#!/bin/sh exec smbscript "$0" ${1+"$@"} /* Dump Samba3 data Copyright Jelmer Vernooij 2005 Released under the GNU GPL v2 or later */ options = GetOptions(ARGV, "POPT_AUTOHELP", "POPT_COMMON_SAMBA", "POPT_COMMON_VERSION", 'format=s', 'quiet', 'blank'); if (options == undefined) { println("Failed to parse options"); return -1; } if (options.format == undefined) { options.format = "summary"; } if (options.format != "summary" && options.format != "full") { printf("Unknown format %s\n", options.format); return -1; } libinclude("base.js"); if (ARGV.length != 3) { println("Usage: samba3dump "); return -1; } function print_header(txt) { printf("\n%s\n", txt); for (i = 0; txt[i]; i++) putchar('='); putchar('\n'); } function print_samba3_policy(pol) { print_header("Account Policies"); printf("Min password length: %d\n", pol.min_password_length); printf("Password history length: %d\n", pol.password_history); printf("User must logon to change password: %d\n", pol.user_must_logon_to_change_password); printf("Maximum password age: %d\n", pol.maximum_password_age); printf("Minimum password age: %d\n", pol.minimum_password_age); printf("Lockout duration: %d\n", pol.lockout_duration); printf("Reset Count Minutes: %d\n", pol.reset_count_minutes); printf("Bad Lockout Minutes: %d\n", pol.bad_lockout_minutes); printf("Disconnect Time: %d\n", pol.disconnect_time); printf("Refuse Machine Password Change: %d\n", pol.refuse_machine_password_change); } function print_samba3_sam(samba3) { print_header("SAM Database"); for (i = 0; i < samba3.samaccount_count; i++) { printf("%d: %s\n", samba3.samaccounts[i].user_rid, samba3.samaccounts[i].username); } } function print_samba3_shares(samba3) { print_header("Configured shares"); for (i = 0; i < samba3.share_count; i++) { printf("--- %s ---\n", samba3.shares[i].name); for (j = 0; j < samba3.shares[i].parameter_count; j++) { printf("\t%s = %s\n", samba3.shares[i].parameters[j].name, samba3.shares[i].parameters[j].value); } println(""); } } function print_samba3_secrets(secrets) { print_header("Secrets"); println("IPC Credentials:"); if (secrets.ipc_cred.username_obtained) printf(" User: %s\n", secrets.ipc_cred.username); if (secrets.ipc_cred.password_obtained) printf(" Password: %s\n", secrets.ipc_cred.password); if (secrets.ipc_cred.domain_obtained) printf(" Domain: %s\n\n", secrets.ipc_cred.domain); println("LDAP passwords:"); for (i = 0; i < secrets.ldappw_count; i++) { printf("\t%s -> %s\n", secrets.ldappws[i].dn, secrets.ldappws[i].password); } println(""); println("Domains:"); for (i = 0; i < secrets.domain_count; i++) { printf("\t--- %s ---\n", secrets.domains[i].name); printf("\tSID: %s\n", secrets.domains[i].sid); printf("\tGUID: %s\n", secrets.domains[i].guid); printf("\tPlaintext pwd: %s\n", secrets.domains[i].plaintext_pw); printf("\tLast Changed: %lu\n", secrets.domains[i].last_change_time); printf("\tSecure Channel Type: %d\n\n", secrets.domains[i].sec_channel_type); } println("Trusted domains:"); for (i = 0; i < secrets.trusted_domain_count; i++) { for (j = 0; j < secrets.trusted_domains[i].uni_name_len; j++) { printf("\t--- %s ---\n", secrets.trusted_domains[i].uni_name[j]); } printf("\tPassword: %s\n", secrets.trusted_domains[i].pass); printf("\tModified: %lu\n", secrets.trusted_domains[i].mod_time); printf("\tSID: %s\n", secrets.trusted_domains[i].domain_sid); } } function print_samba3_regdb(regdb) { print_header("Registry"); for (i = 0; i < regdb.key_count; i++) { printf("%s\n", regdb.keys[i].name); for (j = 0; j < regdb.keys[i].value_count; j++) { printf("\t%s: type %d, length %d\n", regdb.keys[i].values[j].name, regdb.keys[i].values[j].type, regdb.keys[i].values[j].data.length); } } } function print_samba3_winsdb(samba3) { print_header("WINS Database"); for (i = 0; i < samba3.winsdb_count; i++) { printf("%s, nb_flags: %x, type: %d, ttl: %lu, %d ips\n", samba3.winsdb_entries[i].name, samba3.winsdb_entries[i].nb_flags, samba3.winsdb_entries[i].type, samba3.winsdb_entries[i].ttl, samba3.winsdb_entries[i].ip_count); } } function print_samba3_groupdb(groupdb) { int i; print_header("Group Mappings"); for (i = 0; i < groupdb.groupmap_count; i++) { printf("\t--- Group: %s ---\n", groupdb.groupmappings[i].nt_name); printf("\tComment: %s\n", groupdb.groupmappings[i].comment); printf("\tGID: %d\n", groupdb.groupmappings[i].gid); printf("\tSID Name Use: %d\n", groupdb.groupmappings[i].sid_name_use); printf("\tSID: %s\n\n", groupdb.groupmappings[i].sid); } for (i = 0; i < groupdb.alias_count; i++) { int j; printf("\t--- Alias: %s ---\n", groupdb.aliases[i].sid); for (j = 0; j < groupdb.aliases[i].member_count; j++) { printf("\t%s\n", groupdb.aliases[i].members[j]); } } } function print_samba3_idmapdb(idmapdb) { print_header("Winbindd SID<->GID/UID mappings"); printf("User High Water Mark: %d\n", idmapdb.user_hwm); printf("Group High Water Mark: %d\n\n", idmapdb.group_hwm); for (i = 0; i < idmapdb.mapping_count; i++) { printf("%s -> ", idmapdb.mappings[i].sid); if (idmapdb.mappings[i].type == IDMAP_GROUP) { printf("GID %d", idmapdb.mappings[i].unix_id); } else { printf("UID %d", idmapdb.mappings[i].unix_id); } } } function print_samba3(samba3) { print_samba3_sam(samba3); print_samba3_policy(samba3.policy); print_samba3_shares(samba3); print_samba3_winsdb(samba3); print_samba3_regdb(samba3.registry); print_samba3_secrets(samba3.secrets); print_samba3_groupdb(samba3.group); print_samba3_idmapdb(samba3.idmap); } function print_samba3_summary(samba3) { printf("WINS db entries: %d\n", samba3.winsdb_count); printf("SAM Accounts: %d\n", samba3.samaccount_count); printf("Registry key count: %d\n", samba3.registry.key_count); printf("Shares (including [global]): %d\n", samba3.share_count); printf("Groupmap count: %d\n", samba3.group.groupmap_count); printf("Alias count: %d\n", samba3.group.alias_count); printf("Idmap count: %d\n", samba3.idmap.mapping_count); } samba3 = samba3_read(ARGV[1], ARGV[2]); if (options.format == "summary") { print_samba3_summary(samba3); } else if (options.format == "full") { print_samba3(samba3); } return 0;