- adding builtin[alias]db.
[samba.git] / source / rpcclient / cmd_samr.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 1.9.
4    NT Domain Authentication SMB / MSRPC client
5    Copyright (C) Andrew Tridgell 1994-1997
6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7    
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23
24
25 #ifdef SYSLOG
26 #undef SYSLOG
27 #endif
28
29 #include "includes.h"
30 #include "nterr.h"
31
32 extern int DEBUGLEVEL;
33
34 #define DEBUG_TESTING
35
36 extern struct cli_state *smb_cli;
37
38 extern FILE* out_hnd;
39
40
41 /****************************************************************************
42 SAM password change
43 ****************************************************************************/
44 void cmd_sam_ntchange_pwd(struct client_info *info)
45 {
46         fstring srv_name;
47         fstring domain;
48         fstring sid;
49         char *new_passwd;
50         BOOL res = True;
51         char nt_newpass[516];
52         uchar nt_hshhash[16];
53         uchar nt_newhash[16];
54         uchar nt_oldhash[16];
55         char lm_newpass[516];
56         uchar lm_newhash[16];
57         uchar lm_hshhash[16];
58         uchar lm_oldhash[16];
59
60         sid_to_string(sid, &info->dom.level5_sid);
61         fstrcpy(domain, info->dom.level5_dom);
62
63         fstrcpy(srv_name, "\\\\");
64         fstrcat(srv_name, info->dest_host);
65         strupper(srv_name);
66
67         fprintf(out_hnd, "SAM NT Password Change\n");
68
69 #if 0
70         struct pwd_info new_pwd;
71         pwd_read(&new_pwd, "New Password (ONCE: this is test code!):", True);
72 #endif
73         new_passwd = (char*)getpass("New Password (ONCE ONLY - get it right :-)");
74
75         nt_lm_owf_gen(new_passwd, lm_newhash, nt_newhash);
76         pwd_get_lm_nt_16(&(smb_cli->pwd), lm_oldhash, nt_oldhash );
77         make_oem_passwd_hash(nt_newpass, new_passwd, nt_oldhash, True);
78         make_oem_passwd_hash(lm_newpass, new_passwd, lm_oldhash, True);
79         E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash);
80         E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash);
81
82         cli_nt_set_ntlmssp_flgs(smb_cli,
83                                     NTLMSSP_NEGOTIATE_UNICODE |
84                                     NTLMSSP_NEGOTIATE_OEM |
85                                     NTLMSSP_NEGOTIATE_SIGN |
86                                     NTLMSSP_NEGOTIATE_SEAL |
87                                     NTLMSSP_NEGOTIATE_LM_KEY |
88                                     NTLMSSP_NEGOTIATE_NTLM |
89                                     NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
90                                     NTLMSSP_NEGOTIATE_00001000 |
91                                     NTLMSSP_NEGOTIATE_00002000);
92
93         /* open SAMR session.  */
94         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
95
96         /* establish a connection. */
97         res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
98
99         /* establish a connection. */
100         res = res ? do_samr_chgpasswd_user(smb_cli,
101                                            srv_name, smb_cli->user_name,
102                                            nt_newpass, nt_hshhash,
103                                            lm_newpass, lm_hshhash) : False;
104         /* close the session */
105         cli_nt_session_close(smb_cli);
106
107         if (res)
108         {
109                 fprintf(out_hnd, "NT Password changed OK\n");
110         }
111         else
112         {
113                 fprintf(out_hnd, "NT Password change FAILED\n");
114         }
115 }
116
117
118 /****************************************************************************
119 experimental SAM encryted rpc test connection
120 ****************************************************************************/
121 void cmd_sam_test(struct client_info *info)
122 {
123         fstring srv_name;
124         fstring domain;
125         fstring sid;
126         BOOL res = True;
127
128         sid_to_string(sid, &info->dom.level5_sid);
129         fstrcpy(domain, info->dom.level5_dom);
130
131 /*
132         if (strlen(sid) == 0)
133         {
134                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
135                 return;
136         }
137 */
138         fstrcpy(srv_name, "\\\\");
139         fstrcat(srv_name, info->dest_host);
140         strupper(srv_name);
141
142         fprintf(out_hnd, "SAM Encryption Test\n");
143
144         cli_nt_set_ntlmssp_flgs(smb_cli,
145                                     NTLMSSP_NEGOTIATE_UNICODE |
146                                     NTLMSSP_NEGOTIATE_OEM |
147                                     NTLMSSP_NEGOTIATE_SIGN |
148                                     NTLMSSP_NEGOTIATE_SEAL |
149                                     NTLMSSP_NEGOTIATE_LM_KEY |
150                                     NTLMSSP_NEGOTIATE_NTLM |
151                                     NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
152                                     NTLMSSP_NEGOTIATE_00001000 |
153                                     NTLMSSP_NEGOTIATE_00002000);
154
155         /* open SAMR session.  */
156         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
157
158         /* establish a connection. */
159         res = res ? do_samr_unknown_38(smb_cli, srv_name) : False;
160
161         /* close the session */
162         cli_nt_session_close(smb_cli);
163
164         if (res)
165         {
166                 DEBUG(5,("cmd_sam_test: succeeded\n"));
167         }
168         else
169         {
170                 DEBUG(5,("cmd_sam_test: failed\n"));
171         }
172 }
173
174
175 /****************************************************************************
176 experimental SAM users enum.
177 ****************************************************************************/
178 void cmd_sam_enum_users(struct client_info *info)
179 {
180         fstring srv_name;
181         fstring domain;
182         fstring sid;
183         DOM_SID sid1;
184         DOM_SID sid_1_5_20;
185         int user_idx;
186         BOOL res = True;
187         BOOL res1 = True;
188         BOOL request_user_info  = False;
189         BOOL request_group_info = False;
190         BOOL request_alias_info = False;
191         uint16 num_entries = 0;
192         uint16 unk_0 = 0x0;
193         uint16 acb_mask = 0;
194         uint16 unk_1 = 0x0;
195         uint32 admin_rid = 0x304; /* absolutely no idea. */
196         fstring tmp;
197         int i;
198
199         sid_copy(&sid1, &info->dom.level5_sid);
200         sid_to_string(sid, &sid1);
201         fstrcpy(domain, info->dom.level5_dom);
202
203         if (sid1.num_auths == 0)
204         {
205                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
206                 return;
207         }
208
209
210         fstrcpy(srv_name, "\\\\");
211         fstrcat(srv_name, info->dest_host);
212         strupper(srv_name);
213
214         for (i = 0; i < 3; i++)
215         {
216                 /* a bad way to do token parsing... */
217                 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
218                 {
219                         request_user_info  |= strequal(tmp, "-u");
220                         request_group_info |= strequal(tmp, "-g");
221                         request_alias_info |= strequal(tmp, "-a");
222                 }
223                 else
224                 {
225                         break;
226                 }
227         }
228
229 #ifdef DEBUG_TESTING
230         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
231         {
232                 num_entries = (uint16)strtol(tmp, (char**)NULL, 16);
233         }
234
235         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
236         {
237                 unk_0 = (uint16)strtol(tmp, (char**)NULL, 16);
238         }
239
240         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
241         {
242                 acb_mask = (uint16)strtol(tmp, (char**)NULL, 16);
243         }
244
245         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
246         {
247                 unk_1 = (uint16)strtol(tmp, (char**)NULL, 16);
248         }
249 #endif
250
251         string_to_sid(&sid_1_5_20, "S-1-5-32");
252
253         fprintf(out_hnd, "SAM Enumerate Users\n");
254         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
255                           info->myhostname, srv_name, domain, sid);
256
257 #ifdef DEBUG_TESTING
258         DEBUG(5,("Number of entries:%d unk_0:%04x acb_mask:%04x unk_1:%04x\n",
259                   num_entries, unk_0, acb_mask, unk_1));
260 #endif
261
262         /* open SAMR session.  negotiate credentials */
263         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
264
265         /* establish a connection. */
266         res = res ? do_samr_connect(smb_cli, 
267                                 srv_name, 0x00000020,
268                                 &info->dom.samr_pol_connect) : False;
269
270         /* connect to the domain */
271         res = res ? do_samr_open_domain(smb_cli, 
272                     &info->dom.samr_pol_connect, admin_rid, &sid1,
273                     &info->dom.samr_pol_open_domain) : False;
274
275         /* connect to the S-1-5-20 domain */
276         res1 = res ? do_samr_open_domain(smb_cli, 
277                     &info->dom.samr_pol_connect, admin_rid, &sid_1_5_20,
278                     &info->dom.samr_pol_open_builtindom) : False;
279
280         /* read some users */
281         res = res ? do_samr_enum_dom_users(smb_cli, 
282                                 &info->dom.samr_pol_open_domain,
283                     num_entries, unk_0, acb_mask, unk_1, 0xffff,
284                                 &info->dom.sam, &info->dom.num_sam_entries) : False;
285
286         if (res && info->dom.num_sam_entries == 0)
287         {
288                 fprintf(out_hnd, "No users\n");
289         }
290
291                 /* query all the users */
