summaryrefslogtreecommitdiff
path: root/source3/rpcclient/cmd_samr.c
AgeCommit message (Collapse)AuthorFilesLines
2001-01-11Start of a rewrite of rpcclient based on the libsmb rpc client routines.Tim Potter1-643/+47
Currently there are a small selection of lsa, samr and spoolss functions implemented. More to follow... (This used to be commit 9a953514f2a2cfd3c43105dd6203bc3e36aff1b1)
2000-06-23just enough to get rpcclient to compile. Look for #if 0Gerald Carter1-0/+6
blocks around a few unimplemented functions. Also had to add cli_reg.c to Makefile.in --jerry (This used to be commit 426c43fb5167b042682c22e67871e5ebadb4b769)
2000-05-09the beginnings of a new scheme I've working on to allow an easierAndrew Tridgell1-3/+3
head/tng merge. It goes something like this: - headers from tng get copied over one at a time - the old headers get renamed to *_old.h - server side code that used the old headers gets a #define OLD_NTDOMAIN 1 #undef OLD_NTDOMAIN at the start and end of the code - mkproto.awk recognises these special defines and does magic stuff so that each .c file sees the right headers - we start moving the rpc client libraries from tng to head. if this goes OK then, in theory, we should be able to move the client side rpc code from tng to head without disturbing the existing head server side code. Then when that works we can consider merging the server side. it remains to be seen if this scheme will work. So far I've moved rpc_samr.h and don't seem to have broken anything. Note this this is still a very delicate operation, as at every step of the way I want to keep head fully functional. Please don't take part unless you discuss it with me first. (This used to be commit f76c037255a6a79d11bec65e863e009a41a4f0fd)
2000-04-25moved trans2.h and nterr.h into includes.h with all our other includesAndrew Tridgell1-1/+0
(This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-2057/+308
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-12-12delineation between smb and msrpc more marked. smbd now constructsLuke Leighton1-2/+2
pdus, and then feeds them over either a "local" function call or a "remote" function call to an msrpc service. the "remote" msrpc daemon, on the other side of a unix socket, then calls the same "local" function that smbd would, if the msrpc service were being run from inside smbd. this allows a transition from local msrpc services (inside the same smbd process) to remote (over a unix socket). removed reference to pipes_struct in msrpc services. all msrpc processing functions take rpcsrv_struct which is a structure containing state info for the msrpc functions to decode and create pdus. created become_vuser() which does everything not related to connection_struct that become_user() does. removed, as best i could, connection_struct dependencies from the nt spoolss printing code. todo: remove dcinfo from rpcsrv_struct because this stores NETLOGON-specific info on a per-connection basis, and if the connection dies then so does the info, and that's a fairly serious problem. had to put pretty much everything that is in user_struct into parse_creds.c to feed unix user info over to the msrpc daemons. why? because it's expensive to do unix password/group database lookups, and it's definitely expensive to do nt user profile lookups, not to mention pretty difficult and if you did either of these it would introduce a complication / unnecessary interdependency. so, send uid/gid/num_groups/gid_t* + SID+num_rids+domain_group_rids* + unix username + nt username + nt domain + user session key etc. this is the MINIMUM info identified so far that's actually implemented. missing bits include the called and calling netbios names etc. (basically, anything that can be loaded into standard_sub() and standard_sub_basic()...) (This used to be commit aa3c659a8dba0437c17c60055a6ed30fdfecdb6d)
1999-12-08ABOUT TIME!!!!!!!!Luke Leighton1-1/+1
damn, this one is bad. started, at least two days ago, to add an authentication mechanism to the smbd<->msrpc redirector/relay, such that sufficient unix / nt information could be transferred across the unix socket to do a become_user() on the other side of the socket. it is necessary that the msrpc daemon inherit the same unix and nt credentials as the smbd process from which it was spawned, until such time as the msrpc daemon receives an authentication request of its own, whereupon the msrpc daemon is responsible for authenticating the new credentials and doing yet another become_user() etc sequence. (This used to be commit 30c7fdd6ef10ecd35594311c1b250b95ff895489)
1999-12-02improved enumdomains added -i option.Luke Leighton1-11/+17
(This used to be commit 50dc709fa95e86ebe2b3132176241cb3a2cc4e36)
1999-12-01make sure domain and name to generate trust account .mac file are upper case.Luke Leighton1-0/+3
(This used to be commit fbfb350bdf17e84b512b745527886d942904b67d)
1999-12-01damn, that took a while. nt login password was being stored incorrectlyLuke Leighton1-4/+4
in private .mac file (oops). ntlogin test now works. (This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)
1999-12-01fixing joining to domain plus something weird going down with nt logins...Luke Leighton1-4/+51
(This used to be commit cef258f1c931ecb7c2dda9d5c9977153e4c1dc73)
1999-12-01improving createuser account command to be able to add workstationsLuke Leighton1-2/+3
and then set a default random password. (This used to be commit 7846818432a93295651c8c67445a2d6a0f3b21d8)
1999-12-011) when no domain used in ntlogin test command, should use default oneLuke Leighton1-1/+1
from previous lsaquery command. over-ridden from DOMAIN\username 2) initialisation of cli_state is a little more specific: sets use_ntlmv2 to Auto. this can always be over-ridden. 3) fixed reusage of ntlmssp_cli_flgs which was being a pain 4) added pwd_compare() function then fixed bug in cli_use where NULL domain name was making connections multiply unfruitfully 5) type-casting of mallocs and Reallocs that cause ansi-c compilers to bitch (This used to be commit 301a6efaf67ddc96e6dcfd21b45a82863ff8f39a)
1999-12-01split display.c into modules.Luke Leighton1-2/+2
(This used to be commit 5b5719d6a08130db1062bfa24123cedcdc692bff)
1999-11-27further abstraction involving client states. main client-side codeLuke Leighton1-18/+13
is pretty much independent of SMB client states, which will make it easier to add other transports. (This used to be commit a1ff7e8fc3129ba4a04722f977bc2d3725d13624)
1999-11-27enhanced samuser command to do same thing as enumusers command (-g -u -a)Luke Leighton1-6/+43
except with only one user. done by sharing same code. (This used to be commit 4e029d50fcb9148f2d65c6be2703b1003e68cec7)
1999-11-26whoa. _major_ restructure of rpcclient. fixed some buuugs, created a few.Luke Leighton1-248/+127
found out that getopt() _must_ have optind set to 0 before reuse. still haven't decided what to do with the net* api yet... (This used to be commit 29c480085e786905bfd92ea3cd93658f94e96e47)
1999-11-25cool! completed a samr* API that _would_ look like an msdn samr* api...Luke Leighton1-242/+129
if microsoft bothered to publish it. actually, there are good reasons for not publishing it: people might write programs for it, and then those programs wouldn't work on nt5, for example... (This used to be commit 8ce93b80d3b4e1c1e28aa1dde38cdef184eff3c1)
1999-11-24ok. *whew*. this is the first completed part of the restructure.Luke Leighton1-2/+3
verified that lsaquery, lsalookupsids work, and found some bugs in the parameters of these commands :-) soo... we now have an lsa_* api that has the same arguments as the nt Lsa* api! cool! the only significant coding difference is the introduction of a user_credentials structure, containing user, domain, pass and ntlmssp flags. (This used to be commit 57bff6fe82d777e599d535f076efb2328ba1188b)
1999-11-24first stages of removing struct cli_state* and uint16 fnum from allLuke Leighton1-11/+3
msrpc client code. the intent is to hide / abstract / associate connection info behind policy handles. this makes the msrpc functions look more and more like their nt equivalents. who-hou! (This used to be commit c01b18e632aede6fce7264ef6971d7ddba945cfb)
1999-11-23oops, freed argc,argv arguments twice.Luke Leighton1-2/+0
(This used to be commit 447143be81acbbcc148211183a512d4cab347ac7)
1999-11-23adding svcctl 0x1b functionLuke Leighton1-0/+78
(This used to be commit d5869df3716fec21d3a4237dbf5d2417d3350e11)
1999-11-22okay :) all cmd_() functions now take int argc, char **argv :) thatLuke Leighton1-185/+230
means that some commands need more work, as they still use next_token(), the use of which i wish to avoid. plus, i was getting fed up of the poor command-line processing in some of these commands. i'm starting to need getopt() in them, especially in samsetuser. WARNING: only cmd_samr has been modded to use getopt() so far! reg commands won't work, esp. (This used to be commit 9a1efa03c8bb86c9b7e73f102a9d48fb6a57a523)
1999-11-21you know what? this sort of thing makes me laugh. hmm, what functionsLuke Leighton1-0/+3
have we got. and what data do we have. hmm.. i wonder what the NTLMv2 user session key can be... hmmm... weell.... there's some hidden data here, generated from the user password that doesn't go over-the-wire, so that's _got_ to be involved. and... that bit of data took a lot of computation to produce, so it's probably _also_ involved... and md4 no, md5? no, how about hmac_md5 yes let's try that one (the other's didn't work) oh goodie, it worked! i love it when this sort of thing happens. took all of fifteen minutes to guess it. tried concatenating client and server challenges. tried concatenating _random_ bits of client and server challenges. tried md5 of the above. tried hmac_md5 of the above. eventually, it boils down to this: kr = MD4(NT#,username,domainname) hmacntchal=hmac_md5(kr, nt server challenge) sess_key = hmac_md5(kr, hmacntchal); (This used to be commit ab174759cd210fe1be888d0c589a5b2669f7ff1e)
1999-11-21moving create user function into msrpc_samr.cLuke Leighton1-51/+6
(This used to be commit e885027eb705ab13c2800b8995661accad841643)
1999-11-20doing a code reshuffle. want to add code to establish trust relationships.Luke Leighton1-934/+0
(This used to be commit 3ec269b402ba6898d905ea1029c427e1b645faf4)
1999-11-18responses to UDP samquery go back to SERVER<00> not DOMAIN<1c>, theLuke Leighton1-2/+10
request name. modified createuser rpcclient command to examine name being added. if it ends in a $, assume that a workstation trust account is being added. (This used to be commit 4aea261cb0e5f34255ff83271eb5cadb0eb78bc9)
1999-11-18added samuserset2 rpcclient command to test ACB_XXX bit-setting onLuke Leighton1-0/+156
samr opcode 0x25. _yet_ another failed attempt to get nt5rc2 to join a samba domain. what _is_ it with this stuff, dammit? (This used to be commit c3913f8ae272c496fc4519141accf01ee9f1e49e)
1999-11-15added rpcclient "enumdomains" command. enumerates names of domainsLuke Leighton1-0/+137
for which a PDC is responsible. typical answers are: <Name of Domain> plus <Builtin>. against a hierarchical, down-level-compatible NT5 PDC, there's likely to be more than these two entries!!!!! (This used to be commit 3146aa6b6049a0d996e9abbe7dbee8526550e7e0)
1999-11-09riccardo sibilia spotted line 1884 has uint32 group_rid[0] not group_rid[1]Luke Leighton1-1/+1
oops! (This used to be commit ea1d5af105cc0df8d6523d0a734827ee47e1f58c)
1999-11-08const feeding frenzyLuke Leighton1-165/+169
(This used to be commit e0eb390ab3e2a0cce191e78ea4ff90d088a8895c)
