summaryrefslogtreecommitdiff
path: root/source3/rpcclient/cmd_lsarpc.c
AgeCommit message (Collapse)AuthorFilesLines
2003-03-17Applied waider's patch to return DOS error codes for pipes thatTim Potter1-14/+14
support it. (This used to be commit ac3df9a8051bd105e8e4192d36b3024fdf9f9506)
2003-02-25Fixed up some const related compiler warnings.Tim Potter1-12/+12
(This used to be commit 923425e497112c5d1e2e569da6c13dcd02b6a8af)
2003-02-18cmd_lsa_lookup_sids: Check return code from string_to_sid; skip SIDsMartin Pool1-2/+5
which are not valid. (This used to be commit bfb6104521bd75da71a09a6c56bd44560416116e)
2003-02-10added the 'lsaenumacctwithright' command to rpcclient. This allows youAndrew Tridgell1-2/+47
to lookup what SIDs have a particular privilege (that is how privileges are stored). (This used to be commit 3ddb5fb0dd33992b7db54a661752551a3fefc0b4)
2003-01-28added LsaRemoveAccountRightsAndrew Tridgell1-1/+40
this now gives us complete remove privileges control in the client libs, so we are in good shape for starting on the server side. (This used to be commit bf99440398db86f46233eb2f5adddffb61280a1b)
2003-01-28cleaned up the lsa_enum_acct_rights function and added aAndrew Tridgell1-0/+39
lsa_add_acct_rights function. This allows us to add privileges remotely to accounts using rpcclient. (This used to be commit 2e5e659e095a94b0716d97f673f993f0af99aabe)
2003-01-16allow a couple of LSA functions to take a username instead of a SID,Andrew Tridgell1-3/+44
They still accept a SID, it just can be tedious to have to type SIDs instead of names all the time. (This used to be commit 665cc9b1aceb454074e9de9c6e8636b39be29493)
2003-01-15* removed unused variable from rpcclient codeGerald Carter1-3/+2
* added container option to net command (patch from SuSE) * Makefile patch for examples/VFS from SuSE (This used to be commit 4a6d8280ea27ca7a6998219aacc4b15b1227a659)
2003-01-15added cli_lsa_enum_account_rights() call. Note that this is inAndrew Tridgell1-0/+48
principal similar to the existing cli_lsa_enum_privsaccount() call, except that cli_lsa_enum_account_rights() doesn't require a call to open_account first. There is also the minor matter that cli_lsa_enum_account_rights() works whereas cli_lsa_enum_privsaccount() doesn't! this call can be used to find what privileges an account or group has. This is a first step towards proper privileges support in Samba. (This used to be commit 65bac11d716f873dcdbda528313c33634c26a072)
2002-10-04merge of working dsrolegetprimdominfo() client code from APP_HEADGerald Carter1-8/+0
(This used to be commit f70caa25e4ee198151b915cf2bc0a26b2d0e243d)
2002-10-04merge of new client side support the Win2k LSARPC UUID in rpcbindGerald Carter1-10/+19
from APP_HEAD (This used to be commit 38c9e4299845fd77cc8629945ce2d259489f7437)
2002-08-19make rpcclient use print_guid()Andrew Tridgell1-9/+2
(This used to be commit f2c48cadb22256564f2ddaa5169812c7c4383ec5)
2002-08-12Add lsaqueryinfo2, but keep under "lsaquery" command. It will autoselectJim McDonough1-9/+40
which lsaqueryinfo to do based in infoclass. Currently 12 is the only one that causes a queryinfo2. (This used to be commit f4ec2d52a7b093da701d68906cce6de197f182be)
2002-08-05This fixes a number of ADS problems, particularly with netbioslessAndrew Tridgell1-13/+5
setups. - split up the ads structure into logical pieces. This makes it much easier to keep things like the authentication realm and the server realm separate (they can be different). - allow ads callers to specify that no sasl bind should be performed (used by "net ads info" for example) - fix an error with handing ADS_ERROR_SYSTEM() when errno is 0 - completely rewrote the code for finding the LDAP server. Now try DNS methods first, and try all DNS servers returned from the SRV DNS query, sorted by closeness to our interfaces (using the same sort code as we use in replies from WINS servers). This allows us to cope with ADS DCs that are down, and ensures we don't pick one that is on the other side of the country unless absolutely necessary. - recognise dnsRecords as binary when displaying them - cope with the realm not being configured in smb.conf (work it out from the LDAP server) - look at the trustDirection when looking up trusted domains and don't include trusts that trust our domains but we don't trust theirs. - use LDAP to query the alternate (netbios) name for a realm, and make sure that both and long and short forms of the name are accepted by winbindd. Use the short form by default for listing users/groups. - rescan the list of trusted domains every 5 minutes in case new trust relationships are added