git.samba.org / jra / samba / .git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Use rpccli_samr_OpenGroup() all over the place.
[jra/samba/.git] / source3 / rpcclient / cmd_samr.c
1 /* 
2    Unix SMB/CIFS implementation.
3    RPC pipe client
4
5    Copyright (C) Andrew Tridgell              1992-2000,
6    Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7    Copyright (C) Elrond                            2000,
8    Copyright (C) Tim Potter                        2000
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "rpcclient.h"
26
27 extern DOM_SID domain_sid;
28
29 /****************************************************************************
30  display sam_user_info_7 structure
31  ****************************************************************************/
32 static void display_sam_user_info_7(SAM_USER_INFO_7 *usr)
33 {
34         fstring temp;
35
36         unistr2_to_ascii(temp, &usr->uni_name, sizeof(temp));
37         printf("\tUser Name   :\t%s\n", temp);
38 }
39
40 /****************************************************************************
41  display sam_user_info_9 structure
42  ****************************************************************************/
43 static void display_sam_user_info_9(SAM_USER_INFO_9 *usr)
44 {
45         printf("\tPrimary group RID   :\tox%x\n", usr->rid_group);
46 }
47
48 /****************************************************************************
49  display sam_user_info_16 structure
50  ****************************************************************************/
51 static void display_sam_user_info_16(SAM_USER_INFO_16 *usr)
52 {
53         printf("\tAcct Flags   :\tox%x\n", usr->acb_info);
54 }
55
56 /****************************************************************************
57  display sam_user_info_21 structure
58  ****************************************************************************/
59 static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
60 {
61         fstring temp;
62
63         unistr2_to_ascii(temp, &usr->uni_user_name, sizeof(temp));
64         printf("\tUser Name   :\t%s\n", temp);
65         
66         unistr2_to_ascii(temp, &usr->uni_full_name, sizeof(temp));
67         printf("\tFull Name   :\t%s\n", temp);
68         
69         unistr2_to_ascii(temp, &usr->uni_home_dir, sizeof(temp));
70         printf("\tHome Drive  :\t%s\n", temp);
71         
72         unistr2_to_ascii(temp, &usr->uni_dir_drive, sizeof(temp));
73         printf("\tDir Drive   :\t%s\n", temp);
74         
75         unistr2_to_ascii(temp, &usr->uni_profile_path, sizeof(temp));
76         printf("\tProfile Path:\t%s\n", temp);
77         
78         unistr2_to_ascii(temp, &usr->uni_logon_script, sizeof(temp));
79         printf("\tLogon Script:\t%s\n", temp);
80         
81         unistr2_to_ascii(temp, &usr->uni_acct_desc, sizeof(temp));
82         printf("\tDescription :\t%s\n", temp);
83         
84         unistr2_to_ascii(temp, &usr->uni_workstations, sizeof(temp));
85         printf("\tWorkstations:\t%s\n", temp);
86         
87         unistr2_to_ascii(temp, &usr->uni_comment, sizeof(temp));
88         printf("\tUnknown Str :\t%s\n", temp);
89         
90         unistr2_to_ascii(temp, &usr->uni_munged_dial, sizeof(temp));
91         printf("\tRemote Dial :\t%s\n", temp);
92         
93         printf("\tLogon Time               :\t%s\n", 
94                http_timestring(nt_time_to_unix(usr->logon_time)));
95         printf("\tLogoff Time              :\t%s\n", 
96                http_timestring(nt_time_to_unix(usr->logoff_time)));
97         printf("\tKickoff Time             :\t%s\n", 
98                http_timestring(nt_time_to_unix(usr->kickoff_time)));
99         printf("\tPassword last set Time   :\t%s\n", 
100                http_timestring(nt_time_to_unix(usr->pass_last_set_time)));
101         printf("\tPassword can change Time :\t%s\n", 
102                http_timestring(nt_time_to_unix(usr->pass_can_change_time)));
103         printf("\tPassword must change Time:\t%s\n", 
104                http_timestring(nt_time_to_unix(usr->pass_must_change_time)));
105         
106         printf("\tunknown_2[0..31]...\n"); /* user passwords? */
107         
108         printf("\tuser_rid :\t0x%x\n"  , usr->user_rid ); /* User ID */
109         printf("\tgroup_rid:\t0x%x\n"  , usr->group_rid); /* Group ID */
110         printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
111         
112         printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
113         printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
114         printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
115         printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
116         
117         printf("\tpadding1[0..7]...\n");
118         
119         if (usr->ptr_logon_hrs) {
120                 printf("\tlogon_hrs[0..%d]...\n", usr->logon_hrs.len);
121         }
122 }
123
124
125 static void display_password_properties(uint32_t password_properties)
126 {
127         printf("password_properties: 0x%08x\n", password_properties);
128                 
129         if (password_properties & DOMAIN_PASSWORD_COMPLEX)
130                 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
131                         
132         if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
133                 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
134                         
135         if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
136                 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
137                         
138         if (password_properties & DOMAIN_PASSWORD_LOCKOUT_ADMINS)
139                 printf("\tDOMAIN_PASSWORD_LOCKOUT_ADMINS\n");
140                         
141         if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
142                 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
143                         
144         if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
145                 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
146 }
147
148 static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1)
149 {
150         
151         printf("Minimum password length:\t\t\t%d\n", info1->min_length_password);
152         printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history);
153         display_password_properties(info1->password_properties);
154         printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire));
155         printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage));
156 }
157
158 static void display_sam_unk_info_2(SAM_UNK_INFO_2 *info2)
159 {
160         fstring name;
161
162         unistr2_to_ascii(name, &info2->uni_domain, sizeof(name));
163         printf("Domain:\t\t%s\n", name);
164
165         unistr2_to_ascii(name, &info2->uni_server, sizeof(name));
166         printf("Server:\t\t%s\n", name);
167
168         unistr2_to_ascii(name, &info2->uni_comment, sizeof(name));
169         printf("Comment:\t%s\n", name);
170
171         printf("Total Users:\t%d\n", info2->num_domain_usrs);
172         printf("Total Groups:\t%d\n", info2->num_domain_grps);
173         printf("Total Aliases:\t%d\n", info2->num_local_grps);
174         
175         printf("Sequence No:\t%llu\n", (unsigned long long)info2->seq_num);
176
177         printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2->logout));
178
179         printf("Unknown 4:\t0x%x\n", info2->unknown_4);
180         printf("Server Role:\t%s\n", server_role_str(info2->server_role));
181         printf("Unknown 6:\t0x%x\n", info2->unknown_6);
182 }
183
184 static void display_sam_unk_info_3(SAM_UNK_INFO_3 *info3)
185 {
186         printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info3->logout));
187 }
188
189 static void display_sam_unk_info_4(SAM_UNK_INFO_4 *info4)
190 {
191         fstring name;
192
193         unistr2_to_ascii(name, &info4->uni_comment, sizeof(name));
194         printf("Comment:\t%s\n", name);
195 }
196
197 static void display_sam_unk_info_5(SAM_UNK_INFO_5 *info5)
198 {
199         fstring name;
200
201         unistr2_to_ascii(name, &info5->uni_domain, sizeof(name));
202         printf("Domain:\t\t%s\n", name);
203 }
204
205 static void display_sam_unk_info_6(SAM_UNK_INFO_6 *info6)
206 {
207         fstring name;
208
209         unistr2_to_ascii(name, &info6->uni_server, sizeof(name));
210         printf("Server:\t\t%s\n", name);
211 }
212
213 static void display_sam_unk_info_7(SAM_UNK_INFO_7 *info7)
214 {
215         printf("Server Role:\t%s\n", server_role_str(info7->server_role));
216 }
217
218 static void display_sam_unk_info_8(SAM_UNK_INFO_8 *info8)
219 {
220         printf("Sequence No:\t%llu\n", (unsigned long long)info8->seq_num);
221         printf("Domain Create Time:\t%s\n", 
222                 http_timestring(nt_time_to_unix(info8->domain_create_time)));
223 }
224
225 static void display_sam_unk_info_9(SAM_UNK_INFO_9 *info9)
226 {
227         printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown);
228 }
229
230 static void display_sam_unk_info_12(SAM_UNK_INFO_12 *info12)
231 {
232         printf("Bad password lockout duration:               %s\n", display_time(info12->duration));
233         printf("Reset Lockout after:                         %s\n", display_time(info12->reset_count));
234         printf("Lockout after bad attempts:                  %d\n", info12->bad_attempt_lockout);
235 }
236
237 static void display_sam_unk_info_13(SAM_UNK_INFO_13 *info13)
238 {
239         printf("Sequence No:\t%llu\n", (unsigned long long)info13->seq_num);
240         printf("Domain Create Time:\t%s\n", 
241                 http_timestring(nt_time_to_unix(info13->domain_create_time)));
242         printf("Unknown1:\t%d\n", info13->unknown1);
243         printf("Unknown2:\t%d\n", info13->unknown2);
244
245 }
246
247 static void display_sam_info_1(SAM_ENTRY1 *e1, SAM_STR1 *s1)
248 {
249         fstring tmp;
250
251         printf("index: 0x%x ", e1->user_idx);
252         printf("RID: 0x%x ", e1->rid_user);
253         printf("acb: 0x%x ", e1->acb_info);
254
255         unistr2_to_ascii(tmp, &s1->uni_acct_name, sizeof(tmp));
256         printf("Account: %s\t", tmp);
257
258         unistr2_to_ascii(tmp, &s1->uni_full_name, sizeof(tmp));
259         printf("Name: %s\t", tmp);
260
261         unistr2_to_ascii(tmp, &s1->uni_acct_desc, sizeof(tmp));
262         printf("Desc: %s\n", tmp);
263 }
264
265 static void display_sam_info_2(SAM_ENTRY2 *e2, SAM_STR2 *s2)
266 {
267         fstring tmp;
268
269         printf("index: 0x%x ", e2->user_idx);
270         printf("RID: 0x%x ", e2->rid_user);
271         printf("acb: 0x%x ", e2->acb_info);
272         
273         unistr2_to_ascii(tmp, &s2->uni_srv_name, sizeof(tmp));
274         printf("Account: %s\t", tmp);
275
276         unistr2_to_ascii(tmp, &s2->uni_srv_desc, sizeof(tmp));
277         printf("Name: %s\n", tmp);
278
279 }
280
281 static void display_sam_info_3(SAM_ENTRY3 *e3, SAM_STR3 *s3)
282 {
283         fstring tmp;
284
285         printf("index: 0x%x ", e3->grp_idx);
286         printf("RID: 0x%x ", e3->rid_grp);
287         printf("attr: 0x%x ", e3->attr);
288         
289         unistr2_to_ascii(tmp, &s3->uni_grp_name, sizeof(tmp));
290         printf("Account: %s\t", tmp);
291
292         unistr2_to_ascii(tmp, &s3->uni_grp_desc, sizeof(tmp));
293         printf("Name: %s\n", tmp);
294
295 }
296
297 static void display_sam_info_4(SAM_ENTRY4 *e4, SAM_STR4 *s4)
298 {
299         int i;
300
301         printf("index: %d ", e4->user_idx);
302         
303         printf("Account: ");
304         for (i=0; i<s4->acct_name.str_str_len; i++)
305                 printf("%c", s4->acct_name.buffer[i]);
