2018-12-11 12:23:17 +13:00
#!/usr/bin/env python3
2007-12-23 19:19:41 -06:00
#
2007-12-25 16:36:23 -06:00
# Dump Samba3 data
# Copyright Jelmer Vernooij 2005-2007
# Released under the GNU GPL v3 or later
2007-12-23 19:19:41 -06:00
#
import optparse
import os, sys
2008-05-11 05:45:49 +02:00
# Find right directory when running from source tree
sys.path.insert(0, "bin/python")
2007-12-23 19:19:41 -06:00
import samba
import samba.samba3
2011-08-26 13:00:48 +10:00
from samba.samba3 import param as s3param
from samba.dcerpc import lsa
2007-12-23 19:19:41 -06:00
2008-05-24 17:56:49 +02:00
parser = optparse.OptionParser("samba3dump <libdir> [<smb.conf>]")
2007-12-23 19:19:41 -06:00
parser.add_option("--format", type="choice", metavar="FORMAT",
2007-12-25 16:36:23 -06:00
choices=["full", "summary"])
2007-12-23 19:19:41 -06:00
opts, args = parser.parse_args()
if opts.format is None:
2007-12-25 16:36:23 -06:00
opts.format = "summary"
2007-12-23 19:19:41 -06:00
def print_header(txt):
2018-09-27 18:15:49 +01:00
print("\n%s" % txt)
print("=" * len(txt))
2007-12-23 19:19:41 -06:00
def print_samba3_policy(pol):
2007-12-25 16:36:23 -06:00
print_header("Account Policies")
2018-09-27 18:15:49 +01:00
print("Min password length: %d" % pol['min password length'])
print("Password history length: %d" % pol['password history'])
2011-08-26 13:00:48 +10:00
if pol['user must logon to change password']:
2018-09-27 18:15:49 +01:00
print("User must logon to change password: %d" % pol['user must logon to change password'])
2011-08-26 13:00:48 +10:00
if pol['maximum password age']:
2018-09-27 18:15:49 +01:00
print("Maximum password age: %d" % pol['maximum password age'])
2011-08-26 13:00:48 +10:00
if pol['minimum password age']:
2018-09-27 18:15:49 +01:00
print("Minimum password age: %d" % pol['minimum password age'])
2011-08-26 13:00:48 +10:00
if pol['lockout duration']:
2018-09-27 18:15:49 +01:00
print("Lockout duration: %d" % pol['lockout duration'])
2011-08-26 13:00:48 +10:00
if pol['reset count minutes']:
2018-09-27 18:15:49 +01:00
print("Reset Count Minutes: %d" % pol['reset count minutes'])
2011-08-26 13:00:48 +10:00
if pol['bad lockout attempt']:
2018-09-27 18:15:49 +01:00
print("Bad Lockout Minutes: %d" % pol['bad lockout attempt'])
2011-08-26 13:00:48 +10:00
if pol['disconnect time']:
2018-09-27 18:15:49 +01:00
print("Disconnect Time: %d" % pol['disconnect time'])
2011-08-26 13:00:48 +10:00
if pol['refuse machine password change']:
2018-09-27 18:15:49 +01:00
print("Refuse Machine Password Change: %d" % pol['refuse machine password change'])
2007-12-25 16:36:23 -06:00
def print_samba3_sam(samdb):
print_header("SAM Database")
2011-08-26 13:00:48 +10:00
for user in samdb.search_users(0):
2018-09-27 18:15:49 +01:00
print("%s (%d): %s" % (user['account_name'], user['rid'], user['fullname']))
2007-12-25 16:36:23 -06:00
2011-08-26 13:00:48 +10:00
def print_samba3_shares(lp):
2007-12-25 16:36:23 -06:00
print_header("Configured shares")
