?? net_rpc.c
字號:
/* Get domain policy handle */ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) goto done; /* Create the group */ result = rpccli_samr_create_dom_alias(pipe_hnd, mem_ctx, &domain_pol, argv[0], &alias_pol); if (!NT_STATUS_IS_OK(result)) goto done; if (strlen(opt_comment) == 0) goto done; /* We've got a comment to set */ alias_info.level = 3; init_samr_alias_info3(&alias_info.alias.info3, opt_comment); result = rpccli_samr_set_aliasinfo(pipe_hnd, mem_ctx, &alias_pol, &alias_info); if (!NT_STATUS_IS_OK(result)) goto done; done: if (NT_STATUS_IS_OK(result)) DEBUG(5, ("add alias succeeded\n")); else d_fprintf(stderr, "add alias failed: %s\n", nt_errstr(result)); return result;}static int rpc_group_add(int argc, const char **argv){ if (opt_localgroup) return run_rpc_command(NULL, PI_SAMR, 0, rpc_alias_add_internals, argc, argv); return run_rpc_command(NULL, PI_SAMR, 0, rpc_group_add_internals, argc, argv);}static NTSTATUS get_sid_from_name(struct cli_state *cli, TALLOC_CTX *mem_ctx, const char *name, DOM_SID *sid, enum SID_NAME_USE *type){ DOM_SID *sids = NULL; uint32 *types = NULL; struct rpc_pipe_client *pipe_hnd; POLICY_HND lsa_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result); if (!pipe_hnd) { goto done; } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, False, SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1, &name, &sids, &types); if (NT_STATUS_IS_OK(result)) { sid_copy(sid, &sids[0]); *type = types[0]; } rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol); done: if (pipe_hnd) { cli_rpc_pipe_close(pipe_hnd); } if (!NT_STATUS_IS_OK(result) && (StrnCaseCmp(name, "S-", 2) == 0)) { /* Try as S-1-5-whatever */ DOM_SID tmp_sid; if (string_to_sid(&tmp_sid, name)) { sid_copy(sid, &tmp_sid); *type = SID_NAME_UNKNOWN; result = NT_STATUS_OK; } } return result;}static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, const DOM_SID *group_sid, const char *member){ POLICY_HND connect_pol, domain_pol; NTSTATUS result; uint32 group_rid; POLICY_HND group_pol; uint32 num_rids; uint32 *rids = NULL; uint32 *rid_types = NULL; DOM_SID sid; sid_copy(&sid, group_sid); if (!sid_split_rid(&sid, &group_rid)) { return NT_STATUS_UNSUCCESSFUL; } /* Get sam policy handle */ result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { return result; } /* Get domain policy handle */ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { return result; } result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, &member, &num_rids, &rids, &rid_types); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not lookup up group member %s\n", member); goto done; } result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rid, &group_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = rpccli_samr_add_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); done: rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result;}static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, const DOM_SID *alias_sid, const char *member){ POLICY_HND connect_pol, domain_pol; NTSTATUS result; uint32 alias_rid; POLICY_HND alias_pol; DOM_SID member_sid; enum SID_NAME_USE member_type; DOM_SID sid; sid_copy(&sid, alias_sid); if (!sid_split_rid(&sid, &alias_rid)) { return NT_STATUS_UNSUCCESSFUL; } result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member, &member_sid, &member_type); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not lookup up group member %s\n", member); return result; } /* Get sam policy handle */ result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) { return result; } result = rpccli_samr_add_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); if (!NT_STATUS_IS_OK(result)) { return result; } done: rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result;}static NTSTATUS rpc_group_addmem_internals(const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv){ DOM_SID group_sid; enum SID_NAME_USE group_type; if (argc != 2) { d_printf("Usage: 'net rpc group addmem <group> <member>\n"); return NT_STATUS_UNSUCCESSFUL; } if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0], &group_sid, &group_type))) { d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]); return NT_STATUS_UNSUCCESSFUL; } if (group_type == SID_NAME_DOM_GRP) { NTSTATUS result = rpc_add_groupmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not add %s to %s: %s\n", argv[1], argv[0], nt_errstr(result)); } return result; } if (group_type == SID_NAME_ALIAS) { NTSTATUS result = rpc_add_aliasmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not add %s to %s: %s\n", argv[1], argv[0], nt_errstr(result)); } return result; } d_fprintf(stderr, "Can only add members to