[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.
[sfrench/samba-autobuild/.git] / source3 / rpcclient / cmd_samr.c
1 /* 
2    Unix SMB/CIFS implementation.
3    RPC pipe client
4
5    Copyright (C) Andrew Tridgell              1992-2000,
6    Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
7    Copyright (C) Elrond                            2000,
8    Copyright (C) Tim Potter                        2000
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14    
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19    
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "rpcclient.h"
26
27 extern DOM_SID domain_sid;
28
29 /****************************************************************************
30  display sam_user_info_7 structure
31  ****************************************************************************/
32 static void display_sam_user_info_7(SAM_USER_INFO_7 *usr)
33 {
34         fstring temp;
35
36         unistr2_to_ascii(temp, &usr->uni_name, sizeof(temp));
37         printf("\tUser Name   :\t%s\n", temp);
38 }
39
40 /****************************************************************************
41  display sam_user_info_9 structure
42  ****************************************************************************/
43 static void display_sam_user_info_9(SAM_USER_INFO_9 *usr)
44 {
45         printf("\tPrimary group RID   :\tox%x\n", usr->rid_group);
46 }
47
48 /****************************************************************************
49  display sam_user_info_16 structure
50  ****************************************************************************/
51 static void display_sam_user_info_16(SAM_USER_INFO_16 *usr)
52 {
53         printf("\tAcct Flags   :\tox%x\n", usr->acb_info);
54 }
55
56 /****************************************************************************
57  display sam_user_info_21 structure
58  ****************************************************************************/
59 static void display_sam_user_info_21(SAM_USER_INFO_21 *usr)
60 {
61         fstring temp;
62
63         unistr2_to_ascii(temp, &usr->uni_user_name, sizeof(temp));
64         printf("\tUser Name   :\t%s\n", temp);
65         
66         unistr2_to_ascii(temp, &usr->uni_full_name, sizeof(temp));
67         printf("\tFull Name   :\t%s\n", temp);
68         
69         unistr2_to_ascii(temp, &usr->uni_home_dir, sizeof(temp));
70         printf("\tHome Drive  :\t%s\n", temp);
71         
72         unistr2_to_ascii(temp, &usr->uni_dir_drive, sizeof(temp));
73         printf("\tDir Drive   :\t%s\n", temp);
74         
75         unistr2_to_ascii(temp, &usr->uni_profile_path, sizeof(temp));
76         printf("\tProfile Path:\t%s\n", temp);
77         
78         unistr2_to_ascii(temp, &usr->uni_logon_script, sizeof(temp));
79         printf("\tLogon Script:\t%s\n", temp);
80         
81         unistr2_to_ascii(temp, &usr->uni_acct_desc, sizeof(temp));
82         printf("\tDescription :\t%s\n", temp);
83         
84         unistr2_to_ascii(temp, &usr->uni_workstations, sizeof(temp));
85         printf("\tWorkstations:\t%s\n", temp);
86         
87         unistr2_to_ascii(temp, &usr->uni_comment, sizeof(temp));
88         printf("\tUnknown Str :\t%s\n", temp);
89         
90         unistr2_to_ascii(temp, &usr->uni_munged_dial, sizeof(temp));
91         printf("\tRemote Dial :\t%s\n", temp);
92         
93         printf("\tLogon Time               :\t%s\n", 
94                http_timestring(nt_time_to_unix(usr->logon_time)));
95         printf("\tLogoff Time              :\t%s\n", 
96                http_timestring(nt_time_to_unix(usr->logoff_time)));
97         printf("\tKickoff Time             :\t%s\n", 
98                http_timestring(nt_time_to_unix(usr->kickoff_time)));
99         printf("\tPassword last set Time   :\t%s\n", 
100                http_timestring(nt_time_to_unix(usr->pass_last_set_time)));
101         printf("\tPassword can change Time :\t%s\n", 
102                http_timestring(nt_time_to_unix(usr->pass_can_change_time)));
103         printf("\tPassword must change Time:\t%s\n", 
104                http_timestring(nt_time_to_unix(usr->pass_must_change_time)));
105         
106         printf("\tunknown_2[0..31]...\n"); /* user passwords? */
107         
108         printf("\tuser_rid :\t0x%x\n"  , usr->user_rid ); /* User ID */
109         printf("\tgroup_rid:\t0x%x\n"  , usr->group_rid); /* Group ID */
110         printf("\tacb_info :\t0x%08x\n", usr->acb_info ); /* Account Control Info */
111         
112         printf("\tfields_present:\t0x%08x\n", usr->fields_present); /* 0x00ff ffff */
113         printf("\tlogon_divs:\t%d\n", usr->logon_divs); /* 0x0000 00a8 which is 168 which is num hrs in a week */
114         printf("\tbad_password_count:\t0x%08x\n", usr->bad_password_count);
115         printf("\tlogon_count:\t0x%08x\n", usr->logon_count);
116         
117         printf("\tpadding1[0..7]...\n");
118         
119         if (usr->ptr_logon_hrs) {
120                 printf("\tlogon_hrs[0..%d]...\n", usr->logon_hrs.len);
121         }
122 }
123
124
125 static void display_password_properties(uint32 password_properties) 
126 {
127         printf("password_properties: 0x%08x\n", password_properties);
128                 
129         if (password_properties & DOMAIN_PASSWORD_COMPLEX)
130                 printf("\tDOMAIN_PASSWORD_COMPLEX\n");
131                         
132         if (password_properties & DOMAIN_PASSWORD_NO_ANON_CHANGE)
133                 printf("\tDOMAIN_PASSWORD_NO_ANON_CHANGE\n");
134                         
135         if (password_properties & DOMAIN_PASSWORD_NO_CLEAR_CHANGE)
136                 printf("\tDOMAIN_PASSWORD_NO_CLEAR_CHANGE\n");
137                         
138         if (password_properties & DOMAIN_LOCKOUT_ADMINS)
139                 printf("\tDOMAIN_LOCKOUT_ADMINS\n");
140                         
141         if (password_properties & DOMAIN_PASSWORD_STORE_CLEARTEXT)
142                 printf("\tDOMAIN_PASSWORD_STORE_CLEARTEXT\n");
143                         
144         if (password_properties & DOMAIN_REFUSE_PASSWORD_CHANGE)
145                 printf("\tDOMAIN_REFUSE_PASSWORD_CHANGE\n");
146 }
147
148 static void display_sam_unk_info_1(SAM_UNK_INFO_1 *info1)
149 {
150         
151         printf("Minimum password length:\t\t\t%d\n", info1->min_length_password);
152         printf("Password uniqueness (remember x passwords):\t%d\n", info1->password_history);
153         display_password_properties(info1->password_properties);
154         printf("password expire in:\t\t\t\t%s\n", display_time(info1->expire));
155         printf("Min password age (allow changing in x days):\t%s\n", display_time(info1->min_passwordage));
156 }
157
158 static void display_sam_unk_info_2(SAM_UNK_INFO_2 *info2)
159 {
160         fstring name;
161
162         unistr2_to_ascii(name, &info2->uni_domain, sizeof(name));
163         printf("Domain:\t\t%s\n", name);
164
165         unistr2_to_ascii(name, &info2->uni_server, sizeof(name));
166         printf("Server:\t\t%s\n", name);
167
168         unistr2_to_ascii(name, &info2->uni_comment, sizeof(name));
169         printf("Comment:\t%s\n", name);
170
171         printf("Total Users:\t%d\n", info2->num_domain_usrs);
172         printf("Total Groups:\t%d\n", info2->num_domain_grps);
173         printf("Total Aliases:\t%d\n", info2->num_local_grps);
174         
175         printf("Sequence No:\t%llu\n", (unsigned long long)info2->seq_num);
176
177         printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info2->logout));
178
179         printf("Unknown 4:\t0x%x\n", info2->unknown_4);
180         printf("Server Role:\t%s\n", server_role_str(info2->server_role));
181         printf("Unknown 6:\t0x%x\n", info2->unknown_6);
182 }
183
184 static void display_sam_unk_info_3(SAM_UNK_INFO_3 *info3)
185 {
186         printf("Force Logoff:\t%d\n", (int)nt_time_to_unix_abs(&info3->logout));
187 }
188
189 static void display_sam_unk_info_4(SAM_UNK_INFO_4 *info4)
190 {
191         fstring name;
192
193         unistr2_to_ascii(name, &info4->uni_comment, sizeof(name));
194         printf("Comment:\t%s\n", name);
195 }
196
197 static void display_sam_unk_info_5(SAM_UNK_INFO_5 *info5)
198 {
199         fstring name;
200
201         unistr2_to_ascii(name, &info5->uni_domain, sizeof(name));
202         printf("Domain:\t\t%s\n", name);
203 }
204
205 static void display_sam_unk_info_6(SAM_UNK_INFO_6 *info6)
206 {
207         fstring name;
208
209         unistr2_to_ascii(name, &info6->uni_server, sizeof(name));
210         printf("Server:\t\t%s\n", name);
211 }
212
213 static void display_sam_unk_info_7(SAM_UNK_INFO_7 *info7)
214 {
215         printf("Server Role:\t%s\n", server_role_str(info7->server_role));
216 }
217
218 static void display_sam_unk_info_8(SAM_UNK_INFO_8 *info8)
219 {
220         printf("Sequence No:\t%llu\n", (unsigned long long)info8->seq_num);
221         printf("Domain Create Time:\t%s\n", 
222                 http_timestring(nt_time_to_unix(info8->domain_create_time)));
223 }
224
225 static void display_sam_unk_info_9(SAM_UNK_INFO_9 *info9)
226 {
227         printf("unknown:\t%d (0x%08x)\n", info9->unknown, info9->unknown);
228 }
229
230 static void display_sam_unk_info_12(SAM_UNK_INFO_12 *info12)
231 {
232         printf("Bad password lockout duration:               %s\n", display_time(info12->duration));
233         printf("Reset Lockout after:                         %s\n", display_time(info12->reset_count));
234         printf("Lockout after bad attempts:                  %d\n", info12->bad_attempt_lockout);
235 }
236
237 static void display_sam_unk_info_13(SAM_UNK_INFO_13 *info13)
238 {
239         printf("Sequence No:\t%llu\n", (unsigned long long)info13->seq_num);
240         printf("Domain Create Time:\t%s\n", 
241                 http_timestring(nt_time_to_unix(info13->domain_create_time)));
242         printf("Unknown1:\t%d\n", info13->unknown1);
243         printf("Unknown2:\t%d\n", info13->unknown2);
244
245 }
246
247 static void display_sam_info_1(SAM_ENTRY1 *e1, SAM_STR1 *s1)
248 {
249         fstring tmp;
250
251         printf("index: 0x%x ", e1->user_idx);
252         printf("RID: 0x%x ", e1->rid_user);
253         printf("acb: 0x%x ", e1->acb_info);
254
255         unistr2_to_ascii(tmp, &s1->uni_acct_name, sizeof(tmp));
256         printf("Account: %s\t", tmp);
257
258         unistr2_to_ascii(tmp, &s1->uni_full_name, sizeof(tmp));
259         printf("Name: %s\t", tmp);
260
261         unistr2_to_ascii(tmp, &s1->uni_acct_desc, sizeof(tmp));
262         printf("Desc: %s\n", tmp);
263 }
264
265 static void display_sam_info_2(SAM_ENTRY2 *e2, SAM_STR2 *s2)
266 {
267         fstring tmp;
268
269         printf("index: 0x%x ", e2->user_idx);
270         printf("RID: 0x%x ", e2->rid_user);
271         printf("acb: 0x%x ", e2->acb_info);
272         
273         unistr2_to_ascii(tmp, &s2->uni_srv_name, sizeof(tmp));
274         printf("Account: %s\t", tmp);
275
276         unistr2_to_ascii(tmp, &s2->uni_srv_desc, sizeof(tmp));
277         printf("Name: %s\n", tmp);
278
279 }
280
281 static void display_sam_info_3(SAM_ENTRY3 *e3, SAM_STR3 *s3)
282 {
283         fstring tmp;
284
285         printf("index: 0x%x ", e3->grp_idx);
286         printf("RID: 0x%x ", e3->rid_grp);
287         printf("attr: 0x%x ", e3->attr);
288         
289         unistr2_to_ascii(tmp, &s3->uni_grp_name, sizeof(tmp));
290         printf("Account: %s\t", tmp);
291
292         unistr2_to_ascii(tmp, &s3->uni_grp_desc, sizeof(tmp));
293         printf("Name: %s\n", tmp);
294
295 }
296
297 static void display_sam_info_4(SAM_ENTRY4 *e4, SAM_STR4 *s4)
298 {
299         int i;
300
301         printf("index: %d ", e4->user_idx);
302         
303         printf("Account: ");
304         for (i=0; i<s4->acct_name.str_str_len; i++)
305                 printf("%c", s4->acct_name.buffer[i]);
306         printf("\n");
307
308 }
309
310 static void display_sam_info_5(SAM_ENTRY5 *e5, SAM_STR5 *s5)
311 {
312         int i;
313
314         printf("index: 0x%x ", e5->grp_idx);
315         
316         printf("Account: ");
317         for (i=0; i<s5->grp_name.str_str_len; i++)
318                 printf("%c", s5->grp_name.buffer[i]);
319         printf("\n");
320
321 }
322
323 /****************************************************************************
324  Try samr_connect4 first, then samr_conenct if it fails
325  ****************************************************************************/
326 static NTSTATUS try_samr_connects(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, 
327                                   uint32 access_mask, POLICY_HND *connect_pol)
328 {
329         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
330         
331         result = rpccli_samr_connect4(cli, mem_ctx, access_mask, connect_pol);
332         if (!NT_STATUS_IS_OK(result)) {
333                 result = rpccli_samr_connect(cli, mem_ctx, access_mask,
334                                           connect_pol);
335         }
336         return result;
337 }
338
339 /**********************************************************************
340  * Query user information 
341  */
342 static NTSTATUS cmd_samr_query_user(struct rpc_pipe_client *cli, 
343                                     TALLOC_CTX *mem_ctx,
344                                     int argc, const char **argv) 
345 {
346         POLICY_HND connect_pol, domain_pol, user_pol;
347         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
348         uint32 info_level = 21;
349         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
350         SAM_USERINFO_CTR *user_ctr;
351         fstring server;
352         uint32 user_rid = 0;
353         
354         if ((argc < 2) || (argc > 4)) {
355                 printf("Usage: %s rid [info level] [access mask] \n", argv[0]);
356                 return NT_STATUS_OK;
357         }
358         
359         sscanf(argv[1], "%i", &user_rid);
360         
361         if (argc > 2)
362                 sscanf(argv[2], "%i", &info_level);
363                 
364         if (argc > 3)
365                 sscanf(argv[3], "%x", &access_mask);
366         
367
368         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
369         strupper_m(server);
370         
371         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
372                                    &connect_pol);
373
374         if (!NT_STATUS_IS_OK(result))
375                 goto done;
376
377         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
378                                       MAXIMUM_ALLOWED_ACCESS,
379                                       &domain_sid, &domain_pol);
380
381         if (!NT_STATUS_IS_OK(result))
382                 goto done;
383
384         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
385                                     access_mask,
386                                     user_rid, &user_pol);
387
388         if (NT_STATUS_EQUAL(result, NT_STATUS_NO_SUCH_USER) &&
389             (user_rid == 0)) {
390
391                 /* Probably this was a user name, try lookupnames */
392                 uint32 num_rids;
393                 uint32 *rids, *types;
394                 
395                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
396                                                   1000, 1, &argv[1],
397                                                   &num_rids, &rids,
398                                                   &types);
399
400                 if (NT_STATUS_IS_OK(result)) {
401                         result = rpccli_samr_open_user(cli, mem_ctx,
402                                                        &domain_pol,
403                                                        access_mask,
404                                                        rids[0], &user_pol);
405                 }
406         }
407
408
409         if (!NT_STATUS_IS_OK(result))
410                 goto done;
411
412         ZERO_STRUCT(user_ctr);
413
414         result = rpccli_samr_query_userinfo(cli, mem_ctx, &user_pol, 
415                                          info_level, &user_ctr);
416
417         if (!NT_STATUS_IS_OK(result))
418                 goto done;
419
420         switch (user_ctr->switch_value) {
421         case 7:
422                 display_sam_user_info_7(user_ctr->info.id7);
423                 break;
424         case 9:
425                 display_sam_user_info_9(user_ctr->info.id9);
426                 break;
427         case 16:
428                 display_sam_user_info_16(user_ctr->info.id16);
429                 break;
430         case 21:
431                 display_sam_user_info_21(user_ctr->info.id21);
432                 break;
433         default:
434                 printf("Unsupported infolevel: %d\n", info_level);
435                 break;
436         }
437
438         rpccli_samr_close(cli, mem_ctx, &user_pol);
439         rpccli_samr_close(cli, mem_ctx, &domain_pol);
440         rpccli_samr_close(cli, mem_ctx, &connect_pol);
441
442 done:
443         return result;
444 }
445
446 /****************************************************************************
447  display group info
448  ****************************************************************************/
449 static void display_group_info1(GROUP_INFO1 *info1)
450 {
451         fstring temp;
452
453         unistr2_to_ascii(temp, &info1->uni_acct_name, sizeof(temp));
454         printf("\tGroup Name:\t%s\n", temp);
455         unistr2_to_ascii(temp, &info1->uni_acct_desc, sizeof(temp));
456         printf("\tDescription:\t%s\n", temp);
457         printf("\tGroup Attribute:%d\n", info1->group_attr);
458         printf("\tNum Members:%d\n", info1->num_members);
459 }
460
461 /****************************************************************************
462  display group info
463  ****************************************************************************/
464 static void display_group_info2(GROUP_INFO2 *info2)
465 {
466         fstring name;
467
468         unistr2_to_ascii(name, &info2->uni_acct_name, sizeof(name));
469         printf("\tGroup Description:%s\n", name);
470 }
471
472
473 /****************************************************************************
474  display group info
475  ****************************************************************************/
476 static void display_group_info3(GROUP_INFO3 *info3)
477 {
478         printf("\tGroup Attribute:%d\n", info3->group_attr);
479 }
480
481
482 /****************************************************************************
483  display group info
484  ****************************************************************************/
485 static void display_group_info4(GROUP_INFO4 *info4)
486 {
487         fstring desc;
488
489         unistr2_to_ascii(desc, &info4->uni_acct_desc, sizeof(desc));
490         printf("\tGroup Description:%s\n", desc);
491 }
492
493 /****************************************************************************
494  display group info
495  ****************************************************************************/
496 static void display_group_info5(GROUP_INFO5 *info5)
497 {
498         fstring temp;
499
500         unistr2_to_ascii(temp, &info5->uni_acct_name, sizeof(temp));
501         printf("\tGroup Name:\t%s\n", temp);
502         unistr2_to_ascii(temp, &info5->uni_acct_desc, sizeof(temp));
503         printf("\tDescription:\t%s\n", temp);
504         printf("\tGroup Attribute:%d\n", info5->group_attr);
505         printf("\tNum Members:%d\n", info5->num_members);
506 }
507
508 /****************************************************************************
509  display sam sync structure
510  ****************************************************************************/
511 static void display_group_info_ctr(GROUP_INFO_CTR *ctr)
512 {
513         switch (ctr->switch_value1) {
514                 case 1:
515                         display_group_info1(&ctr->group.info1);
516                         break;
517                 case 2:
518                         display_group_info2(&ctr->group.info2);
519                         break;
520                 case 3:
521                         display_group_info3(&ctr->group.info3);
522                         break;
523                 case 4:
524                         display_group_info4(&ctr->group.info4);
525                         break;
526                 case 5:
527                         display_group_info5(&ctr->group.info5);
528                         break;
529
530         }
531 }
532
533 /***********************************************************************
534  * Query group information 
535  */
536 static NTSTATUS cmd_samr_query_group(struct rpc_pipe_client *cli, 
537                                      TALLOC_CTX *mem_ctx,
538                                      int argc, const char **argv) 
539 {
540         POLICY_HND connect_pol, domain_pol, group_pol;
541         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
542         uint32 info_level = 1;
543         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
544         GROUP_INFO_CTR *group_ctr;
545         fstring                 server; 
546         uint32 group_rid;
547         
548         if ((argc < 2) || (argc > 4)) {
549                 printf("Usage: %s rid [info level] [access mask]\n", argv[0]);
550                 return NT_STATUS_OK;
551         }
552
553         sscanf(argv[1], "%i", &group_rid);
554         
555         if (argc > 2)
556                 sscanf(argv[2], "%i", &info_level);
557         
558         if (argc > 3)
559                 sscanf(argv[3], "%x", &access_mask);
560
561         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
562         strupper_m(server);
563
564         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
565                                    &connect_pol);
566
567         if (!NT_STATUS_IS_OK(result))
568                 goto done;
569
570         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
571                                       MAXIMUM_ALLOWED_ACCESS,
572                                       &domain_sid, &domain_pol);
573
574         if (!NT_STATUS_IS_OK(result))
575                 goto done;
576
577         result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
578                                      access_mask,
579                                      group_rid, &group_pol);
580
581         if (!NT_STATUS_IS_OK(result))
582                 goto done;
583
584         result = rpccli_samr_query_groupinfo(cli, mem_ctx, &group_pol, 
585                                           info_level, &group_ctr);
586         if (!NT_STATUS_IS_OK(result)) {
587                 goto done;
588         }
589
590         display_group_info_ctr(group_ctr);
591
592         rpccli_samr_close(cli, mem_ctx, &group_pol);
593         rpccli_samr_close(cli, mem_ctx, &domain_pol);
594         rpccli_samr_close(cli, mem_ctx, &connect_pol);
595 done:
596         return result;
597 }
598
599 /* Query groups a user is a member of */
600
601 static NTSTATUS cmd_samr_query_usergroups(struct rpc_pipe_client *cli, 
602                                           TALLOC_CTX *mem_ctx,
603                                           int argc, const char **argv) 
604 {
605         POLICY_HND              connect_pol, 
606                                 domain_pol, 
607                                 user_pol;
608         NTSTATUS                result = NT_STATUS_UNSUCCESSFUL;
609         uint32                  num_groups, 
610                                 user_rid;
611         uint32                  access_mask = MAXIMUM_ALLOWED_ACCESS;
612         DOM_GID                 *user_gids;
613         int                     i;
614         fstring                 server;
615         
616         if ((argc < 2) || (argc > 3)) {
617                 printf("Usage: %s rid [access mask]\n", argv[0]);
618                 return NT_STATUS_OK;
619         }
620
621         sscanf(argv[1], "%i", &user_rid);
622         
623         if (argc > 2)
624                 sscanf(argv[2], "%x", &access_mask);
625
626         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
627         strupper_m(server);
628                 
629         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
630                                    &connect_pol);
631
632         if (!NT_STATUS_IS_OK(result))
633                 goto done;
634
635         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
636                                       MAXIMUM_ALLOWED_ACCESS,
637                                       &domain_sid, &domain_pol);
638
639         if (!NT_STATUS_IS_OK(result))
640                 goto done;
641
642         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
643                                     access_mask,
644                                     user_rid, &user_pol);
645
646         if (!NT_STATUS_IS_OK(result))
647                 goto done;
648
649         result = rpccli_samr_query_usergroups(cli, mem_ctx, &user_pol,
650                                            &num_groups, &user_gids);
651
652         if (!NT_STATUS_IS_OK(result))
653                 goto done;
654
655         for (i = 0; i < num_groups; i++) {
656                 printf("\tgroup rid:[0x%x] attr:[0x%x]\n", 
657                        user_gids[i].g_rid, user_gids[i].attr);
658         }
659
660         rpccli_samr_close(cli, mem_ctx, &user_pol);
661         rpccli_samr_close(cli, mem_ctx, &domain_pol);
662         rpccli_samr_close(cli, mem_ctx, &connect_pol);
663  done:
664         return result;
665 }
666
667 /* Query aliases a user is a member of */
668
669 static NTSTATUS cmd_samr_query_useraliases(struct rpc_pipe_client *cli, 
670                                            TALLOC_CTX *mem_ctx,
671                                            int argc, const char **argv) 
672 {
673         POLICY_HND              connect_pol, domain_pol;
674         NTSTATUS                result = NT_STATUS_UNSUCCESSFUL;
675         DOM_SID                *sids;
676         size_t                     num_sids;
677         uint32                  num_aliases, *alias_rids;
678         uint32                  access_mask = MAXIMUM_ALLOWED_ACCESS;
679         int                     i;
680         fstring                 server;
681         DOM_SID2               *sid2;
682
683         if (argc < 3) {
684                 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
685                 return NT_STATUS_INVALID_PARAMETER;
686         }
687
688         sids = NULL;
689         num_sids = 0;
690
691         for (i=2; i<argc; i++) {
692                 DOM_SID tmp_sid;
693                 if (!string_to_sid(&tmp_sid, argv[i])) {
694                         printf("%s is not a legal SID\n", argv[i]);
695                         return NT_STATUS_INVALID_PARAMETER;
696                 }
697                 if (!add_sid_to_array(mem_ctx, &tmp_sid, &sids, &num_sids)) {
698                         return NT_STATUS_NO_MEMORY;
699                 }
700         }
701
702         if (num_sids) {
703                 sid2 = TALLOC_ARRAY(mem_ctx, DOM_SID2, num_sids);
704                 if (sid2 == NULL)
705                         return NT_STATUS_NO_MEMORY;
706         } else {
707                 sid2 = NULL;
708         }
709
710         for (i=0; i<num_sids; i++) {
711                 sid_copy(&sid2[i].sid, &sids[i]);
712                 sid2[i].num_auths = sid2[i].sid.num_auths;
713         }
714
715         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
716         strupper_m(server);
717                 
718         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
719                                    &connect_pol);
720
721         if (!NT_STATUS_IS_OK(result))
722                 goto done;
723
724         if (StrCaseCmp(argv[1], "domain")==0)
725                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
726                                               access_mask,
727                                               &domain_sid, &domain_pol);
728         else if (StrCaseCmp(argv[1], "builtin")==0)
729                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
730                                               access_mask,
731                                               &global_sid_Builtin,
732                                               &domain_pol);
733         else {
734                 printf("Usage: %s builtin|domain sid1 sid2 ...\n", argv[0]);
735                 return NT_STATUS_INVALID_PARAMETER;
736         }
737
738         if (!NT_STATUS_IS_OK(result))
739                 goto done;
740
741         result = rpccli_samr_query_useraliases(cli, mem_ctx, &domain_pol,
742                                             num_sids, sid2,
743                                             &num_aliases, &alias_rids);
744
745         if (!NT_STATUS_IS_OK(result))
746                 goto done;
747
748         for (i = 0; i < num_aliases; i++) {
749                 printf("\tgroup rid:[0x%x]\n", alias_rids[i]);
750         }
751
752         rpccli_samr_close(cli, mem_ctx, &domain_pol);
753         rpccli_samr_close(cli, mem_ctx, &connect_pol);
754  done:
755         return result;
756 }
757
758 /* Query members of a group */
759
760 static NTSTATUS cmd_samr_query_groupmem(struct rpc_pipe_client *cli, 
761                                         TALLOC_CTX *mem_ctx,
762                                         int argc, const char **argv) 
763 {
764         POLICY_HND connect_pol, domain_pol, group_pol;
765         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
766         uint32 num_members, *group_rids, *group_attrs, group_rid;
767         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
768         int i;
769         fstring                 server;
770         unsigned int old_timeout;
771         
772         if ((argc < 2) || (argc > 3)) {
773                 printf("Usage: %s rid [access mask]\n", argv[0]);
774                 return NT_STATUS_OK;
775         }
776
777         sscanf(argv[1], "%i", &group_rid);
778         
779         if (argc > 2)
780                 sscanf(argv[2], "%x", &access_mask);
781
782         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
783         strupper_m(server);
784
785         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
786                                    &connect_pol);
787
788         if (!NT_STATUS_IS_OK(result))
789                 goto done;
790
791         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
792                                       MAXIMUM_ALLOWED_ACCESS,
793                                       &domain_sid, &domain_pol);
794
795         if (!NT_STATUS_IS_OK(result))
796                 goto done;
797
798         result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
799                                      access_mask,
800                                      group_rid, &group_pol);
801
802         if (!NT_STATUS_IS_OK(result))
803                 goto done;
804
805         /* Make sure to wait for our DC's reply */
806         old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
807
808         result = rpccli_samr_query_groupmem(cli, mem_ctx, &group_pol,
809                                          &num_members, &group_rids,
810                                          &group_attrs);
811
812         cli_set_timeout(cli->cli, old_timeout);
813
814         if (!NT_STATUS_IS_OK(result))
815                 goto done;
816
817         for (i = 0; i < num_members; i++) {
818                 printf("\trid:[0x%x] attr:[0x%x]\n", group_rids[i],
819                        group_attrs[i]);
820         }
821
822         rpccli_samr_close(cli, mem_ctx, &group_pol);
823         rpccli_samr_close(cli, mem_ctx, &domain_pol);
824         rpccli_samr_close(cli, mem_ctx, &connect_pol);
825  done:
826         return result;
827 }
828
829 /* Enumerate domain users */
830
831 static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli, 
832                                         TALLOC_CTX *mem_ctx,
833                                         int argc, const char **argv) 
834 {
835         POLICY_HND connect_pol, domain_pol;
836         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
837         uint32 start_idx, size, num_dom_users, i;
838         char **dom_users;
839         uint32 *dom_rids;
840         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
841         uint32 acb_mask = ACB_NORMAL;
842         BOOL got_connect_pol = False, got_domain_pol = False;
843
844         if ((argc < 1) || (argc > 3)) {
845                 printf("Usage: %s [access_mask] [acb_mask]\n", argv[0]);
846                 return NT_STATUS_OK;
847         }
848         
849         if (argc > 1)
850                 sscanf(argv[1], "%x", &access_mask);
851
852         if (argc > 2)
853                 sscanf(argv[2], "%x", &acb_mask);
854
855         /* Get sam policy handle */
856
857         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
858                                    &connect_pol);
859
860         if (!NT_STATUS_IS_OK(result))
861                 goto done;
862
863         got_connect_pol = True;
864
865         /* Get domain policy handle */
866
867         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
868                                       access_mask,
869                                       &domain_sid, &domain_pol);
870
871         if (!NT_STATUS_IS_OK(result))
872                 goto done;
873
874         got_domain_pol = True;
875
876         /* Enumerate domain users */
877
878         start_idx = 0;
