root/source3/rpcclient/cmd_lsarpc.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. name_to_sid
  2. display_query_info_1
  3. display_query_info_2
  4. display_query_info_3
  5. display_query_info_5
  6. display_query_info_10
  7. display_query_info_11
  8. display_query_info_12
  9. display_lsa_query_info
  10. cmd_lsa_query_info_policy
  11. cmd_lsa_lookup_names
  12. cmd_lsa_lookup_names_level
  13. cmd_lsa_lookup_sids
  14. cmd_lsa_enum_trust_dom
  15. cmd_lsa_enum_privilege
  16. cmd_lsa_get_dispname
  17. cmd_lsa_enum_sids
  18. cmd_lsa_create_account
  19. cmd_lsa_enum_privsaccounts
  20. cmd_lsa_enum_acct_rights
  21. cmd_lsa_add_acct_rights
  22. cmd_lsa_remove_acct_rights
  23. cmd_lsa_lookup_priv_value
  24. cmd_lsa_query_secobj
  25. display_trust_dom_info_4
  26. display_trust_dom_info
  27. cmd_lsa_query_trustdominfobysid
  28. cmd_lsa_query_trustdominfobyname
  29. cmd_lsa_query_trustdominfo
  30. cmd_lsa_get_username
  31. cmd_lsa_add_priv
  32. cmd_lsa_del_priv

   1 /*
   2    Unix SMB/CIFS implementation.
   3    RPC pipe client
   4 
   5    Copyright (C) Tim Potter              2000
   6    Copyright (C) Rafal Szczesniak        2002
   7    Copyright (C) Guenther Deschner       2008
   8 
   9    This program is free software; you can redistribute it and/or modify
  10    it under the terms of the GNU General Public License as published by
  11    the Free Software Foundation; either version 3 of the License, or
  12    (at your option) any later version.
  13    
  14    This program is distributed in the hope that it will be useful,
  15    but WITHOUT ANY WARRANTY; without even the implied warranty of
  16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17    GNU General Public License for more details.
  18    
  19    You should have received a copy of the GNU General Public License
  20    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21 */
  22 
  23 #include "includes.h"
  24 #include "rpcclient.h"
  25 
  26 /* useful function to allow entering a name instead of a SID and
  27  * looking it up automatically */
  28 static NTSTATUS name_to_sid(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
  29                             TALLOC_CTX *mem_ctx,
  30                             DOM_SID *sid, const char *name)
  31 {
  32         struct policy_handle pol;
  33         enum lsa_SidType *sid_types;
  34         NTSTATUS result;
  35         DOM_SID *sids;
  36 
  37         /* maybe its a raw SID */
  38         if (strncmp(name, "S-", 2) == 0 &&
  39             string_to_sid(sid, name)) {
  40                 return NT_STATUS_OK;
  41         }
  42 
  43         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
  44                                      SEC_FLAG_MAXIMUM_ALLOWED,
  45                                      &pol);
  46         if (!NT_STATUS_IS_OK(result))
  47                 goto done;
  48 
  49         result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, 1, &name, NULL, 1, &sids, &sid_types);
  50         if (!NT_STATUS_IS_OK(result))
  51                 goto done;
  52 
  53         rpccli_lsa_Close(cli, mem_ctx, &pol);
  54 
  55         *sid = sids[0];
  56 
  57 done:
  58         return result;
  59 }
  60 
  61 static void display_query_info_1(struct lsa_AuditLogInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
  62 {
  63         d_printf("percent_full:\t%d\n", r->percent_full);
  64         d_printf("maximum_log_size:\t%d\n", r->maximum_log_size);
  65         d_printf("retention_time:\t%lld\n", (long long)r->retention_time);
  66         d_printf("shutdown_in_progress:\t%d\n", r->shutdown_in_progress);
  67         d_printf("time_to_shutdown:\t%lld\n", (long long)r->time_to_shutdown);
  68         d_printf("next_audit_record:\t%d\n", r->next_audit_record);
  69 }
  70 
  71 static void display_query_info_2(struct lsa_AuditEventsInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
  72 {
  73         int i;
  74         d_printf("Auditing enabled:\t%d\n", r->auditing_mode);
  75         d_printf("Auditing categories:\t%d\n", r->count);
  76         d_printf("Auditsettings:\n");
  77         for (i=0; i<r->count; i++) {
  78                 const char *val = audit_policy_str(talloc_tos(), r->settings[i]);
  79                 const char *policy = audit_description_str(i);
  80                 d_printf("%s:\t%s\n", policy, val);
  81         }
  82 }
  83 
  84 static void display_query_info_3(struct lsa_DomainInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
  85 {
  86         d_printf("Domain Name: %s\n", r->name.string);
  87         d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
  88 }
  89 
  90 static void display_query_info_5(struct lsa_DomainInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
  91 {
  92         d_printf("Domain Name: %s\n", r->name.string);
  93         d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
  94 }
  95 
  96 static void display_query_info_10(struct lsa_AuditFullSetInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
  97 {
  98         d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
  99 }
 100 
 101 static void display_query_info_11(struct lsa_AuditFullQueryInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
 102 {
 103         d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
 104         d_printf("Log is full: %d\n", r->log_is_full);
 105 }
 106 
 107 static void display_query_info_12(struct lsa_DnsDomainInfo *r)
     /* [<][>][^][v][top][bottom][index][help] */
 108 {
 109         d_printf("Domain NetBios Name: %s\n", r->name.string);
 110         d_printf("Domain DNS Name: %s\n", r->dns_domain.string);
 111         d_printf("Domain Forest Name: %s\n", r->dns_forest.string);
 112         d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
 113         d_printf("Domain GUID: %s\n", GUID_string(talloc_tos(),
 114                                                       &r->domain_guid));
 115 }
 116 
 117 static void display_lsa_query_info(union lsa_PolicyInformation *info,
     /* [<][>][^][v][top][bottom][index][help] */
 118                                    enum lsa_PolicyInfo level)
 119 {
 120         switch (level) {
 121                 case 1:
 122                         display_query_info_1(&info->audit_log);
 123                         break;
 124                 case 2:
 125                         display_query_info_2(&info->audit_events);
 126                         break;
 127                 case 3:
 128                         display_query_info_3(&info->domain);
 129                         break;
 130                 case 5:
 131                         display_query_info_5(&info->account_domain);
 132                         break;
 133                 case 10:
 134                         display_query_info_10(&info->auditfullset);
 135                         break;
 136                 case 11:
 137                         display_query_info_11(&info->auditfullquery);
 138                         break;
 139                 case 12:
 140                         display_query_info_12(&info->dns);
 141                         break;
 142                 default:
