2 Unix SMB/Netbios implementation.
4 NT Domain Authentication SMB / MSRPC client
5 Copyright (C) Andrew Tridgell 1994-1999
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1999
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
31 extern int DEBUGLEVEL;
37 /****************************************************************************
38 nt enumerate trusted domains
39 ****************************************************************************/
40 void cmd_lsa_enum_trust_dom(struct client_info *info, int argc, char *argv[])
44 char **domains = NULL;
45 DOM_SID **sids = NULL;
51 fstrcpy(srv_name, "\\\\");
52 fstrcat(srv_name, info->dest_host);
55 DEBUG(4,("cmd_lsa_enum_trust_dom: server:%s\n", srv_name));
57 /* lookup domain controller; receive a policy handle */
58 res = res ? lsa_open_policy( srv_name,
59 &lsa_pol, False) : False;
63 /* send enum trusted domains query */
64 res = res ? lsa_enum_trust_dom( &lsa_pol,
66 &num_doms, &domains, &sids) : False;
68 } while (res && enum_ctx != 0);
70 res = res ? lsa_close(&lsa_pol) : False;
75 DEBUG(5,("cmd_lsa_enum_trust_dom: query succeeded\n"));
77 report(out_hnd, "LSA Enumerate Trusted Domains\n");
78 for (i = 0; i < num_doms; i++)
81 sid_to_string(sid, sids[i]);
82 report(out_hnd, "Domain:\t%s\tSID:\t%s\n",
88 DEBUG(5,("cmd_lsa_enum_trust_dom: query failed\n"));
91 free_char_array(num_doms, domains);
92 free_sid_array(num_doms, sids);
95 /****************************************************************************
97 ****************************************************************************/
98 void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[])
105 fstrcpy(info->dom.level3_dom, "");
106 fstrcpy(info->dom.level5_dom, "");
107 ZERO_STRUCT(info->dom.level3_sid);
108 ZERO_STRUCT(info->dom.level5_sid);
110 fstrcpy(srv_name, "\\\\");
111 fstrcat(srv_name, info->dest_host);
114 DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name));
116 /* lookup domain controller; receive a policy handle */
117 res = res ? lsa_open_policy( srv_name,
118 &lsa_pol, False) : False;
120 /* send client info query, level 3. receive domain name and sid */
121 res = res ? lsa_query_info_pol( &lsa_pol, 0x03,
122 info->dom.level3_dom,
123 &info->dom.level3_sid) : False;
125 /* send client info query, level 5. receive domain name and sid */
126 res = res ? lsa_query_info_pol( &lsa_pol, 0x05,
127 info->dom.level5_dom,
128 &info->dom.level5_sid) : False;
130 res = res ? lsa_close(&lsa_pol) : False;
134 BOOL domain_something = False;
136 DEBUG(5,("cmd_lsa_query_info: query succeeded\n"));
138 report(out_hnd, "LSA Query Info Policy\n");
140 if (info->dom.level3_dom[0] != 0)
142 sid_to_string(sid, &info->dom.level3_sid);
143 report(out_hnd, "Domain Member - Domain: %s SID: %s\n",
144 info->dom.level3_dom, sid);
145 domain_something = True;
147 if (info->dom.level5_dom[0] != 0)
149 sid_to_string(sid, &info->dom.level5_sid);
150 report(out_hnd, "Domain Controller - Domain: %s SID: %s\n",
151 info->dom.level5_dom, sid);
152 domain_something = True;
154 if (!domain_something)
156 report(out_hnd, "%s is not a Domain Member or Controller\n",
162 DEBUG(5,("cmd_lsa_query_info: query failed\n"));
166 /****************************************************************************
168 ****************************************************************************/
169 void cmd_lsa_lookup_names(struct client_info *info, int argc, char *argv[])
177 DOM_SID *sids = NULL;
185 fstrcpy(srv_name, "\\\\");
186 fstrcat(srv_name, info->dest_host);
189 DEBUG(4,("cmd_lsa_lookup_names: server: %s\n", srv_name));
199 report(out_hnd, "lookupnames <name> [<name> ...]\n");
203 /* lookup domain controller; receive a policy handle */
204 res = res ? lsa_open_policy( srv_name,
205 &lsa_pol, True) : False;
207 /* send lsa lookup sids call */
208 res = res ? lsa_lookup_names( &lsa_pol,
210 &sids, NULL, &num_sids) : False;
212 res = res ? lsa_close(&lsa_pol) : False;
216 DEBUG(5,("cmd_lsa_lookup_names: query succeeded\n"));
220 DEBUG(5,("cmd_lsa_lookup_names: query failed\n"));
225 report(out_hnd, "Lookup Names:\n");
226 for (i = 0; i < num_sids; i++)
228 sid_to_string(temp, &sids[i]);
229 report(out_hnd, "SID: %s -> %s\n", names[i], temp);
241 /****************************************************************************
243 ****************************************************************************/
244 void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[])
250 DOM_SID **sids = NULL;
257 fstrcpy(srv_name, "\\\\");
258 fstrcat(srv_name, info->dest_host);
261 DEBUG(4,("cmd_lsa_lookup_sids: server: %s\n", srv_name));
269 if (strnequal("S-", argv[0], 2))
271 fstrcpy(sid_name, argv[0]);
275 sid_to_string(sid_name, &info->dom.level5_sid);
277 if (sid_name[0] == 0)
279 report(out_hnd, "please use lsaquery first or specify a complete SID\n");
283 fstrcat(sid_name, "-");
284 fstrcat(sid_name, argv[0]);
286 string_to_sid(&sid, sid_name);
288 add_sid_to_array(&num_sids, &sids, &sid);
296 report(out_hnd, "lookupsid RID or SID\n");
300 /* lookup domain controller; receive a policy handle */
301 res = res ? lsa_open_policy( srv_name,
302 &lsa_pol, True) : False;
304 /* send lsa lookup sids call */
305 res = res ? lsa_lookup_sids( &lsa_pol,
307 &names, NULL, &num_names) : False;
309 res = res ? lsa_close(&lsa_pol) : False;
313 DEBUG(5,("cmd_lsa_lookup_sids: query succeeded\n"));
317 DEBUG(5,("cmd_lsa_lookup_sids: query failed\n"));
321 report(out_hnd, "Lookup SIDS:\n");
322 for (i = 0; i < num_names; i++)
325 sid_to_string(temp, sids[i]);
326 report(out_hnd, "SID: %s -> %s\n", temp, names[i]);
327 if (names[i] != NULL)
335 free_sid_array(num_sids, sids);
338 /****************************************************************************
340 ****************************************************************************/
341 void cmd_lsa_query_secret(struct client_info *info, int argc, char *argv[])
348 fstrcpy(srv_name, "\\\\");
349 fstrcat(srv_name, info->dest_host);
354 report(out_hnd, "querysecret <secret name>\n");
358 secret_name = argv[1];
360 if (msrpc_lsa_query_secret(srv_name, secret_name, &secret, &last_update))
363 report(out_hnd, "\tValue : ");
364 for (i = 0; i < secret.str_str_len; i++)
366 report(out_hnd, "%02X", secret.buffer[i]);
369 report(out_hnd, "\n\tLast Updated: %s\n\n",
370 http_timestring(nt_time_to_unix(&last_update)));
374 report(out_hnd, "LSA Query Secret: failed\n");