summaryrefslogtreecommitdiff
path: root/source4/torture/cmd_sam.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/torture/cmd_sam.c')
-rw-r--r--source4/torture/cmd_sam.c514
1 files changed, 514 insertions, 0 deletions
diff --git a/source4/torture/cmd_sam.c b/source4/torture/cmd_sam.c
new file mode 100644
index 0000000000..3f7f7dfe27
--- /dev/null
+++ b/source4/torture/cmd_sam.c
@@ -0,0 +1,514 @@
+/*
+ Unix SMB/CIFS implementation.
+ SAM module functions
+
+ Copyright (C) Jelmer Vernooij 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "samtest.h"
+
+static void print_account(SAM_ACCOUNT_HANDLE *a)
+{
+ /* FIXME */
+}
+
+static NTSTATUS cmd_context(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ NTSTATUS status;
+ char **plugins;
+ int i;
+
+ plugins = malloc(argc * sizeof(char *));
+
+ for(i = 1; i < argc; i++)
+ plugins[i-1] = argv[i];
+
+ plugins[argc-1] = NULL;
+
+ if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugins))) {
+ printf("make_sam_context_list failed: %s\n", nt_errstr(status));
+ SAFE_FREE(plugins);
+ return status;
+ }
+
+ SAFE_FREE(plugins);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_load_module(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ char *plugin_arg[2];
+ NTSTATUS status;
+ if (argc != 2 && argc != 3) {
+ printf("Usage: load <module path> [domain-name]\n");
+ return NT_STATUS_OK;
+ }
+
+ if (argc == 3)
+ asprintf(&plugin_arg[0], "plugin:%s|%s", argv[1], argv[2]);
+ else
+ asprintf(&plugin_arg[0], "plugin:%s", argv[1]);
+
+ plugin_arg[1] = NULL;
+
+ if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugin_arg))) {
+ free(plugin_arg[0]);
+ return status;
+ }
+
+ free(plugin_arg[0]);
+
+ printf("load: ok\n");
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_get_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_set_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_lookup_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ char *name;
+ uint32 type;
+ NTSTATUS status;
+ DOM_SID sid;
+ if (argc != 2) {
+ printf("Usage: lookup_sid <sid>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!string_to_sid(&sid, argv[1])){
+ printf("Unparseable SID specified!\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_lookup_sid(st->context, st->token, mem_ctx, &sid, &name, &type))) {
+ printf("sam_lookup_sid failed!\n");
+ return status;
+ }
+
+ printf("Name: %s\n", name);
+ printf("Type: %d\n", type); /* FIXME: What kind of an integer is type ? */
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_lookup_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ DOM_SID sid;
+ uint32 type;
+ NTSTATUS status;
+ if (argc != 3) {
+ printf("Usage: lookup_name <domain> <name>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_lookup_name(st->context, st->token, argv[1], argv[2], &sid, &type))) {
+ printf("sam_lookup_name failed!\n");
+ return status;
+ }
+
+ printf("SID: %s\n", sid_string_static(&sid));
+ printf("Type: %d\n", type);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_lookup_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_lookup_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_lookup_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ DOM_SID *sid;
+ NTSTATUS status;
+ if (argc != 2) {
+ printf("Usage: lookup_domain <domain>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_lookup_domain(st->context, st->token, argv[1], &sid))) {
+ printf("sam_lookup_name failed!\n");
+ return status;
+ }
+
+ printf("SID: %s\n", sid_string_static(sid));
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_enum_domains(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ int32 domain_count, i;
+ DOM_SID *domain_sids;
+ char **domain_names;
+ NTSTATUS status;
+
+ if (!NT_STATUS_IS_OK(status = sam_enum_domains(st->context, st->token, &domain_count, &domain_sids, &domain_names))) {
+ printf("sam_enum_domains failed!\n");
+ return status;
+ }
+
+ if (domain_count == 0) {
+ printf("No domains found!\n");
+ return NT_STATUS_OK;
+ }
+
+ for (i = 0; i < domain_count; i++) {
+ printf("%s %s\n", domain_names[i], sid_string_static(&domain_sids[i]));
+ }
+
+ SAFE_FREE(domain_sids);
+ SAFE_FREE(domain_names);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_update_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_show_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ NTSTATUS status;
+ DOM_SID sid;
+ SAM_DOMAIN_HANDLE *domain;
+ uint32 tmp_uint32;
+ uint16 tmp_uint16;
+ NTTIME tmp_nttime;
+ BOOL tmp_bool;
+ const char *tmp_string;
+
+ if (argc != 2) {
+ printf("Usage: show_domain <sid>\n");
+ return status;
+ }
+
+ if (!string_to_sid(&sid, argv[1])){
+ printf("Unparseable SID specified!\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_by_sid(st->context, st->token, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS, &sid, &domain))) {
+ printf("sam_get_domain_by_sid failed\n");
