2 Unix SMB/Netbios implementation.
4 NT Domain Authentication SMB / MSRPC client
5 Copyright (C) Andrew Tridgell 1994-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32 extern int DEBUGLEVEL;
36 extern struct cli_state *smb_cli;
41 /****************************************************************************
43 ****************************************************************************/
44 void cmd_sam_ntchange_pwd(struct client_info *info)
61 sid_to_string(sid, &info->dom.level5_sid);
62 fstrcpy(domain, info->dom.level5_dom);
64 fstrcpy(srv_name, "\\\\");
65 fstrcat(srv_name, info->dest_host);
68 fprintf(out_hnd, "SAM NT Password Change\n");
71 struct pwd_info new_pwd;
72 pwd_read(&new_pwd, "New Password (ONCE: this is test code!):", True);
74 new_passwd = (char*)getpass("New Password (ONCE ONLY - get it right :-)");
76 nt_lm_owf_gen(new_passwd, lm_newhash, nt_newhash);
77 pwd_get_lm_nt_16(&(smb_cli->pwd), lm_oldhash, nt_oldhash );
78 make_oem_passwd_hash(nt_newpass, new_passwd, nt_oldhash, True);
79 make_oem_passwd_hash(lm_newpass, new_passwd, lm_oldhash, True);
80 E_old_pw_hash(lm_newhash, lm_oldhash, lm_hshhash);
81 E_old_pw_hash(lm_newhash, nt_oldhash, nt_hshhash);
83 cli_nt_set_ntlmssp_flgs(smb_cli,
84 NTLMSSP_NEGOTIATE_UNICODE |
85 NTLMSSP_NEGOTIATE_OEM |
86 NTLMSSP_NEGOTIATE_SIGN |
87 NTLMSSP_NEGOTIATE_SEAL |
88 NTLMSSP_NEGOTIATE_LM_KEY |
89 NTLMSSP_NEGOTIATE_NTLM |
90 NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
91 NTLMSSP_NEGOTIATE_00001000 |
92 NTLMSSP_NEGOTIATE_00002000);
94 /* open SAMR session. */
95 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
97 /* establish a connection. */
98 res = res ? samr_unknown_38(smb_cli, fnum, srv_name) : False;
100 /* establish a connection. */
101 res = res ? samr_chgpasswd_user(smb_cli, fnum,
102 srv_name, smb_cli->user_name,
103 nt_newpass, nt_hshhash,
104 lm_newpass, lm_hshhash) : False;
105 /* close the session */
106 cli_nt_session_close(smb_cli, fnum);
110 fprintf(out_hnd, "NT Password changed OK\n");
114 fprintf(out_hnd, "NT Password change FAILED\n");
119 /****************************************************************************
120 experimental SAM encryted rpc test connection
121 ****************************************************************************/
122 void cmd_sam_test(struct client_info *info)
130 sid_to_string(sid, &info->dom.level5_sid);
131 fstrcpy(domain, info->dom.level5_dom);
134 if (strlen(sid) == 0)
136 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
140 fstrcpy(srv_name, "\\\\");
141 fstrcat(srv_name, info->dest_host);
144 fprintf(out_hnd, "SAM Encryption Test\n");
146 cli_nt_set_ntlmssp_flgs(smb_cli,
147 NTLMSSP_NEGOTIATE_UNICODE |
148 NTLMSSP_NEGOTIATE_OEM |
149 NTLMSSP_NEGOTIATE_SIGN |
150 NTLMSSP_NEGOTIATE_SEAL |
151 NTLMSSP_NEGOTIATE_LM_KEY |
152 NTLMSSP_NEGOTIATE_NTLM |
153 NTLMSSP_NEGOTIATE_ALWAYS_SIGN |
154 NTLMSSP_NEGOTIATE_00001000 |
155 NTLMSSP_NEGOTIATE_00002000);
157 /* open SAMR session. */
158 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
160 /* establish a connection. */
161 res = res ? samr_unknown_38(smb_cli, fnum, srv_name) : False;
163 /* close the session */
164 cli_nt_session_close(smb_cli, fnum);
168 DEBUG(5,("cmd_sam_test: succeeded\n"));
172 DEBUG(5,("cmd_sam_test: failed\n"));
176 /****************************************************************************
