2 Unix SMB/CIFS implementation.
5 Copyright (C) Andrew Tridgell 1992-2000,
6 Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7 Copyright (C) Elrond 2000,
8 Copyright (C) Tim Potter 2000
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "rpcclient.h"
27 extern DOM_SID domain_sid;
29 static void init_lsa_String(struct lsa_String *name, const char *s)
34 /****************************************************************************
35 display sam_user_info_7 structure
36 ****************************************************************************/
37 static void display_sam_user_info_7(SAM_USER_INFO_7 *usr)
41 unistr2_to_ascii(temp, &usr->uni_name, sizeof(temp));
42 printf("\tUser Name :\t%s\n", temp);
45 /****************************************************************************
46 display sam_user_info_9 structure
47 ****************************************************************************/
48 static void display_sam_user_info_9(SAM_USER_INFO_9 *usr)
50 printf("\tPrimary group RID :\tox%x\n", usr->rid_group);
53 /****************************************************************************
54 display sam_user_info_16 structure
55 ****************************************************************************/
56 static void display_sam_user_info_16(SAM_USER_INFO_16 *usr)
58 printf("\tAcct Flags :\tox%x\n", usr->acb_info);
61 /****************************************************************************
62 display sam_user_info_21 structure
63 ****************************************************************************/
64 static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
68 unistr2_to_ascii(temp, &usr->uni_user_name, sizeof(temp));
69 printf("\tUser Name :\t%s\n", temp);
71 unistr2_to_ascii(temp, &usr->uni_full_name, sizeof(temp));
72 printf("\tFull Name :\t%s\n", temp);
74 unistr2_to_ascii(temp, &usr->uni_home_dir, sizeof(temp));
75 printf("\tHome Drive :\t%s\n", temp);
77 unistr2_to_ascii(temp, &usr->uni_dir_drive, sizeof(temp));
78 printf("\tDir Drive :\t%s\n", temp);
80 unistr2_to_ascii(temp, &usr->uni_profile_path, sizeof(temp));
81 printf("\tProfile Path:\t%s\n", temp);
83 unistr2_to_ascii(temp, &usr->uni_logon_script, sizeof(temp));
84 printf("\tLogon Script:\t%s\n", temp);
86 unistr2_to_ascii(temp, &usr->uni_acct_desc, sizeof(temp));
87 printf("\tDescription :\t%s\n", temp);
89 unistr2_to_ascii(temp, &usr->uni_workstations, sizeof(temp));
90 printf("\tWorkstations:\t%s\n", temp);
92 unistr2_to_ascii(temp, &usr->uni_comment, sizeof(temp));
93 printf("\tUnknown Str :\t%s\n", temp);
95 unistr2_to_ascii(temp, &usr->uni_munged_dial, sizeof(temp));
96 printf("\tRemote Dial :\t%s\n", temp);
98 printf("\tLogon Time :\t%s\n",
99 http_timestring(nt_time_to_unix(usr->logon_time)));
100 printf("\tLogoff Time :\t%s\n",
101 http_timestring(nt_time_to_unix(usr->logoff_time)));
102 printf("\tKickoff Time :\t%s\n",
103 http_timestring(nt_time_to_unix(usr->kickoff_time)));
104 printf("\tPassword last set Time :\t%s\n",
105 http_timestring(nt_time_to_unix(usr->pass_last_set_time)));
106 printf("\tPassword can change Time :\t%s\n",
107 http_timestring(nt_time_to_unix(usr->pass_can_change_time)));
108 printf("\tPassword must change Time:\t%s\n",
109 http_timestring(nt_time_to_unix(usr->pass_must_change_time)));
111 printf("\tunknown_2[0..31]...\n"); /* user passwords? */
113 printf("\tuser_rid :\t0x%x\n" , usr->user_rid ); /* User ID */
114 printf("\tgroup_rid:\t0x%x\n" , usr->group_rid); /* Group ID */
115 printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
117 printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
118 printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
119 printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
120 printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
122 printf("\tpadding1[0..7]...\n");
124 if (usr->ptr_logon_hrs) {
125 printf("\tlogon_hrs[0..%d]...\n", usr->logon_hrs.len);
130 static void display_password_properties(uint32_t password_properties)
132 printf("password_properties: 0x%08x\n", password_properties);
134 if (password_properties & DOMAIN_PASSWORD_COMPLEX)
135 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
137 if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
138 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
140 if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
141 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
143 if (password_properties & DOMAIN_PASSWORD_LOCKOUT_ADMINS)
144 printf("\tDOMAIN_PASSWORD_LOCKOUT_ADMINS\n");
146 if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
147 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
149 if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
150 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
153 static void display_sam_dom_info_1(struct samr_DomInfo1 *info1)
155 printf("Minimum password length:\t\t\t%d\n",
156 info1->min_password_length);
157 printf("Password uniqueness (remember x passwords):\t%d\n",
158 info1->password_history_length);
159 display_password_properties(info1->password_properties);
160 printf("password expire in:\t\t\t\t%s\n",
161 display_time(info1->max_password_age));
162 printf("Min password age (allow changing in x days):\t%s\n",
163 display_time(info1->min_password_age));
166 static void display_sam_dom_info_2(struct samr_DomInfo2 *info2)
168 printf("Domain:\t\t%s\n", info2->domain_name.string);
169 printf("Server:\t\t%s\n", info2->primary.string);
170 printf("Comment:\t%s\n", info2->comment.string);
172 printf("Total Users:\t%d\n", info2->num_users);
173 printf("Total Groups:\t%d\n", info2->num_groups);
174 printf("Total Aliases:\t%d\n", info2->num_aliases);
176 printf("Sequence No:\t%llu\n", (unsigned long long)info2->sequence_num);
178 printf("Force Logoff:\t%d\n",
179 (int)nt_time_to_unix_abs(&info2->force_logoff_time));
181 printf("Unknown 2:\t0x%x\n", info2->unknown2);
182 printf("Server Role:\t%s\n", server_role_str(info2->role));
183 printf("Unknown 3:\t0x%x\n", info2->unknown3);
186 static void display_sam_dom_info_3(struct samr_DomInfo3 *info3)
188 printf("Force Logoff:\t%d\n",
189 (int)nt_time_to_unix_abs(&info3->force_logoff_time));
192 static void display_sam_dom_info_4(struct samr_DomInfo4 *info4)
194 printf("Comment:\t%s\n", info4->comment.string);
197 static void display_sam_dom_info_5(struct samr_DomInfo5 *info5)
199 printf("Domain:\t\t%s\n", info5->domain_name.string);
202 static void display_sam_dom_info_6(struct samr_DomInfo6 *info6)
204 printf("Server:\t\t%s\n", info6->primary.string);
207 static void display_sam_dom_info_7(struct samr_DomInfo7 *info7)
209 printf("Server Role:\t%s\n", server_role_str(info7->role));
212 static void display_sam_dom_info_8(struct samr_DomInfo8 *info8)
214 printf("Sequence No:\t%llu\n", (unsigned long long)info8->sequence_num);
215 printf("Domain Create Time:\t%s\n",
216 http_timestring(nt_time_to_unix(info8->domain_create_time)));
219 static void display_sam_dom_info_9(struct samr_DomInfo9 *info9)
221 printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown);
224 static void display_sam_dom_info_12(struct samr_DomInfo12 *info12)
226 printf("Bad password lockout duration: %s\n",
227 display_time(info12->lockout_duration));
228 printf("Reset Lockout after: %s\n",
229 display_time(info12->lockout_window));
230 printf("Lockout after bad attempts: %d\n",
231 info12->lockout_threshold);
234 static void display_sam_dom_info_13(struct samr_DomInfo13 *info13)
236 printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num);
237 printf("Domain Create Time:\t%s\n",
238 http_timestring(nt_time_to_unix(info13->domain_create_time)));
239 printf("Unknown1:\t%d\n", info13->unknown1);
240 printf("Unknown2:\t%d\n", info13->unknown2);
244 static void display_sam_info_1(SAM_ENTRY1 *e1, SAM_STR1 *s1)
248 printf("index: 0x%x ", e1->user_idx);
249 printf("RID: 0x%x ", e1->rid_user);
250 printf("acb: 0x%x ", e1->acb_info);
252 unistr2_to_ascii(tmp, &s1->uni_acct_name, sizeof(tmp));
253 printf("Account: %s\t", tmp);
255 unistr2_to_ascii(tmp, &s1->uni_full_name, sizeof(tmp));
256 printf("Name: %s\t", tmp);
258 unistr2_to_ascii(tmp, &s1->uni_acct_desc, sizeof(tmp));
259 printf("Desc: %s\n", tmp);
262 static void display_sam_info_2(SAM_ENTRY2 *e2, SAM_STR2 *s2)
266 printf("index: 0x%x ", e2->user_idx);
267 printf("RID: 0x%x ", e2->rid_user);
268 printf("acb: 0x%x ", e2->acb_info);
270 unistr2_to_ascii(tmp, &s2->uni_srv_name, sizeof(tmp));
271 printf("Account: %s\t", tmp);
273 unistr2_to_ascii(tmp, &s2->uni_srv_desc, sizeof(tmp));
274 printf("Name: %s\n", tmp);
278 static void display_sam_info_3(SAM_ENTRY3 *e3, SAM_STR3 *s3)
282 printf("index: 0x%x ", e3->grp_idx);
283 printf("RID: 0x%x ", e3->rid_grp);
284 printf("attr: 0x%x ", e3->attr);
286 unistr2_to_ascii(tmp, &s3->uni_grp_name, sizeof(tmp));
287 printf("Account: %s\t", tmp);
289 unistr2_to_ascii(tmp, &s3->uni_grp_desc, sizeof(tmp));
290 printf("Name: %s\n", tmp);
294 static void display_sam_info_4(SAM_ENTRY4 *e4, SAM_STR4 *s4)
298 printf("index: %d ", e4->user_idx);
301 for (i=0; i<s4->acct_name.str_str_len; i++)
302 printf("%c", s4->acct_name.buffer[i]);
307 static void display_sam_info_5(SAM_ENTRY5 *e5, SAM_STR5 *s5)
311 printf("index: 0x%x ", e5->grp_idx);
314 for (i=0; i<s5->grp_name.str_str_len; i++)
315 printf("%c", s5->grp_name.buffer[i]);
320 /****************************************************************************
321 Try samr_connect4 first, then samr_connect2 if it fails
322 ****************************************************************************/
323 static NTSTATUS try_samr_connects(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
324 uint32 access_mask, POLICY_HND *connect_pol)
326 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
328 result = rpccli_samr_Connect4(cli, mem_ctx,
333 if (!NT_STATUS_IS_OK(result)) {
334 result = rpccli_samr_Connect2(cli, mem_ctx,
342 /**********************************************************************
343 * Query user information
345 static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli,
347 int argc, const char **argv)
349 POLICY_HND connect_pol, domain_pol, user_pol;
350 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
351 uint32 info_level = 21;
352 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
353 SAM_USERINFO_CTR *user_ctr;
357 if ((argc < 2) || (argc > 4)) {
358 printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
362 sscanf(argv[1], "%i", &user_rid);
365 sscanf(argv[2], "%i", &info_level);
368 sscanf(argv[3], "%x", &access_mask);
371 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
374 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
377 if (!NT_STATUS_IS_OK(result))
380 result = rpccli_samr_OpenDomain(cli, mem_ctx,
382 MAXIMUM_ALLOWED_ACCESS,
385 if (!NT_STATUS_IS_OK(result))
388 result = rpccli_samr_OpenUser(cli, mem_ctx,
394 if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
397 /* Probably this was a user name, try lookupnames */
399 uint32 *rids, *types;
401 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
406 if (NT_STATUS_IS_OK(result)) {
407 result = rpccli_samr_OpenUser(cli, mem_ctx,
416 if (!NT_STATUS_IS_OK(result))
419 ZERO_STRUCT(user_ctr);
421 result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol,
422 info_level, &user_ctr);
424 if (!NT_STATUS_IS_OK(result))
427 switch (user_ctr->switch_value) {
429 display_sam_user_info_7(user_ctr->info.id7);
432 display_sam_user_info_9(user_ctr->info.id9);
435 display_sam_user_info_16(user_ctr->info.id16);
438 display_sam_user_info_21(user_ctr->info.id21);
441 printf("Unsupported infolevel: %d\n", info_level);
445 rpccli_samr_Close(cli, mem_ctx, &user_pol);
446 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
447 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
453 /****************************************************************************
455 ****************************************************************************/
456 static void display_group_info1(GROUP_INFO1 *info1)
460 unistr2_to_ascii(temp, &info1->uni_acct_name, sizeof(temp));
461 printf("\tGroup Name:\t%s\n", temp);
462 unistr2_to_ascii(temp, &info1->uni_acct_desc, sizeof(temp));
463 printf("\tDescription:\t%s\n", temp);
464 printf("\tGroup Attribute:%d\n", info1->group_attr);
465 printf("\tNum Members:%d\n", info1->num_members);
468 /****************************************************************************
470 ****************************************************************************/
471 static void display_group_info2(GROUP_INFO2 *info2)
475 unistr2_to_ascii(name, &info2->uni_acct_name, sizeof(name));
476 printf("\tGroup Description:%s\n", name);
480 /****************************************************************************
482 ****************************************************************************/
483 static void display_group_info3(GROUP_INFO3 *info3)
485 printf("\tGroup Attribute:%d\n", info3->group_attr);
489 /****************************************************************************
491 ****************************************************************************/
492 static void display_group_info4(GROUP_INFO4 *info4)
496 unistr2_to_ascii(desc, &info4->uni_acct_desc, sizeof(desc));
497 printf("\tGroup Description:%s\n", desc);
500 /****************************************************************************
502 ****************************************************************************/
503 static void display_group_info5(GROUP_INFO5 *info5)
507 unistr2_to_ascii(temp, &info5->uni_acct_name, sizeof(temp));
508 printf("\tGroup Name:\t%s\n", temp);
509 unistr2_to_ascii(temp, &info5->uni_acct_desc, sizeof(temp));
510 printf("\tDescription:\t%s\n", temp);
511 printf("\tGroup Attribute:%d\n", info5->group_attr);
512 printf("\tNum Members:%d\n", info5->num_members);
515 /****************************************************************************
516 display sam sync structure
517 ****************************************************************************/
518 static void display_group_info_ctr(GROUP_INFO_CTR *ctr)
520 switch (ctr->switch_value1) {
522 display_group_info1(&ctr->group.info1);
525 display_group_info2(&ctr->group.info2);
528 display_group_info3(&ctr->group.info3);
531 display_group_info4(&ctr->group.info4);
534 display_group_info5(&ctr->group.info5);
540 /***********************************************************************
541 * Query group information
543 static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli,
545 int argc, const char **argv)
547 POLICY_HND connect_pol, domain_pol, group_pol;
548 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
549 uint32 info_level = 1;
550 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
551 GROUP_INFO_CTR *group_ctr;
555 if ((argc < 2) || (argc > 4)) {
556 printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
560 sscanf(argv[1], "%i", &group_rid);
563 sscanf(argv[2], "%i", &info_level);
566 sscanf(argv[3], "%x", &access_mask);
568 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
571 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
574 if (!NT_STATUS_IS_OK(result))
577 result = rpccli_samr_OpenDomain(cli, mem_ctx,
579 MAXIMUM_ALLOWED_ACCESS,
583 if (!NT_STATUS_IS_OK(result))
586 result = rpccli_samr_OpenGroup(cli, mem_ctx,
592 if (!NT_STATUS_IS_OK(result))
595 result = rpccli_samr_query_groupinfo(cli, mem_ctx, &group_pol,
596 info_level, &group_ctr);
597 if (!NT_STATUS_IS_OK(result)) {
601 display_group_info_ctr(group_ctr);
603 rpccli_samr_Close(cli, mem_ctx, &group_pol);
604 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
605 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
610 /* Query groups a user is a member of */
612 static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli,
614 int argc, const char **argv)
616 POLICY_HND connect_pol,
619 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
622 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
627 if ((argc < 2) || (argc > 3)) {
628 printf("Usage: %s rid [access mask]\n", argv[0]);
632 sscanf(argv[1], "%i", &user_rid);
635 sscanf(argv[2], "%x", &access_mask);
637 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
640 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
643 if (!NT_STATUS_IS_OK(result))
646 result = rpccli_samr_OpenDomain(cli, mem_ctx,
648 MAXIMUM_ALLOWED_ACCESS,
649 &domain_sid, &domain_pol);
651 if (!NT_STATUS_IS_OK(result))
654 result = rpccli_samr_OpenUser(cli, mem_ctx,
660 if (!NT_STATUS_IS_OK(result))
663 result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol,
664 &num_groups, &user_gids);
666 if (!NT_STATUS_IS_OK(result))
669 for (i = 0; i < num_groups; i++) {
670 printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
671 user_gids[i].g_rid, user_gids[i].attr);
674 rpccli_samr_Close(cli, mem_ctx, &user_pol);
675 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
676 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
681 /* Query aliases a user is a member of */
683 static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli,
685 int argc, const char **argv)
687 POLICY_HND connect_pol, domain_pol;
688 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
691 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
694 struct lsa_SidArray sid_array;
695 struct samr_Ids alias_rids;
698 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
699 return NT_STATUS_INVALID_PARAMETER;
705 for (i=2; i<argc; i++) {
707 if (!string_to_sid(&tmp_sid, argv[i])) {
708 printf("%s is not a legal SID\n", argv[i]);
709 return NT_STATUS_INVALID_PARAMETER;
711 result = add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids);
712 if (!NT_STATUS_IS_OK(result)) {
718 sid_array.sids = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_SidPtr, num_sids);
719 if (sid_array.sids == NULL)
720 return NT_STATUS_NO_MEMORY;
722 sid_array.sids = NULL;
725 for (i=0; i<num_sids; i++) {
726 sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
727 if (!sid_array.sids[i].sid) {
728 return NT_STATUS_NO_MEMORY;
732 sid_array.num_sids = num_sids;
734 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
737 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
740 if (!NT_STATUS_IS_OK(result))
743 if (StrCaseCmp(argv[1], "domain")==0)
744 result = rpccli_samr_OpenDomain(cli, mem_ctx,
747 &domain_sid, &domain_pol);
748 else if (StrCaseCmp(argv[1], "builtin")==0)
749 result = rpccli_samr_OpenDomain(cli, mem_ctx,
752 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
755 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
756 return NT_STATUS_INVALID_PARAMETER;
759 if (!NT_STATUS_IS_OK(result))
762 result = rpccli_samr_GetAliasMembership(cli, mem_ctx,
766 if (!NT_STATUS_IS_OK(result))
769 for (i = 0; i < alias_rids.count; i++) {
770 printf("\tgroup rid:[0x%x]\n", alias_rids.ids[i]);
773 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
774 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
779 /* Query members of a group */
781 static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli,
783 int argc, const char **argv)
785 POLICY_HND connect_pol, domain_pol, group_pol;
786 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
788 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
791 unsigned int old_timeout;
792 struct samr_RidTypeArray *rids = NULL;
794 if ((argc < 2) || (argc > 3)) {
795 printf("Usage: %s rid [access mask]\n", argv[0]);
799 sscanf(argv[1], "%i", &group_rid);
802 sscanf(argv[2], "%x", &access_mask);
804 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
807 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
810 if (!NT_STATUS_IS_OK(result))
813 result = rpccli_samr_OpenDomain(cli, mem_ctx,
815 MAXIMUM_ALLOWED_ACCESS,
819 if (!NT_STATUS_IS_OK(result))
822 result = rpccli_samr_OpenGroup(cli, mem_ctx,
828 if (!NT_STATUS_IS_OK(result))
831 /* Make sure to wait for our DC's reply */
832 old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
834 result = rpccli_samr_QueryGroupMember(cli, mem_ctx,
838 cli_set_timeout(cli->cli, old_timeout);
840 if (!NT_STATUS_IS_OK(result))
843 for (i = 0; i < rids->count; i++) {
844 printf("\trid:[0x%x] attr:[0x%x]\n", rids->rids[i],
848 rpccli_samr_Close(cli, mem_ctx, &group_pol);
849 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
850 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
855 /* Enumerate domain users */
857 static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
859 int argc, const char **argv)
861 POLICY_HND connect_pol, domain_pol;
862 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
863 uint32 start_idx, size, num_dom_users, i;
866 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
867 uint32 acb_mask = ACB_NORMAL;
868 bool got_connect_pol = False, got_domain_pol = False;
870 if ((argc < 1) || (argc > 3)) {
871 printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
876 sscanf(argv[1], "%x", &access_mask);
879 sscanf(argv[2], "%x", &acb_mask);
881 /* Get sam policy handle */
883 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
886 if (!NT_STATUS_IS_OK(result))
889 got_connect_pol = True;
891 /* Get domain policy handle */
893 result = rpccli_samr_OpenDomain(cli, mem_ctx,
899 if (!NT_STATUS_IS_OK(result))
902 got_domain_pol = True;
904 /* Enumerate domain users */
910 result = rpccli_samr_enum_dom_users(
911 cli, mem_ctx, &domain_pol, &start_idx, acb_mask,
912 size, &dom_users, &dom_rids, &num_dom_users);
914 if (NT_STATUS_IS_OK(result) ||
915 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
917 for (i = 0; i < num_dom_users; i++)
918 printf("user:[%s] rid:[0x%x]\n",
919 dom_users[i], dom_rids[i]);
922 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
926 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
929 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
934 /* Enumerate domain groups */
936 static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
938 int argc, const char **argv)
940 POLICY_HND connect_pol, domain_pol;
941 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
942 uint32 start_idx, size, num_dom_groups, i;
943 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
944 struct acct_info *dom_groups;
945 bool got_connect_pol = False, got_domain_pol = False;
947 if ((argc < 1) || (argc > 2)) {
948 printf("Usage: %s [access_mask]\n", argv[0]);
953 sscanf(argv[1], "%x", &access_mask);
955 /* Get sam policy handle */
957 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
960 if (!NT_STATUS_IS_OK(result))
963 got_connect_pol = True;
965 /* Get domain policy handle */
967 result = rpccli_samr_OpenDomain(cli, mem_ctx,
973 if (!NT_STATUS_IS_OK(result))
976 got_domain_pol = True;
978 /* Enumerate domain groups */
984 result = rpccli_samr_enum_dom_groups(
985 cli, mem_ctx, &domain_pol, &start_idx, size,
986 &dom_groups, &num_dom_groups);
988 if (NT_STATUS_IS_OK(result) ||
989 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
991 for (i = 0; i < num_dom_groups; i++)
992 printf("group:[%s] rid:[0x%x]\n",
993 dom_groups[i].acct_name,
997 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1001 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1003 if (got_connect_pol)
1004 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1009 /* Enumerate alias groups */
1011 static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli,
1012 TALLOC_CTX *mem_ctx,
1013 int argc, const char **argv)
1015 POLICY_HND connect_pol, domain_pol;
1016 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1017 uint32 start_idx, size, num_als_groups, i;
1018 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1019 struct acct_info *als_groups;
1020 bool got_connect_pol = False, got_domain_pol = False;
1022 if ((argc < 2) || (argc > 3)) {
1023 printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
1024 return NT_STATUS_OK;
1028 sscanf(argv[2], "%x", &access_mask);
1030 /* Get sam policy handle */
1032 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1035 if (!NT_STATUS_IS_OK(result))
1038 got_connect_pol = True;
1040 /* Get domain policy handle */
1042 if (StrCaseCmp(argv[1], "domain")==0)
1043 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1048 else if (StrCaseCmp(argv[1], "builtin")==0)
1049 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1052 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1055 return NT_STATUS_OK;
1057 if (!NT_STATUS_IS_OK(result))
1060 got_domain_pol = True;
1062 /* Enumerate alias groups */
1065 size = 0xffff; /* Number of groups to retrieve */
1068 result = rpccli_samr_enum_als_groups(
1069 cli, mem_ctx, &domain_pol, &start_idx, size,
1070 &als_groups, &num_als_groups);
1072 if (NT_STATUS_IS_OK(result) ||
1073 NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1075 for (i = 0; i < num_als_groups; i++)
1076 printf("group:[%s] rid:[0x%x]\n",
1077 als_groups[i].acct_name,
1080 } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1084 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1086 if (got_connect_pol)
1087 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1092 /* Query alias membership */
1094 static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli,
1095 TALLOC_CTX *mem_ctx,
1096 int argc, const char **argv)
1098 POLICY_HND connect_pol, domain_pol, alias_pol;
1099 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1100 uint32 alias_rid, i;
1101 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1102 struct lsa_SidArray sid_array;
1104 if ((argc < 3) || (argc > 4)) {
1105 printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
1106 return NT_STATUS_OK;
1109 sscanf(argv[2], "%i", &alias_rid);
1112 sscanf(argv[3], "%x", &access_mask);
1114 /* Open SAMR handle */
1116 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1119 if (!NT_STATUS_IS_OK(result))
1122 /* Open handle on domain */
1124 if (StrCaseCmp(argv[1], "domain")==0)
1125 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1127 MAXIMUM_ALLOWED_ACCESS,
1130 else if (StrCaseCmp(argv[1], "builtin")==0)
1131 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1133 MAXIMUM_ALLOWED_ACCESS,
1134 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1137 return NT_STATUS_OK;
1139 if (!NT_STATUS_IS_OK(result))
1142 /* Open handle on alias */
1144 result = rpccli_samr_OpenAlias(cli, mem_ctx,
1149 if (!NT_STATUS_IS_OK(result))
1152 result = rpccli_samr_GetMembersInAlias(cli, mem_ctx,
1156 if (!NT_STATUS_IS_OK(result))
1159 for (i = 0; i < sid_array.num_sids; i++) {
1162 sid_to_fstring(sid_str, sid_array.sids[i].sid);
1163 printf("\tsid:[%s]\n", sid_str);
1166 rpccli_samr_Close(cli, mem_ctx, &alias_pol);
