2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
27 /* useful function to allow entering a name instead of a SID and
28 * looking it up automatically */
29 static NTSTATUS name_to_sid(struct cli_state *cli,
31 DOM_SID *sid, const char *name)
38 /* maybe its a raw SID */
39 if (strncmp(name, "S-", 2) == 0 &&
40 string_to_sid(sid, name)) {
44 result = cli_lsa_open_policy(cli, mem_ctx, True,
45 SEC_RIGHTS_MAXIMUM_ALLOWED,
47 if (!NT_STATUS_IS_OK(result))
50 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
51 if (!NT_STATUS_IS_OK(result))
54 cli_lsa_close(cli, mem_ctx, &pol);
63 /* Look up domain related information on a remote host */
65 static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli,
66 TALLOC_CTX *mem_ctx, int argc,
70 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
73 fstring sid_str, domain_name="", dns_name="", forest_name="";
74 uint32 info_class = 3;
77 printf("Usage: %s [info_class]\n", argv[0]);
82 info_class = atoi(argv[1]);
84 /* Lookup info policy */
87 result = cli_lsa_open_policy2(cli, mem_ctx, True,
88 SEC_RIGHTS_MAXIMUM_ALLOWED,
91 if (!NT_STATUS_IS_OK(result))
93 result = cli_lsa_query_info_policy2(cli, mem_ctx, &pol,
94 info_class, domain_name,
95 dns_name, forest_name,
99 result = cli_lsa_open_policy(cli, mem_ctx, True,
100 SEC_RIGHTS_MAXIMUM_ALLOWED,
103 if (!NT_STATUS_IS_OK(result))
105 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol,
106 info_class, domain_name,
110 if (!NT_STATUS_IS_OK(result))
113 sid_to_string(sid_str, &dom_sid);
116 printf("domain %s has sid %s\n", domain_name, sid_str);
118 printf("could not query info for level %d\n", info_class);
121 printf("domain dns name is %s\n", dns_name);
123 printf("forest name is %s\n", forest_name);
125 if (info_class == 12) {
126 printf("domain GUID is ");
127 print_guid(&dom_guid);
133 /* Resolve a list of names to a list of sids */
135 static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
136 TALLOC_CTX *mem_ctx, int argc,
140 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
146 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
150 result = cli_lsa_open_policy(cli, mem_ctx, True,
151 SEC_RIGHTS_MAXIMUM_ALLOWED,
154 if (!NT_STATUS_IS_OK(result))
157 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
158 (const char**)(argv + 1), &sids, &types);
160 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
161 NT_STATUS_V(STATUS_SOME_UNMAPPED))
164 result = NT_STATUS_OK;
168 for (i = 0; i < (argc - 1); i++) {
170 sid_to_string(sid_str, &sids[i]);
171 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
172 sid_type_lookup(types[i]), types[i]);
179 /* Resolve a list of SIDs to a list of names */
181 static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
182 int argc, char **argv)
185 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
193 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
197 result = cli_lsa_open_policy(cli, mem_ctx, True,
198 SEC_RIGHTS_MAXIMUM_ALLOWED,
201 if (!NT_STATUS_IS_OK(result))
204 /* Convert arguments to sids */
206 sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (argc - 1));
209 printf("could not allocate memory for %d sids\n", argc - 1);
213 for (i = 0; i < argc - 1; i++)
214 string_to_sid(&sids[i], argv[i + 1]);
216 /* Lookup the SIDs */
218 result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
219 &domains, &names, &types);
221 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
222 NT_STATUS_V(STATUS_SOME_UNMAPPED))
225 result = NT_STATUS_OK;
229 for (i = 0; i < (argc - 1); i++) {
232 sid_to_string(sid_str, &sids[i]);
233 printf("%s %s\\%s (%d)\n", sid_str,
234 domains[i] ? domains[i] : "*unknown*",
235 names[i] ? names[i] : "*unknown*", types[i]);
242 /* Enumerate list of trusted domains */
244 static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli,
245 TALLOC_CTX *mem_ctx, int argc,
249 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
250 DOM_SID *domain_sids;
253 /* defaults, but may be changed using params */
255 uint32 num_domains = 0;
259 printf("Usage: %s [enum context (0)]\n", argv[0]);
263 if (argc == 2 && argv[1]) {
264 enum_ctx = atoi(argv[2]);
267 result = cli_lsa_open_policy(cli, mem_ctx, True,
268 POLICY_VIEW_LOCAL_INFORMATION,
271 if (!NT_STATUS_IS_OK(result))
274 /* Lookup list of trusted domains */
276 result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
278 &domain_names, &domain_sids);
279 if (!NT_STATUS_IS_OK(result) &&
280 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
281 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
284 /* Print results: list of names and sids returned in this response. */
285 for (i = 0; i < num_domains; i++) {
288 sid_to_string(sid_str, &domain_sids[i]);
289 printf("%s %s\n", domain_names[i] ? domain_names[i] :
290 "*unknown*", sid_str);
297 /* Enumerates privileges */
299 static NTSTATUS cmd_lsa_enum_privilege(struct cli_state *cli,
300 TALLOC_CTX *mem_ctx, int argc,
304 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
306 uint32 enum_context=0;
307 uint32 pref_max_length=0x1000;
315 printf("Usage: %s [enum context] [max length]\n", argv[0]);
320 enum_context=atoi(argv[1]);
323 pref_max_length=atoi(argv[2]);
325 result = cli_lsa_open_policy(cli, mem_ctx, True,
326 SEC_RIGHTS_MAXIMUM_ALLOWED,
329 if (!NT_STATUS_IS_OK(result))
332 result = cli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
333 &count, &privs_name, &privs_high, &privs_low);
335 if (!NT_STATUS_IS_OK(result))
339 printf("found %d privileges\n\n", count);
341 for (i = 0; i < count; i++) {
342 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
343 privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
350 /* Get privilege name */
352 static NTSTATUS cmd_lsa_get_dispname(struct cli_state *cli,
353 TALLOC_CTX *mem_ctx, int argc,
357 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
360 uint16 lang_id_sys=0;
365 printf("Usage: %s privilege name\n", argv[0]);
369 result = cli_lsa_open_policy(cli, mem_ctx, True,
370 SEC_RIGHTS_MAXIMUM_ALLOWED,
373 if (!NT_STATUS_IS_OK(result))
376 result = cli_lsa_get_dispname(cli, mem_ctx, &pol, argv[1], lang_id, lang_id_sys, description, &lang_id_desc);
378 if (!NT_STATUS_IS_OK(result))
382 printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
388 /* Enumerate the LSA SIDS */
390 static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli,
391 TALLOC_CTX *mem_ctx, int argc,
395 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
397 uint32 enum_context=0;
398 uint32 pref_max_length=0x1000;
404 printf("Usage: %s [enum context] [max length]\n", argv[0]);
409 enum_context=atoi(argv[1]);
412 pref_max_length=atoi(argv[2]);
414 result = cli_lsa_open_policy(cli, mem_ctx, True,
415 SEC_RIGHTS_MAXIMUM_ALLOWED,
418 if (!NT_STATUS_IS_OK(result))
421 result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
424 if (!NT_STATUS_IS_OK(result))
428 printf("found %d SIDs\n\n", count);
430 for (i = 0; i < count; i++) {
433 sid_to_string(sid_str, &sids[i]);
434 printf("%s\n", sid_str);
441 /* Enumerate the privileges of an SID */
443 static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
444 TALLOC_CTX *mem_ctx, int argc,
449 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
450 uint32 access_desired = 0x000f000f;
458 printf("Usage: %s SID\n", argv[0]);
462 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
463 if (!NT_STATUS_IS_OK(result))
466 result = cli_lsa_open_policy2(cli, mem_ctx, True,
467 SEC_RIGHTS_MAXIMUM_ALLOWED,
470 if (!NT_STATUS_IS_OK(result))
473 result = cli_lsa_open_account(cli, mem_ctx, &dom_pol, &sid, access_desired, &user_pol);
475 if (!NT_STATUS_IS_OK(result))
478 result = cli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set);
480 if (!NT_STATUS_IS_OK(result))
484 printf("found %d privileges for SID %s\n\n", count, argv[1]);
485 printf("high\tlow\tattribute\n");
487 for (i = 0; i < count; i++) {
488 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
496 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
498 static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
499 TALLOC_CTX *mem_ctx, int argc,
503 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
512 printf("Usage: %s SID\n", argv[0]);
516 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
517 if (!NT_STATUS_IS_OK(result))
520 result = cli_lsa_open_policy2(cli, mem_ctx, True,
521 SEC_RIGHTS_MAXIMUM_ALLOWED,
524 if (!NT_STATUS_IS_OK(result))
527 result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights);
529 if (!NT_STATUS_IS_OK(result))
532 printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
534 for (i = 0; i < count; i++) {
535 printf("\t%s\n", rights[i]);
543 /* add some privileges to a SID via LsaAddAccountRights */
545 static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
546 TALLOC_CTX *mem_ctx, int argc,
550 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
555 printf("Usage: %s SID [rights...]\n", argv[0]);
559 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
560 if (!NT_STATUS_IS_OK(result))
563 result = cli_lsa_open_policy2(cli, mem_ctx, True,
564 SEC_RIGHTS_MAXIMUM_ALLOWED,
567 if (!NT_STATUS_IS_OK(result))
570 result = cli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid,
573 if (!NT_STATUS_IS_OK(result))
581 /* remove some privileges to a SID via LsaRemoveAccountRights */
583 static NTSTATUS cmd_lsa_remove_acct_rights(struct cli_state *cli,
584 TALLOC_CTX *mem_ctx, int argc,
588 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
593 printf("Usage: %s SID [rights...]\n", argv[0]);
597 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
598 if (!NT_STATUS_IS_OK(result))
601 result = cli_lsa_open_policy2(cli, mem_ctx, True,
602 SEC_RIGHTS_MAXIMUM_ALLOWED,
605 if (!NT_STATUS_IS_OK(result))
608 result = cli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid,
609 False, argc-2, argv+2);
611 if (!NT_STATUS_IS_OK(result))
619 /* Get a privilege value given its name */
621 static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
622 TALLOC_CTX *mem_ctx, int argc,
626 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
630 printf("Usage: %s name\n", argv[0]);
634 result = cli_lsa_open_policy2(cli, mem_ctx, True,
635 SEC_RIGHTS_MAXIMUM_ALLOWED,
638 if (!NT_STATUS_IS_OK(result))
641 result = cli_lsa_lookupprivvalue(cli, mem_ctx, &pol, argv[1], &luid);
643 if (!NT_STATUS_IS_OK(result))
648 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
654 /* Query LSA security object */
656 static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli,
657 TALLOC_CTX *mem_ctx, int argc,
661 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
663 uint32 sec_info = 0x00000004; /* ??? */
666 printf("Usage: %s\n", argv[0]);
670 result = cli_lsa_open_policy2(cli, mem_ctx, True,
671 SEC_RIGHTS_MAXIMUM_ALLOWED,
674 if (!NT_STATUS_IS_OK(result))
677 result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
679 if (!NT_STATUS_IS_OK(result))
684 display_sec_desc(sdb->sec);
691 /* List of commands exported by this module */
693 struct cmd_set lsarpc_commands[] = {
697 { "lsaquery", cmd_lsa_query_info_policy, PI_LSARPC, "Query info policy", "" },
698 { "lookupsids", cmd_lsa_lookup_sids, PI_LSARPC, "Convert SIDs to names", "" },
699 { "lookupnames", cmd_lsa_lookup_names, PI_LSARPC, "Convert names to SIDs", "" },
700 { "enumtrust", cmd_lsa_enum_trust_dom, PI_LSARPC, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
701 { "enumprivs", cmd_lsa_enum_privilege, PI_LSARPC, "Enumerate privileges", "" },
702 { "getdispname", cmd_lsa_get_dispname, PI_LSARPC, "Get the privilege name", "" },
703 { "lsaenumsid", cmd_lsa_enum_sids, PI_LSARPC, "Enumerate the LSA SIDS", "" },
704 { "lsaenumprivsaccount", cmd_lsa_enum_privsaccounts, PI_LSARPC, "Enumerate the privileges of an SID", "" },
705 { "lsaenumacctrights", cmd_lsa_enum_acct_rights, PI_LSARPC, "Enumerate the rights of an SID", "" },
706 { "lsaaddacctrights", cmd_lsa_add_acct_rights, PI_LSARPC, "Add rights to an account", "" },
707 { "lsaremoveacctrights", cmd_lsa_remove_acct_rights, PI_LSARPC, "Remove rights from an account", "" },
708 { "lsalookupprivvalue", cmd_lsa_lookupprivvalue, PI_LSARPC, "Get a privilege value given its name", "" },
709 { "lsaquerysecobj", cmd_lsa_query_secobj, PI_LSARPC, "Query LSA security object", "" },