--- /dev/null
+#!/bin/sh
+exec smbscript "$0" ${1+"$@"}
+/*
+ Dump Samba3 data
+ Copyright Jelmer Vernooij 2005
+ Released under the GNU GPL v2 or later
+*/
+
+options = GetOptions(ARGV,
+ "POPT_AUTOHELP",
+ "POPT_COMMON_SAMBA",
+ "POPT_COMMON_VERSION",
+ 'format=s',
+ 'quiet', 'blank');
+
+if (options == undefined) {
+ println("Failed to parse options");
+ return -1;
+}
+
+if (options.format == undefined) {
+ options.format = "summary";
+}
+
+if (options.format != "summary" && options.format != "full") {
+ printf("Unknown format %s\n", options.format);
+ return -1;
+}
+
+libinclude("base.js");
+
+if (ARGV.length != 3) {
+ println("Usage: samba3dump <libdir> <smb.conf>");
+ return -1;
+}
+
+function print_header(txt)
+{
+ printf("\n%s\n", txt);
+ for (i = 0; txt[i]; i++) putchar('=');
+ putchar('\n');
+}
+
+function print_samba3_policy(pol)
+{
+ print_header("Account Policies");
+ printf("Min password length: %d\n", pol.min_password_length);
+ printf("Password history length: %d\n", pol.password_history);
+ printf("User must logon to change password: %d\n", pol.user_must_logon_to_change_password);
+ printf("Maximum password age: %d\n", pol.maximum_password_age);
+ printf("Minimum password age: %d\n", pol.minimum_password_age);
+ printf("Lockout duration: %d\n", pol.lockout_duration);
+ printf("Reset Count Minutes: %d\n", pol.reset_count_minutes);
+ printf("Bad Lockout Minutes: %d\n", pol.bad_lockout_minutes);
+ printf("Disconnect Time: %d\n", pol.disconnect_time);
+ printf("Refuse Machine Password Change: %d\n", pol.refuse_machine_password_change);
+}
+
+function print_samba3_sam(samba3)
+{
+ print_header("SAM Database");
+
+ for (i = 0; i < samba3.samaccount_count; i++) {
+ printf("%d: %s\n", samba3.samaccounts[i].user_rid, samba3.samaccounts[i].username);
+ }
+}
+
+function print_samba3_shares(samba3)
+{
+ print_header("Configured shares");
+ for (i = 0; i < samba3.share_count; i++) {
+ printf("--- %s ---\n", samba3.shares[i].name);
+
+ for (j = 0; j < samba3.shares[i].parameter_count; j++) {
+ printf("\t%s = %s\n", samba3.shares[i].parameters[j].name, samba3.shares[i].parameters[j].value);
+ }
+
+ println("");
+ }
+}
+
+function print_samba3_secrets(secrets)
+{
+ print_header("Secrets");
+
+ println("IPC Credentials:");
+ if (secrets.ipc_cred.username_obtained)
+ printf(" User: %s\n", secrets.ipc_cred.username);
+ if (secrets.ipc_cred.password_obtained)
+ printf(" Password: %s\n", secrets.ipc_cred.password);
+
+ if (secrets.ipc_cred.domain_obtained)
+ printf(" Domain: %s\n\n", secrets.ipc_cred.domain);
+
+ println("LDAP passwords:");
+ for (i = 0; i < secrets.ldappw_count; i++) {
+ printf("\t%s -> %s\n", secrets.ldappws[i].dn, secrets.ldappws[i].password);
+ }
+ println("");
+
+ println("Domains:");
+ for (i = 0; i < secrets.domain_count; i++) {
+ printf("\t--- %s ---\n", secrets.domains[i].name);
+ printf("\tSID: %s\n", secrets.domains[i].sid);
+ printf("\tGUID: %s\n", secrets.domains[i].guid);
+ printf("\tPlaintext pwd: %s\n", secrets.domains[i].plaintext_pw);
+ printf("\tLast Changed: %lu\n", secrets.domains[i].last_change_time);
+ printf("\tSecure Channel Type: %d\n\n", secrets.domains[i].sec_channel_type);
+ }
+
+ println("Trusted domains:");
+ for (i = 0; i < secrets.trusted_domain_count; i++) {
+ for (j = 0; j < secrets.trusted_domains[i].uni_name_len; j++) {
+ printf("\t--- %s ---\n", secrets.trusted_domains[i].uni_name[j]);
+ }
+ printf("\tPassword: %s\n", secrets.trusted_domains[i].pass);
+ printf("\tModified: %lu\n", secrets.trusted_domains[i].mod_time);
+ printf("\tSID: %s\n", secrets.trusted_domains[i].domain_sid);
+ }
+}
+
+function print_samba3_regdb(regdb)
+{
+ print_header("Registry");
+
+ for (i = 0; i < regdb.key_count; i++) {
+ printf("%s\n", regdb.keys[i].name);