 143                         printf("can't display info level: %d\n", level);
 144                         break;
 145         }
 146 }
 147 
 148 static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 149                                           TALLOC_CTX *mem_ctx, int argc, 
 150                                           const char **argv) 
 151 {
 152         struct policy_handle pol;
 153         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 154         union lsa_PolicyInformation *info = NULL;
 155 
 156         uint32 info_class = 3;
 157 
 158         if (argc > 2) {
 159                 printf("Usage: %s [info_class]\n", argv[0]);
 160                 return NT_STATUS_OK;
 161         }
 162 
 163         if (argc == 2)
 164                 info_class = atoi(argv[1]);
 165 
 166         switch (info_class) {
 167         case 12:
 168                 result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 169                                                  SEC_FLAG_MAXIMUM_ALLOWED,
 170                                                  &pol);
 171 
 172                 if (!NT_STATUS_IS_OK(result))
 173                         goto done;
 174                         
 175                 result = rpccli_lsa_QueryInfoPolicy2(cli, mem_ctx,
 176                                                      &pol,
 177                                                      info_class,
 178                                                      &info);
 179                 break;
 180         default:
 181                 result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 182                                                 SEC_FLAG_MAXIMUM_ALLOWED,
 183                                                 &pol);
 184 
 185                 if (!NT_STATUS_IS_OK(result))
 186                         goto done;
 187                 
 188                 result = rpccli_lsa_QueryInfoPolicy(cli, mem_ctx,
 189                                                     &pol,
 190                                                     info_class,
 191                                                     &info);
 192         }
 193 
 194         if (NT_STATUS_IS_OK(result)) {
 195                 display_lsa_query_info(info, info_class);
 196         }
 197 
 198         rpccli_lsa_Close(cli, mem_ctx, &pol);
 199 
 200  done:
 201         return result;
 202 }
 203 
 204 /* Resolve a list of names to a list of sids */
 205 
 206 static NTSTATUS cmd_lsa_lookup_names(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 207                                      TALLOC_CTX *mem_ctx, int argc, 
 208                                      const char **argv)
 209 {
 210         struct policy_handle pol;
 211         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 212         DOM_SID *sids;
 213         enum lsa_SidType *types;
 214         int i;
 215 
 216         if (argc == 1) {
 217                 printf("Usage: %s [name1 [name2 [...]]]\n", argv[0]);
 218                 return NT_STATUS_OK;
 219         }
 220 
 221         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 222                                      SEC_FLAG_MAXIMUM_ALLOWED,
 223                                      &pol);
 224 
 225         if (!NT_STATUS_IS_OK(result))
 226                 goto done;
 227 
 228         result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 1, 
 229                                       (const char**)(argv + 1), NULL, 1, &sids, &types);
 230 
 231         if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != 
 232             NT_STATUS_V(STATUS_SOME_UNMAPPED))
 233                 goto done;
 234 
 235         result = NT_STATUS_OK;
 236 
 237         /* Print results */
 238 
 239         for (i = 0; i < (argc - 1); i++) {
 240                 fstring sid_str;
 241                 sid_to_fstring(sid_str, &sids[i]);
 242                 printf("%s %s (%s: %d)\n", argv[i + 1], sid_str,
 243                        sid_type_lookup(types[i]), types[i]);
 244         }
 245 
 246         rpccli_lsa_Close(cli, mem_ctx, &pol);
 247 
 248  done:
 249         return result;
 250 }
 251 
 252 /* Resolve a list of names to a list of sids */
 253 
 254 static NTSTATUS cmd_lsa_lookup_names_level(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 255                                            TALLOC_CTX *mem_ctx, int argc, 
 256                                            const char **argv)
 257 {
 258         struct policy_handle pol;
 259         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 260         DOM_SID *sids;
 261         enum lsa_SidType *types;
 262         int i, level;
 263 
 264         if (argc < 3) {
 265                 printf("Usage: %s [level] [name1 [name2 [...]]]\n", argv[0]);
 266                 return NT_STATUS_OK;
 267         }
 268 
 269         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 270                                      SEC_FLAG_MAXIMUM_ALLOWED,
 271                                      &pol);
 272 
 273         if (!NT_STATUS_IS_OK(result))
 274                 goto done;
 275 
 276         level = atoi(argv[1]);
 277 
 278         result = rpccli_lsa_lookup_names(cli, mem_ctx, &pol, argc - 2, 
 279                                       (const char**)(argv + 2), NULL, level, &sids, &types);
 280 
 281         if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != 
 282             NT_STATUS_V(STATUS_SOME_UNMAPPED))
 283                 goto done;
 284 
 285         result = NT_STATUS_OK;
 286 
 287         /* Print results */
 288 
 289         for (i = 0; i < (argc - 2); i++) {
 290                 fstring sid_str;
 291                 sid_to_fstring(sid_str, &sids[i]);
 292                 printf("%s %s (%s: %d)\n", argv[i + 2], sid_str,
 293                        sid_type_lookup(types[i]), types[i]);
 294         }
 295 
 296         rpccli_lsa_Close(cli, mem_ctx, &pol);
 297 
 298  done:
 299         return result;
 300 }
 301 
 302 
 303 /* Resolve a list of SIDs to a list of names */
 304 
 305 static NTSTATUS cmd_lsa_lookup_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 306                                     int argc, const char **argv)
 307 {
 308         struct policy_handle pol;
 309         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 310         DOM_SID *sids;
 311         char **domains;
 312         char **names;
 313         enum lsa_SidType *types;
 314         int i;
 315 
 316         if (argc == 1) {
 317                 printf("Usage: %s [sid1 [sid2 [...]]]\n", argv[0]);
 318                 return NT_STATUS_OK;
 319         }
 320 
 321         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 322                                      SEC_FLAG_MAXIMUM_ALLOWED,
 323                                      &pol);
 324 
 325         if (!NT_STATUS_IS_OK(result))
 326                 goto done;
 327 
 328         /* Convert arguments to sids */
 329 
 330         sids = TALLOC_ARRAY(mem_ctx, DOM_SID, argc - 1);
 331 
 332         if (!sids) {
 333                 printf("could not allocate memory for %d sids\n", argc - 1);
 334                 goto done;
 335         }
 336 
 337         for (i = 0; i < argc - 1; i++) 
 338                 if (!string_to_sid(&sids[i], argv[i + 1])) {
 339                         result = NT_STATUS_INVALID_SID;
 340                         goto done;
 341                 }
 342 
 343         /* Lookup the SIDs */
 344 
 345         result = rpccli_lsa_lookup_sids(cli, mem_ctx, &pol, argc - 1, sids, 
 346                                      &domains, &names, &types);
 347 
 348         if (!NT_STATUS_IS_OK(result) && NT_STATUS_V(result) != 
 349             NT_STATUS_V(STATUS_SOME_UNMAPPED))
 350                 goto done;
 351 
 352         result = NT_STATUS_OK;
 353 
 354         /* Print results */
 355 
 356         for (i = 0; i < (argc - 1); i++) {
 357                 fstring sid_str;
 358 
 359                 sid_to_fstring(sid_str, &sids[i]);
 360                 printf("%s %s\\%s (%d)\n", sid_str, 
 361                        domains[i] ? domains[i] : "*unknown*", 
 362                        names[i] ? names[i] : "*unknown*", types[i]);
 363         }
 364 
 365         rpccli_lsa_Close(cli, mem_ctx, &pol);
 366 
 367  done:
 368         return result;
 369 }
 370 
 371 /* Enumerate list of trusted domains */
 372 
 373 static NTSTATUS cmd_lsa_enum_trust_dom(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 374                                        TALLOC_CTX *mem_ctx, int argc, 
 375                                        const char **argv)
 376 {
 377         struct policy_handle pol;
 378         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 379         struct lsa_DomainList domain_list;
 380 
 381         /* defaults, but may be changed using params */
 382         uint32 enum_ctx = 0;
 383         int i;
 384         uint32_t max_size = (uint32_t)-1;
 385 
 386         if (argc > 2) {
 387                 printf("Usage: %s [enum context (0)]\n", argv[0]);
 388                 return NT_STATUS_OK;
 389         }
 390 
 391         if (argc == 2 && argv[1]) {
 392                 enum_ctx = atoi(argv[2]);
 393         }       
 394 
 395         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 396                                      LSA_POLICY_VIEW_LOCAL_INFORMATION,
 397                                      &pol);
 398 
 399         if (!NT_STATUS_IS_OK(result))
 400                 goto done;
 401 
 402         result = STATUS_MORE_ENTRIES;
 403 
 404         while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
 405 
 406                 /* Lookup list of trusted domains */
 407 
 408                 result = rpccli_lsa_EnumTrustDom(cli, mem_ctx,
 409                                                  &pol,
 410                                                  &enum_ctx,
 411                                                  &domain_list,
 412                                                  max_size);
 413                 if (!NT_STATUS_IS_OK(result) &&
 414                     !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) &&
 415                     !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
 416                         goto done;
 417 
 418                 /* Print results: list of names and sids returned in this
 419                  * response. */  
 420                 for (i = 0; i < domain_list.count; i++) {
 421                         fstring sid_str;
 422 
 423                         sid_to_fstring(sid_str, domain_list.domains[i].sid);
 424                         printf("%s %s\n",
 425                                 domain_list.domains[i].name.string ?
 426                                 domain_list.domains[i].name.string : "*unknown*",
 427                                 sid_str);
 428                 }
 429         }
 430 
 431         rpccli_lsa_Close(cli, mem_ctx, &pol);
 432  done:
 433         return result;
 434 }
 435 
 436 /* Enumerates privileges */
 437 
 438 static NTSTATUS cmd_lsa_enum_privilege(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 439                                        TALLOC_CTX *mem_ctx, int argc, 
 440                                        const char **argv) 
 441 {
 442         struct policy_handle pol;
 443         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 444         struct lsa_PrivArray priv_array;
 445 
 446         uint32 enum_context=0;
 447         uint32 pref_max_length=0x1000;
 448         int i;
 449 
 450         if (argc > 3) {
 451                 printf("Usage: %s [enum context] [max length]\n", argv[0]);
 452                 return NT_STATUS_OK;
 453         }
 454 
 455         if (argc>=2)
 456                 enum_context=atoi(argv[1]);
 457 
 458         if (argc==3)
 459                 pref_max_length=atoi(argv[2]);
 460 
 461         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 462                                      SEC_FLAG_MAXIMUM_ALLOWED,
 463                                      &pol);
 464 
 465         if (!NT_STATUS_IS_OK(result))
 466                 goto done;
 467 
 468         result = rpccli_lsa_EnumPrivs(cli, mem_ctx,
 469                                       &pol,
 470                                       &enum_context,
 471                                       &priv_array,
 472                                       pref_max_length);
 473         if (!NT_STATUS_IS_OK(result))
 474                 goto done;
 475 
 476         /* Print results */
 477         printf("found %d privileges\n\n", priv_array.count);
 478 
 479         for (i = 0; i < priv_array.count; i++) {
 480                 printf("%s \t\t%d:%d (0x%x:0x%x)\n",
 481                        priv_array.privs[i].name.string ? priv_array.privs[i].name.string : "*unknown*",
 482                        priv_array.privs[i].luid.high,
 483                        priv_array.privs[i].luid.low,
 484                        priv_array.privs[i].luid.high,
 485                        priv_array.privs[i].luid.low);
 486         }
 487 
 488         rpccli_lsa_Close(cli, mem_ctx, &pol);
 489  done:
 490         return result;
 491 }
 492 
 493 /* Get privilege name */
 494 
 495 static NTSTATUS cmd_lsa_get_dispname(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 496                                      TALLOC_CTX *mem_ctx, int argc, 
 497                                      const char **argv) 
 498 {
 499         struct policy_handle pol;
 500         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 501 
 502         uint16 lang_id=0;
 503         uint16 lang_id_sys=0;
 504         uint16 lang_id_desc;
 505         struct lsa_String lsa_name;
 506         struct lsa_StringLarge *description = NULL;
 507 
 508         if (argc != 2) {
 509                 printf("Usage: %s privilege name\n", argv[0]);
 510                 return NT_STATUS_OK;
 511         }
 512 
 513         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 514                                      SEC_FLAG_MAXIMUM_ALLOWED,
 515                                      &pol);
 516 
 517         if (!NT_STATUS_IS_OK(result))
 518                 goto done;
 519 
 520         init_lsa_String(&lsa_name, argv[1]);
 521 
 522         result = rpccli_lsa_LookupPrivDisplayName(cli, mem_ctx,
 523                                                   &pol,
 524                                                   &lsa_name,
 525                                                   lang_id,
 526                                                   lang_id_sys,
 527                                                   &description,
 528                                                   &lang_id_desc);
 529 
 530         if (!NT_STATUS_IS_OK(result))
 531                 goto done;
 532 
 533         /* Print results */
 534         printf("%s -> %s (language: 0x%x)\n", argv[1], description->string, lang_id_desc);
 535 
 536         rpccli_lsa_Close(cli, mem_ctx, &pol);
 537  done:
 538         return result;
 539 }
 540 
 541 /* Enumerate the LSA SIDS */
 542 
 543 static NTSTATUS cmd_lsa_enum_sids(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 544                                   TALLOC_CTX *mem_ctx, int argc, 
 545                                   const char **argv) 
 546 {
 547         struct policy_handle pol;
 548         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 549 
 550         uint32 enum_context=0;
 551         uint32 pref_max_length=0x1000;
 552         struct lsa_SidArray sid_array;
 553         int i;
 554 
 555         if (argc > 3) {
 556                 printf("Usage: %s [enum context] [max length]\n", argv[0]);
 557                 return NT_STATUS_OK;
 558         }
 559 
 560         if (argc>=2)
 561                 enum_context=atoi(argv[1]);
 562 
 563         if (argc==3)
 564                 pref_max_length=atoi(argv[2]);
 565 
 566         result = rpccli_lsa_open_policy(cli, mem_ctx, True, 
 567                                      SEC_FLAG_MAXIMUM_ALLOWED,
 568                                      &pol);
 569 
 570         if (!NT_STATUS_IS_OK(result))
 571                 goto done;
 572 
 573         result = rpccli_lsa_EnumAccounts(cli, mem_ctx,
 574                                          &pol,
 575                                          &enum_context,
 576                                          &sid_array,
 577                                          pref_max_length);
 578 
 579         if (!NT_STATUS_IS_OK(result))
 580                 goto done;
 581 
 582         /* Print results */
 583         printf("found %d SIDs\n\n", sid_array.num_sids);
 584 
 585         for (i = 0; i < sid_array.num_sids; i++) {
 586                 fstring sid_str;
 587 
 588                 sid_to_fstring(sid_str, sid_array.sids[i].sid);
 589                 printf("%s\n", sid_str);
 590         }
 591 
 592         rpccli_lsa_Close(cli, mem_ctx, &pol);
 593  done:
 594         return result;
 595 }
 596 
 597 /* Create a new account */
 598 
 599 static NTSTATUS cmd_lsa_create_account(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 600                                            TALLOC_CTX *mem_ctx, int argc, 
 601                                            const char **argv) 
 602 {
 603         struct policy_handle dom_pol;
 604         struct policy_handle user_pol;
 605         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 606         uint32 des_access = 0x000f000f;
 607         
 608         DOM_SID sid;
 609 
 610         if (argc != 2 ) {
 611                 printf("Usage: %s SID\n", argv[0]);
 612                 return NT_STATUS_OK;
 613         }
 614 
 615         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
 616         if (!NT_STATUS_IS_OK(result))
 617                 goto done;      
 618 
 619         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 620                                      SEC_FLAG_MAXIMUM_ALLOWED,
 621                                      &dom_pol);
 622 
 623         if (!NT_STATUS_IS_OK(result))
 624                 goto done;
 625 
 626         result = rpccli_lsa_CreateAccount(cli, mem_ctx,
 627                                           &dom_pol,
 628                                           &sid,
 629                                           des_access,
 630                                           &user_pol);
 631 
 632         if (!NT_STATUS_IS_OK(result))
 633                 goto done;
 634 
 635         printf("Account for SID %s successfully created\n\n", argv[1]);
 636         result = NT_STATUS_OK;
 637 
 638         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
 639  done:
 640         return result;
 641 }
 642 
 643 
 644 /* Enumerate the privileges of an SID */
 645 
 646 static NTSTATUS cmd_lsa_enum_privsaccounts(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 647                                            TALLOC_CTX *mem_ctx, int argc, 
 648                                            const char **argv) 
 649 {
 650         struct policy_handle dom_pol;
 651         struct policy_handle user_pol;
 652         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 653         uint32 access_desired = 0x000f000f;
 654         DOM_SID sid;
 655         struct lsa_PrivilegeSet *privs = NULL;
 656         int i;
 657 
 658         if (argc != 2 ) {
 659                 printf("Usage: %s SID\n", argv[0]);
 660                 return NT_STATUS_OK;
 661         }
 662 
 663         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
 664         if (!NT_STATUS_IS_OK(result))
 665                 goto done;      
 666 
 667         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 668                                      SEC_FLAG_MAXIMUM_ALLOWED,
 669                                      &dom_pol);
 670 
 671         if (!NT_STATUS_IS_OK(result))
 672                 goto done;
 673 
 674         result = rpccli_lsa_OpenAccount(cli, mem_ctx,
 675                                         &dom_pol,
 676                                         &sid,
 677                                         access_desired,
 678                                         &user_pol);
 679 
 680         if (!NT_STATUS_IS_OK(result))
 681                 goto done;
 682 
 683         result = rpccli_lsa_EnumPrivsAccount(cli, mem_ctx,
 684                                              &user_pol,
 685                                              &privs);
 686 
 687         if (!NT_STATUS_IS_OK(result))
 688                 goto done;
 689 
 690         /* Print results */
 691         printf("found %d privileges for SID %s\n\n", privs->count, argv[1]);
 692         printf("high\tlow\tattribute\n");
 693 
 694         for (i = 0; i < privs->count; i++) {
 695                 printf("%u\t%u\t%u\n",
 696                         privs->set[i].luid.high,
 697                         privs->set[i].luid.low,
 698                         privs->set[i].attribute);
 699         }
 700 
 701         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
 702  done:
 703         return result;
 704 }
 705 
 706 
 707 /* Enumerate the privileges of an SID via LsaEnumerateAccountRights */
 708 
 709 static NTSTATUS cmd_lsa_enum_acct_rights(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 710                                          TALLOC_CTX *mem_ctx, int argc, 
 711                                          const char **argv) 
 712 {
 713         struct policy_handle dom_pol;
