diff options
Diffstat (limited to 'source/rpcclient/cmd_lsarpc.c')
-rw-r--r-- | source/rpcclient/cmd_lsarpc.c | 110 |
1 files changed, 40 insertions, 70 deletions
diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c index ed681606588..17180e237f7 100644 --- a/source/rpcclient/cmd_lsarpc.c +++ b/source/rpcclient/cmd_lsarpc.c @@ -2,8 +2,7 @@ Unix SMB/CIFS implementation. RPC pipe client - Copyright (C) Tim Potter 2000 - Copyright (C) Rafal Szczesniak 2002 + Copyright (C) Tim Potter 2000 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,8 +31,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli, POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID dom_sid; - GUID dom_guid; - fstring sid_str, domain_name="", dns_name="", forest_name=""; + fstring sid_str, domain_name; uint32 info_class = 3; if (argc > 2) { @@ -44,31 +42,17 @@ static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli, if (argc == 2) info_class = atoi(argv[1]); - /* Lookup info policy */ - switch (info_class) { - case 12: - result = cli_lsa_open_policy2(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &pol); - - if (!NT_STATUS_IS_OK(result)) - goto done; - result = cli_lsa_query_info_policy2(cli, mem_ctx, &pol, - info_class, domain_name, - dns_name, forest_name, - &dom_guid, &dom_sid); - break; - default: - result = cli_lsa_open_policy(cli, mem_ctx, True, + result = cli_lsa_open_policy(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); - if (!NT_STATUS_IS_OK(result)) - goto done; - result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, - info_class, domain_name, - &dom_sid); - } + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Lookup info policy */ + + result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class, + domain_name, &dom_sid); if (!NT_STATUS_IS_OK(result)) goto done; @@ -80,15 +64,6 @@ static NTSTATUS cmd_lsa_query_info_policy(struct cli_state *cli, else printf("could not query info for level %d\n", info_class); - if (dns_name[0]) - printf("domain dns name is %s\n", dns_name); - if (forest_name[0]) - printf("forest name is %s\n", forest_name); - - if (info_class == 12) { - printf("domain GUID is "); - print_guid(&dom_guid); - } done: return result; } @@ -117,11 +92,11 @@ static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli, if (!NT_STATUS_IS_OK(result)) goto done; - result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1, - (const char**)(argv + 1), &sids, &types); + result = cli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1, + (const char**)(argv + 1), &sids, &types); - if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != - NT_STATUS_V(STATUS_SOME_UNMAPPED)) + if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != + NT_STATUS_V(STATUS_SOME_UNMAPPED)) goto done; result = NT_STATUS_OK; @@ -130,9 +105,10 @@ static NTSTATUS cmd_lsa_lookup_names(struct cli_state *cli, for (i = 0; i < (argc - 1); i++) { fstring sid_str; + sid_to_string(sid_str, &sids[i]); - printf("%s %s (%s: %d)\n", argv[i + 1], sid_str, - sid_type_lookup(types[i]), types[i]); + printf("%s %s (%d)\n", argv[i + 1], sid_str, + types[i]); } done: @@ -178,11 +154,11 @@ static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Lookup the SIDs */ - result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids, - &domains, &names, &types); + result = cli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids, + &domains, &names, &types); - if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != - NT_STATUS_V(STATUS_SOME_UNMAPPED)) + if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != + NT_STATUS_V(STATUS_SOME_UNMAPPED)) goto done; result = NT_STATUS_OK; @@ -193,9 +169,9 @@ static NTSTATUS cmd_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, fstring sid_str; sid_to_string(sid_str, &sids[i]); - printf("%s %s\\%s (%d)\n", sid_str, - domains[i] ? domains[i] : "*unknown*", - names[i] ? names[i] : "*unknown*", types[i]); + printf("%s %s\\%s (%d)\n", sid_str, + domains[i] ? domains[i] : "*unknown*", + names[i] ? names[i] : "*unknown*", types[i]); } done: @@ -212,23 +188,17 @@ static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_SID *domain_sids; char **domain_names; - - /* defaults, but may be changed using params */ uint32 enum_ctx = 0; - uint32 num_domains = 0; + uint32 num_domains; int i; - if (argc > 2) { - printf("Usage: %s [enum context (0)]\n", argv[0]); + if (argc != 1) { + printf("Usage: %s\n", argv[0]); return NT_STATUS_OK; } - if (argc == 2 && argv[1]) { - enum_ctx = atoi(argv[2]); - } - result = cli_lsa_open_policy(cli, mem_ctx, True, - POLICY_VIEW_LOCAL_INFORMATION, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) @@ -237,14 +207,14 @@ static NTSTATUS cmd_lsa_enum_trust_dom(struct cli_state *cli, /* Lookup list of trusted domains */ result = cli_lsa_enum_trust_dom(cli, mem_ctx, &pol, &enum_ctx, - &num_domains, - &domain_names, &domain_sids); - if (!NT_STATUS_IS_OK(result) && - !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) && - !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) - goto done; - - /* Print results: list of names and sids returned in this response. */ + &num_domains, &domain_names, + &domain_sids); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Print results */ + for (i = 0; i < num_domains; i++) { fstring sid_str; @@ -530,10 +500,10 @@ struct cmd_set lsarpc_commands[] = { { "LSARPC" }, - { "lsaquery", cmd_lsa_query_info_policy, PIPE_LSARPC, "Query info policy", "" }, - { "lookupsids", cmd_lsa_lookup_sids, PIPE_LSARPC, "Convert SIDs to names", "" }, - { "lookupnames", cmd_lsa_lookup_names, PIPE_LSARPC, "Convert names to SIDs", "" }, - { "enumtrust", cmd_lsa_enum_trust_dom, PIPE_LSARPC, "Enumerate trusted domains", "Usage: [preferred max number] [enum context (0)]" }, + { "lsaquery", cmd_lsa_query_info_policy, PIPE_LSARPC, "Query info policy", "" }, + { "lookupsids", cmd_lsa_lookup_sids, PIPE_LSARPC, "Convert SIDs to names", "" }, + { "lookupnames", cmd_lsa_lookup_names, PIPE_LSARPC, "Convert names to SIDs", "" }, + { "enumtrust", cmd_lsa_enum_trust_dom, PIPE_LSARPC, "Enumerate trusted domains", "" }, { "enumprivs", cmd_lsa_enum_privilege, PIPE_LSARPC, "Enumerate privileges", "" }, { "getdispname", cmd_lsa_get_dispname, PIPE_LSARPC, "Get the privilege name", "" }, { "lsaenumsid", cmd_lsa_enum_sids, PIPE_LSARPC, "Enumerate the LSA SIDS", "" }, |