306         printf("\n");
307
308 }
309
310 static void display_sam_info_5(SAM_ENTRY5 *e5, SAM_STR5 *s5)
311 {
312         int i;
313
314         printf("index: 0x%x ", e5->grp_idx);
315         
316         printf("Account: ");
317         for (i=0; i<s5->grp_name.str_str_len; i++)
318                 printf("%c", s5->grp_name.buffer[i]);
319         printf("\n");
320
321 }
322
323 /****************************************************************************
324  Try samr_connect4 first, then samr_conenct if it fails
325  ****************************************************************************/
326 static NTSTATUS try_samr_connects(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
327                                   uint32 access_mask, POLICY_HND *connect_pol)
328 {
329         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
330         
331         result = rpccli_samr_connect4(cli, mem_ctx, access_mask, connect_pol);
332         if (!NT_STATUS_IS_OK(result)) {
333                 result = rpccli_samr_connect(cli, mem_ctx, access_mask,
334                                           connect_pol);
335         }
336         return result;
337 }
338
339 /**********************************************************************
340  * Query user information 
341  */
342 static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, 
343                                     TALLOC_CTX *mem_ctx,
344                                     int argc, const char **argv) 
345 {
346         POLICY_HND connect_pol, domain_pol, user_pol;
347         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
348         uint32 info_level = 21;
349         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
350         SAM_USERINFO_CTR *user_ctr;
351         fstring server;
352         uint32 user_rid = 0;
353         
354         if ((argc < 2) || (argc > 4)) {
355                 printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
356                 return NT_STATUS_OK;
357         }
358         
359         sscanf(argv[1], "%i", &user_rid);
360         
361         if (argc > 2)
362                 sscanf(argv[2], "%i", &info_level);
363                 
364         if (argc > 3)
365                 sscanf(argv[3], "%x", &access_mask);
366         
367
368         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
369         strupper_m(server);
370         
371         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
372                                    &connect_pol);
373
374         if (!NT_STATUS_IS_OK(result))
375                 goto done;
376
377         result = rpccli_samr_OpenDomain(cli, mem_ctx,
378                                         &connect_pol,
379                                         MAXIMUM_ALLOWED_ACCESS,
380                                         &domain_sid,
381                                         &domain_pol);
382         if (!NT_STATUS_IS_OK(result))
383                 goto done;
384
385         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
386                                     access_mask,
387                                     user_rid, &user_pol);
388
389         if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
390             (user_rid == 0)) {
391
392                 /* Probably this was a user name, try lookupnames */
393                 uint32 num_rids;
394                 uint32 *rids, *types;
395                 
396                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
397                                                   1000, 1, &argv[1],
398                                                   &num_rids, &rids,
399                                                   &types);
400
401                 if (NT_STATUS_IS_OK(result)) {
402                         result = rpccli_samr_open_user(cli, mem_ctx,
403                                                        &domain_pol,
404                                                        access_mask,
405                                                        rids[0], &user_pol);
406                 }
407         }
408
409
410         if (!NT_STATUS_IS_OK(result))
411                 goto done;
412
413         ZERO_STRUCT(user_ctr);
414
415         result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol, 
416                                          info_level, &user_ctr);
417
418         if (!NT_STATUS_IS_OK(result))
419                 goto done;
420
421         switch (user_ctr->switch_value) {
422         case 7:
423                 display_sam_user_info_7(user_ctr->info.id7);
424                 break;
425         case 9:
426                 display_sam_user_info_9(user_ctr->info.id9);
427                 break;
428         case 16:
429                 display_sam_user_info_16(user_ctr->info.id16);
430                 break;
431         case 21:
432                 display_sam_user_info_21(user_ctr->info.id21);
433                 break;
434         default:
435                 printf("Unsupported infolevel: %d\n", info_level);
436                 break;
437         }
438
439         rpccli_samr_Close(cli, mem_ctx, &user_pol);
440         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
441         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
442
443 done:
444         return result;
445 }
446
447 /****************************************************************************
448  display group info
449  ****************************************************************************/
450 static void display_group_info1(GROUP_INFO1 *info1)
451 {
452         fstring temp;
453
454         unistr2_to_ascii(temp, &info1->uni_acct_name, sizeof(temp));
455         printf("\tGroup Name:\t%s\n", temp);
456         unistr2_to_ascii(temp, &info1->uni_acct_desc, sizeof(temp));
457         printf("\tDescription:\t%s\n", temp);
458         printf("\tGroup Attribute:%d\n", info1->group_attr);
459         printf("\tNum Members:%d\n", info1->num_members);
460 }
461
462 /****************************************************************************
463  display group info
464  ****************************************************************************/
465 static void display_group_info2(GROUP_INFO2 *info2)
466 {
467         fstring name;
468
469         unistr2_to_ascii(name, &info2->uni_acct_name, sizeof(name));
470         printf("\tGroup Description:%s\n", name);
471 }
472
473
474 /****************************************************************************
475  display group info
476  ****************************************************************************/
477 static void display_group_info3(GROUP_INFO3 *info3)
478 {
479         printf("\tGroup Attribute:%d\n", info3->group_attr);
480 }
481
482
483 /****************************************************************************
484  display group info
485  ****************************************************************************/
486 static void display_group_info4(GROUP_INFO4 *info4)
487 {
488         fstring desc;
489
490         unistr2_to_ascii(desc, &info4->uni_acct_desc, sizeof(desc));
491         printf("\tGroup Description:%s\n", desc);
492 }
493
494 /****************************************************************************
495  display group info
496  ****************************************************************************/
497 static void display_group_info5(GROUP_INFO5 *info5)
498 {
499         fstring temp;
500
501         unistr2_to_ascii(temp, &info5->uni_acct_name, sizeof(temp));
502         printf("\tGroup Name:\t%s\n", temp);
503         unistr2_to_ascii(temp, &info5->uni_acct_desc, sizeof(temp));
504         printf("\tDescription:\t%s\n", temp);
505         printf("\tGroup Attribute:%d\n", info5->group_attr);
506         printf("\tNum Members:%d\n", info5->num_members);
507 }
508
509 /****************************************************************************
510  display sam sync structure
511  ****************************************************************************/
512 static void display_group_info_ctr(GROUP_INFO_CTR *ctr)
513 {
514         switch (ctr->switch_value1) {
515                 case 1:
516                         display_group_info1(&ctr->group.info1);
517                         break;
518                 case 2:
519                         display_group_info2(&ctr->group.info2);
520                         break;
521                 case 3:
522                         display_group_info3(&ctr->group.info3);
523                         break;
524                 case 4:
525                         display_group_info4(&ctr->group.info4);
526                         break;
527                 case 5:
528                         display_group_info5(&ctr->group.info5);
529                         break;
530
531         }
532 }
533
534 /***********************************************************************
535  * Query group information 
536  */
537 static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli, 
538                                      TALLOC_CTX *mem_ctx,
539                                      int argc, const char **argv) 
540 {
541         POLICY_HND connect_pol, domain_pol, group_pol;
542         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
543         uint32 info_level = 1;
544         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
545         GROUP_INFO_CTR *group_ctr;
546         fstring                 server; 
547         uint32 group_rid;
548         
549         if ((argc < 2) || (argc > 4)) {
550                 printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
551                 return NT_STATUS_OK;
552         }
553
554         sscanf(argv[1], "%i", &group_rid);
555         
556         if (argc > 2)
557                 sscanf(argv[2], "%i", &info_level);
558         
559         if (argc > 3)
560                 sscanf(argv[3], "%x", &access_mask);
561
562         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
563         strupper_m(server);
564
565         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
566                                    &connect_pol);
567
568         if (!NT_STATUS_IS_OK(result))
569                 goto done;
570
571         result = rpccli_samr_OpenDomain(cli, mem_ctx,
572                                         &connect_pol,
573                                         MAXIMUM_ALLOWED_ACCESS,
574                                         &domain_sid,
575                                         &domain_pol);
576
577         if (!NT_STATUS_IS_OK(result))
578                 goto done;
579
580         result = rpccli_samr_OpenGroup(cli, mem_ctx,
581                                        &domain_pol,
582                                        access_mask,
583                                        group_rid,
584                                        &group_pol);
585
586         if (!NT_STATUS_IS_OK(result))
587                 goto done;
588
589         result = rpccli_samr_query_groupinfo(cli, mem_ctx, &group_pol, 
590                                           info_level, &group_ctr);
591         if (!NT_STATUS_IS_OK(result)) {
592                 goto done;
593         }
594
595         display_group_info_ctr(group_ctr);
596
597         rpccli_samr_Close(cli, mem_ctx, &group_pol);
598         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
599         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
600 done:
601         return result;
602 }
603
604 /* Query groups a user is a member of */
605
606 static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli, 
607                                           TALLOC_CTX *mem_ctx,
608                                           int argc, const char **argv) 
