static NTSTATUS cmd_samr_enum_dom_groups(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
int argc, char **argv)
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 start_idx, size, num_dom_groups, i;
struct acct_info *dom_groups;
if (argc != 1) {
printf("Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
/* Get sam policy handle */
result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get domain policy handle */
result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Enumerate domain groups */
start_idx = 0;
size = 0xffff;
result = cli_samr_enum_dom_groups(cli, mem_ctx, &domain_pol,
&start_idx, size,
&dom_groups, &num_dom_groups);
for (i = 0; i < num_dom_groups; i++)
printf("group:[%s] rid:[0x%x]\n", dom_groups[i].acct_name,
dom_groups[i].rid);
done:
return result;
}
static PyObject *samr_enum_dom_groups(PyObject *self, PyObject *args,
PyObject *kw)
{
samr_domain_hnd_object *domain_hnd = (samr_domain_hnd_object *)self;
static char *kwlist[] = { NULL };
TALLOC_CTX *mem_ctx;
/* uint32 desired_access = MAXIMUM_ALLOWED_ACCESS; */
uint32 start_idx, size, num_dom_groups;
struct acct_info *dom_groups;
NTSTATUS result;
PyObject *py_result = NULL;
if (!PyArg_ParseTupleAndKeywords(args, kw, "", kwlist))
return NULL;
if (!(mem_ctx = talloc_init("samr_enum_dom_groups"))) {
PyErr_SetString(samr_error, "unable to init talloc context");
return NULL;
}
start_idx = 0;
size = 0xffff;
do {
result = cli_samr_enum_dom_groups(
domain_hnd->cli, mem_ctx, &domain_hnd->domain_pol,
&start_idx, size, &dom_groups, &num_dom_groups);
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
py_from_acct_info(&py_result, dom_groups,
num_dom_groups);
}
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
return py_result;
}
/* list all domain groups */
static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
uint32 *num_entries,
struct acct_info **info)
{
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
CLI_POLICY_HND *hnd;
POLICY_HND dom_pol;
NTSTATUS status;
uint32 start = 0;
int retry;
NTSTATUS result;
*num_entries = 0;
*info = NULL;
DEBUG(3,("rpc: enum_dom_groups\n"));
retry = 0;
do {
if (!NT_STATUS_IS_OK(result = cm_get_sam_handle(domain, &hnd)))
return result;
status = cli_samr_open_domain(hnd->cli, mem_ctx,
&hnd->pol, des_access, &domain->sid, &dom_pol);
} while (!NT_STATUS_IS_OK(status) && (retry++ < 1) && hnd && hnd->cli && hnd->cli->fd == -1);
if (!NT_STATUS_IS_OK(status))
return status;
do {
struct acct_info *info2 = NULL;
uint32 count = 0;
TALLOC_CTX *mem_ctx2;
mem_ctx2 = talloc_init("enum_dom_groups[rpc]");
/* start is updated by this call. */
status = cli_samr_enum_dom_groups(hnd->cli, mem_ctx2, &dom_pol,
&start,
0xFFFF, /* buffer size? */
&info2, &count);
if (!NT_STATUS_IS_OK(status) &&
!NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES)) {
talloc_destroy(mem_ctx2);
break;
}
(*info) = talloc_realloc(mem_ctx, *info,
sizeof(**info) * ((*num_entries) + count));
if (! *info) {
talloc_destroy(mem_ctx2);
cli_samr_close(hnd->cli, mem_ctx, &dom_pol);
return NT_STATUS_NO_MEMORY;
}
memcpy(&(*info)[*num_entries], info2, count*sizeof(*info2));
(*num_entries) += count;
talloc_destroy(mem_ctx2);
} while (NT_STATUS_EQUAL(status, STATUS_MORE_ENTRIES));
cli_samr_close(hnd->cli, mem_ctx, &dom_pol);
return status;
}
static NTSTATUS cmd_samr_enum_dom_groups(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 start_idx, size, num_dom_groups, i;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
struct acct_info *dom_groups;
BOOL got_connect_pol = False, got_domain_pol = False;
if ((argc < 1) || (argc > 2)) {
printf("Usage: %s [access_mask]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc > 1)
sscanf(argv[1], "%x", &access_mask);
/* Get sam policy handle */
result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
got_connect_pol = True;
/* Get domain policy handle */
result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
access_mask,
&domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
got_domain_pol = True;
/* Enumerate domain groups */
start_idx = 0;
size = 0xffff;
do {
result = cli_samr_enum_dom_groups(
cli, mem_ctx, &domain_pol, &start_idx, size,
&dom_groups, &num_dom_groups);
if (NT_STATUS_IS_OK(result) ||
NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES)) {
for (i = 0; i < num_dom_groups; i++)
printf("group:[%s] rid:[0x%x]\n",
dom_groups[i].acct_name,
dom_groups[i].rid);
}
} while (NT_STATUS_V(result) == NT_STATUS_V(STATUS_MORE_ENTRIES));
done:
if (got_domain_pol)
cli_samr_close(cli, mem_ctx, &domain_pol);
if (got_connect_pol)
cli_samr_close(cli, mem_ctx, &connect_pol);
return result;
}
