static NTSTATUS cmd_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, char **argv) { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 alias_rid, num_members, i; DOM_SID *alias_sids; if (argc != 2) { printf("Usage: %s rid\n", argv[0]); return NT_STATUS_OK; } sscanf(argv[1], "%i", &alias_rid); /* Open SAMR handle */ result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Open handle on domain */ result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Open handle on alias */ result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = cli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, &num_members, &alias_sids); if (!NT_STATUS_IS_OK(result)) { goto done; } for (i = 0; i < num_members; i++) { fstring sid_str; sid_to_string(sid_str, &alias_sids[i]); printf("\tsid:[%s]\n", sid_str); } done: return result; }
static NTSTATUS cmd_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND connect_pol, domain_pol, alias_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 alias_rid, num_members, i; uint32 access_mask = MAXIMUM_ALLOWED_ACCESS; DOM_SID *alias_sids; DOM_SID global_sid_Builtin; string_to_sid(&global_sid_Builtin, "S-1-5-32"); if ((argc < 3) || (argc > 4)) { printf("Usage: %s builtin|domain rid [access mask]\n", argv[0]); return NT_STATUS_OK; } sscanf(argv[2], "%i", &alias_rid); if (argc > 3) sscanf(argv[3], "%x", &access_mask); /* Open SAMR handle */ result = try_samr_connects(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Open handle on domain */ if (StrCaseCmp(argv[1], "domain")==0) result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &domain_sid, &domain_pol); else if (StrCaseCmp(argv[1], "builtin")==0) result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &global_sid_Builtin, &domain_pol); else return NT_STATUS_OK; if (!NT_STATUS_IS_OK(result)) goto done; /* Open handle on alias */ result = cli_samr_open_alias(cli, mem_ctx, &domain_pol, access_mask, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; result = cli_samr_query_aliasmem(cli, mem_ctx, &alias_pol, &num_members, &alias_sids); if (!NT_STATUS_IS_OK(result)) goto done; for (i = 0; i < num_members; i++) { fstring sid_str; sid_to_string(sid_str, &alias_sids[i]); printf("\tsid:[%s]\n", sid_str); } done: return result; }