関数 | |
| static int | net_help_audit (int argc, const char **argv) |
| static void | print_auditing_category (const char *policy, const char *value) |
| static NTSTATUS | rpc_audit_get_internal (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
| static NTSTATUS | rpc_audit_set_internal (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
| static NTSTATUS | rpc_audit_enable_internal_ext (struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv, BOOL enable) |
| static NTSTATUS | rpc_audit_disable_internal (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
| static NTSTATUS | rpc_audit_enable_internal (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
| static NTSTATUS | rpc_audit_list_internal (const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv) |
| static int | rpc_audit_get (int argc, const char **argv) |
| static int | rpc_audit_set (int argc, const char **argv) |
| static int | rpc_audit_enable (int argc, const char **argv) |
| static int | rpc_audit_disable (int argc, const char **argv) |
| static int | rpc_audit_list (int argc, const char **argv) |
| int | net_rpc_audit (int argc, const char **argv) |
| static int net_help_audit | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 26 行で定義されています。
参照先 d_printf().
参照元 net_rpc_audit()・rpc_audit_get_internal()・rpc_audit_set_internal().
00027 { 00028 d_printf("net rpc audit list View configured Auditing policies\n"); 00029 d_printf("net rpc audit enable Enable Auditing\n"); 00030 d_printf("net rpc audit disable Disable Auditing\n"); 00031 d_printf("net rpc audit get <category> View configured Auditing policy setting\n"); 00032 d_printf("net rpc audit set <category> <policy> Set Auditing policies\n\n"); 00033 d_printf("\tcategory can be one of: SYSTEM, LOGON, OBJECT, PRIVILEGE, PROCESS, POLICY, SAM, DIRECTORY or ACCOUNT\n"); 00034 d_printf("\tpolicy can be one of: SUCCESS, FAILURE, ALL or NONE\n\n"); 00035 00036 return -1; 00037 }
| static void print_auditing_category | ( | const char * | policy, | |
| const char * | value | |||
| ) | [static] |
net_rpc_audit.c の 42 行で定義されています。
参照先 d_printf().
参照元 rpc_audit_get_internal()・rpc_audit_list_internal()・rpc_audit_set_internal().
00043 { 00044 fstring padding; 00045 int pad_len, col_len = 30; 00046 00047 if (policy == NULL) { 00048 policy = "Unknown"; 00049 } 00050 if (value == NULL) { 00051 value = "Invalid"; 00052 } 00053 00054 /* calculate padding space for d_printf to look nicer */ 00055 pad_len = col_len - strlen(policy); 00056 padding[pad_len] = 0; 00057 do padding[--pad_len] = ' '; while (pad_len > 0); 00058 00059 d_printf("\t%s%s%s\n", policy, padding, value); 00060 }
| static NTSTATUS rpc_audit_get_internal | ( | const DOM_SID * | domain_sid, | |
| const char * | domain_name, | |||
| struct cli_state * | cli, | |||
| struct rpc_pipe_client * | pipe_hnd, | |||
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 66 行で定義されています。
参照先 audit_description_str()・audit_policy_str()・dom_query_2::auditsettings・dom_query_2::count1・d_printf()・get_audit_category_from_param()・lsa_info_ctr::id2・lsa_info_ctr::info・net_help_audit()・nt_errstr()・pol・print_auditing_category()・result・rpccli_lsa_open_policy()・rpccli_lsa_query_info_policy_new().
参照元 rpc_audit_get().
