-{
- display_alias_members(out_hnd, ACTION_HEADER , num_names, name, type);
- display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
- display_alias_members(out_hnd, ACTION_FOOTER , num_names, name, type);
-}
-
-static void sam_display_group_info(const char *domain, const DOM_SID *sid,
- uint32 group_rid,
- GROUP_INFO_CTR *const ctr)
-{
- display_group_info_ctr(out_hnd, ACTION_HEADER , ctr);
- display_group_info_ctr(out_hnd, ACTION_ENUMERATE, ctr);
- display_group_info_ctr(out_hnd, ACTION_FOOTER , ctr);
-}
-
-static void sam_display_group(const char *domain, const DOM_SID *sid,
- uint32 group_rid, const char *group_name)
-{
- report(out_hnd, "Group RID: %8x Group Name: %s\n",
- group_rid, group_name);
-}
-
-static void sam_display_group_members(const char *domain, const DOM_SID *sid,
- uint32 group_rid, const char *group_name,
- uint32 num_names,
- const uint32 *rid_mem,
- char *const *const name,
- uint32 *const type)
-{
- display_group_members(out_hnd, ACTION_HEADER , num_names, name, type);
- display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
- display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type);
-}
-
-static void sam_display_user_info(const char *domain, const DOM_SID *sid,
- uint32 user_rid,
- SAM_USER_INFO_21 *const usr)
-{
- display_sam_user_info_21(out_hnd, ACTION_HEADER , usr);
- display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, usr);
- display_sam_user_info_21(out_hnd, ACTION_FOOTER , usr);
-}
-
-static void sam_display_user(const char *domain, const DOM_SID *sid,
- uint32 user_rid, const char *user_name)
-{
- report(out_hnd, "User RID: %8x User Name: %s\n",
- user_rid, user_name);
-}
-
/****************************************************************************
SAM password change
****************************************************************************/
-void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
+void cmd_sam_ntchange_pwd(struct client_info *info)
{
fstring srv_name;
fstring domain;
@@ -146,8 +57,6 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
uchar lm_hshhash[16];
uchar lm_oldhash[16];
- struct cli_connection *con = NULL;
-
sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
@@ -155,7 +64,7 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- report(out_hnd, "SAM NT Password Change\n");
+ fprintf(out_hnd, "SAM NT Password Change\n");
#if 0
struct pwd_info new_pwd;
@@ -164,13 +73,14 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
new_passwd = (char*)getpass("New Password (ONCE ONLY - get it right :-)");
nt_lm_owf_gen(new_passwd, lm_newhash, nt_newhash);
- pwd_get_lm_nt_16(&(usr_creds->pwd), lm_oldhash, nt_oldhash );
+ pwd_get_lm_nt_16(&(smb_cli->pwd), lm_oldhash, nt_oldhash );
make_oem_passwd_hash(nt_newpass, new_passwd, nt_oldhash, True);
make_oem_passwd_hash(lm_newpass, new_passwd, lm_oldhash, True);
E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash);
E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash);
- usr_creds->ntlmssp_flags = NTLMSSP_NEGOTIATE_UNICODE |
+ cli_nt_set_ntlmssp_flgs(smb_cli,
+ NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_OEM |
NTLMSSP_NEGOTIATE_SIGN |
NTLMSSP_NEGOTIATE_SEAL |
@@ -178,29 +88,29 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
NTLMSSP_NEGOTIATE_00001000 |
- NTLMSSP_NEGOTIATE_00002000;
+ NTLMSSP_NEGOTIATE_00002000);
/* open SAMR session. */
- res = res ? cli_connection_init(srv_name, PIPE_SAMR, &con) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
- res = res ? samr_unknown_38(con, srv_name) : False;
+ res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
/* establish a connection. */
- res = res ? samr_chgpasswd_user(con,
- srv_name, usr_creds->user_name,
+ res = res ? do_samr_chgpasswd_user(smb_cli,
+ srv_name, smb_cli->user_name,
nt_newpass, nt_hshhash,
lm_newpass, lm_hshhash) : False;
/* close the session */
- cli_connection_unlink(con);
+ cli_nt_session_close(smb_cli);
if (res)
{
- report(out_hnd, "NT Password changed OK\n");
+ fprintf(out_hnd, "NT Password changed OK\n");
}
else
{
- report(out_hnd, "NT Password change FAILED\n");
+ fprintf(out_hnd, "NT Password change FAILED\n");
}
}
@@ -208,9 +118,8 @@ void cmd_sam_ntchange_pwd(struct client_info *info, int argc, char *argv[])
/****************************************************************************
experimental SAM encryted rpc test connection
****************************************************************************/
-void cmd_sam_test(struct client_info *info, int argc, char *argv[])
+void cmd_sam_test(struct client_info *info)
{
- struct cli_connection *con = NULL;
fstring srv_name;
fstring domain;
fstring sid;
@@ -220,9 +129,9 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[])
fstrcpy(domain, info->dom.level5_dom);
/*
- if (sid1.num_auths == 0)
+ if (strlen(sid) == 0)
{
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
}
*/
@@ -230,9 +139,10 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[])
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- report(out_hnd, "SAM Encryption Test\n");
+ fprintf(out_hnd, "SAM Encryption Test\n");
- usr_creds->ntlmssp_flags = NTLMSSP_NEGOTIATE_UNICODE |
+ cli_nt_set_ntlmssp_flgs(smb_cli,
+ NTLMSSP_NEGOTIATE_UNICODE |
NTLMSSP_NEGOTIATE_OEM |
NTLMSSP_NEGOTIATE_SIGN |
NTLMSSP_NEGOTIATE_SEAL |
@@ -240,13 +150,16 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[])
NTLMSSP_NEGOTIATE_NTLM |
NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
NTLMSSP_NEGOTIATE_00001000 |
- NTLMSSP_NEGOTIATE_00002000;
+ NTLMSSP_NEGOTIATE_00002000);
/* open SAMR session. */
- res = res ? cli_connection_init(srv_name, PIPE_SAMR, &con) : False;
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
+
+ /* establish a connection. */
+ res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
/* close the session */
- cli_connection_unlink(con);
+ cli_nt_session_close(smb_cli);
if (res)
{
@@ -258,2172 +171,510 @@ void cmd_sam_test(struct client_info *info, int argc, char *argv[])
}
}
-/****************************************************************************
-Lookup domain in SAM server.
-****************************************************************************/
-void cmd_sam_lookup_domain(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- char *domain;
- fstring str_sid;
- DOM_SID dom_sid;
- BOOL res = True;
- POLICY_HND sam_pol;
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
- {
- report(out_hnd, "lookupdomain: <name>\n");
- return;
- }
-
- domain = argv[1];
-
- report(out_hnd, "Lookup Domain in SAM Server\n");
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_query_lookup_domain( &sam_pol, domain, &dom_sid) : False;
-
- res = res ? samr_close(&sam_pol) : False;
-
- if (res)
- {
- DEBUG(5,("cmd_sam_lookup_domain: succeeded\n"));
-
- sid_to_string(str_sid, &dom_sid);
- report(out_hnd, "%s SID: %s\n", domain, str_sid);
- report(out_hnd, "Lookup Domain: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_lookup_domain: failed\n"));
- report(out_hnd, "Lookup Domain: FAILED\n");
- }
-}
/****************************************************************************
-SAM delete alias member.
