def test_LsarLookupSids(self):
dce, rpctransport, policyHandle = self.connect()
request = lsat.LsarLookupNames()
request['PolicyHandle'] = policyHandle
request['Count'] = 1
name1 = RPC_UNICODE_STRING()
name1['Data'] = 'Administrator'
request['Names'].append(name1)
request['TranslatedSids']['Sids'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
resp = dce.request(request)
resp.dump()
domainSid = resp['ReferencedDomains']['Domains'][0][
'Sid'].formatCanonical()
request = lsat.LsarLookupSids()
request['PolicyHandle'] = policyHandle
for i in range(1000):
sid = lsat.LSAPR_SID_INFORMATION()
sid['Sid'].fromCanonical(domainSid + '-%d' % (500 + i))
request['SidEnumBuffer']['SidInfo'].append(sid)
request['SidEnumBuffer']['Entries'] += 1
request['TranslatedNames']['Names'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_SOME_NOT_MAPPED') < 0:
raise
else:
resp = e.get_packet()
resp.dump()
def test_LsarLookupSids2(self):
dce, rpctransport, policyHandle = self.connect()
request = lsat.LsarLookupNames()
request['PolicyHandle'] = policyHandle
request['Count'] = 1
name1 = RPC_UNICODE_STRING()
name1['Data'] = 'Administrator'
request['Names'].append(name1)
request['TranslatedSids']['Sids'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
resp = dce.request(request)
resp.dump()
domainSid = resp['ReferencedDomains']['Domains'][0][
'Sid'].formatCanonical()
request = lsat.LsarLookupSids2()
request['PolicyHandle'] = policyHandle
sid1 = lsat.LSAPR_SID_INFORMATION()
sid1['Sid'].fromCanonical(domainSid + '-500')
sid2 = lsat.LSAPR_SID_INFORMATION()
sid2['Sid'].fromCanonical(domainSid + '-501')
request['SidEnumBuffer']['Entries'] = 2
request['SidEnumBuffer']['SidInfo'].append(sid1)
request['SidEnumBuffer']['SidInfo'].append(sid2)
request['TranslatedNames']['Names'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
request['LookupOptions'] = 0x00000000
request['ClientRevision'] = 0x00000001
resp = dce.request(request)
resp.dump()
def test_LsarLookupNames(self):
dce, rpctransport, policyHandle = self.connect()
request = lsat.LsarLookupNames()
request['PolicyHandle'] = policyHandle
request['Count'] = 2
name1 = RPC_UNICODE_STRING()
name1['Data'] = 'Administrator'
name2 = RPC_UNICODE_STRING()
name2['Data'] = 'Guest'
request['Names'].append(name1)
request['Names'].append(name2)
request['TranslatedSids']['Sids'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
resp = dce.request(request)
def test_LsarLookupSids3(self):
# not working, I need netlogon here
dce, rpctransport, policyHandle = self.connect()
request = lsat.LsarLookupNames()
request['PolicyHandle'] = policyHandle
request['Count'] = 1
name1 = RPC_UNICODE_STRING()
name1['Data'] = 'Administrator'
request['Names'].append(name1)
request['TranslatedSids']['Sids'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
resp = dce.request(request)
resp.dump()
domainSid = resp['ReferencedDomains']['Domains'][0][
'Sid'].formatCanonical()
request = lsat.LsarLookupSids3()
sid1 = lsat.LSAPR_SID_INFORMATION()
sid1['Sid'].fromCanonical(domainSid + '-500')
sid2 = lsat.LSAPR_SID_INFORMATION()
sid2['Sid'].fromCanonical(domainSid + '-501')
request['SidEnumBuffer']['Entries'] = 2
request['SidEnumBuffer']['SidInfo'].append(sid1)
request['SidEnumBuffer']['SidInfo'].append(sid2)
request['TranslatedNames']['Names'] = NULL
request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta
request['LookupOptions'] = 0x00000000
request['ClientRevision'] = 0x00000001
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
# The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider
# (as specified in [MS-RPCE] section 2.2.1.1.7) and at least
# RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level (as specified in
# [MS-RPCE] section 2.2.1.1.8) are used in this RPC message.
# Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED.
if str(e).find('rpc_s_access_denied') < 0:
raise
