Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : RPC pipe client
4 :
5 : Copyright (C) Andrew Tridgell 1992-2000,
6 : Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 : Copyright (C) Elrond 2000,
8 : Copyright (C) Tim Potter 2000
9 : Copyright (C) Guenther Deschner 2008
10 :
11 : This program is free software; you can redistribute it and/or modify
12 : it under the terms of the GNU General Public License as published by
13 : the Free Software Foundation; either version 3 of the License, or
14 : (at your option) any later version.
15 :
16 : This program is distributed in the hope that it will be useful,
17 : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 : GNU General Public License for more details.
20 :
21 : You should have received a copy of the GNU General Public License
22 : along with this program. If not, see <http://www.gnu.org/licenses/>.
23 : */
24 :
25 : #include "includes.h"
26 : #include "rpcclient.h"
27 : #include "../libcli/auth/libcli_auth.h"
28 : #include "../librpc/gen_ndr/ndr_samr.h"
29 : #include "../librpc/gen_ndr/ndr_samr_c.h"
30 : #include "rpc_client/cli_samr.h"
31 : #include "rpc_client/init_samr.h"
32 : #include "rpc_client/init_lsa.h"
33 : #include "../libcli/security/security.h"
34 : #include "lib/util/smb_strtox.h"
35 :
36 : static struct dom_sid domain_sid;
37 :
38 : /****************************************************************************
39 : display samr_user_info_7 structure
40 : ****************************************************************************/
41 0 : static void display_samr_user_info_7(struct samr_UserInfo7 *r)
42 : {
43 0 : printf("\tUser Name :\t%s\n", r->account_name.string);
44 0 : }
45 :
46 : /****************************************************************************
47 : display samr_user_info_9 structure
48 : ****************************************************************************/
49 0 : static void display_samr_user_info_9(struct samr_UserInfo9 *r)
50 : {
51 0 : printf("\tPrimary group RID :\tox%x\n", r->primary_gid);
52 0 : }
53 :
54 : /****************************************************************************
55 : display samr_user_info_16 structure
56 : ****************************************************************************/
57 0 : static void display_samr_user_info_16(struct samr_UserInfo16 *r)
58 : {
59 0 : printf("\tAcct Flags :\tox%x\n", r->acct_flags);
60 0 : }
61 :
62 : /****************************************************************************
63 : display samr_user_info_20 structure
64 : ****************************************************************************/
65 0 : static void display_samr_user_info_20(struct samr_UserInfo20 *r)
66 : {
67 0 : printf("\tRemote Dial :\n");
68 0 : dump_data(0, (uint8_t *)r->parameters.array, r->parameters.length*2);
69 0 : }
70 :
71 :
72 : /****************************************************************************
73 : display samr_user_info_21 structure
74 : ****************************************************************************/
75 0 : static void display_samr_user_info_21(struct samr_UserInfo21 *r)
76 : {
77 0 : printf("\tUser Name :\t%s\n", r->account_name.string);
78 0 : printf("\tFull Name :\t%s\n", r->full_name.string);
79 0 : printf("\tHome Drive :\t%s\n", r->home_directory.string);
80 0 : printf("\tDir Drive :\t%s\n", r->home_drive.string);
81 0 : printf("\tProfile Path:\t%s\n", r->profile_path.string);
82 0 : printf("\tLogon Script:\t%s\n", r->logon_script.string);
83 0 : printf("\tDescription :\t%s\n", r->description.string);
84 0 : printf("\tWorkstations:\t%s\n", r->workstations.string);
85 0 : printf("\tComment :\t%s\n", r->comment.string);
86 0 : printf("\tRemote Dial :\n");
87 0 : dump_data(0, (uint8_t *)r->parameters.array, r->parameters.length*2);
88 :
89 0 : printf("\tLogon Time :\t%s\n",
90 : http_timestring(talloc_tos(), nt_time_to_unix(r->last_logon)));
91 0 : printf("\tLogoff Time :\t%s\n",
92 : http_timestring(talloc_tos(), nt_time_to_unix(r->last_logoff)));
93 0 : printf("\tKickoff Time :\t%s\n",
94 : http_timestring(talloc_tos(), nt_time_to_unix(r->acct_expiry)));
95 0 : printf("\tPassword last set Time :\t%s\n",
96 : http_timestring(talloc_tos(), nt_time_to_unix(r->last_password_change)));
97 0 : printf("\tPassword can change Time :\t%s\n",
98 : http_timestring(talloc_tos(), nt_time_to_unix(r->allow_password_change)));
99 0 : printf("\tPassword must change Time:\t%s\n",
100 : http_timestring(talloc_tos(), nt_time_to_unix(r->force_password_change)));
101 :
102 0 : printf("\tunknown_2[0..31]...\n"); /* user passwords? */
103 :
104 0 : printf("\tuser_rid :\t0x%x\n" , r->rid); /* User ID */
105 0 : printf("\tgroup_rid:\t0x%x\n" , r->primary_gid); /* Group ID */
106 0 : printf("\tacb_info :\t0x%08x\n", r->acct_flags); /* Account Control Info */
107 :
108 0 : printf("\tfields_present:\t0x%08x\n", r->fields_present); /* 0x00ff ffff */
109 0 : printf("\tlogon_divs:\t%d\n", r->logon_hours.units_per_week); /* 0x0000 00a8 which is 168 which is num hrs in a week */
110 0 : printf("\tbad_password_count:\t0x%08x\n", r->bad_password_count);
111 0 : printf("\tlogon_count:\t0x%08x\n", r->logon_count);
112 :
113 0 : printf("\tpadding1[0..7]...\n");
114 :
115 0 : if (r->logon_hours.bits) {
116 0 : printf("\tlogon_hrs[0..%d]...\n", r->logon_hours.units_per_week/8);
117 : }
118 0 : }
119 :
120 :
121 0 : static void display_password_properties(uint32_t password_properties)
122 : {
123 0 : printf("password_properties: 0x%08x\n", password_properties);
124 :
125 0 : if (password_properties & DOMAIN_PASSWORD_COMPLEX)
126 0 : printf("\tDOMAIN_PASSWORD_COMPLEX\n");
127 :
128 0 : if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
129 0 : printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
130 :
131 0 : if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
132 0 : printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
133 :
134 0 : if (password_properties & DOMAIN_PASSWORD_LOCKOUT_ADMINS)
135 0 : printf("\tDOMAIN_PASSWORD_LOCKOUT_ADMINS\n");
136 :
137 0 : if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
138 0 : printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
139 :
140 0 : if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
141 0 : printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
142 0 : }
143 :
144 0 : static void display_sam_dom_info_1(struct samr_DomInfo1 *info1)
145 : {
146 0 : printf("Minimum password length:\t\t\t%d\n",
147 0 : info1->min_password_length);
148 0 : printf("Password uniqueness (remember x passwords):\t%d\n",
149 0 : info1->password_history_length);
150 0 : display_password_properties(info1->password_properties);
151 0 : printf("password expire in:\t\t\t\t%s\n",
152 0 : display_time(info1->max_password_age));
153 0 : printf("Min password age (allow changing in x days):\t%s\n",
154 0 : display_time(info1->min_password_age));
155 0 : }
156 :
157 0 : static void display_sam_dom_info_2(struct samr_DomGeneralInformation *general)
158 : {
159 0 : printf("Domain:\t\t%s\n", general->domain_name.string);
160 0 : printf("Server:\t\t%s\n", general->primary.string);
161 0 : printf("Comment:\t%s\n", general->oem_information.string);
162 :
163 0 : printf("Total Users:\t%d\n", general->num_users);
164 0 : printf("Total Groups:\t%d\n", general->num_groups);
165 0 : printf("Total Aliases:\t%d\n", general->num_aliases);
166 :
167 0 : printf("Sequence No:\t%llu\n", (unsigned long long)general->sequence_num);
168 :
169 0 : printf("Force Logoff:\t%d\n",
170 0 : (int)nt_time_to_unix_abs(&general->force_logoff_time));
171 :
172 0 : printf("Domain Server State:\t0x%x\n", general->domain_server_state);
173 0 : printf("Server Role:\t%s\n", server_role_str(general->role));
174 0 : printf("Unknown 3:\t0x%x\n", general->unknown3);
175 0 : }
176 :
177 0 : static void display_sam_dom_info_3(struct samr_DomInfo3 *info3)
178 : {
179 0 : printf("Force Logoff:\t%d\n",
180 0 : (int)nt_time_to_unix_abs(&info3->force_logoff_time));
181 0 : }
182 :
183 0 : static void display_sam_dom_info_4(struct samr_DomOEMInformation *oem)
184 : {
185 0 : printf("Comment:\t%s\n", oem->oem_information.string);
186 0 : }
187 :
188 0 : static void display_sam_dom_info_5(struct samr_DomInfo5 *info5)
189 : {
190 0 : printf("Domain:\t\t%s\n", info5->domain_name.string);
191 0 : }
192 :
193 0 : static void display_sam_dom_info_6(struct samr_DomInfo6 *info6)
194 : {
195 0 : printf("Server:\t\t%s\n", info6->primary.string);
196 0 : }
197 :
198 0 : static void display_sam_dom_info_7(struct samr_DomInfo7 *info7)
199 : {
200 0 : printf("Server Role:\t%s\n", server_role_str(info7->role));
201 0 : }
202 :
203 0 : static void display_sam_dom_info_8(struct samr_DomInfo8 *info8)
204 : {
205 0 : printf("Sequence No:\t%llu\n", (unsigned long long)info8->sequence_num);
206 0 : printf("Domain Create Time:\t%s\n",
207 : http_timestring(talloc_tos(), nt_time_to_unix(info8->domain_create_time)));
208 0 : }
209 :
210 0 : static void display_sam_dom_info_9(struct samr_DomInfo9 *info9)
211 : {
212 0 : printf("Domain Server State:\t0x%x\n", info9->domain_server_state);
213 0 : }
214 :
215 0 : static void display_sam_dom_info_12(struct samr_DomInfo12 *info12)
216 : {
217 0 : printf("Bad password lockout duration: %s\n",
218 : display_time(info12->lockout_duration));
219 0 : printf("Reset Lockout after: %s\n",
220 : display_time(info12->lockout_window));
221 0 : printf("Lockout after bad attempts: %d\n",
222 0 : info12->lockout_threshold);
223 0 : }
224 :
225 0 : static void display_sam_dom_info_13(struct samr_DomInfo13 *info13)
226 : {
227 0 : printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num);
228 0 : printf("Domain Create Time:\t%s\n",
229 : http_timestring(talloc_tos(), nt_time_to_unix(info13->domain_create_time)));
230 0 : printf("Sequence No at last promotion:\t%llu\n",
231 0 : (unsigned long long)info13->modified_count_at_last_promotion);
232 0 : }
233 :
234 0 : static void display_sam_info_1(struct samr_DispEntryGeneral *r)
235 : {
236 0 : printf("index: 0x%x ", r->idx);
237 0 : printf("RID: 0x%x ", r->rid);
238 0 : printf("acb: 0x%08x ", r->acct_flags);
239 0 : printf("Account: %s\t", r->account_name.string);
240 0 : printf("Name: %s\t", r->full_name.string);
241 0 : printf("Desc: %s\n", r->description.string);
242 0 : }
243 :
244 0 : static void display_sam_info_2(struct samr_DispEntryFull *r)
245 : {
246 0 : printf("index: 0x%x ", r->idx);
247 0 : printf("RID: 0x%x ", r->rid);
248 0 : printf("acb: 0x%08x ", r->acct_flags);
249 0 : printf("Account: %s\t", r->account_name.string);
250 0 : printf("Desc: %s\n", r->description.string);
251 0 : }
252 :
253 0 : static void display_sam_info_3(struct samr_DispEntryFullGroup *r)
254 : {
255 0 : printf("index: 0x%x ", r->idx);
256 0 : printf("RID: 0x%x ", r->rid);
257 0 : printf("acb: 0x%08x ", r->acct_flags);
258 0 : printf("Account: %s\t", r->account_name.string);
259 0 : printf("Desc: %s\n", r->description.string);
260 0 : }
261 :
262 0 : static void display_sam_info_4(struct samr_DispEntryAscii *r)
263 : {
264 0 : printf("index: 0x%x ", r->idx);
265 0 : printf("Account: %s\n", r->account_name.string);
266 0 : }
267 :
268 0 : static void display_sam_info_5(struct samr_DispEntryAscii *r)
269 : {
270 0 : printf("index: 0x%x ", r->idx);
271 0 : printf("Account: %s\n", r->account_name.string);
272 0 : }
273 :
274 0 : static NTSTATUS rpccli_try_samr_connects(
275 : struct rpc_pipe_client *cli,
276 : TALLOC_CTX *mem_ctx,
277 : uint32_t access_mask,
278 : struct policy_handle *connect_pol)
279 : {
280 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
281 : NTSTATUS status;
282 0 : NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
283 0 : uint32_t start_idx = 0;
284 : uint32_t i, num_entries;
285 0 : struct samr_SamArray *sam = NULL;
286 0 : struct dom_sid *domsid = NULL;
287 :
288 0 : status = dcerpc_try_samr_connects(
289 : b,
290 : mem_ctx,
291 0 : cli->srv_name_slash,
292 : access_mask,
293 : connect_pol,
294 : &result);
295 0 : if (!NT_STATUS_IS_OK(status)) {
296 0 : return status;
297 : }
298 0 : if (!NT_STATUS_IS_OK(result)) {
299 0 : return result;
300 : }
301 :
302 0 : if (!is_null_sid(&domain_sid)) {
303 0 : return NT_STATUS_OK;
304 : }
305 :
306 : /*
307 : * Look up the servers domain SID. Just pick the first
308 : * non-builtin domain from samr_EnumDomains.