1999-11-06added rpcclient spoolenum command. enumerates printers.Luke Leighton1-2/+2
spoolss_r_io_enumprinters doesn't decode strings correctly as printer_info_1/2 code has only been written to write structures, not read them. (This used to be commit 135eaa977385cdd5f572a51f654f14d893347d7b)
1999-11-04samuserset <username> -p password. YESSSSS :)Luke Leighton1-6/+54
you have to use "ntlmv1" at the moment (i.e set client ntlmv2 = no). (This used to be commit f52504c553becc64b89d546a57b1bd9cf1bc5b5c)
1999-11-04adding experimental set user password command to rpcclient, it returnsLuke Leighton1-2/+170
error wrong password against nt. ???? (This used to be commit b3f16e6b5aa5ba1b6afa38ad698646c8e765ec90)
1999-11-02added samalias <aliasname> rpcclient command (shows info on alias)Luke Leighton1-4/+193
added samaliasmem <aliasname> rpcclient command (shows members in alias) added tab command-completion to SAM alias related commands (inc 2 above). (This used to be commit 0c700fb609adf80cb3191f2976c6d56088d81232)
1999-11-02dynamic mem allocation in enum dom groups and enum dom aliasesLuke Leighton1-5/+0
(This used to be commit baa789fabc45e62889755802fd8ec8c9191fe767)
1999-11-01rewrote rpcclient enumaliases command.Luke Leighton1-128/+277
(This used to be commit 492fdaaf2009e7d7e840323357a333fdf9c4d2e1)
1999-10-30general, drastic improvements to rpcclient.Luke Leighton1-738/+954
added samgroup <groupname> command added samgroupmem <groupname> command added proper registry key completion added sam command user-completion (e.g samuser [tab]) added sam command group-completion (e.g samgroup [tab]) (This used to be commit bc5d021916a2f070c62011870a80b3b2707aff3b)
1999-10-29rewrite rpcclient sam enum user code to use higher order functions.Luke Leighton1-68/+123
(This used to be commit b794ff213009fbcf6a4767e3361501291cdc065d)
1999-10-29using #defines for function prototypesLuke Leighton1-24/+24
(This used to be commit 4a44cccf4401e0ce01303459011ac64805c53561)
1999-10-29more reshuffling of enum groups code. more higher order functions.Luke Leighton1-31/+57
(This used to be commit 497d4231723576390b10f5ea8704bd0af88d76ab)
1999-10-29using higher-order-function in enum groups as a test. makes it reallyLuke Leighton1-13/+27
useful for doing things _other_ than just "print me". (This used to be commit 229313de7dc734a6c77e9000e654b0c289053fa6)
1999-10-28restructuring sam enum dom groups code to do multiple calls toLuke Leighton1-18/+25
sam_enum_dom_groups. enum dom aliases is still left to do (dom users already done). (This used to be commit 8d181924cedb7a2d34a0b40cee600494665fe923)
1999-10-28restructuring samr client code.Luke Leighton1-111/+144
(This used to be commit a78607b5dbf0fca6a22ab41195f465474578ee39)
1999-10-28removed samr_* variables from info struct.Luke Leighton1-182/+203
(This used to be commit 4d5b860802528a9d74c2722dc996d6d8fd0b51ef)
1999-10-28rewrote samr enum groups code a bit.Luke Leighton1-28/+41
(This used to be commit 3f99ab77203da2eb80b7cedbda88cb03640d427b)
1999-10-26created samr_query_groupmem() function from existing code.Luke Leighton1-24/+73
(This used to be commit d2d5a853f8f34a0c3d5920540beb971a33f5276e)
1999-10-26adding extra parameter back in to trust account functions (trust account name).Luke Leighton1-25/+23
restoring opening S-1-5-20 in sam enum users code. (This used to be commit 1be877114e2e958c59e6516dacf22d3fb5a4240f)
1999-10-25signed / unsigned and typecast issuesLuke Leighton1-11/+11
(This used to be commit 6e22bf912cb981d91834c63098d41f5f8abaa594)
1999-10-25one of those wonderful moments when running against a different MSRPCLuke Leighton1-9/+18
implementation (NT5) when you discover that your code is trash. samr_enum_dom_users(), samr_enum_dom_aliases() and samr_enum_dom_groups() all take a HANDLE for multiple-call enumeration purposes. (This used to be commit 19490d8b4fb8a103f3df4e6104f6f22937b0c518)