if (argv[1]) {
u1003.usri1003_password = argv[1];
} else {
- asprintf(&prompt, "Enter new password for %s:", argv[0]);
+ if (asprintf(&prompt, "Enter new password for %s:", argv[0]) == -1) {
+ return -1;
+ }
u1003.usri1003_password = getpass(prompt);
SAFE_FREE(prompt);
}
SAFE_FREE(token->user_sids);
}
-static bool is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
-{
- int i;
-
- for (i=0; i<token->num_sids; i++) {
- if (sid_compare(sid, &token->user_sids[i]) == 0)
- return true;
- }
- return false;
-}
-
static void add_sid_to_token(NT_USER_TOKEN *token, DOM_SID *sid)
{
if (is_sid_in_token(token, sid))
return false;
}
- string_to_sid(&user_sid, sid_str);
+ if (!string_to_sid(&user_sid, sid_str)) {
+ DEBUG(1,("Could not convert sid %s from string\n", sid_str));
+ return false;
+ }
+
wbcFreeMemory(sid_str);
sid_str = NULL;
/* We have a SID */
DOM_SID sid;
- string_to_sid(&sid, &line[1]);
+ if(!string_to_sid(&sid, &line[1])) {
+ DEBUG(1,("get_user_tokens_from_file: Could "
+ "not convert sid %s \n",&line[1]));
+ return false;
+ }
if (token == NULL) {
DEBUG(0, ("File does not begin with username"));
uint32 acc_granted;
if (share_sd != NULL) {
- if (!se_access_check(share_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(share_sd, &tokens[i].token,
+ 1, &acc_granted);
+
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check share_sd for "
"user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
}
if (root_sd == NULL) {
continue;
}
- if (!se_access_check(root_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(root_sd, &tokens[i].token,
+ 1, &acc_granted);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check root_sd for user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
-
d_printf(" %s\n", tokens[i].name);
}
{
int ret;
bool r;
- ENUM_HND hnd;
uint32 i;
FILE *f;
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
- init_enum_hnd(&hnd, 0);
-
share_list.num_shares = 0;
share_list.shares = NULL;
notime, notime, notime,
NULL, NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, ¶meters,
- 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
+ 0, 0, ACB_DOMTRUST,
+ SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT,
hours,
0, 0, 0, 0, 0, 0, 0,
- crypt_pwd.data, 24);
+ &crypt_pwd);
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
strupper_m(domain_name);
/* account name used at first is our domain's name with '$' */
- asprintf(&acct_name, "%s$", lp_workgroup());
+ if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
+ return -1;
+ }
strupper_m(acct_name);
/*
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_LOOKUP_DOMAIN,
&connect_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
able to enumerate accounts*/
nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_hnd,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
queried_dom_sid,
&domain_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
"net rpc vampire keytab\n"
" Dump remote SAM database to Kerberos keytab file"
},
+ {
+ "passdb",
+ rpc_vampire_passdb,
+ NET_TRANSPORT_RPC,
+ "Dump remote SAM database to passdb",
+ "net rpc vampire passdb\n"
+ " Dump remote SAM database to passdb"
+ },
{NULL, NULL, 0, NULL, NULL}
};