From de573ca8916bbe5d67bc1f38cf23c98f43ad0aaa Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 1 Nov 1999 21:09:24 +0000 Subject: rewrote rpcclient enumaliases command. (This used to be commit 492fdaaf2009e7d7e840323357a333fdf9c4d2e1) --- source3/include/ntdomain.h | 4 + source3/include/proto.h | 36 +++- source3/lib/util.c | 35 ++++ source3/lib/util_sid.c | 2 +- source3/rpc_client/cli_samr.c | 107 +++++++---- source3/rpcclient/cmd_samr.c | 405 +++++++++++++++++++++++++++++------------- source3/rpcclient/display.c | 71 +++++++- 7 files changed, 488 insertions(+), 172 deletions(-) diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 3f2461af95..120426d182 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -150,6 +150,10 @@ struct acct_info * higher order functions for use with msrpc client code */ +#define ALIAS_FN(fn) void (*fn)(char*, DOM_SID*, uint32, char*) +#define ALIAS_INFO_FN(fn) void (*fn)(char*, DOM_SID*, uint32, ALIAS_INFO_CTR *) +#define ALIAS_MEM_FN(fn) void(*fn)(char*, DOM_SID*, uint32, char*, uint32, DOM_SID**, char**, uint8*) + #define GROUP_FN(fn) void (*fn)(char*, DOM_SID*, uint32, char*) #define GROUP_INFO_FN(fn) void (*fn)(char*, DOM_SID*, uint32, GROUP_INFO_CTR *) #define GROUP_MEM_FN(fn) void(*fn)(char*, DOM_SID*, uint32, char*, uint32, uint32*, char**, uint32*) diff --git a/source3/include/proto.h b/source3/include/proto.h index ed314fa88e..c570b9a4af 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -482,6 +482,8 @@ BOOL reg_split_key(const char *full_keyname, uint32 *reg_type, char *key_name); BOOL become_user_permanently(uid_t uid, gid_t gid); void free_char_array(uint32 num_entries, char **entries); BOOL add_chars_to_array(uint32 *len, char ***array, const char *name); +BOOL add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid); +void free_sid_array(uint32 num_entries, DOM_SID **entries); /*The following definitions come from lib/util_file.c */ @@ -532,7 +534,7 @@ void sid_copy(DOM_SID *sid1, const DOM_SID *sid2); BOOL sid_front_equal(const DOM_SID *sid1, const DOM_SID *sid2); BOOL sid_equal(const DOM_SID *sid1, const DOM_SID *sid2); int sid_size(const DOM_SID *sid); -DOM_SID *sid_dup(DOM_SID *src); +DOM_SID *sid_dup(const DOM_SID *src); /*The following definitions come from lib/util_sock.c */ @@ -1896,6 +1898,10 @@ BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum, POLICY_HND *pol_open_domain, uint32 info_level, uint32 group_rid, GROUP_INFO_CTR *ctr); +BOOL get_samr_query_aliasinfo(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_open_domain, + uint32 info_level, + uint32 alias_rid, ALIAS_INFO_CTR *ctr); BOOL samr_chgpasswd_user(struct cli_state *cli, uint16 fnum, char *srv_name, char *user_name, char nt_newpass[516], uchar nt_oldhash[16], @@ -1909,9 +1915,9 @@ uint32 samr_enum_dom_groups(struct cli_state *cli, uint16 fnum, uint32 *start_idx, uint32 size, struct acct_info **sam, uint32 *num_sam_groups); -BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, +uint32 samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, POLICY_HND *pol, - uint32 start_idx, uint32 size, + uint32 *start_idx, uint32 size, struct acct_info **sam, uint32 *num_sam_aliases); uint32 samr_enum_dom_users(struct cli_state *cli, uint16 fnum, @@ -1942,8 +1948,9 @@ BOOL samr_create_dom_user(struct cli_state *cli, uint16 fnum, BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum, POLICY_HND *domain_pol, const char *acct_name, POLICY_HND *alias_pol, uint32 *rid); -BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum, - POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr); +BOOL samr_query_aliasinfo(struct cli_state *cli, uint16 fnum, + POLICY_HND *alias_pol, uint16 switch_value, + ALIAS_INFO_CTR *ctr); BOOL samr_set_aliasinfo(struct cli_state *cli, uint16 fnum, POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr); BOOL samr_open_group(struct cli_state *cli, uint16 fnum, @@ -3268,6 +3275,13 @@ int msrpc_sam_enum_users(struct client_info *info, USER_MEM_FN(usr_als_fn)); BOOL sam_query_dominfo(struct client_info *info, DOM_SID *sid1, uint32 switch_value, SAM_UNK_CTR *ctr); +BOOL sam_query_aliasmem(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_dom, + uint32 alias_rid, + uint32 *num_names, + DOM_SID ***sids, + char ***name, + uint8 **type); BOOL sam_query_groupmem(struct cli_state *cli, uint16 fnum, POLICY_HND *pol_dom, uint32 group_rid, @@ -3281,6 +3295,12 @@ uint32 msrpc_sam_enum_groups(struct client_info *info, GROUP_FN(grp_fn), GROUP_INFO_FN(grp_inf_fn), GROUP_MEM_FN(grp_mem_fn)); +uint32 msrpc_sam_enum_aliases(struct client_info *info, + struct acct_info **sam, + uint32 *num_sam_entries, + ALIAS_FN(als_fn), + ALIAS_INFO_FN(als_inf_fn), + ALIAS_MEM_FN(als_mem_fn)); void cmd_sam_ntchange_pwd(struct client_info *info); void cmd_sam_test(struct client_info *info); void cmd_sam_lookup_domain(struct client_info *info); @@ -3400,7 +3420,8 @@ void display_share2(FILE *out_hnd, enum action_type action, void display_name(FILE *out_hnd, enum action_type action, char *sname); void display_alias_members(FILE *out_hnd, enum action_type action, - uint32 num_mem, char **sid_mem); + uint32 num_mem, char **sid_mem, + uint8 *type); void display_alias_rid_info(FILE *out_hnd, enum action_type action, DOM_SID *sid, uint32 num_rids, uint32 *rid); @@ -3414,6 +3435,9 @@ void display_group_rid_info(FILE *out_hnd, enum action_type action, uint32 num_gids, DOM_GID *gid); void display_alias_name_info(FILE *out_hnd, enum action_type action, uint32 num_aliases, fstring *alias_name, uint32 *num_als_usrs); +void display_alias_info3(FILE *out_hnd, enum action_type action, ALIAS_INFO3 *info3); +void display_alias_info_ctr(FILE *out_hnd, enum action_type action, + ALIAS_INFO_CTR *ctr); void display_sam_user_info_21(FILE *out_hnd, enum action_type action, SAM_USER_INFO_21 *usr); char *get_sec_mask_str(uint32 type); void display_sec_access(FILE *out_hnd, enum action_type action, SEC_ACCESS *info); diff --git a/source3/lib/util.c b/source3/lib/util.c index 9e13e819be..9e01f0f095 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3261,3 +3261,38 @@ BOOL add_chars_to_array(uint32 *len, char ***array, const char *name) } return True; } + +BOOL add_sid_to_array(uint32 *len, DOM_SID ***array, const DOM_SID *sid) +{ + if (len == NULL || array == NULL) + { + return False; + } + + (*array) = (char**)Realloc((*array), ((*len)+1) * sizeof((*array)[0])); + + if ((*array) != NULL) + { + (*array)[(*len)] = sid_dup(sid); + (*len)++; + return True; + } + return True; +} + +void free_sid_array(uint32 num_entries, DOM_SID **entries) +{ + uint32 i; + if (entries != NULL) + { + for (i = 0; i < num_entries; i++) + { + if (entries[i] != NULL) + { + free(entries[i]); + } + } + free(entries); + } +} + diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 3be81ce811..295fd0efac 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -231,7 +231,7 @@ int sid_size(const DOM_SID *sid) Duplicates a sid - mallocs the target. *****************************************************************/ -DOM_SID *sid_dup(DOM_SID *src) +DOM_SID *sid_dup(const DOM_SID *src) { DOM_SID *dst; diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index 16925b0806..7c1860dee1 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -376,6 +376,42 @@ BOOL get_samr_query_groupinfo(struct cli_state *cli, uint16 fnum, return samr_close(cli, fnum,&pol_open_group) && ret; } +/**************************************************************************** +do a SAMR query alias info +****************************************************************************/ +BOOL get_samr_query_aliasinfo(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_open_domain, + uint32 info_level, + uint32 alias_rid, ALIAS_INFO_CTR *ctr) +{ + POLICY_HND pol_open_alias; + BOOL ret = True; + + if (pol_open_domain == NULL || ctr == NULL) return False; + + bzero(ctr, sizeof(*ctr)); + + /* send open domain (on alias sid) */ + if (!samr_open_alias(cli, fnum, + pol_open_domain, + 0x02000000, alias_rid, &pol_open_alias)) + { + return False; + } + + /* send alias info query */ + if (!samr_query_aliasinfo(cli, fnum, + &pol_open_alias, + info_level, ctr)) + { + DEBUG(5,("samr_query_aliasinfo: error in query alias info, level 0x%x\n", + info_level)); + ret = False; + } + + return samr_close(cli, fnum,&pol_open_alias) && ret; +} + /**************************************************************************** do a SAMR change user password command ****************************************************************************/ @@ -640,21 +676,24 @@ uint32 samr_enum_dom_groups(struct cli_state *cli, uint16 fnum, /**************************************************************************** do a SAMR enumerate aliases ****************************************************************************/ -BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, +uint32 samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, POLICY_HND *pol, - uint32 start_idx, uint32 size, + uint32 *start_idx, uint32 size, struct acct_info **sam, uint32 *num_sam_aliases) { + uint32 status = 0x0; prs_struct data; prs_struct rdata; SAMR_Q_ENUM_DOM_ALIASES q_e; - BOOL valid_pol = False; DEBUG(4,("SAMR Enum SAM DB max size:%x\n", size)); - if (pol == NULL || num_sam_aliases == NULL) return False; + if (pol == NULL || num_sam_aliases == NULL) + { + return NT_STATUS_INVALID_PARAMETER | 0xC0000000; + } /* create and send a MSRPC command with api SAMR_ENUM_DOM_ALIASES */ @@ -662,7 +701,7 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, prs_init(&rdata, 0 , 4, SAFETY_MARGIN, True ); /* store the parameters */ - make_samr_q_enum_dom_aliases(&q_e, pol, start_idx, size); + make_samr_q_enum_dom_aliases(&q_e, pol, *start_idx, size); /* turn parameters into data stream */ samr_io_q_enum_dom_aliases("", &q_e, &data, 0); @@ -680,35 +719,31 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, { /* report error code */ DEBUG(4,("SAMR_R_ENUM_DOM_ALIASES: %s\n", get_nt_error_msg(r_e.status))); - p = False; + p = (r_e.status == STATUS_MORE_ENTRIES); } if (p) { - uint32 i; - int name_idx = 0; - - *num_sam_aliases = r_e.num_entries2; - if (*num_sam_aliases > MAX_SAM_ENTRIES) - { - *num_sam_aliases = MAX_SAM_ENTRIES; - DEBUG(2,("samr_enum_dom_aliases: sam user entries limited to %d\n", - *num_sam_aliases)); - } + uint32 i = (*num_sam_aliases); + uint32 j = 0; + uint32 name_idx = 0; - *sam = (struct acct_info*) malloc(sizeof(struct