2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
27 /* useful function to allow entering a name instead of a SID and
28 * looking it up automatically */
29 static NTSTATUS name_to_sid(struct cli_state *cli,
31 DOM_SID *sid, const char *name)
38 /* maybe its a raw SID */
39 if (strncmp(name, "S-", 2) == 0 &&
40 string_to_sid(sid, name)) {
44 result = cli_lsa_open_policy(cli, mem_ctx, True,
45 SEC_RIGHTS_MAXIMUM_ALLOWED,
47 if (!NT_STATUS_IS_OK(result))
50 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
51 if (!NT_STATUS_IS_OK(result))
54 cli_lsa_close(cli, mem_ctx, &pol);
63 /* Look up domain related information on a remote host */
65 static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli,
66 TALLOC_CTX *mem_ctx, int argc,
70 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
73 fstring sid_str, domain_name="", dns_name="", forest_name="";
74 uint32 info_class = 3;
77 printf("Usage: %s [info_class]\n", argv[0]);
82 info_class = atoi(argv[1]);
84 /* Lookup info policy */
87 result = cli_lsa_open_policy2(cli, mem_ctx, True,
88 SEC_RIGHTS_MAXIMUM_ALLOWED,
91 if (!NT_STATUS_IS_OK(result))
93 result = cli_lsa_query_info_policy2(cli, mem_ctx, &pol,
94 info_class, domain_name,
95 dns_name, forest_name,
99 result = cli_lsa_open_policy(cli, mem_ctx, True,
100 SEC_RIGHTS_MAXIMUM_ALLOWED,
103 if (!NT_STATUS_IS_OK(result))
105 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol,
106 info_class, domain_name,
110 if (!NT_STATUS_IS_OK(result))
113 sid_to_string(sid_str, &dom_sid);
116 printf("domain %s has sid %s\n", domain_name, sid_str);
118 printf("could not query info for level %d\n", info_class);
121 printf("domain dns name is %s\n", dns_name);
123 printf("forest name is %s\n", forest_name);
125 if (info_class == 12) {
126 printf("domain GUID is ");
127 print_guid(&dom_guid);
133 /* Resolve a list of names to a list of sids */
135 static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
136 TALLOC_CTX *mem_ctx, int argc,
140 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
146 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
150 result = cli_lsa_open_policy(cli, mem_ctx, True,
151 SEC_RIGHTS_MAXIMUM_ALLOWED,
154 if (!NT_STATUS_IS_OK(result))
157 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
158 (const char**)(argv + 1), &sids, &types);
160 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
161 NT_STATUS_V(STATUS_SOME_UNMAPPED))
164 result = NT_STATUS_OK;
168 for (i = 0; i < (argc - 1); i++) {
170 sid_to_string(sid_str, &sids[i]);
171 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
172 sid_type_lookup(types[i]), types[i]);
179 /* Resolve a list of SIDs to a list of names */
181 static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
182 int argc, const char **argv)
185 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
193 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
197 result = cli_lsa_open_policy(cli, mem_ctx, True,
198 SEC_RIGHTS_MAXIMUM_ALLOWED,
201 if (!NT_STATUS_IS_OK(result))
204 /* Convert arguments to sids */
206 sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (argc - 1));
209 printf("could not allocate memory for %d sids\n", argc - 1);
213 for (i = 0; i < argc - 1; i++)
214 if (!string_to_sid(&sids[i], argv[i + 1])) {
215 result = NT_STATUS_INVALID_SID;
219 /* Lookup the SIDs */
221 result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
222 &domains, &names, &types);
224 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
225 NT_STATUS_V(STATUS_SOME_UNMAPPED))
228 result = NT_STATUS_OK;
232 for (i = 0; i < (argc - 1); i++) {
235 sid_to_string(sid_str, &sids[i]);
236 printf("%s %s\\%s (%d)\n", sid_str,
237 domains[i] ? domains[i] : "*unknown*",
238 names[i] ? names[i] : "*unknown*", types[i]);
245 /* Enumerate list of trusted domains */
247 static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli,
248 TALLOC_CTX *mem_ctx, int argc,
252 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
253 DOM_SID *domain_sids;
256 /* defaults, but may be changed using params */
258 uint32 num_domains = 0;
262 printf("Usage: %s [enum context (0)]\n", argv[0]);
266 if (argc == 2 && argv[1]) {
267 enum_ctx = atoi(argv[2]);
270 result = cli_lsa_open_policy(cli, mem_ctx, True,
271 POLICY_VIEW_LOCAL_INFORMATION,
274 if (!NT_STATUS_IS_OK(result))
277 /* Lookup list of trusted domains */
279 result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
281 &domain_names, &domain_sids);
282 if (!NT_STATUS_IS_OK(result) &&
283 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
284 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
287 /* Print results: list of names and sids returned in this response. */
288 for (i = 0; i < num_domains; i++) {
291 sid_to_string(sid_str, &domain_sids[i]);
292 printf("%s %s\n", domain_names[i] ? domain_names[i] :
293 "*unknown*", sid_str);
300 /* Enumerates privileges */
302 static NTSTATUS cmd_lsa_enum_privilege(struct cli_state *cli,
303 TALLOC_CTX *mem_ctx, int argc,
307 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
309 uint32 enum_context=0;
310 uint32 pref_max_length=0x1000;
318 printf("Usage: %s [enum context] [max length]\n", argv[0]);
323 enum_context=atoi(argv[1]);
326 pref_max_length=atoi(argv[2]);
328 result = cli_lsa_open_policy(cli, mem_ctx, True,
329 SEC_RIGHTS_MAXIMUM_ALLOWED,
332 if (!NT_STATUS_IS_OK(result))
335 result = cli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
336 &count, &privs_name, &privs_high, &privs_low);
338 if (!NT_STATUS_IS_OK(result))
342 printf("found %d privileges\n\n", count);
344 for (i = 0; i < count; i++) {
345 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
346 privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
353 /* Get privilege name */
355 static NTSTATUS cmd_lsa_get_dispname(struct cli_state *cli,
356 TALLOC_CTX *mem_ctx, int argc,
360 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
363 uint16 lang_id_sys=0;
368 printf("Usage: %s privilege name\n", argv[0]);
372 result = cli_lsa_open_policy(cli, mem_ctx, True,
373 SEC_RIGHTS_MAXIMUM_ALLOWED,
376 if (!NT_STATUS_IS_OK(result))
379 result = cli_lsa_get_dispname(cli, mem_ctx, &pol, argv[1], lang_id, lang_id_sys, description, &lang_id_desc);
381 if (!NT_STATUS_IS_OK(result))
385 printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
391 /* Enumerate the LSA SIDS */
393 static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli,
394 TALLOC_CTX *mem_ctx, int argc,
398 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
400 uint32 enum_context=0;
401 uint32 pref_max_length=0x1000;
407 printf("Usage: %s [enum context] [max length]\n", argv[0]);
412 enum_context=atoi(argv[1]);
415 pref_max_length=atoi(argv[2]);
417 result = cli_lsa_open_policy(cli, mem_ctx, True,
418 SEC_RIGHTS_MAXIMUM_ALLOWED,
421 if (!NT_STATUS_IS_OK(result))
424 result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
427 if (!NT_STATUS_IS_OK(result))
431 printf("found %d SIDs\n\n", count);
433 for (i = 0; i < count; i++) {
436 sid_to_string(sid_str, &sids[i]);
437 printf("%s\n", sid_str);
444 /* Enumerate the privileges of an SID */
446 static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
447 TALLOC_CTX *mem_ctx, int argc,
452 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
453 uint32 access_desired = 0x000f000f;
461 printf("Usage: %s SID\n", argv[0]);
465 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
466 if (!NT_STATUS_IS_OK(result))
469 result = cli_lsa_open_policy2(cli, mem_ctx, True,
470 SEC_RIGHTS_MAXIMUM_ALLOWED,
473 if (!NT_STATUS_IS_OK(result))
476 result = cli_lsa_open_account(cli, mem_ctx, &dom_pol, &sid, access_desired, &user_pol);
478 if (!NT_STATUS_IS_OK(result))
481 result = cli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set);
483 if (!NT_STATUS_IS_OK(result))
487 printf("found %d privileges for SID %s\n\n", count, argv[1]);
488 printf("high\tlow\tattribute\n");
490 for (i = 0; i < count; i++) {
491 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
499 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
501 static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
502 TALLOC_CTX *mem_ctx, int argc,
506 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
515 printf("Usage: %s SID\n", argv[0]);
519 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
520 if (!NT_STATUS_IS_OK(result))
523 result = cli_lsa_open_policy2(cli, mem_ctx, True,
524 SEC_RIGHTS_MAXIMUM_ALLOWED,
527 if (!NT_STATUS_IS_OK(result))
530 result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights);
532 if (!NT_STATUS_IS_OK(result))
535 printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
537 for (i = 0; i < count; i++) {
538 printf("\t%s\n", rights[i]);
546 /* add some privileges to a SID via LsaAddAccountRights */
548 static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
549 TALLOC_CTX *mem_ctx, int argc,
553 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
558 printf("Usage: %s SID [rights...]\n", argv[0]);
562 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
563 if (!NT_STATUS_IS_OK(result))
566 result = cli_lsa_open_policy2(cli, mem_ctx, True,
567 SEC_RIGHTS_MAXIMUM_ALLOWED,
570 if (!NT_STATUS_IS_OK(result))
573 result = cli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid,
576 if (!NT_STATUS_IS_OK(result))
584 /* remove some privileges to a SID via LsaRemoveAccountRights */
586 static NTSTATUS cmd_lsa_remove_acct_rights(struct cli_state *cli,
587 TALLOC_CTX *mem_ctx, int argc,
591 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
596 printf("Usage: %s SID [rights...]\n", argv[0]);
600 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
601 if (!NT_STATUS_IS_OK(result))
604 result = cli_lsa_open_policy2(cli, mem_ctx, True,
605 SEC_RIGHTS_MAXIMUM_ALLOWED,
608 if (!NT_STATUS_IS_OK(result))
611 result = cli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid,
612 False, argc-2, argv+2);
614 if (!NT_STATUS_IS_OK(result))
622 /* Get a privilege value given its name */
624 static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
625 TALLOC_CTX *mem_ctx, int argc,
629 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
633 printf("Usage: %s name\n", argv[0]);
637 result = cli_lsa_open_policy2(cli, mem_ctx, True,
638 SEC_RIGHTS_MAXIMUM_ALLOWED,
641 if (!NT_STATUS_IS_OK(result))
644 result = cli_lsa_lookupprivvalue(cli, mem_ctx, &pol, argv[1], &luid);
646 if (!NT_STATUS_IS_OK(result))
651 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
657 /* Query LSA security object */
659 static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli,
660 TALLOC_CTX *mem_ctx, int argc,
664 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
666 uint32 sec_info = 0x00000004; /* ??? */
669 printf("Usage: %s\n", argv[0]);
673 result = cli_lsa_open_policy2(cli, mem_ctx, True,
674 SEC_RIGHTS_MAXIMUM_ALLOWED,
677 if (!NT_STATUS_IS_OK(result))
680 result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
682 if (!NT_STATUS_IS_OK(result))
687 display_sec_desc(sdb->sec);
694 /* List of commands exported by this module */
696 struct cmd_set lsarpc_commands[] = {
700 { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, PI_LSARPC, "Query info policy", "" },
701 { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, PI_LSARPC, "Convert SIDs to names", "" },
702 { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, PI_LSARPC, "Convert names to SIDs", "" },
703 { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, PI_LSARPC, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
704 { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, PI_LSARPC, "Enumerate privileges", "" },
705 { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, PI_LSARPC, "Get the privilege name", "" },
706 { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" },
707 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" },
708 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" },
709 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
710 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
711 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
712 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, PI_LSARPC, "Query LSA security object", "" },