From 30038de4623bc827ee8019c569faf00583d1fe58 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 29 Nov 1998 20:03:33 +0000 Subject: weekend work. user / group database API. - split sam_passwd and smb_passwd into separate higher-order function tables - renamed struct smb_passwd's "smb_user" to "unix_user". added "nt_user" plus user_rid, and added a "wrap" function in both sam_passwd and smb_passwd password databases to fill in the blank entries that are not obtained from whatever password database API instance is being used. NOTE: whenever a struct smb_passwd or struct sam_passwd is used, it MUST be initialised with pwdb_sam_init() or pwd_smb_init(), see chgpasswd.c for the only example outside of the password database APIs i could find. - added query_useraliases code to rpcclient. - dealt with some nasty interdependencies involving non-smbd programs and the password database API. this is still not satisfactorily resolved completelely, but it's the best i can do for now. - #ifdef'd out some password database options so that people don't mistakenly set them unless they recompile to _use_ those options. lots of debugging done, it's still not finished. the unix/NT uid/gid and user-rid/group-rid issues are better, but not perfect. the "BUILTIN" domain is still missing: users cannot be added to "BUILTIN" groups yet, as we only have an "alias" db API and a "group" db API but not "builtin-alias" db API... (This used to be commit 5d5d7e4de7d1514ab87b07ede629de8aa00519a1) --- source3/rpcclient/cmd_lsarpc.c | 2 +- source3/rpcclient/cmd_samr.c | 60 ++++++++++++++++++++++++++++-------------- source3/rpcclient/display.c | 44 +++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+), 21 deletions(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index 4a907fa344..83d2e40af4 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -252,7 +252,7 @@ void cmd_lsa_lookup_sids(struct client_info *info) fstrcat(sid_name, "-"); fstrcat(sid_name, temp); } - make_dom_sid(&sid[num_sids], sid_name); + string_to_sid(&sid[num_sids], sid_name); sids[num_sids] = &sid[num_sids]; num_sids++; } diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index eeb34c8f88..7a65fc5c37 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -185,39 +185,39 @@ void cmd_sam_enum_users(struct client_info *info) BOOL res = True; BOOL request_user_info = False; BOOL request_group_info = False; + BOOL request_alias_info = False; uint16 num_entries = 0; uint16 unk_0 = 0x0; uint16 acb_mask = 0; uint16 unk_1 = 0x0; uint32 admin_rid = 0x304; /* absolutely no idea. */ fstring tmp; + int i; - sid_to_string(sid, &info->dom.level5_sid); + sid_copy(&sid1, &info->dom.level5_sid); + sid_to_string(sid, &sid1); fstrcpy(domain, info->dom.level5_dom); - if (strlen(sid) == 0) + if (sid1.num_auths == 0) { fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n"); return; } - make_dom_sid(&sid1, sid); fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); strupper(srv_name); - /* a bad way to do token parsing... */ - if (next_token(NULL, tmp, NULL, sizeof(tmp))) + for (i = 0; i < 3; i++) { - request_user_info |= strequal(tmp, "-u"); - request_group_info |= strequal(tmp, "-g"); - } - - if (next_token(NULL, tmp, NULL, sizeof(tmp))) - { - request_user_info |= strequal(tmp, "-u"); - request_group_info |= strequal(tmp, "-g"); + /* a bad way to do token parsing... */ + if (next_token(NULL, tmp, NULL, sizeof(tmp))) + { + request_user_info |= strequal(tmp, "-u"); + request_group_info |= strequal(tmp, "-g"); + request_alias_info |= strequal(tmp, "-a"); + } } #ifdef DEBUG_TESTING @@ -275,14 +275,14 @@ void cmd_sam_enum_users(struct client_info *info) fprintf(out_hnd, "No users\n"); } - if (request_user_info || request_group_info) + if (request_user_info || request_group_info || request_alias_info) { /* query all the users */ user_idx = 0; while (res && user_idx < info->dom.num_sam_entries) { - uint32 user_rid = info->dom.sam[user_idx].smb_userid; + uint32 user_rid = info->dom.sam[user_idx].user_rid; SAM_USER_INFO_21 usr; fprintf(out_hnd, "User RID: %8x User Name: %s\n", @@ -318,6 +318,26 @@ void cmd_sam_enum_users(struct client_info *info) } } + if (request_alias_info) + { + uint32 num_aliases; + uint32 rid[LSA_MAX_GROUPS]; + DOM_SID als_sid; + + sid_copy(&als_sid, &sid1); + sid_append_rid(&als_sid, user_rid); + + /* send user alias query */ + if (do_samr_query_useraliases(smb_cli, + &info->dom.samr_pol_open_domain, + &als_sid, &num_aliases, rid)) + { + display_alias_rid_info(out_hnd, ACTION_HEADER , &als_sid, num_aliases, rid); + display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &als_sid, num_aliases, rid); + display_alias_rid_info(out_hnd, ACTION_FOOTER , &als_sid, num_aliases, rid); + } + } + user_idx++; } } @@ -375,7 +395,7 @@ void cmd_sam_query_user(struct client_info *info) return; } - make_dom_sid(&sid1, sid); + string_to_sid(&sid1, sid); fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); @@ -466,7 +486,7 @@ void cmd_sam_query_groups(struct client_info *info) return; } - make_dom_sid(&sid1, sid); + string_to_sid(&sid1, sid); fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); @@ -549,7 +569,7 @@ void cmd_sam_enum_aliases(struct client_info *info) return; } - make_dom_sid(&sid1, sid); + string_to_sid(&sid1, sid); fstrcpy(srv_name, "\\\\"); fstrcat(srv_name, info->dest_host); @@ -585,7 +605,7 @@ void cmd_sam_enum_aliases(struct client_info *info) &info->dom.samr_pol_connect, admin_rid, &sid1, &info->dom.samr_pol_open_domain) : False; - /* send a query on the aliase */ + /* send a query on the aliases */ res = res ? do_samr_query_unknown_12(smb_cli, &info->dom.samr_pol_open_domain, admin_rid, num_aliases, alias_rid, &num_aliases, alias_names, num_als_usrs) : False; @@ -617,7 +637,7 @@ void cmd_sam_enum_aliases(struct client_info *info) while (res && user_idx < info->dom.num_sam_entries) { - uint32 user_rid = info->dom.sam[user_idx].smb_userid; + uint32 user_rid = info->dom.sam[user_idx].user_rid; SAM_USER_INFO_21 usr; fprintf(out_hnd, "User RID: %8x User Name: %s\n", diff --git a/source3/rpcclient/display.c b/source3/rpcclient/display.c index a2248920cd..5f63b02c76 100644 --- a/source3/rpcclient/display.c +++ b/source3/rpcclient/display.c @@ -866,6 +866,50 @@ void display_name(FILE *out_hnd, enum action_type action, } +/**************************************************************************** + display alias rid info + ****************************************************************************/ +void display_alias_rid_info(FILE *out_hnd, enum action_type action, + DOM_SID *sid, + uint32 num_rids, uint32 *rid) +{ + switch (action) + { + case ACTION_HEADER: + { + fstring sid_str; + sid_to_string(sid_str, sid); + if (num_rids == 0) + { + fprintf(out_hnd, "\tNo Aliases: Sid %s\n", sid_str); + } + else + { + fprintf(out_hnd, "\tAlias Info: Sid %s\n", sid_str); + fprintf(out_hnd, "\t----------\n"); + } + break; + } + case ACTION_ENUMERATE: + { + int i; + + for (i = 0; i < num_rids; i++) + { + fprintf(out_hnd, "\tAlias RID: %8x\n", rid[i]); + } + + break; + } + case ACTION_FOOTER: + { + fprintf(out_hnd, "\n"); + break; + } + } +} + + /**************************************************************************** display group rid info ****************************************************************************/ -- cgit