-
Notifications
You must be signed in to change notification settings - Fork 0
/
19-regpol.Rmd
86 lines (67 loc) · 2.63 KB
/
19-regpol.Rmd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# Modifying a Registry.pol File {#regpol}
## Using samba-tool {#regpol-samba-tool}
Samba provides the `samba-tool gpo load`, `samba-tool gpo remove` and `samba-tool gpo show` commands for manipulating Registry.pol policies. These commands format the registry policies as **json** to simplify the process. For example, a policy which sets the Firefox homepage would like like so:
```json
[
{
"keyname": "Software\\Policies\\Mozilla\\Firefox\\Homepage",
"valuename": "StartPage",
"class": "MACHINE",
"type": "REG_SZ",
"data": "homepage"
},
{
"keyname": "Software\\Policies\\Mozilla\\Firefox\\Homepage",
"valuename": "URL",
"class": "MACHINE",
"type": "REG_SZ",
"data": "samba.org"
}
]
```
To set this policy on a GPO, we either put it in a file, or pass it to `samba-tool gpo load` in standard input.
```
> sudo samba-tool gpo load -UAdministrator --content=test.json
```
\index{Server Side Extensions}
## Scripting with python
Samba provides python libraries for manipulating a Registry.pol on Linux. The following python code snippet demonstrates how to open one of these files.
```python
from samba.ndr import ndr_unpack
from samba.dcerpc import preg
raw = open('Registry.pol', 'rb').read()
pol_conf = ndr_unpack(preg.file, raw)
```
The parsed file contains a list of entries, which you can iterate over. Each entry contains a keyname, valuename, and data.
```python
for e in pol_conf.entries:
print(e.keyname, e.valuename, e.data)
```
Writing to the `pol_conf` can be tricky. If you write the length of the entries prior to writing the entries, it will actually cause memory corruption (this is a bug). So ensure you write to the entries, then to the length. You can create an entry using the `preg` import from `samba.dcerpc`.
```python
e = preg.entry()
e.keyname = b'Software\\Policies\\Samba\\smb_conf'
e.valuename = b'apply group policies'
e.type = 4 # REG_DWORD, an integer
e.data = 1
entries = list(pol_data.entries)
entries.append(e)
pol_data.entries = entries
# Ensure you set the new num_entries last
pol_data.num_entries = len(entries)
```
The data type refers to Microsoft defined registry types:
```{r, echo=FALSE}
knitr::kable(
data.frame(
"Registry type name" = c("REG_NONE", "REG_SZ", "REG_EXPAND_SZ", "REG_BINARY", "REG_DWORD", "REG_DWORD_BIG_ENDIAN", "REG_LINK", "REG_MULTI_SZ", "REG_RESOURCE_LIST", "REG_QWORD"),
"Registry type value" = c(0, 1, 2, 3, 4, 5, 6, 7, 8, 11)
)
, align = "l")
```
To write your changes back to the Registry.pol file, you'll use the following:
```python
from samba.ndr import ndr_pack
with open('Registry.pol', 'wb') as w:
w.write(ndr_pack(pol_data))
```