1/*tries to set privileges for an account*/
2
3#include "libmsrpc.h"
4#include "test_util.h"
5
6#define BIGGEST_UINT32 0xffffffff
7
8int main(int argc, char **argv) {
9   CacServerHandle *hnd = NULL;
10   TALLOC_CTX *mem_ctx = NULL;
11
12   struct LsaOpenPolicy lop;
13   struct LsaEnumPrivileges ep;
14   struct LsaEnumAccountRights ar;
15   struct LsaAddPrivileges ap;
16
17   fstring tmp;
18
19   uint32 i = 0;
20
21   mem_ctx = talloc_init("lsapriv");
22
23   hnd = cac_NewServerHandle(True);
24
25   cac_SetAuthDataFn(hnd, cactest_GetAuthDataFn);
26
27   cac_parse_cmd_line(argc, argv, hnd);
28
29   if(!cac_Connect(hnd, NULL)) {
30      fprintf(stderr, "Could not connect to server %s. Error: %s\n", hnd->server, nt_errstr(hnd->status));
31      exit(-1);
32   }
33
34   ZERO_STRUCT(lop);
35
36   lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED;
37
38   if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) {
39      fprintf(stderr, "Could not open LSA policy. Error: %s\n", nt_errstr(hnd->status));
40      goto done;
41   }
42
43   /*first enumerate possible privileges*/
44   ZERO_STRUCT(ep);
45
46   ep.in.pol = lop.out.pol;
47   ep.in.pref_max_privs = BIGGEST_UINT32;
48
49   printf("Enumerating supported privileges:\n");
50   while(cac_LsaEnumPrivileges(hnd, mem_ctx, &ep)) {
51      for(i = 0; i < ep.out.num_privs; i++) {
52         printf("\t%s\n", ep.out.priv_names[i]);
53      }
54   }
55
56   if(CAC_OP_FAILED(hnd->status)) {
57      fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status));
58      goto done;
59   }
60
61   printf("Enter account name: ");
62   cactest_readline(stdin, tmp);
63
64   ZERO_STRUCT(ar);
65
66   ar.in.pol = lop.out.pol;
67   ar.in.name = talloc_strdup(mem_ctx, tmp);
68
69   printf("Enumerating privileges for %s:\n", ar.in.name);
70   if(!cac_LsaEnumAccountRights(hnd, mem_ctx, &ar)) {
71      fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status));
72      goto done;
73   }
74
75   printf("Enumerated %d privileges:\n", ar.out.num_privs);
76
77   for(i = 0; i < ar.out.num_privs; i++)
78      printf("\t%s\n", ar.out.priv_names[i]);
79
80   ZERO_STRUCT(ap);
81
82   ap.in.pol = lop.out.pol;
83   ap.in.name = ar.in.name;
84
85   printf("How many privileges will you set: ");
86   scanf("%d", &ap.in.num_privs);
87
88   ap.in.priv_names = talloc_array(mem_ctx, char *, ap.in.num_privs);
89   if(!ap.in.priv_names) {
90      fprintf(stderr, "No memory\n");
91      goto done;
92   }
93
94   for(i = 0; i < ap.in.num_privs; i++) {
95      printf("Enter priv %d: ", i);
96      cactest_readline(stdin, tmp);
97
98      ap.in.priv_names[i] = talloc_strdup(mem_ctx, tmp);
99   }
100
101   if(!cac_LsaSetPrivileges(hnd, mem_ctx, &ap)) {
102      fprintf(stderr, "Could not set privileges. Error: %s\n", nt_errstr(hnd->status));
103      goto done;
104   }
105
106done:
107   talloc_destroy(mem_ctx);
108   cac_FreeHandle(hnd);
109
110   return 0;
111
112}
113
114