From ilyamarkov at yahoo.com Fri Jul 5 07:09:46 2013 From: ilyamarkov at yahoo.com (Ilya Markov) Date: Fri, 5 Jul 2013 07:09:46 -0700 (PDT) Subject: [dcerpc-dev] DCE/RPC client to interface with MSRPC Message-ID: <1373033386.30222.YahooMailNeo@web160905.mail.bf1.yahoo.com> Hello all, I am trying to write a Linux client that will talk to an MSRPC server. More specifically, I am trying to read the Windows Event Log. I have managed to accomplish this with samba, but before commiting to it, I would like to explore my other options; and this looks like it might be a suitable alternative for what I'm trying to do (provided I can actually do it). My questions/hurdles for this are: ?1. Are there idl files describing the event log functions that can be used with the provided dceidl compiler? Samba provides the interface, but it is in its own IDL variant, pidl. ?2. What would be the sequence to connect & authenticate with an MSRPC server. I can probably figure this out from the code, but if someone has a short/minimal sample it would be of good help. If someone has been able to fetch an event log and would like to share their experience, that would be the best :). Thanks, Ilya -------------- next part -------------- An HTML attachment was scrubbed... URL: From jpeach at apple.com Tue Jul 9 08:13:54 2013 From: jpeach at apple.com (James Peach) Date: Tue, 09 Jul 2013 09:13:54 -0600 Subject: [dcerpc-dev] DCE/RPC client to interface with MSRPC In-Reply-To: <1373033386.30222.YahooMailNeo@web160905.mail.bf1.yahoo.com> References: <1373033386.30222.YahooMailNeo@web160905.mail.bf1.yahoo.com> Message-ID: <9616C0E9-C8EB-42F1-9CC9-B0E29597CB23@apple.com> On Jul 5, 2013, at 8:09 AM, Ilya Markov wrote: > Hello all, Hi Ilya, > I am trying to write a Linux client that will talk to an MSRPC server. More specifically, I am trying to read the Windows Event Log. > > I have managed to accomplish this with samba, but before commiting to it, I would like to explore my other options; and this looks like it might be a suitable alternative for what I'm trying to do (provided I can actually do it). > > My questions/hurdles for this are: > 1. Are there idl files describing the event log functions that can be used with the provided dceidl compiler? Samba provides the interface, but it is in its own IDL variant, pidl. Microsoft provide very thorough documentation of all the RPC protocols. What I've done in the past is taken the IDL definitions from the MS documentation and built is with the DCE RPC toolchain. Typically this works great with only a few minor tweaks. > 2. What would be the sequence to connect & authenticate with an MSRPC server. I can probably figure this out from the code, but if someone has a short/minimal sample it would be of good help. If someone has been able to fetch an event log and would like to share their experience, that would be the best :). As a client, I'm not sure whether all the pieces you'd need are in the dcerpc.org tree. On Mac OS X, we use the SMB client framework to transport RPC over SMB named pipes and the authentication is done at the pipe layer. J From jpeach at apple.com Wed Jul 10 08:01:28 2013 From: jpeach at apple.com (James Peach) Date: Wed, 10 Jul 2013 09:01:28 -0600 Subject: [dcerpc-dev] DCE/RPC client to interface with MSRPC In-Reply-To: References: <1373033386.30222.YahooMailNeo@web160905.mail.bf1.yahoo.com> <9616C0E9-C8EB-42F1-9CC9-B0E29597CB23@apple.com> Message-ID: On Jul 9, 2013, at 7:20 PM, A. P. Garcia wrote: > > On Jul 9, 2013 10:13 AM, "James Peach" wrote: > > > As a client, I'm not sure whether all the pieces you'd need are in the dcerpc.org tree. On Mac OS X, we use the SMB client framework to transport RPC over SMB named pipes and the authentication is done at the pipe layer. > > I vaguely remember reading on the likewise blog that they may have built this, something about ms named pipes? Sorry, I don't know the ms-specific stuff at all... Yeh, good point. The DCERPC code should still support the Likewise named pipes implementation. I'm not sure where the Likewise code it these days ... J From ilyamarkov at yahoo.com Thu Jul 11 11:49:32 2013 From: ilyamarkov at yahoo.com (Ilya Markov) Date: Thu, 11 Jul 2013 11:49:32 -0700 (PDT) Subject: [dcerpc-dev] DCE/RPC client to interface with MSRPC In-Reply-To: References: <1373033386.30222.YahooMailNeo@web160905.mail.bf1.yahoo.com> <9616C0E9-C8EB-42F1-9CC9-B0E29597CB23@apple.com>

Message-ID: <1373568572.79958.YahooMailNeo@web160902.mail.bf1.yahoo.com> Thank you all for the responses. It gives me another path to investigate. Ilya ________________________________ From: James Peach To: A. P. Garcia Cc: "dcerpc-dev at lists.macosforge.org" Sent: Wednesday, July 10, 2013 11:01:28 AM Subject: Re: [dcerpc-dev] DCE/RPC client to interface with MSRPC On Jul 9, 2013, at 7:20 PM, A. P. Garcia wrote: > > On Jul 9, 2013 10:13 AM, "James Peach" wrote: > > > As a client, I'm not sure whether all the pieces you'd need are in the dcerpc.org tree. On Mac OS X, we use the SMB client framework to transport RPC over SMB named pipes and the authentication is done at the pipe layer. > > I vaguely remember reading on the likewise blog that they may have built this, something about ms named pipes? Sorry, I don't know the ms-specific stuff at all... Yeh, good point. The DCERPC code should still support the Likewise named pipes implementation. I'm not sure where the Likewise code it these days ... J _______________________________________________ dcerpc-dev mailing list dcerpc-dev at lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/dcerpc-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: