void init_netr_SamBaseInfo(struct netr_SamBaseInfo *r,
NTTIME last_logon,
NTTIME last_logoff,
NTTIME acct_expiry,
NTTIME last_password_change,
NTTIME allow_password_change,
NTTIME force_password_change,
const char *account_name,
const char *full_name,
const char *logon_script,
const char *profile_path,
const char *home_directory,
const char *home_drive,
uint16_t logon_count,
uint16_t bad_password_count,
uint32_t rid,
uint32_t primary_gid,
struct samr_RidWithAttributeArray groups,
uint32_t user_flags,
struct netr_UserSessionKey key,
const char *logon_server,
const char *domain,
struct dom_sid2 *domain_sid,
struct netr_LMSessionKey LMSessKey,
uint32_t acct_flags)
{
r->last_logon = last_logon;
r->last_logoff = last_logoff;
r->acct_expiry = acct_expiry;
r->last_password_change = last_password_change;
r->allow_password_change = allow_password_change;
r->force_password_change = force_password_change;
init_lsa_String(&r->account_name, account_name);
init_lsa_String(&r->full_name, full_name);
init_lsa_String(&r->logon_script, logon_script);
init_lsa_String(&r->profile_path, profile_path);
init_lsa_String(&r->home_directory, home_directory);
init_lsa_String(&r->home_drive, home_drive);
r->logon_count = logon_count;
r->bad_password_count = bad_password_count;
r->rid = rid;
r->primary_gid = primary_gid;
r->groups = groups;
r->user_flags = user_flags;
r->key = key;
init_lsa_StringLarge(&r->logon_server, logon_server);
init_lsa_StringLarge(&r->domain, domain);
r->domain_sid = domain_sid;
r->LMSessKey = LMSessKey;
r->acct_flags = acct_flags;
}
static NTSTATUS get_system_info3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *info3)
{
NTSTATUS status;
struct dom_sid *system_sid;
/* Set account name */
init_lsa_String(&info3->base.account_name, "SYSTEM");
/* Set domain name */
init_lsa_StringLarge(&info3->base.logon_domain, "NT AUTHORITY");
/* The SID set here will be overwirtten anyway, but try and make it SID_NT_SYSTEM anyway */
/* Domain sid is NT_AUTHORITY */
system_sid = dom_sid_parse_talloc(mem_ctx, SID_NT_SYSTEM);
if (system_sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = dom_sid_split_rid(mem_ctx, system_sid, &info3->base.domain_sid,
&info3->base.rid);
TALLOC_FREE(system_sid);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* Primary gid is the same */
info3->base.primary_gid = info3->base.rid;
return NT_STATUS_OK;
}
bool torture_setup_privs(struct torture_context *tctx,
struct dcerpc_pipe *p,
uint32_t num_privs,
const char **privs,
const struct dom_sid *user_sid)
{
struct dcerpc_binding_handle *b = p->binding_handle;
struct policy_handle *handle;
int i;
torture_assert(tctx,
test_lsa_OpenPolicy2(b, tctx, &handle),
"failed to open policy");
for (i=0; i < num_privs; i++) {
struct lsa_LookupPrivValue r;
struct lsa_LUID luid;
struct lsa_String name;
init_lsa_String(&name, privs[i]);
r.in.handle = handle;
r.in.name = &name;
r.out.luid = &luid;
torture_assert_ntstatus_ok(tctx,
dcerpc_lsa_LookupPrivValue_r(b, tctx, &r),
"lsa_LookupPrivValue failed");
if (!NT_STATUS_IS_OK(r.out.result)) {
torture_comment(tctx, "lsa_LookupPrivValue failed for '%s' with %s\n",
privs[i], nt_errstr(r.out.result));
return false;
}
}
{
struct lsa_AddAccountRights r;
struct lsa_RightSet rights;
rights.count = num_privs;
rights.names = talloc_zero_array(tctx, struct lsa_StringLarge, rights.count);
for (i=0; i < rights.count; i++) {
init_lsa_StringLarge(&rights.names[i], privs[i]);
}
r.in.handle = handle;
r.in.sid = discard_const_p(struct dom_sid, user_sid);
r.in.rights = &rights;
torture_assert_ntstatus_ok(tctx,
