2 Unix SMB/CIFS implementation.
5 Copyright (C) Jelmer Vernooij 2002
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 static void print_account(SAM_ACCOUNT_HANDLE *a)
30 static NTSTATUS cmd_context(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
36 plugins = malloc(argc * sizeof(char *));
38 for(i = 1; i < argc; i++)
39 plugins[i-1] = argv[i];
41 plugins[argc-1] = NULL;
43 if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugins))) {
44 printf("make_sam_context_list failed: %s\n", nt_errstr(status));
54 static NTSTATUS cmd_load_module(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
58 if (argc != 2 && argc != 3) {
59 printf("Usage: load <module path> [domain-name]\n");
64 asprintf(&plugin_arg[0], "plugin:%s|%s", argv[1], argv[2]);
66 asprintf(&plugin_arg[0], "plugin:%s", argv[1]);
70 if(!NT_STATUS_IS_OK(status = make_sam_context_list(&st->context, plugin_arg))) {
81 static NTSTATUS cmd_get_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
83 return NT_STATUS_NOT_IMPLEMENTED;
86 static NTSTATUS cmd_set_sec_desc(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
88 return NT_STATUS_NOT_IMPLEMENTED;
91 static NTSTATUS cmd_lookup_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
98 printf("Usage: lookup_sid <sid>\n");
99 return NT_STATUS_INVALID_PARAMETER;
102 if (!string_to_sid(&sid, argv[1])){
103 printf("Unparseable SID specified!\n");
104 return NT_STATUS_INVALID_PARAMETER;
107 if (!NT_STATUS_IS_OK(status = sam_lookup_sid(st->context, st->token, mem_ctx, &sid, &name, &type))) {
108 printf("sam_lookup_sid failed!\n");
112 printf("Name: %s\n", name);
113 printf("Type: %d\n", type); /* FIXME: What kind of an integer is type ? */
118 static NTSTATUS cmd_lookup_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
124 printf("Usage: lookup_name <domain> <name>\n");
125 return NT_STATUS_INVALID_PARAMETER;
128 if (!NT_STATUS_IS_OK(status = sam_lookup_name(st->context, st->token, argv[1], argv[2], &sid, &type))) {
129 printf("sam_lookup_name failed!\n");
133 printf("SID: %s\n", sid_string_static(&sid));
134 printf("Type: %d\n", type);
139 static NTSTATUS cmd_lookup_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
141 return NT_STATUS_NOT_IMPLEMENTED;
144 static NTSTATUS cmd_lookup_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
146 return NT_STATUS_NOT_IMPLEMENTED;
149 static NTSTATUS cmd_lookup_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
154 printf("Usage: lookup_domain <domain>\n");
155 return NT_STATUS_INVALID_PARAMETER;
158 if (!NT_STATUS_IS_OK(status = sam_lookup_domain(st->context, st->token, argv[1], &sid))) {
159 printf("sam_lookup_name failed!\n");
163 printf("SID: %s\n", sid_string_static(sid));
168 static NTSTATUS cmd_enum_domains(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
170 int32 domain_count, i;
171 DOM_SID *domain_sids;
175 if (!NT_STATUS_IS_OK(status = sam_enum_domains(st->context, st->token, &domain_count, &domain_sids, &domain_names))) {
176 printf("sam_enum_domains failed!\n");
180 if (domain_count == 0) {
181 printf("No domains found!\n");
185 for (i = 0; i < domain_count; i++) {
186 printf("%s %s\n", domain_names[i], sid_string_static(&domain_sids[i]));
189 SAFE_FREE(domain_sids);
190 SAFE_FREE(domain_names);
195 static NTSTATUS cmd_update_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
197 return NT_STATUS_NOT_IMPLEMENTED;
200 static NTSTATUS cmd_show_domain(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
204 SAM_DOMAIN_HANDLE *domain;
