Context Navigation

source: branches/samba-3.0/source/rpcclient/cmd_samr.c

Visit:

Last change on this file was 124, checked in by Paul Smedley, 17 years ago
Update source to 3.0.28a
File size: 61.5 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	RPC pipe client
4
5	Copyright (C) Andrew Tridgell 1992-2000,
6	Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7	Copyright (C) Elrond 2000,
8	Copyright (C) Tim Potter 2000
9
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License as published by
12	the Free Software Foundation; either version 2 of the License, or
13	(at your option) any later version.
14
15	This program is distributed in the hope that it will be useful,
16	but WITHOUT ANY WARRANTY; without even the implied warranty of
17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	GNU General Public License for more details.
19
20	You should have received a copy of the GNU General Public License
21	along with this program; if not, write to the Free Software
22	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23	*/
24
25	#include "includes.h"
26	#include "rpcclient.h"
27
28	extern DOM_SID domain_sid;
29
30	/****************************************************************************
31	display sam_user_info_7 structure
32	****************************************************************************/
33	static void display_sam_user_info_7(SAM_USER_INFO_7 *usr)
34	{
35	fstring temp;
36
37	unistr2_to_ascii(temp, &usr->uni_name, sizeof(temp)-1);
38	printf("\tUser Name :\t%s\n", temp);
39	}
40
41	/****************************************************************************
42	display sam_user_info_9 structure
43	****************************************************************************/
44	static void display_sam_user_info_9(SAM_USER_INFO_9 *usr)
45	{
46	printf("\tPrimary group RID :\tox%x\n", usr->rid_group);
47	}
48
49	/****************************************************************************
50	display sam_user_info_16 structure
51	****************************************************************************/
52	static void display_sam_user_info_16(SAM_USER_INFO_16 *usr)
53	{
54	printf("\tAcct Flags :\tox%x\n", usr->acb_info);
55	}
56
57	/****************************************************************************
58	display sam_user_info_21 structure
59	****************************************************************************/
60	static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
61	{
62	fstring temp;
63
64	unistr2_to_ascii(temp, &usr->uni_user_name, sizeof(temp)-1);
65	printf("\tUser Name :\t%s\n", temp);
66
67	unistr2_to_ascii(temp, &usr->uni_full_name, sizeof(temp)-1);
68	printf("\tFull Name :\t%s\n", temp);
69
70	unistr2_to_ascii(temp, &usr->uni_home_dir, sizeof(temp)-1);
71	printf("\tHome Drive :\t%s\n", temp);
72
73	unistr2_to_ascii(temp, &usr->uni_dir_drive, sizeof(temp)-1);
74	printf("\tDir Drive :\t%s\n", temp);
75
76	unistr2_to_ascii(temp, &usr->uni_profile_path, sizeof(temp)-1);
77	printf("\tProfile Path:\t%s\n", temp);
78
79	unistr2_to_ascii(temp, &usr->uni_logon_script, sizeof(temp)-1);
80	printf("\tLogon Script:\t%s\n", temp);
81
82	unistr2_to_ascii(temp, &usr->uni_acct_desc, sizeof(temp)-1);
83	printf("\tDescription :\t%s\n", temp);
84
85	unistr2_to_ascii(temp, &usr->uni_workstations, sizeof(temp)-1);
86	printf("\tWorkstations:\t%s\n", temp);
87
88	unistr2_to_ascii(temp, &usr->uni_comment, sizeof(temp)-1);
89	printf("\tUnknown Str :\t%s\n", temp);
90
91	unistr2_to_ascii(temp, &usr->uni_munged_dial, sizeof(temp)-1);
92	printf("\tRemote Dial :\t%s\n", temp);
93
94	printf("\tLogon Time :\t%s\n",
95	http_timestring(nt_time_to_unix(usr->logon_time)));
96	printf("\tLogoff Time :\t%s\n",
97	http_timestring(nt_time_to_unix(usr->logoff_time)));
98	printf("\tKickoff Time :\t%s\n",
99	http_timestring(nt_time_to_unix(usr->kickoff_time)));
100	printf("\tPassword last set Time :\t%s\n",
101	http_timestring(nt_time_to_unix(usr->pass_last_set_time)));
102	printf("\tPassword can change Time :\t%s\n",
103	http_timestring(nt_time_to_unix(usr->pass_can_change_time)));
104	printf("\tPassword must change Time:\t%s\n",
105	http_timestring(nt_time_to_unix(usr->pass_must_change_time)));
106
107	printf("\tunknown_2[0..31]...\n"); /* user passwords? */
108
109	printf("\tuser_rid :\t0x%x\n" , usr->user_rid ); /* User ID */
110	printf("\tgroup_rid:\t0x%x\n" , usr->group_rid); /* Group ID */
111	printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
112
113	printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
114	printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
115	printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
116	printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
117
118	printf("\tpadding1[0..7]...\n");
119
120	if (usr->ptr_logon_hrs) {
121	printf("\tlogon_hrs[0..%d]...\n", usr->logon_hrs.len);
122	}
123	}
124
125
126	static void display_password_properties(uint32 password_properties)
127	{
128	printf("password_properties: 0x%08x\n", password_properties);
129
130	if (password_properties & DOMAIN_PASSWORD_COMPLEX)
131	printf("\tDOMAIN_PASSWORD_COMPLEX\n");
132
133	if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
134	printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
135
136	if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
137	printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
138
139	if (password_properties & DOMAIN_LOCKOUT_ADMINS)
140	printf("\tDOMAIN_LOCKOUT_ADMINS\n");
141
142	if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
143	printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
144
145	if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
146	printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
147	}
148
149	static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1)
150	{
151
152	printf("Minimum password length:\t\t\t%d\n", info1->min_length_password);
153	printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history);
154	display_password_properties(info1->password_properties);
155	printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire));
156	printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage));
157	}
158
159	static void display_sam_unk_info_2(SAM_UNK_INFO_2 *info2)
160	{
161	fstring name;
162
163	unistr2_to_ascii(name, &info2->uni_domain, sizeof(name) - 1);
164	printf("Domain:\t\t%s\n", name);
165
166	unistr2_to_ascii(name, &info2->uni_server, sizeof(name) - 1);
167	printf("Server:\t\t%s\n", name);
168
169	unistr2_to_ascii(name, &info2->uni_comment, sizeof(name) - 1);
170	printf("Comment:\t%s\n", name);
171
172	printf("Total Users:\t%d\n", info2->num_domain_usrs);
173	printf("Total Groups:\t%d\n", info2->num_domain_grps);
174	printf("Total Aliases:\t%d\n", info2->num_local_grps);
175
176	printf("Sequence No:\t%llu\n", (unsigned long long)info2->seq_num);
177
178	printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2->logout));
179
180	printf("Unknown 4:\t0x%x\n", info2->unknown_4);
181	printf("Server Role:\t%s\n", server_role_str(info2->server_role));
182	printf("Unknown 6:\t0x%x\n", info2->unknown_6);
183	}
184
185	static void display_sam_unk_info_3(SAM_UNK_INFO_3 *info3)
186	{
187	printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info3->logout));
188	}
189
190	static void display_sam_unk_info_4(SAM_UNK_INFO_4 *info4)
191	{
192	fstring name;
193
194	unistr2_to_ascii(name, &info4->uni_comment, sizeof(name) - 1);
195	printf("Comment:\t%s\n", name);
196	}
197
198	static void display_sam_unk_info_5(SAM_UNK_INFO_5 *info5)
199	{
200	fstring name;
201
202	unistr2_to_ascii(name, &info5->uni_domain, sizeof(name) - 1);
203	printf("Domain:\t\t%s\n", name);
204	}
205
206	static void display_sam_unk_info_6(SAM_UNK_INFO_6 *info6)
207	{
208	fstring name;
209
210	unistr2_to_ascii(name, &info6->uni_server, sizeof(name) - 1);
211	printf("Server:\t\t%s\n", name);
212	}
213
214	static void display_sam_unk_info_7(SAM_UNK_INFO_7 *info7)
215	{
216	printf("Server Role:\t%s\n", server_role_str(info7->server_role));
217	}
218
219	static void display_sam_unk_info_8(SAM_UNK_INFO_8 *info8)
220	{