acct_info) * (*num_sam_aliases)); + (*num_sam_aliases) += r_e.num_entries2; + (*sam) = (struct acct_info*) Realloc((*sam), + sizeof(struct acct_info) * (*num_sam_aliases)); if ((*sam) == NULL) { - *num_sam_aliases = 0; + (*num_sam_aliases) = 0; + i = 0; } - for (i = 0; i < *num_sam_aliases; i++) + for (j = 0; i < (*num_sam_aliases) && j < r_e.num_entries2; j++, i++) { - (*sam)[i].rid = r_e.sam[i].rid; + (*sam)[i].rid = r_e.sam[j].rid; (*sam)[i].acct_name[0] = 0; (*sam)[i].acct_desc[0] = 0; - if (r_e.sam[i].hdr_name.buffer) + if (r_e.sam[j].hdr_name.buffer) { unistr2_to_ascii((*sam)[i].acct_name, &r_e.uni_grp_name[name_idx], sizeof((*sam)[i].acct_name)-1); name_idx++; @@ -716,14 +751,14 @@ BOOL samr_enum_dom_aliases(struct cli_state *cli, uint16 fnum, DEBUG(5,("samr_enum_dom_aliases: idx: %4d rid: %8x acct: %s\n", i, (*sam)[i].rid, (*sam)[i].acct_name)); } - valid_pol = True; + (*start_idx) = r_e.next_idx; } } prs_mem_free(&data ); prs_mem_free(&rdata ); - return valid_pol; + return status; } /**************************************************************************** @@ -1290,17 +1325,17 @@ BOOL samr_create_dom_alias(struct cli_state *cli, uint16 fnum, return valid_pol; } -#if 0 /**************************************************************************** do a SAMR Get Alias Info ****************************************************************************/ -BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum, - POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr) +BOOL samr_query_aliasinfo(struct cli_state *cli, uint16 fnum, + POLICY_HND *alias_pol, uint16 switch_value, + ALIAS_INFO_CTR *ctr) { prs_struct data; prs_struct rdata; - SAMR_Q_GET_ALIASINFO q_o; + SAMR_Q_QUERY_ALIASINFO q_o; BOOL valid_pol = False; if (alias_pol == NULL || ctr == NULL) return False; @@ -1313,24 +1348,27 @@ BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum, DEBUG(4,("SAMR Get Alias Info\n")); /* store the parameters */ - make_samr_q_get_aliasinfo(&q_o, alias_pol, ctr); + make_samr_q_query_aliasinfo(&q_o, alias_pol, switch_value); /* turn parameters into data stream */ - samr_io_q_get_aliasinfo("", &q_o, &data, 0); + samr_io_q_query_aliasinfo("", &q_o, &data, 0); /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, fnum, SAMR_GET_ALIASINFO, &data, &rdata)) + if (rpc_api_pipe_req(cli, fnum, SAMR_QUERY_ALIASINFO, &data, &rdata)) { - SAMR_R_GET_ALIASINFO r_o; + SAMR_R_QUERY_ALIASINFO r_o; BOOL p; - samr_io_r_get_aliasinfo("", &r_o, &rdata, 0); + /* get alias info */ + r_o.ctr = ctr; + + samr_io_r_query_aliasinfo("", &r_o, &rdata, 0); p = rdata.offset != 0; if (p && r_o.status != 0) { /* report error code */ - DEBUG(4,("SAMR_R_GET_ALIASINFO: %s\n", get_nt_error_msg(r_o.status))); + DEBUG(4,("SAMR_R_QUERY_ALIASINFO: %s\n", get_nt_error_msg(r_o.status))); p = False; } @@ -1345,7 +1383,6 @@ BOOL samr_get_aliasinfo(struct cli_state *cli, uint16 fnum, return valid_pol; } -#endif /**************************************************************************** do a SAMR Set Alias Info @@ -2326,7 +2363,7 @@ BOOL samr_query_groupinfo(struct cli_state *cli, uint16 fnum, SAMR_R_QUERY_GROUPINFO r_o; BOOL p; - /* get user info */ + /* get group info */ r_o.ctr = ctr; samr_io_r_query_groupinfo("", &r_o, &rdata, 0); diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 1656f017da..a1506f8ca2 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -37,6 +37,33 @@ extern struct cli_state *smb_cli; extern FILE* out_hnd; +static void