[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.

[samba.git] / source / rpcclient / cmd_lsarpc.c
diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c

index c79508de8d0d7d01609cf81fdc277856824b25c5..31a8e2bdfd130ba1d4682eb3c0fd30c963baef08 100644 (file)
--- a/source/rpcclient/cmd_lsarpc.c
+++ b/source/rpcclient/cmd_lsarpc.c
@@ -7,7 +7,7 @@
  
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
     (at your option) any later version.
     
     This program is distributed in the hope that it will be useful,
@@ -16,8 +16,7 @@
     GNU General Public License for more details.
     
     You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
  
  #include "includes.h"
@@ -31,7 +30,7 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
                             DOM_SID *sid, const char *name)
  {
         POLICY_HND pol;
-       uint32 *sid_types;
+       enum lsa_SidType *sid_types;
         NTSTATUS result;
         DOM_SID *sids;
  
@@ -47,11 +46,11 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *cli,
         if (!NT_STATUS_IS_OK(result))
                 goto done;
  
-       result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, &sids, &sid_types);
+       result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, NULL, 1, &sids, &sid_types);
         if (!NT_STATUS_IS_OK(result))
                 goto done;
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
  
         *sid = sids[0];
  
@@ -59,8 +58,109 @@ done:
         return result;
  }
  
+static void display_query_info_1(DOM_QUERY_1 d)
+{
+       d_printf("percent_full:\t%d\n", d.percent_full);
+       d_printf("log_size:\t%d\n", d.log_size);
+       d_printf("retention_time:\t%lld\n", (long long)d.retention_time);
+       d_printf("shutdown_in_progress:\t%d\n", d.shutdown_in_progress);
+       d_printf("time_to_shutdown:\t%lld\n", (long long)d.time_to_shutdown);
+       d_printf("next_audit_record:\t%d\n", d.next_audit_record);
+       d_printf("unknown:\t%d\n", d.unknown);
+}
+
+static void display_query_info_2(DOM_QUERY_2 d, TALLOC_CTX *mem_ctx)
+{
+       int i;
+       d_printf("Auditing enabled:\t%d\n", d.auditing_enabled);
+       d_printf("Auditing categories:\t%d\n", d.count1);
+       d_printf("Auditsettings:\n");
+       for (i=0; i<d.count1; i++) {
+               const char *val = audit_policy_str(mem_ctx, d.auditsettings[i]);
+               const char *policy = audit_description_str(i);
+               d_printf("%s:\t%s\n", policy, val);
+       }
+}
+
+static void display_query_info_3(DOM_QUERY_3 d)
+{
+       fstring name;
+
+       unistr2_to_ascii(name, &d.uni_domain_name, sizeof(name));
+
+       d_printf("Domain Name: %s\n", name);
+       d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
+}
+
+static void display_query_info_5(DOM_QUERY_5 d)
+{
+       fstring name;
+
+       unistr2_to_ascii(name, &d.uni_domain_name, sizeof(name));
+
+       d_printf("Domain Name: %s\n", name);
+       d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
+}
+
+static void display_query_info_10(DOM_QUERY_10 d)
+{
+       d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
+}
+
+static void display_query_info_11(DOM_QUERY_11 d)
+{
+       d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
+       d_printf("Log is full: %d\n", d.log_is_full);
+       d_printf("Unknown: %d\n", d.unknown);
+}
+
+static void display_query_info_12(DOM_QUERY_12 d)
+{
+       fstring dom_name, dns_dom_name, forest_name;
+
+       unistr2_to_ascii(dom_name, &d.uni_nb_dom_name, sizeof(dom_name));
+       unistr2_to_ascii(dns_dom_name, &d.uni_dns_dom_name, sizeof(dns_dom_name));
+       unistr2_to_ascii(forest_name, &d.uni_forest_name, sizeof(forest_name));
  
-/* Look up domain related information on a remote host */
+       d_printf("Domain NetBios Name: %s\n", dom_name);
+       d_printf("Domain DNS Name: %s\n", dns_dom_name);
+       d_printf("Domain Forest Name: %s\n", forest_name);
+       d_printf("Domain Sid: %s\n", sid_string_static(&d.dom_sid.sid));
+       d_printf("Domain GUID: %s\n", smb_uuid_string_static(d.dom_guid));
+
+}
+
+
+
+static void display_lsa_query_info(LSA_INFO_CTR *dom, TALLOC_CTX *mem_ctx)
+{
+       switch (dom->info_class) {
+               case 1:
+                       display_query_info_1(dom->info.id1);
+                       break;
+               case 2:
+                       display_query_info_2(dom->info.id2, mem_ctx);
+                       break;
+               case 3:
+                       display_query_info_3(dom->info.id3);
+                       break;
+               case 5:
+                       display_query_info_5(dom->info.id5);
+                       break;
+               case 10:
+                       display_query_info_10(dom->info.id10);
+                       break;
+               case 11:
+                       display_query_info_11(dom->info.id11);
+                       break;
+               case 12:
+                       display_query_info_12(dom->info.id12);
+                       break;
+               default:
+                       printf("can't display info level: %d\n", dom->info_class);
+                       break;
+       }
+}
  
  static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli, 
                                            TALLOC_CTX *mem_ctx, int argc, 
@@ -68,11 +168,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
  {
         POLICY_HND pol;
         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-       DOM_SID *dom_sid = NULL;
-       struct uuid *dom_guid;
-       char *domain_name = NULL;
-       char *dns_name = NULL;
-       char *forest_name = NULL;
+       LSA_INFO_CTR dom;
  
         uint32 info_class = 3;
  
@@ -83,58 +179,35 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
  
         if (argc == 2)
                 info_class = atoi(argv[1]);
-       
-       /* Lookup info policy */
+
         switch (info_class) {
         case 12:
                 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
-                                            SEC_RIGHTS_MAXIMUM_ALLOWED,
-                                            &pol);
+                                                SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                                &pol);
  
                 if (!NT_STATUS_IS_OK(result))
                         goto done;
-               result = rpccli_lsa_query_info_policy2(cli, mem_ctx, &pol,
-                                                   info_class, &domain_name,
-                                                   &dns_name, &forest_name,
-                                                   &dom_guid, &dom_sid);
+                       
+               result = rpccli_lsa_query_info_policy2_new(cli, mem_ctx, &pol,
+                                                          info_class, &dom);
                 break;
         default:
                 result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
-                                    SEC_RIGHTS_MAXIMUM_ALLOWED,
-                                    &pol);
+                                               SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                               &pol);
  
                 if (!NT_STATUS_IS_OK(result))
                         goto done;
-               result = rpccli_lsa_query_info_policy(cli, mem_ctx, &pol, 
-                                                  info_class, &domain_name, 
-                                                  &dom_sid);
-       }
-
-       if (!NT_STATUS_IS_OK(result))
-               goto done;
-       
-       if (domain_name) {
-               if (dom_sid == NULL) {
-                       printf("got no sid for domain %s\n", domain_name);
-               } else {
-                       printf("domain %s has sid %s\n", domain_name,
-                              sid_string_static(dom_sid));
-               }
-       } else {
-               printf("could not query info for level %d\n", info_class);
+               
+               result = rpccli_lsa_query_info_policy_new(cli, mem_ctx, &pol, 
+                                                         info_class, &dom);
         }
  
-       if (dns_name)
-               printf("domain dns name is %s\n", dns_name);
-       if (forest_name)
-               printf("forest name is %s\n", forest_name);
  