221	printf("Sequence No:\t%llu\n", (unsigned long long)info8->seq_num);
222	printf("Domain Create Time:\t%s\n",
223	http_timestring(nt_time_to_unix(info8->domain_create_time)));
224	}
225
226	static void display_sam_unk_info_9(SAM_UNK_INFO_9 *info9)
227	{
228	printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown);
229	}
230
231	static void display_sam_unk_info_12(SAM_UNK_INFO_12 *info12)
232	{
233	printf("Bad password lockout duration: %s\n", display_time(info12->duration));
234	printf("Reset Lockout after: %s\n", display_time(info12->reset_count));
235	printf("Lockout after bad attempts: %d\n", info12->bad_attempt_lockout);
236	}
237
238	static void display_sam_unk_info_13(SAM_UNK_INFO_13 *info13)
239	{
240	printf("Sequence No:\t%llu\n", (unsigned long long)info13->seq_num);
241	printf("Domain Create Time:\t%s\n",
242	http_timestring(nt_time_to_unix(info13->domain_create_time)));
243	printf("Unknown1:\t%d\n", info13->unknown1);
244	printf("Unknown2:\t%d\n", info13->unknown2);
245
246	}
247
248	static void display_sam_info_1(SAM_ENTRY1 e1, SAM_STR1 s1)
249	{
250	fstring tmp;
251
252	printf("index: 0x%x ", e1->user_idx);
253	printf("RID: 0x%x ", e1->rid_user);
254	printf("acb: 0x%x ", e1->acb_info);
255
256	unistr2_to_ascii(tmp, &s1->uni_acct_name, sizeof(tmp)-1);
257	printf("Account: %s\t", tmp);
258
259	unistr2_to_ascii(tmp, &s1->uni_full_name, sizeof(tmp)-1);
260	printf("Name: %s\t", tmp);
261
262	unistr2_to_ascii(tmp, &s1->uni_acct_desc, sizeof(tmp)-1);
263	printf("Desc: %s\n", tmp);
264	}
265
266	static void display_sam_info_2(SAM_ENTRY2 e2, SAM_STR2 s2)
267	{
268	fstring tmp;
269
270	printf("index: 0x%x ", e2->user_idx);
271	printf("RID: 0x%x ", e2->rid_user);
272	printf("acb: 0x%x ", e2->acb_info);
273
274	unistr2_to_ascii(tmp, &s2->uni_srv_name, sizeof(tmp)-1);
275	printf("Account: %s\t", tmp);
276
277	unistr2_to_ascii(tmp, &s2->uni_srv_desc, sizeof(tmp)-1);
278	printf("Name: %s\n", tmp);
279
280	}
281
282	static void display_sam_info_3(SAM_ENTRY3 e3, SAM_STR3 s3)
283	{
284	fstring tmp;
285
286	printf("index: 0x%x ", e3->grp_idx);
287	printf("RID: 0x%x ", e3->rid_grp);
288	printf("attr: 0x%x ", e3->attr);
289
290	unistr2_to_ascii(tmp, &s3->uni_grp_name, sizeof(tmp)-1);
291	printf("Account: %s\t", tmp);
292
293	unistr2_to_ascii(tmp, &s3->uni_grp_desc, sizeof(tmp)-1);
294	printf("Name: %s\n", tmp);
295
296	}
297
298	static void display_sam_info_4(SAM_ENTRY4 e4, SAM_STR4 s4)
299	{
300	int i;
301
302	printf("index: %d ", e4->user_idx);
303
304	printf("Account: ");
305	for (i=0; i<s4->acct_name.str_str_len; i++)
306	printf("%c", s4->acct_name.buffer[i]);
307	printf("\n");
308
309	}
310
311	static void display_sam_info_5(SAM_ENTRY5 e5, SAM_STR5 s5)
312	{
313	int i;
314
315	printf("index: 0x%x ", e5->grp_idx);
316
317	printf("Account: ");
318	for (i=0; i<s5->grp_name.str_str_len; i++)
319	printf("%c", s5->grp_name.buffer[i]);
320	printf("\n");
321
322	}
323
324	/****************************************************************************
325	Try samr_connect4 first, then samr_conenct if it fails
326	****************************************************************************/
327	static NTSTATUS try_samr_connects(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
328	uint32 access_mask, POLICY_HND *connect_pol)
329	{
330	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
331
332	result = rpccli_samr_connect4(cli, mem_ctx, access_mask, connect_pol);
333	if (!NT_STATUS_IS_OK(result)) {
334	result = rpccli_samr_connect(cli, mem_ctx, access_mask,
335	connect_pol);
336	}
337	return result;
338	}
339
340	/**********************************************************************
341	* Query user information
342	*/
343	static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli,
344	TALLOC_CTX *mem_ctx,
345	int argc, const char **argv)
346	{
347	POLICY_HND connect_pol, domain_pol, user_pol;
348	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
349	uint32 info_level = 21;
350	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
351	SAM_USERINFO_CTR *user_ctr;
352	fstring server;
353	uint32 user_rid = 0;
354
355	if ((argc < 2) \|\| (argc > 4)) {
356	printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
357	return NT_STATUS_OK;
358	}
359
360	sscanf(argv[1], "%i", &user_rid);
361
362	if (argc > 2)
363	sscanf(argv[2], "%i", &info_level);
364
365	if (argc > 3)
366	sscanf(argv[3], "%x", &access_mask);
367
368
369	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
370	strupper_m(server);
371
372	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
373	&connect_pol);
374
375	if (!NT_STATUS_IS_OK(result))
376	goto done;
377
378	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
379	MAXIMUM_ALLOWED_ACCESS,
380	&domain_sid, &domain_pol);
381
382	if (!NT_STATUS_IS_OK(result))
383	goto done;
384
385	result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
386	access_mask,
387	user_rid, &user_pol);
388
389	if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
390	(user_rid == 0)) {
391
392	/* Probably this was a user name, try lookupnames */
393	uint32 num_rids;
394	uint32 rids, types;
395
396	result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
397	1000, 1, &argv[1],
398	&num_rids, &rids,
399	&types);
400
401	if (NT_STATUS_IS_OK(result)) {
402	result = rpccli_samr_open_user(cli, mem_ctx,
403	&domain_pol,
404	access_mask,
405	rids[0], &user_pol);
406	}
407	}
408
409
410	if (!NT_STATUS_IS_OK(result))
411	goto done;
412
413	ZERO_STRUCT(user_ctr);
414
415	result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol,
416	info_level, &user_ctr);
417
418	if (!NT_STATUS_IS_OK(result))
419	goto done;
420
421	switch (user_ctr->switch_value) {
422	case 7:
423	display_sam_user_info_7(user_ctr->info.id7);
424	break;
425	case 9:
426	display_sam_user_info_9(user_ctr->info.id9);
427	break;
428	case 16:
429	display_sam_user_info_16(user_ctr->info.id16);
430	break;
431	case 21:
432	display_sam_user_info_21(user_ctr->info.id21);
433	break;
434	default:
435	printf("Unsupported infolevel: %d\n", info_level);
436	break;
437	}
438
439	rpccli_samr_close(cli, mem_ctx, &user_pol);
440	rpccli_samr_close(cli, mem_ctx, &domain_pol);
441	rpccli_samr_close(cli, mem_ctx, &connect_pol);
442
443	done:
444	return result;
445	}
446
447	/****************************************************************************
448	display group info
449	****************************************************************************/
450	static void display_group_info1(GROUP_INFO1 *info1)
451	{
452	fstring temp;
453
454	unistr2_to_ascii(temp, &info1->uni_acct_name, sizeof(temp)-1);
455	printf("\tGroup Name:\t%s\n", temp);
456	unistr2_to_ascii(temp, &info1->uni_acct_desc, sizeof(temp)-1);
457	printf("\tDescription:\t%s\n", temp);
458	printf("\tGroup Attribute:%d\n", info1->group_attr);
459	printf("\tNum Members:%d\n", info1->num_members);
460	}
461
462	/****************************************************************************
463	display group info
464	****************************************************************************/
465	static void display_group_info2(GROUP_INFO2 *info2)
466	{
467	fstring name;
468
469	unistr2_to_ascii(name, &info2->uni_acct_name, sizeof(name)-1);
470	printf("\tGroup Description:%s\n", name);
471	}
472
473
474	/****************************************************************************
475	display group info
476	****************************************************************************/
477	static void display_group_info3(GROUP_INFO3 *info3)
478	{
479	printf("\tGroup Attribute:%d\n", info3->group_attr);
480	}
481
482
483	/****************************************************************************
484	display group info
485	****************************************************************************/
486	static void display_group_info4(GROUP_INFO4 *info4)
487	{
488	fstring desc;
489
490	unistr2_to_ascii(desc, &info4->uni_acct_desc, sizeof(desc)-1);
491	printf("\tGroup Description:%s\n", desc);
492	}
493
494	/****************************************************************************
495	display group info
496	****************************************************************************/
497	static void display_group_info5(GROUP_INFO5 *info5)
498	{
499	fstring temp;
500
501	unistr2_to_ascii(temp, &info5->uni_acct_name, sizeof(temp)-1);
502	printf("\tGroup Name:\t%s\n", temp);
503	unistr2_to_ascii(temp, &info5->uni_acct_desc, sizeof(temp)-1);
504	printf("\tDescription:\t%s\n", temp);
505	printf("\tGroup Attribute:%d\n", info5->group_attr);
506	printf("\tNum Members:%d\n", info5->num_members);
507	}
508
509	/****************************************************************************
510	display sam sync structure
511	****************************************************************************/
512	static void display_group_info_ctr(GROUP_INFO_CTR *ctr)
513	{
514	switch (ctr->switch_value1) {
515	case 1:
516	display_group_info1(&ctr->group.info1);
517	break;
518	case 2:
519	display_group_info2(&ctr->group.info2);
520	break;
521	case 3:
522	display_group_info3(&ctr->group.info3);
523	break;
524	case 4:
525	display_group_info4(&ctr->group.info4);
526	break;
527	case 5:
528	display_group_info5(&ctr->group.info5);
529	break;
530
531	}
532	}
533
534	/***********************************************************************
535	* Query group information
536	*/
537	static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli,
538	TALLOC_CTX *mem_ctx,
539	int argc, const char **argv)
540	{
541	POLICY_HND connect_pol, domain_pol, group_pol;
542	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
543	uint32 info_level = 1;
544	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
545	GROUP_INFO_CTR *group_ctr;
546	fstring server;
547	uint32 group_rid;
548
549	if ((argc < 2) \|\| (argc > 4)) {
550	printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
551	return NT_STATUS_OK;
552	}
553
554	sscanf(argv[1], "%i", &group_rid);
555
556	if (argc > 2)
557	sscanf(argv[2], "%i", &info_level);
558
559	if (argc > 3)
560	sscanf(argv[3], "%x", &access_mask);
561
562	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
563	strupper_m(server);
564
565	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
566	&connect_pol);
567
568	if (!NT_STATUS_IS_OK(result))
569	goto done;
570
571	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
572	MAXIMUM_ALLOWED_ACCESS,
573	&domain_sid, &domain_pol);
574
575	if (!NT_STATUS_IS_OK(result))
576	goto done;
577
578	result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
579	access_mask,
580	group_rid, &group_pol);
581
582	if (!NT_STATUS_IS_OK(result))
583	goto done;
584
585	result = rpccli_samr_query_groupinfo(cli, mem_ctx, &group_pol,
586	info_level, &group_ctr);
587	if (!NT_STATUS_IS_OK(result)) {
588	goto done;
589	}
590
591	display_group_info_ctr(group_ctr);
592
593	rpccli_samr_close(cli, mem_ctx, &group_pol);
594	rpccli_samr_close(cli, mem_ctx, &domain_pol);
595	rpccli_samr_close(cli, mem_ctx, &connect_pol);
596	done:
597	return result;
598	}
599
600	/* Query groups a user is a member of */
601
602	static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli,
603	TALLOC_CTX *mem_ctx,
604	int argc, const char **argv)
605	{
606	POLICY_HND connect_pol,
607	domain_pol,
608	user_pol;
609	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
610	uint32 num_groups,
611	user_rid;
612	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
613	DOM_GID *user_gids;
614	int i;
615	fstring server;
616
617	if ((argc < 2) \|\| (argc > 3)) {
618	printf("Usage: %s rid [access mask]\n", argv[0]);
619	return NT_STATUS_OK;
620	}
621
622	sscanf(argv[1], "%i", &user_rid);
623
624	if (argc > 2)
625	sscanf(argv[2], "%x", &access_mask);
626
627	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
628	strupper_m(server);
629
630	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
631	&connect_pol);
632
633	if (!NT_STATUS_IS_OK(result))
634	goto done;
635
636	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
637	MAXIMUM_ALLOWED_ACCESS,
638	&domain_sid, &domain_pol);
639
640	if (!NT_STATUS_IS_OK(result))
641	goto done;
642
643	result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
644	access_mask,
645	user_rid, &user_pol);
646
647	if (!NT_STATUS_IS_OK(result))
648	goto done;
649
650	result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol,
651	&num_groups, &user_gids);
652
653	if (!NT_STATUS_IS_OK(result))
654	goto done;
655
656	for (i = 0; i < num_groups; i++) {
657	printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
658	user_gids[i].g_rid, user_gids[i].attr);
659	}
660
661	rpccli_samr_close(cli, mem_ctx, &user_pol);
662	rpccli_samr_close(cli, mem_ctx, &domain_pol);
663	rpccli_samr_close(cli, mem_ctx, &connect_pol);
664	done:
665	return result;
666	}
667
668	/* Query aliases a user is a member of */
669
670	static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
671	TALLOC_CTX *mem_ctx,
672	int argc, const char **argv)
673	{
674	POLICY_HND connect_pol, domain_pol;
675	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
676	DOM_SID *sids;
677	size_t num_sids;
678	uint32 num_aliases, *alias_rids;
679	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
680	int i;
681	fstring server;
682	DOM_SID2 *sid2;
683
684	if (argc < 3) {
685	printf("Usage: %s builtin\|domain sid1 sid2 ...\n", argv[0]);
686	return NT_STATUS_INVALID_PARAMETER;
687	}
688
689	sids = NULL;
690	num_sids = 0;
691
692	for (i=2; i<argc; i++) {
693	DOM_SID tmp_sid;
694	if (!string_to_sid(&tmp_sid, argv[i])) {
695	printf("%s is not a legal SID\n", argv[i]);
696	return NT_STATUS_INVALID_PARAMETER;
697	}
698	if (!add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids)) {
699	return NT_STATUS_NO_MEMORY;
700	}
701	}
702
703	if (num_sids) {
704	sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids);
705	if (sid2 == NULL)
706	return NT_STATUS_NO_MEMORY;
707	} else {
708	sid2 = NULL;
709	}
710
711	for (i=0; i<num_sids; i++) {
712	sid_copy(&sid2[i].sid, &sids[i]);
713	sid2[i].num_auths = sid2[i].sid.num_auths;
714	}
715
716	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
717	strupper_m(server);
718
719	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
720	&connect_pol);
721
722	if (!NT_STATUS_IS_OK(result))
723	goto done;
724
725	if (StrCaseCmp(argv[1], "domain")==0)
726	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
727	access_mask,
728	&domain_sid, &domain_pol);
729	else if (StrCaseCmp(argv[1], "builtin")==0)
730	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
731	access_mask,
732	&global_sid_Builtin,
733	&domain_pol);
734	else {
735	printf("Usage: %s builtin\|domain sid1 sid2 ...\n", argv[0]);
736	return NT_STATUS_INVALID_PARAMETER;
737	}
738
739	if (!NT_STATUS_IS_OK(result))
740	goto done;
741
742	result = rpccli_samr_query_useraliases(cli, mem_ctx, &domain_pol,
743	num_sids, sid2,
744	&num_aliases, &alias_rids);
745
746	if (!NT_STATUS_IS_OK(result))
747	goto done;
748
749	for (i = 0; i < num_aliases; i++) {
750	printf("\tgroup rid:[0x%x]\n", alias_rids[i]);
751	}
752
753	rpccli_samr_close(cli, mem_ctx, &domain_pol);
754	rpccli_samr_close(cli, mem_ctx, &connect_pol);
755	done:
756	return result;
757	}
758
759	/* Query members of a group */
760
761	static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli,
762	TALLOC_CTX *mem_ctx,
763	int argc, const char **argv)
764	{
765	POLICY_HND connect_pol, domain_pol, group_pol;
766	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
767	uint32 num_members, group_rids, group_attrs, group_rid;
768	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
769	int i;
770	fstring server;
771	unsigned int old_timeout;
772
773	if ((argc < 2) \|\| (argc > 3)) {
774	printf("Usage: %s rid [access mask]\n", argv[0]);
775	return NT_STATUS_OK;
776	}
777
778	sscanf(argv[1], "%i", &group_rid);
779
780	if (argc > 2)
781	sscanf(argv[2], "%x", &access_mask);
782
783	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
784	strupper_m(server);
785
786	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
787	&connect_pol);
788
789	if (!NT_STATUS_IS_OK(result))
790	goto done;
791
792	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
793	MAXIMUM_ALLOWED_ACCESS,
794	&domain_sid, &domain_pol);
795
796	if (!NT_STATUS_IS_OK(result))
797	goto done;
798
799	result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
800	access_mask,
801	group_rid, &group_pol);
802
803	if (!NT_STATUS_IS_OK(result))
804	goto done;
805
806	/* Make sure to wait for our DC's reply */
807	old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
808
809	result = rpccli_samr_query_groupmem(cli, mem_ctx, &group_pol,
810	&num_members, &group_rids,
811	&group_attrs);
812
813	cli_set_timeout(cli->cli, old_timeout);
814
815	if (!NT_STATUS_IS_OK(result))
816	goto done;
817
818	for (i = 0; i < num_members; i++) {
819	printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i],
820	group_attrs[i]);
821	}
822
823	rpccli_samr_close(cli, mem_ctx, &group_pol);
824	rpccli_samr_close(cli, mem_ctx, &domain_pol);
825	rpccli_samr_close(cli, mem_ctx, &connect_pol);
826	done:
827	return result;
828	}
829
830	/* Enumerate domain users */
831
832	static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
833	TALLOC_CTX *mem_ctx,
834	int argc, const char **argv)
835	{
836	POLICY_HND connect_pol, domain_pol;
837	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
838	uint32 start_idx, size, num_dom_users, i;
839	char **dom_users;
840	uint32 *dom_rids;
841	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
842	uint32 acb_mask = ACB_NORMAL;
843	BOOL got_connect_pol = False, got_domain_pol = False;
844
845	if ((argc < 1) \|\| (argc > 3)) {
846	printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
847	return NT_STATUS_OK;
848	}
849
850	if (argc > 1)
851	sscanf(argv[1], "%x", &access_mask);
852
853	if (argc > 2)
854	sscanf(argv[2], "%x", &acb_mask);
855
856	/* Get sam policy handle */
857
858	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
859	&connect_pol);
860
861	if (!NT_STATUS_IS_OK(result))
862	goto done;
863
864	got_connect_pol = True;
865
866	/* Get domain policy handle */
867
868	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
869	access_mask,
870	&domain_sid, &domain_pol);
871
872	if (!NT_STATUS_IS_OK(result))
873	goto done;
874
875	got_domain_pol = True;
876
877	/* Enumerate domain users */
878
879	start_idx = 0;
880	size = 0xffff;
881
882	do {
883	result = rpccli_samr_enum_dom_users(
884	cli, mem_ctx, &domain_pol, &start_idx, acb_mask,
885	size, &dom_users, &dom_rids, &num_dom_users);
886
887	if (NT_STATUS_IS_OK(result) \|\|
888	NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
889
890	for (i = 0; i < num_dom_users; i++)
891	printf("user:[%s] rid:[0x%x]\n",
892	dom_users[i], dom_rids[i]);
893	}
894
895	} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
896
897	done:
898	if (got_domain_pol)
899	rpccli_samr_close(cli, mem_ctx, &domain_pol);
900
901	if (got_connect_pol)
902	rpccli_samr_close(cli, mem_ctx, &connect_pol);
903
904	return result;
905	}
906
907	/* Enumerate domain groups */
908
909	static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
910	TALLOC_CTX *mem_ctx,
911	int argc, const char **argv)
912	{
913	POLICY_HND connect_pol, domain_pol;
914	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
915	uint32 start_idx, size, num_dom_groups, i;
916	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
917	struct acct_info *dom_groups;
918	BOOL got_connect_pol = False, got_domain_pol = False;
919
920	if ((argc < 1) \|\| (argc > 2)) {
921	printf("Usage: %s [access_mask]\n", argv[0]);
922	return NT_STATUS_OK;
923	}
924
925	if (argc > 1)
926	sscanf(argv[1], "%x", &access_mask);
927
928	/* Get sam policy handle */
929
930	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
931	&connect_pol);
932
933	if (!NT_STATUS_IS_OK(result))
934	goto done;
935
936	got_connect_pol = True;
937
938	/* Get domain policy handle */
939
940	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
941	access_mask,
942	&domain_sid, &domain_pol);
943
944	if (!NT_STATUS_IS_OK(result))
945	goto done;
946
947	got_domain_pol = True;
948
949	/* Enumerate domain groups */
950
951	start_idx = 0;
952	size = 0xffff;
953
954	do {
955	result = rpccli_samr_enum_dom_groups(
956	cli, mem_ctx, &domain_pol, &start_idx, size,
957	&dom_groups, &num_dom_groups);
958
959	if (NT_STATUS_IS_OK(result) \|\|
960	NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
961
962	for (i = 0; i < num_dom_groups; i++)
963	printf("group:[%s] rid:[0x%x]\n",
964	dom_groups[i].acct_name,
965	dom_groups[i].rid);
966	}
967
968	} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
969
970	done:
971	if (got_domain_pol)
972	rpccli_samr_close(cli, mem_ctx, &domain_pol);
973
974	if (got_connect_pol)
975	rpccli_samr_close(cli, mem_ctx, &connect_pol);
976
977	return result;
978	}
979
980	/* Enumerate alias groups */
981
982	static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli,
983	TALLOC_CTX *mem_ctx,
984	int argc, const char **argv)
985	{
986	POLICY_HND connect_pol, domain_pol;
987	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
988	uint32 start_idx, size, num_als_groups, i;
989	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
990	struct acct_info *als_groups;
991	BOOL got_connect_pol = False, got_domain_pol = False;
992
993	if ((argc < 2) \|\| (argc > 3)) {
994	printf("Usage: %s builtin\|domain [access mask]\n", argv[0]);
995	return NT_STATUS_OK;
996	}
997
998	if (argc > 2)
999	sscanf(argv[2], "%x", &access_mask);
1000
1001	/* Get sam policy handle */
1002
1003	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1004	&connect_pol);
1005
1006	if (!NT_STATUS_IS_OK(result))
1007	goto done;
1008
1009	got_connect_pol = True;
1010
1011	/* Get domain policy handle */
1012
1013	if (StrCaseCmp(argv[1], "domain")==0)
1014	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1015	access_mask,
1016	&domain_sid, &domain_pol);
1017	else if (StrCaseCmp(argv[1], "builtin")==0)
1018	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1019	access_mask,
1020	&global_sid_Builtin, &domain_pol);
1021	else
1022	return NT_STATUS_OK;
1023
1024	if (!NT_STATUS_IS_OK(result))
1025	goto done;
1026
1027	got_domain_pol = True;
1028
1029	/* Enumerate alias groups */
1030
1031	start_idx = 0;
1032	size = 0xffff; /* Number of groups to retrieve */
1033
1034	do {
1035	result = rpccli_samr_enum_als_groups(
1036	cli, mem_ctx, &domain_pol, &start_idx, size,
1037	&als_groups, &num_als_groups);
1038
1039	if (NT_STATUS_IS_OK(result) \|\|
1040	NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1041
1042	for (i = 0; i < num_als_groups; i++)
1043	printf("group:[%s] rid:[0x%x]\n",
1044	als_groups[i].acct_name,
1045	als_groups[i].rid);
1046	}
1047	} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1048
1049	done:
1050	if (got_domain_pol)
1051	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1052
1053	if (got_connect_pol)
1054	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1055
1056	return result;
1057	}
1058
1059	/* Query alias membership */
1060
1061	static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli,
1062	TALLOC_CTX *mem_ctx,
1063	int argc, const char **argv)
1064	{
1065	POLICY_HND connect_pol, domain_pol, alias_pol;
1066	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1067	uint32 alias_rid, num_members, i;
1068	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1069	DOM_SID *alias_sids;
1070
1071	if ((argc < 3) \|\| (argc > 4)) {
1072	printf("Usage: %s builtin\|domain rid [access mask]\n", argv[0]);
1073	return NT_STATUS_OK;
1074	}
1075
1076	sscanf(argv[2], "%i", &alias_rid);
1077
1078	if (argc > 3)
1079	sscanf(argv[3], "%x", &access_mask);
1080
1081	/* Open SAMR handle */
1082
1083	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1084	&connect_pol);
1085
1086	if (!NT_STATUS_IS_OK(result))
1087	goto done;
1088
1089	/* Open handle on domain */
1090
1091	if (StrCaseCmp(argv[1], "domain")==0)
1092	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1093	MAXIMUM_ALLOWED_ACCESS,
1094	&domain_sid, &domain_pol);
1095	else if (StrCaseCmp(argv[1], "builtin")==0)
1096	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1097	MAXIMUM_ALLOWED_ACCESS,
1098	&global_sid_Builtin, &domain_pol);
1099	else
1100	return NT_STATUS_OK;
1101
1102	if (!NT_STATUS_IS_OK(result))
1103	goto done;
1104
1105	/* Open handle on alias */
1106
1107	result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1108	access_mask,
1109	alias_rid, &alias_pol);
1110	if (!NT_STATUS_IS_OK(result))
1111	goto done;
1112
1113	result = rpccli_samr_query_aliasmem(cli, mem_ctx, &alias_pol,
1114	&num_members, &alias_sids);
1115
1116	if (!NT_STATUS_IS_OK(result))
1117	goto done;
1118
1119	for (i = 0; i < num_members; i++) {
1120	fstring sid_str;
1121
1122	sid_to_string(sid_str, &alias_sids[i]);
1123	printf("\tsid:[%s]\n", sid_str);
1124	}
1125
1126	rpccli_samr_close(cli, mem_ctx, &alias_pol);
1127	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1128	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1129	done:
1130	return result;
1131	}
1132
1133	/* Query delete an alias membership */
1134
1135	static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli,
1136	TALLOC_CTX *mem_ctx,
1137	int argc, const char **argv)
1138	{
1139	POLICY_HND connect_pol, domain_pol, alias_pol;
1140	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1141	uint32 alias_rid;
1142	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1143
1144	if (argc != 3) {
1145	printf("Usage: %s builtin\|domain [rid\|name]\n", argv[0]);
1146	return NT_STATUS_OK;
1147	}
1148
1149	alias_rid = strtoul(argv[2], NULL, 10);
1150
1151	/* Open SAMR handle */
1152
1153	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1154	&connect_pol);
1155
1156	if (!NT_STATUS_IS_OK(result))
1157	goto done;
1158
1159	/* Open handle on domain */
1160
1161	if (StrCaseCmp(argv[1], "domain")==0)
1162	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1163	MAXIMUM_ALLOWED_ACCESS,
1164	&domain_sid, &domain_pol);
1165	else if (StrCaseCmp(argv[1], "builtin")==0)
1166	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1167	MAXIMUM_ALLOWED_ACCESS,
1168	&global_sid_Builtin, &domain_pol);
1169	else
1170	return NT_STATUS_INVALID_PARAMETER;
1171
1172	if (!NT_STATUS_IS_OK(result))
1173	goto done;
1174
1175	/* Open handle on alias */
1176
1177	result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1178	access_mask,
1179	alias_rid, &alias_pol);
1180	if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
1181	/* Probably this was a user name, try lookupnames */
1182	uint32 num_rids;
1183	uint32 rids, types;
1184
1185	result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1186	1000, 1, &argv[2],
1187	&num_rids, &rids,
1188	&types);
1189
1190	if (NT_STATUS_IS_OK(result)) {
1191	result = rpccli_samr_open_alias(cli, mem_ctx,
1192	&domain_pol,
1193	access_mask,
1194	rids[0], &alias_pol);
1195	}
1196	}
1197
1198	result = rpccli_samr_delete_dom_alias(cli, mem_ctx, &alias_pol);
1199
1200	if (!NT_STATUS_IS_OK(result))
1201	goto done;
1202
1203	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1204	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1205	done:
1206	return result;
1207	}
1208
1209	/* Query display info */
1210
1211	static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli,
1212	TALLOC_CTX *mem_ctx,
1213	int argc, const char **argv)
1214	{
1215	POLICY_HND connect_pol, domain_pol;
1216	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1217	uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i;
1218	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1219	uint32 info_level = 1;
1220	SAM_DISPINFO_CTR ctr;
1221	SAM_DISPINFO_1 info1;
1222	SAM_DISPINFO_2 info2;
1223	SAM_DISPINFO_3 info3;
1224	SAM_DISPINFO_4 info4;
1225	SAM_DISPINFO_5 info5;
1226	int loop_count = 0;
1227	BOOL got_params = False; /* Use get_query_dispinfo_params() or not? */
1228
1229	if (argc > 6) {
1230	printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1231	return NT_STATUS_OK;
1232	}
1233
1234	if (argc >= 2)
1235	sscanf(argv[1], "%i", &info_level);
1236
1237	if (argc >= 3)
1238	sscanf(argv[2], "%i", &start_idx);
1239
1240	if (argc >= 4) {
1241	sscanf(argv[3], "%i", &max_entries);
1242	got_params = True;
1243	}
1244
1245	if (argc >= 5) {
1246	sscanf(argv[4], "%i", &max_size);
1247	got_params = True;
1248	}
1249
1250	if (argc >= 6)
1251	sscanf(argv[5], "%x", &access_mask);
1252
1253	/* Get sam policy handle */
1254
1255	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1256	&connect_pol);
1257
1258	if (!NT_STATUS_IS_OK(result))
1259	goto done;
1260
1261	/* Get domain policy handle */
1262
1263	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1264	access_mask,
1265	&domain_sid, &domain_pol);
1266
1267	if (!NT_STATUS_IS_OK(result))
1268	goto done;
1269
1270	/* Query display info */
1271
1272	ZERO_STRUCT(ctr);
1273	ZERO_STRUCT(info1);
1274
1275	switch (info_level) {
1276	case 1:
1277	ZERO_STRUCT(info1);
1278	ctr.sam.info1 = &info1;
1279	break;
1280	case 2:
1281	ZERO_STRUCT(info2);
1282	ctr.sam.info2 = &info2;
1283	break;
1284	case 3:
1285	ZERO_STRUCT(info3);
1286	ctr.sam.info3 = &info3;
1287	break;
1288	case 4:
1289	ZERO_STRUCT(info4);
1290	ctr.sam.info4 = &info4;
1291	break;
1292	case 5:
1293	ZERO_STRUCT(info5);
1294	ctr.sam.info5 = &info5;
1295	break;
1296	}
1297
1298
1299	do {
1300
1301	if (!got_params)
1302	get_query_dispinfo_params(
1303	loop_count, &max_entries, &max_size);
1304
1305	result = rpccli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
1306	&start_idx, info_level,
1307	&num_entries, max_entries,
1308	max_size, &ctr);
1309
1310	loop_count++;
1311
1312	if (NT_STATUS_IS_ERR(result))
1313	break;
1314
1315	if (num_entries == 0)
1316	break;
1317
1318	for (i = 0; i < num_entries; i++) {
1319	switch (info_level) {
1320	case 1:
1321	display_sam_info_1(&ctr.sam.info1->sam[i], &ctr.sam.info1->str[i]);
1322	break;
1323	case 2:
1324	display_sam_info_2(&ctr.sam.info2->sam[i], &ctr.sam.info2->str[i]);
1325	break;
1326	case 3:
1327	display_sam_info_3(&ctr.sam.info3->sam[i], &ctr.sam.info3->str[i]);
1328	break;
1329	case 4:
1330	display_sam_info_4(&ctr.sam.info4->sam[i], &ctr.sam.info4->str[i]);
1331	break;
1332	case 5:
1333	display_sam_info_5(&ctr.sam.info5->sam[i], &ctr.sam.info5->str[i]);
1334	break;
1335	}
1336	}
1337	} while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1338
1339	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1340	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1341	done:
1342	return result;
1343	}
1344
1345	/* Query domain info */
1346
1347	static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli,
1348	TALLOC_CTX *mem_ctx,
1349	int argc, const char **argv)
1350	{
1351	POLICY_HND connect_pol, domain_pol;
1352	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1353	uint32 switch_level = 2;
1354	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1355	SAM_UNK_CTR ctr;
1356
1357	if (argc > 3) {
1358	printf("Usage: %s [info level] [access mask]\n", argv[0]);
1359	return NT_STATUS_OK;
1360	}
1361
1362	if (argc > 1)
1363	sscanf(argv[1], "%i", &switch_level);
1364
1365	if (argc > 2)
1366	sscanf(argv[2], "%x", &access_mask);
1367
1368	/* Get sam policy handle */
1369
1370	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1371	&connect_pol);
1372
1373	if (!NT_STATUS_IS_OK(result))
1374	goto done;
1375
1376	/* Get domain policy handle */
1377
1378	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1379	access_mask,
1380	&domain_sid, &domain_pol);
1381
1382	if (!NT_STATUS_IS_OK(result))
1383	goto done;
1384
1385	/* Query domain info */
1386
1387	result = rpccli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
1388	switch_level, &ctr);
1389
1390	if (!NT_STATUS_IS_OK(result))
1391	goto done;
1392
1393	/* Display domain info */
1394
1395	switch (switch_level) {
1396	case 1:
1397	display_sam_unk_info_1(&ctr.info.inf1);
1398	break;
1399	case 2:
1400	display_sam_unk_info_2(&ctr.info.inf2);
1401	break;
1402	case 3:
1403	display_sam_unk_info_3(&ctr.info.inf3);
1404	break;
1405	case 4:
1406	display_sam_unk_info_4(&ctr.info.inf4);
1407	break;
1408	case 5:
1409	display_sam_unk_info_5(&ctr.info.inf5);
1410	break;
1411	case 6:
1412	display_sam_unk_info_6(&ctr.info.inf6);
1413	break;
1414	case 7:
1415	display_sam_unk_info_7(&ctr.info.inf7);
1416	break;
1417	case 8:
1418	display_sam_unk_info_8(&ctr.info.inf8);
1419	break;
1420	case 9:
1421	display_sam_unk_info_9(&ctr.info.inf9);
1422	break;
1423	case 12:
1424	display_sam_unk_info_12(&ctr.info.inf12);
1425	break;
1426	case 13:
1427	display_sam_unk_info_13(&ctr.info.inf13);
1428	break;
1429
1430	default:
1431	printf("cannot display domain info for switch value %d\n",
1432	switch_level);
1433	break;
1434	}
1435
1436	done:
1437
1438	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1439	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1440	return result;
1441	}
1442
1443	/* Create domain user */
1444
1445	static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
1446	TALLOC_CTX *mem_ctx,
1447	int argc, const char **argv)
1448	{
1449	POLICY_HND connect_pol, domain_pol, user_pol;
1450	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1451	const char *acct_name;
1452	uint32 acb_info;
1453	uint32 acct_flags, user_rid;
1454	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1455
1456	if ((argc < 2) \|\| (argc > 3)) {
1457	printf("Usage: %s username [access mask]\n", argv[0]);
1458	return NT_STATUS_OK;
1459	}
1460
1461	acct_name = argv[1];
1462
1463	if (argc > 2)
1464	sscanf(argv[2], "%x", &access_mask);
1465
1466	/* Get sam policy handle */
1467
1468	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1469	&connect_pol);
1470
1471	if (!NT_STATUS_IS_OK(result))
1472	goto done;
1473
1474	/* Get domain policy handle */
1475
1476	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1477	access_mask,
1478	&domain_sid, &domain_pol);
1479
1480	if (!NT_STATUS_IS_OK(result))
1481	goto done;
1482
1483	/* Create domain user */
1484
1485	acb_info = ACB_NORMAL;
1486	acct_flags = SAMR_GENERIC_READ \| SAMR_GENERIC_WRITE \|
1487	SAMR_GENERIC_EXECUTE \| SAMR_STANDARD_WRITEDAC \|
1488	SAMR_STANDARD_DELETE \| SAMR_USER_SETPASS \| SAMR_USER_GETATTR \|
1489	SAMR_USER_SETATTR;
1490	DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
1491	result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1492	acct_name, acb_info, acct_flags,
1493	&user_pol, &user_rid);
1494
1495	if (!NT_STATUS_IS_OK(result))
1496	goto done;
1497
1498	result = rpccli_samr_close(cli, mem_ctx, &user_pol);
1499	if (!NT_STATUS_IS_OK(result)) goto done;
1500
1501	result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1502	if (!NT_STATUS_IS_OK(result)) goto done;
1503
1504	result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1505	if (!NT_STATUS_IS_OK(result)) goto done;
1506
1507	done:
1508	return result;
1509	}
1510
1511	/* Create domain group */
1512
1513	static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
1514	TALLOC_CTX *mem_ctx,
1515	int argc, const char **argv)
1516	{
1517	POLICY_HND connect_pol, domain_pol, group_pol;
1518	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1519	const char *grp_name;
1520	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1521
1522	if ((argc < 2) \|\| (argc > 3)) {
1523	printf("Usage: %s groupname [access mask]\n", argv[0]);
1524	return NT_STATUS_OK;
1525	}
1526
1527	grp_name = argv[1];
1528
1529	if (argc > 2)
1530	sscanf(argv[2], "%x", &access_mask);
1531
1532	/* Get sam policy handle */
1533
1534	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1535	&connect_pol);
1536
1537	if (!NT_STATUS_IS_OK(result))
1538	goto done;
1539
1540	/* Get domain policy handle */
1541
1542	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1543	access_mask,
1544	&domain_sid, &domain_pol);
1545
1546	if (!NT_STATUS_IS_OK(result))
1547	goto done;
1548
1549	/* Create domain user */
1550
1551	result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol,
1552	grp_name, MAXIMUM_ALLOWED_ACCESS,
1553	&group_pol);
1554
1555	if (!NT_STATUS_IS_OK(result))
1556	goto done;
1557
1558	result = rpccli_samr_close(cli, mem_ctx, &group_pol);
1559	if (!NT_STATUS_IS_OK(result)) goto done;
1560
1561	result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1562	if (!NT_STATUS_IS_OK(result)) goto done;
1563
1564	result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1565	if (!NT_STATUS_IS_OK(result)) goto done;
1566
1567	done:
1568	return result;
1569	}
1570
1571	/* Create domain alias */
1572
1573	static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli,
1574	TALLOC_CTX *mem_ctx,
1575	int argc, const char **argv)
1576	{
1577	POLICY_HND connect_pol, domain_pol, alias_pol;
1578	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1579	const char *alias_name;
1580	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1581
1582	if ((argc < 2) \|\| (argc > 3)) {
1583	printf("Usage: %s aliasname [access mask]\n", argv[0]);
1584	return NT_STATUS_OK;
1585	}
1586
1587	alias_name = argv[1];
1588
1589	if (argc > 2)
1590	sscanf(argv[2], "%x", &access_mask);
1591
1592	/* Get sam policy handle */
1593
1594	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1595	&connect_pol);
1596
1597	if (!NT_STATUS_IS_OK(result))
1598	goto done;
1599
1600	/* Get domain policy handle */
1601
1602	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1603	access_mask,
1604	&domain_sid, &domain_pol);
1605
1606	if (!NT_STATUS_IS_OK(result))
1607	goto done;
1608
1609	/* Create domain user */
1610
1611	result = rpccli_samr_create_dom_alias(cli, mem_ctx, &domain_pol,
1612	alias_name, &alias_pol);
1613
1614	if (!NT_STATUS_IS_OK(result))
1615	goto done;
1616
1617	result = rpccli_samr_close(cli, mem_ctx, &alias_pol);
1618	if (!NT_STATUS_IS_OK(result)) goto done;
1619
1620	result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1621	if (!NT_STATUS_IS_OK(result)) goto done;
1622
1623	result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1624	if (!NT_STATUS_IS_OK(result)) goto done;
1625
1626	done:
1627	return result;
1628	}
1629
1630	/* Lookup sam names */
1631
1632	static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli,
1633	TALLOC_CTX *mem_ctx,
1634	int argc, const char **argv)
1635	{
1636	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1637	POLICY_HND connect_pol, domain_pol;
1638	uint32 flags = 0x000003e8; /* Unknown */
1639	uint32 num_rids, num_names, name_types, rids;
1640	const char **names;
1641	int i;
1642
1643	if (argc < 3) {
1644	printf("Usage: %s domain\|builtin name1 [name2 [name3] [...]]\n", argv[0]);
1645	printf("check on the domain SID: S-1-5-21-x-y-z\n");
1646	printf("or check on the builtin SID: S-1-5-32\n");
1647	return NT_STATUS_OK;
1648	}
1649
1650	/* Get sam policy and domain handles */
1651
1652	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1653	&connect_pol);
1654
1655	if (!NT_STATUS_IS_OK(result))
1656	goto done;
1657
1658	if (StrCaseCmp(argv[1], "domain")==0)
1659	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1660	MAXIMUM_ALLOWED_ACCESS,
1661	&domain_sid, &domain_pol);
1662	else if (StrCaseCmp(argv[1], "builtin")==0)
1663	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1664	MAXIMUM_ALLOWED_ACCESS,
1665	&global_sid_Builtin, &domain_pol);
1666	else
1667	return NT_STATUS_OK;
1668
1669	if (!NT_STATUS_IS_OK(result))
1670	goto done;
1671
1672	/* Look up names */
1673
1674	num_names = argc - 2;
1675	if (num_names) {
1676	if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
1677	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1678	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1679	result = NT_STATUS_NO_MEMORY;
1680	goto done;
1681	}
1682	} else {
1683	names = NULL;
1684	}
1685
1686	for (i = 0; i < argc - 2; i++)
1687	names[i] = argv[i + 2];
1688
1689	result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1690	flags, num_names, names,
1691	&num_rids, &rids, &name_types);
1692
1693	if (!NT_STATUS_IS_OK(result))
1694	goto done;
1695
1696	/* Display results */
1697
1698	for (i = 0; i < num_names; i++)
1699	printf("name %s: 0x%x (%d)\n", names[i], rids[i],
1700	name_types[i]);
1701
1702	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1703	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1704	done:
1705	return result;
1706	}
1707
1708	/* Lookup sam rids */
1709
1710	static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
1711	TALLOC_CTX *mem_ctx,
1712	int argc, const char **argv)
1713	{
1714	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1715	POLICY_HND connect_pol, domain_pol;
1716	uint32 num_rids, num_names, rids, name_types;
1717	char **names;
1718	int i;
1719
1720	if (argc < 3) {
1721	printf("Usage: %s domain\|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
1722	return NT_STATUS_OK;
1723	}
1724
1725	/* Get sam policy and domain handles */
1726
1727	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1728	&connect_pol);
1729
1730	if (!NT_STATUS_IS_OK(result))
1731	goto done;
1732
1733	if (StrCaseCmp(argv[1], "domain")==0)
1734	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1735	MAXIMUM_ALLOWED_ACCESS,
1736	&domain_sid, &domain_pol);
1737	else if (StrCaseCmp(argv[1], "builtin")==0)
1738	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1739	MAXIMUM_ALLOWED_ACCESS,
1740	&global_sid_Builtin, &domain_pol);
1741	else
1742	return NT_STATUS_OK;
1743
1744	if (!NT_STATUS_IS_OK(result))
1745	goto done;
1746
1747	/* Look up rids */
1748
1749	num_rids = argc - 2;
1750	if (num_rids) {
1751	if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
1752	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1753	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1754	result = NT_STATUS_NO_MEMORY;
1755	goto done;
1756	}
1757	} else {
1758	rids = NULL;
1759	}
1760
1761	for (i = 0; i < argc - 2; i++)
1762	sscanf(argv[i + 2], "%i", &rids[i]);
1763
1764	result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
1765	&num_names, &names, &name_types);
1766
1767	if (!NT_STATUS_IS_OK(result) &&
1768	!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1769	goto done;
1770
1771	/* Display results */
1772
1773	for (i = 0; i < num_names; i++)
1774	printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]);
1775
1776	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1777	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1778	done:
1779	return result;
1780	}
1781
1782	/* Delete domain user */
1783
1784	static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli,
1785	TALLOC_CTX *mem_ctx,
1786	int argc, const char **argv)
1787	{
1788	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1789	POLICY_HND connect_pol, domain_pol, user_pol;
1790	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1791
1792	if ((argc < 2) \|\| (argc > 3)) {
1793	printf("Usage: %s username\n", argv[0]);
1794	return NT_STATUS_OK;
1795	}
1796
1797	if (argc > 2)
1798	sscanf(argv[2], "%x", &access_mask);
1799
1800	/* Get sam policy and domain handles */
1801
1802	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1803	&connect_pol);
1804
1805	if (!NT_STATUS_IS_OK(result))
1806	goto done;
1807
1808	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1809	MAXIMUM_ALLOWED_ACCESS,
1810	&domain_sid, &domain_pol);
1811
1812	if (!NT_STATUS_IS_OK(result))
1813	goto done;
1814
1815	/* Get handle on user */
1816
1817	{
1818	uint32 user_rids, num_rids, name_types;
1819	uint32 flags = 0x000003e8; /* Unknown */
1820
1821	result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1822	flags, 1, (const char **)&argv[1],
1823	&num_rids, &user_rids,
1824	&name_types);
1825
1826	if (!NT_STATUS_IS_OK(result))
1827	goto done;
1828
1829	result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1830	access_mask,
1831	user_rids[0], &user_pol);
1832
1833	if (!NT_STATUS_IS_OK(result))
1834	goto done;
1835	}
1836
1837	/* Delete user */
1838
1839	result = rpccli_samr_delete_dom_user(cli, mem_ctx, &user_pol);
1840
1841	if (!NT_STATUS_IS_OK(result))
1842	goto done;
1843
1844	/* Display results */
1845
1846	rpccli_samr_close(cli, mem_ctx, &user_pol);
1847	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1848	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1849
1850	done:
1851	return result;
1852	}
1853
1854	/**********************************************************************
1855	* Query user security object
1856	*/
1857	static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
1858	TALLOC_CTX *mem_ctx,
1859	int argc, const char **argv)
1860	{
1861	POLICY_HND connect_pol, domain_pol, user_pol, *pol;
1862	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1863	uint32 sec_info = DACL_SECURITY_INFORMATION;
1864	fstring server;
1865	uint32 user_rid = 0;
1866	TALLOC_CTX *ctx = NULL;
1867	SEC_DESC_BUF *sec_desc_buf=NULL;
1868	BOOL domain = False;
1869
1870	ctx=talloc_init("cmd_samr_query_sec_obj");
1871
1872	if ((argc < 1) \|\| (argc > 3)) {
1873	printf("Usage: %s [rid\|-d] [sec_info]\n", argv[0]);
1874	printf("\tSpecify rid for security on user, -d for security on domain\n");
1875	talloc_destroy(ctx);
1876	return NT_STATUS_OK;
1877	}
1878
1879	if (argc > 1) {
1880	if (strcmp(argv[1], "-d") == 0)
1881	domain = True;
1882	else
1883	sscanf(argv[1], "%i", &user_rid);
1884	}
1885
1886	if (argc == 3) {
1887	sec_info = atoi(argv[2]);
1888	}
1889
1890	slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
1891	strupper_m(server);
1892	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1893	&connect_pol);
1894
1895	if (!NT_STATUS_IS_OK(result))
1896	goto done;
1897
1898	if (domain \|\| user_rid)
1899	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1900	MAXIMUM_ALLOWED_ACCESS,
1901	&domain_sid, &domain_pol);
1902
1903	if (!NT_STATUS_IS_OK(result))
1904	goto done;
1905
1906	if (user_rid)
1907	result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1908	MAXIMUM_ALLOWED_ACCESS,
1909	user_rid, &user_pol);
1910
1911	if (!NT_STATUS_IS_OK(result))
1912	goto done;
1913
1914	/* Pick which query pol to use */
1915
1916	pol = &connect_pol;
1917
1918	if (domain)
1919	pol = &domain_pol;
1920
1921	if (user_rid)
1922	pol = &user_pol;
1923
1924	/* Query SAM security object */
1925
1926	result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx,
1927	&sec_desc_buf);
1928
1929	if (!NT_STATUS_IS_OK(result))
1930	goto done;
1931
1932	display_sec_desc(sec_desc_buf->sec);
1933
1934	rpccli_samr_close(cli, mem_ctx, &user_pol);
1935	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1936	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1937	done:
1938	talloc_destroy(ctx);
1939	return result;
1940	}
1941
1942	static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli,
1943	TALLOC_CTX *mem_ctx,
1944	int argc, const char **argv)
1945	{
1946	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1947	POLICY_HND connect_pol, domain_pol, user_pol;
1948	uint16 min_pwd_length;
1949	uint32 password_properties, unknown1, rid;
1950
1951	if (argc != 2) {
1952	printf("Usage: %s rid\n", argv[0]);
1953	return NT_STATUS_OK;
1954	}
1955
1956	sscanf(argv[1], "%i", &rid);
1957
1958	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1959	&connect_pol);
1960
1961	if (!NT_STATUS_IS_OK(result)) {
1962	goto done;
1963	}
1964
1965	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1966	MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol);
1967
1968	if (!NT_STATUS_IS_OK(result)) {
1969	goto done;
1970	}
1971
1972	result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1973	MAXIMUM_ALLOWED_ACCESS,
1974	rid, &user_pol);
1975
1976	if (!NT_STATUS_IS_OK(result)) {
1977	goto done;
1978	}
1979
1980	result = rpccli_samr_get_usrdom_pwinfo(cli, mem_ctx, &user_pol,
1981	&min_pwd_length, &password_properties,
1982	&unknown1) ;
1983
1984	if (NT_STATUS_IS_OK(result)) {
1985	printf("min_pwd_length: %d\n", min_pwd_length);
1986	printf("unknown1: %d\n", unknown1);
1987	display_password_properties(password_properties);
1988	}
1989
1990	done:
1991	rpccli_samr_close(cli, mem_ctx, &user_pol);
1992	rpccli_samr_close(cli, mem_ctx, &domain_pol);
1993	rpccli_samr_close(cli, mem_ctx, &connect_pol);
1994
1995	return result;
1996	}
1997
1998
1999	static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
2000	TALLOC_CTX *mem_ctx,
2001	int argc, const char **argv)
2002	{
2003	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2004	uint16 min_pwd_length;
2005	uint32 password_properties;
2006
2007	if (argc != 1) {
2008	printf("Usage: %s\n", argv[0]);
2009	return NT_STATUS_OK;
2010	}
2011
2012	result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &min_pwd_length, &password_properties) ;
2013
2014	if (NT_STATUS_IS_OK(result)) {
2015	printf("min_pwd_length: %d\n", min_pwd_length);
2016	display_password_properties(password_properties);
2017	}
2018
2019	return result;
2020	}
2021
2022	/* Look up domain name */
2023
2024	static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli,
2025	TALLOC_CTX *mem_ctx,
2026	int argc, const char **argv)
2027	{
2028	POLICY_HND connect_pol, domain_pol;
2029	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2030	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2031	fstring domain_name,sid_string;
2032	DOM_SID sid;
2033
2034	if (argc != 2) {
2035	printf("Usage: %s domain_name\n", argv[0]);
2036	return NT_STATUS_OK;
2037	}
2038
2039	sscanf(argv[1], "%s", domain_name);
2040
2041	result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol);
2042
2043	if (!NT_STATUS_IS_OK(result))
2044	goto done;
2045
2046	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2047	access_mask, &domain_sid, &domain_pol);
2048
2049	if (!NT_STATUS_IS_OK(result))
2050	goto done;
2051
2052	result = rpccli_samr_lookup_domain(
2053	cli, mem_ctx, &connect_pol, domain_name, &sid);
2054
2055	sid_to_string(sid_string,&sid);
2056
2057	if (NT_STATUS_IS_OK(result))
2058	printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2059	domain_name,sid_string);
2060
2061	rpccli_samr_close(cli, mem_ctx, &domain_pol);
2062	rpccli_samr_close(cli, mem_ctx, &connect_pol);
2063	done:
2064	return result;
2065	}
2066
2067	/* Change user password */
2068
2069	static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli,
2070	TALLOC_CTX *mem_ctx,
2071	int argc, const char **argv)
2072	{
2073	POLICY_HND connect_pol, domain_pol;
2074	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2075	const char user, oldpass, *newpass;
2076	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2077
2078	if (argc < 3) {
2079	printf("Usage: %s username oldpass newpass\n", argv[0]);
2080	return NT_STATUS_INVALID_PARAMETER;
2081	}
2082
2083	user = argv[1];
2084	oldpass = argv[2];
2085	newpass = argv[3];
2086
2087	/* Get sam policy handle */
2088
2089	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2090	&connect_pol);
2091
2092	if (!NT_STATUS_IS_OK(result))
2093	goto done;
2094
2095	/* Get domain policy handle */
2096
2097	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2098	access_mask,
2099	&domain_sid, &domain_pol);
2100
2101	if (!NT_STATUS_IS_OK(result))
2102	goto done;
2103
2104	/* Change user password */
2105	result = rpccli_samr_chgpasswd_user(cli, mem_ctx, user, newpass, oldpass);
2106
2107	if (!NT_STATUS_IS_OK(result))
2108	goto done;
2109
2110	result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
2111	if (!NT_STATUS_IS_OK(result)) goto done;
2112
2113	result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
2114	if (!NT_STATUS_IS_OK(result)) goto done;
2115
2116	done:
2117	return result;
2118	}
2119
2120
2121	/* Change user password */
2122
2123	static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli,
2124	TALLOC_CTX *mem_ctx,
2125	int argc, const char **argv)
2126	{
2127	POLICY_HND connect_pol, domain_pol;
2128	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2129	const char user, oldpass, *newpass;
2130	uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2131	SAM_UNK_INFO_1 info;
2132	SAMR_CHANGE_REJECT reject;
2133
2134	if (argc < 3) {
2135	printf("Usage: %s username oldpass newpass\n", argv[0]);
2136	return NT_STATUS_INVALID_PARAMETER;
2137	}
2138
2139	user = argv[1];
2140	oldpass = argv[2];
2141	newpass = argv[3];
2142
2143	/* Get sam policy handle */
2144
2145	result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2146	&connect_pol);
2147
2148	if (!NT_STATUS_IS_OK(result))
2149	goto done;
2150
2151	/* Get domain policy handle */
2152
2153	result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2154	access_mask,
2155	&domain_sid, &domain_pol);
2156
2157	if (!NT_STATUS_IS_OK(result))
2158	goto done;
2159
2160	/* Change user password */
2161	result = rpccli_samr_chgpasswd3(cli, mem_ctx, user, newpass, oldpass, &info, &reject);
2162
2163	if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
2164
2165	display_sam_unk_info_1(&info);
2166
2167	switch (reject.reject_reason) {
2168	case REJECT_REASON_TOO_SHORT:
2169	d_printf("REJECT_REASON_TOO_SHORT\n");
2170	break;
2171	case REJECT_REASON_IN_HISTORY:
2172	d_printf("REJECT_REASON_IN_HISTORY\n");
2173	break;
2174	case REJECT_REASON_NOT_COMPLEX:
2175	d_printf("REJECT_REASON_NOT_COMPLEX\n");
2176	break;
2177	case REJECT_REASON_OTHER:
2178	d_printf("REJECT_REASON_OTHER\n");
2179	break;
2180	default:
2181	d_printf("unknown reject reason: %d\n", reject.reject_reason);
2182	break;
2183	}
2184	}
2185
2186	if (!NT_STATUS_IS_OK(result))
2187	goto done;
2188
2189	result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
2190	if (!NT_STATUS_IS_OK(result)) goto done;
2191
2192	result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
2193	if (!NT_STATUS_IS_OK(result)) goto done;
2194
2195	done:
2196	return result;
2197	}
2198
2199	/* List of commands exported by this module */
2200
2201	struct cmd_set samr_commands[] = {
2202
2203	{ "SAMR" },
2204
2205	{ "queryuser", RPC_RTYPE_NTSTATUS, cmd_samr_query_user, NULL, PI_SAMR, NULL, "Query user info", "" },
2206	{ "querygroup", RPC_RTYPE_NTSTATUS, cmd_samr_query_group, NULL, PI_SAMR, NULL, "Query group info", "" },
2207	{ "queryusergroups", RPC_RTYPE_NTSTATUS, cmd_samr_query_usergroups, NULL, PI_SAMR, NULL, "Query user groups", "" },
2208	{ "queryuseraliases", RPC_RTYPE_NTSTATUS, cmd_samr_query_useraliases, NULL, PI_SAMR, NULL, "Query user aliases", "" },
2209	{ "querygroupmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_groupmem, NULL, PI_SAMR, NULL, "Query group membership", "" },
2210	{ "queryaliasmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_aliasmem, NULL, PI_SAMR, NULL, "Query alias membership", "" },
2211	{ "deletealias", RPC_RTYPE_NTSTATUS, cmd_samr_delete_alias, NULL, PI_SAMR, NULL, "Delete an alias", "" },
2212	{ "querydispinfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dispinfo, NULL, PI_SAMR, NULL, "Query display info", "" },
2213	{ "querydominfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dominfo, NULL, PI_SAMR, NULL, "Query domain info", "" },
2214	{ "enumdomusers", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_users, NULL, PI_SAMR, NULL, "Enumerate domain users", "" },
2215	{ "enumdomgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_groups, NULL, PI_SAMR, NULL, "Enumerate domain groups", "" },
2216	{ "enumalsgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_als_groups, NULL, PI_SAMR, NULL, "Enumerate alias groups", "" },
2217
2218	{ "createdomuser", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user, NULL, PI_SAMR, NULL, "Create domain user", "" },
2219	{ "createdomgroup", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group, NULL, PI_SAMR, NULL, "Create domain group", "" },
2220	{ "createdomalias", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias, NULL, PI_SAMR, NULL, "Create domain alias", "" },
2221	{ "samlookupnames", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names, NULL, PI_SAMR, NULL, "Look up names", "" },
2222	{ "samlookuprids", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids, NULL, PI_SAMR, NULL, "Look up names", "" },
2223	{ "deletedomuser", RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user, NULL, PI_SAMR, NULL, "Delete domain user", "" },
2224	{ "samquerysecobj", RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj, NULL, PI_SAMR, NULL, "Query SAMR security object", "" },
2225	{ "getdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
2226	{ "getusrdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_usrdom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve user domain password info", "" },
2227
2228	{ "lookupdomain", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain, NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
2229	{ "chgpasswd2", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2, NULL, PI_SAMR, NULL, "Change user password", "" },
2230	{ "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, PI_SAMR, NULL, "Change user password", "" },
2231	{ NULL }
2232	};

Note: See TracBrowser for help on using the repository browser.

Download in other formats: