search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-lsa: Fix static list of luids in our privileges implementation.
[Samba/ekacnet.git] / source3 / rpcclient / cmd_lsarpc.c
blob1cc16fb7f45adf421f7720804518b3e0dc5cdf2d
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
7 Copyright (C) Guenther Deschner 2008
8
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
13
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
18
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 */
22
23 #include "includes.h"
24 #include "rpcclient.h"
25 #include "../libcli/auth/libcli_auth.h"
26 #include "../librpc/gen_ndr/cli_lsa.h"
27 #include "rpc_client/cli_lsarpc.h"
28
29 /* useful function to allow entering a name instead of a SID and
30 * looking it up automatically */
31 static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
32 TALLOC_CTX *mem_ctx,
33 struct dom_sid *sid, const char *name)
34 {
35 struct policy_handle pol;
36 enum lsa_SidType *sid_types;
37 NTSTATUS result;
38 struct dom_sid *sids;
39
40 /* maybe its a raw SID */
41 if (strncmp(name, "S-", 2) == 0 &&
42 string_to_sid(sid, name)) {
43 return NT_STATUS_OK;
44 }
45
46 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
47 SEC_FLAG_MAXIMUM_ALLOWED,
48 &pol);
49 if (!NT_STATUS_IS_OK(result))
50 goto done;
51
52 result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, NULL, 1, &sids, &sid_types);
53 if (!NT_STATUS_IS_OK(result))
54 goto done;
55
56 rpccli_lsa_Close(cli, mem_ctx, &pol);
57
58 *sid = sids[0];
59
60 done:
61 return result;
62 }
63
64 static void display_query_info_1(struct lsa_AuditLogInfo *r)
65 {
66 d_printf("percent_full:\t%d\n", r->percent_full);
67 d_printf("maximum_log_size:\t%d\n", r->maximum_log_size);
68 d_printf("retention_time:\t%lld\n", (long long)r->retention_time);
69 d_printf("shutdown_in_progress:\t%d\n", r->shutdown_in_progress);
70 d_printf("time_to_shutdown:\t%lld\n", (long long)r->time_to_shutdown);
71 d_printf("next_audit_record:\t%d\n", r->next_audit_record);
72 }
73
74 static void display_query_info_2(struct lsa_AuditEventsInfo *r)
75 {
76 int i;
77 d_printf("Auditing enabled:\t%d\n", r->auditing_mode);
78 d_printf("Auditing categories:\t%d\n", r->count);
79 d_printf("Auditsettings:\n");
80 for (i=0; i<r->count; i++) {
81 const char *val = audit_policy_str(talloc_tos(), r->settings[i]);
82 const char *policy = audit_description_str(i);
83 d_printf("%s:\t%s\n", policy, val);
84 }
85 }
86
87 static void display_query_info_3(struct lsa_DomainInfo *r)
88 {
89 d_printf("Domain Name: %s\n", r->name.string);
90 d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
91 }
92
93 static void display_query_info_5(struct lsa_DomainInfo *r)
94 {
95 d_printf("Domain Name: %s\n", r->name.string);
96 d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
97 }
98
99 static void display_query_info_10(struct lsa_AuditFullSetInfo *r)
100 {
101 d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
102 }
103
104 static void display_query_info_11(struct lsa_AuditFullQueryInfo *r)
105 {
106 d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
107 d_printf("Log is full: %d\n", r->log_is_full);
108 }
109
110 static void display_query_info_12(struct lsa_DnsDomainInfo *r)
111 {
112 d_printf("Domain NetBios Name: %s\n", r->name.string);
113 d_printf("Domain DNS Name: %s\n", r->dns_domain.string);
114 d_printf("Domain Forest Name: %s\n", r->dns_forest.string);
115 d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
116 d_printf("Domain GUID: %s\n", GUID_string(talloc_tos(),
117 &r->domain_guid));
118 }
119
120 static void display_lsa_query_info(union lsa_PolicyInformation *info,
121 enum lsa_PolicyInfo level)
122 {
123 switch (level) {
124 case 1:
125 display_query_info_1(&info->audit_log);
126 break;
127 case 2:
128 display_query_info_2(&info->audit_events);
129 break;
130 case 3:
131 display_query_info_3(&info->domain);
132 break;
133 case 5:
134 display_query_info_5(&info->account_domain);
135 break;
136 case 10:
137 display_query_info_10(&info->auditfullset);
138 break;
139 case 11:
140 display_query_info_11(&info->auditfullquery);
141 break;
142 case 12:
143 display_query_info_12(&info->dns);
144 break;
145 default:
146 printf("can't display info level: %d\n", level);
147 break;
148 }
149 }
150
151 static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
152 TALLOC_CTX *mem_ctx, int argc,
153 const char **argv)
154 {
155 struct policy_handle pol;
156 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
157 union lsa_PolicyInformation *info = NULL;
158
159 uint32 info_class = 3;
160
161 if (argc > 2) {
162 printf("Usage: %s [info_class]\n", argv[0]);
163 return NT_STATUS_OK;
164 }
165
166 if (argc == 2)
167 info_class = atoi(argv[1]);
168
169 switch (info_class) {
170 case 12:
171 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
172 SEC_FLAG_MAXIMUM_ALLOWED,
173 &pol);
174
175 if (!NT_STATUS_IS_OK(result))
176 goto done;
177
178 result = rpccli_lsa_QueryInfoPolicy2(cli, mem_ctx,
179 &pol,
180 info_class,
181 &info);
182 break;
183 default:
184 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
185 SEC_FLAG_MAXIMUM_ALLOWED,
186 &pol);
187
188 if (!NT_STATUS_IS_OK(result))
189 goto done;
190
191 result = rpccli_lsa_QueryInfoPolicy(cli, mem_ctx,
192 &pol,
193 info_class,
194 &info);
195 }
196
197 if (NT_STATUS_IS_OK(result)) {
198 display_lsa_query_info(info, info_class);
199 }
200
201 rpccli_lsa_Close(cli, mem_ctx, &pol);
202
203 done:
204 return result;
205 }
206
207 /* Resolve a list of names to a list of sids */
208
209 static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
210 TALLOC_CTX *mem_ctx, int argc,
211 const char **argv)
212 {
213 struct policy_handle pol;
214 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
215 struct dom_sid *sids;
216 enum lsa_SidType *types;
217 int i;
218
219 if (argc == 1) {
220 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
221 return NT_STATUS_OK;
222 }
223
224 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
225 SEC_FLAG_MAXIMUM_ALLOWED,
226 &pol);
227
228 if (!NT_STATUS_IS_OK(result))
229 goto done;
230
231 result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
232 (const char**)(argv + 1), NULL, 1, &sids, &types);
233
234 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
235 NT_STATUS_V(STATUS_SOME_UNMAPPED))
236 goto done;
237
238 result = NT_STATUS_OK;
239
240 /* Print results */
241
242 for (i = 0; i < (argc - 1); i++) {
243 fstring sid_str;
244 sid_to_fstring(sid_str, &sids[i]);
245 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
246 sid_type_lookup(types[i]), types[i]);
247 }
248
249 rpccli_lsa_Close(cli, mem_ctx, &pol);
250
251 done:
252 return result;
253 }
254
255 /* Resolve a list of names to a list of sids */
256
257 static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli,
258 TALLOC_CTX *mem_ctx, int argc,
259 const char **argv)
260 {
261 struct policy_handle pol;
262 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
263 struct dom_sid *sids;
