static NTSTATUS cmd_lsa_query_secobj(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
char **argv)
{
POLICY_HND pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
SEC_DESC_BUF *sdb;
uint32 sec_info = 0x00000004; /* ??? */
if (argc != 1 ) {
printf("Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
result = cli_lsa_open_policy2(cli, mem_ctx, True,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result))
goto done;
result = cli_lsa_query_secobj(cli, mem_ctx, &pol, sec_info, &sdb);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Print results */
display_sec_desc(sdb->sec);
done:
return result;
}
static void display_share_info_502(SRV_SHARE_INFO_502 *info502)
{
fstring netname = "", remark = "", path = "", passwd = "";
rpcstr_pull_unistr2_fstring(netname, &info502->info_502_str.uni_netname);
rpcstr_pull_unistr2_fstring(remark, &info502->info_502_str.uni_remark);
rpcstr_pull_unistr2_fstring(path, &info502->info_502_str.uni_path);
rpcstr_pull_unistr2_fstring(passwd, &info502->info_502_str.uni_passwd);
printf("netname: %s\n", netname);
printf("\tremark:\t%s\n", remark);
printf("\tpath:\t%s\n", path);
printf("\tpassword:\t%s\n", passwd);
if (info502->info_502_str.sd)
display_sec_desc(info502->info_502_str.sd);
}
static NTSTATUS cmd_lsa_query_secobj(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
struct policy_handle pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
SEC_DESC_BUF *sdb;
uint32 sec_info = DACL_SECURITY_INFORMATION;
if (argc < 1 || argc > 2) {
printf("Usage: %s [sec_info]\n", argv[0]);
return NT_STATUS_OK;
}
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
if (argc == 2)
sscanf(argv[1], "%x", &sec_info);
if (!NT_STATUS_IS_OK(result))
goto done;
result = rpccli_lsa_QuerySecurity(cli, mem_ctx,
&pol,
sec_info,
&sdb);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Print results */
display_sec_desc(sdb->sd);
rpccli_lsa_Close(cli, mem_ctx, &pol);
done:
return result;
}
/**********************************************************************
* Query user security object
*/
static NTSTATUS cmd_samr_query_sec_obj(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
int argc, char **argv)
{
POLICY_HND connect_pol, domain_pol, user_pol, *pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 info_level = 4;
fstring server;
uint32 user_rid = 0;
TALLOC_CTX *ctx = NULL;
SEC_DESC_BUF *sec_desc_buf=NULL;
BOOL domain = False;
ctx=talloc_init();
if (argc > 2) {
printf("Usage: %s [rid|-d]\n", argv[0]);
printf("\tSpecify rid for security on user, -d for security on domain\n");
return NT_STATUS_OK;
}
if (argc == 2) {
if (strcmp(argv[1], "-d") == 0)
domain = True;
else
sscanf(argv[1], "%i", &user_rid);
}
slprintf (server, sizeof(fstring)-1, "\\\\%s", cli->desthost);
strupper (server);
result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
if (domain || user_rid)
result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
if (user_rid)
result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
MAXIMUM_ALLOWED_ACCESS,
user_rid, &user_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Pick which query pol to use */
pol = &connect_pol;
if (domain)
pol = &domain_pol;
if (user_rid)
pol = &user_pol;
/* Query SAM security object */
result = cli_samr_query_sec_obj(cli, mem_ctx, pol, info_level, ctx,
&sec_desc_buf);
if (!NT_STATUS_IS_OK(result))
goto done;
display_sec_desc(sec_desc_buf->sec);
done:
talloc_destroy(ctx);
return result;
}
