diff options
Diffstat (limited to 'source3/rpcclient')
-rw-r--r-- | source3/rpcclient/cmd_ds.c | 84 | ||||
-rw-r--r-- | source3/rpcclient/cmd_dssetup.c | 69 | ||||
-rw-r--r-- | source3/rpcclient/cmd_lsarpc.c | 120 | ||||
-rw-r--r-- | source3/rpcclient/cmd_netlogon.c | 352 | ||||
-rw-r--r-- | source3/rpcclient/cmd_samr.c | 610 | ||||
-rw-r--r-- | source3/rpcclient/cmd_spoolss.c | 10 | ||||
-rw-r--r-- | source3/rpcclient/cmd_wkssvc.c | 37 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 16 |
8 files changed, 856 insertions, 442 deletions
diff --git a/source3/rpcclient/cmd_ds.c b/source3/rpcclient/cmd_ds.c deleted file mode 100644 index 1f36dc3b45..0000000000 --- a/source3/rpcclient/cmd_ds.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - Unix SMB/CIFS implementation. - RPC pipe client - - Copyright (C) Gerald Carter 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "rpcclient.h" - -/* Look up domain related information on a remote host */ - -static NTSTATUS cmd_ds_dsrole_getprimarydominfo(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) -{ - NTSTATUS result; - DS_DOMINFO_CTR ctr; - - result = rpccli_ds_getprimarydominfo( cli, mem_ctx, DsRolePrimaryDomainInfoBasic, &ctr ); - if ( NT_STATUS_IS_OK(result) ) - { - printf ("Machine Role = [%d]\n", ctr.basic->machine_role); - - if ( ctr.basic->flags & DSROLE_PRIMARY_DS_RUNNING ) { - printf( "Directory Service is running.\n"); - printf( "Domain is in %s mode.\n", (ctr.basic->flags & DSROLE_PRIMARY_DS_MIXED_MODE) ? "mixed" : "native" ); - } - else - printf( "Directory Service not running on server\n"); - } - - return result; -} - -static NTSTATUS cmd_ds_enum_domain_trusts(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx, int argc, - const char **argv) -{ - NTSTATUS result; - uint32 flags = DS_DOMAIN_IN_FOREST; - struct ds_domain_trust *trusts = NULL; - unsigned int num_domains = 0; - int i; - - if (argc > 1) { - flags = atoi(argv[1]); - } - - result = rpccli_ds_enum_domain_trusts( cli, mem_ctx, cli->cli->desthost, flags, - &trusts, &num_domains ); - - printf( "%d domains returned\n", num_domains ); - - for (i=0; i<num_domains; i++ ) - printf("%s (%s)\n", trusts[i].dns_domain, trusts[i].netbios_domain); - - return result; -} - -/* List of commands exported by this module */ - -struct cmd_set ds_commands[] = { - - { "LSARPC-DS" }, - - { "dsroledominfo", RPC_RTYPE_NTSTATUS, cmd_ds_dsrole_getprimarydominfo, NULL, PI_LSARPC_DS, NULL, "Get Primary Domain Information", "" }, - { "dsenumdomtrusts", RPC_RTYPE_NTSTATUS, cmd_ds_enum_domain_trusts, NULL, PI_NETLOGON, NULL, "Enumerate all trusted domains in an AD forest", "" }, - -{ NULL } -}; diff --git a/source3/rpcclient/cmd_dssetup.c b/source3/rpcclient/cmd_dssetup.c new file mode 100644 index 0000000000..6ec58e9388 --- /dev/null +++ b/source3/rpcclient/cmd_dssetup.c @@ -0,0 +1,69 @@ +/* + Unix SMB/CIFS implementation. + RPC pipe client + + Copyright (C) Gerald Carter 2002 + Copyright (C) Guenther Deschner 2008 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "rpcclient.h" + +/* Look up domain related information on a remote host */ + +static WERROR cmd_ds_dsrole_getprimarydominfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status; + WERROR werr; + union dssetup_DsRoleInfo info; + + status = rpccli_dssetup_DsRoleGetPrimaryDomainInformation(cli, mem_ctx, + DS_ROLE_BASIC_INFORMATION, + &info, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (!W_ERROR_IS_OK(werr)) { + return werr; + } + + printf ("Machine Role = [%d]\n", info.basic.role); + + if (info.basic.flags & DS_ROLE_PRIMARY_DS_RUNNING) { + printf("Directory Service is running.\n"); + printf("Domain is in %s mode.\n", + (info.basic.flags & DS_ROLE_PRIMARY_DS_MIXED_MODE) ? "mixed" : "native" ); + } else { + printf("Directory Service not running on server\n"); + } + + return werr; +} + +/* List of commands exported by this module */ + +struct cmd_set ds_commands[] = { + + { "LSARPC-DS" }, + + { "dsroledominfo", RPC_RTYPE_WERROR, NULL, cmd_ds_dsrole_getprimarydominfo, PI_DSSETUP, NULL, "Get Primary Domain Information", "" }, + +{ NULL } +}; diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index d54f67264a..05269d7711 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -893,25 +893,15 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, return result; } -static void display_trust_dom_info_1(TRUSTED_DOMAIN_INFO_NAME *n) -{ - printf("NetBIOS Name:\t%s\n", unistr2_static(&n->netbios_name.unistring)); -} - -static void display_trust_dom_info_3(TRUSTED_DOMAIN_INFO_POSIX_OFFSET *p) -{ - printf("Posix Offset:\t%08x (%d)\n", p->posix_offset, p->posix_offset); -} - -static void display_trust_dom_info_4(TRUSTED_DOMAIN_INFO_PASSWORD *p, const char *password) +static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p, const char *password) { char *pwd, *pwd_old; - DATA_BLOB data = data_blob(NULL, p->password.length); - DATA_BLOB data_old = data_blob(NULL, p->old_password.length); + DATA_BLOB data = data_blob(NULL, p->password->length); + DATA_BLOB data_old = data_blob(NULL, p->old_password->length); - memcpy(data.data, p->password.data, p->password.length); - memcpy(data_old.data, p->old_password.data, p->old_password.length); + memcpy(data.data, p->password->data, p->password->length); + memcpy(data_old.data, p->old_password->data, p->old_password->length); pwd = decrypt_trustdom_secret(password, &data); pwd_old = decrypt_trustdom_secret(password, &data_old); @@ -926,35 +916,25 @@ static void display_trust_dom_info_4(TRUSTED_DOMAIN_INFO_PASSWORD *p, const