From 4242eda183393b0535ac8ef880b4f441c60137af Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 15 Jan 2003 17:22:48 +0000 Subject: merging some rpcclient and net functionality from HEAD (This used to be commit 7a4c87484237308cb3ad0d671687da7e0f6e733b) --- source3/rpcclient/cmd_lsarpc.c | 48 ++++++++++++++++++++++++++++++++++++++++++ source3/rpcclient/rpcclient.c | 2 +- 2 files changed, 49 insertions(+), 1 deletion(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/cmd_lsarpc.c b/source3/rpcclient/cmd_lsarpc.c index b452eab625..cbc291eca9 100644 --- a/source3/rpcclient/cmd_lsarpc.c +++ b/source3/rpcclient/cmd_lsarpc.c @@ -410,6 +410,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli, POLICY_HND dom_pol; POLICY_HND user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + uint32 access_desired = 0x000f000f; DOM_SID sid; uint32 count=0; @@ -452,6 +453,52 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli, return result; } + +/* Enumerate the privileges of an SID via LsaEnumerateAccountRights */ + +static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + char **argv) +{ + POLICY_HND dom_pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + DOM_SID sid; + uint32 count; + char **rights; + + int i; + + if (argc != 2 ) { + printf("Usage: %s SID\n", argv[0]); + return NT_STATUS_OK; + } + + string_to_sid(&sid, argv[1]); + + result = cli_lsa_open_policy2(cli, mem_ctx, True, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &dom_pol); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + printf("found %d privileges for SID %s\n", count, argv[1]); + + for (i = 0; i < count; i++) { + printf("\t%s\n", rights[i]); + } + + done: + return result; +} + + /* Get a privilege value given its name */ static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli, @@ -538,6 +585,7 @@ struct cmd_set lsarpc_commands[] = { { "getdispname", cmd_lsa_get_dispname, PI_LSARPC, "Get the privilege name", "" }, { "lsaenumsid", cmd_lsa_enum_sids, PI_LSARPC, "Enumerate the LSA SIDS", "" }, { "lsaenumprivsaccount", cmd_lsa_enum_privsaccounts, PI_LSARPC, "Enumerate the privileges of an SID", "" }, + { "lsaenumacctrights", cmd_lsa_enum_acct_rights, PI_LSARPC, "Enumerate the rights of an SID", "" }, { "lsalookupprivvalue", cmd_lsa_lookupprivvalue, PI_LSARPC, "Get a privilege value given its name", "" }, { "lsaquerysecobj", cmd_lsa_query_secobj, PI_LSARPC, "Query LSA security object", "" }, diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index dc33a8ec2a..2609519dc4 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -700,7 +700,7 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd) /* Resolve the IP address */ if (!opt_ipaddr && !resolve_name(server, &server_ip, 0x20)) { - DEBUG(1,("Unable to resolve %s\n", server)); + fprintf(stderr, "Unable to resolve %s\n", server); return 1; } -- cgit