From 9f2e29799eac96068fa033bdc4a9df5a82ec470d Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 6 Mar 2006 15:22:00 +0000 Subject: r13864: Some cleanup and the samr set security object function client-side. Guenther (This used to be commit 0ae3fddf95a95ec8a2f4d52e1276c1721b33ddfd) --- source3/rpcclient/cmd_samr.c | 14 +++++++++----- source3/rpcclient/display_sec.c | 43 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 52 insertions(+), 5 deletions(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c index 82194c84c7..5e1f0c37dd 100644 --- a/source3/rpcclient/cmd_samr.c +++ b/source3/rpcclient/cmd_samr.c @@ -1757,7 +1757,7 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, { POLICY_HND connect_pol, domain_pol, user_pol, *pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32 info_level = 4; + uint32 sec_info = DACL_SECURITY_INFORMATION; fstring server; uint32 user_rid = 0; TALLOC_CTX *ctx = NULL; @@ -1766,8 +1766,8 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, ctx=talloc_init("cmd_samr_query_sec_obj"); - if ((argc < 1) || (argc > 2)) { - printf("Usage: %s [rid|-d]\n", argv[0]); + if ((argc < 1) || (argc > 3)) { + printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]); printf("\tSpecify rid for security on user, -d for security on domain\n"); return NT_STATUS_OK; } @@ -1778,6 +1778,10 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, else sscanf(argv[1], "%i", &user_rid); } + + if (argc == 3) { + sec_info = atoi(argv[2]); + } slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); @@ -1815,14 +1819,14 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, /* Query SAM security object */ - result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, info_level, ctx, + result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx, &sec_desc_buf); if (!NT_STATUS_IS_OK(result)) goto done; display_sec_desc(sec_desc_buf->sec); - + rpccli_samr_close(cli, mem_ctx, &user_pol); rpccli_samr_close(cli, mem_ctx, &domain_pol); rpccli_samr_close(cli, mem_ctx, &connect_pol); diff --git a/source3/rpcclient/display_sec.c b/source3/rpcclient/display_sec.c index 2a93c915f1..bc735fa00c 100644 --- a/source3/rpcclient/display_sec.c +++ b/source3/rpcclient/display_sec.c @@ -115,6 +115,41 @@ void display_sec_acl(SEC_ACL *sec_acl) } +void display_acl_type(uint16 type) +{ + static fstring typestr=""; + + typestr[0] = 0; + + if (type & SEC_DESC_OWNER_DEFAULTED) /* 0x0001 */ + fstrcat(typestr, "SEC_DESC_OWNER_DEFAULTED "); + if (type & SEC_DESC_GROUP_DEFAULTED) /* 0x0002 */ + fstrcat(typestr, "SEC_DESC_GROUP_DEFAULTED "); + if (type & SEC_DESC_DACL_PRESENT) /* 0x0004 */ + fstrcat(typestr, "SEC_DESC_DACL_PRESENT "); + if (type & SEC_DESC_DACL_DEFAULTED) /* 0x0008 */ + fstrcat(typestr, "SEC_DESC_DACL_DEFAULTED "); + if (type & SEC_DESC_SACL_PRESENT) /* 0x0010 */ + fstrcat(typestr, "SEC_DESC_SACL_PRESENT "); + if (type & SEC_DESC_SACL_DEFAULTED) /* 0x0020 */ + fstrcat(typestr, "SEC_DESC_SACL_DEFAULTED "); + if (type & SEC_DESC_DACL_TRUSTED) /* 0x0040 */ + fstrcat(typestr, "SEC_DESC_DACL_TRUSTED "); + if (type & SEC_DESC_SERVER_SECURITY) /* 0x0080 */ + fstrcat(typestr, "SEC_DESC_SERVER_SECURITY "); + if (type & 0x0100) fstrcat(typestr, "0x0100 "); + if (type & 0x0200) fstrcat(typestr, "0x0200 "); + if (type & 0x0400) fstrcat(typestr, "0x0400 "); + if (type & 0x0800) fstrcat(typestr, "0x0800 "); + if (type & 0x1000) fstrcat(typestr, "0x1000 "); + if (type & 0x2000) fstrcat(typestr, "0x2000 "); + if (type & 0x4000) fstrcat(typestr, "0x4000 "); + if (type & SEC_DESC_SELF_RELATIVE) /* 0x8000 */ + fstrcat(typestr, "SEC_DESC_SELF_RELATIVE "); + + printf("type: 0x%04x: %s\n", type, typestr); +} + /**************************************************************************** display sec_desc structure ****************************************************************************/ @@ -122,6 +157,14 @@ void display_sec_desc(SEC_DESC *sec) { fstring sid_str; + if (!sec) { + printf("NULL\n"); + return; + } + + printf("revision: %d\n", sec->revision); + display_acl_type(sec->type); + if (sec->sacl) { printf("SACL\n"); display_sec_acl(sec->sacl); -- cgit