#include "includes.h"
#include "rpcclient.h"
+#include "../libcli/auth/libcli_auth.h"
+#include "../librpc/gen_ndr/ndr_samr.h"
+#include "../librpc/gen_ndr/ndr_samr_c.h"
+#include "rpc_client/cli_samr.h"
+#include "rpc_client/init_samr.h"
+#include "rpc_client/init_lsa.h"
+#include "../libcli/security/security.h"
-extern DOM_SID domain_sid;
+extern struct dom_sid domain_sid;
/****************************************************************************
display samr_user_info_7 structure
display_time(info1->min_password_age));
}
-static void display_sam_dom_info_2(struct samr_DomInfo2 *info2)
+static void display_sam_dom_info_2(struct samr_DomGeneralInformation *general)
{
- printf("Domain:\t\t%s\n", info2->domain_name.string);
- printf("Server:\t\t%s\n", info2->primary.string);
- printf("Comment:\t%s\n", info2->comment.string);
+ printf("Domain:\t\t%s\n", general->domain_name.string);
+ printf("Server:\t\t%s\n", general->primary.string);
+ printf("Comment:\t%s\n", general->oem_information.string);
- printf("Total Users:\t%d\n", info2->num_users);
- printf("Total Groups:\t%d\n", info2->num_groups);
- printf("Total Aliases:\t%d\n", info2->num_aliases);
+ printf("Total Users:\t%d\n", general->num_users);
+ printf("Total Groups:\t%d\n", general->num_groups);
+ printf("Total Aliases:\t%d\n", general->num_aliases);
- printf("Sequence No:\t%llu\n", (unsigned long long)info2->sequence_num);
+ printf("Sequence No:\t%llu\n", (unsigned long long)general->sequence_num);
printf("Force Logoff:\t%d\n",
- (int)nt_time_to_unix_abs(&info2->force_logoff_time));
+ (int)nt_time_to_unix_abs(&general->force_logoff_time));
- printf("Unknown 2:\t0x%x\n", info2->unknown2);
- printf("Server Role:\t%s\n", server_role_str(info2->role));
- printf("Unknown 3:\t0x%x\n", info2->unknown3);
+ printf("Domain Server State:\t0x%x\n", general->domain_server_state);
+ printf("Server Role:\t%s\n", server_role_str(general->role));
+ printf("Unknown 3:\t0x%x\n", general->unknown3);
}
static void display_sam_dom_info_3(struct samr_DomInfo3 *info3)
(int)nt_time_to_unix_abs(&info3->force_logoff_time));
}
-static void display_sam_dom_info_4(struct samr_DomInfo4 *info4)
+static void display_sam_dom_info_4(struct samr_DomOEMInformation *oem)
{
- printf("Comment:\t%s\n", info4->comment.string);
+ printf("Comment:\t%s\n", oem->oem_information.string);
}
static void display_sam_dom_info_5(struct samr_DomInfo5 *info5)
static void display_sam_dom_info_9(struct samr_DomInfo9 *info9)
{
- printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown);
+ printf("Domain Server State:\t0x%x\n", info9->domain_server_state);
}
static void display_sam_dom_info_12(struct samr_DomInfo12 *info12)
printf("Sequence No:\t%llu\n", (unsigned long long)info13->sequence_num);
printf("Domain Create Time:\t%s\n",
http_timestring(talloc_tos(), nt_time_to_unix(info13->domain_create_time)));
- printf("Unknown1:\t%d\n", info13->unknown1);
- printf("Unknown2:\t%d\n", info13->unknown2);
-
+ printf("Sequence No at last promotion:\t%llu\n",
+ (unsigned long long)info13->modified_count_at_last_promotion);
}
static void display_sam_info_1(struct samr_DispEntryGeneral *r)
printf("Account: %s\n", r->account_name.string);
}
+/****************************************************************************
+ ****************************************************************************/
+
+static NTSTATUS get_domain_handle(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *sam,
+ struct policy_handle *connect_pol,
+ uint32_t access_mask,
+ struct dom_sid *_domain_sid,
+ struct policy_handle *domain_pol)
+{
+ struct dcerpc_binding_handle *b = cli->binding_handle;
+ NTSTATUS status = NT_STATUS_INVALID_PARAMETER, result;
+
+ if (strcasecmp_m(sam, "domain") == 0) {
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
+ connect_pol,
+ access_mask,
+ _domain_sid,
+ domain_pol,
+ &result);
+ } else if (strcasecmp_m(sam, "builtin") == 0) {
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
+ connect_pol,
+ access_mask,
+ discard_const_p(struct dom_sid2, &global_sid_Builtin),
+ domain_pol,
+ &result);
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return result;
+}
+
/**********************************************************************
* Query user information
*/
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
uint32 info_level = 21;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
union samr_UserInfo *info = NULL;
uint32 user_rid = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 4)) {
printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
sscanf(argv[3], "%x", &access_mask);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
access_mask,
user_rid,
- &user_pol);
-
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
(user_rid == 0)) {
init_lsa_String(&lsa_acct_name, argv[1]);
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &types);
-
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result)) {
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
access_mask,
rids.ids[0],
- &user_pol);
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
}
}
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_QueryUserInfo(cli, mem_ctx,
+ status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
&user_pol,
info_level,
- &info);
-
- if (!NT_STATUS_IS_OK(result))
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
switch (info_level) {
case 7:
break;
}
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/****************************************************************************
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, group_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, group_pol;
+ NTSTATUS status, result;
enum samr_GroupInfoEnum info_level = GROUPINFOALL;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
union samr_GroupInfo *group_info = NULL;