264 enum lsa_SidType *types;
265 int i, level;
266
267 if (argc < 3) {
268 printf("Usage: %s [level] [name1 [name2 [...]]]\n", argv[0]);
269 return NT_STATUS_OK;
270 }
271
272 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
273 SEC_FLAG_MAXIMUM_ALLOWED,
274 &pol);
275
276 if (!NT_STATUS_IS_OK(result))
277 goto done;
278
279 level = atoi(argv[1]);
280
281 result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 2,
282 (const char**)(argv + 2), NULL, level, &sids, &types);
283
284 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
285 NT_STATUS_V(STATUS_SOME_UNMAPPED))
286 goto done;
287
288 result = NT_STATUS_OK;
289
290 /* Print results */
291
292 for (i = 0; i < (argc - 2); i++) {
293 fstring sid_str;
294 sid_to_fstring(sid_str, &sids[i]);
295 printf("%s %s (%s: %d)\n", argv[i + 2], sid_str,
296 sid_type_lookup(types[i]), types[i]);
297 }
298
299 rpccli_lsa_Close(cli, mem_ctx, &pol);
300
301 done:
302 return result;
303 }
304
305 static NTSTATUS cmd_lsa_lookup_names4(struct rpc_pipe_client *cli,
306 TALLOC_CTX *mem_ctx, int argc,
307 const char **argv)
308 {
309 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
310
311 uint32_t num_names;
312 struct lsa_String *names;
313 struct lsa_RefDomainList *domains;
314 struct lsa_TransSidArray3 sids;
315 uint32_t count = 0;
316 int i;
317
318 if (argc == 1) {
319 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
320 return NT_STATUS_OK;
321 }
322
323 ZERO_STRUCT(sids);
324
325 num_names = argc-1;
326 names = talloc_array(mem_ctx, struct lsa_String, num_names);
327 NT_STATUS_HAVE_NO_MEMORY(names);
328
329 for (i=0; i < num_names; i++) {
330 init_lsa_String(&names[i], argv[i+1]);
331 }
332
333 result = rpccli_lsa_LookupNames4(cli, mem_ctx,
334 num_names,
335 names,
336 &domains,
337 &sids,
338 1,
339 &count,
340 0,
341 0);
342 if (!NT_STATUS_IS_OK(result)) {
343 return result;
344 }
345
346 for (i = 0; i < sids.count; i++) {
347 fstring sid_str;
348 sid_to_fstring(sid_str, sids.sids[i].sid);
349 printf("%s %s (%s: %d)\n", argv[i+1], sid_str,
350 sid_type_lookup(sids.sids[i].sid_type),
351 sids.sids[i].sid_type);
352 }
353
354 return result;
355 }
356
357 /* Resolve a list of SIDs to a list of names */
358
359 static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
360 int argc, const char **argv)
361 {
362 struct policy_handle pol;
363 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
364 struct dom_sid *sids;
365 char **domains;
366 char **names;
367 enum lsa_SidType *types;
368 int i;
369
370 if (argc == 1) {
371 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
372 return NT_STATUS_OK;
373 }
374
375 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
376 SEC_FLAG_MAXIMUM_ALLOWED,
377 &pol);
378
379 if (!NT_STATUS_IS_OK(result))
380 goto done;
381
382 /* Convert arguments to sids */
383
384 sids = TALLOC_ARRAY(mem_ctx, struct dom_sid, argc - 1);
385
386 if (!sids) {
387 printf("could not allocate memory for %d sids\n", argc - 1);
388 goto done;
389 }
390
391 for (i = 0; i < argc - 1; i++)
392 if (!string_to_sid(&sids[i], argv[i + 1])) {
393 result = NT_STATUS_INVALID_SID;
394 goto done;
395 }
396
397 /* Lookup the SIDs */
398
399 result = rpccli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
400 &domains, &names, &types);
401
402 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
403 NT_STATUS_V(STATUS_SOME_UNMAPPED))
404 goto done;
405
406 result = NT_STATUS_OK;
407
408 /* Print results */
409
410 for (i = 0; i < (argc - 1); i++) {
411 fstring sid_str;
412
413 sid_to_fstring(sid_str, &sids[i]);
414 printf("%s %s\\%s (%d)\n", sid_str,
415 domains[i] ? domains[i] : "*unknown*",
416 names[i] ? names[i] : "*unknown*", types[i]);
417 }
418
419 rpccli_lsa_Close(cli, mem_ctx, &pol);
420
421 done:
422 return result;
423 }
424
425 /* Resolve a list of SIDs to a list of names */
426
427 static NTSTATUS cmd_lsa_lookup_sids3(struct rpc_pipe_client *cli,
428 TALLOC_CTX *mem_ctx,
429 int argc, const char **argv)
430 {
431 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
432 int i;
433 struct lsa_SidArray sids;
434 struct lsa_RefDomainList *domains;
435 struct lsa_TransNameArray2 names;
436 uint32_t count = 0;
437
438 if (argc == 1) {
439 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
440 return NT_STATUS_OK;
441 }
442
443 ZERO_STRUCT(names);
444
445 /* Convert arguments to sids */
446
447 sids.num_sids = argc-1;
448 sids.sids = talloc_array(mem_ctx, struct lsa_SidPtr, sids.num_sids);
449 if (!sids.sids) {
450 printf("could not allocate memory for %d sids\n", sids.num_sids);
451 goto done;
452 }
453
454 for (i = 0; i < sids.num_sids; i++) {
455 sids.sids[i].sid = talloc(sids.sids, struct dom_sid);
456 if (sids.sids[i].sid == NULL) {
457 result = NT_STATUS_NO_MEMORY;
458 goto done;
459 }
460 if (!string_to_sid(sids.sids[i].sid, argv[i+1])) {
461 result = NT_STATUS_INVALID_SID;
462 goto done;
463 }
464 }
465
466 /* Lookup the SIDs */
467 result = rpccli_lsa_LookupSids3(cli, mem_ctx,
468 &sids,
469 &domains,
470 &names,
471 1,
472 &count,
473 0,
474 0);
475
476 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
477 NT_STATUS_V(STATUS_SOME_UNMAPPED))
478 goto done;
479
480 result = NT_STATUS_OK;
481
482 /* Print results */
483
484 for (i = 0; i < count; i++) {
485 fstring sid_str;
486
487 sid_to_fstring(sid_str, sids.sids[i].sid);
488 printf("%s %s (%d)\n", sid_str,
489 names.names[i].name.string,
490 names.names[i].sid_type);
491 }
492
493 done:
494 return result;
495 }
496
497
498 /* Enumerate list of trusted domains */
499
500 static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
501 TALLOC_CTX *mem_ctx, int argc,
502 const char **argv)
503 {
504 struct policy_handle pol;
505 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
506 struct lsa_DomainList domain_list;
507
508 /* defaults, but may be changed using params */
509 uint32 enum_ctx = 0;
510 int i;
511 uint32_t max_size = (uint32_t)-1;
512
513 if (argc > 2) {
514 printf("Usage: %s [enum context (0)]\n", argv[0]);
515 return NT_STATUS_OK;
516 }
517
518 if (argc == 2 && argv[1]) {
519 enum_ctx = atoi(argv[2]);
520 }
521
522 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
523 LSA_POLICY_VIEW_LOCAL_INFORMATION,
524 &pol);
525
526 if (!NT_STATUS_IS_OK(result))
527 goto done;
528
529 result = STATUS_MORE_ENTRIES;
530
531 while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
532
533 /* Lookup list of trusted domains */
534
535 result = rpccli_lsa_EnumTrustDom(cli, mem_ctx,
536 &pol,
537 &enum_ctx,
538 &domain_list,
539 max_size);
540 if (!NT_STATUS_IS_OK(result) &&
541 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
542 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
543 goto done;
544
545 /* Print results: list of names and sids returned in this
546 * response. */
547 for (i = 0; i < domain_list.count; i++) {
548 fstring sid_str;
549
550 sid_to_fstring(sid_str, domain_list.domains[i].sid);
551 printf("%s %s\n",
552 domain_list.domains[i].name.string ?
