1/* 2 Unix SMB/CIFS implementation. 3 dump the remote SAM using rpc samsync operations 4 5 Copyright (C) Andrew Tridgell 2002 6 Copyright (C) Tim Potter 2001,2002 7 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005 8 Modified by Volker Lendecke 2002 9 Copyright (C) Jeremy Allison 2005. 10 Copyright (C) Guenther Deschner 2008. 11 12 This program is free software; you can redistribute it and/or modify 13 it under the terms of the GNU General Public License as published by 14 the Free Software Foundation; either version 3 of the License, or 15 (at your option) any later version. 16 17 This program is distributed in the hope that it will be useful, 18 but WITHOUT ANY WARRANTY; without even the implied warranty of 19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 GNU General Public License for more details. 21 22 You should have received a copy of the GNU General Public License 23 along with this program. If not, see <http://www.gnu.org/licenses/>. 24*/ 25 26#include "includes.h" 27#include "libnet/libnet.h" 28 29static void display_group_mem_info(uint32_t rid, 30 struct netr_DELTA_GROUP_MEMBER *r) 31{ 32 int i; 33 d_printf("Group mem %u: ", rid); 34 for (i=0; i< r->num_rids; i++) { 35 d_printf("%u ", r->rids[i]); 36 } 37 d_printf("\n"); 38} 39 40static void display_alias_info(uint32_t rid, 41 struct netr_DELTA_ALIAS *r) 42{ 43 d_printf("Alias '%s' ", r->alias_name.string); 44 d_printf("desc='%s' rid=%u\n", r->description.string, r->rid); 45} 46 47static void display_alias_mem(uint32_t rid, 48 struct netr_DELTA_ALIAS_MEMBER *r) 49{ 50 int i; 51 d_printf("Alias rid %u: ", rid); 52 for (i=0; i< r->sids.num_sids; i++) { 53 d_printf("%s ", sid_string_tos(r->sids.sids[i].sid)); 54 } 55 d_printf("\n"); 56} 57 58static void display_account_info(uint32_t rid, 59 struct netr_DELTA_USER *r) 60{ 61 fstring hex_nt_passwd, hex_lm_passwd; 62 uchar zero_buf[16]; 63 64 memset(zero_buf, '\0', sizeof(zero_buf)); 65 66 /* Decode hashes from password hash (if they are not NULL) */ 67 68 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) { 69 pdb_sethexpwd(hex_lm_passwd, r->lmpassword.hash, r->acct_flags); 70 } else { 71 pdb_sethexpwd(hex_lm_passwd, NULL, 0); 72 } 73 74 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) { 75 pdb_sethexpwd(hex_nt_passwd, r->ntpassword.hash, r->acct_flags); 76 } else { 77 pdb_sethexpwd(hex_nt_passwd, NULL, 0); 78 } 79 80 printf("%s:%d:%s:%s:%s:LCT-0\n", 81 r->account_name.string, 82 r->rid, hex_lm_passwd, hex_nt_passwd, 83 pdb_encode_acct_ctrl(r->acct_flags, NEW_PW_FORMAT_SPACE_PADDED_LEN)); 84} 85 86static void display_domain_info(struct netr_DELTA_DOMAIN *r) 87{ 88 time_t u_logout; 89 struct netr_AcctLockStr *lockstr = NULL; 90 NTSTATUS status; 91 TALLOC_CTX *mem_ctx = talloc_tos(); 92 93 status = pull_netr_AcctLockStr(mem_ctx, &r->account_lockout, 94 &lockstr); 95 if (!NT_STATUS_IS_OK(status)) { 96 d_printf("failed to pull account lockout string: %s\n", 97 nt_errstr(status)); 98 } 99 100 u_logout = uint64s_nt_time_to_unix_abs((const