309 : */
310 :
311 0 : status = dcerpc_samr_EnumDomains(
312 : b,
313 : mem_ctx,
314 : connect_pol,
315 : &start_idx,
316 : &sam,
317 : 0xffff,
318 : &num_entries,
319 : &result);
320 0 : if (!NT_STATUS_IS_OK(status)) {
321 0 : goto fail;
322 : }
323 0 : if (!NT_STATUS_IS_OK(result)) {
324 0 : status = result;
325 0 : goto fail;
326 : }
327 :
328 0 : for (i=0; i<num_entries; i++) {
329 0 : if (!strequal(sam->entries[i].name.string, "builtin")) {
330 0 : break;
331 : }
332 : }
333 0 : if (i == num_entries) {
334 0 : status = NT_STATUS_NOT_FOUND;
335 0 : goto fail;
336 : }
337 :
338 0 : status = dcerpc_samr_LookupDomain(
339 : b,
340 : mem_ctx,
341 : connect_pol,
342 0 : &sam->entries[i].name,
343 : &domsid,
344 : &result);
345 0 : if (!NT_STATUS_IS_OK(status)) {
346 0 : goto fail;
347 : }
348 0 : if (!NT_STATUS_IS_OK(result)) {
349 0 : status = result;
350 0 : goto fail;
351 : }
352 :
353 0 : sid_copy(&domain_sid, domsid);
354 0 : TALLOC_FREE(domsid);
355 :
356 0 : return NT_STATUS_OK;
357 :
358 0 : fail:
359 0 : dcerpc_samr_Close(b, mem_ctx, connect_pol, &result);
360 0 : return status;
361 : }
362 :
363 : /****************************************************************************
364 : ****************************************************************************/
365 :
366 0 : static NTSTATUS get_domain_handle(struct rpc_pipe_client *cli,
367 : TALLOC_CTX *mem_ctx,
368 : const char *sam,
369 : struct policy_handle *connect_pol,
370 : uint32_t access_mask,
371 : struct dom_sid *_domain_sid,
372 : struct policy_handle *domain_pol)
373 : {
374 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
375 0 : NTSTATUS status = NT_STATUS_INVALID_PARAMETER, result;
376 :
377 0 : if (strcasecmp_m(sam, "domain") == 0) {
378 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
379 : connect_pol,
380 : access_mask,
381 : _domain_sid,
382 : domain_pol,
383 : &result);
384 0 : } else if (strcasecmp_m(sam, "builtin") == 0) {
385 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
386 : connect_pol,
387 : access_mask,
388 : discard_const_p(struct dom_sid2, &global_sid_Builtin),
389 : domain_pol,
390 : &result);
391 : }
392 :
393 0 : if (!NT_STATUS_IS_OK(status)) {
394 0 : return status;
395 : }
396 :
397 0 : return result;
398 : }
399 :
400 : /**********************************************************************
401 : * Query user information
402 : */
403 2 : static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli,
404 : TALLOC_CTX *mem_ctx,
405 : int argc, const char **argv)
406 : {
407 : struct policy_handle connect_pol, domain_pol, user_pol;
408 : NTSTATUS status, result;
409 2 : uint32_t info_level = 21;
410 2 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
411 2 : union samr_UserInfo *info = NULL;
412 2 : uint32_t user_rid = 0;
413 2 : struct dcerpc_binding_handle *b = cli->binding_handle;
414 :
415 2 : if ((argc < 2) || (argc > 4)) {
416 2 : printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
417 2 : return NT_STATUS_OK;
418 : }
419 :
420 0 : sscanf(argv[1], "%i", &user_rid);
421 :
422 0 : if (argc > 2)
423 0 : sscanf(argv[2], "%i", &info_level);
424 :
425 0 : if (argc > 3)
426 0 : sscanf(argv[3], "%x", &access_mask);
427 :
428 :
429 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
430 : MAXIMUM_ALLOWED_ACCESS,
431 : &connect_pol);
432 0 : if (!NT_STATUS_IS_OK(status)) {
433 0 : goto done;
434 : }
435 :
436 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
437 : &connect_pol,
438 : MAXIMUM_ALLOWED_ACCESS,
439 : &domain_sid,
440 : &domain_pol,
441 : &result);
442 0 : if (!NT_STATUS_IS_OK(status)) {
443 0 : goto done;
444 : }
445 0 : if (!NT_STATUS_IS_OK(result)) {
446 0 : status = result;
447 0 : goto done;
448 : }
449 :
450 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
451 : &domain_pol,
452 : access_mask,
453 : user_rid,
454 : &user_pol,
455 : &result);
456 0 : if (!NT_STATUS_IS_OK(status)) {
457 0 : goto done;
458 : }
459 0 : if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
460 0 : (user_rid == 0)) {
461 :
462 : /* Probably this was a user name, try lookupnames */
463 : struct samr_Ids rids, types;
464 : struct lsa_String lsa_acct_name;
465 :
466 0 : init_lsa_String(&lsa_acct_name, argv[1]);
467 :
468 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
469 : &domain_pol,
470 : 1,
471 : &lsa_acct_name,
472 : &rids,
473 : &types,
474 : &result);
475 0 : if (!NT_STATUS_IS_OK(status)) {
476 0 : goto done;
477 : }
478 :
479 0 : if (NT_STATUS_IS_OK(result)) {
480 0 : if (rids.count != 1) {
481 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
482 0 : goto done;
483 : }
484 0 : if (types.count != 1) {
485 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
486 0 : goto done;
487 : }
488 :
489 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
490 : &domain_pol,
491 : access_mask,
492 0 : rids.ids[0],
493 : &user_pol,
494 : &result);
495 0 : if (!NT_STATUS_IS_OK(status)) {
496 0 : goto done;
497 : }
498 : }
499 : }
500 :
501 :
502 0 : if (!NT_STATUS_IS_OK(result)) {
503 0 : status = result;
504 0 : goto done;
505 : }
506 :
507 0 : status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
508 : &user_pol,
509 : info_level,
510 : &info,
511 : &result);
512 0 : if (!NT_STATUS_IS_OK(status)) {
513 0 : goto done;
514 : }
515 0 : if (!NT_STATUS_IS_OK(result)) {
516 0 : status = result;
517 0 : goto done;
518 : }
519 :
520 0 : switch (info_level) {
521 0 : case 7:
522 0 : display_samr_user_info_7(&info->info7);
523 0 : break;
524 0 : case 9:
525 0 : display_samr_user_info_9(&info->info9);
526 0 : break;
527 0 : case 16:
528 0 : display_samr_user_info_16(&info->info16);
529 0 : break;
530 0 : case 20:
531 0 : display_samr_user_info_20(&info->info20);
532 0 : break;
533 0 : case 21:
534 0 : display_samr_user_info_21(&info->info21);
535 0 : break;
536 0 : default:
537 0 : printf("Unsupported infolevel: %d\n", info_level);
538 0 : break;
539 : }
540 :
541 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
542 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
543 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
544 :
545 0 : done:
546 0 : return status;
547 : }
548 :
549 : /****************************************************************************
550 : display group info
551 : ****************************************************************************/
552 0 : static void display_group_info1(struct samr_GroupInfoAll *info1)
553 : {
554 0 : printf("\tGroup Name:\t%s\n", info1->name.string);
555 0 : printf("\tDescription:\t%s\n", info1->description.string);
556 0 : printf("\tGroup Attribute:%d\n", info1->attributes);
557 0 : printf("\tNum Members:%d\n", info1->num_members);
558 0 : }
559 :
560 : /****************************************************************************
561 : display group info
562 : ****************************************************************************/
563 0 : static void display_group_info2(struct lsa_String *info2)
564 : {
565 0 : printf("\tGroup Description:%s\n", info2->string);
566 0 : }
567 :
568 :
569 : /****************************************************************************
570 : display group info
571 : ****************************************************************************/
572 0 : static void display_group_info3(struct samr_GroupInfoAttributes *info3)
573 : {
574 0 : printf("\tGroup Attribute:%d\n", info3->attributes);
575 0 : }
576 :
577 :
578 : /****************************************************************************
579 : display group info
580 : ****************************************************************************/
581 0 : static void display_group_info4(struct lsa_String *info4)
582 : {
583 0 : printf("\tGroup Description:%s\n", info4->string);
584 0 : }
585 :
586 : /****************************************************************************
587 : display group info
588 : ****************************************************************************/
589 0 : static void display_group_info5(struct samr_GroupInfoAll *info5)
590 : {
591 0 : printf("\tGroup Name:\t%s\n", info5->name.string);
592 0 : printf("\tDescription:\t%s\n", info5->description.string);
593 0 : printf("\tGroup Attribute:%d\n", info5->attributes);
594 0 : printf("\tNum Members:%d\n", info5->num_members);
595 0 : }
596 :
597 : /****************************************************************************
598 : display sam sync structure
599 : ****************************************************************************/
600 0 : static void display_group_info(union samr_GroupInfo *info,
601 : enum samr_GroupInfoEnum level)
602 : {
603 0 : switch (level) {
604 0 : case 1:
605 0 : display_group_info1(&info->all);
606 0 : break;
607 0 : case 2:
608 0 : display_group_info2(&info->name);
609 0 : break;
610 0 : case 3:
611 0 : display_group_info3(&info->attributes);
612 0 : break;
613 0 : case 4:
614 0 : display_group_info4(&info->description);
615 0 : break;
616 0 : case 5:
617 0 : display_group_info5(&info->all2);
618 0 : break;
619 : }
620 0 : }
621 :
622 : /***********************************************************************
623 : * Query group information
624 : */
625 0 : static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli,
626 : TALLOC_CTX *mem_ctx,
627 : int argc, const char **argv)
628 : {
629 : struct policy_handle connect_pol, domain_pol, group_pol;
630 : NTSTATUS status, result;
631 0 : enum samr_GroupInfoEnum info_level = GROUPINFOALL;
632 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
633 0 : union samr_GroupInfo *group_info = NULL;
634 : uint32_t group_rid;
635 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
636 :
637 0 : if ((argc < 2) || (argc > 4)) {
638 0 : printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
639 0 : return NT_STATUS_OK;
640 : }
641 :
642 0 : sscanf(argv[1], "%i", &group_rid);
643 :
644 0 : if (argc > 2)
645 0 : info_level = atoi(argv[2]);
646 :
647 0 : if (argc > 3)
648 0 : sscanf(argv[3], "%x", &access_mask);
649 :
650 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
651 : MAXIMUM_ALLOWED_ACCESS,
652 : &connect_pol);
653 0 : if (!NT_STATUS_IS_OK(status)) {
654 0 : goto done;
655 : }
656 :
657 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
658 : &connect_pol,
659 : MAXIMUM_ALLOWED_ACCESS,
660 : &domain_sid,
661 : &domain_pol,
662 : &result);
663 0 : if (!NT_STATUS_IS_OK(status)) {
664 0 : goto done;
665 : }
666 0 : if (!NT_STATUS_IS_OK(result)) {
667 0 : status = result;
668 0 : goto done;
669 : }
670 :
671 0 : status = dcerpc_samr_OpenGroup(b, mem_ctx,
672 : &domain_pol,
673 : access_mask,
674 : group_rid,
675 : &group_pol,
676 : &result);
677 0 : if (!NT_STATUS_IS_OK(status)) {
678 0 : goto done;
679 : }
680 0 : if (!NT_STATUS_IS_OK(result)) {
681 0 : status = result;
682 0 : goto done;
683 : }
684 :
685 0 : status = dcerpc_samr_QueryGroupInfo(b, mem_ctx,
686 : &group_pol,
687 : info_level,
688 : &group_info,
689 : &result);
690 0 : if (!NT_STATUS_IS_OK(status)) {
691 0 : goto done;
692 : }
693 0 : if (!NT_STATUS_IS_OK(result)) {
694 0 : status = result;
695 0 : goto done;
696 : }
697 :
698 0 : display_group_info(group_info, info_level);
699 :
700 0 : dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
701 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
702 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
703 0 : done:
704 0 : return status;
705 : }
706 :
707 : /* Query groups a user is a member of */
708 :
709 0 : static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli,
710 : TALLOC_CTX *mem_ctx,
711 : int argc, const char **argv)
712 : {
713 : struct policy_handle connect_pol,
714 : domain_pol,
715 : user_pol;
716 : NTSTATUS status, result;
717 : uint32_t user_rid;
718 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
719 : int i;
720 0 : struct samr_RidWithAttributeArray *rid_array = NULL;
721 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
722 :
723 0 : if ((argc < 2) || (argc > 3)) {
724 0 : printf("Usage: %s rid [access mask]\n", argv[0]);
725 0 : return NT_STATUS_OK;
726 : }
727 :
728 0 : sscanf(argv[1], "%i", &user_rid);
729 :
730 0 : if (argc > 2)
731 0 : sscanf(argv[2], "%x", &access_mask);
732 :
733 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
734 : MAXIMUM_ALLOWED_ACCESS,
735 : &connect_pol);
736 0 : if (!NT_STATUS_IS_OK(status)) {
737 0 : goto done;
738 : }
739 :
740 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
741 : &connect_pol,
742 : MAXIMUM_ALLOWED_ACCESS,
743 : &domain_sid,
744 : &domain_pol,
745 : &result);
746 0 : if (!NT_STATUS_IS_OK(status)) {
747 0 : goto done;
748 : }
749 0 : if (!NT_STATUS_IS_OK(result)) {
750 0 : status = result;
751 0 : goto done;
752 : }
753 :
754 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
755 : &domain_pol,
756 : access_mask,
757 : user_rid,
758 : &user_pol,
759 : &result);
760 :
761 0 : if (!NT_STATUS_IS_OK(status)) {
762 0 : goto done;
763 : }
764 0 : if (!NT_STATUS_IS_OK(result)) {
765 0 : status = result;
766 0 : goto done;
767 : }
768 :
769 0 : status = dcerpc_samr_GetGroupsForUser(b, mem_ctx,
770 : &user_pol,
771 : &rid_array,
772 : &result);
773 0 : if (!NT_STATUS_IS_OK(status)) {
774 0 : goto done;
775 : }
776 0 : if (!NT_STATUS_IS_OK(result)) {
777 0 : status = result;
778 0 : goto done;
779 : }
780 :
781 0 : for (i = 0; i < rid_array->count; i++) {
782 0 : printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
783 0 : rid_array->rids[i].rid,
784 0 : rid_array->rids[i].attributes);
785 : }
786 :
787 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
788 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
789 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
790 0 : done:
791 0 : return status;
792 : }
793 :
794 : /* Query aliases a user is a member of */
795 :
796 0 : static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
797 : TALLOC_CTX *mem_ctx,
798 : int argc, const char **argv)
799 : {
800 : struct policy_handle connect_pol, domain_pol;
801 : NTSTATUS status, result;
802 : struct dom_sid *sids;
803 : uint32_t num_sids;
804 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
805 : int i;
806 : struct lsa_SidArray sid_array;
807 : struct samr_Ids alias_rids;
808 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
809 :
810 0 : if (argc < 3) {
811 0 : printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
812 0 : return NT_STATUS_INVALID_PARAMETER;
813 : }
814 :
815 0 : sids = NULL;
816 0 : num_sids = 0;
817 :
818 0 : for (i=2; i<argc; i++) {
819 : struct dom_sid tmp_sid;
820 0 : if (!string_to_sid(&tmp_sid, argv[i])) {
821 0 : printf("%s is not a legal SID\n", argv[i]);
822 0 : return NT_STATUS_INVALID_PARAMETER;
823 : }
824 0 : result = add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids);
825 0 : if (!NT_STATUS_IS_OK(result)) {
826 0 : return result;
827 : }
828 : }
829 :
830 0 : if (num_sids) {
831 0 : sid_array.sids = talloc_zero_array(mem_ctx, struct lsa_SidPtr, num_sids);
832 0 : if (sid_array.sids == NULL)
833 0 : return NT_STATUS_NO_MEMORY;
834 : } else {
835 0 : sid_array.sids = NULL;
836 : }
837 :
838 0 : for (i=0; i<num_sids; i++) {
839 0 : sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sids[i]);
840 0 : if (!sid_array.sids[i].sid) {
841 0 : return NT_STATUS_NO_MEMORY;
842 : }
843 : }
844 :
845 0 : sid_array.num_sids = num_sids;
846 :
847 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
848 : MAXIMUM_ALLOWED_ACCESS,
849 : &connect_pol);
850 0 : if (!NT_STATUS_IS_OK(status)) {
851 0 : goto done;
852 : }
853 :
854 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
855 : &connect_pol,
856 : access_mask,
857 : &domain_sid,
858 : &domain_pol);
859 0 : if (!NT_STATUS_IS_OK(status)) {
860 0 : goto done;
861 : }
862 :
863 0 : status = dcerpc_samr_GetAliasMembership(b, mem_ctx,
864 : &domain_pol,
865 : &sid_array,
866 : &alias_rids,
867 : &result);
868 0 : if (!NT_STATUS_IS_OK(status)) {
869 0 : goto done;
870 : }
871 0 : if (!NT_STATUS_IS_OK(result)) {
872 0 : status = result;
873 0 : goto done;
874 : }
875 :
876 0 : for (i = 0; i < alias_rids.count; i++) {
877 0 : printf("\tgroup rid:[0x%x]\n", alias_rids.ids[i]);
878 : }
879 :
880 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
881 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
882 0 : done:
883 0 : return status;
884 : }
885 :
886 : /* Query members of a group */
887 :
888 0 : static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli,
889 : TALLOC_CTX *mem_ctx,
890 : int argc, const char **argv)
891 : {
892 : struct policy_handle connect_pol, domain_pol, group_pol;
893 : NTSTATUS status, result;
894 : uint32_t group_rid;
895 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
896 : int i;
897 : unsigned int old_timeout;
898 0 : struct samr_RidAttrArray *rids = NULL;
899 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
900 :
901 0 : if ((argc < 2) || (argc > 3)) {
902 0 : printf("Usage: %s rid [access mask]\n", argv[0]);
903 0 : return NT_STATUS_OK;
904 : }
905 :
906 0 : sscanf(argv[1], "%i", &group_rid);
907 :
908 0 : if (argc > 2)
909 0 : sscanf(argv[2], "%x", &access_mask);
910 :
911 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
912 : MAXIMUM_ALLOWED_ACCESS,
913 : &connect_pol);
914 0 : if (!NT_STATUS_IS_OK(status)) {
915 0 : goto done;
916 : }
917 :
918 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
919 : &connect_pol,
920 : MAXIMUM_ALLOWED_ACCESS,
921 : &domain_sid,
922 : &domain_pol,
923 : &result);
924 0 : if (!NT_STATUS_IS_OK(status)) {
925 0 : goto done;
926 : }
927 0 : if (!NT_STATUS_IS_OK(result)) {
928 0 : status = result;
929 0 : goto done;
930 : }
931 :
932 0 : status = dcerpc_samr_OpenGroup(b, mem_ctx,
933 : &domain_pol,
934 : access_mask,
935 : group_rid,
936 : &group_pol,
937 : &result);
938 0 : if (!NT_STATUS_IS_OK(status)) {
939 0 : goto done;
940 : }
941 0 : if (!NT_STATUS_IS_OK(result)) {
942 0 : status = result;
943 0 : goto done;
944 : }
945 :
946 : /* Make sure to wait for our DC's reply */
947 0 : old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
948 0 : rpccli_set_timeout(cli, MAX(30000, old_timeout)); /* At least 30 sec */
949 :
950 0 : status = dcerpc_samr_QueryGroupMember(b, mem_ctx,
951 : &group_pol,
952 : &rids,
953 : &result);
954 :
955 0 : rpccli_set_timeout(cli, old_timeout);
956 :
957 0 : if (!NT_STATUS_IS_OK(status)) {
958 0 : goto done;
959 : }
960 0 : if (!NT_STATUS_IS_OK(result)) {
961 0 : status = result;
962 0 : goto done;
963 : }
964 :
965 0 : for (i = 0; i < rids->count; i++) {
966 0 : printf("\trid:[0x%x] attr:[0x%x]\n", rids->rids[i],
967 0 : rids->attributes[i]);
968 : }
969 :
970 0 : dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
971 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
972 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
973 0 : done:
974 0 : return status;
975 : }
976 :
977 : /* Enumerate domain users */
978 :
979 0 : static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
980 : TALLOC_CTX *mem_ctx,
981 : int argc, const char **argv)
982 : {
983 : struct policy_handle connect_pol;
984 0 : struct policy_handle domain_pol = { 0, };
985 : NTSTATUS status, result;
986 : uint32_t start_idx, num_dom_users, i;
987 0 : struct samr_SamArray *dom_users = NULL;
988 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
989 0 : uint32_t acb_mask = ACB_NORMAL;
990 0 : uint32_t size = 0xffff;
991 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
992 :
993 0 : if ((argc < 1) || (argc > 4)) {
994 0 : printf("Usage: %s [access_mask] [acb_mask] [size]\n", argv[0]);
995 0 : return NT_STATUS_OK;
996 : }
997 :
998 0 : if (argc > 1) {
999 0 : sscanf(argv[1], "%x", &access_mask);
1000 : }
1001 :
1002 0 : if (argc > 2) {
1003 0 : sscanf(argv[2], "%x", &acb_mask);
1004 : }
1005 :
1006 0 : if (argc > 3) {
1007 0 : sscanf(argv[3], "%x", &size);
1008 : }
1009 :
1010 : /* Get sam policy handle */
1011 :
1012 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1013 : MAXIMUM_ALLOWED_ACCESS,
1014 : &connect_pol);
1015 0 : if (!NT_STATUS_IS_OK(status)) {
1016 0 : goto done;
1017 : }
1018 :
1019 : /* Get domain policy handle */
1020 :
1021 0 : status = get_domain_handle(cli, mem_ctx, "domain",
1022 : &connect_pol,
1023 : access_mask,
1024 : &domain_sid,
1025 : &domain_pol);
1026 0 : if (!NT_STATUS_IS_OK(status)) {
1027 0 : goto done;
1028 : }
1029 :
1030 : /* Enumerate domain users */
1031 :
1032 0 : start_idx = 0;
1033 :
1034 : do {
1035 0 : status = dcerpc_samr_EnumDomainUsers(b, mem_ctx,
1036 : &domain_pol,
1037 : &start_idx,
1038 : acb_mask,
1039 : &dom_users,
1040 : size,
1041 : &num_dom_users,
1042 : &result);
1043 0 : if (!NT_STATUS_IS_OK(status)) {
1044 0 : goto done;
1045 : }
1046 0 : if (NT_STATUS_IS_OK(result) ||
1047 0 : NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1048 :
1049 0 : for (i = 0; i < num_dom_users; i++)
1050 0 : printf("user:[%s] rid:[0x%x]\n",
1051 0 : dom_users->entries[i].name.string,
1052 0 : dom_users->entries[i].idx);
1053 : }
1054 :
1055 0 : } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1056 :
1057 0 : done:
1058 0 : if (is_valid_policy_hnd(&domain_pol))
1059 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1060 :
1061 0 : if (is_valid_policy_hnd(&connect_pol))
1062 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1063 :
1064 0 : return status;
1065 : }
1066 :
1067 : /* Enumerate domain groups */
1068 :
1069 0 : static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
1070 : TALLOC_CTX *mem_ctx,
1071 : int argc, const char **argv)
1072 : {
1073 : struct policy_handle connect_pol;
1074 0 : struct policy_handle domain_pol = { 0, };
1075 : NTSTATUS status, result;
1076 : uint32_t start_idx, num_dom_groups, i;
1077 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1078 0 : struct samr_SamArray *dom_groups = NULL;
1079 0 : uint32_t size = 0xffff;
1080 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1081 :
1082 0 : if ((argc < 1) || (argc > 3)) {
1083 0 : printf("Usage: %s [access_mask] [max_size]\n", argv[0]);
1084 0 : return NT_STATUS_OK;
1085 : }
1086 :
1087 0 : if (argc > 1) {
1088 0 : sscanf(argv[1], "%x", &access_mask);
1089 : }
1090 :
1091 0 : if (argc > 2) {
1092 0 : sscanf(argv[2], "%x", &size);
1093 : }
1094 :
1095 : /* Get sam policy handle */
1096 :
1097 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1098 : MAXIMUM_ALLOWED_ACCESS,
1099 : &connect_pol);
1100 0 : if (!NT_STATUS_IS_OK(status)) {
1101 0 : goto done;
1102 : }
1103 :
1104 : /* Get domain policy handle */
1105 :
1106 0 : status = get_domain_handle(cli, mem_ctx, "domain",
1107 : &connect_pol,
1108 : access_mask,
1109 : &domain_sid,
1110 : &domain_pol);
1111 0 : if (!NT_STATUS_IS_OK(status)) {
1112 0 : goto done;
1113 : }
1114 :
1115 : /* Enumerate domain groups */
1116 :
1117 0 : start_idx = 0;
1118 :
1119 : do {
1120 0 : status = dcerpc_samr_EnumDomainGroups(b, mem_ctx,
1121 : &domain_pol,
1122 : &start_idx,
1123 : &dom_groups,
1124 : size,
1125 : &num_dom_groups,
1126 : &result);
1127 0 : if (!NT_STATUS_IS_OK(status)) {
1128 0 : goto done;
1129 : }
1130 0 : if (NT_STATUS_IS_OK(result) ||
1131 0 : NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1132 :
1133 0 : for (i = 0; i < num_dom_groups; i++)
1134 0 : printf("group:[%s] rid:[0x%x]\n",
1135 0 : dom_groups->entries[i].name.string,
1136 0 : dom_groups->entries[i].idx);
1137 : }
1138 :
1139 0 : } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1140 :
1141 0 : done:
1142 0 : if (is_valid_policy_hnd(&domain_pol))
1143 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1144 :
1145 0 : if (is_valid_policy_hnd(&connect_pol))
1146 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1147 :
1148 0 : return status;
1149 : }
1150 :
1151 : /* Enumerate alias groups */
1152 :
1153 0 : static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli,
1154 : TALLOC_CTX *mem_ctx,
1155 : int argc, const char **argv)
1156 : {
1157 : struct policy_handle connect_pol;
1158 0 : struct policy_handle domain_pol = { 0, };
1159 : NTSTATUS status, result;
1160 : uint32_t start_idx, num_als_groups, i;
1161 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1162 0 : struct samr_SamArray *als_groups = NULL;
1163 0 : uint32_t size = 0xffff;
1164 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1165 :
1166 0 : if ((argc < 2) || (argc > 4)) {
1167 0 : printf("Usage: %s builtin|domain [access mask] [max_size]\n", argv[0]);
1168 0 : return NT_STATUS_OK;
1169 : }
1170 :
1171 0 : if (argc > 2) {
1172 0 : sscanf(argv[2], "%x", &access_mask);
1173 : }
1174 :
1175 0 : if (argc > 3) {
1176 0 : sscanf(argv[3], "%x", &size);
1177 : }
1178 :
1179 : /* Get sam policy handle */
1180 :
1181 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1182 : MAXIMUM_ALLOWED_ACCESS,
1183 : &connect_pol);
1184 0 : if (!NT_STATUS_IS_OK(status)) {
1185 0 : goto done;
1186 : }
1187 :
1188 : /* Get domain policy handle */
1189 :
1190 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
1191 : &connect_pol,
1192 : access_mask,
1193 : &domain_sid,
1194 : &domain_pol);
1195 0 : if (!NT_STATUS_IS_OK(status)) {
1196 0 : goto done;
1197 : }
1198 :
1199 : /* Enumerate alias groups */
1200 :
1201 0 : start_idx = 0;
1202 :
1203 : do {
1204 0 : status = dcerpc_samr_EnumDomainAliases(b, mem_ctx,
1205 : &domain_pol,
1206 : &start_idx,
1207 : &als_groups,
1208 : size,
1209 : &num_als_groups,
1210 : &result);
1211 0 : if (!NT_STATUS_IS_OK(status)) {
1212 0 : goto done;
1213 : }
1214 0 : if (NT_STATUS_IS_OK(result) ||
1215 0 : NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1216 :
1217 0 : for (i = 0; i < num_als_groups; i++)
1218 0 : printf("group:[%s] rid:[0x%x]\n",
1219 0 : als_groups->entries[i].name.string,
1220 0 : als_groups->entries[i].idx);
1221 : }
1222 0 : } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1223 :
1224 0 : done:
1225 0 : if (is_valid_policy_hnd(&domain_pol))
1226 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1227 :
1228 0 : if (is_valid_policy_hnd(&connect_pol))
1229 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1230 :
1231 0 : return status;
1232 : }
1233 :
1234 : /* Enumerate domains */
1235 :
1236 0 : static NTSTATUS cmd_samr_enum_domains(struct rpc_pipe_client *cli,
1237 : TALLOC_CTX *mem_ctx,
1238 : int argc, const char **argv)
1239 : {
1240 : struct policy_handle connect_pol;
1241 : NTSTATUS status, result;
1242 : uint32_t start_idx, size, num_entries, i;
1243 0 : uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1244 0 : struct samr_SamArray *sam = NULL;
1245 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1246 :
1247 0 : if ((argc < 1) || (argc > 2)) {
1248 0 : printf("Usage: %s [access mask]\n", argv[0]);
1249 0 : return NT_STATUS_OK;
1250 : }
1251 :
1252 0 : if (argc > 1) {
1253 0 : sscanf(argv[1], "%x", &access_mask);
1254 : }
1255 :
1256 : /* Get sam policy handle */
1257 :
1258 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1259 : access_mask,
1260 : &connect_pol);
1261 0 : if (!NT_STATUS_IS_OK(status)) {
1262 0 : goto done;
1263 : }
1264 :
1265 : /* Enumerate domains */
1266 :
1267 0 : start_idx = 0;
1268 0 : size = 0xffff;
1269 :
1270 : do {
1271 0 : status = dcerpc_samr_EnumDomains(b, mem_ctx,
1272 : &connect_pol,
1273 : &start_idx,
1274 : &sam,
1275 : size,
1276 : &num_entries,
1277 : &result);
1278 0 : if (!NT_STATUS_IS_OK(status)) {
1279 0 : goto done;
1280 : }
1281 0 : if (NT_STATUS_IS_OK(result) ||
1282 0 : NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1283 :
1284 0 : for (i = 0; i < num_entries; i++)
1285 0 : printf("name:[%s] idx:[0x%x]\n",
1286 0 : sam->entries[i].name.string,
1287 0 : sam->entries[i].idx);
1288 : }
1289 0 : } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1290 :
1291 0 : done:
1292 0 : if (is_valid_policy_hnd(&connect_pol)) {
1293 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1294 : }
1295 :
1296 0 : return status;
1297 : }
1298 :
1299 :
1300 : /* Query alias membership */
1301 :
1302 0 : static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli,
1303 : TALLOC_CTX *mem_ctx,
1304 : int argc, const char **argv)
1305 : {
1306 : struct policy_handle connect_pol, domain_pol, alias_pol;
1307 : NTSTATUS status, result;
1308 : uint32_t alias_rid, i;
1309 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1310 : struct lsa_SidArray sid_array;
1311 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1312 :
1313 0 : if ((argc < 3) || (argc > 4)) {
1314 0 : printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
1315 0 : return NT_STATUS_OK;
1316 : }
1317 :
1318 0 : sscanf(argv[2], "%i", &alias_rid);
1319 :
1320 0 : if (argc > 3)
1321 0 : sscanf(argv[3], "%x", &access_mask);
1322 :
1323 : /* Open SAMR handle */
1324 :
1325 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1326 : MAXIMUM_ALLOWED_ACCESS,
1327 : &connect_pol);
1328 0 : if (!NT_STATUS_IS_OK(status)) {
1329 0 : goto done;
1330 : }
1331 :
1332 : /* Open handle on domain */