292         for (user_idx = 0; res && user_idx < info->dom.num_sam_entries; user_idx++)
293                 {
294                         uint32 user_rid = info->dom.sam[user_idx].user_rid;
295                         SAM_USER_INFO_21 usr;
296
297                         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
298                                           user_rid,
299                                           info->dom.sam[user_idx].acct_name);
300
301                         if (request_user_info)
302                         {
303                                 /* send user info query, level 0x15 */
304                                 if (get_samr_query_userinfo(smb_cli,
305                                                         &info->dom.samr_pol_open_domain,
306                                                         0x15, user_rid, &usr))
307                                 {
308                                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
309                                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
310                                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
311                                 }
312                         }
313
314                         if (request_group_info)
315                         {
316                                 uint32 num_groups;
317                                 DOM_GID gid[LSA_MAX_GROUPS];
318
319                                 /* send user group query */
320                                 if (get_samr_query_usergroups(smb_cli,
321                                                         &info->dom.samr_pol_open_domain,
322                                                         user_rid, &num_groups, gid))
323                                 {
324                                         display_group_rid_info(out_hnd, ACTION_HEADER   , num_groups, gid);
325                                         display_group_rid_info(out_hnd, ACTION_ENUMERATE, num_groups, gid);
326                                         display_group_rid_info(out_hnd, ACTION_FOOTER   , num_groups, gid);
327                                 }
328                         }
329
330                         if (request_alias_info)
331                         {
332                                 uint32 num_aliases;
333                                 uint32 rid[LSA_MAX_GROUPS];
334                                 DOM_SID als_sid;
335
336                                 sid_copy(&als_sid, &sid1);
337                                 sid_append_rid(&als_sid, user_rid);
338
339                                 /* send user alias query */
340                                 if (do_samr_query_useraliases(smb_cli,
341                                                         &info->dom.samr_pol_open_domain,
342                                                         &als_sid, &num_aliases, rid))
343                                 {
344                                 display_alias_rid_info(out_hnd, ACTION_HEADER   , &sid1, num_aliases, rid);
345                                 display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid1, num_aliases, rid);
346                                 display_alias_rid_info(out_hnd, ACTION_FOOTER   , &sid1, num_aliases, rid);
347                         }
348
349                         /* send user alias query */
350                         if (res1 && do_samr_query_useraliases(smb_cli,
351                                                 &info->dom.samr_pol_open_builtindom,
352                                                 &als_sid, &num_aliases, rid))
353                         {
354                                 display_alias_rid_info(out_hnd, ACTION_HEADER   , &sid_1_5_20, num_aliases, rid);
355                                 display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid_1_5_20, num_aliases, rid);
356                                 display_alias_rid_info(out_hnd, ACTION_FOOTER   , &sid_1_5_20, num_aliases, rid);
357                         }
358                 }
359         }
360
361         res1 = res1 ? do_samr_close(smb_cli,
362                     &info->dom.samr_pol_open_builtindom) : False;
363
364         res = res ? do_samr_close(smb_cli,
365                     &info->dom.samr_pol_open_domain) : False;
366
367         res = res ? do_samr_close(smb_cli,
368                     &info->dom.samr_pol_connect) : False;
369
370         /* close the session */
371         cli_nt_session_close(smb_cli);
372
373         if (info->dom.sam != NULL)
374         {
375                 free(info->dom.sam);
376         }
377
378         if (res)
379         {
380                 DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
381         }
382         else
383         {
384                 DEBUG(5,("cmd_sam_enum_users: failed\n"));
385         }
386 }
387
388
389 /****************************************************************************
390 experimental SAM user query.
391 ****************************************************************************/
392 void cmd_sam_query_user(struct client_info *info)
393 {
394         fstring srv_name;
395         fstring domain;
396         fstring sid;
397         DOM_SID sid1;
398         int user_idx = 0;  /* FIXME maybe ... */
399         BOOL res = True;
400         uint32 admin_rid = 0x304; /* absolutely no idea. */
401         fstring rid_str ;
402         fstring info_str;
403         uint32 user_rid = 0;
404         uint32 info_level = 0x15;
405
406         SAM_USER_INFO_21 usr;
407
408         sid_to_string(sid, &info->dom.level5_sid);
409         fstrcpy(domain, info->dom.level5_dom);
410
411         if (strlen(sid) == 0)
412         {
413                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
414                 return;
415         }
416
417         string_to_sid(&sid1, sid);
418
419         fstrcpy(srv_name, "\\\\");
420         fstrcat(srv_name, info->dest_host);
421         strupper(srv_name);
422
423         if (next_token(NULL, rid_str , NULL, sizeof(rid_str )) &&
424             next_token(NULL, info_str, NULL, sizeof(info_str)))
425         {
426                 user_rid   = (uint32)strtol(rid_str , (char**)NULL, 16);
427                 info_level = (uint32)strtol(info_str, (char**)NULL, 10);
428         }
429
430         fprintf(out_hnd, "SAM Query User: rid %x info level %d\n",
431                           user_rid, info_level);
432         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
433                           info->myhostname, srv_name, domain, sid);
434
435         /* open SAMR session.  negotiate credentials */
436         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
437
438         /* establish a connection. */
439         res = res ? do_samr_connect(smb_cli,
440                                 srv_name, 0x00000020,
441                                 &info->dom.samr_pol_connect) : False;
442
443         /* connect to the domain */
444         res = res ? do_samr_open_domain(smb_cli,
445                     &info->dom.samr_pol_connect, admin_rid, &sid1,
446                     &info->dom.samr_pol_open_domain) : False;
447
448         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
449                           user_rid,
450                           info->dom.sam[user_idx].acct_name);
451
452         /* send user info query, level */
453         if (get_samr_query_userinfo(smb_cli,
454                                         &info->dom.samr_pol_open_domain,
455                                         info_level, user_rid, &usr))
456         {
457                 if (info_level == 0x15)
458                 {
459                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
460                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
461                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
462                 }
463         }
464
465         res = res ? do_samr_close(smb_cli,
466                     &info->dom.samr_pol_connect) : False;
467
468         res = res ? do_samr_close(smb_cli,
469                     &info->dom.samr_pol_open_domain) : False;
470
471         /* close the session */
472         cli_nt_session_close(smb_cli);
473
474         if (res)
475         {
476                 DEBUG(5,("cmd_sam_query_user: succeeded\n"));
477         }
478         else
479         {
480                 DEBUG(5,("cmd_sam_query_user: failed\n"));
481         }
482 }
483
484
485 /****************************************************************************
486 experimental SAM groups query.
487 ****************************************************************************/
488 void cmd_sam_query_groups(struct client_info *info)
489 {
490         fstring srv_name;
491         fstring domain;
492         fstring sid;
493         DOM_SID sid1;
494         BOOL res = True;
495         fstring info_str;
496         uint32 switch_value = 2;
497         uint32 admin_rid = 0x304; /* absolutely no idea. */
498
499         sid_to_string(sid, &info->dom.level5_sid);
500         fstrcpy(domain, info->dom.level5_dom);
501
502         if (strlen(sid) == 0)
503         {
504                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
505                 return;
506         }
507
508         string_to_sid(&sid1, sid);
509
510         fstrcpy(srv_name, "\\\\");
511         fstrcat(srv_name, info->dest_host);
512         strupper(srv_name);
513
514         if (next_token(NULL, info_str, NULL, sizeof(info_str)))
515         {
516                 switch_value = (uint32)strtol(info_str, (char**)NULL, 10);
517         }
518
519         fprintf(out_hnd, "SAM Query Groups: info level %d\n", switch_value);
520         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
521                           info->myhostname, srv_name, domain, sid);
522
523         /* open SAMR session.  negotiate credentials */
524         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
525
526         /* establish a connection. */
527         res = res ? do_samr_connect(smb_cli, 
528                                 srv_name, 0x00000020,
529                                 &info->dom.samr_pol_connect) : False;
530
531         /* connect to the domain */
532         res = res ? do_samr_open_domain(smb_cli, 
533                     &info->dom.samr_pol_connect, admin_rid, &sid1,
534                     &info->dom.samr_pol_open_domain) : False;
535
536         /* send a samr 0x8 command */
537         res = res ? do_samr_query_dom_info(smb_cli,
538                     &info->dom.samr_pol_open_domain, switch_value) : False;
539
540         res = res ? do_samr_close(smb_cli,
541                     &info->dom.samr_pol_connect) : False;
542
543         res = res ? do_samr_close(smb_cli, 
544                     &info->dom.samr_pol_open_domain) : False;
545
546         /* close the session */
547         cli_nt_session_close(smb_cli);
548
549         if (res)
550         {
551                 DEBUG(5,("cmd_sam_query_groups: succeeded\n"));
552         }
553         else
554         {
555                 DEBUG(5,("cmd_sam_query_groups: failed\n"));
556         }
557 }
558
559
560 /****************************************************************************
561 experimental SAM aliases query.
562 ****************************************************************************/
563 void cmd_sam_enum_aliases(struct client_info *info)
564 {
565         fstring srv_name;
566         fstring domain;
567         fstring sid;
568         DOM_SID sid1;
569         BOOL res = True;
570         BOOL request_user_info  = False;
571         BOOL request_alias_info = False;
572         uint32 admin_rid = 0x304; /* absolutely no idea. */
573         fstring tmp;
574
575         uint32 num_aliases = 3;
576         uint32 alias_rid[3] = { DOMAIN_GROUP_RID_ADMINS, DOMAIN_GROUP_RID_USERS, DOMAIN_GROUP_RID_GUESTS };
577         fstring alias_names [3];
578         uint32  num_als_usrs[3];
579
580         sid_to_string(sid, &info->dom.level3_sid);
581         fstrcpy(domain, info->dom.level3_dom);
582 #if 0
583         fstrcpy(sid   , "S-1-5-20");
584 #endif
585         if (strlen(sid) == 0)
586         {
587                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
588                 return;
589         }
590
591         string_to_sid(&sid1, sid);
592
593         fstrcpy(srv_name, "\\\\");
594         fstrcat(srv_name, info->dest_host);
595         strupper(srv_name);
596
597         /* a bad way to do token parsing... */
598         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
599         {
600                 request_user_info  |= strequal(tmp, "-u");
601                 request_alias_info |= strequal(tmp, "-g");
602         }
603
604         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
605         {
606                 request_user_info  |= strequal(tmp, "-u");
607                 request_alias_info |= strequal(tmp, "-g");
608         }
609
610         fprintf(out_hnd, "SAM Enumerate Aliases\n");
611         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
612                           info->myhostname, srv_name, domain, sid);
613
614         /* open SAMR session.  negotiate credentials */
