How to ask a windows client... (Esh, Andrew)
Nick Bender
nbender at batterymarch.com
Thu Jan 3 10:54:11 GMT 2002
I have done this using samba-tng-alpha-2.6 through a sequence of calls
to
rpcclient (below is the sequence with scrubbed output).
I can't recall at the moment why I could not get this to work with the
then
current version of samba (not even sure what that was). I'm curious what
people
think of this technique in general (for intranet use only) and if it can
be
done using the current production distribution.
Regards,
-N
1. Lookup the netbios name of the target:
% rpcclient -I __ip__ -S __ip__ -U _auth_user_%_pass_ -W _domain_ -c
"wksinfo; exit"
added interface ip=__dc_ip__ bcast=xxx.xx.x.255 nmask=255.255.255.0
Server: \\__ip__: User: _auth_user_ Domain: _domain_
Connection: 1st session setup ok
2nd session setup ok
OK
1st session setup ok
2nd session setup ok
-> Name: _nbname_
Domain: _domain_
Platform: 500
Version: 5.0"
2. Now lookup logged in users:
% rpcclient -I __ip__ -S _nbname_ -U _auth_user_%_pass_ -W _domain_ -c
"regenum HKEY_USERS; exit"
added interface ip=__dc_ip__ bcast=xxx.xx.x.255 nmask=255.255.255.0
Server: \\_nbname_: User: _auth_user_ Domain: _domain_
Connection: Got a positive name query response from __ip__ ( __ip__
)
1st session setup ok
2nd session setup ok
OK
Key Name: HKEY_USERS
Subkeys
-------
.DEFAULT (Thu, 20 Dec 2001 13:30:24 EST)
-> _sid_ (Thu, 20 Dec 2001 13:31:16 EST)
_sid__Classes (Thu, 20 Dec 2001 13:31:17 EST)"
3. Now lookup the SID:
% rpcclient -I __ip__ -S _nbname_ -U _auth_user_%_pass_ -W _domain_ -c
"lookupsids _sid_; exit"
added interface ip=__dc_ip__ bcast=xxx.xx.x.255 nmask=255.255.255.0
Server: \\_nbname_: User: _auth_user_ Domain: _domain_
Connection: Got a positive name query response from __ip__ ( __ip__
)
1st session setup ok
2nd session setup ok
OK
Lookup SIDS:
-> SID: _sid_ -> _domain_\_remote_user_ (1: User)"
^^^^^^^^^^^^^^^^^^^^^^^
More information about the samba-technical
mailing list