553 domain_list.domains[i].name.string : "*unknown*",
554 sid_str);
555 }
556 }
557
558 rpccli_lsa_Close(cli, mem_ctx, &pol);
559 done:
560 return result;
561 }
562
563 /* Enumerates privileges */
564
565 static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli,
566 TALLOC_CTX *mem_ctx, int argc,
567 const char **argv)
568 {
569 struct policy_handle pol;
570 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
571 struct lsa_PrivArray priv_array;
572
573 uint32 enum_context=0;
574 uint32 pref_max_length=0x1000;
575 int i;
576
577 if (argc > 3) {
578 printf("Usage: %s [enum context] [max length]\n", argv[0]);
579 return NT_STATUS_OK;
580 }
581
582 if (argc>=2)
583 enum_context=atoi(argv[1]);
584
585 if (argc==3)
586 pref_max_length=atoi(argv[2]);
587
588 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
589 SEC_FLAG_MAXIMUM_ALLOWED,
590 &pol);
591
592 if (!NT_STATUS_IS_OK(result))
593 goto done;
594
595 result = rpccli_lsa_EnumPrivs(cli, mem_ctx,
596 &pol,
597 &enum_context,
598 &priv_array,
599 pref_max_length);
600 if (!NT_STATUS_IS_OK(result))
601 goto done;
602
603 /* Print results */
604 printf("found %d privileges\n\n", priv_array.count);
605
606 for (i = 0; i < priv_array.count; i++) {
607 printf("%s \t\t%d:%d (0x%x:0x%x)\n",
608 priv_array.privs[i].name.string ? priv_array.privs[i].name.string : "*unknown*",
609 priv_array.privs[i].luid.high,
610 priv_array.privs[i].luid.low,
611 priv_array.privs[i].luid.high,
612 priv_array.privs[i].luid.low);
613 }
614
615 rpccli_lsa_Close(cli, mem_ctx, &pol);
616 done:
617 return result;
618 }
619
620 /* Get privilege name */
621
622 static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli,
623 TALLOC_CTX *mem_ctx, int argc,
624 const char **argv)
625 {
626 struct policy_handle pol;
627 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
628
629 uint16 lang_id=0;
630 uint16 lang_id_sys=0;
631 uint16 lang_id_desc;
632 struct lsa_String lsa_name;
633 struct lsa_StringLarge *description = NULL;
634
635 if (argc != 2) {
636 printf("Usage: %s privilege name\n", argv[0]);
637 return NT_STATUS_OK;
638 }
639
640 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
641 SEC_FLAG_MAXIMUM_ALLOWED,
642 &pol);
643
644 if (!NT_STATUS_IS_OK(result))
645 goto done;
646
647 init_lsa_String(&lsa_name, argv[1]);
648
649 result = rpccli_lsa_LookupPrivDisplayName(cli, mem_ctx,
650 &pol,
651 &lsa_name,
652 lang_id,
653 lang_id_sys,
654 &description,
655 &lang_id_desc);
656
657 if (!NT_STATUS_IS_OK(result))
658 goto done;
659
660 /* Print results */
661 printf("%s -> %s (language: 0x%x)\n", argv[1], description->string, lang_id_desc);
662
663 rpccli_lsa_Close(cli, mem_ctx, &pol);
664 done:
665 return result;
666 }
667
668 /* Enumerate the LSA SIDS */
669
670 static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli,
671 TALLOC_CTX *mem_ctx, int argc,
672 const char **argv)
673 {
674 struct policy_handle pol;
675 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
676
677 uint32 enum_context=0;
678 uint32 pref_max_length=0x1000;
679 struct lsa_SidArray sid_array;
680 int i;
681
682 if (argc > 3) {
683 printf("Usage: %s [enum context] [max length]\n", argv[0]);
684 return NT_STATUS_OK;
685 }
686
687 if (argc>=2)
688 enum_context=atoi(argv[1]);
689
690 if (argc==3)
691 pref_max_length=atoi(argv[2]);
692
693 result = rpccli_lsa_open_policy(cli, mem_ctx, True,
694 SEC_FLAG_MAXIMUM_ALLOWED,
695 &pol);
696
697 if (!NT_STATUS_IS_OK(result))
698 goto done;
699
700 result = rpccli_lsa_EnumAccounts(cli, mem_ctx,
701 &pol,
702 &enum_context,
703 &sid_array,
704 pref_max_length);
705
706 if (!NT_STATUS_IS_OK(result))
707 goto done;
708
709 /* Print results */
710 printf("found %d SIDs\n\n", sid_array.num_sids);
711
712 for (i = 0; i < sid_array.num_sids; i++) {
713 fstring sid_str;
714
715 sid_to_fstring(sid_str, sid_array.sids[i].sid);
716 printf("%s\n", sid_str);
717 }
718
719 rpccli_lsa_Close(cli, mem_ctx, &pol);
720 done:
721 return result;
722 }
723
724 /* Create a new account */
725
726 static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli,
727 TALLOC_CTX *mem_ctx, int argc,
728 const char **argv)
729 {
730 struct policy_handle dom_pol;
731 struct policy_handle user_pol;
732 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
733 uint32 des_access = 0x000f000f;
734
735 struct dom_sid sid;
736
737 if (argc != 2 ) {
738 printf("Usage: %s SID\n", argv[0]);
739 return NT_STATUS_OK;
740 }
741
742 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
743 if (!NT_STATUS_IS_OK(result))
744 goto done;
745
746 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
747 SEC_FLAG_MAXIMUM_ALLOWED,
748 &dom_pol);
749
750 if (!NT_STATUS_IS_OK(result))
751 goto done;
752
753 result = rpccli_lsa_CreateAccount(cli, mem_ctx,
754 &dom_pol,
755 &sid,
756 des_access,
757 &user_pol);
758
759 if (!NT_STATUS_IS_OK(result))
760 goto done;
761
762 printf("Account for SID %s successfully created\n\n", argv[1]);
763 result = NT_STATUS_OK;
764
765 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
766 done:
767 return result;
768 }
769
770
771 /* Enumerate the privileges of an SID */
772
773 static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli,
774 TALLOC_CTX *mem_ctx, int argc,
775 const char **argv)
776 {
777 struct policy_handle dom_pol;
778 struct policy_handle user_pol;
779 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
780 uint32 access_desired = 0x000f000f;
781 struct dom_sid sid;
782 struct lsa_PrivilegeSet *privs = NULL;
783 int i;
784
785 if (argc != 2 ) {
786 printf("Usage: %s SID\n", argv[0]);
787 return NT_STATUS_OK;
788 }
789
790 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
791 if (!NT_STATUS_IS_OK(result))
792 goto done;
793
794 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
795 SEC_FLAG_MAXIMUM_ALLOWED,
796 &dom_pol);
797
798 if (!NT_STATUS_IS_OK(result))
799 goto done;
800
801 result = rpccli_lsa_OpenAccount(cli, mem_ctx,
802 &dom_pol,
803 &sid,
804 access_desired,
805 &user_pol);
806
807 if (!NT_STATUS_IS_OK(result))
808 goto done;
809
810 result = rpccli_lsa_EnumPrivsAccount(cli, mem_ctx,
811 &user_pol,
812 &privs);
813
814 if (!NT_STATUS_IS_OK(result))
815 goto done;
816
817 /* Print results */
818 printf("found %d privileges for SID %s\n\n", privs->count, argv[1]);
819 printf("high\tlow\tattribute\n");
