#include "libmsrpc.h"
#include "test_util.h"
int main(int argc, char **argv) {
CacServerHandle *hnd = NULL;
TALLOC_CTX *mem_ctx = NULL;
struct SamEnumGroups eg;
struct SamEnumUsers eu;
struct SamCreateGroup cg;
struct SamOpenGroup og;
struct SamGetGroupMembers ggm;
struct SamGetNamesFromRids gn;
struct SamAddGroupMember add;
struct SamRemoveGroupMember del;
struct SamSetGroupMembers set;
struct SamGetGroupsForUser gg;
struct SamOpenUser ou;
struct SamGetGroupInfo gi;
struct SamSetGroupInfo si;
struct SamRenameGroup rg;
struct SamGetSecurityObject gso;
POLICY_HND *group_hnd = NULL;
fstring tmp;
fstring input;
int i;
mem_ctx = talloc_init("cac_samgroup");
hnd = cac_NewServerHandle(True);
cac_parse_cmd_line(argc, argv, hnd);
if(!cac_Connect(hnd, NULL)) {
fprintf(stderr, "Could not connect to server %s. Error: %s\n", hnd->server, nt_errstr(hnd->status));
exit(-1);
}
struct SamOpenDomain sod;
ZERO_STRUCT(sod);
sod.in.access = MAXIMUM_ALLOWED_ACCESS;
if(!cac_SamOpenDomain(hnd, mem_ctx, &sod)) {
fprintf(stderr, "Could not open domain. Error: %s\n", nt_errstr(hnd->status));
goto done;
}
tmp[0] = 0x00;
while(tmp[0] != 'q') {
printf("\n");
printf("[l]ist groups\n");
printf("[c]reate group\n");
printf("[o]pen group\n");
printf("[d]elete group\n");
printf("list [m]embers\n");
printf("list [u]sers\n");
printf("list [g]roup for users\n");
printf("[a]dd member\n");
printf("[r]emove member\n");
printf("[x] clear members\n");
printf("get group [i]nfo\n");
printf("[e]dit group info\n");
printf("[s]et members\n");
printf("re[n]ame group\n");
printf("[z] close group\n");
printf("[t] get security info\n");
printf("[q]uit\n\n");
printf("Enter option: ");
cactest_readline(stdin, tmp);
printf("\n");
switch(tmp[0]) {
case 'c':
if(group_hnd != NULL) {
cac_SamClose(hnd, mem_ctx, group_hnd);
group_hnd = NULL;
}
printf("Enter group name: ");
cactest_readline(stdin, input);
ZERO_STRUCT(cg);
cg.in.name = talloc_strdup(mem_ctx, input);
cg.in.access = MAXIMUM_ALLOWED_ACCESS;
cg.in.dom_hnd = sod.out.dom_hnd;
if(!cac_SamCreateGroup(hnd, mem_ctx, &cg)) {
fprintf(stderr, "Could not create group. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Created group %s\n", cg.in.name);
group_hnd = cg.out.group_hnd;
}
break;
case 'o':
if(group_hnd != NULL) {
cac_SamClose(hnd, mem_ctx, group_hnd);
group_hnd = NULL;
}
ZERO_STRUCT(og);
og.in.dom_hnd = sod.out.dom_hnd;
og.in.access = MAXIMUM_ALLOWED_ACCESS;
printf("Enter RID: 0x");
scanf("%x", &og.in.rid);
if(!cac_SamOpenGroup(hnd, mem_ctx, &og)) {
fprintf(stderr, "Could not open group. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Opened group\n");
group_hnd = og.out.group_hnd;
}
break;
case 'l':
ZERO_STRUCT(eg);
eg.in.dom_hnd = sod.out.dom_hnd;
while(cac_SamEnumGroups(hnd, mem_ctx, &eg)) {
for(i = 0; i < eg.out.num_groups; i++) {
printf("RID: 0x%x Name: %s\n", eg.out.rids[i], eg.out.names[i]);
}
}
if(CAC_OP_FAILED(hnd->status)) {
printf("Could not enumerate Groups. Error: %s\n", nt_errstr(hnd->status));
}
break;
case 'm':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(ggm);
ggm.in.group_hnd = group_hnd;
if(!cac_SamGetGroupMembers(hnd, mem_ctx, &ggm)) {
fprintf(stderr, "Could not get group members. Error: %s\n", nt_errstr(hnd->status));
break;
}
printf("Group has %d members:\n", ggm.out.num_members);
if(ggm.out.num_members == 0)
break;
gn.in.dom_hnd = sod.out.dom_hnd;
gn.in.num_rids = ggm.out.num_members;
gn.in.rids = ggm.out.rids;
if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &gn)) {
fprintf(stderr, "Could not lookup names. Error: %s\n", nt_errstr(hnd->status));
break;
}
for(i = 0; i < gn.out.num_names; i++) {
printf("RID: 0x%x Name: %s\n", gn.out.map[i].rid, gn.out.map[i].name);
}
break;
case 'd':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
if(!cac_SamDeleteGroup(hnd, mem_ctx, group_hnd)) {
fprintf(stderr, "Could not delete group. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Deleted group.\n");
group_hnd = NULL;
}
break;
case 'u':
ZERO_STRUCT(eu);
eu.in.dom_hnd = sod.out.dom_hnd;
while(cac_SamEnumUsers(hnd, mem_ctx, &eu)) {
for(i = 0; i < eu.out.num_users; i++) {
printf(" RID: 0x%x Name: %s\n", eu.out.rids[i], eu.out.names[i]);
}
}
if(CAC_OP_FAILED(hnd->status)) {
printf("Could not enumerate users. Error: %s\n", nt_errstr(hnd->status));
}
break;
case 'a':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(add);
add.in.group_hnd = group_hnd;
