2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Rafal Szczesniak 2002
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "rpcclient.h"
27 /* useful function to allow entering a name instead of a SID and
28 * looking it up automatically */
29 static NTSTATUS name_to_sid(struct cli_state *cli,
31 DOM_SID *sid, const char *name)
38 /* maybe its a raw SID */
39 if (strncmp(name, "S-", 2) == 0 &&
40 string_to_sid(sid, name)) {
44 result = cli_lsa_open_policy(cli, mem_ctx, True,
45 SEC_RIGHTS_MAXIMUM_ALLOWED,
47 if (!NT_STATUS_IS_OK(result))
50 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
51 if (!NT_STATUS_IS_OK(result))
54 cli_lsa_close(cli, mem_ctx, &pol);
63 /* Look up domain related information on a remote host */
65 static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli,
66 TALLOC_CTX *mem_ctx, int argc,
70 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
73 fstring sid_str, domain_name="", dns_name="", forest_name="";
74 uint32 info_class = 3;
77 printf("Usage: %s [info_class]\n", argv[0]);
82 info_class = atoi(argv[1]);
84 /* Lookup info policy */
87 result = cli_lsa_open_policy2(cli, mem_ctx, True,
88 SEC_RIGHTS_MAXIMUM_ALLOWED,
91 if (!NT_STATUS_IS_OK(result))
93 result = cli_lsa_query_info_policy2(cli, mem_ctx, &pol,
94 info_class, domain_name,
95 dns_name, forest_name,
99 result = cli_lsa_open_policy(cli, mem_ctx, True,
100 SEC_RIGHTS_MAXIMUM_ALLOWED,
103 if (!NT_STATUS_IS_OK(result))
105 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol,
106 info_class, domain_name,
110 if (!NT_STATUS_IS_OK(result))
113 sid_to_string(sid_str, &dom_sid);
116 printf("domain %s has sid %s\n", domain_name, sid_str);
118 printf("could not query info for level %d\n", info_class);
121 printf("domain dns name is %s\n", dns_name);
123 printf("forest name is %s\n", forest_name);
125 if (info_class == 12) {
126 printf("domain GUID is %s\n",
127 smb_uuid_string_static(
128 smb_uuid_unpack_static(dom_guid)));
134 /* Resolve a list of names to a list of sids */
136 static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli,
137 TALLOC_CTX *mem_ctx, int argc,
141 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
147 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
151 result = cli_lsa_open_policy(cli, mem_ctx, True,
152 SEC_RIGHTS_MAXIMUM_ALLOWED,
155 if (!NT_STATUS_IS_OK(result))
158 result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1,
159 (const char**)(argv + 1), &sids, &types);
161 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
162 NT_STATUS_V(STATUS_SOME_UNMAPPED))
165 result = NT_STATUS_OK;
169 for (i = 0; i < (argc - 1); i++) {
171 sid_to_string(sid_str, &sids[i]);
172 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
173 sid_type_lookup(types[i]), types[i]);
180 /* Resolve a list of SIDs to a list of names */
182 static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx,
183 int argc, const char **argv)
186 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
194 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
198 result = cli_lsa_open_policy(cli, mem_ctx, True,
199 SEC_RIGHTS_MAXIMUM_ALLOWED,
202 if (!NT_STATUS_IS_OK(result))
205 /* Convert arguments to sids */
207 sids = (DOM_SID *)talloc(mem_ctx, sizeof(DOM_SID) * (argc - 1));
210 printf("could not allocate memory for %d sids\n", argc - 1);
214 for (i = 0; i < argc - 1; i++)
215 if (!string_to_sid(&sids[i], argv[i + 1])) {
216 result = NT_STATUS_INVALID_SID;
220 /* Lookup the SIDs */
222 result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids,
223 &domains, &names, &types);
225 if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) !=
226 NT_STATUS_V(STATUS_SOME_UNMAPPED))
229 result = NT_STATUS_OK;
233 for (i = 0; i < (argc - 1); i++) {
236 sid_to_string(sid_str, &sids[i]);
237 printf("%s %s\\%s (%d)\n", sid_str,
238 domains[i] ? domains[i] : "*unknown*",
239 names[i] ? names[i] : "*unknown*", types[i]);
246 /* Enumerate list of trusted domains */
248 static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli,
249 TALLOC_CTX *mem_ctx, int argc,
253 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
254 DOM_SID *domain_sids;
257 /* defaults, but may be changed using params */
259 uint32 num_domains = 0;
263 printf("Usage: %s [enum context (0)]\n", argv[0]);
267 if (argc == 2 && argv[1]) {
268 enum_ctx = atoi(argv[2]);
271 result = cli_lsa_open_policy(cli, mem_ctx, True,
272 POLICY_VIEW_LOCAL_INFORMATION,
275 if (!NT_STATUS_IS_OK(result))
278 /* Lookup list of trusted domains */
280 result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx,
282 &domain_names, &domain_sids);
283 if (!NT_STATUS_IS_OK(result) &&
284 !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
285 !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
288 /* Print results: list of names and sids returned in this response. */
289 for (i = 0; i < num_domains; i++) {
292 sid_to_string(sid_str, &domain_sids[i]);
293 printf("%s %s\n", domain_names[i] ? domain_names[i] :
294 "*unknown*", sid_str);
301 /* Enumerates privileges */
303 static NTSTATUS cmd_lsa_enum_privilege(struct cli_state *cli,
304 TALLOC_CTX *mem_ctx, int argc,
308 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
310 uint32 enum_context=0;
311 uint32 pref_max_length=0x1000;
319 printf("Usage: %s [enum context] [max length]\n", argv[0]);
324 enum_context=atoi(argv[1]);
327 pref_max_length=atoi(argv[2]);
329 result = cli_lsa_open_policy(cli, mem_ctx, True,
330 SEC_RIGHTS_MAXIMUM_ALLOWED,
333 if (!NT_STATUS_IS_OK(result))
336 result = cli_lsa_enum_privilege(cli, mem_ctx, &pol, &enum_context, pref_max_length,
337 &count, &privs_name, &privs_high, &privs_low);
339 if (!NT_STATUS_IS_OK(result))
343 printf("found %d privileges\n\n", count);
345 for (i = 0; i < count; i++) {
346 printf("%s \t\t%d:%d (0x%x:0x%x)\n", privs_name[i] ? privs_name[i] : "*unknown*",
347 privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
354 /* Get privilege name */
356 static NTSTATUS cmd_lsa_get_dispname(struct cli_state *cli,
357 TALLOC_CTX *mem_ctx, int argc,
361 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
364 uint16 lang_id_sys=0;
369 printf("Usage: %s privilege name\n", argv[0]);
373 result = cli_lsa_open_policy(cli, mem_ctx, True,
374 SEC_RIGHTS_MAXIMUM_ALLOWED,
377 if (!NT_STATUS_IS_OK(result))
380 result = cli_lsa_get_dispname(cli, mem_ctx, &pol, argv[1], lang_id, lang_id_sys, description, &lang_id_desc);
382 if (!NT_STATUS_IS_OK(result))
386 printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
392 /* Enumerate the LSA SIDS */
394 static NTSTATUS cmd_lsa_enum_sids(struct cli_state *cli,
395 TALLOC_CTX *mem_ctx, int argc,
399 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
401 uint32 enum_context=0;
402 uint32 pref_max_length=0x1000;
408 printf("Usage: %s [enum context] [max length]\n", argv[0]);
413 enum_context=atoi(argv[1]);
416 pref_max_length=atoi(argv[2]);
418 result = cli_lsa_open_policy(cli, mem_ctx, True,
419 SEC_RIGHTS_MAXIMUM_ALLOWED,
422 if (!NT_STATUS_IS_OK(result))
425 result = cli_lsa_enum_sids(cli, mem_ctx, &pol, &enum_context, pref_max_length,
428 if (!NT_STATUS_IS_OK(result))
432 printf("found %d SIDs\n\n", count);
434 for (i = 0; i < count; i++) {
437 sid_to_string(sid_str, &sids[i]);
438 printf("%s\n", sid_str);
445 /* Enumerate the privileges of an SID */
447 static NTSTATUS cmd_lsa_enum_privsaccounts(struct cli_state *cli,
448 TALLOC_CTX *mem_ctx, int argc,
453 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
454 uint32 access_desired = 0x000f000f;
462 printf("Usage: %s SID\n", argv[0]);
466 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
467 if (!NT_STATUS_IS_OK(result))
470 result = cli_lsa_open_policy2(cli, mem_ctx, True,
471 SEC_RIGHTS_MAXIMUM_ALLOWED,
474 if (!NT_STATUS_IS_OK(result))
477 result = cli_lsa_open_account(cli, mem_ctx, &dom_pol, &sid, access_desired, &user_pol);
479 if (!NT_STATUS_IS_OK(result))
482 result = cli_lsa_enum_privsaccount(cli, mem_ctx, &user_pol, &count, &set);
484 if (!NT_STATUS_IS_OK(result))
488 printf("found %d privileges for SID %s\n\n", count, argv[1]);
489 printf("high\tlow\tattribute\n");
491 for (i = 0; i < count; i++) {
492 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
500 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
502 static NTSTATUS cmd_lsa_enum_acct_rights(struct cli_state *cli,
503 TALLOC_CTX *mem_ctx, int argc,
507 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
516 printf("Usage: %s SID\n", argv[0]);
520 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
521 if (!NT_STATUS_IS_OK(result))
524 result = cli_lsa_open_policy2(cli, mem_ctx, True,
525 SEC_RIGHTS_MAXIMUM_ALLOWED,
528 if (!NT_STATUS_IS_OK(result))