820
821 for (i = 0; i < privs->count; i++) {
822 printf("%u\t%u\t%u\n",
823 privs->set[i].luid.high,
824 privs->set[i].luid.low,
825 privs->set[i].attribute);
826 }
827
828 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
829 done:
830 return result;
831 }
832
833
834 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
835
836 static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
837 TALLOC_CTX *mem_ctx, int argc,
838 const char **argv)
839 {
840 struct policy_handle dom_pol;
841 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
842 struct dom_sid sid;
843 struct lsa_RightSet rights;
844
845 int i;
846
847 if (argc != 2 ) {
848 printf("Usage: %s SID\n", argv[0]);
849 return NT_STATUS_OK;
850 }
851
852 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
853 if (!NT_STATUS_IS_OK(result))
854 goto done;
855
856 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
857 SEC_FLAG_MAXIMUM_ALLOWED,
858 &dom_pol);
859
860 if (!NT_STATUS_IS_OK(result))
861 goto done;
862
863 result = rpccli_lsa_EnumAccountRights(cli, mem_ctx,
864 &dom_pol,
865 &sid,
866 &rights);
867
868 if (!NT_STATUS_IS_OK(result))
869 goto done;
870
871 printf("found %d privileges for SID %s\n", rights.count,
872 sid_string_tos(&sid));
873
874 for (i = 0; i < rights.count; i++) {
875 printf("\t%s\n", rights.names[i].string);
876 }
877
878 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
879 done:
880 return result;
881 }
882
883
884 /* add some privileges to a SID via LsaAddAccountRights */
885
886 static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli,
887 TALLOC_CTX *mem_ctx, int argc,
888 const char **argv)
889 {
890 struct policy_handle dom_pol;
891 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
892 struct lsa_RightSet rights;
893 struct dom_sid sid;
894 int i;
895
896 if (argc < 3 ) {
897 printf("Usage: %s SID [rights...]\n", argv[0]);
898 return NT_STATUS_OK;
899 }
900
901 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
902 if (!NT_STATUS_IS_OK(result))
903 goto done;
904
905 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
906 SEC_FLAG_MAXIMUM_ALLOWED,
907 &dom_pol);
908
909 if (!NT_STATUS_IS_OK(result))
910 goto done;
911
912 rights.count = argc-2;
913 rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
914 rights.count);
915 if (!rights.names) {
916 return NT_STATUS_NO_MEMORY;
917 }
918
919 for (i=0; i<argc-2; i++) {
920 init_lsa_StringLarge(&rights.names[i], argv[i+2]);
921 }
922
923 result = rpccli_lsa_AddAccountRights(cli, mem_ctx,
924 &dom_pol,
925 &sid,
926 &rights);
927
928 if (!NT_STATUS_IS_OK(result))
929 goto done;
930
931 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
932 done:
933 return result;
934 }
935
936
937 /* remove some privileges to a SID via LsaRemoveAccountRights */
938
939 static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
940 TALLOC_CTX *mem_ctx, int argc,
941 const char **argv)
942 {
943 struct policy_handle dom_pol;
944 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
945 struct lsa_RightSet rights;
946 struct dom_sid sid;
947 int i;
948
949 if (argc < 3 ) {
950 printf("Usage: %s SID [rights...]\n", argv[0]);
951 return NT_STATUS_OK;
952 }
953
954 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
955 if (!NT_STATUS_IS_OK(result))
956 goto done;
957
958 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
959 SEC_FLAG_MAXIMUM_ALLOWED,
960 &dom_pol);
961
962 if (!NT_STATUS_IS_OK(result))
963 goto done;
964
965 rights.count = argc-2;
966 rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
967 rights.count);
968 if (!rights.names) {
969 return NT_STATUS_NO_MEMORY;
970 }
971
972 for (i=0; i<argc-2; i++) {
973 init_lsa_StringLarge(&rights.names[i], argv[i+2]);
974 }
975
976 result = rpccli_lsa_RemoveAccountRights(cli, mem_ctx,
977 &dom_pol,
978 &sid,
979 false,
980 &rights);
981
982 if (!NT_STATUS_IS_OK(result))
983 goto done;
984
985 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
986
987 done:
988 return result;
989 }
990
991
992 /* Get a privilege value given its name */
993
994 static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli,
995 TALLOC_CTX *mem_ctx, int argc,
996 const char **argv)
997 {
998 struct policy_handle pol;
999 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1000 struct lsa_LUID luid;
1001 struct lsa_String name;
1002
1003 if (argc != 2 ) {
1004 printf("Usage: %s name\n", argv[0]);
1005 return NT_STATUS_OK;
1006 }
1007
1008 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1009 SEC_FLAG_MAXIMUM_ALLOWED,
1010 &pol);
1011
1012 if (!NT_STATUS_IS_OK(result))
1013 goto done;
1014
1015 init_lsa_String(&name, argv[1]);
1016
1017 result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
1018 &pol,
1019 &name,
1020 &luid);
1021
1022 if (!NT_STATUS_IS_OK(result))
1023 goto done;
1024
1025 /* Print results */
1026
1027 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
1028
1029 rpccli_lsa_Close(cli, mem_ctx, &pol);
1030 done:
1031 return result;
1032 }
1033
1034 /* Query LSA security object */
1035
1036 static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
1037 TALLOC_CTX *mem_ctx, int argc,
1038 const char **argv)
1039 {
1040 struct policy_handle pol;
1041 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1042 struct sec_desc_buf *sdb;
1043 uint32 sec_info = SECINFO_DACL;
1044
1045 if (argc < 1 || argc > 2) {
1046 printf("Usage: %s [sec_info]\n", argv[0]);
1047 return NT_STATUS_OK;
1048 }
1049
1050 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1051 SEC_FLAG_MAXIMUM_ALLOWED,
1052 &pol);
1053
1054 if (argc == 2)
1055 sscanf(argv[1], "%x", &sec_info);
1056
1057 if (!NT_STATUS_IS_OK(result))
1058 goto done;
1059
1060 result = rpccli_lsa_QuerySecurity(cli, mem_ctx,
1061 &pol,
1062 sec_info,
1063 &sdb);
1064 if (!NT_STATUS_IS_OK(result))
1065 goto done;
1066
1067 /* Print results */
1068
1069 display_sec_desc(sdb->sd);
1070
1071 rpccli_lsa_Close(cli, mem_ctx, &pol);
1072 done:
1073 return result;
1074 }
1075
1076 static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
1077 uint8_t session_key[16])
1078 {
1079 char *pwd, *pwd_old;
1080
1081 DATA_BLOB data = data_blob_const(p->password->data, p->password->length);
1082 DATA_BLOB data_old = data_blob_const(p->old_password->data, p->old_password->length);
1083 DATA_BLOB session_key_blob = data_blob_const(session_key, sizeof(session_key));
1084
1085 pwd = sess_decrypt_string(talloc_tos(), &data, &session_key_blob);
1086 pwd_old = sess_decrypt_string(talloc_tos(), &data_old, &session_key_blob);
1087
1088 d_printf("Password:\t%s\n", pwd);
1089 d_printf("Old Password:\t%s\n", pwd_old);
1090
1091 talloc_free(pwd);
1092 talloc_free(pwd_old);
1093 }
1094
1095 static void display_trust_dom_info(TALLOC_CTX *mem_ctx,
1096 union lsa_TrustedDomainInfo *info,
1097 enum lsa_TrustDomInfoEnum info_class,
1098 uint8_t nt_hash[16])
1099 {
1100 switch (info_class) {
1101 case LSA_TRUSTED_DOMAIN_INFO_PASSWORD:
1102 display_trust_dom_info_4(&info->password, nt_hash);
1103 break;
1104 default: {
1105 const char *str = NULL;
1106 str = NDR_PRINT_UNION_STRING(mem_ctx,
1107 lsa_TrustedDomainInfo,
1108 info_class, info);
1109 if (str) {
1110 d_printf("%s\n", str);
1111 }
1112 break;
1113 }
1114 }
1115 }
1116
1117 static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
1118 TALLOC_CTX *mem_ctx, int argc,
1119 const char **argv)
1120 {
1121 struct policy_handle pol;
1122 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1123 struct dom_sid dom_sid;
1124 uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1125 union lsa_TrustedDomainInfo *info = NULL;
1126 enum lsa_TrustDomInfoEnum info_class = 1;
1127 uint8_t nt_hash[16];
1128
1129 if (argc > 3 || argc < 2) {
1130 printf("Usage: %s [sid] [info_class]\n", argv[0]);
1131 return NT_STATUS_OK;
1132 }
1133
1134 if (!string_to_sid(&dom_sid, argv[1]))
1135 return NT_STATUS_NO_MEMORY;
1136
1137 if (argc == 3)
1138 info_class = atoi(argv[2]);
1139
1140 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1141
1142 if (!NT_STATUS_IS_OK(result))
1143 goto done;
1144
1145 result = rpccli_lsa_QueryTrustedDomainInfoBySid(cli, mem_ctx,
1146 &pol,
1147 &dom_sid,
1148 info_class,
1149 &info);
1150 if (!NT_STATUS_IS_OK(result))
1151 goto done;
1152
1153 if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1154 d_fprintf(stderr, "Could not get pwd hash\n");
1155 goto done;
1156 }
1157
1158 display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1159
1160 done:
1161 rpccli_lsa_Close(cli, mem_ctx, &pol);
1162
1163 return result;
1164 }
1165
1166 static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
1167 TALLOC_CTX *mem_ctx, int argc,
1168 const char **argv)
1169 {
1170 struct policy_handle pol;
1171 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1172 uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1173 union lsa_TrustedDomainInfo *info = NULL;
1174 enum lsa_TrustDomInfoEnum info_class = 1;
1175 struct lsa_String trusted_domain;
1176 uint8_t nt_hash[16];
1177
1178 if (argc > 3 || argc < 2) {
1179 printf("Usage: %s [name] [info_class]\n", argv[0]);
1180 return NT_STATUS_OK;
1181 }
1182
1183 if (argc == 3)
1184 info_class = atoi(argv[2]);
1185
1186 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1187
1188 if (!NT_STATUS_IS_OK(result))
1189 goto done;
1190
1191 init_lsa_String(&trusted_domain, argv[1]);
1192
1193 result = rpccli_lsa_QueryTrustedDomainInfoByName(cli, mem_ctx,
1194 &pol,
1195 &trusted_domain,
1196 info_class,
1197 &info);
1198 if (!NT_STATUS_IS_OK(result))
1199 goto done;
1200
1201 if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1202 d_fprintf(stderr, "Could not get pwd hash\n");
1203 goto done;
1204 }
1205
1206 display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1207
1208 done:
1209 rpccli_lsa_Close(cli, mem_ctx, &pol);
1210
1211 return result;
1212 }
1213
1214 static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
1215 TALLOC_CTX *mem_ctx, int argc,
1216 const char **argv)
1217 {
1218 struct policy_handle pol, trustdom_pol;
1219 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1220 uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1221 union lsa_TrustedDomainInfo *info = NULL;
1222 struct dom_sid dom_sid;
1223 enum lsa_TrustDomInfoEnum info_class = 1;
1224 uint8_t nt_hash[16];
1225
1226 if (argc > 3 || argc < 2) {
1227 printf("Usage: %s [sid] [info_class]\n", argv[0]);
1228 return NT_STATUS_OK;
1229 }
1230
1231 if (!string_to_sid(&dom_sid, argv[1]))
1232 return NT_STATUS_NO_MEMORY;
1233
1234
1235 if (argc == 3)
1236 info_class = atoi(argv[2]);
1237
1238 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1239
1240 if (!NT_STATUS_IS_OK(result))
1241 goto done;
1242
1243 result = rpccli_lsa_OpenTrustedDomain(cli, mem_ctx,
1244 &pol,
1245 &dom_sid,
1246 access_mask,
1247 &trustdom_pol);
1248
1249 if (!NT_STATUS_IS_OK(result))
1250 goto done;
1251
1252 result = rpccli_lsa_QueryTrustedDomainInfo(cli, mem_ctx,
1253 &trustdom_pol,
1254 info_class,
1255 &info);
1256
1257 if (!NT_STATUS_IS_OK(result))
1258 goto done;
1259
1260 if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1261 d_fprintf(stderr, "Could not get pwd hash\n");
1262 goto done;
1263 }
1264
1265 display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1266
1267 done:
1268 rpccli_lsa_Close(cli, mem_ctx, &pol);
1269
1270 return result;
1271 }
1272
1273 static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli,
1274 TALLOC_CTX *mem_ctx, int argc,
1275 const char **argv)
1276 {
1277 struct policy_handle pol;
1278 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1279 const char *servername = cli->desthost;
1280 struct lsa_String *account_name = NULL;
1281 struct lsa_String *authority_name = NULL;
1282
1283 if (argc > 2) {
1284 printf("Usage: %s servername\n", argv[0]);
1285 return NT_STATUS_OK;
1286 }
1287
1288 result = rpccli_lsa_open_policy(cli, mem_ctx, true,
1289 SEC_FLAG_MAXIMUM_ALLOWED,
1290 &pol);
1291
1292 if (!NT_STATUS_IS_OK(result)) {
1293 goto done;
1294 }
1295
1296 result = rpccli_lsa_GetUserName(cli, mem_ctx,
1297 servername,
1298 &account_name,
1299 &authority_name);
1300 if (!NT_STATUS_IS_OK(result)) {
1301 goto done;
1302 }
1303
1304 /* Print results */
1305
1306 printf("Account Name: %s, Authority Name: %s\n",
1307 account_name->string, authority_name ? authority_name->string :
1308 "");
1309
1310 rpccli_lsa_Close(cli, mem_ctx, &pol);
1311 done:
1312 return result;
1313 }
1314
1315 static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli,
1316 TALLOC_CTX *mem_ctx, int argc,
1317 const char **argv)
1318 {
1319 struct policy_handle dom_pol, user_pol;
1320 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1321 struct lsa_PrivilegeSet privs;
1322 struct lsa_LUIDAttribute *set = NULL;
1323 struct dom_sid sid;
1324 int i;
1325
1326 ZERO_STRUCT(privs);
1327
1328 if (argc < 3 ) {
1329 printf("Usage: %s SID [rights...]\n", argv[0]);
1330 return NT_STATUS_OK;
1331 }
1332
1333 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1334 if (!NT_STATUS_IS_OK(result)) {
1335 goto done;
1336 }
1337
1338 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1339 SEC_FLAG_MAXIMUM_ALLOWED,
1340 &dom_pol);
1341
1342 if (!NT_STATUS_IS_OK(result)) {
1343 goto done;
1344 }
1345
1346 result = rpccli_lsa_OpenAccount(cli, mem_ctx,
1347 &dom_pol,
1348 &sid,
1349 SEC_FLAG_MAXIMUM_ALLOWED,
1350 &user_pol);
1351
1352 if (!NT_STATUS_IS_OK(result)) {
1353 goto done;
1354 }
1355
1356 for (i=2; i<argc; i++) {
1357
1358 struct lsa_String priv_name;
1359 struct lsa_LUID luid;
1360
1361 init_lsa_String(&priv_name, argv[i]);
1362
1363 result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
1364 &dom_pol,
1365 &priv_name,
1366 &luid);
1367 if (!NT_STATUS_IS_OK(result)) {
1368 continue;
1369 }
1370
1371 privs.count++;
1372 set = TALLOC_REALLOC_ARRAY(mem_ctx, set,
1373 struct lsa_LUIDAttribute,
1374 privs.count);
1375 if (!set) {
1376 return NT_STATUS_NO_MEMORY;
1377 }
1378
1379 set[privs.count-1].luid = luid;
1380 set[privs.count-1].attribute = 0;
1381 }
1382
1383 privs.set = set;
1384
1385 result = rpccli_lsa_AddPrivilegesToAccount(cli, mem_ctx,
1386 &user_pol,
1387 &privs);
1388
1389 if (!NT_STATUS_IS_OK(result)) {
1390 goto done;
1391 }
1392
1393 rpccli_lsa_Close(cli, mem_ctx, &user_pol);
1394 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
1395 done:
1396 return result;
1397 }
1398
1399 static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli,
1400 TALLOC_CTX *mem_ctx, int argc,
1401 const char **argv)
1402 {
1403 struct policy_handle dom_pol, user_pol;
1404 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1405 struct lsa_PrivilegeSet privs;
1406 struct lsa_LUIDAttribute *set = NULL;
1407 struct dom_sid sid;
1408 int i;
1409
1410 ZERO_STRUCT(privs);
1411
1412 if (argc < 3 ) {
1413 printf("Usage: %s SID [rights...]\n", argv[0]);
1414 return NT_STATUS_OK;
1415 }
1416
1417 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1418 if (!NT_STATUS_IS_OK(result)) {
1419 goto done;
1420 }
1421
1422 result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1423 SEC_FLAG_MAXIMUM_ALLOWED,
1424 &dom_pol);
1425
1426 if (!NT_STATUS_IS_OK(result)) {
1427 goto done;
1428 }
1429
1430 result = rpccli_lsa_OpenAccount(cli, mem_ctx,
1431 &dom_pol,
1432 &sid,
1433 SEC_FLAG_MAXIMUM_ALLOWED,
1434 &user_pol);
1435
1436 if (!NT_STATUS_IS_OK(result)) {
1437 goto done;
1438 }
1439
1440 for (i=2; i<argc; i++) {
1441
1442 struct lsa_String priv_name;
1443 struct lsa_LUID luid;
1444
1445 init_lsa_String(&priv_name, argv[i]);
1446
1447 result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
1448 &dom_pol,
1449 &priv_name,
1450 &luid);
1451 if (!NT_STATUS_IS_OK(result)) {
1452 continue;
1453 }
1454
1455 privs.count++;
1456 set = TALLOC_REALLOC_ARRAY(mem_ctx, set,
1457 struct lsa_LUIDAttribute,
1458 privs.count);
1459 if (!set) {
1460 return NT_STATUS_NO_MEMORY;
1461 }
1462
1463 set[privs.count-1].luid = luid;
1464 set[privs.count-1].attribute = 0;
1465 }
1466
1467 privs.set = set;
1468
1469
1470 result = rpccli_lsa_RemovePrivilegesFromAccount(cli, mem_ctx,
1471 &user_pol,
1472 false,
1473 &privs);
1474
1475 if (!NT_STATUS_IS_OK(result)) {
1476 goto done;
1477 }
1478
1479 rpccli_lsa_Close(cli, mem_ctx, &user_pol);
1480 rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
1481 done:
1482 return result;
1483 }
1484
1485 static NTSTATUS cmd_lsa_create_secret(struct rpc_pipe_client *cli,
1486 TALLOC_CTX *mem_ctx, int argc,
1487 const char **argv)
1488 {
1489 NTSTATUS status;
1490 struct policy_handle handle, sec_handle;
1491 struct lsa_String name;
1492
1493 if (argc < 2) {
1494 printf("Usage: %s name\n", argv[0]);
1495 return NT_STATUS_OK;
1496 }
1497
1498 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1499 true,
1500 SEC_FLAG_MAXIMUM_ALLOWED,
1501 &handle);
1502 if (!NT_STATUS_IS_OK(status)) {
1503 return status;
1504 }
1505
1506 init_lsa_String(&name, argv[1]);
1507
1508 status = rpccli_lsa_CreateSecret(cli, mem_ctx,
1509 &handle,
1510 name,
1511 SEC_FLAG_MAXIMUM_ALLOWED,
1512 &sec_handle);
1513 if (!NT_STATUS_IS_OK(status)) {
1514 goto done;
1515 }
1516
1517 done:
1518 if (is_valid_policy_hnd(&sec_handle)) {
1519 rpccli_lsa_Close(cli, mem_ctx, &sec_handle);
1520 }
1521 if (is_valid_policy_hnd(&handle)) {
1522 rpccli_lsa_Close(cli, mem_ctx, &handle);
1523 }
1524
1525 return status;
1526 }
1527
1528 static NTSTATUS cmd_lsa_delete_secret(struct rpc_pipe_client *cli,
1529 TALLOC_CTX *mem_ctx, int argc,
1530 const char **argv)
1531 {
1532 NTSTATUS status;
1533 struct policy_handle handle, sec_handle;
1534 struct lsa_String name;
1535
1536 if (argc < 2) {
1537 printf("Usage: %s name\n", argv[0]);
1538 return NT_STATUS_OK;
1539 }
1540
1541 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1542 true,
1543 SEC_FLAG_MAXIMUM_ALLOWED,
1544 &handle);
1545 if (!NT_STATUS_IS_OK(status)) {
1546 return status;
1547 }
1548
1549 init_lsa_String(&name, argv[1]);
1550
1551 status = rpccli_lsa_OpenSecret(cli, mem_ctx,
1552 &handle,
1553 name,
1554 SEC_FLAG_MAXIMUM_ALLOWED,
1555 &sec_handle);
1556 if (!NT_STATUS_IS_OK(status)) {
1557 goto done;
1558 }
1559
1560 status = rpccli_lsa_DeleteObject(cli, mem_ctx,
1561 &sec_handle);
1562 if (!NT_STATUS_IS_OK(status)) {
1563 goto done;
1564 }
1565
1566 done:
1567 if (is_valid_policy_hnd(&sec_handle)) {
1568 rpccli_lsa_Close(cli, mem_ctx, &sec_handle);
1569 }
1570 if (is_valid_policy_hnd(&handle)) {
1571 rpccli_lsa_Close(cli, mem_ctx, &handle);
1572 }
1573
1574 return status;
1575 }
1576
1577 static NTSTATUS cmd_lsa_query_secret(struct rpc_pipe_client *cli,
1578 TALLOC_CTX *mem_ctx, int argc,
1579 const char **argv)
1580 {
1581 NTSTATUS status;
1582 struct policy_handle handle, sec_handle;
1583 struct lsa_String name;
1584 struct lsa_DATA_BUF_PTR new_val;
1585 NTTIME new_mtime = 0;
1586 struct lsa_DATA_BUF_PTR old_val;
1587 NTTIME old_mtime = 0;
1588 DATA_BLOB session_key;
1589 DATA_BLOB new_blob = data_blob_null;