-       if (info_class == 12) {
-               printf("domain GUID is ");
-               smb_uuid_string_static(*dom_guid);
-       }
+       display_lsa_query_info(&dom, mem_ctx);
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
  
   done:
         return result;
@@ -149,7 +222,7 @@ static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
         POLICY_HND pol;
         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
         DOM_SID *sids;
-       uint32 *types;
+       enum lsa_SidType *types;
         int i;
  
         if (argc == 1) {
@@ -165,7 +238,7 @@ static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
                 goto done;
  
         result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1, 
-                                     (const char**)(argv + 1), &sids, &types);
+                                     (const char**)(argv + 1), NULL, 1, &sids, &types);
  
         if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != 
             NT_STATUS_V(STATUS_SOME_UNMAPPED))
@@ -182,12 +255,63 @@ static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli,
                        sid_type_lookup(types[i]), types[i]);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
+
+ done:
+       return result;
+}
+
+/* Resolve a list of names to a list of sids */
+
+static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli, 
+                                          TALLOC_CTX *mem_ctx, int argc, 
+                                          const char **argv)
+{
+       POLICY_HND pol;
+       NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+       DOM_SID *sids;
+       enum lsa_SidType *types;
+       int i, level;
+
+       if (argc < 3) {
+               printf("Usage: %s [level] [name1 [name2 [...]]]\n", argv[0]);
+               return NT_STATUS_OK;
+       }
+
+       result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
+                                    SEC_RIGHTS_MAXIMUM_ALLOWED,
+                                    &pol);
+
+       if (!NT_STATUS_IS_OK(result))
+               goto done;
+
+       level = atoi(argv[1]);
+
+       result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 2, 
+                                     (const char**)(argv + 2), NULL, level, &sids, &types);
+
+       if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != 
+           NT_STATUS_V(STATUS_SOME_UNMAPPED))
+               goto done;
+
+       result = NT_STATUS_OK;
+
+       /* Print results */
+
+       for (i = 0; i < (argc - 2); i++) {
+               fstring sid_str;
+               sid_to_string(sid_str, &sids[i]);
+               printf("%s %s (%s: %d)\n", argv[i + 2], sid_str,
+                      sid_type_lookup(types[i]), types[i]);
+       }
+
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
  
   done:
         return result;
  }
  
+
  /* Resolve a list of SIDs to a list of names */
  
  static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
@@ -198,7 +322,7 @@ static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem
         DOM_SID *sids;
         char **domains;
         char **names;
-       uint32 *types;
+       enum lsa_SidType *types;
         int i;
  
         if (argc == 1) {
@@ -250,7 +374,7 @@ static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem
                        names[i] ? names[i] : "*unknown*", types[i]);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
  
   done:
         return result;
@@ -313,7 +437,7 @@ static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli,
                 }
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -367,7 +491,7 @@ static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli,
                        privs_high[i], privs_low[i], privs_high[i], privs_low[i]);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -406,7 +530,7 @@ static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli,
         /* Print results */
         printf("%s -> %s (language: 0x%x)\n", argv[1], description, lang_id_desc);
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -460,7 +584,7 @@ static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli,
                 printf("%s\n", sid_str);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -502,7 +626,7 @@ static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli,
         printf("Account for SID %s successfully created\n\n", argv[1]);
         result = NT_STATUS_OK;
  
-       rpccli_lsa_close(cli, mem_ctx, &dom_pol);
+       rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
   done:
         return result;
  }
@@ -558,7 +682,7 @@ static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli,
                 printf("%u\t%u\t%u\n", set[i].luid.high, set[i].luid.low, set[i].attr);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &dom_pol);
+       rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
   done:
         return result;
  }
@@ -606,7 +730,7 @@ static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli,
                 printf("\t%s\n", rights[i]);
         }
  
-       rpccli_lsa_close(cli, mem_ctx, &dom_pol);
+       rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
   done:
         return result;
  }
@@ -645,7 +769,7 @@ static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli,
         if (!NT_STATUS_IS_OK(result))
                 goto done;
  