 714         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 715         DOM_SID sid;
 716         struct lsa_RightSet rights;
 717 
 718         int i;
 719 
 720         if (argc != 2 ) {
 721                 printf("Usage: %s SID\n", argv[0]);
 722                 return NT_STATUS_OK;
 723         }
 724 
 725         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
 726         if (!NT_STATUS_IS_OK(result))
 727                 goto done;      
 728 
 729         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 730                                      SEC_FLAG_MAXIMUM_ALLOWED,
 731                                      &dom_pol);
 732 
 733         if (!NT_STATUS_IS_OK(result))
 734                 goto done;
 735 
 736         result = rpccli_lsa_EnumAccountRights(cli, mem_ctx,
 737                                               &dom_pol,
 738                                               &sid,
 739                                               &rights);
 740 
 741         if (!NT_STATUS_IS_OK(result))
 742                 goto done;
 743 
 744         printf("found %d privileges for SID %s\n", rights.count,
 745                sid_string_tos(&sid));
 746 
 747         for (i = 0; i < rights.count; i++) {
 748                 printf("\t%s\n", rights.names[i].string);
 749         }
 750 
 751         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
 752  done:
 753         return result;
 754 }
 755 
 756 
 757 /* add some privileges to a SID via LsaAddAccountRights */
 758 
 759 static NTSTATUS cmd_lsa_add_acct_rights(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 760                                         TALLOC_CTX *mem_ctx, int argc, 
 761                                         const char **argv) 
 762 {
 763         struct policy_handle dom_pol;
 764         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 765         struct lsa_RightSet rights;
 766         DOM_SID sid;
 767         int i;
 768 
 769         if (argc < 3 ) {
 770                 printf("Usage: %s SID [rights...]\n", argv[0]);
 771                 return NT_STATUS_OK;
 772         }
 773 
 774         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
 775         if (!NT_STATUS_IS_OK(result))
 776                 goto done;      
 777 
 778         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 779                                      SEC_FLAG_MAXIMUM_ALLOWED,
 780                                      &dom_pol);
 781 
 782         if (!NT_STATUS_IS_OK(result))
 783                 goto done;
 784 
 785         rights.count = argc-2;
 786         rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
 787                                     rights.count);
 788         if (!rights.names) {
 789                 return NT_STATUS_NO_MEMORY;
 790         }
 791 
 792         for (i=0; i<argc-2; i++) {
 793                 init_lsa_StringLarge(&rights.names[i], argv[i+2]);
 794         }
 795 
 796         result = rpccli_lsa_AddAccountRights(cli, mem_ctx,
 797                                              &dom_pol,
 798                                              &sid,
 799                                              &rights);
 800 
 801         if (!NT_STATUS_IS_OK(result))
 802                 goto done;
 803 
 804         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
 805  done:
 806         return result;
 807 }
 808 
 809 
 810 /* remove some privileges to a SID via LsaRemoveAccountRights */
 811 
 812 static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 813                                         TALLOC_CTX *mem_ctx, int argc, 
 814                                         const char **argv) 
 815 {
 816         struct policy_handle dom_pol;
 817         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 818         struct lsa_RightSet rights;
 819         DOM_SID sid;
 820         int i;
 821 
 822         if (argc < 3 ) {
 823                 printf("Usage: %s SID [rights...]\n", argv[0]);
 824                 return NT_STATUS_OK;
 825         }
 826 
 827         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
 828         if (!NT_STATUS_IS_OK(result))
 829                 goto done;      
 830 
 831         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 832                                      SEC_FLAG_MAXIMUM_ALLOWED,
 833                                      &dom_pol);
 834 
 835         if (!NT_STATUS_IS_OK(result))
 836                 goto done;
 837 
 838         rights.count = argc-2;
 839         rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
 840                                     rights.count);
 841         if (!rights.names) {
 842                 return NT_STATUS_NO_MEMORY;
 843         }
 844 
 845         for (i=0; i<argc-2; i++) {
 846                 init_lsa_StringLarge(&rights.names[i], argv[i+2]);
 847         }
 848 
 849         result = rpccli_lsa_RemoveAccountRights(cli, mem_ctx,
 850                                                 &dom_pol,
 851                                                 &sid,
 852                                                 false,
 853                                                 &rights);
 854 
 855         if (!NT_STATUS_IS_OK(result))
 856                 goto done;
 857 
 858         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
 859 
 860  done:
 861         return result;
 862 }
 863 
 864 
 865 /* Get a privilege value given its name */
 866 
 867 static NTSTATUS cmd_lsa_lookup_priv_value(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 868                                         TALLOC_CTX *mem_ctx, int argc, 
 869                                         const char **argv) 
 870 {
 871         struct policy_handle pol;
 872         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 873         struct lsa_LUID luid;
 874         struct lsa_String name;
 875 
 876         if (argc != 2 ) {
 877                 printf("Usage: %s name\n", argv[0]);
 878                 return NT_STATUS_OK;
 879         }
 880 
 881         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 882                                      SEC_FLAG_MAXIMUM_ALLOWED,
 883                                      &pol);
 884 
 885         if (!NT_STATUS_IS_OK(result))
 886                 goto done;
 887 
 888         init_lsa_String(&name, argv[1]);
 889 
 890         result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
 891                                             &pol,
 892                                             &name,
 893                                             &luid);
 894 
 895         if (!NT_STATUS_IS_OK(result))
 896                 goto done;
 897 
 898         /* Print results */
 899 
 900         printf("%u:%u (0x%x:0x%x)\n", luid.high, luid.low, luid.high, luid.low);
 901 
 902         rpccli_lsa_Close(cli, mem_ctx, &pol);
 903  done:
 904         return result;
 905 }
 906 
 907 /* Query LSA security object */
 908 
 909 static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, 
     /* [<][>][^][v][top][bottom][index][help] */
 910                                      TALLOC_CTX *mem_ctx, int argc, 
 911                                      const char **argv) 
