Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

cmd_lsarpc.c

Visit:

Last change on this file was 988, checked in by Silvan Scherrer, 9 years ago
Samba Server: update vendor to version 4.4.3
File size: 54.9 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	RPC pipe client
4
5	Copyright (C) Tim Potter 2000
6	Copyright (C) Rafal Szczesniak 2002
7	Copyright (C) Guenther Deschner 2008
8
9	This program is free software; you can redistribute it and/or modify
10	it under the terms of the GNU General Public License as published by
11	the Free Software Foundation; either version 3 of the License, or
12	(at your option) any later version.
13
14	This program is distributed in the hope that it will be useful,
15	but WITHOUT ANY WARRANTY; without even the implied warranty of
16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17	GNU General Public License for more details.
18
19	You should have received a copy of the GNU General Public License
20	along with this program. If not, see <http://www.gnu.org/licenses/>.
21	*/
22
23	#include "includes.h"
24	#include "rpcclient.h"
25	#include "../libcli/auth/libcli_auth.h"
26	#include "../librpc/gen_ndr/ndr_lsa.h"
27	#include "../librpc/gen_ndr/ndr_lsa_c.h"
28	#include "rpc_client/cli_lsarpc.h"
29	#include "rpc_client/init_lsa.h"
30	#include "../libcli/security/security.h"
31
32	/* useful function to allow entering a name instead of a SID and
33	* looking it up automatically */
34	static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
35	TALLOC_CTX *mem_ctx,
36	struct dom_sid sid, const char name)
37	{
38	struct policy_handle pol;
39	enum lsa_SidType *sid_types;
40	NTSTATUS status, result;
41	struct dom_sid *sids;
42	struct dcerpc_binding_handle *b = cli->binding_handle;
43
44	/* maybe its a raw SID */
45	if (strncmp(name, "S-", 2) == 0 &&
46	string_to_sid(sid, name)) {
47	return NT_STATUS_OK;
48	}
49
50	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
51	SEC_FLAG_MAXIMUM_ALLOWED,
52	&pol);
53	if (!NT_STATUS_IS_OK(status))
54	goto done;
55
56	status = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, NULL, 1, &sids, &sid_types);
57	if (!NT_STATUS_IS_OK(status))
58	goto done;
59
60	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
61
62	*sid = sids[0];
63
64	done:
65	return status;
66	}
67
68	static void display_query_info_1(struct lsa_AuditLogInfo *r)
69	{
70	d_printf("percent_full:\t%d\n", r->percent_full);
71	d_printf("maximum_log_size:\t%d\n", r->maximum_log_size);
72	d_printf("retention_time:\t%lld\n", (long long)r->retention_time);
73	d_printf("shutdown_in_progress:\t%d\n", r->shutdown_in_progress);
74	d_printf("time_to_shutdown:\t%lld\n", (long long)r->time_to_shutdown);
75	d_printf("next_audit_record:\t%d\n", r->next_audit_record);
76	}
77
78	static void display_query_info_2(struct lsa_AuditEventsInfo *r)
79	{
80	int i;
81	d_printf("Auditing enabled:\t%d\n", r->auditing_mode);
82	d_printf("Auditing categories:\t%d\n", r->count);
83	d_printf("Auditsettings:\n");
84	for (i=0; i<r->count; i++) {
85	const char *val = audit_policy_str(talloc_tos(), r->settings[i]);
86	const char *policy = audit_description_str(i);
87	d_printf("%s:\t%s\n", policy, val);
88	}
89	}
90
91	static void display_query_info_3(struct lsa_DomainInfo *r)
92	{
93	d_printf("Domain Name: %s\n", r->name.string);
94	d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
95	}
96
97	static void display_query_info_5(struct lsa_DomainInfo *r)
98	{
99	d_printf("Domain Name: %s\n", r->name.string);
100	d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
101	}
102
103	static void display_query_info_10(struct lsa_AuditFullSetInfo *r)
104	{
105	d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
106	}
107
108	static void display_query_info_11(struct lsa_AuditFullQueryInfo *r)
109	{
110	d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
111	d_printf("Log is full: %d\n", r->log_is_full);
112	}
113
114	static void display_query_info_12(struct lsa_DnsDomainInfo *r)
115	{
116	d_printf("Domain NetBios Name: %s\n", r->name.string);
117	d_printf("Domain DNS Name: %s\n", r->dns_domain.string);
118	d_printf("Domain Forest Name: %s\n", r->dns_forest.string);
119	d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
120	d_printf("Domain GUID: %s\n", GUID_string(talloc_tos(),
121	&r->domain_guid));
122	}
123
124	static void display_lsa_query_info(union lsa_PolicyInformation *info,
125	enum lsa_PolicyInfo level)
126	{
127	switch (level) {
128	case 1:
129	display_query_info_1(&info->audit_log);
130	break;
131	case 2:
132	display_query_info_2(&info->audit_events);
133	break;
134	case 3:
135	display_query_info_3(&info->domain);
136	break;
137	case 5:
138	display_query_info_5(&info->account_domain);
139	break;
140	case 10:
141	display_query_info_10(&info->auditfullset);
142	break;
143	case 11:
144	display_query_info_11(&info->auditfullquery);
145	break;
146	case 12:
147	display_query_info_12(&info->dns);
148	break;
149	default:
150	printf("can't display info level: %d\n", level);
151	break;
152	}
153	}
154
155	static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
156	TALLOC_CTX *mem_ctx, int argc,
157	const char **argv)
158	{
159	struct policy_handle pol;
160	NTSTATUS status, result;
161	union lsa_PolicyInformation *info = NULL;
162	struct dcerpc_binding_handle *b = cli->binding_handle;
163
164	uint32_t info_class = 3;
165
166	if (argc > 2) {
167	printf("Usage: %s [info_class]\n", argv[0]);
168	return NT_STATUS_OK;
169	}
170
171	if (argc == 2)
172	info_class = atoi(argv[1]);
173
174	switch (info_class) {
175	case 12:
176	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
177	SEC_FLAG_MAXIMUM_ALLOWED,
178	&pol);
179
180	if (!NT_STATUS_IS_OK(status))
181	goto done;
182
183	status = dcerpc_lsa_QueryInfoPolicy2(b, mem_ctx,
184	&pol,
185	info_class,
186	&info,
187	&result);
188	break;
189	default:
190	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
191	SEC_FLAG_MAXIMUM_ALLOWED,
192	&pol);
193
194	if (!NT_STATUS_IS_OK(status))
195	goto done;
196
197	status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
198	&pol,
199	info_class,
200	&info,
201	&result);
202	}
203
204	if (!NT_STATUS_IS_OK(status)) {
205	goto done;
206	}
207	status = result;
208	if (NT_STATUS_IS_OK(result)) {
209	display_lsa_query_info(info, info_class);
210	}
211
212	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
213
214	done:
215	return status;
216	}
217
218	/* Resolve a list of names to a list of sids */
219
220	static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
221	TALLOC_CTX *mem_ctx, int argc,
222	const char **argv)
223	{
224	struct policy_handle pol;
225	NTSTATUS status, result;
226	struct dom_sid *sids;
227	enum lsa_SidType *types;
228	int i;
229	struct dcerpc_binding_handle *b = cli->binding_handle;
230
231	if (argc == 1) {
232	printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
233	return NT_STATUS_OK;
234	}
235
236	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
237	SEC_FLAG_MAXIMUM_ALLOWED,
238	&pol);
239
240	if (!NT_STATUS_IS_OK(status))
241	goto done;
242
243	status = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
244	(const char**)(argv + 1), NULL, 1, &sids, &types);
245
246	if (!NT_STATUS_IS_OK(status) && NT_STATUS_V(status) !=
247	NT_STATUS_V(STATUS_SOME_UNMAPPED))
248	goto done;
249
250	status = NT_STATUS_OK;
251
252	/* Print results */
253
254	for (i = 0; i < (argc - 1); i++) {
255	fstring sid_str;
256	sid_to_fstring(sid_str, &sids[i]);
257	printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
258	sid_type_lookup(types[i]), types[i]);
259	}
260
261	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
262
263	done:
264	return status;
265	}
266
267	/* Resolve a list of names to a list of sids */
268
269	static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli,
270	TALLOC_CTX *mem_ctx, int argc,
271	const char **argv)
272	{
273	struct policy_handle pol;
274	NTSTATUS status, result;
275	struct dom_sid *sids;
276	enum lsa_SidType *types;
277	int i, level;
278	struct dcerpc_binding_handle *b = cli->binding_handle;
279
280	if (argc < 3) {
281	printf("Usage: %s [level] [name1 [name2 [...]]]\n", argv[0]);
282	return NT_STATUS_OK;
283	}
284
285	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
286	SEC_FLAG_MAXIMUM_ALLOWED,
287	&pol);
288
289	if (!NT_STATUS_IS_OK(status))
290	goto done;
291
292	level = atoi(argv[1]);
293
294	status = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 2,
295	(const char**)(argv + 2), NULL, level, &sids, &types);
296
297	if (!NT_STATUS_IS_OK(status) && NT_STATUS_V(status) !=
298	NT_STATUS_V(STATUS_SOME_UNMAPPED))
299	goto done;
300
301	status = NT_STATUS_OK;
302
303	/* Print results */
304
305	for (i = 0; i < (argc - 2); i++) {
306	fstring sid_str;
307	sid_to_fstring(sid_str, &sids[i]);
308	printf("%s %s (%s: %d)\n", argv[i + 2], sid_str,
309	sid_type_lookup(types[i]), types[i]);
310	}
311
312	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
313
314	done:
315	return status;
316	}
317
318	static NTSTATUS cmd_lsa_lookup_names4(struct rpc_pipe_client *cli,
319	TALLOC_CTX *mem_ctx, int argc,
320	const char **argv)
321	{
322	NTSTATUS status, result;
323
324	uint32_t num_names;
325	struct lsa_String *names;
326	struct lsa_RefDomainList *domains = NULL;
327	struct lsa_TransSidArray3 sids;
328	uint32_t count = 0;
329	int i;
330	struct dcerpc_binding_handle *b = cli->binding_handle;
331
332	if (argc == 1) {
333	printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
334	return NT_STATUS_OK;
335	}
336
337	ZERO_STRUCT(sids);
338
339	num_names = argc-1;
340	names = talloc_array(mem_ctx, struct lsa_String, num_names);
341	NT_STATUS_HAVE_NO_MEMORY(names);
342
343	for (i=0; i < num_names; i++) {
344	init_lsa_String(&names[i], argv[i+1]);
345	}
346
347	status = dcerpc_lsa_LookupNames4(b, mem_ctx,
348	num_names,
349	names,
350	&domains,
351	&sids,
352	1,
353	&count,
354	0,
355	0,
356	&result);
357	if (!NT_STATUS_IS_OK(status)) {
358	return status;
359	}
360	if (!NT_STATUS_IS_OK(result)) {
361	return result;
362	}
363
364	if (sids.count != num_names) {
365	return NT_STATUS_INVALID_NETWORK_RESPONSE;
366	}
367
368	for (i = 0; i < sids.count; i++) {
369	fstring sid_str;
370	sid_to_fstring(sid_str, sids.sids[i].sid);
371	printf("%s %s (%s: %d)\n", argv[i+1], sid_str,
372	sid_type_lookup(sids.sids[i].sid_type),
373	sids.sids[i].sid_type);
374	}
375
376	return status;
377	}
378
379	/* Resolve a list of SIDs to a list of names */
380
381	static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client cli, TALLOC_CTX mem_ctx,
382	int argc, const char **argv)
383	{
384	struct policy_handle pol;
385	NTSTATUS status, result;
386	struct dom_sid *sids;
387	char **domains;
388	char **names;
389	enum lsa_SidType *types;
390	int i;
391	struct dcerpc_binding_handle *b = cli->binding_handle;
392
393	if (argc == 1) {
394	printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
395	return NT_STATUS_OK;
396	}
397
398	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
399	SEC_FLAG_MAXIMUM_ALLOWED,
400	&pol);
401
402	if (!NT_STATUS_IS_OK(status))
403	goto done;
404
405	/* Convert arguments to sids */
406
407	sids = talloc_array(mem_ctx, struct dom_sid, argc - 1);
408
409	if (!sids) {
410	printf("could not allocate memory for %d sids\n", argc - 1);
411	goto done;
412	}
413
414	for (i = 0; i < argc - 1; i++)
415	if (!string_to_sid(&sids[i], argv[i + 1])) {
416	status = NT_STATUS_INVALID_SID;
417	goto done;
418	}
419
420	/* Lookup the SIDs */
421
422	status = rpccli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
423	&domains, &names, &types);
424
425	if (!NT_STATUS_IS_OK(status) && NT_STATUS_V(status) !=
426	NT_STATUS_V(STATUS_SOME_UNMAPPED))
427	goto done;
428
429	status = NT_STATUS_OK;
430
431	/* Print results */
432
433	for (i = 0; i < (argc - 1); i++) {
434	fstring sid_str;
435
436	sid_to_fstring(sid_str, &sids[i]);
437	if (types[i] == SID_NAME_DOMAIN) {
438	printf("%s %s (%d)\n", sid_str,
439	domains[i] ? domains[i] : "unknown",
440	types[i]);
441	} else {
442	printf("%s %s\\%s (%d)\n", sid_str,
443	domains[i] ? domains[i] : "unknown",
444	names[i] ? names[i] : "unknown",
445	types[i]);
446	}
447	}
448
449	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
450
451	done:
452	return status;
453	}
454
455	/* Resolve a list of SIDs to a list of names */
456
457	static NTSTATUS cmd_lsa_lookup_sids3(struct rpc_pipe_client *cli,
458	TALLOC_CTX *mem_ctx,
459	int argc, const char **argv)
460	{
461	NTSTATUS status = NT_STATUS_UNSUCCESSFUL, result;
462	int i;
463	struct lsa_SidArray sids;
464	struct lsa_RefDomainList *domains = NULL;
465	struct lsa_TransNameArray2 names;
466	uint32_t count = 0;
467	struct dcerpc_binding_handle *b = cli->binding_handle;
468
469	if (argc == 1) {
470	printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
471	return NT_STATUS_OK;
472	}
473
474	ZERO_STRUCT(names);
475
476	/* Convert arguments to sids */
477
478	sids.num_sids = argc-1;
479	sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, sids.num_sids);
480	if (!sids.sids) {
481	printf("could not allocate memory for %d sids\n", sids.num_sids);
482	goto done;
483	}
484
485	for (i = 0; i < sids.num_sids; i++) {
486	sids.sids[i].sid = talloc(sids.sids, struct dom_sid);
487	if (sids.sids[i].sid == NULL) {
488	status = NT_STATUS_NO_MEMORY;
489	goto done;
490	}
491	if (!string_to_sid(sids.sids[i].sid, argv[i+1])) {
492	status = NT_STATUS_INVALID_SID;
493	goto done;
494	}
495	}
496
497	/* Lookup the SIDs */
498	status = dcerpc_lsa_LookupSids3(b, mem_ctx,
499	&sids,
500	&domains,
501	&names,
502	1,
503	&count,
504	0,
505	0,
506	&result);
507	if (!NT_STATUS_IS_OK(status)) {
508	goto done;
509	}
510	if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
511	NT_STATUS_V(STATUS_SOME_UNMAPPED)) {
512	status = result;
513	goto done;
514	}
515
516	status = NT_STATUS_OK;
517
518	/* Print results */
519
520	for (i = 0; i < names.count; i++) {
521	fstring sid_str;
522
523	if (i >= sids.num_sids) {
524	break;
525	}
526	sid_to_fstring(sid_str, sids.sids[i].sid);
527	printf("%s %s (%d)\n", sid_str,
528	names.names[i].name.string,
529	names.names[i].sid_type);
530	}
531
532	done:
533	return status;
534	}
535
536
537	/* Enumerate list of trusted domains */
538
539	static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
540	TALLOC_CTX *mem_ctx, int argc,
541	const char **argv)
542	{
543	struct policy_handle pol;
544	NTSTATUS status, result;
545	struct lsa_DomainList domain_list;
546	struct dcerpc_binding_handle *b = cli->binding_handle;
547
548	/* defaults, but may be changed using params */
549	uint32_t enum_ctx = 0;
550	int i;
551	uint32_t max_size = (uint32_t)-1;
552
553	if (argc > 2) {
554	printf("Usage: %s [enum context (0)]\n", argv[0]);
555	return NT_STATUS_OK;
556	}
557
558	if (argc == 2 && argv[1]) {
559	enum_ctx = atoi(argv[2]);
560	}
561
562	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
563	LSA_POLICY_VIEW_LOCAL_INFORMATION,
564	&pol);
565
566	if (!NT_STATUS_IS_OK(status))
567	goto done;
568
569	status = STATUS_MORE_ENTRIES;
570
571	while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
572
573	/* Lookup list of trusted domains */
574
575	status = dcerpc_lsa_EnumTrustDom(b, mem_ctx,
576	&pol,
577	&enum_ctx,
578	&domain_list,
579	max_size,
580	&result);
581	if (!NT_STATUS_IS_OK(status)) {
582	goto done;
583	}
584	if (!NT_STATUS_IS_OK(result) &&
585	!NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
586	!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
587	status = result;
588	goto done;
589	}
590
591	/* Print results: list of names and sids returned in this
592	* response. */
593	for (i = 0; i < domain_list.count; i++) {
594	fstring sid_str;
595
596	sid_to_fstring(sid_str, domain_list.domains[i].sid);
597	printf("%s %s\n",
598	domain_list.domains[i].name.string ?
599	domain_list.domains[i].name.string : "unknown",
600	sid_str);
601	}
602	}
603
604	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
605	done:
606	return status;
607	}
608
609	/* Enumerates privileges */
610
611	static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli,
612	TALLOC_CTX *mem_ctx, int argc,
613	const char **argv)
614	{
615	struct policy_handle pol;
616	NTSTATUS status, result;
617	struct lsa_PrivArray priv_array;
618	struct dcerpc_binding_handle *b = cli->binding_handle;
619
620	uint32_t enum_context=0;
621	uint32_t pref_max_length=0x1000;
622	int i;
623
624	if (argc > 3) {
625	printf("Usage: %s [enum context] [max length]\n", argv[0]);
626	return NT_STATUS_OK;
627	}
628
629	if (argc>=2)
630	enum_context=atoi(argv[1]);
631
632	if (argc==3)
633	pref_max_length=atoi(argv[2]);
634
635	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
636	SEC_FLAG_MAXIMUM_ALLOWED,
637	&pol);
638
639	if (!NT_STATUS_IS_OK(status))
640	goto done;
641
642	status = dcerpc_lsa_EnumPrivs(b, mem_ctx,
643	&pol,
644	&enum_context,
645	&priv_array,
646	pref_max_length,
647	&result);
648	if (!NT_STATUS_IS_OK(status))
649	goto done;
650	if (!NT_STATUS_IS_OK(result)) {
651	status = result;
652	goto done;
653	}
654
655	/* Print results */
656	printf("found %d privileges\n\n", priv_array.count);
657
658	for (i = 0; i < priv_array.count; i++) {
659	printf("%s \t\t%d:%d (0x%x:0x%x)\n",
660	priv_array.privs[i].name.string ? priv_array.privs[i].name.string : "unknown",
661	priv_array.privs[i].luid.high,
662	priv_array.privs[i].luid.low,
663	priv_array.privs[i].luid.high,
664	priv_array.privs[i].luid.low);
665	}
666
667	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
668	done:
669	return status;
670	}
671
672	/* Get privilege name */
673
674	static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli,
675	TALLOC_CTX *mem_ctx, int argc,
676	const char **argv)
677	{
678	struct policy_handle pol;
679	NTSTATUS status, result;
680	struct dcerpc_binding_handle *b = cli->binding_handle;
681
682	uint16_t lang_id=0;
683	uint16_t lang_id_sys=0;
684	uint16_t lang_id_desc;
685	struct lsa_String lsa_name;
686	struct lsa_StringLarge *description = NULL;
687
688	if (argc != 2) {
689	printf("Usage: %s privilege name\n", argv[0]);
690	return NT_STATUS_OK;
691	}
692
693	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
694	SEC_FLAG_MAXIMUM_ALLOWED,
695	&pol);
696
697	if (!NT_STATUS_IS_OK(status))
698	goto done;
699
700	init_lsa_String(&lsa_name, argv[1]);
701
702	status = dcerpc_lsa_LookupPrivDisplayName(b, mem_ctx,
703	&pol,
704	&lsa_name,
705	lang_id,
706	lang_id_sys,
707	&description,
708	&lang_id_desc,
709	&result);
710	if (!NT_STATUS_IS_OK(status))
711	goto done;
712	if (!NT_STATUS_IS_OK(result)) {
713	status = result;
714	goto done;
715	}
716
717	/* Print results */
718	printf("%s -> %s (language: 0x%x)\n", argv[1], description->string, lang_id_desc);
719
720	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
721	done:
722	return status;
723	}
724
725	/* Enumerate the LSA SIDS */
726
727	static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli,
728	TALLOC_CTX *mem_ctx, int argc,
729	const char **argv)
730	{
731	struct policy_handle pol;
732	NTSTATUS status, result;
733	struct dcerpc_binding_handle *b = cli->binding_handle;
734
735	uint32_t enum_context=0;
736	uint32_t pref_max_length=0x1000;
737	struct lsa_SidArray sid_array;
738	int i;
739
740	if (argc > 3) {
741	printf("Usage: %s [enum context] [max length]\n", argv[0]);
742	return NT_STATUS_OK;
743	}
744
745	if (argc>=2)
746	enum_context=atoi(argv[1]);
747
748	if (argc==3)
749	pref_max_length=atoi(argv[2]);
750
751	status = rpccli_lsa_open_policy(cli, mem_ctx, True,
752	SEC_FLAG_MAXIMUM_ALLOWED,
753	&pol);
754
755	if (!NT_STATUS_IS_OK(status))
756	goto done;
757
758	status = dcerpc_lsa_EnumAccounts(b, mem_ctx,
759	&pol,
760	&enum_context,
761	&sid_array,
762	pref_max_length,
763	&result);
764	if (!NT_STATUS_IS_OK(status))
765	goto done;
766	if (!NT_STATUS_IS_OK(result)) {
767	status = result;
768	goto done;
769	}
770
771	/* Print results */
772	printf("found %d SIDs\n\n", sid_array.num_sids);
773
774	for (i = 0; i < sid_array.num_sids; i++) {
775	fstring sid_str;
776
777	sid_to_fstring(sid_str, sid_array.sids[i].sid);
778	printf("%s\n", sid_str);
779	}
780
781	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
782	done:
783	return status;
784	}
785
786	/* Create a new account */
787
788	static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli,
789	TALLOC_CTX *mem_ctx, int argc,
790	const char **argv)
791	{
792	struct policy_handle dom_pol;
793	struct policy_handle user_pol;
794	NTSTATUS status, result;
795	uint32_t des_access = 0x000f000f;
796	struct dcerpc_binding_handle *b = cli->binding_handle;
797
798	struct dom_sid sid;
799
800	if (argc != 2 ) {
801	printf("Usage: %s SID\n", argv[0]);
802	return NT_STATUS_OK;
803	}
804
805	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
806	if (!NT_STATUS_IS_OK(status))
807	goto done;
808
809	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
810	SEC_FLAG_MAXIMUM_ALLOWED,
811	&dom_pol);
812
813	if (!NT_STATUS_IS_OK(status))
814	goto done;
815
816	status = dcerpc_lsa_CreateAccount(b, mem_ctx,
817	&dom_pol,
818	&sid,
819	des_access,
820	&user_pol,
821	&result);
822	if (!NT_STATUS_IS_OK(status))
823	goto done;
824	if (!NT_STATUS_IS_OK(result)) {
825	status = result;
826	goto done;
827	}
828
829	printf("Account for SID %s successfully created\n\n", argv[1]);
830	status = NT_STATUS_OK;
831
832	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
833	done:
834	return status;
835	}
836
837
838	/* Enumerate the privileges of an SID */
839
840	static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli,
841	TALLOC_CTX *mem_ctx, int argc,
842	const char **argv)
843	{
844	struct policy_handle dom_pol;
845	struct policy_handle user_pol;
846	NTSTATUS status, result;
847	uint32_t access_desired = 0x000f000f;
848	struct dom_sid sid;
849	struct lsa_PrivilegeSet *privs = NULL;
850	int i;
851	struct dcerpc_binding_handle *b = cli->binding_handle;
852
853	if (argc != 2 ) {
854	printf("Usage: %s SID\n", argv[0]);
855	return NT_STATUS_OK;
856	}
857
858	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
859	if (!NT_STATUS_IS_OK(status))
860	goto done;
861
862	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
863	SEC_FLAG_MAXIMUM_ALLOWED,
864	&dom_pol);
865
866	if (!NT_STATUS_IS_OK(status))
867	goto done;
868
869	status = dcerpc_lsa_OpenAccount(b, mem_ctx,
870	&dom_pol,
871	&sid,
872	access_desired,
873	&user_pol,
874	&result);
875	if (!NT_STATUS_IS_OK(status))
876	goto done;
877	if (!NT_STATUS_IS_OK(result)) {
878	status = result;
879	goto done;
880	}
881
882	status = dcerpc_lsa_EnumPrivsAccount(b, mem_ctx,
883	&user_pol,
884	&privs,
885	&result);
886	if (!NT_STATUS_IS_OK(status))
887	goto done;
888	if (!NT_STATUS_IS_OK(result)) {
889	status = result;
890	goto done;
891	}
892
893	/* Print results */
894	printf("found %d privileges for SID %s\n\n", privs->count, argv[1]);
895	printf("high\tlow\tattribute\n");
896
897	for (i = 0; i < privs->count; i++) {
898	printf("%u\t%u\t%u\n",
899	privs->set[i].luid.high,
900	privs->set[i].luid.low,
901	privs->set[i].attribute);
902	}
903
904	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
905	done:
906	return status;
907	}
908
909
910	/* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
911
912	static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
913	TALLOC_CTX *mem_ctx, int argc,
914	const char **argv)
915	{
916	struct policy_handle dom_pol;
917	NTSTATUS status, result;
918	struct dom_sid sid;
919	struct lsa_RightSet rights;
920	struct dcerpc_binding_handle *b = cli->binding_handle;
921
922	int i;
923
924	if (argc != 2 ) {
925	printf("Usage: %s SID\n", argv[0]);
926	return NT_STATUS_OK;
927	}
928
929	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
930	if (!NT_STATUS_IS_OK(status))
931	goto done;
932
933	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
934	SEC_FLAG_MAXIMUM_ALLOWED,
935	&dom_pol);
936
937	if (!NT_STATUS_IS_OK(status))
938	goto done;
939
940	status = dcerpc_lsa_EnumAccountRights(b, mem_ctx,
941	&dom_pol,
942	&sid,
943	&rights,
944	&result);
945	if (!NT_STATUS_IS_OK(status))
946	goto done;
947	if (!NT_STATUS_IS_OK(result)) {
948	status = result;
949	goto done;
950	}
951
952	printf("found %d privileges for SID %s\n", rights.count,
953	sid_string_tos(&sid));
954
955	for (i = 0; i < rights.count; i++) {
956	printf("\t%s\n", rights.names[i].string);
957	}
958
959	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
960	done:
961	return status;
962	}
963
964
965	/* add some privileges to a SID via LsaAddAccountRights */
966
967	static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli,
968	TALLOC_CTX *mem_ctx, int argc,
969	const char **argv)
970	{
971	struct policy_handle dom_pol;
972	NTSTATUS status, result;
973	struct lsa_RightSet rights;
974	struct dom_sid sid;
975	int i;
976	struct dcerpc_binding_handle *b = cli->binding_handle;
977
978	if (argc < 3 ) {
979	printf("Usage: %s SID [rights...]\n", argv[0]);
980	return NT_STATUS_OK;
981	}
982
983	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
984	if (!NT_STATUS_IS_OK(status))
985	goto done;
986
987	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
988	SEC_FLAG_MAXIMUM_ALLOWED,
989	&dom_pol);
990
991	if (!NT_STATUS_IS_OK(status))
992	goto done;
993
994	rights.count = argc-2;
995	rights.names = talloc_array(mem_ctx, struct lsa_StringLarge,
996	rights.count);
997	if (!rights.names) {
998	return NT_STATUS_NO_MEMORY;
999	}
1000
1001	for (i=0; i<argc-2; i++) {
1002	init_lsa_StringLarge(&rights.names[i], argv[i+2]);
1003	}
1004
1005	status = dcerpc_lsa_AddAccountRights(b, mem_ctx,
1006	&dom_pol,
1007	&sid,
1008	&rights,
1009	&result);
1010	if (!NT_STATUS_IS_OK(status))
1011	goto done;
1012	if (!NT_STATUS_IS_OK(result)) {
1013	status = result;
1014	goto done;
1015	}
1016
1017	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
1018	done:
1019	return status;
1020	}
1021
1022
1023	/* remove some privileges to a SID via LsaRemoveAccountRights */
1024
1025	static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
1026	TALLOC_CTX *mem_ctx, int argc,
1027	const char **argv)
1028	{
1029	struct policy_handle dom_pol;
1030	NTSTATUS status, result;
1031	struct lsa_RightSet rights;
1032	struct dom_sid sid;
1033	int i;
1034	struct dcerpc_binding_handle *b = cli->binding_handle;
1035
1036	if (argc < 3 ) {
1037	printf("Usage: %s SID [rights...]\n", argv[0]);
1038	return NT_STATUS_OK;
1039	}
1040
1041	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1042	if (!NT_STATUS_IS_OK(status))
1043	goto done;
1044
1045	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1046	SEC_FLAG_MAXIMUM_ALLOWED,
1047	&dom_pol);
1048
1049	if (!NT_STATUS_IS_OK(status))
1050	goto done;
1051
1052	rights.count = argc-2;
1053	rights.names = talloc_array(mem_ctx, struct lsa_StringLarge,
1054	rights.count);
1055	if (!rights.names) {
1056	return NT_STATUS_NO_MEMORY;
1057	}
1058
1059	for (i=0; i<argc-2; i++) {
1060	init_lsa_StringLarge(&rights.names[i], argv[i+2]);
1061	}
1062
1063	status = dcerpc_lsa_RemoveAccountRights(b, mem_ctx,
1064	&dom_pol,
1065	&sid,
1066	false,
1067	&rights,
1068	&result);
1069	if (!NT_STATUS_IS_OK(status))
1070	goto done;
1071	if (!NT_STATUS_IS_OK(result)) {
1072	status = result;
1073	goto done;
1074	}
1075
1076	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
1077
1078	done:
1079	return status;
1080	}
1081
1082
1083	/* Get a privilege value given its name */
1084
1085	static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli,
1086	TALLOC_CTX *mem_ctx, int argc,
1087	const char **argv)
1088	{
1089	struct policy_handle pol;
1090	NTSTATUS status, result;
1091	struct lsa_LUID luid;
1092	struct lsa_String name;
1093	struct dcerpc_binding_handle *b = cli->binding_handle;
1094
1095	if (argc != 2 ) {
1096	printf("Usage: %s name\n", argv[0]);
1097	return NT_STATUS_OK;
1098	}
1099
1100	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1101	SEC_FLAG_MAXIMUM_ALLOWED,
1102	&pol);
1103
1104	if (!NT_STATUS_IS_OK(status))
1105	goto done;
1106
1107	init_lsa_String(&name, argv[1]);
1108
1109	status = dcerpc_lsa_LookupPrivValue(b, mem_ctx,
1110	&pol,
1111	&name,
1112	&luid,
1113	&result);
1114	if (!NT_STATUS_IS_OK(status))
1115	goto done;
1116	if (!NT_STATUS_IS_OK(result)) {
1117	status = result;
1118	goto done;
1119	}
1120
1121	/* Print results */
1122
1123	printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
1124
1125	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1126	done:
1127	return status;
1128	}
1129
1130	/* Query LSA security object */
1131
1132	static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
1133	TALLOC_CTX *mem_ctx, int argc,
1134	const char **argv)
1135	{
1136	struct policy_handle pol;
1137	NTSTATUS status, result;
1138	struct sec_desc_buf *sdb;
1139	uint32_t sec_info = SECINFO_DACL;
1140	struct dcerpc_binding_handle *b = cli->binding_handle;
1141
1142	if (argc < 1 \|\| argc > 2) {
1143	printf("Usage: %s [sec_info]\n", argv[0]);
1144	return NT_STATUS_OK;
1145	}
1146
1147	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1148	SEC_FLAG_MAXIMUM_ALLOWED,
1149	&pol);
1150
1151	if (argc == 2)
1152	sscanf(argv[1], "%x", &sec_info);
1153
1154	if (!NT_STATUS_IS_OK(status))
1155	goto done;
1156
1157	status = dcerpc_lsa_QuerySecurity(b, mem_ctx,
1158	&pol,
1159	sec_info,
1160	&sdb,
1161	&result);
1162	if (!NT_STATUS_IS_OK(status))
1163	goto done;
1164	if (!NT_STATUS_IS_OK(result)) {
1165	status = result;
1166	goto done;
1167	}
1168
1169	/* Print results */
1170
1171	display_sec_desc(sdb->sd);
1172
1173	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1174	done:
1175	return status;
1176	}
1177
1178	static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
1179	DATA_BLOB session_key)
1180	{
1181	char pwd, pwd_old;
1182
1183	DATA_BLOB data = data_blob_const(p->password->data, p->password->length);
1184	DATA_BLOB data_old = data_blob_const(p->old_password->data, p->old_password->length);
1185
1186	pwd = sess_decrypt_string(talloc_tos(), &data, &session_key);
1187	pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key);
1188
1189	d_printf("Password:\t%s\n", pwd);
1190	d_printf("Old Password:\t%s\n", pwd_old);
1191
1192	talloc_free(pwd);
1193	talloc_free(pwd_old);
1194	}
1195
1196	static void display_trust_dom_info(TALLOC_CTX *mem_ctx,
1197	union lsa_TrustedDomainInfo *info,
1198	enum lsa_TrustDomInfoEnum info_class,
1199	DATA_BLOB session_key)
1200	{
1201	switch (info_class) {
1202	case LSA_TRUSTED_DOMAIN_INFO_PASSWORD:
1203	display_trust_dom_info_4(&info->password, session_key);
1204	break;
1205	default: {
1206	const char *str = NULL;
1207	str = NDR_PRINT_UNION_STRING(mem_ctx,
1208	lsa_TrustedDomainInfo,
1209	info_class, info);
1210	if (str) {
1211	d_printf("%s\n", str);
1212	}
1213	break;
1214	}
1215	}
1216	}
1217
1218	static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
1219	TALLOC_CTX *mem_ctx, int argc,
1220	const char **argv)
1221	{
1222	struct policy_handle pol;
1223	NTSTATUS status, result;
1224	struct dom_sid dom_sid;
1225	uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1226	union lsa_TrustedDomainInfo *info = NULL;
1227	enum lsa_TrustDomInfoEnum info_class = 1;
1228	DATA_BLOB session_key;
1229	struct dcerpc_binding_handle *b = cli->binding_handle;
1230
1231	if (argc > 3 \|\| argc < 2) {
1232	printf("Usage: %s [sid] [info_class]\n", argv[0]);
1233	return NT_STATUS_OK;
1234	}
1235
1236	if (!string_to_sid(&dom_sid, argv[1]))
1237	return NT_STATUS_NO_MEMORY;
1238
1239	if (argc == 3)
1240	info_class = atoi(argv[2]);
1241
1242	status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1243
1244	if (!NT_STATUS_IS_OK(status))
1245	goto done;
1246
1247	status = dcerpc_lsa_QueryTrustedDomainInfoBySid(b, mem_ctx,
1248	&pol,
1249	&dom_sid,
1250	info_class,
1251	&info,
1252	&result);
1253	if (!NT_STATUS_IS_OK(status))
1254	goto done;
1255	if (!NT_STATUS_IS_OK(result)) {
1256	status = result;
1257	goto done;
1258	}
1259
1260	status = cli_get_session_key(mem_ctx, cli, &session_key);
1261	if (!NT_STATUS_IS_OK(status)) {
1262	DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
1263	goto done;
1264	}
1265
1266	display_trust_dom_info(mem_ctx, info, info_class, session_key);
1267
1268	done:
1269	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1270
1271	return status;
1272	}
1273
1274	static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
1275	TALLOC_CTX *mem_ctx, int argc,
1276	const char **argv)
1277	{
1278	struct policy_handle pol;
1279	NTSTATUS status, result;
1280	uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1281	union lsa_TrustedDomainInfo *info = NULL;
1282	enum lsa_TrustDomInfoEnum info_class = 1;
1283	struct lsa_String trusted_domain;
1284	struct dcerpc_binding_handle *b = cli->binding_handle;
1285	DATA_BLOB session_key;
1286
1287	if (argc > 3 \|\| argc < 2) {
1288	printf("Usage: %s [name] [info_class]\n", argv[0]);
1289	return NT_STATUS_OK;
1290	}
1291
1292	if (argc == 3)
1293	info_class = atoi(argv[2]);
1294
1295	status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1296
1297	if (!NT_STATUS_IS_OK(status))
1298	goto done;
1299
1300	init_lsa_String(&trusted_domain, argv[1]);
1301
1302	status = dcerpc_lsa_QueryTrustedDomainInfoByName(b, mem_ctx,
1303	&pol,
1304	&trusted_domain,
1305	info_class,
1306	&info,
1307	&result);
1308	if (!NT_STATUS_IS_OK(status))
1309	goto done;
1310	if (!NT_STATUS_IS_OK(result)) {
1311	status = result;
1312	goto done;
1313	}
1314
1315	status = cli_get_session_key(mem_ctx, cli, &session_key);
1316	if (!NT_STATUS_IS_OK(status)) {
1317	DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
1318	goto done;
1319	}
1320
1321	display_trust_dom_info(mem_ctx, info, info_class, session_key);
1322
1323	done:
1324	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1325
1326	return status;
1327	}
1328
1329	static NTSTATUS cmd_lsa_set_trustdominfo(struct rpc_pipe_client *cli,
1330	TALLOC_CTX *mem_ctx, int argc,
1331	const char **argv)
1332	{
1333	struct policy_handle pol, trustdom_pol;
1334	NTSTATUS status, result;
1335	uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1336	union lsa_TrustedDomainInfo info;
1337	struct dom_sid dom_sid;
1338	enum lsa_TrustDomInfoEnum info_class = 1;
1339	struct dcerpc_binding_handle *b = cli->binding_handle;
1340
1341	if (argc > 4 \|\| argc < 3) {
1342	printf("Usage: %s [sid] [info_class] [value]\n", argv[0]);
1343	return NT_STATUS_OK;
1344	}
1345
1346	if (!string_to_sid(&dom_sid, argv[1])) {
1347	return NT_STATUS_NO_MEMORY;
1348	}
1349
1350
1351	info_class = atoi(argv[2]);
1352
1353	switch (info_class) {
1354	case 13: /* LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES */
1355	info.enc_types.enc_types = atoi(argv[3]);
1356	break;
1357	default:
1358	return NT_STATUS_INVALID_PARAMETER;
1359	}
1360
1361	status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1362	if (!NT_STATUS_IS_OK(status)) {
1363	goto done;
1364	}
1365
1366	status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx,
1367	&pol,
1368	&dom_sid,
1369	access_mask,
1370	&trustdom_pol,
1371	&result);
1372	if (!NT_STATUS_IS_OK(status)) {
1373	goto done;
1374	}
1375	if (!NT_STATUS_IS_OK(result)) {
1376	status = result;
1377	goto done;
1378	}
1379
1380	status = dcerpc_lsa_SetInformationTrustedDomain(b, mem_ctx,
1381	&trustdom_pol,
1382	info_class,
1383	&info,
1384	&result);
1385	if (!NT_STATUS_IS_OK(status)) {
1386	goto done;
1387	}
1388	if (!NT_STATUS_IS_OK(result)) {
1389	status = result;
1390	goto done;
1391	}
1392	done:
1393	dcerpc_lsa_Close(b, mem_ctx, &trustdom_pol, &result);
1394	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1395
1396	return status;
1397	}
1398
1399	static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
1400	TALLOC_CTX *mem_ctx, int argc,
1401	const char **argv)
1402	{
1403	struct policy_handle pol, trustdom_pol;
1404	NTSTATUS status, result;
1405	uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1406	union lsa_TrustedDomainInfo *info = NULL;
1407	struct dom_sid dom_sid;
1408	enum lsa_TrustDomInfoEnum info_class = 1;
1409	DATA_BLOB session_key;
1410	struct dcerpc_binding_handle *b = cli->binding_handle;
1411
1412	if (argc > 3 \|\| argc < 2) {
1413	printf("Usage: %s [sid] [info_class]\n", argv[0]);
1414	return NT_STATUS_OK;
1415	}
1416
1417	if (!string_to_sid(&dom_sid, argv[1]))
1418	return NT_STATUS_NO_MEMORY;
1419
1420
1421	if (argc == 3)
1422	info_class = atoi(argv[2]);
1423
1424	status = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1425
1426	if (!NT_STATUS_IS_OK(status))
1427	goto done;
1428
1429	status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx,
1430	&pol,
1431	&dom_sid,
1432	access_mask,
1433	&trustdom_pol,
1434	&result);
1435	if (!NT_STATUS_IS_OK(status))
1436	goto done;
1437	if (!NT_STATUS_IS_OK(result)) {
1438	status = result;
1439	goto done;
1440	}
1441
1442	status = dcerpc_lsa_QueryTrustedDomainInfo(b, mem_ctx,
1443	&trustdom_pol,
1444	info_class,
1445	&info,
1446	&result);
1447	if (!NT_STATUS_IS_OK(status))
1448	goto done;
1449	if (!NT_STATUS_IS_OK(result)) {
1450	status = result;
1451	goto done;
1452	}
1453
1454	status = cli_get_session_key(mem_ctx, cli, &session_key);
1455	if (!NT_STATUS_IS_OK(status)) {
1456	DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(status)));
1457	goto done;
1458	}
1459
1460	display_trust_dom_info(mem_ctx, info, info_class, session_key);
1461
1462	done:
1463	dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
1464
1465	return status;
1466	}
1467
1468	static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli,
1469	TALLOC_CTX *mem_ctx, int argc,
1470	const char **argv)
1471	{
1472	NTSTATUS status, result;
1473	const char *servername = cli->desthost;
1474	struct lsa_String *account_name = NULL;
1475	struct lsa_String *authority_name = NULL;
1476	struct dcerpc_binding_handle *b = cli->binding_handle;
1477
1478	if (argc > 2) {
1479	printf("Usage: %s servername\n", argv[0]);
1480	return NT_STATUS_OK;
1481	}
1482
1483	status = dcerpc_lsa_GetUserName(b, mem_ctx,
1484	servername,
1485	&account_name,
1486	&authority_name,
1487	&result);
1488	if (!NT_STATUS_IS_OK(status)) {
1489	goto done;
1490	}
1491	if (!NT_STATUS_IS_OK(result)) {
1492	status = result;
1493	goto done;
1494	}
1495
1496	/* Print results */
1497
1498	printf("Account Name: %s, Authority Name: %s\n",
1499	account_name->string, authority_name ? authority_name->string :
1500	"");
1501
1502	done:
1503	return status;
1504	}
1505
1506	static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli,
1507	TALLOC_CTX *mem_ctx, int argc,
1508	const char **argv)
1509	{
1510	struct policy_handle dom_pol, user_pol;
1511	NTSTATUS status, result;
1512	struct lsa_PrivilegeSet privs;
1513	struct lsa_LUIDAttribute *set = NULL;
1514	struct dom_sid sid;
1515	int i;
1516	struct dcerpc_binding_handle *b = cli->binding_handle;
1517
1518	ZERO_STRUCT(privs);
1519
1520	if (argc < 3 ) {
1521	printf("Usage: %s SID [rights...]\n", argv[0]);
1522	return NT_STATUS_OK;
1523	}
1524
1525	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1526	if (!NT_STATUS_IS_OK(status)) {
1527	goto done;
1528	}
1529
1530	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1531	SEC_FLAG_MAXIMUM_ALLOWED,
1532	&dom_pol);
1533
1534	if (!NT_STATUS_IS_OK(status)) {
1535	goto done;
1536	}
1537
1538	status = dcerpc_lsa_OpenAccount(b, mem_ctx,
1539	&dom_pol,
1540	&sid,
1541	SEC_FLAG_MAXIMUM_ALLOWED,
1542	&user_pol,
1543	&result);
1544	if (!NT_STATUS_IS_OK(status)) {
1545	goto done;
1546	}
1547	if (!NT_STATUS_IS_OK(result)) {
1548	status = result;
1549	goto done;
1550	}
1551
1552	for (i=2; i<argc; i++) {
1553
1554	struct lsa_String priv_name;
1555	struct lsa_LUID luid;
1556
1557	init_lsa_String(&priv_name, argv[i]);
1558
1559	status = dcerpc_lsa_LookupPrivValue(b, mem_ctx,
1560	&dom_pol,
1561	&priv_name,
1562	&luid,
1563	&result);
1564	if (!NT_STATUS_IS_OK(status)) {
1565	continue;
1566	}
1567	if (!NT_STATUS_IS_OK(result)) {
1568	status = result;
1569	continue;
1570	}
1571
1572	privs.count++;
1573	set = talloc_realloc(mem_ctx, set,
1574	struct lsa_LUIDAttribute,
1575	privs.count);
1576	if (!set) {
1577	return NT_STATUS_NO_MEMORY;
1578	}
1579
1580	set[privs.count-1].luid = luid;
1581	set[privs.count-1].attribute = 0;
1582	}
1583
1584	privs.set = set;
1585
1586	status = dcerpc_lsa_AddPrivilegesToAccount(b, mem_ctx,
1587	&user_pol,
1588	&privs,
1589	&result);
1590	if (!NT_STATUS_IS_OK(status)) {
1591	goto done;
1592	}
1593	if (!NT_STATUS_IS_OK(result)) {
1594	status = result;
1595	goto done;
1596	}
1597
1598	dcerpc_lsa_Close(b, mem_ctx, &user_pol, &result);
1599	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
1600	done:
1601	return status;
1602	}
1603
1604	static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli,
1605	TALLOC_CTX *mem_ctx, int argc,
1606	const char **argv)
1607	{
1608	struct policy_handle dom_pol, user_pol;
1609	NTSTATUS status, result;
1610	struct lsa_PrivilegeSet privs;
1611	struct lsa_LUIDAttribute *set = NULL;
1612	struct dom_sid sid;
1613	int i;
1614	struct dcerpc_binding_handle *b = cli->binding_handle;
1615
1616	ZERO_STRUCT(privs);
1617
1618	if (argc < 3 ) {
1619	printf("Usage: %s SID [rights...]\n", argv[0]);
1620	return NT_STATUS_OK;
1621	}
1622
1623	status = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1624	if (!NT_STATUS_IS_OK(status)) {
1625	goto done;
1626	}
1627
1628	status = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1629	SEC_FLAG_MAXIMUM_ALLOWED,
1630	&dom_pol);
1631
1632	if (!NT_STATUS_IS_OK(status)) {
1633	goto done;
1634	}
1635
1636	status = dcerpc_lsa_OpenAccount(b, mem_ctx,
1637	&dom_pol,
1638	&sid,
1639	SEC_FLAG_MAXIMUM_ALLOWED,
1640	&user_pol,
1641	&result);
1642	if (!NT_STATUS_IS_OK(status)) {
1643	goto done;
1644	}
1645	if (!NT_STATUS_IS_OK(result)) {
1646	status = result;
1647	goto done;
1648	}
1649
1650	for (i=2; i<argc; i++) {
1651
1652	struct lsa_String priv_name;
1653	struct lsa_LUID luid;
1654
1655	init_lsa_String(&priv_name, argv[i]);
1656
1657	status = dcerpc_lsa_LookupPrivValue(b, mem_ctx,
1658	&dom_pol,
1659	&priv_name,
1660	&luid,
1661	&result);
1662	if (!NT_STATUS_IS_OK(status)) {
1663	continue;
1664	}
1665	if (!NT_STATUS_IS_OK(result)) {
1666	status = result;
1667	continue;
1668	}
1669
1670	privs.count++;
1671	set = talloc_realloc(mem_ctx, set,
1672	struct lsa_LUIDAttribute,
1673	privs.count);
1674	if (!set) {
1675	return NT_STATUS_NO_MEMORY;
1676	}
1677
1678	set[privs.count-1].luid = luid;
1679	set[privs.count-1].attribute = 0;
1680	}
1681
1682	privs.set = set;
1683
1684
1685	status = dcerpc_lsa_RemovePrivilegesFromAccount(b, mem_ctx,
1686	&user_pol,
1687	false,
1688	&privs,
1689	&result);
1690	if (!NT_STATUS_IS_OK(status)) {
1691	goto done;
1692	}
1693	if (!NT_STATUS_IS_OK(result)) {
1694	status = result;
1695	goto done;
1696	}
1697
1698	dcerpc_lsa_Close(b, mem_ctx, &user_pol, &result);
1699	dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
1700	done:
1701	return status;
1702	}
1703
1704	static NTSTATUS cmd_lsa_create_secret(struct rpc_pipe_client *cli,
1705	TALLOC_CTX *mem_ctx, int argc,
1706	const char **argv)
1707	{
1708	NTSTATUS status, result;
1709	struct policy_handle handle, sec_handle;
1710	struct lsa_String name;
1711	struct dcerpc_binding_handle *b = cli->binding_handle;
1712
1713	if (argc < 2) {
1714	printf("Usage: %s name\n", argv[0]);
1715	return NT_STATUS_OK;
1716	}
1717
1718	status = rpccli_lsa_open_policy2(cli, mem_ctx,
1719	true,
1720	SEC_FLAG_MAXIMUM_ALLOWED,
1721	&handle);
1722	if (!NT_STATUS_IS_OK(status)) {
1723	return status;
1724	}
1725
1726	init_lsa_String(&name, argv[1]);
1727
1728	status = dcerpc_lsa_CreateSecret(b, mem_ctx,
1729	&handle,
1730	name,
1731	SEC_FLAG_MAXIMUM_ALLOWED,
1732	&sec_handle,
1733	&result);
1734	if (!NT_STATUS_IS_OK(status)) {
1735	goto done;
1736	}
1737	if (!NT_STATUS_IS_OK(result)) {
1738	status = result;
1739	goto done;
1740	}
1741
1742	done:
1743	if (is_valid_policy_hnd(&sec_handle)) {
1744	dcerpc_lsa_Close(b, mem_ctx, &sec_handle, &result);
1745	}
1746	if (is_valid_policy_hnd(&handle)) {
1747	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
1748	}
1749
1750	return status;
1751	}
1752
1753	static NTSTATUS cmd_lsa_delete_secret(struct rpc_pipe_client *cli,
1754	TALLOC_CTX *mem_ctx, int argc,
1755	const char **argv)
1756	{
1757	NTSTATUS status, result;
1758	struct policy_handle handle, sec_handle;
1759	struct lsa_String name;
1760	struct dcerpc_binding_handle *b = cli->binding_handle;
1761
1762	if (argc < 2) {
1763	printf("Usage: %s name\n", argv[0]);
1764	return NT_STATUS_OK;
1765	}
1766
1767	status = rpccli_lsa_open_policy2(cli, mem_ctx,
1768	true,
1769	SEC_FLAG_MAXIMUM_ALLOWED,
1770	&handle);
1771	if (!NT_STATUS_IS_OK(status)) {
1772	return status;
1773	}
1774
1775	init_lsa_String(&name, argv[1]);
1776
1777	status = dcerpc_lsa_OpenSecret(b, mem_ctx,
1778	&handle,
1779	name,
1780	SEC_FLAG_MAXIMUM_ALLOWED,
1781	&sec_handle,
1782	&result);
1783	if (!NT_STATUS_IS_OK(status)) {
1784	goto done;
1785	}
1786	if (!NT_STATUS_IS_OK(result)) {
1787	status = result;
1788	goto done;
1789	}
1790
1791	status = dcerpc_lsa_DeleteObject(b, mem_ctx,
1792	&sec_handle,
1793	&result);
1794	if (!NT_STATUS_IS_OK(status)) {
1795	goto done;
1796	}
1797	if (!NT_STATUS_IS_OK(result)) {
1798	status = result;
1799	goto done;
1800	}
1801
1802	done:
1803	if (is_valid_policy_hnd(&sec_handle)) {
1804	dcerpc_lsa_Close(b, mem_ctx, &sec_handle, &result);
1805	}
1806	if (is_valid_policy_hnd(&handle)) {
1807	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
1808	}
1809
1810	return status;
1811	}
1812
1813	static NTSTATUS cmd_lsa_query_secret(struct rpc_pipe_client *cli,
1814	TALLOC_CTX *mem_ctx, int argc,
1815	const char **argv)
1816	{
1817	NTSTATUS status, result;
1818	struct policy_handle handle, sec_handle;
1819	struct lsa_String name;
1820	struct lsa_DATA_BUF_PTR new_val;
1821	NTTIME new_mtime = 0;
1822	struct lsa_DATA_BUF_PTR old_val;
1823	NTTIME old_mtime = 0;
1824	DATA_BLOB session_key;
1825	DATA_BLOB new_blob = data_blob_null;
1826	DATA_BLOB old_blob = data_blob_null;
1827	char new_secret, old_secret;
1828	struct dcerpc_binding_handle *b = cli->binding_handle;
1829
1830	if (argc < 2) {
1831	printf("Usage: %s name\n", argv[0]);
1832	return NT_STATUS_OK;
1833	}
1834
1835	status = rpccli_lsa_open_policy2(cli, mem_ctx,
1836	true,
1837	SEC_FLAG_MAXIMUM_ALLOWED,
1838	&handle);
1839	if (!NT_STATUS_IS_OK(status)) {
1840	return status;
1841	}
1842
1843	init_lsa_String(&name, argv[1]);
1844
1845	status = dcerpc_lsa_OpenSecret(b, mem_ctx,
1846	&handle,
1847	name,
1848	SEC_FLAG_MAXIMUM_ALLOWED,
1849	&sec_handle,
1850	&result);
1851	if (!NT_STATUS_IS_OK(status)) {
1852	goto done;
1853	}
1854	if (!NT_STATUS_IS_OK(result)) {
1855	status = result;
1856	goto done;
1857	}
1858
1859	ZERO_STRUCT(new_val);
1860	ZERO_STRUCT(old_val);
1861
1862	status = dcerpc_lsa_QuerySecret(b, mem_ctx,
1863	&sec_handle,
1864	&new_val,
1865	&new_mtime,
1866	&old_val,
1867	&old_mtime,
1868	&result);
1869	if (!NT_STATUS_IS_OK(status)) {
1870	goto done;
1871	}
1872	if (!NT_STATUS_IS_OK(result)) {
1873	status = result;
1874	goto done;
1875	}
1876
1877	status = cli_get_session_key(mem_ctx, cli, &session_key);
1878	if (!NT_STATUS_IS_OK(status)) {
1879	goto done;
1880	}
1881
1882	if (new_val.buf) {
1883	new_blob = data_blob_const(new_val.buf->data, new_val.buf->length);
1884	}
1885	if (old_val.buf) {
1886	old_blob = data_blob_const(old_val.buf->data, old_val.buf->length);
1887	}
1888
1889	new_secret = sess_decrypt_string(mem_ctx, &new_blob, &session_key);
1890	old_secret = sess_decrypt_string(mem_ctx, &old_blob, &session_key);
1891	if (new_secret) {
1892	d_printf("new secret: %s\n", new_secret);
1893	}
1894	if (old_secret) {
1895	d_printf("old secret: %s\n", old_secret);
1896	}
1897
1898	done:
1899	if (is_valid_policy_hnd(&sec_handle)) {
1900	dcerpc_lsa_Close(b, mem_ctx, &sec_handle, &result);
1901	}
1902	if (is_valid_policy_hnd(&handle)) {
1903	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
1904	}
1905
1906	return status;
1907	}
1908
1909	static NTSTATUS cmd_lsa_set_secret(struct rpc_pipe_client *cli,
1910	TALLOC_CTX *mem_ctx, int argc,
1911	const char **argv)
1912	{
1913	NTSTATUS status, result;
1914	struct policy_handle handle, sec_handle;
1915	struct lsa_String name;
1916	struct lsa_DATA_BUF new_val;
1917	struct lsa_DATA_BUF old_val;
1918	DATA_BLOB enc_key;
1919	DATA_BLOB session_key;
1920	struct dcerpc_binding_handle *b = cli->binding_handle;
1921
1922	if (argc < 3) {
1923	printf("Usage: %s name secret\n", argv[0]);
1924	return NT_STATUS_OK;
1925	}
1926
1927	status = rpccli_lsa_open_policy2(cli, mem_ctx,
1928	true,
1929	SEC_FLAG_MAXIMUM_ALLOWED,
1930	&handle);
1931	if (!NT_STATUS_IS_OK(status)) {
1932	return status;
1933	}
1934
1935	init_lsa_String(&name, argv[1]);
1936
1937	status = dcerpc_lsa_OpenSecret(b, mem_ctx,
1938	&handle,
1939	name,
1940	SEC_FLAG_MAXIMUM_ALLOWED,
1941	&sec_handle,
1942	&result);
1943	if (!NT_STATUS_IS_OK(status)) {
1944	goto done;
1945	}
1946	if (!NT_STATUS_IS_OK(result)) {
1947	status = result;
1948	goto done;
1949	}
1950
1951	ZERO_STRUCT(new_val);
1952	ZERO_STRUCT(old_val);
1953
1954	status = cli_get_session_key(mem_ctx, cli, &session_key);
1955	if (!NT_STATUS_IS_OK(status)) {
1956	goto done;
1957	}
1958
1959	enc_key = sess_encrypt_string(argv[2], &session_key);
1960
1961	new_val.length = enc_key.length;
1962	new_val.size = enc_key.length;
1963	new_val.data = enc_key.data;
1964
1965	status = dcerpc_lsa_SetSecret(b, mem_ctx,
1966	&sec_handle,
1967	&new_val,
1968	NULL,
1969	&result);
1970	if (!NT_STATUS_IS_OK(status)) {
1971	goto done;
1972	}
1973	if (!NT_STATUS_IS_OK(result)) {
1974	status = result;
1975	goto done;
1976	}
1977
1978	done:
1979	if (is_valid_policy_hnd(&sec_handle)) {
1980	dcerpc_lsa_Close(b, mem_ctx, &sec_handle, &result);
1981	}
1982	if (is_valid_policy_hnd(&handle)) {
1983	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
1984	}
1985
1986	return status;
1987	}
1988
1989	static NTSTATUS cmd_lsa_retrieve_private_data(struct rpc_pipe_client *cli,
1990	TALLOC_CTX *mem_ctx, int argc,
1991	const char **argv)
1992	{
1993	NTSTATUS status, result;
1994	struct policy_handle handle;
1995	struct lsa_String name;
1996	struct lsa_DATA_BUF *val;
1997	DATA_BLOB session_key;
1998	DATA_BLOB blob = data_blob_null;
1999	char *secret;
2000	struct dcerpc_binding_handle *b = cli->binding_handle;
2001
2002	if (argc < 2) {
2003	printf("Usage: %s name\n", argv[0]);
2004	return NT_STATUS_OK;
2005	}
2006
2007	status = rpccli_lsa_open_policy2(cli, mem_ctx,
2008	true,
2009	SEC_FLAG_MAXIMUM_ALLOWED,
2010	&handle);
2011	if (!NT_STATUS_IS_OK(status)) {
2012	return status;
2013	}
2014
2015	init_lsa_String(&name, argv[1]);
2016
2017	ZERO_STRUCT(val);
2018
2019	status = dcerpc_lsa_RetrievePrivateData(b, mem_ctx,
2020	&handle,
2021	&name,
2022	&val,
2023	&result);
2024	if (!NT_STATUS_IS_OK(status)) {
2025	goto done;
2026	}
2027	if (!NT_STATUS_IS_OK(result)) {
2028	status = result;
2029	goto done;
2030	}
2031
2032	status = cli_get_session_key(mem_ctx, cli, &session_key);
2033	if (!NT_STATUS_IS_OK(status)) {
2034	goto done;
2035	}
2036
2037	if (val) {
2038	blob = data_blob_const(val->data, val->length);
2039	}
2040
2041	secret = sess_decrypt_string(mem_ctx, &blob, &session_key);
2042	if (secret) {
2043	d_printf("secret: %s\n", secret);
2044	}
2045
2046	done:
2047	if (is_valid_policy_hnd(&handle)) {
2048	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
2049	}
2050
2051	return status;
2052	}
2053
2054	static NTSTATUS cmd_lsa_store_private_data(struct rpc_pipe_client *cli,
2055	TALLOC_CTX *mem_ctx, int argc,
2056	const char **argv)
2057	{
2058	NTSTATUS status, result;
2059	struct policy_handle handle;
2060	struct lsa_String name;
2061	struct lsa_DATA_BUF val;
2062	DATA_BLOB session_key;
2063	DATA_BLOB enc_key;
2064	struct dcerpc_binding_handle *b = cli->binding_handle;
2065
2066	if (argc < 3) {
2067	printf("Usage: %s name secret\n", argv[0]);
2068	return NT_STATUS_OK;
2069	}
2070
2071	status = rpccli_lsa_open_policy2(cli, mem_ctx,
2072	true,
2073	SEC_FLAG_MAXIMUM_ALLOWED,
2074	&handle);
2075	if (!NT_STATUS_IS_OK(status)) {
2076	return status;
2077	}
2078
2079	init_lsa_String(&name, argv[1]);
2080
2081	ZERO_STRUCT(val);
2082
2083	status = cli_get_session_key(mem_ctx, cli, &session_key);
2084	if (!NT_STATUS_IS_OK(status)) {
2085	goto done;
2086	}
2087
2088	enc_key = sess_encrypt_string(argv[2], &session_key);
2089
2090	val.length = enc_key.length;
2091	val.size = enc_key.length;
2092	val.data = enc_key.data;
2093
2094	status = dcerpc_lsa_StorePrivateData(b, mem_ctx,
2095	&handle,
2096	&name,
2097	&val,
2098	&result);
2099	if (!NT_STATUS_IS_OK(status)) {
2100	goto done;
2101	}
2102	if (!NT_STATUS_IS_OK(result)) {
2103	status = result;
2104	goto done;
2105	}
2106
2107	done:
2108	if (is_valid_policy_hnd(&handle)) {
2109	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
2110	}
2111
2112	return status;
2113	}
2114
2115	static NTSTATUS cmd_lsa_create_trusted_domain(struct rpc_pipe_client *cli,
2116	TALLOC_CTX *mem_ctx, int argc,
2117	const char **argv)
2118	{
2119	NTSTATUS status, result;
2120	struct policy_handle handle, trustdom_handle;
2121	struct dom_sid sid;
2122	struct lsa_DomainInfo info;
2123	struct dcerpc_binding_handle *b = cli->binding_handle;
2124
2125	if (argc < 3) {
2126	printf("Usage: %s name sid\n", argv[0]);
2127	return NT_STATUS_OK;
2128	}
2129
2130	status = rpccli_lsa_open_policy2(cli, mem_ctx,
2131	true,
2132	SEC_FLAG_MAXIMUM_ALLOWED,
2133	&handle);
2134	if (!NT_STATUS_IS_OK(status)) {
2135	return status;
2136	}
2137
2138	init_lsa_StringLarge(&info.name, argv[1]);
2139	info.sid = &sid;
2140	string_to_sid(&sid, argv[2]);
2141
2142	status = dcerpc_lsa_CreateTrustedDomain(b, mem_ctx,
2143	&handle,
2144	&info,
2145	SEC_FLAG_MAXIMUM_ALLOWED,
2146	&trustdom_handle,
2147	&result);
2148	if (!NT_STATUS_IS_OK(status)) {
2149	goto done;
2150	}
2151	if (!NT_STATUS_IS_OK(result)) {
2152	status = result;
2153	goto done;
2154	}
2155
2156	done:
2157	if (is_valid_policy_hnd(&trustdom_handle)) {
2158	dcerpc_lsa_Close(b, mem_ctx, &trustdom_handle, &result);
2159	}
2160
2161	if (is_valid_policy_hnd(&handle)) {
2162	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
2163	}
2164
2165	return status;
2166	}
2167
2168	static NTSTATUS cmd_lsa_delete_trusted_domain(struct rpc_pipe_client *cli,
2169	TALLOC_CTX *mem_ctx, int argc,
2170	const char **argv)
2171	{
2172	NTSTATUS status, result;
2173	struct policy_handle handle, trustdom_handle;
2174	struct lsa_String name;
2175	struct dom_sid *sid = NULL;
2176	struct dcerpc_binding_handle *b = cli->binding_handle;
2177
2178	if (argc < 2) {
2179	printf("Usage: %s name\n", argv[0]);
2180	return NT_STATUS_OK;
2181	}
2182
2183	status = rpccli_lsa_open_policy2(cli, mem_ctx,
2184	true,
2185	SEC_FLAG_MAXIMUM_ALLOWED,
2186	&handle);
2187	if (!NT_STATUS_IS_OK(status)) {
2188	return status;
2189	}
2190
2191	init_lsa_String(&name, argv[1]);
2192
2193	status = dcerpc_lsa_OpenTrustedDomainByName(b, mem_ctx,
2194	&handle,
2195	name,
2196	SEC_FLAG_MAXIMUM_ALLOWED,
2197	&trustdom_handle,
2198	&result);
2199	if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(result)) {
2200	goto delete_object;
2201	}
2202
2203	{
2204	uint32_t resume_handle = 0;
2205	struct lsa_DomainList domains;
2206	int i;
2207
2208	status = dcerpc_lsa_EnumTrustDom(b, mem_ctx,
2209	&handle,
2210	&resume_handle,
2211	&domains,
2212	0xffff,
2213	&result);
2214	if (!NT_STATUS_IS_OK(status)) {
2215	goto done;
2216	}
2217	if (!NT_STATUS_IS_OK(result)) {
2218	status = result;
2219	goto done;
2220	}
2221
2222	for (i=0; i < domains.count; i++) {
2223	if (strequal(domains.domains[i].name.string, argv[1])) {
2224	sid = domains.domains[i].sid;
2225	break;
2226	}
2227	}
2228
2229	if (!sid) {
2230	return NT_STATUS_INVALID_SID;
2231	}
2232	}
2233
2234	status = dcerpc_lsa_OpenTrustedDomain(b, mem_ctx,
2235	&handle,
2236	sid,
2237	SEC_FLAG_MAXIMUM_ALLOWED,
2238	&trustdom_handle,
2239	&result);
2240	if (!NT_STATUS_IS_OK(status)) {
2241	goto done;
2242	}
2243	if (!NT_STATUS_IS_OK(result)) {
2244	status = result;
2245	goto done;
2246	}
2247
2248	delete_object:
2249	status = dcerpc_lsa_DeleteObject(b, mem_ctx,
2250	&trustdom_handle,
2251	&result);
2252	if (!NT_STATUS_IS_OK(status)) {
2253	goto done;
2254	}
2255	if (!NT_STATUS_IS_OK(result)) {
2256	status = result;
2257	goto done;
2258	}
2259
2260	done:
2261	if (is_valid_policy_hnd(&trustdom_handle)) {
2262	dcerpc_lsa_Close(b, mem_ctx, &trustdom_handle, &result);
2263	}
2264
2265	if (is_valid_policy_hnd(&handle)) {
2266	dcerpc_lsa_Close(b, mem_ctx, &handle, &result);
2267	}
2268
2269	return status;
2270	}
2271
2272
2273	/* List of commands exported by this module */
2274
2275	struct cmd_set lsarpc_commands[] = {
2276
2277	{ "LSARPC" },
2278
2279	{ "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, &ndr_table_lsarpc, NULL, "Query info policy", "" },
2280	{ "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, &ndr_table_lsarpc, NULL, "Convert SIDs to names", "" },
2281	{ "lookupsids3", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids3, NULL, &ndr_table_lsarpc, NULL, "Convert SIDs to names", "" },
2282	{ "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
2283	{ "lookupnames4", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names4, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
2284	{ "lookupnames_level", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc, NULL, "Convert names to SIDs", "" },
2285	{ "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, &ndr_table_lsarpc, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
2286	{ "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, &ndr_table_lsarpc, NULL, "Enumerate privileges", "" },
2287	{ "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, &ndr_table_lsarpc, NULL, "Get the privilege name", "" },
2288	{ "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, &ndr_table_lsarpc, NULL, "Enumerate the LSA SIDS", "" },
2289	{ "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, &ndr_table_lsarpc, NULL, "Create a new lsa account", "" },
2290	{ "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, &ndr_table_lsarpc, NULL, "Enumerate the privileges of an SID", "" },
2291	{ "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Enumerate the rights of an SID", "" },
2292	{ "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, &ndr_table_lsarpc, NULL, "Assign a privilege to a SID", "" },
2293	{ "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, &ndr_table_lsarpc, NULL, "Revoke a privilege from a SID", "" },
2294	{ "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Add rights to an account", "" },
2295	{ "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, &ndr_table_lsarpc, NULL, "Remove rights from an account", "" },
2296	{ "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, &ndr_table_lsarpc, NULL, "Get a privilege value given its name", "" },
2297	{ "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, &ndr_table_lsarpc, NULL, "Query LSA security object", "" },
2298	{ "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a SID)", "" },
2299	{ "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
2300	{ "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc, NULL, "Query LSA trusted domains info (given a SID)", "" },
2301	{ "lsasettrustdominfo", RPC_RTYPE_NTSTATUS, cmd_lsa_set_trustdominfo, NULL, &ndr_table_lsarpc, NULL, "Set LSA trusted domain info", "" },
2302	{ "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc, NULL, "Get username", "" },
2303	{ "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret, NULL, &ndr_table_lsarpc, NULL, "Create Secret", "" },
2304	{ "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret, NULL, &ndr_table_lsarpc, NULL, "Delete Secret", "" },
2305	{ "querysecret", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secret, NULL, &ndr_table_lsarpc, NULL, "Query Secret", "" },
2306	{ "setsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_set_secret, NULL, &ndr_table_lsarpc, NULL, "Set Secret", "" },
2307	{ "retrieveprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_retrieve_private_data, NULL, &ndr_table_lsarpc, NULL, "Retrieve Private Data", "" },
2308	{ "storeprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_store_private_data, NULL, &ndr_table_lsarpc, NULL, "Store Private Data", "" },
2309	{ "createtrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_create_trusted_domain, NULL, &ndr_table_lsarpc, NULL, "Create Trusted Domain", "" },
2310	{ "deletetrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_trusted_domain, NULL, &ndr_table_lsarpc, NULL, "Delete Trusted Domain", "" },
2311
2312	{ NULL }
2313	};
2314

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: vendor/current/source3/rpcclient/cmd_lsarpc.c

Download in other formats: