2 Unix SMB/Netbios implementation.
6 Copyright (C) Tim Potter 2000
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 extern int DEBUGLEVEL;
26 extern pstring server;
28 /* Look up domain related information on a remote host */
29 static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli, int argc, char **argv)
32 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
33 BOOL got_policy_hnd = False;
35 fstring sid_str, domain_name;
36 uint32 info_class = 3;
40 printf("Usage: %s [info_class]\n", argv[0]);
44 if (!(mem_ctx = talloc_init())) {
45 DEBUG(0,("cmd_lsa_query_info_poicy: talloc_init failed\n"));
46 return NT_STATUS_UNSUCCESSFUL;
50 info_class = atoi(argv[1]);
53 /* Initialise RPC connection */
54 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
55 DEBUG(0, ("Could not initialize samr pipe!\n"));
56 talloc_destroy(mem_ctx);
57 return NT_STATUS_UNSUCCESSFUL;
60 result = cli_lsa_open_policy(cli, mem_ctx, True,
61 SEC_RIGHTS_MAXIMUM_ALLOWED,
63 if (!NT_STATUS_IS_OK(result)) {
67 got_policy_hnd = True;
69 /* Lookup info policy */
71 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class,
72 domain_name, &dom_sid);
73 if (!NT_STATUS_IS_OK(result)) {
77 sid_to_string(sid_str, &dom_sid);
80 printf("domain %s has sid %s\n", domain_name, sid_str);
82 printf("could not query info for level %d\n", info_class);
88 cli_lsa_close(cli, mem_ctx, &pol);
91 cli_nt_session_close(cli);
92 talloc_destroy(mem_ctx);
97 /* Resolve a list of names to a list of sids */
99 static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli, int argc, char **argv)
102 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
103 BOOL got_policy_hnd = False;
110 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
114 if (!(mem_ctx = talloc_init())) {
115 DEBUG(0,("cmd_lsa_lookup_names: talloc_init failed\n"));
116 return NT_STATUS_UNSUCCESSFUL;
119 /* Initialise RPC connection */
120 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
121 DEBUG(0, ("Could not initialize samr pipe!\n"));
122 talloc_destroy(mem_ctx);
123 return NT_STATUS_UNSUCCESSFUL;
127 result = cli_lsa_open_policy(cli, mem_ctx, True,
128 SEC_RIGHTS_MAXIMUM_ALLOWED,
130 if (!NT_STATUS_IS_OK(result)) {
134 got_policy_hnd = True;
136 /* Lookup the names */
138 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
139 &argv[1], &sids, &types, &num_names);
140 if (!NT_STATUS_IS_OK(result)) {
146 for (i = 0; i < num_names; i++) {
149 sid_to_string(sid_str, &sids[i]);
150 printf("%s %s (%d)\n", argv[i + 1], sid_str,
156 if (got_policy_hnd) {
157 cli_lsa_close(cli, mem_ctx, &pol);
160 cli_nt_session_close(cli);
161 talloc_destroy(mem_ctx);
166 /* Resolve a list of SIDs to a list of names */
168 static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, int argc, char **argv)
171 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
172 BOOL got_policy_hnd = False;
180 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
184 if (!(mem_ctx = talloc_init())) {
185 DEBUG(0,("cmd_lsa_lookup_sids: talloc_init failed\n"));
186 return NT_STATUS_UNSUCCESSFUL;
189 /* Initialise RPC connection */
190 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
191 DEBUG(0, ("Could not initialize samr pipe!\n"));
192 talloc_destroy(mem_ctx);
193 return NT_STATUS_UNSUCCESSFUL;
196 result = cli_lsa_open_policy(cli, mem_ctx, True,
197 SEC_RIGHTS_MAXIMUM_ALLOWED,
199 if (!NT_STATUS_IS_OK(result)) {
203 got_policy_hnd = True;
205 /* Convert arguments to sids */
207 sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (argc - 1));
210 printf("out of memory\n");
214 for (i = 0; i < argc - 1; i++) {
215 string_to_sid(&sids[i], argv[i + 1]);
218 /* Lookup the SIDs */
220 result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
221 &names, &types, &num_names);
222 if (!NT_STATUS_IS_OK(result)) {
228 for (i = 0; i < num_names; i++) {
231 sid_to_string(sid_str, &sids[i]);
232 printf("%s %s (%d)\n", sid_str, names[i] ? names[i] :
233 "*unknown*", types[i]);
240 for (i = 0; i < num_names; i++) {
249 if (got_policy_hnd) {
250 cli_lsa_close(cli, mem_ctx, &pol);
253 cli_nt_session_close(cli);
254 talloc_destroy (mem_ctx);
259 /* Enumerate list of trusted domains */
261 static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli, int argc, char **argv)
264 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
265 BOOL got_policy_hnd = False;
266 DOM_SID *domain_sids;
274 printf("Usage: %s\n", argv[0]);
278 if (!(mem_ctx = talloc_init())) {
279 DEBUG(0,("cmd_lsa_enum_trust_dom: talloc_init failed\n"));
280 return NT_STATUS_UNSUCCESSFUL;
283 /* Initialise RPC connection */
284 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
285 DEBUG(0, ("Could not initialize samr pipe!\n"));
286 talloc_destroy(mem_ctx);
287 return NT_STATUS_UNSUCCESSFUL;
290 result = cli_lsa_open_policy(cli, mem_ctx, True,
291 SEC_RIGHTS_MAXIMUM_ALLOWED,
293 if (!NT_STATUS_IS_OK(result)) {
297 got_policy_hnd = True;
299 /* Lookup list of trusted domains */
301 result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
302 &num_domains, &domain_names,
304 if (!NT_STATUS_IS_OK(result)) {
310 for (i = 0; i < num_domains; i++) {
313 sid_to_string(sid_str, &domain_sids[i]);
314 printf("%s %s\n", domain_names[i] ? domain_names[i] :
315 "*unknown*", sid_str);
320 if (got_policy_hnd) {
321 cli_lsa_close(cli, mem_ctx, &pol);
324 cli_nt_session_close(cli);
325 talloc_destroy(mem_ctx);
330 /* List of commands exported by this module */
332 struct cmd_set lsarpc_commands[] = {
336 { "lsaquery", cmd_lsa_query_info_policy, "Query info policy", "" },
337 { "lookupsids", cmd_lsa_lookup_sids, "Convert SIDs to names", "" },
338 { "lookupnames", cmd_lsa_lookup_names, "Convert names to SIDs", "" },
339 { "enumtrust", cmd_lsa_enum_trust_dom, "Enumerate trusted domains", "" },