6c6c9465d0dd24de1966d0ab98754688553ae1ce
[samba.git] / source3 / rpcclient / cmd_samr.c
1 /* 
2    Unix SMB/Netbios implementation.
3    Version 1.9.
4    NT Domain Authentication SMB / MSRPC client
5    Copyright (C) Andrew Tridgell 1994-1997
6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
7    
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23
24
25 #ifdef SYSLOG
26 #undef SYSLOG
27 #endif
28
29 #include "includes.h"
30 #include "nterr.h"
31
32 extern int DEBUGLEVEL;
33
34 #define DEBUG_TESTING
35
36 extern struct cli_state *smb_cli;
37
38 extern FILE* out_hnd;
39
40
41 /****************************************************************************
42 SAM password change
43 ****************************************************************************/
44 void cmd_sam_ntchange_pwd(struct client_info *info)
45 {
46         fstring srv_name;
47         fstring domain;
48         fstring sid;
49         char *new_passwd;
50         BOOL res = True;
51         char nt_newpass[516];
52         uchar nt_hshhash[16];
53         uchar nt_newhash[16];
54         uchar nt_oldhash[16];
55         char lm_newpass[516];
56         uchar lm_newhash[16];
57         uchar lm_hshhash[16];
58         uchar lm_oldhash[16];
59
60         sid_to_string(sid, &info->dom.level5_sid);
61         fstrcpy(domain, info->dom.level5_dom);
62
63         fstrcpy(srv_name, "\\\\");
64         fstrcat(srv_name, info->dest_host);
65         strupper(srv_name);
66
67         fprintf(out_hnd, "SAM NT Password Change\n");
68
69 #if 0
70         struct pwd_info new_pwd;
71         pwd_read(&new_pwd, "New Password (ONCE: this is test code!):", True);
72 #endif
73         new_passwd = (char*)getpass("New Password (ONCE ONLY - get it right :-)");
74
75         nt_lm_owf_gen(new_passwd, lm_newhash, nt_newhash);
76         pwd_get_lm_nt_16(&(smb_cli->pwd), lm_oldhash, nt_oldhash );
77         make_oem_passwd_hash(nt_newpass, new_passwd, nt_oldhash, True);
78         make_oem_passwd_hash(lm_newpass, new_passwd, lm_oldhash, True);
79         E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash);
80         E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash);
81
82         cli_nt_set_ntlmssp_flgs(smb_cli,
83                                     NTLMSSP_NEGOTIATE_UNICODE |
84                                     NTLMSSP_NEGOTIATE_OEM |
85                                     NTLMSSP_NEGOTIATE_SIGN |
86                                     NTLMSSP_NEGOTIATE_SEAL |
87                                     NTLMSSP_NEGOTIATE_LM_KEY |
88                                     NTLMSSP_NEGOTIATE_NTLM |
89                                     NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
90                                     NTLMSSP_NEGOTIATE_00001000 |
91                                     NTLMSSP_NEGOTIATE_00002000);
92
93         /* open SAMR session.  */
94         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
95
96         /* establish a connection. */
97         res = res ? samr_unknown_38(smb_cli, srv_name) : False;
98
99         /* establish a connection. */
100         res = res ? samr_chgpasswd_user(smb_cli,
101                                            srv_name, smb_cli->user_name,
102                                            nt_newpass, nt_hshhash,
103                                            lm_newpass, lm_hshhash) : False;
104         /* close the session */
105         cli_nt_session_close(smb_cli);
106
107         if (res)
108         {
109                 fprintf(out_hnd, "NT Password changed OK\n");
110         }
111         else
112         {
113                 fprintf(out_hnd, "NT Password change FAILED\n");
114         }
115 }
116
117
118 /****************************************************************************
119 experimental SAM encryted rpc test connection
120 ****************************************************************************/
121 void cmd_sam_test(struct client_info *info)
122 {
123         fstring srv_name;
124         fstring domain;
125         fstring sid;
126         BOOL res = True;
127
128         sid_to_string(sid, &info->dom.level5_sid);
129         fstrcpy(domain, info->dom.level5_dom);
130
131 /*
132         if (strlen(sid) == 0)
133         {
134                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
135                 return;
136         }
137 */
138         fstrcpy(srv_name, "\\\\");
139         fstrcat(srv_name, info->dest_host);
140         strupper(srv_name);
141
142         fprintf(out_hnd, "SAM Encryption Test\n");
143
144         cli_nt_set_ntlmssp_flgs(smb_cli,
145                                     NTLMSSP_NEGOTIATE_UNICODE |
146                                     NTLMSSP_NEGOTIATE_OEM |
147                                     NTLMSSP_NEGOTIATE_SIGN |
148                                     NTLMSSP_NEGOTIATE_SEAL |
149                                     NTLMSSP_NEGOTIATE_LM_KEY |
150                                     NTLMSSP_NEGOTIATE_NTLM |
151                                     NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
152                                     NTLMSSP_NEGOTIATE_00001000 |
153                                     NTLMSSP_NEGOTIATE_00002000);
154
155         /* open SAMR session.  */
156         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
157
158         /* establish a connection. */
159         res = res ? samr_unknown_38(smb_cli, srv_name) : False;
160
161         /* close the session */
162         cli_nt_session_close(smb_cli);
163
164         if (res)
165         {
166                 DEBUG(5,("cmd_sam_test: succeeded\n"));
167         }
168         else
169         {
170                 DEBUG(5,("cmd_sam_test: failed\n"));
171         }
172 }
173
174 /****************************************************************************
175 SAM create domain group.
176 ****************************************************************************/
177 void cmd_sam_create_dom_group(struct client_info *info)
178 {
179         fstring srv_name;
180         fstring domain;
181         fstring acct_name;
182         fstring acct_desc;
183         fstring sid;
184         DOM_SID sid1;
185         BOOL res = True;
186         BOOL res1 = True;
187         uint32 admin_rid = 0x220; /* absolutely no idea. */
188         uint32 group_rid; 
189
190         sid_copy(&sid1, &info->dom.level5_sid);
191         sid_to_string(sid, &sid1);
192         fstrcpy(domain, info->dom.level5_dom);
193
194         if (sid1.num_auths == 0)
195         {
196                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
197                 return;
198         }
199
200
201         fstrcpy(srv_name, "\\\\");
202         fstrcat(srv_name, info->dest_host);
203         strupper(srv_name);
204
205         if (!next_token(NULL, acct_name, NULL, sizeof(acct_name)))
206         {
207                 fprintf(out_hnd, "creategroup: <acct name> [acct description]\n");
208         }
209
210         if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc)))
211         {
212                 acct_desc[0] = 0;
213         }
214
215
216         fprintf(out_hnd, "SAM Create Domain Group\n");
217         fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n",
218                           domain, acct_name, acct_desc);
219
220         /* open SAMR session.  negotiate credentials */
221         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
222
223         /* establish a connection. */
224         res = res ? samr_connect(smb_cli, 
225                                 srv_name, 0x00000020,
226                                 &info->dom.samr_pol_connect) : False;
227
228         /* connect to the domain */
229         res = res ? samr_open_domain(smb_cli, 
230                     &info->dom.samr_pol_connect, admin_rid, &sid1,
231                     &info->dom.samr_pol_open_domain) : False;
232
233         /* read some users */
234         res1 = res ? create_samr_domain_group(smb_cli, 
235                                 &info->dom.samr_pol_open_domain,
236                                 acct_name, acct_desc, &group_rid) : False;
237
238         res = res ? samr_close(smb_cli,
239                     &info->dom.samr_pol_open_domain) : False;
240
241         res = res ? samr_close(smb_cli,
242                     &info->dom.samr_pol_connect) : False;
243
244         /* close the session */
245         cli_nt_session_close(smb_cli);
246
247         if (res && res1)
248         {
249                 DEBUG(5,("cmd_sam_create_dom_group: succeeded\n"));
250                 fprintf(out_hnd, "Create Domain Group: OK\n");
251         }
252         else
253         {
254                 DEBUG(5,("cmd_sam_create_dom_group: failed\n"));
255                 fprintf(out_hnd, "Create Domain Group: FAILED\n");
256         }
257 }
258
259
260 /****************************************************************************
261 experimental SAM users enum.