615         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
616
617         /* establish a connection. */
618         res = res ? do_samr_connect(smb_cli,
619                                 srv_name, 0x00000020,
620                                 &info->dom.samr_pol_connect) : False;
621
622         /* connect to the domain */
623         res = res ? do_samr_open_domain(smb_cli,
624                     &info->dom.samr_pol_connect, admin_rid, &sid1,
625                     &info->dom.samr_pol_open_domain) : False;
626
627         /* send a query on the aliases */
628         res = res ? do_samr_query_unknown_12(smb_cli,
629                     &info->dom.samr_pol_open_domain, admin_rid, num_aliases, alias_rid,
630                     &num_aliases, alias_names, num_als_usrs) : False;
631
632         if (res)
633         {
634                 display_alias_name_info(out_hnd, ACTION_HEADER   , num_aliases, alias_names, num_als_usrs);
635                 display_alias_name_info(out_hnd, ACTION_ENUMERATE, num_aliases, alias_names, num_als_usrs);
636                 display_alias_name_info(out_hnd, ACTION_FOOTER   , num_aliases, alias_names, num_als_usrs);
637         }
638
639 #if 0
640
641         /* read some users */
642         res = res ? do_samr_enum_dom_users(smb_cli,
643                                 &info->dom.samr_pol_open_domain,
644                     num_entries, unk_0, acb_mask, unk_1, 0xffff,
645                                 info->dom.sam, &info->dom.num_sam_entries) : False;
646
647         if (res && info->dom.num_sam_entries == 0)
648         {
649                 fprintf(out_hnd, "No users\n");
650         }
651
652         if (request_user_info || request_alias_info)
653         {
654                 /* query all the users */
655                 user_idx = 0;
656
657                 while (res && user_idx < info->dom.num_sam_entries)
658                 {
659                         uint32 user_rid = info->dom.sam[user_idx].user_rid;
660                         SAM_USER_INFO_21 usr;
661
662                         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
663                                           user_rid,
664                                           info->dom.sam[user_idx].acct_name);
665
666                         if (request_user_info)
667                         {
668                                 /* send user info query, level 0x15 */
669                                 if (get_samr_query_userinfo(smb_cli,
670                                                         &info->dom.samr_pol_open_domain,
671                                                         0x15, user_rid, &usr))
672                                 {
673                                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
674                                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
675                                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
676                                 }
677                         }
678
679                         if (request_alias_info)
680                         {
681                                 uint32 num_aliases;
682                                 DOM_GID gid[LSA_MAX_GROUPS];
683
684                                 /* send user aliase query */
685                                 if (get_samr_query_useraliases(smb_cli, 
686                                                         &info->dom.samr_pol_open_domain,
687                                                         user_rid, &num_aliases, gid))
688                                 {
689                                         display_alias_info(out_hnd, ACTION_HEADER   , num_aliases, gid);
690                                         display_alias_info(out_hnd, ACTION_ENUMERATE, num_aliases, gid);
691                                         display_alias_info(out_hnd, ACTION_FOOTER   , num_aliases, gid);
692                                 }
693                         }
694
695                         user_idx++;
696                 }
697         }
698 #endif
699
700         res = res ? do_samr_close(smb_cli, 
701                     &info->dom.samr_pol_connect) : False;
702
703         res = res ? do_samr_close(smb_cli,
704                     &info->dom.samr_pol_open_domain) : False;
705
706         /* close the session */
707         cli_nt_session_close(smb_cli);
708
709         if (res)
710         {
711                 DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
712         }
713         else
714         {
715                 DEBUG(5,("cmd_sam_enum_users: failed\n"));
716         }
717 }
718
719