summaryrefslogtreecommitdiff
path: root/source3/rpcclient
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpcclient')
-rw-r--r--source3/rpcclient/cmd_samr.c14
-rw-r--r--source3/rpcclient/display_sec.c43
2 files changed, 52 insertions, 5 deletions
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 82194c84c7..5e1f0c37dd 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -1757,7 +1757,7 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
{
POLICY_HND connect_pol, domain_pol, user_pol, *pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 info_level = 4;
+ uint32 sec_info = DACL_SECURITY_INFORMATION;
fstring server;
uint32 user_rid = 0;
TALLOC_CTX *ctx = NULL;
@@ -1766,8 +1766,8 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
ctx=talloc_init("cmd_samr_query_sec_obj");
- if ((argc < 1) || (argc > 2)) {
- printf("Usage: %s [rid|-d]\n", argv[0]);
+ if ((argc < 1) || (argc > 3)) {
+ printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]);
printf("\tSpecify rid for security on user, -d for security on domain\n");
return NT_STATUS_OK;
}
@@ -1778,6 +1778,10 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
else
sscanf(argv[1], "%i", &user_rid);
}
+
+ if (argc == 3) {
+ sec_info = atoi(argv[2]);
+ }
slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
strupper_m(server);
@@ -1815,14 +1819,14 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
/* Query SAM security object */
- result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, info_level, ctx,
+ result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx,
&sec_desc_buf);
if (!NT_STATUS_IS_OK(result))
goto done;
display_sec_desc(sec_desc_buf->sec);
-
+
rpccli_samr_close(cli, mem_ctx, &user_pol);
rpccli_samr_close(cli, mem_ctx, &domain_pol);
rpccli_samr_close(cli, mem_ctx, &connect_pol);
diff --git a/source3/rpcclient/display_sec.c b/source3/rpcclient/display_sec.c
index 2a93c915f1..bc735fa00c 100644
--- a/source3/rpcclient/display_sec.c
+++ b/source3/rpcclient/display_sec.c
@@ -115,6 +115,41 @@ void display_sec_acl(SEC_ACL *sec_acl)
}
+void display_acl_type(uint16 type)
+{
+ static fstring typestr="";
+
+ typestr[0] = 0;
+
+ if (type & SEC_DESC_OWNER_DEFAULTED) /* 0x0001 */
+ fstrcat(typestr, "SEC_DESC_OWNER_DEFAULTED ");
+ if (type & SEC_DESC_GROUP_DEFAULTED) /* 0x0002 */
+ fstrcat(typestr, "SEC_DESC_GROUP_DEFAULTED ");
+ if (type & SEC_DESC_DACL_PRESENT) /* 0x0004 */
+ fstrcat(typestr, "SEC_DESC_DACL_PRESENT ");
+ if (type & SEC_DESC_DACL_DEFAULTED) /* 0x0008 */
+ fstrcat(typestr, "SEC_DESC_DACL_DEFAULTED ");
+ if (type & SEC_DESC_SACL_PRESENT) /* 0x0010 */
+ fstrcat(typestr, "SEC_DESC_SACL_PRESENT ");
+ if (type & SEC_DESC_SACL_DEFAULTED) /* 0x0020 */
+ fstrcat(typestr, "SEC_DESC_SACL_DEFAULTED ");
+ if (type & SEC_DESC_DACL_TRUSTED) /* 0x0040 */
+ fstrcat(typestr, "SEC_DESC_DACL_TRUSTED ");
+ if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */
+ fstrcat(typestr, "SEC_DESC_SERVER_SECURITY ");
+ if (type & 0x0100) fstrcat(typestr, "0x0100 ");
+ if (type & 0x0200) fstrcat(typestr, "0x0200 ");
+ if (type & 0x0400) fstrcat(typestr, "0x0400 ");
+ if (type & 0x0800) fstrcat(typestr, "0x0800 ");
+ if (type & 0x1000) fstrcat(typestr, "0x1000 ");
+ if (type & 0x2000) fstrcat(typestr, "0x2000 ");
+ if (type & 0x4000) fstrcat(typestr, "0x4000 ");
+ if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */
+ fstrcat(typestr, "SEC_DESC_SELF_RELATIVE ");
+
+ printf("type: 0x%04x: %s\n", type, typestr);
+}
+
/****************************************************************************
display sec_desc structure
****************************************************************************/
@@ -122,6 +157,14 @@ void display_sec_desc(SEC_DESC *sec)
{
fstring sid_str;
+ if (!sec) {
+ printf("NULL\n");
+ return;
+ }
+
+ printf("revision: %d\n", sec->revision);
+ display_acl_type(sec->type);
+
if (sec->sacl) {
printf("SACL\n");
display_sec_acl(sec->sacl);