+experimental SAM users enum.
****************************************************************************/
-void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[])
+void cmd_sam_enum_users(struct client_info *info)
{
fstring srv_name;
fstring domain;
fstring sid;
DOM_SID sid1;
- POLICY_HND alias_pol;
+ int user_idx;
BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- DOM_SID member_sid;
- uint32 alias_rid;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
- {
- report(out_hnd, "delaliasmem: <alias rid> [member sid1] [member sid2] ...\n");
- return;
- }
-
- argc--;
- argv++;
-
- alias_rid = get_number(argv[0]);
-
- report(out_hnd, "SAM Domain Alias Member\n");
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- /* connect to the domain */
- res1 = res ? samr_open_alias( &pol_dom,
- 0x000f001f, alias_rid, &alias_pol) : False;
-
- while (argc > 0 && res2 && res1)
- {
- argc--;
- argv++;
- /* get a sid, delete a member from the alias */
- res2 = res2 ? string_to_sid(&member_sid, argv[0]) : False;
- res2 = res2 ? samr_del_aliasmem(&alias_pol, &member_sid) : False;
-
- if (res2)
- {
- report(out_hnd, "SID deleted from Alias 0x%x: %s\n", alias_rid, argv[0]);
- }
- }
-
- res1 = res1 ? samr_close(&alias_pol) : False;
- res = res ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- if (res && res1 && res2)
- {
- DEBUG(5,("cmd_sam_del_aliasmem: succeeded\n"));
- report(out_hnd, "Delete Domain Alias Member: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_del_aliasmem: failed\n"));
- report(out_hnd, "Delete Domain Alias Member: FAILED\n");
- }
-}
+ BOOL request_user_info = False;
+ BOOL request_group_info = False;
+ uint16 num_entries = 0;
+ uint16 unk_0 = 0x0;
+ uint16 acb_mask = 0;
+ uint16 unk_1 = 0x0;
+ uint32 admin_rid = 0x304; /* absolutely no idea. */
+ fstring tmp;
-/****************************************************************************
-SAM delete alias.
-****************************************************************************/
-void cmd_sam_delete_dom_alias(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- char *name;
- fstring sid;
- DOM_SID sid1;
- POLICY_HND alias_pol;
- BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 alias_rid = 0;
- char *names[1];
- uint32 rid [MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- uint32 num_rids;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
+ sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
+ if (strlen(sid) == 0)
{
- report(out_hnd, "delalias <alias name>\n");
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
}
- name = argv[1];
-
- report(out_hnd, "SAM Delete Domain Alias\n");
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- names[0] = name;
-
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x000003e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- if (res1 && num_rids == 1)
- {
- alias_rid = rid[0];
- }
-
- /* connect to the domain */
- res1 = res1 ? samr_open_alias( &pol_dom,
- 0x000f001f, alias_rid, &alias_pol) : False;
-
- res2 = res1 ? samr_delete_dom_alias(&alias_pol) : False;
-
- res1 = res1 ? samr_close(&alias_pol) : False;
- res = res ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- if (res && res1 && res2)
- {
- DEBUG(5,("cmd_sam_delete_dom_alias: succeeded\n"));
- report(out_hnd, "Delete Domain Alias: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_delete_dom_alias: failed\n"));
- report(out_hnd, "Delete Domain Alias: FAILED\n");
- }
-}
-
-/****************************************************************************
-SAM add alias member.
-****************************************************************************/
-void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring tmp;
- fstring sid;
- DOM_SID sid1;
- POLICY_HND alias_pol;
- BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- BOOL res3 = True;
- BOOL res4 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 alias_rid;
- char **names = NULL;
- int num_names = 0;
- DOM_SID *sids = NULL;
- int num_sids = 0;
- int i;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
- POLICY_HND lsa_pol;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
+ init_dom_sid(&sid1, sid);
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- if (argc < 2)
+ /* a bad way to do token parsing... */
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- report(out_hnd, "addaliasmem <group name> [member name1] [member name2] ...\n");
- return;
+ request_user_info |= strequal(tmp, "-u");
+ request_group_info |= strequal(tmp, "-g");
}
-
- num_names = argc+1;
- names = argv+1;
-
- report(out_hnd, "SAM Domain Alias Member\n");
-
- /* lookup domain controller; receive a policy handle */
- res3 = res3 ? lsa_open_policy(srv_name,
- &lsa_pol, True) : False;
-
- /* send lsa lookup sids call */
- res4 = res3 ? lsa_lookup_names(&lsa_pol,
- num_names, names,
- &sids, NULL, &num_sids) : False;
- res3 = res3 ? lsa_close(&lsa_pol) : False;
-
- res4 = num_sids < 2 ? False : res4;
-
- if (res4)
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- /*
- * accept domain sid or builtin sid
- */
-
- DOM_SID sid_1_5_20;
- string_to_sid(&sid_1_5_20, "S-1-5-32");
- sid_split_rid(&sids[0], &alias_rid);
-
- if (sid_equal(&sids[0], &sid_1_5_20))
- {
- sid_copy(&sid1, &sid_1_5_20);
- }
- else if (!sid_equal(&sids[0], &sid1))
- {
- res4 = False;
- }
+ request_user_info |= strequal(tmp, "-u");
+ request_group_info |= strequal(tmp, "-g");
}
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- /* connect to the domain */
- res1 = res ? samr_open_alias( &pol_dom,
- 0x000f001f, alias_rid, &alias_pol) : False;
-
- for (i = 1; i < num_sids && res2 && res1; i++)
+#ifdef DEBUG_TESTING
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- /* add a member to the alias */
- res2 = res2 ? samr_add_aliasmem(&alias_pol, &sids[i]) : False;
-
- if (res2)
- {
- sid_to_string(tmp, &sids[i]);
- report(out_hnd, "SID added to Alias 0x%x: %s\n", alias_rid, tmp);
- }
+ num_entries = (uint16)strtol(tmp, (char**)NULL, 16);
}
- res1 = res1 ? samr_close(&alias_pol) : False;
- res = res ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- if (sids != NULL)
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- free(sids);
+ unk_0 = (uint16)strtol(tmp, (char**)NULL, 16);
}
-
- free_char_array(num_names, names);
- if (res && res1 && res2)
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- DEBUG(5,("cmd_sam_add_aliasmem: succeeded\n"));
- report(out_hnd, "Add Domain Alias Member: OK\n");
+ acb_mask = (uint16)strtol(tmp, (char**)NULL, 16);
}
- else
- {
- DEBUG(5,("cmd_sam_add_aliasmem: failed\n"));
- report(out_hnd, "Add Domain Alias Member: FAILED\n");
- }
-}
-
-
-#if 0
-/****************************************************************************
-SAM create domain user.
