00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023 #include "includes.h"
00024 #include "rpcclient.h"
00025
00026
00027
00028
00029 static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
00030 TALLOC_CTX *mem_ctx,
00031 DOM_SID *sid, const char *name)
00032 {
00033 POLICY_HND pol;
00034 enum lsa_SidType *sid_types;
00035 NTSTATUS result;
00036 DOM_SID *sids;
00037
00038
00039 if (strncmp(name, "S-", 2) == 0 &&
00040 string_to_sid(sid, name)) {
00041 return NT_STATUS_OK;
00042 }
00043
00044 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00045 SEC_RIGHTS_MAXIMUM_ALLOWED,
00046 &pol);
00047 if (!NT_STATUS_IS_OK(result))
00048 goto done;
00049
00050 result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, NULL, &sids, &sid_types);
00051 if (!NT_STATUS_IS_OK(result))
00052 goto done;
00053
00054 rpccli_lsa_close(cli, mem_ctx, &pol);
00055
00056 *sid = sids[0];
00057
00058 done:
00059 return result;
00060 }
00061
00062 static void display_query_info_1(DOM_QUERY_1 d)
00063 {
00064 d_printf("percent_full:\t%d\n", d.percent_full);
00065 d_printf("log_size:\t%d\n", d.log_size);
00066 d_printf("retention_time:\t%lld\n", (long long)d.retention_time);
00067 d_printf("shutdown_in_progress:\t%d\n", d.shutdown_in_progress);
00068 d_printf("time_to_shutdown:\t%lld\n", (long long)d.time_to_shutdown);
00069 d_printf("next_audit_record:\t%d\n", d.next_audit_record);
00070 d_printf("unknown:\t%d\n", d.unknown);
00071 }
00072
00073 static void display_query_info_2(DOM_QUERY_2 d, TALLOC_CTX *mem_ctx)
00074 {
00075 int i;
00076 d_printf("Auditing enabled:\t%d\n", d.auditing_enabled);
00077 d_printf("Auditing categories:\t%d\n", d.count1);
00078 d_printf("Auditsettings:\n");
00079 for (i=0; i<d.count1; i++) {
00080 const char *val = audit_policy_str(mem_ctx, d.auditsettings[i]);
00081 const char *policy = audit_description_str(i);
00082 d_printf("%s:\t%s\n", policy, val);
00083 }
00084 }
00085
00086 static void display_query_info_3(DOM_QUERY_3 d)
00087 {
00088 fstring name;
00089
00090 unistr2_to_ascii(name, &d.uni_domain_name, d.uni_dom_max_len);
00091
00092 d_printf("Domain Name: %s\n", name);
00093 d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
00094 }
00095
00096 static void display_query_info_5(DOM_QUERY_5 d)
00097 {
00098 fstring name;
00099
00100 unistr2_to_ascii(name, &d.uni_domain_name, d.uni_dom_max_len);
00101
00102 d_printf("Domain Name: %s\n", name);
00103 d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
00104 }
00105
00106 static void display_query_info_10(DOM_QUERY_10 d)
00107 {
00108 d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
00109 }
00110
00111 static void display_query_info_11(DOM_QUERY_11 d)
00112 {
00113 d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
00114 d_printf("Log is full: %d\n", d.log_is_full);
00115 d_printf("Unknown: %d\n", d.unknown);
00116 }
00117
00118 static void display_query_info_12(DOM_QUERY_12 d)
00119 {
00120 fstring dom_name, dns_dom_name, forest_name;
00121
00122 unistr2_to_ascii(dom_name, &d.uni_nb_dom_name, d.hdr_nb_dom_name.uni_max_len);
00123 unistr2_to_ascii(dns_dom_name, &d.uni_dns_dom_name, d.hdr_dns_dom_name.uni_max_len);
00124 unistr2_to_ascii(forest_name, &d.uni_forest_name, d.hdr_forest_name.uni_max_len);
00125
00126 d_printf("Domain NetBios Name: %s\n", dom_name);
00127 d_printf("Domain DNS Name: %s\n", dns_dom_name);
00128 d_printf("Domain Forest Name: %s\n", forest_name);
00129 d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
00130 d_printf("Domain GUID: %s\n", smb_uuid_string_static(d.dom_guid));
00131
00132 }
00133
00134
00135
00136 static void display_lsa_query_info(LSA_INFO_CTR *dom, TALLOC_CTX *mem_ctx)
00137 {
00138 switch (dom->info_class) {
00139 case 1:
00140 display_query_info_1(dom->info.id1);
00141 break;
00142 case 2:
00143 display_query_info_2(dom->info.id2, mem_ctx);
00144 break;
00145 case 3:
00146 display_query_info_3(dom->info.id3);
00147 break;
00148 case 5:
00149 display_query_info_5(dom->info.id5);
00150 break;
00151 case 10:
00152 display_query_info_10(dom->info.id10);
00153 break;
00154 case 11:
00155 display_query_info_11(dom->info.id11);
00156 break;
00157 case 12:
00158 display_query_info_12(dom->info.id12);
00159 break;
00160 default:
00161 printf("can't display info level: %d\n", dom->info_class);
00162 break;
00163 }
00164 }
00165
00166 static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
00167 TALLOC_CTX *mem_ctx, int argc,
00168 const char **argv)
00169 {
00170 POLICY_HND pol;
00171 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00172 LSA_INFO_CTR dom;
00173
00174 uint32 info_class = 3;
00175
00176 if (argc > 2) {
00177 printf("Usage: %s [info_class]\n", argv[0]);
00178 return NT_STATUS_OK;
00179 }
00180
00181 if (argc == 2)
00182 info_class = atoi(argv[1]);
00183
00184 switch (info_class) {
00185 case 12:
00186 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00187 SEC_RIGHTS_MAXIMUM_ALLOWED,
00188 &pol);
00189
00190 if (!NT_STATUS_IS_OK(result))
00191 goto done;
00192
00193 result = rpccli_lsa_query_info_policy2_new(cli, mem_ctx, &pol,
00194 info_class, &dom);
00195 break;
00196 default:
00197 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00198 SEC_RIGHTS_MAXIMUM_ALLOWED,
00199 &pol);
00200
00201 if (!NT_STATUS_IS_OK(result))
00202 goto done;
00203
00204 result = rpccli_lsa_query_info_policy_new(cli, mem_ctx, &pol,
00205 info_class, &dom);
00206 }
00207
00208
00209 display_lsa_query_info(&dom, mem_ctx);
00210
00211 rpccli_lsa_close(cli, mem_ctx, &pol);
00212
00213 done:
00214 return result;
00215 }
00216
00217
00218
00219 static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
00220 TALLOC_CTX *mem_ctx, int argc,
00221 const char **argv)
00222 {
00223 POLICY_HND pol;
00224 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00225 DOM_SID *sids;
00226 enum lsa_SidType *types;
00227 int i;
00228
00229 if (argc == 1) {
00230 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
00231 return NT_STATUS_OK;
00232 }
00233
00234 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00235 SEC_RIGHTS_MAXIMUM_ALLOWED,
00236 &pol);
00237
00238 if (!NT_STATUS_IS_OK(result))
00239 goto done;
00240
00241 result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
00242 (const char**)(argv + 1), NULL, &sids, &types);
00243
00244 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
00245 NT_STATUS_V(STATUS_SOME_UNMAPPED))
00246 goto done;
00247
00248 result = NT_STATUS_OK;
00249
00250
00251
00252 for (i = 0; i < (argc - 1); i++) {
00253 fstring sid_str;
00254 sid_to_string(sid_str, &sids[i]);
00255 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
00256 sid_type_lookup(types[i]), types[i]);
00257 }
00258
00259 rpccli_lsa_close(cli, mem_ctx, &pol);
00260
00261 done:
00262 return result;
00263 }
00264
00265
00266
00267 static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
00268 int argc, const char **argv)
00269 {
00270 POLICY_HND pol;
00271 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00272 DOM_SID *sids;
00273 char **domains;
00274 char **names;
00275 enum lsa_SidType *types;
00276 int i;
00277
00278 if (argc == 1) {
00279 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
00280 return NT_STATUS_OK;
00281 }
00282
00283 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00284 SEC_RIGHTS_MAXIMUM_ALLOWED,
00285 &pol);
00286
00287 if (!NT_STATUS_IS_OK(result))
00288 goto done;
00289
00290
00291
00292 sids = TALLOC_ARRAY(mem_ctx, DOM_SID, argc - 1);
00293
00294 if (!sids) {
00295 printf("could not allocate memory for %d sids\n", argc - 1);
00296 goto done;
00297 }
00298
00299 for (i = 0; i < argc - 1; i++)
00300 if (!string_to_sid(&sids[i], argv[i + 1])) {
00301 result = NT_STATUS_INVALID_SID;
00302 goto done;
00303 }
00304
00305
00306
00307 result = rpccli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
00308 &domains, &names, &types);
00309
00310 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
00311 NT_STATUS_V(STATUS_SOME_UNMAPPED))
00312 goto done;
00313
00314 result = NT_STATUS_OK;
00315
00316
00317
00318 for (i = 0; i < (argc - 1); i++) {
00319 fstring sid_str;
00320
00321 sid_to_string(sid_str, &sids[i]);
00322 printf("%s %s\\%s (%d)\n", sid_str,
00323 domains[i] ? domains[i] : "*unknown*",
00324 names[i] ? names[i] : "*unknown*", types[i]);
00325 }
00326
00327 rpccli_lsa_close(cli, mem_ctx, &pol);
00328
00329 done:
00330 return result;
00331 }
00332
00333
00334
00335 static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
00336 TALLOC_CTX *mem_ctx, int argc,
00337 const char **argv)
00338 {
00339 POLICY_HND pol;
00340 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00341 DOM_SID *domain_sids;
00342 char **domain_names;
00343
00344
00345 uint32 enum_ctx = 0;
00346 uint32 num_domains = 0;
00347 int i;
00348
00349 if (argc > 2) {
00350 printf("Usage: %s [enum context (0)]\n", argv[0]);
00351 return NT_STATUS_OK;
00352 }
00353
00354 if (argc == 2 && argv[1]) {
00355 enum_ctx = atoi(argv[2]);
00356 }
00357
00358 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00359 POLICY_VIEW_LOCAL_INFORMATION,
00360 &pol);
00361
00362 if (!NT_STATUS_IS_OK(result))
00363 goto done;
00364
00365 result = STATUS_MORE_ENTRIES;
00366
00367 while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
00368
00369
00370
00371 result = rpccli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
00372 &num_domains,
00373 &domain_names, &domain_sids);
00374 if (!NT_STATUS_IS_OK(result) &&
00375 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
00376 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
00377 goto done;
00378
00379
00380
00381 for (i = 0; i < num_domains; i++) {
00382 fstring sid_str;
00383
00384 sid_to_string(sid_str, &domain_sids[i]);
00385 printf("%s %s\n", domain_names[i] ? domain_names[i] :
00386 "*unknown*", sid_str);
00387 }
00388 }
00389
00390 rpccli_lsa_close(cli, mem_ctx, &pol);
00391 done:
00392 return result;
00393 }
00394
00395
00396
00397 static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli,
00398 TALLOC_CTX *mem_ctx, int argc,
00399 const char **argv)
00400 {
00401 POLICY_HND pol;
00402 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00403
00404 uint32 enum_context=0;
00405 uint32 pref_max_length=0x1000;
00406 uint32 count=0;
00407 char **privs_name;
00408 uint32 *privs_high;
00409 uint32 *privs_low;
00410 int i;
00411
00412 if (argc > 3) {
00413 printf("Usage: %s [enum context] [max length]\n", argv[0]);
00414 return NT_STATUS_OK;
00415 }
00416
00417 if (argc>=2)
00418 enum_context=atoi(argv[1]);
00419
00420 if (argc==3)
00421 pref_max_length=atoi(argv[2]);
00422
00423 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00424 SEC_RIGHTS_MAXIMUM_ALLOWED,
00425 &pol);
00426
00427 if (!NT_STATUS_IS_OK(result))
00428 goto done;
00429
00430 result = rpccli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
00431 &count, &privs_name, &privs_high, &privs_low);
00432
00433 if (!NT_STATUS_IS_OK(result))
00434 goto done;
00435
00436
00437 printf("found %d privileges\n\n", count);
00438
00439 for (i = 0; i < count; i++) {
00440 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
00441 privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
00442 }
00443
00444 rpccli_lsa_close(cli, mem_ctx, &pol);
00445 done:
00446 return result;
00447 }
00448
00449
00450
00451 static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli,
00452 TALLOC_CTX *mem_ctx, int argc,
00453 const char **argv)
00454 {
00455 POLICY_HND pol;
00456 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00457
00458 uint16 lang_id=0;
00459 uint16 lang_id_sys=0;
00460 uint16 lang_id_desc;
00461 fstring description;
00462
00463 if (argc != 2) {
00464 printf("Usage: %s privilege name\n", argv[0]);
00465 return NT_STATUS_OK;
00466 }
00467
00468 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00469 SEC_RIGHTS_MAXIMUM_ALLOWED,
00470 &pol);
00471
00472 if (!NT_STATUS_IS_OK(result))
00473 goto done;
00474
00475 result = rpccli_lsa_get_dispname(cli, mem_ctx, &pol, argv[1], lang_id, lang_id_sys, description, &lang_id_desc);
00476
00477 if (!NT_STATUS_IS_OK(result))
00478 goto done;
00479
00480
00481 printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
00482
00483 rpccli_lsa_close(cli, mem_ctx, &pol);
00484 done:
00485 return result;
00486 }
00487
00488
00489
00490 static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli,
00491 TALLOC_CTX *mem_ctx, int argc,
00492 const char **argv)
00493 {
00494 POLICY_HND pol;
00495 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00496
00497 uint32 enum_context=0;
00498 uint32 pref_max_length=0x1000;
00499 DOM_SID *sids;
00500 uint32 count=0;
00501 int i;
00502
00503 if (argc > 3) {
00504 printf("Usage: %s [enum context] [max length]\n", argv[0]);
00505 return NT_STATUS_OK;
00506 }
00507
00508 if (argc>=2)
00509 enum_context=atoi(argv[1]);
00510
00511 if (argc==3)
00512 pref_max_length=atoi(argv[2]);
00513
00514 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
00515 SEC_RIGHTS_MAXIMUM_ALLOWED,
00516 &pol);
00517
00518 if (!NT_STATUS_IS_OK(result))
00519 goto done;
00520
00521 result = rpccli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
00522 &count, &sids);
00523
00524 if (!NT_STATUS_IS_OK(result))
00525 goto done;
00526
00527
00528 printf("found %d SIDs\n\n", count);
00529
00530 for (i = 0; i < count; i++) {
00531 fstring sid_str;
00532
00533 sid_to_string(sid_str, &sids[i]);
00534 printf("%s\n", sid_str);
00535 }
00536
00537 rpccli_lsa_close(cli, mem_ctx, &pol);
00538 done:
00539 return result;
00540 }
00541
00542
00543
00544 static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli,
00545 TALLOC_CTX *mem_ctx, int argc,
00546 const char **argv)
00547 {
00548 POLICY_HND dom_pol;
00549 POLICY_HND user_pol;
00550 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00551 uint32 des_access = 0x000f000f;
00552
00553 DOM_SID sid;
00554
00555 if (argc != 2 ) {
00556 printf("Usage: %s SID\n", argv[0]);
00557 return NT_STATUS_OK;
00558 }
00559
00560 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
00561 if (!NT_STATUS_IS_OK(result))
00562 goto done;
00563
00564 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00565 SEC_RIGHTS_MAXIMUM_ALLOWED,
00566 &dom_pol);
00567
00568 if (!NT_STATUS_IS_OK(result))
00569 goto done;
00570
00571 result = rpccli_lsa_create_account(cli, mem_ctx, &dom_pol, &sid, des_access, &user_pol);
00572
00573 if (!NT_STATUS_IS_OK(result))
00574 goto done;
00575
00576 printf("Account for SID %s successfully created\n\n", argv[1]);
00577 result = NT_STATUS_OK;
00578
00579 rpccli_lsa_close(cli, mem_ctx, &dom_pol);
00580 done:
00581 return result;
00582 }
00583
00584
00585
00586
00587 static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli,
00588 TALLOC_CTX *mem_ctx, int argc,
00589 const char **argv)
00590 {
00591 POLICY_HND dom_pol;
00592 POLICY_HND user_pol;
00593 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00594 uint32 access_desired = 0x000f000f;
00595
00596 DOM_SID sid;
00597 uint32 count=0;
00598 LUID_ATTR *set;
00599 int i;
00600
00601 if (argc != 2 ) {
00602 printf("Usage: %s SID\n", argv[0]);
00603 return NT_STATUS_OK;
00604 }
00605
00606 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
00607 if (!NT_STATUS_IS_OK(result))
00608 goto done;
00609
00610 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00611 SEC_RIGHTS_MAXIMUM_ALLOWED,
00612 &dom_pol);
00613
00614 if (!NT_STATUS_IS_OK(result))
00615 goto done;
00616
00617 result = rpccli_lsa_open_account(cli, mem_ctx, &dom_pol, &sid, access_desired, &user_pol);
00618
00619 if (!NT_STATUS_IS_OK(result))
00620 goto done;
00621
00622 result = rpccli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set);
00623
00624 if (!NT_STATUS_IS_OK(result))
00625 goto done;
00626
00627
00628 printf("found %d privileges for SID %s\n\n", count, argv[1]);
00629 printf("high\tlow\tattribute\n");
00630
00631 for (i = 0; i < count; i++) {
00632 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
00633 }
00634
00635 rpccli_lsa_close(cli, mem_ctx, &dom_pol);
00636 done:
00637 return result;
00638 }
00639
00640
00641
00642
00643 static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
00644 TALLOC_CTX *mem_ctx, int argc,
00645 const char **argv)
00646 {
00647 POLICY_HND dom_pol;
00648 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00649
00650 DOM_SID sid;
00651 uint32 count;
00652 char **rights;
00653
00654 int i;
00655
00656 if (argc != 2 ) {
00657 printf("Usage: %s SID\n", argv[0]);
00658 return NT_STATUS_OK;
00659 }
00660
00661 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
00662 if (!NT_STATUS_IS_OK(result))
00663 goto done;
00664
00665 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00666 SEC_RIGHTS_MAXIMUM_ALLOWED,
00667 &dom_pol);
00668
00669 if (!NT_STATUS_IS_OK(result))
00670 goto done;
00671
00672 result = rpccli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, &sid, &count, &rights);
00673
00674 if (!NT_STATUS_IS_OK(result))
00675 goto done;
00676
00677 printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
00678
00679 for (i = 0; i < count; i++) {
00680 printf("\t%s\n", rights[i]);
00681 }
00682
00683 rpccli_lsa_close(cli, mem_ctx, &dom_pol);
00684 done:
00685 return result;
00686 }
00687
00688
00689
00690
00691 static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli,
00692 TALLOC_CTX *mem_ctx, int argc,
00693 const char **argv)
00694 {
00695 POLICY_HND dom_pol;
00696 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00697
00698 DOM_SID sid;
00699
00700 if (argc < 3 ) {
00701 printf("Usage: %s SID [rights...]\n", argv[0]);
00702 return NT_STATUS_OK;
00703 }
00704
00705 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
00706 if (!NT_STATUS_IS_OK(result))
00707 goto done;
00708
00709 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00710 SEC_RIGHTS_MAXIMUM_ALLOWED,
00711 &dom_pol);
00712
00713 if (!NT_STATUS_IS_OK(result))
00714 goto done;
00715
00716 result = rpccli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid,
00717 argc-2, argv+2);
00718
00719 if (!NT_STATUS_IS_OK(result))
00720 goto done;
00721
00722 rpccli_lsa_close(cli, mem_ctx, &dom_pol);
00723 done:
00724 return result;
00725 }
00726
00727
00728
00729
00730 static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
00731 TALLOC_CTX *mem_ctx, int argc,
00732 const char **argv)
00733 {
00734 POLICY_HND dom_pol;
00735 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00736
00737 DOM_SID sid;
00738
00739 if (argc < 3 ) {
00740 printf("Usage: %s SID [rights...]\n", argv[0]);
00741 return NT_STATUS_OK;
00742 }
00743
00744 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
00745 if (!NT_STATUS_IS_OK(result))
00746 goto done;
00747
00748 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00749 SEC_RIGHTS_MAXIMUM_ALLOWED,
00750 &dom_pol);
00751
00752 if (!NT_STATUS_IS_OK(result))
00753 goto done;
00754
00755 result = rpccli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid,
00756 False, argc-2, argv+2);
00757
00758 if (!NT_STATUS_IS_OK(result))
00759 goto done;
00760
00761 rpccli_lsa_close(cli, mem_ctx, &dom_pol);
00762
00763 done:
00764 return result;
00765 }
00766
00767
00768
00769
00770 static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli,
00771 TALLOC_CTX *mem_ctx, int argc,
00772 const char **argv)
00773 {
00774 POLICY_HND pol;
00775 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00776 LUID luid;
00777
00778 if (argc != 2 ) {
00779 printf("Usage: %s name\n", argv[0]);
00780 return NT_STATUS_OK;
00781 }
00782
00783 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00784 SEC_RIGHTS_MAXIMUM_ALLOWED,
00785 &pol);
00786
00787 if (!NT_STATUS_IS_OK(result))
00788 goto done;
00789
00790 result = rpccli_lsa_lookup_priv_value(cli, mem_ctx, &pol, argv[1], &luid);
00791
00792 if (!NT_STATUS_IS_OK(result))
00793 goto done;
00794
00795
00796
00797 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
00798
00799 rpccli_lsa_close(cli, mem_ctx, &pol);
00800 done:
00801 return result;
00802 }
00803
00804
00805
00806 static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
00807 TALLOC_CTX *mem_ctx, int argc,
00808 const char **argv)
00809 {
00810 POLICY_HND pol;
00811 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00812 SEC_DESC_BUF *sdb;
00813 uint32 sec_info = DACL_SECURITY_INFORMATION;
00814
00815 if (argc < 1 || argc > 2) {
00816 printf("Usage: %s [sec_info]\n", argv[0]);
00817 return NT_STATUS_OK;
00818 }
00819
00820 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
00821 SEC_RIGHTS_MAXIMUM_ALLOWED,
00822 &pol);
00823
00824 if (argc == 2)
00825 sscanf(argv[1], "%x", &sec_info);
00826
00827 if (!NT_STATUS_IS_OK(result))
00828 goto done;
00829
00830 result = rpccli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
00831
00832 if (!NT_STATUS_IS_OK(result))
00833 goto done;
00834
00835
00836
00837 display_sec_desc(sdb->sec);
00838
00839 rpccli_lsa_close(cli, mem_ctx, &pol);
00840 done:
00841 return result;
00842 }
00843
00844 static void display_trust_dom_info_1(TRUSTED_DOMAIN_INFO_NAME *n)
00845 {
00846 printf("NetBIOS Name:\t%s\n", unistr2_static(&n->netbios_name.unistring));
00847 }
00848
00849 static void display_trust_dom_info_3(TRUSTED_DOMAIN_INFO_POSIX_OFFSET *p)
00850 {
00851 printf("Posix Offset:\t%08x (%d)\n", p->posix_offset, p->posix_offset);
00852 }
00853
00854 static void display_trust_dom_info_4(TRUSTED_DOMAIN_INFO_PASSWORD *p, const char *password)
00855 {
00856 char *pwd, *pwd_old;
00857
00858 DATA_BLOB data = data_blob(NULL, p->password.length);
00859 DATA_BLOB data_old = data_blob(NULL, p->old_password.length);
00860
00861 memcpy(data.data, p->password.data, p->password.length);
00862 memcpy(data_old.data, p->old_password.data, p->old_password.length);
00863
00864 pwd = decrypt_trustdom_secret(password, &data);
