1
/* connects to an LSA, asks for a list of server names, prints out their sids, then looks up their names from the sids and prints them out again
2
* if you run as lsaq -p, then it will simulate a partial success for cac_GetNamesFromSids. It will try to lookup the server's local and domain sids
9
void fill_conn_info(CacServerHandle *hnd) {
15
fprintf(stdout, "Enter domain name: ");
16
fscanf(stdin, "%s", domain);
18
fprintf(stdout, "Enter username: ");
19
fscanf(stdin, "%s", username);
21
fprintf(stdout, "Enter password (no input masking): ");
22
fscanf(stdin, "%s", password);
24
fprintf(stdout, "Enter server (ip or name): ");
25
fscanf(stdin, "%s", server);
27
hnd->domain = SMB_STRDUP(domain);
28
hnd->username = SMB_STRDUP(username);
29
hnd->password = SMB_STRDUP(password);
30
hnd->server = SMB_STRDUP(server);
33
void get_server_names(TALLOC_CTX *mem_ctx, int *num_names, char ***names) {
37
fprintf(stdout, "How many names do you want to lookup?: ");
38
fscanf(stdin, "%d", num_names);
40
*names = TALLOC_ARRAY(mem_ctx, char *, *num_names);
42
fprintf(stderr, "No memory for allocation\n");
46
for(i = 0; i < *num_names; i++) {
47
fprintf(stdout, "Enter name: ");
48
fscanf(stdin, "%s", tmp);
49
(*names)[i] = talloc_strdup(mem_ctx, tmp);
53
int main(int argc, char **argv) {
59
CacServerHandle *hnd = NULL;
60
POLICY_HND *lsa_pol = NULL;
61
TALLOC_CTX *mem_ctx = NULL;
63
DOM_SID *sid_buf = NULL;
65
BOOL sim_partial = False;
67
if(argc > 1 && strcmp(argv[1], "-p") == 0)
70
mem_ctx = talloc_init("lsaq");
72
hnd = cac_NewServerHandle(False);
76
get_server_names(mem_ctx, &num_names, &names);
78
/*connect to the PDC and open a LSA handle*/
79
if(!cac_Connect(hnd, NULL)) {
80
fprintf(stderr, "Could not connect to server.\n Error %s.\n", nt_errstr(hnd->status));
85
fprintf(stdout, "Connected to server: %s\n", hnd->server);
87
struct LsaOpenPolicy lop;
90
lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED;
91
lop.in.security_qos = True;
93
if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) {
94
fprintf(stderr, "Could not get lsa policy handle.\n Error: %s\n", nt_errstr(hnd->status));
99
fprintf(stdout, "Opened Policy Handle\n");
101
/*just to make things neater*/
102
lsa_pol = lop.out.pol;
104
/*fetch the local sid and domain sid for the pdc*/
106
struct LsaFetchSid fsop;
109
fsop.in.pol = lsa_pol;
110
fsop.in.info_class = (CAC_LOCAL_INFO|CAC_DOMAIN_INFO);
112
fprintf(stdout, "fetching SID info for %s\n", hnd->server);
114
result = cac_LsaFetchSid(hnd, mem_ctx, &fsop);
116
fprintf(stderr, "Could not get sid for server: %s\n. Error: %s\n", hnd->server, nt_errstr(hnd->status));
118
talloc_destroy(mem_ctx);
122
if(result == CAC_PARTIAL_SUCCESS) {
123
fprintf(stdout, "could not retrieve both domain and local information\n");
127
fprintf(stdout, "Fetched SID info for %s\n", hnd->server);
128
if(fsop.out.local_sid != NULL)
129
fprintf(stdout, " domain: %s. Local SID: %s\n", fsop.out.local_sid->domain, sid_string_static(&fsop.out.local_sid->sid));
131
if(fsop.out.domain_sid != NULL)
132
fprintf(stdout, " domain: %s, Domain SID: %s\n", fsop.out.domain_sid->domain, sid_string_static(&fsop.out.domain_sid->sid));
134
fprintf(stdout, "\nAttempting to query info policy\n");
136
struct LsaQueryInfoPolicy qop;
139
qop.in.pol = lsa_pol;
141
if(!cac_LsaQueryInfoPolicy(hnd, mem_ctx, &qop)) {
142
fprintf(stderr, "Could not query information policy!.\n Error: %s\n", nt_errstr(hnd->status));
146
fprintf(stdout, "Query result: \n");
147
fprintf(stdout, " domain name: %s\n", qop.out.domain_name);
148
fprintf(stdout, " dns name: %s\n", qop.out.dns_name);
149
fprintf(stdout, " forest name: %s\n", qop.out.forest_name);
150
fprintf(stdout, " domain guid: %s\n", smb_uuid_string_static(*qop.out.domain_guid));
151
fprintf(stdout, " domain sid: %s\n", sid_string_static(qop.out.domain_sid));
153
fprintf(stdout, "\nLooking up sids\n");
155
struct LsaGetSidsFromNames gsop;
158
gsop.in.pol = lsa_pol;
159
gsop.in.num_names = num_names;
160
gsop.in.names = names;
162
result = cac_LsaGetSidsFromNames(hnd, mem_ctx, &gsop);
165
fprintf(stderr, "Could not lookup any sids!\n Error: %s\n", nt_errstr(hnd->status));
169
if(result == CAC_PARTIAL_SUCCESS) {
170
fprintf(stdout, "Not all names could be looked up.\nThe following names were not found:\n");
172
for(i = 0; i < (num_names - gsop.out.num_found); i++) {
173
fprintf(stdout, " %s\n", gsop.out.unknown[i]);
176
fprintf(stdout, "\n");
179
/*buffer the sids so we can look them up back to names*/
180
num_sids = (sim_partial) ? gsop.out.num_found + 2: gsop.out.num_found;
181
sid_buf = TALLOC_ARRAY(mem_ctx, DOM_SID, num_sids);
183
fprintf(stdout, "%d names were resolved: \n", gsop.out.num_found);
187
while(i < gsop.out.num_found) {
188
fprintf(stdout, " Name: %s\n SID: %s\n\n", gsop.out.sids[i].name, sid_string_static(&gsop.out.sids[i].sid));
190
sid_buf[i] = gsop.out.sids[i].sid;
195
/*if we want a partial success to occur below, then add the server's SIDs to the end of the array*/
197
sid_buf[i] = fsop.out.local_sid->sid;
198
sid_buf[i+1] = fsop.out.domain_sid->sid;
201
fprintf(stdout, "Looking up Names from SIDs\n");
203
struct LsaGetNamesFromSids gnop;
206
gnop.in.pol = lsa_pol;
207
gnop.in.num_sids = num_sids;
208
gnop.in.sids = sid_buf;
210
result = cac_LsaGetNamesFromSids(hnd, mem_ctx, &gnop);
213
fprintf(stderr, "Could not lookup any names!.\n Error: %s\n", nt_errstr(hnd->status));
217
if(result == CAC_PARTIAL_SUCCESS) {
218
fprintf(stdout, "\nNot all SIDs could be looked up.\n. The following SIDs were not found:\n");
220
for(i = 0; i < (num_sids - gnop.out.num_found); i++) {
221
fprintf(stdout, "SID: %s\n", sid_string_static(&gnop.out.unknown[i]));
224
fprintf(stdout, "\n");
227
fprintf(stdout, "%d SIDs were resolved: \n", gnop.out.num_found);
228
for(i = 0; i < gnop.out.num_found; i++) {
229
fprintf(stdout, " SID: %s\n Name: %s\n", sid_string_static(&gnop.out.sids[i].sid), gsop.out.sids[i].name);
234
if(!cac_LsaClosePolicy(hnd, mem_ctx, lsa_pol)) {
235
fprintf(stderr, "Could not close LSA policy handle.\n Error: %s\n", nt_errstr(hnd->status));
238
fprintf(stdout, "Closed Policy handle.\n");
242
talloc_destroy(mem_ctx);