global or local groups " "which %s is not\n", argv[0]); return NT_STATUS_UNSUCCESSFUL;}static int rpc_group_addmem(int argc, const char **argv){ return run_rpc_command(NULL, PI_SAMR, 0, rpc_group_addmem_internals, argc, argv);}static NTSTATUS rpc_del_groupmem(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, const DOM_SID *group_sid, const char *member){ POLICY_HND connect_pol, domain_pol; NTSTATUS result; uint32 group_rid; POLICY_HND group_pol; uint32 num_rids; uint32 *rids = NULL; uint32 *rid_types = NULL; DOM_SID sid; sid_copy(&sid, group_sid); if (!sid_split_rid(&sid, &group_rid)) return NT_STATUS_UNSUCCESSFUL; /* Get sam policy handle */ result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) return result; /* Get domain policy handle */ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) return result; result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol, 1000, 1, &member, &num_rids, &rids, &rid_types); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not lookup up group member %s\n", member); goto done; } result = rpccli_samr_open_group(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, group_rid, &group_pol); if (!NT_STATUS_IS_OK(result)) goto done; result = rpccli_samr_del_groupmem(pipe_hnd, mem_ctx, &group_pol, rids[0]); done: rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result;}static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, const DOM_SID *alias_sid, const char *member){ POLICY_HND connect_pol, domain_pol; NTSTATUS result; uint32 alias_rid; POLICY_HND alias_pol; DOM_SID member_sid; enum SID_NAME_USE member_type; DOM_SID sid; sid_copy(&sid, alias_sid); if (!sid_split_rid(&sid, &alias_rid)) return NT_STATUS_UNSUCCESSFUL; result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member, &member_sid, &member_type); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not lookup up group member %s\n", member); return result; } /* Get sam policy handle */ result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, &sid, &domain_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, &domain_pol, MAXIMUM_ALLOWED_ACCESS, alias_rid, &alias_pol); if (!NT_STATUS_IS_OK(result)) return result; result = rpccli_samr_del_aliasmem(pipe_hnd, mem_ctx, &alias_pol, &member_sid); if (!NT_STATUS_IS_OK(result)) return result; done: rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol); return result;}static NTSTATUS rpc_group_delmem_internals(const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv){ DOM_SID group_sid; enum SID_NAME_USE group_type; if (argc != 2) { d_printf("Usage: 'net rpc group delmem <group> <member>\n"); return NT_STATUS_UNSUCCESSFUL; } if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0], &group_sid, &group_type))) { d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]); return NT_STATUS_UNSUCCESSFUL; } if (group_type == SID_NAME_DOM_GRP) { NTSTATUS result = rpc_del_groupmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not del %s from %s: %s\n", argv[1], argv[0], nt_errstr(result)); } return result; } if (group_type == SID_NAME_ALIAS) { NTSTATUS result = rpc_del_aliasmem(pipe_hnd, mem_ctx, &group_sid, argv[1]); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Could not del %s from %s: %s\n", argv[1], argv[0], nt_errstr(result)); } return result; } d_fprintf(stderr, "Can only delete members from global or local groups " "which %s is not\n", argv[0]); return NT_STATUS_UNSUCCESSFUL;}static int rpc_group_delmem(int argc, const char **argv){ return run_rpc_command(NULL, PI_SAMR, 0, rpc_group_delmem_internals, argc, argv);}/** * List groups on a remote RPC server * * All parameters are provided by the run_rpc_command function, except for * argc, argv which are passes through. * * @param domain_sid The domain sid acquired from the remote server * @param cli A cli_state connected to the server. * @param mem_ctx Talloc context, destoyed on completion of the function. * @param argc Standard main() style argc * @param argv Standard main() style argv. Initial components are already * stripped * * @return Normal NTSTATUS return. **/static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid, const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv){ POLICY_HND connect_pol, domain_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0; struct acct_info *groups; BOOL global = False; BOOL local = False; BOOL builtin = False; if (argc == 0) { global = True; local = True; builtin = True; } for (i=0; i<argc; i++) { if (strequal(argv[i], "global")) global = True; if (strequal(argv[i], "local")) local = True; if (strequal(argv[i], "builtin")) builtin = True; }?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -