1/*tries to set privileges for an account*/ 2 3#include "libmsrpc.h" 4#include "test_util.h" 5 6#define BIGGEST_UINT32 0xffffffff 7 8int main(int argc, char **argv) { 9 CacServerHandle *hnd = NULL; 10 TALLOC_CTX *mem_ctx = NULL; 11 12 struct LsaOpenPolicy lop; 13 struct LsaEnumPrivileges ep; 14 struct LsaEnumAccountRights ar; 15 struct LsaAddPrivileges ap; 16 17 fstring tmp; 18 19 uint32 i = 0; 20 21 mem_ctx = talloc_init("lsapriv"); 22 23 hnd = cac_NewServerHandle(True); 24 25 cac_SetAuthDataFn(hnd, cactest_GetAuthDataFn); 26 27 cac_parse_cmd_line(argc, argv, hnd); 28 29 if(!cac_Connect(hnd, NULL)) { 30 fprintf(stderr, "Could not connect to server %s. Error: %s\n", hnd->server, nt_errstr(hnd->status)); 31 exit(-1); 32 } 33 34 ZERO_STRUCT(lop); 35 36 lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED; 37 38 if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) { 39 fprintf(stderr, "Could not open LSA policy. Error: %s\n", nt_errstr(hnd->status)); 40 goto done; 41 } 42 43 /*first enumerate possible privileges*/ 44 ZERO_STRUCT(ep); 45 46 ep.in.pol = lop.out.pol; 47 ep.in.pref_max_privs = BIGGEST_UINT32; 48 49 printf("Enumerating supported privileges:\n"); 50 while(cac_LsaEnumPrivileges(hnd, mem_ctx, &ep)) { 51 for(i = 0; i < ep.out.num_privs; i++) { 52 printf("\t%s\n", ep.out.priv_names[i]); 53 } 54 } 55 56 if(CAC_OP_FAILED(hnd->status)) { 57 fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status)); 58 goto done; 59 } 60 61 printf("Enter account name: "); 62 cactest_readline(stdin, tmp); 63 64 ZERO_STRUCT(ar); 65 66 ar.in.pol = lop.out.pol; 67 ar.in.name = talloc_strdup(mem_ctx, tmp); 68 69 printf("Enumerating privileges for %s:\n", ar.in.name); 70 if(!cac_LsaEnumAccountRights(hnd, mem_ctx, &ar)) { 71 fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status)); 72 goto done; 73 } 74 75 printf("Enumerated %d privileges:\n", ar.out.num_privs); 76 77 for(i = 0; i < ar.out.num_privs; i++) 78 printf("\t%s\n", ar.out.priv_names[i]); 79 80 ZERO_STRUCT(ap); 81 82 ap.in.pol = lop.out.pol; 83 ap.in.name = ar.in.name; 84 85 printf("How many privileges will you set: "); 86 scanf("%d", &ap.in.num_privs); 87 88 ap.in.priv_names = talloc_array(mem_ctx, char *, ap.in.num_privs); 89 if(!ap.in.priv_names) { 90 fprintf(stderr, "No memory\n"); 91 goto done; 92 } 93 94 for(i = 0; i < ap.in.num_privs; i++) { 95 printf("Enter priv %d: ", i); 96 cactest_readline(stdin, tmp); 97 98 ap.in.priv_names[i] = talloc_strdup(mem_ctx, tmp); 99 } 100 101 if(!cac_LsaSetPrivileges(hnd, mem_ctx, &ap)) { 102 fprintf(stderr, "Could not set privileges. Error: %s\n", nt_errstr(hnd->status)); 103 goto done; 104 } 105 106done: 107 talloc_destroy(mem_ctx); 108 cac_FreeHandle(hnd); 109 110 return 0; 111 112} 113 114