1 /*tries to set privileges for an account*/
6 #define BIGGEST_UINT32 0xffffffff
8 int main(int argc, char **argv) {
9 CacServerHandle *hnd = NULL;
10 TALLOC_CTX *mem_ctx = NULL;
12 struct LsaOpenPolicy lop;
13 struct LsaEnumPrivileges ep;
14 struct LsaEnumAccountRights ar;
15 struct LsaAddPrivileges ap;
21 mem_ctx = talloc_init("lsapriv");
23 hnd = cac_NewServerHandle(True);
25 cac_SetAuthDataFn(hnd, cactest_GetAuthDataFn);
27 cac_parse_cmd_line(argc, argv, hnd);
29 if(!cac_Connect(hnd, NULL)) {
30 fprintf(stderr, "Could not connect to server %s. Error: %s\n", hnd->server, nt_errstr(hnd->status));
36 lop.in.access = SEC_RIGHT_MAXIMUM_ALLOWED;
38 if(!cac_LsaOpenPolicy(hnd, mem_ctx, &lop)) {
39 fprintf(stderr, "Could not open LSA policy. Error: %s\n", nt_errstr(hnd->status));
43 /*first enumerate possible privileges*/
46 ep.in.pol = lop.out.pol;
47 ep.in.pref_max_privs = BIGGEST_UINT32;
49 printf("Enumerating supported privileges:\n");
50 while(cac_LsaEnumPrivileges(hnd, mem_ctx, &ep)) {
51 for(i = 0; i < ep.out.num_privs; i++) {
52 printf("\t%s\n", ep.out.priv_names[i]);
56 if(CAC_OP_FAILED(hnd->status)) {
57 fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status));
61 printf("Enter account name: ");
62 cactest_readline(stdin, tmp);
66 ar.in.pol = lop.out.pol;
67 ar.in.name = talloc_strdup(mem_ctx, tmp);
69 printf("Enumerating privileges for %s:\n", ar.in.name);
70 if(!cac_LsaEnumAccountRights(hnd, mem_ctx, &ar)) {
71 fprintf(stderr, "Could not enumerate privileges. Error: %s\n", nt_errstr(hnd->status));
75 printf("Enumerated %d privileges:\n", ar.out.num_privs);
77 for(i = 0; i < ar.out.num_privs; i++)
78 printf("\t%s\n", ar.out.priv_names[i]);
82 ap.in.pol = lop.out.pol;
83 ap.in.name = ar.in.name;
85 printf("How many privileges will you set: ");
86 scanf("%d", &ap.in.num_privs);
88 ap.in.priv_names = talloc_array(mem_ctx, char *, ap.in.num_privs);
89 if(!ap.in.priv_names) {
90 fprintf(stderr, "No memory\n");
94 for(i = 0; i < ap.in.num_privs; i++) {
95 printf("Enter priv %d: ", i);
96 cactest_readline(stdin, tmp);
98 ap.in.priv_names[i] = talloc_strdup(mem_ctx, tmp);
101 if(!cac_LsaSetPrivileges(hnd, mem_ctx, &ap)) {
102 fprintf(stderr, "Could not set privileges. Error: %s\n", nt_errstr(hnd->status));
107 talloc_destroy(mem_ctx);