-****************************************************************************/
-void cmd_sam_create_dom_trusting(struct client_info *info, int argc, char *argv[])
-{
- fstring local_domain;
- fstring local_pdc;
-
- char *trusting_domain;
- char *trusting_pdc;
- fstring password;
-
- fstring sid;
- DOM_SID sid1;
- uint32 user_rid;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
- if (sid1.num_auths == 0)
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 3)
- {
- report(out_hnd, "createtrusting: <Domain Name> <PDC Name> [password]\n");
- return;
+ unk_1 = (uint16)strtol(tmp, (char**)NULL, 16);
}
-
- argc--;
- argv++;
-
- trusting_domain = argv[0];
-
- argc--;
- argv++;
-
- trusting_pdc = argv[0];
-
- argc--;
- argv++;
-
- if (argc > 0)
- {
- safe_strcpy(password, argv[0], sizeof(password)-1);
- }
- else
- {
- fstring pass_str;
- char *pass;
- slprintf(pass_str, sizeof(pass_str)-1, "Enter %s's Password:",
- user_name);
- pass = (char*)getpass(pass_str);
-
- if (pass != NULL)
- {
- safe_strcpy(password, pass, sizeof(password)-1);
- set_passwd = True;
- }
- }
- report(out_hnd, "SAM Create Domain Trusting Account\n");
-
- if (msrpc_sam_create_dom_user(srv_name,
- acct_name, ACB_WSTRUST, &user_rid))
- {
- report(out_hnd, "Create Domain User: OK\n");
- }
- else
- {
- report(out_hnd, "Create Domain User: FAILED\n");
- }
-}
#endif
-/****************************************************************************
-SAM create domain user.
-****************************************************************************/
-void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
-{
- fstring domain;
- fstring acct_name;
- fstring name;
- fstring sid;
- DOM_SID sid1;
- uint32 user_rid;
- uint16 acb_info = ACB_NORMAL;
- BOOL join_domain = False;
- int opt;
- char *password = NULL;
- int plen = 0;
- int len = 0;
- UNISTR2 upw;
-
- fstring srv_name;
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 2)
- {
- report(out_hnd, "createuser: <acct name> [-i] [-s] [-j]\n");
- return;
- }
+ fprintf(out_hnd, "SAM Enumerate Users\n");
+ fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
+ info->myhostname, srv_name, domain, sid);
- argc--;
- argv++;
+#ifdef DEBUG_TESTING
+ DEBUG(5,("Number of entries:%d unk_0:%04x acb_mask:%04x unk_1:%04x\n",
+ num_entries, unk_0, acb_mask, unk_1));
+#endif
- safe_strcpy(acct_name, argv[0], sizeof(acct_name));
- len = strlen(acct_name)-1;
- if (acct_name[len] == '$')
- {
- safe_strcpy(name, argv[0], sizeof(name));
- name[len] = 0;
- acb_info = ACB_WSTRUST;
- }
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
- while ((opt = getopt(argc, argv,"isj")) != EOF)
- {
- switch (opt)
- {
- case 'i':
- {
- acb_info = ACB_DOMTRUST;
- break;
- }
- case 's':
- {
- acb_info = ACB_SVRTRUST;
- break;
- }
- case 'j':
- {
- join_domain = True;
- }
- }
- }
+ /* establish a connection. */
+ res = res ? do_samr_connect(smb_cli,
+ srv_name, 0x00000020,
+ &info->dom.samr_pol_connect) : False;
- if (join_domain && acb_info == ACB_NORMAL)
- {
- report(out_hnd, "can only join trust accounts to a domain\n");
- return;
- }
+ /* connect to the domain */
+ res = res ? do_samr_open_domain(smb_cli,
+ &info->dom.samr_pol_connect, admin_rid, &sid1,
+ &info->dom.samr_pol_open_domain) : False;
- report(out_hnd, "SAM Create Domain User\n");
- report(out_hnd, "Domain: %s Name: %s ACB: %s\n",
- domain, acct_name,
- pwdb_encode_acct_ctrl(acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN));
+ /* read some users */
+ res = res ? do_samr_enum_dom_users(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ num_entries, unk_0, acb_mask, unk_1, 0xffff,
+ &info->dom.sam, &info->dom.num_sam_entries) : False;
- if (acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)
+ if (res && info->dom.num_sam_entries == 0)
{
- upw.uni_str_len = 12;
- upw.uni_max_len = 12;
- generate_random_buffer((uchar*)upw.buffer,
- upw.uni_str_len*2, True);
- password = (char*)upw.buffer;
- plen = upw.uni_str_len * 2;
+ fprintf(out_hnd, "No users\n");
}
- if (msrpc_sam_create_dom_user(srv_name, &sid1,
- acct_name, acb_info, password, plen,
- &user_rid))
+ if (request_user_info || request_group_info)
{
- report(out_hnd, "Create Domain User: OK\n");
+ /* query all the users */
+ user_idx = 0;
- if (join_domain)
+ while (res && user_idx < info->dom.num_sam_entries)
{
- uchar ntpw[16];
-
- nt_owf_genW(&upw, ntpw);
+ uint32 user_rid = info->dom.sam[user_idx].smb_userid;
+ SAM_USER_INFO_21 usr;
- strupper(domain);
- strupper(name);
+ fprintf(out_hnd, "User RID: %8x User Name: %s\n",
+ user_rid,
+ info->dom.sam[user_idx].acct_name);
- report(out_hnd, "Join %s to Domain %s", name, domain);
- if (create_trust_account_file(domain, name, ntpw))
+ if (request_user_info)
{
- report(out_hnd, ": OK\n");
- }
- else
- {
- report(out_hnd, ": FAILED\n");
+ /* send user info query, level 0x15 */
+ if (get_samr_query_userinfo(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ 0x15, user_rid, &usr))
+ {
+ display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr);
+ display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
+ display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr);
+ }
}
- }
- }
- else
- {
- report(out_hnd, "Create Domain User: FAILED\n");
- }
-}
+ if (request_group_info)
+ {
+ uint32 num_groups;
+ DOM_GID gid[LSA_MAX_GROUPS];
-/****************************************************************************
-SAM create domain alias.
-****************************************************************************/
-void cmd_sam_create_dom_alias(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- char *acct_name;
- fstring acct_desc;
- fstring sid;
- DOM_SID sid1;
- BOOL res = True;
- BOOL res1 = True;
- uint32 ace_perms = 0x02000000; /* permissions */
- uint32 alias_rid;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
+ /* send user group query */
+ if (get_samr_query_usergroups(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ user_rid, &num_groups, gid))
+ {
+ display_group_rid_info(out_hnd, ACTION_HEADER , num_groups, gid);
+ display_group_rid_info(out_hnd, ACTION_ENUMERATE, num_groups, gid);
+ display_group_rid_info(out_hnd, ACTION_FOOTER , num_groups, gid);
+ }
+ }
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
+ user_idx++;
+ }
}
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_open_domain) : False;
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_connect) : False;
- if (argc < 2)
- {
- report(out_hnd, "createalias: <acct name> [acct description]\n");
- }
-
- acct_name = argv[1];
+ /* close the session */
+ cli_nt_session_close(smb_cli);
- if (argc < 3)
+ if (info->dom.sam != NULL)
{
- acct_desc[0] = 0;
+ free(info->dom.sam);
}
- else
- {
- safe_strcpy(acct_desc, argv[2], sizeof(acct_desc)-1);
- }
-
- report(out_hnd, "SAM Create Domain Alias\n");
- report(out_hnd, "Domain: %s Name: %s Description: %s\n",
- domain, acct_name, acct_desc);
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- /* create a domain alias */
- res1 = res ? create_samr_domain_alias( &pol_dom,
- acct_name, acct_desc, &alias_rid) : False;
-
- res = res ? samr_close( &pol_dom) : False;
-
- res = res ? samr_close( &sam_pol) : False;
-
- if (res && res1)
+ if (res)
{
- DEBUG(5,("cmd_sam_create_dom_alias: succeeded\n"));
- report(out_hnd, "Create Domain Alias: OK\n");
+ DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
}
else
{
- DEBUG(5,("cmd_sam_create_dom_alias: failed\n"));
- report(out_hnd, "Create Domain Alias: FAILED\n");
+ DEBUG(5,("cmd_sam_enum_users: failed\n"));
}
}
/****************************************************************************
-SAM delete group member.
+experimental SAM user query.
****************************************************************************/
-void cmd_sam_del_groupmem(struct client_info *info, int argc, char *argv[])
+void cmd_sam_query_user(struct client_info *info)
{
fstring srv_name;
fstring domain;
fstring sid;
DOM_SID sid1;
- POLICY_HND pol_grp;
+ int user_idx = 0; /* FIXME maybe ... */
BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 member_rid;
- uint32 group_rid;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
- {
- report(out_hnd, "delgroupmem: <group rid> [member rid1] [member rid2] ...\n");
- return;
- }
-
- argc--;
- argv++;
+ uint32 admin_rid = 0x304; /* absolutely no idea. */
+ fstring rid_str ;
+ fstring info_str;
+ uint32 user_rid = 0;
+ uint32 info_level = 0x15;
- group_rid = get_number(argv[0]);
-
- report(out_hnd, "SAM Add Domain Group member\n");
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- /* connect to the domain */
- res1 = res ? samr_open_group( &pol_dom,
- 0x0000001f, group_rid, &pol_grp) : False;
+ SAM_USER_INFO_21 usr;
- while (argc > 0 && res2 && res1)
- {
- argc--;
- argv++;
-
- /* get a rid, delete a member from the group */
- member_rid = get_number(argv[0]);
- res2 = res2 ? samr_del_groupmem(&pol_grp, member_rid) : False;
-
- if (res2)
- {
- report(out_hnd, "RID deleted from Group 0x%x: 0x%x\n", group_rid, member_rid);
- }
- }
-
- res1 = res1 ? samr_close(&pol_grp) : False;
- res = res ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- if (res && res1 && res2)
- {
- DEBUG(5,("cmd_sam_del_groupmem: succeeded\n"));
- report(out_hnd, "Add Domain Group Member: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_del_groupmem: failed\n"));
- report(out_hnd, "Add Domain Group Member: FAILED\n");
- }
-}
-
-
-/****************************************************************************
-SAM delete group.
-****************************************************************************/
-void cmd_sam_delete_dom_group(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- char *name;
- fstring sid;
- DOM_SID sid1;
- POLICY_HND pol_grp;
- BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 group_rid = 0;
- char *names[1];
- uint32 rid [MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- uint32 num_rids;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
+ sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
+ if (strlen(sid) == 0)
{
- report(out_hnd, "delgroup <group name>\n");
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
}
- name = argv[1];
-
- report(out_hnd, "SAM Delete Domain Group\n");
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- names[0] = name;
-
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x000003e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- if (res1 && num_rids == 1)
- {
- group_rid = rid[0];
- }
-
- /* connect to the domain */
- res1 = res1 ? samr_open_group( &pol_dom,
- 0x0000001f, group_rid, &pol_grp) : False;
-
- res2 = res1 ? samr_delete_dom_group(&pol_grp) : False;
-
- res1 = res1 ? samr_close(&pol_grp) : False;
- res = res ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- if (res && res1 && res2)
- {
- DEBUG(5,("cmd_sam_delete_dom_group: succeeded\n"));
- report(out_hnd, "Delete Domain Group: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_delete_dom_group: failed\n"));
- report(out_hnd, "Delete Domain Group: FAILED\n");
- }
-}
-
-
-/****************************************************************************
-SAM add group member.
-****************************************************************************/
-void cmd_sam_add_groupmem(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid;
- DOM_SID sid1;
- POLICY_HND pol_grp;
- BOOL res = True;
- BOOL res1 = True;
- BOOL res2 = True;
- BOOL res3 = True;
- BOOL res4 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 group_rid[1];
- uint32 group_type[1];
- char **names = NULL;
- uint32 num_names = 0;
- fstring group_name;
- char *group_names[1];
- uint32 rid [MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- uint32 num_rids;
- uint32 num_group_rids;
- uint32 i;
- DOM_SID sid_1_5_20;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
- POLICY_HND pol_blt;
-
- string_to_sid(&sid_1_5_20, "S-1-5-32");
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
+ init_dom_sid(&sid1, sid);
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- if (argc < 3)
+ if (next_token(NULL, rid_str , NULL, sizeof(rid_str )) &&
+ next_token(NULL, info_str, NULL, sizeof(info_str)))
{
- report(out_hnd, "addgroupmem <group name> [member name1] [member name2] ...\n");
- return;
+ user_rid = (uint32)strtol(rid_str , (char**)NULL, 16);
+ info_level = (uint32)strtol(info_str, (char**)NULL, 10);
}
-
- argc--;
- argv++;
- group_names[0] = argv[0];
+ fprintf(out_hnd, "SAM Query User: rid %x info level %d\n",
+ user_rid, info_level);
+ fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
+ info->myhostname, srv_name, domain, sid);
- argc--;
- argv++;
-
- num_names = argc;
- names = argv;
-
- report(out_hnd, "SAM Add Domain Group member\n");
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res4 = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
+ res = res ? do_samr_connect(smb_cli,
+ srv_name, 0x00000020,
+ &info->dom.samr_pol_connect) : False;
/* connect to the domain */
- res3 = res ? samr_open_domain( &sam_pol, ace_perms, &sid_1_5_20,
- &pol_blt) : False;
-
- res2 = res4 ? samr_query_lookup_names( &pol_dom, 0x000003e8,
- 1, group_names,
- &num_group_rids, group_rid, group_type) : False;
-
- /* open the group */
- res2 = res2 ? samr_open_group( &pol_dom,
- 0x0000001f, group_rid[0], &pol_grp) : False;
-
- if (!res2 || (group_type != NULL && group_type[0] == SID_NAME_UNKNOWN))
- {
- res2 = res3 ? samr_query_lookup_names( &pol_blt, 0x000003e8,
- 1, group_names,
- &num_group_rids, group_rid, group_type) : False;
+ res = res ? do_samr_open_domain(smb_cli,
+ &info->dom.samr_pol_connect, admin_rid, &sid1,
+ &info->dom.samr_pol_open_domain) : False;
- /* open the group */
- res2 = res2 ? samr_open_group( &pol_blt,
- 0x0000001f, group_rid[0], &pol_grp) : False;
- }
+ fprintf(out_hnd, "User RID: %8x User Name: %s\n",
+ user_rid,
+ info->dom.sam[user_idx].acct_name);
- if (res2 && group_type[0] == SID_NAME_ALIAS)
+ /* send user info query, level */
+ if (get_samr_query_userinfo(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ info_level, user_rid, &usr))
{
- report(out_hnd, "%s is a local alias, not a group. Use addaliasmem command instead\n",
- group_name);
- return;
- }
- res1 = res2 ? samr_query_lookup_names( &pol_dom, 0x000003e8,
- num_names, names,
- &num_rids, rid, type) : False;
-
- if (num_rids == 0)
- {
- report(out_hnd, "Member names not known\n");
- }
- for (i = 0; i < num_rids && res2 && res1; i++)
- {
- if (type[i] == SID_NAME_UNKNOWN)
+ if (info_level == 0x15)
{
- report(out_hnd, "Name %s unknown\n", names[i]);
+ display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr);
+ display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
+ display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr);
}
- else
- {
- if (samr_add_groupmem(&pol_grp, rid[i]))
- {
- report(out_hnd, "RID added to Group 0x%x: 0x%x\n",
- group_rid[0], rid[i]);
- }
- }
- }
-
- res1 = res ? samr_close(&pol_grp) : False;
- res1 = res3 ? samr_close(&pol_blt) : False;
- res1 = res4 ? samr_close(&pol_dom) : False;
- res = res ? samr_close(&sam_pol) : False;
-
- free_char_array(num_names, names);
-
- if (res && res1 && res2)
- {
- DEBUG(5,("cmd_sam_add_groupmem: succeeded\n"));
- report(out_hnd, "Add Domain Group Member: OK\n");
- }
- else
- {
- DEBUG(5,("cmd_sam_add_groupmem: failed\n"));
- report(out_hnd, "Add Domain Group Member: FAILED\n");
}
-#if 0
- if (group_rid != NULL)
- {
- free(group_rid);
- }
- if (group_type != NULL)
- {
- free(group_type);
- }
-#endif
-}
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_connect) : False;
-/****************************************************************************
-SAM create domain group.
-****************************************************************************/
-void cmd_sam_create_dom_group(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- char *acct_name;
- fstring acct_desc;
- fstring sid;
- DOM_SID sid1;
- BOOL res = True;
- BOOL res1 = True;
- uint32 ace_perms = 0x02000000; /* absolutely no idea. */
- uint32 group_rid;
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_open_domain) : False;
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc < 2)
- {
- report(out_hnd, "creategroup: <acct name> [acct description]\n");
- }
-
- acct_name = argv[1];
-
- if (argc < 3)
- {
- acct_desc[0] = 0;
- }
- else
- {
- safe_strcpy(acct_desc, argv[2], sizeof(acct_desc)-1);
- }
-
-
- report(out_hnd, "SAM Create Domain Group\n");
- report(out_hnd, "Domain: %s Name: %s Description: %s\n",
- domain, acct_name, acct_desc);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, ace_perms, &sid1,
- &pol_dom) : False;
-
- /* read some users */
- res1 = res ? create_samr_domain_group( &pol_dom,
- acct_name, acct_desc, &group_rid) : False;
-
- res = res ? samr_close( &pol_dom) : False;
-
- res = res ? samr_close( &sam_pol) : False;
+ /* close the session */
+ cli_nt_session_close(smb_cli);
- if (res && res1)
+ if (res)
{
- DEBUG(5,("cmd_sam_create_dom_group: succeeded\n"));
- report(out_hnd, "Create Domain Group: OK\n");
+ DEBUG(5,("cmd_sam_query_user: succeeded\n"));
}
else
{
- DEBUG(5,("cmd_sam_create_dom_group: failed\n"));
- report(out_hnd, "Create Domain Group: FAILED\n");
+ DEBUG(5,("cmd_sam_query_user: failed\n"));
}
}
+
/****************************************************************************
-experimental SAM users enum.
+experimental SAM groups query.
****************************************************************************/
-void cmd_sam_enum_users(struct client_info *info, int argc, char *argv[])
+void cmd_sam_query_groups(struct client_info *info)
{
- BOOL request_user_info = False;
- BOOL request_group_info = False;
- BOOL request_alias_info = False;
- struct acct_info *sam = NULL;
- uint32 num_sam_entries = 0;
- int opt;
-
fstring srv_name;
fstring domain;
fstring sid;
DOM_SID sid1;
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- while ((opt = getopt(argc, argv, "uga")) != EOF)
- {
- switch (opt)
- {
- case 'u':
- {
- request_user_info = True;
- break;
- }
- case 'g':
- {
- request_group_info = True;
- break;
- }
- case 'a':
- {
- request_alias_info = True;
- break;
- }
- }
- }
-
- report(out_hnd, "SAM Enumerate Users\n");
-
- msrpc_sam_enum_users(srv_name, domain, &sid1,
- &sam, &num_sam_entries,
- sam_display_user,
- request_user_info ? sam_display_user_info : NULL,
- request_group_info ? sam_display_group_members : NULL,
- request_alias_info ? sam_display_group_members : NULL);
-
- if (sam != NULL)
- {
- free(sam);
- }
-}
-
-
-/****************************************************************************
-experimental SAM group query members.
-****************************************************************************/
-void cmd_sam_query_groupmem(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
BOOL res = True;
- BOOL res1 = True;
-
- char *group_name;
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
+ fstring info_str;
+ uint32 switch_value = 2;
+ uint32 admin_rid = 0x304; /* absolutely no idea. */
+ sid_to_string(sid, &info->dom.level5_sid);
fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
- if (sid.num_auths == 0)
+ if (strlen(sid) == 0)
{
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 2)
- {
- report(out_hnd, "samgroupmem <name>\n");
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
}
- group_name = argv[1];
+ init_dom_sid(&sid1, sid);
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Query Group: %s\n", group_name);
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid_str);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x304, &sid,
- &pol_dom) : False;
-
- /* look up group rid */
- names[0] = group_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- if (res1 && num_rids == 1)
+ if (next_token(NULL, info_str, NULL, sizeof(info_str)))
{
- res1 = req_groupmem_info( &pol_dom,
- domain,
- &sid,
- rid[0],
- names[0],
- sam_display_group_members);
+ switch_value = (uint32)strtol(info_str, (char**)NULL, 10);
}
- res = res ? samr_close( &sam_pol) : False;
+ fprintf(out_hnd, "SAM Query Groups: info level %d\n", switch_value);
+ fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
+ info->myhostname, srv_name, domain, sid);
- res = res ? samr_close( &pol_dom) : False;
-
- if (res1)
- {
- DEBUG(5,("cmd_sam_query_group: succeeded\n"));
- }
- else
- {
- DEBUG(5,("cmd_sam_query_group: failed\n"));
- }
-}
-
-
-/****************************************************************************
-experimental SAM group query.
-****************************************************************************/
-void cmd_sam_query_group(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
- BOOL res = True;
- BOOL res1 = True;
-
- char *group_name;
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
-
- if (sid.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 2)
- {
- report(out_hnd, "samgroup <name>\n");
- return;
- }
-
- group_name = argv[1];
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Query Group: %s\n", group_name);
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid_str);
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
+ res = res ? do_samr_connect(smb_cli,
+ srv_name, 0x00000020,
+ &info->dom.samr_pol_connect) : False;
/* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x304, &sid,
- &pol_dom) : False;
+ res = res ? do_samr_open_domain(smb_cli,
+ &info->dom.samr_pol_connect, admin_rid, &sid1,
+ &info->dom.samr_pol_open_domain) : False;
- /* look up group rid */
- names[0] = group_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
+ /* send a samr 0x8 command */
+ res = res ? do_samr_query_dom_info(smb_cli,
+ &info->dom.samr_pol_open_domain, switch_value) : False;
- if (res1 && num_rids == 1)
- {
- res1 = query_groupinfo( &pol_dom,
- domain,
- &sid,
- rid[0],
- sam_display_group_info);
- }
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_connect) : False;
- res = res ? samr_close( &sam_pol) : False;
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_open_domain) : False;
- res = res ? samr_close( &pol_dom) : False;
+ /* close the session */
+ cli_nt_session_close(smb_cli);
- if (res1)
+ if (res)
{
- DEBUG(5,("cmd_sam_query_group: succeeded\n"));
+ DEBUG(5,("cmd_sam_query_groups: succeeded\n"));
}
else
{
- DEBUG(5,("cmd_sam_query_group: failed\n"));
+ DEBUG(5,("cmd_sam_query_groups: failed\n"));
}
}
/****************************************************************************
-experimental SAM user query.
+experimental SAM aliases query.
****************************************************************************/
-void cmd_sam_query_user(struct client_info *info, int argc, char *argv[])
+void cmd_sam_enum_aliases(struct client_info *info)
{
fstring srv_name;
fstring domain;
- fstring sid_str;
- DOM_SID sid;
+ fstring sid;
+ DOM_SID sid1;
BOOL res = True;
- BOOL res1 = True;
- int opt;
-
- char *user_name;
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
BOOL request_user_info = False;
- BOOL request_group_info = False;
BOOL request_alias_info = False;
+ uint32 admin_rid = 0x304; /* absolutely no idea. */
+ fstring tmp;
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
+ uint32 num_aliases = 3;
+ uint32 alias_rid[3] = { DOMAIN_GROUP_RID_ADMINS, DOMAIN_GROUP_RID_USERS, DOMAIN_GROUP_RID_GUESTS };
+ fstring alias_names [3];
+ uint32 num_als_usrs[3];
- if (sid.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 2)
+ sid_to_string(sid, &info->dom.level3_sid);
+ fstrcpy(domain, info->dom.level3_dom);
+#if 0
+ fstrcpy(sid , "S-1-5-20");
+#endif
+ if (strlen(sid) == 0)
{
- report(out_hnd, "samuser <name> [-u] [-g] [-a]\n");
+ fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
return;
}
- user_name = argv[1];
-
- argc--;
- argv++;
-
- while ((opt = getopt(argc, argv, "uga")) != EOF)
- {
- switch (opt)
- {
- case 'u':
- {
- request_user_info = True;
- break;
- }
- case 'g':
- {
- request_group_info = True;
- break;
- }
- case 'a':
- {
- request_alias_info = True;
- break;
- }
- }
- }
+ init_dom_sid(&sid1, sid);
fstrcpy(srv_name, "\\\\");
fstrcat(srv_name, info->dest_host);
strupper(srv_name);
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Query User: %s\n", user_name);
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid_str);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x304, &sid,
- &pol_dom) : False;
-
- /* look up user rid */
- names[0] = user_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- /* send user info query */
- if (res1 && num_rids == 1)
- {
- msrpc_sam_user( &pol_dom, NULL,
- domain,
- &sid, NULL,
- rid[0], names[0],
- sam_display_user,
- request_user_info ? sam_display_user_info : NULL,
- request_group_info ? sam_display_group_members : NULL,
- request_alias_info ? sam_display_group_members : NULL);
- }
- else
- {
- res1 = False;
- }
-
- res = res ? samr_close( &sam_pol) : False;
- res = res ? samr_close( &pol_dom) : False;
-
- if (res1)
- {
- DEBUG(5,("cmd_sam_query_user: succeeded\n"));
- }
- else
- {
- DEBUG(5,("cmd_sam_query_user: failed\n"));
- }
-}
-
-
-/****************************************************************************
-experimental SAM user set.
-****************************************************************************/
-void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
- BOOL res = True;
- BOOL res1 = True;
- int opt;
- BOOL set_acb_bits = False;
-
- fstring user_name;
-
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
- SAM_USER_INFO_16 usr16;
- uint16 acb_set = 0x0;
-
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
-
- if (sid.num_auths == 0)
+ /* a bad way to do token parsing... */
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
+ request_user_info |= strequal(tmp, "-u");
+ request_alias_info |= strequal(tmp, "-g");
}
- if (argc < 2)
+ if (next_token(NULL, tmp, NULL, sizeof(tmp)))
{
- report(out_hnd, "samuserset2 <name> [-s <acb_bits>]\n");
- return;
+ request_user_info |= strequal(tmp, "-u");
+ request_alias_info |= strequal(tmp, "-g");
}
- argc--;
- argv++;
-
- safe_strcpy(user_name, argv[0], sizeof(user_name));
-
- while ((opt = getopt(argc, argv,"s:")) != EOF)
- {
- switch (opt)
- {
- case 's':
- {
- set_acb_bits = True;
- acb_set = get_number(optarg);
- break;
- }
- }
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid_str, &sid);
+ fprintf(out_hnd, "SAM Enumerate Aliases\n");
+ fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
+ info->myhostname, srv_name, domain, sid);
- report(out_hnd, "SAM Set User Info: %s\n", user_name);
+ /* open SAMR session. negotiate credentials */
+ res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
/* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
+ res = res ? do_samr_connect(smb_cli,
+ srv_name, 0x00000020,
+ &info->dom.samr_pol_connect) : False;
/* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x02000000, &sid,
- &pol_dom) : False;
-
- /* look up user rid */
- names[0] = user_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- /* send set user info */
- if (res1 && num_rids == 1 && get_samr_query_userinfo( &pol_dom,
- 0x10, rid[0],
- (void*)&usr16))
- {
- void *usr = NULL;
- uint32 switch_value = 0;
-
- if (set_acb_bits)
- {
- usr16.acb_info |= acb_set;
- }
+ res = res ? do_samr_open_domain(smb_cli,
+ &info->dom.samr_pol_connect, admin_rid, &sid1,
+ &info->dom.samr_pol_open_domain) : False;
- if (True)
- {
- SAM_USER_INFO_16 *p = (SAM_USER_INFO_16 *)malloc(sizeof(SAM_USER_INFO_16));
- p->acb_info = usr16.acb_info;
+ /* send a query on the aliase */
+ res = res ? do_samr_query_unknown_12(smb_cli,
+ &info->dom.samr_pol_open_domain, admin_rid, num_aliases, alias_rid,
+ &num_aliases, alias_names, num_als_usrs) : False;
- usr = (void*)p;
- switch_value = 16;
- }
-
- if (usr != NULL)
- {
- res1 = set_samr_set_userinfo2( &pol_dom,
- switch_value, rid[0], usr);
- }
- }
- res = res ? samr_close( &sam_pol) : False;
-
- res = res ? samr_close( &pol_dom) : False;
-
- if (res1)
- {
- report(out_hnd, "Set User Info: OK\n");
- DEBUG(5,("cmd_sam_query_user: succeeded\n"));
- }
- else
+ if (res)
{
- report(out_hnd, "Set User Info: Failed\n");
- DEBUG(5,("cmd_sam_query_user: failed\n"));
+ display_alias_name_info(out_hnd, ACTION_HEADER , num_aliases, alias_names, num_als_usrs);
+ display_alias_name_info(out_hnd, ACTION_ENUMERATE, num_aliases, alias_names, num_als_usrs);
+ display_alias_name_info(out_hnd, ACTION_FOOTER , num_aliases, alias_names, num_als_usrs);
}
-}
-/****************************************************************************
-experimental SAM user set.
-****************************************************************************/
-void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
- BOOL res = True;
- BOOL res1 = True;
- int opt;
- BOOL set_passwd = False;
-
- fstring user_name;
- fstring password;
-
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
- SAM_USER_INFO_21 usr21;
+#if 0
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
+ /* read some users */
+ res = res ? do_samr_enum_dom_users(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ num_entries, unk_0, acb_mask, unk_1, 0xffff,
+ info->dom.sam, &info->dom.num_sam_entries) : False;
- if (sid.num_auths == 0)
+ if (res && info->dom.num_sam_entries == 0)
{
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
+ fprintf(out_hnd, "No users\n");
}
- argc--;
- argv++;
-
- if (argc == 0)
+ if (request_user_info || request_alias_info)
{
- report(out_hnd, "samuserset <name> [-p password]\n");
- return;
- }
+ /* query all the users */
+ user_idx = 0;
- safe_strcpy(user_name, argv[0], sizeof(user_name));
+ while (res && user_idx < info->dom.num_sam_entries)
+ {
+ uint32 user_rid = info->dom.sam[user_idx].smb_userid;
+ SAM_USER_INFO_21 usr;
- if (argc == 1)
- {
- fstring pass_str;
- char *pass;
- slprintf(pass_str, sizeof(pass_str)-1, "Enter %s's Password:",
- user_name);
- pass = (char*)getpass(pass_str);
+ fprintf(out_hnd, "User RID: %8x User Name: %s\n",
+ user_rid,
+ info->dom.sam[user_idx].acct_name);
- if (pass != NULL)
- {
- safe_strcpy(password, pass,
- sizeof(password)-1);
- set_passwd = True;
- }
- }
- else
- {
- while ((opt = getopt(argc, argv,"p:")) != EOF)
- {
- switch (opt)
+ if (request_user_info)
{
- case 'p':
+ /* send user info query, level 0x15 */
+ if (get_samr_query_userinfo(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ 0x15, user_rid, &usr))
{
- set_passwd = True;
- safe_strcpy(password, optarg,
- sizeof(password)-1);
- break;
+ display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr);
+ display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
+ display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr);
}
}
- }
- }
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Set User Info: %s\n", user_name);
- report(out_hnd, "Password: %s\n", password);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x02000000, &sid,
- &pol_dom) : False;
-
- /* look up user rid */
- names[0] = user_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- /* send set user info */
- if (res1 && num_rids == 1 && get_samr_query_userinfo( &pol_dom,
- 0x15, rid[0], &usr21))
- {
- void *usr = NULL;
- uint32 switch_value = 0;
- char pwbuf[516];
-
- if (set_passwd)
- {
- encode_pw_buffer(pwbuf, password,
- strlen(password), True);
- }
+ if (request_alias_info)
+ {
+ uint32 num_aliases;
+ DOM_GID gid[LSA_MAX_GROUPS];
- if (True)
- {
- SAM_USER_INFO_24 *p = (SAM_USER_INFO_24*)malloc(sizeof(SAM_USER_INFO_24));
- make_sam_user_info24(p, pwbuf, strlen(password));
+ /* send user aliase query */
+ if (get_samr_query_useraliases(smb_cli,
+ &info->dom.samr_pol_open_domain,
+ user_rid, &num_aliases, gid))
+ {
+ display_alias_info(out_hnd, ACTION_HEADER , num_aliases, gid);
+ display_alias_info(out_hnd, ACTION_ENUMERATE, num_aliases, gid);
+ display_alias_info(out_hnd, ACTION_FOOTER , num_aliases, gid);
+ }
+ }
- usr = p;
- switch_value = 24;
- }
-
- if (False)
- {
- SAM_USER_INFO_23 *p = (SAM_USER_INFO_23*)malloc(sizeof(SAM_USER_INFO_23));
- /* send user info query, level 0x15 */
- make_sam_user_info23W(p,
- &usr21.logon_time,
- &usr21.logoff_time,
- &usr21.kickoff_time,
- &usr21.pass_last_set_time,
- &usr21.pass_can_change_time,
- &usr21.pass_must_change_time,
-
- &usr21.uni_user_name,
- &usr21.uni_full_name,
- &usr21.uni_home_dir,
- &usr21.uni_dir_drive,
- &usr21.uni_logon_script,
- &usr21.uni_profile_path,
- &usr21.uni_acct_desc,
- &usr21.uni_workstations,
- &usr21.uni_unknown_str,
- &usr21.uni_munged_dial,
-
- 0x0,
- usr21.group_rid,
- usr21.acb_info,
-
- 0x09f827fa,
- usr21.logon_divs,
- &usr21.logon_hrs,
- usr21.unknown_5,
- pwbuf,
- usr21.unknown_6);
-
- usr = p;
- switch_value = 23;
+ user_idx++;
}
- if (usr != NULL)
- {
- res1 = set_samr_set_userinfo( &pol_dom,
- switch_value, rid[0], usr);
- }
- }
- res = res ? samr_close( &sam_pol) : False;
-
- res = res ? samr_close( &pol_dom) : False;
-
- if (res1)
- {
- report(out_hnd, "Set User Info: OK\n");
- DEBUG(5,("cmd_sam_query_user: succeeded\n"));
- }
- else
- {
- report(out_hnd, "Set User Info: Failed\n");
- DEBUG(5,("cmd_sam_query_user: failed\n"));
- }
-}
-
-static void sam_display_disp_info(const char* domain, const DOM_SID *sid,
- uint16 info, uint32 num,
- SAM_DISPINFO_CTR *ctr)
-
-{
- report(out_hnd, "SAM Display Info for Domain %s\n", domain);
-
- display_sam_disp_info_ctr(out_hnd, ACTION_HEADER , info, num, ctr);
- display_sam_disp_info_ctr(out_hnd, ACTION_ENUMERATE, info, num, ctr);
- display_sam_disp_info_ctr(out_hnd, ACTION_FOOTER , info, num, ctr);
-}
-
-/****************************************************************************
-experimental SAM query display info.
-****************************************************************************/
-void cmd_sam_query_dispinfo(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid;
- DOM_SID sid1;
- uint16 switch_value = 1;
- SAM_DISPINFO_CTR ctr;
- SAM_DISPINFO_1 inf1;
- uint32 num_entries;
-
- sid_to_string(sid, &info->dom.level5_sid);
- fstrcpy(domain, info->dom.level5_dom);
-
- string_to_sid(&sid1, sid);
-
- if (sid1.num_auths == 0)
- {
- fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- if (argc > 1)
- {
- switch_value = strtoul(argv[1], (char**)NULL, 10);
- }
-
- ctr.sam.info1 = &inf1;
-
- if (msrpc_sam_query_dispinfo( srv_name, domain, &sid1,
- switch_value,
- &num_entries, &ctr, sam_display_disp_info))
- {
-
- DEBUG(5,("cmd_sam_query_dispinfo: succeeded\n"));
- }
- else
- {
- DEBUG(5,("cmd_sam_query_dispinfo: failed\n"));
- }
-}
-
-/****************************************************************************
-experimental SAM domain info query.
-****************************************************************************/
-void cmd_sam_query_dominfo(struct client_info *info, int argc, char *argv[])
-{
- fstring domain;
- fstring sid;
- DOM_SID sid1;
- uint32 switch_value = 2;
- SAM_UNK_CTR ctr;
- fstring srv_name;
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid, &info->dom.level5_sid);
- fstrcpy(domain, info->dom.level5_dom);
-
- string_to_sid(&sid1, sid);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc > 1)
- {
- switch_value = strtoul(argv[1], (char**)NULL, 10);
- }
-
- if (sam_query_dominfo(srv_name, &sid1, switch_value, &ctr))
- {
- DEBUG(5,("cmd_sam_query_dominfo: succeeded\n"));
- sam_display_dom_info(domain, &sid1, switch_value, &ctr);
- }
- else
- {
- DEBUG(5,("cmd_sam_query_dominfo: failed\n"));
- }
-}
-
-/****************************************************************************
-experimental SAM alias query members.