+ for (j = 0; j < regdb.keys[i].value_count; j++) {
+ printf("\t%s: type %d, length %d\n",
+ regdb.keys[i].values[j].name,
+ regdb.keys[i].values[j].type,
+ regdb.keys[i].values[j].data.length);
+ }
+ }
+}
+
+function print_samba3_winsdb(samba3)
+{
+ print_header("WINS Database");
+
+ for (i = 0; i < samba3.winsdb_count; i++) {
+ printf("%s, nb_flags: %x, type: %d, ttl: %lu, %d ips\n", samba3.winsdb_entries[i].name, samba3.winsdb_entries[i].nb_flags, samba3.winsdb_entries[i].type, samba3.winsdb_entries[i].ttl, samba3.winsdb_entries[i].ip_count);
+ }
+}
+
+function print_samba3_groupdb(groupdb)
+{
+ int i;
+ print_header("Group Mappings");
+
+ for (i = 0; i < groupdb.groupmap_count; i++)
+ {
+ printf("\t--- Group: %s ---\n", groupdb.groupmappings[i].nt_name);
+ printf("\tComment: %s\n", groupdb.groupmappings[i].comment);
+ printf("\tGID: %d\n", groupdb.groupmappings[i].gid);
+ printf("\tSID Name Use: %d\n", groupdb.groupmappings[i].sid_name_use);
+ printf("\tSID: %s\n\n", groupdb.groupmappings[i].sid);
+ }
+
+ for (i = 0; i < groupdb.alias_count; i++)
+ {
+ int j;
+ printf("\t--- Alias: %s ---\n", groupdb.aliases[i].sid);
+ for (j = 0; j < groupdb.aliases[i].member_count; j++) {
+ printf("\t%s\n", groupdb.aliases[i].members[j]);
+ }
+ }
+}
+
+function print_samba3_idmapdb(idmapdb)
+{
+ print_header("Winbindd SID<->GID/UID mappings");
+
+ printf("User High Water Mark: %d\n", idmapdb.user_hwm);
+ printf("Group High Water Mark: %d\n\n", idmapdb.group_hwm);
+
+ for (i = 0; i < idmapdb.mapping_count; i++) {
+ printf("%s -> ",
+ idmapdb.mappings[i].sid);
+
+ if (idmapdb.mappings[i].type == IDMAP_GROUP) {
+ printf("GID %d", idmapdb.mappings[i].unix_id);
+ } else {
+ printf("UID %d", idmapdb.mappings[i].unix_id);
+ }
+ }
+}
+
+function print_samba3(samba3)
+{
+ print_samba3_sam(samba3);
+ print_samba3_policy(samba3.policy);
+ print_samba3_shares(samba3);
+ print_samba3_winsdb(samba3);
+ print_samba3_regdb(samba3.registry);
+ print_samba3_secrets(samba3.secrets);
+ print_samba3_groupdb(samba3.group);
+ print_samba3_idmapdb(samba3.idmap);
+}
+
+function print_samba3_summary(samba3)
+{
+ printf("WINS db entries: %d\n", samba3.winsdb_count);
+ printf("SAM Accounts: %d\n", samba3.samaccount_count);
+ printf("Registry key count: %d\n", samba3.registry.key_count);
+ printf("Shares (including [global]): %d\n", samba3.share_count);
+ printf("Groupmap count: %d\n", samba3.group.groupmap_count);
+ printf("Alias count: %d\n", samba3.group.alias_count);
+ printf("Idmap count: %d\n", samba3.idmap.mapping_count);
+}
+
+samba3 = samba3_read(ARGV[1], ARGV[2]);
+
+if (options.format == "summary") {
+ print_samba3_summary(samba3);
+} else if (options.format == "full") {
+ print_samba3(samba3);
+}
+
+return 0;
--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+
+ provide hooks into smbd C calls from ejs scripts
+
+ Copyright (C) Jelmer Vernooij 2005
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+#include "scripting/ejs/smbcalls.h"
+#include "lib/appweb/ejs/ejs.h"
+#include "lib/samba3/samba3.h"
+
+#if 0
+struct samba3_samaccount {
+ uint32_t logon_time,
+ logoff_time,
+ kickoff_time,
+ bad_password_time,
+ pass_last_set_time,
+ pass_can_change_time,
+ pass_must_change_time;
+ char *username;
+ char *domain;
+ char *nt_username;
+ char *dir_drive;
+ char *unknown_str;
+ char *munged_dial;
+ char *fullname;
+ char *homedir;
+ char *logon_script;
+ char *profile_path;
+ char *acct_desc;
+ char *workstations;
+ uint32_t user_rid, group_rid, hours_len, unknown_6;
+ uint16_t acct_ctrl, logon_divs;
+ uint16_t bad_password_count, logon_count;
+ uint8_t *lm_pw_ptr, *nt_pw_ptr;
+ uint8_t *nt_pw_hist_ptr;
+ uint8_t *hours;
+};
+
+struct samba3_groupmapping {
+ gid_t gid;
+ struct dom_sid *sid;
+ int sid_name_use;
+ const char *nt_name;
+ const char *comment;
+};
+
+struct samba3_alias {
+ struct dom_sid *sid;
+ uint32_t member_count;
+ struct dom_sid **members;
+};
+
+struct samba3_groupdb {
+ uint32_t groupmap_count;
+ struct samba3_groupmapping *groupmappings;
+
+ uint32_t alias_count;
+ struct samba3_alias *aliases;
+};
+
+struct samba3_idmap_mapping
+{
+ enum { IDMAP_GROUP, IDMAP_USER } type;
+ uint32_t unix_id;
+ struct dom_sid *sid;
+};
+
+struct samba3_idmapdb
+{
+ /* High water marks */
+ uint32_t user_hwm;
+ uint32_t group_hwm;
+
+ uint32_t mapping_count;
+ struct samba3_idmap_mapping *mappings;
+};
+
+struct samba3_winsdb_entry
+{
+ char *name;
+ int nb_flags;
+ int type;
+ time_t ttl;
+ uint32_t ip_count;
+ struct ipv4_addr *ips;
+};
+
+struct samba3_policy
+{
+ uint32_t min_password_length;
+ uint32_t password_history;
+ uint32_t user_must_logon_to_change_password;
+ uint32_t maximum_password_age;
+ uint32_t minimum_password_age;
+ uint32_t lockout_duration;
+ uint32_t reset_count_minutes;
+ uint32_t bad_lockout_minutes;
+ uint32_t disconnect_time;
+ uint32_t refuse_machine_password_change;
+};
+
+struct samba3_regval {
+ char *name;
+ uint16_t type;
+ DATA_BLOB data;
+};
+
+struct samba3_regkey {
+ char *name;
+
+ uint32_t value_count;
+ struct samba3_regval *values;
+
+ uint32_t subkey_count;
+ char **subkeys;
+};
+
+struct samba3_regdb
+{
+ uint32_t key_count;
+ struct samba3_regkey *keys;
+};
+
+struct samba3_secrets
+{
+ struct cli_credentials *ipc_cred;
+
+ uint32_t ldappw_count;
+ struct samba3_ldappw
+ {
+ char *dn;
+ char *password;
+ } *ldappws;
+
+ uint32_t domain_count;
+ struct samba3_domainsecrets
+ {
+ char *name;
+ struct dom_sid sid;
+ struct GUID guid;
+ char *plaintext_pw;
+ time_t last_change_time;
+ struct {
+ uint8_t hash[16];
+ time_t mod_time;
+ } hash_pw;;
+ int sec_channel_type;
+ } *domains;
+
+ uint32_t trusted_domain_count;
+ struct samba3_trusted_dom_pass {
+ uint32_t uni_name_len;
+ const char *uni_name[32]; /* unicode domain name */
+ const char *pass; /* trust relationship's password */
+ time_t mod_time;
+ struct dom_sid domain_sid; /* remote domain's sid */
+ } *trusted_domains;
+
+ uint32_t afs_keyfile_count;
+
+ struct samba3_afs_keyfile {
+ uint32_t nkeys;
+ struct {
+ uint32_t kvno;
+ char key[8];
+ } entry[8];
+ char *cell;
+ } *afs_keyfiles;
+};
+
+struct samba3_parameter {
+ char *name;
+ char *value;
+};
+
+struct samba3_share_info {
+ char *name;
+ struct security_descriptor secdesc;
+
+ uint32_t parameter_count;
+ struct samba3_parameter *parameters;
+};
+
+struct samba3
+{
+ uint32_t winsdb_count;
+ struct samba3_winsdb_entry *winsdb_entries;
+
+ uint32_t samaccount_count;
+ struct samba3_samaccount *samaccounts;
+
+ uint32_t share_count;
+ struct samba3_share_info *shares;
+
+ struct samba3_secrets secrets;
+ struct samba3_groupdb group;
+ struct samba3_idmapdb idmap;
+ struct samba3_policy policy;
+ struct samba3_regdb registry;
+};
+
+#endif
+
+/*
+ initialise samba3 ejs subsystem
+*/
+static int ejs_samba3_read(MprVarHandle eid, int argc, struct MprVar **argv)
+{
+ struct MprVar *mpv = mprInitObject(eid, "samba3", argc, argv);
+ struct samba3 *samba3;
+ NTSTATUS status;
+
+ if (argc < 2) {
+ ejsSetErrorMsg(eid, "samba3_read invalid arguments");
+ return -1;
+ }
+
+ status = samba3_read(mprToString(argv[0]), mprToString(argv[0]), mprMemCtx(), &samba3);
+
+ if (NT_STATUS_IS_ERR(status)) {
+ ejsSetErrorMsg(eid, "samba3_read: error");
+ return -1;
+ }
+
+ mprSetThisPtr(eid, "db", samba3);
+
+ return 0;
+}
+
+
+/*
+ setup C functions that be called from ejs
+*/
+void smb_setup_ejs_samba3(void)
+{
+ ejsDefineCFunction(-1, "samba3_read", ejs_samba3_read, NULL, MPR_VAR_SCRIPT_HANDLE);
+}
git.samba.org / jelmer / samba4.git / commitdiff