 912 {
 913         struct policy_handle pol;
 914         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
 915         SEC_DESC_BUF *sdb;
 916         uint32 sec_info = DACL_SECURITY_INFORMATION;
 917 
 918         if (argc < 1 || argc > 2) {
 919                 printf("Usage: %s [sec_info]\n", argv[0]);
 920                 return NT_STATUS_OK;
 921         }
 922 
 923         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, 
 924                                       SEC_FLAG_MAXIMUM_ALLOWED,
 925                                       &pol);
 926 
 927         if (argc == 2) 
 928                 sscanf(argv[1], "%x", &sec_info);
 929 
 930         if (!NT_STATUS_IS_OK(result))
 931                 goto done;
 932 
 933         result = rpccli_lsa_QuerySecurity(cli, mem_ctx,
 934                                           &pol,
 935                                           sec_info,
 936                                           &sdb);
 937         if (!NT_STATUS_IS_OK(result))
 938                 goto done;
 939 
 940         /* Print results */
 941 
 942         display_sec_desc(sdb->sd);
 943 
 944         rpccli_lsa_Close(cli, mem_ctx, &pol);
 945  done:
 946         return result;
 947 }
 948 
 949 static void display_trust_dom_info_4(struct lsa_TrustDomainInfoPassword *p,
     /* [<][>][^][v][top][bottom][index][help] */
 950                                      uint8_t nt_hash[16])
 951 {
 952         char *pwd, *pwd_old;
 953         
 954         DATA_BLOB data     = data_blob(NULL, p->password->length);
 955         DATA_BLOB data_old = data_blob(NULL, p->old_password->length);
 956 
 957         memcpy(data.data, p->password->data, p->password->length);
 958         memcpy(data_old.data, p->old_password->data, p->old_password->length);
 959         
 960         pwd     = decrypt_trustdom_secret(nt_hash, &data);
 961         pwd_old = decrypt_trustdom_secret(nt_hash, &data_old);
 962         
 963         d_printf("Password:\t%s\n", pwd);
 964         d_printf("Old Password:\t%s\n", pwd_old);
 965 
 966         SAFE_FREE(pwd);
 967         SAFE_FREE(pwd_old);
 968         
 969         data_blob_free(&data);
 970         data_blob_free(&data_old);
 971 }
 972 
 973 static void display_trust_dom_info(TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 974                                    union lsa_TrustedDomainInfo *info,
 975                                    enum lsa_TrustDomInfoEnum info_class,
 976                                    uint8_t nt_hash[16])
 977 {
 978         switch (info_class) {
 979                 case LSA_TRUSTED_DOMAIN_INFO_PASSWORD:
 980                         display_trust_dom_info_4(&info->password, nt_hash);
 981                         break;
 982                 default: {
 983                         const char *str = NULL;
 984                         str = NDR_PRINT_UNION_STRING(mem_ctx,
 985                                                      lsa_TrustedDomainInfo,
 986                                                      info_class, info);
 987                         if (str) {
 988                                 d_printf("%s\n", str);
 989                         }
 990                         break;
 991                 }
 992         }
 993 }
 994 
 995 static NTSTATUS cmd_lsa_query_trustdominfobysid(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
 996                                                 TALLOC_CTX *mem_ctx, int argc, 
 997                                                 const char **argv) 
 998 {
 999         struct policy_handle pol;
1000         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1001         DOM_SID dom_sid;
1002         uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1003         union lsa_TrustedDomainInfo *info = NULL;
1004         enum lsa_TrustDomInfoEnum info_class = 1;
1005         uint8_t nt_hash[16];
1006 
1007         if (argc > 3 || argc < 2) {
1008                 printf("Usage: %s [sid] [info_class]\n", argv[0]);
1009                 return NT_STATUS_OK;
1010         }
1011 
1012         if (!string_to_sid(&dom_sid, argv[1]))
1013                 return NT_STATUS_NO_MEMORY;
1014 
1015         if (argc == 3)
1016                 info_class = atoi(argv[2]);
1017 
1018         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1019 
1020         if (!NT_STATUS_IS_OK(result))
1021                 goto done;
1022 
1023         result = rpccli_lsa_QueryTrustedDomainInfoBySid(cli, mem_ctx,
1024                                                         &pol,
1025                                                         &dom_sid,
1026                                                         info_class,
1027                                                         &info);
1028         if (!NT_STATUS_IS_OK(result))
1029                 goto done;
1030 
1031         if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1032                 d_fprintf(stderr, "Could not get pwd hash\n");
1033                 goto done;
1034         }
1035 
1036         display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1037 
1038  done:
1039         rpccli_lsa_Close(cli, mem_ctx, &pol);
1040 
1041         return result;
1042 }
1043 
1044 static NTSTATUS cmd_lsa_query_trustdominfobyname(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
1045                                                  TALLOC_CTX *mem_ctx, int argc,
1046                                                  const char **argv) 
1047 {
1048         struct policy_handle pol;
1049         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1050         uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1051         union lsa_TrustedDomainInfo *info = NULL;
1052         enum lsa_TrustDomInfoEnum info_class = 1;
1053         struct lsa_String trusted_domain;
1054         uint8_t nt_hash[16];
1055 
1056         if (argc > 3 || argc < 2) {
1057                 printf("Usage: %s [name] [info_class]\n", argv[0]);
1058                 return NT_STATUS_OK;
1059         }
1060 
1061         if (argc == 3)
1062                 info_class = atoi(argv[2]);
1063 
1064         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1065 
1066         if (!NT_STATUS_IS_OK(result))
1067                 goto done;
1068 
1069         init_lsa_String(&trusted_domain, argv[1]);
1070 
1071         result = rpccli_lsa_QueryTrustedDomainInfoByName(cli, mem_ctx,
1072                                                          &pol,
1073                                                          &trusted_domain,
1074                                                          info_class,
1075                                                          &info);
1076         if (!NT_STATUS_IS_OK(result))
1077                 goto done;
1078 
1079         if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1080                 d_fprintf(stderr, "Could not get pwd hash\n");
1081                 goto done;
1082         }
1083 
1084         display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1085 
1086  done:
1087         rpccli_lsa_Close(cli, mem_ctx, &pol);
1088 
1089         return result;
1090 }