531 result = cli_lsa_enum_account_rights(cli, mem_ctx, &dom_pol, sid, &count, &rights);
533 if (!NT_STATUS_IS_OK(result))
536 printf("found %d privileges for SID %s\n", count, sid_string_static(&sid));
538 for (i = 0; i < count; i++) {
539 printf("\t%s\n", rights[i]);
547 /* add some privileges to a SID via LsaAddAccountRights */
549 static NTSTATUS cmd_lsa_add_acct_rights(struct cli_state *cli,
550 TALLOC_CTX *mem_ctx, int argc,
554 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
559 printf("Usage: %s SID [rights...]\n", argv[0]);
563 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
564 if (!NT_STATUS_IS_OK(result))
567 result = cli_lsa_open_policy2(cli, mem_ctx, True,
568 SEC_RIGHTS_MAXIMUM_ALLOWED,
571 if (!NT_STATUS_IS_OK(result))
574 result = cli_lsa_add_account_rights(cli, mem_ctx, &dom_pol, sid,
577 if (!NT_STATUS_IS_OK(result))
585 /* remove some privileges to a SID via LsaRemoveAccountRights */
587 static NTSTATUS cmd_lsa_remove_acct_rights(struct cli_state *cli,
588 TALLOC_CTX *mem_ctx, int argc,
592 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
597 printf("Usage: %s SID [rights...]\n", argv[0]);
601 result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
602 if (!NT_STATUS_IS_OK(result))
605 result = cli_lsa_open_policy2(cli, mem_ctx, True,
606 SEC_RIGHTS_MAXIMUM_ALLOWED,
609 if (!NT_STATUS_IS_OK(result))
612 result = cli_lsa_remove_account_rights(cli, mem_ctx, &dom_pol, sid,
613 False, argc-2, argv+2);
615 if (!NT_STATUS_IS_OK(result))
623 /* Get a privilege value given its name */
625 static NTSTATUS cmd_lsa_lookupprivvalue(struct cli_state *cli,
626 TALLOC_CTX *mem_ctx, int argc,
630 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
634 printf("Usage: %s name\n", argv[0]);
638 result = cli_lsa_open_policy2(cli, mem_ctx, True,
639 SEC_RIGHTS_MAXIMUM_ALLOWED,
642 if (!NT_STATUS_IS_OK(result))
645 result = cli_lsa_lookupprivvalue(cli, mem_ctx, &pol, argv[1], &luid);
647 if (!NT_STATUS_IS_OK(result))
652 printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
658 /* Query LSA security object */
660 static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli,
661 TALLOC_CTX *mem_ctx, int argc,
665 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
667 uint32 sec_info = 0x00000004; /* ??? */
670 printf("Usage: %s\n", argv[0]);
674 result = cli_lsa_open_policy2(cli, mem_ctx, True,
675 SEC_RIGHTS_MAXIMUM_ALLOWED,
678 if (!NT_STATUS_IS_OK(result))
681 result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
683 if (!NT_STATUS_IS_OK(result))
688 display_sec_desc(sdb->sec);
695 /* List of commands exported by this module */
697 struct cmd_set lsarpc_commands[] = {
701 { "lsaquery", RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy, NULL, PI_LSARPC, "Query info policy", "" },
702 { "lookupsids", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids, NULL, PI_LSARPC, "Convert SIDs to names", "" },
703 { "lookupnames", RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names, NULL, PI_LSARPC, "Convert names to SIDs", "" },
704 { "enumtrust", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom, NULL, PI_LSARPC, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" },
705 { "enumprivs", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege, NULL, PI_LSARPC, "Enumerate privileges", "" },
706 { "getdispname", RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname, NULL, PI_LSARPC, "Get the privilege name", "" },
707 { "lsaenumsid", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids, NULL, PI_LSARPC, "Enumerate the LSA SIDS", "" },
708 { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, PI_LSARPC, "Enumerate the privileges of an SID", "" },
709 { "lsaenumacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights, NULL, PI_LSARPC, "Enumerate the rights of an SID", "" },
710 { "lsaaddacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights, NULL, PI_LSARPC, "Add rights to an account", "" },
711 { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, PI_LSARPC, "Remove rights from an account", "" },
712 { "lsalookupprivvalue", RPC_RTYPE_NTSTATUS, cmd_lsa_lookupprivvalue, NULL, PI_LSARPC, "Get a privilege value given its name", "" },
713 { "lsaquerysecobj", RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj, NULL, PI_LSARPC, "Query LSA security object", "" },