+ return status;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_num_accounts(domain, &tmp_uint32))) {
+ printf("sam_get_domain_num_accounts failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Number of accounts: %d\n", tmp_uint32);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_num_groups(domain, &tmp_uint32))) {
+ printf("sam_get_domain_num_groups failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Number of groups: %u\n", tmp_uint32);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_num_aliases(domain, &tmp_uint32))) {
+ printf("sam_get_domain_num_aliases failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Number of aliases: %u\n", tmp_uint32);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_name(domain, &tmp_string))) {
+ printf("sam_get_domain_name failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Domain Name: %s\n", tmp_string);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_count(domain, &tmp_uint16))) {
+ printf("sam_get_domain_lockout_count failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Lockout Count: %u\n", tmp_uint16);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_force_logoff(domain, &tmp_bool))) {
+ printf("sam_get_domain_force_logoff failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Force Logoff: %s\n", (tmp_bool?"Yes":"No"));
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_duration(domain, &tmp_nttime))) {
+ printf("sam_get_domain_lockout_duration failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Lockout duration: %u\n", tmp_nttime.low);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_login_pwdchange(domain, &tmp_bool))) {
+ printf("sam_get_domain_login_pwdchange failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Password changing allowed: %s\n", (tmp_bool?"Yes":"No"));
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_max_pwdage(domain, &tmp_nttime))) {
+ printf("sam_get_domain_max_pwdage failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Maximum password age: %u\n", tmp_nttime.low);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdage(domain, &tmp_nttime))) {
+ printf("sam_get_domain_min_pwdage failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Minimal password age: %u\n", tmp_nttime.low);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdlength(domain, &tmp_uint16))) {
+ printf("sam_get_domain_min_pwdlength: %s\n", nt_errstr(status));
+ } else {
+ printf("Minimal Password Length: %u\n", tmp_uint16);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_pwd_history(domain, &tmp_uint16))) {
+ printf("sam_get_domain_pwd_history failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Password history: %u\n", tmp_uint16);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_reset_count(domain, &tmp_nttime))) {
+ printf("sam_get_domain_reset_count failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Reset count: %u\n", tmp_nttime.low);
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_domain_server(domain, &tmp_string))) {
+ printf("sam_get_domain_server failed: %s\n", nt_errstr(status));
+ } else {
+ printf("Server: %s\n", tmp_string);
+ }
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_create_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_update_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_delete_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_enum_accounts(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ NTSTATUS status;
+ DOM_SID sid;
+ int32 account_count, i;
+ SAM_ACCOUNT_ENUM *accounts;
+
+ if (argc != 2) {
+ printf("Usage: enum_accounts <domain-sid>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!string_to_sid(&sid, argv[1])){
+ printf("Unparseable SID specified!\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_enum_accounts(st->context, st->token, &sid, 0, &account_count, &accounts))) {
+ printf("sam_enum_accounts failed: %s\n", nt_errstr(status));
+ return status;
+ }
+
+ if (account_count == 0) {
+ printf("No accounts found!\n");
+ return NT_STATUS_OK;
+ }
+
+ for (i = 0; i < account_count; i++)
+ printf("SID: %s\nName: %s\nFullname: %s\nDescription: %s\nACB_BITS: %08X\n\n",
+ sid_string_static(&accounts[i].sid), accounts[i].account_name,
+ accounts[i].full_name, accounts[i].account_desc,
+ accounts[i].acct_ctrl);
+
+ SAFE_FREE(accounts);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_lookup_account_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ NTSTATUS status;
+ DOM_SID sid;
+ SAM_ACCOUNT_HANDLE *account;
+
+ if (argc != 2) {
+ printf("Usage: lookup_account_sid <account-sid>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!string_to_sid(&sid, argv[1])){
+ printf("Unparseable SID specified!\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!NT_STATUS_IS_OK(status = sam_get_account_by_sid(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, &sid, &account))) {
+ printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
+ return status;
+ }
+