609 {
610         POLICY_HND              connect_pol, 
611                                 domain_pol, 
612                                 user_pol;
613         NTSTATUS                result = NT_STATUS_UNSUCCESSFUL;
614         uint32                  num_groups, 
615                                 user_rid;
616         uint32                  access_mask = MAXIMUM_ALLOWED_ACCESS;
617         DOM_GID                 *user_gids;
618         int                     i;
619         fstring                 server;
620         
621         if ((argc < 2) || (argc > 3)) {
622                 printf("Usage: %s rid [access mask]\n", argv[0]);
623                 return NT_STATUS_OK;
624         }
625
626         sscanf(argv[1], "%i", &user_rid);
627         
628         if (argc > 2)
629                 sscanf(argv[2], "%x", &access_mask);
630
631         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
632         strupper_m(server);
633                 
634         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
635                                    &connect_pol);
636
637         if (!NT_STATUS_IS_OK(result))
638                 goto done;
639
640         result = rpccli_samr_OpenDomain(cli, mem_ctx,
641                                         &connect_pol,
642                                         MAXIMUM_ALLOWED_ACCESS,
643                                         &domain_sid, &domain_pol);
644
645         if (!NT_STATUS_IS_OK(result))
646                 goto done;
647
648         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
649                                     access_mask,
650                                     user_rid, &user_pol);
651
652         if (!NT_STATUS_IS_OK(result))
653                 goto done;
654
655         result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol,
656                                            &num_groups, &user_gids);
657
658         if (!NT_STATUS_IS_OK(result))
659                 goto done;
660
661         for (i = 0; i < num_groups; i++) {
662                 printf("\tgroup rid:[0x%x] attr:[0x%x]\n", 
663                        user_gids[i].g_rid, user_gids[i].attr);
664         }
665
666         rpccli_samr_Close(cli, mem_ctx, &user_pol);
667         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
668         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
669  done:
670         return result;
671 }
672
673 /* Query aliases a user is a member of */
674
675 static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, 
676                                            TALLOC_CTX *mem_ctx,
677                                            int argc, const char **argv) 
678 {
679         POLICY_HND              connect_pol, domain_pol;
680         NTSTATUS                result = NT_STATUS_UNSUCCESSFUL;
681         DOM_SID                *sids;
682         size_t                     num_sids;
683         uint32                  num_aliases, *alias_rids;
684         uint32                  access_mask = MAXIMUM_ALLOWED_ACCESS;
685         int                     i;
686         fstring                 server;
687         DOM_SID2               *sid2;
688
689         if (argc < 3) {
690                 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
691                 return NT_STATUS_INVALID_PARAMETER;
692         }
693
694         sids = NULL;
695         num_sids = 0;
696
697         for (i=2; i<argc; i++) {
698                 DOM_SID tmp_sid;
699                 if (!string_to_sid(&tmp_sid, argv[i])) {
700                         printf("%s is not a legal SID\n", argv[i]);
701                         return NT_STATUS_INVALID_PARAMETER;
702                 }
703                 result = add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids);
704                 if (!NT_STATUS_IS_OK(result)) {
705                         return result;
706                 }
707         }
708
709         if (num_sids) {
710                 sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids);
711                 if (sid2 == NULL)
712                         return NT_STATUS_NO_MEMORY;
713         } else {
714                 sid2 = NULL;
715         }
716
717         for (i=0; i<num_sids; i++) {
718                 sid_copy(&sid2[i].sid, &sids[i]);
719                 sid2[i].num_auths = sid2[i].sid.num_auths;
720         }
721
722         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
723         strupper_m(server);
724                 
725         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
726                                    &connect_pol);
727
728         if (!NT_STATUS_IS_OK(result))
729                 goto done;
730
731         if (StrCaseCmp(argv[1], "domain")==0)
732                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
733                                                 &connect_pol,
734                                                 access_mask,
735                                                 &domain_sid, &domain_pol);
736         else if (StrCaseCmp(argv[1], "builtin")==0)
737                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
738                                                 &connect_pol,
739                                                 access_mask,
740                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
741                                                 &domain_pol);
742         else {
743                 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
744                 return NT_STATUS_INVALID_PARAMETER;
745         }
746
747         if (!NT_STATUS_IS_OK(result))
748                 goto done;
749
750         result = rpccli_samr_query_useraliases(cli, mem_ctx, &domain_pol,
751                                             num_sids, sid2,
752                                             &num_aliases, &alias_rids);
753
754         if (!NT_STATUS_IS_OK(result))
755                 goto done;
756
757         for (i = 0; i < num_aliases; i++) {
758                 printf("\tgroup rid:[0x%x]\n", alias_rids[i]);
759         }
760
761         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
762         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
763  done:
764         return result;
765 }
766
767 /* Query members of a group */
768
769 static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, 
770                                         TALLOC_CTX *mem_ctx,
771                                         int argc, const char **argv) 
772 {
773         POLICY_HND connect_pol, domain_pol, group_pol;
774         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
775         uint32 num_members, *group_rids, *group_attrs, group_rid;
776         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
777         int i;
778         fstring                 server;
779         unsigned int old_timeout;
780         
781         if ((argc < 2) || (argc > 3)) {
782                 printf("Usage: %s rid [access mask]\n", argv[0]);
783                 return NT_STATUS_OK;
784         }
785
786         sscanf(argv[1], "%i", &group_rid);
787         
788         if (argc > 2)
789                 sscanf(argv[2], "%x", &access_mask);
790
791         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
792         strupper_m(server);
793
794         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
795                                    &connect_pol);
796
797         if (!NT_STATUS_IS_OK(result))
798                 goto done;
799
800         result = rpccli_samr_OpenDomain(cli, mem_ctx,
801                                         &connect_pol,
802                                         MAXIMUM_ALLOWED_ACCESS,
803                                         &domain_sid,
804                                         &domain_pol);
805
806         if (!NT_STATUS_IS_OK(result))
807                 goto done;
808
809         result = rpccli_samr_OpenGroup(cli, mem_ctx,
810                                        &domain_pol,
811                                        access_mask,
812                                        group_rid,
813                                        &group_pol);
814
815         if (!NT_STATUS_IS_OK(result))
816                 goto done;
817
818         /* Make sure to wait for our DC's reply */
819         old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
820
821         result = rpccli_samr_query_groupmem(cli, mem_ctx, &group_pol,
822                                          &num_members, &group_rids,
823                                          &group_attrs);
824
825         cli_set_timeout(cli->cli, old_timeout);
826
827         if (!NT_STATUS_IS_OK(result))
828                 goto done;
829
830         for (i = 0; i < num_members; i++) {
831                 printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i],
832                        group_attrs[i]);
833         }
834
835         rpccli_samr_Close(cli, mem_ctx, &group_pol);
836         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
837         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
838  done:
839         return result;
840 }
841
842 /* Enumerate domain users */
843
844 static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli, 
845                                         TALLOC_CTX *mem_ctx,
846                                         int argc, const char **argv) 
847 {
848         POLICY_HND connect_pol, domain_pol;
849         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
850         uint32 start_idx, size, num_dom_users, i;
851         char **dom_users;
852         uint32 *dom_rids;
853         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
854         uint32 acb_mask = ACB_NORMAL;
855         bool got_connect_pol = False, got_domain_pol = False;
856
857         if ((argc < 1) || (argc > 3)) {
858                 printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
859                 return NT_STATUS_OK;
860         }
861         
862         if (argc > 1)
863                 sscanf(argv[1], "%x", &access_mask);
864
865         if (argc > 2)
866                 sscanf(argv[2], "%x", &acb_mask);
867
868         /* Get sam policy handle */
869
870         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
871                                    &connect_pol);
872
873         if (!NT_STATUS_IS_OK(result))
874                 goto done;
875
876         got_connect_pol = True;
877
878         /* Get domain policy handle */
879
880         result = rpccli_samr_OpenDomain(cli, mem_ctx,
881                                         &connect_pol,
882                                         access_mask,
883                                         &domain_sid,
884                                         &domain_pol);
885
886         if (!NT_STATUS_IS_OK(result))
887                 goto done;
888
889         got_domain_pol = True;
890
891         /* Enumerate domain users */
892
893         start_idx = 0;
894         size = 0xffff;
895
896         do {
897                 result = rpccli_samr_enum_dom_users(
898                         cli, mem_ctx, &domain_pol, &start_idx, acb_mask,
899                         size, &dom_users, &dom_rids, &num_dom_users);
900
901                 if (NT_STATUS_IS_OK(result) ||
902                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
903
904                         for (i = 0; i < num_dom_users; i++)
905                                printf("user:[%s] rid:[0x%x]\n", 
906                                        dom_users[i], dom_rids[i]);
907                 }
908
909         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
910
911  done:
912         if (got_domain_pol)