00073 { 00074 POLICY_HND pol; 00075 NTSTATUS result = NT_STATUS_UNSUCCESSFUL; 00076 LSA_INFO_CTR dom; 00077 int i; 00078 00079 uint32 info_class = 2; 00080 uint32 audit_category; 00081 00082 if (argc < 1 || argc > 2) { 00083 d_printf("insufficient arguments\n"); 00084 net_help_audit(argc, argv); 00085 return NT_STATUS_INVALID_PARAMETER; 00086 } 00087 00088 if (!get_audit_category_from_param(argv[0], &audit_category)) { 00089 d_printf("invalid auditing category: %s\n", argv[0]); 00090 return NT_STATUS_INVALID_PARAMETER; 00091 } 00092 00093 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, 00094 SEC_RIGHTS_MAXIMUM_ALLOWED, 00095 &pol); 00096 00097 if (!NT_STATUS_IS_OK(result)) { 00098 goto done; 00099 } 00100 00101 result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, 00102 info_class, 00103 &dom); 00104 00105 if (!NT_STATUS_IS_OK(result)) { 00106 goto done; 00107 } 00108 00109 for (i=0; i < dom.info.id2.count1; i++) { 00110 00111 const char *val = NULL, *policy = NULL; 00112 00113 if (i != audit_category) { 00114 continue; 00115 } 00116 00117 val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); 00118 policy = audit_description_str(i); 00119 print_auditing_category(policy, val); 00120 } 00121 00122 done: 00123 if (!NT_STATUS_IS_OK(result)) { 00124 d_printf("failed to get auditing policy: %s\n", nt_errstr(result)); 00125 } 00126 00127 return result; 00128 }
| static NTSTATUS rpc_audit_set_internal | ( | const DOM_SID * | domain_sid, | |
| const char * | domain_name, | |||
| struct cli_state * | cli, | |||
| struct rpc_pipe_client * | pipe_hnd, | |||
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 133 行で定義されています。
参照先 audit_description_str()・audit_policy_str()・dom_query_2::auditsettings・d_printf()・get_audit_category_from_param()・lsa_info_ctr::id2・lsa_info_ctr::info・net_help_audit()・nt_errstr()・pol・print_auditing_category()・result・rpccli_lsa_open_policy()・rpccli_lsa_query_info_policy_new()・rpccli_lsa_set_info_policy()・strequal().
参照元 rpc_audit_set().
00140 { 00141 POLICY_HND pol; 00142 NTSTATUS result = NT_STATUS_UNSUCCESSFUL; 00143 LSA_INFO_CTR dom; 00144 00145 uint32 info_class = 2; 00146 uint32 audit_policy, audit_category; 00147 00148 if (argc < 2 || argc > 3) { 00149 d_printf("insufficient arguments\n"); 00150 net_help_audit(argc, argv); 00151 return NT_STATUS_INVALID_PARAMETER; 00152 } 00153 00154 if (!get_audit_category_from_param(argv[0], &audit_category)) { 00155 d_printf("invalid auditing category: %s\n", argv[0]); 00156 return NT_STATUS_INVALID_PARAMETER; 00157 } 00158 00159 audit_policy = LSA_AUDIT_POLICY_CLEAR; 00160 00161 if (strequal(argv[1], "Success")) { 00162 audit_policy |= LSA_AUDIT_POLICY_SUCCESS; 00163 } else if (strequal(argv[1], "Failure")) { 00164 audit_policy |= LSA_AUDIT_POLICY_FAILURE; 00165 } else if (strequal(argv[1], "All")) { 00166 audit_policy |= LSA_AUDIT_POLICY_ALL; 00167 } else if (strequal(argv[1], "None")) { 00168 audit_policy = LSA_AUDIT_POLICY_CLEAR; 00169 } else { 00170 d_printf("invalid auditing policy: %s\n", argv[1]); 00171 return NT_STATUS_INVALID_PARAMETER; 00172 } 00173 00174 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, 00175 SEC_RIGHTS_MAXIMUM_ALLOWED, 00176 &pol); 00177 00178 if (!NT_STATUS_IS_OK(result)) { 00179 goto done; 00180 } 00181 00182 result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, 00183 info_class, 00184 &dom); 00185 00186 if (!NT_STATUS_IS_OK(result)) { 00187 goto done; 00188 } 00189 00190 dom.info.id2.auditsettings[audit_category] = audit_policy; 00191 00192 result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, 00193 info_class, 00194 dom); 00195 if (!NT_STATUS_IS_OK(result)) { 00196 goto done; 00197 } 00198 00199 result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, 00200 info_class, 00201 &dom); 00202 00203 { 00204 const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[audit_category]); 00205 const char *policy = audit_description_str(audit_category); 00206 print_auditing_category(policy, val); 00207 } 00208 00209 done: 00210 if (!NT_STATUS_IS_OK(result)) { 00211 d_printf("failed to set audit policy: %s\n", nt_errstr(result)); 00212 } 00213 00214 return result; 00215 }
| static NTSTATUS rpc_audit_enable_internal_ext | ( | struct rpc_pipe_client * | pipe_hnd, | |
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv, | |||
| BOOL | enable | |||
| ) | [static] |
net_rpc_audit.c の 217 行で定義されています。
参照先 dom_query_2::auditing_enabled・d_printf()・lsa_info_ctr::id2・lsa_info_ctr::info・nt_errstr()・pol・result・rpccli_lsa_open_policy()・rpccli_lsa_query_info_policy_new()・rpccli_lsa_set_info_policy().
参照元 rpc_audit_disable_internal()・rpc_audit_enable_internal().
00222 { 00223 POLICY_HND pol; 00224 NTSTATUS result = NT_STATUS_UNSUCCESSFUL; 00225 LSA_INFO_CTR dom; 00226 00227 uint32 info_class = 2; 00228 00229 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, 00230 SEC_RIGHTS_MAXIMUM_ALLOWED, 00231 &pol); 00232 00233 if (!NT_STATUS_IS_OK(result)) { 00234 goto done; 00235 } 00236 00237 result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, 00238 info_class, 00239 &dom); 00240 00241 if (!NT_STATUS_IS_OK(result)) { 00242 goto done; 00243 } 00244 00245 dom.info.id2.auditing_enabled = enable; 00246 00247 result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, 00248 info_class, 00249 dom); 00250 00251 if (!NT_STATUS_IS_OK(result)) { 00252 goto done; 00253 } 00254 00255 done: 00256 if (!NT_STATUS_IS_OK(result)) { 00257 d_printf("failed to %s audit policy: %s\n", enable ? "enable":"disable", 00258 nt_errstr(result)); 00259 } 00260 00261 return result; 00262 }
| static NTSTATUS rpc_audit_disable_internal | ( | const DOM_SID * | domain_sid, | |
| const char * | domain_name, | |||
| struct cli_state * | cli, | |||
| struct rpc_pipe_client * | pipe_hnd, | |||
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 266 行で定義されています。
参照先 rpc_audit_enable_internal_ext().
参照元 rpc_audit_disable().
00273 { 00274 return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, False); 00275 }
| static NTSTATUS rpc_audit_enable_internal | ( | const DOM_SID * | domain_sid, | |
| const char * | domain_name, | |||
| struct cli_state * | cli, | |||
| struct rpc_pipe_client * | pipe_hnd, | |||
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 280 行で定義されています。
参照先 rpc_audit_enable_internal_ext().
参照元 rpc_audit_enable().
00287 { 00288 return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, True); 00289 }
| static NTSTATUS rpc_audit_list_internal | ( | const DOM_SID * | domain_sid, | |
| const char * | domain_name, | |||
| struct cli_state * | cli, | |||
| struct rpc_pipe_client * | pipe_hnd, | |||
| TALLOC_CTX * | mem_ctx, | |||
| int | argc, | |||
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 294 行で定義されています。
参照先 audit_description_str()・audit_policy_str()・dom_query_2::auditing_enabled・dom_query_2::auditsettings・dom_query_2::count1・d_printf()・lsa_info_ctr::id2・lsa_info_ctr::info・nt_errstr()・pol・print_auditing_category()・printf()・result・rpccli_lsa_open_policy()・rpccli_lsa_query_info_policy_new().
参照元 rpc_audit_list().