char data_blob_free(&data_old); } -static void display_trust_dom_info_6(TRUSTED_DOMAIN_INFO_EX *i) -{ - printf("Domain Name:\t\t%s\n", unistr2_static(&i->domain_name.unistring)); - printf("NetBIOS Name:\t\t%s\n", unistr2_static(&i->netbios_name.unistring)); - printf("SID:\t\t\t%s\n", sid_string_tos(&i->sid.sid)); - printf("Trust Direction:\t0x%08x\n", i->trust_direction); - printf("Trust Type:\t\t0x%08x\n", i->trust_type); - printf("Trust Attributes:\t0x%08x\n", i->trust_attributes); -} - - -static void display_trust_dom_info(LSA_TRUSTED_DOMAIN_INFO *info, uint32 info_class, const char *pass) +static void display_trust_dom_info(TALLOC_CTX *mem_ctx, + union lsa_TrustedDomainInfo *info, + enum lsa_TrustDomInfoEnum info_class, + const char *pass) { switch (info_class) { - case 1: - display_trust_dom_info_1(&info->name); - break; - case 3: - display_trust_dom_info_3(&info->posix_offset); - break; - case 4: - display_trust_dom_info_4(&info->password, pass); - break; - case 6: - display_trust_dom_info_6(&info->info_ex); - break; - default: - printf("unsupported info-class: %d\n", info_class); - break; + case LSA_TRUSTED_DOMAIN_INFO_PASSWORD: + display_trust_dom_info_4(&info->password, pass); + break; + default: { + const char *str = NULL; + str = NDR_PRINT_UNION_STRING(mem_ctx, + lsa_TrustedDomainInfo, + info_class, info); + if (str) { + d_printf("%s\n", str); + } + break; + } } } @@ -966,9 +946,8 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID dom_sid; uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - LSA_TRUSTED_DOMAIN_INFO *info; - - uint32 info_class = 1; + union lsa_TrustedDomainInfo info; + enum lsa_TrustDomInfoEnum info_class = 1; if (argc > 3 || argc < 2) { printf("Usage: %s [sid] [info_class]\n", argv[0]); @@ -986,13 +965,15 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_query_trusted_domain_info_by_sid(cli, mem_ctx, &pol, - info_class, &dom_sid, &info); - + result = rpccli_lsa_QueryTrustedDomainInfoBySid(cli, mem_ctx, + &pol, + &dom_sid, + info_class, + &info); if (!NT_STATUS_IS_OK(result)) goto done; - display_trust_dom_info(info, info_class, cli->pwd.password); + display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: if (&pol) @@ -1001,6 +982,11 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli, return result; } +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) @@ -1008,8 +994,9 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - LSA_TRUSTED_DOMAIN_INFO *info; - uint32 info_class = 1; + union lsa_TrustedDomainInfo info; + enum lsa_TrustDomInfoEnum info_class = 1; + struct lsa_String trusted_domain; if (argc > 3 || argc < 2) { printf("Usage: %s [name] [info_class]\n", argv[0]); @@ -1024,13 +1011,17 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_query_trusted_domain_info_by_name(cli, mem_ctx, &pol, - info_class, argv[1], &info); + init_lsa_String(&trusted_domain, argv[1]); + result = rpccli_lsa_QueryTrustedDomainInfoByName(cli, mem_ctx, + &pol, + trusted_domain, + info_class, + &info); if (!NT_STATUS_IS_OK(result)) goto done; - display_trust_dom_info(info, info_class, cli->pwd.password); + display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: if (&pol) @@ -1046,9 +1037,9 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli, POLICY_HND pol, trustdom_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - LSA_TRUSTED_DOMAIN_INFO *info; + union lsa_TrustedDomainInfo info; DOM_SID dom_sid; - uint32 info_class = 1; + enum lsa_TrustDomInfoEnum info_class = 1; if (argc > 3 || argc < 2) { printf("Usage: %s [sid] [info_class]\n", argv[0]); @@ -1066,20 +1057,25 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - - result = rpccli_lsa_open_trusted_domain(cli, mem_ctx, &pol, - &dom_sid, access_mask, &trustdom_pol); + + result = rpccli_lsa_OpenTrustedDomain(cli, mem_ctx, + &pol, + &dom_sid, + access_mask, + &trustdom_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_lsa_query_trusted_domain_info(cli, mem_ctx, &trustdom_pol, - info_class, &info); + result = rpccli_lsa_QueryTrustedDomainInfo(cli, mem_ctx, + &trustdom_pol, + info_class, + &info); if (!NT_STATUS_IS_OK(result)) goto done; - display_trust_dom_info(info, info_class, cli->pwd.password); + display_trust_dom_info(mem_ctx, &info, info_class, cli->pwd.password); done: if (&pol) diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index e997bb5090..aad538a0ee 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -48,7 +48,7 @@ static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { - fstring dcname; + char *dcname = NULL; WERROR result = WERR_GENERAL_FAILURE; int old_timeout; @@ -60,7 +60,7 @@ static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli, /* Make sure to wait for our DC's reply */ old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */ - result = rpccli_netlogon_getanydcname(cli, mem_ctx, cli->cli->desthost, argv[1], dcname); + result = rpccli_netlogon_getanydcname(cli, mem_ctx, cli->cli->desthost, argv[1], &dcname); cli_set_timeout(cli->cli, old_timeout); @@ -79,7 +79,7 @@ static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { - fstring dcname; + char *dcname = NULL; WERROR result = WERR_GENERAL_FAILURE; int old_timeout; @@ -91,7 +91,7 @@ static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli, /* Make sure to wait for our DC's reply */ old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */ - result = rpccli_netlogon_getdcname(cli, mem_ctx, cli->cli->desthost, argv[1], dcname); + result = rpccli_netlogon_getdcname(cli, mem_ctx, cli->cli->desthost, argv[1], &dcname); cli_set_timeout(cli->cli, old_timeout); @@ -165,12 +165,13 @@ static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli, const char **argv) { WERROR result; - uint32 flags = DS_RETURN_DNS_NAME; + NTSTATUS status; + uint32_t flags = DS_RETURN_DNS_NAME; const char *server_name = cli->cli->desthost; const char *domain_name; const char *site_name = NULL; struct GUID domain_guid = GUID_zero(); - struct DS_DOMAIN_CONTROLLER_INFO *info = NULL; + struct netr_DsRGetDCNameInfo *info = NULL; if (argc < 2) { fprintf(stderr, "Usage: %s [domain_name] [domain_guid] " @@ -178,8 +179,7 @@ static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli, return WERR_OK; } - if (argc >= 2) - domain_name = argv[1]; + domain_name = argv[1]; if (argc >= 3) { if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) { @@ -187,26 +187,34 @@ static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli, } } - if (argc >= 4) + if (argc >= 4) { site_name = argv[3]; + } - if (argc >= 5) + if (argc >= 5) { sscanf(argv[4], "%x", &flags); + } debug_dsdcinfo_flags(1,flags); - result = rpccli_netlogon_dsr_getdcnameex(cli, mem_ctx, server_name, domain_name, - &domain_guid, site_name, flags, - &info); + status = rpccli_netr_DsRGetDCNameEx(cli, mem_ctx, + server_name, + domain_name, + &domain_guid, + site_name, + flags, + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } - if (W_ERROR_IS_OK(result)) { - d_printf("DsGetDcNameEx gave\n"); - display_ds_domain_controller_info(mem_ctx, info); - return WERR_OK; + if (!W_ERROR_IS_OK(result)) { + return result; } - printf("rpccli_netlogon_dsr_getdcnameex returned %s\n", - dos_errstr(result)); + d_printf("DsRGetDCNameEx gave %s\n", + NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info)); return result; } @@ -216,14 +224,15 @@ static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli, const char **argv) { WERROR result; - uint32 flags = DS_RETURN_DNS_NAME; + NTSTATUS status; + uint32_t flags = DS_RETURN_DNS_NAME; const char *server_name = cli->cli->desthost; const char *domain_name = NULL; const char *client_account = NULL; - uint32 mask = 0; + uint32_t mask = 0; const char *site_name = NULL; struct GUID domain_guid = GUID_zero(); - struct DS_DOMAIN_CONTROLLER_INFO *info = NULL; + struct netr_DsRGetDCNameInfo *info = NULL; if (argc < 2) { fprintf(stderr, "Usage: %s [client_account] [acb_mask] " @@ -232,14 +241,17 @@ static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli, return WERR_OK; } - if (argc >= 2) + if (argc >= 2) { client_account = argv[1]; + } - if (argc >= 3) + if (argc >= 3) { mask = atoi(argv[2]); + } - if (argc >= 4) + if (argc >= 4) { domain_name = argv[3]; + } if (argc >= 5) { if (!NT_STATUS_IS_OK(GUID_from_string(argv[4], &domain_guid))) { @@ -247,28 +259,36 @@ static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli, } } - if (argc >= 6) + if (argc >= 6) { site_name = argv[5]; + } - if (argc >= 7) + if (argc >= 7) { sscanf(argv[6], "%x", &flags); + } debug_dsdcinfo_flags(1,flags); - result = rpccli_netlogon_dsr_getdcnameex2(cli, mem_ctx, server_name, - client_account, mask, - domain_name, &domain_guid, - site_name, flags, - &info); + status = rpccli_netr_DsRGetDCNameEx2(cli, mem_ctx, + server_name, + client_account, + mask, + domain_name, + &domain_guid, + site_name, + flags, + &info, + &result); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } - if (W_ERROR_IS_OK(result)) { - d_printf("DsGetDcNameEx2 gave\n"); - display_ds_domain_controller_info(mem_ctx, info); - return WERR_OK; + if (!W_ERROR_IS_OK(result)) { + return result; } - printf("rpccli_netlogon_dsr_getdcnameex2 returned %s\n", - dos_errstr(result)); + d_printf("DsRGetDCNameEx2 gave %s\n", + NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info)); return result; } @@ -539,6 +559,255 @@ static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli, return result; } +static WERROR cmd_netlogon_gettrustrid(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + const char *domain_name = lp_workgroup(); + uint32_t rid = 0; + + if (argc < 1 || argc > 3) { + fprintf(stderr, "Usage: %s <server_name> <domain_name>\n", + argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + if (argc >= 3) { + domain_name = argv[2]; + } + + status = rpccli_netr_LogonGetTrustRid(cli, mem_ctx, + server_name, + domain_name, + &rid, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + printf("Rid: %d\n", rid); + } + done: + return werr; +} + +static WERROR cmd_netlogon_dsr_enumtrustdom(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + uint32_t trust_flags = NETR_TRUST_FLAG_IN_FOREST; + struct netr_DomainTrustList trusts; + + if (argc < 1 || argc > 3) { + fprintf(stderr, "Usage: %s <server_name> <trust_flags>\n", + argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + if (argc >= 3) { + sscanf(argv[2], "%x", &trust_flags); + } + + status = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx, + server_name, + trust_flags, + &trusts, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + int i; + + printf("%d domains returned\n", trusts.count); + + for (i=0; i<trusts.count; i++ ) { + printf("%s (%s)\n", + trusts.array[i].dns_name, + trusts.array[i].netbios_name); + } + } + done: + return werr; +} + +static WERROR cmd_netlogon_deregisterdnsrecords(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + const char *domain = lp_workgroup(); + const char *dns_host = NULL; + + if (argc < 1 || argc > 4) { + fprintf(stderr, "Usage: %s <server_name> <domain_name> " + "<dns_host>\n", argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + if (argc >= 3) { + domain = argv[2]; + } + + if (argc >= 4) { + dns_host = argv[3]; + } + + status = rpccli_netr_DsrDeregisterDNSHostRecords(cli, mem_ctx, + server_name, + domain, + NULL, + NULL, + dns_host, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + printf("success\n"); + } + done: + return werr; +} + +static WERROR cmd_netlogon_dsr_getforesttrustinfo(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + const char *trusted_domain_name = NULL; + struct lsa_ForestTrustInformation *info = NULL; + uint32_t flags = 0; + + if (argc < 1 || argc > 4) { + fprintf(stderr, "Usage: %s <server_name> <trusted_domain_name> " + "<flags>\n", argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + if (argc >= 3) { + trusted_domain_name = argv[2]; + } + + if (argc >= 4) { + sscanf(argv[3], "%x", &flags); + } + + status = rpccli_netr_DsRGetForestTrustInformation(cli, mem_ctx, + server_name, + trusted_domain_name, + flags, + &info, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + printf("success\n"); + } + done: + return werr; +} + +static WERROR cmd_netlogon_enumtrusteddomains(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + struct netr_Blob blob; + + + if (argc < 1 || argc > 3) { + fprintf(stderr, "Usage: %s <server_name>\n", argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + status = rpccli_netr_NetrEnumerateTrustedDomains(cli, mem_ctx, + server_name, + &blob, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + printf("success\n"); + dump_data(1, blob.data, blob.length); + } + done: + return werr; +} + +static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + WERROR werr = WERR_GENERAL_FAILURE; + const char *server_name = cli->cli->desthost; + struct netr_DomainTrustList list; + + if (argc < 1 || argc > 3) { + fprintf(stderr, "Usage: %s <server_name>\n", argv[0]); + return WERR_OK; + } + + if (argc >= 2) { + server_name = argv[1]; + } + + status = rpccli_netr_NetrEnumerateTrustedDomainsEx(cli, mem_ctx, + server_name, + &list, + &werr); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + if (W_ERROR_IS_OK(werr)) { + printf("success\n"); + } + done: + return werr; +} + + /* List of commands exported by this module */ @@ -553,11 +822,18 @@ struct cmd_set netlogon_commands[] = { { "dsr_getdcnameex", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcnameex, PI_NETLOGON, NULL, "Get trusted DC name", "" }, { "dsr_getdcnameex2", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcnameex2, PI_NETLOGON, NULL, "Get trusted DC name", "" }, { "dsr_getsitename", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getsitename, PI_NETLOGON, NULL, "Get sitename", "" }, + { "dsr_getforesttrustinfo", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getforesttrustinfo, PI_NETLOGON, NULL, "Get Forest Trust Info", "" }, { "logonctrl", RPC_RTYPE_NTSTATUS, cmd_netlogon_logon_ctrl, NULL, PI_NETLOGON, NULL, "Logon Control", "" }, { "samsync", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_sync, NULL, PI_NETLOGON, NULL, "Sam Synchronisation", "" }, { "samdeltas", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_deltas, NULL, PI_NETLOGON, NULL, "Query Sam Deltas", "" }, { "samlogon", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_logon, NULL, PI_NETLOGON, NULL, "Sam Logon", "" }, { "change_trust_pw", RPC_RTYPE_NTSTATUS, cmd_netlogon_change_trust_pw, NULL, PI_NETLOGON, NULL, "Change Trust Account Password", "" }, + { "gettrustrid", RPC_RTYPE_WERROR, NULL, cmd_netlogon_gettrustrid, PI_NETLOGON, NULL, "Get trust rid", "" }, + { "dsr_enumtrustdom", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, "Enumerate trusted domains", "" }, + { "dsenumdomtrusts", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, "Enumerate all trusted domains in an AD forest", "" }, + { "deregisterdnsrecords", RPC_RTYPE_WERROR, NULL, cmd_netlogon_deregisterdnsrecords, PI_NETLOGON, NULL, "Deregister DNS records", "" }, + { "netrenumtrusteddomains", RPC_RTYPE_WERROR, NULL, cmd_netlogon_enumtrusteddomains, PI_NETLOGON, NULL, "Enumerate trusted domains", "" }, + { "netrenumtrusteddomainsex", RPC_RTYPE_WERROR, NULL, cmd_netlogon_enumtrusteddomainsex, PI_NETLOGON, NULL, "Enumerate trusted domains", "" }, { NULL } }; diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index dae6c42bf2..976bc86d9b 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -26,6 +26,11 @@ extern DOM_SID domain_sid; +static void init_lsa_String(struct lsa_String *name, const char *s) +{ + name->string = s; +} + /**************************************************************************** display sam_user_info_7 structure ****************************************************************************/ @@ -122,7 +127,7 @@ static void display_sam_user_info_21(SAM_USER_INFO_21 *usr) } -static void display_password_properties(uint32 password_properties) +static void display_password_properties(uint32_t password_properties) { printf("password_properties: 0x%08x\n", password_properties); @@ -135,8 +140,8 @@ static void display_password_properties(uint32 password_properties) if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE) printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n"); - if (password_properties & DOMAIN_LOCKOUT_ADMINS) - printf("\tDOMAIN_LOCKOUT_ADMINS\n"); + if (password_properties & DOMAIN_PASSWORD_LOCKOUT_ADMINS) + printf("\tDOMAIN_PASSWORD_LOCKOUT_ADMINS\n"); if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT) printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n"); @@ -374,16 +379,19 @@ static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); - + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) && (user_rid == 0)) { @@ -398,10 +406,11 @@ static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, &types); if (NT_STATUS_IS_OK(result)) { - result = rpccli_samr_open_user(cli, mem_ctx, - &domain_pol, - access_mask, - rids[0], &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + rids[0], + &user_pol); } } @@ -435,9 +444,9 @@ static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, break; } - rpccli_samr_close(cli, mem_ctx, &user_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &user_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; @@ -567,16 +576,20 @@ static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -589,9 +602,9 @@ static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli, display_group_info_ctr(group_ctr); - rpccli_samr_close(cli, mem_ctx, &group_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &group_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -632,16 +645,19 @@ static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -657,9 +673,9 @@ static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli, user_gids[i].g_rid, user_gids[i].attr); } - rpccli_samr_close(cli, mem_ctx, &user_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &user_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -694,8 +710,9 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, printf("%s is not a legal SID\n", argv[i]); return NT_STATUS_INVALID_PARAMETER; } - if (!add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids)) { - return NT_STATUS_NO_MEMORY; + result = add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids); + if (!NT_STATUS_IS_OK(result)) { + return result; } } @@ -722,14 +739,16 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &global_sid_Builtin, - &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else { printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]); return NT_STATUS_INVALID_PARAMETER; @@ -749,8 +768,8 @@ static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, printf("\tgroup rid:[0x%x]\n", alias_rids[i]); } - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -788,16 +807,20 @@ static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rid, &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rid, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -819,9 +842,9 @@ static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, group_attrs[i]); } - rpccli_samr_close(cli, mem_ctx, &group_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &group_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -864,9 +887,11 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -895,10 +920,10 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli, done: if (got_domain_pol) - rpccli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (got_connect_pol) - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); return result; } @@ -936,9 +961,11 @@ static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -968,10 +995,10 @@ static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli, done: if (got_domain_pol) - rpccli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (got_connect_pol) - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); return result; } @@ -1010,13 +1037,17 @@ static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, /* Get domain policy handle */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1047,10 +1078,10 @@ static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, done: if (got_domain_pol) - rpccli_samr_close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (got_connect_pol) - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); return result; } @@ -1088,13 +1119,17 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on domain */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1103,9 +1138,11 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, /* Open handle on alias */ - result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol, - access_mask, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(cli, mem_ctx, + &domain_pol, + access_mask, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1122,9 +1159,9 @@ static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, printf("\tsid:[%s]\n", sid_str); } - rpccli_samr_close(cli, mem_ctx, &alias_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &alias_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -1158,13 +1195,17 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on domain */ if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_INVALID_PARAMETER; @@ -1173,9 +1214,11 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, /* Open handle on alias */ - result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol, - access_mask, - alias_rid, &alias_pol); + result = rpccli_samr_OpenAlias(cli, mem_ctx, + &domain_pol, + access_mask, + alias_rid, + &alias_pol); if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) { /* Probably this was a user name, try lookupnames */ uint32 num_rids; @@ -1187,20 +1230,22 @@ static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, &types); if (NT_STATUS_IS_OK(result)) { - result = rpccli_samr_open_alias(cli, mem_ctx, + result = rpccli_samr_OpenAlias(cli, mem_ctx, &domain_pol, access_mask, - rids[0], &alias_pol); + rids[0], + &alias_pol); } } - result = rpccli_samr_delete_dom_alias(cli, mem_ctx, &alias_pol); + result = rpccli_samr_DeleteDomAlias(cli, mem_ctx, + &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -1259,9 +1304,11 @@ static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1335,8 +1382,8 @@ static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli, } } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -1374,9 +1421,11 @@ static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1433,9 +1482,9 @@ static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, } done: - - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); return result; } @@ -1447,18 +1496,19 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *acct_name; + struct lsa_String acct_name; uint32 acb_info; - uint32 user_rid; + uint32 acct_flags, user_rid; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t access_granted = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s username [access mask]\n", argv[0]); return NT_STATUS_OK; } - acct_name = argv[1]; - + init_lsa_String(&acct_name, argv[1]); + if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1472,9 +1522,11 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1482,22 +1534,31 @@ static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, /* Create domain user */ acb_info = ACB_NORMAL; - access_mask = 0xe005000b; + acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE | + SEC_STD_WRITE_DAC | SEC_STD_DELETE | + SAMR_USER_ACCESS_SET_PASSWORD | + SAMR_USER_ACCESS_GET_ATTRIBUTES | + SAMR_USER_ACCESS_SET_ATTRIBUTES; - result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol, - acct_name, acb_info, access_mask, - &user_pol, &user_rid); + result = rpccli_samr_CreateUser2(cli, mem_ctx, + &domain_pol, + &acct_name, + acb_info, + acct_flags, + &user_pol, + &access_granted, + &user_rid); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &user_pol); + result = rpccli_samr_Close(cli, mem_ctx, &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &domain_pol); + result = rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &connect_pol); + result = rpccli_samr_Close(cli, mem_ctx, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -1512,16 +1573,17 @@ static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, group_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *grp_name; + struct lsa_String grp_name; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t rid = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s groupname [access mask]\n", argv[0]); return NT_STATUS_OK; } - grp_name = argv[1]; - + init_lsa_String(&grp_name, argv[1]); + if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1535,29 +1597,33 @@ static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create domain user */ - - result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol, - grp_name, MAXIMUM_ALLOWED_ACCESS, - &group_pol); + result = rpccli_samr_CreateDomainGroup(cli, mem_ctx, + &domain_pol, + &grp_name, + MAXIMUM_ALLOWED_ACCESS, + &group_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &group_pol); + result = rpccli_samr_Close(cli, mem_ctx, &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &domain_pol); + result = rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &connect_pol); + result = rpccli_samr_Close(cli, mem_ctx, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -1572,16 +1638,17 @@ static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *alias_name; + struct lsa_String alias_name; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; + uint32_t rid = 0; if ((argc < 2) || (argc > 3)) { printf("Usage: %s aliasname [access mask]\n", argv[0]); return NT_STATUS_OK; } - alias_name = argv[1]; - + init_lsa_String(&alias_name, argv[1]); + if (argc > 2) sscanf(argv[2], "%x", &access_mask); @@ -1595,28 +1662,34 @@ static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create domain user */ - result = rpccli_samr_create_dom_alias(cli, mem_ctx, &domain_pol, - alias_name, &alias_pol); + result = rpccli_samr_CreateDomAlias(cli, mem_ctx, + &domain_pol, + &alias_name, + MAXIMUM_ALLOWED_ACCESS, + &alias_pol, + &rid); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &alias_pol); + result = rpccli_samr_Close(cli, mem_ctx, &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &domain_pol); + result = rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &connect_pol); + result = rpccli_samr_Close(cli, mem_ctx, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -1652,13 +1725,17 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1670,8 +1747,8 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, num_names = argc - 2; if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) { - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); result = NT_STATUS_NO_MEMORY; goto done; } @@ -1692,8 +1769,8 @@ static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, printf("name %s: 0x%x (%d)\n", names[i], rids[i], name_types[i]); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -1724,13 +1801,17 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, goto done; if (StrCaseCmp(argv[1], "domain")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin), + &domain_pol); else return NT_STATUS_OK; @@ -1742,8 +1823,8 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, num_rids = argc - 2; if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) { - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); result = NT_STATUS_NO_MEMORY; goto done; } @@ -1763,8 +1844,8 @@ static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, for (i = 0; i < num_names; i++) printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -1795,9 +1876,11 @@ static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1816,26 +1899,29 @@ static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol, - access_mask, - group_rids[0], &group_pol); + result = rpccli_samr_OpenGroup(cli, mem_ctx, + &domain_pol, + access_mask, + group_rids[0], + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; } - /* Delete user */ + /* Delete group */ - result = rpccli_samr_delete_dom_group(cli, mem_ctx, &group_pol); + result = rpccli_samr_DeleteDomainGroup(cli, mem_ctx, + &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Display results */ - rpccli_samr_close(cli, mem_ctx, &group_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &group_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; @@ -1867,9 +1953,11 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1888,9 +1976,11 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - access_mask, - user_rids[0], &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + access_mask, + user_rids[0], + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1898,16 +1988,17 @@ static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, /* Delete user */ - result = rpccli_samr_delete_dom_user(cli, mem_ctx, &user_pol); + result = rpccli_samr_DeleteUser(cli, mem_ctx, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Display results */ - rpccli_samr_close(cli, mem_ctx, &user_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &user_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; @@ -1958,17 +2049,21 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, goto done; if (domain || user_rid) - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; if (user_rid) - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -1993,9 +2088,9 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, display_sec_desc(sec_desc_buf->sd); - rpccli_samr_close(cli, mem_ctx, &user_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &user_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: talloc_destroy(ctx); return result; @@ -2007,14 +2102,14 @@ static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; POLICY_HND connect_pol, domain_pol, user_pol; - uint16 min_pwd_length; - uint32 password_properties, unknown1, rid; + struct samr_PwInfo info; + uint32_t rid; if (argc != 2) { printf("Usage: %s rid\n", argv[0]); return NT_STATUS_OK; } - + sscanf(argv[1], "%i", &rid); result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, @@ -2024,58 +2119,62 @@ static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, goto done; } - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rid, &user_pol); + result = rpccli_samr_OpenUser(cli, mem_ctx, + &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + rid, + &user_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_samr_get_usrdom_pwinfo(cli, mem_ctx, &user_pol, - &min_pwd_length, &password_properties, - &unknown1) ; - + result = rpccli_samr_GetUserPwInfo(cli, mem_ctx, &user_pol, &info); if (NT_STATUS_IS_OK(result)) { - printf("min_pwd_length: %d\n", min_pwd_length); - printf("unknown1: %d\n", unknown1); - display_password_properties(password_properties); + printf("min_password_length: %d\n", info.min_password_length); + printf("%s\n", + NDR_PRINT_STRUCT_STRING(mem_ctx, + samr_PasswordProperties, &info.password_properties)); } done: - rpccli_samr_close(cli, mem_ctx, &user_pol); - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &user_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); return result; } - -static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, +static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) + int argc, const char **argv) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint16 min_pwd_length; - uint32 password_properties; + struct lsa_String domain_name; + struct samr_PwInfo info; - if (argc != 1) { - printf("Usage: %s\n", argv[0]); + if (argc < 1 || argc > 3) { + printf("Usage: %s <domain>\n", argv[0]); return NT_STATUS_OK; } - result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &min_pwd_length, &password_properties) ; - + init_lsa_String(&domain_name, argv[1]); + + result = rpccli_samr_GetDomPwInfo(cli, mem_ctx, &domain_name, &info); + if (NT_STATUS_IS_OK(result)) { - printf("min_pwd_length: %d\n", min_pwd_length); - display_password_properties(password_properties); + printf("min_password_length: %d\n", info.min_password_length); + display_password_properties(info.password_properties); } return result; @@ -2105,8 +2204,11 @@ static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2114,14 +2216,14 @@ static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli, result = rpccli_samr_lookup_domain( cli, mem_ctx, &connect_pol, domain_name, &sid); - sid_to_fstring(sid_string,&sid); - - if (NT_STATUS_IS_OK(result)) + if (NT_STATUS_IS_OK(result)) { + sid_to_fstring(sid_string,&sid); printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n", domain_name,sid_string); + } - rpccli_samr_close(cli, mem_ctx, &domain_pol); - rpccli_samr_close(cli, mem_ctx, &connect_pol); + rpccli_samr_Close(cli, mem_ctx, &domain_pol); + rpccli_samr_Close(cli, mem_ctx, &connect_pol); done: return result; } @@ -2156,9 +2258,11 @@ static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2169,10 +2273,10 @@ static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &domain_pol); + result = rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &connect_pol); + result = rpccli_samr_Close(cli, mem_ctx, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; done: @@ -2212,9 +2316,11 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, /* Get domain policy handle */ - result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol, - access_mask, - &domain_sid, &domain_pol); + result = rpccli_samr_OpenDomain(cli, mem_ctx, + &connect_pol, + access_mask, + &domain_sid, + &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; @@ -2227,17 +2333,17 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, display_sam_unk_info_1(&info); switch (reject.reject_reason) { - case REJECT_REASON_TOO_SHORT: - d_printf("REJECT_REASON_TOO_SHORT\n"); + case SAMR_REJECT_TOO_SHORT: + d_printf("SAMR_REJECT_TOO_SHORT\n"); break; - case REJECT_REASON_IN_HISTORY: - d_printf("REJECT_REASON_IN_HISTORY\n"); + case SAMR_REJECT_IN_HISTORY: + d_printf("SAMR_REJECT_IN_HISTORY\n"); break; - case REJECT_REASON_NOT_COMPLEX: - d_printf("REJECT_REASON_NOT_COMPLEX\n"); + case SAMR_REJECT_COMPLEXITY: + d_printf("SAMR_REJECT_COMPLEXITY\n"); break; - case REJECT_REASON_OTHER: - d_printf("REJECT_REASON_OTHER\n"); + case SAMR_REJECT_OTHER: + d_printf("SAMR_REJECT_OTHER\n"); break; default: d_printf("unknown reject reason: %d\n", reject.reject_reason); @@ -2248,10 +2354,10 @@ static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &domain_pol); + result = rpccli_samr_Close(cli, mem_ctx, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; - result = rpccli_samr_close(cli, mem_ctx, &connect_pol); + result = rpccli_samr_Close(cli, mem_ctx, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; done: diff --git a/source3/rpcclient/cmd_spoolss.c b/source3/rpcclient/cmd_spoolss.c index a7969bddd1..b5282d2e9b 100644 --- a/source3/rpcclient/cmd_spoolss.c +++ b/source3/rpcclient/cmd_spoolss.c @@ -1222,9 +1222,10 @@ void set_drv_info_3_env (DRIVER_INFO_3 *info, const char *arch) static char* get_driver_3_param (char* str, const char* delim, UNISTR* dest) { char *ptr; + char *saveptr; /* get the next token */ - ptr = strtok(str, delim); + ptr = strtok_r(str, delim, &saveptr); /* a string of 'NULL' is used to represent an empty parameter because two consecutive delimiters @@ -1251,7 +1252,8 @@ static bool init_drv_info_3_members ( TALLOC_CTX *mem_ctx, DRIVER_INFO_3 *info, { char *str, *str2; uint32 len, i; - + char *saveptr = NULL; + /* fill in the UNISTR fields */ str = get_driver_3_param (args, ":", &info->name); str = get_driver_3_param (NULL, ":", &info->driverpath); @@ -1266,13 +1268,13 @@ static bool init_drv_info_3_members ( TALLOC_CTX *mem_ctx, DRIVER_INFO_3 *info, str = str2; /* begin to strip out each filename */ - str = strtok(str, ","); + str = strtok_r(str, ",", &saveptr); len = 0; while (str != NULL) { /* keep a cumlative count of the str lengths */ len += strlen(str)+1; - str = strtok(NULL, ","); + str = strtok_r(NULL, ",", &saveptr); } /* allocate the space; add one extra slot for a terminating NULL. diff --git a/source3/rpcclient/cmd_wkssvc.c b/source3/rpcclient/cmd_wkssvc.c index d136cd0d45..68f408cf48 100644 --- a/source3/rpcclient/cmd_wkssvc.c +++ b/source3/rpcclient/cmd_wkssvc.c @@ -124,11 +124,48 @@ static WERROR cmd_wkssvc_messagebuffersend(struct rpc_pipe_client *cli, return werr; } +static WERROR cmd_wkssvc_enumeratecomputernames(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + int argc, + const char **argv) +{ + const char *server_name; + enum wkssvc_ComputerNameType name_type = NetAllComputerNames; + NTSTATUS status; + struct wkssvc_ComputerNamesCtr *ctr = NULL; + WERROR werr; + + server_name = cli->cli->desthost; + + if (argc >= 2) { + name_type = atoi(argv[1]); + } + + status = rpccli_wkssvc_NetrEnumerateComputerNames(cli, mem_ctx, + server_name, + name_type, 0, + &ctr, + &werr); + if (!NT_STATUS_IS_OK(status)) { + return ntstatus_to_werror(status); + } + + if (W_ERROR_IS_OK(werr)) { + int i=0; + for (i = 0; i < ctr->count; i++) { + printf("name: %d %s\n", i, ctr->computer_name->string); + } + } + + return werr; +} + struct cmd_set wkssvc_commands[] = { { "WKSSVC" }, { "wkssvc_wkstagetinfo", RPC_RTYPE_WERROR, NULL, cmd_wkssvc_wkstagetinfo, PI_WKSSVC, NULL, "Query WKSSVC Workstation Information", "" }, { "wkssvc_getjoininformation", RPC_RTYPE_WERROR, NULL, cmd_wkssvc_getjoininformation, PI_WKSSVC, NULL, "Query WKSSVC Join Information", "" }, { "wkssvc_messagebuffersend", RPC_RTYPE_WERROR, NULL, cmd_wkssvc_messagebuffersend, PI_WKSSVC, NULL, "Send WKSSVC message", "" }, + { "wkssvc_enumeratecomputernames", RPC_RTYPE_WERROR, NULL, cmd_wkssvc_enumeratecomputernames, PI_WKSSVC, NULL, "Enumerate WKSSVC computer names", "" }, { NULL } }; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 6f6e1e6474..7b499918b0 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -134,7 +134,7 @@ static void fetch_machine_sid(struct cli_state *cli) POLICY_HND pol; NTSTATUS result = NT_STATUS_OK; uint32 info_class = 5; - char *domain_name = NULL; + const char *domain_name = NULL; static bool got_domain_sid; TALLOC_CTX *mem_ctx; DOM_SID *dom_sid = NULL; @@ -605,7 +605,7 @@ static NTSTATUS do_cmd(struct cli_state *cli, } if (cmd_entry->pipe_idx == PI_NETLOGON) { - uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS; + uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS; uint32 sec_channel_type; uchar trust_password[16]; @@ -850,6 +850,18 @@ out_free: goto done; } + if (get_cmdline_auth_info_smb_encrypt()) { + nt_status = cli_cm_force_encryption(cli, + get_cmdline_auth_info_username(), + get_cmdline_auth_info_password(), + lp_workgroup(), + "IPC$"); + if (!NT_STATUS_IS_OK(nt_status)) { + result = 1; + goto done; + } + } + #if 0 /* COMMENT OUT FOR TESTING */ memset(cmdline_auth_info.password,'X',sizeof(cmdline_auth_info.password)); #endif |