printf("Enter user RID: 0x");
scanf("%x", &add.in.rid);
if(!cac_SamAddGroupMember(hnd, mem_ctx, &add)) {
fprintf(stderr, "Could not add user to group. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Successfully added user to group\n");
}
break;
case 'r':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(del);
del.in.group_hnd = group_hnd;
printf("Enter RID: 0x");
scanf("%x", &del.in.rid);
if(!cac_SamRemoveGroupMember(hnd, mem_ctx, &del)) {
fprintf(stderr, "Could not remove user from group. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Removed user from group.\n");
}
break;
case 'x':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
if(!cac_SamClearGroupMembers(hnd, mem_ctx, group_hnd)) {
fprintf(stderr, "Could not clear group members. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Cleared group members\n");
}
break;
case 's':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(set);
set.in.group_hnd = group_hnd;
printf("Enter the number of members: ");
scanf("%d", &set.in.num_members);
set.in.rids = TALLOC_ARRAY(mem_ctx, uint32, set.in.num_members);
for(i = 0; i < set.in.num_members; i++) {
printf("Enter RID #%d: 0x", (i+1));
scanf("%x", (set.in.rids + i));
}
if(!cac_SamSetGroupMembers(hnd, mem_ctx, &set)) {
printf("could not set members. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Set users\n");
}
break;
case 'g':
ZERO_STRUCT(ou);
ZERO_STRUCT(gg);
printf("Enter username: ");
cactest_readline(stdin, input);
if(input[0] != '\0') {
ou.in.name = talloc_strdup(mem_ctx, input);
}
else {
printf("Enter RID: 0x");
scanf("%x", &ou.in.rid);
}
ou.in.access = MAXIMUM_ALLOWED_ACCESS;
ou.in.dom_hnd = sod.out.dom_hnd;
if(!cac_SamOpenUser(hnd, mem_ctx, &ou)) {
fprintf(stderr, "Could not open user %s. Error: %s\n", ou.in.name, nt_errstr(hnd->status));
break;
}
gg.in.user_hnd = ou.out.user_hnd;
if(!cac_SamGetGroupsForUser(hnd, mem_ctx, &gg)) {
fprintf(stderr, "Could not get groups for user. Error: %s\n", nt_errstr(hnd->status));
break;
}
cac_SamClose(hnd, mem_ctx, ou.out.user_hnd);
ZERO_STRUCT(gn);
gn.in.dom_hnd = sod.out.dom_hnd;
gn.in.num_rids = gg.out.num_groups;
gn.in.rids = gg.out.rids;
if(!cac_SamGetNamesFromRids(hnd, mem_ctx, &gn)) {
fprintf(stderr, "Could not get names from RIDs. Error: %s\n", nt_errstr(hnd->status));
break;
}
printf("%d groups: \n", gn.out.num_names);
for(i = 0; i < gn.out.num_names; i++) {
printf("RID: 0x%x ", gn.out.map[i].rid);
if(gn.out.map[i].found)
printf("Name: %s\n", gn.out.map[i].name);
else
printf("Unknown RID\n");
}
break;
case 'z':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
if(!cac_SamClose(hnd, mem_ctx, group_hnd)) {
printf("Could not close group\n");
break;
}
group_hnd = NULL;
break;
case 'i':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(gi);
gi.in.group_hnd = group_hnd;
if(!cac_SamGetGroupInfo(hnd, mem_ctx, &gi)) {
printf("Could not get group info. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Retrieved Group info\n");
print_cac_group_info(gi.out.info);
}
break;
case 'e':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(gi);
ZERO_STRUCT(si);
gi.in.group_hnd = group_hnd;
if(!cac_SamGetGroupInfo(hnd, mem_ctx, &gi)) {
printf("Could not get group info. Error: %s\n", nt_errstr(hnd->status));
break;
}
edit_cac_group_info(mem_ctx, gi.out.info);
si.in.group_hnd = group_hnd;
si.in.info = gi.out.info;
if(!cac_SamSetGroupInfo(hnd, mem_ctx, &si)) {
printf("Could not set group info. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf(" Done.\n");
}
break;
case 'n':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(rg);
printf("Enter new group name: ");
cactest_readline(stdin, tmp);
rg.in.group_hnd = group_hnd;
rg.in.new_name = talloc_strdup(mem_ctx, tmp);
if(!cac_SamRenameGroup(hnd, mem_ctx, &rg))
printf("Could not rename group. Error: %s\n", nt_errstr(hnd->status));
else
printf("Done.\n");
break;
case 't':
if(!group_hnd) {
printf("Must open group first!\n");
break;
}
ZERO_STRUCT(gso);
gso.in.pol = group_hnd;
if(!cac_SamGetSecurityObject(hnd, mem_ctx, &gso)) {
printf("Could not get security descriptor info. Error: %s\n", nt_errstr(hnd->status));
}
else {
printf("Got it.\n");
}
break;
case 'q':
break;
default:
printf("Invalid command\n");
}
}
cac_SamClose(hnd, mem_ctx, sod.out.dom_hnd);
if(group_hnd)
cac_SamClose(hnd, mem_ctx, group_hnd);
done:
cac_FreeHandle(hnd);
talloc_destroy(mem_ctx);
return 0;
}