879         size = 0xffff;
880
881         do {
882                 result = rpccli_samr_enum_dom_users(
883                         cli, mem_ctx, &domain_pol, &start_idx, acb_mask,
884                         size, &dom_users, &dom_rids, &num_dom_users);
885
886                 if (NT_STATUS_IS_OK(result) ||
887                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
888
889                         for (i = 0; i < num_dom_users; i++)
890                                printf("user:[%s] rid:[0x%x]\n", 
891                                        dom_users[i], dom_rids[i]);
892                 }
893
894         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
895
896  done:
897         if (got_domain_pol)
898                 rpccli_samr_close(cli, mem_ctx, &domain_pol);
899
900         if (got_connect_pol)
901                 rpccli_samr_close(cli, mem_ctx, &connect_pol);
902
903         return result;
904 }
905
906 /* Enumerate domain groups */
907
908 static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli, 
909                                          TALLOC_CTX *mem_ctx,
910                                          int argc, const char **argv) 
911 {
912         POLICY_HND connect_pol, domain_pol;
913         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
914         uint32 start_idx, size, num_dom_groups, i;
915         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
916         struct acct_info *dom_groups;
917         BOOL got_connect_pol = False, got_domain_pol = False;
918
919         if ((argc < 1) || (argc > 2)) {
920                 printf("Usage: %s [access_mask]\n", argv[0]);
921                 return NT_STATUS_OK;
922         }
923         
924         if (argc > 1)
925                 sscanf(argv[1], "%x", &access_mask);
926
927         /* Get sam policy handle */
928
929         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
930                                    &connect_pol);
931
932         if (!NT_STATUS_IS_OK(result))
933                 goto done;
934
935         got_connect_pol = True;
936
937         /* Get domain policy handle */
938
939         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
940                                       access_mask,
941                                       &domain_sid, &domain_pol);
942
943         if (!NT_STATUS_IS_OK(result))
944                 goto done;
945
946         got_domain_pol = True;
947
948         /* Enumerate domain groups */
949
950         start_idx = 0;
951         size = 0xffff;
952
953         do {
954                 result = rpccli_samr_enum_dom_groups(
955                         cli, mem_ctx, &domain_pol, &start_idx, size,
956                         &dom_groups, &num_dom_groups);
957
958                 if (NT_STATUS_IS_OK(result) ||
959                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
960
961                         for (i = 0; i < num_dom_groups; i++)
962                                 printf("group:[%s] rid:[0x%x]\n", 
963                                        dom_groups[i].acct_name,
964                                        dom_groups[i].rid);
965                 }
966
967         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
968
969  done:
970         if (got_domain_pol)
971                 rpccli_samr_close(cli, mem_ctx, &domain_pol);
972
973         if (got_connect_pol)
974                 rpccli_samr_close(cli, mem_ctx, &connect_pol);
975
976         return result;
977 }
978
979 /* Enumerate alias groups */
980
981 static NTSTATUS cmd_samr_enum_als_groups(struct rpc_pipe_client *cli, 
982                                          TALLOC_CTX *mem_ctx,
983                                          int argc, const char **argv) 
984 {
985         POLICY_HND connect_pol, domain_pol;
986         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
987         uint32 start_idx, size, num_als_groups, i;
988         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
989         struct acct_info *als_groups;
990         BOOL got_connect_pol = False, got_domain_pol = False;
991
992         if ((argc < 2) || (argc > 3)) {
993                 printf("Usage: %s builtin|domain [access mask]\n", argv[0]);
994                 return NT_STATUS_OK;
995         }
996         
997         if (argc > 2)
998                 sscanf(argv[2], "%x", &access_mask);
999
1000         /* Get sam policy handle */
1001
1002         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1003                                    &connect_pol);
1004
1005         if (!NT_STATUS_IS_OK(result))
1006                 goto done;
1007
1008         got_connect_pol = True;
1009
1010         /* Get domain policy handle */
1011
1012         if (StrCaseCmp(argv[1], "domain")==0)
1013                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1014                                               access_mask,
1015                                               &domain_sid, &domain_pol);
1016         else if (StrCaseCmp(argv[1], "builtin")==0)
1017                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1018                                               access_mask,
1019                                               &global_sid_Builtin, &domain_pol);
1020         else
1021                 return NT_STATUS_OK;
1022
1023         if (!NT_STATUS_IS_OK(result))
1024                 goto done;
1025
1026         got_domain_pol = True;
1027
1028         /* Enumerate alias groups */
1029
1030         start_idx = 0;
1031         size = 0xffff;          /* Number of groups to retrieve */
1032
1033         do {
1034                 result = rpccli_samr_enum_als_groups(
1035                         cli, mem_ctx, &domain_pol, &start_idx, size,
1036                         &als_groups, &num_als_groups);
1037
1038                 if (NT_STATUS_IS_OK(result) ||
1039                     NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
1040
1041                         for (i = 0; i < num_als_groups; i++)
1042                                 printf("group:[%s] rid:[0x%x]\n", 
1043                                        als_groups[i].acct_name,
1044                                        als_groups[i].rid);
1045                 }
1046         } while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
1047
1048  done:
1049         if (got_domain_pol)
1050                 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1051         
1052         if (got_connect_pol)
1053                 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1054         
1055         return result;
1056 }
1057
1058 /* Query alias membership */
1059
1060 static NTSTATUS cmd_samr_query_aliasmem(struct rpc_pipe_client *cli, 
1061                                         TALLOC_CTX *mem_ctx,
1062                                         int argc, const char **argv) 
1063 {
1064         POLICY_HND connect_pol, domain_pol, alias_pol;
1065         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1066         uint32 alias_rid, num_members, i;
1067         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1068         DOM_SID *alias_sids;
1069
1070         if ((argc < 3) || (argc > 4)) {
1071                 printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]);
1072                 return NT_STATUS_OK;
1073         }
1074
1075         sscanf(argv[2], "%i", &alias_rid);
1076         
1077         if (argc > 3)
1078                 sscanf(argv[3], "%x", &access_mask);
1079
1080         /* Open SAMR handle */
1081
1082         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1083                                    &connect_pol);
1084
1085         if (!NT_STATUS_IS_OK(result))
1086                 goto done;
1087
1088         /* Open handle on domain */
1089         
1090         if (StrCaseCmp(argv[1], "domain")==0)
1091                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1092                                               MAXIMUM_ALLOWED_ACCESS,
1093                                               &domain_sid, &domain_pol);
1094         else if (StrCaseCmp(argv[1], "builtin")==0)
1095                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1096                                               MAXIMUM_ALLOWED_ACCESS,
1097                                               &global_sid_Builtin, &domain_pol);
1098         else
1099                 return NT_STATUS_OK;
1100
1101         if (!NT_STATUS_IS_OK(result))
1102                 goto done;
1103
1104         /* Open handle on alias */
1105
1106         result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1107                                      access_mask,
1108                                      alias_rid, &alias_pol);
1109         if (!NT_STATUS_IS_OK(result))
1110                 goto done;
1111
1112         result = rpccli_samr_query_aliasmem(cli, mem_ctx, &alias_pol,
1113                                          &num_members, &alias_sids);
1114
1115         if (!NT_STATUS_IS_OK(result))
1116                 goto done;
1117
1118         for (i = 0; i < num_members; i++) {
1119                 fstring sid_str;
1120
1121                 sid_to_string(sid_str, &alias_sids[i]);
1122                 printf("\tsid:[%s]\n", sid_str);
1123         }
1124
1125         rpccli_samr_close(cli, mem_ctx, &alias_pol);
1126         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1127         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1128  done:
1129         return result;
1130 }
1131
1132 /* Query delete an alias membership */
1133
1134 static NTSTATUS cmd_samr_delete_alias(struct rpc_pipe_client *cli, 
1135                                       TALLOC_CTX *mem_ctx,
1136                                       int argc, const char **argv) 
1137 {
1138         POLICY_HND connect_pol, domain_pol, alias_pol;
1139         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1140         uint32 alias_rid;
1141         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1142
1143         if (argc != 3) {
1144                 printf("Usage: %s builtin|domain [rid|name]\n", argv[0]);
1145                 return NT_STATUS_OK;
1146         }
1147
1148         alias_rid = strtoul(argv[2], NULL, 10);
1149         
1150         /* Open SAMR handle */
1151
1152         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1153                                    &connect_pol);
1154
1155         if (!NT_STATUS_IS_OK(result))
1156                 goto done;
1157
1158         /* Open handle on domain */
1159         
1160         if (StrCaseCmp(argv[1], "domain")==0)
1161                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1162                                               MAXIMUM_ALLOWED_ACCESS,
1163                                               &domain_sid, &domain_pol);
1164         else if (StrCaseCmp(argv[1], "builtin")==0)
1165                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1166                                               MAXIMUM_ALLOWED_ACCESS,
1167                                               &global_sid_Builtin, &domain_pol);
1168         else
1169                 return NT_STATUS_INVALID_PARAMETER;
1170
1171         if (!NT_STATUS_IS_OK(result))