1590 DATA_BLOB old_blob = data_blob_null;
1591 char *new_secret, *old_secret;
1592
1593 if (argc < 2) {
1594 printf("Usage: %s name\n", argv[0]);
1595 return NT_STATUS_OK;
1596 }
1597
1598 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1599 true,
1600 SEC_FLAG_MAXIMUM_ALLOWED,
1601 &handle);
1602 if (!NT_STATUS_IS_OK(status)) {
1603 return status;
1604 }
1605
1606 init_lsa_String(&name, argv[1]);
1607
1608 status = rpccli_lsa_OpenSecret(cli, mem_ctx,
1609 &handle,
1610 name,
1611 SEC_FLAG_MAXIMUM_ALLOWED,
1612 &sec_handle);
1613 if (!NT_STATUS_IS_OK(status)) {
1614 goto done;
1615 }
1616
1617 ZERO_STRUCT(new_val);
1618 ZERO_STRUCT(old_val);
1619
1620 status = rpccli_lsa_QuerySecret(cli, mem_ctx,
1621 &sec_handle,
1622 &new_val,
1623 &new_mtime,
1624 &old_val,
1625 &old_mtime);
1626 if (!NT_STATUS_IS_OK(status)) {
1627 goto done;
1628 }
1629
1630 status = cli_get_session_key(mem_ctx, cli, &session_key);
1631 if (!NT_STATUS_IS_OK(status)) {
1632 goto done;
1633 }
1634
1635 if (new_val.buf) {
1636 new_blob = data_blob_const(new_val.buf->data, new_val.buf->length);
1637 }
1638 if (old_val.buf) {
1639 old_blob = data_blob_const(old_val.buf->data, old_val.buf->length);
1640 }
1641
1642 new_secret = sess_decrypt_string(mem_ctx, &new_blob, &session_key);
1643 old_secret = sess_decrypt_string(mem_ctx, &old_blob, &session_key);
1644 if (new_secret) {
1645 d_printf("new secret: %s\n", new_secret);
1646 }
1647 if (old_secret) {
1648 d_printf("old secret: %s\n", old_secret);
1649 }
1650
1651 done:
1652 if (is_valid_policy_hnd(&sec_handle)) {
1653 rpccli_lsa_Close(cli, mem_ctx, &sec_handle);
1654 }
1655 if (is_valid_policy_hnd(&handle)) {
1656 rpccli_lsa_Close(cli, mem_ctx, &handle);
1657 }
1658
1659 return status;
1660 }
1661
1662 static NTSTATUS cmd_lsa_set_secret(struct rpc_pipe_client *cli,
1663 TALLOC_CTX *mem_ctx, int argc,
1664 const char **argv)
1665 {
1666 NTSTATUS status;
1667 struct policy_handle handle, sec_handle;
1668 struct lsa_String name;
1669 struct lsa_DATA_BUF new_val;
1670 struct lsa_DATA_BUF old_val;
1671 DATA_BLOB enc_key;
1672 DATA_BLOB session_key;
1673
1674 if (argc < 3) {
1675 printf("Usage: %s name secret\n", argv[0]);
1676 return NT_STATUS_OK;
1677 }
1678
1679 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1680 true,
1681 SEC_FLAG_MAXIMUM_ALLOWED,
1682 &handle);
1683 if (!NT_STATUS_IS_OK(status)) {
1684 return status;
1685 }
1686
1687 init_lsa_String(&name, argv[1]);
1688
1689 status = rpccli_lsa_OpenSecret(cli, mem_ctx,
1690 &handle,
1691 name,
1692 SEC_FLAG_MAXIMUM_ALLOWED,
1693 &sec_handle);
1694 if (!NT_STATUS_IS_OK(status)) {
1695 goto done;
1696 }
1697
1698 ZERO_STRUCT(new_val);
1699 ZERO_STRUCT(old_val);
1700
1701 status = cli_get_session_key(mem_ctx, cli, &session_key);
1702 if (!NT_STATUS_IS_OK(status)) {
1703 goto done;
1704 }
1705
1706 enc_key = sess_encrypt_string(argv[2], &session_key);
1707
1708 new_val.length = enc_key.length;
1709 new_val.size = enc_key.length;
1710 new_val.data = enc_key.data;
1711
1712 status = rpccli_lsa_SetSecret(cli, mem_ctx,
1713 &sec_handle,
1714 &new_val,
1715 NULL);
1716 if (!NT_STATUS_IS_OK(status)) {
1717 goto done;
1718 }
1719
1720 done:
1721 if (is_valid_policy_hnd(&sec_handle)) {
1722 rpccli_lsa_Close(cli, mem_ctx, &sec_handle);
1723 }
1724 if (is_valid_policy_hnd(&handle)) {
1725 rpccli_lsa_Close(cli, mem_ctx, &handle);
1726 }
1727
1728 return status;
1729 }
1730
1731 static NTSTATUS cmd_lsa_retrieve_private_data(struct rpc_pipe_client *cli,
1732 TALLOC_CTX *mem_ctx, int argc,
1733 const char **argv)
1734 {
1735 NTSTATUS status;
1736 struct policy_handle handle;
1737 struct lsa_String name;
1738 struct lsa_DATA_BUF *val;
1739 DATA_BLOB session_key;
1740 DATA_BLOB blob = data_blob_null;
1741 char *secret;
1742
1743 if (argc < 2) {
1744 printf("Usage: %s name\n", argv[0]);
1745 return NT_STATUS_OK;
1746 }
1747
1748 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1749 true,
1750 SEC_FLAG_MAXIMUM_ALLOWED,
1751 &handle);
1752 if (!NT_STATUS_IS_OK(status)) {
1753 return status;
1754 }
1755
1756 init_lsa_String(&name, argv[1]);
1757
1758 ZERO_STRUCT(val);
1759
1760 status = rpccli_lsa_RetrievePrivateData(cli, mem_ctx,
1761 &handle,
1762 &name,
1763 &val);
1764 if (!NT_STATUS_IS_OK(status)) {
1765 goto done;
1766 }
1767
1768 status = cli_get_session_key(mem_ctx, cli, &session_key);
1769 if (!NT_STATUS_IS_OK(status)) {
1770 goto done;
1771 }
1772
1773 if (val) {
1774 blob = data_blob_const(val->data, val->length);
1775 }
1776
1777 secret = sess_decrypt_string(mem_ctx, &blob, &session_key);
1778 if (secret) {
1779 d_printf("secret: %s\n", secret);
1780 }
1781
1782 done:
1783 if (is_valid_policy_hnd(&handle)) {
1784 rpccli_lsa_Close(cli, mem_ctx, &handle);
1785 }
1786
1787 return status;
1788 }
1789
1790 static NTSTATUS cmd_lsa_store_private_data(struct rpc_pipe_client *cli,
1791 TALLOC_CTX *mem_ctx, int argc,
1792 const char **argv)
1793 {
1794 NTSTATUS status;
1795 struct policy_handle handle;
1796 struct lsa_String name;
1797 struct lsa_DATA_BUF val;
1798 DATA_BLOB session_key;
1799 DATA_BLOB enc_key;
1800
1801 if (argc < 3) {
1802 printf("Usage: %s name secret\n", argv[0]);
1803 return NT_STATUS_OK;
1804 }
1805
1806 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1807 true,
1808 SEC_FLAG_MAXIMUM_ALLOWED,
1809 &handle);
1810 if (!NT_STATUS_IS_OK(status)) {
1811 return status;
1812 }
1813
1814 init_lsa_String(&name, argv[1]);
1815
1816 ZERO_STRUCT(val);
1817
1818 status = cli_get_session_key(mem_ctx, cli, &session_key);
1819 if (!NT_STATUS_IS_OK(status)) {
1820 goto done;
1821 }
1822
1823 enc_key = sess_encrypt_string(argv[2], &session_key);
1824
1825 val.length = enc_key.length;
1826 val.size = enc_key.length;
1827 val.data = enc_key.data;
1828
1829 status = rpccli_lsa_StorePrivateData(cli, mem_ctx,
1830 &handle,
1831 &name,
1832 &val);
1833 if (!NT_STATUS_IS_OK(status)) {
1834 goto done;
1835 }
1836
1837 done:
1838 if (is_valid_policy_hnd(&handle)) {
1839 rpccli_lsa_Close(cli, mem_ctx, &handle);
1840 }
1841
1842 return status;
1843 }
1844
1845 static NTSTATUS cmd_lsa_create_trusted_domain(struct rpc_pipe_client *cli,
1846 TALLOC_CTX *mem_ctx, int argc,
1847 const char **argv)
1848 {
1849 NTSTATUS status;
1850 struct policy_handle handle, trustdom_handle;
1851 struct dom_sid sid;
