diff options
Diffstat (limited to 'source3/rpcclient')
-rw-r--r-- | source3/rpcclient/cmd_samr.c | 141 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 1 |
2 files changed, 115 insertions, 27 deletions
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index ed66962a82..0a482e0256 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -244,7 +244,7 @@ void cmd_sam_del_aliasmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ DOM_SID member_sid; uint32 alias_rid; @@ -281,7 +281,7 @@ void cmd_sam_del_aliasmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -335,7 +335,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 alias_rid = 0; const char *names[1]; uint32 rid [MAX_LOOKUP_SIDS]; @@ -374,7 +374,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; names[0] = name; @@ -433,7 +433,7 @@ void cmd_sam_add_aliasmem(struct client_info *info) BOOL res2 = True; BOOL res3 = True; BOOL res4 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 alias_rid; const char **names = NULL; int num_names = 0; @@ -525,7 +525,7 @@ void cmd_sam_add_aliasmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -583,6 +583,93 @@ void cmd_sam_add_aliasmem(struct client_info *info) /**************************************************************************** +SAM create domain user. +****************************************************************************/ +void cmd_sam_create_dom_user(struct client_info *info) +{ + uint16 fnum; + fstring srv_name; + fstring domain; + fstring acct_name; + fstring acct_desc; + fstring sid; + DOM_SID sid1; + BOOL res = True; + BOOL res1 = True; + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ + uint32 user_rid; + + sid_copy(&sid1, &info->dom.level5_sid); + sid_to_string(sid, &sid1); + fstrcpy(domain, info->dom.level5_dom); + + if (sid1.num_auths == 0) + { + fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + return; + } + + + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->dest_host); + strupper(srv_name); + + if (!next_token(NULL, acct_name, NULL, sizeof(acct_name))) + { + fprintf(out_hnd, "createuser: <acct name> [acct description]\n"); + } + + if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc))) + { + acct_desc[0] = 0; + } + + + fprintf(out_hnd, "SAM Create Domain User\n"); + fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n", + domain, acct_name, acct_desc); + + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False; + + /* establish a connection. */ + res = res ? samr_connect(smb_cli, fnum, + srv_name, 0x00000020, + &info->dom.samr_pol_connect) : False; + + /* connect to the domain */ + res = res ? samr_open_domain(smb_cli, fnum, + &info->dom.samr_pol_connect, ace_perms, &sid1, + &info->dom.samr_pol_open_domain) : False; + + /* create a domain user */ + res1 = res ? create_samr_domain_user(smb_cli, fnum, + &info->dom.samr_pol_open_domain, + acct_name, ACB_NORMAL, &user_rid) : False; + + res = res ? samr_close(smb_cli, fnum, + &info->dom.samr_pol_open_domain) : False; + + res = res ? samr_close(smb_cli, fnum, + &info->dom.samr_pol_connect) : False; + + /* close the session */ + cli_nt_session_close(smb_cli, fnum); + + if (res && res1) + { + DEBUG(5,("cmd_sam_create_dom_user: succeeded\n")); + fprintf(out_hnd, "Create Domain User: OK\n"); + } + else + { + DEBUG(5,("cmd_sam_create_dom_user: failed\n")); + fprintf(out_hnd, "Create Domain User: FAILED\n"); + } +} + + +/**************************************************************************** SAM create domain alias. ****************************************************************************/ void cmd_sam_create_dom_alias(struct client_info *info) @@ -596,7 +683,7 @@ void cmd_sam_create_dom_alias(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL res1 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x00000211; /* permissions */ uint32 alias_rid; sid_copy(&sid1, &info->dom.level5_sid); @@ -639,7 +726,7 @@ void cmd_sam_create_dom_alias(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* create a domain alias */ @@ -684,7 +771,7 @@ void cmd_sam_del_groupmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 member_rid; uint32 group_rid; @@ -721,7 +808,7 @@ void cmd_sam_del_groupmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the domain */ @@ -776,7 +863,7 @@ void cmd_sam_delete_dom_group(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 group_rid = 0; const char *names[1]; uint32 rid [MAX_LOOKUP_SIDS]; @@ -815,7 +902,7 @@ void cmd_sam_delete_dom_group(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; names[0] = name; @@ -872,7 +959,7 @@ void cmd_sam_add_groupmem(struct client_info *info) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 flags = 0x200003f3; /* absolutely no idea. */ + uint32 ace_perms = 0x200003f3; /* absolutely no idea. */ uint32 group_rid = 0; const char **names = NULL; uint32 num_names = 0; @@ -925,7 +1012,7 @@ void cmd_sam_add_groupmem(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; res1 = res ? samr_query_lookup_names(smb_cli, fnum, @@ -999,7 +1086,7 @@ void cmd_sam_create_dom_group(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL res1 = True; - uint32 flags = 0x220; /* absolutely no idea. */ + uint32 ace_perms = 0x220; /* absolutely no idea. */ uint32 group_rid; sid_copy(&sid1, &info->dom.level5_sid); @@ -1042,7 +1129,7 @@ void cmd_sam_create_dom_group(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* read some users */ @@ -1192,7 +1279,7 @@ void cmd_sam_enum_users(struct client_info *info) uint16 unk_0 = 0x0; uint16 acb_mask = 0; uint16 unk_1 = 0x0; - uint32 flags = 0x304; /* access control permissions */ + uint32 ace_perms = 0x304; /* access control permissions */ fstring tmp; int i; @@ -1269,12 +1356,12 @@ void cmd_sam_enum_users(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* connect to the S-1-5-20 domain */ res1 = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid_1_5_20, + &info->dom.samr_pol_connect, ace_perms, &sid_1_5_20, &info->dom.samr_pol_open_builtindom) : False; info->dom.sam = NULL; @@ -1358,7 +1445,7 @@ void cmd_sam_query_user(struct client_info *info) DOM_SID sid1; int user_idx = 0; /* FIXME maybe ... */ BOOL res = True; - uint32 flags = 0x304; /* absolutely no idea. */ + uint32 ace_perms = 0x304; /* absolutely no idea. */ fstring rid_str ; fstring info_str; uint32 user_rid = 0; @@ -1403,7 +1490,7 @@ void cmd_sam_query_user(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; fprintf(out_hnd, "User RID: %8x User Name: %s\n", @@ -1456,7 +1543,7 @@ void cmd_sam_query_dominfo(struct client_info *info) BOOL res = True; fstring info_str; uint32 switch_value = 2; - uint32 flags = 0x304; /* absolutely no idea. */ + uint32 ace_perms = 0x304; /* absolutely no idea. */ sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); @@ -1492,7 +1579,7 @@ void cmd_sam_query_dominfo(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; /* send a samr 0x8 command */ @@ -1531,7 +1618,7 @@ void cmd_sam_enum_aliases(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL request_member_info = False; - uint32 flags = 0x200003f3; /* access control permissions */ + uint32 ace_perms = 0x200003f3; /* access control permissions */ fstring tmp; uint32 alias_idx; @@ -1572,7 +1659,7 @@ void cmd_sam_enum_aliases(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; info->dom.sam = NULL; @@ -1740,7 +1827,7 @@ void cmd_sam_enum_groups(struct client_info *info) DOM_SID sid1; BOOL res = True; BOOL request_member_info = False; - uint32 flags = 0x200003f3; /* access control permissions. */ + uint32 ace_perms = 0x200003f3; /* access control permissions. */ fstring tmp; uint32 group_idx; @@ -1779,7 +1866,7 @@ void cmd_sam_enum_groups(struct client_info *info) /* connect to the domain */ res = res ? samr_open_domain(smb_cli, fnum, - &info->dom.samr_pol_connect, flags, &sid1, + &info->dom.samr_pol_connect, ace_perms, &sid1, &info->dom.samr_pol_open_domain) : False; info->dom.sam = NULL; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index fb520004da..a0e3fe90a3 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -132,6 +132,7 @@ struct {"addaliasmem",cmd_sam_add_aliasmem,"<alias rid> [member sid1] [member sid2] ... SAM Add Domain Alias Member"}, {"creategroup",cmd_sam_create_dom_group,"SAM Create Domain Group"}, {"createalias",cmd_sam_create_dom_alias,"SAM Create Domain Alias"}, + {"createuser", cmd_sam_create_dom_user,"<username> SAM Create Domain User"}, {"delgroup", cmd_sam_delete_dom_group,"SAM Delete Domain Group"}, {"delalias", cmd_sam_delete_dom_alias,"SAM Delete Domain Alias"}, {"ntpass", cmd_sam_ntchange_pwd, "NT SAM Password Change"}, |