-****************************************************************************/
-void cmd_sam_query_aliasmem(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
- BOOL res = True;
- BOOL res1 = True;
-
- char *alias_name;
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
-
- if (sid.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- if (argc < 2)
- {
- report(out_hnd, "samaliasmem <name>\n");
- return;
- }
-
- alias_name = argv[1];
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Query Alias: %s\n", alias_name);
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid_str);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x304, &sid,
- &pol_dom) : False;
-
- /* look up alias rid */
- names[0] = alias_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- if (res1 && num_rids == 1)
- {
- res1 = req_aliasmem_info(srv_name,
- &pol_dom,
- domain,
- &sid,
- rid[0],
- names[0],
- sam_display_alias_members);
- }
-
- res = res ? samr_close( &sam_pol) : False;
-
- res = res ? samr_close( &pol_dom) : False;
-
- if (res1)
- {
- DEBUG(5,("cmd_sam_query_alias: succeeded\n"));
- }
- else
- {
- DEBUG(5,("cmd_sam_query_alias: failed\n"));
- }
-}
-
-
-/****************************************************************************
-experimental SAM alias query.
-****************************************************************************/
-void cmd_sam_query_alias(struct client_info *info, int argc, char *argv[])
-{
- fstring srv_name;
- fstring domain;
- fstring sid_str;
- DOM_SID sid;
- BOOL res = True;
- BOOL res1 = True;
-
- char *alias_name;
- char *names[1];
- uint32 num_rids;
- uint32 rid[MAX_LOOKUP_SIDS];
- uint32 type[MAX_LOOKUP_SIDS];
- POLICY_HND sam_pol;
- POLICY_HND pol_dom;
-
- fstrcpy(domain, info->dom.level5_dom);
- sid_copy(&sid, &info->dom.level5_sid);
-
- if (sid.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
}
+#endif
- if (argc < 2)
- {
- report(out_hnd, "samalias <name>\n");
- return;
- }
-
- alias_name = argv[1];
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- sid_to_string(sid_str, &sid);
-
- report(out_hnd, "SAM Query Alias: %s\n", alias_name);
- report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
- info->myhostname, srv_name, domain, sid_str);
-
- /* establish a connection. */
- res = res ? samr_connect( srv_name, 0x02000000,
- &sam_pol) : False;
-
- /* connect to the domain */
- res = res ? samr_open_domain( &sam_pol, 0x304, &sid,
- &pol_dom) : False;
-
- /* look up alias rid */
- names[0] = alias_name;
- res1 = res ? samr_query_lookup_names( &pol_dom, 0x3e8,
- 1, names,
- &num_rids, rid, type) : False;
-
- if (res1 && num_rids == 1)
- {
- res1 = query_aliasinfo( &pol_dom,
- domain,
- &sid,
- rid[0],
- sam_display_alias_info);
- }
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_connect) : False;
- res = res ? samr_close( &sam_pol) : False;
+ res = res ? do_samr_close(smb_cli,
+ &info->dom.samr_pol_open_domain) : False;
- res = res ? samr_close( &pol_dom) : False;
+ /* close the session */
+ cli_nt_session_close(smb_cli);
- if (res1)
+ if (res)
{
- DEBUG(5,("cmd_sam_query_alias: succeeded\n"));
+ DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
}
else
{
- DEBUG(5,("cmd_sam_query_alias: failed\n"));
+ DEBUG(5,("cmd_sam_enum_users: failed\n"));
}
}
-/****************************************************************************
-SAM aliases query.
-****************************************************************************/
-void cmd_sam_enum_aliases(struct client_info *info, int argc, char *argv[])
-{
- BOOL request_member_info = False;
- BOOL request_alias_info = False;
- struct acct_info *sam = NULL;
- uint32 num_sam_entries = 0;
- int opt;
-
- fstring domain;
- fstring srv_name;
- fstring sid;
- DOM_SID sid1;
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- while ((opt = getopt(argc, argv, "ma")) != EOF)
- {
- switch (opt)
- {
- case 'm':
- {
- request_member_info = True;
- break;
- }
- case 'a':
- {
- request_alias_info = True;
- break;
- }
- }
- }
-
- report(out_hnd, "SAM Enumerate Aliases\n");
-
- msrpc_sam_enum_aliases(srv_name, domain, &sid1,
- &sam, &num_sam_entries,
- sam_display_alias,
- request_alias_info ? sam_display_alias_info : NULL,
- request_member_info ? sam_display_alias_members : NULL);
-
- if (sam != NULL)
- {
- free(sam);
- }
-}
-
-/****************************************************************************
-experimental SAM groups enum.
-****************************************************************************/
-void cmd_sam_enum_groups(struct client_info *info, int argc, char *argv[])
-{
- BOOL request_member_info = False;
- BOOL request_group_info = False;
- struct acct_info *sam = NULL;
- uint32 num_sam_entries = 0;
- int opt;
-
- fstring srv_name;
- fstring domain;
- fstring sid;
- DOM_SID sid1;
- sid_copy(&sid1, &info->dom.level5_sid);
- sid_to_string(sid, &sid1);
- fstrcpy(domain, info->dom.level5_dom);
-
- if (sid1.num_auths == 0)
- {
- report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
- return;
- }
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- while ((opt = getopt(argc, argv, "mg")) != EOF)
- {
- switch (opt)
- {
- case 'm':
- {
- request_member_info = True;
- break;
- }
- case 'g':
- {
- request_group_info = True;
- break;
- }
- }
- }
-
- report(out_hnd, "SAM Enumerate Groups\n");
-
- msrpc_sam_enum_groups(srv_name, domain, &sid1,
- &sam, &num_sam_entries,
- sam_display_group,
- request_group_info ? sam_display_group_info : NULL,
- request_member_info ? sam_display_group_members : NULL);
-
- if (sam != NULL)
- {
- free(sam);
- }
-}
-
-/****************************************************************************
-experimental SAM domains enum.
-****************************************************************************/
-void cmd_sam_enum_domains(struct client_info *info, int argc, char *argv[])
-{
- BOOL request_domain_info = False;
- struct acct_info *sam = NULL;
- uint32 num_sam_entries = 0;
- int opt;
-
- fstring srv_name;
-
- fstrcpy(srv_name, "\\\\");
- fstrcat(srv_name, info->dest_host);
- strupper(srv_name);
-
- while ((opt = getopt(argc, argv, "i")) != EOF)
- {
- switch (opt)
- {
- case 'i':
- {
- request_domain_info= True;
- break;
- }
- }
- }
-
- report(out_hnd, "SAM Enumerate Domains\n");
-
- msrpc_sam_enum_domains(srv_name,
- &sam, &num_sam_entries,
- request_domain_info ? NULL : sam_display_domain,
- request_domain_info ? sam_display_dom_info : NULL);
-
- if (sam != NULL)
- {
- free(sam);
- }
-}
-
generated by cgit (git 2.34.1) at 2024-06-02 04:33:05 +0000