1091 
1092 static NTSTATUS cmd_lsa_query_trustdominfo(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
1093                                            TALLOC_CTX *mem_ctx, int argc,
1094                                            const char **argv) 
1095 {
1096         struct policy_handle pol, trustdom_pol;
1097         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1098         uint32 access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
1099         union lsa_TrustedDomainInfo *info = NULL;
1100         DOM_SID dom_sid;
1101         enum lsa_TrustDomInfoEnum info_class = 1;
1102         uint8_t nt_hash[16];
1103 
1104         if (argc > 3 || argc < 2) {
1105                 printf("Usage: %s [sid] [info_class]\n", argv[0]);
1106                 return NT_STATUS_OK;
1107         }
1108 
1109         if (!string_to_sid(&dom_sid, argv[1]))
1110                 return NT_STATUS_NO_MEMORY;
1111 
1112 
1113         if (argc == 3)
1114                 info_class = atoi(argv[2]);
1115 
1116         result = rpccli_lsa_open_policy2(cli, mem_ctx, True, access_mask, &pol);
1117 
1118         if (!NT_STATUS_IS_OK(result))
1119                 goto done;
1120 
1121         result = rpccli_lsa_OpenTrustedDomain(cli, mem_ctx,
1122                                               &pol,
1123                                               &dom_sid,
1124                                               access_mask,
1125                                               &trustdom_pol);
1126 
1127         if (!NT_STATUS_IS_OK(result))
1128                 goto done;
1129 
1130         result = rpccli_lsa_QueryTrustedDomainInfo(cli, mem_ctx,
1131                                                    &trustdom_pol,
1132                                                    info_class,
1133                                                    &info);
1134 
1135         if (!NT_STATUS_IS_OK(result))
1136                 goto done;
1137 
1138         if (!rpccli_get_pwd_hash(cli, nt_hash)) {
1139                 d_fprintf(stderr, "Could not get pwd hash\n");
1140                 goto done;
1141         }
1142 
1143         display_trust_dom_info(mem_ctx, info, info_class, nt_hash);
1144 
1145  done:
1146         rpccli_lsa_Close(cli, mem_ctx, &pol);
1147 
1148         return result;
1149 }
1150 
1151 static NTSTATUS cmd_lsa_get_username(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
1152                                      TALLOC_CTX *mem_ctx, int argc,
1153                                      const char **argv)
1154 {
1155         struct policy_handle pol;
1156         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1157         const char *servername = cli->desthost;
1158         struct lsa_String *account_name = NULL;
1159         struct lsa_String *authority_name = NULL;
1160 
1161         if (argc > 2) {
1162                 printf("Usage: %s servername\n", argv[0]);
1163                 return NT_STATUS_OK;
1164         }
1165 
1166         result = rpccli_lsa_open_policy(cli, mem_ctx, true,
1167                                         SEC_FLAG_MAXIMUM_ALLOWED,
1168                                         &pol);
1169 
1170         if (!NT_STATUS_IS_OK(result)) {
1171                 goto done;
1172         }
1173 
1174         result = rpccli_lsa_GetUserName(cli, mem_ctx,
1175                                         servername,
1176                                         &account_name,
1177                                         &authority_name);
1178         if (!NT_STATUS_IS_OK(result)) {
1179                 goto done;
1180         }
1181 
1182         /* Print results */
1183 
1184         printf("Account Name: %s, Authority Name: %s\n",
1185                 account_name->string, authority_name ? authority_name->string :
1186                 "");
1187 
1188         rpccli_lsa_Close(cli, mem_ctx, &pol);
1189  done:
1190         return result;
1191 }
1192 
1193 static NTSTATUS cmd_lsa_add_priv(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
1194                                  TALLOC_CTX *mem_ctx, int argc,
1195                                  const char **argv)
1196 {
1197         struct policy_handle dom_pol, user_pol;
1198         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1199         struct lsa_PrivilegeSet privs;
1200         struct lsa_LUIDAttribute *set = NULL;
1201         DOM_SID sid;
1202         int i;
1203 
1204         ZERO_STRUCT(privs);
1205 
1206         if (argc < 3 ) {
1207                 printf("Usage: %s SID [rights...]\n", argv[0]);
1208                 return NT_STATUS_OK;
1209         }
1210 
1211         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1212         if (!NT_STATUS_IS_OK(result)) {
1213                 goto done;
1214         }
1215 
1216         result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1217                                          SEC_FLAG_MAXIMUM_ALLOWED,
1218                                          &dom_pol);
1219 
1220         if (!NT_STATUS_IS_OK(result)) {
1221                 goto done;
1222         }
1223 
1224         result = rpccli_lsa_OpenAccount(cli, mem_ctx,
1225                                         &dom_pol,
1226                                         &sid,
1227                                         SEC_FLAG_MAXIMUM_ALLOWED,
1228                                         &user_pol);
1229 
1230         if (!NT_STATUS_IS_OK(result)) {
1231                 goto done;
1232         }
1233 
1234         for (i=2; i<argc; i++) {
1235 
1236                 struct lsa_String priv_name;
1237                 struct lsa_LUID luid;
1238 
1239                 init_lsa_String(&priv_name, argv[i]);
1240 
1241                 result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
1242                                                     &dom_pol,
1243                                                     &priv_name,
1244                                                     &luid);
1245                 if (!NT_STATUS_IS_OK(result)) {
1246                         continue;
1247                 }
1248 
1249                 privs.count++;
1250                 set = TALLOC_REALLOC_ARRAY(mem_ctx, set,
1251                                            struct lsa_LUIDAttribute,
1252                                            privs.count);
1253                 if (!set) {
1254                         return NT_STATUS_NO_MEMORY;
1255                 }
1256 
1257                 set[privs.count-1].luid = luid;
1258                 set[privs.count-1].attribute = 0;
1259         }
1260 
1261         privs.set = set;
1262 
1263         result = rpccli_lsa_AddPrivilegesToAccount(cli, mem_ctx,
1264                                                    &user_pol,
1265                                                    &privs);
1266 
1267         if (!NT_STATUS_IS_OK(result)) {
1268                 goto done;
1269         }
1270 
1271         rpccli_lsa_Close(cli, mem_ctx, &user_pol);
1272         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
1273  done:
1274         return result;
1275 }
1276 
1277 static NTSTATUS cmd_lsa_del_priv(struct rpc_pipe_client *cli,
     /* [<][>][^][v][top][bottom][index][help] */