1333 :
1334 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
1335 : &connect_pol,
1336 : MAXIMUM_ALLOWED_ACCESS,
1337 : &domain_sid,
1338 : &domain_pol);
1339 0 : if (!NT_STATUS_IS_OK(status)) {
1340 0 : goto done;
1341 : }
1342 :
1343 : /* Open handle on alias */
1344 :
1345 0 : status = dcerpc_samr_OpenAlias(b, mem_ctx,
1346 : &domain_pol,
1347 : access_mask,
1348 : alias_rid,
1349 : &alias_pol,
1350 : &result);
1351 0 : if (!NT_STATUS_IS_OK(status)) {
1352 0 : goto done;
1353 : }
1354 0 : if (!NT_STATUS_IS_OK(result)) {
1355 0 : status = result;
1356 0 : goto done;
1357 : }
1358 :
1359 0 : status = dcerpc_samr_GetMembersInAlias(b, mem_ctx,
1360 : &alias_pol,
1361 : &sid_array,
1362 : &result);
1363 0 : if (!NT_STATUS_IS_OK(status)) {
1364 0 : goto done;
1365 : }
1366 0 : if (!NT_STATUS_IS_OK(result)) {
1367 0 : status = result;
1368 0 : goto done;
1369 : }
1370 :
1371 0 : for (i = 0; i < sid_array.num_sids; i++) {
1372 : struct dom_sid_buf sid_str;
1373 :
1374 0 : printf("\tsid:[%s]\n",
1375 0 : dom_sid_str_buf(sid_array.sids[i].sid, &sid_str));
1376 : }
1377 :
1378 0 : dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
1379 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1380 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1381 0 : done:
1382 0 : return status;
1383 : }
1384 :
1385 : /* Query alias info */
1386 :
1387 0 : static NTSTATUS cmd_samr_query_aliasinfo(struct rpc_pipe_client *cli,
1388 : TALLOC_CTX *mem_ctx,
1389 : int argc, const char **argv)
1390 : {
1391 : struct policy_handle connect_pol, domain_pol, alias_pol;
1392 : NTSTATUS status, result;
1393 : uint32_t alias_rid;
1394 0 : uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1395 0 : union samr_AliasInfo *info = NULL;
1396 0 : enum samr_AliasInfoEnum level = ALIASINFOALL;
1397 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1398 :
1399 0 : if ((argc < 3) || (argc > 4)) {
1400 0 : printf("Usage: %s builtin|domain rid [level] [access mask]\n",
1401 : argv[0]);
1402 0 : return NT_STATUS_OK;
1403 : }
1404 :
1405 0 : sscanf(argv[2], "%i", &alias_rid);
1406 :
1407 0 : if (argc > 2) {
1408 0 : level = atoi(argv[3]);
1409 : }
1410 :
1411 0 : if (argc > 3) {
1412 0 : sscanf(argv[4], "%x", &access_mask);
1413 : }
1414 :
1415 : /* Open SAMR handle */
1416 :
1417 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1418 : SEC_FLAG_MAXIMUM_ALLOWED,
1419 : &connect_pol);
1420 0 : if (!NT_STATUS_IS_OK(status)) {
1421 0 : goto done;
1422 : }
1423 :
1424 : /* Open handle on domain */
1425 :
1426 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
1427 : &connect_pol,
1428 : SEC_FLAG_MAXIMUM_ALLOWED,
1429 : &domain_sid,
1430 : &domain_pol);
1431 0 : if (!NT_STATUS_IS_OK(status)) {
1432 0 : goto done;
1433 : }
1434 :
1435 : /* Open handle on alias */
1436 :
1437 0 : status = dcerpc_samr_OpenAlias(b, mem_ctx,
1438 : &domain_pol,
1439 : access_mask,
1440 : alias_rid,
1441 : &alias_pol,
1442 : &result);
1443 0 : if (!NT_STATUS_IS_OK(status)) {
1444 0 : goto done;
1445 : }
1446 0 : if (!NT_STATUS_IS_OK(result)) {
1447 0 : status = result;
1448 0 : goto done;
1449 : }
1450 :
1451 0 : status = dcerpc_samr_QueryAliasInfo(b, mem_ctx,
1452 : &alias_pol,
1453 : level,
1454 : &info,
1455 : &result);
1456 0 : if (!NT_STATUS_IS_OK(status)) {
1457 0 : goto done;
1458 : }
1459 0 : if (!NT_STATUS_IS_OK(result)) {
1460 0 : status = result;
1461 0 : goto done;
1462 : }
1463 :
1464 0 : switch (level) {
1465 0 : case ALIASINFOALL:
1466 0 : printf("Name: %s\n", info->all.name.string);
1467 0 : printf("Description: %s\n", info->all.description.string);
1468 0 : printf("Num Members: %d\n", info->all.num_members);
1469 0 : break;
1470 0 : case ALIASINFONAME:
1471 0 : printf("Name: %s\n", info->name.string);
1472 0 : break;
1473 0 : case ALIASINFODESCRIPTION:
1474 0 : printf("Description: %s\n", info->description.string);
1475 0 : break;
1476 0 : default:
1477 0 : break;
1478 : }
1479 :
1480 0 : dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
1481 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1482 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1483 0 : done:
1484 0 : return status;
1485 : }
1486 :
1487 :
1488 : /* Query delete an alias membership */
1489 :
1490 0 : static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli,
1491 : TALLOC_CTX *mem_ctx,
1492 : int argc, const char **argv)
1493 : {
1494 : struct policy_handle connect_pol, domain_pol, alias_pol;
1495 : NTSTATUS status, result;
1496 : uint32_t alias_rid;
1497 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1498 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1499 0 : int error = 0;
1500 :
1501 0 : if (argc != 3) {
1502 0 : printf("Usage: %s builtin|domain [rid|name]\n", argv[0]);
1503 0 : return NT_STATUS_OK;
1504 : }
1505 :
1506 0 : alias_rid = smb_strtoul(argv[2], NULL, 10, &error, SMB_STR_STANDARD);
1507 0 : if (error != 0) {
1508 0 : return NT_STATUS_INVALID_PARAMETER;
1509 : }
1510 :
1511 :
1512 : /* Open SAMR handle */
1513 :
1514 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1515 : MAXIMUM_ALLOWED_ACCESS,
1516 : &connect_pol);
1517 0 : if (!NT_STATUS_IS_OK(status)) {
1518 0 : goto done;
1519 : }
1520 :
1521 : /* Open handle on domain */
1522 :
1523 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
1524 : &connect_pol,
1525 : MAXIMUM_ALLOWED_ACCESS,
1526 : &domain_sid,
1527 : &domain_pol);
1528 0 : if (!NT_STATUS_IS_OK(status)) {
1529 0 : goto done;
1530 : }
1531 :
1532 : /* Open handle on alias */
1533 :
1534 0 : status = dcerpc_samr_OpenAlias(b, mem_ctx,
1535 : &domain_pol,
1536 : access_mask,
1537 : alias_rid,
1538 : &alias_pol,
1539 : &result);
1540 0 : if (!NT_STATUS_IS_OK(status)) {
1541 0 : goto done;
1542 : }
1543 0 : if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
1544 : /* Probably this was a user name, try lookupnames */
1545 : struct samr_Ids rids, types;
1546 : struct lsa_String lsa_acct_name;
1547 :
1548 0 : init_lsa_String(&lsa_acct_name, argv[2]);
1549 :
1550 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
1551 : &domain_pol,
1552 : 1,
1553 : &lsa_acct_name,
1554 : &rids,
1555 : &types,
1556 : &result);
1557 0 : if (!NT_STATUS_IS_OK(status)) {
1558 0 : goto done;
1559 : }
1560 0 : if (NT_STATUS_IS_OK(result)) {
1561 0 : if (rids.count != 1) {
1562 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
1563 0 : goto done;
1564 : }
1565 0 : if (types.count != 1) {
1566 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
1567 0 : goto done;
1568 : }
1569 :
1570 0 : status = dcerpc_samr_OpenAlias(b, mem_ctx,
1571 : &domain_pol,
1572 : access_mask,
1573 0 : rids.ids[0],
1574 : &alias_pol,
1575 : &result);
1576 0 : if (!NT_STATUS_IS_OK(status)) {
1577 0 : goto done;
1578 : }
1579 : }
1580 : }
1581 :
1582 0 : status = dcerpc_samr_DeleteDomAlias(b, mem_ctx,
1583 : &alias_pol,
1584 : &result);
1585 0 : if (!NT_STATUS_IS_OK(status)) {
1586 0 : goto done;
1587 : }
1588 0 : if (!NT_STATUS_IS_OK(result)) {
1589 0 : status = result;
1590 0 : goto done;
1591 : }
1592 :
1593 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1594 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1595 0 : done:
1596 0 : return status;
1597 : }
1598 :
1599 : /* Query display info */
1600 :
1601 0 : static NTSTATUS cmd_samr_query_dispinfo_internal(struct rpc_pipe_client *cli,
1602 : TALLOC_CTX *mem_ctx,
1603 : int argc, const char **argv,
1604 : uint32_t opcode)
1605 : {
1606 : struct policy_handle connect_pol, domain_pol;
1607 : NTSTATUS status, result;
1608 0 : uint32_t start_idx=0, max_entries=250, max_size = 0xffff, num_entries = 0, i;
1609 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1610 0 : uint32_t info_level = 1;
1611 : union samr_DispInfo info;
1612 0 : int loop_count = 0;
1613 0 : bool got_params = False; /* Use get_query_dispinfo_params() or not? */
1614 : uint32_t total_size, returned_size;
1615 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1616 :
1617 0 : if (argc > 6) {
1618 0 : printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1619 0 : return NT_STATUS_OK;
1620 : }
1621 :
1622 0 : if (argc >= 2)
1623 0 : sscanf(argv[1], "%i", &info_level);
1624 :
1625 0 : if (argc >= 3)
1626 0 : sscanf(argv[2], "%i", &start_idx);
1627 :
1628 0 : if (argc >= 4) {
1629 0 : sscanf(argv[3], "%i", &max_entries);
1630 0 : got_params = True;
1631 : }
1632 :
1633 0 : if (argc >= 5) {
1634 0 : sscanf(argv[4], "%i", &max_size);
1635 0 : got_params = True;
1636 : }
1637 :
1638 0 : if (argc >= 6)
1639 0 : sscanf(argv[5], "%x", &access_mask);
1640 :
1641 : /* Get sam policy handle */
1642 :
1643 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1644 : MAXIMUM_ALLOWED_ACCESS,
1645 : &connect_pol);
1646 0 : if (!NT_STATUS_IS_OK(status)) {
1647 0 : goto done;
1648 : }
1649 :
1650 : /* Get domain policy handle */
1651 :
1652 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
1653 : &connect_pol,
1654 : access_mask,
1655 : &domain_sid,
1656 : &domain_pol,
1657 : &result);
1658 0 : if (!NT_STATUS_IS_OK(status)) {
1659 0 : goto done;
1660 : }
1661 0 : if (!NT_STATUS_IS_OK(result)) {
1662 0 : status = result;
1663 0 : goto done;
1664 : }
1665 :
1666 : /* Query display info */
1667 :
1668 : do {
1669 :
1670 0 : if (!got_params)
1671 0 : dcerpc_get_query_dispinfo_params(
1672 : loop_count, &max_entries, &max_size);
1673 :
1674 0 : switch (opcode) {
1675 0 : case NDR_SAMR_QUERYDISPLAYINFO:
1676 0 : status = dcerpc_samr_QueryDisplayInfo(b, mem_ctx,
1677 : &domain_pol,
1678 : info_level,
1679 : start_idx,
1680 : max_entries,
1681 : max_size,
1682 : &total_size,
1683 : &returned_size,
1684 : &info,
1685 : &result);
1686 0 : break;
1687 0 : case NDR_SAMR_QUERYDISPLAYINFO2:
1688 0 : status = dcerpc_samr_QueryDisplayInfo2(b, mem_ctx,
1689 : &domain_pol,
1690 : info_level,
1691 : start_idx,
1692 : max_entries,
1693 : max_size,
1694 : &total_size,
1695 : &returned_size,
1696 : &info,
1697 : &result);
1698 :
1699 0 : break;
1700 0 : case NDR_SAMR_QUERYDISPLAYINFO3:
1701 0 : status = dcerpc_samr_QueryDisplayInfo3(b, mem_ctx,
1702 : &domain_pol,
1703 : info_level,
1704 : start_idx,
1705 : max_entries,
1706 : max_size,
1707 : &total_size,
1708 : &returned_size,
1709 : &info,
1710 : &result);
1711 :
1712 0 : break;
1713 0 : default:
1714 0 : return NT_STATUS_INVALID_PARAMETER;
1715 : }
1716 :
1717 0 : if (!NT_STATUS_IS_OK(status)) {
1718 0 : break;
1719 : }
1720 0 : status = result;
1721 0 : if (!NT_STATUS_IS_OK(result) &&
1722 0 : !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
1723 0 : !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
1724 0 : break;
1725 : }
1726 :
1727 0 : loop_count++;
1728 :
1729 0 : switch (info_level) {
1730 0 : case 1:
1731 0 : num_entries = info.info1.count;
1732 0 : break;
1733 0 : case 2:
1734 0 : num_entries = info.info2.count;
1735 0 : break;
1736 0 : case 3:
1737 0 : num_entries = info.info3.count;
1738 0 : break;
1739 0 : case 4:
1740 0 : num_entries = info.info4.count;
1741 0 : break;
1742 0 : case 5:
1743 0 : num_entries = info.info5.count;
1744 0 : break;
1745 0 : default:
1746 0 : break;
1747 : }
1748 :
1749 0 : start_idx += num_entries;
1750 :
1751 0 : if (num_entries == 0)
1752 0 : break;
1753 :
1754 0 : for (i = 0; i < num_entries; i++) {
1755 0 : switch (info_level) {
1756 0 : case 1:
1757 0 : display_sam_info_1(&info.info1.entries[i]);
1758 0 : break;
1759 0 : case 2:
1760 0 : display_sam_info_2(&info.info2.entries[i]);
1761 0 : break;
1762 0 : case 3:
1763 0 : display_sam_info_3(&info.info3.entries[i]);
1764 0 : break;
1765 0 : case 4:
1766 0 : display_sam_info_4(&info.info4.entries[i]);
1767 0 : break;
1768 0 : case 5:
1769 0 : display_sam_info_5(&info.info5.entries[i]);
1770 0 : break;
1771 : }
1772 : }
1773 0 : } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1774 :
1775 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1776 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1777 0 : done:
1778 0 : return status;
1779 : }
1780 :
1781 0 : static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli,
1782 : TALLOC_CTX *mem_ctx,
1783 : int argc, const char **argv)
1784 : {
1785 0 : return cmd_samr_query_dispinfo_internal(cli, mem_ctx, argc, argv,
1786 : NDR_SAMR_QUERYDISPLAYINFO);
1787 : }
1788 :
1789 0 : static NTSTATUS cmd_samr_query_dispinfo2(struct rpc_pipe_client *cli,
1790 : TALLOC_CTX *mem_ctx,
1791 : int argc, const char **argv)
1792 : {
1793 0 : return cmd_samr_query_dispinfo_internal(cli, mem_ctx, argc, argv,
1794 : NDR_SAMR_QUERYDISPLAYINFO2);
1795 : }
1796 :
1797 0 : static NTSTATUS cmd_samr_query_dispinfo3(struct rpc_pipe_client *cli,
1798 : TALLOC_CTX *mem_ctx,
1799 : int argc, const char **argv)
1800 : {
1801 0 : return cmd_samr_query_dispinfo_internal(cli, mem_ctx, argc, argv,
1802 : NDR_SAMR_QUERYDISPLAYINFO3);
1803 : }
1804 :
1805 : /* Query domain info */
1806 :
1807 0 : static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli,
1808 : TALLOC_CTX *mem_ctx,
1809 : int argc, const char **argv)
1810 : {
1811 : struct policy_handle connect_pol, domain_pol;
1812 : NTSTATUS status, result;
1813 0 : uint32_t switch_level = 2;
1814 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1815 0 : union samr_DomainInfo *info = NULL;
1816 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1817 :
1818 0 : if (argc > 3) {
1819 0 : printf("Usage: %s [info level] [access mask]\n", argv[0]);
1820 0 : return NT_STATUS_OK;
1821 : }
1822 :
1823 0 : if (argc > 1)
1824 0 : sscanf(argv[1], "%i", &switch_level);
1825 :
1826 0 : if (argc > 2)
1827 0 : sscanf(argv[2], "%x", &access_mask);
1828 :
1829 : /* Get sam policy handle */
1830 :
1831 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1832 : MAXIMUM_ALLOWED_ACCESS,
1833 : &connect_pol);
1834 0 : if (!NT_STATUS_IS_OK(status)) {
1835 0 : goto done;
1836 : }
1837 :
1838 : /* Get domain policy handle */
1839 :
1840 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
1841 : &connect_pol,
1842 : access_mask,
1843 : &domain_sid,
1844 : &domain_pol,
1845 : &result);
1846 0 : if (!NT_STATUS_IS_OK(status)) {
1847 0 : goto done;
1848 : }
1849 0 : if (!NT_STATUS_IS_OK(result)) {
1850 0 : status = result;
1851 0 : goto done;
1852 : }
1853 :
1854 : /* Query domain info */
1855 :
1856 0 : status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
1857 : &domain_pol,
1858 : switch_level,
1859 : &info,
1860 : &result);
1861 0 : if (!NT_STATUS_IS_OK(status)) {
1862 0 : goto done;
1863 : }