while winbindd is running - include transient trust relationships (ie. C trusts B, B trusts A, so C trusts A) in winbindd. - don't do a gratuituous node status lookup when finding an ADS DC (we don't need it and it could fail) - remove unused sid_to_distinguished_name function - make sure we find the allternate name of our primary domain when operating with a netbiosless ADS DC (using LDAP to do the lookup) - fixed the rpc trusted domain enumeration to support up to approx 2000 trusted domains (the old limit was 3) - use the IP for the remote_machine (%m) macro when the client doesn't supply us with a name via a netbios session request (eg. port 445) - if the client uses SPNEGO then use the machine name from the SPNEGO auth packet for remote_machine (%m) macro - add new 'net ads workgroup' command to find the netbios workgroup name for a realm (This used to be commit e358d7b24c86a46d8c361b9e32a25d4f71a6dc00)
2002-07-07Updates to the 'name -> sid' code:Andrew Bartlett1-3/+2
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a function to make the SID types appear as text strings in logs/rpcclient. Also, remove a silly case that would cause 'failure' to be 'success'. (Might look at this a bit more in future). Andrew Bartlett (This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
2002-05-17A few more trusted domains updates from mimir.Andrew Bartlett1-14/+29
I think we may still need to look at our server enumeration code, but other than that, its much better in the tree than out. Andrew Bartlett (This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8)
2002-04-14The cli_lsa_lookup_{names,sids} functions were returning uselessTim Potter1-10/+16
information when one or more of the names/sids being queried were not resolvable. We now return a list the same length as the parameters passed instead of an array of just the resolvable names/sids. (This used to be commit 245468dbabb7c849ce423cc3cb586fa913d0adfe)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26Back out some of the less well thought out ideas from last weeks work onAndrew Bartlett1-10/+1
winbind default domains, particulary now I understand whats going on a lot better. This ensures that the RPC client code does as little 'magic' as possible - this is up to the application/user. (Where - for to name->sid code - it was all along). This leaves the change that allows the sid->name code to return domains and usernames in seperate paramaters. Andrew Bartlett (This used to be commit 5dfba2cf536f761b0aee314ed9e30dc53900b691)
2002-01-26Make a talloc'ed copy of this strings so we can pass the right kind of pointerAndrew Bartlett1-1/+5
to the function. This fixes a nice little segfault the brute-force-casting created. :-) Andrew Bartlett (This used to be commit c84fa7f5fd62940e397d3353fb688f283349393e)
2002-01-20This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett1-4/+9
smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett (This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
2001-12-11Grr - people who put const everywhere should fix up all the warnings theyTim Potter1-1/+2
generate. (This used to be commit d1ebd259c8c06d467eb5ee305b21e9046f16e05b)
2001-12-11Doing some research into ACLs on the LSA and SAM policy objects.Tim Potter1-0/+37
- added lsaquerysecobj to rpcclient - renamed querysecobj to samquerysecobj - removed duplicated display_sec_acl() code from cmd_spoolss.c and cmd_samr.c and moved it into display_sec.c (This used to be commit 59b2e3f408a5ff22f2d81a927d010a7df5f19f7f)
2001-11-24added "net join" commandAndrew Tridgell1-2/+0
this completes the first stage of the smbd ADS support (This used to be commit 058a5aee901e6609969ef7e1d482a720a84a4a12)
2001-11-24added lsaenumprivsaccount and lsalookupprivvalue to rpcclientJean-François Micouleau1-7/+97
and more to come ... J.F. (This used to be commit 1748d5a2af1f2dcf718d6f162ed483b001542494)
2001-11-22added lsa_enum_sids to rpcclientJean-François Micouleau1-3/+64
fixed lsa_enum_rpivs server code. This time it works as W2K. fixed smbgroupedit to compile and work. J.F. (This used to be commit 646651018a2736833e49e76f6ca735a4647d9746)
2001-11-22add another command to rpcclient: getdispname. Show the full descriptionJean-François Micouleau1-0/+38
of a privilege. J.F. (This used to be commit 84035ae72f422edadd9fa7e493c3d8176bb6a53d)
2001-11-22add a command to rpcclient: enumprivsJean-François Micouleau1-0/+48
J.F. (This used to be commit fa63cb78e326040f68d858d593ba98e06c26c92e)
2001-10-12Some old stuff hanging around since the CIFS conference. Big cleanup ofTim Potter1-143/+39
rpcclient code. Refactored cmd_* functions to move common mem_ctx and pipe opening stuff up one level. Moved rpcclient.h into rpcclient directory and out of includes/smb.h (This used to be commit a40facba9651f9fb1dcc9e143f92ca298a324312)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-17move to SAFE_FREE()Simo Sorce1-4/+4
(This used to be commit 5ceecc7bef71b455ba7c4efd9928e2433dccc961)
2001-09-04the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but ↵Andrew Tridgell1-37/+41
the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66)
2001-08-27converted another bunch of stuff to NTSTATUSAndrew Tridgell1-8/+8
(This used to be commit 1d36250e338ae0ff9fbbf86019809205dd97d05e)
2001-08-10- avoid possible mem leaks in rpcclient/cmd_*.c (talloc_destroy not performed)Simo Sorce1-0/+4
- ported two rpc back from TNG (WINREG: shutdown and abort shutdown) - some optimizations and changed some DEBUG statement in loadparm.c - changed rpcclient a bit moved from non reentrant next_token_nr to next_token - in cmd_reg.c not sure if getopt will work ok on all platforms only setting optind=0 (This used to be commit fd54412ce9c3504a547e232602d6129e08dd9d4d)
2001-07-20Started adding some help/usage info for rpcclient commands.Tim Potter1-6/+9
(This used to be commit 37052a1bcc5cd049918c3d5ac4c41c3a669290af)
2001-05-11Memory leak fixes plus general cleanup.Tim Potter1-35/+20
(This used to be commit 48688c4592d03d6404631a7d57701f0af38cfb2d)
2001-04-28rpcclient merge from 2.2 (including Jeremy's non-void return fix)Gerald Carter1-14/+52
(This used to be commit 0a6ceed279cc8111008b21f75c6791efbd993f4b)
2001-03-23More unused variables.Jeremy Allison1-1/+3
Jeremy. (This used to be commit 38b19fad2851a65268b31c7e0240ed36a8407be4)
2001-03-15more updates. several spoolss commands added as placeholdersGerald Carter1-0/+1
to be filled in one at a time. (This used to be commit 6aaac3766324302b995b5a55876bf2ab74af1ff8)
2001-03-14set of changes in the beginning of bringing rpcclient changesGerald Carter1-62/+42
back to working order. The main change is that the cli_*() RPC functions from libsmb/*.c now should accept a struct cli_state*. The reason for this is that rpcclient should establish the connection to the server at startup so that it is not necessary to keep the clear test or password hash in memory for each command. enumports and enumprinters now works as well. lsa* functions have been tested. SAMR calls may or may not work (one of the core dumps I know), but it compiles :-) jerry (This used to be commit d98ac8852ae6b39b6fcff92c346ba56d9e63c518)
2001-01-15rpcclient functions for remaining samr and lsa functions. All functionsTim Potter1-1/+1
now pass through insure except for some of the dodgy spoolss prs weirdness. (This used to be commit 76f08426a08881793b0ef32ccc4e13c54f26417f)
2001-01-12Memory leak fixes spotted by insure.Tim Potter1-0/+8
(This used to be commit 8072ee62b082df5d06459667615bb3b78461ec0a)
2001-01-11Start of a rewrite of rpcclient based on the libsmb rpc client routines.Tim Potter1-154/+223
Currently there are a small selection of lsa, samr and spoolss functions implemented. More to follow... (This used to be commit 9a953514f2a2cfd3c43105dd6203bc3e36aff1b1)
2000-12-08Port of lsa_lookup_sids() and lsa_lookup_names() rpc client functions fromTim Potter1-145/+176
TNG branch. Re-instated lsa_lookup_sids and lsa_lookup_names functions in rpcclient. This requires most samba binaries to link in another handful of object files due to uncessary coupling between modules. )-: (This used to be commit 817819d0cc3ecf642be5a1656be3b71bed260ee4)
2000-04-25moved trans2.h and nterr.h into includes.h with all our other includesAndrew Tridgell1-1/+0
(This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-216/+57
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-11-27remove use of client_info lsa_info_pol.Luke Leighton1-13/+17
(This used to be commit 2dad9d912dbc6c4a14af63715821a51c279584c6)
1999-11-24ok. *whew*. this is the first completed part of the restructure.Luke Leighton1-4/+4
verified that lsaquery, lsalookupsids work, and found some bugs in the parameters of these commands :-) soo... we now have an lsa_* api that has the same arguments as the nt Lsa* api! cool! the only significant coding difference is the introduction of a user_credentials structure, containing user, domain, pass and ntlmssp flags. (This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-57/+19
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-23shuffling msrpc code around so that it can be used independently of rpcclientLuke Leighton1-39/+2
(This used to be commit e88e7d529b5bdf32ac3bc71fa8e18f6f2a98c695)