uint32 group_rid;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 4)) {
printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
if (argc > 3)
sscanf(argv[3], "%x", &access_mask);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenGroup(cli, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
access_mask,
group_rid,
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_QueryGroupInfo(cli, mem_ctx,
+ status = dcerpc_samr_QueryGroupInfo(b, mem_ctx,
&group_pol,
info_level,
- &group_info);
+ &group_info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
display_group_info(group_info, info_level);
- rpccli_samr_Close(cli, mem_ctx, &group_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Query groups a user is a member of */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol,
+ struct policy_handle connect_pol,
domain_pol,
user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
uint32 user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
int i;
struct samr_RidWithAttributeArray *rid_array = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s rid [access mask]\n", argv[0]);
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- &domain_sid, &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_sid,
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
access_mask,
user_rid,
- &user_pol);
+ &user_pol,
+ &result);
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_GetGroupsForUser(cli, mem_ctx,
+ status = dcerpc_samr_GetGroupsForUser(b, mem_ctx,
&user_pol,
- &rid_array);
-
- if (!NT_STATUS_IS_OK(result))
+ &rid_array,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
for (i = 0; i < rid_array->count; i++) {
printf("\tgroup rid:[0x%x] attr:[0x%x]\n",
rid_array->rids[i].attributes);
}
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Query aliases a user is a member of */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- DOM_SID *sids;
- size_t num_sids;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
+ struct dom_sid *sids;
+ uint32_t num_sids;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
int i;
struct lsa_SidArray sid_array;
struct samr_Ids alias_rids;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 3) {
printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
num_sids = 0;
for (i=2; i<argc; i++) {
- DOM_SID tmp_sid;
+ struct dom_sid tmp_sid;
if (!string_to_sid(&tmp_sid, argv[i])) {
printf("%s is not a legal SID\n", argv[i]);
return NT_STATUS_INVALID_PARAMETER;
}
for (i=0; i<num_sids; i++) {
- sid_array.sids[i].sid = sid_dup_talloc(mem_ctx, &sids[i]);
+ sid_array.sids[i].sid = dom_sid_dup(mem_ctx, &sids[i]);
if (!sid_array.sids[i].sid) {
return NT_STATUS_NO_MEMORY;
}
sid_array.num_sids = num_sids;
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid, &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else {
- printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
- return NT_STATUS_INVALID_PARAMETER;
}
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_GetAliasMembership(cli, mem_ctx,
+ status = dcerpc_samr_GetAliasMembership(b, mem_ctx,
&domain_pol,
&sid_array,
- &alias_rids);
- if (!NT_STATUS_IS_OK(result))
+ &alias_rids,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
for (i = 0; i < alias_rids.count; i++) {
printf("\tgroup rid:[0x%x]\n", alias_rids.ids[i]);
}
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Query members of a group */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, group_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, group_pol;
+ NTSTATUS status, result;
uint32 group_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
int i;
unsigned int old_timeout;
- struct samr_RidTypeArray *rids = NULL;
+ struct samr_RidAttrArray *rids = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s rid [access mask]\n", argv[0]);
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenGroup(cli, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
access_mask,
group_rid,
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Make sure to wait for our DC's reply */
old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
rpccli_set_timeout(cli, MAX(30000, old_timeout)); /* At least 30 sec */
- result = rpccli_samr_QueryGroupMember(cli, mem_ctx,
+ status = dcerpc_samr_QueryGroupMember(b, mem_ctx,
&group_pol,
- &rids);
+ &rids,
+ &result);
rpccli_set_timeout(cli, old_timeout);
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
for (i = 0; i < rids->count; i++) {
printf("\trid:[0x%x] attr:[0x%x]\n", rids->rids[i],
- rids->types[i]);
+ rids->attributes[i]);
}
- rpccli_samr_Close(cli, mem_ctx, &group_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Enumerate domain users */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 start_idx, size, num_dom_users, i;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
+ uint32 start_idx, num_dom_users, i;
struct samr_SamArray *dom_users = NULL;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
uint32 acb_mask = ACB_NORMAL;
- bool got_connect_pol = False, got_domain_pol = False;
+ uint32_t size = 0xffff;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
- if ((argc < 1) || (argc > 3)) {
- printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
+ if ((argc < 1) || (argc > 4)) {
+ printf("Usage: %s [access_mask] [acb_mask] [size]\n", argv[0]);
return NT_STATUS_OK;
}
- if (argc > 1)
+ if (argc > 1) {
sscanf(argv[1], "%x", &access_mask);
+ }
- if (argc > 2)
+ if (argc > 2) {
sscanf(argv[2], "%x", &acb_mask);
+ }
+
+ if (argc > 3) {
+ sscanf(argv[3], "%x", &size);
+ }
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_connect_pol = True;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, "domain",
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_domain_pol = True;
+ }
/* Enumerate domain users */
start_idx = 0;
- size = 0xffff;
do {
- result = rpccli_samr_EnumDomainUsers(cli, mem_ctx,
+ status = dcerpc_samr_EnumDomainUsers(b, mem_ctx,
&domain_pol,
&start_idx,
acb_mask,
&dom_users,
size,
- &num_dom_users);
-
+ &num_dom_users,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
done:
- if (got_domain_pol)
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
+ if (is_valid_policy_hnd(&domain_pol))
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
- if (got_connect_pol)
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ if (is_valid_policy_hnd(&connect_pol))
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
- return result;
+ return status;
}
/* Enumerate domain groups */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 start_idx, size, num_dom_groups, i;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
+ uint32 start_idx, num_dom_groups, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct samr_SamArray *dom_groups = NULL;
- bool got_connect_pol = False, got_domain_pol = False;
+ uint32_t size = 0xffff;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
- if ((argc < 1) || (argc > 2)) {
- printf("Usage: %s [access_mask]\n", argv[0]);
+ if ((argc < 1) || (argc > 3)) {
+ printf("Usage: %s [access_mask] [max_size]\n", argv[0]);
return NT_STATUS_OK;
}
- if (argc > 1)
+ if (argc > 1) {
sscanf(argv[1], "%x", &access_mask);
+ }
+
+ if (argc > 2) {
+ sscanf(argv[2], "%x", &size);
+ }
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_connect_pol = True;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, "domain",
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_domain_pol = True;
+ }
/* Enumerate domain groups */
start_idx = 0;
- size = 0xffff;
do {
- result = rpccli_samr_EnumDomainGroups(cli, mem_ctx,
+ status = dcerpc_samr_EnumDomainGroups(b, mem_ctx,
&domain_pol,
&start_idx,
&dom_groups,
size,
- &num_dom_groups);
+ &num_dom_groups,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
done:
- if (got_domain_pol)
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
+ if (is_valid_policy_hnd(&domain_pol))
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
- if (got_connect_pol)
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ if (is_valid_policy_hnd(&connect_pol))
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
- return result;
+ return status;
}
/* Enumerate alias groups */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 start_idx, size, num_als_groups, i;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
+ uint32 start_idx, num_als_groups, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct samr_SamArray *als_groups = NULL;
- bool got_connect_pol = False, got_domain_pol = False;
+ uint32_t size = 0xffff;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
- if ((argc < 2) || (argc > 3)) {
- printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
+ if ((argc < 2) || (argc > 4)) {
+ printf("Usage: %s builtin|domain [access mask] [max_size]\n", argv[0]);
return NT_STATUS_OK;
}
- if (argc > 2)
+ if (argc > 2) {
sscanf(argv[2], "%x", &access_mask);
+ }
+
+ if (argc > 3) {
+ sscanf(argv[3], "%x", &size);
+ }
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_connect_pol = True;
+ }
/* Get domain policy handle */
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid,
- &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else
- return NT_STATUS_OK;
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
-
- got_domain_pol = True;
+ }
/* Enumerate alias groups */
start_idx = 0;
- size = 0xffff; /* Number of groups to retrieve */
do {
- result = rpccli_samr_EnumDomainAliases(cli, mem_ctx,
+ status = dcerpc_samr_EnumDomainAliases(b, mem_ctx,
&domain_pol,
&start_idx,
&als_groups,
size,
- &num_als_groups);
-
+ &num_als_groups,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
done:
- if (got_domain_pol)
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
+ if (is_valid_policy_hnd(&domain_pol))
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
- if (got_connect_pol)
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ if (is_valid_policy_hnd(&connect_pol))
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
- return result;
+ return status;
}
/* Enumerate domains */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol;
+ NTSTATUS status, result;
uint32 start_idx, size, num_entries, i;
uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- bool got_connect_pol = false;
struct samr_SamArray *sam = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 1) || (argc > 2)) {
printf("Usage: %s [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
access_mask,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- got_connect_pol = true;
-
/* Enumerate alias groups */
start_idx = 0;
size = 0xffff;
do {
- result = rpccli_samr_EnumDomains(cli, mem_ctx,
+ status = dcerpc_samr_EnumDomains(b, mem_ctx,
&connect_pol,
&start_idx,
&sam,
size,
- &num_entries);
-
+ &num_entries,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
done:
- if (got_connect_pol) {
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ if (is_valid_policy_hnd(&connect_pol)) {
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
}
- return result;
+ return status;
}
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, alias_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, alias_pol;
+ NTSTATUS status, result;
uint32 alias_rid, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct lsa_SidArray sid_array;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 3) || (argc > 4)) {
printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
/* Open SAMR handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Open handle on domain */
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- &domain_sid,
- &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else
- return NT_STATUS_OK;
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Open handle on alias */
- result = rpccli_samr_OpenAlias(cli, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
access_mask,
alias_rid,
- &alias_pol);
- if (!NT_STATUS_IS_OK(result))
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
- result = rpccli_samr_GetMembersInAlias(cli, mem_ctx,
+ status = dcerpc_samr_GetMembersInAlias(b, mem_ctx,
&alias_pol,
- &sid_array);
-
- if (!NT_STATUS_IS_OK(result))
+ &sid_array,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
for (i = 0; i < sid_array.num_sids; i++) {
fstring sid_str;
printf("\tsid:[%s]\n", sid_str);
}
- rpccli_samr_Close(cli, mem_ctx, &alias_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Query alias info */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, alias_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, alias_pol;
+ NTSTATUS status, result;
uint32_t alias_rid;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
union samr_AliasInfo *info = NULL;
enum samr_AliasInfoEnum level = ALIASINFOALL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 3) || (argc > 4)) {
printf("Usage: %s builtin|domain rid [level] [access mask]\n",
/* Open SAMR handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
SEC_FLAG_MAXIMUM_ALLOWED,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
/* Open handle on domain */
- if (strequal(argv[1], "domain")) {
-
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- SEC_FLAG_MAXIMUM_ALLOWED,
- &domain_sid,
- &domain_pol);
-
- } else if (strequal(argv[1], "builtin")) {
-
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- SEC_FLAG_MAXIMUM_ALLOWED,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
-
- } else {
- return NT_STATUS_OK;
- }
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ SEC_FLAG_MAXIMUM_ALLOWED,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
/* Open handle on alias */
- result = rpccli_samr_OpenAlias(cli, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
access_mask,
alias_rid,
- &alias_pol);
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_QueryAliasInfo(cli, mem_ctx,
+ status = dcerpc_samr_QueryAliasInfo(b, mem_ctx,
&alias_pol,
level,
- &info);
-
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
break;
}
- rpccli_samr_Close(cli, mem_ctx, &alias_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, alias_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, alias_pol;
+ NTSTATUS status, result;
uint32 alias_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc != 3) {
printf("Usage: %s builtin|domain [rid|name]\n", argv[0]);
/* Open SAMR handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Open handle on domain */
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- &domain_sid,
- &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else
- return NT_STATUS_INVALID_PARAMETER;
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Open handle on alias */
- result = rpccli_samr_OpenAlias(cli, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
access_mask,
alias_rid,
- &alias_pol);
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
/* Probably this was a user name, try lookupnames */
struct samr_Ids rids, types;
init_lsa_String(&lsa_acct_name, argv[2]);
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &types);
-
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_IS_OK(result)) {
- result = rpccli_samr_OpenAlias(cli, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
access_mask,
rids.ids[0],
- &alias_pol);
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
}
}
- result = rpccli_samr_DeleteDomAlias(cli, mem_ctx,
- &alias_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ status = dcerpc_samr_DeleteDomAlias(b, mem_ctx,
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Query display info */
int argc, const char **argv,
uint32_t opcode)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries = 0, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
uint32 info_level = 1;
int loop_count = 0;
bool got_params = False; /* Use get_query_dispinfo_params() or not? */
uint32_t total_size, returned_size;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc > 6) {
printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Query display info */
do {
if (!got_params)
- get_query_dispinfo_params(
+ dcerpc_get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
switch (opcode) {
case NDR_SAMR_QUERYDISPLAYINFO:
- result = rpccli_samr_QueryDisplayInfo(cli, mem_ctx,
+ status = dcerpc_samr_QueryDisplayInfo(b, mem_ctx,
&domain_pol,
info_level,
start_idx,
max_size,
&total_size,
&returned_size,
- &info);
+ &info,
+ &result);
break;
case NDR_SAMR_QUERYDISPLAYINFO2:
- result = rpccli_samr_QueryDisplayInfo2(cli, mem_ctx,
+ status = dcerpc_samr_QueryDisplayInfo2(b, mem_ctx,
&domain_pol,
info_level,
start_idx,
max_size,
&total_size,
&returned_size,
- &info);
+ &info,
+ &result);
break;
case NDR_SAMR_QUERYDISPLAYINFO3:
- result = rpccli_samr_QueryDisplayInfo3(cli, mem_ctx,
+ status = dcerpc_samr_QueryDisplayInfo3(b, mem_ctx,
&domain_pol,
info_level,
start_idx,
max_size,
&total_size,
&returned_size,
- &info);
+ &info,
+ &result);
break;
default:
return NT_STATUS_INVALID_PARAMETER;
}
+ if (!NT_STATUS_IS_OK(status)) {
+ break;
+ }
+ status = result;
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
}
} while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
uint32 switch_level = 2;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
union samr_DomainInfo *info = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc > 3) {
printf("Usage: %s [info level] [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Query domain info */
- result = rpccli_samr_QueryDomainInfo(cli, mem_ctx,
+ status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
&domain_pol,
switch_level,
- &info);
-
- if (!NT_STATUS_IS_OK(result))
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
/* Display domain info */
display_sam_dom_info_1(&info->info1);
break;
case 2:
- display_sam_dom_info_2(&info->info2);
+ display_sam_dom_info_2(&info->general);
break;
case 3:
display_sam_dom_info_3(&info->info3);
break;
case 4:
- display_sam_dom_info_4(&info->info4);
+ display_sam_dom_info_4(&info->oem);
break;
case 5:
display_sam_dom_info_5(&info->info5);
done:
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- return result;
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ return status;
}
/* Create domain user */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
struct lsa_String acct_name;
uint32 acb_info;
uint32 acct_flags, user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
uint32_t access_granted = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s username [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Create domain user */
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
- result = rpccli_samr_CreateUser2(cli, mem_ctx,
+ status = dcerpc_samr_CreateUser2(b, mem_ctx,
&domain_pol,
&acct_name,
acb_info,
acct_flags,
&user_pol,
&access_granted,
- &user_rid);
-
- if (!NT_STATUS_IS_OK(result))
+ &user_rid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_Close(cli, mem_ctx, &user_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
done:
- return result;
+ return status;
}
/* Create domain group */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, group_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, group_pol;
+ NTSTATUS status, result;
struct lsa_String grp_name;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
uint32_t rid = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s groupname [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
/* Create domain user */
- result = rpccli_samr_CreateDomainGroup(cli, mem_ctx,
+ status = dcerpc_samr_CreateDomainGroup(b, mem_ctx,
&domain_pol,
&grp_name,
MAXIMUM_ALLOWED_ACCESS,
&group_pol,
- &rid);
-
- if (!NT_STATUS_IS_OK(result))
+ &rid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_Close(cli, mem_ctx, &group_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
done:
- return result;
+ return status;
}
/* Create domain alias */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, alias_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, alias_pol;
+ NTSTATUS status, result;
struct lsa_String alias_name;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
uint32_t rid = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s aliasname [access mask]\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Create domain user */
- result = rpccli_samr_CreateDomAlias(cli, mem_ctx,
+ status = dcerpc_samr_CreateDomAlias(b, mem_ctx,
&domain_pol,
&alias_name,
MAXIMUM_ALLOWED_ACCESS,
&alias_pol,
- &rid);
-
- if (!NT_STATUS_IS_OK(result))
+ &rid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
+
- result = rpccli_samr_Close(cli, mem_ctx, &alias_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &alias_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
done:
- return result;
+ return status;
}
/* Lookup sam names */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol;
+ NTSTATUS status, result;
+ struct policy_handle connect_pol, domain_pol;
uint32 num_names;
struct samr_Ids rids, name_types;
int i;
- struct lsa_String *names = NULL;;
+ struct lsa_String *names = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 3) {
printf("Usage: %s domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
/* Get sam policy and domain handles */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- &domain_sid,
- &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else
- return NT_STATUS_OK;
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Look up names */
num_names = argc - 2;
- if ((names = TALLOC_ARRAY(mem_ctx, struct lsa_String, num_names)) == NULL) {
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- result = NT_STATUS_NO_MEMORY;
+ if ((names = talloc_array(mem_ctx, struct lsa_String, num_names)) == NULL) {
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ status = NT_STATUS_NO_MEMORY;
goto done;
}
init_lsa_String(&names[i], argv[i + 2]);
}
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
num_names,
names,
&rids,
- &name_types);
-
- if (!NT_STATUS_IS_OK(result))
+ &name_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Display results */
printf("name %s: 0x%x (%d)\n", names[i].string, rids.ids[i],
name_types.ids[i]);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Lookup sam rids */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol;
+ NTSTATUS status, result;
+ struct policy_handle connect_pol, domain_pol;
uint32_t num_rids, *rids;
struct lsa_Strings names;
struct samr_Ids types;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
int i;
/* Get sam policy and domain handles */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- if (StrCaseCmp(argv[1], "domain")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- &domain_sid,
- &domain_pol);
- else if (StrCaseCmp(argv[1], "builtin")==0)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
- else
- return NT_STATUS_OK;
-
- if (!NT_STATUS_IS_OK(result))
+ status = get_domain_handle(cli, mem_ctx, argv[1],
+ &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ &domain_sid,
+ &domain_pol);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Look up rids */
num_rids = argc - 2;
- if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- result = NT_STATUS_NO_MEMORY;
+ if ((rids = talloc_array(mem_ctx, uint32, num_rids)) == NULL) {
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ status = NT_STATUS_NO_MEMORY;
goto done;
}
for (i = 0; i < argc - 2; i++)
sscanf(argv[i + 2], "%i", &rids[i]);
- result = rpccli_samr_LookupRids(cli, mem_ctx,
+ status = dcerpc_samr_LookupRids(b, mem_ctx,
&domain_pol,
num_rids,
rids,
&names,
- &types);
-
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
goto done;
rids[i], names.names[i].string, types.ids[i]);
}
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Delete domain group */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol, group_pol;
+ NTSTATUS status, result;
+ struct policy_handle connect_pol, domain_pol, group_pol;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s groupname\n", argv[0]);
/* Get sam policy and domain handles */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Get handle on group */
init_lsa_String(&lsa_acct_name, argv[1]);
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&group_rids,
- &name_types);
- if (!NT_STATUS_IS_OK(result))
+ &name_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenGroup(cli, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
access_mask,
group_rids.ids[0],
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
}
/* Delete group */
- result = rpccli_samr_DeleteDomainGroup(cli, mem_ctx,
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ status = dcerpc_samr_DeleteDomainGroup(b, mem_ctx,
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
/* Display results */
- rpccli_samr_Close(cli, mem_ctx, &group_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &group_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Delete domain user */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
+ struct policy_handle connect_pol, domain_pol, user_pol;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s username\n", argv[0]);
/* Get sam policy and domain handles */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Get handle on user */
init_lsa_String(&lsa_acct_name, argv[1]);
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
- &name_types);
-
- if (!NT_STATUS_IS_OK(result))
+ &name_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
access_mask,
user_rids.ids[0],
- &user_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
}
/* Delete user */
- result = rpccli_samr_DeleteUser(cli, mem_ctx,
- &user_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ status = dcerpc_samr_DeleteUser(b, mem_ctx,
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Display results */
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/**********************************************************************
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol, *pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 sec_info = DACL_SECURITY_INFORMATION;
+ struct policy_handle connect_pol, domain_pol, user_pol, *pol;
+ NTSTATUS status, result;
+ uint32 sec_info = SECINFO_DACL;
uint32 user_rid = 0;
TALLOC_CTX *ctx = NULL;
- SEC_DESC_BUF *sec_desc_buf=NULL;
+ struct sec_desc_buf *sec_desc_buf=NULL;
bool domain = False;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
ctx=talloc_init("cmd_samr_query_sec_obj");
sec_info = atoi(argv[2]);
}
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- if (domain || user_rid)
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ if (domain || user_rid) {
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+ }
- if (user_rid)
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ if (user_rid) {
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
user_rid,
- &user_pol);
-
- if (!NT_STATUS_IS_OK(result))
- goto done;
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+ }
/* Pick which query pol to use */
/* Query SAM security object */
- result = rpccli_samr_QuerySecurity(cli, mem_ctx,
+ status = dcerpc_samr_QuerySecurity(b, mem_ctx,
pol,
sec_info,
- &sec_desc_buf);
-
- if (!NT_STATUS_IS_OK(result))
+ &sec_desc_buf,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
display_sec_desc(sec_desc_buf->sd);
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
talloc_destroy(ctx);
- return result;
+ return status;
}
static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
+ struct policy_handle connect_pol, domain_pol, user_pol;
struct samr_PwInfo info;
uint32_t rid;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc != 2) {
printf("Usage: %s rid\n", argv[0]);
sscanf(argv[1], "%i", &rid);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid,
- &domain_pol);
-
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
- &user_pol);
-
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_GetUserPwInfo(cli, mem_ctx, &user_pol, &info);
+ status = dcerpc_samr_GetUserPwInfo(b, mem_ctx,
+ &user_pol,
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
if (NT_STATUS_IS_OK(result)) {
printf("min_password_length: %d\n", info.min_password_length);
printf("%s\n",
}
done:
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
- return result;
+ return status;
}
static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
struct lsa_String domain_name;
struct samr_PwInfo info;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 1 || argc > 3) {
printf("Usage: %s <domain>\n", argv[0]);
init_lsa_String(&domain_name, argv[1]);
- result = rpccli_samr_GetDomPwInfo(cli, mem_ctx, &domain_name, &info);
-
+ status = dcerpc_samr_GetDomPwInfo(b, mem_ctx,
+ &domain_name,
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (NT_STATUS_IS_OK(result)) {
printf("min_password_length: %d\n", info.min_password_length);
display_password_properties(info.password_properties);
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
fstring sid_string;
struct lsa_String domain_name;
- DOM_SID *sid = NULL;
+ struct dom_sid *sid = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc != 2) {
printf("Usage: %s domain_name\n", argv[0]);
init_lsa_String(&domain_name, argv[1]);
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
access_mask,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_LookupDomain(cli, mem_ctx,
+ status = dcerpc_samr_LookupDomain(b, mem_ctx,
&connect_pol,
&domain_name,
- &sid);
+ &sid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
if (NT_STATUS_IS_OK(result)) {
sid_to_fstring(sid_string, sid);
argv[1], sid_string);
}
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
/* Change user password */
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
const char *user, *oldpass, *newpass;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct samr_Ids rids, types;
struct lsa_String lsa_acct_name;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 3) {
printf("Usage: %s username oldpass newpass\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
init_lsa_String(&lsa_acct_name, user);
- result = rpccli_samr_LookupNames(cli, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &types);
-
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenUser(cli, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
access_mask,
rids.ids[0],
- &user_pol);
-
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Change user password */
- result = rpccli_samr_chgpasswd_user(cli, mem_ctx,
+ status = rpccli_samr_chgpasswd_user(cli, mem_ctx,
&user_pol,
newpass,
oldpass);
-
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
done:
if (is_valid_policy_hnd(&user_pol)) {
- rpccli_samr_Close(cli, mem_ctx, &user_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
}
if (is_valid_policy_hnd(&domain_pol)) {
- rpccli_samr_Close(cli, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
}
if (is_valid_policy_hnd(&connect_pol)) {
- rpccli_samr_Close(cli, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
}
- return result;
+ return status;
}
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
const char *user, *oldpass, *newpass;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 3) {
printf("Usage: %s username oldpass newpass\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Change user password */
- result = rpccli_samr_chgpasswd_user2(cli, mem_ctx, user, newpass, oldpass);
+ status = rpccli_samr_chgpasswd_user2(cli, mem_ctx, user, newpass, oldpass);
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
done:
- return result;
+ return status;
}
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
const char *user, *oldpass, *newpass;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct samr_DomInfo1 *info = NULL;
- struct samr_ChangeReject *reject = NULL;
+ struct userPwdChangeFailureInformation *reject = NULL;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 3) {
printf("Usage: %s username oldpass newpass\n", argv[0]);
/* Get sam policy handle */
- result = rpccli_try_samr_connects(cli, mem_ctx,
+ status = rpccli_try_samr_connects(cli, mem_ctx,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
access_mask,
&domain_sid,
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
/* Change user password */
- result = rpccli_samr_chgpasswd_user3(cli, mem_ctx,
+ status = rpccli_samr_chgpasswd_user3(cli, mem_ctx,
user,
newpass,
oldpass,
&info,
&reject);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
display_sam_dom_info_1(info);
- switch (reject->reason) {
- case SAMR_REJECT_TOO_SHORT:
- d_printf("SAMR_REJECT_TOO_SHORT\n");
+ switch (reject->extendedFailureReason) {
+ case SAM_PWD_CHANGE_PASSWORD_TOO_SHORT:
+ d_printf("SAM_PWD_CHANGE_PASSWORD_TOO_SHORT\n");
break;
- case SAMR_REJECT_IN_HISTORY:
- d_printf("SAMR_REJECT_IN_HISTORY\n");
+ case SAM_PWD_CHANGE_PWD_IN_HISTORY:
+ d_printf("SAM_PWD_CHANGE_PWD_IN_HISTORY\n");
break;
- case SAMR_REJECT_COMPLEXITY:
- d_printf("SAMR_REJECT_COMPLEXITY\n");
- break;
- case SAMR_REJECT_OTHER:
- d_printf("SAMR_REJECT_OTHER\n");
+ case SAM_PWD_CHANGE_NOT_COMPLEX:
+ d_printf("SAM_PWD_CHANGE_NOT_COMPLEX\n");
break;
default:
d_printf("unknown reject reason: %d\n",
- reject->reason);
+ reject->extendedFailureReason);
break;
}
}
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
- result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ if (!NT_STATUS_IS_OK(status)) goto done;
done:
- return result;
+ return status;
+}
+
+static NTSTATUS cmd_samr_setuserinfo_int(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv,
+ int opcode)
+{
+ struct policy_handle connect_pol, domain_pol, user_pol;
+ NTSTATUS status, result;
+ const char *user, *param;
+ uint32_t access_mask = MAXIMUM_ALLOWED_ACCESS;
+ uint32_t level;
+ uint32_t user_rid;
+ union samr_UserInfo info;
+ struct samr_CryptPassword pwd_buf;
+ struct samr_CryptPasswordEx pwd_buf_ex;
+ uint8_t nt_hash[16];
+ uint8_t lm_hash[16];
+ DATA_BLOB session_key;
+ uint8_t password_expired = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
+
+ if (argc < 4) {
+ printf("Usage: %s username level password [password_expired]\n",
+ argv[0]);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ user = argv[1];
+ level = atoi(argv[2]);
+ param = argv[3];
+
+ if (argc >= 5) {
+ password_expired = atoi(argv[4]);
+ }
+
+ status = cli_get_session_key(mem_ctx, cli, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ init_samr_CryptPassword(param, &session_key, &pwd_buf);
+ init_samr_CryptPasswordEx(param, &session_key, &pwd_buf_ex);
+ nt_lm_owf_gen(param, nt_hash, lm_hash);
+
+ switch (level) {
+ case 18:
+ {
+ DATA_BLOB in,out;
+ in = data_blob_const(nt_hash, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+ sess_crypt_blob(&out, &in, &session_key, true);
+ memcpy(nt_hash, out.data, out.length);
+ }
+ {
+ DATA_BLOB in,out;
+ in = data_blob_const(lm_hash, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+ sess_crypt_blob(&out, &in, &session_key, true);
+ memcpy(lm_hash, out.data, out.length);
+ }
+
+ memcpy(info.info18.nt_pwd.hash, nt_hash, 16);
+ memcpy(info.info18.lm_pwd.hash, lm_hash, 16);
+ info.info18.nt_pwd_active = true;
+ info.info18.lm_pwd_active = true;
+ info.info18.password_expired = password_expired;
+
+ break;
+ case 21:
+ ZERO_STRUCT(info.info21);
+
+ info.info21.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
+ SAMR_FIELD_LM_PASSWORD_PRESENT;
+ if (argc >= 5) {
+ info.info21.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
+ info.info21.password_expired = password_expired;
+ }
+
+ info.info21.lm_password_set = true;
+ info.info21.lm_owf_password.length = 16;
+ info.info21.lm_owf_password.size = 16;
+
+ info.info21.nt_password_set = true;
+ info.info21.nt_owf_password.length = 16;
+ info.info21.nt_owf_password.size = 16;
+
+ {
+ DATA_BLOB in,out;
+ in = data_blob_const(nt_hash, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+ sess_crypt_blob(&out, &in, &session_key, true);
+ info.info21.nt_owf_password.array =
+ (uint16_t *)talloc_memdup(mem_ctx, out.data, 16);
+ }
+ {
+ DATA_BLOB in,out;
+ in = data_blob_const(lm_hash, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+ sess_crypt_blob(&out, &in, &session_key, true);
+ info.info21.lm_owf_password.array =
+ (uint16_t *)talloc_memdup(mem_ctx, out.data, 16);
+ }
+
+ break;
+ case 23:
+ ZERO_STRUCT(info.info23);
+
+ info.info23.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
+ SAMR_FIELD_LM_PASSWORD_PRESENT;
+ if (argc >= 5) {
+ info.info23.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
+ info.info23.info.password_expired = password_expired;
+ }
+
+ info.info23.password = pwd_buf;
+
+ break;
+ case 24:
+ info.info24.password = pwd_buf;
+ info.info24.password_expired = password_expired;
+
+ break;
+ case 25:
+ ZERO_STRUCT(info.info25);
+
+ info.info25.info.fields_present = SAMR_FIELD_NT_PASSWORD_PRESENT |
+ SAMR_FIELD_LM_PASSWORD_PRESENT;
+ if (argc >= 5) {
+ info.info25.info.fields_present |= SAMR_FIELD_EXPIRED_FLAG;
+ info.info25.info.password_expired = password_expired;
+ }
+
+ info.info25.password = pwd_buf_ex;
+
+ break;
+ case 26:
+ info.info26.password = pwd_buf_ex;
+ info.info26.password_expired = password_expired;
+
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
+
+ /* Get sam policy handle */
+
+ status = rpccli_try_samr_connects(cli, mem_ctx,
+ MAXIMUM_ALLOWED_ACCESS,
+ &connect_pol);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ /* Get domain policy handle */
+
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol,
+ &result);
+
+ if (!NT_STATUS_IS_OK(status))
+ goto done;
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
+
+ user_rid = strtol(user, NULL, 0);
+ if (user_rid) {
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
+ &domain_pol,
+ access_mask,
+ user_rid,
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = result;
+ }
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) ||
+ (user_rid == 0)) {
+
+ /* Probably this was a user name, try lookupnames */
+ struct samr_Ids rids, types;
+ struct lsa_String lsa_acct_name;
+
+ init_lsa_String(&lsa_acct_name, user);
+
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
+ &domain_pol,
+ 1,
+ &lsa_acct_name,
+ &rids,
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
+
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
+ &domain_pol,
+ access_mask,
+ rids.ids[0],
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+ }
+
+ switch (opcode) {
+ case NDR_SAMR_SETUSERINFO:
+ status = dcerpc_samr_SetUserInfo(b, mem_ctx,
+ &user_pol,
+ level,
+ &info,
+ &result);
+ break;
+ case NDR_SAMR_SETUSERINFO2:
+ status = dcerpc_samr_SetUserInfo2(b, mem_ctx,
+ &user_pol,
+ level,
+ &info,
+ &result);
+ break;
+ default:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("status: %s\n", nt_errstr(status)));
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ DEBUG(0,("result: %s\n", nt_errstr(status)));
+ goto done;
+ }
+ done:
+ return status;
+}
+
+static NTSTATUS cmd_samr_setuserinfo(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv,
+ NDR_SAMR_SETUSERINFO);
+}
+
+static NTSTATUS cmd_samr_setuserinfo2(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ return cmd_samr_setuserinfo_int(cli, mem_ctx, argc, argv,
+ NDR_SAMR_SETUSERINFO2);
}
static NTSTATUS cmd_samr_get_dispinfo_idx(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
- NTSTATUS status;
+ NTSTATUS status, result;
struct policy_handle connect_handle;
struct policy_handle domain_handle;
uint16_t level = 1;
struct lsa_String name;
uint32_t idx = 0;
+ struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc < 2 || argc > 3) {
printf("Usage: %s name level\n", argv[0]);
}
status = rpccli_try_samr_connects(cli, mem_ctx,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&connect_handle);
-
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- status = rpccli_samr_OpenDomain(cli, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_handle,
- SEC_RIGHTS_MAXIMUM_ALLOWED,
+ SEC_FLAG_MAXIMUM_ALLOWED,
&domain_sid,
- &domain_handle);
-
- if (!NT_STATUS_IS_OK(status))
+ &domain_handle,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto done;
+ }
-
- status = rpccli_samr_GetDisplayEnumerationIndex(cli, mem_ctx,
+ status = dcerpc_samr_GetDisplayEnumerationIndex(b, mem_ctx,
&domain_handle,
level,
&name,
- &idx);
+ &idx,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = result;
if (NT_STATUS_IS_OK(status) ||
NT_STATUS_EQUAL(status, NT_STATUS_NO_MORE_ENTRIES)) {
done:
if (is_valid_policy_hnd(&domain_handle)) {
- rpccli_samr_Close(cli, mem_ctx, &domain_handle);
+ dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result);
}
if (is_valid_policy_hnd(&connect_handle)) {
- rpccli_samr_Close(cli, mem_ctx, &connect_handle);
+ dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result);
}
return status;
{ "chgpasswd2", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" },
{ "chgpasswd3", RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3, NULL, &ndr_table_samr.syntax_id, NULL, "Change user password", "" },
{ "getdispinfoidx", RPC_RTYPE_NTSTATUS, cmd_samr_get_dispinfo_idx, NULL, &ndr_table_samr.syntax_id, NULL, "Get Display Information Index", "" },
+ { "setuserinfo", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info", "" },
+ { "setuserinfo2", RPC_RTYPE_NTSTATUS, cmd_samr_setuserinfo2, NULL, &ndr_table_samr.syntax_id, NULL, "Set user info2", "" },
{ NULL }
};