3 # Get or set the security descriptor on a printer
6 import sys, spoolss, re, string
9 print "Usage: psec.py getsec|setsec printername"
13 printername = sys.argv[2]
15 # Display security descriptor
20 hnd = spoolss.openprinter(printername)
22 print "error opening printer %s" % printername
25 secdesc = hnd.getprinter(level = 3)["security_descriptor"]
27 print secdesc["owner_sid"]
28 print secdesc["group_sid"]
30 for acl in secdesc["dacl"]["ace_list"]:
31 print "%d %d 0x%08x %s" % (acl["type"], acl["flags"],
32 acl["mask"], acl["trustee"])
34 spoolss.closeprinter(hnd)
38 # Set security descriptor
45 hnd = spoolss.openprinter(printername,
46 creds = {"domain": "NPSD-TEST2",
47 "username": "Administrator",
48 "password": "penguin"})
50 print "error opening printer %s" % printername
53 # Read lines from standard input and build security descriptor
55 lines = sys.stdin.readlines()
59 secdesc["owner_sid"] = lines[0]
60 secdesc["group_sid"] = lines[1]
62 secdesc["revision"] = 1
64 secdesc["dacl"]["revision"] = 2
65 secdesc["dacl"]["ace_list"] = []
68 match = re.match("(\d+) (\d+) (0[xX][\dA-Fa-f]+) (\S+)", acl)
69 secdesc["dacl"]["ace_list"].append(
70 {"type": int(match.group(1)), "flags": int(match.group(2)),
71 "mask": string.atoi(match.group(3), 0), "trustee": match.group(4)})
73 # Build info3 structure
77 info3["flags"] = 0x8004 # self-relative, dacl present
79 info3["security_descriptor"] = secdesc
83 spoolss.closeprinter(hnd)
86 print "invalid operation %s" % op