1278                                  TALLOC_CTX *mem_ctx, int argc,
1279                                  const char **argv)
1280 {
1281         struct policy_handle dom_pol, user_pol;
1282         NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1283         struct lsa_PrivilegeSet privs;
1284         struct lsa_LUIDAttribute *set = NULL;
1285         DOM_SID sid;
1286         int i;
1287 
1288         ZERO_STRUCT(privs);
1289 
1290         if (argc < 3 ) {
1291                 printf("Usage: %s SID [rights...]\n", argv[0]);
1292                 return NT_STATUS_OK;
1293         }
1294 
1295         result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
1296         if (!NT_STATUS_IS_OK(result)) {
1297                 goto done;
1298         }
1299 
1300         result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
1301                                          SEC_FLAG_MAXIMUM_ALLOWED,
1302                                          &dom_pol);
1303 
1304         if (!NT_STATUS_IS_OK(result)) {
1305                 goto done;
1306         }
1307 
1308         result = rpccli_lsa_OpenAccount(cli, mem_ctx,
1309                                         &dom_pol,
1310                                         &sid,
1311                                         SEC_FLAG_MAXIMUM_ALLOWED,
1312                                         &user_pol);
1313 
1314         if (!NT_STATUS_IS_OK(result)) {
1315                 goto done;
1316         }
1317 
1318         for (i=2; i<argc; i++) {
1319 
1320                 struct lsa_String priv_name;
1321                 struct lsa_LUID luid;
1322 
1323                 init_lsa_String(&priv_name, argv[i]);
1324 
1325                 result = rpccli_lsa_LookupPrivValue(cli, mem_ctx,
1326                                                     &dom_pol,
1327                                                     &priv_name,
1328                                                     &luid);
1329                 if (!NT_STATUS_IS_OK(result)) {
1330                         continue;
1331                 }
1332 
1333                 privs.count++;
1334                 set = TALLOC_REALLOC_ARRAY(mem_ctx, set,
1335                                            struct lsa_LUIDAttribute,
1336                                            privs.count);
1337                 if (!set) {
1338                         return NT_STATUS_NO_MEMORY;
1339                 }
1340 
1341                 set[privs.count-1].luid = luid;
1342                 set[privs.count-1].attribute = 0;
1343         }
1344 
1345         privs.set = set;
1346 
1347 
1348         result = rpccli_lsa_RemovePrivilegesFromAccount(cli, mem_ctx,
1349                                                         &user_pol,
1350                                                         false,
1351                                                         &privs);
1352 
1353         if (!NT_STATUS_IS_OK(result)) {
1354                 goto done;
1355         }
1356 
1357         rpccli_lsa_Close(cli, mem_ctx, &user_pol);
1358         rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
1359  done:
1360         return result;
1361 }
1362 
1363 
1364 /* List of commands exported by this module */
1365 
1366 struct cmd_set lsarpc_commands[] = {
1367 
1368         { "LSARPC" },
1369 
1370         { "lsaquery",            RPC_RTYPE_NTSTATUS, cmd_lsa_query_info_policy,  NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query info policy",                    "" },
1371         { "lookupsids",          RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_sids,        NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert SIDs to names",                "" },
1372         { "lookupnames",         RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names,       NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs",                "" },
1373         { "lookupnames_level",   RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_names_level, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Convert names to SIDs",                "" },
1374         { "enumtrust",           RPC_RTYPE_NTSTATUS, cmd_lsa_enum_trust_dom,     NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate trusted domains",            "Usage: [preferred max number] [enum context (0)]" },
1375         { "enumprivs",           RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privilege,     NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate privileges",                 "" },
1376         { "getdispname",         RPC_RTYPE_NTSTATUS, cmd_lsa_get_dispname,       NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get the privilege name",               "" },
1377         { "lsaenumsid",          RPC_RTYPE_NTSTATUS, cmd_lsa_enum_sids,          NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the LSA SIDS",               "" },
1378         { "lsacreateaccount",    RPC_RTYPE_NTSTATUS, cmd_lsa_create_account,     NULL, &ndr_table_lsarpc.syntax_id, NULL, "Create a new lsa account",   "" },
1379         { "lsaenumprivsaccount", RPC_RTYPE_NTSTATUS, cmd_lsa_enum_privsaccounts, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the privileges of an SID",   "" },
1380         { "lsaenumacctrights",   RPC_RTYPE_NTSTATUS, cmd_lsa_enum_acct_rights,   NULL, &ndr_table_lsarpc.syntax_id, NULL, "Enumerate the rights of an SID",   "" },
1381         { "lsaaddpriv",          RPC_RTYPE_NTSTATUS, cmd_lsa_add_priv,           NULL, &ndr_table_lsarpc.syntax_id, NULL, "Assign a privilege to a SID", "" },
1382         { "lsadelpriv",          RPC_RTYPE_NTSTATUS, cmd_lsa_del_priv,           NULL, &ndr_table_lsarpc.syntax_id, NULL, "Revoke a privilege from a SID", "" },
1383         { "lsaaddacctrights",    RPC_RTYPE_NTSTATUS, cmd_lsa_add_acct_rights,    NULL, &ndr_table_lsarpc.syntax_id, NULL, "Add rights to an account",   "" },
1384         { "lsaremoveacctrights", RPC_RTYPE_NTSTATUS, cmd_lsa_remove_acct_rights, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Remove rights from an account",   "" },
1385         { "lsalookupprivvalue",  RPC_RTYPE_NTSTATUS, cmd_lsa_lookup_priv_value,  NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get a privilege value given its name", "" },
1386         { "lsaquerysecobj",      RPC_RTYPE_NTSTATUS, cmd_lsa_query_secobj,       NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA security object", "" },
1387         { "lsaquerytrustdominfo",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfo, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
1388         { "lsaquerytrustdominfobyname",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobyname, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a name), only works for Windows > 2k", "" },
1389         { "lsaquerytrustdominfobysid",RPC_RTYPE_NTSTATUS, cmd_lsa_query_trustdominfobysid, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Query LSA trusted domains info (given a SID)", "" },
1390         { "getusername",          RPC_RTYPE_NTSTATUS, cmd_lsa_get_username, NULL, &ndr_table_lsarpc.syntax_id, NULL, "Get username", "" },
1391 
1392         { NULL }
1393 };
1394 

/* [<][>][^][v][top][bottom][index][help] */