dcerpc_lsa_AddAccountRights_r(b, tctx, &r),
"lsa_AddAccountRights failed");
torture_assert_ntstatus_ok(tctx, r.out.result,
"lsa_AddAccountRights failed");
}
test_lsa_Close(b, tctx, handle);
return true;
}
static NTSTATUS cmd_lsa_remove_acct_rights(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
struct policy_handle dom_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct lsa_RightSet rights;
DOM_SID sid;
int i;
if (argc < 3 ) {
printf("Usage: %s SID [rights...]\n", argv[0]);
return NT_STATUS_OK;
}
result = name_to_sid(cli, mem_ctx, &sid, argv[1]);
if (!NT_STATUS_IS_OK(result))
goto done;
result = rpccli_lsa_open_policy2(cli, mem_ctx, True,
SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
rights.count = argc-2;
rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
rights.count);
if (!rights.names) {
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<argc-2; i++) {
init_lsa_StringLarge(&rights.names[i], argv[i+2]);
}
result = rpccli_lsa_RemoveAccountRights(cli, mem_ctx,
&dom_pol,
&sid,
false,
&rights);
if (!NT_STATUS_IS_OK(result))
goto done;
rpccli_lsa_Close(cli, mem_ctx, &dom_pol);
done:
return result;
}
static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *info3)
{
const char *guest_account = lp_guestaccount();
struct dom_sid domain_sid;
struct passwd *pwd;
const char *tmp;
pwd = Get_Pwnam_alloc(mem_ctx, guest_account);
if (pwd == NULL) {
DEBUG(0,("SamInfo3_for_guest: Unable to locate guest "
"account [%s]!\n", guest_account));
return NT_STATUS_NO_SUCH_USER;
}
/* Set account name */
tmp = talloc_strdup(mem_ctx, pwd->pw_name);
if (tmp == NULL) {
return NT_STATUS_NO_MEMORY;
}
init_lsa_String(&info3->base.account_name, tmp);
/* Set domain name */
tmp = talloc_strdup(mem_ctx, get_global_sam_name());
if (tmp == NULL) {
return NT_STATUS_NO_MEMORY;
}
init_lsa_StringLarge(&info3->base.logon_domain, tmp);
/* Domain sid */
sid_copy(&domain_sid, get_global_sam_sid());
info3->base.domain_sid = dom_sid_dup(mem_ctx, &domain_sid);
if (info3->base.domain_sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* Guest rid */
info3->base.rid = DOMAIN_RID_GUEST;
/* Primary gid */
info3->base.primary_gid = DOMAIN_RID_GUESTS;
/* Set as guest */
info3->base.user_flags = NETLOGON_GUEST;
TALLOC_FREE(pwd);
return NT_STATUS_OK;
}
static NTSTATUS cmd_lsa_create_trusted_domain(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS status;
struct policy_handle handle, trustdom_handle;
struct dom_sid sid;
struct lsa_DomainInfo info;
if (argc < 3) {
printf("Usage: %s name sid\n", argv[0]);
return NT_STATUS_OK;
}
status = rpccli_lsa_open_policy2(cli, mem_ctx,
true,
SEC_FLAG_MAXIMUM_ALLOWED,
&handle);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
init_lsa_StringLarge(&info.name, argv[1]);
info.sid = &sid;
string_to_sid(&sid, argv[2]);
status = rpccli_lsa_CreateTrustedDomain(cli, mem_ctx,
&handle,
&info,
SEC_FLAG_MAXIMUM_ALLOWED,
&trustdom_handle);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
done:
if (is_valid_policy_hnd(&trustdom_handle)) {
rpccli_lsa_Close(cli, mem_ctx, &trustdom_handle);
}
if (is_valid_policy_hnd(&handle)) {
rpccli_lsa_Close(cli, mem_ctx, &handle);
}
return status;
}
static bool test_Init(struct torture_context *tctx,
struct dcerpc_pipe *p)
{
struct initshutdown_Init r;
NTSTATUS status;
uint16_t hostname = 0x0;
r.in.hostname = &hostname;
r.in.message = talloc(tctx, struct lsa_StringLarge);
init_lsa_StringLarge(r.in.message, "spottyfood");
r.in.force_apps = 1;
r.in.timeout = 30;
r.in.do_reboot = 1;
status = dcerpc_initshutdown_Init(p, tctx, &r);
torture_assert_ntstatus_ok(tctx, status, "initshutdown_Init failed");
torture_assert_werr_ok(tctx, r.out.result, "initshutdown_Init failed");
return test_Abort(tctx, p);
}
static NTSTATUS get_system_info3(TALLOC_CTX *mem_ctx,
struct passwd *pwd,
struct netr_SamInfo3 *info3)
{
struct dom_sid domain_sid;
const char *tmp;
/* Set account name */
tmp = talloc_strdup(mem_ctx, pwd->pw_name);
if (tmp == NULL) {
return NT_STATUS_NO_MEMORY;
}
init_lsa_String(&info3->base.account_name, tmp);
/* Set domain name */
tmp = talloc_strdup(mem_ctx, get_global_sam_name());
if (tmp == NULL) {
return NT_STATUS_NO_MEMORY;
}
init_lsa_StringLarge(&info3->base.domain, tmp);
/* Domain sid */
sid_copy(&domain_sid, get_global_sam_sid());
info3->base.domain_sid = dom_sid_dup(mem_ctx, &domain_sid);
if (info3->base.domain_sid == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* Admin rid */
info3->base.rid = DOMAIN_RID_ADMINISTRATOR;
/* Primary gid */
info3->base.primary_gid = BUILTIN_RID_ADMINISTRATORS;
return NT_STATUS_OK;
}
static NTSTATUS rpc_rights_revoke_internal(struct net_context *c,
const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
struct policy_handle dom_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct lsa_RightSet rights;
DOM_SID sid;
int i;
if (argc < 2 ) {
d_printf(_("Usage: net rpc rights revoke <name|SID> "
"<rights...>\n"));
return NT_STATUS_OK;
}
result = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]);
if (!NT_STATUS_IS_OK(result))
return result;
result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true,
SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(result))
return result;
rights.count = argc-1;
rights.names = TALLOC_ARRAY(mem_ctx, struct lsa_StringLarge,
rights.count);
if (!rights.names) {
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<argc-1; i++) {
init_lsa_StringLarge(&rights.names[i], argv[i+1]);
}
result = rpccli_lsa_RemoveAccountRights(pipe_hnd, mem_ctx,
&dom_pol,
&sid,
false,
&rights);
if (!NT_STATUS_IS_OK(result))
goto done;
d_printf(_("Successfully revoked rights.\n"));
done:
if ( !NT_STATUS_IS_OK(result) ) {
d_fprintf(stderr,_("Failed to revoke privileges for %s (%s)\n"),
argv[0], nt_errstr(result));
}
rpccli_lsa_Close(pipe_hnd, mem_ctx, &dom_pol);
return result;
}
static NTSTATUS rpc_rights_revoke_internal(struct net_context *c,
const struct dom_sid *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv )
{
struct policy_handle dom_pol;
NTSTATUS status, result;
struct lsa_RightSet rights;
struct dom_sid sid;
int i;
struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (argc < 2 ) {
d_printf("%s\n%s",
_("Usage:"),
_(" net rpc rights revoke <name|SID> <rights...>\n"));
return NT_STATUS_OK;
}
status = name_to_sid(pipe_hnd, mem_ctx, &sid, argv[0]);
if (!NT_STATUS_IS_OK(status))
return status;
status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true,
SEC_FLAG_MAXIMUM_ALLOWED,
&dom_pol);
if (!NT_STATUS_IS_OK(status))
return status;
rights.count = argc-1;
rights.names = talloc_array(mem_ctx, struct lsa_StringLarge,
rights.count);
if (!rights.names) {
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<argc-1; i++) {
init_lsa_StringLarge(&rights.names[i], argv[i+1]);
}
status = dcerpc_lsa_RemoveAccountRights(b, mem_ctx,
&dom_pol,
&sid,
false,
&rights,
&result);
if (!NT_STATUS_IS_OK(status))
goto done;
if (!NT_STATUS_IS_OK(result)) {
status = result;
goto done;
}
d_printf(_("Successfully revoked rights.\n"));
done:
if ( !NT_STATUS_IS_OK(status) ) {
d_fprintf(stderr,_("Failed to revoke privileges for %s (%s)\n"),
argv[0], nt_errstr(status));
}
dcerpc_lsa_Close(b, mem_ctx, &dom_pol, &result);
return status;
}