913                 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
914
915         if (got_connect_pol)
916                 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
917
918         return result;
919 }
920
921 /* Enumerate domain groups */
922
923 static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli, 
924                                          TALLOC_CTX *mem_ctx,
925                                          int argc, const char **argv) 
926 {
927         POLICY_HND connect_pol, domain_pol;
928         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
929         uint32 start_idx, size, num_dom_groups, i;
930         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
931         struct acct_info *dom_groups;
932         bool got_connect_pol = False, got_domain_pol = False;
933
934         if ((argc < 1) || (argc > 2)) {
935                 printf("Usage: %s [access_mask]\n", argv[0]);
936                 return NT_STATUS_OK;
937         }
938         
939         if (argc > 1)
940                 sscanf(argv[1], "%x", &access_mask);
941
942         /* Get sam policy handle */
943
944         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
945                                    &connect_pol);
946
947         if (!NT_STATUS_IS_OK(result))
948                 goto done;
949
950         got_connect_pol = True;
951
952         /* Get domain policy handle */
953
954         result = rpccli_samr_OpenDomain(cli, mem_ctx,
955                                         &connect_pol,
956                                         access_mask,
957                                         &domain_sid,
958                                         &domain_pol);
959
960         if (!NT_STATUS_IS_OK(result))
961                 goto done;
962
963         got_domain_pol = True;
964
965         /* Enumerate domain groups */
966
967         start_idx = 0;
968         size = 0xffff;
969
970         do {
971                 result = rpccli_samr_enum_dom_groups(
972                         cli, mem_ctx, &domain_pol, &start_idx, size,
973                         &dom_groups, &num_dom_groups);
974
975                 if (NT_STATUS_IS_OK(result) ||
976                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
977
978                         for (i = 0; i < num_dom_groups; i++)
979                                 printf("group:[%s] rid:[0x%x]\n", 
980                                        dom_groups[i].acct_name,
981                                        dom_groups[i].rid);
982                 }
983
984         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
985
986  done:
987         if (got_domain_pol)
988                 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
989
990         if (got_connect_pol)
991                 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
992
993         return result;
994 }
995
996 /* Enumerate alias groups */
997
998 static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, 
999                                          TALLOC_CTX *mem_ctx,
1000                                          int argc, const char **argv) 
1001 {
1002         POLICY_HND connect_pol, domain_pol;
1003         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1004         uint32 start_idx, size, num_als_groups, i;
1005         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1006         struct acct_info *als_groups;
1007         bool got_connect_pol = False, got_domain_pol = False;
1008
1009         if ((argc < 2) || (argc > 3)) {
1010                 printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
1011                 return NT_STATUS_OK;
1012         }
1013         
1014         if (argc > 2)
1015                 sscanf(argv[2], "%x", &access_mask);
1016
1017         /* Get sam policy handle */
1018
1019         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1020                                    &connect_pol);
1021
1022         if (!NT_STATUS_IS_OK(result))
1023                 goto done;
1024
1025         got_connect_pol = True;
1026
1027         /* Get domain policy handle */
1028
1029         if (StrCaseCmp(argv[1], "domain")==0)
1030                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1031                                                 &connect_pol,
1032                                                 access_mask,
1033                                                 &domain_sid,
1034                                                 &domain_pol);
1035         else if (StrCaseCmp(argv[1], "builtin")==0)
1036                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1037                                                 &connect_pol,
1038                                                 access_mask,
1039                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1040                                                 &domain_pol);
1041         else
1042                 return NT_STATUS_OK;
1043
1044         if (!NT_STATUS_IS_OK(result))
1045                 goto done;
1046
1047         got_domain_pol = True;
1048
1049         /* Enumerate alias groups */
1050
1051         start_idx = 0;
1052         size = 0xffff;          /* Number of groups to retrieve */
1053
1054         do {
1055                 result = rpccli_samr_enum_als_groups(
1056                         cli, mem_ctx, &domain_pol, &start_idx, size,
1057                         &als_groups, &num_als_groups);
1058
1059                 if (NT_STATUS_IS_OK(result) ||
1060                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1061
1062                         for (i = 0; i < num_als_groups; i++)
1063                                 printf("group:[%s] rid:[0x%x]\n", 
1064                                        als_groups[i].acct_name,
1065                                        als_groups[i].rid);
1066                 }
1067         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1068
1069  done:
1070         if (got_domain_pol)
1071                 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1072         
1073         if (got_connect_pol)
1074                 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1075         
1076         return result;
1077 }
1078
1079 /* Query alias membership */
1080
1081 static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, 
1082                                         TALLOC_CTX *mem_ctx,
1083                                         int argc, const char **argv) 
1084 {
1085         POLICY_HND connect_pol, domain_pol, alias_pol;
1086         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1087         uint32 alias_rid, num_members, i;
1088         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1089         DOM_SID *alias_sids;
1090
1091         if ((argc < 3) || (argc > 4)) {
1092                 printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
1093                 return NT_STATUS_OK;
1094         }
1095
1096         sscanf(argv[2], "%i", &alias_rid);
1097         
1098         if (argc > 3)
1099                 sscanf(argv[3], "%x", &access_mask);
1100
1101         /* Open SAMR handle */
1102
1103         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1104                                    &connect_pol);
1105
1106         if (!NT_STATUS_IS_OK(result))
1107                 goto done;
1108
1109         /* Open handle on domain */
1110         
1111         if (StrCaseCmp(argv[1], "domain")==0)
1112                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1113                                                 &connect_pol,
1114                                                 MAXIMUM_ALLOWED_ACCESS,
1115                                                 &domain_sid,
1116                                                 &domain_pol);
1117         else if (StrCaseCmp(argv[1], "builtin")==0)
1118                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1119                                                 &connect_pol,
1120                                                 MAXIMUM_ALLOWED_ACCESS,
1121                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1122                                                 &domain_pol);
1123         else
1124                 return NT_STATUS_OK;
1125
1126         if (!NT_STATUS_IS_OK(result))
1127                 goto done;
1128
1129         /* Open handle on alias */
1130
1131         result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1132                                      access_mask,
1133                                      alias_rid, &alias_pol);
1134         if (!NT_STATUS_IS_OK(result))
1135                 goto done;
1136
1137         result = rpccli_samr_query_aliasmem(cli, mem_ctx, &alias_pol,
1138                                          &num_members, &alias_sids);
1139
1140         if (!NT_STATUS_IS_OK(result))
1141                 goto done;
1142
1143         for (i = 0; i < num_members; i++) {
1144                 fstring sid_str;
1145
1146                 sid_to_fstring(sid_str, &alias_sids[i]);
1147                 printf("\tsid:[%s]\n", sid_str);
1148         }
1149
1150         rpccli_samr_Close(cli, mem_ctx, &alias_pol);
1151         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1152         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1153  done:
1154         return result;
1155 }
1156
1157 /* Query delete an alias membership */
1158
1159 static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, 
1160                                       TALLOC_CTX *mem_ctx,
1161                                       int argc, const char **argv) 
1162 {
1163         POLICY_HND connect_pol, domain_pol, alias_pol;
1164         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1165         uint32 alias_rid;
1166         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1167
1168         if (argc != 3) {
1169                 printf("Usage: %s builtin|domain [rid|name]\n", argv[0]);
1170                 return NT_STATUS_OK;
1171         }
1172
1173         alias_rid = strtoul(argv[2], NULL, 10);
1174         
1175         /* Open SAMR handle */
1176
1177         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1178                                    &connect_pol);
1179
1180         if (!NT_STATUS_IS_OK(result))
1181                 goto done;
1182
1183         /* Open handle on domain */
1184         
1185         if (StrCaseCmp(argv[1], "domain")==0)
1186                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1187                                                 &connect_pol,
1188                                                 MAXIMUM_ALLOWED_ACCESS,
1189                                                 &domain_sid,
1190                                                 &domain_pol);
1191         else if (StrCaseCmp(argv[1], "builtin")==0)
1192                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1193                                                 &connect_pol,
1194                                                 MAXIMUM_ALLOWED_ACCESS,
1195                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1196                                                 &domain_pol);
1197         else
1198                 return NT_STATUS_INVALID_PARAMETER;
1199
1200         if (!NT_STATUS_IS_OK(result))
1201                 goto done;
1202
1203         /* Open handle on alias */
1204
1205         result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1206                                      access_mask,
1207                                      alias_rid, &alias_pol);
1208         if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
1209                 /* Probably this was a user name, try lookupnames */
1210                 uint32 num_rids;
1211                 uint32 *rids, *types;
1212                 
1213                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1214                                                   1000, 1, &argv[2],
1215                                                   &num_rids, &rids,
1216                                                   &types);
1217
1218                 if (NT_STATUS_IS_OK(result)) {
1219                         result = rpccli_samr_open_alias(cli, mem_ctx,
1220                                                        &domain_pol,
1221                                                        access_mask,
1222                                                        rids[0], &alias_pol);
1223                 }
1224         }
1225
1226         result = rpccli_samr_DeleteDomAlias(cli, mem_ctx,
1227                                             &alias_pol);
1228
1229         if (!NT_STATUS_IS_OK(result))
1230                 goto done;
1231
1232         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1233         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1234  done:
1235         return result;
1236 }
1237
1238 /* Query display info */
1239
1240 static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli, 
1241                                         TALLOC_CTX *mem_ctx,
1242                                         int argc, const char **argv) 
1243 {
1244         POLICY_HND connect_pol, domain_pol;
1245         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1246         uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i;
1247         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1248         uint32 info_level = 1;
1249         SAM_DISPINFO_CTR ctr;
1250         SAM_DISPINFO_1 info1;
1251         SAM_DISPINFO_2 info2;
1252         SAM_DISPINFO_3 info3;
1253         SAM_DISPINFO_4 info4;
1254         SAM_DISPINFO_5 info5;
1255         int loop_count = 0;
1256         bool got_params = False; /* Use get_query_dispinfo_params() or not? */
1257
1258         if (argc > 6) {
1259                 printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1260                 return NT_STATUS_OK;
1261         }
1262
1263         if (argc >= 2)
1264                 sscanf(argv[1], "%i", &info_level);
1265         
1266         if (argc >= 3)
1267                 sscanf(argv[2], "%i", &start_idx);
1268         
1269         if (argc >= 4) {
1270                 sscanf(argv[3], "%i", &max_entries);
1271                 got_params = True;
1272         }
1273         
1274         if (argc >= 5) {
1275                 sscanf(argv[4], "%i", &max_size);
1276                 got_params = True;
1277         }
1278         
1279         if (argc >= 6)
1280                 sscanf(argv[5], "%x", &access_mask);
1281
1282         /* Get sam policy handle */
1283
1284         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1285                                    &connect_pol);
1286
1287         if (!NT_STATUS_IS_OK(result))
1288                 goto done;
1289
1290         /* Get domain policy handle */
1291
1292         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1293                                         &connect_pol,
1294                                         access_mask,
1295                                         &domain_sid,
1296                                         &domain_pol);
1297
1298         if (!NT_STATUS_IS_OK(result))
1299                 goto done;
1300
1301         /* Query display info */
1302
1303         ZERO_STRUCT(ctr);
1304         ZERO_STRUCT(info1);
1305         
1306         switch (info_level) {
1307         case 1:
1308                 ZERO_STRUCT(info1);
1309                 ctr.sam.info1 = &info1;
1310                 break;
1311         case 2:
1312                 ZERO_STRUCT(info2);
1313                 ctr.sam.info2 = &info2;
1314                 break;
1315         case 3:
1316                 ZERO_STRUCT(info3);
1317                 ctr.sam.info3 = &info3;
1318                 break;
1319         case 4:
1320                 ZERO_STRUCT(info4);
1321                 ctr.sam.info4 = &info4;
1322                 break;
1323         case 5:
1324                 ZERO_STRUCT(info5);
1325                 ctr.sam.info5 = &info5;
1326                 break;
1327         }
1328
1329
1330         do {
1331
1332                 if (!got_params)
1333                         get_query_dispinfo_params(
1334                                 loop_count, &max_entries, &max_size);
1335                 
1336                 result = rpccli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
1337                                                  &start_idx, info_level,
1338                                                  &num_entries, max_entries, 
1339                                                  max_size, &ctr);
1340
1341                 loop_count++;
1342
1343                 if (NT_STATUS_IS_ERR(result))
1344                         break;
1345
1346                 if (num_entries == 0) 
1347                         break;
1348
1349                 for (i = 0; i < num_entries; i++) {
1350                         switch (info_level) {
1351                         case 1:
1352                                 display_sam_info_1(&ctr.sam.info1->sam[i], &ctr.sam.info1->str[i]);
1353                                 break;
1354                         case 2:
1355                                 display_sam_info_2(&ctr.sam.info2->sam[i], &ctr.sam.info2->str[i]);
1356                                 break;
1357                         case 3:
1358                                 display_sam_info_3(&ctr.sam.info3->sam[i], &ctr.sam.info3->str[i]);
1359                                 break;
1360                         case 4:
1361                                 display_sam_info_4(&ctr.sam.info4->sam[i], &ctr.sam.info4->str[i]);
1362                                 break;
1363                         case 5:
1364                                 display_sam_info_5(&ctr.sam.info5->sam[i], &ctr.sam.info5->str[i]);
1365                                 break;
1366                         }
1367                 }
1368         } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1369
1370         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1371         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1372  done:
1373         return result;
1374 }
1375
1376 /* Query domain info */
1377
1378 static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, 
1379                                        TALLOC_CTX *mem_ctx,
1380                                        int argc, const char **argv) 
1381 {
1382         POLICY_HND connect_pol, domain_pol;
1383         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1384         uint32 switch_level = 2;
1385         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1386         SAM_UNK_CTR ctr;
1387
1388         if (argc > 3) {
1389                 printf("Usage: %s [info level] [access mask]\n", argv[0]);
1390                 return NT_STATUS_OK;
1391         }
1392
1393         if (argc > 1)
1394                 sscanf(argv[1], "%i", &switch_level);
1395         
1396         if (argc > 2)
1397                 sscanf(argv[2], "%x", &access_mask);
1398
1399         /* Get sam policy handle */
1400
1401         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1402                                    &connect_pol);
1403
1404         if (!NT_STATUS_IS_OK(result))
1405                 goto done;
1406
1407         /* Get domain policy handle */
1408
1409         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1410                                         &connect_pol,
1411                                         access_mask,
1412                                         &domain_sid,
1413                                         &domain_pol);
1414
1415         if (!NT_STATUS_IS_OK(result))
1416                 goto done;
1417
1418         /* Query domain info */
1419
1420         result = rpccli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
1421                                          switch_level, &ctr);
1422
1423         if (!NT_STATUS_IS_OK(result))
1424                 goto done;
1425
1426         /* Display domain info */
1427
1428         switch (switch_level) {
1429         case 1:
1430                 display_sam_unk_info_1(&ctr.info.inf1);
1431                 break;
1432         case 2:
1433                 display_sam_unk_info_2(&ctr.info.inf2);
1434                 break;
1435         case 3:
1436                 display_sam_unk_info_3(&ctr.info.inf3);
1437                 break;
1438         case 4:
1439                 display_sam_unk_info_4(&ctr.info.inf4);
1440                 break;
1441         case 5:
1442                 display_sam_unk_info_5(&ctr.info.inf5);
1443                 break;
1444         case 6:
1445                 display_sam_unk_info_6(&ctr.info.inf6);
1446                 break;
1447         case 7:
1448                 display_sam_unk_info_7(&ctr.info.inf7);
1449                 break;
1450         case 8:
1451                 display_sam_unk_info_8(&ctr.info.inf8);
1452                 break;
1453         case 9:
1454                 display_sam_unk_info_9(&ctr.info.inf9);
1455                 break;
1456         case 12:
1457                 display_sam_unk_info_12(&ctr.info.inf12);
1458                 break;
1459         case 13:
1460                 display_sam_unk_info_13(&ctr.info.inf13);
1461                 break;
1462
1463         default:
1464                 printf("cannot display domain info for switch value %d\n",
1465                        switch_level);
1466                 break;
1467         }
1468
1469  done:
1470
1471         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1472         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1473         return result;
1474 }
1475
1476 /* Create domain user */
1477
1478 static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, 
1479                                          TALLOC_CTX *mem_ctx,
1480                                          int argc, const char **argv) 
1481 {
1482         POLICY_HND connect_pol, domain_pol, user_pol;
1483         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1484         const char *acct_name;
1485         uint32 acb_info;
1486         uint32 acct_flags, user_rid;
1487         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1488
1489         if ((argc < 2) || (argc > 3)) {
1490                 printf("Usage: %s username [access mask]\n", argv[0]);
1491                 return NT_STATUS_OK;
1492         }
1493
1494         acct_name = argv[1];
1495
1496         if (argc > 2)
1497                 sscanf(argv[2], "%x", &access_mask);
1498
1499         /* Get sam policy handle */
1500
1501         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1502                                    &connect_pol);
1503
1504         if (!NT_STATUS_IS_OK(result))
1505                 goto done;
1506
1507         /* Get domain policy handle */
1508
1509         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1510                                         &connect_pol,
1511                                         access_mask,
1512                                         &domain_sid,
1513                                         &domain_pol);
1514
1515         if (!NT_STATUS_IS_OK(result))
1516                 goto done;
1517
1518         /* Create domain user */
1519
1520         acb_info = ACB_NORMAL;
1521         acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
1522                      SEC_STD_WRITE_DAC | SEC_STD_DELETE |
1523                      SAMR_USER_ACCESS_SET_PASSWORD |
1524                      SAMR_USER_ACCESS_GET_ATTRIBUTES |
1525                      SAMR_USER_ACCESS_SET_ATTRIBUTES;
1526
1527         result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1528                                           acct_name, acb_info, acct_flags,
1529                                           &user_pol, &user_rid);
1530
1531         if (!NT_STATUS_IS_OK(result))
1532                 goto done;
1533
1534         result = rpccli_samr_Close(cli, mem_ctx, &user_pol);
1535         if (!NT_STATUS_IS_OK(result)) goto done;
1536
1537         result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1538         if (!NT_STATUS_IS_OK(result)) goto done;
1539
1540         result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1541         if (!NT_STATUS_IS_OK(result)) goto done;
1542
1543  done:
1544         return result;
1545 }
1546
1547 /* Create domain group */
1548
1549 static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, 
1550                                           TALLOC_CTX *mem_ctx,
1551                                           int argc, const char **argv) 
1552 {
1553         POLICY_HND connect_pol, domain_pol, group_pol;
1554         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1555         const char *grp_name;
1556         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1557
1558         if ((argc < 2) || (argc > 3)) {
1559                 printf("Usage: %s groupname [access mask]\n", argv[0]);
1560                 return NT_STATUS_OK;
1561         }
1562
1563         grp_name = argv[1];
1564         
1565         if (argc > 2)
1566                 sscanf(argv[2], "%x", &access_mask);
1567
1568         /* Get sam policy handle */
1569
1570         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1571                                    &connect_pol);
1572
1573         if (!NT_STATUS_IS_OK(result))
1574                 goto done;
1575
1576         /* Get domain policy handle */
1577
1578         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1579                                         &connect_pol,
1580                                         access_mask,
1581                                         &domain_sid,
1582                                         &domain_pol);
1583
1584         if (!NT_STATUS_IS_OK(result))
1585                 goto done;
1586
1587         /* Create domain user */
1588
1589         result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol,
1590                                            grp_name, MAXIMUM_ALLOWED_ACCESS,
1591                                            &group_pol);
1592
1593         if (!NT_STATUS_IS_OK(result))
1594                 goto done;
1595
1596         result = rpccli_samr_Close(cli, mem_ctx, &group_pol);
1597         if (!NT_STATUS_IS_OK(result)) goto done;
1598
1599         result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1600         if (!NT_STATUS_IS_OK(result)) goto done;
1601
1602         result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1603         if (!NT_STATUS_IS_OK(result)) goto done;
1604
1605  done:
1606         return result;
1607 }
1608
1609 /* Create domain alias */
1610
1611 static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, 
1612                                           TALLOC_CTX *mem_ctx,
1613                                           int argc, const char **argv) 
1614 {
1615         POLICY_HND connect_pol, domain_pol, alias_pol;
1616         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1617         const char *alias_name;
1618         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1619
1620         if ((argc < 2) || (argc > 3)) {
1621                 printf("Usage: %s aliasname [access mask]\n", argv[0]);
1622                 return NT_STATUS_OK;
1623         }
1624
1625         alias_name = argv[1];
1626         
1627         if (argc > 2)
1628                 sscanf(argv[2], "%x", &access_mask);
1629
1630         /* Get sam policy handle */
1631
1632         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1633                                    &connect_pol);
1634
1635         if (!NT_STATUS_IS_OK(result))
1636                 goto done;
1637
1638         /* Get domain policy handle */
1639
1640         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1641                                         &connect_pol,
1642                                         access_mask,
1643                                         &domain_sid,
1644                                         &domain_pol);
1645
1646         if (!NT_STATUS_IS_OK(result))
1647                 goto done;
1648
1649         /* Create domain user */
1650
1651         result = rpccli_samr_create_dom_alias(cli, mem_ctx, &domain_pol,
1652                                               alias_name, &alias_pol);
1653
1654         if (!NT_STATUS_IS_OK(result))
1655                 goto done;
1656
1657         result = rpccli_samr_Close(cli, mem_ctx, &alias_pol);
1658         if (!NT_STATUS_IS_OK(result)) goto done;
1659
1660         result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1661         if (!NT_STATUS_IS_OK(result)) goto done;
1662
1663         result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1664         if (!NT_STATUS_IS_OK(result)) goto done;
1665
1666  done:
1667         return result;
1668 }
1669
1670 /* Lookup sam names */
1671
1672 static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, 
1673                                       TALLOC_CTX *mem_ctx,
1674                                       int argc, const char **argv) 
1675 {
1676         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1677         POLICY_HND connect_pol, domain_pol;
1678         uint32 flags = 0x000003e8; /* Unknown */
1679         uint32 num_rids, num_names, *name_types, *rids;
1680         const char **names;
1681         int i;
1682
1683         if (argc < 3) {
1684                 printf("Usage: %s  domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
1685                 printf("check on the domain SID: S-1-5-21-x-y-z\n");
1686                 printf("or check on the builtin SID: S-1-5-32\n");
1687                 return NT_STATUS_OK;
1688         }
1689
1690         /* Get sam policy and domain handles */
1691
1692         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1693                                    &connect_pol);
1694
1695         if (!NT_STATUS_IS_OK(result))
1696                 goto done;
1697
1698         if (StrCaseCmp(argv[1], "domain")==0)
1699                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1700                                                 &connect_pol,
1701                                                 MAXIMUM_ALLOWED_ACCESS,
1702                                                 &domain_sid,
1703                                                 &domain_pol);
1704         else if (StrCaseCmp(argv[1], "builtin")==0)
1705                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1706                                                 &connect_pol,
1707                                                 MAXIMUM_ALLOWED_ACCESS,
1708                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1709                                                 &domain_pol);
1710         else
1711                 return NT_STATUS_OK;
1712
1713         if (!NT_STATUS_IS_OK(result))
1714                 goto done;
1715
1716         /* Look up names */
1717
1718         num_names = argc - 2;
1719
1720         if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
1721                 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1722                 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1723                 result = NT_STATUS_NO_MEMORY;
1724                 goto done;
1725         }
1726
1727         for (i = 0; i < num_names; i++)
1728                 names[i] = argv[i + 2];
1729
1730         result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1731                                        flags, num_names, names,
1732                                        &num_rids, &rids, &name_types);
1733
1734         if (!NT_STATUS_IS_OK(result))
1735                 goto done;
1736
1737         /* Display results */
1738
1739         for (i = 0; i < num_names; i++)
1740                 printf("name %s: 0x%x (%d)\n", names[i], rids[i], 
1741                        name_types[i]);
1742
1743         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1744         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1745  done:
1746         return result;
1747 }
1748
1749 /* Lookup sam rids */
1750
1751 static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, 
1752                                      TALLOC_CTX *mem_ctx,
1753                                      int argc, const char **argv) 
1754 {
1755         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1756         POLICY_HND connect_pol, domain_pol;
1757         uint32 num_rids, num_names, *rids, *name_types;
1758         char **names;
1759         int i;
1760
1761         if (argc < 3) {
1762                 printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
1763                 return NT_STATUS_OK;
1764         }
1765
1766         /* Get sam policy and domain handles */
1767
1768         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1769                                    &connect_pol);
1770
1771         if (!NT_STATUS_IS_OK(result))
1772                 goto done;
1773
1774         if (StrCaseCmp(argv[1], "domain")==0)
1775                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1776                                                 &connect_pol,
1777                                                 MAXIMUM_ALLOWED_ACCESS,
1778                                                 &domain_sid,
1779                                                 &domain_pol);
1780         else if (StrCaseCmp(argv[1], "builtin")==0)
1781                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
1782                                                 &connect_pol,
1783                                                 MAXIMUM_ALLOWED_ACCESS,
1784                                                 CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
1785                                                 &domain_pol);
1786         else
1787                 return NT_STATUS_OK;
1788
1789         if (!NT_STATUS_IS_OK(result))
1790                 goto done;
1791
1792         /* Look up rids */
1793
1794         num_rids = argc - 2;
1795
1796         if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
1797                 rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1798                 rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1799                 result = NT_STATUS_NO_MEMORY;
1800                 goto done;
1801         }
1802
1803         for (i = 0; i < argc - 2; i++)
1804                 sscanf(argv[i + 2], "%i", &rids[i]);
1805
1806         result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
1807                                       &num_names, &names, &name_types);
1808
1809         if (!NT_STATUS_IS_OK(result) &&
1810             !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1811                 goto done;
1812
1813         /* Display results */
1814
1815         for (i = 0; i < num_names; i++)
1816                 printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]);
1817
1818         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1819         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1820  done:
1821         return result;
1822 }
1823
1824 /* Delete domain group */
1825
1826 static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, 
1827                                          TALLOC_CTX *mem_ctx,
1828                                          int argc, const char **argv) 
1829 {
1830         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1831         POLICY_HND connect_pol, domain_pol, group_pol;
1832         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1833
1834         if ((argc < 2) || (argc > 3)) {
1835                 printf("Usage: %s groupname\n", argv[0]);
1836                 return NT_STATUS_OK;
1837         }
1838         
1839         if (argc > 2)
1840                 sscanf(argv[2], "%x", &access_mask);
1841
1842         /* Get sam policy and domain handles */
1843
1844         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1845                                    &connect_pol);
1846
1847         if (!NT_STATUS_IS_OK(result))
1848                 goto done;
1849
1850         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1851                                         &connect_pol,
1852                                         MAXIMUM_ALLOWED_ACCESS,
1853                                         &domain_sid,
1854                                         &domain_pol);
1855
1856         if (!NT_STATUS_IS_OK(result))
1857                 goto done;
1858
1859         /* Get handle on group */
1860
1861         {
1862                 uint32 *group_rids, num_rids, *name_types;
1863                 uint32 flags = 0x000003e8; /* Unknown */
1864
1865                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1866                                                flags, 1, (const char **)&argv[1],
1867                                                &num_rids, &group_rids,
1868                                                &name_types);
1869
1870                 if (!NT_STATUS_IS_OK(result))
1871                         goto done;
1872
1873                 result = rpccli_samr_OpenGroup(cli, mem_ctx,
1874                                                &domain_pol,
1875                                                access_mask,
1876                                                group_rids[0],
1877                                                &group_pol);
1878
1879                 if (!NT_STATUS_IS_OK(result))
1880                         goto done;
1881         }
1882
1883         /* Delete group */
1884
1885         result = rpccli_samr_DeleteDomainGroup(cli, mem_ctx,
1886                                                &group_pol);
1887
1888         if (!NT_STATUS_IS_OK(result))
1889                 goto done;
1890
1891         /* Display results */
1892
1893         rpccli_samr_Close(cli, mem_ctx, &group_pol);
1894         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1895         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1896
1897  done:
1898         return result;
1899 }
1900
1901 /* Delete domain user */
1902
1903 static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, 
1904                                          TALLOC_CTX *mem_ctx,
1905                                          int argc, const char **argv) 
1906 {
1907         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1908         POLICY_HND connect_pol, domain_pol, user_pol;
1909         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1910
1911         if ((argc < 2) || (argc > 3)) {
1912                 printf("Usage: %s username\n", argv[0]);
1913                 return NT_STATUS_OK;
1914         }
1915         
1916         if (argc > 2)
1917                 sscanf(argv[2], "%x", &access_mask);
1918
1919         /* Get sam policy and domain handles */
1920
1921         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1922                                    &connect_pol);
1923
1924         if (!NT_STATUS_IS_OK(result))
1925                 goto done;
1926
1927         result = rpccli_samr_OpenDomain(cli, mem_ctx,
1928                                         &connect_pol,
1929                                         MAXIMUM_ALLOWED_ACCESS,
1930                                         &domain_sid,
1931                                         &domain_pol);
1932
1933         if (!NT_STATUS_IS_OK(result))
1934                 goto done;
1935
1936         /* Get handle on user */
1937
1938         {
1939                 uint32 *user_rids, num_rids, *name_types;
1940                 uint32 flags = 0x000003e8; /* Unknown */
1941
1942                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1943                                                flags, 1, (const char **)&argv[1],
1944                                                &num_rids, &user_rids,
1945                                                &name_types);
1946
1947                 if (!NT_STATUS_IS_OK(result))
1948                         goto done;
1949
1950                 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1951                                             access_mask,
1952                                             user_rids[0], &user_pol);
1953
1954                 if (!NT_STATUS_IS_OK(result))
1955                         goto done;
1956         }
1957
1958         /* Delete user */
1959
1960         result = rpccli_samr_DeleteUser(cli, mem_ctx,
1961                                         &user_pol);
1962
1963         if (!NT_STATUS_IS_OK(result))
1964                 goto done;
1965
1966         /* Display results */
1967
1968         rpccli_samr_Close(cli, mem_ctx, &user_pol);
1969         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
1970         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
1971
1972  done:
1973         return result;
1974 }
1975
1976 /**********************************************************************
1977  * Query user security object 
1978  */
1979 static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, 
1980                                     TALLOC_CTX *mem_ctx,
1981                                     int argc, const char **argv) 
1982 {
1983         POLICY_HND connect_pol, domain_pol, user_pol, *pol;
1984         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1985         uint32 sec_info = DACL_SECURITY_INFORMATION;
1986         fstring server;
1987         uint32 user_rid = 0;
1988         TALLOC_CTX *ctx = NULL;
1989         SEC_DESC_BUF *sec_desc_buf=NULL;
1990         bool domain = False;
1991
1992         ctx=talloc_init("cmd_samr_query_sec_obj");
1993         
1994         if ((argc < 1) || (argc > 3)) {
1995                 printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]);
1996                 printf("\tSpecify rid for security on user, -d for security on domain\n");
1997                 talloc_destroy(ctx);
1998                 return NT_STATUS_OK;
1999         }
2000         
2001         if (argc > 1) {
2002                 if (strcmp(argv[1], "-d") == 0)
2003                         domain = True;
2004                 else
2005                         sscanf(argv[1], "%i", &user_rid);
2006         }
2007
2008         if (argc == 3) {
2009                 sec_info = atoi(argv[2]);
2010         }
2011         
2012         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
2013         strupper_m(server);
2014         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2015                                    &connect_pol);
2016
2017         if (!NT_STATUS_IS_OK(result))
2018                 goto done;
2019
2020         if (domain || user_rid)
2021                 result = rpccli_samr_OpenDomain(cli, mem_ctx,
2022                                                 &connect_pol,
2023                                                 MAXIMUM_ALLOWED_ACCESS,
2024                                                 &domain_sid,
2025                                                 &domain_pol);
2026
2027         if (!NT_STATUS_IS_OK(result))
2028                 goto done;
2029
2030         if (user_rid)
2031                 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
2032                                             MAXIMUM_ALLOWED_ACCESS,
2033                                             user_rid, &user_pol);
2034
2035         if (!NT_STATUS_IS_OK(result))
2036                 goto done;
2037
2038         /* Pick which query pol to use */
2039
2040         pol = &connect_pol;
2041
2042         if (domain)
2043                 pol = &domain_pol;
2044
2045         if (user_rid)
2046                 pol = &user_pol;
2047
2048         /* Query SAM security object */
2049
2050         result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx, 
2051                                         &sec_desc_buf);
2052
2053         if (!NT_STATUS_IS_OK(result))
2054                 goto done;
2055
2056         display_sec_desc(sec_desc_buf->sd);
2057
2058         rpccli_samr_Close(cli, mem_ctx, &user_pol);
2059         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2060         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2061 done:
2062         talloc_destroy(ctx);
2063         return result;
2064 }
2065
2066 static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, 
2067                                            TALLOC_CTX *mem_ctx,
2068                                            int argc, const char **argv) 
2069 {
2070         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2071         POLICY_HND connect_pol, domain_pol, user_pol;
2072         struct samr_PwInfo info;
2073         uint32_t rid;
2074
2075         if (argc != 2) {
2076                 printf("Usage: %s rid\n", argv[0]);
2077                 return NT_STATUS_OK;
2078         }
2079
2080         sscanf(argv[1], "%i", &rid);
2081
2082         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2083                                    &connect_pol);
2084
2085         if (!NT_STATUS_IS_OK(result)) {
2086                 goto done;
2087         }
2088
2089         result = rpccli_samr_OpenDomain(cli, mem_ctx,
2090                                         &connect_pol,
2091                                         MAXIMUM_ALLOWED_ACCESS,
2092                                         &domain_sid,
2093                                         &domain_pol);
2094
2095         if (!NT_STATUS_IS_OK(result)) {
2096                 goto done;
2097         }
2098
2099         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
2100                                        MAXIMUM_ALLOWED_ACCESS,
2101                                        rid, &user_pol);
2102
2103         if (!NT_STATUS_IS_OK(result)) {
2104                 goto done;
2105         }
2106
2107         result = rpccli_samr_GetUserPwInfo(cli, mem_ctx, &user_pol, &info);
2108         if (NT_STATUS_IS_OK(result)) {
2109                 printf("min_password_length: %d\n", info.min_password_length);
2110                 printf("%s\n",
2111                         NDR_PRINT_STRUCT_STRING(mem_ctx,
2112                                 samr_PasswordProperties, &info.password_properties));
2113         }
2114
2115  done:
2116         rpccli_samr_Close(cli, mem_ctx, &user_pol);
2117         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2118         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2119
2120         return result;
2121 }
2122
2123 static void init_lsa_String(struct lsa_String *name, const char *s)
2124 {
2125         name->string = s;
2126 }
2127
2128 static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli,
2129                                         TALLOC_CTX *mem_ctx,
2130                                         int argc, const char **argv)
2131 {
2132         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2133         struct lsa_String domain_name;
2134         struct samr_PwInfo info;
2135
2136         if (argc < 1 || argc > 3) {
2137                 printf("Usage: %s <domain>\n", argv[0]);
2138                 return NT_STATUS_OK;
2139         }
2140
2141         init_lsa_String(&domain_name, argv[1]);
2142
2143         result = rpccli_samr_GetDomPwInfo(cli, mem_ctx, &domain_name, &info);
2144
2145         if (NT_STATUS_IS_OK(result)) {
2146                 printf("min_password_length: %d\n", info.min_password_length);
2147                 display_password_properties(info.password_properties);
2148         }
2149
2150         return result;
2151 }
2152
2153 /* Look up domain name */
2154
2155 static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli, 
2156                                        TALLOC_CTX *mem_ctx,
2157                                        int argc, const char **argv) 
2158 {
2159         POLICY_HND connect_pol, domain_pol;
2160         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2161         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2162         fstring domain_name,sid_string;
2163         DOM_SID sid;
2164         
2165         if (argc != 2) {
2166                 printf("Usage: %s domain_name\n", argv[0]);
2167                 return NT_STATUS_OK;
2168         }
2169         
2170         sscanf(argv[1], "%s", domain_name);
2171         
2172         result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol);
2173         
2174         if (!NT_STATUS_IS_OK(result))
2175                 goto done;
2176
2177         result = rpccli_samr_OpenDomain(cli, mem_ctx,
2178                                         &connect_pol,
2179                                         access_mask,
2180                                         &domain_sid,
2181                                         &domain_pol);
2182
2183         if (!NT_STATUS_IS_OK(result))
2184                 goto done;
2185         
2186         result = rpccli_samr_lookup_domain(
2187                 cli, mem_ctx, &connect_pol, domain_name, &sid);
2188
2189         if (NT_STATUS_IS_OK(result)) {
2190                 sid_to_fstring(sid_string,&sid);
2191                 printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2192                        domain_name,sid_string);
2193         }
2194
2195         rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2196         rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2197 done:
2198         return result;
2199 }
2200
2201 /* Change user password */
2202
2203 static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli, 
2204                                     TALLOC_CTX *mem_ctx,
2205                                     int argc, const char **argv) 
2206 {
2207         POLICY_HND connect_pol, domain_pol;
2208         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2209         const char *user, *oldpass, *newpass;
2210         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2211
2212         if (argc < 3) {
2213                 printf("Usage: %s username oldpass newpass\n", argv[0]);
2214                 return NT_STATUS_INVALID_PARAMETER;
2215         }
2216
2217         user = argv[1];
2218         oldpass = argv[2];
2219         newpass = argv[3];
2220         
2221         /* Get sam policy handle */
2222
2223         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2224                                    &connect_pol);
2225
2226         if (!NT_STATUS_IS_OK(result))
2227                 goto done;
2228
2229         /* Get domain policy handle */
2230
2231         result = rpccli_samr_OpenDomain(cli, mem_ctx,
2232                                         &connect_pol,
2233                                         access_mask,
2234                                         &domain_sid,
2235                                         &domain_pol);
2236
2237         if (!NT_STATUS_IS_OK(result))
2238                 goto done;
2239
2240         /* Change user password */
2241         result = rpccli_samr_chgpasswd_user(cli, mem_ctx, user, newpass, oldpass);
2242
2243         if (!NT_STATUS_IS_OK(result))
2244                 goto done;
2245
2246         result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2247         if (!NT_STATUS_IS_OK(result)) goto done;
2248
2249         result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2250         if (!NT_STATUS_IS_OK(result)) goto done;
2251
2252  done:
2253         return result;
2254 }
2255
2256
2257 /* Change user password */
2258
2259 static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, 
2260                                     TALLOC_CTX *mem_ctx,
2261                                     int argc, const char **argv) 
2262 {
2263         POLICY_HND connect_pol, domain_pol;
2264         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2265         const char *user, *oldpass, *newpass;
2266         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2267         SAM_UNK_INFO_1 info;
2268         SAMR_CHANGE_REJECT reject;
2269
2270         if (argc < 3) {
2271                 printf("Usage: %s username oldpass newpass\n", argv[0]);
2272                 return NT_STATUS_INVALID_PARAMETER;
2273         }
2274
2275         user = argv[1];
2276         oldpass = argv[2];
2277         newpass = argv[3];
2278         
2279         /* Get sam policy handle */
2280
2281         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2282                                    &connect_pol);
2283
2284         if (!NT_STATUS_IS_OK(result))
2285                 goto done;
2286
2287         /* Get domain policy handle */
2288
2289         result = rpccli_samr_OpenDomain(cli, mem_ctx,
2290                                         &connect_pol,
2291                                         access_mask,
2292                                         &domain_sid,
2293                                         &domain_pol);
2294
2295         if (!NT_STATUS_IS_OK(result))
2296                 goto done;
2297
2298         /* Change user password */
2299         result = rpccli_samr_chgpasswd3(cli, mem_ctx, user, newpass, oldpass, &info, &reject);
2300
2301         if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
2302         
2303                 display_sam_unk_info_1(&info);
2304
2305                 switch (reject.reject_reason) {
2306                         case SAMR_REJECT_TOO_SHORT:
2307                                 d_printf("SAMR_REJECT_TOO_SHORT\n");
2308                                 break;
2309                         case SAMR_REJECT_IN_HISTORY:
2310                                 d_printf("SAMR_REJECT_IN_HISTORY\n");
2311                                 break;
2312                         case SAMR_REJECT_COMPLEXITY:
2313                                 d_printf("SAMR_REJECT_COMPLEXITY\n");
2314                                 break;
2315                         case SAMR_REJECT_OTHER:
2316                                 d_printf("SAMR_REJECT_OTHER\n");
2317                                 break;
2318                         default:
2319                                 d_printf("unknown reject reason: %d\n", reject.reject_reason);
2320                                 break;
2321                 }
2322         }
2323
2324         if (!NT_STATUS_IS_OK(result))
2325                 goto done;
2326
2327         result = rpccli_samr_Close(cli, mem_ctx, &domain_pol);
2328         if (!NT_STATUS_IS_OK(result)) goto done;
2329
2330         result = rpccli_samr_Close(cli, mem_ctx, &connect_pol);
2331         if (!NT_STATUS_IS_OK(result)) goto done;
2332
2333  done:
2334         return result;
2335 }
2336
2337 /* List of commands exported by this module */
2338
2339 struct cmd_set samr_commands[] = {
2340
2341         { "SAMR" },
2342
2343         { "queryuser",  RPC_RTYPE_NTSTATUS, cmd_samr_query_user,                NULL, PI_SAMR, NULL,    "Query user info",         "" },
2344         { "querygroup",         RPC_RTYPE_NTSTATUS, cmd_samr_query_group,               NULL, PI_SAMR, NULL,    "Query group info",        "" },
2345         { "queryusergroups",    RPC_RTYPE_NTSTATUS, cmd_samr_query_usergroups,  NULL, PI_SAMR, NULL,    "Query user groups",       "" },
2346         { "queryuseraliases",   RPC_RTYPE_NTSTATUS, cmd_samr_query_useraliases,         NULL, PI_SAMR, NULL,    "Query user aliases",      "" },
2347         { "querygroupmem",      RPC_RTYPE_NTSTATUS, cmd_samr_query_groupmem,    NULL, PI_SAMR, NULL,    "Query group membership",  "" },
2348         { "queryaliasmem",      RPC_RTYPE_NTSTATUS, cmd_samr_query_aliasmem,    NULL, PI_SAMR, NULL,    "Query alias membership",  "" },
2349         { "deletealias",        RPC_RTYPE_NTSTATUS, cmd_samr_delete_alias,      NULL, PI_SAMR, NULL,    "Delete an alias",  "" },
2350         { "querydispinfo",      RPC_RTYPE_NTSTATUS, cmd_samr_query_dispinfo,    NULL, PI_SAMR, NULL,    "Query display info",      "" },
2351         { "querydominfo",       RPC_RTYPE_NTSTATUS, cmd_samr_query_dominfo,     NULL, PI_SAMR, NULL,    "Query domain info",       "" },
2352         { "enumdomusers",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_users,       NULL, PI_SAMR, NULL,  "Enumerate domain users", "" },
2353         { "enumdomgroups",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_groups,       NULL, PI_SAMR, NULL,        "Enumerate domain groups", "" },
2354         { "enumalsgroups",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_als_groups,       NULL, PI_SAMR, NULL,        "Enumerate alias groups",  "" },
2355
2356         { "createdomuser",      RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user,       NULL, PI_SAMR, NULL,        "Create domain user",      "" },
2357         { "createdomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group,      NULL, PI_SAMR, NULL,        "Create domain group",     "" },
2358         { "createdomalias",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias,      NULL, PI_SAMR, NULL,        "Create domain alias",     "" },
2359         { "samlookupnames",     RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names,          NULL, PI_SAMR, NULL,        "Look up names",           "" },
2360         { "samlookuprids",      RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids,           NULL, PI_SAMR, NULL,        "Look up names",           "" },
2361         { "deletedomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_group,      NULL, PI_SAMR, NULL,        "Delete domain group",     "" },
2362         { "deletedomuser",      RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user,       NULL, PI_SAMR, NULL,        "Delete domain user",      "" },
2363         { "samquerysecobj",     RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj,         NULL, PI_SAMR, NULL, "Query SAMR security object",   "" },
2364         { "getdompwinfo",       RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo,        NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
2365         { "getusrdompwinfo",    RPC_RTYPE_NTSTATUS, cmd_samr_get_usrdom_pwinfo,     NULL, PI_SAMR, NULL, "Retrieve user domain password info", "" },
2366
2367         { "lookupdomain",       RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain,         NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
2368         { "chgpasswd2",         RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2,            NULL, PI_SAMR, NULL, "Change user password", "" },
2369         { "chgpasswd3",         RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3,            NULL, PI_SAMR, NULL, "Change user password", "" },
2370         { NULL }
2371 };
Experimental branches for jra