sam_display_alias_info(char *domain, DOM_SID *sid, + uint32 alias_rid, + ALIAS_INFO_CTR *ctr) +{ + display_alias_info_ctr(out_hnd, ACTION_HEADER , ctr); + display_alias_info_ctr(out_hnd, ACTION_ENUMERATE, ctr); + display_alias_info_ctr(out_hnd, ACTION_FOOTER , ctr); +} + +static void sam_display_alias(char *domain, DOM_SID *sid, + uint32 alias_rid, char *alias_name) +{ + report(out_hnd, "Alias RID: %8x Alias Name: %s\n", + alias_rid, alias_name); +} + +static void sam_display_alias_members(char *domain, DOM_SID *sid, + uint32 alias_rid, char *alias_name, + uint32 num_names, + DOM_SID **sids, + char **name, + uint8 *type) +{ + display_alias_members(out_hnd, ACTION_HEADER , num_names, name, type); + display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, name, type); + display_alias_members(out_hnd, ACTION_FOOTER , num_names, name, type); +} static void sam_display_group_info(char *domain, DOM_SID *sid, uint32 group_rid, @@ -474,41 +501,69 @@ BOOL sam_query_dominfo(struct client_info *info, DOM_SID *sid1, } +static BOOL query_aliasinfo(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_dom, + char *domain, + DOM_SID *sid, + uint32 alias_rid, + ALIAS_INFO_FN(grp_inf)) +{ + ALIAS_INFO_CTR ctr; -static void req_samr_aliasmem(struct cli_state *cli, uint16 fnum, - const char *srv_name, - POLICY_HND *pol_dom, uint32 alias_rid) + /* send alias info query */ + if (get_samr_query_aliasinfo(smb_cli, fnum, + pol_dom, + 3, /* info level */ + alias_rid, &ctr)) + { + if (grp_inf != NULL) + { + grp_inf(domain, sid, alias_rid, &ctr); + } + return True; + } + return False; +} + +BOOL sam_query_aliasmem(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_dom, + uint32 alias_rid, + uint32 *num_names, + DOM_SID ***sids, + char ***name, + uint8 **type) { - uint32 num_aliases; + BOOL res3 = True; + BOOL res4 = True; DOM_SID2 sid_mem[MAX_LOOKUP_SIDS]; + uint32 num_aliases = 0; - /* send user aliases query */ - if (get_samr_query_aliasmem(smb_cli, fnum, - pol_dom, - alias_rid, &num_aliases, sid_mem)) + *sids = NULL; + *num_names = 0; + *name = NULL; + *type = NULL; + + /* get alias members */ + res3 = get_samr_query_aliasmem(smb_cli, fnum, + pol_dom, + alias_rid, &num_aliases, sid_mem); + + if (res3 && num_aliases != 0) { + fstring srv_name; uint16 fnum_lsa; POLICY_HND lsa_pol; - BOOL res3 = True; - BOOL res4 = True; - char **names = NULL; - int num_names = 0; - DOM_SID **sids = NULL; uint32 i; + uint32 numsids = 0; - if (num_aliases != 0) - { - sids = (DOM_SID**)malloc(num_aliases * sizeof(DOM_SID*)); - } + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, cli->desthost); + strupper(srv_name); - res3 = sids != NULL; - if (res3) + for (i = 0; i < num_aliases; i++) { - for (i = 0; i < num_aliases; i++) - { - sids[i] = &sid_mem[i].sid; - } + add_sid_to_array(&numsids, sids, &sid_mem[i].sid); } /* open LSARPC session. */ @@ -522,25 +577,67 @@ static void req_samr_aliasmem(struct cli_state *cli, uint16 fnum, /* send lsa lookup sids call */ res4 = res3 ? lsa_lookup_sids(smb_cli, fnum_lsa, &lsa_pol, - num_aliases, sids, - &names, NULL, &num_names) : False; + num_aliases, *sids, + name, type, num_names) : False; res3 = res3 ? lsa_close(smb_cli, fnum_lsa, &lsa_pol) : False; cli_nt_session_close(smb_cli, fnum_lsa); + } + + if (!res4) + { + free_char_array(*num_names, *name); + if ((*type) != NULL) + { + free(*type); + } + if ((*sids) != NULL) + { + free_sid_array(num_aliases, *sids); + } + *num_names = 0; + *name = NULL; + *type = NULL; + *sids = NULL; + } + + return res4; +} + +static BOOL req_aliasmem_info(struct cli_state *cli, uint16 fnum, + POLICY_HND *pol_dom, + char *domain, + DOM_SID *sid, + uint32 alias_rid, + char *alias_name, + ALIAS_MEM_FN(als_mem)) +{ + uint32 num_names = 0; + char **name = NULL; + uint8 *type = NULL; + DOM_SID **sids = NULL; + + if (sam_query_aliasmem(cli, fnum, pol_dom, alias_rid, + &num_names, &sids, + &name, &type)) + { + als_mem(domain, sid, + alias_rid, alias_name, + num_names, sids, name, type); - if (res4 && names != NULL) + free_char_array(num_names, name); + if (type != NULL) { - display_alias_members(out_hnd, ACTION_HEADER , num_names, names); - display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, names); - display_alias_members(out_hnd, ACTION_FOOTER , num_names, names); + free(type); } - free_char_array(num_names, names); if (sids != NULL) { - free(sids); + free_sid_array(num_names, sids); } + return True; } + return False; } BOOL sam_query_groupmem(struct cli_state *cli, uint16 fnum, @@ -725,6 +822,7 @@ uint32 msrpc_sam_enum_groups(struct client_info *info, &pol_dom) : False; (*sam) = NULL; + (*num_sam_entries) = 0; if (res) { @@ -792,6 +890,133 @@ uint32 msrpc_sam_enum_groups(struct client_info *info, return (*num_sam_entries); } +/**************************************************************************** +SAM aliases query. +****************************************************************************/ +uint32 msrpc_sam_enum_aliases(struct client_info *info, + struct acct_info **sam, + uint32 *num_sam_entries, + ALIAS_FN(als_fn), + ALIAS_INFO_FN(als_inf_fn), + ALIAS_MEM_FN(als_mem_fn)) +{ + uint16 fnum; + fstring srv_name; + fstring domain; + fstring sid; + DOM_SID sid1; + BOOL res = True; + uint32 ace_perms = 0x02000000; /* access control permissions */ + POLICY_HND sam_pol; + POLICY_HND pol_dom; + uint32 status = 0x0; + + sid_copy(&sid1, &info->dom.level5_sid); + sid_to_string(sid, &sid1); + fstrcpy(domain, info->dom.level5_dom); + + if (sid1.num_auths == 0) + { + report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); + return 0; + } + + fstrcpy(srv_name, "\\\\"); + fstrcat(srv_name, info->dest_host); + strupper(srv_name); + + report(out_hnd, "SAM Enumerate Aliases\n"); + report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", + info->myhostname, srv_name, domain, sid); + + /* open SAMR session. negotiate credentials */ + res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False; + + /* establish a connection. */ + res = res ? samr_connect(smb_cli, fnum, + srv_name, 0x02000000, + &sam_pol) : False; + + /* connect to the domain */ + res = res ? samr_open_domain(smb_cli, fnum, + &sam_pol, ace_perms, &sid1, + &pol_dom) : False; + + (*sam) = NULL; + (*num_sam_entries) = 0; + + if (res) + { + uint32 alias_idx; + uint32 start_idx = 0; + /* read some groups */ + do + { + status = samr_enum_dom_aliases(smb_cli, fnum, + &pol_dom, + &start_idx, 0x100000, + sam, num_sam_entries); + + } while (status == STATUS_MORE_ENTRIES); + + if ((*num_sam_entries) == 0) + { + report(out_hnd, "No aliases\n"); + } + + for (alias_idx = 0; alias_idx < (*num_sam_entries); alias_idx++) + { + uint32 alias_rid = (*sam)[alias_idx].rid; + char *alias_name = (*sam)[alias_idx].acct_name; + + if (als_fn != NULL) + { + als_fn(domain, &sid1, alias_rid, alias_name); + } + + if (als_inf_fn != NULL) + { + query_aliasinfo(smb_cli, fnum, &pol_dom, + domain, &sid1, + alias_rid, + als_inf_fn); + } + if (als_mem_fn != NULL) + { + req_aliasmem_info(smb_cli, fnum, &pol_dom, + domain, &sid1, + alias_rid, alias_name, + als_mem_fn); + } + } + } + + res = res ? samr_close(smb_cli, fnum, + &sam_pol) : False; + + res = res ? samr_close(smb_cli, fnum, + &pol_dom) : False; + + /* close the session */ + cli_nt_session_close(smb_cli, fnum); + + if (sam != NULL) + { + free(sam); + } + + if (res) + { + DEBUG(5,("msrpc_sam_enum_aliases: succeeded\n")); + } + else + { + DEBUG(5,("msrpc_sam_enum_aliases: failed\n")); + } + + return (*num_sam_entries); +} + /**************************************************************************** SAM password change ****************************************************************************/ @@ -885,7 +1110,7 @@ void cmd_sam_test(struct client_info *info) fstrcpy(domain, info->dom.level5_dom); /* - if (strlen(sid) == 0) + if (sid1.num_auths == 0) { report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; @@ -2317,7 +2542,7 @@ void cmd_sam_query_dispinfo(struct client_info *info) sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); - if (strlen(sid) == 0) + if (sid1.num_auths == 0) { fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; @@ -2397,7 +2622,7 @@ void cmd_sam_query_dominfo(struct client_info *info) sid_to_string(sid, &info->dom.level5_sid); fstrcpy(domain, info->dom.level5_dom); - if (strlen(sid) == 0) + if (sid1.num_auths == 0) { report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; @@ -2432,114 +2657,38 @@ SAM aliases query. ****************************************************************************/ void cmd_sam_enum_aliases(struct client_info *info) { - uint16 fnum; - fstring srv_name; - fstring domain; - fstring sid; - DOM_SID sid1; - BOOL res = True; BOOL request_member_info = False; - uint32 ace_perms = 0x02000000; /* access control permissions */ + BOOL request_alias_info = False; fstring tmp; - uint32 alias_idx; - struct acct_info *sam; - uint32 num_sam_entries; - POLICY_HND sam_pol; - POLICY_HND pol_dom; - - sid_to_string(sid, &info->dom.level5_sid); - fstrcpy(domain, info->dom.level5_dom); -#if 0 - fstrcpy(sid , "S-1-5-20"); -#endif - if (strlen(sid) == 0) - { - report(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); - return; - } - - string_to_sid(&sid1, sid); - - fstrcpy(srv_name, "\\\\"); - fstrcat(srv_name, info->dest_host); - strupper(srv_name); - - /* a bad way to do token parsing... */ - if (next_token(NULL, tmp, NULL, sizeof(tmp))) - { - request_member_info |= strequal(tmp, "-m"); - } - - report(out_hnd, "SAM Enumerate Aliases\n"); - report(out_hnd, "From: %s To: %s Domain: %s SID: %s\n", - info->myhostname, srv_name, domain, sid); - - /* open SAMR session. negotiate credentials */ - res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False; - - /* establish a connection. */ - res = res ? samr_connect(smb_cli, fnum, - srv_name, 0x02000000, - &sam_pol) : False; - - /* connect to the domain */ - res = res ? samr_open_domain(smb_cli, fnum, - &sam_pol, ace_perms, &sid1, - &pol_dom) : False; - - sam = NULL; - - /* read some aliases */ - res = res ? samr_enum_dom_aliases(smb_cli, fnum, - &pol_dom, - 0x0, 0xffff, - &sam, &num_sam_entries) : False; - - if (res && num_sam_entries == 0) - { - report(out_hnd, "No aliases\n"); - } + int i; + struct acct_info *sam = NULL; + uint32 num_sam_entries = 0; - if (res) + for (i = 0; i < 2; i++) { - for (alias_idx = 0; alias_idx < num_sam_entries; alias_idx++) + /* a bad way to do token parsing... */ + if (next_token(NULL, tmp, NULL, sizeof(tmp))) { - uint32 alias_rid = sam[alias_idx].rid; - - report(out_hnd, "Alias RID: %8x Group Name: %s\n", - alias_rid, - sam[alias_idx].acct_name); - - if (request_member_info) - { - req_samr_aliasmem(smb_cli, fnum, - srv_name, &pol_dom, alias_rid); - } + request_member_info |= strequal(tmp, "-m"); + request_alias_info |= strequal(tmp, "-a"); + } + else + { + break; } } - res = res ? samr_close(smb_cli, fnum, - &sam_pol) : False; - - res = res ? samr_close(smb_cli, fnum, - &pol_dom) : False; + report(out_hnd, "SAM Enumerate Aliases\n"); - /* close the session */ - cli_nt_session_close(smb_cli, fnum); + msrpc_sam_enum_aliases(info, &sam, &num_sam_entries, + sam_display_alias, + request_alias_info ? sam_display_alias_info : NULL, + request_member_info ? sam_display_alias_members : NULL); if (sam != NULL) { free(sam); } - - if (res) - { - DEBUG(5,("cmd_sam_enum_aliases: succeeded\n")); - } - else - { - DEBUG(5,("cmd_sam_enum_aliases: failed\n")); - } } /**************************************************************************** diff --git a/source3/rpcclient/display.c b/source3/rpcclient/display.c index c8e69101ea..bb99769201 100644 --- a/source3/rpcclient/display.c +++ b/source3/rpcclient/display.c @@ -1201,7 +1201,8 @@ void display_name(FILE *out_hnd, enum action_type action, display alias members ****************************************************************************/ void display_alias_members(FILE *out_hnd, enum action_type action, - uint32 num_mem, char **sid_mem) + uint32 num_mem, char **sid_mem, + uint8 *type) { switch (action) { @@ -1226,7 +1227,9 @@ void display_alias_members(FILE *out_hnd, enum action_type action, { if (sid_mem[i] != NULL) { - fprintf(out_hnd, "\tMember Name:\t%s\n", sid_mem[i]); + fprintf(out_hnd, "\tMember Name:\t%s\tType:\t%s\n", + sid_mem[i], + get_sid_name_use_str(type[i])); } } @@ -1512,6 +1515,70 @@ void display_alias_name_info(FILE *out_hnd, enum action_type action, } } +/**************************************************************************** + display alias info + ****************************************************************************/ +void display_alias_info3(FILE *out_hnd, enum action_type action, ALIAS_INFO3 *info3) + +{ + switch (action) + { + case ACTION_HEADER: + { + break; + } + case ACTION_ENUMERATE: + { + fstring temp; + + unistr2_to_ascii(temp, &info3->uni_acct_desc, sizeof(temp)-1); + fprintf(out_hnd, "\tDescription:\t%s\n", temp); + break; + } + case ACTION_FOOTER: + { + break; + } + } +} + +/**************************************************************************** + display sam sync structure + ****************************************************************************/ +void display_alias_info_ctr(FILE *out_hnd, enum action_type action, + ALIAS_INFO_CTR *ctr) +{ + switch (action) + { + case ACTION_HEADER: + { + fprintf(out_hnd, "\tSAM Group Info\n"); + fprintf(out_hnd, "\t--------------\n"); + + break; + } + case ACTION_ENUMERATE: + { + switch (ctr->switch_value1) + { + case 3: + { + display_alias_info3(out_hnd, ACTION_HEADER , &ctr->alias.info3); + display_alias_info3(out_hnd, ACTION_ENUMERATE, &ctr->alias.info3); + display_alias_info3(out_hnd, ACTION_FOOTER , &ctr->alias.info3); + break; + } + } + break; + } + case ACTION_FOOTER: + { + fprintf(out_hnd, "\n"); + break; + } + } +} + /**************************************************************************** display sam_user_info_21 structure -- cgit