1864 0 : if (!NT_STATUS_IS_OK(result)) {
1865 0 : status = result;
1866 0 : goto done;
1867 : }
1868 :
1869 : /* Display domain info */
1870 :
1871 0 : switch (switch_level) {
1872 0 : case 1:
1873 0 : display_sam_dom_info_1(&info->info1);
1874 0 : break;
1875 0 : case 2:
1876 0 : display_sam_dom_info_2(&info->general);
1877 0 : break;
1878 0 : case 3:
1879 0 : display_sam_dom_info_3(&info->info3);
1880 0 : break;
1881 0 : case 4:
1882 0 : display_sam_dom_info_4(&info->oem);
1883 0 : break;
1884 0 : case 5:
1885 0 : display_sam_dom_info_5(&info->info5);
1886 0 : break;
1887 0 : case 6:
1888 0 : display_sam_dom_info_6(&info->info6);
1889 0 : break;
1890 0 : case 7:
1891 0 : display_sam_dom_info_7(&info->info7);
1892 0 : break;
1893 0 : case 8:
1894 0 : display_sam_dom_info_8(&info->info8);
1895 0 : break;
1896 0 : case 9:
1897 0 : display_sam_dom_info_9(&info->info9);
1898 0 : break;
1899 0 : case 12:
1900 0 : display_sam_dom_info_12(&info->info12);
1901 0 : break;
1902 0 : case 13:
1903 0 : display_sam_dom_info_13(&info->info13);
1904 0 : break;
1905 :
1906 0 : default:
1907 0 : printf("cannot display domain info for switch value %d\n",
1908 : switch_level);
1909 0 : break;
1910 : }
1911 :
1912 0 : done:
1913 :
1914 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1915 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
1916 0 : return status;
1917 : }
1918 :
1919 : /* Create domain user */
1920 :
1921 0 : static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
1922 : TALLOC_CTX *mem_ctx,
1923 : int argc, const char **argv)
1924 : {
1925 : struct policy_handle connect_pol, domain_pol, user_pol;
1926 : NTSTATUS status, result;
1927 : struct lsa_String acct_name;
1928 : uint32_t acb_info;
1929 : uint32_t acct_flags, user_rid;
1930 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
1931 0 : uint32_t access_granted = 0;
1932 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
1933 :
1934 0 : if ((argc < 2) || (argc > 3)) {
1935 0 : printf("Usage: %s username [access mask]\n", argv[0]);
1936 0 : return NT_STATUS_OK;
1937 : }
1938 :
1939 0 : init_lsa_String(&acct_name, argv[1]);
1940 :
1941 0 : if (argc > 2)
1942 0 : sscanf(argv[2], "%x", &access_mask);
1943 :
1944 : /* Get sam policy handle */
1945 :
1946 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
1947 : MAXIMUM_ALLOWED_ACCESS,
1948 : &connect_pol);
1949 0 : if (!NT_STATUS_IS_OK(status)) {
1950 0 : goto done;
1951 : }
1952 :
1953 : /* Get domain policy handle */
1954 :
1955 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
1956 : &connect_pol,
1957 : access_mask,
1958 : &domain_sid,
1959 : &domain_pol,
1960 : &result);
1961 0 : if (!NT_STATUS_IS_OK(status)) {
1962 0 : goto done;
1963 : }
1964 0 : if (!NT_STATUS_IS_OK(result)) {
1965 0 : status = result;
1966 0 : goto done;
1967 : }
1968 :
1969 : /* Create domain user */
1970 :
1971 0 : acb_info = ACB_NORMAL;
1972 0 : acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
1973 : SEC_STD_WRITE_DAC | SEC_STD_DELETE |
1974 : SAMR_USER_ACCESS_SET_PASSWORD |
1975 : SAMR_USER_ACCESS_GET_ATTRIBUTES |
1976 : SAMR_USER_ACCESS_SET_ATTRIBUTES;
1977 :
1978 0 : status = dcerpc_samr_CreateUser2(b, mem_ctx,
1979 : &domain_pol,
1980 : &acct_name,
1981 : acb_info,
1982 : acct_flags,
1983 : &user_pol,
1984 : &access_granted,
1985 : &user_rid,
1986 : &result);
1987 0 : if (!NT_STATUS_IS_OK(status)) {
1988 0 : goto done;
1989 : }
1990 0 : if (!NT_STATUS_IS_OK(result)) {
1991 0 : status = result;
1992 0 : goto done;
1993 : }
1994 :
1995 0 : status = dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
1996 0 : if (!NT_STATUS_IS_OK(status)) goto done;
1997 :
1998 0 : status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
1999 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2000 :
2001 0 : status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2002 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2003 :
2004 0 : done:
2005 0 : return status;
2006 : }
2007 :
2008 : /* Create domain group */
2009 :
2010 0 : static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
2011 : TALLOC_CTX *mem_ctx,
2012 : int argc, const char **argv)
2013 : {
2014 : struct policy_handle connect_pol, domain_pol, group_pol;
2015 : NTSTATUS status, result;
2016 : struct lsa_String grp_name;
2017 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2018 0 : uint32_t rid = 0;
2019 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2020 :
2021 0 : if ((argc < 2) || (argc > 3)) {
2022 0 : printf("Usage: %s groupname [access mask]\n", argv[0]);
2023 0 : return NT_STATUS_OK;
2024 : }
2025 :
2026 0 : init_lsa_String(&grp_name, argv[1]);
2027 :
2028 0 : if (argc > 2)
2029 0 : sscanf(argv[2], "%x", &access_mask);
2030 :
2031 : /* Get sam policy handle */
2032 :
2033 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2034 : MAXIMUM_ALLOWED_ACCESS,
2035 : &connect_pol);
2036 0 : if (!NT_STATUS_IS_OK(status)) {
2037 0 : goto done;
2038 : }
2039 :
2040 : /* Get domain policy handle */
2041 :
2042 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2043 : &connect_pol,
2044 : access_mask,
2045 : &domain_sid,
2046 : &domain_pol,
2047 : &result);
2048 0 : if (!NT_STATUS_IS_OK(status)) {
2049 0 : goto done;
2050 : }
2051 0 : if (!NT_STATUS_IS_OK(result)) {
2052 0 : status = result;
2053 0 : goto done;
2054 : }
2055 :
2056 : /* Create domain user */
2057 0 : status = dcerpc_samr_CreateDomainGroup(b, mem_ctx,
2058 : &domain_pol,
2059 : &grp_name,
2060 : MAXIMUM_ALLOWED_ACCESS,
2061 : &group_pol,
2062 : &rid,
2063 : &result);
2064 0 : if (!NT_STATUS_IS_OK(status)) {
2065 0 : goto done;
2066 : }
2067 0 : if (!NT_STATUS_IS_OK(result)) {
2068 0 : status = result;
2069 0 : goto done;
2070 : }
2071 :
2072 0 : status = dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
2073 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2074 :
2075 0 : status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2076 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2077 :
2078 0 : status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2079 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2080 :
2081 0 : done:
2082 0 : return status;
2083 : }
2084 :
2085 : /* Create domain alias */
2086 :
2087 0 : static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli,
2088 : TALLOC_CTX *mem_ctx,
2089 : int argc, const char **argv)
2090 : {
2091 : struct policy_handle connect_pol, domain_pol, alias_pol;
2092 : NTSTATUS status, result;
2093 : struct lsa_String alias_name;
2094 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2095 0 : uint32_t rid = 0;
2096 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2097 :
2098 0 : if ((argc < 2) || (argc > 3)) {
2099 0 : printf("Usage: %s aliasname [access mask]\n", argv[0]);
2100 0 : return NT_STATUS_OK;
2101 : }
2102 :
2103 0 : init_lsa_String(&alias_name, argv[1]);
2104 :
2105 0 : if (argc > 2)
2106 0 : sscanf(argv[2], "%x", &access_mask);
2107 :
2108 : /* Get sam policy handle */
2109 :
2110 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2111 : MAXIMUM_ALLOWED_ACCESS,
2112 : &connect_pol);
2113 0 : if (!NT_STATUS_IS_OK(status)) {
2114 0 : goto done;
2115 : }
2116 :
2117 : /* Get domain policy handle */
2118 :
2119 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2120 : &connect_pol,
2121 : access_mask,
2122 : &domain_sid,
2123 : &domain_pol,
2124 : &result);
2125 0 : if (!NT_STATUS_IS_OK(status)) {
2126 0 : goto done;
2127 : }
2128 0 : if (!NT_STATUS_IS_OK(result)) {
2129 0 : status = result;
2130 0 : goto done;
2131 : }
2132 :
2133 : /* Create domain user */
2134 :
2135 0 : status = dcerpc_samr_CreateDomAlias(b, mem_ctx,
2136 : &domain_pol,
2137 : &alias_name,
2138 : MAXIMUM_ALLOWED_ACCESS,
2139 : &alias_pol,
2140 : &rid,
2141 : &result);
2142 0 : if (!NT_STATUS_IS_OK(status)) {
2143 0 : goto done;
2144 : }
2145 0 : if (!NT_STATUS_IS_OK(result)) {
2146 0 : status = result;
2147 0 : goto done;
2148 : }
2149 :
2150 :
2151 0 : status = dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
2152 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2153 :
2154 0 : status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2155 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2156 :
2157 0 : status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2158 0 : if (!NT_STATUS_IS_OK(status)) goto done;
2159 :
2160 0 : done:
2161 0 : return status;
2162 : }
2163 :
2164 : /* Lookup sam names */
2165 :
2166 0 : static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli,
2167 : TALLOC_CTX *mem_ctx,
2168 : int argc, const char **argv)
2169 : {
2170 : NTSTATUS status, result;
2171 : struct policy_handle connect_pol, domain_pol;
2172 : uint32_t num_names;
2173 : struct samr_Ids rids, name_types;
2174 : int i;
2175 0 : struct lsa_String *names = NULL;
2176 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2177 :
2178 0 : if (argc < 3) {
2179 0 : printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
2180 0 : printf("check on the domain SID: S-1-5-21-x-y-z\n");
2181 0 : printf("or check on the builtin SID: S-1-5-32\n");
2182 0 : return NT_STATUS_OK;
2183 : }
2184 :
2185 : /* Get sam policy and domain handles */
2186 :
2187 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2188 : MAXIMUM_ALLOWED_ACCESS,
2189 : &connect_pol);
2190 0 : if (!NT_STATUS_IS_OK(status)) {
2191 0 : goto done;
2192 : }
2193 :
2194 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
2195 : &connect_pol,
2196 : MAXIMUM_ALLOWED_ACCESS,
2197 : &domain_sid,
2198 : &domain_pol);
2199 0 : if (!NT_STATUS_IS_OK(status)) {
2200 0 : goto done;
2201 : }
2202 :
2203 : /* Look up names */
2204 :
2205 0 : num_names = argc - 2;
2206 :
2207 0 : if ((names = talloc_array(mem_ctx, struct lsa_String, num_names)) == NULL) {
2208 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2209 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2210 0 : status = NT_STATUS_NO_MEMORY;
2211 0 : goto done;
2212 : }
2213 :
2214 0 : for (i = 0; i < num_names; i++) {
2215 0 : init_lsa_String(&names[i], argv[i + 2]);
2216 : }
2217 :
2218 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
2219 : &domain_pol,
2220 : num_names,
2221 : names,
2222 : &rids,
2223 : &name_types,
2224 : &result);
2225 0 : if (!NT_STATUS_IS_OK(status)) {
2226 0 : goto done;
2227 : }
2228 0 : if (!NT_STATUS_IS_OK(result)) {
2229 0 : status = result;
2230 0 : goto done;
2231 : }
2232 0 : if (rids.count != num_names) {
2233 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2234 0 : goto done;
2235 : }
2236 0 : if (name_types.count != num_names) {
2237 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2238 0 : goto done;
2239 : }
2240 :
2241 : /* Display results */
2242 :
2243 0 : for (i = 0; i < num_names; i++)
2244 0 : printf("name %s: 0x%x (%d)\n", names[i].string, rids.ids[i],
2245 0 : name_types.ids[i]);
2246 :
2247 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2248 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2249 0 : done:
2250 0 : return status;
2251 : }
2252 :
2253 : /* Lookup sam rids */
2254 :
2255 0 : static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
2256 : TALLOC_CTX *mem_ctx,
2257 : int argc, const char **argv)
2258 : {
2259 : NTSTATUS status, result;
2260 : struct policy_handle connect_pol, domain_pol;
2261 : uint32_t num_rids, *rids;
2262 : struct lsa_Strings names;
2263 : struct samr_Ids types;
2264 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2265 :
2266 : int i;
2267 :
2268 0 : if (argc < 3) {
2269 0 : printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
2270 0 : return NT_STATUS_OK;
2271 : }
2272 :
2273 : /* Get sam policy and domain handles */
2274 :
2275 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2276 : MAXIMUM_ALLOWED_ACCESS,
2277 : &connect_pol);
2278 0 : if (!NT_STATUS_IS_OK(status)) {
2279 0 : goto done;
2280 : }
2281 :
2282 0 : status = get_domain_handle(cli, mem_ctx, argv[1],
2283 : &connect_pol,
2284 : MAXIMUM_ALLOWED_ACCESS,
2285 : &domain_sid,
2286 : &domain_pol);
2287 0 : if (!NT_STATUS_IS_OK(status)) {
2288 0 : goto done;
2289 : }
2290 :
2291 : /* Look up rids */
2292 :
2293 0 : num_rids = argc - 2;
2294 :
2295 0 : if ((rids = talloc_array(mem_ctx, uint32_t, num_rids)) == NULL) {
2296 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2297 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2298 0 : status = NT_STATUS_NO_MEMORY;
2299 0 : goto done;
2300 : }
2301 :
2302 0 : for (i = 0; i < argc - 2; i++)
2303 0 : sscanf(argv[i + 2], "%i", &rids[i]);
2304 :
2305 0 : status = dcerpc_samr_LookupRids(b, mem_ctx,
2306 : &domain_pol,
2307 : num_rids,
2308 : rids,
2309 : &names,
2310 : &types,
2311 : &result);
2312 0 : if (!NT_STATUS_IS_OK(status)) {
2313 0 : goto done;
2314 : }
2315 0 : status = result;
2316 0 : if (!NT_STATUS_IS_OK(result) &&
2317 0 : !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
2318 0 : goto done;
2319 :
2320 : /* Display results */
2321 0 : if (num_rids != names.count) {
2322 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2323 0 : goto done;
2324 : }
2325 0 : if (num_rids != types.count) {
2326 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2327 0 : goto done;
2328 : }
2329 :
2330 0 : for (i = 0; i < num_rids; i++) {
2331 0 : printf("rid 0x%x: %s (%d)\n",
2332 0 : rids[i], names.names[i].string, types.ids[i]);
2333 : }
2334 :
2335 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2336 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2337 0 : done:
2338 0 : return status;
2339 : }
2340 :
2341 : /* Delete domain group */
2342 :
2343 0 : static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli,
2344 : TALLOC_CTX *mem_ctx,
2345 : int argc, const char **argv)
2346 : {
2347 : NTSTATUS status, result;
2348 : struct policy_handle connect_pol, domain_pol, group_pol;
2349 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2350 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2351 :
2352 0 : if ((argc < 2) || (argc > 3)) {
2353 0 : printf("Usage: %s groupname\n", argv[0]);
2354 0 : return NT_STATUS_OK;
2355 : }
2356 :
2357 0 : if (argc > 2)
2358 0 : sscanf(argv[2], "%x", &access_mask);
2359 :
2360 : /* Get sam policy and domain handles */
2361 :
2362 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2363 : MAXIMUM_ALLOWED_ACCESS,
2364 : &connect_pol);
2365 0 : if (!NT_STATUS_IS_OK(status)) {
2366 0 : goto done;
2367 : }
2368 :
2369 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2370 : &connect_pol,
2371 : MAXIMUM_ALLOWED_ACCESS,
2372 : &domain_sid,
2373 : &domain_pol,
2374 : &result);
2375 0 : if (!NT_STATUS_IS_OK(status)) {
2376 0 : goto done;
2377 : }
2378 0 : if (!NT_STATUS_IS_OK(result)) {
2379 0 : status = result;
2380 0 : goto done;
2381 : }
2382 :
2383 : /* Get handle on group */
2384 :
2385 : {
2386 : struct samr_Ids group_rids, name_types;
2387 : struct lsa_String lsa_acct_name;
2388 :
2389 0 : init_lsa_String(&lsa_acct_name, argv[1]);
2390 :
2391 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
2392 : &domain_pol,
2393 : 1,
2394 : &lsa_acct_name,
2395 : &group_rids,
2396 : &name_types,
2397 : &result);
2398 0 : if (!NT_STATUS_IS_OK(status)) {
2399 0 : goto done;
2400 : }
2401 0 : if (!NT_STATUS_IS_OK(result)) {
2402 0 : status = result;
2403 0 : goto done;
2404 : }
2405 0 : if (group_rids.count != 1) {
2406 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2407 0 : goto done;
2408 : }
2409 0 : if (name_types.count != 1) {
2410 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2411 0 : goto done;
2412 : }
2413 :
2414 0 : status = dcerpc_samr_OpenGroup(b, mem_ctx,
2415 : &domain_pol,
2416 : access_mask,
2417 0 : group_rids.ids[0],
2418 : &group_pol,
2419 : &result);
2420 0 : if (!NT_STATUS_IS_OK(status)) {
2421 0 : goto done;
2422 : }
2423 0 : if (!NT_STATUS_IS_OK(result)) {
2424 0 : status = result;
2425 0 : goto done;
2426 : }
2427 : }
2428 :
2429 : /* Delete group */
2430 :
2431 0 : status = dcerpc_samr_DeleteDomainGroup(b, mem_ctx,
2432 : &group_pol,
2433 : &result);
2434 0 : if (!NT_STATUS_IS_OK(status)) {
2435 0 : goto done;
2436 : }
2437 0 : if (!NT_STATUS_IS_OK(result)) {
2438 0 : status = result;
2439 0 : goto done;
2440 : }
2441 :
2442 : /* Display results */
2443 :
2444 0 : dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
2445 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2446 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2447 :
2448 0 : done:
2449 0 : return status;
2450 : }
2451 :
2452 : /* Delete domain user */
2453 :
2454 0 : static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli,
2455 : TALLOC_CTX *mem_ctx,
2456 : int argc, const char **argv)
2457 : {
2458 : NTSTATUS status, result;
2459 : struct policy_handle connect_pol, domain_pol, user_pol;
2460 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2461 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2462 :
2463 0 : if ((argc < 2) || (argc > 3)) {
2464 0 : printf("Usage: %s username\n", argv[0]);
2465 0 : return NT_STATUS_OK;
2466 : }
2467 :
2468 0 : if (argc > 2)
2469 0 : sscanf(argv[2], "%x", &access_mask);
2470 :
2471 : /* Get sam policy and domain handles */
2472 :
2473 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2474 : MAXIMUM_ALLOWED_ACCESS,
2475 : &connect_pol);
2476 0 : if (!NT_STATUS_IS_OK(status)) {
2477 0 : goto done;
2478 : }
2479 :
2480 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2481 : &connect_pol,
2482 : MAXIMUM_ALLOWED_ACCESS,
2483 : &domain_sid,
2484 : &domain_pol,
2485 : &result);
2486 0 : if (!NT_STATUS_IS_OK(status)) {
2487 0 : goto done;
2488 : }
2489 0 : if (!NT_STATUS_IS_OK(result)) {
2490 0 : status = result;
2491 0 : goto done;
2492 : }
2493 :
2494 : /* Get handle on user */
2495 :
2496 : {
2497 : struct samr_Ids user_rids, name_types;
2498 : struct lsa_String lsa_acct_name;
2499 :
2500 0 : init_lsa_String(&lsa_acct_name, argv[1]);
2501 :
2502 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
2503 : &domain_pol,
2504 : 1,
2505 : &lsa_acct_name,
2506 : &user_rids,
2507 : &name_types,
2508 : &result);
2509 0 : if (!NT_STATUS_IS_OK(status)) {
2510 0 : goto done;
2511 : }
2512 0 : if (!NT_STATUS_IS_OK(result)) {
2513 0 : status = result;
2514 0 : goto done;
2515 : }
2516 0 : if (user_rids.count != 1) {
2517 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2518 0 : goto done;
2519 : }
2520 0 : if (name_types.count != 1) {
2521 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2522 0 : goto done;
2523 : }
2524 :
2525 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
2526 : &domain_pol,
2527 : access_mask,
2528 0 : user_rids.ids[0],
2529 : &user_pol,
2530 : &result);
2531 0 : if (!NT_STATUS_IS_OK(status)) {
2532 0 : goto done;
2533 : }
2534 0 : if (!NT_STATUS_IS_OK(result)) {
2535 0 : status = result;
2536 0 : goto done;
2537 : }
2538 : }
2539 :
2540 : /* Delete user */
2541 :
2542 0 : status = dcerpc_samr_DeleteUser(b, mem_ctx,
2543 : &user_pol,
2544 : &result);
2545 0 : if (!NT_STATUS_IS_OK(status)) {
2546 0 : goto done;
2547 : }
2548 0 : if (!NT_STATUS_IS_OK(result)) {
2549 0 : status = result;
2550 0 : goto done;
2551 : }
2552 :
2553 : /* Display results */
2554 :
2555 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
2556 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2557 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2558 :
2559 0 : done:
2560 0 : return status;
2561 : }
2562 :
2563 : /**********************************************************************
2564 : * Query user security object
2565 : */
2566 0 : static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
2567 : TALLOC_CTX *mem_ctx,
2568 : int argc, const char **argv)
2569 : {
2570 : struct policy_handle connect_pol, domain_pol, user_pol, *pol;
2571 : NTSTATUS status, result;
2572 0 : uint32_t sec_info = SECINFO_DACL;
2573 0 : uint32_t user_rid = 0;
2574 0 : TALLOC_CTX *ctx = NULL;
2575 0 : struct sec_desc_buf *sec_desc_buf=NULL;
2576 0 : bool domain = False;
2577 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2578 :
2579 0 : ctx=talloc_init("cmd_samr_query_sec_obj");
2580 :
2581 0 : if ((argc < 1) || (argc > 3)) {
2582 0 : printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]);
2583 0 : printf("\tSpecify rid for security on user, -d for security on domain\n");
2584 0 : talloc_destroy(ctx);
2585 0 : return NT_STATUS_OK;
2586 : }
2587 :
2588 0 : if (argc > 1) {
2589 0 : if (strcmp(argv[1], "-d") == 0)
2590 0 : domain = True;
2591 : else
2592 0 : sscanf(argv[1], "%i", &user_rid);
2593 : }
2594 :
2595 0 : if (argc == 3) {
2596 0 : sec_info = atoi(argv[2]);
2597 : }
2598 :
2599 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2600 : MAXIMUM_ALLOWED_ACCESS,
2601 : &connect_pol);
2602 0 : if (!NT_STATUS_IS_OK(status)) {
2603 0 : goto done;
2604 : }
2605 :
2606 0 : if (domain || user_rid) {
2607 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2608 : &connect_pol,
2609 : MAXIMUM_ALLOWED_ACCESS,
2610 : &domain_sid,
2611 : &domain_pol,
2612 : &result);
2613 0 : if (!NT_STATUS_IS_OK(status)) {
2614 0 : goto done;
2615 : }
2616 0 : if (!NT_STATUS_IS_OK(result)) {
2617 0 : status = result;
2618 0 : goto done;
2619 : }
2620 : }
2621 :
2622 0 : if (user_rid) {
2623 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
2624 : &domain_pol,
2625 : MAXIMUM_ALLOWED_ACCESS,
2626 : user_rid,
2627 : &user_pol,
2628 : &result);
2629 0 : if (!NT_STATUS_IS_OK(status)) {
2630 0 : goto done;
2631 : }
2632 0 : if (!NT_STATUS_IS_OK(result)) {
2633 0 : status = result;
2634 0 : goto done;
2635 : }
2636 : }
2637 :
2638 : /* Pick which query pol to use */
2639 :
2640 0 : pol = &connect_pol;
2641 :
2642 0 : if (domain)
2643 0 : pol = &domain_pol;
2644 :
2645 0 : if (user_rid)
2646 0 : pol = &user_pol;
2647 :
2648 : /* Query SAM security object */
2649 :
2650 0 : status = dcerpc_samr_QuerySecurity(b, mem_ctx,
2651 : pol,
2652 : sec_info,
2653 : &sec_desc_buf,
2654 : &result);
2655 0 : if (!NT_STATUS_IS_OK(status)) {
2656 0 : goto done;
2657 : }
2658 0 : if (!NT_STATUS_IS_OK(result)) {
2659 0 : status = result;
2660 0 : goto done;
2661 : }
2662 :
2663 0 : display_sec_desc(sec_desc_buf->sd);
2664 :
2665 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
2666 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2667 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2668 0 : done:
2669 0 : talloc_destroy(ctx);
2670 0 : return status;
2671 : }
2672 :
2673 0 : static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli,
2674 : TALLOC_CTX *mem_ctx,
2675 : int argc, const char **argv)
2676 : {
2677 : NTSTATUS status, result;
2678 : struct policy_handle connect_pol, domain_pol, user_pol;
2679 : struct samr_PwInfo info;
2680 : uint32_t rid;
2681 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2682 :
2683 0 : if (argc != 2) {
2684 0 : printf("Usage: %s rid\n", argv[0]);
2685 0 : return NT_STATUS_OK;
2686 : }
2687 :
2688 0 : sscanf(argv[1], "%i", &rid);
2689 :
2690 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2691 : MAXIMUM_ALLOWED_ACCESS,
2692 : &connect_pol);
2693 0 : if (!NT_STATUS_IS_OK(status)) {
2694 0 : goto done;
2695 : }
2696 :
2697 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2698 : &connect_pol,
2699 : MAXIMUM_ALLOWED_ACCESS,
2700 : &domain_sid,
2701 : &domain_pol,
2702 : &result);
2703 0 : if (!NT_STATUS_IS_OK(status)) {
2704 0 : goto done;
2705 : }
2706 0 : if (!NT_STATUS_IS_OK(result)) {
2707 0 : status = result;
2708 0 : goto done;
2709 : }
2710 :
2711 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
2712 : &domain_pol,
2713 : MAXIMUM_ALLOWED_ACCESS,
2714 : rid,
2715 : &user_pol,
2716 : &result);
2717 0 : if (!NT_STATUS_IS_OK(status)) {
2718 0 : goto done;
2719 : }
2720 0 : if (!NT_STATUS_IS_OK(result)) {
2721 0 : status = result;
2722 0 : goto done;
2723 : }
2724 :
2725 0 : status = dcerpc_samr_GetUserPwInfo(b, mem_ctx,
2726 : &user_pol,
2727 : &info,
2728 : &result);
2729 0 : if (!NT_STATUS_IS_OK(status)) {
2730 0 : goto done;
2731 : }
2732 0 : status = result;
2733 0 : if (NT_STATUS_IS_OK(result)) {
2734 0 : printf("%s\n",
2735 : NDR_PRINT_STRUCT_STRING(mem_ctx,
2736 : samr_PwInfo, &info));
2737 : }
2738 :
2739 0 : done:
2740 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
2741 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2742 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2743 :
2744 0 : return status;
2745 : }
2746 :
2747 0 : static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
2748 : TALLOC_CTX *mem_ctx,
2749 : int argc, const char **argv)
2750 : {
2751 : NTSTATUS status, result;
2752 : struct lsa_String domain_name;
2753 : struct samr_PwInfo info;
2754 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2755 :
2756 0 : if (argc < 1 || argc > 3) {
2757 0 : printf("Usage: %s <domain>\n", argv[0]);
2758 0 : return NT_STATUS_OK;
2759 : }
2760 :
2761 0 : init_lsa_String(&domain_name, argv[1]);
2762 :
2763 0 : status = dcerpc_samr_GetDomPwInfo(b, mem_ctx,
2764 : &domain_name,
2765 : &info,
2766 : &result);
2767 0 : if (!NT_STATUS_IS_OK(status)) {
2768 0 : return status;
2769 : }
2770 0 : if (NT_STATUS_IS_OK(result)) {
2771 0 : printf("min_password_length: %d\n", info.min_password_length);
2772 0 : display_password_properties(info.password_properties);
2773 : }
2774 :
2775 0 : return result;
2776 : }
2777 :
2778 : /* Look up domain name */
2779 :
2780 0 : static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli,
2781 : TALLOC_CTX *mem_ctx,
2782 : int argc, const char **argv)
2783 : {
2784 : struct policy_handle connect_pol, domain_pol;
2785 : NTSTATUS status, result;
2786 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2787 : struct lsa_String domain_name;
2788 0 : struct dom_sid *sid = NULL;
2789 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2790 :
2791 0 : if (argc != 2) {
2792 0 : printf("Usage: %s domain_name\n", argv[0]);
2793 0 : return NT_STATUS_OK;
2794 : }
2795 :
2796 0 : init_lsa_String(&domain_name, argv[1]);
2797 :
2798 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2799 : access_mask,
2800 : &connect_pol);
2801 0 : if (!NT_STATUS_IS_OK(status)) {
2802 0 : goto done;
2803 : }
2804 :
2805 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2806 : &connect_pol,
2807 : access_mask,
2808 : &domain_sid,
2809 : &domain_pol,
2810 : &result);
2811 0 : if (!NT_STATUS_IS_OK(status)) {
2812 0 : goto done;
2813 : }
2814 0 : if (!NT_STATUS_IS_OK(result)) {
2815 0 : status = result;
2816 0 : goto done;
2817 : }
2818 :
2819 0 : status = dcerpc_samr_LookupDomain(b, mem_ctx,
2820 : &connect_pol,
2821 : &domain_name,
2822 : &sid,
2823 : &result);
2824 0 : if (!NT_STATUS_IS_OK(status)) {
2825 0 : goto done;
2826 : }
2827 0 : if (!NT_STATUS_IS_OK(result)) {
2828 0 : status = result;
2829 0 : goto done;
2830 : }
2831 :
2832 0 : if (NT_STATUS_IS_OK(result)) {
2833 : struct dom_sid_buf sid_str;
2834 0 : printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2835 0 : argv[1],
2836 : dom_sid_str_buf(sid, &sid_str));
2837 : }
2838 :
2839 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2840 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2841 0 : done:
2842 0 : return status;
2843 : }
2844 :
2845 : /* Change user password */
2846 :
2847 0 : static NTSTATUS cmd_samr_chgpasswd(struct rpc_pipe_client *cli,
2848 : TALLOC_CTX *mem_ctx,
2849 : int argc, const char **argv)
2850 : {
2851 : struct policy_handle connect_pol;
2852 0 : struct policy_handle domain_pol = { 0, };
2853 0 : struct policy_handle user_pol = { 0, };
2854 : NTSTATUS status, result;
2855 : const char *user, *oldpass, *newpass;
2856 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2857 : struct samr_Ids rids, types;
2858 : struct lsa_String lsa_acct_name;
2859 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2860 :
2861 0 : if (argc < 3) {
2862 0 : printf("Usage: %s username oldpass newpass\n", argv[0]);
2863 0 : return NT_STATUS_INVALID_PARAMETER;
2864 : }
2865 :
2866 0 : user = argv[1];
2867 0 : oldpass = argv[2];
2868 0 : newpass = argv[3];
2869 :
2870 : /* Get sam policy handle */
2871 :
2872 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2873 : MAXIMUM_ALLOWED_ACCESS,
2874 : &connect_pol);
2875 0 : if (!NT_STATUS_IS_OK(status)) {
2876 0 : goto done;
2877 : }
2878 :
2879 : /* Get domain policy handle */
2880 :
2881 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2882 : &connect_pol,
2883 : access_mask,
2884 : &domain_sid,
2885 : &domain_pol,
2886 : &result);
2887 0 : if (!NT_STATUS_IS_OK(status)) {
2888 0 : goto done;
2889 : }
2890 0 : if (!NT_STATUS_IS_OK(result)) {
2891 0 : status = result;
2892 0 : goto done;
2893 : }
2894 :
2895 0 : init_lsa_String(&lsa_acct_name, user);
2896 :
2897 0 : status = dcerpc_samr_LookupNames(b, mem_ctx,
2898 : &domain_pol,
2899 : 1,
2900 : &lsa_acct_name,
2901 : &rids,
2902 : &types,
2903 : &result);
2904 0 : if (!NT_STATUS_IS_OK(status)) {
2905 0 : goto done;
2906 : }
2907 0 : if (!NT_STATUS_IS_OK(result)) {
2908 0 : status = result;