1167 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1168 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1173 /* Query delete an alias membership */
1175 static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli,
1176 TALLOC_CTX *mem_ctx,
1177 int argc, const char **argv)
1179 POLICY_HND connect_pol, domain_pol, alias_pol;
1180 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1182 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1185 printf("Usage: %s builtin|domain [rid|name]\n", argv[0]);
1186 return NT_STATUS_OK;
1189 alias_rid = strtoul(argv[2], NULL, 10);
1191 /* Open SAMR handle */
1193 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1196 if (!NT_STATUS_IS_OK(result))
1199 /* Open handle on domain */
1201 if (StrCaseCmp(argv[1], "domain")==0)
1202 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1204 MAXIMUM_ALLOWED_ACCESS,
1207 else if (StrCaseCmp(argv[1], "builtin")==0)
1208 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1210 MAXIMUM_ALLOWED_ACCESS,
1211 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1214 return NT_STATUS_INVALID_PARAMETER;
1216 if (!NT_STATUS_IS_OK(result))
1219 /* Open handle on alias */
1221 result = rpccli_samr_OpenAlias(cli, mem_ctx,
1226 if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
1227 /* Probably this was a user name, try lookupnames */
1229 uint32 *rids, *types;
1231 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1236 if (NT_STATUS_IS_OK(result)) {
1237 result = rpccli_samr_OpenAlias(cli, mem_ctx,
1245 result = rpccli_samr_DeleteDomAlias(cli, mem_ctx,
1248 if (!NT_STATUS_IS_OK(result))
1251 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1252 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1257 /* Query display info */
1259 static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli,
1260 TALLOC_CTX *mem_ctx,
1261 int argc, const char **argv)
1263 POLICY_HND connect_pol, domain_pol;
1264 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1265 uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i;
1266 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1267 uint32 info_level = 1;
1268 SAM_DISPINFO_CTR ctr;
1269 SAM_DISPINFO_1 info1;
1270 SAM_DISPINFO_2 info2;
1271 SAM_DISPINFO_3 info3;
1272 SAM_DISPINFO_4 info4;
1273 SAM_DISPINFO_5 info5;
1275 bool got_params = False; /* Use get_query_dispinfo_params() or not? */
1278 printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1279 return NT_STATUS_OK;
1283 sscanf(argv[1], "%i", &info_level);
1286 sscanf(argv[2], "%i", &start_idx);
1289 sscanf(argv[3], "%i", &max_entries);
1294 sscanf(argv[4], "%i", &max_size);
1299 sscanf(argv[5], "%x", &access_mask);
1301 /* Get sam policy handle */
1303 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1306 if (!NT_STATUS_IS_OK(result))
1309 /* Get domain policy handle */
1311 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1317 if (!NT_STATUS_IS_OK(result))
1320 /* Query display info */
1325 switch (info_level) {
1328 ctr.sam.info1 = &info1;
1332 ctr.sam.info2 = &info2;
1336 ctr.sam.info3 = &info3;
1340 ctr.sam.info4 = &info4;
1344 ctr.sam.info5 = &info5;
1352 get_query_dispinfo_params(
1353 loop_count, &max_entries, &max_size);
1355 result = rpccli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
1356 &start_idx, info_level,
1357 &num_entries, max_entries,
1362 if (NT_STATUS_IS_ERR(result))
1365 if (num_entries == 0)
1368 for (i = 0; i < num_entries; i++) {
1369 switch (info_level) {
1371 display_sam_info_1(&ctr.sam.info1->sam[i], &ctr.sam.info1->str[i]);
1374 display_sam_info_2(&ctr.sam.info2->sam[i], &ctr.sam.info2->str[i]);
1377 display_sam_info_3(&ctr.sam.info3->sam[i], &ctr.sam.info3->str[i]);
1380 display_sam_info_4(&ctr.sam.info4->sam[i], &ctr.sam.info4->str[i]);
1383 display_sam_info_5(&ctr.sam.info5->sam[i], &ctr.sam.info5->str[i]);
1387 } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1389 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1390 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1395 /* Query domain info */
1397 static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli,
1398 TALLOC_CTX *mem_ctx,
1399 int argc, const char **argv)
1401 POLICY_HND connect_pol, domain_pol;
1402 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1403 uint32 switch_level = 2;
1404 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1405 union samr_DomainInfo *info = NULL;
1408 printf("Usage: %s [info level] [access mask]\n", argv[0]);
1409 return NT_STATUS_OK;
1413 sscanf(argv[1], "%i", &switch_level);
1416 sscanf(argv[2], "%x", &access_mask);
1418 /* Get sam policy handle */
1420 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1423 if (!NT_STATUS_IS_OK(result))
1426 /* Get domain policy handle */
1428 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1434 if (!NT_STATUS_IS_OK(result))
1437 /* Query domain info */
1439 result = rpccli_samr_QueryDomainInfo(cli, mem_ctx,
1444 if (!NT_STATUS_IS_OK(result))
1447 /* Display domain info */
1449 switch (switch_level) {
1451 display_sam_dom_info_1(&info->info1);
1454 display_sam_dom_info_2(&info->info2);
1457 display_sam_dom_info_3(&info->info3);
1460 display_sam_dom_info_4(&info->info4);
1463 display_sam_dom_info_5(&info->info5);
1466 display_sam_dom_info_6(&info->info6);
1469 display_sam_dom_info_7(&info->info7);
1472 display_sam_dom_info_8(&info->info8);
1475 display_sam_dom_info_9(&info->info9);
1478 display_sam_dom_info_12(&info->info12);
1481 display_sam_dom_info_13(&info->info13);
1485 printf("cannot display domain info for switch value %d\n",
1492 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1493 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1497 /* Create domain user */
1499 static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli,
1500 TALLOC_CTX *mem_ctx,
1501 int argc, const char **argv)
1503 POLICY_HND connect_pol, domain_pol, user_pol;
1504 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1505 struct lsa_String acct_name;
1507 uint32 acct_flags, user_rid;
1508 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1509 uint32_t access_granted = 0;
1511 if ((argc < 2) || (argc > 3)) {
1512 printf("Usage: %s username [access mask]\n", argv[0]);
1513 return NT_STATUS_OK;
1516 init_lsa_String(&acct_name, argv[1]);
1519 sscanf(argv[2], "%x", &access_mask);
1521 /* Get sam policy handle */
1523 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1526 if (!NT_STATUS_IS_OK(result))
1529 /* Get domain policy handle */
1531 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1537 if (!NT_STATUS_IS_OK(result))
1540 /* Create domain user */
1542 acb_info = ACB_NORMAL;
1543 acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
1544 SEC_STD_WRITE_DAC | SEC_STD_DELETE |
1545 SAMR_USER_ACCESS_SET_PASSWORD |
1546 SAMR_USER_ACCESS_GET_ATTRIBUTES |
1547 SAMR_USER_ACCESS_SET_ATTRIBUTES;
1549 result = rpccli_samr_CreateUser2(cli, mem_ctx,
1558 if (!NT_STATUS_IS_OK(result))
1561 result = rpccli_samr_Close(cli, mem_ctx, &user_pol);
1562 if (!NT_STATUS_IS_OK(result)) goto done;
1564 result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1565 if (!NT_STATUS_IS_OK(result)) goto done;
1567 result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1568 if (!NT_STATUS_IS_OK(result)) goto done;
1574 /* Create domain group */
1576 static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
1577 TALLOC_CTX *mem_ctx,
1578 int argc, const char **argv)
1580 POLICY_HND connect_pol, domain_pol, group_pol;
1581 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1582 struct lsa_String grp_name;
1583 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1586 if ((argc < 2) || (argc > 3)) {
1587 printf("Usage: %s groupname [access mask]\n", argv[0]);
1588 return NT_STATUS_OK;
1591 init_lsa_String(&grp_name, argv[1]);
1594 sscanf(argv[2], "%x", &access_mask);
1596 /* Get sam policy handle */
1598 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1601 if (!NT_STATUS_IS_OK(result))
1604 /* Get domain policy handle */
1606 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1612 if (!NT_STATUS_IS_OK(result))
1615 /* Create domain user */
1616 result = rpccli_samr_CreateDomainGroup(cli, mem_ctx,
1619 MAXIMUM_ALLOWED_ACCESS,
1623 if (!NT_STATUS_IS_OK(result))
1626 result = rpccli_samr_Close(cli, mem_ctx, &group_pol);
1627 if (!NT_STATUS_IS_OK(result)) goto done;
1629 result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1630 if (!NT_STATUS_IS_OK(result)) goto done;
1632 result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1633 if (!NT_STATUS_IS_OK(result)) goto done;
1639 /* Create domain alias */
1641 static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli,
1642 TALLOC_CTX *mem_ctx,
1643 int argc, const char **argv)
1645 POLICY_HND connect_pol, domain_pol, alias_pol;
1646 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1647 struct lsa_String alias_name;
1648 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1651 if ((argc < 2) || (argc > 3)) {
1652 printf("Usage: %s aliasname [access mask]\n", argv[0]);
1653 return NT_STATUS_OK;
1656 init_lsa_String(&alias_name, argv[1]);
1659 sscanf(argv[2], "%x", &access_mask);
1661 /* Get sam policy handle */
1663 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1666 if (!NT_STATUS_IS_OK(result))
1669 /* Get domain policy handle */
1671 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1677 if (!NT_STATUS_IS_OK(result))
1680 /* Create domain user */
1682 result = rpccli_samr_CreateDomAlias(cli, mem_ctx,
1685 MAXIMUM_ALLOWED_ACCESS,
1689 if (!NT_STATUS_IS_OK(result))
1692 result = rpccli_samr_Close(cli, mem_ctx, &alias_pol);
1693 if (!NT_STATUS_IS_OK(result)) goto done;
1695 result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1696 if (!NT_STATUS_IS_OK(result)) goto done;
1698 result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1699 if (!NT_STATUS_IS_OK(result)) goto done;
1705 /* Lookup sam names */
1707 static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli,
1708 TALLOC_CTX *mem_ctx,
1709 int argc, const char **argv)
1711 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1712 POLICY_HND connect_pol, domain_pol;
1713 uint32 flags = 0x000003e8; /* Unknown */
1714 uint32 num_rids, num_names, *name_types, *rids;
1719 printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
1720 printf("check on the domain SID: S-1-5-21-x-y-z\n");
1721 printf("or check on the builtin SID: S-1-5-32\n");
1722 return NT_STATUS_OK;
1725 /* Get sam policy and domain handles */
1727 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1730 if (!NT_STATUS_IS_OK(result))
1733 if (StrCaseCmp(argv[1], "domain")==0)
1734 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1736 MAXIMUM_ALLOWED_ACCESS,
1739 else if (StrCaseCmp(argv[1], "builtin")==0)
1740 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1742 MAXIMUM_ALLOWED_ACCESS,
1743 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1746 return NT_STATUS_OK;
1748 if (!NT_STATUS_IS_OK(result))
1753 num_names = argc - 2;
1755 if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
1756 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1757 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1758 result = NT_STATUS_NO_MEMORY;
1762 for (i = 0; i < num_names; i++)
1763 names[i] = argv[i + 2];
1765 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1766 flags, num_names, names,
1767 &num_rids, &rids, &name_types);
1769 if (!NT_STATUS_IS_OK(result))
1772 /* Display results */
1774 for (i = 0; i < num_names; i++)
1775 printf("name %s: 0x%x (%d)\n", names[i], rids[i],
1778 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1779 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1784 /* Lookup sam rids */
1786 static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli,
1787 TALLOC_CTX *mem_ctx,
1788 int argc, const char **argv)
1790 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1791 POLICY_HND connect_pol, domain_pol;
1792 uint32 num_rids, num_names, *rids, *name_types;
1797 printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
1798 return NT_STATUS_OK;
1801 /* Get sam policy and domain handles */
1803 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1806 if (!NT_STATUS_IS_OK(result))
1809 if (StrCaseCmp(argv[1], "domain")==0)
1810 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1812 MAXIMUM_ALLOWED_ACCESS,
1815 else if (StrCaseCmp(argv[1], "builtin")==0)
1816 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1818 MAXIMUM_ALLOWED_ACCESS,
1819 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1822 return NT_STATUS_OK;
1824 if (!NT_STATUS_IS_OK(result))
1829 num_rids = argc - 2;
1831 if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
1832 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1833 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1834 result = NT_STATUS_NO_MEMORY;
1838 for (i = 0; i < argc - 2; i++)
1839 sscanf(argv[i + 2], "%i", &rids[i]);
1841 result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
1842 &num_names, &names, &name_types);
1844 if (!NT_STATUS_IS_OK(result) &&
1845 !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1848 /* Display results */
1850 for (i = 0; i < num_names; i++)
1851 printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]);
1853 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1854 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1859 /* Delete domain group */
1861 static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli,
1862 TALLOC_CTX *mem_ctx,
1863 int argc, const char **argv)
1865 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1866 POLICY_HND connect_pol, domain_pol, group_pol;
1867 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1869 if ((argc < 2) || (argc > 3)) {
1870 printf("Usage: %s groupname\n", argv[0]);
1871 return NT_STATUS_OK;
1875 sscanf(argv[2], "%x", &access_mask);
1877 /* Get sam policy and domain handles */
1879 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1882 if (!NT_STATUS_IS_OK(result))
1885 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1887 MAXIMUM_ALLOWED_ACCESS,
1891 if (!NT_STATUS_IS_OK(result))
1894 /* Get handle on group */
1897 uint32 *group_rids, num_rids, *name_types;
1898 uint32 flags = 0x000003e8; /* Unknown */
1900 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1901 flags, 1, (const char **)&argv[1],
1902 &num_rids, &group_rids,
1905 if (!NT_STATUS_IS_OK(result))
1908 result = rpccli_samr_OpenGroup(cli, mem_ctx,
1914 if (!NT_STATUS_IS_OK(result))
1920 result = rpccli_samr_DeleteDomainGroup(cli, mem_ctx,
1923 if (!NT_STATUS_IS_OK(result))
1926 /* Display results */
1928 rpccli_samr_Close(cli, mem_ctx, &group_pol);
1929 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1930 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1936 /* Delete domain user */
1938 static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli,
1939 TALLOC_CTX *mem_ctx,
1940 int argc, const char **argv)
1942 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1943 POLICY_HND connect_pol, domain_pol, user_pol;
1944 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1946 if ((argc < 2) || (argc > 3)) {
1947 printf("Usage: %s username\n", argv[0]);
1948 return NT_STATUS_OK;
1952 sscanf(argv[2], "%x", &access_mask);
1954 /* Get sam policy and domain handles */
1956 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1959 if (!NT_STATUS_IS_OK(result))
1962 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1964 MAXIMUM_ALLOWED_ACCESS,
1968 if (!NT_STATUS_IS_OK(result))
1971 /* Get handle on user */
1974 uint32 *user_rids, num_rids, *name_types;
1975 uint32 flags = 0x000003e8; /* Unknown */
1977 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1978 flags, 1, (const char **)&argv[1],
1979 &num_rids, &user_rids,
1982 if (!NT_STATUS_IS_OK(result))
1985 result = rpccli_samr_OpenUser(cli, mem_ctx,
1991 if (!NT_STATUS_IS_OK(result))
1997 result = rpccli_samr_DeleteUser(cli, mem_ctx,
2000 if (!NT_STATUS_IS_OK(result))
2003 /* Display results */
2005 rpccli_samr_Close(cli, mem_ctx, &user_pol);
2006 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2007 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2013 /**********************************************************************
2014 * Query user security object
2016 static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
2017 TALLOC_CTX *mem_ctx,
2018 int argc, const char **argv)
2020 POLICY_HND connect_pol, domain_pol, user_pol, *pol;
2021 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2022 uint32 sec_info = DACL_SECURITY_INFORMATION;
2024 uint32 user_rid = 0;
2025 TALLOC_CTX *ctx = NULL;
2026 SEC_DESC_BUF *sec_desc_buf=NULL;
2027 bool domain = False;
2029 ctx=talloc_init("cmd_samr_query_sec_obj");
2031 if ((argc < 1) || (argc > 3)) {
2032 printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]);
2033 printf("\tSpecify rid for security on user, -d for security on domain\n");
2034 talloc_destroy(ctx);
2035 return NT_STATUS_OK;
2039 if (strcmp(argv[1], "-d") == 0)
2042 sscanf(argv[1], "%i", &user_rid);
2046 sec_info = atoi(argv[2]);
2049 slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
2051 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2054 if (!NT_STATUS_IS_OK(result))
2057 if (domain || user_rid)
2058 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2060 MAXIMUM_ALLOWED_ACCESS,
2064 if (!NT_STATUS_IS_OK(result))
2068 result = rpccli_samr_OpenUser(cli, mem_ctx,
2070 MAXIMUM_ALLOWED_ACCESS,
2074 if (!NT_STATUS_IS_OK(result))
2077 /* Pick which query pol to use */
2087 /* Query SAM security object */
2089 result = rpccli_samr_QuerySecurity(cli, mem_ctx,
2094 if (!NT_STATUS_IS_OK(result))
2097 display_sec_desc(sec_desc_buf->sd);
2099 rpccli_samr_Close(cli, mem_ctx, &user_pol);
2100 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2101 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2103 talloc_destroy(ctx);
2107 static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli,
2108 TALLOC_CTX *mem_ctx,
2109 int argc, const char **argv)
2111 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2112 POLICY_HND connect_pol, domain_pol, user_pol;
2113 struct samr_PwInfo info;
2117 printf("Usage: %s rid\n", argv[0]);
2118 return NT_STATUS_OK;
2121 sscanf(argv[1], "%i", &rid);
2123 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2126 if (!NT_STATUS_IS_OK(result)) {
2130 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2132 MAXIMUM_ALLOWED_ACCESS,
2136 if (!NT_STATUS_IS_OK(result)) {
2140 result = rpccli_samr_OpenUser(cli, mem_ctx,
2142 MAXIMUM_ALLOWED_ACCESS,
2146 if (!NT_STATUS_IS_OK(result)) {
2150 result = rpccli_samr_GetUserPwInfo(cli, mem_ctx, &user_pol, &info);
2151 if (NT_STATUS_IS_OK(result)) {
2152 printf("min_password_length: %d\n", info.min_password_length);
2154 NDR_PRINT_STRUCT_STRING(mem_ctx,
2155 samr_PasswordProperties, &info.password_properties));
2159 rpccli_samr_Close(cli, mem_ctx, &user_pol);
2160 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2161 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2166 static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
2167 TALLOC_CTX *mem_ctx,
2168 int argc, const char **argv)
2170 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2171 struct lsa_String domain_name;
2172 struct samr_PwInfo info;
2174 if (argc < 1 || argc > 3) {
2175 printf("Usage: %s <domain>\n", argv[0]);
2176 return NT_STATUS_OK;
2179 init_lsa_String(&domain_name, argv[1]);
2181 result = rpccli_samr_GetDomPwInfo(cli, mem_ctx, &domain_name, &info);
2183 if (NT_STATUS_IS_OK(result)) {
2184 printf("min_password_length: %d\n", info.min_password_length);
2185 display_password_properties(info.password_properties);
2191 /* Look up domain name */
2193 static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli,
2194 TALLOC_CTX *mem_ctx,
2195 int argc, const char **argv)
2197 POLICY_HND connect_pol, domain_pol;
2198 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2199 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2201 struct lsa_String domain_name;
2202 DOM_SID *sid = NULL;
2205 printf("Usage: %s domain_name\n", argv[0]);
2206 return NT_STATUS_OK;
2209 init_lsa_String(&domain_name, argv[1]);
2211 result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol);
2213 if (!NT_STATUS_IS_OK(result))
2216 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2222 if (!NT_STATUS_IS_OK(result))
2225 result = rpccli_samr_LookupDomain(cli, mem_ctx,
2230 if (NT_STATUS_IS_OK(result)) {
2231 sid_to_fstring(sid_string, sid);
2232 printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2233 argv[1], sid_string);
2236 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2237 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2242 /* Change user password */
2244 static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli,
2245 TALLOC_CTX *mem_ctx,
2246 int argc, const char **argv)
2248 POLICY_HND connect_pol, domain_pol;
2249 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2250 const char *user, *oldpass, *newpass;
2251 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2254 printf("Usage: %s username oldpass newpass\n", argv[0]);
2255 return NT_STATUS_INVALID_PARAMETER;
2262 /* Get sam policy handle */
2264 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2267 if (!NT_STATUS_IS_OK(result))
2270 /* Get domain policy handle */
2272 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2278 if (!NT_STATUS_IS_OK(result))
2281 /* Change user password */
2282 result = rpccli_samr_chgpasswd_user(cli, mem_ctx, user, newpass, oldpass);
2284 if (!NT_STATUS_IS_OK(result))
2287 result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2288 if (!NT_STATUS_IS_OK(result)) goto done;
2290 result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2291 if (!NT_STATUS_IS_OK(result)) goto done;
2298 /* Change user password */
2300 static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli,
2301 TALLOC_CTX *mem_ctx,
2302 int argc, const char **argv)
2304 POLICY_HND connect_pol, domain_pol;
2305 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2306 const char *user, *oldpass, *newpass;
2307 uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2308 SAM_UNK_INFO_1 info;
2309 SAMR_CHANGE_REJECT reject;
2312 printf("Usage: %s username oldpass newpass\n", argv[0]);
2313 return NT_STATUS_INVALID_PARAMETER;
2320 /* Get sam policy handle */
2322 result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2325 if (!NT_STATUS_IS_OK(result))
2328 /* Get domain policy handle */
2330 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2336 if (!NT_STATUS_IS_OK(result))
2339 /* Change user password */
2340 result = rpccli_samr_chgpasswd3(cli, mem_ctx, user, newpass, oldpass, &info, &reject);
2342 if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
2344 /*display_sam_dom_info_1(&info);*/
2346 switch (reject.reject_reason) {
2347 case SAMR_REJECT_TOO_SHORT:
2348 d_printf("SAMR_REJECT_TOO_SHORT\n");
2350 case SAMR_REJECT_IN_HISTORY:
2351 d_printf("SAMR_REJECT_IN_HISTORY\n");
2353 case SAMR_REJECT_COMPLEXITY:
2354 d_printf("SAMR_REJECT_COMPLEXITY\n");
2356 case SAMR_REJECT_OTHER:
2357 d_printf("SAMR_REJECT_OTHER\n");
2360 d_printf("unknown reject reason: %d\n", reject.reject_reason);
2365 if (!NT_STATUS_IS_OK(result))
2368 result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2369 if (!NT_STATUS_IS_OK(result)) goto done;
2371 result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2372 if (!NT_STATUS_IS_OK(result)) goto done;
2378 /* List of commands exported by this module */
2380 struct cmd_set samr_commands[] = {
2384 { "queryuser", RPC_RTYPE_NTSTATUS, cmd_samr_query_user, NULL, PI_SAMR, NULL, "Query user info", "" },
2385 { "querygroup", RPC_RTYPE_NTSTATUS, cmd_samr_query_group, NULL, PI_SAMR, NULL, "Query group info", "" },
2386 { "queryusergroups", RPC_RTYPE_NTSTATUS, cmd_samr_query_usergroups, NULL, PI_SAMR, NULL, "Query user groups", "" },
2387 { "queryuseraliases", RPC_RTYPE_NTSTATUS, cmd_samr_query_useraliases, NULL, PI_SAMR, NULL, "Query user aliases", "" },
2388 { "querygroupmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_groupmem, NULL, PI_SAMR, NULL, "Query group membership", "" },
2389 { "queryaliasmem", RPC_RTYPE_NTSTATUS, cmd_samr_query_aliasmem, NULL, PI_SAMR, NULL, "Query alias membership", "" },
2390 { "deletealias", RPC_RTYPE_NTSTATUS, cmd_samr_delete_alias, NULL, PI_SAMR, NULL, "Delete an alias", "" },
2391 { "querydispinfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dispinfo, NULL, PI_SAMR, NULL, "Query display info", "" },
2392 { "querydominfo", RPC_RTYPE_NTSTATUS, cmd_samr_query_dominfo, NULL, PI_SAMR, NULL, "Query domain info", "" },
2393 { "enumdomusers", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_users, NULL, PI_SAMR, NULL, "Enumerate domain users", "" },
2394 { "enumdomgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_groups, NULL, PI_SAMR, NULL, "Enumerate domain groups", "" },
2395 { "enumalsgroups", RPC_RTYPE_NTSTATUS, cmd_samr_enum_als_groups, NULL, PI_SAMR, NULL, "Enumerate alias groups", "" },
2397 { "createdomuser", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user, NULL, PI_SAMR, NULL, "Create domain user", "" },
2398 { "createdomgroup", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group, NULL, PI_SAMR, NULL, "Create domain group", "" },
2399 { "createdomalias", RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias, NULL, PI_SAMR, NULL, "Create domain alias", "" },
2400 { "samlookupnames", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names, NULL, PI_SAMR, NULL, "Look up names", "" },
2401 { "samlookuprids", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids, NULL, PI_SAMR, NULL, "Look up names", "" },
2402 { "deletedomgroup", RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_group, NULL, PI_SAMR, NULL, "Delete domain group", "" },
2403 { "deletedomuser", RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user, NULL, PI_SAMR, NULL, "Delete domain user", "" },
2404 { "samquerysecobj", RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj, NULL, PI_SAMR, NULL, "Query SAMR security object", "" },
2405 { "getdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
2406 { "getusrdompwinfo", RPC_RTYPE_NTSTATUS, cmd_samr_get_usrdom_pwinfo, NULL, PI_SAMR, NULL, "Retrieve user domain password info", "" },
2408 { "lookupdomain", RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain, NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
2409 { "chgpasswd2", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2, NULL, PI_SAMR, NULL, "Change user password", "" },
2410 { "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, PI_SAMR, NULL, "Change user password", "" },