262 ****************************************************************************/
263 void cmd_sam_enum_users(struct client_info *info)
264 {
265         fstring srv_name;
266         fstring domain;
267         fstring sid;
268         DOM_SID sid1;
269         DOM_SID sid_1_5_20;
270         int user_idx;
271         BOOL res = True;
272         BOOL res1 = True;
273         BOOL request_user_info  = False;
274         BOOL request_group_info = False;
275         BOOL request_alias_info = False;
276         uint16 num_entries = 0;
277         uint16 unk_0 = 0x0;
278         uint16 acb_mask = 0;
279         uint16 unk_1 = 0x0;
280         uint32 admin_rid = 0x304; /* absolutely no idea. */
281         fstring tmp;
282         int i;
283
284         sid_copy(&sid1, &info->dom.level5_sid);
285         sid_to_string(sid, &sid1);
286         fstrcpy(domain, info->dom.level5_dom);
287
288         if (sid1.num_auths == 0)
289         {
290                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
291                 return;
292         }
293
294
295         fstrcpy(srv_name, "\\\\");
296         fstrcat(srv_name, info->dest_host);
297         strupper(srv_name);
298
299         for (i = 0; i < 3; i++)
300         {
301                 /* a bad way to do token parsing... */
302                 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
303                 {
304                         request_user_info  |= strequal(tmp, "-u");
305                         request_group_info |= strequal(tmp, "-g");
306                         request_alias_info |= strequal(tmp, "-a");
307                 }
308                 else
309                 {
310                         break;
311                 }
312         }
313
314 #ifdef DEBUG_TESTING
315         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
316         {
317                 num_entries = (uint16)strtol(tmp, (char**)NULL, 16);
318         }
319
320         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
321         {
322                 unk_0 = (uint16)strtol(tmp, (char**)NULL, 16);
323         }
324
325         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
326         {
327                 acb_mask = (uint16)strtol(tmp, (char**)NULL, 16);
328         }
329
330         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
331         {
332                 unk_1 = (uint16)strtol(tmp, (char**)NULL, 16);
333         }
334 #endif
335
336         string_to_sid(&sid_1_5_20, "S-1-5-32");
337
338         fprintf(out_hnd, "SAM Enumerate Users\n");
339         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
340                           info->myhostname, srv_name, domain, sid);
341
342 #ifdef DEBUG_TESTING
343         DEBUG(5,("Number of entries:%d unk_0:%04x acb_mask:%04x unk_1:%04x\n",
344                   num_entries, unk_0, acb_mask, unk_1));
345 #endif
346
347         /* open SAMR session.  negotiate credentials */
348         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
349
350         /* establish a connection. */
351         res = res ? samr_connect(smb_cli, 
352                                 srv_name, 0x00000020,
353                                 &info->dom.samr_pol_connect) : False;
354
355         /* connect to the domain */
356         res = res ? samr_open_domain(smb_cli, 
357                     &info->dom.samr_pol_connect, admin_rid, &sid1,
358                     &info->dom.samr_pol_open_domain) : False;
359
360         /* connect to the S-1-5-20 domain */
361         res1 = res ? samr_open_domain(smb_cli, 
362                     &info->dom.samr_pol_connect, admin_rid, &sid_1_5_20,
363                     &info->dom.samr_pol_open_builtindom) : False;
364
365         /* read some users */
366         res = res ? samr_enum_dom_users(smb_cli, 
367                                 &info->dom.samr_pol_open_domain,
368                     num_entries, unk_0, acb_mask, unk_1, 0xffff,
369                                 &info->dom.sam, &info->dom.num_sam_entries) : False;
370
371         if (res && info->dom.num_sam_entries == 0)
372         {
373                 fprintf(out_hnd, "No users\n");
374         }
375
376                 /* query all the users */
377         for (user_idx = 0; res && user_idx < info->dom.num_sam_entries; user_idx++)
378                 {
379                         uint32 user_rid = info->dom.sam[user_idx].user_rid;
380                         SAM_USER_INFO_21 usr;
381
382                         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
383                                           user_rid,
384                                           info->dom.sam[user_idx].acct_name);
385
386                         if (request_user_info)
387                         {
388                                 /* send user info query, level 0x15 */
389                                 if (get_samr_query_userinfo(smb_cli,
390                                                         &info->dom.samr_pol_open_domain,
391                                                         0x15, user_rid, &usr))
392                                 {
393                                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
394                                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
395                                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
396                                 }
397                         }
398
399                         if (request_group_info)
400                         {
401                                 uint32 num_groups;
402                                 DOM_GID gid[LSA_MAX_GROUPS];
403
404                                 /* send user group query */
405                                 if (get_samr_query_usergroups(smb_cli,
406                                                         &info->dom.samr_pol_open_domain,
407                                                         user_rid, &num_groups, gid))
408                                 {
409                                         display_group_rid_info(out_hnd, ACTION_HEADER   , num_groups, gid);
410                                         display_group_rid_info(out_hnd, ACTION_ENUMERATE, num_groups, gid);
411                                         display_group_rid_info(out_hnd, ACTION_FOOTER   , num_groups, gid);
412                                 }
413                         }
414
415                         if (request_alias_info)
416                         {
417                                 uint32 num_aliases;
418                                 uint32 rid[LSA_MAX_GROUPS];
419                                 DOM_SID als_sid;
420
421                                 sid_copy(&als_sid, &sid1);
422                                 sid_append_rid(&als_sid, user_rid);
423
424                                 /* send user alias query */
425                                 if (samr_query_useraliases(smb_cli,
426                                                         &info->dom.samr_pol_open_domain,
427                                                         &als_sid, &num_aliases, rid))
428                                 {
429                                 display_alias_rid_info(out_hnd, ACTION_HEADER   , &sid1, num_aliases, rid);
430                                 display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid1, num_aliases, rid);
431                                 display_alias_rid_info(out_hnd, ACTION_FOOTER   , &sid1, num_aliases, rid);
432                         }
433
434                         /* send user alias query */
435                         if (res1 && samr_query_useraliases(smb_cli,
436                                                 &info->dom.samr_pol_open_builtindom,
437                                                 &als_sid, &num_aliases, rid))
438                         {
439                                 display_alias_rid_info(out_hnd, ACTION_HEADER   , &sid_1_5_20, num_aliases, rid);
440                                 display_alias_rid_info(out_hnd, ACTION_ENUMERATE, &sid_1_5_20, num_aliases, rid);
441                                 display_alias_rid_info(out_hnd, ACTION_FOOTER   , &sid_1_5_20, num_aliases, rid);
442                         }
443                 }
444         }
445
446         res1 = res1 ? samr_close(smb_cli,
447                     &info->dom.samr_pol_open_builtindom) : False;
448
449         res = res ? samr_close(smb_cli,
450                     &info->dom.samr_pol_open_domain) : False;
451
452         res = res ? samr_close(smb_cli,
453                     &info->dom.samr_pol_connect) : False;
454
455         /* close the session */
456         cli_nt_session_close(smb_cli);
457
458         if (info->dom.sam != NULL)
459         {
460                 free(info->dom.sam);
461         }
462
463         if (res)
464         {
465                 DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
466         }
467         else
468         {
469                 DEBUG(5,("cmd_sam_enum_users: failed\n"));
470         }
471 }
472
473
474 /****************************************************************************
475 experimental SAM user query.
476 ****************************************************************************/
477 void cmd_sam_query_user(struct client_info *info)
478 {
479         fstring srv_name;
480         fstring domain;
481         fstring sid;
482         DOM_SID sid1;
483         int user_idx = 0;  /* FIXME maybe ... */
484         BOOL res = True;
485         uint32 admin_rid = 0x304; /* absolutely no idea. */
486         fstring rid_str ;
487         fstring info_str;
488         uint32 user_rid = 0;
489         uint32 info_level = 0x15;
490
491         SAM_USER_INFO_21 usr;
492
493         sid_to_string(sid, &info->dom.level5_sid);
494         fstrcpy(domain, info->dom.level5_dom);
495
496         if (strlen(sid) == 0)
497         {
498                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
499                 return;
500         }
501
502         string_to_sid(&sid1, sid);
503
504         fstrcpy(srv_name, "\\\\");
505         fstrcat(srv_name, info->dest_host);
506         strupper(srv_name);
507
508         if (next_token(NULL, rid_str , NULL, sizeof(rid_str )) &&
509             next_token(NULL, info_str, NULL, sizeof(info_str)))
510         {
511                 user_rid   = (uint32)strtol(rid_str , (char**)NULL, 16);
512                 info_level = (uint32)strtol(info_str, (char**)NULL, 10);
513         }
514
515         fprintf(out_hnd, "SAM Query User: rid %x info level %d\n",
516                           user_rid, info_level);
517         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
518                           info->myhostname, srv_name, domain, sid);
519
520         /* open SAMR session.  negotiate credentials */
521         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
522
523         /* establish a connection. */
524         res = res ? samr_connect(smb_cli,
525                                 srv_name, 0x00000020,
526                                 &info->dom.samr_pol_connect) : False;
527
528         /* connect to the domain */
529         res = res ? samr_open_domain(smb_cli,
530                     &info->dom.samr_pol_connect, admin_rid, &sid1,
531                     &info->dom.samr_pol_open_domain) : False;
532
533         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
534                           user_rid,
535                           info->dom.sam[user_idx].acct_name);
536
537         /* send user info query, level */
538         if (get_samr_query_userinfo(smb_cli,
539                                         &info->dom.samr_pol_open_domain,
540                                         info_level, user_rid, &usr))
541         {
542                 if (info_level == 0x15)
543                 {
544                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
545                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
546                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
547                 }
548         }
549
550         res = res ? samr_close(smb_cli,
551                     &info->dom.samr_pol_connect) : False;
552
553         res = res ? samr_close(smb_cli,
554                     &info->dom.samr_pol_open_domain) : False;
555
556         /* close the session */
557         cli_nt_session_close(smb_cli);
558
559         if (res)
560         {
561                 DEBUG(5,("cmd_sam_query_user: succeeded\n"));
562         }
563         else
564         {
565                 DEBUG(5,("cmd_sam_query_user: failed\n"));
566         }
567 }
568
569
570 /****************************************************************************
571 experimental SAM groups query.
572 ****************************************************************************/
573 void cmd_sam_query_groups(struct client_info *info)
574 {
575         fstring srv_name;
576         fstring domain;
577         fstring sid;
578         DOM_SID sid1;
579         BOOL res = True;
580         fstring info_str;
581         uint32 switch_value = 2;
582         uint32 admin_rid = 0x304; /* absolutely no idea. */
583
584         sid_to_string(sid, &info->dom.level5_sid);
585         fstrcpy(domain, info->dom.level5_dom);
586
587         if (strlen(sid) == 0)
588         {
589                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
590                 return;
591         }
592
593         string_to_sid(&sid1, sid);
594
595         fstrcpy(srv_name, "\\\\");
596         fstrcat(srv_name, info->dest_host);
597         strupper(srv_name);
598
599         if (next_token(NULL, info_str, NULL, sizeof(info_str)))
600         {
601                 switch_value = (uint32)strtol(info_str, (char**)NULL, 10);
602         }
603
604         fprintf(out_hnd, "SAM Query Groups: info level %d\n", switch_value);
605         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
606                           info->myhostname, srv_name, domain, sid);
607
608         /* open SAMR session.  negotiate credentials */
609         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
610
611         /* establish a connection. */
612         res = res ? samr_connect(smb_cli, 
613                                 srv_name, 0x00000020,
614                                 &info->dom.samr_pol_connect) : False;
615
616         /* connect to the domain */
617         res = res ? samr_open_domain(smb_cli, 
618                     &info->dom.samr_pol_connect, admin_rid, &sid1,
619                     &info->dom.samr_pol_open_domain) : False;
620
621         /* send a samr 0x8 command */
622         res = res ? samr_query_dom_info(smb_cli,
623                     &info->dom.samr_pol_open_domain, switch_value) : False;
624
625         res = res ? samr_close(smb_cli,
626                     &info->dom.samr_pol_connect) : False;
627
628         res = res ? samr_close(smb_cli, 
629                     &info->dom.samr_pol_open_domain) : False;
630
631         /* close the session */
632         cli_nt_session_close(smb_cli);
633
634         if (res)
635         {
636                 DEBUG(5,("cmd_sam_query_groups: succeeded\n"));
637         }
638         else
639         {
640                 DEBUG(5,("cmd_sam_query_groups: failed\n"));
641         }
642 }
643
644
645 /****************************************************************************
646 experimental SAM aliases query.
647 ****************************************************************************/
648 void cmd_sam_enum_aliases(struct client_info *info)
649 {
650         fstring srv_name;
651         fstring domain;
652         fstring sid;
653         DOM_SID sid1;
654         BOOL res = True;
655         BOOL request_user_info  = False;
656         BOOL request_alias_info = False;
657         uint32 admin_rid = 0x304; /* absolutely no idea. */
658         fstring tmp;
659
660         uint32 num_aliases = 3;
661         uint32 alias_rid[3] = { DOMAIN_GROUP_RID_ADMINS, DOMAIN_GROUP_RID_USERS, DOMAIN_GROUP_RID_GUESTS };
662         fstring alias_names [3];
663         uint32  num_als_usrs[3];
664
665         sid_to_string(sid, &info->dom.level3_sid);
666         fstrcpy(domain, info->dom.level3_dom);
667 #if 0
668         fstrcpy(sid   , "S-1-5-20");
669 #endif
670         if (strlen(sid) == 0)
671         {
672                 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
673                 return;
674         }
675
676         string_to_sid(&sid1, sid);
677
678         fstrcpy(srv_name, "\\\\");
679         fstrcat(srv_name, info->dest_host);
680         strupper(srv_name);
681
682         /* a bad way to do token parsing... */
683         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
684         {
685                 request_user_info  |= strequal(tmp, "-u");
686                 request_alias_info |= strequal(tmp, "-g");
687         }
688
689         if (next_token(NULL, tmp, NULL, sizeof(tmp)))
690         {
691                 request_user_info  |= strequal(tmp, "-u");
692                 request_alias_info |= strequal(tmp, "-g");
693         }
694
695         fprintf(out_hnd, "SAM Enumerate Aliases\n");
696         fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
697                           info->myhostname, srv_name, domain, sid);
698
699         /* open SAMR session.  negotiate credentials */
700         res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR) : False;
701
702         /* establish a connection. */
703         res = res ? samr_connect(smb_cli,
704                                 srv_name, 0x00000020,
705                                 &info->dom.samr_pol_connect) : False;
706
707         /* connect to the domain */
708         res = res ? samr_open_domain(smb_cli,
709                     &info->dom.samr_pol_connect, admin_rid, &sid1,
710                     &info->dom.samr_pol_open_domain) : False;
711
712         /* send a query on the aliases */
713         res = res ? samr_query_unknown_12(smb_cli,
714                     &info->dom.samr_pol_open_domain, admin_rid, num_aliases, alias_rid,
715                     &num_aliases, alias_names, num_als_usrs) : False;
716
717         if (res)
718         {
719                 display_alias_name_info(out_hnd, ACTION_HEADER   , num_aliases, alias_names, num_als_usrs);
720                 display_alias_name_info(out_hnd, ACTION_ENUMERATE, num_aliases, alias_names, num_als_usrs);
721                 display_alias_name_info(out_hnd, ACTION_FOOTER   , num_aliases, alias_names, num_als_usrs);
722         }
723
724 #if 0
725
726         /* read some users */
727         res = res ? samr_enum_dom_users(smb_cli,
728                                 &info->dom.samr_pol_open_domain,
729                     num_entries, unk_0, acb_mask, unk_1, 0xffff,
730                                 info->dom.sam, &info->dom.num_sam_entries) : False;
731
732         if (res && info->dom.num_sam_entries == 0)
733         {
734                 fprintf(out_hnd, "No users\n");
735         }
736
737         if (request_user_info || request_alias_info)
738         {
739                 /* query all the users */
740                 user_idx = 0;
741
742                 while (res && user_idx < info->dom.num_sam_entries)
743                 {
744                         uint32 user_rid = info->dom.sam[user_idx].user_rid;
745                         SAM_USER_INFO_21 usr;
746
747                         fprintf(out_hnd, "User RID: %8x  User Name: %s\n",
748                                           user_rid,
749                                           info->dom.sam[user_idx].acct_name);
750
751                         if (request_user_info)
752                         {
753                                 /* send user info query, level 0x15 */
754                                 if (get_samr_query_userinfo(smb_cli,
755                                                         &info->dom.samr_pol_open_domain,
756                                                         0x15, user_rid, &usr))
757                                 {
758                                         display_sam_user_info_21(out_hnd, ACTION_HEADER   , &usr);
759                                         display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
760                                         display_sam_user_info_21(out_hnd, ACTION_FOOTER   , &usr);
761                                 }
762                         }
763
764                         if (request_alias_info)
765                         {
766                                 uint32 num_aliases;
767                                 DOM_GID gid[LSA_MAX_GROUPS];
768
769                                 /* send user aliase query */
770                                 if (get_samr_query_useraliases(smb_cli, 
771                                                         &info->dom.samr_pol_open_domain,
772                                                         user_rid, &num_aliases, gid))
773                                 {
774                                         display_alias_info(out_hnd, ACTION_HEADER   , num_aliases, gid);
775                                         display_alias_info(out_hnd, ACTION_ENUMERATE, num_aliases, gid);
776                                         display_alias_info(out_hnd, ACTION_FOOTER   , num_aliases, gid);
777                                 }
778                         }
779
780                         user_idx++;
781                 }
782         }
783 #endif
784
785         res = res ? samr_close(smb_cli, 
786                     &info->dom.samr_pol_connect) : False;
787
788         res = res ? samr_close(smb_cli,
789                     &info->dom.samr_pol_open_domain) : False;
790
791         /* close the session */
792         cli_nt_session_close(smb_cli);
793
794         if (res)
795         {
796                 DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
797         }
798         else
799         {
800                 DEBUG(5,("cmd_sam_enum_users: failed\n"));
801         }
802 }
803
804