1172                 goto done;
1173
1174         /* Open handle on alias */
1175
1176         result = rpccli_samr_open_alias(cli, mem_ctx, &domain_pol,
1177                                      access_mask,
1178                                      alias_rid, &alias_pol);
1179         if (!NT_STATUS_IS_OK(result) && (alias_rid == 0)) {
1180                 /* Probably this was a user name, try lookupnames */
1181                 uint32 num_rids;
1182                 uint32 *rids, *types;
1183                 
1184                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1185                                                   1000, 1, &argv[2],
1186                                                   &num_rids, &rids,
1187                                                   &types);
1188
1189                 if (NT_STATUS_IS_OK(result)) {
1190                         result = rpccli_samr_open_alias(cli, mem_ctx,
1191                                                        &domain_pol,
1192                                                        access_mask,
1193                                                        rids[0], &alias_pol);
1194                 }
1195         }
1196
1197         result = rpccli_samr_delete_dom_alias(cli, mem_ctx, &alias_pol);
1198
1199         if (!NT_STATUS_IS_OK(result))
1200                 goto done;
1201
1202         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1203         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1204  done:
1205         return result;
1206 }
1207
1208 /* Query display info */
1209
1210 static NTSTATUS cmd_samr_query_dispinfo(struct rpc_pipe_client *cli, 
1211                                         TALLOC_CTX *mem_ctx,
1212                                         int argc, const char **argv) 
1213 {
1214         POLICY_HND connect_pol, domain_pol;
1215         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1216         uint32 start_idx=0, max_entries=250, max_size = 0xffff, num_entries, i;
1217         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1218         uint32 info_level = 1;
1219         SAM_DISPINFO_CTR ctr;
1220         SAM_DISPINFO_1 info1;
1221         SAM_DISPINFO_2 info2;
1222         SAM_DISPINFO_3 info3;
1223         SAM_DISPINFO_4 info4;
1224         SAM_DISPINFO_5 info5;
1225         int loop_count = 0;
1226         BOOL got_params = False; /* Use get_query_dispinfo_params() or not? */
1227
1228         if (argc > 6) {
1229                 printf("Usage: %s [info level] [start index] [max entries] [max size] [access mask]\n", argv[0]);
1230                 return NT_STATUS_OK;
1231         }
1232
1233         if (argc >= 2)
1234                 sscanf(argv[1], "%i", &info_level);
1235         
1236         if (argc >= 3)
1237                 sscanf(argv[2], "%i", &start_idx);
1238         
1239         if (argc >= 4) {
1240                 sscanf(argv[3], "%i", &max_entries);
1241                 got_params = True;
1242         }
1243         
1244         if (argc >= 5) {
1245                 sscanf(argv[4], "%i", &max_size);
1246                 got_params = True;
1247         }
1248         
1249         if (argc >= 6)
1250                 sscanf(argv[5], "%x", &access_mask);
1251
1252         /* Get sam policy handle */
1253
1254         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1255                                    &connect_pol);
1256
1257         if (!NT_STATUS_IS_OK(result))
1258                 goto done;
1259
1260         /* Get domain policy handle */
1261
1262         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1263                                       access_mask, 
1264                                       &domain_sid, &domain_pol);
1265
1266         if (!NT_STATUS_IS_OK(result))
1267                 goto done;
1268
1269         /* Query display info */
1270
1271         ZERO_STRUCT(ctr);
1272         ZERO_STRUCT(info1);
1273         
1274         switch (info_level) {
1275         case 1:
1276                 ZERO_STRUCT(info1);
1277                 ctr.sam.info1 = &info1;
1278                 break;
1279         case 2:
1280                 ZERO_STRUCT(info2);
1281                 ctr.sam.info2 = &info2;
1282                 break;
1283         case 3:
1284                 ZERO_STRUCT(info3);
1285                 ctr.sam.info3 = &info3;
1286                 break;
1287         case 4:
1288                 ZERO_STRUCT(info4);
1289                 ctr.sam.info4 = &info4;
1290                 break;
1291         case 5:
1292                 ZERO_STRUCT(info5);
1293                 ctr.sam.info5 = &info5;
1294                 break;
1295         }
1296
1297
1298         do {
1299
1300                 if (!got_params)
1301                         get_query_dispinfo_params(
1302                                 loop_count, &max_entries, &max_size);
1303                 
1304                 result = rpccli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
1305                                                  &start_idx, info_level,
1306                                                  &num_entries, max_entries, 
1307                                                  max_size, &ctr);
1308
1309                 loop_count++;
1310
1311                 if (NT_STATUS_IS_ERR(result))
1312                         break;
1313
1314                 if (num_entries == 0) 
1315                         break;
1316
1317                 for (i = 0; i < num_entries; i++) {
1318                         switch (info_level) {
1319                         case 1:
1320                                 display_sam_info_1(&ctr.sam.info1->sam[i], &ctr.sam.info1->str[i]);
1321                                 break;
1322                         case 2:
1323                                 display_sam_info_2(&ctr.sam.info2->sam[i], &ctr.sam.info2->str[i]);
1324                                 break;
1325                         case 3:
1326                                 display_sam_info_3(&ctr.sam.info3->sam[i], &ctr.sam.info3->str[i]);
1327                                 break;
1328                         case 4:
1329                                 display_sam_info_4(&ctr.sam.info4->sam[i], &ctr.sam.info4->str[i]);
1330                                 break;
1331                         case 5:
1332                                 display_sam_info_5(&ctr.sam.info5->sam[i], &ctr.sam.info5->str[i]);
1333                                 break;
1334                         }
1335                 }
1336         } while ( NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
1337
1338         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1339         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1340  done:
1341         return result;
1342 }
1343
1344 /* Query domain info */
1345
1346 static NTSTATUS cmd_samr_query_dominfo(struct rpc_pipe_client *cli, 
1347                                        TALLOC_CTX *mem_ctx,
1348                                        int argc, const char **argv) 
1349 {
1350         POLICY_HND connect_pol, domain_pol;
1351         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1352         uint32 switch_level = 2;
1353         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1354         SAM_UNK_CTR ctr;
1355
1356         if (argc > 3) {
1357                 printf("Usage: %s [info level] [access mask]\n", argv[0]);
1358                 return NT_STATUS_OK;
1359         }
1360
1361         if (argc > 1)
1362                 sscanf(argv[1], "%i", &switch_level);
1363         
1364         if (argc > 2)
1365                 sscanf(argv[2], "%x", &access_mask);
1366
1367         /* Get sam policy handle */
1368
1369         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1370                                    &connect_pol);
1371
1372         if (!NT_STATUS_IS_OK(result))
1373                 goto done;
1374
1375         /* Get domain policy handle */
1376
1377         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1378                                       access_mask,
1379                                       &domain_sid, &domain_pol);
1380
1381         if (!NT_STATUS_IS_OK(result))
1382                 goto done;
1383
1384         /* Query domain info */
1385
1386         result = rpccli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
1387                                          switch_level, &ctr);
1388
1389         if (!NT_STATUS_IS_OK(result))
1390                 goto done;
1391
1392         /* Display domain info */
1393
1394         switch (switch_level) {
1395         case 1:
1396                 display_sam_unk_info_1(&ctr.info.inf1);
1397                 break;
1398         case 2:
1399                 display_sam_unk_info_2(&ctr.info.inf2);
1400                 break;
1401         case 3:
1402                 display_sam_unk_info_3(&ctr.info.inf3);
1403                 break;
1404         case 4:
1405                 display_sam_unk_info_4(&ctr.info.inf4);
1406                 break;
1407         case 5:
1408                 display_sam_unk_info_5(&ctr.info.inf5);
1409                 break;
1410         case 6:
1411                 display_sam_unk_info_6(&ctr.info.inf6);
1412                 break;
1413         case 7:
1414                 display_sam_unk_info_7(&ctr.info.inf7);
1415                 break;
1416         case 8:
1417                 display_sam_unk_info_8(&ctr.info.inf8);
1418                 break;
1419         case 9:
1420                 display_sam_unk_info_9(&ctr.info.inf9);
1421                 break;
1422         case 12:
1423                 display_sam_unk_info_12(&ctr.info.inf12);
1424                 break;
1425         case 13:
1426                 display_sam_unk_info_13(&ctr.info.inf13);
1427                 break;
1428
1429         default:
1430                 printf("cannot display domain info for switch value %d\n",
1431                        switch_level);
1432                 break;
1433         }
1434
1435  done:
1436  
1437         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1438         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1439         return result;
1440 }
1441
1442 /* Create domain user */
1443
1444 static NTSTATUS cmd_samr_create_dom_user(struct rpc_pipe_client *cli, 
1445                                          TALLOC_CTX *mem_ctx,
1446                                          int argc, const char **argv) 
1447 {
1448         POLICY_HND connect_pol, domain_pol, user_pol;
1449         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1450         const char *acct_name;
1451         uint32 acb_info;
1452         uint32 unknown, user_rid;
1453         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1454
1455         if ((argc < 2) || (argc > 3)) {
1456                 printf("Usage: %s username [access mask]\n", argv[0]);
1457                 return NT_STATUS_OK;
1458         }
1459
1460         acct_name = argv[1];
1461         
1462         if (argc > 2)
1463                 sscanf(argv[2], "%x", &access_mask);
1464
1465         /* Get sam policy handle */
1466
1467         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1468                                    &connect_pol);
1469
1470         if (!NT_STATUS_IS_OK(result))
1471                 goto done;
1472
1473         /* Get domain policy handle */
1474
1475         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1476                                       access_mask,
1477                                       &domain_sid, &domain_pol);
1478
1479         if (!NT_STATUS_IS_OK(result))
1480                 goto done;
1481
1482         /* Create domain user */
1483
1484         acb_info = ACB_NORMAL;
1485         unknown = 0xe005000b; /* No idea what this is - a permission mask? */
1486
1487         result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1488                                           acct_name, acb_info, unknown,
1489                                           &user_pol, &user_rid);
1490
1491         if (!NT_STATUS_IS_OK(result))
1492                 goto done;
1493
1494         result = rpccli_samr_close(cli, mem_ctx, &user_pol);
1495         if (!NT_STATUS_IS_OK(result)) goto done;
1496
1497         result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1498         if (!NT_STATUS_IS_OK(result)) goto done;
1499
1500         result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1501         if (!NT_STATUS_IS_OK(result)) goto done;
1502
1503  done:
1504         return result;
1505 }
1506
1507 /* Create domain group */
1508
1509 static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli, 
1510                                           TALLOC_CTX *mem_ctx,
1511                                           int argc, const char **argv) 
1512 {
1513         POLICY_HND connect_pol, domain_pol, group_pol;
1514         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1515         const char *grp_name;
1516         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1517
1518         if ((argc < 2) || (argc > 3)) {
1519                 printf("Usage: %s groupname [access mask]\n", argv[0]);
1520                 return NT_STATUS_OK;
1521         }
1522
1523         grp_name = argv[1];
1524         
1525         if (argc > 2)
1526                 sscanf(argv[2], "%x", &access_mask);
1527
1528         /* Get sam policy handle */
1529
1530         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1531                                    &connect_pol);
1532
1533         if (!NT_STATUS_IS_OK(result))
1534                 goto done;
1535
1536         /* Get domain policy handle */
1537
1538         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1539                                       access_mask,
1540                                       &domain_sid, &domain_pol);
1541
1542         if (!NT_STATUS_IS_OK(result))
1543                 goto done;
1544
1545         /* Create domain user */
1546
1547         result = rpccli_samr_create_dom_group(cli, mem_ctx, &domain_pol,
1548                                            grp_name, MAXIMUM_ALLOWED_ACCESS,
1549                                            &group_pol);
1550
1551         if (!NT_STATUS_IS_OK(result))
1552                 goto done;
1553
1554         result = rpccli_samr_close(cli, mem_ctx, &group_pol);
1555         if (!NT_STATUS_IS_OK(result)) goto done;
1556
1557         result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1558         if (!NT_STATUS_IS_OK(result)) goto done;
1559
1560         result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1561         if (!NT_STATUS_IS_OK(result)) goto done;
1562
1563  done:
1564         return result;
1565 }
1566
1567 /* Create domain alias */
1568
1569 static NTSTATUS cmd_samr_create_dom_alias(struct rpc_pipe_client *cli, 
1570                                           TALLOC_CTX *mem_ctx,
1571                                           int argc, const char **argv) 
1572 {
1573         POLICY_HND connect_pol, domain_pol, alias_pol;
1574         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1575         const char *alias_name;
1576         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1577
1578         if ((argc < 2) || (argc > 3)) {
1579                 printf("Usage: %s aliasname [access mask]\n", argv[0]);
1580                 return NT_STATUS_OK;
1581         }
1582
1583         alias_name = argv[1];
1584         
1585         if (argc > 2)
1586                 sscanf(argv[2], "%x", &access_mask);
1587
1588         /* Get sam policy handle */
1589
1590         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1591                                    &connect_pol);
1592
1593         if (!NT_STATUS_IS_OK(result))
1594                 goto done;
1595
1596         /* Get domain policy handle */
1597
1598         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1599                                          access_mask,
1600                                          &domain_sid, &domain_pol);
1601
1602         if (!NT_STATUS_IS_OK(result))
1603                 goto done;
1604
1605         /* Create domain user */
1606
1607         result = rpccli_samr_create_dom_alias(cli, mem_ctx, &domain_pol,
1608                                               alias_name, &alias_pol);
1609
1610         if (!NT_STATUS_IS_OK(result))
1611                 goto done;
1612
1613         result = rpccli_samr_close(cli, mem_ctx, &alias_pol);
1614         if (!NT_STATUS_IS_OK(result)) goto done;
1615
1616         result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
1617         if (!NT_STATUS_IS_OK(result)) goto done;
1618
1619         result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
1620         if (!NT_STATUS_IS_OK(result)) goto done;
1621
1622  done:
1623         return result;
1624 }
1625
1626 /* Lookup sam names */
1627
1628 static NTSTATUS cmd_samr_lookup_names(struct rpc_pipe_client *cli, 
1629                                       TALLOC_CTX *mem_ctx,
1630                                       int argc, const char **argv) 
1631 {
1632         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1633         POLICY_HND connect_pol, domain_pol;
1634         uint32 flags = 0x000003e8; /* Unknown */
1635         uint32 num_rids, num_names, *name_types, *rids;
1636         const char **names;
1637         int i;
1638
1639         if (argc < 3) {
1640                 printf("Usage: %s  domain|builtin name1 [name2 [name3] [...]]\n", argv[0]);
1641                 printf("check on the domain SID: S-1-5-21-x-y-z\n");
1642                 printf("or check on the builtin SID: S-1-5-32\n");
1643                 return NT_STATUS_OK;
1644         }
1645
1646         /* Get sam policy and domain handles */
1647
1648         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1649                                    &connect_pol);
1650
1651         if (!NT_STATUS_IS_OK(result))
1652                 goto done;
1653
1654         if (StrCaseCmp(argv[1], "domain")==0)
1655                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1656                                               MAXIMUM_ALLOWED_ACCESS,
1657                                               &domain_sid, &domain_pol);
1658         else if (StrCaseCmp(argv[1], "builtin")==0)
1659                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1660                                               MAXIMUM_ALLOWED_ACCESS,
1661                                               &global_sid_Builtin, &domain_pol);
1662         else
1663                 return NT_STATUS_OK;
1664
1665         if (!NT_STATUS_IS_OK(result))
1666                 goto done;
1667
1668         /* Look up names */
1669
1670         num_names = argc - 2;
1671
1672         if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
1673                 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1674                 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1675                 result = NT_STATUS_NO_MEMORY;
1676                 goto done;
1677         }
1678
1679         for (i = 0; i < num_names; i++)
1680                 names[i] = argv[i + 2];
1681
1682         result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1683                                        flags, num_names, names,
1684                                        &num_rids, &rids, &name_types);
1685
1686         if (!NT_STATUS_IS_OK(result))
1687                 goto done;
1688
1689         /* Display results */
1690
1691         for (i = 0; i < num_names; i++)
1692                 printf("name %s: 0x%x (%d)\n", names[i], rids[i], 
1693                        name_types[i]);
1694
1695         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1696         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1697  done:
1698         return result;
1699 }
1700
1701 /* Lookup sam rids */
1702
1703 static NTSTATUS cmd_samr_lookup_rids(struct rpc_pipe_client *cli, 
1704                                      TALLOC_CTX *mem_ctx,
1705                                      int argc, const char **argv) 
1706 {
1707         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1708         POLICY_HND connect_pol, domain_pol;
1709         uint32 num_rids, num_names, *rids, *name_types;
1710         char **names;
1711         int i;
1712
1713         if (argc < 3) {
1714                 printf("Usage: %s domain|builtin rid1 [rid2 [rid3] [...]]\n", argv[0]);
1715                 return NT_STATUS_OK;
1716         }
1717
1718         /* Get sam policy and domain handles */
1719
1720         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1721                                    &connect_pol);
1722
1723         if (!NT_STATUS_IS_OK(result))
1724                 goto done;
1725
1726         if (StrCaseCmp(argv[1], "domain")==0)
1727                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1728                                               MAXIMUM_ALLOWED_ACCESS,
1729                                               &domain_sid, &domain_pol);
1730         else if (StrCaseCmp(argv[1], "builtin")==0)
1731                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1732                                               MAXIMUM_ALLOWED_ACCESS,
1733                                               &global_sid_Builtin, &domain_pol);
1734         else
1735                 return NT_STATUS_OK;
1736
1737         if (!NT_STATUS_IS_OK(result))
1738                 goto done;
1739
1740         /* Look up rids */
1741
1742         num_rids = argc - 2;
1743
1744         if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
1745                 rpccli_samr_close(cli, mem_ctx, &domain_pol);
1746                 rpccli_samr_close(cli, mem_ctx, &connect_pol);
1747                 result = NT_STATUS_NO_MEMORY;
1748                 goto done;
1749         }
1750
1751         for (i = 0; i < argc - 2; i++)
1752                 sscanf(argv[i + 2], "%i", &rids[i]);
1753
1754         result = rpccli_samr_lookup_rids(cli, mem_ctx, &domain_pol, num_rids, rids,
1755                                       &num_names, &names, &name_types);
1756
1757         if (!NT_STATUS_IS_OK(result) &&
1758             !NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
1759                 goto done;
1760
1761         /* Display results */
1762
1763         for (i = 0; i < num_names; i++)
1764                 printf("rid 0x%x: %s (%d)\n", rids[i], names[i], name_types[i]);
1765
1766         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1767         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1768  done:
1769         return result;
1770 }
1771
1772 /* Delete domain group */
1773
1774 static NTSTATUS cmd_samr_delete_dom_group(struct rpc_pipe_client *cli, 
1775                                          TALLOC_CTX *mem_ctx,
1776                                          int argc, const char **argv) 
1777 {
1778         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1779         POLICY_HND connect_pol, domain_pol, group_pol;
1780         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1781
1782         if ((argc < 2) || (argc > 3)) {
1783                 printf("Usage: %s groupname\n", argv[0]);
1784                 return NT_STATUS_OK;
1785         }
1786         
1787         if (argc > 2)
1788                 sscanf(argv[2], "%x", &access_mask);
1789
1790         /* Get sam policy and domain handles */
1791
1792         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1793                                    &connect_pol);
1794
1795         if (!NT_STATUS_IS_OK(result))
1796                 goto done;
1797
1798         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1799                                       MAXIMUM_ALLOWED_ACCESS,
1800                                       &domain_sid, &domain_pol);
1801
1802         if (!NT_STATUS_IS_OK(result))
1803                 goto done;
1804
1805         /* Get handle on group */
1806
1807         {
1808                 uint32 *group_rids, num_rids, *name_types;
1809                 uint32 flags = 0x000003e8; /* Unknown */
1810
1811                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1812                                                flags, 1, (const char **)&argv[1],
1813                                                &num_rids, &group_rids,
1814                                                &name_types);
1815
1816                 if (!NT_STATUS_IS_OK(result))
1817                         goto done;
1818
1819                 result = rpccli_samr_open_group(cli, mem_ctx, &domain_pol,
1820                                                 access_mask,
1821                                                 group_rids[0], &group_pol);
1822
1823                 if (!NT_STATUS_IS_OK(result))
1824                         goto done;
1825         }
1826
1827         /* Delete user */
1828
1829         result = rpccli_samr_delete_dom_group(cli, mem_ctx, &group_pol);
1830
1831         if (!NT_STATUS_IS_OK(result))
1832                 goto done;
1833
1834         /* Display results */
1835
1836         rpccli_samr_close(cli, mem_ctx, &group_pol);
1837         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1838         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1839
1840  done:
1841         return result;
1842 }
1843
1844 /* Delete domain user */
1845
1846 static NTSTATUS cmd_samr_delete_dom_user(struct rpc_pipe_client *cli, 
1847                                          TALLOC_CTX *mem_ctx,
1848                                          int argc, const char **argv) 
1849 {
1850         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1851         POLICY_HND connect_pol, domain_pol, user_pol;
1852         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
1853
1854         if ((argc < 2) || (argc > 3)) {
1855                 printf("Usage: %s username\n", argv[0]);
1856                 return NT_STATUS_OK;
1857         }
1858         
1859         if (argc > 2)
1860                 sscanf(argv[2], "%x", &access_mask);
1861
1862         /* Get sam policy and domain handles */
1863
1864         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
1865                                    &connect_pol);
1866
1867         if (!NT_STATUS_IS_OK(result))
1868                 goto done;
1869
1870         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1871                                       MAXIMUM_ALLOWED_ACCESS,
1872                                       &domain_sid, &domain_pol);
1873
1874         if (!NT_STATUS_IS_OK(result))
1875                 goto done;
1876
1877         /* Get handle on user */
1878
1879         {
1880                 uint32 *user_rids, num_rids, *name_types;
1881                 uint32 flags = 0x000003e8; /* Unknown */
1882
1883                 result = rpccli_samr_lookup_names(cli, mem_ctx, &domain_pol,
1884                                                flags, 1, (const char **)&argv[1],
1885                                                &num_rids, &user_rids,
1886                                                &name_types);
1887
1888                 if (!NT_STATUS_IS_OK(result))
1889                         goto done;
1890
1891                 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1892                                             access_mask,
1893                                             user_rids[0], &user_pol);
1894
1895                 if (!NT_STATUS_IS_OK(result))
1896                         goto done;
1897         }
1898
1899         /* Delete user */
1900
1901         result = rpccli_samr_delete_dom_user(cli, mem_ctx, &user_pol);
1902
1903         if (!NT_STATUS_IS_OK(result))
1904                 goto done;
1905
1906         /* Display results */
1907
1908         rpccli_samr_close(cli, mem_ctx, &user_pol);
1909         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1910         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1911
1912  done:
1913         return result;
1914 }
1915
1916 /**********************************************************************
1917  * Query user security object 
1918  */
1919 static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli, 
1920                                     TALLOC_CTX *mem_ctx,
1921                                     int argc, const char **argv) 
1922 {
1923         POLICY_HND connect_pol, domain_pol, user_pol, *pol;
1924         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1925         uint32 sec_info = DACL_SECURITY_INFORMATION;
1926         fstring server;
1927         uint32 user_rid = 0;
1928         TALLOC_CTX *ctx = NULL;
1929         SEC_DESC_BUF *sec_desc_buf=NULL;
1930         BOOL domain = False;
1931
1932         ctx=talloc_init("cmd_samr_query_sec_obj");
1933         
1934         if ((argc < 1) || (argc > 3)) {
1935                 printf("Usage: %s [rid|-d] [sec_info]\n", argv[0]);
1936                 printf("\tSpecify rid for security on user, -d for security on domain\n");
1937                 talloc_destroy(ctx);
1938                 return NT_STATUS_OK;
1939         }
1940         
1941         if (argc > 1) {
1942                 if (strcmp(argv[1], "-d") == 0)
1943                         domain = True;
1944                 else
1945                         sscanf(argv[1], "%i", &user_rid);
1946         }
1947
1948         if (argc == 3) {
1949                 sec_info = atoi(argv[2]);
1950         }
1951         
1952         slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost);
1953         strupper_m(server);
1954         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1955                                    &connect_pol);
1956
1957         if (!NT_STATUS_IS_OK(result))
1958                 goto done;
1959
1960         if (domain || user_rid)
1961                 result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
1962                                               MAXIMUM_ALLOWED_ACCESS,
1963                                               &domain_sid, &domain_pol);
1964
1965         if (!NT_STATUS_IS_OK(result))
1966                 goto done;
1967
1968         if (user_rid)
1969                 result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
1970                                             MAXIMUM_ALLOWED_ACCESS,
1971                                             user_rid, &user_pol);
1972
1973         if (!NT_STATUS_IS_OK(result))
1974                 goto done;
1975
1976         /* Pick which query pol to use */
1977
1978         pol = &connect_pol;
1979
1980         if (domain)
1981                 pol = &domain_pol;
1982
1983         if (user_rid)
1984                 pol = &user_pol;
1985
1986         /* Query SAM security object */
1987
1988         result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx, 
1989                                         &sec_desc_buf);
1990
1991         if (!NT_STATUS_IS_OK(result))
1992                 goto done;
1993
1994         display_sec_desc(sec_desc_buf->sd);
1995
1996         rpccli_samr_close(cli, mem_ctx, &user_pol);
1997         rpccli_samr_close(cli, mem_ctx, &domain_pol);
1998         rpccli_samr_close(cli, mem_ctx, &connect_pol);
1999 done:
2000         talloc_destroy(ctx);
2001         return result;
2002 }
2003
2004 static NTSTATUS cmd_samr_get_usrdom_pwinfo(struct rpc_pipe_client *cli, 
2005                                            TALLOC_CTX *mem_ctx,
2006                                            int argc, const char **argv) 
2007 {
2008         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2009         POLICY_HND connect_pol, domain_pol, user_pol;
2010         uint16 min_pwd_length;
2011         uint32 password_properties, unknown1, rid;
2012
2013         if (argc != 2) {
2014                 printf("Usage: %s rid\n", argv[0]);
2015                 return NT_STATUS_OK;
2016         }
2017         
2018         sscanf(argv[1], "%i", &rid);
2019
2020         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2021                                    &connect_pol);
2022
2023         if (!NT_STATUS_IS_OK(result)) {
2024                 goto done;
2025         }
2026
2027         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2028                                          MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol);
2029
2030         if (!NT_STATUS_IS_OK(result)) {
2031                 goto done;
2032         }
2033
2034         result = rpccli_samr_open_user(cli, mem_ctx, &domain_pol,
2035                                        MAXIMUM_ALLOWED_ACCESS,
2036                                        rid, &user_pol);
2037
2038         if (!NT_STATUS_IS_OK(result)) {
2039                 goto done;
2040         }
2041
2042         result = rpccli_samr_get_usrdom_pwinfo(cli, mem_ctx, &user_pol,
2043                                                &min_pwd_length, &password_properties, 
2044                                                &unknown1) ;
2045
2046         if (NT_STATUS_IS_OK(result)) {
2047                 printf("min_pwd_length: %d\n", min_pwd_length);
2048                 printf("unknown1: %d\n", unknown1);
2049                 display_password_properties(password_properties);
2050         }
2051
2052  done:
2053         rpccli_samr_close(cli, mem_ctx, &user_pol);
2054         rpccli_samr_close(cli, mem_ctx, &domain_pol);
2055         rpccli_samr_close(cli, mem_ctx, &connect_pol);
2056
2057         return result;
2058 }
2059
2060
2061 static NTSTATUS cmd_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, 
2062                                         TALLOC_CTX *mem_ctx,
2063                                         int argc, const char **argv) 
2064 {
2065         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2066         uint16 min_pwd_length;
2067         uint32 password_properties;
2068
2069         if (argc != 1) {
2070                 printf("Usage: %s\n", argv[0]);
2071                 return NT_STATUS_OK;
2072         }
2073
2074         result = rpccli_samr_get_dom_pwinfo(cli, mem_ctx, &min_pwd_length, &password_properties) ;
2075         
2076         if (NT_STATUS_IS_OK(result)) {
2077                 printf("min_pwd_length: %d\n", min_pwd_length);
2078                 display_password_properties(password_properties);
2079         }
2080
2081         return result;
2082 }
2083
2084 /* Look up domain name */
2085
2086 static NTSTATUS cmd_samr_lookup_domain(struct rpc_pipe_client *cli, 
2087                                        TALLOC_CTX *mem_ctx,
2088                                        int argc, const char **argv) 
2089 {
2090         POLICY_HND connect_pol, domain_pol;
2091         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2092         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2093         fstring domain_name,sid_string;
2094         DOM_SID sid;
2095         
2096         if (argc != 2) {
2097                 printf("Usage: %s domain_name\n", argv[0]);
2098                 return NT_STATUS_OK;
2099         }
2100         
2101         sscanf(argv[1], "%s", domain_name);
2102         
2103         result = try_samr_connects(cli, mem_ctx, access_mask, &connect_pol);
2104         
2105         if (!NT_STATUS_IS_OK(result))
2106                 goto done;
2107
2108         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2109                                       access_mask, &domain_sid, &domain_pol);
2110
2111         if (!NT_STATUS_IS_OK(result))
2112                 goto done;
2113         
2114         result = rpccli_samr_lookup_domain(
2115                 cli, mem_ctx, &connect_pol, domain_name, &sid);
2116
2117         sid_to_string(sid_string,&sid);
2118  
2119         if (NT_STATUS_IS_OK(result)) 
2120                 printf("SAMR_LOOKUP_DOMAIN: Domain Name: %s Domain SID: %s\n",
2121                        domain_name,sid_string);
2122
2123         rpccli_samr_close(cli, mem_ctx, &domain_pol);
2124         rpccli_samr_close(cli, mem_ctx, &connect_pol);
2125 done:
2126         return result;
2127 }
2128
2129 /* Change user password */
2130
2131 static NTSTATUS cmd_samr_chgpasswd2(struct rpc_pipe_client *cli, 
2132                                     TALLOC_CTX *mem_ctx,
2133                                     int argc, const char **argv) 
2134 {
2135         POLICY_HND connect_pol, domain_pol;
2136         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2137         const char *user, *oldpass, *newpass;
2138         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2139
2140         if (argc < 3) {
2141                 printf("Usage: %s username oldpass newpass\n", argv[0]);
2142                 return NT_STATUS_INVALID_PARAMETER;
2143         }
2144
2145         user = argv[1];
2146         oldpass = argv[2];
2147         newpass = argv[3];
2148         
2149         /* Get sam policy handle */
2150
2151         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2152                                    &connect_pol);
2153
2154         if (!NT_STATUS_IS_OK(result))
2155                 goto done;
2156
2157         /* Get domain policy handle */
2158
2159         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2160                                       access_mask,
2161                                       &domain_sid, &domain_pol);
2162
2163         if (!NT_STATUS_IS_OK(result))
2164                 goto done;
2165
2166         /* Change user password */
2167         result = rpccli_samr_chgpasswd_user(cli, mem_ctx, user, newpass, oldpass);
2168
2169         if (!NT_STATUS_IS_OK(result))
2170                 goto done;
2171
2172         result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
2173         if (!NT_STATUS_IS_OK(result)) goto done;
2174
2175         result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
2176         if (!NT_STATUS_IS_OK(result)) goto done;
2177
2178  done:
2179         return result;
2180 }
2181
2182
2183 /* Change user password */
2184
2185 static NTSTATUS cmd_samr_chgpasswd3(struct rpc_pipe_client *cli, 
2186                                     TALLOC_CTX *mem_ctx,
2187                                     int argc, const char **argv) 
2188 {
2189         POLICY_HND connect_pol, domain_pol;
2190         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
2191         const char *user, *oldpass, *newpass;
2192         uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
2193         SAM_UNK_INFO_1 info;
2194         SAMR_CHANGE_REJECT reject;
2195
2196         if (argc < 3) {
2197                 printf("Usage: %s username oldpass newpass\n", argv[0]);
2198                 return NT_STATUS_INVALID_PARAMETER;
2199         }
2200
2201         user = argv[1];
2202         oldpass = argv[2];
2203         newpass = argv[3];
2204         
2205         /* Get sam policy handle */
2206
2207         result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, 
2208                                    &connect_pol);
2209
2210         if (!NT_STATUS_IS_OK(result))
2211                 goto done;
2212
2213         /* Get domain policy handle */
2214
2215         result = rpccli_samr_open_domain(cli, mem_ctx, &connect_pol,
2216                                       access_mask,
2217                                       &domain_sid, &domain_pol);
2218
2219         if (!NT_STATUS_IS_OK(result))
2220                 goto done;
2221
2222         /* Change user password */
2223         result = rpccli_samr_chgpasswd3(cli, mem_ctx, user, newpass, oldpass, &info, &reject);
2224
2225         if (NT_STATUS_EQUAL(result, NT_STATUS_PASSWORD_RESTRICTION)) {
2226         
2227                 display_sam_unk_info_1(&info);
2228
2229                 switch (reject.reject_reason) {
2230                         case REJECT_REASON_TOO_SHORT:
2231                                 d_printf("REJECT_REASON_TOO_SHORT\n");
2232                                 break;
2233                         case REJECT_REASON_IN_HISTORY:
2234                                 d_printf("REJECT_REASON_IN_HISTORY\n");
2235                                 break;
2236                         case REJECT_REASON_NOT_COMPLEX:
2237                                 d_printf("REJECT_REASON_NOT_COMPLEX\n");
2238                                 break;
2239                         case REJECT_REASON_OTHER:
2240                                 d_printf("REJECT_REASON_OTHER\n");
2241                                 break;
2242                         default:
2243                                 d_printf("unknown reject reason: %d\n", reject.reject_reason);
2244                                 break;
2245                 }
2246         }
2247
2248         if (!NT_STATUS_IS_OK(result))
2249                 goto done;
2250
2251         result = rpccli_samr_close(cli, mem_ctx, &domain_pol);
2252         if (!NT_STATUS_IS_OK(result)) goto done;
2253
2254         result = rpccli_samr_close(cli, mem_ctx, &connect_pol);
2255         if (!NT_STATUS_IS_OK(result)) goto done;
2256
2257  done:
2258         return result;
2259 }
2260
2261 /* List of commands exported by this module */
2262
2263 struct cmd_set samr_commands[] = {
2264
2265         { "SAMR" },
2266
2267         { "queryuser",  RPC_RTYPE_NTSTATUS, cmd_samr_query_user,                NULL, PI_SAMR, NULL,    "Query user info",         "" },
2268         { "querygroup",         RPC_RTYPE_NTSTATUS, cmd_samr_query_group,               NULL, PI_SAMR, NULL,    "Query group info",        "" },
2269         { "queryusergroups",    RPC_RTYPE_NTSTATUS, cmd_samr_query_usergroups,  NULL, PI_SAMR, NULL,    "Query user groups",       "" },
2270         { "queryuseraliases",   RPC_RTYPE_NTSTATUS, cmd_samr_query_useraliases,         NULL, PI_SAMR, NULL,    "Query user aliases",      "" },
2271         { "querygroupmem",      RPC_RTYPE_NTSTATUS, cmd_samr_query_groupmem,    NULL, PI_SAMR, NULL,    "Query group membership",  "" },
2272         { "queryaliasmem",      RPC_RTYPE_NTSTATUS, cmd_samr_query_aliasmem,    NULL, PI_SAMR, NULL,    "Query alias membership",  "" },
2273         { "deletealias",        RPC_RTYPE_NTSTATUS, cmd_samr_delete_alias,      NULL, PI_SAMR, NULL,    "Delete an alias",  "" },
2274         { "querydispinfo",      RPC_RTYPE_NTSTATUS, cmd_samr_query_dispinfo,    NULL, PI_SAMR, NULL,    "Query display info",      "" },
2275         { "querydominfo",       RPC_RTYPE_NTSTATUS, cmd_samr_query_dominfo,     NULL, PI_SAMR, NULL,    "Query domain info",       "" },
2276         { "enumdomusers",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_users,       NULL, PI_SAMR, NULL,  "Enumerate domain users", "" },
2277         { "enumdomgroups",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_dom_groups,       NULL, PI_SAMR, NULL,        "Enumerate domain groups", "" },
2278         { "enumalsgroups",      RPC_RTYPE_NTSTATUS, cmd_samr_enum_als_groups,       NULL, PI_SAMR, NULL,        "Enumerate alias groups",  "" },
2279
2280         { "createdomuser",      RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_user,       NULL, PI_SAMR, NULL,        "Create domain user",      "" },
2281         { "createdomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_group,      NULL, PI_SAMR, NULL,        "Create domain group",     "" },
2282         { "createdomalias",     RPC_RTYPE_NTSTATUS, cmd_samr_create_dom_alias,      NULL, PI_SAMR, NULL,        "Create domain alias",     "" },
2283         { "samlookupnames",     RPC_RTYPE_NTSTATUS, cmd_samr_lookup_names,          NULL, PI_SAMR, NULL,        "Look up names",           "" },
2284         { "samlookuprids",      RPC_RTYPE_NTSTATUS, cmd_samr_lookup_rids,           NULL, PI_SAMR, NULL,        "Look up names",           "" },
2285         { "deletedomgroup",     RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_group,      NULL, PI_SAMR, NULL,        "Delete domain group",     "" },
2286         { "deletedomuser",      RPC_RTYPE_NTSTATUS, cmd_samr_delete_dom_user,       NULL, PI_SAMR, NULL,        "Delete domain user",      "" },
2287         { "samquerysecobj",     RPC_RTYPE_NTSTATUS, cmd_samr_query_sec_obj,         NULL, PI_SAMR, NULL, "Query SAMR security object",   "" },
2288         { "getdompwinfo",       RPC_RTYPE_NTSTATUS, cmd_samr_get_dom_pwinfo,        NULL, PI_SAMR, NULL, "Retrieve domain password info", "" },
2289         { "getusrdompwinfo",    RPC_RTYPE_NTSTATUS, cmd_samr_get_usrdom_pwinfo,     NULL, PI_SAMR, NULL, "Retrieve user domain password info", "" },
2290
2291         { "lookupdomain",       RPC_RTYPE_NTSTATUS, cmd_samr_lookup_domain,         NULL, PI_SAMR, NULL, "Lookup Domain Name", "" },
2292         { "chgpasswd2",         RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd2,            NULL, PI_SAMR, NULL, "Change user password", "" },
2293         { "chgpasswd3",         RPC_RTYPE_NTSTATUS, cmd_samr_chgpasswd3,            NULL, PI_SAMR, NULL, "Change user password", "" },
2294         { NULL }
2295 };