209 const char *tmp_string;
212 printf("Usage: show_domain <sid>\n");
216 if (!string_to_sid(&sid, argv[1])){
217 printf("Unparseable SID specified!\n");
218 return NT_STATUS_INVALID_PARAMETER;
221 if (!NT_STATUS_IS_OK(status = sam_get_domain_by_sid(st->context, st->token, GENERIC_RIGHTS_DOMAIN_ALL_ACCESS, &sid, &domain))) {
222 printf("sam_get_domain_by_sid failed\n");
226 if (!NT_STATUS_IS_OK(status = sam_get_domain_num_accounts(domain, &tmp_uint32))) {
227 printf("sam_get_domain_num_accounts failed: %s\n", nt_errstr(status));
229 printf("Number of accounts: %d\n", tmp_uint32);
232 if (!NT_STATUS_IS_OK(status = sam_get_domain_num_groups(domain, &tmp_uint32))) {
233 printf("sam_get_domain_num_groups failed: %s\n", nt_errstr(status));
235 printf("Number of groups: %u\n", tmp_uint32);
238 if (!NT_STATUS_IS_OK(status = sam_get_domain_num_aliases(domain, &tmp_uint32))) {
239 printf("sam_get_domain_num_aliases failed: %s\n", nt_errstr(status));
241 printf("Number of aliases: %u\n", tmp_uint32);
244 if (!NT_STATUS_IS_OK(status = sam_get_domain_name(domain, &tmp_string))) {
245 printf("sam_get_domain_name failed: %s\n", nt_errstr(status));
247 printf("Domain Name: %s\n", tmp_string);
250 if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_count(domain, &tmp_uint16))) {
251 printf("sam_get_domain_lockout_count failed: %s\n", nt_errstr(status));
253 printf("Lockout Count: %u\n", tmp_uint16);
256 if (!NT_STATUS_IS_OK(status = sam_get_domain_force_logoff(domain, &tmp_bool))) {
257 printf("sam_get_domain_force_logoff failed: %s\n", nt_errstr(status));
259 printf("Force Logoff: %s\n", (tmp_bool?"Yes":"No"));
262 if (!NT_STATUS_IS_OK(status = sam_get_domain_lockout_duration(domain, &tmp_nttime))) {
263 printf("sam_get_domain_lockout_duration failed: %s\n", nt_errstr(status));
265 printf("Lockout duration: %u\n", tmp_nttime.low);
268 if (!NT_STATUS_IS_OK(status = sam_get_domain_login_pwdchange(domain, &tmp_bool))) {
269 printf("sam_get_domain_login_pwdchange failed: %s\n", nt_errstr(status));
271 printf("Password changing allowed: %s\n", (tmp_bool?"Yes":"No"));
274 if (!NT_STATUS_IS_OK(status = sam_get_domain_max_pwdage(domain, &tmp_nttime))) {
275 printf("sam_get_domain_max_pwdage failed: %s\n", nt_errstr(status));
277 printf("Maximum password age: %u\n", tmp_nttime.low);
280 if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdage(domain, &tmp_nttime))) {
281 printf("sam_get_domain_min_pwdage failed: %s\n", nt_errstr(status));
283 printf("Minimal password age: %u\n", tmp_nttime.low);
286 if (!NT_STATUS_IS_OK(status = sam_get_domain_min_pwdlength(domain, &tmp_uint16))) {
287 printf("sam_get_domain_min_pwdlength: %s\n", nt_errstr(status));
289 printf("Minimal Password Length: %u\n", tmp_uint16);
292 if (!NT_STATUS_IS_OK(status = sam_get_domain_pwd_history(domain, &tmp_uint16))) {
293 printf("sam_get_domain_pwd_history failed: %s\n", nt_errstr(status));
295 printf("Password history: %u\n", tmp_uint16);
298 if (!NT_STATUS_IS_OK(status = sam_get_domain_reset_count(domain, &tmp_nttime))) {
299 printf("sam_get_domain_reset_count failed: %s\n", nt_errstr(status));
301 printf("Reset count: %u\n", tmp_nttime.low);
304 if (!NT_STATUS_IS_OK(status = sam_get_domain_server(domain, &tmp_string))) {
305 printf("sam_get_domain_server failed: %s\n", nt_errstr(status));
307 printf("Server: %s\n", tmp_string);
313 static NTSTATUS cmd_create_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
315 return NT_STATUS_NOT_IMPLEMENTED;
318 static NTSTATUS cmd_update_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
320 return NT_STATUS_NOT_IMPLEMENTED;
323 static NTSTATUS cmd_delete_account(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
325 return NT_STATUS_NOT_IMPLEMENTED;
328 static NTSTATUS cmd_enum_accounts(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
332 int32 account_count, i;
333 SAM_ACCOUNT_ENUM *accounts;
336 printf("Usage: enum_accounts <domain-sid>\n");
337 return NT_STATUS_INVALID_PARAMETER;
340 if (!string_to_sid(&sid, argv[1])){
341 printf("Unparseable SID specified!\n");
342 return NT_STATUS_INVALID_PARAMETER;
345 if (!NT_STATUS_IS_OK(status = sam_enum_accounts(st->context, st->token, &sid, 0, &account_count, &accounts))) {
346 printf("sam_enum_accounts failed: %s\n", nt_errstr(status));
350 if (account_count == 0) {
351 printf("No accounts found!\n");
355 for (i = 0; i < account_count; i++)
356 printf("SID: %s\nName: %s\nFullname: %s\nDescription: %s\nACB_BITS: %08X\n\n",
357 sid_string_static(&accounts[i].sid), accounts[i].account_name,
358 accounts[i].full_name, accounts[i].account_desc,
359 accounts[i].acct_ctrl);
366 static NTSTATUS cmd_lookup_account_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
370 SAM_ACCOUNT_HANDLE *account;
373 printf("Usage: lookup_account_sid <account-sid>\n");
374 return NT_STATUS_INVALID_PARAMETER;
377 if (!string_to_sid(&sid, argv[1])){
378 printf("Unparseable SID specified!\n");
379 return NT_STATUS_INVALID_PARAMETER;
382 if (!NT_STATUS_IS_OK(status = sam_get_account_by_sid(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, &sid, &account))) {
383 printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
387 print_account(account);
392 static NTSTATUS cmd_lookup_account_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
395 SAM_ACCOUNT_HANDLE *account;
398 printf("Usage: lookup_account_name <domain-name> <account-name>\n");
399 return NT_STATUS_INVALID_PARAMETER;
403 if (!NT_STATUS_IS_OK(status = sam_get_account_by_name(st->context, st->token, GENERIC_RIGHTS_USER_ALL_ACCESS, argv[1], argv[2], &account))) {
404 printf("context_sam_get_account_by_sid failed: %s\n", nt_errstr(status));
408 print_account(account);
413 static NTSTATUS cmd_create_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
415 return NT_STATUS_NOT_IMPLEMENTED;
418 static NTSTATUS cmd_update_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
420 return NT_STATUS_NOT_IMPLEMENTED;
423 static NTSTATUS cmd_delete_group(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
425 return NT_STATUS_NOT_IMPLEMENTED;
428 static NTSTATUS cmd_enum_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
430 return NT_STATUS_NOT_IMPLEMENTED;
433 static NTSTATUS cmd_lookup_group_sid(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
435 return NT_STATUS_NOT_IMPLEMENTED;
438 static NTSTATUS cmd_lookup_group_name(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
440 return NT_STATUS_NOT_IMPLEMENTED;
443 static NTSTATUS cmd_group_add_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
445 return NT_STATUS_NOT_IMPLEMENTED;
448 static NTSTATUS cmd_group_del_member(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
450 return NT_STATUS_NOT_IMPLEMENTED;
454 static NTSTATUS cmd_group_enum(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
456 return NT_STATUS_NOT_IMPLEMENTED;
460 static NTSTATUS cmd_get_sid_groups(struct samtest_state *st, TALLOC_CTX *mem_ctx, int argc, char **argv)
462 return NT_STATUS_NOT_IMPLEMENTED;
465 struct cmd_set sam_general_commands[] = {
467 { "General SAM Commands" },
469 { "load", cmd_load_module, "Load a module", "load <module.so> [domain-sid]" },
470 { "context", cmd_context, "Load specified context", "context [DOMAIN|]backend1[:options] [DOMAIN|]backend2[:options]" },
471 { "get_sec_desc", cmd_get_sec_desc, "Get security descriptor info", "get_sec_desc <access-token> <sid>" },
472 { "set_sec_desc", cmd_set_sec_desc, "Set security descriptor info", "set_sec_desc <access-token> <sid>" },
473 { "lookup_sid", cmd_lookup_sid, "Lookup type of specified SID", "lookup_sid <sid>" },
474 { "lookup_name", cmd_lookup_name, "Lookup type of specified name", "lookup_name <sid>" },
478 struct cmd_set sam_domain_commands[] = {
479 { "Domain Commands" },
480 { "update_domain", cmd_update_domain, "Update domain information", "update_domain [domain-options] domain-name | domain-sid" },
481 { "show_domain", cmd_show_domain, "Show domain information", "show_domain domain-sid | domain-name" },
482 { "enum_domains", cmd_enum_domains, "Enumerate all domains", "enum_domains <token> <acct-ctrl>" },
483 { "lookup_domain", cmd_lookup_domain, "Lookup a domain by name", "lookup_domain domain-name" },
487 struct cmd_set sam_account_commands[] = {
488 { "Account Commands" },
489 { "create_account", cmd_create_account, "Create a new account with specified properties", "create_account [account-options]" },
490 { "update_account", cmd_update_account, "Update an existing account", "update_account [account-options] account-sid | account-name" },
491 { "delete_account", cmd_delete_account, "Delete an account", "delete_account account-sid | account-name" },
492 { "enum_accounts", cmd_enum_accounts, "Enumerate all accounts", "enum_accounts <token> <acct-ctrl>" },
493 { "lookup_account", cmd_lookup_account, "Lookup an account by either sid or name", "lookup_account account-sid | account-name" },
494 { "lookup_account_sid", cmd_lookup_account_sid, "Lookup an account by sid", "lookup_account_sid account-sid" },
495 { "lookup_account_name", cmd_lookup_account_name, "Lookup an account by name", "lookup_account_name account-name" },
499 struct cmd_set sam_group_commands[] = {
500 { "Group Commands" },
501 { "create_group", cmd_create_group, "Create a new group", "create_group [group-opts]" },
502 { "update_group", cmd_update_group, "Update an existing group", "update_group [group-opts] group-name | group-sid" },
503 { "delete_group", cmd_delete_group, "Delete an existing group", "delete_group group-name | group-sid" },
504 { "enum_groups", cmd_enum_groups, "Enumerate all groups", "enum_groups <token> <group-ctrl>" },
505 { "lookup_group", cmd_lookup_group, "Lookup a group by SID or name", "lookup_group group-sid | group-name" },
506 { "lookup_group_sid", cmd_lookup_group_sid, "Lookup a group by SID", "lookup_group_sid <sid>" },
507 { "lookup_group_name", cmd_lookup_group_name, "Lookup a group by name", "lookup_group_name <name>" },
508 { "group_add_member", cmd_group_add_member, "Add group member to group", "group_add_member <group-name | group-sid> <member-name | member-sid>" },
509 { "group_del_member", cmd_group_del_member, "Delete group member from group", "group_del_member <group-name | group-sid> <member-name | member-sid>" },
510 { "group_enum", cmd_group_enum, "Enumerate all members of specified group", "group_enum group-sid | group-name" },
512 { "get_sid_groups", cmd_get_sid_groups, "Get a list of groups specified sid is a member of", "group_enum <group-sid | group-name>" },