static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; SEC_DESC_BUF *sdb; uint32 sec_info = 0x00000004; /* ??? */ if (argc != 1 ) { printf("Usage: %s\n", argv[0]); return NT_STATUS_OK; } result = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) goto done; result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ display_sec_desc(sdb->sec); done: return result; }
static void display_share_info_502(SRV_SHARE_INFO_502 *info502) { fstring netname = "", remark = "", path = "", passwd = ""; rpcstr_pull_unistr2_fstring(netname, &info502->info_502_str.uni_netname); rpcstr_pull_unistr2_fstring(remark, &info502->info_502_str.uni_remark); rpcstr_pull_unistr2_fstring(path, &info502->info_502_str.uni_path); rpcstr_pull_unistr2_fstring(passwd, &info502->info_502_str.uni_passwd); printf("netname: %s\n", netname); printf("\tremark:\t%s\n", remark); printf("\tpath:\t%s\n", path); printf("\tpassword:\t%s\n", passwd); if (info502->info_502_str.sd) display_sec_desc(info502->info_502_str.sd); }
static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { struct policy_handle pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; SEC_DESC_BUF *sdb; uint32 sec_info = DACL_SECURITY_INFORMATION; if (argc < 1 || argc > 2) { printf("Usage: %s [sec_info]\n", argv[0]); return NT_STATUS_OK; } result = rpccli_lsa_open_policy2(cli, mem_ctx, True, SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (argc == 2) sscanf(argv[1], "%x", &sec_info); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_lsa_QuerySecurity(cli, mem_ctx, &pol, sec_info, &sdb); if (!NT_STATUS_IS_OK(result)) goto done; /* Print results */ display_sec_desc(sdb->sd); rpccli_lsa_Close(cli, mem_ctx, &pol); done: return result; }
/********************************************************************** * Query user security object */ static NTSTATUS cmd_samr_query_sec_obj(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND connect_pol, domain_pol, user_pol, *pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 info_level = 4; fstring server; uint32 user_rid = 0; TALLOC_CTX *ctx = NULL; SEC_DESC_BUF *sec_desc_buf=NULL; BOOL domain = False; ctx=talloc_init(); if (argc > 2) { printf("Usage: %s [rid|-d]\n", argv[0]); printf("\tSpecify rid for security on user, -d for security on domain\n"); return NT_STATUS_OK; } if (argc == 2) { if (strcmp(argv[1], "-d") == 0) domain = True; else sscanf(argv[1], "%i", &user_rid); } slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost); strupper (server); result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; if (domain || user_rid) result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; if (user_rid) result = cli_samr_open_user(cli, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, user_rid, &user_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Pick which query pol to use */ pol = &connect_pol; if (domain) pol = &domain_pol; if (user_rid) pol = &user_pol; /* Query SAM security object */ result = cli_samr_query_sec_obj(cli, mem_ctx, pol, info_level, ctx, &sec_desc_buf); if (!NT_STATUS_IS_OK(result)) goto done; display_sec_desc(sec_desc_buf->sec); done: talloc_destroy(ctx); return result; }