00865 pwd_old = decrypt_trustdom_secret(password, &data_old);
00866
00867 d_printf("Password:\t%s\n", pwd);
00868 d_printf("Old Password:\t%s\n", pwd_old);
00869
00870 SAFE_FREE(pwd);
00871 SAFE_FREE(pwd_old);
00872
00873 data_blob_free(&data);
00874 data_blob_free(&data_old);
00875 }
00876
00877 static void display_trust_dom_info_6(TRUSTED_DOMAIN_INFO_EX *i)
00878 {
00879 printf("Domain Name:\t\t%s\n", unistr2_static(&i->domain_name.unistring));
00880 printf("NetBIOS Name:\t\t%s\n", unistr2_static(&i->netbios_name.unistring));
00881 printf("SID:\t\t\t%s\n", sid_string_static(&i->sid.sid));
00882 printf("Trust Direction:\t0x%08x\n", i->trust_direction);
00883 printf("Trust Type:\t\t0x%08x\n", i->trust_type);
00884 printf("Trust Attributes:\t0x%08x\n", i->trust_attributes);
00885 }
00886
00887
00888 static void display_trust_dom_info(LSA_TRUSTED_DOMAIN_INFO *info, uint32 info_class, const char *pass)
00889 {
00890 switch (info_class) {
00891 case 1:
00892 display_trust_dom_info_1(&info->name);
00893 break;
00894 case 3:
00895 display_trust_dom_info_3(&info->posix_offset);
00896 break;
00897 case 4:
00898 display_trust_dom_info_4(&info->password, pass);
00899 break;
00900 case 6:
00901 display_trust_dom_info_6(&info->info_ex);
00902 break;
00903 default:
00904 printf("unsupported info-class: %d\n", info_class);
00905 break;
00906 }
00907 }
00908
00909 static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
00910 TALLOC_CTX *mem_ctx, int argc,
00911 const char **argv)
00912 {
00913 POLICY_HND pol;
00914 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00915 DOM_SID dom_sid;
00916 uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
00917 LSA_TRUSTED_DOMAIN_INFO *info;
00918
00919 uint32 info_class = 1;
00920
00921 if (argc > 3 || argc < 2) {
00922 printf("Usage: %s [sid] [info_class]\n", argv[0]);
00923 return NT_STATUS_OK;
00924 }
00925
00926 if (!string_to_sid(&dom_sid, argv[1]))
00927 return NT_STATUS_NO_MEMORY;
00928
00929 if (argc == 3)
00930 info_class = atoi(argv[2]);
00931
00932 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
00933
00934 if (!NT_STATUS_IS_OK(result))
00935 goto done;
00936
00937 result = rpccli_lsa_query_trusted_domain_info_by_sid(cli, mem_ctx, &pol,
00938 info_class, &dom_sid, &info);
00939
00940 if (!NT_STATUS_IS_OK(result))
00941 goto done;
00942
00943 display_trust_dom_info(info, info_class, cli->pwd.password);
00944
00945 done:
00946 if (&pol)
00947 rpccli_lsa_close(cli, mem_ctx, &pol);
00948
00949 return result;
00950 }
00951
00952 static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
00953 TALLOC_CTX *mem_ctx, int argc,
00954 const char **argv)
00955 {
00956 POLICY_HND pol;
00957 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00958 uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
00959 LSA_TRUSTED_DOMAIN_INFO *info;
00960 uint32 info_class = 1;
00961
00962 if (argc > 3 || argc < 2) {
00963 printf("Usage: %s [name] [info_class]\n", argv[0]);
00964 return NT_STATUS_OK;
00965 }
00966
00967 if (argc == 3)
00968 info_class = atoi(argv[2]);
00969
00970 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
00971
00972 if (!NT_STATUS_IS_OK(result))
00973 goto done;
00974
00975 result = rpccli_lsa_query_trusted_domain_info_by_name(cli, mem_ctx, &pol,
00976 info_class, argv[1], &info);
00977
00978 if (!NT_STATUS_IS_OK(result))
00979 goto done;
00980
00981 display_trust_dom_info(info, info_class, cli->pwd.password);
00982
00983 done:
00984 if (&pol)
00985 rpccli_lsa_close(cli, mem_ctx, &pol);
00986
00987 return result;
00988 }
00989
00990 static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
00991 TALLOC_CTX *mem_ctx, int argc,
00992 const char **argv)
00993 {
00994 POLICY_HND pol, trustdom_pol;
00995 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
00996 uint32 access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
00997 LSA_TRUSTED_DOMAIN_INFO *info;
00998 DOM_SID dom_sid;
00999 uint32 info_class = 1;
01000
01001 if (argc > 3 || argc < 2) {
01002 printf("Usage: %s [sid] [info_class]\n", argv[0]);
01003 return NT_STATUS_OK;
01004 }
01005
01006 if (!string_to_sid(&dom_sid, argv[1]))
01007 return NT_STATUS_NO_MEMORY;
01008
01009
01010 if (argc == 3)
01011 info_class = atoi(argv[2]);
01012
01013 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
01014
01015 if (!NT_STATUS_IS_OK(result))
01016 goto done;
01017
01018 result = rpccli_lsa_open_trusted_domain(cli, mem_ctx, &pol,
01019 &dom_sid, access_mask, &trustdom_pol);
01020
01021 if (!NT_STATUS_IS_OK(result))
01022 goto done;
01023
01024 result = rpccli_lsa_query_trusted_domain_info(cli, mem_ctx, &trustdom_pol,
01025 info_class, &info);
01026
01027 if (!NT_STATUS_IS_OK(result))
01028 goto done;
01029
01030 display_trust_dom_info(info, info_class, cli->pwd.password);
01031
01032 done:
01033 if (&pol)
01034 rpccli_lsa_close(cli, mem_ctx, &pol);
01035
01036 return result;
01037 }
01038
01039
01040
01041
01042
01043 struct cmd_set lsarpc_commands[] = {
01044
01045 { "LSARPC" },
01046
01047 { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, PI_LSARPC, NULL, "Query info policy", "" },
01048 { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, PI_LSARPC, NULL, "Convert SIDs to names", "" },
01049 { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, PI_LSARPC, NULL, "Convert names to SIDs", "" },
01050 { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, PI_LSARPC, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
01051 { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, PI_LSARPC, NULL, "Enumerate privileges", "" },
01052 { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, PI_LSARPC, NULL, "Get the privilege name", "" },
01053 { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, NULL, "Enumerate the LSA SIDS", "" },
01054 { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, PI_LSARPC, NULL, "Create a new lsa account", "" },
01055 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, NULL, "Enumerate the privileges of an SID", "" },
01056 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, NULL, "Enumerate the rights of an SID", "" },
01057 #if 0
01058 { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, PI_LSARPC, "Assign a privilege to a SID", "" },
01059 { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, PI_LSARPC, "Revoke a privilege from a SID", "" },
01060 #endif
01061 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, NULL, "Add rights to an account", "" },
01062 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, NULL, "Remove rights from an account", "" },
01063 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, PI_LSARPC, NULL, "Get a privilege value given its name", "" },
01064 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, PI_LSARPC, NULL, "Query LSA security object", "" },
01065 { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, PI_LSARPC, NULL, "Query LSA trusted domains info (given a SID)", "" },
01066 { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, PI_LSARPC, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
01067 { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, PI_LSARPC, NULL, "Query LSA trusted domains info (given a SID)", "" },
01068
01069 { NULL }
01070 };
01071