2011-08-26 13:00:48 +10:00
for s in lp.services():
2018-09-27 18:15:49 +01:00
print("--- %s ---" % s)
2011-08-26 13:00:48 +10:00
for p in ['path']:
2018-09-27 18:15:49 +01:00
print("\t%s = %s" % (p, lp.get(p, s)))
print("")
2007-12-23 19:19:41 -06:00
def print_samba3_secrets(secrets):
2007-12-25 16:36:23 -06:00
print_header("Secrets")
if secrets.get_auth_user():
2018-09-27 18:15:49 +01:00
print("IPC Credentials:")
2007-12-25 16:36:23 -06:00
if secrets.get_auth_user():
2018-09-27 18:15:49 +01:00
print(" User: %s\n" % secrets.get_auth_user())
2007-12-25 16:36:23 -06:00
if secrets.get_auth_password():
2018-09-27 18:15:49 +01:00
print(" Password: %s\n" % secrets.get_auth_password())
2007-12-25 16:36:23 -06:00
if secrets.get_auth_domain():
2018-09-27 18:15:49 +01:00
print(" Domain: %s\n" % secrets.get_auth_domain())
2007-12-25 16:36:23 -06:00
if len(list(secrets.ldap_dns())) > 0:
2018-09-27 18:15:49 +01:00
print("LDAP passwords:")
2007-12-25 16:36:23 -06:00
for dn in secrets.ldap_dns():
2018-09-27 18:15:49 +01:00
print("\t%s -> %s" % (dn, secrets.get_ldap_bind_pw(dn)))
print("")
2007-12-25 16:36:23 -06:00
2018-09-27 18:15:49 +01:00
print("Domains:")
2007-12-25 16:36:23 -06:00
for domain in secrets.domains():
2018-09-27 18:15:49 +01:00
print("\t--- %s ---" % domain)
print("\tSID: %s" % secrets.get_sid(domain))
print("\tGUID: %s" % secrets.get_domain_guid(domain))
print("\tPlaintext pwd: %s" % secrets.get_machine_password(domain))
2007-12-25 16:36:23 -06:00
if secrets.get_machine_last_change_time(domain):
2018-09-27 18:15:49 +01:00
print("\tLast Changed: %lu" % secrets.get_machine_last_change_time(domain))
2007-12-25 16:36:23 -06:00
if secrets.get_machine_sec_channel_type(domain):
2018-09-27 18:15:49 +01:00
print("\tSecure Channel Type: %d\n" % secrets.get_machine_sec_channel_type(domain))
2007-12-25 16:36:23 -06:00
2018-09-27 18:15:49 +01:00
print("Trusted domains:")
2007-12-25 16:36:23 -06:00
for td in secrets.trusted_domains():
2018-09-27 18:15:49 +01:00
print(td)
2007-12-23 19:19:41 -06:00
def print_samba3_regdb(regdb):
2007-12-25 16:36:23 -06:00
print_header("Registry")
2008-05-24 17:56:49 +02:00
from samba.registry import str_regtype
2007-12-23 19:19:41 -06:00
2007-12-25 16:36:23 -06:00
for k in regdb.keys():
2018-09-27 18:15:49 +01:00
print("[%s]" % k)
2007-12-26 20:55:05 -06:00
for (value_name, (type, value)) in regdb.values(k).items():
2018-09-27 18:15:49 +01:00
print("\"%s\"=%s:%s" % (value_name, str_regtype(type), value))
2007-12-23 19:19:41 -06:00
2007-12-24 14:16:59 -06:00
def print_samba3_winsdb(winsdb):
2007-12-25 16:36:23 -06:00
print_header("WINS Database")
2007-12-23 19:19:41 -06:00
2007-12-25 16:36:23 -06:00
for name in winsdb:
(ttl, ips, nb_flags) = winsdb[name]
2018-09-27 18:15:49 +01:00
print("%s, nb_flags: %s, ttl: %lu, %d ips, fst: %s" % (name, nb_flags, ttl, len(ips), ips[0]))
2007-12-23 19:19:41 -06:00
def print_samba3_groupmappings(groupdb):
2007-12-25 16:36:23 -06:00
print_header("Group Mappings")
2011-08-26 13:00:48 +10:00
for g in groupdb.enum_group_mapping(samba.samba3.passdb.get_global_sam_sid(),
lsa.SID_NAME_DOM_GRP):
2018-09-27 18:15:49 +01:00
print("\t--- Group: %s ---" % g.sid)
2007-12-23 19:19:41 -06:00
def print_samba3_aliases(groupdb):
2011-08-26 13:00:48 +10:00
for g in groupdb.enum_group_mapping(samba.samba3.passdb.get_global_sam_sid(),
lsa.SID_NAME_ALIAS):
2018-09-27 18:15:49 +01:00
print("\t--- Alias: %s ---" % g.sid)
2007-12-23 19:19:41 -06:00
def print_samba3_idmapdb(idmapdb):
2007-12-25 16:36:23 -06:00
print_header("Winbindd SID<->GID/UID mappings")
2007-12-23 19:19:41 -06:00
2018-09-27 18:15:49 +01:00
print("User High Water Mark: %d" % idmapdb.get_user_hwm())
print("Group High Water Mark: %d\n" % idmapdb.get_group_hwm())
2007-12-23 19:19:41 -06:00
2007-12-25 16:36:23 -06:00
for uid in idmapdb.uids():
2018-09-27 18:15:49 +01:00
print("%s -> UID %d" % (idmapdb.get_user_sid(uid), uid))
2007-12-25 16:36:23 -06:00
for gid in idmapdb.gids():
2018-09-27 18:15:49 +01:00
print("%s -> GID %d" % (idmapdb.get_group_sid(gid), gid))
2007-12-23 19:19:41 -06:00
def print_samba3(samba3):
2011-08-26 13:00:48 +10:00
passdb = samba3.get_sam_db()
print_samba3_policy(passdb.get_account_policy())
2007-12-25 16:36:23 -06:00
print_samba3_winsdb(samba3.get_wins_db())
print_samba3_regdb(samba3.get_registry())
print_samba3_secrets(samba3.get_secrets_db())
print_samba3_idmapdb(samba3.get_idmap_db())
2011-08-26 13:00:48 +10:00
print_samba3_sam(passdb)
print_samba3_groupmappings(passdb)
print_samba3_aliases(passdb)
print_samba3_shares(samba3.lp)
2007-12-23 19:19:41 -06:00
def print_samba3_summary(samba3):
2018-09-27 18:15:49 +01:00
print("WINS db entries: %d" % len(samba3.get_wins_db()))
print("Registry key count: %d" % len(samba3.get_registry()))
2011-08-26 13:00:48 +10:00
passdb = samba3.get_sam_db()
2018-09-27 18:15:49 +01:00
print("Groupmap count: %d" % len(passdb.enum_group_mapping()))
print("Alias count: %d" % len(passdb.search_aliases()))
2007-12-25 16:36:23 -06:00
idmapdb = samba3.get_idmap_db()
2018-09-27 18:15:49 +01:00
print("Idmap count: %d" % (len(list(idmapdb.uids())) + len(list(idmapdb.gids()))))
2007-12-24 14:16:59 -06:00
2011-08-26 13:00:48 +10:00
if len(args) < 1:
parser.print_help()
sys.exit(1)
2007-12-24 14:16:59 -06:00
libdir = args[0]
2011-08-26 13:00:48 +10:00
if len(args) < 1:
2007-12-26 20:55:05 -06:00
smbconf = args[1]
2007-12-24 14:16:59 -06:00
else:
2007-12-25 16:36:23 -06:00
smbconf = os.path.join(libdir, "smb.conf")
2007-12-24 14:16:59 -06:00
2011-08-26 13:00:48 +10:00
s3_lp = s3param.get_context()
s3_lp.set("private dir", libdir)
s3_lp.set("state directory", libdir)
s3_lp.set("lock directory", libdir)
s3_lp.load(smbconf)
samba3 = samba.samba3.Samba3(smbconf, s3_lp)
2007-12-23 19:19:41 -06:00
if opts.format == "summary":
2007-12-25 16:36:23 -06:00
print_samba3_summary(samba3)
2007-12-23 19:19:41 -06:00
elif opts.format == "full":
2007-12-25 16:36:23 -06:00
print_samba3(samba3)