177 SAM delete alias member.
178 ****************************************************************************/
179 void cmd_sam_del_aliasmem(struct client_info *info)
187 POLICY_HND alias_pol;
191 uint32 flags = 0x200003f3; /* absolutely no idea. */
195 sid_copy(&sid1, &info->dom.level5_sid);
196 sid_to_string(sid, &sid1);
197 fstrcpy(domain, info->dom.level5_dom);
199 if (sid1.num_auths == 0)
201 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
205 fstrcpy(srv_name, "\\\\");
206 fstrcat(srv_name, info->dest_host);
209 if (!next_token(NULL, tmp, NULL, sizeof(tmp)))
211 fprintf(out_hnd, "delaliasmem: <alias rid> [member sid1] [member sid2] ...\n");
214 alias_rid = get_number(tmp);
216 fprintf(out_hnd, "SAM Domain Alias Member\n");
218 /* open SAMR session. negotiate credentials */
219 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
221 /* establish a connection. */
222 res = res ? samr_connect(smb_cli, fnum,
223 srv_name, 0x00000020,
224 &info->dom.samr_pol_connect) : False;
226 /* connect to the domain */
227 res = res ? samr_open_domain(smb_cli, fnum,
228 &info->dom.samr_pol_connect, flags, &sid1,
229 &info->dom.samr_pol_open_domain) : False;
231 /* connect to the domain */
232 res1 = res ? samr_open_alias(smb_cli, fnum,
233 &info->dom.samr_pol_open_domain,
234 0x000f001f, alias_rid, &alias_pol) : False;
236 while (next_token(NULL, tmp, NULL, sizeof(tmp)) && res2 && res1)
238 /* get a sid, delete a member from the alias */
239 res2 = res2 ? string_to_sid(&member_sid, tmp) : False;
240 res2 = res2 ? samr_del_aliasmem(smb_cli, fnum, &alias_pol, &member_sid) : False;
244 fprintf(out_hnd, "SID deleted from Alias 0x%x: %s\n", alias_rid, tmp);
248 res1 = res1 ? samr_close(smb_cli, fnum, &alias_pol) : False;
249 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
250 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
252 /* close the session */
253 cli_nt_session_close(smb_cli, fnum);
255 if (res && res1 && res2)
257 DEBUG(5,("cmd_sam_del_aliasmem: succeeded\n"));
258 fprintf(out_hnd, "Delete Domain Alias Member: OK\n");
262 DEBUG(5,("cmd_sam_del_aliasmem: failed\n"));
263 fprintf(out_hnd, "Delete Domain Alias Member: FAILED\n");
267 /****************************************************************************
269 ****************************************************************************/
270 void cmd_sam_delete_dom_alias(struct client_info *info)
278 POLICY_HND alias_pol;
282 uint32 flags = 0x200003f3; /* absolutely no idea. */
283 uint32 alias_rid = 0;
284 const char *names[1];
285 uint32 rid [MAX_LOOKUP_SIDS];
286 uint32 type[MAX_LOOKUP_SIDS];
289 sid_copy(&sid1, &info->dom.level5_sid);
290 sid_to_string(sid, &sid1);
291 fstrcpy(domain, info->dom.level5_dom);
293 if (sid1.num_auths == 0)
295 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
299 fstrcpy(srv_name, "\\\\");
300 fstrcat(srv_name, info->dest_host);
303 if (!next_token(NULL, name, NULL, sizeof(name)))
305 fprintf(out_hnd, "delalias <alias name>\n");
309 fprintf(out_hnd, "SAM Delete Domain Alias\n");
311 /* open SAMR session. negotiate credentials */
312 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
314 /* establish a connection. */
315 res = res ? samr_connect(smb_cli, fnum,
316 srv_name, 0x00000020,
317 &info->dom.samr_pol_connect) : False;
319 /* connect to the domain */
320 res = res ? samr_open_domain(smb_cli, fnum,
321 &info->dom.samr_pol_connect, flags, &sid1,
322 &info->dom.samr_pol_open_domain) : False;
326 res1 = res ? samr_query_lookup_names(smb_cli, fnum,
327 &info->dom.samr_pol_open_domain, 0x000003e8,
329 &num_rids, rid, type) : False;
331 if (res1 && num_rids == 1)
336 /* connect to the domain */
337 res1 = res1 ? samr_open_alias(smb_cli, fnum,
338 &info->dom.samr_pol_open_domain,
339 0x000f001f, alias_rid, &alias_pol) : False;
341 res2 = res1 ? samr_delete_dom_alias(smb_cli, fnum, &alias_pol) : False;
343 res1 = res1 ? samr_close(smb_cli, fnum, &alias_pol) : False;
344 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
345 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
347 /* close the session */
348 cli_nt_session_close(smb_cli, fnum);
350 if (res && res1 && res2)
352 DEBUG(5,("cmd_sam_delete_dom_alias: succeeded\n"));
353 fprintf(out_hnd, "Delete Domain Alias: OK\n");
357 DEBUG(5,("cmd_sam_delete_dom_alias: failed\n"));
358 fprintf(out_hnd, "Delete Domain Alias: FAILED\n");
363 /****************************************************************************
364 SAM add alias member.
365 ****************************************************************************/
366 void cmd_sam_add_aliasmem(struct client_info *info)
375 POLICY_HND alias_pol;
381 uint32 flags = 0x200003f3; /* absolutely no idea. */
383 const char **names = NULL;
384 uint32 num_names = 0;
385 DOM_SID *sids = NULL;
389 sid_copy(&sid1, &info->dom.level5_sid);
390 sid_to_string(sid, &sid1);
391 fstrcpy(domain, info->dom.level5_dom);
393 if (sid1.num_auths == 0)
395 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
399 fstrcpy(srv_name, "\\\\");
400 fstrcat(srv_name, info->dest_host);
403 while (next_token(NULL, tmp, NULL, sizeof(tmp)))
406 names = Realloc(names, num_names * sizeof(char*));
409 DEBUG(0,("Realloc returned NULL\n"));
412 names[num_names-1] = strdup(tmp);
417 fprintf(out_hnd, "addaliasmem <group name> [member name1] [member name2] ...\n");
421 fprintf(out_hnd, "SAM Domain Alias Member\n");
423 /* open LSARPC session. */
424 res3 = res3 ? cli_nt_session_open(smb_cli, PIPE_LSARPC, &fnum_lsa) : False;
426 /* lookup domain controller; receive a policy handle */
427 res3 = res3 ? lsa_open_policy(smb_cli, fnum_lsa,
429 &info->dom.lsa_info_pol, True) : False;
431 /* send lsa lookup sids call */
432 res4 = res3 ? lsa_lookup_names(smb_cli, fnum_lsa,
433 &info->dom.lsa_info_pol,
435 &sids, &num_sids) : False;
437 res3 = res3 ? lsa_close(smb_cli, fnum_lsa, &info->dom.lsa_info_pol) : False;
439 cli_nt_session_close(smb_cli, fnum_lsa);
441 res4 = num_sids < 2 ? False : res4;
446 * accept domain sid or builtin sid
450 string_to_sid(&sid_1_5_20, "S-1-5-32");
451 sid_split_rid(&sids[0], &alias_rid);
453 if (sid_equal(&sids[0], &sid_1_5_20))
455 sid_copy(&sid1, &sid_1_5_20);
457 else if (!sid_equal(&sids[0], &sid1))
463 /* open SAMR session. negotiate credentials */
464 res = res4 ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
466 /* establish a connection. */
467 res = res ? samr_connect(smb_cli, fnum,
468 srv_name, 0x00000020,
469 &info->dom.samr_pol_connect) : False;
471 /* connect to the domain */
472 res = res ? samr_open_domain(smb_cli, fnum,
473 &info->dom.samr_pol_connect, flags, &sid1,
474 &info->dom.samr_pol_open_domain) : False;
476 /* connect to the domain */
477 res1 = res ? samr_open_alias(smb_cli, fnum,
478 &info->dom.samr_pol_open_domain,
479 0x000f001f, alias_rid, &alias_pol) : False;
481 for (i = 1; i < num_sids && res2 && res1; i++)
483 /* add a member to the alias */
484 res2 = res2 ? samr_add_aliasmem(smb_cli, fnum, &alias_pol, &sids[i]) : False;
488 sid_to_string(tmp, &sids[i]);
489 fprintf(out_hnd, "SID added to Alias 0x%x: %s\n", alias_rid, tmp);
493 res1 = res1 ? samr_close(smb_cli, fnum, &alias_pol) : False;
494 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
495 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
497 /* close the session */
498 cli_nt_session_close(smb_cli, fnum);
507 for (i = 0; i < num_names; i++)
509 if (names[i] != NULL)
511 free(((char**)(names))[i]);
517 if (res && res1 && res2)
519 DEBUG(5,("cmd_sam_add_aliasmem: succeeded\n"));
520 fprintf(out_hnd, "Add Domain Alias Member: OK\n");
524 DEBUG(5,("cmd_sam_add_aliasmem: failed\n"));
525 fprintf(out_hnd, "Add Domain Alias Member: FAILED\n");
530 /****************************************************************************
531 SAM create domain alias.
532 ****************************************************************************/
533 void cmd_sam_create_dom_alias(struct client_info *info)
544 uint32 flags = 0x200003f3; /* absolutely no idea. */
547 sid_copy(&sid1, &info->dom.level5_sid);
548 sid_to_string(sid, &sid1);
549 fstrcpy(domain, info->dom.level5_dom);
551 if (sid1.num_auths == 0)
553 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
558 fstrcpy(srv_name, "\\\\");
559 fstrcat(srv_name, info->dest_host);
562 if (!next_token(NULL, acct_name, NULL, sizeof(acct_name)))
564 fprintf(out_hnd, "createalias: <acct name> [acct description]\n");
567 if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc)))
573 fprintf(out_hnd, "SAM Create Domain Alias\n");
574 fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n",
575 domain, acct_name, acct_desc);
577 /* open SAMR session. negotiate credentials */
578 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
580 /* establish a connection. */
581 res = res ? samr_connect(smb_cli, fnum,
582 srv_name, 0x00000020,
583 &info->dom.samr_pol_connect) : False;
585 /* connect to the domain */
586 res = res ? samr_open_domain(smb_cli, fnum,
587 &info->dom.samr_pol_connect, flags, &sid1,
588 &info->dom.samr_pol_open_domain) : False;
590 /* create a domain alias */
591 res1 = res ? create_samr_domain_alias(smb_cli, fnum,
592 &info->dom.samr_pol_open_domain,
593 acct_name, acct_desc, &alias_rid) : False;
595 res = res ? samr_close(smb_cli, fnum,
596 &info->dom.samr_pol_open_domain) : False;
598 res = res ? samr_close(smb_cli, fnum,
599 &info->dom.samr_pol_connect) : False;
601 /* close the session */
602 cli_nt_session_close(smb_cli, fnum);
606 DEBUG(5,("cmd_sam_create_dom_alias: succeeded\n"));
607 fprintf(out_hnd, "Create Domain Alias: OK\n");
611 DEBUG(5,("cmd_sam_create_dom_alias: failed\n"));
612 fprintf(out_hnd, "Create Domain Alias: FAILED\n");
617 /****************************************************************************
618 SAM delete group member.
619 ****************************************************************************/
620 void cmd_sam_del_groupmem(struct client_info *info)
628 POLICY_HND group_pol;
632 uint32 flags = 0x200003f3; /* absolutely no idea. */
636 sid_copy(&sid1, &info->dom.level5_sid);
637 sid_to_string(sid, &sid1);
638 fstrcpy(domain, info->dom.level5_dom);
640 if (sid1.num_auths == 0)
642 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
646 fstrcpy(srv_name, "\\\\");
647 fstrcat(srv_name, info->dest_host);
650 if (!next_token(NULL, tmp, NULL, sizeof(tmp)))
652 fprintf(out_hnd, "delgroupmem: <group rid> [member rid1] [member rid2] ...\n");
655 group_rid = get_number(tmp);
657 fprintf(out_hnd, "SAM Add Domain Group member\n");
659 /* open SAMR session. negotiate credentials */
660 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
662 /* establish a connection. */
663 res = res ? samr_connect(smb_cli, fnum,
664 srv_name, 0x00000020,
665 &info->dom.samr_pol_connect) : False;
667 /* connect to the domain */
668 res = res ? samr_open_domain(smb_cli, fnum,
669 &info->dom.samr_pol_connect, flags, &sid1,
670 &info->dom.samr_pol_open_domain) : False;
672 /* connect to the domain */
673 res1 = res ? samr_open_group(smb_cli, fnum,
674 &info->dom.samr_pol_open_domain,
675 0x0000001f, group_rid, &group_pol) : False;
677 while (next_token(NULL, tmp, NULL, sizeof(tmp)) && res2 && res1)
679 /* get a rid, delete a member from the group */
680 member_rid = get_number(tmp);
681 res2 = res2 ? samr_del_groupmem(smb_cli, fnum, &group_pol, member_rid) : False;
685 fprintf(out_hnd, "RID deleted from Group 0x%x: 0x%x\n", group_rid, member_rid);
689 res1 = res1 ? samr_close(smb_cli, fnum, &group_pol) : False;
690 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
691 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
693 /* close the session */
694 cli_nt_session_close(smb_cli, fnum);
696 if (res && res1 && res2)
698 DEBUG(5,("cmd_sam_del_groupmem: succeeded\n"));
699 fprintf(out_hnd, "Add Domain Group Member: OK\n");
703 DEBUG(5,("cmd_sam_del_groupmem: failed\n"));
704 fprintf(out_hnd, "Add Domain Group Member: FAILED\n");
709 /****************************************************************************
711 ****************************************************************************/
712 void cmd_sam_delete_dom_group(struct client_info *info)
720 POLICY_HND group_pol;
724 uint32 flags = 0x200003f3; /* absolutely no idea. */
725 uint32 group_rid = 0;
726 const char *names[1];
727 uint32 rid [MAX_LOOKUP_SIDS];
728 uint32 type[MAX_LOOKUP_SIDS];
731 sid_copy(&sid1, &info->dom.level5_sid);
732 sid_to_string(sid, &sid1);
733 fstrcpy(domain, info->dom.level5_dom);
735 if (sid1.num_auths == 0)
737 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
741 fstrcpy(srv_name, "\\\\");
742 fstrcat(srv_name, info->dest_host);
745 if (!next_token(NULL, name, NULL, sizeof(name)))
747 fprintf(out_hnd, "delgroup <group name>\n");
751 fprintf(out_hnd, "SAM Delete Domain Group\n");
753 /* open SAMR session. negotiate credentials */
754 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
756 /* establish a connection. */
757 res = res ? samr_connect(smb_cli, fnum,
758 srv_name, 0x00000020,
759 &info->dom.samr_pol_connect) : False;
761 /* connect to the domain */
762 res = res ? samr_open_domain(smb_cli, fnum,
763 &info->dom.samr_pol_connect, flags, &sid1,
764 &info->dom.samr_pol_open_domain) : False;
768 res1 = res ? samr_query_lookup_names(smb_cli, fnum,
769 &info->dom.samr_pol_open_domain, 0x000003e8,
771 &num_rids, rid, type) : False;
773 if (res1 && num_rids == 1)
778 /* connect to the domain */
779 res1 = res1 ? samr_open_group(smb_cli, fnum,
780 &info->dom.samr_pol_open_domain,
781 0x0000001f, group_rid, &group_pol) : False;
783 res2 = res1 ? samr_delete_dom_group(smb_cli, fnum, &group_pol) : False;
785 res1 = res1 ? samr_close(smb_cli, fnum, &group_pol) : False;
786 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
787 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
789 /* close the session */
790 cli_nt_session_close(smb_cli, fnum);
792 if (res && res1 && res2)
794 DEBUG(5,("cmd_sam_delete_dom_group: succeeded\n"));
795 fprintf(out_hnd, "Delete Domain Group: OK\n");
799 DEBUG(5,("cmd_sam_delete_dom_group: failed\n"));
800 fprintf(out_hnd, "Delete Domain Group: FAILED\n");
805 /****************************************************************************
806 SAM add group member.
807 ****************************************************************************/
808 void cmd_sam_add_groupmem(struct client_info *info)
816 POLICY_HND group_pol;
820 uint32 flags = 0x200003f3; /* absolutely no idea. */
821 uint32 group_rid = 0;
822 const char **names = NULL;
823 uint32 num_names = 0;
824 uint32 rid [MAX_LOOKUP_SIDS];
825 uint32 type[MAX_LOOKUP_SIDS];
829 sid_copy(&sid1, &info->dom.level5_sid);
830 sid_to_string(sid, &sid1);
831 fstrcpy(domain, info->dom.level5_dom);
833 if (sid1.num_auths == 0)
835 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
839 fstrcpy(srv_name, "\\\\");
840 fstrcat(srv_name, info->dest_host);
843 while (next_token(NULL, tmp, NULL, sizeof(tmp)))
846 names = Realloc(names, num_names * sizeof(char*));
849 DEBUG(0,("Realloc returned NULL\n"));
852 names[num_names-1] = strdup(tmp);
857 fprintf(out_hnd, "addgroupmem <group name> [member name1] [member name2] ...\n");
861 fprintf(out_hnd, "SAM Add Domain Group member\n");
863 /* open SAMR session. negotiate credentials */
864 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
866 /* establish a connection. */
867 res = res ? samr_connect(smb_cli, fnum,
868 srv_name, 0x00000020,
869 &info->dom.samr_pol_connect) : False;
871 /* connect to the domain */
872 res = res ? samr_open_domain(smb_cli, fnum,
873 &info->dom.samr_pol_connect, flags, &sid1,
874 &info->dom.samr_pol_open_domain) : False;
876 res1 = res ? samr_query_lookup_names(smb_cli, fnum,
877 &info->dom.samr_pol_open_domain, 0x000003e8,
879 &num_rids, rid, type) : False;
881 if (res1 && num_rids != 0)
886 /* connect to the domain */
887 res1 = res1 ? samr_open_group(smb_cli, fnum,
888 &info->dom.samr_pol_open_domain,
889 0x0000001f, group_rid, &group_pol) : False;
891 for (i = 1; i < num_rids && res2 && res1; i++)
893 res2 = res2 ? samr_add_groupmem(smb_cli, fnum, &group_pol, rid[i]) : False;
897 fprintf(out_hnd, "RID added to Group 0x%x: 0x%x\n", group_rid, rid[i]);
901 res1 = res1 ? samr_close(smb_cli, fnum, &group_pol) : False;
902 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
903 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
905 /* close the session */
906 cli_nt_session_close(smb_cli, fnum);
910 for (i = 0; i < num_names; i++)
912 if (names[i] != NULL)
914 free(((char**)(names))[i]);
920 if (res && res1 && res2)
922 DEBUG(5,("cmd_sam_add_groupmem: succeeded\n"));
923 fprintf(out_hnd, "Add Domain Group Member: OK\n");
927 DEBUG(5,("cmd_sam_add_groupmem: failed\n"));
928 fprintf(out_hnd, "Add Domain Group Member: FAILED\n");
933 /****************************************************************************
934 SAM create domain group.
935 ****************************************************************************/
936 void cmd_sam_create_dom_group(struct client_info *info)
947 uint32 flags = 0x220; /* absolutely no idea. */
950 sid_copy(&sid1, &info->dom.level5_sid);
951 sid_to_string(sid, &sid1);
952 fstrcpy(domain, info->dom.level5_dom);
954 if (sid1.num_auths == 0)
956 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
961 fstrcpy(srv_name, "\\\\");
962 fstrcat(srv_name, info->dest_host);
965 if (!next_token(NULL, acct_name, NULL, sizeof(acct_name)))
967 fprintf(out_hnd, "creategroup: <acct name> [acct description]\n");
970 if (!next_token(NULL, acct_desc, NULL, sizeof(acct_desc)))
976 fprintf(out_hnd, "SAM Create Domain Group\n");
977 fprintf(out_hnd, "Domain: %s Name: %s Description: %s\n",
978 domain, acct_name, acct_desc);
980 /* open SAMR session. negotiate credentials */
981 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
983 /* establish a connection. */
984 res = res ? samr_connect(smb_cli, fnum,
985 srv_name, 0x00000020,
986 &info->dom.samr_pol_connect) : False;
988 /* connect to the domain */
989 res = res ? samr_open_domain(smb_cli, fnum,
990 &info->dom.samr_pol_connect, flags, &sid1,
991 &info->dom.samr_pol_open_domain) : False;
993 /* read some users */
994 res1 = res ? create_samr_domain_group(smb_cli, fnum,
995 &info->dom.samr_pol_open_domain,
996 acct_name, acct_desc, &group_rid) : False;
998 res = res ? samr_close(smb_cli, fnum,
999 &info->dom.samr_pol_open_domain) : False;
1001 res = res ? samr_close(smb_cli, fnum,
1002 &info->dom.samr_pol_connect) : False;
1004 /* close the session */
1005 cli_nt_session_close(smb_cli, fnum);
1009 DEBUG(5,("cmd_sam_create_dom_group: succeeded\n"));
1010 fprintf(out_hnd, "Create Domain Group: OK\n");
1014 DEBUG(5,("cmd_sam_create_dom_group: failed\n"));
1015 fprintf(out_hnd, "Create Domain Group: FAILED\n");
1020 /****************************************************************************
1021 experimental SAM users enum.
1022 ****************************************************************************/
1023 void cmd_sam_enum_users(struct client_info *info)
1034 BOOL request_user_info = False;
1035 BOOL request_group_info = False;
1036 BOOL request_alias_info = False;
1037 uint16 num_entries = 0;
1039 uint16 acb_mask = 0;
1041 uint32 flags = 0x304; /* absolutely no idea. */
1045 sid_copy(&sid1, &info->dom.level5_sid);
1046 sid_to_string(sid, &sid1);
1047 fstrcpy(domain, info->dom.level5_dom);
1049 if (sid1.num_auths == 0)
1051 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
1056 fstrcpy(srv_name, "\\\\");
1057 fstrcat(srv_name, info->dest_host);
1060 for (i = 0; i < 3; i++)
1062 /* a bad way to do token parsing... */
1063 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1065 request_user_info |= strequal(tmp, "-u");
1066 request_group_info |= strequal(tmp, "-g");
1067 request_alias_info |= strequal(tmp, "-a");
1075 #ifdef DEBUG_TESTING
1076 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1078 num_entries = (uint16)strtol(tmp, (char**)NULL, 16);
1081 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1083 unk_0 = (uint16)strtol(tmp, (char**)NULL, 16);
1086 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1088 acb_mask = (uint16)strtol(tmp, (char**)NULL, 16);
1091 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1093 unk_1 = (uint16)strtol(tmp, (char**)NULL, 16);
1097 string_to_sid(&sid_1_5_20, "S-1-5-32");
1099 fprintf(out_hnd, "SAM Enumerate Users\n");
1100 fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
1101 info->myhostname, srv_name, domain, sid);
1103 #ifdef DEBUG_TESTING
1104 DEBUG(5,("Number of entries:%d unk_0:%04x acb_mask:%04x unk_1:%04x\n",
1105 num_entries, unk_0, acb_mask, unk_1));
1108 /* open SAMR session. negotiate credentials */
1109 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
1111 /* establish a connection. */
1112 res = res ? samr_connect(smb_cli, fnum,
1113 srv_name, 0x00000020,
1114 &info->dom.samr_pol_connect) : False;
1116 /* connect to the domain */
1117 res = res ? samr_open_domain(smb_cli, fnum,
1118 &info->dom.samr_pol_connect, flags, &sid1,
1119 &info->dom.samr_pol_open_domain) : False;
1121 /* connect to the S-1-5-20 domain */
1122 res1 = res ? samr_open_domain(smb_cli, fnum,
1123 &info->dom.samr_pol_connect, flags, &sid_1_5_20,
1124 &info->dom.samr_pol_open_builtindom) : False;
1126 info->dom.sam = NULL;
1128 /* read some users */
1129 res = res ? samr_enum_dom_users(smb_cli, fnum,
1130 &info->dom.samr_pol_open_domain,
1131 num_entries, unk_0, acb_mask, unk_1, 0xffff,
1132 &info->dom.sam, &info->dom.num_sam_entries) : False;
1134 if (res && info->dom.num_sam_entries == 0)
1136 fprintf(out_hnd, "No users\n");
1139 /* query all the users */
1140 for (user_idx = 0; res && user_idx < info->dom.num_sam_entries; user_idx++)
1142 uint32 user_rid = info->dom.sam[user_idx].rid;
1143 SAM_USER_INFO_21 usr;
1145 fprintf(out_hnd, "User RID: %8x User Name: %s\n",
1147 info->dom.sam[user_idx].acct_name);
1149 if (request_user_info)
1151 /* send user info query, level 0x15 */
1152 if (get_samr_query_userinfo(smb_cli, fnum,
1153 &info->dom.samr_pol_open_domain,
1154 0x15, user_rid, &usr))
1156 display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr);
1157 display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
1158 display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr);
1162 if (request_group_info)
1165 DOM_GID gid[LSA_MAX_GROUPS];
1167 /* send user group query */
1168 if (get_samr_query_usergroups(smb_cli, fnum,
1169 &info->dom.samr_pol_open_domain,
1170 user_rid, &num_groups, gid))
1173 uint32 rid_mem[MAX_LOOKUP_SIDS];
1174 fstring name [MAX_LOOKUP_SIDS];
1175 uint32 type [MAX_LOOKUP_SIDS];
1177 for (i = 0; i < num_groups; i++)
1179 rid_mem[i] = gid[i].g_rid;
1182 if (samr_query_lookup_rids(smb_cli, fnum,
1183 &info->dom.samr_pol_open_domain, 0x3e8,
1184 num_groups, rid_mem,
1185 &num_names, name, type))
1187 display_group_members(out_hnd, ACTION_HEADER , num_names, name, type);
1188 display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
1189 display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type);
1194 if (request_alias_info)
1197 uint32 rid[LSA_MAX_GROUPS];
1200 sid_copy(&als_sid, &sid1);
1201 sid_append_rid(&als_sid, user_rid);
1203 /* send user alias query */
1204 if (samr_query_useraliases(smb_cli, fnum,
1205 &info->dom.samr_pol_open_domain,
1206 &als_sid, &num_aliases, rid))
1209 fstring name [MAX_LOOKUP_SIDS];
1210 uint32 type [MAX_LOOKUP_SIDS];
1212 if (samr_query_lookup_rids(smb_cli, fnum,
1213 &info->dom.samr_pol_open_domain, 0x3e8,
1215 &num_names, name, type))
1217 display_group_members(out_hnd, ACTION_HEADER , num_names, name, type);
1218 display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
1219 display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type);
1223 /* send user alias query */
1224 if (res1 && samr_query_useraliases(smb_cli, fnum,
1225 &info->dom.samr_pol_open_builtindom,
1226 &als_sid, &num_aliases, rid))
1229 fstring name [MAX_LOOKUP_SIDS];
1230 uint32 type [MAX_LOOKUP_SIDS];
1232 if (samr_query_lookup_rids(smb_cli, fnum,
1233 &info->dom.samr_pol_open_builtindom, 0x3e8,
1235 &num_names, name, type))
1237 display_group_members(out_hnd, ACTION_HEADER , num_names, name, type);
1238 display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
1239 display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type);
1245 res1 = res1 ? samr_close(smb_cli, fnum,
1246 &info->dom.samr_pol_open_builtindom) : False;
1248 res = res ? samr_close(smb_cli, fnum,
1249 &info->dom.samr_pol_open_domain) : False;
1251 res = res ? samr_close(smb_cli, fnum,
1252 &info->dom.samr_pol_connect) : False;
1254 /* close the session */
1255 cli_nt_session_close(smb_cli, fnum);
1257 if (info->dom.sam != NULL)
1259 free(info->dom.sam);
1264 DEBUG(5,("cmd_sam_enum_users: succeeded\n"));
1268 DEBUG(5,("cmd_sam_enum_users: failed\n"));
1273 /****************************************************************************
1274 experimental SAM user query.
1275 ****************************************************************************/
1276 void cmd_sam_query_user(struct client_info *info)
1283 int user_idx = 0; /* FIXME maybe ... */
1285 uint32 flags = 0x304; /* absolutely no idea. */
1288 uint32 user_rid = 0;
1289 uint32 info_level = 0x15;
1291 SAM_USER_INFO_21 usr;
1293 sid_to_string(sid, &info->dom.level5_sid);
1294 fstrcpy(domain, info->dom.level5_dom);
1296 if (strlen(sid) == 0)
1298 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
1302 string_to_sid(&sid1, sid);
1304 fstrcpy(srv_name, "\\\\");
1305 fstrcat(srv_name, info->dest_host);
1308 if (next_token(NULL, rid_str , NULL, sizeof(rid_str )) &&
1309 next_token(NULL, info_str, NULL, sizeof(info_str)))
1311 user_rid = strtoul(rid_str , (char**)NULL, 16);
1312 info_level = strtoul(info_str, (char**)NULL, 10);
1315 fprintf(out_hnd, "SAM Query User: rid %x info level %d\n",
1316 user_rid, info_level);
1317 fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
1318 info->myhostname, srv_name, domain, sid);
1320 /* open SAMR session. negotiate credentials */
1321 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
1323 /* establish a connection. */
1324 res = res ? samr_connect(smb_cli, fnum,
1325 srv_name, 0x00000020,
1326 &info->dom.samr_pol_connect) : False;
1328 /* connect to the domain */
1329 res = res ? samr_open_domain(smb_cli, fnum,
1330 &info->dom.samr_pol_connect, flags, &sid1,
1331 &info->dom.samr_pol_open_domain) : False;
1333 fprintf(out_hnd, "User RID: %8x User Name: %s\n",
1335 info->dom.sam[user_idx].acct_name);
1337 /* send user info query, level */
1338 if (get_samr_query_userinfo(smb_cli, fnum,
1339 &info->dom.samr_pol_open_domain,
1340 info_level, user_rid, &usr))
1342 if (info_level == 0x15)
1344 display_sam_user_info_21(out_hnd, ACTION_HEADER , &usr);
1345 display_sam_user_info_21(out_hnd, ACTION_ENUMERATE, &usr);
1346 display_sam_user_info_21(out_hnd, ACTION_FOOTER , &usr);
1350 res = res ? samr_close(smb_cli, fnum,
1351 &info->dom.samr_pol_connect) : False;
1353 res = res ? samr_close(smb_cli, fnum,
1354 &info->dom.samr_pol_open_domain) : False;
1356 /* close the session */
1357 cli_nt_session_close(smb_cli, fnum);
1361 DEBUG(5,("cmd_sam_query_user: succeeded\n"));
1365 DEBUG(5,("cmd_sam_query_user: failed\n"));
1370 /****************************************************************************
1371 experimental SAM domain info query.
1372 ****************************************************************************/
1373 void cmd_sam_query_dominfo(struct client_info *info)
1382 uint32 switch_value = 2;
1383 uint32 flags = 0x304; /* absolutely no idea. */
1385 sid_to_string(sid, &info->dom.level5_sid);
1386 fstrcpy(domain, info->dom.level5_dom);
1388 if (strlen(sid) == 0)
1390 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
1394 string_to_sid(&sid1, sid);
1396 fstrcpy(srv_name, "\\\\");
1397 fstrcat(srv_name, info->dest_host);
1400 if (next_token(NULL, info_str, NULL, sizeof(info_str)))
1402 switch_value = strtoul(info_str, (char**)NULL, 10);
1405 fprintf(out_hnd, "SAM Query Domain Info: info level %d\n", switch_value);
1406 fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
1407 info->myhostname, srv_name, domain, sid);
1409 /* open SAMR session. negotiate credentials */
1410 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
1412 /* establish a connection. */
1413 res = res ? samr_connect(smb_cli, fnum,
1414 srv_name, 0x00000020,
1415 &info->dom.samr_pol_connect) : False;
1417 /* connect to the domain */
1418 res = res ? samr_open_domain(smb_cli, fnum,
1419 &info->dom.samr_pol_connect, flags, &sid1,
1420 &info->dom.samr_pol_open_domain) : False;
1422 /* send a samr 0x8 command */
1423 res = res ? samr_query_dom_info(smb_cli, fnum,
1424 &info->dom.samr_pol_open_domain, switch_value) : False;
1426 res = res ? samr_close(smb_cli, fnum,
1427 &info->dom.samr_pol_connect) : False;
1429 res = res ? samr_close(smb_cli, fnum,
1430 &info->dom.samr_pol_open_domain) : False;
1432 /* close the session */
1433 cli_nt_session_close(smb_cli, fnum);
1437 DEBUG(5,("cmd_sam_query_dominfo: succeeded\n"));
1441 DEBUG(5,("cmd_sam_query_dominfo: failed\n"));
1446 /****************************************************************************
1447 experimental SAM aliases query.
1448 ****************************************************************************/
1449 void cmd_sam_enum_aliases(struct client_info *info)
1457 BOOL request_member_info = False;
1458 uint32 flags = 0x200003f3; /* absolutely no idea. */
1462 sid_to_string(sid, &info->dom.level3_sid);
1463 fstrcpy(domain, info->dom.level3_dom);
1465 fstrcpy(sid , "S-1-5-20");
1467 if (strlen(sid) == 0)
1469 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
1473 string_to_sid(&sid1, sid);
1475 fstrcpy(srv_name, "\\\\");
1476 fstrcat(srv_name, info->dest_host);
1479 /* a bad way to do token parsing... */
1480 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1482 request_member_info |= strequal(tmp, "-m");
1485 fprintf(out_hnd, "SAM Enumerate Aliases\n");
1486 fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
1487 info->myhostname, srv_name, domain, sid);
1489 /* open SAMR session. negotiate credentials */
1490 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
1492 /* establish a connection. */
1493 res = res ? samr_connect(smb_cli, fnum,
1494 srv_name, 0x00000020,
1495 &info->dom.samr_pol_connect) : False;
1497 /* connect to the domain */
1498 res = res ? samr_open_domain(smb_cli, fnum,
1499 &info->dom.samr_pol_connect, flags, &sid1,
1500 &info->dom.samr_pol_open_domain) : False;
1502 info->dom.sam = NULL;
1504 /* read some aliases */
1505 res = res ? samr_enum_dom_aliases(smb_cli, fnum,
1506 &info->dom.samr_pol_open_domain,
1508 &info->dom.sam, &info->dom.num_sam_entries) : False;
1510 if (res && info->dom.num_sam_entries == 0)
1512 fprintf(out_hnd, "No aliases\n");
1516 for (alias_idx = 0; alias_idx < info->dom.num_sam_entries; alias_idx++)
1518 uint32 alias_rid = info->dom.sam[alias_idx].rid;
1520 fprintf(out_hnd, "Alias RID: %8x Group Name: %s\n",
1522 info->dom.sam[alias_idx].acct_name);
1524 if (request_member_info)
1527 DOM_SID2 sid_mem[MAX_LOOKUP_SIDS];
1529 /* send user aliases query */
1530 if (get_samr_query_aliasmem(smb_cli, fnum,
1531 &info->dom.samr_pol_open_domain,
1532 alias_rid, &num_aliases, sid_mem))
1537 char **names = NULL;
1539 DOM_SID **sids = NULL;
1542 if (num_aliases != 0)
1544 sids = malloc(num_aliases * sizeof(DOM_SID*));
1547 res3 = sids != NULL;
1550 for (i = 0; i < num_aliases; i++)
1552 sids[i] = &sid_mem[i].sid;
1556 /* open LSARPC session. */
1557 res3 = res3 ? cli_nt_session_open(smb_cli, PIPE_LSARPC, &fnum_lsa) : False;
1559 /* lookup domain controller; receive a policy handle */
1560 res3 = res3 ? lsa_open_policy(smb_cli, fnum_lsa,
1562 &info->dom.lsa_info_pol, True) : False;
1564 /* send lsa lookup sids call */
1565 res4 = res3 ? lsa_lookup_sids(smb_cli, fnum_lsa,
1566 &info->dom.lsa_info_pol,
1568 &names, &num_names) : False;
1570 res3 = res3 ? lsa_close(smb_cli, fnum_lsa, &info->dom.lsa_info_pol) : False;
1572 cli_nt_session_close(smb_cli, fnum_lsa);
1574 if (res4 && names != NULL)
1576 display_alias_members(out_hnd, ACTION_HEADER , num_names, names);
1577 display_alias_members(out_hnd, ACTION_ENUMERATE, num_names, names);
1578 display_alias_members(out_hnd, ACTION_FOOTER , num_names, names);
1582 for (i = 0; i < num_names; i++)
1584 if (names[i] != NULL)
1599 res = res ? samr_close(smb_cli, fnum,
1600 &info->dom.samr_pol_connect) : False;
1602 res = res ? samr_close(smb_cli, fnum,
1603 &info->dom.samr_pol_open_domain) : False;
1605 /* close the session */
1606 cli_nt_session_close(smb_cli, fnum);
1608 if (info->dom.sam != NULL)
1610 free(info->dom.sam);
1615 DEBUG(5,("cmd_sam_enum_aliases: succeeded\n"));
1619 DEBUG(5,("cmd_sam_enum_aliases: failed\n"));
1624 /****************************************************************************
1625 experimental SAM groups query.
1626 ****************************************************************************/
1627 void cmd_sam_enum_groups(struct client_info *info)
1635 BOOL request_member_info = False;
1636 uint32 flags = 0x304; /* absolutely no idea. */
1640 sid_to_string(sid, &info->dom.level3_sid);
1641 fstrcpy(domain, info->dom.level3_dom);
1643 fstrcpy(sid , "S-1-5-20");
1645 if (strlen(sid) == 0)
1647 fprintf(out_hnd, "please use 'lsaquery' first, to ascertain the SID\n");
1651 string_to_sid(&sid1, sid);
1653 fstrcpy(srv_name, "\\\\");
1654 fstrcat(srv_name, info->dest_host);
1657 /* a bad way to do token parsing... */
1658 if (next_token(NULL, tmp, NULL, sizeof(tmp)))
1660 request_member_info |= strequal(tmp, "-m");
1663 fprintf(out_hnd, "SAM Enumerate Groups\n");
1664 fprintf(out_hnd, "From: %s To: %s Domain: %s SID: %s\n",
1665 info->myhostname, srv_name, domain, sid);
1667 /* open SAMR session. negotiate credentials */
1668 res = res ? cli_nt_session_open(smb_cli, PIPE_SAMR, &fnum) : False;
1670 /* establish a connection. */
1671 res = res ? samr_connect(smb_cli, fnum,
1672 srv_name, 0x00000020,
1673 &info->dom.samr_pol_connect) : False;
1675 /* connect to the domain */
1676 res = res ? samr_open_domain(smb_cli, fnum,
1677 &info->dom.samr_pol_connect, flags, &sid1,
1678 &info->dom.samr_pol_open_domain) : False;
1680 info->dom.sam = NULL;
1682 /* read some groups */
1683 res = res ? samr_enum_dom_groups(smb_cli, fnum,
1684 &info->dom.samr_pol_open_domain,
1686 &info->dom.sam, &info->dom.num_sam_entries) : False;
1688 if (res && info->dom.num_sam_entries == 0)
1690 fprintf(out_hnd, "No groups\n");
1694 for (group_idx = 0; group_idx < info->dom.num_sam_entries; group_idx++)
1696 uint32 group_rid = info->dom.sam[group_idx].rid;
1698 fprintf(out_hnd, "Group RID: %8x Group Name: %s Description: %s\n",
1700 info->dom.sam[group_idx].acct_name,
1701 info->dom.sam[group_idx].acct_desc);
1703 if (request_member_info)
1707 uint32 attr_mem[MAX_LOOKUP_SIDS];
1708 uint32 rid_mem [MAX_LOOKUP_SIDS];
1709 fstring name[MAX_LOOKUP_SIDS];
1710 uint32 type[MAX_LOOKUP_SIDS];
1712 /* send user groups query */
1713 if (get_samr_query_groupmem(smb_cli, fnum,
1714 &info->dom.samr_pol_open_domain,
1715 group_rid, &num_groups,
1716 rid_mem, attr_mem) &&
1717 samr_query_lookup_rids(smb_cli, fnum,
1718 &info->dom.samr_pol_open_domain, 0x3e8,
1719 num_groups, rid_mem,
1720 &num_names, name, type))
1722 display_group_members(out_hnd, ACTION_HEADER , num_names, name, type);
1723 display_group_members(out_hnd, ACTION_ENUMERATE, num_names, name, type);
1724 display_group_members(out_hnd, ACTION_FOOTER , num_names, name, type);
1729 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_connect) : False;
1730 res = res ? samr_close(smb_cli, fnum, &info->dom.samr_pol_open_domain) : False;
1732 /* close the session */
1733 cli_nt_session_close(smb_cli, fnum);
1735 if (info->dom.sam != NULL)
1737 free(info->dom.sam);
1742 DEBUG(5,("cmd_sam_enum_groups: succeeded\n"));
1746 DEBUG(5,("cmd_sam_enum_groups: failed\n"));