+ print_account(account);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_lookup_account_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ NTSTATUS status;
+ SAM_ACCOUNT_HANDLE *account;
+
+ if (argc != 3) {
+ printf("Usage: lookup_account_name <domain-name> <account-name>\n");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+
+ if (!NT_STATUS_IS_OK(status = sam_get_account_by_name(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, argv[1], argv[2], &account))) {
+ printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
+ return status;
+ }
+
+ print_account(account);
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS cmd_create_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_update_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_delete_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_enum_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_lookup_group_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_lookup_group_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_group_add_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+static NTSTATUS cmd_group_del_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+
+static NTSTATUS cmd_group_enum(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+
+static NTSTATUS cmd_get_sid_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
+{
+ return NT_STATUS_NOT_IMPLEMENTED;
+}
+
+struct cmd_set sam_general_commands[] = {
+
+ { "General SAM Commands" },
+
+ { "load", cmd_load_module, "Load a module", "load <module.so> [domain-sid]" },
+ { "context", cmd_context, "Load specified context", "context [DOMAIN|]backend1[:options] [DOMAIN|]backend2[:options]" },
+ { "get_sec_desc", cmd_get_sec_desc, "Get security descriptor info", "get_sec_desc <access-token> <sid>" },
+ { "set_sec_desc", cmd_set_sec_desc, "Set security descriptor info", "set_sec_desc <access-token> <sid>" },
+ { "lookup_sid", cmd_lookup_sid, "Lookup type of specified SID", "lookup_sid <sid>" },
+ { "lookup_name", cmd_lookup_name, "Lookup type of specified name", "lookup_name <sid>" },
+ { NULL }
+};
+
+struct cmd_set sam_domain_commands[] = {
+ { "Domain Commands" },
+ { "update_domain", cmd_update_domain, "Update domain information", "update_domain [domain-options] domain-name | domain-sid" },
+ { "show_domain", cmd_show_domain, "Show domain information", "show_domain domain-sid | domain-name" },
+ { "enum_domains", cmd_enum_domains, "Enumerate all domains", "enum_domains <token> <acct-ctrl>" },
+ { "lookup_domain", cmd_lookup_domain, "Lookup a domain by name", "lookup_domain domain-name" },
+ { NULL }
+};
+
+struct cmd_set sam_account_commands[] = {
+ { "Account Commands" },
+ { "create_account", cmd_create_account, "Create a new account with specified properties", "create_account [account-options]" },
+ { "update_account", cmd_update_account, "Update an existing account", "update_account [account-options] account-sid | account-name" },
+ { "delete_account", cmd_delete_account, "Delete an account", "delete_account account-sid | account-name" },
+ { "enum_accounts", cmd_enum_accounts, "Enumerate all accounts", "enum_accounts <token> <acct-ctrl>" },
+ { "lookup_account", cmd_lookup_account, "Lookup an account by either sid or name", "lookup_account account-sid | account-name" },
+ { "lookup_account_sid", cmd_lookup_account_sid, "Lookup an account by sid", "lookup_account_sid account-sid" },
+ { "lookup_account_name", cmd_lookup_account_name, "Lookup an account by name", "lookup_account_name account-name" },
+ { NULL }
+};
+
+struct cmd_set sam_group_commands[] = {
+ { "Group Commands" },
+ { "create_group", cmd_create_group, "Create a new group", "create_group [group-opts]" },
+ { "update_group", cmd_update_group, "Update an existing group", "update_group [group-opts] group-name | group-sid" },
+ { "delete_group", cmd_delete_group, "Delete an existing group", "delete_group group-name | group-sid" },
+ { "enum_groups", cmd_enum_groups, "Enumerate all groups", "enum_groups <token> <group-ctrl>" },
+ { "lookup_group", cmd_lookup_group, "Lookup a group by SID or name", "lookup_group group-sid | group-name" },
+ { "lookup_group_sid", cmd_lookup_group_sid, "Lookup a group by SID", "lookup_group_sid <sid>" },
+ { "lookup_group_name", cmd_lookup_group_name, "Lookup a group by name", "lookup_group_name <name>" },
+ { "group_add_member", cmd_group_add_member, "Add group member to group", "group_add_member <group-name | group-sid> <member-name | member-sid>" },
+ { "group_del_member", cmd_group_del_member, "Delete group member from group", "group_del_member <group-name | group-sid> <member-name | member-sid>" },
+ { "group_enum", cmd_group_enum, "Enumerate all members of specified group", "group_enum group-sid | group-name" },
+
+ { "get_sid_groups", cmd_get_sid_groups, "Get a list of groups specified sid is a member of", "group_enum <group-sid | group-name>" },
+ { NULL }
+};