-       rpccli_lsa_close(cli, mem_ctx, &dom_pol);
+       rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
   done:
         return result;
  }
@@ -684,7 +808,7 @@ static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
         if (!NT_STATUS_IS_OK(result))
                 goto done;
  
-       rpccli_lsa_close(cli, mem_ctx, &dom_pol);
+       rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
  
   done:
         return result;
@@ -722,7 +846,7 @@ static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli,
  
         printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -736,10 +860,10 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
         POLICY_HND pol;
         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
         SEC_DESC_BUF *sdb;
-       uint32 sec_info = 0x00000004; /* ??? */
+       uint32 sec_info = DACL_SECURITY_INFORMATION;
  
-       if (argc != 1 ) {
-               printf("Usage: %s\n", argv[0]);
+       if (argc < 1 || argc > 2) {
+               printf("Usage: %s [sec_info]\n", argv[0]);
                 return NT_STATUS_OK;
         }
  
@@ -747,6 +871,9 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
                                       SEC_RIGHTS_MAXIMUM_ALLOWED,
                                       &pol);
  
+       if (argc == 2) 
+               sscanf(argv[1], "%x", &sec_info);
+
         if (!NT_STATUS_IS_OK(result))
                 goto done;
  
@@ -757,9 +884,9 @@ static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
  
         /* Print results */
  
-       display_sec_desc(sdb->sec);
+       display_sec_desc(sdb->sd);
  
-       rpccli_lsa_close(cli, mem_ctx, &pol);
+       rpccli_lsa_Close(cli, mem_ctx, &pol);
   done:
         return result;
  }
@@ -782,10 +909,7 @@ static void display_trust_dom_info_4(TRUSTED_DOMAIN_INFO_PASSWORD *p, const char
         DATA_BLOB data_old = data_blob(NULL, p->old_password.length);
  
         memcpy(data.data, p->password.data, p->password.length);
-       data.length     = p->password.length;
-                               
         memcpy(data_old.data, p->old_password.data, p->old_password.length);
-       data_old.length = p->old_password.length;
         
         pwd     = decrypt_trustdom_secret(password, &data);
         pwd_old = decrypt_trustdom_secret(password, &data_old);
@@ -870,7 +994,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
  
   done:
         if (&pol)
-               rpccli_lsa_close(cli, mem_ctx, &pol);
+               rpccli_lsa_Close(cli, mem_ctx, &pol);
  
         return result;
  }
@@ -908,7 +1032,7 @@ static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
  
   done:
         if (&pol)
-               rpccli_lsa_close(cli, mem_ctx, &pol);
+               rpccli_lsa_Close(cli, mem_ctx, &pol);
  
         return result;
  }
@@ -957,7 +1081,7 @@ static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
  
   done:
         if (&pol)
-               rpccli_lsa_close(cli, mem_ctx, &pol);
+               rpccli_lsa_Close(cli, mem_ctx, &pol);
  
         return result;
  }
@@ -973,6 +1097,7 @@ struct cmd_set lsarpc_commands[] = {
         { "lsaquery",            RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy,  NULL, PI_LSARPC, NULL, "Query info policy",                    "" },
         { "lookupsids",          RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids,        NULL, PI_LSARPC, NULL, "Convert SIDs to names",                "" },
         { "lookupnames",         RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names,       NULL, PI_LSARPC, NULL, "Convert names to SIDs",                "" },
+       { "lookupnames_level",   RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, PI_LSARPC, NULL, "Convert names to SIDs",                "" },
         { "enumtrust",           RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom,     NULL, PI_LSARPC, NULL, "Enumerate trusted domains",            "Usage: [preferred max number] [enum context (0)]" },
         { "enumprivs",           RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege,     NULL, PI_LSARPC, NULL, "Enumerate privileges",                 "" },
         { "getdispname",         RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname,       NULL, PI_LSARPC, NULL, "Get the privilege name",               "" },