uint64 *)&r->force_logoff_time); 101 102 d_printf("Domain name: %s\n", r->domain_name.string); 103 104 d_printf("Minimal Password Length: %d\n", r->min_password_length); 105 d_printf("Password History Length: %d\n", r->password_history_length); 106 107 d_printf("Force Logoff: %d\n", (int)u_logout); 108 109 d_printf("Max Password Age: %s\n", display_time(r->max_password_age)); 110 d_printf("Min Password Age: %s\n", display_time(r->min_password_age)); 111 112 if (lockstr) { 113 d_printf("Lockout Time: %s\n", display_time((NTTIME)lockstr->lockout_duration)); 114 d_printf("Lockout Reset Time: %s\n", display_time((NTTIME)lockstr->reset_count)); 115 d_printf("Bad Attempt Lockout: %d\n", lockstr->bad_attempt_lockout); 116 } 117 118 d_printf("User must logon to change password: %d\n", r->logon_to_chgpass); 119} 120 121static void display_group_info(uint32_t rid, struct netr_DELTA_GROUP *r) 122{ 123 d_printf("Group '%s' ", r->group_name.string); 124 d_printf("desc='%s', rid=%u\n", r->description.string, rid); 125} 126 127static void display_delete_group(uint32_t rid) 128{ 129 d_printf("Delete Group '%d'\n", rid); 130} 131 132static void display_rename_group(uint32_t rid, struct netr_DELTA_RENAME *r) 133{ 134 d_printf("Rename Group '%d' ", rid); 135 d_printf("Rename Group: %s -> %s\n", 136 r->OldName.string, r->NewName.string); 137} 138 139static void display_delete_user(uint32_t rid) 140{ 141 d_printf("Delete User '%d'\n", rid); 142} 143 144static void display_rename_user(uint32_t rid, struct netr_DELTA_RENAME *r) 145{ 146 d_printf("Rename User '%d' ", rid); 147 d_printf("Rename User: %s -> %s\n", 148 r->OldName.string, r->NewName.string); 149} 150 151static void display_delete_alias(uint32_t rid) 152{ 153 d_printf("Delete Alias '%d'\n", rid); 154} 155 156static void display_rename_alias(uint32_t rid, struct netr_DELTA_RENAME *r) 157{ 158 d_printf("Rename Alias '%d' ", rid); 159 d_printf("Rename Alias: %s -> %s\n", 160 r->OldName.string, r->NewName.string); 161} 162 163static NTSTATUS display_sam_entry(TALLOC_CTX *mem_ctx, 164 enum netr_SamDatabaseID database_id, 165 struct netr_DELTA_ENUM *r, 166 struct samsync_context *ctx) 167{ 168 union netr_DELTA_UNION u = r->delta_union; 169 union netr_DELTA_ID_UNION id = r->delta_id_union; 170 171 switch (r->delta_type) { 172 case NETR_DELTA_DOMAIN: 173 display_domain_info(u.domain); 174 break; 175 case NETR_DELTA_GROUP: 176 display_group_info(id.rid, u.group); 177 break; 178 case NETR_DELTA_DELETE_GROUP: 179 display_delete_group(id.rid); 180 break; 181 case NETR_DELTA_RENAME_GROUP: 182 display_rename_group(id.rid, u.rename_group); 183 break; 184 case NETR_DELTA_USER: 185 display_account_info(id.rid, u.user); 186 break; 187 case NETR_DELTA_DELETE_USER: 188 display_delete_user(id.rid); 189 break; 190 case NETR_DELTA_RENAME_USER: 191 display_rename_user(id.rid, u.rename_user); 192 break; 193 case NETR_DELTA_GROUP_MEMBER: 194 display_group_mem_info(id.rid, u.group_member); 195 break; 196 case NETR_DELTA_ALIAS: 197 display_alias_info(id.rid, u.alias); 198 break; 199 case NETR_DELTA_DELETE_ALIAS: 200 display_delete_alias(id.rid); 201 break; 202 case NETR_DELTA_RENAME_ALIAS: 203 display_rename_alias(id.rid, u.rename_alias); 204 break; 205 case NETR_DELTA_ALIAS_MEMBER: 206 display_alias_mem(id.rid, u.alias_member); 207 break; 208 case NETR_DELTA_POLICY: 209 printf("Policy\n"); 210 break; 211 case NETR_DELTA_TRUSTED_DOMAIN: 212 printf("Trusted Domain: %s\n", 213 u.trusted_domain->domain_name.string); 214 break; 215 case NETR_DELTA_DELETE_TRUST: 216 printf("Delete Trust: %d\n", 217 u.delete_trust.unknown); 218 break; 219 case NETR_DELTA_ACCOUNT: 220 printf("Account\n"); 221 break; 222 case NETR_DELTA_DELETE_ACCOUNT: 223 printf("Delete Account: %d\n", 224 u.delete_account.unknown); 225 break; 226 case NETR_DELTA_SECRET: 227 printf("Secret\n"); 228 break; 229 case NETR_DELTA_DELETE_SECRET: 230 printf("Delete Secret: %d\n", 231 u.delete_secret.unknown); 232 break; 233 case NETR_DELTA_DELETE_GROUP2: 234 printf("Delete Group2: %s\n", 235 u.delete_group->account_name); 236 break; 237 case NETR_DELTA_DELETE_USER2: 238 printf("Delete User2: %s\n", 239 u.delete_user->account_name); 240 break; 241 case NETR_DELTA_MODIFY_COUNT: 242 printf("sam sequence update: 0x%016llx\n", 243 (unsigned long long) *u.modified_count); 244 break; 245#if 0 246 /* The following types are recognised but not handled */ 247 case NETR_DELTA_POLICY: 248 d_printf("NETR_DELTA_POLICY not handled\n"); 249 break; 250 case NETR_DELTA_TRUSTED_DOMAIN: 251 d_printf("NETR_DELTA_TRUSTED_DOMAIN not handled\n"); 252 break; 253 case NETR_DELTA_ACCOUNT: 254 d_printf("NETR_DELTA_ACCOUNT not handled\n"); 255 break; 256 case NETR_DELTA_SECRET: 257 d_printf("NETR_DELTA_SECRET not handled\n"); 258 break; 259 case NETR_DELTA_MODIFY_COUNT: 260 d_printf("NETR_DELTA_MODIFY_COUNT not handled\n"); 261 break; 262 case NETR_DELTA_DELETE_TRUST: 263 d_printf("NETR_DELTA_DELETE_TRUST not handled\n"); 264 break; 265 case NETR_DELTA_DELETE_ACCOUNT: 266 d_printf("NETR_DELTA_DELETE_ACCOUNT not handled\n"); 267 break; 268 case NETR_DELTA_DELETE_SECRET: 269 d_printf("NETR_DELTA_DELETE_SECRET not handled\n"); 270 break; 271 case NETR_DELTA_DELETE_GROUP2: 272 d_printf("NETR_DELTA_DELETE_GROUP2 not handled\n"); 273 break; 274 case NETR_DELTA_DELETE_USER2: 275 d_printf("NETR_DELTA_DELETE_USER2 not handled\n"); 276 break; 277#endif 278 default: 279 printf("unknown delta type 0x%02x\n", 280 r->delta_type); 281 break; 282 } 283 284 return NT_STATUS_OK; 285} 286 287static NTSTATUS display_sam_entries(TALLOC_CTX *mem_ctx, 288 enum netr_SamDatabaseID database_id, 289 struct netr_DELTA_ENUM_ARRAY *r, 290 uint64_t *sequence_num, 291 struct samsync_context *ctx) 292{ 293 int i; 294 295 for (i = 0; i < r->num_deltas; i++) { 296 display_sam_entry(mem_ctx, database_id, &r->delta_enum[i], 297 ctx); 298 } 299 300 return NT_STATUS_OK; 301} 302 303const struct samsync_ops libnet_samsync_display_ops = { 304 .process_objects = display_sam_entries, 305}; 306