2909 0 : goto done;
2910 : }
2911 0 : if (rids.count != 1) {
2912 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2913 0 : goto done;
2914 : }
2915 0 : if (types.count != 1) {
2916 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
2917 0 : goto done;
2918 : }
2919 :
2920 0 : status = dcerpc_samr_OpenUser(b, mem_ctx,
2921 : &domain_pol,
2922 : access_mask,
2923 0 : rids.ids[0],
2924 : &user_pol,
2925 : &result);
2926 0 : if (!NT_STATUS_IS_OK(status)) {
2927 0 : goto done;
2928 : }
2929 0 : if (!NT_STATUS_IS_OK(result)) {
2930 0 : status = result;
2931 0 : goto done;
2932 : }
2933 :
2934 : /* Change user password */
2935 0 : status = rpccli_samr_chgpasswd_user(cli, mem_ctx,
2936 : &user_pol,
2937 : newpass,
2938 : oldpass);
2939 0 : if (!NT_STATUS_IS_OK(status)) {
2940 0 : goto done;
2941 : }
2942 :
2943 0 : done:
2944 0 : if (is_valid_policy_hnd(&user_pol)) {
2945 0 : dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
2946 : }
2947 0 : if (is_valid_policy_hnd(&domain_pol)) {
2948 0 : dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
2949 : }
2950 0 : if (is_valid_policy_hnd(&connect_pol)) {
2951 0 : dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
2952 : }
2953 :
2954 0 : return status;
2955 : }
2956 :
2957 :
2958 : /* Change user password */
2959 :
2960 0 : static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli,
2961 : TALLOC_CTX *mem_ctx,
2962 : int argc, const char **argv)
2963 : {
2964 : struct policy_handle connect_pol, domain_pol;
2965 : NTSTATUS status, result;
2966 : const char *user, *oldpass, *newpass;
2967 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
2968 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
2969 :
2970 0 : if (argc < 3) {
2971 0 : printf("Usage: %s username oldpass newpass\n", argv[0]);
2972 0 : return NT_STATUS_INVALID_PARAMETER;
2973 : }
2974 :
2975 0 : user = argv[1];
2976 0 : oldpass = argv[2];
2977 0 : newpass = argv[3];
2978 :
2979 : /* Get sam policy handle */
2980 :
2981 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
2982 : MAXIMUM_ALLOWED_ACCESS,
2983 : &connect_pol);
2984 0 : if (!NT_STATUS_IS_OK(status)) {
2985 0 : goto done;
2986 : }
2987 :
2988 : /* Get domain policy handle */
2989 :
2990 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
2991 : &connect_pol,
2992 : access_mask,
2993 : &domain_sid,
2994 : &domain_pol,
2995 : &result);
2996 0 : if (!NT_STATUS_IS_OK(status)) {
2997 0 : goto done;
2998 : }
2999 0 : if (!NT_STATUS_IS_OK(result)) {
3000 0 : status = result;
3001 0 : goto done;
3002 : }
3003 :
3004 : /* Change user password */
3005 0 : status = rpccli_samr_chgpasswd_user2(cli, mem_ctx, user, newpass, oldpass);
3006 :
3007 0 : if (!NT_STATUS_IS_OK(status)) {
3008 0 : goto done;
3009 : }
3010 :
3011 0 : status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
3012 0 : if (!NT_STATUS_IS_OK(status)) goto done;
3013 :
3014 0 : status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
3015 0 : if (!NT_STATUS_IS_OK(status)) goto done;
3016 :
3017 0 : done:
3018 0 : return status;
3019 : }
3020 :
3021 :
3022 : /* Change user password */
3023 :
3024 0 : static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli,
3025 : TALLOC_CTX *mem_ctx,
3026 : int argc, const char **argv)
3027 : {
3028 : struct policy_handle connect_pol, domain_pol;
3029 : NTSTATUS status, result;
3030 : const char *user, *oldpass, *newpass;
3031 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
3032 0 : struct samr_DomInfo1 *info = NULL;
3033 0 : struct userPwdChangeFailureInformation *reject = NULL;
3034 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
3035 :
3036 0 : if (argc < 4) {
3037 0 : printf("Usage: %s username oldpass newpass\n", argv[0]);
3038 0 : return NT_STATUS_INVALID_PARAMETER;
3039 : }
3040 :
3041 0 : user = argv[1];
3042 0 : oldpass = argv[2];
3043 0 : newpass = argv[3];
3044 :
3045 : /* Get sam policy handle */
3046 :
3047 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
3048 : MAXIMUM_ALLOWED_ACCESS,
3049 : &connect_pol);
3050 0 : if (!NT_STATUS_IS_OK(status)) {
3051 0 : goto done;
3052 : }
3053 :
3054 : /* Get domain policy handle */
3055 :
3056 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
3057 : &connect_pol,
3058 : access_mask,
3059 : &domain_sid,
3060 : &domain_pol,
3061 : &result);
3062 0 : if (!NT_STATUS_IS_OK(status)) {
3063 0 : goto done;
3064 : }
3065 0 : if (!NT_STATUS_IS_OK(result)) {
3066 0 : status = result;
3067 0 : goto done;
3068 : }
3069 :
3070 : /* Change user password */
3071 0 : status = rpccli_samr_chgpasswd_user3(cli, mem_ctx,
3072 : user,
3073 : newpass,
3074 : oldpass,
3075 : &info,
3076 : &reject);
3077 0 : if (!NT_STATUS_IS_OK(status)) {
3078 0 : goto done;
3079 : }
3080 :
3081 0 : if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
3082 :
3083 0 : display_sam_dom_info_1(info);
3084 :
3085 0 : switch (reject->extendedFailureReason) {
3086 0 : case SAM_PWD_CHANGE_PASSWORD_TOO_SHORT:
3087 0 : d_printf("SAM_PWD_CHANGE_PASSWORD_TOO_SHORT\n");
3088 0 : break;
3089 0 : case SAM_PWD_CHANGE_PWD_IN_HISTORY:
3090 0 : d_printf("SAM_PWD_CHANGE_PWD_IN_HISTORY\n");
3091 0 : break;
3092 0 : case SAM_PWD_CHANGE_NOT_COMPLEX:
3093 0 : d_printf("SAM_PWD_CHANGE_NOT_COMPLEX\n");
3094 0 : break;
3095 0 : default:
3096 0 : d_printf("unknown reject reason: %d\n",
3097 0 : reject->extendedFailureReason);
3098 0 : break;
3099 : }
3100 : }
3101 :
3102 0 : if (!NT_STATUS_IS_OK(result)) {
3103 0 : status = result;
3104 0 : goto done;
3105 : }
3106 :
3107 0 : status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
3108 0 : if (!NT_STATUS_IS_OK(status)) goto done;
3109 :
3110 0 : status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
3111 0 : if (!NT_STATUS_IS_OK(status)) goto done;
3112 :
3113 0 : done:
3114 0 : return status;
3115 : }
3116 :
3117 0 : static NTSTATUS cmd_samr_chgpasswd4(struct rpc_pipe_client *cli,
3118 : TALLOC_CTX *mem_ctx,
3119 : int argc,
3120 : const char **argv)
3121 : {
3122 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
3123 0 : const char *srv_name_slash = cli->srv_name_slash;
3124 0 : const char *user = NULL;
3125 0 : const char *oldpass = NULL;
3126 0 : const char *newpass = NULL;
3127 : NTSTATUS status;
3128 0 : NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
3129 :
3130 0 : if (argc < 4) {
3131 0 : printf("Usage: %s username oldpass newpass\n", argv[0]);
3132 0 : return NT_STATUS_INVALID_PARAMETER;
3133 : }
3134 :
3135 0 : user = argv[1];
3136 0 : oldpass = argv[2];
3137 0 : newpass = argv[3];
3138 :
3139 : /* Change user password */
3140 0 : status = dcerpc_samr_chgpasswd_user4(b,
3141 : mem_ctx,
3142 : srv_name_slash,
3143 : user,
3144 : oldpass,
3145 : newpass,
3146 : &result);
3147 0 : if (!NT_STATUS_IS_OK(status)) {
3148 0 : return status;
3149 : }
3150 0 : if (!NT_STATUS_IS_OK(result)) {
3151 0 : status = result;
3152 : }
3153 :
3154 0 : return status;
3155 : }
3156 :
3157 0 : static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
3158 : TALLOC_CTX *mem_ctx,
3159 : int argc, const char **argv,
3160 : int opcode)
3161 : {
3162 : struct policy_handle connect_pol, domain_pol, user_pol;
3163 : NTSTATUS status, result;
3164 : const char *user, *param;
3165 0 : uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
3166 : uint32_t level;
3167 : uint32_t user_rid;
3168 : union samr_UserInfo info;
3169 : struct samr_CryptPassword pwd_buf;
3170 : struct samr_CryptPasswordEx pwd_buf_ex;
3171 : struct samr_EncryptedPasswordAES pwd_buf_aes;
3172 : uint8_t nt_hash[16];
3173 : uint8_t lm_hash[16];
3174 : DATA_BLOB session_key;
3175 : uint8_t salt_data[16];
3176 0 : DATA_BLOB salt = {
3177 : .data = salt_data,
3178 : .length = sizeof(salt_data),
3179 : };
3180 0 : uint8_t password_expired = 0;
3181 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
3182 0 : TALLOC_CTX *frame = NULL;
3183 : int rc;
3184 :
3185 0 : if (argc < 4) {
3186 0 : printf("Usage: %s username level password [password_expired]\n",
3187 : argv[0]);
3188 0 : return NT_STATUS_INVALID_PARAMETER;
3189 : }
3190 :
3191 0 : frame = talloc_stackframe();
3192 :
3193 0 : user = argv[1];
3194 0 : level = atoi(argv[2]);
3195 0 : param = argv[3];
3196 :
3197 0 : if (argc >= 5) {
3198 0 : password_expired = atoi(argv[4]);
3199 : }
3200 :
3201 0 : status = cli_get_session_key(frame, cli, &session_key);
3202 0 : if (!NT_STATUS_IS_OK(status)) {
3203 0 : goto done;
3204 : }
3205 :
3206 0 : generate_nonce_buffer(salt.data, salt.length);
3207 :
3208 0 : switch(level) {
3209 0 : case 18:
3210 : case 21:
3211 0 : nt_lm_owf_gen(param, nt_hash, lm_hash);
3212 0 : break;
3213 0 : case 23:
3214 : case 24:
3215 0 : status = init_samr_CryptPassword(param, &session_key, &pwd_buf);
3216 0 : if (!NT_STATUS_IS_OK(status)) {
3217 0 : goto done;
3218 : }
3219 0 : break;
3220 0 : case 25:
3221 : case 26:
3222 0 : status = init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex);
3223 0 : if (!NT_STATUS_IS_OK(status)) {
3224 0 : goto done;
3225 : }
3226 0 : break;
3227 0 : case 31:
3228 0 : status = init_samr_CryptPasswordAES(frame,
3229 : param,
3230 : &salt,
3231 : &session_key,
3232 : &pwd_buf_aes);
3233 0 : if (!NT_STATUS_IS_OK(status)) {
3234 0 : goto done;
3235 : }
3236 0 : break;
3237 0 : default:
3238 0 : break;
3239 : }
3240 :
3241 0 : switch (level) {
3242 0 : case 18:
3243 : {
3244 : DATA_BLOB in,out;
3245 0 : in = data_blob_const(nt_hash, 16);
3246 0 : out = data_blob_talloc_zero(frame, 16);
3247 0 : if (out.data == NULL) {
3248 0 : status = NT_STATUS_NO_MEMORY;
3249 0 : goto done;
3250 : }
3251 0 : rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
3252 0 : if (rc != 0) {
3253 0 : status = gnutls_error_to_ntstatus(rc,
3254 : NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
3255 : }
3256 0 : memcpy(nt_hash, out.data, out.length);
3257 : }
3258 : {
3259 : DATA_BLOB in,out;
3260 0 : in = data_blob_const(lm_hash, 16);
3261 0 : out = data_blob_talloc_zero(frame, 15);
3262 0 : if (out.data == NULL) {
3263 0 : status = NT_STATUS_NO_MEMORY;
3264 0 : goto done;
3265 : }
3266 0 : rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
3267 0 : if (rc != 0) {
3268 0 : status = gnutls_error_to_ntstatus(rc,
3269 : NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
3270 : }
3271 0 : memcpy(lm_hash, out.data, out.length);
3272 : }
3273 :
3274 0 : memcpy(info.info18.nt_pwd.hash, nt_hash, 16);
3275 0 : memcpy(info.info18.lm_pwd.hash, lm_hash, 16);
3276 0 : info.info18.nt_pwd_active = true;
3277 0 : info.info18.lm_pwd_active = true;
3278 0 : info.info18.password_expired = password_expired;
3279 :
3280 0 : break;
3281 0 : case 21:
3282 0 : ZERO_STRUCT(info.info21);
3283 :
3284 0 : info.info21.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
3285 : SAMR_FIELD_LM_PASSWORD_PRESENT;
3286 0 : if (argc >= 5) {
3287 0 : info.info21.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
3288 0 : info.info21.password_expired = password_expired;
3289 : }
3290 :
3291 0 : info.info21.lm_password_set = true;
3292 0 : info.info21.lm_owf_password.length = 16;
3293 0 : info.info21.lm_owf_password.size = 16;
3294 :
3295 0 : info.info21.nt_password_set = true;
3296 0 : info.info21.nt_owf_password.length = 16;
3297 0 : info.info21.nt_owf_password.size = 16;
3298 :
3299 : {
3300 : DATA_BLOB in,out;
3301 0 : in = data_blob_const(nt_hash, 16);
3302 0 : out = data_blob_talloc_zero(frame, 16);
3303 0 : if (out.data == NULL) {
3304 0 : status = NT_STATUS_NO_MEMORY;
3305 0 : goto done;
3306 : }
3307 0 : rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
3308 0 : if (rc != 0) {
3309 0 : status = gnutls_error_to_ntstatus(rc,
3310 : NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
3311 : }
3312 0 : info.info21.nt_owf_password.array =
3313 0 : (uint16_t *)talloc_memdup(frame, out.data, 16);
3314 : }
3315 : {
3316 : DATA_BLOB in,out;
3317 0 : in = data_blob_const(lm_hash, 16);
3318 0 : out = data_blob_talloc_zero(frame, 16);
3319 0 : rc = sess_crypt_blob(&out, &in, &session_key, SAMBA_GNUTLS_ENCRYPT);
3320 0 : if (rc != 0) {
3321 0 : status = gnutls_error_to_ntstatus(rc,
3322 : NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER);
3323 : }
3324 0 : info.info21.lm_owf_password.array =
3325 0 : (uint16_t *)talloc_memdup(frame, out.data, 16);
3326 0 : if (out.data == NULL) {
3327 0 : status = NT_STATUS_NO_MEMORY;
3328 0 : goto done;
3329 : }
3330 : }
3331 :
3332 0 : break;
3333 0 : case 23:
3334 0 : ZERO_STRUCT(info.info23);
3335 :
3336 0 : info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
3337 : SAMR_FIELD_LM_PASSWORD_PRESENT;
3338 0 : if (argc >= 5) {
3339 0 : info.info23.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
3340 0 : info.info23.info.password_expired = password_expired;
3341 : }
3342 :
3343 0 : info.info23.password = pwd_buf;
3344 :
3345 0 : break;
3346 0 : case 24:
3347 0 : info.info24.password = pwd_buf;
3348 0 : info.info24.password_expired = password_expired;
3349 :
3350 0 : break;
3351 0 : case 25:
3352 0 : ZERO_STRUCT(info.info25);
3353 :
3354 0 : info.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
3355 : SAMR_FIELD_LM_PASSWORD_PRESENT;
3356 0 : if (argc >= 5) {
3357 0 : info.info25.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
3358 0 : info.info25.info.password_expired = password_expired;
3359 : }
3360 :
3361 0 : info.info25.password = pwd_buf_ex;
3362 :
3363 0 : break;
3364 0 : case 26:
3365 0 : info.info26.password = pwd_buf_ex;
3366 0 : info.info26.password_expired = password_expired;
3367 :
3368 0 : break;
3369 0 : case 31:
3370 0 : info.info31.password = pwd_buf_aes;
3371 0 : info.info31.password_expired = password_expired;
3372 0 : break;
3373 0 : default:
3374 0 : status = NT_STATUS_INVALID_INFO_CLASS;
3375 0 : goto done;
3376 : }
3377 :
3378 : /* Get sam policy handle */
3379 :
3380 0 : status = rpccli_try_samr_connects(cli, frame,
3381 : MAXIMUM_ALLOWED_ACCESS,
3382 : &connect_pol);
3383 0 : if (!NT_STATUS_IS_OK(status)) {
3384 0 : goto done;
3385 : }
3386 :
3387 : /* Get domain policy handle */
3388 :
3389 0 : status = dcerpc_samr_OpenDomain(b, frame,
3390 : &connect_pol,
3391 : access_mask,
3392 : &domain_sid,
3393 : &domain_pol,
3394 : &result);
3395 :
3396 0 : if (!NT_STATUS_IS_OK(status))
3397 0 : goto done;
3398 0 : if (!NT_STATUS_IS_OK(result)) {
3399 0 : status = result;
3400 0 : goto done;
3401 : }
3402 :
3403 0 : user_rid = strtol(user, NULL, 0);
3404 0 : if (user_rid) {
3405 0 : status = dcerpc_samr_OpenUser(b, frame,
3406 : &domain_pol,
3407 : access_mask,
3408 : user_rid,
3409 : &user_pol,
3410 : &result);
3411 0 : if (!NT_STATUS_IS_OK(status)) {
3412 0 : goto done;
3413 : }
3414 :
3415 0 : status = result;
3416 : }
3417 :
3418 0 : if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) ||
3419 : (user_rid == 0)) {
3420 :
3421 : /* Probably this was a user name, try lookupnames */
3422 : struct samr_Ids rids, types;
3423 : struct lsa_String lsa_acct_name;
3424 :
3425 0 : init_lsa_String(&lsa_acct_name, user);
3426 :
3427 0 : status = dcerpc_samr_LookupNames(b, frame,
3428 : &domain_pol,
3429 : 1,
3430 : &lsa_acct_name,
3431 : &rids,
3432 : &types,
3433 : &result);
3434 0 : if (!NT_STATUS_IS_OK(status)) {
3435 0 : goto done;
3436 : }
3437 0 : if (!NT_STATUS_IS_OK(result)) {
3438 0 : status = result;
3439 0 : goto done;
3440 : }
3441 0 : if (rids.count != 1) {
3442 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
3443 0 : goto done;
3444 : }
3445 0 : if (types.count != 1) {
3446 0 : status = NT_STATUS_INVALID_NETWORK_RESPONSE;
3447 0 : goto done;
3448 : }
3449 :
3450 0 : status = dcerpc_samr_OpenUser(b, frame,
3451 : &domain_pol,
3452 : access_mask,
3453 0 : rids.ids[0],
3454 : &user_pol,
3455 : &result);
3456 0 : if (!NT_STATUS_IS_OK(status)) {
3457 0 : goto done;
3458 : }
3459 0 : if (!NT_STATUS_IS_OK(result)) {
3460 0 : status = result;
3461 0 : goto done;
3462 : }
3463 : }
3464 :
3465 0 : switch (opcode) {
3466 0 : case NDR_SAMR_SETUSERINFO:
3467 0 : status = dcerpc_samr_SetUserInfo(b, frame,
3468 : &user_pol,
3469 : level,
3470 : &info,
3471 : &result);
3472 0 : break;
3473 0 : case NDR_SAMR_SETUSERINFO2:
3474 0 : status = dcerpc_samr_SetUserInfo2(b, frame,
3475 : &user_pol,
3476 : level,
3477 : &info,
3478 : &result);
3479 0 : break;
3480 0 : default:
3481 0 : status = NT_STATUS_INVALID_PARAMETER;
3482 0 : goto done;
3483 : }
3484 0 : if (!NT_STATUS_IS_OK(status)) {
3485 0 : DEBUG(0,("status: %s\n", nt_errstr(status)));
3486 0 : goto done;
3487 : }
3488 0 : if (!NT_STATUS_IS_OK(result)) {
3489 0 : status = result;
3490 0 : DEBUG(0,("result: %s\n", nt_errstr(status)));
3491 0 : goto done;
3492 : }
3493 :
3494 0 : status = NT_STATUS_OK;
3495 0 : done:
3496 0 : TALLOC_FREE(frame);
3497 0 : return status;
3498 : }
3499 :
3500 0 : static NTSTATUS cmd_samr_setuserinfo(struct rpc_pipe_client *cli,
3501 : TALLOC_CTX *mem_ctx,
3502 : int argc, const char **argv)
3503 : {
3504 0 : return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv,
3505 : NDR_SAMR_SETUSERINFO);
3506 : }
3507 :
3508 0 : static NTSTATUS cmd_samr_setuserinfo2(struct rpc_pipe_client *cli,
3509 : TALLOC_CTX *mem_ctx,
3510 : int argc, const char **argv)
3511 : {
3512 0 : return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv,
3513 : NDR_SAMR_SETUSERINFO2);
3514 : }
3515 :
3516 0 : static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli,
3517 : TALLOC_CTX *mem_ctx,
3518 : int argc, const char **argv)
3519 : {
3520 : NTSTATUS status, result;
3521 : struct policy_handle connect_handle;
3522 0 : struct policy_handle domain_handle = { 0, };
3523 0 : uint16_t level = 1;
3524 : struct lsa_String name;
3525 0 : uint32_t idx = 0;
3526 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
3527 :
3528 0 : if (argc < 2 || argc > 3) {
3529 0 : printf("Usage: %s name level\n", argv[0]);
3530 0 : return NT_STATUS_INVALID_PARAMETER;
3531 : }
3532 :
3533 0 : init_lsa_String(&name, argv[1]);
3534 :
3535 0 : if (argc == 3) {
3536 0 : level = atoi(argv[2]);
3537 : }
3538 :
3539 0 : status = rpccli_try_samr_connects(cli, mem_ctx,
3540 : SEC_FLAG_MAXIMUM_ALLOWED,
3541 : &connect_handle);
3542 0 : if (!NT_STATUS_IS_OK(status)) {
3543 0 : goto done;
3544 : }
3545 :
3546 0 : status = dcerpc_samr_OpenDomain(b, mem_ctx,
3547 : &connect_handle,
3548 : SEC_FLAG_MAXIMUM_ALLOWED,
3549 : &domain_sid,
3550 : &domain_handle,
3551 : &result);
3552 0 : if (!NT_STATUS_IS_OK(status)) {
3553 0 : goto done;
3554 : }
3555 0 : if (!NT_STATUS_IS_OK(result)) {
3556 0 : status = result;
3557 0 : goto done;
3558 : }
3559 :
3560 0 : status = dcerpc_samr_GetDisplayEnumerationIndex(b, mem_ctx,
3561 : &domain_handle,
3562 : level,
3563 : &name,
3564 : &idx,
3565 : &result);
3566 0 : if (!NT_STATUS_IS_OK(status)) {
3567 0 : goto done;
3568 : }
3569 :
3570 0 : status = result;
3571 :
3572 0 : if (NT_STATUS_IS_OK(status) ||
3573 0 : NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) {
3574 0 : printf("idx: %d (0x%08x)\n", idx, idx);
3575 : }
3576 0 : done:
3577 :
3578 0 : if (is_valid_policy_hnd(&domain_handle)) {
3579 0 : dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result);
3580 : }
3581 0 : if (is_valid_policy_hnd(&connect_handle)) {
3582 0 : dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result);
3583 : }
3584 :
3585 0 : return status;
3586 :
3587 : }
3588 : /* List of commands exported by this module */
3589 :
3590 : struct cmd_set samr_commands[] = {
3591 :
3592 : {
3593 : .name = "SAMR",
3594 : },
3595 :
3596 : {
3597 : .name = "queryuser",
3598 : .returntype = RPC_RTYPE_NTSTATUS,
3599 : .ntfn = cmd_samr_query_user,
3600 : .wfn = NULL,
3601 : .table = &ndr_table_samr,
3602 : .rpc_pipe = NULL,
3603 : .description = "Query user info",
3604 : .usage = "",
3605 : },
3606 : {
3607 : .name = "querygroup",
3608 : .returntype = RPC_RTYPE_NTSTATUS,
3609 : .ntfn = cmd_samr_query_group,
3610 : .wfn = NULL,
3611 : .table = &ndr_table_samr,
3612 : .rpc_pipe = NULL,
3613 : .description = "Query group info",
3614 : .usage = "",
3615 : },
3616 : {
3617 : .name = "queryusergroups",
3618 : .returntype = RPC_RTYPE_NTSTATUS,
3619 : .ntfn = cmd_samr_query_usergroups,
3620 : .wfn = NULL,
3621 : .table = &ndr_table_samr,
3622 : .rpc_pipe = NULL,
3623 : .description = "Query user groups",
3624 : .usage = "",
3625 : },
3626 : {
3627 : .name = "queryuseraliases",
3628 : .returntype = RPC_RTYPE_NTSTATUS,
3629 : .ntfn = cmd_samr_query_useraliases,
3630 : .wfn = NULL,
3631 : .table = &ndr_table_samr,
3632 : .rpc_pipe = NULL,
3633 : .description = "Query user aliases",
3634 : .usage = "",
3635 : },
3636 : {
3637 : .name = "querygroupmem",
3638 : .returntype = RPC_RTYPE_NTSTATUS,
3639 : .ntfn = cmd_samr_query_groupmem,
3640 : .wfn = NULL,
3641 : .table = &ndr_table_samr,
3642 : .rpc_pipe = NULL,
3643 : .description = "Query group membership",
3644 : .usage = "",
3645 : },
3646 : {
3647 : .name = "queryaliasmem",
3648 : .returntype = RPC_RTYPE_NTSTATUS,
3649 : .ntfn = cmd_samr_query_aliasmem,
3650 : .wfn = NULL,
3651 : .table = &ndr_table_samr,
3652 : .rpc_pipe = NULL,
3653 : .description = "Query alias membership",
3654 : .usage = "",
3655 : },
3656 : {
3657 : .name = "queryaliasinfo",
3658 : .returntype = RPC_RTYPE_NTSTATUS,
3659 : .ntfn = cmd_samr_query_aliasinfo,
3660 : .wfn = NULL,
3661 : .table = &ndr_table_samr,
3662 : .rpc_pipe = NULL,
3663 : .description = "Query alias info",
3664 : .usage = "",
3665 : },
3666 : {
3667 : .name = "deletealias",
3668 : .returntype = RPC_RTYPE_NTSTATUS,
3669 : .ntfn = cmd_samr_delete_alias,
3670 : .wfn = NULL,
3671 : .table = &ndr_table_samr,
3672 : .rpc_pipe = NULL,
3673 : .description = "Delete an alias",
3674 : .usage = "",
3675 : },
3676 : {
3677 : .name = "querydispinfo",
3678 : .returntype = RPC_RTYPE_NTSTATUS,
3679 : .ntfn = cmd_samr_query_dispinfo,
3680 : .wfn = NULL,
3681 : .table = &ndr_table_samr,
3682 : .rpc_pipe = NULL,
3683 : .description = "Query display info",
3684 : .usage = "",
3685 : },
3686 : {
3687 : .name = "querydispinfo2",
3688 : .returntype = RPC_RTYPE_NTSTATUS,
3689 : .ntfn = cmd_samr_query_dispinfo2,
3690 : .wfn = NULL,
3691 : .table = &ndr_table_samr,
3692 : .rpc_pipe = NULL,
3693 : .description = "Query display info",
3694 : .usage = "",
3695 : },
3696 : {
3697 : .name = "querydispinfo3",
3698 : .returntype = RPC_RTYPE_NTSTATUS,
3699 : .ntfn = cmd_samr_query_dispinfo3,
3700 : .wfn = NULL,
3701 : .table = &ndr_table_samr,
3702 : .rpc_pipe = NULL,
3703 : .description = "Query display info",
3704 : .usage = "",
3705 : },
3706 : {
3707 : .name = "querydominfo",
3708 : .returntype = RPC_RTYPE_NTSTATUS,
3709 : .ntfn = cmd_samr_query_dominfo,
3710 : .wfn = NULL,
3711 : .table = &ndr_table_samr,
3712 : .rpc_pipe = NULL,
3713 : .description = "Query domain info",
3714 : .usage = "",
3715 : },
3716 : {
3717 : .name = "enumdomusers",
3718 : .returntype = RPC_RTYPE_NTSTATUS,
3719 : .ntfn = cmd_samr_enum_dom_users,
3720 : .wfn = NULL,
3721 : .table = &ndr_table_samr,
3722 : .rpc_pipe = NULL,
3723 : .description = "Enumerate domain users",
3724 : .usage = "",
3725 : },
3726 : {
3727 : .name = "enumdomgroups",
3728 : .returntype = RPC_RTYPE_NTSTATUS,
3729 : .ntfn = cmd_samr_enum_dom_groups,
3730 : .wfn = NULL,
3731 : .table = &ndr_table_samr,
3732 : .rpc_pipe = NULL,
3733 : .description = "Enumerate domain groups",
3734 : .usage = "",
3735 : },
3736 : {
3737 : .name = "enumalsgroups",
3738 : .returntype = RPC_RTYPE_NTSTATUS,
3739 : .ntfn = cmd_samr_enum_als_groups,
3740 : .wfn = NULL,
3741 : .table = &ndr_table_samr,
3742 : .rpc_pipe = NULL,
3743 : .description = "Enumerate alias groups",
3744 : .usage = "",
3745 : },
3746 : {
3747 : .name = "enumdomains",
3748 : .returntype = RPC_RTYPE_NTSTATUS,
3749 : .ntfn = cmd_samr_enum_domains,
3750 : .wfn = NULL,
3751 : .table = &ndr_table_samr,
3752 : .rpc_pipe = NULL,
3753 : .description = "Enumerate domains",
3754 : .usage = "",
3755 : },
3756 :
3757 : {
3758 : .name = "createdomuser",
3759 : .returntype = RPC_RTYPE_NTSTATUS,
3760 : .ntfn = cmd_samr_create_dom_user,
3761 : .wfn = NULL,
3762 : .table = &ndr_table_samr,
3763 : .rpc_pipe = NULL,
3764 : .description = "Create domain user",
3765 : .usage = "",
3766 : },
3767 : {
3768 : .name = "createdomgroup",
3769 : .returntype = RPC_RTYPE_NTSTATUS,
3770 : .ntfn = cmd_samr_create_dom_group,
3771 : .wfn = NULL,
3772 : .table = &ndr_table_samr,
3773 : .rpc_pipe = NULL,
3774 : .description = "Create domain group",
3775 : .usage = "",
3776 : },
3777 : {
3778 : .name = "createdomalias",
3779 : .returntype = RPC_RTYPE_NTSTATUS,
3780 : .ntfn = cmd_samr_create_dom_alias,
3781 : .wfn = NULL,
3782 : .table = &ndr_table_samr,
3783 : .rpc_pipe = NULL,
3784 : .description = "Create domain alias",
3785 : .usage = "",
3786 : },
3787 : {
3788 : .name = "samlookupnames",
3789 : .returntype = RPC_RTYPE_NTSTATUS,
3790 : .ntfn = cmd_samr_lookup_names,
3791 : .wfn = NULL,
3792 : .table = &ndr_table_samr,
3793 : .rpc_pipe = NULL,
3794 : .description = "Look up names",
3795 : .usage = "",
3796 : },
3797 : {
3798 : .name = "samlookuprids",
3799 : .returntype = RPC_RTYPE_NTSTATUS,
3800 : .ntfn = cmd_samr_lookup_rids,
3801 : .wfn = NULL,
3802 : .table = &ndr_table_samr,
3803 : .rpc_pipe = NULL,
3804 : .description = "Look up names",
3805 : .usage = "",
3806 : },
3807 : {
3808 : .name = "deletedomgroup",
3809 : .returntype = RPC_RTYPE_NTSTATUS,
3810 : .ntfn = cmd_samr_delete_dom_group,
3811 : .wfn = NULL,
3812 : .table = &ndr_table_samr,
3813 : .rpc_pipe = NULL,
3814 : .description = "Delete domain group",
3815 : .usage = "",
3816 : },
3817 : {
3818 : .name = "deletedomuser",
3819 : .returntype = RPC_RTYPE_NTSTATUS,
3820 : .ntfn = cmd_samr_delete_dom_user,
3821 : .wfn = NULL,
3822 : .table = &ndr_table_samr,
3823 : .rpc_pipe = NULL,
3824 : .description = "Delete domain user",
3825 : .usage = "",
3826 : },
3827 : {
3828 : .name = "samquerysecobj",
3829 : .returntype = RPC_RTYPE_NTSTATUS,
3830 : .ntfn = cmd_samr_query_sec_obj,
3831 : .wfn = NULL,
3832 : .table = &ndr_table_samr,
3833 : .rpc_pipe = NULL,
3834 : .description = "Query SAMR security object",
3835 : .usage = "",
3836 : },
3837 : {
3838 : .name = "getdompwinfo",
3839 : .returntype = RPC_RTYPE_NTSTATUS,
3840 : .ntfn = cmd_samr_get_dom_pwinfo,
3841 : .wfn = NULL,
3842 : .table = &ndr_table_samr,
3843 : .rpc_pipe = NULL,
3844 : .description = "Retrieve domain password info",
3845 : .usage = "",
3846 : },
3847 : {
3848 : .name = "getusrdompwinfo",
3849 : .returntype = RPC_RTYPE_NTSTATUS,
3850 : .ntfn = cmd_samr_get_usrdom_pwinfo,
3851 : .wfn = NULL,
3852 : .table = &ndr_table_samr,
3853 : .rpc_pipe = NULL,
3854 : .description = "Retrieve user domain password info",
3855 : .usage = "",
3856 : },
3857 :
3858 : {
3859 : .name = "lookupdomain",
3860 : .returntype = RPC_RTYPE_NTSTATUS,
3861 : .ntfn = cmd_samr_lookup_domain,
3862 : .wfn = NULL,
3863 : .table = &ndr_table_samr,
3864 : .rpc_pipe = NULL,
3865 : .description = "Lookup Domain Name",
3866 : .usage = "",
3867 : },
3868 : {
3869 : .name = "chgpasswd",
3870 : .returntype = RPC_RTYPE_NTSTATUS,
3871 : .ntfn = cmd_samr_chgpasswd,
3872 : .wfn = NULL,
3873 : .table = &ndr_table_samr,
3874 : .rpc_pipe = NULL,
3875 : .description = "Change user password",
3876 : .usage = "",
3877 : },
3878 : {
3879 : .name = "chgpasswd2",
3880 : .returntype = RPC_RTYPE_NTSTATUS,
3881 : .ntfn = cmd_samr_chgpasswd2,
3882 : .wfn = NULL,
3883 : .table = &ndr_table_samr,
3884 : .rpc_pipe = NULL,
3885 : .description = "Change user password",
3886 : .usage = "",
3887 : },
3888 : {
3889 : .name = "chgpasswd3",
3890 : .returntype = RPC_RTYPE_NTSTATUS,
3891 : .ntfn = cmd_samr_chgpasswd3,
3892 : .wfn = NULL,
3893 : .table = &ndr_table_samr,
3894 : .rpc_pipe = NULL,
3895 : .description = "Change user password",
3896 : .usage = "",
3897 : },
3898 : {
3899 : .name = "chgpasswd4",
3900 : .returntype = RPC_RTYPE_NTSTATUS,
3901 : .ntfn = cmd_samr_chgpasswd4,
3902 : .wfn = NULL,
3903 : .table = &ndr_table_samr,
3904 : .rpc_pipe = NULL,
3905 : .description = "Change user password",
3906 : .usage = "",
3907 : },
3908 : {
3909 : .name = "getdispinfoidx",
3910 : .returntype = RPC_RTYPE_NTSTATUS,
3911 : .ntfn = cmd_samr_get_dispinfo_idx,
3912 : .wfn = NULL,
3913 : .table = &ndr_table_samr,
3914 : .rpc_pipe = NULL,
3915 : .description = "Get Display Information Index",
3916 : .usage = "",
3917 : },
3918 : {
3919 : .name = "setuserinfo",
3920 : .returntype = RPC_RTYPE_NTSTATUS,
3921 : .ntfn = cmd_samr_setuserinfo,
3922 : .wfn = NULL,
3923 : .table = &ndr_table_samr,
3924 : .rpc_pipe = NULL,
3925 : .description = "Set user info",
3926 : .usage = "",
3927 : },
3928 : {
3929 : .name = "setuserinfo2",
3930 : .returntype = RPC_RTYPE_NTSTATUS,
3931 : .ntfn = cmd_samr_setuserinfo2,
3932 : .wfn = NULL,
3933 : .table = &ndr_table_samr,
3934 : .rpc_pipe = NULL,
3935 : .description = "Set user info2",
3936 : .usage = "",
3937 : },
3938 : {
3939 : .name = NULL,
3940 : },
3941 : };
|