1852 struct lsa_DomainInfo info;
1853
1854 if (argc < 3) {
1855 printf("Usage: %s name sid\n", argv[0]);
1856 return NT_STATUS_OK;
1857 }
1858
1859 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1860 true,
1861 SEC_FLAG_MAXIMUM_ALLOWED,
1862 &handle);
1863 if (!NT_STATUS_IS_OK(status)) {
1864 return status;
1865 }
1866
1867 init_lsa_StringLarge(&info.name, argv[1]);
1868 info.sid = &sid;
1869 string_to_sid(&sid, argv[2]);
1870
1871 status = rpccli_lsa_CreateTrustedDomain(cli, mem_ctx,
1872 &handle,
1873 &info,
1874 SEC_FLAG_MAXIMUM_ALLOWED,
1875 &trustdom_handle);
1876 if (!NT_STATUS_IS_OK(status)) {
1877 goto done;
1878 }
1879
1880 done:
1881 if (is_valid_policy_hnd(&trustdom_handle)) {
1882 rpccli_lsa_Close(cli, mem_ctx, &trustdom_handle);
1883 }
1884
1885 if (is_valid_policy_hnd(&handle)) {
1886 rpccli_lsa_Close(cli, mem_ctx, &handle);
1887 }
1888
1889 return status;
1890 }
1891
1892 static NTSTATUS cmd_lsa_delete_trusted_domain(struct rpc_pipe_client *cli,
1893 TALLOC_CTX *mem_ctx, int argc,
1894 const char **argv)
1895 {
1896 NTSTATUS status;
1897 struct policy_handle handle, trustdom_handle;
1898 struct lsa_String name;
1899 struct dom_sid *sid = NULL;
1900
1901 if (argc < 2) {
1902 printf("Usage: %s name\n", argv[0]);
1903 return NT_STATUS_OK;
1904 }
1905
1906 status = rpccli_lsa_open_policy2(cli, mem_ctx,
1907 true,
1908 SEC_FLAG_MAXIMUM_ALLOWED,
1909 &handle);
1910 if (!NT_STATUS_IS_OK(status)) {
1911 return status;
1912 }
1913
1914 init_lsa_String(&name, argv[1]);
1915
1916 status = rpccli_lsa_OpenTrustedDomainByName(cli, mem_ctx,
1917 &handle,
1918 name,
1919 SEC_FLAG_MAXIMUM_ALLOWED,
1920 &trustdom_handle);
1921 if (NT_STATUS_IS_OK(status)) {
1922 goto delete_object;
1923 }
1924
1925 {
1926 uint32_t resume_handle = 0;
1927 struct lsa_DomainList domains;
1928 int i;
1929
1930 status = rpccli_lsa_EnumTrustDom(cli, mem_ctx,
1931 &handle,
1932 &resume_handle,
1933 &domains,
1934 0xffff);
1935 if (!NT_STATUS_IS_OK(status)) {
1936 goto done;
1937 }
1938
1939 for (i=0; i < domains.count; i++) {
1940 if (strequal(domains.domains[i].name.string, argv[1])) {
1941 sid = domains.domains[i].sid;
1942 break;
1943 }
1944 }
1945
1946 if (!sid) {
1947 return NT_STATUS_INVALID_SID;
1948 }
1949 }
1950
1951 status = rpccli_lsa_OpenTrustedDomain(cli, mem_ctx,
1952 &handle,
1953 sid,
1954 SEC_FLAG_MAXIMUM_ALLOWED,
1955 &trustdom_handle);
1956 if (!NT_STATUS_IS_OK(status)) {
1957 goto done;
1958 }
1959
1960 delete_object:
1961 status = rpccli_lsa_DeleteObject(cli, mem_ctx,
1962 &trustdom_handle);
1963 if (!NT_STATUS_IS_OK(status)) {
1964 goto done;
1965 }
1966
1967 done:
1968 if (is_valid_policy_hnd(&trustdom_handle)) {
1969 rpccli_lsa_Close(cli, mem_ctx, &trustdom_handle);
1970 }
1971
1972 if (is_valid_policy_hnd(&handle)) {
1973 rpccli_lsa_Close(cli, mem_ctx, &handle);
1974 }
1975
1976 return status;
1977 }
1978
1979
1980 /* List of commands exported by this module */
1981
1982 struct cmd_set lsarpc_commands[] = {
1983
1984 { "LSARPC" },
1985
1986 { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query info policy", "" },
1987 { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names", "" },
1988 { "lookupsids3", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids3, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names", "" },
1989 { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
1990 { "lookupnames4", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names4, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
1991 { "lookupnames_level", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs", "" },
1992 { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
1993 { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate privileges", "" },
1994 { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get the privilege name", "" },
1995 { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the LSA SIDS", "" },
1996 { "lsacreateaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_create_account, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create a new lsa account", "" },
1997 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the privileges of an SID", "" },
1998 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the rights of an SID", "" },
1999 { "lsaaddpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Assign a privilege to a SID", "" },
2000 { "lsadelpriv", RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Revoke a privilege from a SID", "" },
2001 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Add rights to an account", "" },
2002 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Remove rights from an account", "" },
2003 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get a privilege value given its name", "" },
2004 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA security object", "" },
2005 { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
2006 { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
2007 { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
2008 { "getusername", RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get username", "" },
2009 { "createsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_create_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Secret", "" },
2010 { "deletesecret", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Secret", "" },
2011 { "querysecret", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query Secret", "" },
2012 { "setsecret", RPC_RTYPE_NTSTATUS, cmd_lsa_set_secret, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Set Secret", "" },
2013 { "retrieveprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_retrieve_private_data, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Retrieve Private Data", "" },
2014 { "storeprivatedata", RPC_RTYPE_NTSTATUS, cmd_lsa_store_private_data, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Store Private Data", "" },
2015 { "createtrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_create_trusted_domain, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create Trusted Domain", "" },
2016 { "deletetrustdom", RPC_RTYPE_NTSTATUS, cmd_lsa_delete_trusted_domain, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Delete Trusted Domain", "" },
2017
2018 { NULL }
2019 };
2020