/* packet-dcerpc-samr.c
* Routines for SMB \\PIPE\\samr packet disassembly
* Copyright 2001, Tim Potter <tpot@samba.org>
+ * 2002 Added all command dissectors Ronnie Sahlberg
*
- * $Id: packet-dcerpc-samr.c,v 1.13 2002/02/13 04:14:13 guy Exp $
+ * $Id: packet-dcerpc-samr.c,v 1.14 2002/02/14 05:56:48 guy Exp $
*
* Ethereal - Network traffic analyzer
* By Gerald Combs <gerald@ethereal.com>
static int hf_samr_revision = -1;
static int hf_samr_divisions = -1;
static int hf_samr_info_type = -1;
+static int hf_samr_acb_disabled = -1;
+static int hf_samr_acb_homedirreq = -1;
+static int hf_samr_acb_pwnotreq = -1;
+static int hf_samr_acb_tempdup = -1;
+static int hf_samr_acb_normal = -1;
+static int hf_samr_acb_mns = -1;
+static int hf_samr_acb_domtrust = -1;
+static int hf_samr_acb_wstrust = -1;
+static int hf_samr_acb_svrtrust = -1;
+static int hf_samr_acb_pwnoexp = -1;
+static int hf_samr_acb_autolock = -1;
static int hf_samr_unknown_hyper = -1;
static int hf_samr_unknown_long = -1;
static gint ett_samr_member_array = -1;
static gint ett_samr_names = -1;
static gint ett_samr_rids = -1;
+static gint ett_samr_acct_ctrl = -1;
static e_uuid_t uuid_dcerpc_samr = {
in some more generic file common to all NT services dissectors
*/
+static const true_false_string tfs_samr_acb_disabled = {
+ "Account is DISABLED",
+ "Account is NOT disabled"
+};
+static const true_false_string tfs_samr_acb_homedirreq = {
+ "Homedir is REQUIRED",
+ "Homedir is NOT required"
+};
+static const true_false_string tfs_samr_acb_pwnotreq = {
+ "Password is NOT required",
+ "Password is REQUIRED"
+};
+static const true_false_string tfs_samr_acb_tempdup = {
+ "This is a TEMPORARY DUPLICATE account",
+ "This is NOT a temporary duplicate account"
+};
+static const true_false_string tfs_samr_acb_normal = {
+ "This is a NORMAL USER account",
+ "This is NOT a normal user account"
+};
+static const true_false_string tfs_samr_acb_mns = {
+ "This is a MNS account",
+ "This is NOT a mns account"
+};
+static const true_false_string tfs_samr_acb_domtrust = {
+ "This is a DOMAIN TRUST account",
+ "This is NOT a domain trust account"
+};
+static const true_false_string tfs_samr_acb_wstrust = {
+ "This is a WORKSTATION TRUST account",
+ "This is NOT a workstation trust account"
+};
+static const true_false_string tfs_samr_acb_svrtrust = {
+ "This is a SERVER TRUST account",
+ "This is NOT a server trust account"
+};
+static const true_false_string tfs_samr_acb_pwnoexp = {
+ "Passwords does NOT expire",
+ "Password will EXPIRE"
+};
+static const true_false_string tfs_samr_acb_autolock = {
+ "This account has been AUTO LOCKED",
+ "This account has NOT been auto locked"
+};
+static int
+samr_dissect_acct_ctrl(tvbuff_t *tvb, int offset, packet_info *pinfo,
+ proto_tree *parent_tree, char *drep)
+{
+ guint32 mask;
+ proto_item *item = NULL;
+ proto_tree *tree = NULL;
+ offset=dissect_ndr_uint32(tvb, offset, pinfo, NULL, drep,
+ hf_samr_acct_ctrl, &mask);
+ if(parent_tree){
+ item = proto_tree_add_uint(parent_tree, hf_samr_acct_ctrl,
+ tvb, offset-4, 4, mask);
+ tree = proto_item_add_subtree(item, ett_samr_acct_ctrl);
+ }
+
+ proto_tree_add_boolean(tree, hf_samr_acb_autolock,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_pwnoexp,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_svrtrust,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_wstrust,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_domtrust,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_mns,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_normal,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_tempdup,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_pwnotreq,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_homedirreq,
+ tvb, offset-4, 4, mask);
+ proto_tree_add_boolean(tree, hf_samr_acb_disabled,
+ tvb, offset-4, 4, mask);
-
+ return offset;
+}
static int
samr_dissect_context_handle_reply(tvbuff_t *tvb, int offset,
hf_samr_index, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_rid, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_acct_name, 0);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_index, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_rid, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_acct_name, 0);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_index, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_rid, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_acct_name, 0);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_index, NULL);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_rid, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_acct_name);
offset = dissect_ndr_nt_STRING(tvb, offset, pinfo, tree, drep,
offset = dissect_ndr_pointer(tvb, offset, pinfo, tree, drep,
samr_dissect_pointer_UNICODE_STRING, NDR_POINTER_REF,
"", hf_samr_acct_name, 0);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_access, NULL);
hf_samr_acct_name, 0);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_full_name, 0);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_home, 0);
offset = dissect_ndr_nt_UNICODE_STRING(tvb, offset, pinfo, tree, drep,
hf_samr_logon_count, NULL);
offset = dissect_ndr_uint16 (tvb, offset, pinfo, tree, drep,
hf_samr_bad_pwd_count, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
proto_item_set_len(item, offset-old_offset);
return offset;
hf_samr_pwd_last_set_time);
offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep,
hf_samr_acct_expiry_time);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
proto_item_set_len(item, offset-old_offset);
return offset;
tree = proto_item_add_subtree(item, ett_samr_user_info_19);
}
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep,
hf_samr_logon_time);
offset = dissect_ndr_nt_NTTIME(tvb, offset, pinfo, tree, drep,
hf_samr_rid, NULL);
offset = dissect_ndr_uint32(tvb, offset, pinfo, tree, drep,
hf_samr_group, NULL);
- offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
- hf_samr_acct_ctrl, NULL);
+ offset = samr_dissect_acct_ctrl(tvb, offset, pinfo, tree, drep);
offset = dissect_ndr_uint32 (tvb, offset, pinfo, tree, drep,
hf_samr_unknown_long, NULL);
offset = samr_dissect_LOGON_HOURS(tvb, offset, pinfo, tree, drep);
{ &hf_samr_divisions, {
"Divisions", "samr.divisions", FT_UINT16, BASE_DEC,
NULL, 0, "Number of divisions for LOGON_HOURS", HFILL }},
+ { &hf_samr_acb_disabled, {
+ "", "samr.acb.disabled", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_disabled), 0x0001, "If this account is enabled or disabled", HFILL }},
+ { &hf_samr_acb_homedirreq, {
+ "", "samr.acb.homedirreq", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_homedirreq), 0x0002, "Is hom,edirs required for this account?", HFILL }},
+ { &hf_samr_acb_pwnotreq, {
+ "", "samr.acb.pwnotreq", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_pwnotreq), 0x0004, "If a password is required for this account?", HFILL }},
+ { &hf_samr_acb_tempdup, {
+ "", "samr.acb.tempdup", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_tempdup), 0x0008, "If this is a temporary duplicate account", HFILL }},
+ { &hf_samr_acb_normal, {
+ "", "samr.acb.normal", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_normal), 0x0010, "If this is a normal user account", HFILL }},
+ { &hf_samr_acb_mns, {
+ "", "samr.acb.mns", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_mns), 0x0020, "MNS logon user account", HFILL }},
+ { &hf_samr_acb_domtrust, {
+ "", "samr.acb.domtrust", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_domtrust), 0x0040, "Interdomain trust account", HFILL }},
+ { &hf_samr_acb_wstrust, {
+ "", "samr.acb.wstrust", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_wstrust), 0x0080, "Workstation trust account", HFILL }},
+ { &hf_samr_acb_svrtrust, {
+ "", "samr.acb.svrtrust", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_svrtrust), 0x0100, "Server trust account", HFILL }},
+ { &hf_samr_acb_pwnoexp, {
+ "", "samr.acb.pwnoexp", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_pwnoexp), 0x0200, "If this account expires or not", HFILL }},
+ { &hf_samr_acb_autolock, {
+ "", "samr.acb.autolock", FT_BOOLEAN, 32,
+ TFS(&tfs_samr_acb_autolock), 0x0400, "If this account has been autolocked", HFILL }},
/* these are used by packet-dcerpc-nt.c */
&ett_samr_member_array,
&ett_samr_names,
&ett_samr_rids,
+ &ett_samr_acct_ctrl,
};
proto_dcerpc_samr = proto_register_protocol(