00301 { 00302 POLICY_HND pol; 00303 NTSTATUS result = NT_STATUS_UNSUCCESSFUL; 00304 LSA_INFO_CTR dom; 00305 int i; 00306 00307 uint32 info_class = 2; 00308 00309 result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, 00310 SEC_RIGHTS_MAXIMUM_ALLOWED, 00311 &pol); 00312 00313 if (!NT_STATUS_IS_OK(result)) { 00314 goto done; 00315 } 00316 00317 result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, 00318 info_class, 00319 &dom); 00320 00321 if (!NT_STATUS_IS_OK(result)) { 00322 goto done; 00323 } 00324 00325 printf("Auditing:\t\t"); 00326 switch (dom.info.id2.auditing_enabled) { 00327 case True: 00328 printf("Enabled"); 00329 break; 00330 case False: 00331 printf("Disabled"); 00332 break; 00333 default: 00334 printf("unknown (%d)", dom.info.id2.auditing_enabled); 00335 break; 00336 } 00337 printf("\n"); 00338 00339 printf("Auditing categories:\t%d\n", dom.info.id2.count1); 00340 printf("Auditing settings:\n"); 00341 00342 for (i=0; i < dom.info.id2.count1; i++) { 00343 const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); 00344 const char *policy = audit_description_str(i); 00345 print_auditing_category(policy, val); 00346 } 00347 00348 done: 00349 if (!NT_STATUS_IS_OK(result)) { 00350 d_printf("failed to list auditing policies: %s\n", nt_errstr(result)); 00351 } 00352 00353 return result; 00354 }
| static int rpc_audit_get | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 361 行で定義されています。
参照先 rpc_audit_get_internal()・run_rpc_command().
参照元 net_rpc_audit().
00362 { 00363 return run_rpc_command(NULL, PI_LSARPC, 0, 00364 rpc_audit_get_internal, argc, argv); 00365 }
| static int rpc_audit_set | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 370 行で定義されています。
参照先 rpc_audit_set_internal()・run_rpc_command().
参照元 net_rpc_audit().
00371 { 00372 return run_rpc_command(NULL, PI_LSARPC, 0, 00373 rpc_audit_set_internal, argc, argv); 00374 }
| static int rpc_audit_enable | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 379 行で定義されています。
参照先 rpc_audit_enable_internal()・run_rpc_command().
参照元 net_rpc_audit().
00380 { 00381 return run_rpc_command(NULL, PI_LSARPC, 0, 00382 rpc_audit_enable_internal, argc, argv); 00383 }
| static int rpc_audit_disable | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 388 行で定義されています。
参照先 rpc_audit_disable_internal()・run_rpc_command().
参照元 net_rpc_audit().
00389 { 00390 return run_rpc_command(NULL, PI_LSARPC, 0, 00391 rpc_audit_disable_internal, argc, argv); 00392 }
| static int rpc_audit_list | ( | int | argc, | |
| const char ** | argv | |||
| ) | [static] |
net_rpc_audit.c の 397 行で定義されています。
参照先 rpc_audit_list_internal()・run_rpc_command().
参照元 net_rpc_audit().
00398 { 00399 return run_rpc_command(NULL, PI_LSARPC, 0, 00400 rpc_audit_list_internal, argc, argv); 00401 }
| int net_rpc_audit | ( | int | argc, | |
| const char ** | argv | |||
| ) |
net_rpc_audit.c の 406 行で定義されています。
参照先 net_help_audit()・net_run_function()・rpc_audit_disable()・rpc_audit_enable()・rpc_audit_get()・rpc_audit_list()・rpc_audit_set().
参照元 net_rpc().
00407 { 00408 struct functable func[] = { 00409 {"get", rpc_audit_get}, 00410 {"set", rpc_audit_set}, 00411 {"enable", rpc_audit_enable}, 00412 {"disable", rpc_audit_disable}, 00413 {"list", rpc_audit_list}, 00414 {NULL, NULL} 00415 }; 00416 00417 if (argc) 00418 return net_run_function(argc, argv, func, net_help_audit); 00419 00420 return net_help_audit(argc, argv); 00421 }
1.4.7