2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
27 /* useful function to allow entering a name instead of a SID and
28 * looking it up automatically */
29 static NTSTATUS name_to_sid(struct cli_state *cli,
31 DOM_SID *sid, const char *name)
38 /* maybe its a raw SID */
39 if (strncmp(name, "S-", 2) == 0 &&
40 string_to_sid(sid, name)) {
44 result = cli_lsa_open_policy(cli, mem_ctx, True,
45 SEC_RIGHTS_MAXIMUM_ALLOWED,
47 if (!NT_STATUS_IS_OK(result))
50 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
51 if (!NT_STATUS_IS_OK(result))
54 cli_lsa_close(cli, mem_ctx, &pol);
63 /* Look up domain related information on a remote host */
65 static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli,
66 TALLOC_CTX *mem_ctx, int argc,
70 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
72 struct uuid *dom_guid;
74 char *domain_name = NULL;
75 char *dns_name = NULL;
76 char *forest_name = NULL;
78 uint32 info_class = 3;
81 printf("Usage: %s [info_class]\n", argv[0]);
86 info_class = atoi(argv[1]);
88 /* Lookup info policy */
91 result = cli_lsa_open_policy2(cli, mem_ctx, True,
92 SEC_RIGHTS_MAXIMUM_ALLOWED,
95 if (!NT_STATUS_IS_OK(result))
97 result = cli_lsa_query_info_policy2(cli, mem_ctx, &pol,
98 info_class, &domain_name,
99 &dns_name, &forest_name,
100 &dom_guid, &dom_sid);
103 result = cli_lsa_open_policy(cli, mem_ctx, True,
104 SEC_RIGHTS_MAXIMUM_ALLOWED,
107 if (!NT_STATUS_IS_OK(result))
109 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol,
110 info_class, &domain_name,
114 if (!NT_STATUS_IS_OK(result))
117 sid_to_string(sid_str, dom_sid);
120 printf("domain %s has sid %s\n", domain_name, sid_str);
122 printf("could not query info for level %d\n", info_class);
125 printf("domain dns name is %s\n", dns_name);
127 printf("forest name is %s\n", forest_name);
129 if (info_class == 12) {
130 printf("domain GUID is ");
131 smb_uuid_string_static(*dom_guid);
137 /* Resolve a list of names to a list of sids */
139 static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
140 TALLOC_CTX *mem_ctx, int argc,
144 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
150 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
154 result = cli_lsa_open_policy(cli, mem_ctx, True,
155 SEC_RIGHTS_MAXIMUM_ALLOWED,
158 if (!NT_STATUS_IS_OK(result))
161 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
162 (const char**)(argv + 1), &sids, &types);
164 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
165 NT_STATUS_V(STATUS_SOME_UNMAPPED))
168 result = NT_STATUS_OK;
172 for (i = 0; i < (argc - 1); i++) {
174 sid_to_string(sid_str, &sids[i]);
175 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
176 sid_type_lookup(types[i]), types[i]);
179 cli_lsa_close(cli, mem_ctx, &pol);
185 /* Resolve a list of SIDs to a list of names */
187 static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
188 int argc, const char **argv)
191 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
199 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
203 result = cli_lsa_open_policy(cli, mem_ctx, True,
204 SEC_RIGHTS_MAXIMUM_ALLOWED,
207 if (!NT_STATUS_IS_OK(result))
210 /* Convert arguments to sids */
212 sids = TALLOC_ARRAY(mem_ctx, DOM_SID, argc - 1);
215 printf("could not allocate memory for %d sids\n", argc - 1);
219 for (i = 0; i < argc - 1; i++)
220 if (!string_to_sid(&sids[i], argv[i + 1])) {
221 result = NT_STATUS_INVALID_SID;
225 /* Lookup the SIDs */
227 result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
228 &domains, &names, &types);
230 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
231 NT_STATUS_V(STATUS_SOME_UNMAPPED))
234 result = NT_STATUS_OK;
238 for (i = 0; i < (argc - 1); i++) {
241 sid_to_string(sid_str, &sids[i]);
242 printf("%s %s\\%s (%d)\n", sid_str,
243 domains[i] ? domains[i] : "*unknown*",
244 names[i] ? names[i] : "*unknown*", types[i]);
247 cli_lsa_close(cli, mem_ctx, &pol);
253 /* Enumerate list of trusted domains */
255 static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli,
256 TALLOC_CTX *mem_ctx, int argc,
260 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
261 DOM_SID *domain_sids;
264 /* defaults, but may be changed using params */
266 uint32 num_domains = 0;
270 printf("Usage: %s [enum context (0)]\n", argv[0]);
274 if (argc == 2 && argv[1]) {
275 enum_ctx = atoi(argv[2]);
278 result = cli_lsa_open_policy(cli, mem_ctx, True,
279 POLICY_VIEW_LOCAL_INFORMATION,
282 if (!NT_STATUS_IS_OK(result))
285 result = STATUS_MORE_ENTRIES;
287 while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
289 /* Lookup list of trusted domains */
291 result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
293 &domain_names, &domain_sids);
294 if (!NT_STATUS_IS_OK(result) &&
295 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
296 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
299 /* Print results: list of names and sids returned in this
301 for (i = 0; i < num_domains; i++) {
304 sid_to_string(sid_str, &domain_sids[i]);
305 printf("%s %s\n", domain_names[i] ? domain_names[i] :
306 "*unknown*", sid_str);
314 /* Enumerates privileges */
316 static NTSTATUS cmd_lsa_enum_privilege(struct cli_state *cli,
317 TALLOC_CTX *mem_ctx, int argc,
321 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
323 uint32 enum_context=0;
324 uint32 pref_max_length=0x1000;
332 printf("Usage: %s [enum context] [max length]\n", argv[0]);
337 enum_context=atoi(argv[1]);
340 pref_max_length=atoi(argv[2]);
342 result = cli_lsa_open_policy(cli, mem_ctx, True,
343 SEC_RIGHTS_MAXIMUM_ALLOWED,
346 if (!NT_STATUS_IS_OK(result))
349 result = cli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
350 &count, &privs_name, &privs_high, &privs_low);
352 if (!NT_STATUS_IS_OK(result))
356 printf("found %d privileges\n\n", count);
358 for (i = 0; i < count; i++) {
359 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
360 privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
367 /* Get privilege name */
369 static NTSTATUS cmd_lsa_get_dispname(struct cli_state *cli,
370 TALLOC_CTX *mem_ctx, int argc,
374 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
377 uint16 lang_id_sys=0;
382 printf("Usage: %s privilege name\n", argv[0]);
386 result = cli_lsa_open_policy(cli, mem_ctx, True,
387 SEC_RIGHTS_MAXIMUM_ALLOWED,
390 if (!NT_STATUS_IS_OK(result))
393 result = cli_lsa_get_dispname(cli, mem_ctx, &pol, argv[1], lang_id, lang_id_sys, description, &lang_id_desc);
395 if (!NT_STATUS_IS_OK(result))
399 printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
405 /* Enumerate the LSA SIDS */
407 static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli,
408 TALLOC_CTX *mem_ctx, int argc,
412 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
414 uint32 enum_context=0;
415 uint32 pref_max_length=0x1000;
421 printf("Usage: %s [enum context] [max length]\n", argv[0]);
426 enum_context=atoi(argv[1]);
429 pref_max_length=atoi(argv[2]);
431 result = cli_lsa_open_policy(cli, mem_ctx, True,
432 SEC_RIGHTS_MAXIMUM_ALLOWED,
435 if (!NT_STATUS_IS_OK(result))
438 result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
441 if (!NT_STATUS_IS_OK(result))
445 printf("found %d SIDs\n\n", count);
447 for (i = 0; i < count; i++) {
450 sid_to_string(sid_str, &sids[i]);
451 printf("%s\n", sid_str);
458 /* Create a new account */
460 static NTSTATUS cmd_lsa_create_account(struct cli_state *cli,
461 TALLOC_CTX *mem_ctx, int argc,
466 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
467 uint32 des_access = 0x000f000f;
472 printf("Usage: %s SID\n", argv[0]);
476 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
477 if (!NT_STATUS_IS_OK(result))
480 result = cli_lsa_open_policy2(cli, mem_ctx, True,
481 SEC_RIGHTS_MAXIMUM_ALLOWED,
484 if (!NT_STATUS_IS_OK(result))
487 result = cli_lsa_create_account(cli, mem_ctx, &dom_pol, &sid, des_access, &user_pol);
489 if (!NT_STATUS_IS_OK(result))
492 printf("Account for SID %s successfully created\n\n", argv[1]);
493 result = NT_STATUS_OK;
500 /* Enumerate the privileges of an SID */
502 static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
503 TALLOC_CTX *mem_ctx, int argc,
508 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
509 uint32 access_desired = 0x000f000f;
517 printf("Usage: %s SID\n", argv[0]);
521 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
522 if (!NT_STATUS_IS_OK(result))
525 result = cli_lsa_open_policy2(cli, mem_ctx, True,
526 SEC_RIGHTS_MAXIMUM_ALLOWED,
529 if (!NT_STATUS_IS_OK(result))
532 result = cli_lsa_open_account(cli, mem_ctx, &dom_pol, &sid, access_desired, &user_pol);
534 if (!NT_STATUS_IS_OK(result))
537 result = cli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set);
539 if (!NT_STATUS_IS_OK(result))
543 printf("found %d privileges for SID %s\n\n", count, argv[1]);
544 printf("high\tlow\tattribute\n");
546 for (i = 0; i < count; i++) {
547 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
555 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
557 static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
558 TALLOC_CTX *mem_ctx, int argc,
562 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
571 printf("Usage: %s SID\n", argv[0]);
575 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
576 if (!NT_STATUS_IS_OK(result))
579 result = cli_lsa_open_policy2(cli, mem_ctx, True,
580 SEC_RIGHTS_MAXIMUM_ALLOWED,
583 if (!NT_STATUS_IS_OK(result))
586 result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, &sid, &count, &rights);
588 if (!NT_STATUS_IS_OK(result))
591 printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
593 for (i = 0; i < count; i++) {
594 printf("\t%s\n", rights[i]);
602 /* add some privileges to a SID via LsaAddAccountRights */
604 static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
605 TALLOC_CTX *mem_ctx, int argc,
609 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
614 printf("Usage: %s SID [rights...]\n", argv[0]);
618 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
619 if (!NT_STATUS_IS_OK(result))
622 result = cli_lsa_open_policy2(cli, mem_ctx, True,
623 SEC_RIGHTS_MAXIMUM_ALLOWED,
626 if (!NT_STATUS_IS_OK(result))
629 result = cli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid,
632 if (!NT_STATUS_IS_OK(result))
640 /* remove some privileges to a SID via LsaRemoveAccountRights */
642 static NTSTATUS cmd_lsa_remove_acct_rights(struct cli_state *cli,
643 TALLOC_CTX *mem_ctx, int argc,
647 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
652 printf("Usage: %s SID [rights...]\n", argv[0]);
656 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
657 if (!NT_STATUS_IS_OK(result))
660 result = cli_lsa_open_policy2(cli, mem_ctx, True,
661 SEC_RIGHTS_MAXIMUM_ALLOWED,
664 if (!NT_STATUS_IS_OK(result))
667 result = cli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid,
668 False, argc-2, argv+2);
670 if (!NT_STATUS_IS_OK(result))
678 /* Get a privilege value given its name */
680 static NTSTATUS cmd_lsa_lookup_priv_value(struct cli_state *cli,
681 TALLOC_CTX *mem_ctx, int argc,
685 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
689 printf("Usage: %s name\n", argv[0]);
693 result = cli_lsa_open_policy2(cli, mem_ctx, True,
694 SEC_RIGHTS_MAXIMUM_ALLOWED,
697 if (!NT_STATUS_IS_OK(result))
700 result = cli_lsa_lookup_priv_value(cli, mem_ctx, &pol, argv[1], &luid);
702 if (!NT_STATUS_IS_OK(result))
707 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
713 /* Query LSA security object */
715 static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli,
716 TALLOC_CTX *mem_ctx, int argc,
720 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
722 uint32 sec_info = 0x00000004; /* ??? */
725 printf("Usage: %s\n", argv[0]);
729 result = cli_lsa_open_policy2(cli, mem_ctx, True,
730 SEC_RIGHTS_MAXIMUM_ALLOWED,
733 if (!NT_STATUS_IS_OK(result))
736 result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
738 if (!NT_STATUS_IS_OK(result))
743 display_sec_desc(sdb->sec);
750 /* List of commands exported by this module */
752 struct cmd_set lsarpc_commands[] = {
756 { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, PI_LSARPC, "Query info policy", "" },
757 { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, PI_LSARPC, "Convert SIDs to names", "" },
758 { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, PI_LSARPC, "Convert names to SIDs", "" },
759 { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, PI_LSARPC, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
760 { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, PI_LSARPC, "Enumerate privileges", "" },
761 { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, PI_LSARPC, "Get the privilege name", "" },
762 { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" },
763 { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, PI_LSARPC, "Create a new lsa account", "" },
764 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" },
765 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" },
767 { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, PI_LSARPC, "Assign a privilege to a SID", "" },
768 { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, PI_LSARPC, "Revoke a privilege from a SID", "" },
770 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
771 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
772 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
773 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, PI_LSARPC, "Query LSA security object", "" },